All Products
Search
Document Center

Cloud Config:Enable WAF protection for ALB instances

Last Updated:Jun 04, 2026

Checks whether the security protection feature of Web Application Firewall (WAF) 3.0 is enabled for an Application Load Balancer (ALB) instance. Compliant if enabled.

Scenarios

Enable WAF 3.0 for ALB instances to block malicious crawlers and HTTP flood attacks, protecting website stability and data security.

Risk level

Default risk level: low.

You can change the risk level when you apply this rule.

Compliance evaluation logic

An ALB instance is compliant if the security protection feature of WAF 3.0 is enabled.

Rule details

Parameter

Description

Rule template name

alb-instance-waf-enabled

Rule template identifier

alb-instance-waf-enabled

Automatic remediation

Not supported

Trigger type

Configuration Change

Supported resource type

ACS::ALB::LoadBalancer

Input parameter

None

Non-compliance remediation

For more information, see Enable WAF protection for an ALB instance.