Control: Ensure request body inspection is enabled in Azure Web Application Firewall policy on Azure Application Gateway
Description
Request body inspection allows WAF to inspect the body of HTTP requests for potential threats. Enabling this feature enhances security by detecting attacks that may be hidden in request payloads.
Usage
Run the control in your terminal:
powerpipe control run azure_compliance.control.web_application_firewall_policy_request_body_inspection_enabledSnapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run azure_compliance.control.web_application_firewall_policy_request_body_inspection_enabled --shareSQL
This control uses a named query:
select p.id as resource, case when (policy_settings -> 'requestBodyCheck')::bool then 'ok' else 'alarm' end as status, case when (policy_settings -> 'requestBodyCheck')::bool then p.name || ' request body inspection is enabled.' else p.name || ' request body inspection is disabled.' end as reason , p.resource_group as resource_group , sub.display_name as subscriptionfrom azure_web_application_firewall_policy as p left join azure_subscription sub on sub.subscription_id = p.subscription_id;