Posted On: Oct 5, 2021
AWS Firewall Manager now enables you to configure logging for your AWS Network Firewalls provisioned using a Firewall Manager policy. When you set up a Firewall Manager policy for Network Firewall, you can now enable logging for all the accounts that are in scope of the policy and have the logs centralized under your Firewall Manager administrator account. This makes it easy to enable logging for AWS Network Firewall across multiple accounts and VPCs through a single Firewall Manager policy.
You can get started by enabling centralized logging through the Firewall Manager policy and selecting the type of logs - alert, flow, or both - along with the Amazon S3 bucket to send the logs to. After you enable centralized logging through the Firewall Manager policy, logs from each Network Firewall provisioned by Firewall Manager are delivered to a single Amazon S3 bucket for storage. Each log entry provides information such as the name of the firewall, the Availability Zone associated with the firewall endpoint, the timestamp the log was created, and detailed information about the event.
AWS Firewall Manager is a security management service which allows customers to centrally configure and manage firewall rules across their accounts and resources in AWS Organizations. With Firewall Manager, customers can configure and monitor rules for AWS WAF, AWS Shield Advanced, VPC security groups, AWS Network Firewall, and Amazon Route 53 Resolver DNS Firewall across their entire organization, while ensuring that all security rules are consistently enforced, even as new accounts and resources are created.