Add aws:alert_established to firewall policy

Signed-off-by: Jim Enright <[email protected]>
cloudera-labs · Jan 15, 2025 · 192a57f · 192a57f
1 parent 12b6273
commit 192a57f
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/modules/terraform-aws-firewall/main.tf b/modules/terraform-aws-firewall/main.tf
@@ -46,7 +46,7 @@ resource "aws_networkfirewall_firewall_policy" "fw_policy" {
   name = var.firewall_policy_name
 
   firewall_policy {
-    stateful_default_actions = ["aws:drop_established"]
+    stateful_default_actions = ["aws:drop_established", "aws:alert_established"]
     stateful_engine_options {
       rule_order              = "STRICT_ORDER"
       stream_exception_policy = "DROP"