Îõ³h&  ×„                   	  
                                               !  "  #  $  %  &  '  (  )  *  +  ,  -  .  /  0  1  2  3  4  5  6  7  8  9  :  ;  <  =  >  ?  @  A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  [  \  ]  ^  _  `  a  b  c  d  e  f  g  h  i  j  k  l  m  n  o  p  q  r  s  t  u  v  w  x  y  z  {  |  }  ~    €    ‚  ƒ  „  …  †  ‡  ˆ  ‰  Š  ‹  Œ    Ž      ‘  ’  “  ”  	•  	–  	—  	˜  	™  	š  	›  	œ  	  	ž  	Ÿ  	   	¡  	¢  
£  
¤  
¥  
¦  
§  
¨  
©  
ª  
«  
¬  
­  
®  
¯  
°  
±  
²  
³  
´  
µ  
¶  
·  
¸  
¹  
º  
»  ¼  ½  ¾  ¿  À  Á  Â  Ã  Ä  Å  Æ  Ç  È  É  Ê  Ë  Ì  Í  Î  Ï  Ð  Ñ  Ò  Ó  Ô  Õ  Ö  ×  Ø  Ù  Ú  Û  Ü  Ý  Þ  ß  à  á  â  ã  ä  å  æ  ç  è  é  ê  ë  ì  í  î  ï  ð  ñ  ò  ó  ô  õ  ö  ÷  ø  ù  ú  û  ü  ý  þ  ÿ  €    ‚  ƒ  „  …  †  ‡  ˆ  ‰  Š  ‹  Œ    Ž      ‘  ’  “  ”  •  –  —  ˜  ™  š  ›  œ    ž  Ÿ     ¡  ¢  £  ¤  ¥  ¦  §  ¨  ©  ª  «  ¬  ­  ®  ¯  °  ±  ²  ³  ´  µ  ¶  ·  ¸  ¹  º  »  ¼  ½  ¾  ¿  À  Á  Â  Ã  Ä  Å  Æ  Ç  È  É  Ê  Ë  Ì  Í  Î  Ï  Ð  Ñ  Ò  Ó  Ô  Õ  Ö  ×  Ø  Ù  Ú  Û  Ü  Ý  Þ  ß  à  á  â  ã  ä  å  æ  ç  è  é  ê  ë  ì  í  î  ï  ð  ñ  ò  ó  ô  õ  ö  ÷  ø  ù  ú  û  ü  ý  þ  ÿ  €    ‚  ƒ  „  …  †  ‡  ˆ  ‰  Š  ‹  Œ    Ž      ‘  ’  “  ”  •  –  —  ˜  ™  š  ›  œ    ž  Ÿ     ¡  ¢  £  ¤  ¥  ¦  §  ¨  ©  ª  «  ¬  ­  ®  ¯  °  ±  ²  ³  ´  µ  ¶  ·  ¸  ¹  º  »  ¼  ½  ¾  ¿  À  Á  Â  Ã  Ä  Å  Æ  Ç  È  É  Ê  Ë  Ì  Í  Î  Ï  Ð  Ñ  Ò  Ó  Ô  Õ  Ö  ×  Ø  Ù  Ú  Û  Ü  Ý  Þ  ß  à  á  â  ã  ä  å  æ  ç  è  é  ê  ë  ì  í  î  ï  ð  ñ  ò  ó  ô  õ  ö  ÷  ø  ù  ú  û  ü  ý  þ  ÿ  €    ‚  ƒ  „  …  †  ‡  ˆ  ‰  Š  ‹  Œ    Ž      ‘  ’  “  ”  •  –  —  ˜  ™  š  ›  œ    ž  Ÿ     ¡  ¢  £  ¤   ¥   ¦   §   ¨   ©   ª   «   ¬   ­   ®   ¯   °   ±   ²   ³   ´   µ   ¶   ·   ¸   ¹   º   »   ¼  !½  !¾  !¿  !À  !Á  !Â  !Ã  !Ä  !Å  !Æ  !Ç  !È  !É  !Ê  "Ë  "Ì  "Í  "Î  "Ï  "Ð  "Ñ  "Ò  "Ó  "Ô  "Õ  "Ö  "×  "Ø  "Ù  "Ú  "Û  "Ü  "Ý  "Þ  "ß  "à  "á  "â  #ã  #ä  #å  #æ  #ç  #è  #é  #ê  #ë  #ì  #í  #î  #ï  #ð  #ñ  $ò  $ó  $ô  $õ  $ö  $÷  $ø  $ù  $ú  $û  $ü  $ý  $þ  $ÿ  $€  $  $‚  $ƒ  $„  $…  $†  $‡  $ˆ  $‰  %Š  %‹  %Œ  %  %Ž  %  %  %‘  %’  %“  %”  %•  %–  %—  %˜  &™  &š  &›  &œ  &  &ž  &Ÿ  &   &¡  &¢  &£  &¤  &¥  &¦  &§  '¨  '©  'ª  '«  '¬  '­  '®  '¯  '°  '±  '²  '³  '´  'µ  '¶  '·  '¸  '¹  'º  '»  '¼  '½  '¾  '¿  'À  (Á  (Â  (Ã  (Ä  (Å  (Æ  (Ç  (È  (É  (Ê  (Ë  (Ì  (Í  (Î  (Ï  (Ð  (Ñ  (Ò  (Ó  (Ô  (Õ  (Ö  (×  (Ø  )Ù  )Ú  )Û  )Ü  )Ý  )Þ  )ß  )à  )á  )â  )ã  )ä  )å  *æ  *ç  *è  *é  *ê  *ë  *ì  *í  *î  *ï  *ð  *ñ  *ò  *ó  *ô  *õ  *ö  +÷  +ø  +ù  +ú  +û  +ü  +ý  +þ  +ÿ  +€  +  +‚  +ƒ  ,„  ,…  ,†  ,‡  ,ˆ  ,‰  ,Š  ,‹  ,Œ  ,  ,Ž  ,  ,  ,‘  ,’  ,“  ,”  ,•  ,–  ,—  ,˜  ,™  ,š  ,›  ,œ  ,  ,ž  ,Ÿ  ,   ,¡  ,¢  ,£  ,¤  ,¥  ,¦  ,§  ,¨  ,©  ,ª  ,«  ,¬  -­  -®  -¯  -°  -±  -²  -³  -´  -µ  -¶  -·  -¸  -¹  -º  -»  -¼  -½  -¾  -¿  -À  -Á  -Â  -Ã  .Ä  .Å  .Æ  .Ç  .È  .É  .Ê  .Ë  .Ì  .Í  .Î  .Ï  .Ð  .Ñ  .Ò  .Ó  .Ô  /Õ  /Ö  /×  /Ø  /Ù  /Ú  /Û  /Ü  /Ý  /Þ  /ß  /à  /á  /â  /ã  0ä  0å  0æ  0ç  0è  0é  0ê  0ë  0ì  0í  0î  0ï  0ð  0ñ  0ò  0ó  0ô  0õ  0ö  0÷  0ø  0ù  0ú  0û  1ü  1ý  1þ  1ÿ  1€  1  1‚  1ƒ  1„  1…  1†  1‡  1ˆ  1‰  1Š  2‹  2Œ  2  2Ž  2  2  2‘  2’  2“  2”  2•  2–  2—  2˜  2™  2š  2›  2œ  2  2ž  2Ÿ  2   2¡  2¢  2£  3¤  3¥  3¦  3§  3¨  3©  3ª  3«  3¬  3­  3®  3¯  3°  4±  4²  4³  4´  4µ  4¶  4·  4¸  4¹  4º  4»  4¼  4½  4¾  5¿  5À  5Á  5Â  5Ã  5Ä  5Å  5Æ  5Ç  5È  5É  5Ê  5Ë  5Ì  5Í  5Î  5Ï  5Ð  6Ñ  6Ò  6Ó  6Ô  6Õ  6Ö  6×  6Ø  6Ù  6Ú  6Û  6Ü  6Ý  6Þ  6ß  6à  6á  6â  6ã  6ä  6å  6æ  6ç  6è  6é  6ê  6ë  6ì  6í  6î  7ï  7ð  7ñ  7ò  7ó  7ô  7õ  7ö  7÷  7ø  7ù  7ú  7û  7ü  7ý  8þ  8ÿ  8€  8  8‚  8ƒ  8„  8…  8†  8‡  8ˆ  8‰  8Š  8‹  8Œ  8  8Ž  8  8  8‘  8’  8“  8”  9•  9–  9—  9˜  9™  9š  9›  9œ  9  9ž  9Ÿ  9   9¡  9¢  9£  :¤  :¥  :¦  :§  :¨  :©  :ª  :«  :¬  :­  :®  :¯  :°  :±  :²  ;³  ;´  ;µ  ;¶  ;·  ;¸  ;¹  ;º  ;»  ;¼  ;½  ;¾  ;¿  ;À  ;Á  <Â  <Ã  <Ä  <Å  <Æ  <Ç  <È  <É  <Ê  <Ë  <Ì  <Í  <Î  <Ï  <Ð  =Ñ  =Ò  =Ó  =Ô  =Õ  =Ö  =×  =Ø  =Ù  =Ú  =Û  =Ü  =Ý  =Þ  =ß  =à  =á  =â  =ã  =ä  =å  =æ  =ç  =è  =é  =ê  =ë  =ì  =í  =î  =ï  =ð  =ñ  =ò  =ó  =ô  =õ  =ö  >÷  >ø  >ù  >ú  >û  >ü  >ý  >þ  >ÿ  >€	  >	  >‚	  >ƒ	  >„	  >…	  >†	  >‡	  >ˆ	  >‰	  >Š	  >‹	  >Œ	  >	  >Ž	  >	  >	  >‘	  >’	  >“	  >”	  >•	  >–	  ?—	  ?˜	  ?™	  ?š	  ?›	  ?œ	  ?	  ?ž	  ?Ÿ	  ? 	  ?¡	  ?¢	  ?£	  ?¤	  ?¥	  ?¦	  ?§	  ?¨	  ?©	  ?ª	  ?«	  ?¬	  ?­	  ?®	  ?¯	  ?°	  ?±	  ?²	  ?³	  ?´	  ?µ	  ?¶	  ?·	  ?¸	  @¹	  @º	  @»	  @¼	  @½	  @¾	  @¿	  @À	  @Á	  @Â	  @Ã	  @Ä	  @Å	  @Æ	  @Ç	  @È	  @É	  @Ê	  @Ë	  @Ì	  @Í	  @Î	  @Ï	  @Ð	  AÑ	  AÒ	  AÓ	  AÔ	  AÕ	  AÖ	  A×	  AØ	  AÙ	  AÚ	  AÛ	  AÜ	  AÝ	  AÞ	  Aß	  Aà	  Aá	  Bâ	  Bã	  Bä	  Bå	  Bæ	  Bç	  Bè	  Bé	  Bê	  Bë	  Bì	  Bí	  Bî	  Bï	  Bð	  Bñ	  Bò	  Bó	  Bô	  Cõ	  Cö	  C÷	  Cø	  Cù	  Cú	  Cû	  Cü	  Cý	  Cþ	  Cÿ	  C€
  C
  C‚
  Cƒ
  C„
  C…
  C†
  C‡
  Dˆ
  D‰
  DŠ
  D‹
  DŒ
  D
  DŽ
  D
  D
  D‘
  D’
  D“
  D”
  E•
  E–
  E—
  E˜
  E™
  Eš
  E›
  Eœ
  E
  Ež
  EŸ
  E 
  E¡
  E¢
  E£
  E¤
  E¥
  E¦
  E§
  E¨
  E©
  Eª
  E«
  E¬
  E­
  E®
  E¯
  E°
  F±
  F²
  F³
  F´
  Fµ
  F¶
  F·
  F¸
  F¹
  Fº
  F»
  F¼
  F½
  F¾
  F¿
  FÀ
  FÁ
  FÂ
  FÃ
  FÄ
  FÅ
  FÆ
  FÇ
  FÈ
  FÉ
  FÊ
  FË
  FÌ
  GÍ
  GÎ
  GÏ
  GÐ
  GÑ
  GÒ
  GÓ
  GÔ
  GÕ
  GÖ
  G×
  GØ
  GÙ
  GÚ
  GÛ
  GÜ
  GÝ
  GÞ
  Gß
  Gà
  Gá
  Gâ
  Gã
  Gä
  Gå
  Gæ
  Gç
  Gè
  Gé
  Gê
  Gë
  Gì
  Gí
  Gî
  Gï
  Hð
  Hñ
  Hò
  Hó
  Hô
  Hõ
  Hö
  H÷
  Hø
  Hù
  Hú
  Hû
  Hü
  Hý
  Hþ
  Hÿ
  H€  H  H‚  Hƒ  H„  H…  H†  H‡  Hˆ  H‰  HŠ  H‹  HŒ  H  HŽ  H  H  H‘  H’  H“  H”  H•  H–  I—  I˜  I™  Iš  I›  Iœ  I  Iž  IŸ  I   I¡  I¢  I£  I¤  I¥  I¦  I§  I¨  I©  Iª  I«  I¬  I­  I®  I¯  I°  I±  I²  I³  I´  Iµ  I¶  I·  I¸  I¹  Jº  J»  J¼  J½  J¾  J¿  JÀ  JÁ  JÂ  JÃ  JÄ  JÅ  JÆ  JÇ  JÈ  JÉ  JÊ  JË  JÌ  JÍ  JÎ  JÏ  JÐ  JÑ  JÒ  JÓ  JÔ  JÕ  JÖ  J×  JØ  JÙ  JÚ  KÛ  KÜ  KÝ  KÞ  Kß  Kà  Ká  Kâ  Kã  Kä  Kå  Kæ  Kç  Kè  Ké  Kê  Kë  Kì  Kí  Kî  Kï  Kð  Kñ  Kò  Kó  Kô  Kõ  Kö  K÷  Kø  Kù  Kú  Kû  Kü  Ký  Kþ  Kÿ  K€  K  K‚  Lƒ  L„  L…  L†  L‡  Lˆ  L‰  LŠ  L‹  LŒ  L  LŽ  L  L  L‘  L’  L“  L”  L•  L–  L—  L˜  L™  Lš  L›  Lœ  L  Lž  LŸ  L   L¡  L¢  L£  L¤  L¥  L¦  L§  L¨  L©  Lª  L«  L¬  L­  L®  M¯  M°  M±  M²  M³  M´  Mµ  M¶  M·  M¸  M¹  Mº  M»  M¼  M½  M¾  M¿  MÀ  MÁ  MÂ  MÃ  MÄ  MÅ  MÆ  MÇ  MÈ  MÉ  MÊ  MË  MÌ  MÍ  MÎ  MÏ  MÐ  MÑ  MÒ  NÓ  NÔ  NÕ  NÖ  N×  NØ  NÙ  NÚ  NÛ  NÜ  NÝ  NÞ  Nß  Nà  Ná  Nâ  Nã  Nä  Nå  Næ  Nç  Nè  Né  Nê  Në  Nì  Ní  Nî  Oï  Oð  Oñ  Oò  Oó  Oô  Oõ  Oö  O÷  Oø  Où  Oú  Oû  Oü  Oý  Oþ  Oÿ  O€  O  O‚  Oƒ  O„  O…  O†  O‡  Oˆ  O‰  OŠ  O‹  OŒ  O  OŽ  P  P  P‘  P’  P“  P”  P•  P–  P—  P˜  P™  Pš  P›  Pœ  P  Pž  PŸ  P   P¡  P¢  P£  P¤  P¥  P¦  P§  P¨  P©  Pª  P«  P¬  P­  P®  P¯  P°  Q±  Q²  Q³  Q´  Qµ  Q¶  Q·  Q¸  Q¹  Qº  Q»  Q¼  Q½  Q¾  Q¿  QÀ  QÁ  QÂ  QÃ  QÄ  QÅ  QÆ  QÇ  QÈ  QÉ  QÊ  QË  QÌ  QÍ  QÎ  QÏ  QÐ  QÑ  QÒ  RÓ  RÔ  RÕ  RÖ  R×  RØ  RÙ  RÚ  RÛ  RÜ  RÝ  RÞ  Rß  Rà  Rá  Râ  Rã  Rä  Rå  Ræ  Rç  Rè  Ré  Rê  Rë  Rì  Rí  Rî  Rï  Rð  Rñ  Rò  Só  Sô  Sõ  Sö  S÷  Sø  Sù  Sú  Sû  Sü  Sý  Sþ  Sÿ  S€  S  S‚  Sƒ  S„  S…  S†  S‡  Sˆ  S‰  SŠ  S‹  SŒ  T  TŽ  T  T  T‘  T’  T“  T”  T•  T–  T—  T˜  T™  Tš  T›  Tœ  T  Tž  TŸ  T   T¡  T¢  T£  T¤  T¥  T¦  T§  T¨  T©  Tª  U«  U¬  U­  U®  U¯  U°  U±  U²  U³  U´  Uµ  U¶  U·  U¸  U¹  Uº  U»  U¼  U½  U¾  U¿  UÀ  UÁ  UÂ  UÃ  UÄ  UÅ  UÆ  UÇ  UÈ  UÉ  UÊ  VË  VÌ  VÍ  VÎ  VÏ  VÐ  VÑ  VÒ  VÓ  VÔ  VÕ  VÖ  V×  VØ  VÙ  VÚ  VÛ  VÜ  VÝ  VÞ  Vß  Và  Vá  Vâ  Vã  Vä  Vå  Væ  Vç  Vè  Vé  Vê  Vë  Vì  Ví  Vî  Vï  Vð  Vñ  Vò  Vó  Vô  Võ  Vö  V÷  Vø  Vù  Vú  Wû  Wü  Wý  Wþ  Wÿ  W€  W  W‚  Wƒ  W„  W…  W†  W‡  Wˆ  W‰  WŠ  W‹  WŒ  W  WŽ  W  W  W‘  W’  W“  W”  W•  W–  W—  W˜  W™  Wš  W›  Wœ  W  Wž  WŸ  W   W¡  W¢  X£  X¤  X¥  X¦  X§  X¨  X©  Xª  X«  X¬  X­  X®  X¯  X°  X±  X²  X³  X´  Xµ  X¶  X·  X¸  X¹  Xº  X»  X¼  X½  X¾  X¿  XÀ  XÁ  XÂ  XÃ  XÄ  XÅ  XÆ  XÇ  XÈ  XÉ  XÊ  XË  XÌ  XÍ  XÎ  XÏ  XÐ  XÑ  XÒ  YÓ  YÔ  YÕ  YÖ  Y×  YØ  YÙ  YÚ  YÛ  YÜ  YÝ  YÞ  Yß  Yà  Yá  Yâ  Yã  Yä  Yå  Yæ  Yç  Yè  Yé  Yê  Yë  Yì  Yí  Yî  Yï  Yð  Yñ  Yò  Yó  Yô  Yõ  Yö  Y÷  Yø  Yù  Yú  Zû  Zü  Zý  Zþ  Zÿ  Z€  Z  Z‚  Zƒ  Z„  Z…  Z†  Z‡  Zˆ  Z‰  ZŠ  Z‹  ZŒ  Z  ZŽ  Z  Z  Z‘  Z’  Z“  Z”  Z•  Z–  Z—  Z˜  Z™  Zš  Z›  Zœ  Z  Zž  ZŸ  Z   Z¡  Z¢  [£  [¤  [¥  [¦  [§  [¨  [©  [ª  [«  [¬  [­  [®  [¯  [°  [±  [²  [³  [´  [µ  [¶  [·  [¸  [¹  [º  [»  [¼  [½  [¾  \¿  \À  \Á  \Â  \Ã  \Ä  \Å  \Æ  \Ç  \È  \É  \Ê  \Ë  \Ì  \Í  \Î  \Ï  \Ð  \Ñ  \Ò  \Ó  \Ô  \Õ  \Ö  \×  \Ø  \Ù  \Ú  \Û  \Ü  \Ý  \Þ  \ß  \à  \á  \â  \ã  \ä  \å  \æ  ]ç  ]è  ]é  ]ê  ]ë  ]ì  ]í  ]î  ]ï  ]ð  ]ñ  ]ò  ]ó  ]ô  ]õ  ]ö  ]÷  ]ø  ]ù  ]ú  ]û  ]ü  ]ý  ]þ  ]ÿ  ]€  ]  ]‚  ]ƒ  ]„  ]…  ]†  ]‡  ]ˆ  ]‰  ]Š  ]‹  ]Œ  ]  ]Ž  ^  ^  ^‘  ^’  ^“  ^”  ^•  ^–  ^—  ^˜  ^™  ^š  ^›  ^œ  ^  ^ž  ^Ÿ  ^   ^¡  ^¢  ^£  ^¤  ^¥  ^¦  ^§  ^¨  ^©  ^ª  ^«  ^¬  ^­  ^®  ^¯  ^°  ^±  ^²  ^³  ^´  ^µ  ^¶  _·  _¸  _¹  _º  _»  _¼  _½  _¾  _¿  _À  _Á  _Â  _Ã  _Ä  _Å  _Æ  _Ç  _È  _É  _Ê  _Ë  _Ì  _Í  _Î  _Ï  _Ð  _Ñ  _Ò  _Ó  _Ô  _Õ  _Ö  _×  _Ø  _Ù  _Ú  _Û  _Ü  _Ý  _Þ  _ß  _à  `á  `â  `ã  `ä  `å  `æ  `ç  `è  `é  `ê  `ë  `ì  `í  `î  `ï  `ð  `ñ  `ò  `ó  `ô  `õ  `ö  `÷  `ø  `ù  `ú  `û  `ü  `ý  `þ  `ÿ  `€  `  `‚  `ƒ  `„  `…  `†  `‡  `ˆ  a‰  aŠ  a‹  aŒ  a  aŽ  a  a  a‘  a’  a“  a”  a•  a–  a—  a˜  a™  aš  a›  aœ  a  až  aŸ  a   a¡  a¢  a£  a¤  a¥  a¦  a§  a¨  a©  aª  a«  a¬  b­  b®  b¯  b°  b±  b²  b³  b´  bµ  b¶  b·  b¸  b¹  bº  b»  b¼  b½  b¾  b¿  bÀ  bÁ  bÂ  bÃ  bÄ  bÅ  bÆ  bÇ  bÈ  bÉ  bÊ  bË  bÌ  bÍ  bÎ  bÏ  bÐ  bÑ  bÒ  bÓ  bÔ  bÕ  bÖ  b×  bØ  bÙ  bÚ  bÛ  bÜ  cÝ  cÞ  cß  cà  cá  câ  cã  cä  cå  cæ  cç  cè  cé  cê  cë  cì  cí  cî  cï  cð  cñ  cò  có  cô  cõ  cö  c÷  cø  cù  cú  cû  cü  cý  cþ  cÿ  c€  c  c‚  cƒ  cæ     (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   99  amazonka-network-firewallî A single IP address specification. This is used in the MatchAttributes
 source and destination specifications.See:   smart constructor. amazonka-network-firewallœSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing. amazonka-network-firewallCreate a value of   " with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  Ÿ - Specify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing. amazonka-network-firewallœSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing.  amazonka-network-firewall         (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   9ç        (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   M£
' amazonka-network-firewall–The configuration and status for a single subnet that you've specified
 for use by the Network Firewall firewall. This is part of the
 FirewallStatus.See:  - smart constructor.) amazonka-network-firewallàThe identifier of the firewall endpoint that Network Firewall has
 instantiated in the subnet. You use this to identify the firewall
 endpoint in the VPC route tables, when you redirect the VPC traffic
 through the endpoint.* amazonka-network-firewall·The current status of the firewall endpoint in the subnet. This value
 reflects both the instantiation of the endpoint in the VPC subnet and
 the sync states that are reported in the Config settings. When this
 value is READY¯, the endpoint is available and configured properly to
 handle network traffic. When the endpoint isn't available for traffic,
 this value will reflect its state, for example CREATING or DELETING.+ amazonka-network-firewallÅIf Network Firewall fails to create or delete the firewall endpoint in
 the subnet, it populates this with the reason for the failure and how to
 resolve it. Depending on the error, it can take as many as 15 minutes to
 populate this field. For more information about the errors and solutions
 available for this field, see
 ò https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html*Troubleshooting firewall endpoint failures	
 in the  Network Firewall Developer Guide., amazonka-network-firewallÞ The unique identifier of the subnet that you've specified to be used
 for a firewall endpoint.- amazonka-network-firewallCreate a value of  '" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ),  .ã - The identifier of the firewall endpoint that Network Firewall has
 instantiated in the subnet. You use this to identify the firewall
 endpoint in the VPC route tables, when you redirect the VPC traffic
 through the endpoint. *,  /º - The current status of the firewall endpoint in the subnet. This value
 reflects both the instantiation of the endpoint in the VPC subnet and
 the sync states that are reported in the Config settings. When this
 value is READY¯, the endpoint is available and configured properly to
 handle network traffic. When the endpoint isn't available for traffic,
 this value will reflect its state, for example CREATING or DELETING. +,  0È - If Network Firewall fails to create or delete the firewall endpoint in
 the subnet, it populates this with the reason for the failure and how to
 resolve it. Depending on the error, it can take as many as 15 minutes to
 populate this field. For more information about the errors and solutions
 available for this field, see
 ò https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html*Troubleshooting firewall endpoint failures	
 in the  Network Firewall Developer Guide. ,,  1á  - The unique identifier of the subnet that you've specified to be used
 for a firewall endpoint.. amazonka-network-firewallàThe identifier of the firewall endpoint that Network Firewall has
 instantiated in the subnet. You use this to identify the firewall
 endpoint in the VPC route tables, when you redirect the VPC traffic
 through the endpoint./ amazonka-network-firewall·The current status of the firewall endpoint in the subnet. This value
 reflects both the instantiation of the endpoint in the VPC subnet and
 the sync states that are reported in the Config settings. When this
 value is READY¯, the endpoint is available and configured properly to
 handle network traffic. When the endpoint isn't available for traffic,
 this value will reflect its state, for example CREATING or DELETING.0 amazonka-network-firewallÅIf Network Firewall fails to create or delete the firewall endpoint in
 the subnet, it populates this with the reason for the failure and how to
 resolve it. Depending on the error, it can take as many as 15 minutes to
 populate this field. For more information about the errors and solutions
 available for this field, see
 ò https://docs.aws.amazon.com/network-firewall/latest/developerguide/firewall-troubleshooting-endpoint-failures.html*Troubleshooting firewall endpoint failures	
 in the  Network Firewall Developer Guide.1 amazonka-network-firewallÞ The unique identifier of the subnet that you've specified to be used
 for a firewall endpoint. ',)*+(-./01',)*+(-./01      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   N]  9>=<:;	9>=<:;>=<      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   TwR amazonka-network-firewall× The value to use in an Amazon CloudWatch custom metric dimension. This
 is used in the PublishMetricsó  CustomAction. A CloudWatch custom metric
 dimension is a name/value pair that's part of the identity of a
 metric.,Network Firewall sets the dimension name to CustomAction& and you
 provide the dimension value.Å For more information about CloudWatch custom metric dimensions, see
 å https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html#usingDimensionsPublishing Custom Metrics

 in the
 Ô https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/WhatIsCloudWatch.htmlAmazon CloudWatch User Guide.See:  U smart constructor.T amazonka-network-firewall0The value to use in the custom metric dimension.U amazonka-network-firewallCreate a value of  R" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: T,  V3 - The value to use in the custom metric dimension.V amazonka-network-firewall0The value to use in the custom metric dimension.U  amazonka-network-firewall TRTSUVRTSUV      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   U%  _cb`a_cb`acb      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   arw amazonka-network-firewall½A complex type that contains optional Amazon Web Services Key Management
 Service (KMS) encryption settings for your Network Firewall resources.
 Your data is encrypted by default with an Amazon Web Services owned key
 that Amazon Web Services owns and manages for you. You can use either
 the Amazon Web Services owned key, or provide your own customer managed
 key. To learn more about KMS encryption of your Network Firewall
 resources, see
 Ñ https://docs.aws.amazon.com/kms/latest/developerguide/kms-encryption-at-rest.htmlÁ Encryption at rest with Amazon Web Services Key Managment Service	
 in the  Network Firewall Developer Guide.See:  { smart constructor.y amazonka-network-firewall·The ID of the Amazon Web Services Key Management Service (KMS) customer
 managed key. You can use any of the key identifiers that KMS supports,
 unless you're using a key that's managed by another account. If
 you're using a key managed by another account, then specify the key
 ARN. For more information, see
 Ê https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-idKey ID	
 in the 'Amazon Web Services KMS Developer Guide.z amazonka-network-firewallâ The type of Amazon Web Services KMS key to use for encryption of your
 Network Firewall resources.{ amazonka-network-firewallCreate a value of  w" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: y,  |º - The ID of the Amazon Web Services Key Management Service (KMS) customer
 managed key. You can use any of the key identifiers that KMS supports,
 unless you're using a key that's managed by another account. If
 you're using a key managed by another account, then specify the key
 ARN. For more information, see
 Ê https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-idKey ID	
 in the 'Amazon Web Services KMS Developer Guide. z,  }å  - The type of Amazon Web Services KMS key to use for encryption of your
 Network Firewall resources.| amazonka-network-firewall·The ID of the Amazon Web Services Key Management Service (KMS) customer
 managed key. You can use any of the key identifiers that KMS supports,
 unless you're using a key that's managed by another account. If
 you're using a key managed by another account, then specify the key
 ARN. For more information, see
 Ê https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-idKey ID	
 in the 'Amazon Web Services KMS Developer Guide.} amazonka-network-firewallâ The type of Amazon Web Services KMS key to use for encryption of your
 Network Firewall resources.{  amazonka-network-firewall zwzyx{|}wzyx{|}      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   g† amazonka-network-firewall³High-level information about a firewall, returned by operations like
 create and describe. You can use the information provided in the
 metadata to retrieve and manage a firewall.See:  Š smart constructor.ˆ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.‰ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Š amazonka-network-firewallCreate a value of  †" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ˆ,  ‹2 - The Amazon Resource Name (ARN) of the firewall. ‰,  Œæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.‹ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Œ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. †‰ˆ‡Š‹Œ†‰ˆ‡Š‹Œ    	  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   mH” amazonka-network-firewall˜High-level information about a firewall policy, returned by operations
 like create and describe. You can use the information provided in the
 metadata to retrieve and manage a firewall policy. You can retrieve all
 objects for a firewall policy by calling DescribeFirewallPolicy.See:  ˜ smart constructor.– amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.— amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.˜ amazonka-network-firewallCreate a value of  ”" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: –,  ™9 - The Amazon Resource Name (ARN) of the firewall policy. —,  šô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.™ amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.š amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it. ”–—•˜™š”–—•˜™š    
  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   n  ¢§¦¥£¤	¢§¦¥£¤§¦¥      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   nÊ  »¿¾¼½»¿¾¼½¿¾      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   r»Ó amazonka-network-firewallÞ A list of IP addresses and address ranges, in CIDR notation. This is
 part of a RuleVariables.See:  Ö smart constructor.Õ amazonka-network-firewall>The list of IP addresses and address ranges, in CIDR notation.Ö amazonka-network-firewallCreate a value of  Ó" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Õ,  ×Á  - The list of IP addresses and address ranges, in CIDR notation.× amazonka-network-firewall>The list of IP addresses and address ranges, in CIDR notation. ÓÕÔÖ×ÓÕÔÖ×      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   xGà amazonka-network-firewall%General information about the IP set.See:  ã smart constructor.â amazonka-network-firewallÁDescribes the total number of CIDR blocks currently in use by the IP set
 references in a firewall. To determine how many CIDR blocks are
 available for you to use in a firewall, you can call
 AvailableCIDRCount.ã amazonka-network-firewallCreate a value of  à" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: â,  äÄ - Describes the total number of CIDR blocks currently in use by the IP set
 references in a firewall. To determine how many CIDR blocks are
 available for you to use in a firewall, you can call
 AvailableCIDRCount.ä amazonka-network-firewallÁDescribes the total number of CIDR blocks currently in use by the IP set
 references in a firewall. To determine how many CIDR blocks are
 available for you to use in a firewall, you can call
 AvailableCIDRCount. àâáãäàâáãä      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ì amazonka-network-firewallÍSummarizes the CIDR blocks used by the IP set references in a firewall.
 Network Firewall calculates the number of CIDRs by taking an aggregated
 count of all CIDRs used by the IP sets you are referencing.See:  ñ smart constructor.î amazonka-network-firewallÔ The number of CIDR blocks available for use by the IP set references in
 a firewall.ï amazonka-network-firewall5The list of the IP set references used by a firewall.ð amazonka-network-firewallÆ The number of CIDR blocks used by the IP set references in a firewall.ñ amazonka-network-firewallCreate a value of  ì" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: î,  ò×  - The number of CIDR blocks available for use by the IP set references in
 a firewall. ï,  ó8 - The list of the IP set references used by a firewall. ð,  ôÉ  - The number of CIDR blocks used by the IP set references in a firewall.ò amazonka-network-firewallÔ The number of CIDR blocks available for use by the IP set references in
 a firewall.ó amazonka-network-firewall5The list of the IP set references used by a firewall.ô amazonka-network-firewallÆ The number of CIDR blocks used by the IP set references in a firewall. 	ìðïîíñòóô	ìðïîíñòóô      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ƒ^ü amazonka-network-firewallÕ The capacity usage summary of the resources used by the ReferenceSets in
 a firewall.See:  ÿ smart constructor.þ amazonka-network-firewallÝ Describes the capacity usage of the CIDR blocks used by the IP set
 references in a firewall.ÿ amazonka-network-firewallCreate a value of  ü" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: þ,  €à  - Describes the capacity usage of the CIDR blocks used by the IP set
 references in a firewall.€ amazonka-network-firewallÝ Describes the capacity usage of the CIDR blocks used by the IP set
 references in a firewall. üþýÿ€üþýÿ€      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ‹!ˆ amazonka-network-firewallöConfigures one or more IP set references for a Suricata-compatible rule
 group. This is used in CreateRuleGroup or UpdateRuleGroup. An IP set
 reference is a rule variable that references a resource that you create
 and manage in another Amazon Web Services service, such as an Amazon VPC
 prefix list. Network Firewall IP set references enable you to
 dynamically update the contents of your rules. When you create, update,
 or delete the IP set you are referencing in your rule, Network Firewall
 automatically updates the rule's content with the changes. For more
 information about IP set references in Network Firewall, see
 à https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-referencesUsing IP set references	
 in the  Network Firewall Developer Guide.*Network Firewall currently supports only
 Ê https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.htmlAmazon VPC prefix lists
 as IP set references.See:  ‹ smart constructor.Š amazonka-network-firewallÜ The Amazon Resource Name (ARN) of the resource that you are referencing
 in your rule group.‹ amazonka-network-firewallCreate a value of  ˆ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Š,  Œß  - The Amazon Resource Name (ARN) of the resource that you are referencing
 in your rule group.Œ amazonka-network-firewallÜ The Amazon Resource Name (ARN) of the resource that you are referencing
 in your rule group. ˆŠ‰‹ŒˆŠ‰‹Œ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   ‹Ù  •š™˜–—	•š™˜–—š™˜      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Œ›  ®²±¯°®²±¯°²±      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¢rÆ amazonka-network-firewallïDefines where Network Firewall sends logs for the firewall for one log
 type. This is used in LoggingConfiguration. You can send each type of
 log to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data
 Firehose delivery stream.šNetwork Firewall generates logs for stateful rule groups. You can save
 alert and flow log types. The stateful rules engine records flow logs
 for all network traffic that it receives. It records alert logs for
 traffic that matches stateful rules that have the rule action set to
 DROP or ALERT.See:  Ë smart constructor.È amazonka-network-firewallºThe type of log to send. Alert logs report traffic that matches a
 StatefulRule with an action setting that sends an alert log message.
 Flow logs are standard network traffic flow logs.É amazonka-network-firewall¦The type of storage destination to send these logs to. You can send logs
 to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data
 Firehose delivery stream.Ê amazonka-network-firewallò The named location for the logs, provided in a key:value mapping that is
 specific to the chosen destination type.Ç For an Amazon S3 bucket, provide the name of the bucket, with key
     
