Adding one or more managed rule groups to your policy using the console - Amazon Network Firewall
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Adding one or more managed rule groups to your policy using the console

The following procedure describes how to add one or more managed rule groups to your policy using the console. You can either add the managed rule group to your policy via the Network Firewall rule groups page, or from your policy's detail page.

To add a managed rule group to a policy via the Network Firewall rule group page

  1. Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, under Network Firewall, choose Network Firewall rule groups.

  3. In the Amazon managed rule groups tab, choose Add rule groups to policy.

  4. In the Choose a firewall policy section, select the firewall policy to add your Amazon managed rule groups to.

  5. Choose Next.

  6. In the Choose rule groups section, choose one or more rule groups to add to your policy. You can add your own rule groups, or Amazon managed rule groups.

  7. Choose Next.

  8. (Optional) On the Add tags page, enter a key and optional value for any tag that you want to add to this firewall policy. Tags help you organize and manage your Amazon resources. For more information about tagging your resources, see Tagging Amazon Network Firewall resources.

  9. Choose Next.

  10. On the Review and confirm page, check the rule group settings for your policy. If you want to change any section, choose Edit for the section. This returns you to the corresponding step in the add rule group to policy wizard. Make your changes, then choose Next on each page until you come back to the review and confirm page.

  11. Choose Add rule groups to policy.

To add one or more managed rule groups to your policy via the Network Firewall policy detail page

  1. Sign in to the Amazon Web Services Management Console and open the Amazon VPC console at https://console.amazonaws.cn/vpc/.

  2. In the navigation pane, under Network Firewall, choose Firewall policies.

  3. Select the policy that you'd like to add one or more Amazon managed rule groups to.

  4. In the Stateful rule groups section, in the Actions drop-down menu, select Add managed stateful rule groups.

  5. Select the Amazon managed rule groups to add to your policy.

  6. Choose Add to policy.