Resources in a cloud environment are at different level of scope. While cloud providers operates from multiple geographic regions, many resources are accessible globally, but some are at much smaller scope (called AZ).
Different kind of AWS resources too, have different scope. The table below summarizes the scope of these resources :
| Global Scope | Regional Scope | Availability Zone Scope |
| IAM Users IAM Groups IAM Roles Accounts Route 53 CloudFront S3 Service WAF | VPC (or simply Cloud) EBS Snapshots and AMIs Load Balancers S3 Buckets and Data | Subnet EC2 Instance EBS Volume |
The Web Application Firewall (WAF) is a service managed by AWS at global level but can be used by web applications at AZ level or even On-Prem servers. Being managed means, AWS continuously updates it as new vulnerabilities are found.
Vipul Pathak 