Configuring AWS Network Firewall

1.5 hours
  • 3 Learning Objectives

About this Hands-on Lab

This hands-on lab walks you through how to create a VPC and a public subnet, and then deploy an AWS Network Firewall to filter the traffic coming into and going out of the VPC.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Create a VPC and a Public Subnet
  1. Create a VPC with the tag Lab_VPC.
  2. Create a public subnet named firewall-subnet in the same Availability Zone as the subnet in the VPC.
Create a Network Firewall
  1. Create a stateful rule group named statefulRules.
  2. Create a stateless rule group named statelessRules.
  3. Create a firewall policy named firewallLab and add the rule groups to the firewall policy.
  4. Create a network firewall named networkFirewallLab and associate the firewall policy.
Create Route Tables
  1. Create a route table named igw-route.
  2. Create a route table named firewall-route.

Note: You will need to configure the route tables to direct incoming and outgoing traffic through the network firewall once it has been provisioned.

Additional Resources


Your company is concerned about network security and would like to standardize network configurations. You have been tasked with setting up a baseline configuration of AWS Network Firewall to ensure traffic is inspected and filtered as necessary.

Lab Setup

Log in to the AWS Management Console using the credentials provided on the lab instructions page. Make sure you're using the us-east-1 Region.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?