bucketName,, and optionally provide a prefix, with key prefixÆ .
     The following example specifies an Amazon S3 bucket named
     DOC-EXAMPLE-BUCKET and the prefix alerts:Ì "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }Ø For a CloudWatch log group, provide the name of the CloudWatch log
     group, with key logGroup9. The following example specifies a log
     group named alert-log-group:3"LogDestination": { "logGroup": "alert-log-group" }ä For a Kinesis Data Firehose delivery stream, provide the name of the
     delivery stream, with key deliveryStream?. The following example
     specifies a delivery stream named alert-delivery-stream:?"LogDestination": { "deliveryStream": "alert-delivery-stream" }Ë amazonka-network-firewallCreate a value of  Æ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: È,  Ì½ - The type of log to send. Alert logs report traffic that matches a
 StatefulRule with an action setting that sends an alert log message.
 Flow logs are standard network traffic flow logs. É,  Í© - The type of storage destination to send these logs to. You can send logs
 to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data
 Firehose delivery stream. Ê,  Îõ  - The named location for the logs, provided in a key:value mapping that is
 specific to the chosen destination type.Ç For an Amazon S3 bucket, provide the name of the bucket, with key
     
bucketName,, and optionally provide a prefix, with key prefixÆ .
     The following example specifies an Amazon S3 bucket named
     DOC-EXAMPLE-BUCKET and the prefix alerts:Ì "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }Ø For a CloudWatch log group, provide the name of the CloudWatch log
     group, with key logGroup9. The following example specifies a log
     group named alert-log-group:3"LogDestination": { "logGroup": "alert-log-group" }ä For a Kinesis Data Firehose delivery stream, provide the name of the
     delivery stream, with key deliveryStream?. The following example
     specifies a delivery stream named alert-delivery-stream:?"LogDestination": { "deliveryStream": "alert-delivery-stream" }Ì amazonka-network-firewallºThe type of log to send. Alert logs report traffic that matches a
 StatefulRule with an action setting that sends an alert log message.
 Flow logs are standard network traffic flow logs.Í amazonka-network-firewall¦The type of storage destination to send these logs to. You can send logs
 to an Amazon S3 bucket, a CloudWatch log group, or a Kinesis Data
 Firehose delivery stream.Î amazonka-network-firewallò The named location for the logs, provided in a key:value mapping that is
 specific to the chosen destination type.Ç For an Amazon S3 bucket, provide the name of the bucket, with key
     
