Overview
AWS Firewall Manager is a centralized security management service that lets you define and enforce firewall rules across multiple AWS accounts in an AWS Organization.
Features
- Create security policies containing common firewall and protection rules
- Automatically apply policies to supported services:
- AWS WAF for ALB, API Gateway, and CloudFront
- AWS Shield Advanced for ALB, CLB, NLB, Elastic IPs, and CloudFront
- Security Groups for EC2, ALB, and ENI resources in a VPC
- AWS Network Firewall for VPC-level protection
- Route 53 Resolver DNS Firewall for DNS filtering
Key Capabilities
- Automatically applies rules to newly created resources
- Enforces compliance across existing and future accounts in the Organization
- Policies are regional, but can be replicated across regions as needed
Benefits
- Centralizes security rule management for large, multi-account environments
- Ensures consistent security configurations and compliance
- Reduces operational overhead for security teams