Posted On: Feb 17, 2020

AWS Firewall Manager now supports AWS CloudFormation, allowing customers to manage all Firewall Manager policy types and resources with CloudFormation stack templates. AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. With Firewall Manager, you can manage AWS WAF, AWS Shield Advanced, or VPC security groups across your entire AWS Organization. Firewall Manager ensures that all security rules are consistently enforced, even as new accounts or applications are created.

With CloudFormation support, customers using Firewall Manager can now create multiple policies for WAF, Shield Advanced, and security groups with a single CloudFormation stack template. Customers can seamlessly add and remove tags from policies with a single stack action, without having to retrieve update tokens or making multiple API calls to handle tagging. Customers can also reference other resources created by CloudFormation in their policy’s stack template. In addition, customers can manage all Firewall Manager notification channels with CloudFormation stacks by creating SNS topics and notification channels in the same template instead of managing them manually.

CloudFormation support for Firewall Manager is available in AWS regions where Firewall Manager is available. Please refer to the AWS Region Table for more details.

To get started with CloudFormation for Firewall Manager, see the CloudFormation user guide. To learn more about Firewall Manager visit the Firewall Manager product website.