AWS Firewall Manager now supports organizational units for policy scoping

Posted on: Apr 22, 2020

AWS Firewall Manager now supports organizational units (OU), allowing customers greater flexibility while scoping their policies. AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. With Firewall Manager, you can manage AWS WAF, AWS Shield Advanced, or VPC security groups across your entire AWS Organization.

With Firewall Manager support for OUs, customers can now include and exclude OU(s), in addition to individual accounts and resources. Customers who have grouped specific accounts in AWS Organizations to be administered as a single organizational unit, can now use Firewall Manager to scope policies based on those OU(s). Firewall Manager will identify accounts under the specific OU before applying the policy on those accounts. As you add and delete accounts under an OU, Firewall Manager will automatically identify the modified accounts to ensure that all security rules are consistently enforced.

Please refer to the AWS Region Table for more details on Firewall Manager availability. To learn more about Firewall Manager visit the Firewall Manager product website.