AWS Network Firewall now supports IPv6-only subnets

AWS Network Firewall now supports IPv6-only subnets, in addition to dual stack (IPv4 and IPv6) subnets. Starting today, you can filter IPv6 traffic to and from the public internet, on-premises network, or any endpoint in your IPv6-enabled Amazon Virtual Private Cloud (VPC) with IPv6-only subnets.

AWS Network Firewall is a managed firewall service that makes it easy to deploy essential network protections for all your Amazon VPCs. IPv6-only subnet support allows you to enforce your AWS Network Firewall rules and policies consistently across your entire network, making it easier to manage your network security posture. Additionally, with this launch, you will be able to meet business or regulatory requirements for adoption of IPv6-only network environments on AWS.

IPv6 is supported in all AWS Regions where AWS Network Firewall is available today, including the AWS GovCloud (US) Regions. For more information about the AWS Regions where AWS Network Firewall is available, see the AWS Region table.

There is no additional cost to enable IPv6-only AWS Network Firewall endpoints. You can configure IPv6 firewall endpoints using the AWS Management Console, AWS CLI, AWS SDK, or the AWS Network Firewall API. To learn more about configuring AWS Network Firewall for IPv6-only subnets, please refer to the service documentation.