bucketName,, and optionally provide a prefix, with key prefixÆ .
     The following example specifies an Amazon S3 bucket named
     DOC-EXAMPLE-BUCKET and the prefix alerts:Ì "LogDestination": { "bucketName": "DOC-EXAMPLE-BUCKET", "prefix": "alerts" }Ø For a CloudWatch log group, provide the name of the CloudWatch log
     group, with key logGroup9. The following example specifies a log
     group named alert-log-group:3"LogDestination": { "logGroup": "alert-log-group" }ä For a Kinesis Data Firehose delivery stream, provide the name of the
     delivery stream, with key deliveryStream?. The following example
     specifies a delivery stream named alert-delivery-stream:?"LogDestination": { "deliveryStream": "alert-delivery-stream" }Ë  amazonka-network-firewall È amazonka-network-firewall É	ÆÊÉÈÇËÌÍÎ	ÆÊÉÈÇËÌÍÎ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¦ý× amazonka-network-firewall=Defines how Network Firewall performs logging for a Firewall.See:  Ú smart constructor.Ù amazonka-network-firewallø Defines the logging destinations for the logs for a firewall. Network
 Firewall generates logs for stateful rule groups.Ú amazonka-network-firewallCreate a value of  ×" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ù,  Ûû  - Defines the logging destinations for the logs for a firewall. Network
 Firewall generates logs for stateful rule groups.Û amazonka-network-firewallø Defines the logging destinations for the logs for a firewall. Network
 Firewall generates logs for stateful rule groups. ×ÙØÚÛ×ÙØÚÛ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   §µ  äçåæäçåæç      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   ¨k  û€ÿþüý	û€ÿþüý€ÿþ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¯S” amazonka-network-firewall¢Provides configuration status for a single policy or rule group that is
 used for a firewall endpoint. Network Firewall provides each endpoint
 with the rules that are configured in the firewall policy. Each time you
 add a subnet or modify the associated firewall policy, Network Firewall
 synchronizes the rules in the endpoint, so it can properly filter
 network traffic. This is part of a SyncState for a firewall.See:  ˜ smart constructor.– amazonka-network-firewallÙ Indicates whether this object is in sync with the version indicated in
 the update token.— amazonka-network-firewallÕ The current version of the object that is either in sync or pending
 synchronization.˜ amazonka-network-firewallCreate a value of  ”" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: –,  ™Ü  - Indicates whether this object is in sync with the version indicated in
 the update token. —,  šØ  - The current version of the object that is either in sync or pending
 synchronization.™ amazonka-network-firewallÙ Indicates whether this object is in sync with the version indicated in
 the update token.š amazonka-network-firewallÕ The current version of the object that is either in sync or pending
 synchronization. ”—–•˜™š”—–•˜™š      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¶¢ amazonka-network-firewall€A single port range specification. This is used for source and
 destination port ranges in the stateless rule MatchAttributes,
 SourcePorts, and DestinationPorts
 settings.See:  ¦ smart constructor.¤ amazonka-network-firewallË The lower limit of the port range. This must be less than or equal to
 the ToPort specification.¥ amazonka-network-firewallÎ The upper limit of the port range. This must be greater than or equal to
 the FromPort specification.¦ amazonka-network-firewallCreate a value of  ¢" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¤,  §Î  - The lower limit of the port range. This must be less than or equal to
 the ToPort specification. ¥,  ¨Ñ  - The upper limit of the port range. This must be greater than or equal to
 the FromPort specification.§ amazonka-network-firewallË The lower limit of the port range. This must be less than or equal to
 the ToPort specification.¨ amazonka-network-firewallÎ The upper limit of the port range. This must be greater than or equal to
 the FromPort specification.¦  amazonka-network-firewall ¤ amazonka-network-firewall ¥¢¥¤£¦§¨¢¥¤£¦§¨      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¹`± amazonka-network-firewall:A set of port ranges for use in the rules in a rule group.See:  ´ smart constructor.³ amazonka-network-firewallThe set of port ranges.´ amazonka-network-firewallCreate a value of  ±" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ³,  µ - The set of port ranges.µ amazonka-network-firewallThe set of port ranges. ±³²´µ±³²´µ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ¼Ë¾ amazonka-network-firewallµStateless inspection criteria that publishes the specified metrics to
 Amazon CloudWatch for the matching packet. This setting defines a
 CloudWatch dimension value to be published.See:  Á smart constructor.Á amazonka-network-firewallCreate a value of  ¾" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: À,  Â -Á  amazonka-network-firewall À¾À¿ÁÂ¾À¿ÁÂ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   Å×Ë amazonka-network-firewallÙ A custom action to use in stateless rule actions settings. This is used
 in CustomAction.See:  Î smart constructor.Í amazonka-network-firewallµStateless inspection criteria that publishes the specified metrics to
 Amazon CloudWatch for the matching packet. This setting defines a
 CloudWatch dimension value to be published.ºYou can pair this custom action with any of the standard stateless rule
 actions. For example, you could pair this in a rule action with the
 standard action that forwards the packet for stateful inspection. Then,
 when a packet matches the rule, Network Firewall publishes metrics for
 the packet and forwards it.Î amazonka-network-firewallCreate a value of  Ë" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Í,  Ï¸ - Stateless inspection criteria that publishes the specified metrics to
 Amazon CloudWatch for the matching packet. This setting defines a
 CloudWatch dimension value to be published.ºYou can pair this custom action with any of the standard stateless rule
 actions. For example, you could pair this in a rule action with the
 standard action that forwards the packet for stateful inspection. Then,
 when a packet matches the rule, Network Firewall publishes metrics for
 the packet and forwards it.Ï amazonka-network-firewallµStateless inspection criteria that publishes the specified metrics to
 Amazon CloudWatch for the matching packet. This setting defines a
 CloudWatch dimension value to be published.ºYou can pair this custom action with any of the standard stateless rule
 actions. For example, you could pair this in a rule action with the
 standard action that forwards the packet for stateful inspection. Then,
 when a packet matches the rule, Network Firewall publishes metrics for
 the packet and forwards it. ËÍÌÎÏËÍÌÎÏ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   Ï!Ø amazonka-network-firewall–An optional, non-standard action to use for stateless packet handling.
 You can define this in addition to the standard action that you must
 specify.†You define and name the custom actions that you want to be able to use,
 and then you reference them by name in your actions settings.3You can use custom actions in the following places:†In a rule group's StatelessRulesAndCustomActions specification. The
     custom actions are available for use by name inside the
     StatelessRulesAndCustomActions  where you define them. You can use
     them for your stateless rule actions to specify what to do with a
     packet that matches the rule's match attributes.&In a FirewallPolicy specification, in StatelessCustomActions…. The
     custom actions are available for use inside the policy where you
     define them. You can use them for the policy's default stateless
     actions settings to specify what to do with packets that don't
     match any of the policy's stateless rules.See:  Ü smart constructor.Ú amazonka-network-firewallí The descriptive name of the custom action. You can't change the name of
 a custom action after you create it.Û amazonka-network-firewall2The custom action associated with the action name.Ü amazonka-network-firewallCreate a value of  Ø" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ú,  Ýð  - The descriptive name of the custom action. You can't change the name of
 a custom action after you create it. Û,  Þ5 - The custom action associated with the action name.Ý amazonka-network-firewallí The descriptive name of the custom action. You can't change the name of
 a custom action after you create it.Þ amazonka-network-firewall2The custom action associated with the action name.Ü  amazonka-network-firewall Ú amazonka-network-firewall ÛØÛÚÙÜÝÞØÛÚÙÜÝÞ      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   Òzç amazonka-network-firewall$Contains a set of IP set references.See:  ê smart constructor.é amazonka-network-firewallThe list of IP set references.ê amazonka-network-firewallCreate a value of  ç" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: é,  ë! - The list of IP set references.ë amazonka-network-firewallThe list of IP set references. çéèêëçéèêë      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Ó2  ôø÷õöôø÷õöø÷      (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Óî  ŒŽŒŽ       (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Ôª  ¤¨§¥¦¤¨§¥¦¨§    !  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ÚG¼ amazonka-network-firewall¢High-level information about a rule group, returned by ListRuleGroups.
 You can use the information provided in the metadata to retrieve and
 manage a rule group.See:  À smart constructor.¾ amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.¿ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.À amazonka-network-firewallCreate a value of  ¼" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¾,  Á4 - The Amazon Resource Name (ARN) of the rule group. ¿,  Âê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.Á amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.Â amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it. ¼¾¿½ÀÁÂ¼¾¿½ÀÁÂ    "  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Û  ÊÎÍËÌÊÎÍËÌÎÍ    #  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   Þ/â amazonka-network-firewallÙ Additional settings for a stateful rule. This is part of the
 StatefulRule configuration.See:  æ smart constructor.æ amazonka-network-firewallCreate a value of  â" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ä,  ç - å,  è -æ  amazonka-network-firewall åâåäãæçèâåäãæçè    $  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   Þï  ñõôòóñõôòóõô    %  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ãn‰ amazonka-network-firewallÙ Settings that are available for use in the rules in the RuleGroup where
 this is defined.See:   smart constructor.‹ amazonka-network-firewall<A list of IP addresses and address ranges, in CIDR notation.Œ amazonka-network-firewallA list of port ranges. amazonka-network-firewallCreate a value of  ‰" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ‹,  Ž? - A list of IP addresses and address ranges, in CIDR notation. Œ,   - A list of port ranges.Ž amazonka-network-firewall<A list of IP addresses and address ranges, in CIDR notation. amazonka-network-firewallA list of port ranges. ‰Œ‹ŠŽ‰Œ‹ŠŽ    &  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   í)˜ amazonka-network-firewallôHigh-level information about the managed rule group that your own rule
 group is copied from. You can use the the metadata to track version
 updates made to the originating rule group. You can retrieve all objects
 for a rule group by calling
 Û https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.htmlDescribeRuleGroup.See:  œ smart constructor.š amazonka-network-firewallÚ The Amazon Resource Name (ARN) of the rule group that your own rule
 group is copied from.› amazonka-network-firewallªThe update token of the Amazon Web Services managed rule group that your
 own rule group is copied from. To determine the update token for the
 managed rule group, call
 ’https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateTokenDescribeRuleGroup.œ amazonka-network-firewallCreate a value of  ˜" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: š,  Ý  - The Amazon Resource Name (ARN) of the rule group that your own rule
 group is copied from. ›,  ž­ - The update token of the Amazon Web Services managed rule group that your
 own rule group is copied from. To determine the update token for the
 managed rule group, call
 ’https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateTokenDescribeRuleGroup. amazonka-network-firewallÚ The Amazon Resource Name (ARN) of the rule group that your own rule
 group is copied from.ž amazonka-network-firewallªThe update token of the Amazon Web Services managed rule group that your
 own rule group is copied from. To determine the update token for the
 managed rule group, call
 ’https://docs.aws.amazon.com/network-firewall/latest/APIReference/API_DescribeRuleGroup.html#networkfirewall-DescribeRuleGroup-response-UpdateTokenDescribeRuleGroup. ˜›š™œž˜›š™œž    '  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   íé  §¬«ª¨©	§¬«ª¨©¬«ª    (  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ   î«  ÀÄÃÁÂÀÄÃÁÂÄÃ    )  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   ó?Ø amazonka-network-firewallã The setting that allows the policy owner to change the behavior of the
 rule group within a policy.See:  Û smart constructor.Ú amazonka-network-firewall,The action that changes the rule group from DROP to ALERT,. This only
 applies to managed rule groups.Û amazonka-network-firewallCreate a value of  Ø" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ú,  Ü/ - The action that changes the rule group from DROP to ALERT,. This only
 applies to managed rule groups.Ü amazonka-network-firewall,The action that changes the rule group from DROP to ALERT,. This only
 applies to managed rule groups. ØÚÙÛÜØÚÙÛÜ    *  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ   å amazonka-network-firewallá Identifier for a single stateful rule group, used in a firewall policy
 to refer to a rule group.See:  ê smart constructor.ç amazonka-network-firewallä The action that allows the policy owner to override the behavior of the
 rule group within a policy.è amazonka-network-firewall³An integer setting that indicates the order in which to run the stateful
 rule groups in a single FirewallPolicy. This setting only applies to
 firewall policies that specify the STRICT_ORDER5 rule order in the
 stateful engine options settings.ÍNetwork Firewall evalutes each stateful rule group against a packet
 starting with the group that has the lowest priority setting. You must
 ensure that the priority settings are unique within each policy.ËYou can change the priority settings of your rule groups at any time. To
 make it easier to insert rule groups later, number them so there's a
 wide range in between, for example use 100, 200, and so on.é amazonka-network-firewall:The Amazon Resource Name (ARN) of the stateful rule group.ê amazonka-network-firewallCreate a value of  å" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ç,  ëç  - The action that allows the policy owner to override the behavior of the
 rule group within a policy. è,  ì¶ - An integer setting that indicates the order in which to run the stateful
 rule groups in a single FirewallPolicy. This setting only applies to
 firewall policies that specify the STRICT_ORDER5 rule order in the
 stateful engine options settings.ÍNetwork Firewall evalutes each stateful rule group against a packet
 starting with the group that has the lowest priority setting. You must
 ensure that the priority settings are unique within each policy.ËYou can change the priority settings of your rule groups at any time. To
 make it easier to insert rule groups later, number them so there's a
 wide range in between, for example use 100, 200, and so on. é,  í= - The Amazon Resource Name (ARN) of the stateful rule group.ë amazonka-network-firewallä The action that allows the policy owner to override the behavior of the
 rule group within a policy.ì amazonka-network-firewall³An integer setting that indicates the order in which to run the stateful
 rule groups in a single FirewallPolicy. This setting only applies to
 firewall policies that specify the STRICT_ORDER5 rule order in the
 stateful engine options settings.ÍNetwork Firewall evalutes each stateful rule group against a packet
 starting with the group that has the lowest priority setting. You must
 ensure that the priority settings are unique within each policy.ËYou can change the priority settings of your rule groups at any time. To
 make it easier to insert rule groups later, number them so there's a
 wide range in between, for example use 100, 200, and so on.í amazonka-network-firewall:The Amazon Resource Name (ARN) of the stateful rule group.ê  amazonka-network-firewall é	åéèçæêëìí	åéèçæêëìí    +  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  
&ö amazonka-network-firewallû Additional options governing how Network Firewall handles the rule
 group. You can only use these for stateful rule groups.See:  ù smart constructor.ø amazonka-network-firewallÎ Indicates how to manage the order of the rule evaluation for the rule
 group. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide.ù amazonka-network-firewallCreate a value of  ö" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ø,  úÑ  - Indicates how to manage the order of the rule evaluation for the rule
 group. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide.ú amazonka-network-firewallÎ Indicates how to manage the order of the rule evaluation for the rule
 group. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide. öø÷ùúöø÷ùú    ,  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ  
Þ  ƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…)ƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…˜—–•”“’‘ŽŒ‹Š‰ˆ‡†    -  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  +õ¬ amazonka-network-firewallÊThe basic rule criteria for Network Firewall to use to inspect packet
 headers in stateful traffic flow inspection. Traffic flows that match
 the criteria are a match for the corresponding StatefulRule.See:  ´ smart constructor.® amazonka-network-firewall9The protocol to inspect for. To specify all, you can use IPÈ , because
 all traffic on Amazon Web Services and on the internet is IP.¯ amazonka-network-firewallí The source IP address or address range to inspect for, in CIDR notation.
 To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing.° amazonka-network-firewallÑ The source port to inspect for. You can specify an individual port, for
 example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY.± amazonka-network-firewall4The direction of traffic flow to inspect. If set to ANYŒ, the
 inspection matches bidirectional traffic, both from the source to the
 destination and from the destination to the source. If set to FORWARDÑ ,
 the inspection only matches traffic going from the source to the
 destination.² amazonka-network-firewallò The destination IP address or address range to inspect for, in CIDR
 notation. To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing.³ amazonka-network-firewallÖ The destination port to inspect for. You can specify an individual port,
 for example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY.´ amazonka-network-firewallCreate a value of  ¬" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ®,  µ< - The protocol to inspect for. To specify all, you can use IPÈ , because
 all traffic on Amazon Web Services and on the internet is IP. ¯,  ¶ð  - The source IP address or address range to inspect for, in CIDR notation.
 To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing. °,  ·Ô  - The source port to inspect for. You can specify an individual port, for
 example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY. ±,  ¸7 - The direction of traffic flow to inspect. If set to ANYŒ, the
 inspection matches bidirectional traffic, both from the source to the
 destination and from the destination to the source. If set to FORWARDÑ ,
 the inspection only matches traffic going from the source to the
 destination. ²,  ¹õ  - The destination IP address or address range to inspect for, in CIDR
 notation. To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing. ³,  ºÙ  - The destination port to inspect for. You can specify an individual port,
 for example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY.µ amazonka-network-firewall9The protocol to inspect for. To specify all, you can use IPÈ , because
 all traffic on Amazon Web Services and on the internet is IP.¶ amazonka-network-firewallí The source IP address or address range to inspect for, in CIDR notation.
 To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing.· amazonka-network-firewallÑ The source port to inspect for. You can specify an individual port, for
 example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY.¸ amazonka-network-firewall4The direction of traffic flow to inspect. If set to ANYŒ, the
 inspection matches bidirectional traffic, both from the source to the
 destination and from the destination to the source. If set to FORWARDÑ ,
 the inspection only matches traffic going from the source to the
 destination.¹ amazonka-network-firewallò The destination IP address or address range to inspect for, in CIDR
 notation. To match with any address, specify ANY.œSpecify an IP address or a block of IP addresses in Classless
 Inter-Domain Routing (CIDR) notation. Network Firewall supports all
 address ranges for IPv4.	Examples:Õ To configure Network Firewall to inspect for the IP address
     192.0.2.44, specify 192.0.2.44/32.æ To configure Network Firewall to inspect for IP addresses from
     192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.Ã For more information about CIDR notation, see the Wikipedia entry
 <https://en.wikipedia.org/wiki/Classless_Inter-Domain_RoutingClassless Inter-Domain Routing.º amazonka-network-firewallÖ The destination port to inspect for. You can specify an individual port,
 for example 19940 and you can specify a port range, for example
 	1990:1994". To match with any port, specify ANY.´  amazonka-network-firewall ® amazonka-network-firewall ¯ amazonka-network-firewall ° amazonka-network-firewall ± amazonka-network-firewall ² amazonka-network-firewall ³¬³²±°®¯­´µ¶·¸¹º¬³²±°®¯­´µ¶·¸¹º    .  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  >‘Ã amazonka-network-firewallìA single Suricata rules specification, for use in a stateful rule group.
 Use this option to specify a simple Suricata rule with protocol, source
 and destination, ports, direction, and rule options. For information
 about the Suricata Rules format, see
 1https://suricata.readthedocs.io/rules/intro.html#Rules Format.See:  È smart constructor.Å amazonka-network-firewallùDefines what Network Firewall should do with the packets in a traffic
 flow when the flow matches the stateful rule criteria. For all actions,
 Network Firewall performs the specified action and discontinues stateful
 inspection of the traffic flow.7The actions for a stateful rule are defined as follows:PASS9 - Permits the packets to go to the intended destination.DROP« - Blocks the packets from going to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ALERT§ - Permits the packets to go to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ì You can use this action to test a rule that you intend to use to
drop traffic. You can enable the rule with ALERTÞ  action, verify in
the logs that the rule is filtering as you want, then change the
action to DROP.Æ amazonka-network-firewallÏ The stateful inspection criteria for this rule, used to inspect traffic
 flows.Ç amazonka-network-firewall8Additional options for the rule. These are the Suricata RuleOptions
 settings.È amazonka-network-firewallCreate a value of  Ã" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Å,  Éü - Defines what Network Firewall should do with the packets in a traffic
 flow when the flow matches the stateful rule criteria. For all actions,
 Network Firewall performs the specified action and discontinues stateful
 inspection of the traffic flow.7The actions for a stateful rule are defined as follows:PASS9 - Permits the packets to go to the intended destination.DROP« - Blocks the packets from going to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ALERT§ - Permits the packets to go to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ì You can use this action to test a rule that you intend to use to
drop traffic. You can enable the rule with ALERTÞ  action, verify in
the logs that the rule is filtering as you want, then change the
action to DROP. Æ,  ÊÒ  - The stateful inspection criteria for this rule, used to inspect traffic
 flows. Ç,  Ë; - Additional options for the rule. These are the Suricata RuleOptions
 settings.É amazonka-network-firewallùDefines what Network Firewall should do with the packets in a traffic
 flow when the flow matches the stateful rule criteria. For all actions,
 Network Firewall performs the specified action and discontinues stateful
 inspection of the traffic flow.7The actions for a stateful rule are defined as follows:PASS9 - Permits the packets to go to the intended destination.DROP« - Blocks the packets from going to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ALERT§ - Permits the packets to go to the intended destination
     and sends an alert log message, if alert logging is configured in
     the Firewall LoggingConfiguration.ì You can use this action to test a rule that you intend to use to
drop traffic. You can enable the rule with ALERTÞ  action, verify in
the logs that the rule is filtering as you want, then change the
action to DROP.Ê amazonka-network-firewallÏ The stateful inspection criteria for this rule, used to inspect traffic
 flows.Ë amazonka-network-firewall8Additional options for the rule. These are the Suricata RuleOptions
 settings.È  amazonka-network-firewall Å amazonka-network-firewall Æ	ÃÇÆÅÄÈÉÊË	ÃÇÆÅÄÈÉÊË    /  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  FàÔ amazonka-network-firewallä Identifier for a single stateless rule group, used in a firewall policy
 to refer to the rule group.See:  Ø smart constructor.Ö amazonka-network-firewall;The Amazon Resource Name (ARN) of the stateless rule group.× amazonka-network-firewall¼An integer setting that indicates the order in which to run the
 stateless rule groups in a single FirewallPolicy. Network Firewall
 applies each stateless rule group to a packet starting with the group
 that has the lowest priority setting. You must ensure that the priority
 settings are unique within each policy.Ø amazonka-network-firewallCreate a value of  Ô" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ö,  Ù> - The Amazon Resource Name (ARN) of the stateless rule group. ×,  Ú¿ - An integer setting that indicates the order in which to run the
 stateless rule groups in a single FirewallPolicy. Network Firewall
 applies each stateless rule group to a packet starting with the group
 that has the lowest priority setting. You must ensure that the priority
 settings are unique within each policy.Ù amazonka-network-firewall;The Amazon Resource Name (ARN) of the stateless rule group.Ú amazonka-network-firewall¼An integer setting that indicates the order in which to run the
 stateless rule groups in a single FirewallPolicy. Network Firewall
 applies each stateless rule group to a packet starting with the group
 that has the lowest priority setting. You must ensure that the priority
 settings are unique within each policy.Ø  amazonka-network-firewall Ö amazonka-network-firewall ×ÔÖ×ÕØÙÚÔÖ×ÕØÙÚ    0  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ  G   ãçæäåãçæäåçæ    1  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  \yû amazonka-network-firewallÚ Configuration settings for the handling of the stateful rule groups in a
 firewall policy.See:  ÿ smart constructor.ý amazonka-network-firewallÏ Indicates how to manage the order of stateful rule evaluation for the
 policy. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide.þ amazonka-network-firewallÄConfigures how Network Firewall processes traffic when a network
 connection breaks midstream. Network connections can break due to
 disruptions in external networks or within the firewall itself.DROPû  - Network Firewall fails closed and drops all subsequent
     traffic going to the firewall. This is the default behavior.CONTINUEñ - Network Firewall continues to apply rules to the
     subsequent traffic without context from traffic before the break.
     This impacts the behavior of rules that depend on this context. For
     example, if you have a stateful rule to 	drop http traffic, Network
     Firewall won't match the traffic for this rule because the service
     won't have the context from session initialization defining the
     application layer protocol as HTTP. However, this behavior is rule
     dependent”@a TCP-layer rule using a flow:stateless+ rule would still
     match, as would the aws:drop_strict default action.ÿ amazonka-network-firewallCreate a value of  û" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ý,  €Ò  - Indicates how to manage the order of stateful rule evaluation for the
 policy. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide. þ,  Ç - Configures how Network Firewall processes traffic when a network
 connection breaks midstream. Network connections can break due to
 disruptions in external networks or within the firewall itself.DROPû  - Network Firewall fails closed and drops all subsequent
     traffic going to the firewall. This is the default behavior.CONTINUEñ - Network Firewall continues to apply rules to the
     subsequent traffic without context from traffic before the break.
     This impacts the behavior of rules that depend on this context. For
     example, if you have a stateful rule to 	drop http traffic, Network
     Firewall won't match the traffic for this rule because the service
     won't have the context from session initialization defining the
     application layer protocol as HTTP. However, this behavior is rule
     dependent”@a TCP-layer rule using a flow:stateless+ rule would still
     match, as would the aws:drop_strict default action.€ amazonka-network-firewallÏ Indicates how to manage the order of stateful rule evaluation for the
 policy. DEFAULT_ACTION_ORDER¾ is the default behavior. Stateful rules
 are provided to the rule engine as Suricata compatible strings, and
 Suricata evaluates them based on certain settings. For more information,
 see
 æ https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#Evaluation order for stateful rules	
 in the  Network Firewall Developer Guide. amazonka-network-firewallÄConfigures how Network Firewall processes traffic when a network
 connection breaks midstream. Network connections can break due to
 disruptions in external networks or within the firewall itself.DROPû  - Network Firewall fails closed and drops all subsequent
     traffic going to the firewall. This is the default behavior.CONTINUEñ - Network Firewall continues to apply rules to the
     subsequent traffic without context from traffic before the break.
     This impacts the behavior of rules that depend on this context. For
     example, if you have a stateful rule to 	drop http traffic, Network
     Firewall won't match the traffic for this rule because the service
     won't have the context from session initialization defining the
     application layer protocol as HTTP. However, this behavior is rule
     dependent”@a TCP-layer rule using a flow:stateless+ rule would still
     match, as would the aws:drop_strict default action. ûþýüÿ€ûþýüÿ€    2  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  ‚Š amazonka-network-firewall½The firewall policy defines the behavior of a firewall using a
 collection of stateless and stateful rule groups and other settings. You
 can use one firewall policy for multiple firewalls.“This, along with FirewallPolicyResponse, define the policy. You can
 retrieve all objects for a firewall policy by calling
 DescribeFirewallPolicy.See:  “ smart constructor.Œ amazonka-network-firewall­The default actions to take on a packet that doesn't match any stateful
 rules. The stateful default action is optional, and is only valid when
 using the strict rule order.,Valid values of the stateful default action:aws:drop_strictaws:drop_establishedaws:alert_strictaws:alert_establishedFor more information, see
 ‘https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.htmlStrict evaluation order	
 in the  Network Firewall Developer Guide. amazonka-network-firewallÒAdditional options governing how Network Firewall handles stateful
 rules. The stateful rule groups that you use in your policy must have
 stateful rule options settings that are compatible with these settings.Ž amazonka-network-firewallü References to the stateful rule groups that are used in the policy.
 These define the inspection criteria in stateful rules. amazonka-network-firewallÓ The custom action definitions that are available for use in the firewall
 policy's StatelessDefaultActions€ setting. You name each custom action
 that you define, and then you can use it by name in your default actions
 specifications. amazonka-network-firewallü References to the stateless rule groups that are used in the policy.
 These define the matching criteria in stateless rules.‘ amazonka-network-firewall²The actions to take on a packet if it doesn't match any of the
 stateless rules in the policy. If you want non-matching packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction.’ amazonka-network-firewall¾The actions to take on a fragmented UDP packet if it doesn't match any
 of the stateless rules in the policy. Network Firewall only manages UDP
 packet fragments and silently drops packet fragments for other
 protocols. If you want non-matching fragmented UDP packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction.“ amazonka-network-firewallCreate a value of  Š" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Œ,  ”° - The default actions to take on a packet that doesn't match any stateful
 rules. The stateful default action is optional, and is only valid when
 using the strict rule order.,Valid values of the stateful default action:aws:drop_strictaws:drop_establishedaws:alert_strictaws:alert_establishedFor more information, see
 ‘https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.htmlStrict evaluation order	
 in the  Network Firewall Developer Guide. ,  •Õ - Additional options governing how Network Firewall handles stateful
 rules. The stateful rule groups that you use in your policy must have
 stateful rule options settings that are compatible with these settings. Ž,  –ÿ  - References to the stateful rule groups that are used in the policy.
 These define the inspection criteria in stateful rules. ,  —Ö  - The custom action definitions that are available for use in the firewall
 policy's StatelessDefaultActions€ setting. You name each custom action
 that you define, and then you can use it by name in your default actions
 specifications. ,  ˜ÿ  - References to the stateless rule groups that are used in the policy.
 These define the matching criteria in stateless rules. ‘,  ™µ - The actions to take on a packet if it doesn't match any of the
 stateless rules in the policy. If you want non-matching packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction. ’,  šÁ - The actions to take on a fragmented UDP packet if it doesn't match any
 of the stateless rules in the policy. Network Firewall only manages UDP
 packet fragments and silently drops packet fragments for other
 protocols. If you want non-matching fragmented UDP packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction.” amazonka-network-firewall­The default actions to take on a packet that doesn't match any stateful
 rules. The stateful default action is optional, and is only valid when
 using the strict rule order.,Valid values of the stateful default action:aws:drop_strictaws:drop_establishedaws:alert_strictaws:alert_establishedFor more information, see
 ‘https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.htmlStrict evaluation order	
 in the  Network Firewall Developer Guide.• amazonka-network-firewallÒAdditional options governing how Network Firewall handles stateful
 rules. The stateful rule groups that you use in your policy must have
 stateful rule options settings that are compatible with these settings.– amazonka-network-firewallü References to the stateful rule groups that are used in the policy.
 These define the inspection criteria in stateful rules.— amazonka-network-firewallÓ The custom action definitions that are available for use in the firewall
 policy's StatelessDefaultActions€ setting. You name each custom action
 that you define, and then you can use it by name in your default actions
 specifications.˜ amazonka-network-firewallü References to the stateless rule groups that are used in the policy.
 These define the matching criteria in stateless rules.™ amazonka-network-firewall²The actions to take on a packet if it doesn't match any of the
 stateless rules in the policy. If you want non-matching packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction.š amazonka-network-firewall¾The actions to take on a fragmented UDP packet if it doesn't match any
 of the stateless rules in the policy. Network Firewall only manages UDP
 packet fragments and silently drops packet fragments for other
 protocols. If you want non-matching fragmented UDP packets to be
 forwarded for stateful inspection, specify aws:forward_to_sfe..You must specify one of the standard actions: aws:pass, aws:drop, or
 aws:forward_to_sfeå . In addition, you can specify custom actions that
 are compatible with your standard section choice.For example, you could specify ["aws:pass"] or you could specify
  ["aws:pass", œ@customActionName@]Þ . For information about
 compatibility, see the custom action descriptions under CustomAction. Š’‘ŽŒ‹“”•–—˜™šŠ’‘ŽŒ‹“”•–—˜™š    3  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  †Â£ amazonka-network-firewall‘The ID for a subnet that you want to associate with the firewall. This
 is used with CreateFirewall and AssociateSubnets. Network Firewall
 creates an instance of the associated firewall in each subnet that you
 specify, to filter traffic in the subnet's Availability Zone.See:  ¦ smart constructor.¥ amazonka-network-firewall%The unique identifier for the subnet.¦ amazonka-network-firewallCreate a value of  £" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¥,  §( - The unique identifier for the subnet.§ amazonka-network-firewall%The unique identifier for the subnet.¦  amazonka-network-firewall ¥£¥¤¦§£¥¤¦§    4  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  ”° amazonka-network-firewallß The status of the firewall endpoint and firewall policy configuration
 for a single VPC subnet.Ý For each VPC subnet that you associate with a firewall, Network Firewall
 does the following:Ë Instantiates a firewall endpoint in the subnet, ready to take
     traffic.û Configures the endpoint with the current firewall policy settings,
     to provide the filtering behavior for the endpoint.ÕWhen you update a firewall, for example to add a subnet association or
 change a rule group in the firewall policy, the affected sync states
 reflect out-of-sync or not ready status until the changes are complete.See:  ´ smart constructor.² amazonka-network-firewall‘The attachment status of the firewall's association with a single VPC
 subnet. For each configured subnet, Network Firewall creates the
 attachment by instantiating the firewall endpoint in the subnet so that
 it's ready to take traffic. This is part of the FirewallStatus.³ amazonka-network-firewallþThe configuration status of the firewall endpoint in a single VPC
 subnet. Network Firewall provides each endpoint with the rules that are
 configured in the firewall policy. Each time you add a subnet or modify
 the associated firewall policy, Network Firewall synchronizes the rules
 in the endpoint, so it can properly filter network traffic. This is part
 of the FirewallStatus.´ amazonka-network-firewallCreate a value of  °" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ²,  µ” - The attachment status of the firewall's association with a single VPC
 subnet. For each configured subnet, Network Firewall creates the
 attachment by instantiating the firewall endpoint in the subnet so that
 it's ready to take traffic. This is part of the FirewallStatus. ³,  ¶ - The configuration status of the firewall endpoint in a single VPC
 subnet. Network Firewall provides each endpoint with the rules that are
 configured in the firewall policy. Each time you add a subnet or modify
 the associated firewall policy, Network Firewall synchronizes the rules
 in the endpoint, so it can properly filter network traffic. This is part
 of the FirewallStatus.µ amazonka-network-firewall‘The attachment status of the firewall's association with a single VPC
 subnet. For each configured subnet, Network Firewall creates the
 attachment by instantiating the firewall endpoint in the subnet so that
 it's ready to take traffic. This is part of the FirewallStatus.¶ amazonka-network-firewallþThe configuration status of the firewall endpoint in a single VPC
 subnet. Network Firewall provides each endpoint with the rules that are
 configured in the firewall policy. Each time you add a subnet or modify
 the associated firewall policy, Network Firewall synchronizes the rules
 in the endpoint, so it can properly filter network traffic. This is part
 of the FirewallStatus. °³²±´µ¶°³²±´µ¶    5  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  «Ó
¾ amazonka-network-firewall¨Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN.See:  Ä smart constructor.À amazonka-network-firewallñDescribes the capacity usage of the resources contained in a firewall's
 reference sets. Network Firewall calclulates the capacity usage by
 taking an aggregated count of all of the resources used by all of the
 reference sets in a firewall.Á amazonka-network-firewallóThe subnets that you've configured for use by the Network Firewall
 firewall. This contains one array element per Availability Zone where
 you've configured a subnet. These objects provide details of the
 information that is summarized in the ConfigurationSyncStateSummary
 and Status/, broken down by zone and configuration object.Â amazonka-network-firewall–The readiness of the configured firewall to handle network traffic
 across all of the Availability Zones where you've configured it. This
 setting is READY only when the ConfigurationSyncStateSummary value
 is IN_SYNC	 and the 
Attachment Status/ values for all of the
 configured subnets are READY.Ã amazonka-network-firewallà The configuration sync state for the firewall. This summarizes the sync
 states reported in the ConfigÔ  settings for all of the Availability
 Zones where you have configured the firewall.¯When you create a firewall or update its configuration, for example by
 adding a rule group to its firewall policy, Network Firewall distributes
 the configuration changes to all zones where the firewall is in use.
 This summary indicates whether the configuration changes have been
 applied everywhere.This status must be IN_SYNCà  for the firewall to be ready for use, but
 it doesn't indicate that the firewall is ready. The Status' setting
 indicates firewall readiness.Ä amazonka-network-firewallCreate a value of  ¾" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: À,  Åô - Describes the capacity usage of the resources contained in a firewall's
 reference sets. Network Firewall calclulates the capacity usage by
 taking an aggregated count of all of the resources used by all of the
 reference sets in a firewall. Á,  Æö - The subnets that you've configured for use by the Network Firewall
 firewall. This contains one array element per Availability Zone where
 you've configured a subnet. These objects provide details of the
 information that is summarized in the ConfigurationSyncStateSummary
 and Status/, broken down by zone and configuration object. Â,  Ç™ - The readiness of the configured firewall to handle network traffic
 across all of the Availability Zones where you've configured it. This
 setting is READY only when the ConfigurationSyncStateSummary value
 is IN_SYNC	 and the 
Attachment Status/ values for all of the
 configured subnets are READY. Ã,  Èã  - The configuration sync state for the firewall. This summarizes the sync
 states reported in the ConfigÔ  settings for all of the Availability
 Zones where you have configured the firewall.¯When you create a firewall or update its configuration, for example by
 adding a rule group to its firewall policy, Network Firewall distributes
 the configuration changes to all zones where the firewall is in use.
 This summary indicates whether the configuration changes have been
 applied everywhere.This status must be IN_SYNCà  for the firewall to be ready for use, but
 it doesn't indicate that the firewall is ready. The Status' setting
 indicates firewall readiness.Å amazonka-network-firewallñDescribes the capacity usage of the resources contained in a firewall's
 reference sets. Network Firewall calclulates the capacity usage by
 taking an aggregated count of all of the resources used by all of the
 reference sets in a firewall.Æ amazonka-network-firewallóThe subnets that you've configured for use by the Network Firewall
 firewall. This contains one array element per Availability Zone where
 you've configured a subnet. These objects provide details of the
 information that is summarized in the ConfigurationSyncStateSummary
 and Status/, broken down by zone and configuration object.Ç amazonka-network-firewall–The readiness of the configured firewall to handle network traffic
 across all of the Availability Zones where you've configured it. This
 setting is READY only when the ConfigurationSyncStateSummary value
 is IN_SYNC	 and the 
Attachment Status/ values for all of the
 configured subnets are READY.È amazonka-network-firewallà The configuration sync state for the firewall. This summarizes the sync
 states reported in the ConfigÔ  settings for all of the Availability
 Zones where you have configured the firewall.¯When you create a firewall or update its configuration, for example by
 adding a rule group to its firewall policy, Network Firewall distributes
 the configuration changes to all zones where the firewall is in use.
 This summary indicates whether the configuration changes have been
 applied everywhere.This status must be IN_SYNCà  for the firewall to be ready for use, but
 it doesn't indicate that the firewall is ready. The Status' setting
 indicates firewall readiness.Ä  amazonka-network-firewall Â amazonka-network-firewall Ã¾ÃÁÀÂ¿ÄÅÆÇÈ¾ÃÁÀÂ¿ÄÅÆÇÈ    6  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ  ¬£  ÐÚÙØ×ÖÕÔÓÑÒÐÚÙØ×ÖÕÔÓÑÒÚÙØ×ÖÕÔÓ    7  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  ¸î amazonka-network-firewallÞ TCP flags and masks to inspect packets for, used in stateless rules
 MatchAttributes settings.See:  ò smart constructor.ð amazonka-network-firewallû The set of flags to consider in the inspection. To inspect all flags in
 the valid values list, leave this with no setting.ñ amazonka-network-firewallUsed in conjunction with the Masks¶ setting to define the flags that
 must be set and flags that must not be set in order for the packet to
 match. This setting can only specify values that are also specified in
 the Masks	 setting.ë For the flags that are specified in the masks setting, the following
 must be true for the packet to match:Ë The ones that are set in this flags setting must be set in the
     packet.Ø The ones that are not set in this flags setting must also not be set
     in the packet.ò amazonka-network-firewallCreate a value of  î" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ð,  óþ  - The set of flags to consider in the inspection. To inspect all flags in
 the valid values list, leave this with no setting. ñ,  ô  - Used in conjunction with the Masks¶ setting to define the flags that
 must be set and flags that must not be set in order for the packet to
 match. This setting can only specify values that are also specified in
 the Masks	 setting.ë For the flags that are specified in the masks setting, the following
 must be true for the packet to match:Ë The ones that are set in this flags setting must be set in the
     packet.Ø The ones that are not set in this flags setting must also not be set
     in the packet.ó amazonka-network-firewallû The set of flags to consider in the inspection. To inspect all flags in
 the valid values list, leave this with no setting.ô amazonka-network-firewallUsed in conjunction with the Masks¶ setting to define the flags that
 must be set and flags that must not be set in order for the packet to
 match. This setting can only specify values that are also specified in
 the Masks	 setting.ë For the flags that are specified in the masks setting, the following
 must be true for the packet to match:Ë The ones that are set in this flags setting must be set in the
     packet.Ø The ones that are not set in this flags setting must also not be set
     in the packet. îñðïòóôîñðïòóô    8  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  ÊÀý amazonka-network-firewallãCriteria for Network Firewall to use to inspect an individual packet in
 stateless rule inspection. Each match attributes set can include one or
 more items such as IP address, CIDR range, port number, protocol, and
 TCP flags.See:  … smart constructor.ÿ amazonka-network-firewallŸThe destination ports to inspect for. If not specified, this matches
 with any destination port. This setting is only used for protocols 6
 (TCP) and 17 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994.€ amazonka-network-firewallThe destination IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any destination address. amazonka-network-firewall›The protocols to inspect for, specified using each protocol's assigned
 internet protocol number (IANA). If not specified, this matches with any
 protocol.‚ amazonka-network-firewall•The source ports to inspect for. If not specified, this matches with any
 source port. This setting is only used for protocols 6 (TCP) and 17
 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994.ƒ amazonka-network-firewall…The source IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any source address.„ amazonka-network-firewallŠThe TCP flags and masks to inspect for. If not specified, this matches
 with any settings. This setting is only used for protocol 6 (TCP).… amazonka-network-firewallCreate a value of  ý" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ÿ,  †¢ - The destination ports to inspect for. If not specified, this matches
 with any destination port. This setting is only used for protocols 6
 (TCP) and 17 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994. €,  ‡’ - The destination IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any destination address. ,  ˆž - The protocols to inspect for, specified using each protocol's assigned
 internet protocol number (IANA). If not specified, this matches with any
 protocol. ‚,  ‰˜ - The source ports to inspect for. If not specified, this matches with any
 source port. This setting is only used for protocols 6 (TCP) and 17
 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994. ƒ,  Šˆ - The source IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any source address. „,  ‹ - The TCP flags and masks to inspect for. If not specified, this matches
 with any settings. This setting is only used for protocol 6 (TCP).† amazonka-network-firewallŸThe destination ports to inspect for. If not specified, this matches
 with any destination port. This setting is only used for protocols 6
 (TCP) and 17 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994.‡ amazonka-network-firewallThe destination IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any destination address.ˆ amazonka-network-firewall›The protocols to inspect for, specified using each protocol's assigned
 internet protocol number (IANA). If not specified, this matches with any
 protocol.‰ amazonka-network-firewall•The source ports to inspect for. If not specified, this matches with any
 source port. This setting is only used for protocols 6 (TCP) and 17
 (UDP)..You can specify individual ports, for example 1994/ and you can specify
 port ranges, for example 	1990:1994.Š amazonka-network-firewall…The source IP addresses and address ranges to inspect for, in CIDR
 notation. If not specified, this matches with any source address.‹ amazonka-network-firewallŠThe TCP flags and masks to inspect for. If not specified, this matches
 with any settings. This setting is only used for protocol 6 (TCP). ý„ƒ‚€ÿþ…†‡ˆ‰Š‹ý„ƒ‚€ÿþ…†‡ˆ‰Š‹    9  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  ãº” amazonka-network-firewallíThe inspection criteria and action for a single stateless rule. Network
 Firewall inspects each packet for the specified matching criteria. When
 a packet matches the criteria, Network Firewall performs the rule's
 actions on the packet.See:  ˜ smart constructor.– amazonka-network-firewallãCriteria for Network Firewall to use to inspect an individual packet in
 stateless rule inspection. Each match attributes set can include one or
 more items such as IP address, CIDR range, port number, protocol, and
 TCP flags.— amazonka-network-firewallªThe actions to take on a packet that matches one of the stateless rule
 definition's match attributes. You must specify a standard action and
 you can add custom actions.Õ Network Firewall only forwards a packet for stateful rule inspection if
 you specify aws:forward_to_sfeé  for a rule that the packet matches, or
 if the packet doesn't match any stateless rule and you specify
 aws:forward_to_sfe	 for the StatelessDefaultActions! setting for the
 FirewallPolicy.Ð For every rule, you must specify exactly one of the following standard
 actions.aws:passã  - Discontinues all inspection of the packet and permits
     it to go to its intended destination.aws:dropç  - Discontinues all inspection of the packet and blocks
     it from going to its intended destination.aws:forward_to_sfeó  - Discontinues stateless inspection of the
     packet and forwards it to the stateful rule engine for inspection.¦Additionally, you can specify a custom action. To do this, you define a
 custom action by name and type, then provide the name you've assigned
 to the action in this Actions? setting. For information about the
 options, see CustomAction.ø To provide more than one action in this setting, separate the settings
 with a comma. For example, if you have a custom PublishMetrics action
 that you've named MyMetricsAction., then you could specify the
 standard action aws:pass and the custom action with
 [œ@aws:pass@, œ@MyMetricsAction@].˜ amazonka-network-firewallCreate a value of  ”" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: –,  ™æ - Criteria for Network Firewall to use to inspect an individual packet in
 stateless rule inspection. Each match attributes set can include one or
 more items such as IP address, CIDR range, port number, protocol, and
 TCP flags. —,  š­ - The actions to take on a packet that matches one of the stateless rule
 definition's match attributes. You must specify a standard action and
 you can add custom actions.Õ Network Firewall only forwards a packet for stateful rule inspection if
 you specify aws:forward_to_sfeé  for a rule that the packet matches, or
 if the packet doesn't match any stateless rule and you specify
 aws:forward_to_sfe	 for the StatelessDefaultActions! setting for the
 FirewallPolicy.Ð For every rule, you must specify exactly one of the following standard
 actions.aws:passã  - Discontinues all inspection of the packet and permits
     it to go to its intended destination.aws:dropç  - Discontinues all inspection of the packet and blocks
     it from going to its intended destination.aws:forward_to_sfeó  - Discontinues stateless inspection of the
     packet and forwards it to the stateful rule engine for inspection.¦Additionally, you can specify a custom action. To do this, you define a
 custom action by name and type, then provide the name you've assigned
 to the action in this Actions? setting. For information about the
 options, see CustomAction.ø To provide more than one action in this setting, separate the settings
 with a comma. For example, if you have a custom PublishMetrics action
 that you've named MyMetricsAction., then you could specify the
 standard action aws:pass and the custom action with
 [œ@aws:pass@, œ@MyMetricsAction@].™ amazonka-network-firewallãCriteria for Network Firewall to use to inspect an individual packet in
 stateless rule inspection. Each match attributes set can include one or
 more items such as IP address, CIDR range, port number, protocol, and
 TCP flags.š amazonka-network-firewallªThe actions to take on a packet that matches one of the stateless rule
 definition's match attributes. You must specify a standard action and
 you can add custom actions.Õ Network Firewall only forwards a packet for stateful rule inspection if
 you specify aws:forward_to_sfeé  for a rule that the packet matches, or
 if the packet doesn't match any stateless rule and you specify
 aws:forward_to_sfe	 for the StatelessDefaultActions! setting for the
 FirewallPolicy.Ð For every rule, you must specify exactly one of the following standard
 actions.aws:passã  - Discontinues all inspection of the packet and permits
     it to go to its intended destination.aws:dropç  - Discontinues all inspection of the packet and blocks
     it from going to its intended destination.aws:forward_to_sfeó  - Discontinues stateless inspection of the
     packet and forwards it to the stateful rule engine for inspection.¦Additionally, you can specify a custom action. To do this, you define a
 custom action by name and type, then provide the name you've assigned
 to the action in this Actions? setting. For information about the
 options, see CustomAction.ø To provide more than one action in this setting, separate the settings
 with a comma. For example, if you have a custom PublishMetrics action
 that you've named MyMetricsAction., then you could specify the
 standard action aws:pass and the custom action with
 [œ@aws:pass@, œ@MyMetricsAction@].˜  amazonka-network-firewall –”—–•˜™š”—–•˜™š    :  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  òä£ amazonka-network-firewallÈ A single stateless rule. This is used in StatelessRulesAndCustomActions.See:  § smart constructor.¥ amazonka-network-firewall÷ Defines the stateless 5-tuple packet inspection criteria and the action
 to take on a packet that matches the criteria.¦ amazonka-network-firewall¥Indicates the order in which to run this rule relative to all of the
 rules that are defined for a stateless rule group. Network Firewall
 evaluates the rules in a rule group starting with the lowest priority
 setting. You must ensure that the priority settings are unique for the
 rule group.,Each stateless rule group uses exactly one
 StatelessRulesAndCustomActions object, and each
 StatelessRulesAndCustomActions contains exactly one StatelessRules•
 object. To ensure unique priority settings for your rule groups, set
 unique priorities for the stateless rules that you define inside any
 single StatelessRules object.¿You can change the priority settings of your rules at any time. To make
 it easier to insert rules later, number them so there's a wide range in
 between, for example use 100, 200, and so on.§ amazonka-network-firewallCreate a value of  £" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¥,  ¨ú  - Defines the stateless 5-tuple packet inspection criteria and the action
 to take on a packet that matches the criteria. ¦,  ©¨ - Indicates the order in which to run this rule relative to all of the
 rules that are defined for a stateless rule group. Network Firewall
 evaluates the rules in a rule group starting with the lowest priority
 setting. You must ensure that the priority settings are unique for the
 rule group.,Each stateless rule group uses exactly one
 StatelessRulesAndCustomActions object, and each
 StatelessRulesAndCustomActions contains exactly one StatelessRules•
 object. To ensure unique priority settings for your rule groups, set
 unique priorities for the stateless rules that you define inside any
 single StatelessRules object.¿You can change the priority settings of your rules at any time. To make
 it easier to insert rules later, number them so there's a wide range in
 between, for example use 100, 200, and so on.¨ amazonka-network-firewall÷ Defines the stateless 5-tuple packet inspection criteria and the action
 to take on a packet that matches the criteria.© amazonka-network-firewall¥Indicates the order in which to run this rule relative to all of the
 rules that are defined for a stateless rule group. Network Firewall
 evaluates the rules in a rule group starting with the lowest priority
 setting. You must ensure that the priority settings are unique for the
 rule group.,Each stateless rule group uses exactly one
 StatelessRulesAndCustomActions object, and each
 StatelessRulesAndCustomActions contains exactly one StatelessRules•
 object. To ensure unique priority settings for your rule groups, set
 unique priorities for the stateless rules that you define inside any
 single StatelessRules object.¿You can change the priority settings of your rules at any time. To make
 it easier to insert rules later, number them so there's a wide range in
 between, for example use 100, 200, and so on.§  amazonka-network-firewall ¥ amazonka-network-firewall ¦£¥¦¤§¨©£¥¦¤§¨©    ;  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  û² amazonka-network-firewallý Stateless inspection criteria. Each stateless rule group uses exactly
 one of these data types to define its stateless rules.See:  ¶ smart constructor.´ amazonka-network-firewallõ Defines an array of individual custom action definitions that are
 available for use by the stateless rules in this
 StatelessRulesAndCustomActions„ specification. You name each custom
 action that you define, and then you can use it by name in your
 StatelessRule RuleDefinition Actions specification.µ amazonka-network-firewallÅ Defines the set of stateless rules for use in a stateless rule group.¶ amazonka-network-firewallCreate a value of  ²" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ´,  ·ø  - Defines an array of individual custom action definitions that are
 available for use by the stateless rules in this
 StatelessRulesAndCustomActions„ specification. You name each custom
 action that you define, and then you can use it by name in your
 StatelessRule RuleDefinition Actions specification. µ,  ¸È  - Defines the set of stateless rules for use in a stateless rule group.· amazonka-network-firewallõ Defines an array of individual custom action definitions that are
 available for use by the stateless rules in this
 StatelessRulesAndCustomActions„ specification. You name each custom
 action that you define, and then you can use it by name in your
 StatelessRule RuleDefinition Actions specification.¸ amazonka-network-firewallÅ Defines the set of stateless rules for use in a stateless rule group. ²µ´³¶·¸²µ´³¶·¸    <  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  +Á amazonka-network-firewallïA key:value pair associated with an Amazon Web Services resource. The
 key:value pair can be anything you define. Typically, the tag key
 represents a category (such as "environment") and the tag value
 represents a specific value within that category (such as "test,"
 "development," or "production"). You can add up to 50 tags to each
 Amazon Web Services resource.See:  Å smart constructor.Ã amazonka-network-firewall¢The part of the key:value pair that defines a tag. You can use a tag key
 to describe a category of information, such as "customer." Tag keys
 are case-sensitive.Ä amazonka-network-firewall½The part of the key:value pair that defines a tag. You can use a tag
 value to describe a specific value within a category, such as
 "companyA" or "companyB." Tag values are case-sensitive.Å amazonka-network-firewallCreate a value of  Á" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ã,  Æ¥ - The part of the key:value pair that defines a tag. You can use a tag key
 to describe a category of information, such as "customer." Tag keys
 are case-sensitive. Ä,  ÇÀ - The part of the key:value pair that defines a tag. You can use a tag
 value to describe a specific value within a category, such as
 "companyA" or "companyB." Tag values are case-sensitive.Æ amazonka-network-firewall¢The part of the key:value pair that defines a tag. You can use a tag key
 to describe a category of information, such as "customer." Tag keys
 are case-sensitive.Ç amazonka-network-firewall½The part of the key:value pair that defines a tag. You can use a tag
 value to describe a specific value within a category, such as
 "companyA" or "companyB." Tag values are case-sensitive.Å  amazonka-network-firewall Ã amazonka-network-firewall ÄÁÃÄÂÅÆÇÁÃÄÂÅÆÇ    =  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  $¹Ð amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.See:  à smart constructor.Ò amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.Ó amazonka-network-firewallÈ The number of capacity units currently consumed by the rule group rules.Ô amazonka-network-firewall A description of the rule group.Õ amazonka-network-firewallð A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your rule group.Ö amazonka-network-firewall.The last time that the rule group was changed.× amazonka-network-firewall9The number of firewall policies that use this rule group.Ø amazonka-network-firewall>Detailed information about the current status of a rule group.Ù amazonka-network-firewallÉThe Amazon resource name (ARN) of the Amazon Simple Notification Service
 SNS topic that's used to record changes to the managed rule group. You
 can subscribe to the SNS topic to receive notifications when the managed
 rule group is modified, such as for new versions and for version
 expiration. For more information, see the
 6https://docs.aws.amazon.com/sns/latest/dg/welcome.html3Amazon Simple Notification Service Developer Guide..Ú amazonka-network-firewall¿A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to track the version
 updates made to the originating rule group.Û amazonka-network-firewall3The key:value pairs to associate with the resource.Ü amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.Ý amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource.Þ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.ß amazonka-network-firewall)The unique identifier for the rule group.à amazonka-network-firewallCreate a value of  Ð" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ò,  á¢ - The maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE. Ó,  âË  - The number of capacity units currently consumed by the rule group rules. Ô,  ã# - A description of the rule group. Õ,  äó  - A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your rule group. Ö,  å1 - The last time that the rule group was changed. ×,  æ< - The number of firewall policies that use this rule group. Ø,  çÁ  - Detailed information about the current status of a rule group. Ù,  èÌ - The Amazon resource name (ARN) of the Amazon Simple Notification Service
 SNS topic that's used to record changes to the managed rule group. You
 can subscribe to the SNS topic to receive notifications when the managed
 rule group is modified, such as for new versions and for version
 expiration. For more information, see the
 6https://docs.aws.amazon.com/sns/latest/dg/welcome.html3Amazon Simple Notification Service Developer Guide.. Ú,  éÂ - A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to track the version
 updates made to the originating rule group. Û,  ê6 - The key:value pairs to associate with the resource. Ð,  ë« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules. Ý,  ì4 - The Amazon Resource Name (ARN) of the rule group.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource. Þ,  íê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it. ß,  î, - The unique identifier for the rule group.á amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.â amazonka-network-firewallÈ The number of capacity units currently consumed by the rule group rules.ã amazonka-network-firewall A description of the rule group.ä amazonka-network-firewallð A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your rule group.å amazonka-network-firewall.The last time that the rule group was changed.æ amazonka-network-firewall9The number of firewall policies that use this rule group.ç amazonka-network-firewall>Detailed information about the current status of a rule group.è amazonka-network-firewallÉThe Amazon resource name (ARN) of the Amazon Simple Notification Service
 SNS topic that's used to record changes to the managed rule group. You
 can subscribe to the SNS topic to receive notifications when the managed
 rule group is modified, such as for new versions and for version
 expiration. For more information, see the
 6https://docs.aws.amazon.com/sns/latest/dg/welcome.html3Amazon Simple Notification Service Developer Guide..é amazonka-network-firewall¿A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to track the version
 updates made to the originating rule group.ê amazonka-network-firewall3The key:value pairs to associate with the resource.ë amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.ì amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource.í amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.î amazonka-network-firewall)The unique identifier for the rule group.à  amazonka-network-firewall Ý amazonka-network-firewall Þ amazonka-network-firewall ßÐßÞÝÚÙØ×ÖÕÓÜÛÔÒÑàáâãäåæçèéêëìíîÐßÞÝÚÙØ×ÖÕÓÜÛÔÒÑàáâãäåæçèéêëìíî    >  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  8ºö amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.See:  ƒ	 smart constructor.ø amazonka-network-firewallÐ The number of capacity units currently consumed by the policy's
 stateful rules.ù amazonka-network-firewallÑ The number of capacity units currently consumed by the policy's
 stateless rules.ú amazonka-network-firewall%A description of the firewall policy.û amazonka-network-firewallõ A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall policy.ü amazonka-network-firewall«The current status of the firewall policy. You can retrieve this for a
 firewall policy by calling DescribeFirewallPolicy and providing the
 firewall policy's name or ARN.ý amazonka-network-firewall3The last time that the firewall policy was changed.þ amazonka-network-firewallÆ The number of firewalls that are associated with this firewall policy.ÿ amazonka-network-firewall3The key:value pairs to associate with the resource.€	 amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.	 amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource.‚	 amazonka-network-firewall.The unique identifier for the firewall policy.ƒ	 amazonka-network-firewallCreate a value of  ö" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ø,  „	Ó  - The number of capacity units currently consumed by the policy's
 stateful rules. ù,  …	Ô  - The number of capacity units currently consumed by the policy's
 stateless rules. ú,  †	( - A description of the firewall policy. û,  ‡	ø  - A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall policy. ü,  ˆ	® - The current status of the firewall policy. You can retrieve this for a
 firewall policy by calling DescribeFirewallPolicy and providing the
 firewall policy's name or ARN. ý,  ‰	6 - The last time that the firewall policy was changed. þ,  Š	É  - The number of firewalls that are associated with this firewall policy. ÿ,  ‹	6 - The key:value pairs to associate with the resource. €	,  Œ	ô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it. 	,  	9 - The Amazon Resource Name (ARN) of the firewall policy.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource. ‚	,  Ž	1 - The unique identifier for the firewall policy.„	 amazonka-network-firewallÐ The number of capacity units currently consumed by the policy's
 stateful rules.…	 amazonka-network-firewallÑ The number of capacity units currently consumed by the policy's
 stateless rules.†	 amazonka-network-firewall%A description of the firewall policy.‡	 amazonka-network-firewallõ A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall policy.ˆ	 amazonka-network-firewall«The current status of the firewall policy. You can retrieve this for a
 firewall policy by calling DescribeFirewallPolicy and providing the
 firewall policy's name or ARN.‰	 amazonka-network-firewall3The last time that the firewall policy was changed.Š	 amazonka-network-firewallÆ The number of firewalls that are associated with this firewall policy.‹	 amazonka-network-firewall3The key:value pairs to associate with the resource.Œ	 amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.	 amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.2If this response is for a create request that had DryRun	 set to
 TRUEÊ , then this ARN is a placeholder that isn't attached to a valid
 resource.Ž	 amazonka-network-firewall.The unique identifier for the firewall policy.ƒ	  amazonka-network-firewall €	 amazonka-network-firewall 	 amazonka-network-firewall ‚	ö‚		€	üùøþýûÿú÷ƒ	„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	ö‚		€	üùøþýûÿú÷ƒ	„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	    ?  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  U\–	 amazonka-network-firewallˆThe firewall defines the configuration settings for an Network Firewall
 firewall. These settings include the firewall policy, the subnets in
 your VPC to use for the firewall endpoints, and any tags that are
 attached to the firewall Amazon Web Services resource.ÃThe status of the firewall, for example whether it's ready to filter
 network traffic, is provided in the corresponding FirewallStatus. You
 can retrieve both objects by calling DescribeFirewall.See:  ¤	 smart constructor.˜	 amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.™	 amazonka-network-firewallA description of the firewall.š	 amazonka-network-firewallî A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall.›	 amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.œ	 amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.	 amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.ž	 amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. 	 amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.ºThe relationship of firewall to firewall policy is many to one. Each
 firewall requires one firewall policy association, and you can use the
 same firewall policy for multiple firewalls.¡	 amazonka-network-firewall>The unique identifier of the VPC where the firewall is in use.¢	 amazonka-network-firewallþ The public subnets that Network Firewall is using for the firewall. Each
 subnet must belong to a different Availability Zone.£	 amazonka-network-firewall'The unique identifier for the firewall.¤	 amazonka-network-firewallCreate a value of  –	" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ˜	,  ¥	Ò  - A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE. ™	,  ¦	! - A description of the firewall. š	,  §	ñ  - A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall. ›	,  ¨	2 - The Amazon Resource Name (ARN) of the firewall. œ	,  ©	æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. 	,  ª	§ - A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. ž	,  «	¢ - A setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. Ÿ	,  ¬	 -  	,  ­	9 - The Amazon Resource Name (ARN) of the firewall policy.ºThe relationship of firewall to firewall policy is many to one. Each
 firewall requires one firewall policy association, and you can use the
 same firewall policy for multiple firewalls. ¡	,  ®	Á  - The unique identifier of the VPC where the firewall is in use. ¢	,  ¯	 - The public subnets that Network Firewall is using for the firewall. Each
 subnet must belong to a different Availability Zone. £	,  °	* - The unique identifier for the firewall.¥	 amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.¦	 amazonka-network-firewallA description of the firewall.§	 amazonka-network-firewallî A complex type that contains the Amazon Web Services KMS encryption
 configuration settings for your firewall.¨	 amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.©	 amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ª	 amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.«	 amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.­	 amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.ºThe relationship of firewall to firewall policy is many to one. Each
 firewall requires one firewall policy association, and you can use the
 same firewall policy for multiple firewalls.®	 amazonka-network-firewall>The unique identifier of the VPC where the firewall is in use.¯	 amazonka-network-firewallþ The public subnets that Network Firewall is using for the firewall. Each
 subnet must belong to a different Availability Zone.°	 amazonka-network-firewall'The unique identifier for the firewall.¤	  amazonka-network-firewall  	 amazonka-network-firewall ¡	 amazonka-network-firewall £	–	£	¢	¡	ž		˜	 	š	œ	›	Ÿ	™	—	¤	¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	–	£	¢	¡	ž		˜	 	š	œ	›	Ÿ	™	—	¤	¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	    @  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred";?Ñ ã ë ñ  Vl  ¸	¼	»	¹	º	¸	¼	»	¹	º	¼	»	    A  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  e‡Ð	 amazonka-network-firewall:Stateful inspection criteria for a domain list rule group.ô For HTTPS traffic, domain filtering is SNI-based. It uses the server
 name indicator extension of the TLS handshake.ÐBy default, Network Firewall domain list inspection only includes
 traffic coming from the VPC where you deploy the firewall. To inspect
 traffic from IP addresses outside of the deployment VPC, you set the
 HOME_NET˜ rule variable to include the CIDR range of the deployment VPC
 plus the other CIDR ranges. For more information, see RuleVariables in
 this guide and
 é https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html4Stateful domain list rule groups in Network Firewall	
 in the  Network Firewall Developer Guide.See:  Õ	 smart constructor.Ò	 amazonka-network-firewallï The domains that you want to inspect for in your traffic flows. Valid
 domain specifications are the following:Explicit names. For example, abc.example.com matches only the
     domain abc.example.com.Ë Names that use a domain wildcard, which you indicate with an initial
     '.'. For example,.example.com	 matches example.com$ and
     matches all subdomains of example.com
, such as abc.example.com

