Step 4: Configure Amazon SNS notifications and Amazon CloudWatch alarms

You can monitor your protected resources for potential DDoS activity using Amazon SNS. To receive notification of possible attacks, create an Amazon SNS topic for each Region.

To create an Amazon SNS topic in Firewall Manager (console)

Sign in to the AWS Management Console using your Firewall Manager administrator account, and then open the Firewall Manager console at https://console.aws.amazon.com/wafv2/fmsv2. For information about setting up a Firewall Manager administrator account, see AWS Firewall Manager prerequisites.

Note
For information about setting up a Firewall Manager administrator account, see AWS Firewall Manager prerequisites.
In the navigation pane, under AWS FMS, choose Settings.
Choose Create new topic.
Enter a topic name.
Enter an email address that the Amazon SNS messages will be sent to, and then choose Add email address.
Choose Update SNS configuration.

You can continue from this step without configuring Amazon SNS notifications or CloudWatch alarms. However, doing so significantly reduces your visibility of possible DDoS events.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Step 3: (Optional) authorize the Shield Response Team (SRT)

Configure Amazon CloudWatch alarms

Step 4: Configure Amazon SNS notifications and Amazon CloudWatch alarms

To create an Amazon SNS topic in Firewall Manager (console)

Note