How do I set up AWS Firewall Manager for my AWS account?

2 minute read

I want to configure AWS Firewall Manager for my AWS account.


Follow these steps to configure Firewall Manager to manage security policies for your organization in AWS Organizations.

Configure AWS Organizations

1.    Choose an AWS Account to use as the management account for your organization.

2.    Open the AWS Organizations console with your management account.

3.    Choose Create organization. The organization is created with all features turned on by default.

Important: Your organization must be activated with all features to use Firewall Manager.

4.    (Optional) You can create a new member account or invite an existing AWS account to be a member account in your organization.

For more information, see How do I get started with AWS Organizations?

Configure the Firewall Manager

1.    Open the Firewall Manager console with your management account, and then choose Get started.

2.    In Administrator account ID, enter the AWS account to set as the Firewall Manager administrator.

3.    Choose Set administrator account.

For more information, see Managing the AWS Firewall Manager administrator.

Configure AWS Config

1.    Open the AWS Config console with your Firewall Manager administrator account.

2.    Activate AWS Config for each of your AWS Organizations member accounts (including your Firewall Manager administrator account) using the 1-click setup. You can also use the manual setup.

Important: Make sure that you activate AWS Config for each AWS Region that contains the resources that you want to protect.

3.    (Optional) If you don't want to activate AWS Config for all resources, then activate the type of Firewall Manager policies that you want to use.

(Optional) Configure AWS Resource Access Manager (AWS RAM)

You can also configure resource sharing with AWS Organizations using AWS RAM.

1.    Open the AWS RAM console.

2.    In the navigation pane, choose Settings.

3.    Choose the Enable sharing with Organizations check box, and then choose Save settings.

Note: With resource sharing configured for your organizations accounts, you can share resources without using invitations.

For more information, see Configure resource sharing within AWS Organizations.

Related information

Managing the AWS accounts in your organization

AWS Firewall Manager prerequisites

AWS OFFICIALUpdated a year ago