     and www.example.com.Ó	 amazonka-network-firewall+The protocols you want to inspect. Specify TLS_SNI for HTTPS.
 Specify 	HTTP_HOST for HTTP!. You can specify either or both.Ô	 amazonka-network-firewallÍ Whether you want to allow or deny access to the domains in your target
 list.Õ	 amazonka-network-firewallCreate a value of  Ð	" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ò	,  Ö	ò  - The domains that you want to inspect for in your traffic flows. Valid
 domain specifications are the following:Explicit names. For example, abc.example.com matches only the
     domain abc.example.com.Ë Names that use a domain wildcard, which you indicate with an initial
     '.'. For example,.example.com	 matches example.com$ and
     matches all subdomains of example.com
, such as abc.example.com

     and www.example.com. Ó	,  ×	. - The protocols you want to inspect. Specify TLS_SNI for HTTPS.
 Specify 	HTTP_HOST for HTTP!. You can specify either or both. Ô	,  Ø	Ð  - Whether you want to allow or deny access to the domains in your target
 list.Ö	 amazonka-network-firewallï The domains that you want to inspect for in your traffic flows. Valid
 domain specifications are the following:Explicit names. For example, abc.example.com matches only the
     domain abc.example.com.Ë Names that use a domain wildcard, which you indicate with an initial
     '.'. For example,.example.com	 matches example.com$ and
     matches all subdomains of example.com
, such as abc.example.com

     and www.example.com.×	 amazonka-network-firewall+The protocols you want to inspect. Specify TLS_SNI for HTTPS.
 Specify 	HTTP_HOST for HTTP!. You can specify either or both.Ø	 amazonka-network-firewallÍ Whether you want to allow or deny access to the domains in your target
 list.Õ	  amazonka-network-firewall Ô		Ð	Ô	Ó	Ò	Ñ	Õ	Ö	×	Ø		Ð	Ô	Ó	Ò	Ñ	Õ	Ö	×	Ø	    B  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  t¶
á	 amazonka-network-firewallï The stateless or stateful rules definitions for use in a single rule
 group. Each rule group requires a single RulesSourceÐ . You can use an
 instance of this for either stateless rules or stateful rules.See:  ç	 smart constructor.ã	 amazonka-network-firewall:Stateful inspection criteria for a domain list rule group.ä	 amazonka-network-firewallÝStateful inspection criteria, provided in Suricata compatible intrusion
 prevention system (IPS) rules. Suricata is an open-source network IPS
 that includes a standard rule-based language for network traffic
 inspection.®These rules contain the inspection criteria and the action to take for
 traffic that matches the criteria, so this type of rule group doesn't
 have a separate action setting.å	 amazonka-network-firewallŠAn array of individual stateful rules inspection criteria to be used
 together in a stateful rule group. Use this option to specify simple
 Suricata rules with protocol, source and destination, ports, direction,
 and rule options. For information about the Suricata Rules format, see
 1https://suricata.readthedocs.io/rules/intro.html#Rules Format.æ	 amazonka-network-firewallÃ Stateless inspection criteria to be used in a stateless rule group.ç	 amazonka-network-firewallCreate a value of  á	" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ã	,  è	= - Stateful inspection criteria for a domain list rule group. ä	,  é	à - Stateful inspection criteria, provided in Suricata compatible intrusion
 prevention system (IPS) rules. Suricata is an open-source network IPS
 that includes a standard rule-based language for network traffic
 inspection.®These rules contain the inspection criteria and the action to take for
 traffic that matches the criteria, so this type of rule group doesn't
 have a separate action setting. å	,  ê	 - An array of individual stateful rules inspection criteria to be used
 together in a stateful rule group. Use this option to specify simple
 Suricata rules with protocol, source and destination, ports, direction,
 and rule options. For information about the Suricata Rules format, see
 1https://suricata.readthedocs.io/rules/intro.html#Rules Format. æ	,  ë	Æ  - Stateless inspection criteria to be used in a stateless rule group.è	 amazonka-network-firewall:Stateful inspection criteria for a domain list rule group.é	 amazonka-network-firewallÝStateful inspection criteria, provided in Suricata compatible intrusion
 prevention system (IPS) rules. Suricata is an open-source network IPS
 that includes a standard rule-based language for network traffic
 inspection.®These rules contain the inspection criteria and the action to take for
 traffic that matches the criteria, so this type of rule group doesn't
 have a separate action setting.ê	 amazonka-network-firewallŠAn array of individual stateful rules inspection criteria to be used
 together in a stateful rule group. Use this option to specify simple
 Suricata rules with protocol, source and destination, ports, direction,
 and rule options. For information about the Suricata Rules format, see
 1https://suricata.readthedocs.io/rules/intro.html#Rules Format.ë	 amazonka-network-firewallÃ Stateless inspection criteria to be used in a stateless rule group. á	æ	å	ä	ã	â	ç	è	é	ê	ë	á	æ	å	ä	ã	â	ç	è	é	ê	ë	    C  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';è ñ  €€
ô	 amazonka-network-firewall»The object that defines the rules in a rule group. This, along with
 RuleGroupResponse, define the rule group. You can retrieve all objects
 for a rule group by calling DescribeRuleGroup.éNetwork Firewall uses a rule group to inspect and control network
 traffic. You define stateless rule groups to inspect individual packets
 and you define stateful rule groups to inspect packets in the context of
 their traffic flow.‚To use a rule group, you include it by reference in an Network Firewall
 firewall policy, then you use the policy in a firewall. You can
 reference a rule group from more than one firewall policy, and you can
 use a firewall policy in more than one firewall.See:  ú	 smart constructor.ö	 amazonka-network-firewall*The list of a rule group's reference sets.÷	 amazonka-network-firewallõ Settings that are available for use in the rules in the rule group. You
 can only use these for stateful rule groups.ø	 amazonka-network-firewallÑAdditional options governing how Network Firewall handles stateful
 rules. The policies where you use your stateful rule group must have
 stateful rule options settings that are compatible with these settings.ù	 amazonka-network-firewall9The stateful rules or stateless rules for the rule group.ú	 amazonka-network-firewallCreate a value of  ô	" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ö	,  û	- - The list of a rule group's reference sets. ÷	,  ü	ø  - Settings that are available for use in the rules in the rule group. You
 can only use these for stateful rule groups. ø	,  ý	Ô - Additional options governing how Network Firewall handles stateful
 rules. The policies where you use your stateful rule group must have
 stateful rule options settings that are compatible with these settings. ù	,  þ	< - The stateful rules or stateless rules for the rule group.û	 amazonka-network-firewall*The list of a rule group's reference sets.ü	 amazonka-network-firewallõ Settings that are available for use in the rules in the rule group. You
 can only use these for stateful rule groups.ý	 amazonka-network-firewallÑAdditional options governing how Network Firewall handles stateful
 rules. The policies where you use your stateful rule group must have
 stateful rule options settings that are compatible with these settings.þ	 amazonka-network-firewall9The stateful rules or stateless rules for the rule group.ú	  amazonka-network-firewall ù	ô	ù	ø	÷	ö	õ	ú	û	ü	ý	þ	ô	ù	ø	÷	ö	õ	ú	û	ü	ý	þ	    D  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%ñ  ˆ%‡
 amazonka-network-firewallAPI version 
2020-11-122 of the Amazon Network Firewall SDK configuration.ˆ
 amazonka-network-firewallö Amazon Web Services doesn't currently have enough available capacity to
 fulfill your request. Try your request later.‰
 amazonka-network-firewallü Your request is valid, but Network Firewall couldn™@t perform the
 operation because of a system problem. Retry your request.Š
 amazonka-network-firewallˆThe operation failed because it's not valid. For example, you might
 have tried to delete a rule group or firewall policy that's in use.‹
 amazonka-network-firewallÏ The operation failed because of a problem with your request. Examples
 include:5You specified an unsupported parameter name or value.Ö You tried to update a property with a value that isn't among the
     available types.ƒYour request references an ARN that is malformed, or corresponds to
     a resource that isn't valid in the context of the request.Œ
 amazonka-network-firewall'The policy statement failed validation.
 amazonka-network-firewallÁ The token you provided is stale or isn't valid for the operation.Ž
 amazonka-network-firewallÐ Unable to perform the operation because doing so would violate a limit
 setting.
 amazonka-network-firewall8Unable to send logs to a configured logging destination.
 amazonka-network-firewallÃ Unable to locate a resource using the parameters that you provided.‘
 amazonka-network-firewallÂ Unable to change the resource because your account doesn't own it.’
 amazonka-network-firewall<Unable to process the request due to throttling limitations.“
 amazonka-network-firewallÀ The operation you requested isn't supported by Network Firewall. ­ '(+*),-./019>=<:;RSTUV_cb`awxyz{|}†‡ˆ‰Š‹Œ”•—–˜™š¢§¦¥£¤»¿¾¼½ÓÔÕÖ×àáâãäìíîïðñòóôüýþÿ€ˆ‰Š‹Œ•š™˜–—®²±¯°ÆÇÈÉÊËÌÍÎ×ØÙÚÛäçåæû€ÿþüý”•–—˜™š¢£¤¥¦§¨±²³´µ¾¿ÀÁÂËÌÍÎÏØÙÚÛÜÝÞçèéêëôø÷õöŒŽ¤¨§¥¦¼½¿¾ÀÁÂÊÎÍËÌâãäåæçèñõôòó‰Š‹ŒŽ˜™š›œž§¬«ª¨©ÀÄÃÁÂØÙÚÛÜåæçèéêëìíö÷øùúƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…¬­¯®°±²³´µ¶·¸¹ºÃÄÅÆÇÈÉÊËÔÕ×ÖØÙÚãçæäåûüýþÿ€Š‹ŒŽ‘’“”•–—˜™š£¤¥¦§°±²³´µ¶¾¿ÂÀÁÃÄÅÆÇÈÐÚÙØ×ÖÕÔÓÑÒîïðñòóôýþÿ€‚ƒ„…†‡ˆ‰Š‹”•–—˜™š£¤¦¥§¨©²³´µ¶·¸ÁÂÄÃÅÆÇÐÑÒÔÛÜÓÕÖ×ØÙÚÝÞßàáâãäåæçèéêëìíîö÷úÿûýþøùü€		‚	ƒ	„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	–	—	™	Ÿ	›	œ	š	 	˜		ž	¡	¢	£	¤	¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	¸	¼	»	¹	º	Ð	Ñ	Ò	Ó	Ô	Õ	Ö	×	Ø	á	â	ã	ä	å	æ	ç	è	é	ê	ë	ô	õ	ö	÷	ø	ù	ú	û	ü	ý	þ	‡
ˆ
‰
Š
‹
Œ

Ž


‘
’
“
ò‡
ˆ
‰
Š
‹
Œ

Ž


‘
’
“
9>=<:;>=<_cb`acb¢§¦¥£¤§¦¥»¿¾¼½¿¾•š™˜–—š™˜®²±¯°²±äçåæçû€ÿþüý€ÿþôø÷õöø÷ŒŽ¤¨§¥¦¨§ÊÎÍËÌÎÍñõôòóõô§¬«ª¨©¬«ªÀÄÃÁÂÄÃƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…˜—–•”“’‘ŽŒ‹Š‰ˆ‡†ãçæäåçæÐÚÙØ×ÖÕÔÓÑÒÚÙØ×ÖÕÔÓ¸	¼	»	¹	º	¼	»	ËÌÍÎÏ '(+*),-./01ìíîïðñòóôüýþÿ€ØÙÚÛÜÝÞRSTUVwxyz{|}–	—	™	Ÿ	›	œ	š	 	˜		ž	¡	¢	£	¤	¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	†‡ˆ‰Š‹ŒŠ‹ŒŽ‘’“”•–—˜™š”•—–˜™šö÷úÿûýþøùü€		‚	ƒ	„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	¾¿ÂÀÁÃÄÅÆÇÈ¬­¯®°±²³´µ¶·¸¹ºÓÔÕÖ×àáâãäˆ‰Š‹ŒÆÇÈÉÊËÌÍÎ×ØÙÚÛýþÿ€‚ƒ„…†‡ˆ‰Š‹”•–—˜™š¢£¤¥¦§¨±²³´µ¾¿ÀÁÂçèéêë”•–—˜™šô	õ	ö	÷	ø	ù	ú	û	ü	ý	þ	¼½¿¾ÀÁÂÐÑÒÔÛÜÓÕÖ×ØÙÚÝÞßàáâãäåæçèéêëìíîâãäåæçè‰Š‹ŒŽá	â	ã	ä	å	æ	ç	è	é	ê	ë	Ð	Ñ	Ò	Ó	Ô	Õ	Ö	×	Ø	˜™š›œžûüýþÿ€ÃÄÅÆÇÈÉÊËØÙÚÛÜåæçèéêëìíö÷øùú£¤¦¥§¨©ÔÕ×ÖØÙÚ²³´µ¶·¸£¤¥¦§°±²³´µ¶îïðñòóôÁÂÄÃÅÆÇ    E  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  —H”
 amazonka-network-firewallSee:  ž
 smart constructor.–
 amazonka-network-firewall The response's http status code.—
 amazonka-network-firewallSee:  ›
 smart constructor.™
 amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.›
 amazonka-network-firewallCreate a value of  —
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: —
,  œ
2 - The Amazon Resource Name (ARN) of the resource. —
,  
 -œ
 amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.ž
 amazonka-network-firewallCreate a value of  ”
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: –
,  Ÿ
# - The response's http status code.Ÿ
 amazonka-network-firewall The response's http status code.›
  amazonka-network-firewall —
 amazonka-network-firewall —
ž
  amazonka-network-firewall –
”
•
–
—
˜
š
™
›
œ

