AWS Centralized WAF and VPC Security Group Management - AWS Centralized WAF and VPC Security Group Management

AWS Centralized WAF and VPC Security Group Management

AWS Implementation Guide

AWS Solutions Builder Team

September 2020

The AWS Centralized WAF and VPC Security Group Management solution makes it easier to centrally configure, manage, and audit firewall rules across your accounts and applications in AWS Organizations. This solution uses AWS Firewall Manager to automatically deploy a set of Managed Rules for AWS Web Application Firewall (WAF) and audit checks for VPC security groups across your AWS accounts from a single place. This solution also provides AWS Shield Advanced customers the option to deploy Distributed Denial of Service (DDoS) protection across accounts.

This implementation guide describes architectural considerations and configuration steps for deploying AWS Centralized WAF and VPC Security Group Management in the Amazon Web Services (AWS) Cloud. It includes links to an AWS CloudFormation template that launches and configures the AWS services required to deploy this solution using AWS best practices for security and availability.

This guide is intended for IT administrators and DevOps professionals who have practical experience architecting in the AWS Cloud.