Provides AWS EC2 DDoS protection

AWS Shield Features

AWS Shield Advanced provides more sophisticated automatic attack minimizations that target your applications running on protected Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator, and Amazon Route 53 resources. Using advanced routing techniques, AWS Shield Advanced automatically leverages additional damage control capabilities to protect your application from DDoS attacks. For customers with business or enterprise support, the AWS DDoS Response Team (DRT) also applies manual remedial measures for more complex and sophisticated DDoS attacks that may only apply to your application. For application tier attacks, you can leverage the AWS WAF at no additional cost to the resources protected by AWS Shield Advanced to implement proactive rules such as: For example, you can set up rate-based blocking to automatically block web requests from attacking source IP addresses or to react immediately to incidents if they happen. You can also contact the DRT directly to place custom AWS WAF rules on your behalf in response to an application-level DDoS attack. The DRT will diagnose the attack and, with your permission, can take remedial action on your behalf to reduce the time in which your applications could be compromised by an ongoing DDoS attack.