Document revisions - AWS Best Practices for DDoS Resiliency

Document revisions

To be notified about updates to this whitepaper, subscribe to the RSS feed.


Whitepaper update

Revised for clarity; Updated to include latest recommendations and features: Security group connection tracking and Shield Advanced automatic application layer DDoS mitigation.

April 13, 2022

Whitepaper update

Updated to include latest recommendations and features. AWS Global Accelerator is added as part of comprehensive protection at the edge. AWS Firewall Manager for centralized monitoring for DDoS events and auto-remediate noncompliant resources.

September 21, 2021

Whitepaper update

Updated to clarify cache busting in Detect and Filter Malicious Web Requests (BP1, BP2) section, and ELB and ALB usage in Scale to Absorb (BP6) section. Updated diagrams and Table 2, marked “Choice of Region.” as BP8. Updated BP7 section with more details.

December 18, 2019

Whitepaper update

Updated to include AWS WAF logging as a best practice.

December 1, 2018

Whitepaper update

Updated to include AWS Shield, AWS WAF features, AWS Firewall Manager, and related best practices.

June 1, 2018

Whitepaper update

Added prescriptive architecture guidance and updated to include AWS WAF.

June 1, 2016

Initial publication

Whitepaper published.

June 1, 2015