AWS Firewall Manager
Start course

In this course, you will learn how to use AWS Network Firewalls to secure your VPCs.

Learning Objectives

  • Understand what an AWS Network Firewall is
  • Learn the differences between Network Access Control List, Security Groups, and an AWS Network Firewall
  • Understand the options for deploying AWS Network Firewalls from Distributed, Centralized, and a combination of both
  • Learn how to centrally manage all AWS Network Firewalls using AWS Firewall Manager

Intended Audience

If you’re a Solution Architect, Cloud Engineer with a huge passion for learning new or existing features around AWS, then this course is for you.


  • Have prior AWS Console knowledge
  • Understand what a network firewall is
  • Basic understanding of how firewall rules work

How about we talk about the AWS Firewall Manager, what it is, and how can it help with any of the deployment models we just talked about for AWS Network Firewall? As the number of networks grow, so does the complexity of managing them to make sure that you can respond to events quickly or update rules and policies for all your firewalls with just a few clicks. Using the AWS Firewall Manager, you can manage all your firewall rules across all your accounts and applications, completely integrated with AWS organizations. The AWS Firewall Manager doesn't just handle the AWS network firewall, but for the purpose of this course, we're only going to focus on why you might want to deploy the AWS Firewall Manager when using or deploying AWS network firewall. As a team, managing all the security in compliance C controls can be daunting from auditing to remediation.

The AWS Firewall Manager allows you to manage the AWS Network Firewall rules and security policies at scale, all in one place. Some additional things are prerequisites to consider before deploying the AWS Firewall Manager is that your company must be set up in an AWS organization with all features enabled. You must delegate one of the AWS accounts as a Firewall administrator. AWS Config needs to be enabled for all accounts allowing the AWS Firewall Manager to detect when new resources are created. And last, AWS Resource Access Manager needs to be enabled to allow the modification of any network firewall configurations.


About the Author

Jon Myer, ex-amazonian and a Chief Evangelist at nOps. His passion for technology and creating content to educate others has evolved over the years.
He's also the host and creator behind the "Jon Myer Podcast" as a professional storyteller and podcaster, helping others bring their stories to life.