Skip to main content
All CollectionsIntegrations GuidanceCumulus Integrations
Cumulus data blocks for Application Firewall
Cumulus data blocks for Application Firewall

Use Cumulus to collect evidence of your Application Firewall

Micah Spieler avatar
Written by Micah Spieler
Updated over a week ago

If you have Cumulus set up for your AWS, Azure, or GCP cloud infrastructure, you can use it to easily (and automatically) collect settings and samples to satisfy requests for Application Firewall.

Note: if you have customized your evidence repository, the name, description, and requirements of your evidence may be different.

As with all Cumulus evidence collection, the power is in it's flexibility and configuration. With the low-code editor, you can customize what gets collected and from where, putting you in full control of the integration.

Cumulus data blocks for AWS

In AWS, security groups and network ACLs are commonly used to implement firewalls for controlling inbound and outbound traffic to your applications.

data "aws_security_group" "app_firewall" { 
id = "sg-12345678"
# Replace with your security group ID
}

data.aws_security_group.app_firewall

data "aws_network_interface" "app_firewall" {
id = "acl-abcdefgh"
# Replace with your network ACL ID
}

data.aws_network_interface.app_firewall

Cumulus data blocks for AzureRM

In AzureRM, network security groups (NSGs) are commonly used to implement firewall rules for controlling inbound and outbound traffic to your applications.

data "azurerm_network_security_group" "app_firewall" {
name = "networkSecurityGroupName"
resource_group_name = "resourceGroupName"
# Replace with your NSG and resource group name
}

data.azurerm_network_security_group.app_firewall

Cumulus data blocks for GCP

In Google Cloud Platform (GCP), firewall rules are commonly used to control inbound and outbound traffic to your applications. While Hashicorp and Google do not provide a Terraform data block for Computer Firewalls, other data sources may be relevant to collect for evidence of your application's firewall configurations.

data "google_compute_network" "app_network" { 
project = "your-project-id" # This is optional
name = "network-name" # Replace with your network name
}

data.google_compute_network.app_network

Did this answer your question?