ž
Ÿ
—
˜
š
™
›
œ

”
•
–
ž
Ÿ
    F  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ¨ø
°
 amazonka-network-firewallSee:  º
 smart constructor.²
 amazonka-network-firewall The response's http status code.³
 amazonka-network-firewallSee:  ·
 smart constructor.µ
 amazonka-network-firewallí The Amazon Resource Name (ARN) of the account that you want to share
 rule groups and firewall policies with.¶
 amazonka-network-firewall¶The IAM policy statement that lists the accounts that you want to share
 your rule group or firewall policy with and the operations that you want
 the accounts to be able to perform.í For a rule group resource, you can specify the following operations in
 the Actions section of the statement:%network-firewall:CreateFirewallPolicy%network-firewall:UpdateFirewallPolicynetwork-firewall:ListRuleGroupsò For a firewall policy resource, you can specify the following operations
 in the Actions section of the statement:network-firewall:CreateFirewallnetwork-firewall:UpdateFirewall(network-firewall:AssociateFirewallPolicy%network-firewall:ListFirewallPolicies©In the Resource section of the statement, you specify the ARNs for the
 rule groups and firewall policies that you want to share with the
 account that you specified in Arn.·
 amazonka-network-firewallCreate a value of  ³
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ³
,  ¸
ð  - The Amazon Resource Name (ARN) of the account that you want to share
 rule groups and firewall policies with. ¶
,  ¹
¹ - The IAM policy statement that lists the accounts that you want to share
 your rule group or firewall policy with and the operations that you want
 the accounts to be able to perform.í For a rule group resource, you can specify the following operations in
 the Actions section of the statement:%network-firewall:CreateFirewallPolicy%network-firewall:UpdateFirewallPolicynetwork-firewall:ListRuleGroupsò For a firewall policy resource, you can specify the following operations
 in the Actions section of the statement:network-firewall:CreateFirewallnetwork-firewall:UpdateFirewall(network-firewall:AssociateFirewallPolicy%network-firewall:ListFirewallPolicies©In the Resource section of the statement, you specify the ARNs for the
 rule groups and firewall policies that you want to share with the
 account that you specified in Arn.¸
 amazonka-network-firewallí The Amazon Resource Name (ARN) of the account that you want to share
 rule groups and firewall policies with.¹
 amazonka-network-firewall¶The IAM policy statement that lists the accounts that you want to share
 your rule group or firewall policy with and the operations that you want
 the accounts to be able to perform.í For a rule group resource, you can specify the following operations in
 the Actions section of the statement:%network-firewall:CreateFirewallPolicy%network-firewall:UpdateFirewallPolicynetwork-firewall:ListRuleGroupsò For a firewall policy resource, you can specify the following operations
 in the Actions section of the statement:network-firewall:CreateFirewallnetwork-firewall:UpdateFirewall(network-firewall:AssociateFirewallPolicy%network-firewall:ListFirewallPolicies©In the Resource section of the statement, you specify the ARNs for the
 rule groups and firewall policies that you want to share with the
 account that you specified in Arn.º
 amazonka-network-firewallCreate a value of  °
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ²
,  »
# - The response's http status code.»
 amazonka-network-firewall The response's http status code.·
  amazonka-network-firewall ³
 amazonka-network-firewall ¶
º
  amazonka-network-firewall ²
°
±
²
³
´
µ
¶
·
¸
¹
º
»
³
´
µ
¶
·
¸
¹
°
±
²
º
»
    G  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ¼`Ì
 amazonka-network-firewallSee:  Ú
 smart constructor.Î
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Ï
 amazonka-network-firewall/The tags that are associated with the resource.Ð
 amazonka-network-firewall The response's http status code.Ñ
 amazonka-network-firewallSee:  Ö
 smart constructor.Ó
 amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.Ô
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Õ
 amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.Ö
 amazonka-network-firewallCreate a value of  Ñ
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ó
,  ×
ª - The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects. Ñ
,  Ø
- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. Ñ
,  Ù
2 - The Amazon Resource Name (ARN) of the resource.×
 amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.Ø
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Ù
 amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.Ú
 amazonka-network-firewallCreate a value of  Ì
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ñ
,  Û
- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. Ì
,  Ü
2 - The tags that are associated with the resource. Ð
,  Ý
# - The response's http status code.Û
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Ü
 amazonka-network-firewall/The tags that are associated with the resource.Ý
 amazonka-network-firewall The response's http status code.Ö
  amazonka-network-firewall Ñ
Ú
  amazonka-network-firewall Ð
Ì
Í
Ï
Ð
Î
Ñ
Ò
Õ
Ó
Ô
Ö
×
Ø
Ù
Ú
Û
Ü
Ý
Ñ
Ò
Õ
Ó
Ô
Ö
×
Ø
Ù
Ì
Í
Ï
Ð
Î
Ú
Û
Ü
Ý
    H  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  Ö˜ï
 amazonka-network-firewallSee:   smart constructor.ñ
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.ò
 amazonka-network-firewall The rule group metadata objects that you've defined. Depending on your
 setting for max results and the number of rule groups, this might not be
 the full list.ó
 amazonka-network-firewall The response's http status code.ô
 amazonka-network-firewallSee:  û
 smart constructor.ö
 amazonka-network-firewallÎ Indicates the general category of the Amazon Web Services managed rule
 group.÷
 amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.ø
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.ù
 amazonka-network-firewall1The scope of the request. The default setting of ACCOUNT or a setting
 of NULL? returns all of the rule groups in your account. A setting of
 MANAGED+ returns all available managed rule groups.ú
 amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.û
 amazonka-network-firewallCreate a value of  ô
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ö
,  ü
Ñ  - Indicates the general category of the Amazon Web Services managed rule
 group. ÷
,  ý
ª - The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects. ô
,  þ
- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. ù
,  ÿ
4 - The scope of the request. The default setting of ACCOUNT or a setting
 of NULL? returns all of the rule groups in your account. A setting of
 MANAGED+ returns all available managed rule groups. ô
,  €« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.ü
 amazonka-network-firewallÎ Indicates the general category of the Amazon Web Services managed rule
 group.ý
 amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.þ
 amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.ÿ
 amazonka-network-firewall1The scope of the request. The default setting of ACCOUNT or a setting
 of NULL? returns all of the rule groups in your account. A setting of
 MANAGED+ returns all available managed rule groups.€ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules. amazonka-network-firewallCreate a value of  ï
" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ô
,  ‚- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. ò
,  ƒ£ - The rule group metadata objects that you've defined. Depending on your
 setting for max results and the number of rule groups, this might not be
 the full list. ó
,  „# - The response's http status code.‚ amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.ƒ amazonka-network-firewall The rule group metadata objects that you've defined. Depending on your
 setting for max results and the number of rule groups, this might not be
 the full list.„ amazonka-network-firewall The response's http status code.  amazonka-network-firewall ó
ï
ð
ó
ñ
ò
ô
õ
ù
ú
÷
ø
ö
û
ü
ý
þ
ÿ
€‚ƒ„ô
õ
ù
ú
÷
ø
ö
û
ü
ý
þ
ÿ
€ï
ð
ó
ñ
ò
‚ƒ„    I  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  í	– amazonka-network-firewallSee:  ¤ smart constructor.˜ amazonka-network-firewallºThe firewall metadata objects for the VPCs that you specified. Depending
 on your setting for max results and the number of firewalls you have, a
 single call might not be the full list.™ amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.š amazonka-network-firewall The response's http status code.› amazonka-network-firewallSee:    smart constructor. amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.ž amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Ÿ amazonka-network-firewall¤The unique identifiers of the VPCs that you want Network Firewall to
 retrieve the firewalls for. Leave this blank to retrieve all firewalls
 that you have defined.  amazonka-network-firewallCreate a value of  ›" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  ¡ª - The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects. ›,  ¢- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. Ÿ,  £§ - The unique identifiers of the VPCs that you want Network Firewall to
 retrieve the firewalls for. Leave this blank to retrieve all firewalls
 that you have defined.¡ amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.¢ amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.£ amazonka-network-firewall¤The unique identifiers of the VPCs that you want Network Firewall to
 retrieve the firewalls for. Leave this blank to retrieve all firewalls
 that you have defined.¤ amazonka-network-firewallCreate a value of  –" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ˜,  ¥½ - The firewall metadata objects for the VPCs that you specified. Depending
 on your setting for max results and the number of firewalls you have, a
 single call might not be the full list. ›,  ¦- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. š,  §# - The response's http status code.¥ amazonka-network-firewallºThe firewall metadata objects for the VPCs that you specified. Depending
 on your setting for max results and the number of firewalls you have, a
 single call might not be the full list.¦ amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.§ amazonka-network-firewall The response's http status code.¤  amazonka-network-firewall š–—š™˜›œžŸ ¡¢£¤¥¦§›œžŸ ¡¢£–—š™˜¤¥¦§    J  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ   ê¹ amazonka-network-firewallSee:  Å smart constructor.» amazonka-network-firewall§The metadata for the firewall policies. Depending on your setting for
 max results and the number of firewall policies that you have, this
 might not be the full list.¼ amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.½ amazonka-network-firewall The response's http status code.¾ amazonka-network-firewallSee:  Â smart constructor.À amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.Á amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Â amazonka-network-firewallCreate a value of  ¾" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: À,  Ãª - The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects. ¾,  Ä- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Ã amazonka-network-firewall§The maximum number of objects that you want Network Firewall to return
 for this request. If more objects are available, in the response,
 Network Firewall provides a 	NextTokenÏ  value that you can use in a
 subsequent call to get the next batch of objects.Ä amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.Å amazonka-network-firewallCreate a value of  ¹" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: »,  Æª - The metadata for the firewall policies. Depending on your setting for
 max results and the number of firewall policies that you have, this
 might not be the full list. ¾,  Ç- - When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request. ½,  È# - The response's http status code.Æ amazonka-network-firewall§The metadata for the firewall policies. Depending on your setting for
 max results and the number of firewall policies that you have, this
 might not be the full list.Ç amazonka-network-firewall*When you request a list of objects with a 
MaxResultsŠ setting, if the
 number of objects that are still available for retrieval exceeds the
 maximum you requested, Network Firewall returns a 	NextToken„ value in
 the response. To retrieve the next batch of objects, use the token
 returned from the prior request in your next request.È amazonka-network-firewall The response's http status code.Å  amazonka-network-firewall ½¹º½¼»¾¿ÀÁÂÃÄÅÆÇÈ¾¿ÀÁÂÃÄ¹º½¼»ÅÆÇÈ    K  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  $‘Ú amazonka-network-firewallSee:  ì smart constructor.Ü amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Ý amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Þ amazonka-network-firewall=The IDs of the subnets that are associated with the firewall.ß amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.à amazonka-network-firewall The response's http status code.á amazonka-network-firewallSee:  ç smart constructor.ã amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ä amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.å amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.æ amazonka-network-firewallÅ The unique identifiers for the subnets that you want to disassociate.ç amazonka-network-firewallCreate a value of  á" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: á,  è2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. á,  éæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. á,  êÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. æ,  ëÈ  - The unique identifiers for the subnets that you want to disassociate.è amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.é amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ê amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ë amazonka-network-firewallÅ The unique identifiers for the subnets that you want to disassociate.ì amazonka-network-firewallCreate a value of  Ú" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: á,  í2 - The Amazon Resource Name (ARN) of the firewall. á,  îæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. Ú,  ïÀ  - The IDs of the subnets that are associated with the firewall. á,  ðÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. à,  ñ# - The response's http status code.í amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.î amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ï amazonka-network-firewall=The IDs of the subnets that are associated with the firewall.ð amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ñ amazonka-network-firewall The response's http status code.ì  amazonka-network-firewall àÚÛÜÝßÞàáâãäåæçèéêëìíîïðñáâãäåæçèéêëÚÛÜÝßÞàìíîïðñ    L  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  B\‚ amazonka-network-firewallSee:  • smart constructor.„ amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.… amazonka-network-firewall:Returns the metadata objects for the specified rule group.† amazonka-network-firewall.The last time that the rule group was changed.ˆ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.‰ amazonka-network-firewall The response's http status code.Š amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.‹ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.Œ amazonka-network-firewallSee:  ‘ smart constructor.Ž amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.‘ amazonka-network-firewallCreate a value of  Œ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Œ,  ’ê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. Œ,  “ê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. Œ,  ”« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.’ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.“ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.” amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.• amazonka-network-firewallCreate a value of  ‚" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ‚,  –¢ - The maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE. ‚,  —= - Returns the metadata objects for the specified rule group. ‚,  ˜1 - The last time that the rule group was changed. ‚,  ™ - Undocumented member. Œ,  š« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN. ‰,  ›# - The response's http status code. Œ,  œê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. Œ,  ê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.– amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.— amazonka-network-firewall:Returns the metadata objects for the specified rule group.˜ amazonka-network-firewall.The last time that the rule group was changed.™ amazonka-network-firewallUndocumented member.š amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.› amazonka-network-firewall The response's http status code.œ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.•  amazonka-network-firewall ‰ amazonka-network-firewall Œ amazonka-network-firewall Œ‚ƒ„…ˆ†Š‹‡‰ŒŽ‘’“”•–—˜™š›œŒŽ‘’“”‚ƒ„…ˆ†Š‹‡‰•–—˜™š›œ    M  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  b6® amazonka-network-firewallSee:  ½ smart constructor.° amazonka-network-firewall»The object that defines the rules in a rule group. This, along with
 RuleGroupResponse, define the rule group. You can retrieve all objects
 for a rule group by calling DescribeRuleGroup.éNetwork Firewall uses a rule group to inspect and control network
 traffic. You define stateless rule groups to inspect individual packets
 and you define stateful rule groups to inspect packets in the context of
 their traffic flow.‚To use a rule group, you include it by reference in an Network Firewall
 firewall policy, then you use the policy in a firewall. You can
 reference a rule group from more than one firewall policy, and you can
 use a firewall policy in more than one firewall.± amazonka-network-firewall The response's http status code.² amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.³ amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.´ amazonka-network-firewallSee:  ¹ smart constructor.¶ amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.· amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.¸ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.¹ amazonka-network-firewallCreate a value of  ´" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ´,  º4 - The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both. ´,  »ê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. ´,  ¼« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.º amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.» amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.¼ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.½ amazonka-network-firewallCreate a value of  ®" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: °,  ¾¾ - The object that defines the rules in a rule group. This, along with
 RuleGroupResponse, define the rule group. You can retrieve all objects
 for a rule group by calling DescribeRuleGroup.éNetwork Firewall uses a rule group to inspect and control network
 traffic. You define stateless rule groups to inspect individual packets
 and you define stateful rule groups to inspect packets in the context of
 their traffic flow.‚To use a rule group, you include it by reference in an Network Firewall
 firewall policy, then you use the policy in a firewall. You can
 reference a rule group from more than one firewall policy, and you can
 use a firewall policy in more than one firewall. ±,  ¿# - The response's http status code. ®,  ÀÈ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token. ³,  Á² - The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.¾ amazonka-network-firewall»The object that defines the rules in a rule group. This, along with
 RuleGroupResponse, define the rule group. You can retrieve all objects
 for a rule group by calling DescribeRuleGroup.éNetwork Firewall uses a rule group to inspect and control network
 traffic. You define stateless rule groups to inspect individual packets
 and you define stateful rule groups to inspect packets in the context of
 their traffic flow.‚To use a rule group, you include it by reference in an Network Firewall
 firewall policy, then you use the policy in a firewall. You can
 reference a rule group from more than one firewall policy, and you can
 use a firewall policy in more than one firewall.¿ amazonka-network-firewall The response's http status code.À amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.Á amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.½  amazonka-network-firewall ± amazonka-network-firewall ® amazonka-network-firewall ³®¯²±°³´µ¸¶·¹º»¼½¾¿ÀÁ´µ¸¶·¹º»¼®¯²±°³½¾¿ÀÁ    N  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  j
Ò amazonka-network-firewallSee:  Û smart constructor.Ô amazonka-network-firewall The IAM policy for the resource.Õ amazonka-network-firewall The response's http status code.Ö amazonka-network-firewallSee:  Ù smart constructor.Ø amazonka-network-firewallð The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to retrieve.Ù amazonka-network-firewallCreate a value of  Ö" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ö,  Úó  - The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to retrieve.Ú amazonka-network-firewallð The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to retrieve.Û amazonka-network-firewallCreate a value of  Ò" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ô,  Ü# - The IAM policy for the resource. Õ,  Ý# - The response's http status code.Ü amazonka-network-firewall The IAM policy for the resource.Ý amazonka-network-firewall The response's http status code.Ù  amazonka-network-firewall ÖÛ  amazonka-network-firewall ÕÒÓÕÔÖ×ØÙÚÛÜÝÖ×ØÙÚÒÓÕÔÛÜÝ    O  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  t‹î amazonka-network-firewallSee:  ú smart constructor.ð amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ò amazonka-network-firewall The response's http status code.ó amazonka-network-firewallSee:  ÷ smart constructor.õ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ö amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.÷ amazonka-network-firewallCreate a value of  ó" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ó,  ø2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ó,  ùæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ø amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ù amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ú amazonka-network-firewallCreate a value of  î" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ó,  û2 - The Amazon Resource Name (ARN) of the firewall. ñ,  ü - Undocumented member. ò,  ý# - The response's http status code.û amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ü amazonka-network-firewallUndocumented member.ý amazonka-network-firewall The response's http status code.ú  amazonka-network-firewall òîïðòñóôõö÷øùúûüýóôõö÷øùîïðòñúûüý    P  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ‰¢Ž amazonka-network-firewallSee:  › smart constructor. amazonka-network-firewall-The policy for the specified firewall policy.‘ amazonka-network-firewall The response's http status code.’ amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.“ amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.” amazonka-network-firewallSee:  ˜ smart constructor.– amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.— amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.˜ amazonka-network-firewallCreate a value of  ”" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ”,  ™9 - The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both. ”,  šô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.™ amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.š amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.› amazonka-network-firewallCreate a value of  Ž" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  œ0 - The policy for the specified firewall policy. ‘,  # - The response's http status code. Ž,  žÉ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token. “,  ŸÂ - The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.œ amazonka-network-firewall-The policy for the specified firewall policy. amazonka-network-firewall The response's http status code.ž amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.Ÿ amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.›  amazonka-network-firewall ‘ amazonka-network-firewall Ž amazonka-network-firewall “Ž’‘“”•—–˜™š›œžŸ”•—–˜™šŽ’‘“›œžŸ    Q  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ¢C° amazonka-network-firewallSee:  ½ smart constructor.² amazonka-network-firewall˜The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints.³ amazonka-network-firewall¨Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN.´ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.µ amazonka-network-firewall The response's http status code.¶ amazonka-network-firewallSee:  º smart constructor.¸ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.¹ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.º amazonka-network-firewallCreate a value of  ¶" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¶,  »2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ¶,  ¼æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.» amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.¼ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.½ amazonka-network-firewallCreate a value of  °" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ²,  ¾› - The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints. ³,  ¿« - Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN. °,  ÀÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. µ,  Á# - The response's http status code.¾ amazonka-network-firewall˜The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints.¿ amazonka-network-firewall¨Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN.À amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Á amazonka-network-firewall The response's http status code.½  amazonka-network-firewall µ°±´µ²³¶·¸¹º»¼½¾¿ÀÁ¶·¸¹º»¼°±´µ²³½¾¿ÀÁ    R  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ±Ò amazonka-network-firewallSee:  ß smart constructor.Ô amazonka-network-firewall The response's http status code.Õ amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.Ö amazonka-network-firewallSee:  Û smart constructor.Ø amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.Ù amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.Ú amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.Û amazonka-network-firewallCreate a value of  Ö" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ö,  Ü4 - The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both. Ö,  Ýê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. Ö,  Þ« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.Ü amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.Ý amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.Þ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.ß amazonka-network-firewallCreate a value of  Ò" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ô,  à# - The response's http status code. Õ,  á² - The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.à amazonka-network-firewall The response's http status code.á amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.ß  amazonka-network-firewall Ô amazonka-network-firewall ÕÒÓÔÕÖ×ÚØÙÛÜÝÞßàáÖ×ÚØÙÛÜÝÞÒÓÔÕßàá    S  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ¸’ò amazonka-network-firewallSee:  ú smart constructor.ô amazonka-network-firewall The response's http status code.õ amazonka-network-firewallSee:  ø smart constructor.÷ amazonka-network-firewallî The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to delete.ø amazonka-network-firewallCreate a value of  õ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: õ,  ùñ  - The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to delete.ù amazonka-network-firewallî The Amazon Resource Name (ARN) of the rule group or firewall policy
 whose resource policy you want to delete.ú amazonka-network-firewallCreate a value of  ò" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ô,  û# - The response's http status code.û amazonka-network-firewall The response's http status code.ø  amazonka-network-firewall õú  amazonka-network-firewall ô
òóôõö÷øùúû
õö÷øùòóôúû    T  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ÃŒ amazonka-network-firewallSee:  — smart constructor.Ž amazonka-network-firewall The response's http status code. amazonka-network-firewallÝ The object containing the definition of the FirewallPolicyResponse that
 you asked to delete. amazonka-network-firewallSee:  ” smart constructor.’ amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.“ amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.” amazonka-network-firewallCreate a value of  " with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  •9 - The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both. ,  –ô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.• amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.– amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.— amazonka-network-firewallCreate a value of  Œ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ž,  ˜# - The response's http status code. ,  ™à  - The object containing the definition of the FirewallPolicyResponse that
 you asked to delete.˜ amazonka-network-firewall The response's http status code.™ amazonka-network-firewallÝ The object containing the definition of the FirewallPolicyResponse that
 you asked to delete.—  amazonka-network-firewall Ž amazonka-network-firewall ŒŽ‘“’”•–—˜™‘“’”•–ŒŽ—˜™    U  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  Í‡ª amazonka-network-firewallSee:  ¶ smart constructor.® amazonka-network-firewall The response's http status code.¯ amazonka-network-firewallSee:  ³ smart constructor.± amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.² amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.³ amazonka-network-firewallCreate a value of  ¯" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¯,  ´2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ¯,  µæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.´ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.µ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.¶ amazonka-network-firewallCreate a value of  ª" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¬,  · - Undocumented member. ­,  ¸ - Undocumented member. ®,  ¹# - The response's http status code.· amazonka-network-firewallUndocumented member.¸ amazonka-network-firewallUndocumented member.¹ amazonka-network-firewall The response's http status code.¶  amazonka-network-firewall ®ª«®¬­¯°±²³´µ¶·¸¹¯°±²³´µª«®¬­¶·¸¹    V  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  mÊ amazonka-network-firewallSee:  æ smart constructor.Ì amazonka-network-firewall The response's http status code.Í amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.Î amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.Ï amazonka-network-firewallSee:  Û smart constructor.Ñ amazonka-network-firewall A description of the rule group.Ò amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.Ó amazonka-network-firewallÓ A complex type that contains settings for encryption of your rule group
 resources.Ô amazonka-network-firewall,An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both.Õ amazonka-network-firewall±A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string.Ö amazonka-network-firewall»A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group.× amazonka-network-firewall3The key:value pairs to associate with the resource.Ø amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.Ù amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.Ú amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.ô You can't change or exceed this capacity when you update the rule
 group, so leave room for your rule group to grow.#Capacity for a stateless rule groupžFor a stateless rule group, the capacity required is the sum of the
 capacity requirements of the individual rules that you expect to have in
 the rule group.‡To calculate the capacity requirement of a single rule, multiply the
 capacity requirement values of each of the rule's match settings:<A match setting with no criteria specified has a value of 1.A match setting with Any specified has a value of 1.ÞAll other match settings have a value equal to the number of
     elements provided in the setting. For example, a protocol setting
     ["UDP"] and a source setting ["10.0.0.0/24"] each have a value
     of 1. A protocol setting ["UDP","TCP"] has a value of 2. A
     source setting ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"]
     has a value of 3.ÁA rule with no criteria specified in any of its match settings has a
 capacity requirement of 1. A rule with protocol setting
 ["UDP","TCP"], source setting
 ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"], and a single
 specification or no specification for each of the other match settings
 has a capacity requirement of 6."Capacity for a stateful rule group†For a stateful rule group, the minimum capacity required is the number
 of individual rules that you expect to have in the rule group.Û amazonka-network-firewallCreate a value of  Ï" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ï,  Ü# - A description of the rule group. Ò,  Ý÷  - Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources. Ï,  ÞÖ  - A complex type that contains settings for encryption of your rule group
 resources. Ô,  ß/ - An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both. Õ,  à´ - A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string. Ï,  á¾ - A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group. Ï,  â6 - The key:value pairs to associate with the resource. Ï,  ãê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it. Ï,  ä« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules. Ï,  å¢ - The maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.ô You can't change or exceed this capacity when you update the rule
 group, so leave room for your rule group to grow.#Capacity for a stateless rule groupžFor a stateless rule group, the capacity required is the sum of the
 capacity requirements of the individual rules that you expect to have in
 the rule group.‡To calculate the capacity requirement of a single rule, multiply the
 capacity requirement values of each of the rule's match settings:<A match setting with no criteria specified has a value of 1.A match setting with Any specified has a value of 1.ÞAll other match settings have a value equal to the number of
     elements provided in the setting. For example, a protocol setting
     ["UDP"] and a source setting ["10.0.0.0/24"] each have a value
     of 1. A protocol setting ["UDP","TCP"] has a value of 2. A
     source setting ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"]
     has a value of 3.ÁA rule with no criteria specified in any of its match settings has a
 capacity requirement of 1. A rule with protocol setting
 ["UDP","TCP"], source setting
 ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"], and a single
 specification or no specification for each of the other match settings
 has a capacity requirement of 6."Capacity for a stateful rule group†For a stateful rule group, the minimum capacity required is the number
 of individual rules that you expect to have in the rule group.Ü amazonka-network-firewall A description of the rule group.Ý amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.Þ amazonka-network-firewallÓ A complex type that contains settings for encryption of your rule group
 resources.ß amazonka-network-firewall,An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both.à amazonka-network-firewall±A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string.á amazonka-network-firewall»A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group.â amazonka-network-firewall3The key:value pairs to associate with the resource.ã amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.ä amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.å amazonka-network-firewallŸThe maximum operating resources that this rule group can use. Rule group
 capacity is fixed at creation. When you update a rule group, you are
 limited to this capacity. When you reference a rule group from a
 firewall policy, Network Firewall reserves this capacity for the rule
 group.‰You can retrieve the capacity that would be required for a rule group
 before you create the rule group by calling CreateRuleGroup with
 DryRun set to TRUE.ô You can't change or exceed this capacity when you update the rule
 group, so leave room for your rule group to grow.#Capacity for a stateless rule groupžFor a stateless rule group, the capacity required is the sum of the
 capacity requirements of the individual rules that you expect to have in
 the rule group.‡To calculate the capacity requirement of a single rule, multiply the
 capacity requirement values of each of the rule's match settings:<A match setting with no criteria specified has a value of 1.A match setting with Any specified has a value of 1.ÞAll other match settings have a value equal to the number of
     elements provided in the setting. For example, a protocol setting
     ["UDP"] and a source setting ["10.0.0.0/24"] each have a value
     of 1. A protocol setting ["UDP","TCP"] has a value of 2. A
     source setting ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"]
     has a value of 3.ÁA rule with no criteria specified in any of its match settings has a
 capacity requirement of 1. A rule with protocol setting
 ["UDP","TCP"], source setting
 ["10.0.0.0/24","10.0.0.1/24","10.0.0.2/24"], and a single
 specification or no specification for each of the other match settings
 has a capacity requirement of 6."Capacity for a stateful rule group†For a stateful rule group, the minimum capacity required is the number
 of individual rules that you expect to have in the rule group.æ amazonka-network-firewallCreate a value of  Ê" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ì,  ç# - The response's http status code. Ê,  èÈ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token. Î,  é² - The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.ç amazonka-network-firewall The response's http status code.è amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.é amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.Û  amazonka-network-firewall Ï amazonka-network-firewall Ï amazonka-network-firewall Ïæ  amazonka-network-firewall Ì amazonka-network-firewall Ê amazonka-network-firewall Î ÊËÍÌÎÏÐÚÕÑ×ÙÓÖØÔÒÛÜÝÞßàáâãäåæçèé ÏÐÚÕÑ×ÙÓÖØÔÒÛÜÝÞßàáâãäåÊËÍÌÎæçèé    W  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ,êú amazonka-network-firewallSee:  Ž smart constructor.ü amazonka-network-firewall The response's http status code.ý amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.þ amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.ÿ amazonka-network-firewallSee:  ‡ smart constructor. amazonka-network-firewall%A description of the firewall policy.‚ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.ƒ amazonka-network-firewallØ A complex type that contains settings for encryption of your firewall
 policy resources.„ amazonka-network-firewall3The key:value pairs to associate with the resource.… amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.† amazonka-network-firewallÁ The rule groups and policy actions to use in the firewall policy.‡ amazonka-network-firewallCreate a value of  ÿ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ÿ,  ˆ( - A description of the firewall policy. ‚,  ‰÷  - Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources. ÿ,  ŠÛ  - A complex type that contains settings for encryption of your firewall
 policy resources. ÿ,  ‹6 - The key:value pairs to associate with the resource. ÿ,  Œô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it. †,  Ä  - The rule groups and policy actions to use in the firewall policy.ˆ amazonka-network-firewall%A description of the firewall policy.‰ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.Š amazonka-network-firewallØ A complex type that contains settings for encryption of your firewall
 policy resources.‹ amazonka-network-firewall3The key:value pairs to associate with the resource.Œ amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it. amazonka-network-firewallÁ The rule groups and policy actions to use in the firewall policy.Ž amazonka-network-firewallCreate a value of  ú" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ü,  # - The response's http status code. ú,  É - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token. þ,  ‘Â - The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy. amazonka-network-firewall The response's http status code. amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.‘ amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.‡  amazonka-network-firewall ÿ amazonka-network-firewall †Ž  amazonka-network-firewall ü amazonka-network-firewall ú amazonka-network-firewall þúûýüþÿ€„ƒ…†‚‡ˆ‰Š‹ŒŽ‘ÿ€„ƒ…†‚‡ˆ‰Š‹ŒúûýüþŽ‘    X  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  M¨¢ amazonka-network-firewallSee:  ¾ smart constructor.¤ amazonka-network-firewall˜The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints.¥ amazonka-network-firewall¨Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN.¦ amazonka-network-firewall The response's http status code.§ amazonka-network-firewallSee:  ³ smart constructor.© amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.ª amazonka-network-firewallA description of the firewall.« amazonka-network-firewallÑ A complex type that contains settings for encryption of your firewall
 resources.¬ amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.­ amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.® amazonka-network-firewall3The key:value pairs to associate with the resource.¯ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.° amazonka-network-firewallÜ The Amazon Resource Name (ARN) of the FirewallPolicy that you want to
 use for the firewall.± amazonka-network-firewallÔ The unique identifier of the VPC where Network Firewall should create
 the firewall.<You can't change this setting after you create the firewall.² amazonka-network-firewallÂThe public subnets to use for your Network Firewall firewalls. Each
 subnet must belong to a different Availability Zone in the VPC. Network
 Firewall creates a firewall endpoint in each subnet.³ amazonka-network-firewallCreate a value of  §" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: §,  ´Ò  - A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE. §,  µ! - A description of the firewall. §,  ¶Ô  - A complex type that contains settings for encryption of your firewall
 resources. §,  ·§ - A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. §,  ¸¢ - A setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. §,  ¹6 - The key:value pairs to associate with the resource. §,  ºæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. §,  »ß  - The Amazon Resource Name (ARN) of the FirewallPolicy that you want to
 use for the firewall. §,  ¼×  - The unique identifier of the VPC where Network Firewall should create
 the firewall.<You can't change this setting after you create the firewall. §,  ½Å - The public subnets to use for your Network Firewall firewalls. Each
 subnet must belong to a different Availability Zone in the VPC. Network
 Firewall creates a firewall endpoint in each subnet.´ amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.µ amazonka-network-firewallA description of the firewall.¶ amazonka-network-firewallÑ A complex type that contains settings for encryption of your firewall
 resources.· amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.¸ amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.¹ amazonka-network-firewall3The key:value pairs to associate with the resource.º amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.» amazonka-network-firewallÜ The Amazon Resource Name (ARN) of the FirewallPolicy that you want to
 use for the firewall.¼ amazonka-network-firewallÔ The unique identifier of the VPC where Network Firewall should create
 the firewall.<You can't change this setting after you create the firewall.½ amazonka-network-firewallÂThe public subnets to use for your Network Firewall firewalls. Each
 subnet must belong to a different Availability Zone in the VPC. Network
 Firewall creates a firewall endpoint in each subnet.¾ amazonka-network-firewallCreate a value of  ¢" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¤,  ¿› - The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints. ¥,  À« - Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN. ¦,  Á# - The response's http status code.¿ amazonka-network-firewall˜The configuration settings for the firewall. These settings include the
 firewall policy and the subnets in your VPC to use for the firewall
 endpoints.À amazonka-network-firewall¨Detailed information about the current status of a Firewall. You can
 retrieve this for a firewall by calling DescribeFirewall and providing
 the firewall name and ARN.Á amazonka-network-firewall The response's http status code.³  amazonka-network-firewall § amazonka-network-firewall § amazonka-network-firewall §¾  amazonka-network-firewall ¦ ¢£¦¤¥§¨ª®¯«°©¬­±²³´µ¶·¸¹º»¼½¾¿ÀÁ §¨ª®¯«°©¬­±²³´µ¶·¸¹º»¼½¢£¦¤¥¾¿ÀÁ    Y  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  qŒÒ amazonka-network-firewallSee:  ä smart constructor.Ô amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Õ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Ö amazonka-network-firewall=The IDs of the subnets that are associated with the firewall.× amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Ø amazonka-network-firewall The response's http status code.Ù amazonka-network-firewallSee:  ß smart constructor.Û amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.Ü amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.Ý amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Þ amazonka-network-firewallÄ The IDs of the subnets that you want to associate with the firewall.ß amazonka-network-firewallCreate a value of  Ù" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ù,  à2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. Ù,  áæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. Ù,  âÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. Ù,  ãÇ  - The IDs of the subnets that you want to associate with the firewall.à amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.á amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.â amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ã amazonka-network-firewallÄ The IDs of the subnets that you want to associate with the firewall.ä amazonka-network-firewallCreate a value of  Ò" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ù,  å2 - The Amazon Resource Name (ARN) of the firewall. Ù,  ææ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. Ù,  çÀ  - The IDs of the subnets that are associated with the firewall. Ù,  èÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. Ø,  é# - The response's http status code.å amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.æ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ç amazonka-network-firewall=The IDs of the subnets that are associated with the firewall.è amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.é amazonka-network-firewall The response's http status code.ä  amazonka-network-firewall ØÒÓÔÕ×ÖØÙÚÛÜÝÞßàáâãäåæçèéÙÚÛÜÝÞßàáâãÒÓÔÕ×ÖØäåæçèé    Z  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  •2ú amazonka-network-firewallSee:  Œ smart constructor.ü amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ý amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.þ amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.ÿ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.€ amazonka-network-firewall The response's http status code. amazonka-network-firewallSee:  ‡ smart constructor.ƒ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.„ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.… amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.† amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.‡ amazonka-network-firewallCreate a value of  " with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  ˆ2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ,  ‰æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. ,  ŠÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. ,  ‹9 - The Amazon Resource Name (ARN) of the firewall policy.ˆ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.‰ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.Š amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.‹ amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.Œ amazonka-network-firewallCreate a value of  ú" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ,  2 - The Amazon Resource Name (ARN) of the firewall. ,  Žæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. ,  9 - The Amazon Resource Name (ARN) of the firewall policy. ,  Û - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. €,  ‘# - The response's http status code. amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Ž amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy. amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.‘ amazonka-network-firewall The response's http status code.‡  amazonka-network-firewall Œ  amazonka-network-firewall €úûüýÿþ€‚ƒ„…†‡ˆ‰Š‹ŒŽ‘‚ƒ„…†‡ˆ‰Š‹úûüýÿþ€ŒŽ‘    [  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ›Ú¢ amazonka-network-firewallSee:  ¬ smart constructor.¤ amazonka-network-firewall The response's http status code.¥ amazonka-network-firewallSee:  © smart constructor.§ amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.© amazonka-network-firewallCreate a value of  ¥" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¥,  ª2 - The Amazon Resource Name (ARN) of the resource. ¨,  « -ª amazonka-network-firewall/The Amazon Resource Name (ARN) of the resource.¬ amazonka-network-firewallCreate a value of  ¢" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¤,  ­# - The response's http status code.­ amazonka-network-firewall The response's http status code.©  amazonka-network-firewall ¥ amazonka-network-firewall ¨¬  amazonka-network-firewall ¤¢£¤¥¦§¨©ª«¬­¥¦§¨©ª«¢£¤¬­    \  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  Å†¾ amazonka-network-firewallSee:  Ð smart constructor.À amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.Á amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Â amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Ã amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Ä amazonka-network-firewall The response's http status code.Å amazonka-network-firewallSee:  Ë smart constructor.Ç amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.È amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.É amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Ê amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.Ë amazonka-network-firewallCreate a value of  Å" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Å,  Ì2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. Å,  Íæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. Å,  ÎÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. Å,  ÏÒ  - A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.Ì amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.Í amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.Î amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Ï amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.Ð amazonka-network-firewallCreate a value of  ¾" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Å,  ÑÒ  - A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE. Å,  Ò2 - The Amazon Resource Name (ARN) of the firewall. Å,  Óæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. Å,  ÔÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. Ä,  Õ# - The response's http status code.Ñ amazonka-network-firewallÏ A flag indicating whether it is possible to delete the firewall. A
 setting of TRUE× indicates that the firewall is protected against
 deletion. Use this setting to protect against accidentally deleting a
 firewall that is in use. When you create a firewall, the operation
 initializes this flag to TRUE.Ò amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.Ó amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Ô amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.Õ amazonka-network-firewall The response's http status code.Ë  amazonka-network-firewall ÅÐ  amazonka-network-firewall Ä¾¿ÁÂÃÀÄÅÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÅÆÇÈÉÊËÌÍÎÏ¾¿ÁÂÃÀÄÐÑÒÓÔÕ    ]  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  é‘æ amazonka-network-firewallSee:  ø smart constructor.è amazonka-network-firewallA description of the firewall.é amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ê amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ë amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ì amazonka-network-firewall The response's http status code.í amazonka-network-firewallSee:  ó smart constructor.ï amazonka-network-firewallû The new description for the firewall. If you omit this setting, Network
 Firewall removes the description for the firewall.ð amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ñ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ò amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ó amazonka-network-firewallCreate a value of  í" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: í,  ôþ  - The new description for the firewall. If you omit this setting, Network
 Firewall removes the description for the firewall. í,  õ2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. í,  öæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. í,  ÷Û - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ô amazonka-network-firewallû The new description for the firewall. If you omit this setting, Network
 Firewall removes the description for the firewall.õ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ö amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.÷ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ø amazonka-network-firewallCreate a value of  æ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: í,  ù! - A description of the firewall. í,  ú2 - The Amazon Resource Name (ARN) of the firewall. í,  ûæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. í,  üÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. ì,  ý# - The response's http status code.ù amazonka-network-firewallA description of the firewall.ú amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.û amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ü amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ý amazonka-network-firewall The response's http status code.ø  amazonka-network-firewall ìæçèéêëìíîïðñòóôõö÷øùúûüýíîïðñòóôõö÷æçèéêëìøùúûüý    ^  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  
JŽ amazonka-network-firewallSee:    smart constructor.‘ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.’ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.“ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.” amazonka-network-firewall The response's http status code.• amazonka-network-firewallSee:  › smart constructor.˜ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.™ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.š amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.› amazonka-network-firewallCreate a value of  •" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: •,  œ - Undocumented member. •,  2 - The Amazon Resource Name (ARN) of the firewall. •,  žæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. •,  ŸÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.œ amazonka-network-firewallUndocumented member. amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ž amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.Ÿ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.  amazonka-network-firewallCreate a value of  Ž" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: •,  ¡ - Undocumented member. •,  ¢2 - The Amazon Resource Name (ARN) of the firewall. •,  £æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. •,  ¤Û - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. ”,  ¥# - The response's http status code.¡ amazonka-network-firewallUndocumented member.¢ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.£ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.¤ amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.¥ amazonka-network-firewall The response's http status code.   amazonka-network-firewall ”Ž‘’“”•–˜™š—›œžŸ ¡¢£¤¥•–˜™š—›œžŸŽ‘’“” ¡¢£¤¥    _  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  1ó¶ amazonka-network-firewallSee:  Ì smart constructor.¸ amazonka-network-firewall The response's http status code.¹ amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.º amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.» amazonka-network-firewallSee:  Ä smart constructor.½ amazonka-network-firewall%A description of the firewall policy.¾ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.¿ amazonka-network-firewallØ A complex type that contains settings for encryption of your firewall
 policy resources.À amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.Á amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.Â amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.Ã amazonka-network-firewall4The updated firewall policy to use for the firewall.Ä amazonka-network-firewallCreate a value of  »" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: »,  Å( - A description of the firewall policy. ¾,  Æ÷  - Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources. »,  ÇÛ  - A complex type that contains settings for encryption of your firewall
 policy resources. »,  È9 - The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both. »,  Éô  - The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both. »,  ÊÉ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token. Ã,  Ë7 - The updated firewall policy to use for the firewall.Å amazonka-network-firewall%A description of the firewall policy.Æ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.Ç amazonka-network-firewallØ A complex type that contains settings for encryption of your firewall
 policy resources.È amazonka-network-firewall6The Amazon Resource Name (ARN) of the firewall policy.?You must specify the ARN or the name, and you can specify both.É amazonka-network-firewallñ The descriptive name of the firewall policy. You can't change the name
 of a firewall policy after you create it.?You must specify the ARN or the name, and you can specify both.Ê amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.Ë amazonka-network-firewall4The updated firewall policy to use for the firewall.Ì amazonka-network-firewallCreate a value of  ¶" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ¸,  Í# - The response's http status code. »,  ÎÉ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token. º,  ÏÂ - The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.Í amazonka-network-firewall The response's http status code.Î amazonka-network-firewallÆA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the firewall policy. The token marks the state
 of the policy resource at the time of the request.ÞTo make changes to the policy, you provide the token in your request.
 Network Firewall uses the token to ensure that the policy hasn't
 changed since you last retrieved it. If it has changed, the operation
 fails with an InvalidTokenExceptionº. If this happens, retrieve the
 firewall policy again to get a current copy of it with current token.
 Reapply your changes as needed, then try the operation again using the
 new token.Ï amazonka-network-firewall¿The high-level properties of a firewall policy. This, along with the
 FirewallPolicy, define the policy. You can retrieve all objects for a
 firewall policy by calling DescribeFirewallPolicy.Ä  amazonka-network-firewall » amazonka-network-firewall ÃÌ  amazonka-network-firewall ¸ amazonka-network-firewall » amazonka-network-firewall º¶·¹¸º»¼½Â¿ÁÀÃ¾ÄÅÆÇÈÉÊËÌÍÎÏ»¼½Â¿ÁÀÃ¾ÄÅÆÇÈÉÊË¶·¹¸ºÌÍÎÏ    `  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  [ƒà amazonka-network-firewallSee:  ò smart constructor.â amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ã amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ä amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.å amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.æ amazonka-network-firewall The response's http status code.ç amazonka-network-firewallSee:  í smart constructor.é amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ê amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ë amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ì amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.í amazonka-network-firewallCreate a value of  ç" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ç,  î2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ç,  ïæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. ç,  ðÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. ç,  ñ§ - A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.î amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ï amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ð amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ñ amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.ò amazonka-network-firewallCreate a value of  à" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ç,  ó2 - The Amazon Resource Name (ARN) of the firewall. ç,  ôæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. ç,  õ§ - A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. ç,  öÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. æ,  ÷# - The response's http status code.ó amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ô amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.õ amazonka-network-firewall¤A setting indicating whether the firewall is protected against a change
 to the firewall policy association. Use this setting to protect against
 accidentally modifying the firewall policy for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.ö amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.÷ amazonka-network-firewall The response's http status code.í  amazonka-network-firewall çò  amazonka-network-firewall æàáâãåäæçèéêëìíîïðñòóôõö÷çèéêëìíîïðñàáâãåäæòóôõö÷    a  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  i¬ˆ amazonka-network-firewallSee:  — smart constructor.Š amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.‹ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. amazonka-network-firewall The response's http status code.Ž amazonka-network-firewallSee:  “ smart constructor. amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.‘ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.’ amazonka-network-firewallŒDefines how Network Firewall performs logging for a firewall. If you
 omit this setting, Network Firewall disables logging for the firewall.“ amazonka-network-firewallCreate a value of  Ž" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ž,  ”2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. Ž,  •æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. Ž,  – - Defines how Network Firewall performs logging for a firewall. If you
 omit this setting, Network Firewall disables logging for the firewall.” amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.• amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.– amazonka-network-firewallŒDefines how Network Firewall performs logging for a firewall. If you
 omit this setting, Network Firewall disables logging for the firewall.— amazonka-network-firewallCreate a value of  ˆ" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: Ž,  ˜2 - The Amazon Resource Name (ARN) of the firewall. Ž,  ™æ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. Ž,  š - Undocumented member. ,  ›# - The response's http status code.˜ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.™ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.š amazonka-network-firewallUndocumented member.› amazonka-network-firewall The response's http status code.—  amazonka-network-firewall ˆ‰Š‹ŒŽ‘’“”•–—˜™š›Ž‘’“”•–ˆ‰Š‹Œ—˜™š›    b  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ž¬ amazonka-network-firewallSee:  È smart constructor.® amazonka-network-firewall The response's http status code.¯ amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.° amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.± amazonka-network-firewallSee:  ½ smart constructor.³ amazonka-network-firewall A description of the rule group.´ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.µ amazonka-network-firewallÓ A complex type that contains settings for encryption of your rule group
 resources.¶ amazonka-network-firewall,An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both.· amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.¸ amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.¹ amazonka-network-firewall±A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string.º amazonka-network-firewall»A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group.» amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.¼ amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.½ amazonka-network-firewallCreate a value of  ±" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ±,  ¾# - A description of the rule group. ´,  ¿÷  - Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources. ±,  ÀÖ  - A complex type that contains settings for encryption of your rule group
 resources. ¶,  Á/ - An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both. ±,  Â4 - The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both. ±,  Ãê  - The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both. ¹,  Ä´ - A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string. ±,  Å¾ - A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group. ±,  Æ« - Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN. ±,  ÇÈ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.¾ amazonka-network-firewall A description of the rule group.¿ amazonka-network-firewallô Indicates whether you want Network Firewall to just check the validity
 of the request, rather than run the request.
If set to TRUEÓ, Network Firewall checks whether the request can run
 successfully, but doesn't actually make the requested changes. The call
 returns the value that the request would return if you ran it with dry
 run set to FALSEÇ, but doesn't make additions or changes to your
 resources. This option allows you to make sure that you have the
 required permissions to run the request and that your request parameters
 are valid.
If set to FALSEÂ , Network Firewall makes the requested changes to your
 resources.À amazonka-network-firewallÓ A complex type that contains settings for encryption of your rule group
 resources.Á amazonka-network-firewall,An object that defines the rule group rules.5You must provide either this rule group setting or a Rules setting,
 but not both.Â amazonka-network-firewall1The Amazon Resource Name (ARN) of the rule group.?You must specify the ARN or the name, and you can specify both.Ã amazonka-network-firewallç The descriptive name of the rule group. You can't change the name of a
 rule group after you create it.?You must specify the ARN or the name, and you can specify both.Ä amazonka-network-firewall±A string containing stateful rule group rules specifications in Suricata
 flat format, with one rule per line. Use this to import your existing
 Suricata compatible rule groups.:You must provide either this rules setting or a populated 	RuleGroup
 setting, but not both.ëYou can provide your rule group specification in Suricata flat format
 through this setting when you create or update your rule group. The call
 response returns a RuleGroup object that Network Firewall has populated
 from your string.Å amazonka-network-firewall»A complex type that contains metadata about the rule group that your own
 rule group is copied from. You can use the metadata to keep track of
 updates made to the originating rule group.Æ amazonka-network-firewall¨Indicates whether the rule group is stateless or stateful. If the rule
 group is stateless, it contains stateless rules. If it is stateful, it
 contains stateful rules.?This setting is required for requests that do not include the
 RuleGroupARN.Ç amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.È amazonka-network-firewallCreate a value of  ¬" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ®,  É# - The response's http status code. ±,  ÊÈ - A token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token. °,  Ë² - The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.É amazonka-network-firewall The response's http status code.Ê amazonka-network-firewallÅA token used for optimistic locking. Network Firewall returns a token to
 your requests that access the rule group. The token marks the state of
 the rule group resource at the time of the request.æTo make changes to the rule group, you provide the token in your
 request. Network Firewall uses the token to ensure that the rule group
 hasn't changed since you last retrieved it. If it has changed, the
 operation fails with an InvalidTokenException·. If this happens,
 retrieve the rule group again to get a current copy of it with a current
 token. Reapply your changes as needed, then try the operation again
 using the new token.Ë amazonka-network-firewall¯The high-level properties of a rule group. This, along with the
 RuleGroup, define the rule group. You can retrieve all objects for a
 rule group by calling DescribeRuleGroup.½  amazonka-network-firewall ±È  amazonka-network-firewall ® amazonka-network-firewall ± amazonka-network-firewall ° ¬­¯®°±²¹³»¼µº·¸¶´½¾¿ÀÁÂÃÄÅÆÇÈÉÊË ±²¹³»¼µº·¸¶´½¾¿ÀÁÂÃÄÅÆÇ¬­¯®°ÈÉÊË    c  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%&';Ì Ú è ñ  ÇÜ amazonka-network-firewallSee:  î smart constructor.Þ amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ß amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.à amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.á amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.â amazonka-network-firewall The response's http status code.ã amazonka-network-firewallSee:  é smart constructor.å amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.æ amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ç amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.è amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.é amazonka-network-firewallCreate a value of  ã" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ã,  ê2 - The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both. ã,  ëæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both. ã,  ìÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. ã,  í¢ - A setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.ê amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.?You must specify the ARN or the name, and you can specify both.ë amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.?You must specify the ARN or the name, and you can specify both.ì amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.í amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.î amazonka-network-firewallCreate a value of  Ü" with all optional fields omitted.Use 0https://hackage.haskell.org/package/generic-lensgeneric-lens or *https://hackage.haskell.org/package/opticsoptics! to modify other optional fields.ï The following record fields are available, with the corresponding lenses provided
 for backwards compatibility: ã,  ï2 - The Amazon Resource Name (ARN) of the firewall. ã,  ðæ  - The descriptive name of the firewall. You can't change the name of a
 firewall after you create it. ã,  ñ¢ - A setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE. ã,  òÛ - An optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token. â,  ó# - The response's http status code.ï amazonka-network-firewall/The Amazon Resource Name (ARN) of the firewall.ð amazonka-network-firewallã The descriptive name of the firewall. You can't change the name of a
 firewall after you create it.ñ amazonka-network-firewallŸA setting indicating whether the firewall is protected against changes
 to the subnet associations. Use this setting to protect against
 accidentally modifying the subnet associations for a firewall that is in
 use. When you create a firewall, the operation initializes this setting
 to TRUE.ò amazonka-network-firewallØAn optional token that you can use for optimistic locking. Network
 Firewall returns a token to your requests that access the firewall. The
 token marks the state of the firewall resource at the time of the
 request.àTo make an unconditional change to the firewall, omit the token in your
 update request. Without the token, Network Firewall performs your
 updates regardless of whether the firewall has changed since you last
 retrieved it.òTo make a conditional change to the firewall, provide the token in your
 update request. Network Firewall uses the token to ensure that the
 firewall hasn't changed since you last retrieved it. If it has changed,
 the operation fails with an InvalidTokenException±. If this happens,
 retrieve the firewall again to get a current copy of it with a new
 token. Reapply your changes as needed, then try the operation again
 using the new token.ó amazonka-network-firewall The response's http status code.é  amazonka-network-firewall ãî  amazonka-network-firewall âÜÝÞßáàâãäåæçèéêëìíîïðñòóãäåæçèéêëìíÜÝÞßáàâîïðñòó    d  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred  È–  ê./01V|}‹Œ™š×äòóô€ŒÌÍÎÛ™š§¨µÂÏÝÞëÁÂçèŽžÜëìíúµ¶·¸¹ºÉÊËÙÚ€”•–—˜™š§µ¶ÅÆÇÈóô†‡ˆ‰Š‹™š¨©·¸ÆÇáâãäåæçèéêëìíî„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	Ö	×	Ø	è	é	ê	ë	û	ü	ý	þ	œ

