Posted On: Feb 21, 2019

You can now use AWS Shield Advanced to get enhanced DDoS protection for even more resources. You can now protect up to a default limit of 1000 resources of each supported resource type: Amazon CloudFront distributions, Elastic Load Balancing load balancers, Amazon Route 53 hosted zones, Elastic IP addresses and AWS Global Accelerator accelerators. 

AWS Shield is a managed Distributed Denial of Service (DDoS) protection service that safeguards web applications running on AWS. There are two tiers of AWS Shield - Standard and Advanced. AWS Shield Standard is available on all AWS Regions and Amazon CloudFront edge locations. It is also enabled by default for all AWS customers to protect against several common infrastructure layer attacks. With AWS Shield Advanced, you get protection against more sophisticated and larger DDoS attacks, by enhanced detection and mitigation. With AWS Shield Advanced you also get near-real-time attack visibility, 24x7 access to the AWS DDoS Response Team (DRT) for escalations, and economic protections against DDoS-related usage spikes in your protected resources.

By default, you can now protect up to 5000 resources: 1000 Amazon CloudFront distributions, 1000 Elastic Load Balancing load balancers (Classic Load Balancers + Application Load Balancers), 1000 Amazon Route 53 hosted zones, 1000 Elastic IP addresses (can be associated with Network Load Balancers or Amazon EC2 instances) and 1000 AWS Global Accelerator accelerators.

Existing users of AWS Shield Advanced get their current limits automatically increased to 1000 for each resource type. If you want to increase these limits beyond 1000 each, please submit a ticket via the AWS Support Center.

You can learn more about AWS Shield by visiting