Posted On: Aug 10, 2023
Starting today, AWS Firewall Manager now supports a new policy feature that allows you to ensure AWS WAF web ACLs are exclusively created in AWS accounts with resources in scope. Additionally, AWS Firewall Manager removes web ACLs from AWS accounts that no longer have resources within scope. In the past, AWS Firewall Manager would create web ACLs in all AWS accounts within a policy's scope, even if no resources were in scope. This functionality enables customers to optimize costs associated with unassociated web ACLs and helps customers to effectively scale existing Firewall Manager WAF policies across organizations and accounts.
AWS Firewall Manager is a security management service that enables customers to centrally configure and manage firewall rules across their accounts and resources. Using AWS Firewall Manager, customers can manage AWS WAF rules, AWS Shield Advanced protections, AWS Network Firewall, R53 resolver DNS Firewall and VPC security groups across their entire AWS Organizations. AWS Firewall Manager ensures that all firewall rules are consistently enforced and compliant, even as new accounts and resources are created.
To get started, see the AWS Firewall Manager documentation for more details and the AWS Region Table for the list of regions where AWS Firewall Manager is currently available. To learn more about AWS Firewall Manager, its features, and its pricing, visit the AWS Firewall Manager website.