Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Solutions Architect Professional AWS Firewall Manager help in creating ACL Reply To: AWS Firewall Manager help in creating ACL

  • TutorialsDojo-Support

    June 25, 2020 at 8:24 pm

    Hi Joseph,

    Thanks for the feedback.

    From your question, the definition was taken from the AWS Firewall Manager page,

    When it comes to the exam and real-world scenarios, instead of studying for definitions, it’s better to understand how the Service works and which scenarios fit on the use case for the use cases of the service.

    AWS Firewall Manager is a security management tool that makes it easier for you to configure your AWS WAF rules across your accounts. With Firewall Manager, security administrators of large organizations can write company-wide rules from one place, enforce them across applications protected by AWS WAF, and get the central visibility of attacks against your Application Load Balancers and Amazon CloudFront infrastructure.

    The usual NACL (Network Access Control Lists) are for within VPCs only. AWS Firewall Manager takes ACL to the next level, which allows you to create ACL rules and then apply across all accounts under your Organization.

    Another good example of a real-world scenario for it is when you use CloudFront for your application. But when you use CloudFront, your application will be accessible publicly worldwide. If you want to restrict the IP address that can access your CloudFront distribution, you can configure your ACL and apply it to your CloudFront distribution. The VPC NACL can’t be applied to CloudFront because it is outside the VPC.

    Hope this helps.


    Kenneth Samonte @ Tutorials Dojo