Getting started with Amazon Shield Advanced
This tutorial walks you through getting started with Amazon Shield Advanced using the Shield Advanced console.
Note
Shield Advanced requires a subscription, while Amazon Shield Standard does not. The protections provided by Shield Standard are available free of charge to all Amazon customers.
Shield Advanced provides advanced DDoS detection and mitigation protection for network layer (layer 3), transport layer (layer 4), and application layer (layer 7) attacks. For more information about Shield Advanced, see Amazon Shield Advanced overview.
The Amazon technical community has published information about an example one-click option for using Amazon CloudFormation and Amazon Firewall Manager to configure Shield Advanced.
You can use Firewall Manager if your accounts are part of an organization in Amazon Organizations and if you're protecting
any resource types except for Amazon Route 53 or Amazon Global Accelerator. To explore this option, see the tutorial at
One-click deployment of Shield Advanced
Note
It's important that you fully configure Shield Advanced prior to a Distributed Denial of Service (DDoS) event. Complete the configuration to help ensure that your application is protected and that you are ready to respond if your application is affected by a DDoS attack.
Perform the following steps in sequence.