DNS Firewall rule groups and rules
This section describes the settings that you can configure for your DNS Firewall rule groups and rules, to define the DNS Firewall behavior for your VPCs. It also describes how to manage the settings for your rule groups and rules.
When you have your rule groups configured the way you want them, you use them directly and you can share and manage them between accounts and across your organization in Amazon Organizations.
-
You can associate a rule group with multiple VPCs, to provide consistent behavior across your organization. For information, see Managing associations between your VPC and Route 53 Resolver DNS Firewall rule group.
-
You can share rule groups between accounts, for consistent DNS query management across your organization. For information, see Sharing Route 53 Resolver DNS Firewall rule groups between Amazon accounts.
-
You can use rule groups across your organization in Amazon Organizations by managing them in Amazon Firewall Manager policies. For information about Firewall Manager, see Amazon Firewall Manager in the Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced Developer Guide.