Adding managed rule groups to your AWS Network Firewall policy using the console
The following procedure describes how to add one or more managed rule groups to your Network Firewall policy, to implement the managed rule group protections. You can either add the managed rule group to your policy via the Network Firewall rule groups page, or from your policy's detail page.
To add a managed rule group to a policy via the Network Firewall rule group page
Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, under Network Firewall, choose Network Firewall rule groups.
-
In the AWS managed rule groups tab, choose Add rule groups to policy.
-
In the Choose a firewall policy section, select the firewall policy to add your AWS managed rule groups to.
-
Choose Next.
-
In the Choose rule groups section, choose one or more rule groups to add to your policy. You can add your own rule groups, or AWS managed rule groups.
-
Choose Next.
(Optional) On the Add tags page, enter a key and optional value for any tag that you want to add to this firewall policy. Tags help you organize and manage your AWS resources. For more information about tagging your resources, see Tagging AWS Network Firewall resources.
-
Choose Next.
-
On the Review and confirm page, check the rule group settings for your policy. If you want to change any section, choose Edit for the section. This returns you to the corresponding step in the add rule group to policy wizard. Make your changes, then choose Next on each page until you come back to the review and confirm page.
-
Choose Add rule groups to policy.
To add one or more managed rule groups to your policy via the Network Firewall policy detail page
Sign in to the AWS Management Console and open the Amazon VPC console at https://console.aws.amazon.com/vpc/
. -
In the navigation pane, under Network Firewall, choose Firewall policies.
-
Select the policy that you'd like to add one or more AWS managed rule groups to.
-
In the Stateful rule groups section, in the Actions drop-down menu, select Add managed stateful rule groups.
-
Select the AWS managed rule groups to add to your policy.
-
Choose Add to policy.