AWS WAF, AWS Firewall Manager, and AWS Shield Advanced
Developer Guide (API Version 2019-07-29)

Getting Started with AWS Firewall Manager to Enable AWS Shield Advanced Protection

You can use AWS Firewall Manager to enable AWS WAF Classic rules, AWS Shield Advanced protections, and Amazon VPC security groups. The steps for getting set up are slightly different for each. If you want to use Firewall Manager to enable AWS WAF Classic rules, follow the steps in Getting Started with AWS Firewall Manager to Enable AWS WAF Classic Rules. If you want to use Firewall Manager to enable Amazon VPC security groups, follow the steps in Getting Started with AWS Firewall Manager Amazon VPC Security Group Policies.

Important

Firewall Manager does not support Amazon Route 53 or AWS Global Accelerator. If you need to protect these resources with Shield Advanced, you can't use a Firewall Manager policy. Instead, follow the instructions in Adding AWS Shield Advanced Protection to More AWS Resources.

To use Firewall Manager to enable Shield Advanced protection, perform the following steps in sequence.