Tips and lessons learnt by using AWS FMS and WAFv2

Properly plan for your WAF logs, this will be the hardest part; Logs are activated per WebACL so each account needs to have a properly configured Kinesis Data Firehose. It is possible to enable the logs from FMS When creating Cloudformation stack make sure you make resources dependent on another or WAF will quickly rate limit Cloudformation and your stack will fail Use JSON in Cloudformation if you have accounts starting with 0. Read more