AWS Firewall Manager findings
AWS Firewall Manager creates findings for resources that are out of compliance and for attacks that it detects, and it sends them to AWS Security Hub. For information about Security Hub findings, see Findings in AWS Security Hub.
When you use Security Hub and Firewall Manager, Firewall Manager automatically sends your findings to Security Hub. For information about getting started with Security Hub, see Setting Up AWS Security Hub in the AWS Security Hub User Guide.
Note
Firewall Manager only updates findings for policies that are under its management and for resources that it's monitoring.
Firewall Manager doesn't resolve findings for the following:
Policies that have been deleted.
Resources that have been deleted.
Resources that have gone out of scope of the Firewall Manager policy, for example due to tag change or policy definition change.
How do I view my Firewall Manager findings?
To view your Firewall Manager findings in Security Hub, follow the guidance at Working with Findings in Security Hub and create a filter using the following settings:
-
Attribute set to Product Name.
-
Operator set to EQUALS.
-
Value set to
Firewall Manager. This setting is case sensitive.
Can I disable this?
You can disable the integration of AWS Firewall Manager findings with Security Hub through the Security Hub console. Choose Integrations in the navigation bar, then in the Firewall Manager pane, choose Disable Integration. For more information, see the AWS Security Hub User Guide.
AWS Firewall Manager finding types