Ÿ
¸
¹
»
×
Ø
Ù
Û
Ü
Ý
ü
ý
þ
ÿ
€‚ƒ„¡¢£¥¦§ÃÄÆÇÈèéêëíîïðñ’“”–—˜™š›œº»¼¾¿ÀÁÚÜÝøùûüý™šœžŸ»¼¾¿ÀÁÜÝÞàáùû•–˜™´µ·¸¹ÜÝÞßàáâãäåçèéˆ‰Š‹Œ‘´µ¶·¸¹º»¼½¿ÀÁàáâãåæçèéˆ‰Š‹Ž‘ª«­ÌÍÎÏÑÒÓÔÕôõö÷ùúûüýœžŸ¡¢£¤¥ÅÆÇÈÉÊËÍÎÏîïðñóôõö÷”•–˜™š›¾¿ÀÁÂÃÄÅÆÇÉÊËêëìíïðñòóêˆ‰Š‹Ž‘àáâãåæçèé´µ¶·¸¹º»¼½¿ÀÁˆ‰Š‹Œ‘ÜÝÞßàáâãäåçèé´µ·¸¹•–˜™ùûÜÝÞàá»¼¾¿ÀÁ™šœžŸøùûüýÚÜÝº»¼¾¿ÀÁ’“”–—˜™š›œèéêëíîïðñÃÄÆÇÈ¡¢£¥¦§ü
ý
þ
ÿ
€‚ƒ„×
Ø
Ù
Û
Ü
Ý
¸
¹
»
œ

Ÿ
ª«­ÌÍÎÏÑÒÓÔÕôõö÷ùúûüýœžŸ¡¢£¤¥ÅÆÇÈÉÊËÍÎÏîïðñóôõö÷”•–˜™š›¾¿ÀÁÂÃÄÅÆÇÉÊËêëìíïðñòóÏ./01òóô€ÝÞV|}¥	¦	§	¨	©	ª	«	¬	­	®	¯	°	‹Œ”•–—˜™š™š„	…	†	‡	ˆ	‰	Š	‹	Œ		Ž	ÅÆÇÈµ¶·¸¹º×äŒÌÍÎÛ†‡ˆ‰Š‹™š§¨µÂë™šû	ü	ý	þ	ÁÂáâãäåæçèéêëìíîçèŽè	é	ê	ë	Ö	×	Ø	ž€ÉÊËÜëìíú¨©ÙÚ·¸§µ¶óôÆÇ    e  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred"%Ì Ú ñ  ÎÓ        f  (c) 2013-2023 Brendan HayMozilla Public License, v. 2.0.Brendan Hayauto-generatednon-portable (GHC extensions)Safe-Inferred  Ïl  Õ '(-9>=<:;RSU_cb`awx{†‡Š”•˜¢§¦¥£¤»¿¾¼½ÓÔÖàáãìíñüýÿˆ‰‹•š™˜–—®²±¯°ÆÇË×ØÚäçåæû€ÿþüý”•˜¢£¦±²´¾¿ÁËÌÎØÙÜçèêôø÷õöŒŽ¤¨§¥¦¼½ÀÊÎÍËÌâãæñõôòó‰Š˜™œ§¬«ª¨©ÀÄÃÁÂØÙÛåæêö÷ùƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…¬­´ÃÄÈÔÕØãçæäåûüÿŠ‹“£¤¦°±´¾¿ÄÐÚÙØ×ÖÕÔÓÑÒîïòýþ…”•˜£¤§²³¶ÁÂÅÐÑàö÷ƒ	–	—	¤	¸	¼	»	¹	º	Ð	Ñ	Õ	á	â	ç	ô	õ	ú	‡
ˆ
‰
Š
‹
Œ

Ž


‘
’
“
”
•
—
˜
›
ž
°
±
³
´
·
º
Ì
Í
Ñ
Ò
Ö
Ú
ï
ð
ô
õ
û
–—›œ ¤¹º¾¿ÂÅÚÛáâçì‚ƒŒ‘•®¯´µ¹½ÒÓÖ×ÙÛîïóô÷úŽ”•˜›°±¶·º½ÒÓÖ×ÛßòóõöøúŒ‘”—ª«¯°³¶ÊËÏÐÛæúûÿ€‡Ž¢£§¨³¾ÒÓÙÚßäúû‚‡Œ¢£¥¦©¬¾¿ÅÆËÐæçíîóøŽ•–› ¶·»¼ÄÌàáçèíòˆ‰Ž“—¬­±²½ÈÜÝãäéîš‡
ˆ
‰
Š
‹
Œ

Ž


‘
’
“
‚‡úûŒÙÚßÒÓä§¨³¢£¾ÿ€‡úûŽÏÐÛÊËæ¯°³ª«¶‘”Œ—õöøòóúÖ×ÛÒÓß¶·º°±½”•˜Ž›óô÷îïúÖ×ÙÒÓÛ´µ¹®¯½Œ‘‚ƒ•áâçÚÛì¾¿Â¹ºÅ›œ –—¤ô
õ
û
ï
ð
Ñ
Ò
Ö
Ì
Í
Ú
³
´
·
°
±
º
—
˜
›
”
•
ž
¥¦©¢£¬ÅÆË¾¿Ðíîóæçø•–›Ž »¼Ä¶·ÌçèíàáòŽ“ˆ‰—±²½¬­ÈãäéÜÝî9>=<:;>=<_cb`acb¢§¦¥£¤§¦¥»¿¾¼½¿¾•š™˜–—š™˜®²±¯°²±äçåæçû€ÿþüý€ÿþôø÷õöø÷ŒŽ¤¨§¥¦¨§ÊÎÍËÌÎÍñõôòóõô§¬«ª¨©¬«ªÀÄÃÁÂÄÃƒ˜—–•”“’‘ŽŒ‹Š‰ˆ‡†„…˜—–•”“’‘ŽŒ‹Š‰ˆ‡†ãçæäåçæÐÚÙØ×ÖÕÔÓÑÒÚÙØ×ÖÕÔÓ¸	¼	»	¹	º	¼	»	ËÌÎ '(-ìíñüýÿØÙÜRSUwx{–	—	¤	†‡ŠŠ‹“”•˜ö÷ƒ	¾¿Ä¬­´ÓÔÖàáãˆ‰‹ÆÇË×ØÚýþ…”•˜¢£¦±²´¾¿Áçèê”•˜ô	õ	ú	¼½ÀÐÑàâãæ‰Šá	â	ç	Ð	Ñ	Õ	˜™œûüÿÃÄÈØÙÛåæêö÷ù£¤§ÔÕØ²³¶£¤¦°±´îïòÁÂÅ  „  g  h   i   j   k   l   m   n   o   p   q   r   s  t  u   v  w  x  y  z   {   |   }   ~      €      ‚   ƒ   „   …   †   ‡   ˆ   ‰   Š   ‹   Œ     Ž        ‘   ’   “   ”   •   –   —   ˜   ™   š   ›   œ      ž   Ÿ     ¡   ¢  £  ¤  ¥   ¦   §   ¨   ©   ª   «   ¬   ­   ®   ¯   °   ±   ²   ³   ´   µ   ¶   ·   ¸  ¹  º   »   ¼   ½   ¾   ¿   À   Á   Â   Ã   Ä   Å  Æ  Ç   È  É  Ê   Ë   Ì   Í   Î   Ï   Ð   Ñ   Ò   Ó   Ô   Õ   Ö   ×   Ø   Ù   Ú   Û   Ü   Ý  Þ  ß   à   á   â   ã   ä   å   æ   ç   è   é   ê   ë   ì  í  î   ï   ð   ñ   ò   ó   ô   õ   ö   ÷   ø   ù   ú  	û  	ü  	 ý  	 þ  	 ÿ  	 €  	   	 ‚  	 ƒ  	 „  	 …  	 †  	 ‡  	 ˆ  
‰  
Š  
 ‹  
Œ  
  
