AWS Firewall Manager retrofitting: Harmonizing central security with application team flexibility

Security Blog

The article discusses AWS Firewall Manager's new "retrofitting" feature, which allows for more flexible central security management while preserving application team autonomy in configuring web ACLs (Web Access Control Lists).

Retrofitting enables Firewall Manager to manage existing web ACLs without completely replacing them
Application teams can continue using infrastructure as code (IaC) tools to manage WAF rules
Firewall Manager adds security policy rules to top and bottom of existing web ACLs
Supports existing AWS WAF deployments without requiring complete migration
Helps prevent increased costs by allowing application-specific rules in separate web ACLs

The key benefit is harmonizing centralized security policies with application team flexibility, allowing organizations to enforce security standards without restricting team-level configuration capabilities.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Oct 25
2024

AWS Firewall Manager now supports retrofitting of existing AWS WAF WebACLs

Apr 9
2025

Enhanced Network Security Control: Flow Management with AWS Network Firewall

Feb 26
2024

Enable multi-admin support to manage security policies at scale with AWS Firewall Manager

Sep 25
2025

AWS Network Firewall enhances application layer traffic controls

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

AWS Firewall Manager retrofitting: Harmonizing central security with application team flexibility

Related articles