Use cases for for Automations for AWS Firewall Manager

This solution is intended for customers seeking to manage a consistent security posture across their entire AWS Organization by leveraging key features of Firewall Manager and Shield. This solution enables central configuration, management, and auditing of firewall rules across all AWS Organizations accounts and resources. It also offers operational integration with Shield Advanced. The following are key use cases for this solution.

Align AWS WAF, DNS, and security group policies across your organization

There might be situations where you want to manage multiple Firewall Manager policy configurations across different accounts and organizations. You can use this solution to apply one policy configuration to a subset of OUs in one or multiple Regions, and then apply the same or a different policy to another subset of OUs, all from the same place.

Streamline compliance tasks when onboarding new AWS accounts

The solution automates the process of applying Firewall Manager policies to new accounts in AWS Organizations. As soon as a new account is onboarded, the solution ensures that it inherits all existing security configurations and compliance policies, eliminating the need for manual setup and reducing the risk of security gaps.

Simplify the deployment of Shield Advanced features

For Shield Advanced customers, this solution enables the deployment and configuration of key Shield features, including health-based detection, proactive event response, and DDoS protection. Furthermore, the solution provides Shield Advanced customers the capability to centrally configure and implement DDoS protection across all accounts within their AWS Organization.

Create compliance reports for network policies

You can use this solution to create compliance reports that outline security group policies that you have enabled across accounts and resources. Reports are exportable in –0—csv format.