Getting started with Amazon Shield Advanced - Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Getting started with Amazon Shield Advanced

This tutorial walks you through getting started with Amazon Shield Advanced using the Shield Advanced console.

Note

Shield Advanced requires a subscription, while Amazon Shield Standard does not. The protections provided by Shield Standard are available free of charge to all Amazon customers.

Shield Advanced provides advanced DDoS detection and mitigation protection for network layer (layer 3), transport layer (layer 4), and application layer (layer 7) attacks. For more information about Shield Advanced, see Amazon Shield Advanced overview.

The Amazon technical community has published information about an example one-click option for using Amazon CloudFormation and Amazon Firewall Manager to configure Shield Advanced. You can use Firewall Manager if your accounts are part of an organization in Amazon Organizations and if you're protecting any resource types except for Amazon Route 53 or Amazon Global Accelerator. To explore this option, see the tutorial at One-click deployment of Shield Advanced.

Note

It's important that you fully configure Shield Advanced prior to a Distributed Denial of Service (DDoS) event. Complete the configuration to help ensure that your application is protected and that you are ready to respond if your application is affected by a DDoS attack.

Perform the following steps in sequence.

Contents