Resource sharing for Network Firewall and DNS Firewall policies - Amazon WAF, Amazon Firewall Manager, and Amazon Shield Advanced

To manage Firewall Manager Network Firewall and DNS Firewall policies, you must enable resource sharing with Amazon Organizations in Amazon Resource Access Manager. This allows Firewall Manager to deploy protections across your accounts when you create these policy types.

To enable resource sharing, follow the instructions at Enable Sharing with Amazon Organizations in the Amazon Resource Access Manager User Guide.

Problems with resource sharing

You might encounter problems with resource sharing, either when you use Amazon RAM to enable it, or when you're working on Firewall Manager policies that require it.

Examples of these problems include the following:

When you follow the instructions to enable sharing, in the Amazon RAM console, the choice Enable sharing with Amazon Organizations is grayed out and not available for selection.
When you work in Firewall Manager on a policy that requires resource sharing, the policy is marked as non-compliant and you see messages indicating that resource sharing or Amazon RAM isn't enabled.

If you encounter problems with resource sharing, use the following procedure to try to enable it.

Try again to enable resource sharing

Try again to enable sharing using one of the following options:
- (Option) Through the Amazon RAM console, follow the instructions at Enable Sharing with Amazon Organizations in the Amazon Resource Access Manager User Guide.
- (Option) Using the Amazon RAM API, call EnableSharingWithAwsOrganization. See the documentation at EnableSharingWithAwsOrganization.

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Fortigate CNF policies

Working with resource sets