Ž  
   
   
 ‘  
 ’  
 “  
 ”  
 •  
 –  
 —  
 ˜  
 ™  
 š  
 ›  
 œ  
   
 ž  
 Ÿ  
    
 ¡  ¢  £   ¤  ¥  ¦   §   ¨   ©   ª   «   ¬   ­   ®   ¯   °   ±   ²   ³   ´   µ   ¶   ·   ¸   ¹  º  »   ¼   ½   ¾   ¿   À   Á   Â   Ã   Ä   Å   Æ  Ç  È   É   Ê   Ë   Ì   Í   Î   Ï   Ð   Ñ   Ò  Ó  Ô   Õ   Ö   ×   Ø   Ù   Ú   Û   Ü   Ý   Þ   ß   à   á   â  ã  ä   å   æ   ç   è   é   ê   ë   ì   í   î  ï  ð   ñ   ò   ó   ô   õ   ö   ÷   ø   ù   ú   û  ü  ý   þ  ÿ  €     ‚   ƒ   „   …   †   ‡   ˆ   ‰   Š   ‹   Œ      Ž         ‘   ’   “   ”  •  –   —  ˜  ™   š   ›   œ      ž   Ÿ       ¡   ¢   £   ¤   ¥   ¦   §   ¨   ©   ª   «   ¬  ­  ®   ¯   °   ±   ²   ³   ´   µ   ¶   ·   ¸   ¹   º   »   ¼   ½  ¾  ¿   À   Á   Â   Ã   Ä   Å   Æ   Ç   È   É   Ê  Ë  Ì   Í  Î   Ï   Ð   Ñ   Ò   Ó   Ô   Õ   Ö   ×   Ø   Ù   Ú   Û   Ü   Ý   Þ   ß   à   á  â  ã   ä  å  æ  ç   è   é   ê   ë   ì   í   î   ï   ð   ñ   ò   ó   ô   õ   ö   ÷   ø   ù   ú  û  ü   ý   þ   ÿ   €      ‚   ƒ   „   …   †   ‡   ˆ  ‰  Š   ‹   Œ      Ž         ‘   ’   “   ”   •   –   —  ˜  ™   š   ›   œ      ž   Ÿ       ¡   ¢   £   ¤  ¥  ¦   §   ¨   ©   ª   «   ¬   ­   ®   ¯   °   ±  ²  ³   ´   µ   ¶   ·   ¸   ¹   º   »   ¼   ½   ¾  ¿  À   Á   Â   Ã   Ä   Å   Æ   Ç   È   É   Ê   Ë   Ì   Í  Î  Ï   Ð   Ñ   Ò   Ó   Ô   Õ   Ö   ×   Ø   Ù   Ú  Û  Ü   Ý  Þ  ß   à   á   â   ã   ä   å   æ   ç   è   é   ê   ë   ì   í   î   ï   ð   ñ   ò  ó  ô   õ  ö  ÷   ø   ù   ú   û   ü   ý   þ   ÿ   €      ‚   ƒ   „   …   †   ‡   ˆ   ‰   Š   ‹   Œ       Ž           ‘    ’    “    ”    •    –    —    ˜    ™    š    ›    œ        ž    Ÿ         ¡    ¢  !£  !¤  ! ¥  ! ¦  ! §  ! ¨  ! ©  ! ª  ! «  ! ¬  ! ­  ! ®  ! ¯  ! °  "±  "²  " ³  "´  "µ  " ¶  " ·  " ¸  " ¹  " º  " »  " ¼  " ½  " ¾  " ¿  " À  " Á  " Â  " Ã  " Ä  " Å  " Æ  " Ç  " È  #É  #Ê  # Ë  # Ì  # Í  # Î  # Ï  # Ð  # Ñ  # Ò  # Ó  # Ô  # Õ  # Ö  # ×  $Ø  $Ù  $ Ú  $Û  $Ü  $ Ý  $ Þ  $ ß  $ à  $ á  $ â  $ ã  $ ä  $ å  $ æ  $ ç  $ è  $ é  $ ê  $ ë  $ ì  $ í  $ î  $ ï  %ð  %ñ  % ò  % ó  % ô  % õ  % ö  % ÷  % ø  % ù  % ú  % û  % ü  % ý  % þ  &ÿ  &€  &   & ‚  & ƒ  & „  & …  & †  & ‡  & ˆ  & ‰  & Š  & ‹  & Œ  &   'Ž  '  '   '‘  '’  '“  ' ”  ' •  ' –  ' —  ' ˜  ' ™  ' š  ' ›  ' œ  '   ' ž  ' Ÿ  '    ' ¡  ' ¢  ' £  ' ¤  ' ¥  ' ¦  (§  (¨  ( ©  (ª  («  ( ¬  ( ­  ( ®  ( ¯  ( °  ( ±  ( ²  ( ³  ( ´  ( µ  ( ¶  ( ·  ( ¸  ( ¹  ( º  ( »  ( ¼  ( ½  ( ¾  )¿  )À  ) Á  ) Â  ) Ã  ) Ä  ) Å  ) Æ  ) Ç  ) È  ) É  ) Ê  ) Ë  *Ì  *Í  * Î  * Ï  * Ð  * Ñ  * Ò  * Ó  * Ô  * Õ  * Ö  * ×  * Ø  * Ù  * Ú  * Û  * Ü  +Ý  +Þ  + ß  + à  + á  + â  + ã  + ä  + å  + æ  + ç  + è  + é  ,ê  ,ë  , ì  ,í  ,î  ,ï  ,ð  ,ñ  ,ò  ,ó  ,ô  ,õ  ,ö  ,÷  ,ø  ,ù  ,ú  ,û  ,ü  ,ý  ,þ  ,ÿ  , €  ,   , ‚  , ƒ  , „  , …  , †  , ‡  , ˆ  , ‰  , Š  , ‹  , Œ  ,   , Ž  ,   ,   , ‘  , ’  -“  -”  - •  - –  - —  - ˜  - ™  - š  - ›  - œ  -   - ž  - Ÿ  -    - ¡  - ¢  - £  - ¤  - ¥  - ¦  - §  - ¨  - ©  .ª  .«  . ¬  . ­  . ®  . ¯  . °  . ±  . ²  . ³  . ´  . µ  . ¶  . ·  . ¸  . ¹  . º  /»  /¼  / ½  / ¾  / ¿  / À  / Á  / Â  / Ã  / Ä  / Å  / Æ  / Ç  / È  / É  0Ê  0Ë  0 Ì  0Í  0Î  0 Ï  0 Ð  0 Ñ  0 Ò  0 Ó  0 Ô  0 Õ  0 Ö  0 ×  0 Ø  0 Ù  0 Ú  0 Û  0 Ü  0 Ý  0 Þ  0 ß  0 à  0 á  1â  1ã  1 ä  1 å  1 æ  1 ç  1 è  1 é  1 ê  1 ë  1 ì  1 í  1 î  1 ï  1 ð  2ñ  2ò  2 ó  2 ô  2 õ  2 ö  2 ÷  2 ø  2 ù  2 ú  2 û  2 ü  2 ý  2 þ  2 ÿ  2 €  2   2 ‚  2 ƒ  2 „  2 …  2 †  2 ‡  2 ˆ  2 ‰  3Š  3‹  3 Œ  3   3 Ž  3   3   3 ‘  3 ’  3 “  3 ”  3 •  3 –  4—  4˜  4 ™  4 š  4 ›  4 œ  4   4 ž  4 Ÿ  4    4 ¡  4 ¢  4 £  4 ¤  5¥  5¦  5 §  5 ¨  5 ©  5 ª  5 «  5 ¬  5 ­  5 ®  5 ¯  5 °  5 ±  5 ²  5 ³  5 ´  5 µ  5 ¶  6·  6¸  6 ¹  6º  6»  6¼  6½  6¾  6¿  6À  6Á  6 Â  6 Ã  6 Ä  6 Å  6 Æ  6 Ç  6 È  6 É  6 Ê  6 Ë  6 Ì  6 Í  6 Î  6 Ï  6 Ð  6 Ñ  6 Ò  6 Ó  6 Ô  7Õ  7Ö  7 ×  7 Ø  7 Ù  7 Ú  7 Û  7 Ü  7 Ý  7 Þ  7 ß  7 à  7 á  7 â  7 ã  8ä  8å  8 æ  8 ç  8 è  8 é  8 ê  8 ë  8 ì  8 í  8 î  8 ï  8 ð  8 ñ  8 ò  8 ó  8 ô  8 õ  8 ö  8 ÷  8 ø  8 ù  8 ú  9û  9ü  9 ý  9 þ  9 ÿ  9 €	  9 	  9 ‚	  9 ƒ	  9 „	  9 …	  9 †	  9 ‡	  9 ˆ	  9 ‰	  :Š	  :‹	  : Œ	  : 	  : Ž	  : 	  : 	  : ‘	  : ’	  : “	  : ”	  : •	  : –	  : —	  : ˜	  ;™	  ;š	  ; ›	  ; œ	  ; 	  ; ž	  ; Ÿ	  ;  	  ; ¡	  ; ¢	  ; £	  ; ¤	  ; ¥	  ; ¦	  ; §	  <¨	  <©	  < ª	  < «	  < ¬	  < ­	  < ®	  < ¯	  < °	  < ±	  < ²	  < ³	  < ´	  < µ	  < ¶	  =·	  =¸	  = ¹	  = º	  = »	  = ¼	  = ½	  = ¾	  = ¿	  = À	  = Á	  = Â	  = Ã	  = Ä	  = Å	  = Æ	  = Ç	  = È	  = É	  = Ê	  = Ë	  = Ì	  = Í	  = Î	  = Ï	  = Ð	  = Ñ	  = Ò	  = Ó	  = Ô	  = Õ	  = Ö	  = ×	  = Ø	  = Ù	  = Ú	  = Û	  = Ü	  >Ý	  >Þ	  > ß	  > à	  > á	  > â	  > ã	  > ä	  > å	  > æ	  > ç	  > è	  > é	  > ê	  > ë	  > ì	  > í	  > î	  > ï	  > ð	  > ñ	  > ò	  > ó	  > ô	  > õ	  > ö	  > ÷	  > ø	  > ù	  > ú	  > û	  > ü	  ?ý	  ?þ	  ? ÿ	  ? €
  ? 
  ? ‚
  ? ƒ
  ? „
  ? …
  ? †
  ? ‡
  ? ˆ
  ? ‰
  ? Š
  ? ‹
  ? Œ
  ? 
  ? Ž
  ? 
  ? 
  ? ‘
  ? ’
  ? “
  ? ”
  ? •
  ? –
  ? —
  ? ˜
  ? ™
  ? š
  ? ›
  ? œ
  ? 
  ? ž
  @Ÿ
  @ 
  @ ¡
  @¢
  @£
  @ ¤
  @ ¥
  @ ¦
  @ §
  @ ¨
  @ ©
  @ ª
  @ «
  @ ¬
  @ ­
  @ ®
  @ ¯
  @ °
  @ ±
  @ ²
  @ ³
  @ ´
  @ µ
  @ ¶
  A·
  A¸
  A ¹
  A º
  A »
  A ¼
  A ½
  A ¾
  A ¿
  A À
  A Á
  A Â
  A Ã
  A Ä
  A Å
  A Æ
  A Ç
  BÈ
  BÉ
  B Ê
  B Ë
  B Ì
  B Í
  B Î
  B Ï
  B Ð
  B Ñ
  B Ò
  B Ó
  B Ô
  B Õ
  B Ö
  B ×
  B Ø
  B Ù
  B Ú
  CÛ
  CÜ
  C Ý
  C Þ
  C ß
  C à
  C á
  C â
  C ã
  C ä
  C å
  C æ
  C ç
  C è
  C é
  C ê
  C ë
  C ì
  C í
  D î
  D ï
  D ð
  D ñ
  D ò
  D ó
  D ô
  D õ
  D ö
  D ÷
  D ø
  D ù
  D ú
  Eû
  Eü
  E ý
  Eþ
  Eÿ
  E €  E   E ‚  E ƒ  E „  E …  E †  E ‡  E ˆ  E ‰  E Š  E ‹  E Œ  E   E Ž  E   E   E ‘  E ’  E “  E ”  E •  E –  F—  F˜  F ™  Fš  F›  F œ  F   F ž  F Ÿ  F    F ¡  F ¢  F £  F ¤  F ¥  F ¦  F §  F ¨  F ©  F ª  F «  F ¬  F ­  F ®  F ¯  F °  F ±  F ²  G³  G´  G µ  G ¶  G ·  G¸  G¹  G º  G »  G ¼  G ½  G ¾  G ¿  G À  G Á  G Â  G Ã  G Ä  G Å  G Æ  G Ç  G È  G É  G Ê  G Ë  G Ì  G Í  G Î  G Ï  G Ð  G Ñ  G Ò  G Ó  G Ô  G Õ  HÖ  H×  H Ø  H Ù  H Ú  HÛ  HÜ  H Ý  H Þ  H ß  H à  H á  H â  H ã  H ä  H å  H æ  H ç  H è  H é  H ê  H ë  H ì  H í  H î  H ï  H ð  H ñ  H ò  H ó  H ô  H õ  H ö  H ÷  H ø  H ù  H ú  H û  H ü  Iý  Iþ  I ÿ  I €  I   I‚  Iƒ  I „  I …  I †  I ‡  I ˆ  I ‰  I Š  I ‹  I Œ  I   I Ž  I   I   I ‘  I ’  I “  I ”  I •  I –  I —  I ˜  I ™  I š  I ›  I œ  I   I ž  I Ÿ  J   J¡  J ¢  J £  J ¤  J¥  J¦  J §  J ¨  J ©  J ª  J «  J ¬  J ­  J ®  J ¯  J °  J ±  J ²  J ³  J ´  J µ  J ¶  J ·  J ¸  J ¹  J º  J »  J ¼  J ½  J ¾  J ¿  J À  KÁ  KÂ  K Ã  K Ä  K Å  K Æ  K Ç  KÈ  KÉ  K Ê  K Ë  K Ì  K Í  K Î  K Ï  K Ð  K Ñ  K Ò  K Ó  K Ô  K Õ  K Ö  K ×  K Ø  K Ù  K Ú  K Û  K Ü  K Ý  K Þ  K ß  K à  K á  K â  K ã  K ä  K å  K æ  K ç  K è  Lé  Lê  L ë  L ì  L í  L î  L ï  L ð  L ñ  L ò  Ló  Lô  L õ  L ö  L ÷  L ø  L ù  L ú  L û  L ü  L ý  L þ  L ÿ  L €  L   L ‚  L ƒ  L „  L …  L †  L ‡  L ˆ  L ‰  L Š  L ‹  L Œ  L   L Ž  L   L   L ‘  L ’  L “  L ”  M•  M–  M —  M ˜  M ™  M š  M›  Mœ  M   M ž  M Ÿ  M    M ¡  M ¢  M £  M ¤  M ¥  M ¦  M §  M ¨  M ©  M ª  M «  M ¬  M ­  M ®  M ¯  M °  M ±  M ²  M ³  M ´  M µ  M ¶  M ·  M ¸  N¹  Nº  N »  N ¼  N½  N¾  N ¿  N À  N Á  N Â  N Ã  N Ä  N Å  N Æ  N Ç  N È  N É  N Ê  N Ë  N Ì  N Í  N Î  N Ï  N Ð  N Ñ  N Ò  N Ó  N Ô  OÕ  OÖ  O ×  O Ø  O Ù  OÚ  OÛ  O Ü  O Ý  O Þ  O ß  O à  O á  O â  O ã  O ä  O å  O æ  O ç  O è  O é  O ê  O ë  O ì  O í  O î  O ï  O ð  O ñ  O ò  O ó  O ô  Põ  Pö  P ÷  P ø  P ù  P ú  Pû  Pü  P ý  P þ  P ÿ  P €  P   P ‚  P ƒ  P „  P …  P †  P ‡  P ˆ  P ‰  P Š  P ‹  P Œ  P   P Ž  P   P   P ‘  P ’  P “  P ”  P •  P –  Q—  Q˜  Q ™  Q š  Q ›  Q œ  Q  Qž  Q Ÿ  Q    Q ¡  Q ¢  Q £  Q ¤  Q ¥  Q ¦  Q §  Q ¨  Q ©  Q ª  Q «  Q ¬  Q ­  Q ®  Q ¯  Q °  Q ±  Q ²  Q ³  Q ´  Q µ  Q ¶  Q ·  Q ¸  R¹  Rº  R »  R ¼  R½  R¾  R ¿  R À  R Á  R Â  R Ã  R Ä  R Å  R Æ  R Ç  R È  R É  R Ê  R Ë  R Ì  R Í  R Î  R Ï  R Ð  R Ñ  R Ò  R Ó  R Ô  R Õ  R Ö  R ×  R Ø  SÙ  SÚ  S Û  SÜ  SÝ  S Þ  S ß  S à  S á  S â  S ã  S ä  S å  S æ  S ç  S è  S é  S ê  S ë  S ì  S í  S î  S ï  S ð  S ñ  S ò  Tó  Tô  T õ  T ö  T÷  Tø  T ù  T ú  T û  T ü  T ý  T þ  T ÿ  T €  T   T ‚  T ƒ  T „  T …  T †  T ‡  T ˆ  T ‰  T Š  T ‹  T Œ  T   T Ž  T   T   U‘  U’  U “  U ”  U •  U–  U—  U ˜  U ™  U š  U ›  U œ  U   U ž  U Ÿ  U    U ¡  U ¢  U £  U ¤  U ¥  U ¦  U §  U ¨  U ©  U ª  U «  U ¬  U ­  U ®  U ¯  U °  V±  V²  V ³  V ´  V µ  V¶  V·  V ¸  V ¹  V º  V »  V ¼  V ½  V ¾  V ¿  V À  V Á  V Â  V Ã  V Ä  V Å  V Æ  V Ç  V È  V É  V Ê  V Ë  V Ì  V Í  V Î  V Ï  V Ð  V Ñ  V Ò  V Ó  V Ô  V Õ  V Ö  V ×  V Ø  V Ù  V Ú  V Û  V Ü  V Ý  V Þ  V ß  V à  Wá  Wâ  W ã  W ä  W å  Wæ  Wç  W è  W é  W ê  W ë  W ì  W í  W î  W ï  W ð  W ñ  W ò  W ó  W ô  W õ  W ö  W ÷  W ø  W ù  W ú  W û  W ü  W ý  W þ  W ÿ  W €  W   W ‚  W ƒ  W „  W …  W †  W ‡  W ˆ  X‰  XŠ  X ‹  X Œ  X   XŽ  X  X   X ‘  X ’  X “  X ”  X •  X –  X —  X ˜  X ™  X š  X ›  X œ  X   X ž  X Ÿ  X    X ¡  X ¢  X £  X ¤  X ¥  X ¦  X §  X ¨  X ©  X ª  X «  X ¬  X ­  X ®  X ¯  X °  X ±  X ²  X ³  X ´  X µ  X ¶  X ·  X ¸  Y¹  Yº  Y »  Y ¼  Y ½  Y ¾  Y ¿  YÀ  YÁ  Y Â  Y Ã  Y Ä  Y Å  Y Æ  Y Ç  Y È  Y É  Y Ê  Y Ë  Y Ì  Y Í  Y Î  Y Ï  Y Ð  Y Ñ  Y Ò  Y Ó  Y Ô  Y Õ  Y Ö  Y ×  Y Ø  Y Ù  Y Ú  Y Û  Y Ü  Y Ý  Y Þ  Y ß  Y à  Zá  Zâ  Z ã  Z ä  Z å  Z æ  Z ç  Zè  Zé  Z ê  Z ë  Z ì  Z í  Z î  Z ï  Z ð  Z ñ  Z ò  Z ó  Z ô  Z õ  Z ö  Z ÷  Z ø  Z ù  Z ú  Z û  Z ü  Z ý  Z þ  Z ÿ  Z €  Z   Z ‚  Z ƒ  Z „  Z …  Z †  Z ‡  Z ˆ  [‰  [Š  [ ‹  [Œ  [  [ Ž  [   [   [ ‘  [ ’  [ “  [ ”  [ •  [ –  [ —  [ ˜  [ ™  [ š  [ ›  [ œ  [   [ ž  [ Ÿ  [    [ ¡  [ ¢  [ £  [ ¤  \¥  \¦  \ §  \ ¨  \ ©  \ ª  \ «  \¬  \­  \ ®  \ ¯  \ °  \ ±  \ ²  \ ³  \ ´  \ µ  \ ¶  \ ·  \ ¸  \ ¹  \ º  \ »  \ ¼  \ ½  \ ¾  \ ¿  \ À  \ Á  \ Â  \ Ã  \ Ä  \ Å  \ Æ  \ Ç  \ È  \ É  \ Ê  \ Ë  \ Ì  ]Í  ]Î  ] Ï  ] Ð  ] Ñ  ] Ò  ] Ó  ]Ô  ]Õ  ] Ö  ] ×  ] Ø  ] Ù  ] Ú  ] Û  ] Ü  ] Ý  ] Þ  ] ß  ] à  ] á  ] â  ] ã  ] ä  ] å  ] æ  ] ç  ] è  ] é  ] ê  ] ë  ] ì  ] í  ] î  ] ï  ] ð  ] ñ  ] ò  ] ó  ] ô  ^õ  ^ö  ^ ÷  ^ ø  ^ ù  ^ ú  ^ û  ^ü  ^ý  ^ þ  ^ ÿ  ^ €  ^   ^ ‚  ^ ƒ  ^ „  ^ …  ^ †  ^ ‡  ^ ˆ  ^ ‰  ^ Š  ^ ‹  ^ Œ  ^   ^ Ž  ^   ^   ^ ‘  ^ ’  ^ “  ^ ”  ^ •  ^ –  ^ —  ^ ˜  ^ ™  ^ š  ^ ›  ^ œ  _  _ž  _ Ÿ  _    _ ¡  _¢  _£  _ ¤  _ ¥  _ ¦  _ §  _ ¨  _ ©  _ ª  _ «  _ ¬  _ ­  _ ®  _ ¯  _ °  _ ±  _ ²  _ ³  _ ´  _ µ  _ ¶  _ ·  _ ¸  _ ¹  _ º  _ »  _ ¼  _ ½  _ ¾  _ ¿  _ À  _ Á  _ Â  _ Ã  _ Ä  _ Å  _ Æ  `Ç  `È  ` É  ` Ê  ` Ë  ` Ì  ` Í  `Î  `Ï  ` Ð  ` Ñ  ` Ò  ` Ó  ` Ô  ` Õ  ` Ö  ` ×  ` Ø  ` Ù  ` Ú  ` Û  ` Ü  ` Ý  ` Þ  ` ß  ` à  ` á  ` â  ` ã  ` ä  ` å  ` æ  ` ç  ` è  ` é  ` ê  ` ë  ` ì  ` í  ` î  aï  að  a ñ  a ò  a ó  a ô  aõ  aö  a ÷  a ø  a ù  a ú  a û  a ü  a ý  a þ  a ÿ  a €  a   a ‚  a ƒ  a „  a …  a †  a ‡  a ˆ  a ‰  a Š  a ‹  a Œ  a   a Ž  a   a   a ‘  a ’  b“  b”  b •  b –  b —  b˜  b™  b š  b ›  b œ  b   b ž  b Ÿ  b    b ¡  b ¢  b £  b ¤  b ¥  b ¦  b §  b ¨  b ©  b ª  b «  b ¬  b ­  b ®  b ¯  b °  b ±  b ²  b ³  b ´  b µ  b ¶  b ·  b ¸  b ¹  b º  b »  b ¼  b ½  b ¾  b ¿  b À  b Á  b Â  cÃ  cÄ  c Å  c Æ  c Ç  c È  c É  cÊ  cË  c Ì  c Í  c Î  c Ï  c Ð  c Ñ  c Ò  c Ó  c Ô  c Õ  c Ö  c ×  c Ø  c Ù  c Ú  c Û  c Ü  c Ý  c Þ  c ß  c à  c á  c â  c ã  c ä  c å  c æ  c ç  c è  c é  c êë4amazonka-network-firewall-2.0-4y6HybZBSNcEwGPO5AYVfm&Amazonka.NetworkFirewall.Types.Address/Amazonka.NetworkFirewall.Types.AttachmentStatus)Amazonka.NetworkFirewall.Types.Attachment5Amazonka.NetworkFirewall.Types.ConfigurationSyncState(Amazonka.NetworkFirewall.Types.Dimension-Amazonka.NetworkFirewall.Types.EncryptionType6Amazonka.NetworkFirewall.Types.EncryptionConfiguration/Amazonka.NetworkFirewall.Types.FirewallMetadata5Amazonka.NetworkFirewall.Types.FirewallPolicyMetadata2Amazonka.NetworkFirewall.Types.FirewallStatusValue1Amazonka.NetworkFirewall.Types.GeneratedRulesType$Amazonka.NetworkFirewall.Types.IPSet,Amazonka.NetworkFirewall.Types.IPSetMetadata*Amazonka.NetworkFirewall.Types.CIDRSummary3Amazonka.NetworkFirewall.Types.CapacityUsageSummary-Amazonka.NetworkFirewall.Types.IPSetReference1Amazonka.NetworkFirewall.Types.LogDestinationType&Amazonka.NetworkFirewall.Types.LogType3Amazonka.NetworkFirewall.Types.LogDestinationConfig3Amazonka.NetworkFirewall.Types.LoggingConfiguration-Amazonka.NetworkFirewall.Types.OverrideAction2Amazonka.NetworkFirewall.Types.PerObjectSyncStatus.Amazonka.NetworkFirewall.Types.PerObjectStatus(Amazonka.NetworkFirewall.Types.PortRange&Amazonka.NetworkFirewall.Types.PortSet2Amazonka.NetworkFirewall.Types.PublishMetricAction/Amazonka.NetworkFirewall.Types.ActionDefinition+Amazonka.NetworkFirewall.Types.CustomAction,Amazonka.NetworkFirewall.Types.ReferenceSets4Amazonka.NetworkFirewall.Types.ResourceManagedStatus2Amazonka.NetworkFirewall.Types.ResourceManagedType-Amazonka.NetworkFirewall.Types.ResourceStatus0Amazonka.NetworkFirewall.Types.RuleGroupMetadata,Amazonka.NetworkFirewall.Types.RuleGroupType)Amazonka.NetworkFirewall.Types.RuleOption(Amazonka.NetworkFirewall.Types.RuleOrder,Amazonka.NetworkFirewall.Types.RuleVariables-Amazonka.NetworkFirewall.Types.SourceMetadata-Amazonka.NetworkFirewall.Types.StatefulAction4Amazonka.NetworkFirewall.Types.StatefulRuleDirection8Amazonka.NetworkFirewall.Types.StatefulRuleGroupOverride9Amazonka.NetworkFirewall.Types.StatefulRuleGroupReference2Amazonka.NetworkFirewall.Types.StatefulRuleOptions3Amazonka.NetworkFirewall.Types.StatefulRuleProtocol%Amazonka.NetworkFirewall.Types.Header+Amazonka.NetworkFirewall.Types.StatefulRule:Amazonka.NetworkFirewall.Types.StatelessRuleGroupReference4Amazonka.NetworkFirewall.Types.StreamExceptionPolicy4Amazonka.NetworkFirewall.Types.StatefulEngineOptions-Amazonka.NetworkFirewall.Types.FirewallPolicy,Amazonka.NetworkFirewall.Types.SubnetMapping(Amazonka.NetworkFirewall.Types.SyncState-Amazonka.NetworkFirewall.Types.FirewallStatus&Amazonka.NetworkFirewall.Types.TCPFlag+Amazonka.NetworkFirewall.Types.TCPFlagField.Amazonka.NetworkFirewall.Types.MatchAttributes-Amazonka.NetworkFirewall.Types.RuleDefinition,Amazonka.NetworkFirewall.Types.StatelessRule=Amazonka.NetworkFirewall.Types.StatelessRulesAndCustomActions"Amazonka.NetworkFirewall.Types.Tag0Amazonka.NetworkFirewall.Types.RuleGroupResponse5Amazonka.NetworkFirewall.Types.FirewallPolicyResponse'Amazonka.NetworkFirewall.Types.Firewall)Amazonka.NetworkFirewall.Types.TargetType.Amazonka.NetworkFirewall.Types.RulesSourceList*Amazonka.NetworkFirewall.Types.RulesSource(Amazonka.NetworkFirewall.Types.RuleGroupAmazonka.NetworkFirewall.Types$Amazonka.NetworkFirewall.TagResource*Amazonka.NetworkFirewall.PutResourcePolicy,Amazonka.NetworkFirewall.ListTagsForResource'Amazonka.NetworkFirewall.ListRuleGroups&Amazonka.NetworkFirewall.ListFirewalls-Amazonka.NetworkFirewall.ListFirewallPolicies,Amazonka.NetworkFirewall.DisassociateSubnets2Amazonka.NetworkFirewall.DescribeRuleGroupMetadata*Amazonka.NetworkFirewall.DescribeRuleGroup/Amazonka.NetworkFirewall.DescribeResourcePolicy5Amazonka.NetworkFirewall.DescribeLoggingConfiguration/Amazonka.NetworkFirewall.DescribeFirewallPolicy)Amazonka.NetworkFirewall.DescribeFirewall(Amazonka.NetworkFirewall.DeleteRuleGroup-Amazonka.NetworkFirewall.DeleteResourcePolicy-Amazonka.NetworkFirewall.DeleteFirewallPolicy'Amazonka.NetworkFirewall.DeleteFirewall(Amazonka.NetworkFirewall.CreateRuleGroup-Amazonka.NetworkFirewall.CreateFirewallPolicy'Amazonka.NetworkFirewall.CreateFirewall)Amazonka.NetworkFirewall.AssociateSubnets0Amazonka.NetworkFirewall.AssociateFirewallPolicy&Amazonka.NetworkFirewall.UntagResource7Amazonka.NetworkFirewall.UpdateFirewallDeleteProtection2Amazonka.NetworkFirewall.UpdateFirewallDescription>Amazonka.NetworkFirewall.UpdateFirewallEncryptionConfiguration-Amazonka.NetworkFirewall.UpdateFirewallPolicy=Amazonka.NetworkFirewall.UpdateFirewallPolicyChangeProtection3Amazonka.NetworkFirewall.UpdateLoggingConfiguration(Amazonka.NetworkFirewall.UpdateRuleGroup5Amazonka.NetworkFirewall.UpdateSubnetChangeProtectionAmazonka.NetworkFirewall.Lens Amazonka.NetworkFirewall.WaitersAmazonka.NetworkFirewallAddressAddress'$sel:addressDefinition:Address'
newAddressaddress_addressDefinition$fToJSONAddress$fNFDataAddress$fHashableAddress$fFromJSONAddress$fEqAddress$fReadAddress$fShowAddress$fGenericAddressAttachmentStatusAttachmentStatus'fromAttachmentStatusAttachmentStatus_SCALINGAttachmentStatus_READYAttachmentStatus_DELETINGAttachmentStatus_CREATING$fShowAttachmentStatus$fReadAttachmentStatus$fEqAttachmentStatus$fOrdAttachmentStatus$fGenericAttachmentStatus$fHashableAttachmentStatus$fNFDataAttachmentStatus$fFromTextAttachmentStatus$fToTextAttachmentStatus$fToByteStringAttachmentStatus$fToLogAttachmentStatus$fToHeaderAttachmentStatus$fToQueryAttachmentStatus$fFromJSONAttachmentStatus$fFromJSONKeyAttachmentStatus$fToJSONAttachmentStatus$fToJSONKeyAttachmentStatus$fFromXMLAttachmentStatus$fToXMLAttachmentStatus
AttachmentAttachment'$sel:endpointId:Attachment'$sel:status:Attachment'$sel:statusMessage:Attachment'$sel:subnetId:Attachment'newAttachmentattachment_endpointIdattachment_statusattachment_statusMessageattachment_subnetId$fNFDataAttachment$fHashableAttachment$fFromJSONAttachment$fEqAttachment$fReadAttachment$fShowAttachment$fGenericAttachmentConfigurationSyncStateConfigurationSyncState'fromConfigurationSyncStateConfigurationSyncState_PENDINGConfigurationSyncState_IN_SYNC+ConfigurationSyncState_CAPACITY_CONSTRAINED$fShowConfigurationSyncState$fReadConfigurationSyncState$fEqConfigurationSyncState$fOrdConfigurationSyncState$fGenericConfigurationSyncState $fHashableConfigurationSyncState$fNFDataConfigurationSyncState $fFromTextConfigurationSyncState$fToTextConfigurationSyncState$$fToByteStringConfigurationSyncState$fToLogConfigurationSyncState $fToHeaderConfigurationSyncState$fToQueryConfigurationSyncState $fFromJSONConfigurationSyncState#$fFromJSONKeyConfigurationSyncState$fToJSONConfigurationSyncState!$fToJSONKeyConfigurationSyncState$fFromXMLConfigurationSyncState$fToXMLConfigurationSyncState	Dimension
Dimension'$sel:value:Dimension'newDimensiondimension_value$fToJSONDimension$fNFDataDimension$fHashableDimension$fFromJSONDimension$fEqDimension$fReadDimension$fShowDimension$fGenericDimensionEncryptionTypeEncryptionType'fromEncryptionTypeEncryptionType_CUSTOMER_KMS EncryptionType_AWS_OWNED_KMS_KEY$fShowEncryptionType$fReadEncryptionType$fEqEncryptionType$fOrdEncryptionType$fGenericEncryptionType$fHashableEncryptionType$fNFDataEncryptionType$fFromTextEncryptionType$fToTextEncryptionType$fToByteStringEncryptionType$fToLogEncryptionType$fToHeaderEncryptionType$fToQueryEncryptionType$fFromJSONEncryptionType$fFromJSONKeyEncryptionType$fToJSONEncryptionType$fToJSONKeyEncryptionType$fFromXMLEncryptionType$fToXMLEncryptionTypeEncryptionConfigurationEncryptionConfiguration'#$sel:keyId:EncryptionConfiguration'#$sel:type':EncryptionConfiguration'newEncryptionConfigurationencryptionConfiguration_keyIdencryptionConfiguration_type$fToJSONEncryptionConfiguration$fNFDataEncryptionConfiguration!$fHashableEncryptionConfiguration!$fFromJSONEncryptionConfiguration$fEqEncryptionConfiguration$fReadEncryptionConfiguration$fShowEncryptionConfiguration $fGenericEncryptionConfigurationFirewallMetadataFirewallMetadata'"$sel:firewallArn:FirewallMetadata'#$sel:firewallName:FirewallMetadata'newFirewallMetadatafirewallMetadata_firewallArnfirewallMetadata_firewallName$fNFDataFirewallMetadata$fHashableFirewallMetadata$fFromJSONFirewallMetadata$fEqFirewallMetadata$fReadFirewallMetadata$fShowFirewallMetadata$fGenericFirewallMetadataFirewallPolicyMetadataFirewallPolicyMetadata' $sel:arn:FirewallPolicyMetadata'!$sel:name:FirewallPolicyMetadata'newFirewallPolicyMetadatafirewallPolicyMetadata_arnfirewallPolicyMetadata_name$fNFDataFirewallPolicyMetadata $fHashableFirewallPolicyMetadata $fFromJSONFirewallPolicyMetadata$fEqFirewallPolicyMetadata$fReadFirewallPolicyMetadata$fShowFirewallPolicyMetadata$fGenericFirewallPolicyMetadataFirewallStatusValueFirewallStatusValue'fromFirewallStatusValueFirewallStatusValue_READY FirewallStatusValue_PROVISIONINGFirewallStatusValue_DELETING$fShowFirewallStatusValue$fReadFirewallStatusValue$fEqFirewallStatusValue$fOrdFirewallStatusValue$fGenericFirewallStatusValue$fHashableFirewallStatusValue$fNFDataFirewallStatusValue$fFromTextFirewallStatusValue$fToTextFirewallStatusValue!$fToByteStringFirewallStatusValue$fToLogFirewallStatusValue$fToHeaderFirewallStatusValue$fToQueryFirewallStatusValue$fFromJSONFirewallStatusValue $fFromJSONKeyFirewallStatusValue$fToJSONFirewallStatusValue$fToJSONKeyFirewallStatusValue$fFromXMLFirewallStatusValue$fToXMLFirewallStatusValueGeneratedRulesTypeGeneratedRulesType'fromGeneratedRulesTypeGeneratedRulesType_DENYLISTGeneratedRulesType_ALLOWLIST$fShowGeneratedRulesType$fReadGeneratedRulesType$fEqGeneratedRulesType$fOrdGeneratedRulesType$fGenericGeneratedRulesType$fHashableGeneratedRulesType$fNFDataGeneratedRulesType$fFromTextGeneratedRulesType$fToTextGeneratedRulesType $fToByteStringGeneratedRulesType$fToLogGeneratedRulesType$fToHeaderGeneratedRulesType$fToQueryGeneratedRulesType$fFromJSONGeneratedRulesType$fFromJSONKeyGeneratedRulesType$fToJSONGeneratedRulesType$fToJSONKeyGeneratedRulesType$fFromXMLGeneratedRulesType$fToXMLGeneratedRulesTypeIPSetIPSet'$sel:definition:IPSet'newIPSetiPSet_definition$fToJSONIPSet$fNFDataIPSet$fHashableIPSet$fFromJSONIPSet	$fEqIPSet$fReadIPSet$fShowIPSet$fGenericIPSetIPSetMetadataIPSetMetadata'%$sel:resolvedCIDRCount:IPSetMetadata'newIPSetMetadataiPSetMetadata_resolvedCIDRCount$fNFDataIPSetMetadata$fHashableIPSetMetadata$fFromJSONIPSetMetadata$fEqIPSetMetadata$fReadIPSetMetadata$fShowIPSetMetadata$fGenericIPSetMetadataCIDRSummaryCIDRSummary'$$sel:availableCIDRCount:CIDRSummary'!$sel:iPSetReferences:CIDRSummary'#$sel:utilizedCIDRCount:CIDRSummary'newCIDRSummarycIDRSummary_availableCIDRCountcIDRSummary_iPSetReferencescIDRSummary_utilizedCIDRCount$fNFDataCIDRSummary$fHashableCIDRSummary$fFromJSONCIDRSummary$fEqCIDRSummary$fReadCIDRSummary$fShowCIDRSummary$fGenericCIDRSummaryCapacityUsageSummaryCapacityUsageSummary' $sel:cIDRs:CapacityUsageSummary'newCapacityUsageSummarycapacityUsageSummary_cIDRs$fNFDataCapacityUsageSummary$fHashableCapacityUsageSummary$fFromJSONCapacityUsageSummary$fEqCapacityUsageSummary$fReadCapacityUsageSummary$fShowCapacityUsageSummary$fGenericCapacityUsageSummaryIPSetReferenceIPSetReference'!$sel:referenceArn:IPSetReference'newIPSetReferenceiPSetReference_referenceArn$fToJSONIPSetReference$fNFDataIPSetReference$fHashableIPSetReference$fFromJSONIPSetReference$fEqIPSetReference$fReadIPSetReference$fShowIPSetReference$fGenericIPSetReferenceLogDestinationTypeLogDestinationType'fromLogDestinationTypeLogDestinationType_S3&LogDestinationType_KinesisDataFirehose!LogDestinationType_CloudWatchLogs$fShowLogDestinationType$fReadLogDestinationType$fEqLogDestinationType$fOrdLogDestinationType$fGenericLogDestinationType$fHashableLogDestinationType$fNFDataLogDestinationType$fFromTextLogDestinationType$fToTextLogDestinationType $fToByteStringLogDestinationType$fToLogLogDestinationType$fToHeaderLogDestinationType$fToQueryLogDestinationType$fFromJSONLogDestinationType$fFromJSONKeyLogDestinationType$fToJSONLogDestinationType$fToJSONKeyLogDestinationType$fFromXMLLogDestinationType$fToXMLLogDestinationTypeLogTypeLogType'fromLogTypeLogType_FLOWLogType_ALERT$fShowLogType$fReadLogType$fEqLogType$fOrdLogType$fGenericLogType$fHashableLogType$fNFDataLogType$fFromTextLogType$fToTextLogType$fToByteStringLogType$fToLogLogType$fToHeaderLogType$fToQueryLogType$fFromJSONLogType$fFromJSONKeyLogType$fToJSONLogType$fToJSONKeyLogType$fFromXMLLogType$fToXMLLogTypeLogDestinationConfigLogDestinationConfig'"$sel:logType:LogDestinationConfig'-$sel:logDestinationType:LogDestinationConfig')$sel:logDestination:LogDestinationConfig'newLogDestinationConfiglogDestinationConfig_logType'logDestinationConfig_logDestinationType#logDestinationConfig_logDestination$fToJSONLogDestinationConfig$fNFDataLogDestinationConfig$fHashableLogDestinationConfig$fFromJSONLogDestinationConfig$fEqLogDestinationConfig$fReadLogDestinationConfig$fShowLogDestinationConfig$fGenericLogDestinationConfigLoggingConfigurationLoggingConfiguration'0$sel:logDestinationConfigs:LoggingConfiguration'newLoggingConfiguration*loggingConfiguration_logDestinationConfigs$fToJSONLoggingConfiguration$fNFDataLoggingConfiguration$fHashableLoggingConfiguration$fFromJSONLoggingConfiguration$fEqLoggingConfiguration$fReadLoggingConfiguration$fShowLoggingConfiguration$fGenericLoggingConfigurationOverrideActionOverrideAction'fromOverrideActionOverrideAction_DROP_TO_ALERT$fShowOverrideAction$fReadOverrideAction$fEqOverrideAction$fOrdOverrideAction$fGenericOverrideAction$fHashableOverrideAction$fNFDataOverrideAction$fFromTextOverrideAction$fToTextOverrideAction$fToByteStringOverrideAction$fToLogOverrideAction$fToHeaderOverrideAction$fToQueryOverrideAction$fFromJSONOverrideAction$fFromJSONKeyOverrideAction$fToJSONOverrideAction$fToJSONKeyOverrideAction$fFromXMLOverrideAction$fToXMLOverrideActionPerObjectSyncStatusPerObjectSyncStatus'fromPerObjectSyncStatusPerObjectSyncStatus_PENDINGPerObjectSyncStatus_IN_SYNC(PerObjectSyncStatus_CAPACITY_CONSTRAINED$fShowPerObjectSyncStatus$fReadPerObjectSyncStatus$fEqPerObjectSyncStatus$fOrdPerObjectSyncStatus$fGenericPerObjectSyncStatus$fHashablePerObjectSyncStatus$fNFDataPerObjectSyncStatus$fFromTextPerObjectSyncStatus$fToTextPerObjectSyncStatus!$fToByteStringPerObjectSyncStatus$fToLogPerObjectSyncStatus$fToHeaderPerObjectSyncStatus$fToQueryPerObjectSyncStatus$fFromJSONPerObjectSyncStatus $fFromJSONKeyPerObjectSyncStatus$fToJSONPerObjectSyncStatus$fToJSONKeyPerObjectSyncStatus$fFromXMLPerObjectSyncStatus$fToXMLPerObjectSyncStatusPerObjectStatusPerObjectStatus' $sel:syncStatus:PerObjectStatus'!$sel:updateToken:PerObjectStatus'newPerObjectStatusperObjectStatus_syncStatusperObjectStatus_updateToken$fNFDataPerObjectStatus$fHashablePerObjectStatus$fFromJSONPerObjectStatus$fEqPerObjectStatus$fReadPerObjectStatus$fShowPerObjectStatus$fGenericPerObjectStatus	PortRange
PortRange'$sel:fromPort:PortRange'$sel:toPort:PortRange'newPortRangeportRange_fromPortportRange_toPort$fToJSONPortRange$fNFDataPortRange$fHashablePortRange$fFromJSONPortRange$fEqPortRange$fReadPortRange$fShowPortRange$fGenericPortRangePortSetPortSet'$sel:definition:PortSet'
newPortSetportSet_definition$fToJSONPortSet$fNFDataPortSet$fHashablePortSet$fFromJSONPortSet$fEqPortSet$fReadPortSet$fShowPortSet$fGenericPortSetPublishMetricActionPublishMetricAction'$$sel:dimensions:PublishMetricAction'newPublishMetricActionpublishMetricAction_dimensions$fToJSONPublishMetricAction$fNFDataPublishMetricAction$fHashablePublishMetricAction$fFromJSONPublishMetricAction$fEqPublishMetricAction$fReadPublishMetricAction$fShowPublishMetricAction$fGenericPublishMetricActionActionDefinitionActionDefinition'*$sel:publishMetricAction:ActionDefinition'newActionDefinition$actionDefinition_publishMetricAction$fToJSONActionDefinition$fNFDataActionDefinition$fHashableActionDefinition$fFromJSONActionDefinition$fEqActionDefinition$fReadActionDefinition$fShowActionDefinition$fGenericActionDefinitionCustomActionCustomAction'$sel:actionName:CustomAction'#$sel:actionDefinition:CustomAction'newCustomActioncustomAction_actionNamecustomAction_actionDefinition$fToJSONCustomAction$fNFDataCustomAction$fHashableCustomAction$fFromJSONCustomAction$fEqCustomAction$fReadCustomAction$fShowCustomAction$fGenericCustomActionReferenceSetsReferenceSets'#$sel:iPSetReferences:ReferenceSets'newReferenceSetsreferenceSets_iPSetReferences$fToJSONReferenceSets$fNFDataReferenceSets$fHashableReferenceSets$fFromJSONReferenceSets$fEqReferenceSets$fReadReferenceSets$fShowReferenceSets$fGenericReferenceSetsResourceManagedStatusResourceManagedStatus'fromResourceManagedStatusResourceManagedStatus_MANAGEDResourceManagedStatus_ACCOUNT$fShowResourceManagedStatus$fReadResourceManagedStatus$fEqResourceManagedStatus$fOrdResourceManagedStatus$fGenericResourceManagedStatus$fHashableResourceManagedStatus$fNFDataResourceManagedStatus$fFromTextResourceManagedStatus$fToTextResourceManagedStatus#$fToByteStringResourceManagedStatus$fToLogResourceManagedStatus$fToHeaderResourceManagedStatus$fToQueryResourceManagedStatus$fFromJSONResourceManagedStatus"$fFromJSONKeyResourceManagedStatus$fToJSONResourceManagedStatus $fToJSONKeyResourceManagedStatus$fFromXMLResourceManagedStatus$fToXMLResourceManagedStatusResourceManagedTypeResourceManagedType'fromResourceManagedType1ResourceManagedType_AWS_MANAGED_THREAT_SIGNATURES,ResourceManagedType_AWS_MANAGED_DOMAIN_LISTS$fShowResourceManagedType$fReadResourceManagedType$fEqResourceManagedType$fOrdResourceManagedType$fGenericResourceManagedType$fHashableResourceManagedType$fNFDataResourceManagedType$fFromTextResourceManagedType$fToTextResourceManagedType!$fToByteStringResourceManagedType$fToLogResourceManagedType$fToHeaderResourceManagedType$fToQueryResourceManagedType$fFromJSONResourceManagedType $fFromJSONKeyResourceManagedType$fToJSONResourceManagedType$fToJSONKeyResourceManagedType$fFromXMLResourceManagedType$fToXMLResourceManagedTypeResourceStatusResourceStatus'fromResourceStatusResourceStatus_DELETINGResourceStatus_ACTIVE$fShowResourceStatus$fReadResourceStatus$fEqResourceStatus$fOrdResourceStatus$fGenericResourceStatus$fHashableResourceStatus$fNFDataResourceStatus$fFromTextResourceStatus$fToTextResourceStatus$fToByteStringResourceStatus$fToLogResourceStatus$fToHeaderResourceStatus$fToQueryResourceStatus$fFromJSONResourceStatus$fFromJSONKeyResourceStatus$fToJSONResourceStatus$fToJSONKeyResourceStatus$fFromXMLResourceStatus$fToXMLResourceStatusRuleGroupMetadataRuleGroupMetadata'$sel:arn:RuleGroupMetadata'$sel:name:RuleGroupMetadata'newRuleGroupMetadataruleGroupMetadata_arnruleGroupMetadata_name$fNFDataRuleGroupMetadata$fHashableRuleGroupMetadata$fFromJSONRuleGroupMetadata$fEqRuleGroupMetadata$fReadRuleGroupMetadata$fShowRuleGroupMetadata$fGenericRuleGroupMetadataRuleGroupTypeRuleGroupType'fromRuleGroupTypeRuleGroupType_STATELESSRuleGroupType_STATEFUL$fShowRuleGroupType$fReadRuleGroupType$fEqRuleGroupType$fOrdRuleGroupType$fGenericRuleGroupType$fHashableRuleGroupType$fNFDataRuleGroupType$fFromTextRuleGroupType$fToTextRuleGroupType$fToByteStringRuleGroupType$fToLogRuleGroupType$fToHeaderRuleGroupType$fToQueryRuleGroupType$fFromJSONRuleGroupType$fFromJSONKeyRuleGroupType$fToJSONRuleGroupType$fToJSONKeyRuleGroupType$fFromXMLRuleGroupType$fToXMLRuleGroupType
RuleOptionRuleOption'$sel:settings:RuleOption'$sel:keyword:RuleOption'newRuleOptionruleOption_settingsruleOption_keyword$fToJSONRuleOption$fNFDataRuleOption$fHashableRuleOption$fFromJSONRuleOption$fEqRuleOption$fReadRuleOption$fShowRuleOption$fGenericRuleOption	RuleOrder
