Centrally configure, manage, and audit firewall rules with Automations for AWS Firewall Manager
Publication date: September 2020 (last update: January 2024)
The Automations for AWS Firewall Manager solution helps you
centrally configure, manage, and audit firewall rules across your
accounts and applications in
AWS Organizations
The process for defining policies and configuring rule sets in
Firewall Manager can be challenging and time consuming. To help
simplify this process, this solution deploys a set of AWS managed
firewall rules and security group audit checks for you. Managed
firewall rules provide a set of preconfigured rules to protect web
applications running on
Amazon CloudFront
This solution automates the onboarding process for Firewall Manager
and sets up baseline rules and audit checks for AWS Organizations by
allowing you to restrict policies for specific organizational units
(OUs), Regions, or tagged resources within your AWS Organizations
account. When you modify the installed
AWS Systems Manager
You can deploy the supplemental
AWS CloudFormation
-
Checking that all features for AWS Organizations are activated.
-
Designating an account as the admin account for Firewall Manager.
-
Enabling AWS Config
across an AWS Organization.
This implementation guide provides an overview of the Automations for AWS Firewall Manager solution, its reference architecture and components, considerations for planning the deployment, and configuration steps for deploying the solution to the Amazon Web Services (AWS) Cloud.
The intended audience for using this solution's features and capabilities in their environment includes solution architects, business decision makers, DevOps engineers, data scientists, and cloud professionals.
Use this navigation table to quickly find answers to these questions:
If you want to . . . | Read . . . |
---|---|
Know the cost for running this solution. The estimated cost for running AWS resources for this solution in the US East (N. Virginia) Region is USD $1,733.00 per month for a small organization or $18,951.00 per month for a large organization. |
Cost |
Understand the security considerations for this solution. This solution uses Parameter Store to initiate create, read, update, and delete (CRUD) operations to the Firewall Manager policies. |
Security |
Know how to plan for quotas for this solution. | Quotas |
Know which AWS Regions support this solution. | Supported AWS Regions |
View or download the CloudFormation template included in this solution to automatically deploy the infrastructure resources (the "stack") for this solution. | AWS CloudFormation template |