Amazon Firewall Manager

AWS Firewall Manager is a security management service that allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organizations. It makes it easier to bring new applications and resources into compliance with security policies.

1 APIs 1 Capabilities 7 Features

AWSComplianceFirewallNetwork SecuritySecurity

APIs

AWS Firewall Manager API

The AWS Firewall Manager API provides programmatic access to create and manage security policies, compliance status, and protection configurations for AWS WAF, Shield, and VPC s...

Capabilities

Run Capabilities with Naftiko — Deploy and orchestrate these API capabilities using Naftiko Fleet.

Run with Naftiko

Amazon Firewall Manager Security Governance

Centrally manage WAF, Shield, Network Firewall, and security group policies across AWS accounts.

Run with Naftiko

Run Capabilities with Naftiko — Deploy and orchestrate these API capabilities using Naftiko Fleet.

Run with Naftiko

Features

Centralized Policy Management

Define and enforce WAF, Shield Advanced, Network Firewall, and security group policies from a single pane of glass across all AWS accounts.

Automatic Remediation

Automatically remediate non-compliant resources so that new accounts and resources are always protected.

Multi-Account Support

Manage security policies across hundreds of AWS accounts within an AWS Organization.

Compliance Visibility

View policy compliance status per account and resource with detailed violation reports.

Resource Sets

Group AWS resources by type for targeted policy application and management.

Tag-Based Targeting

Apply policies to resources based on AWS resource tags for fine-grained scope control.

Third-Party Firewall Support

Deploy and manage third-party firewall appliances through AWS Marketplace with Firewall Manager.

Use Cases

WAF Rule Standardization

Enforce standard WAF rule sets across all CloudFront distributions and ALBs organization-wide.

DDoS Protection Baseline

Mandate Shield Advanced protection for all internet-facing resources across accounts.

Security Group Governance

Audit and remediate overly permissive security group rules across EC2 and VPC resources.

Network Firewall Deployment

Deploy and manage AWS Network Firewall across VPCs in multiple accounts from a central policy.

Compliance Reporting

Monitor and report on firewall policy compliance for SOC 2, PCI DSS, and regulatory requirements.

New Account Onboarding

Automatically apply security policies to new AWS accounts as they join the organization.

Integrations

AWS Organizations

Manage Firewall Manager policies across all accounts in the organization hierarchy.

AWS WAF

Centrally create and deploy WAF rule groups and web ACLs across accounts.

AWS Shield Advanced

Enable and manage Shield Advanced protection for all DDoS-sensitive resources.

AWS Network Firewall

Deploy centrally managed network firewall policies across VPCs.

Amazon Route 53 Resolver

Manage DNS Firewall rule groups for Route 53 Resolver across accounts.

Amazon CloudWatch

Monitor compliance metrics and set alarms for non-compliant resources.

AWS Security Hub

Send Firewall Manager compliance findings to Security Hub for centralized security posture management.

AWS IAM

Control who can create, modify, and view Firewall Manager policies using IAM permissions.

Semantic Vocabularies

Amazon Firewall Manager Context

5 classes · 14 properties

JSON-LD

API Governance Rules

Amazon Firewall Manager API Rules

25 rules · 8 errors 14 warnings 3 info

SPECTRAL

Resources

Documentation

TermsOfService

PrivacyPolicy

GitHubOrganization

GitHubOrganization

StackOverflow

SpectralRules

NaftikoCapability

NaftikoCapability

NaftikoCapability

NaftikoCapability