Which AWS service centrally manages firewall rules across multiple accounts?

The selected answer, which is AWS Firewall Manager, is the correct choice because this service provides a centralized way to manage and enforce firewall rules across multiple AWS accounts and applications. It enables organizations to apply consistent security policies across various accounts within an AWS Organization, thereby simplifying the management of compliance and security standards.

AWS Firewall Manager allows you to configure and manage firewall rules centrally, ensuring that all associated accounts adhere to the defined security policies without requiring individual configuration in each account. This service supports the AWS WAF and AWS Network Firewall, among others, further enhancing its capabilities in a multi-account environment.

In contrast, other services mentioned do not serve this centralized management purpose. AWS WAF is a web application firewall that protects web applications by filtering and monitoring HTTP traffic, but it operates at the application level and is not focused on managing rules across multiple accounts. AWS Network Firewall provides network-level security and is designed for use within a single account rather than offering cross-account management. AWS Certificate Manager (ACM) is primarily focused on managing SSL/TLS certificates for securing applications and does not deal with firewall rules at all. Thus, while useful in their respective domains, those services do not provide the centralized management functionality that AWS Firewall Manager does.