AWS Shield

Overview

AWS Shield provides continuous detection and automatic mitigation of DDoS attacks. These attacks try to make your application unavailable by flooding it with too much traffic, similar to how a shop might be overwhelmed if thousands of people tried to enter at once.

The service comes in two tiers: Shield Standard (free and automatically activated for all AWS customers) and Shield Advanced (paid, with enhanced protection). Standard provides basic protection against common DDoS attacks, while Advanced offers more sophisticated protection, detailed monitoring, and expert support.

Shield works by analyzing incoming network traffic patterns and automatically filtering out malicious traffic while allowing legitimate users to access your application normally. This happens without any impact on your application's performance.

For Shield Advanced customers, AWS also provides a team of DDoS experts who can help during attacks and assist with post-attack analysis to improve future protection.

Example uses

1. Website Protection: Keep your website available even during large-scale DDoS attacks.

2. Gaming Servers: Protect online game servers from attacks that try to disrupt player access.

3. API Protection: Ensure your APIs remain available to legitimate users during attack attempts.

4. Enterprise Applications: Safeguard business-critical applications that need to be available 24/7.

Integration with other AWS services

Shield works automatically with several AWS services:

• Amazon CloudFront: Protect your content delivery network from DDoS attacks
• Elastic Load Balancing: Shield your application's load balancers
• Amazon Route 53: Protect your DNS service from attacks
• AWS WAF: Combine with WAF for additional layer 7 (application) protection

Think of AWS Shield as your application's defensive shield, protecting it from large-scale attacks while ensuring regular users can still access your services without interruption.