DNS Firewall rule groups and rules

This section describes the settings that you can configure for your DNS Firewall rule groups and rules, to define the DNS Firewall behavior for your VPCs. It also describes how to manage the settings for your rule groups and rules.

When you have your rule groups configured the way you want them, you use them directly and you can share and manage them between accounts and across your organization in Amazon Organizations.

You can associate a rule group with multiple VPCs, to provide consistent behavior across your organization. For information, see Managing associations between your VPC and Route 53 Resolver DNS Firewall rule group.
You can share rule groups between accounts, for consistent DNS query management across your organization. For information, see Sharing Route 53 Resolver DNS Firewall rule groups between Amazon accounts.
You can use rule groups across your organization in Amazon Organizations by managing them in Amazon Firewall Manager policies. For information about Firewall Manager, see Amazon Firewall Manager in the Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced Developer Guide.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Getting started with Route 53 Resolver DNS Firewall

Rule group settings in DNS Firewall