- Newest
- Most votes
- Most comments
Regrettably, AWS Firewall Manager does not currently support scope-down statements. This feature is not available through the API, CloudFormation, or JSON editor, and although the API may indicate success, the scope-down statement will not be reflected in the policy.
We have already raised a feature request for this issue, but we are unable to provide an estimate on when this feature will be released. We encourage you to monitor our What's New [1] and Blog pages [2] for any new feature announcements.
In the meantime, you can implement a workaround by creating a custom rule group to whitelist the traffic that you want to allow, and adding the rule below the AWS managed rule group [3].
[1] https://aws.amazon.com/new/ [2] https://aws.amazon.com/blogs/aws/ [3] https://repost.aws/knowledge-center/waf-detect-false-positives-from-amrs
Relevant content
- asked 9 months ago
- Accepted Answerasked a year ago
- asked 2 years ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
Yeah, I kind of expected to hear that after further experimentation. Thanks for the confirmation.