DNS Firewall Foundational Rules

DNS Firewall Foundational rules provide you with the essential DNS protections to help you get started with DNS Firewall, with two main types of foundational rules:

Managed domain lists, which AWS creates and maintains for you.
Your own domain lists, which you create and maintain. You can use a single domain list in multiple rules and any updates that you do to the domain list automatically affect all rules that use it.

A domain list is a reusable set of domain specifications that you use in a DNS Firewall rule, inside a rule group. When you associate a rule group with a VPC, DNS Firewall compares your DNS queries against the domain lists that are used in the rules. If it finds a match, it handles the DNS query according to the matching rule's action. For more information about rule groups and rules, see DNS Firewall rule groups and rules.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Deleting a rule group

Managed Domain Lists