AWS offers globally distributed, high network bandwidth and resilient services that, when
used in conjunction with application-specific strategies, are key to mitigating DDoS attacks
AWS WAFis a web application firewall that helps protect web applications from common web
exploits that could affect application availability, compromise security, or consume
excessive resources
Amazon CloudFront distributes traffic across multiple edge locations and filters requests to
ensure that only valid HTTP(S) requests will be forwarded to backend hosts. CloudFront also
supports geoblocking, which you can use to prevent requests from particular geographic
locations from being served
Internet Gateways, Managed VPN and CloudHSM do not help to mitigate DDoS attacks