firewall
A firewall defines the behavior of a firewall, the main VPC where the firewall is used, the Availability Zones where the firewall can be used, and one subnet to use for a firewall endpoint within each of the Availability Zones. The Availability Zones are defined implicitly in the subnet specifications.
In addition to the firewall endpoints that you define in this Firewall
specification, you can create firewall endpoints in VpcEndpointAssociation
resources for any VPC, in any Availability Zone where the firewall is already in use.
The status of the firewall, for example whether it's ready to filter network traffic, is provided in the corresponding FirewallStatus. You can retrieve both the firewall and firewall status by calling DescribeFirewall.