Properly plan for your WAF logs, this will be the hardest part; Logs are activated per WebACL so each account needs to have a properly configured Kinesis Data Firehose. It is possible to enable the logs from FMS When creating Cloudformation stack make sure you make resources dependent on another or WAF will quickly rate limit Cloudformation and your stack will fail Use JSON in Cloudformation if you have accounts starting with 0. Read more

My latest work done in OLX was featured by AWS on their own blog! I’m really happy with it. I talk about using AWS Firewall Manager + WAFv2 and in house tools to fight attacks. A big kudos to Gabril Soltz for his amazing work with the WAFBot. Read more at -> https://aws.amazon.com/blogs/architecture/field-notes-how-olx-europe-fights-millions-of-bots-with-aws/

Current position: Lead Security Engineer - OLX Group I’ve been working in the IT industry for more than 15 years, 8+ as a System Engineer and 6+ as a Security Engineer, since 2012 I’ve been a daily user of AWS. I’ve worked in several companies and sectors but the most of it was focused in e-commerce/classifieds. During my career I’ve designed and built Security Roadmaps, Services, Systems and Tools with the purpose of improving the Security stance of the companies I work for. Read more