RuleOrder'fromRuleOrderRuleOrder_STRICT_ORDERRuleOrder_DEFAULT_ACTION_ORDER$fShowRuleOrder$fReadRuleOrder$fEqRuleOrder$fOrdRuleOrder$fGenericRuleOrder$fHashableRuleOrder$fNFDataRuleOrder$fFromTextRuleOrder$fToTextRuleOrder$fToByteStringRuleOrder$fToLogRuleOrder$fToHeaderRuleOrder$fToQueryRuleOrder$fFromJSONRuleOrder$fFromJSONKeyRuleOrder$fToJSONRuleOrder$fToJSONKeyRuleOrder$fFromXMLRuleOrder$fToXMLRuleOrderRuleVariablesRuleVariables'$sel:iPSets:RuleVariables'$sel:portSets:RuleVariables'newRuleVariablesruleVariables_iPSetsruleVariables_portSets$fToJSONRuleVariables$fNFDataRuleVariables$fHashableRuleVariables$fFromJSONRuleVariables$fEqRuleVariables$fReadRuleVariables$fShowRuleVariables$fGenericRuleVariablesSourceMetadataSourceMetadata'$sel:sourceArn:SourceMetadata'&$sel:sourceUpdateToken:SourceMetadata'newSourceMetadatasourceMetadata_sourceArn sourceMetadata_sourceUpdateToken$fToJSONSourceMetadata$fNFDataSourceMetadata$fHashableSourceMetadata$fFromJSONSourceMetadata$fEqSourceMetadata$fReadSourceMetadata$fShowSourceMetadata$fGenericSourceMetadataStatefulActionStatefulAction'fromStatefulActionStatefulAction_PASSStatefulAction_DROPStatefulAction_ALERT$fShowStatefulAction$fReadStatefulAction$fEqStatefulAction$fOrdStatefulAction$fGenericStatefulAction$fHashableStatefulAction$fNFDataStatefulAction$fFromTextStatefulAction$fToTextStatefulAction$fToByteStringStatefulAction$fToLogStatefulAction$fToHeaderStatefulAction$fToQueryStatefulAction$fFromJSONStatefulAction$fFromJSONKeyStatefulAction$fToJSONStatefulAction$fToJSONKeyStatefulAction$fFromXMLStatefulAction$fToXMLStatefulActionStatefulRuleDirectionStatefulRuleDirection'fromStatefulRuleDirectionStatefulRuleDirection_FORWARDStatefulRuleDirection_ANY$fShowStatefulRuleDirection$fReadStatefulRuleDirection$fEqStatefulRuleDirection$fOrdStatefulRuleDirection$fGenericStatefulRuleDirection$fHashableStatefulRuleDirection$fNFDataStatefulRuleDirection$fFromTextStatefulRuleDirection$fToTextStatefulRuleDirection#$fToByteStringStatefulRuleDirection$fToLogStatefulRuleDirection$fToHeaderStatefulRuleDirection$fToQueryStatefulRuleDirection$fFromJSONStatefulRuleDirection"$fFromJSONKeyStatefulRuleDirection$fToJSONStatefulRuleDirection $fToJSONKeyStatefulRuleDirection$fFromXMLStatefulRuleDirection$fToXMLStatefulRuleDirectionStatefulRuleGroupOverrideStatefulRuleGroupOverride'&$sel:action:StatefulRuleGroupOverride'newStatefulRuleGroupOverride statefulRuleGroupOverride_action!$fToJSONStatefulRuleGroupOverride!$fNFDataStatefulRuleGroupOverride#$fHashableStatefulRuleGroupOverride#$fFromJSONStatefulRuleGroupOverride$fEqStatefulRuleGroupOverride$fReadStatefulRuleGroupOverride$fShowStatefulRuleGroupOverride"$fGenericStatefulRuleGroupOverrideStatefulRuleGroupReferenceStatefulRuleGroupReference')$sel:override:StatefulRuleGroupReference')$sel:priority:StatefulRuleGroupReference',$sel:resourceArn:StatefulRuleGroupReference'newStatefulRuleGroupReference#statefulRuleGroupReference_override#statefulRuleGroupReference_priority&statefulRuleGroupReference_resourceArn"$fToJSONStatefulRuleGroupReference"$fNFDataStatefulRuleGroupReference$$fHashableStatefulRuleGroupReference$$fFromJSONStatefulRuleGroupReference$fEqStatefulRuleGroupReference $fReadStatefulRuleGroupReference $fShowStatefulRuleGroupReference#$fGenericStatefulRuleGroupReferenceStatefulRuleOptionsStatefulRuleOptions'#$sel:ruleOrder:StatefulRuleOptions'newStatefulRuleOptionsstatefulRuleOptions_ruleOrder$fToJSONStatefulRuleOptions$fNFDataStatefulRuleOptions$fHashableStatefulRuleOptions$fFromJSONStatefulRuleOptions$fEqStatefulRuleOptions$fReadStatefulRuleOptions$fShowStatefulRuleOptions$fGenericStatefulRuleOptionsStatefulRuleProtocolStatefulRuleProtocol'fromStatefulRuleProtocolStatefulRuleProtocol_UDPStatefulRuleProtocol_TLSStatefulRuleProtocol_TFTPStatefulRuleProtocol_TCPStatefulRuleProtocol_SSHStatefulRuleProtocol_SMTPStatefulRuleProtocol_SMBStatefulRuleProtocol_NTPStatefulRuleProtocol_MSNStatefulRuleProtocol_KRB5StatefulRuleProtocol_IPStatefulRuleProtocol_IMAPStatefulRuleProtocol_IKEV2StatefulRuleProtocol_ICMPStatefulRuleProtocol_HTTPStatefulRuleProtocol_FTPStatefulRuleProtocol_DNSStatefulRuleProtocol_DHCPStatefulRuleProtocol_DCERPC$fShowStatefulRuleProtocol$fReadStatefulRuleProtocol$fEqStatefulRuleProtocol$fOrdStatefulRuleProtocol$fGenericStatefulRuleProtocol$fHashableStatefulRuleProtocol$fNFDataStatefulRuleProtocol$fFromTextStatefulRuleProtocol$fToTextStatefulRuleProtocol"$fToByteStringStatefulRuleProtocol$fToLogStatefulRuleProtocol$fToHeaderStatefulRuleProtocol$fToQueryStatefulRuleProtocol$fFromJSONStatefulRuleProtocol!$fFromJSONKeyStatefulRuleProtocol$fToJSONStatefulRuleProtocol$fToJSONKeyStatefulRuleProtocol$fFromXMLStatefulRuleProtocol$fToXMLStatefulRuleProtocolHeaderHeader'$sel:protocol:Header'$sel:source:Header'$sel:sourcePort:Header'$sel:direction:Header'$sel:destination:Header'$sel:destinationPort:Header'	newHeaderheader_protocolheader_sourceheader_sourcePortheader_directionheader_destinationheader_destinationPort$fToJSONHeader$fNFDataHeader$fHashableHeader$fFromJSONHeader
$fEqHeader$fReadHeader$fShowHeader$fGenericHeaderStatefulRuleStatefulRule'$sel:action:StatefulRule'$sel:header:StatefulRule'$sel:ruleOptions:StatefulRule'newStatefulRulestatefulRule_actionstatefulRule_headerstatefulRule_ruleOptions$fToJSONStatefulRule$fNFDataStatefulRule$fHashableStatefulRule$fFromJSONStatefulRule$fEqStatefulRule$fReadStatefulRule$fShowStatefulRule$fGenericStatefulRuleStatelessRuleGroupReferenceStatelessRuleGroupReference'-$sel:resourceArn:StatelessRuleGroupReference'*$sel:priority:StatelessRuleGroupReference'newStatelessRuleGroupReference'statelessRuleGroupReference_resourceArn$statelessRuleGroupReference_priority#$fToJSONStatelessRuleGroupReference#$fNFDataStatelessRuleGroupReference%$fHashableStatelessRuleGroupReference%$fFromJSONStatelessRuleGroupReference$fEqStatelessRuleGroupReference!$fReadStatelessRuleGroupReference!$fShowStatelessRuleGroupReference$$fGenericStatelessRuleGroupReferenceStreamExceptionPolicyStreamExceptionPolicy'fromStreamExceptionPolicyStreamExceptionPolicy_DROPStreamExceptionPolicy_CONTINUE$fShowStreamExceptionPolicy$fReadStreamExceptionPolicy$fEqStreamExceptionPolicy$fOrdStreamExceptionPolicy$fGenericStreamExceptionPolicy$fHashableStreamExceptionPolicy$fNFDataStreamExceptionPolicy$fFromTextStreamExceptionPolicy$fToTextStreamExceptionPolicy#$fToByteStringStreamExceptionPolicy$fToLogStreamExceptionPolicy$fToHeaderStreamExceptionPolicy$fToQueryStreamExceptionPolicy$fFromJSONStreamExceptionPolicy"$fFromJSONKeyStreamExceptionPolicy$fToJSONStreamExceptionPolicy $fToJSONKeyStreamExceptionPolicy$fFromXMLStreamExceptionPolicy$fToXMLStreamExceptionPolicyStatefulEngineOptionsStatefulEngineOptions'%$sel:ruleOrder:StatefulEngineOptions'1$sel:streamExceptionPolicy:StatefulEngineOptions'newStatefulEngineOptionsstatefulEngineOptions_ruleOrder+statefulEngineOptions_streamExceptionPolicy$fToJSONStatefulEngineOptions$fNFDataStatefulEngineOptions$fHashableStatefulEngineOptions$fFromJSONStatefulEngineOptions$fEqStatefulEngineOptions$fReadStatefulEngineOptions$fShowStatefulEngineOptions$fGenericStatefulEngineOptionsFirewallPolicyFirewallPolicy'+$sel:statefulDefaultActions:FirewallPolicy'*$sel:statefulEngineOptions:FirewallPolicy'0$sel:statefulRuleGroupReferences:FirewallPolicy'+$sel:statelessCustomActions:FirewallPolicy'1$sel:statelessRuleGroupReferences:FirewallPolicy',$sel:statelessDefaultActions:FirewallPolicy'4$sel:statelessFragmentDefaultActions:FirewallPolicy'newFirewallPolicy%firewallPolicy_statefulDefaultActions$firewallPolicy_statefulEngineOptions*firewallPolicy_statefulRuleGroupReferences%firewallPolicy_statelessCustomActions+firewallPolicy_statelessRuleGroupReferences&firewallPolicy_statelessDefaultActions.firewallPolicy_statelessFragmentDefaultActions$fToJSONFirewallPolicy$fNFDataFirewallPolicy$fHashableFirewallPolicy$fFromJSONFirewallPolicy$fEqFirewallPolicy$fReadFirewallPolicy$fShowFirewallPolicy$fGenericFirewallPolicySubnetMappingSubnetMapping'$sel:subnetId:SubnetMapping'newSubnetMappingsubnetMapping_subnetId$fToJSONSubnetMapping$fNFDataSubnetMapping$fHashableSubnetMapping$fFromJSONSubnetMapping$fEqSubnetMapping$fReadSubnetMapping$fShowSubnetMapping$fGenericSubnetMapping	SyncState
SyncState'$sel:attachment:SyncState'$sel:config:SyncState'newSyncStatesyncState_attachmentsyncState_config$fNFDataSyncState$fHashableSyncState$fFromJSONSyncState$fEqSyncState$fReadSyncState$fShowSyncState$fGenericSyncStateFirewallStatusFirewallStatus')$sel:capacityUsageSummary:FirewallStatus'$sel:syncStates:FirewallStatus'$sel:status:FirewallStatus'2$sel:configurationSyncStateSummary:FirewallStatus'newFirewallStatus#firewallStatus_capacityUsageSummaryfirewallStatus_syncStatesfirewallStatus_status,firewallStatus_configurationSyncStateSummary$fNFDataFirewallStatus$fHashableFirewallStatus$fFromJSONFirewallStatus$fEqFirewallStatus$fReadFirewallStatus$fShowFirewallStatus$fGenericFirewallStatusTCPFlagTCPFlag'fromTCPFlagTCPFlag_URGTCPFlag_SYNTCPFlag_RSTTCPFlag_PSHTCPFlag_FINTCPFlag_ECETCPFlag_CWRTCPFlag_ACK$fShowTCPFlag$fReadTCPFlag$fEqTCPFlag$fOrdTCPFlag$fGenericTCPFlag$fHashableTCPFlag$fNFDataTCPFlag$fFromTextTCPFlag$fToTextTCPFlag$fToByteStringTCPFlag$fToLogTCPFlag$fToHeaderTCPFlag$fToQueryTCPFlag$fFromJSONTCPFlag$fFromJSONKeyTCPFlag$fToJSONTCPFlag$fToJSONKeyTCPFlag$fFromXMLTCPFlag$fToXMLTCPFlagTCPFlagFieldTCPFlagField'$sel:masks:TCPFlagField'$sel:flags:TCPFlagField'newTCPFlagFieldtCPFlagField_maskstCPFlagField_flags$fToJSONTCPFlagField$fNFDataTCPFlagField$fHashableTCPFlagField$fFromJSONTCPFlagField$fEqTCPFlagField$fReadTCPFlagField$fShowTCPFlagField$fGenericTCPFlagFieldMatchAttributesMatchAttributes'&$sel:destinationPorts:MatchAttributes'"$sel:destinations:MatchAttributes'$sel:protocols:MatchAttributes'!$sel:sourcePorts:MatchAttributes'$sel:sources:MatchAttributes'$sel:tCPFlags:MatchAttributes'newMatchAttributes matchAttributes_destinationPortsmatchAttributes_destinationsmatchAttributes_protocolsmatchAttributes_sourcePortsmatchAttributes_sourcesmatchAttributes_tCPFlags$fToJSONMatchAttributes$fNFDataMatchAttributes$fHashableMatchAttributes$fFromJSONMatchAttributes$fEqMatchAttributes$fReadMatchAttributes$fShowMatchAttributes$fGenericMatchAttributesRuleDefinitionRuleDefinition'$$sel:matchAttributes:RuleDefinition'$sel:actions:RuleDefinition'newRuleDefinitionruleDefinition_matchAttributesruleDefinition_actions$fToJSONRuleDefinition$fNFDataRuleDefinition$fHashableRuleDefinition$fFromJSONRuleDefinition$fEqRuleDefinition$fReadRuleDefinition$fShowRuleDefinition$fGenericRuleDefinitionStatelessRuleStatelessRule'"$sel:ruleDefinition:StatelessRule'$sel:priority:StatelessRule'newStatelessRulestatelessRule_ruleDefinitionstatelessRule_priority$fToJSONStatelessRule$fNFDataStatelessRule$fHashableStatelessRule$fFromJSONStatelessRule$fEqStatelessRule$fReadStatelessRule$fShowStatelessRule$fGenericStatelessRuleStatelessRulesAndCustomActionsStatelessRulesAndCustomActions'2$sel:customActions:StatelessRulesAndCustomActions'3$sel:statelessRules:StatelessRulesAndCustomActions'!newStatelessRulesAndCustomActions,statelessRulesAndCustomActions_customActions-statelessRulesAndCustomActions_statelessRules&$fToJSONStatelessRulesAndCustomActions&$fNFDataStatelessRulesAndCustomActions($fHashableStatelessRulesAndCustomActions($fFromJSONStatelessRulesAndCustomActions"$fEqStatelessRulesAndCustomActions$$fReadStatelessRulesAndCustomActions$$fShowStatelessRulesAndCustomActions'$fGenericStatelessRulesAndCustomActionsTagTag'$sel:key:Tag'$sel:value:Tag'newTagtag_key	tag_value$fToJSONTag$fNFDataTag$fHashableTag$fFromJSONTag$fEqTag	$fReadTag	$fShowTag$fGenericTagRuleGroupResponseRuleGroupResponse' $sel:capacity:RuleGroupResponse'($sel:consumedCapacity:RuleGroupResponse'#$sel:description:RuleGroupResponse'/$sel:encryptionConfiguration:RuleGroupResponse'($sel:lastModifiedTime:RuleGroupResponse',$sel:numberOfAssociations:RuleGroupResponse''$sel:ruleGroupStatus:RuleGroupResponse' $sel:snsTopic:RuleGroupResponse'&$sel:sourceMetadata:RuleGroupResponse'$sel:tags:RuleGroupResponse'$sel:type':RuleGroupResponse'$$sel:ruleGroupArn:RuleGroupResponse'%$sel:ruleGroupName:RuleGroupResponse'#$sel:ruleGroupId:RuleGroupResponse'newRuleGroupResponseruleGroupResponse_capacity"ruleGroupResponse_consumedCapacityruleGroupResponse_description)ruleGroupResponse_encryptionConfiguration"ruleGroupResponse_lastModifiedTime&ruleGroupResponse_numberOfAssociations!ruleGroupResponse_ruleGroupStatusruleGroupResponse_snsTopic ruleGroupResponse_sourceMetadataruleGroupResponse_tagsruleGroupResponse_typeruleGroupResponse_ruleGroupArnruleGroupResponse_ruleGroupNameruleGroupResponse_ruleGroupId$fNFDataRuleGroupResponse$fHashableRuleGroupResponse$fFromJSONRuleGroupResponse$fEqRuleGroupResponse$fReadRuleGroupResponse$fShowRuleGroupResponse$fGenericRuleGroupResponseFirewallPolicyResponseFirewallPolicyResponse'9$sel:consumedStatefulRuleCapacity:FirewallPolicyResponse':$sel:consumedStatelessRuleCapacity:FirewallPolicyResponse'($sel:description:FirewallPolicyResponse'4$sel:encryptionConfiguration:FirewallPolicyResponse'1$sel:firewallPolicyStatus:FirewallPolicyResponse'-$sel:lastModifiedTime:FirewallPolicyResponse'1$sel:numberOfAssociations:FirewallPolicyResponse'!$sel:tags:FirewallPolicyResponse'/$sel:firewallPolicyName:FirewallPolicyResponse'.$sel:firewallPolicyArn:FirewallPolicyResponse'-$sel:firewallPolicyId:FirewallPolicyResponse'newFirewallPolicyResponse3firewallPolicyResponse_consumedStatefulRuleCapacity4firewallPolicyResponse_consumedStatelessRuleCapacity"firewallPolicyResponse_description.firewallPolicyResponse_encryptionConfiguration+firewallPolicyResponse_firewallPolicyStatus'firewallPolicyResponse_lastModifiedTime+firewallPolicyResponse_numberOfAssociationsfirewallPolicyResponse_tags)firewallPolicyResponse_firewallPolicyName(firewallPolicyResponse_firewallPolicyArn'firewallPolicyResponse_firewallPolicyId$fNFDataFirewallPolicyResponse $fHashableFirewallPolicyResponse $fFromJSONFirewallPolicyResponse$fEqFirewallPolicyResponse$fReadFirewallPolicyResponse$fShowFirewallPolicyResponse$fGenericFirewallPolicyResponseFirewall	Firewall'$sel:deleteProtection:Firewall'$sel:description:Firewall'&$sel:encryptionConfiguration:Firewall'$sel:firewallArn:Firewall'$sel:firewallName:Firewall'-$sel:firewallPolicyChangeProtection:Firewall'%$sel:subnetChangeProtection:Firewall'$sel:tags:Firewall' $sel:firewallPolicyArn:Firewall'$sel:vpcId:Firewall'$sel:subnetMappings:Firewall'$sel:firewallId:Firewall'newFirewallfirewall_deleteProtectionfirewall_description firewall_encryptionConfigurationfirewall_firewallArnfirewall_firewallName'firewall_firewallPolicyChangeProtectionfirewall_subnetChangeProtectionfirewall_tagsfirewall_firewallPolicyArnfirewall_vpcIdfirewall_subnetMappingsfirewall_firewallId$fNFDataFirewall$fHashableFirewall$fFromJSONFirewall$fEqFirewall$fReadFirewall$fShowFirewall$fGenericFirewall
TargetTypeTargetType'fromTargetTypeTargetType_TLS_SNITargetType_HTTP_HOST$fShowTargetType$fReadTargetType$fEqTargetType$fOrdTargetType$fGenericTargetType$fHashableTargetType$fNFDataTargetType$fFromTextTargetType$fToTextTargetType$fToByteStringTargetType$fToLogTargetType$fToHeaderTargetType$fToQueryTargetType$fFromJSONTargetType$fFromJSONKeyTargetType$fToJSONTargetType$fToJSONKeyTargetType$fFromXMLTargetType$fToXMLTargetTypeRulesSourceListRulesSourceList'$sel:targets:RulesSourceList'!$sel:targetTypes:RulesSourceList'($sel:generatedRulesType:RulesSourceList'newRulesSourceListrulesSourceList_targetsrulesSourceList_targetTypes"rulesSourceList_generatedRulesType$fToJSONRulesSourceList$fNFDataRulesSourceList$fHashableRulesSourceList$fFromJSONRulesSourceList$fEqRulesSourceList$fReadRulesSourceList$fShowRulesSourceList$fGenericRulesSourceListRulesSourceRulesSource'!$sel:rulesSourceList:RulesSource'$sel:rulesString:RulesSource'$sel:statefulRules:RulesSource'0$sel:statelessRulesAndCustomActions:RulesSource'newRulesSourcerulesSource_rulesSourceListrulesSource_rulesStringrulesSource_statefulRules*rulesSource_statelessRulesAndCustomActions$fToJSONRulesSource$fNFDataRulesSource$fHashableRulesSource$fFromJSONRulesSource$fEqRulesSource$fReadRulesSource$fShowRulesSource$fGenericRulesSource	RuleGroup
RuleGroup'$sel:referenceSets:RuleGroup'$sel:ruleVariables:RuleGroup'#$sel:statefulRuleOptions:RuleGroup'$sel:rulesSource:RuleGroup'newRuleGroupruleGroup_referenceSetsruleGroup_ruleVariablesruleGroup_statefulRuleOptionsruleGroup_rulesSource$fToJSONRuleGroup$fNFDataRuleGroup$fHashableRuleGroup$fFromJSONRuleGroup$fEqRuleGroup$fReadRuleGroup$fShowRuleGroup$fGenericRuleGroupdefaultService_InsufficientCapacityException_InternalServerError_InvalidOperationException_InvalidRequestException_InvalidResourcePolicyException_InvalidTokenException_LimitExceededException"_LogDestinationPermissionException_ResourceNotFoundException_ResourceOwnerCheckException_ThrottlingException_UnsupportedOperationExceptionTagResourceResponseTagResourceResponse'$$sel:httpStatus:TagResourceResponse'TagResourceTagResource'$sel:resourceArn:TagResource'$sel:tags:TagResource'newTagResourcetagResource_resourceArntagResource_tagsnewTagResourceResponsetagResourceResponse_httpStatus$fToQueryTagResource$fToPathTagResource$fToJSONTagResource$fToHeadersTagResource$fNFDataTagResource$fHashableTagResource$fNFDataTagResourceResponse$fAWSRequestTagResource$fEqTagResourceResponse$fReadTagResourceResponse$fShowTagResourceResponse$fGenericTagResourceResponse$fEqTagResource$fReadTagResource$fShowTagResource$fGenericTagResourcePutResourcePolicyResponsePutResourcePolicyResponse'*$sel:httpStatus:PutResourcePolicyResponse'PutResourcePolicyPutResourcePolicy'#$sel:resourceArn:PutResourcePolicy'$sel:policy:PutResourcePolicy'newPutResourcePolicyputResourcePolicy_resourceArnputResourcePolicy_policynewPutResourcePolicyResponse$putResourcePolicyResponse_httpStatus$fToQueryPutResourcePolicy$fToPathPutResourcePolicy$fToJSONPutResourcePolicy$fToHeadersPutResourcePolicy$fNFDataPutResourcePolicy$fHashablePutResourcePolicy!$fNFDataPutResourcePolicyResponse$fAWSRequestPutResourcePolicy$fEqPutResourcePolicyResponse$fReadPutResourcePolicyResponse$fShowPutResourcePolicyResponse"$fGenericPutResourcePolicyResponse$fEqPutResourcePolicy$fReadPutResourcePolicy$fShowPutResourcePolicy$fGenericPutResourcePolicyListTagsForResourceResponseListTagsForResourceResponse'+$sel:nextToken:ListTagsForResourceResponse'&$sel:tags:ListTagsForResourceResponse',$sel:httpStatus:ListTagsForResourceResponse'ListTagsForResourceListTagsForResource'$$sel:maxResults:ListTagsForResource'#$sel:nextToken:ListTagsForResource'%$sel:resourceArn:ListTagsForResource'newListTagsForResourcelistTagsForResource_maxResultslistTagsForResource_nextTokenlistTagsForResource_resourceArnnewListTagsForResourceResponse%listTagsForResourceResponse_nextToken listTagsForResourceResponse_tags&listTagsForResourceResponse_httpStatus$fToQueryListTagsForResource$fToPathListTagsForResource$fToJSONListTagsForResource$fToHeadersListTagsForResource$fNFDataListTagsForResource$fHashableListTagsForResource$fAWSPagerListTagsForResource#$fNFDataListTagsForResourceResponse$fAWSRequestListTagsForResource$fEqListTagsForResourceResponse!$fReadListTagsForResourceResponse!$fShowListTagsForResourceResponse$$fGenericListTagsForResourceResponse$fEqListTagsForResource$fReadListTagsForResource$fShowListTagsForResource$fGenericListTagsForResourceListRuleGroupsResponseListRuleGroupsResponse'&$sel:nextToken:ListRuleGroupsResponse''$sel:ruleGroups:ListRuleGroupsResponse''$sel:httpStatus:ListRuleGroupsResponse'ListRuleGroupsListRuleGroups' $sel:managedType:ListRuleGroups'$sel:maxResults:ListRuleGroups'$sel:nextToken:ListRuleGroups'$sel:scope:ListRuleGroups'$sel:type':ListRuleGroups'newListRuleGroupslistRuleGroups_managedTypelistRuleGroups_maxResultslistRuleGroups_nextTokenlistRuleGroups_scopelistRuleGroups_typenewListRuleGroupsResponse listRuleGroupsResponse_nextToken!listRuleGroupsResponse_ruleGroups!listRuleGroupsResponse_httpStatus$fToQueryListRuleGroups$fToPathListRuleGroups$fToJSONListRuleGroups$fToHeadersListRuleGroups$fNFDataListRuleGroups$fHashableListRuleGroups$fAWSPagerListRuleGroups$fNFDataListRuleGroupsResponse$fAWSRequestListRuleGroups$fEqListRuleGroupsResponse$fReadListRuleGroupsResponse$fShowListRuleGroupsResponse$fGenericListRuleGroupsResponse$fEqListRuleGroups$fReadListRuleGroups$fShowListRuleGroups$fGenericListRuleGroupsListFirewallsResponseListFirewallsResponse'%$sel:firewalls:ListFirewallsResponse'%$sel:nextToken:ListFirewallsResponse'&$sel:httpStatus:ListFirewallsResponse'ListFirewallsListFirewalls'$sel:maxResults:ListFirewalls'$sel:nextToken:ListFirewalls'$sel:vpcIds:ListFirewalls'newListFirewallslistFirewalls_maxResultslistFirewalls_nextTokenlistFirewalls_vpcIdsnewListFirewallsResponselistFirewallsResponse_firewallslistFirewallsResponse_nextToken listFirewallsResponse_httpStatus$fToQueryListFirewalls$fToPathListFirewalls$fToJSONListFirewalls$fToHeadersListFirewalls$fNFDataListFirewalls$fHashableListFirewalls$fAWSPagerListFirewalls$fNFDataListFirewallsResponse$fAWSRequestListFirewalls$fEqListFirewallsResponse$fReadListFirewallsResponse$fShowListFirewallsResponse$fGenericListFirewallsResponse$fEqListFirewalls$fReadListFirewalls$fShowListFirewalls$fGenericListFirewallsListFirewallPoliciesResponseListFirewallPoliciesResponse'3$sel:firewallPolicies:ListFirewallPoliciesResponse',$sel:nextToken:ListFirewallPoliciesResponse'-$sel:httpStatus:ListFirewallPoliciesResponse'ListFirewallPoliciesListFirewallPolicies'%$sel:maxResults:ListFirewallPolicies'$$sel:nextToken:ListFirewallPolicies'newListFirewallPolicieslistFirewallPolicies_maxResultslistFirewallPolicies_nextTokennewListFirewallPoliciesResponse-listFirewallPoliciesResponse_firewallPolicies&listFirewallPoliciesResponse_nextToken'listFirewallPoliciesResponse_httpStatus$fToQueryListFirewallPolicies$fToPathListFirewallPolicies$fToJSONListFirewallPolicies$fToHeadersListFirewallPolicies$fNFDataListFirewallPolicies$fHashableListFirewallPolicies$fAWSPagerListFirewallPolicies$$fNFDataListFirewallPoliciesResponse $fAWSRequestListFirewallPolicies $fEqListFirewallPoliciesResponse"$fReadListFirewallPoliciesResponse"$fShowListFirewallPoliciesResponse%$fGenericListFirewallPoliciesResponse$fEqListFirewallPolicies$fReadListFirewallPolicies$fShowListFirewallPolicies$fGenericListFirewallPoliciesDisassociateSubnetsResponseDisassociateSubnetsResponse'-$sel:firewallArn:DisassociateSubnetsResponse'.$sel:firewallName:DisassociateSubnetsResponse'0$sel:subnetMappings:DisassociateSubnetsResponse'-$sel:updateToken:DisassociateSubnetsResponse',$sel:httpStatus:DisassociateSubnetsResponse'DisassociateSubnetsDisassociateSubnets'%$sel:firewallArn:DisassociateSubnets'&$sel:firewallName:DisassociateSubnets'%$sel:updateToken:DisassociateSubnets'#$sel:subnetIds:DisassociateSubnets'newDisassociateSubnetsdisassociateSubnets_firewallArn disassociateSubnets_firewallNamedisassociateSubnets_updateTokendisassociateSubnets_subnetIdsnewDisassociateSubnetsResponse'disassociateSubnetsResponse_firewallArn(disassociateSubnetsResponse_firewallName*disassociateSubnetsResponse_subnetMappings'disassociateSubnetsResponse_updateToken&disassociateSubnetsResponse_httpStatus$fToQueryDisassociateSubnets$fToPathDisassociateSubnets$fToJSONDisassociateSubnets$fToHeadersDisassociateSubnets$fNFDataDisassociateSubnets$fHashableDisassociateSubnets#$fNFDataDisassociateSubnetsResponse$fAWSRequestDisassociateSubnets$fEqDisassociateSubnetsResponse!$fReadDisassociateSubnetsResponse!$fShowDisassociateSubnetsResponse$$fGenericDisassociateSubnetsResponse$fEqDisassociateSubnets$fReadDisassociateSubnets$fShowDisassociateSubnets$fGenericDisassociateSubnets!DescribeRuleGroupMetadataResponse"DescribeRuleGroupMetadataResponse'0$sel:capacity:DescribeRuleGroupMetadataResponse'3$sel:description:DescribeRuleGroupMetadataResponse'8$sel:lastModifiedTime:DescribeRuleGroupMetadataResponse';$sel:statefulRuleOptions:DescribeRuleGroupMetadataResponse'-$sel:type':DescribeRuleGroupMetadataResponse'2$sel:httpStatus:DescribeRuleGroupMetadataResponse'4$sel:ruleGroupArn:DescribeRuleGroupMetadataResponse'5$sel:ruleGroupName:DescribeRuleGroupMetadataResponse'DescribeRuleGroupMetadataDescribeRuleGroupMetadata',$sel:ruleGroupArn:DescribeRuleGroupMetadata'-$sel:ruleGroupName:DescribeRuleGroupMetadata'%$sel:type':DescribeRuleGroupMetadata'newDescribeRuleGroupMetadata&describeRuleGroupMetadata_ruleGroupArn'describeRuleGroupMetadata_ruleGroupNamedescribeRuleGroupMetadata_type$newDescribeRuleGroupMetadataResponse*describeRuleGroupMetadataResponse_capacity-describeRuleGroupMetadataResponse_description2describeRuleGroupMetadataResponse_lastModifiedTime5describeRuleGroupMetadataResponse_statefulRuleOptions&describeRuleGroupMetadataResponse_type,describeRuleGroupMetadataResponse_httpStatus.describeRuleGroupMetadataResponse_ruleGroupArn/describeRuleGroupMetadataResponse_ruleGroupName"$fToQueryDescribeRuleGroupMetadata!$fToPathDescribeRuleGroupMetadata!$fToJSONDescribeRuleGroupMetadata$$fToHeadersDescribeRuleGroupMetadata!$fNFDataDescribeRuleGroupMetadata#$fHashableDescribeRuleGroupMetadata)$fNFDataDescribeRuleGroupMetadataResponse%$fAWSRequestDescribeRuleGroupMetadata%$fEqDescribeRuleGroupMetadataResponse'$fReadDescribeRuleGroupMetadataResponse'$fShowDescribeRuleGroupMetadataResponse*$fGenericDescribeRuleGroupMetadataResponse$fEqDescribeRuleGroupMetadata$fReadDescribeRuleGroupMetadata$fShowDescribeRuleGroupMetadata"$fGenericDescribeRuleGroupMetadataDescribeRuleGroupResponseDescribeRuleGroupResponse')$sel:ruleGroup:DescribeRuleGroupResponse'*$sel:httpStatus:DescribeRuleGroupResponse'+$sel:updateToken:DescribeRuleGroupResponse'1$sel:ruleGroupResponse:DescribeRuleGroupResponse'DescribeRuleGroupDescribeRuleGroup'$$sel:ruleGroupArn:DescribeRuleGroup'%$sel:ruleGroupName:DescribeRuleGroup'$sel:type':DescribeRuleGroup'newDescribeRuleGroupdescribeRuleGroup_ruleGroupArndescribeRuleGroup_ruleGroupNamedescribeRuleGroup_typenewDescribeRuleGroupResponse#describeRuleGroupResponse_ruleGroup$describeRuleGroupResponse_httpStatus%describeRuleGroupResponse_updateToken+describeRuleGroupResponse_ruleGroupResponse$fToQueryDescribeRuleGroup$fToPathDescribeRuleGroup$fToJSONDescribeRuleGroup$fToHeadersDescribeRuleGroup$fNFDataDescribeRuleGroup$fHashableDescribeRuleGroup!$fNFDataDescribeRuleGroupResponse$fAWSRequestDescribeRuleGroup$fEqDescribeRuleGroupResponse$fReadDescribeRuleGroupResponse$fShowDescribeRuleGroupResponse"$fGenericDescribeRuleGroupResponse$fEqDescribeRuleGroup$fReadDescribeRuleGroup$fShowDescribeRuleGroup$fGenericDescribeRuleGroupDescribeResourcePolicyResponseDescribeResourcePolicyResponse'+$sel:policy:DescribeResourcePolicyResponse'/$sel:httpStatus:DescribeResourcePolicyResponse'DescribeResourcePolicyDescribeResourcePolicy'($sel:resourceArn:DescribeResourcePolicy'newDescribeResourcePolicy"describeResourcePolicy_resourceArn!newDescribeResourcePolicyResponse%describeResourcePolicyResponse_policy)describeResourcePolicyResponse_httpStatus$fToQueryDescribeResourcePolicy$fToPathDescribeResourcePolicy$fToJSONDescribeResourcePolicy!$fToHeadersDescribeResourcePolicy$fNFDataDescribeResourcePolicy $fHashableDescribeResourcePolicy&$fNFDataDescribeResourcePolicyResponse"$fAWSRequestDescribeResourcePolicy"$fEqDescribeResourcePolicyResponse$$fReadDescribeResourcePolicyResponse$$fShowDescribeResourcePolicyResponse'$fGenericDescribeResourcePolicyResponse$fEqDescribeResourcePolicy$fReadDescribeResourcePolicy$fShowDescribeResourcePolicy$fGenericDescribeResourcePolicy$DescribeLoggingConfigurationResponse%DescribeLoggingConfigurationResponse'6$sel:firewallArn:DescribeLoggingConfigurationResponse'?$sel:loggingConfiguration:DescribeLoggingConfigurationResponse'5$sel:httpStatus:DescribeLoggingConfigurationResponse'DescribeLoggingConfigurationDescribeLoggingConfiguration'.$sel:firewallArn:DescribeLoggingConfiguration'/$sel:firewallName:DescribeLoggingConfiguration'newDescribeLoggingConfiguration(describeLoggingConfiguration_firewallArn)describeLoggingConfiguration_firewallName'newDescribeLoggingConfigurationResponse0describeLoggingConfigurationResponse_firewallArn9describeLoggingConfigurationResponse_loggingConfiguration/describeLoggingConfigurationResponse_httpStatus%$fToQueryDescribeLoggingConfiguration$$fToPathDescribeLoggingConfiguration$$fToJSONDescribeLoggingConfiguration'$fToHeadersDescribeLoggingConfiguration$$fNFDataDescribeLoggingConfiguration&$fHashableDescribeLoggingConfiguration,$fNFDataDescribeLoggingConfigurationResponse($fAWSRequestDescribeLoggingConfiguration($fEqDescribeLoggingConfigurationResponse*$fReadDescribeLoggingConfigurationResponse*$fShowDescribeLoggingConfigurationResponse-$fGenericDescribeLoggingConfigurationResponse $fEqDescribeLoggingConfiguration"$fReadDescribeLoggingConfiguration"$fShowDescribeLoggingConfiguration%$fGenericDescribeLoggingConfigurationDescribeFirewallPolicyResponseDescribeFirewallPolicyResponse'3$sel:firewallPolicy:DescribeFirewallPolicyResponse'/$sel:httpStatus:DescribeFirewallPolicyResponse'0$sel:updateToken:DescribeFirewallPolicyResponse';$sel:firewallPolicyResponse:DescribeFirewallPolicyResponse'DescribeFirewallPolicyDescribeFirewallPolicy'.$sel:firewallPolicyArn:DescribeFirewallPolicy'/$sel:firewallPolicyName:DescribeFirewallPolicy'newDescribeFirewallPolicy(describeFirewallPolicy_firewallPolicyArn)describeFirewallPolicy_firewallPolicyName!newDescribeFirewallPolicyResponse-describeFirewallPolicyResponse_firewallPolicy)describeFirewallPolicyResponse_httpStatus*describeFirewallPolicyResponse_updateToken5describeFirewallPolicyResponse_firewallPolicyResponse$fToQueryDescribeFirewallPolicy$fToPathDescribeFirewallPolicy$fToJSONDescribeFirewallPolicy!$fToHeadersDescribeFirewallPolicy$fNFDataDescribeFirewallPolicy $fHashableDescribeFirewallPolicy&$fNFDataDescribeFirewallPolicyResponse"$fAWSRequestDescribeFirewallPolicy"$fEqDescribeFirewallPolicyResponse$$fReadDescribeFirewallPolicyResponse$$fShowDescribeFirewallPolicyResponse'$fGenericDescribeFirewallPolicyResponse$fEqDescribeFirewallPolicy$fReadDescribeFirewallPolicy$fShowDescribeFirewallPolicy$fGenericDescribeFirewallPolicyDescribeFirewallResponseDescribeFirewallResponse''$sel:firewall:DescribeFirewallResponse'-$sel:firewallStatus:DescribeFirewallResponse'*$sel:updateToken:DescribeFirewallResponse')$sel:httpStatus:DescribeFirewallResponse'DescribeFirewallDescribeFirewall'"$sel:firewallArn:DescribeFirewall'#$sel:firewallName:DescribeFirewall'newDescribeFirewalldescribeFirewall_firewallArndescribeFirewall_firewallNamenewDescribeFirewallResponse!describeFirewallResponse_firewall'describeFirewallResponse_firewallStatus$describeFirewallResponse_updateToken#describeFirewallResponse_httpStatus$fToQueryDescribeFirewall$fToPathDescribeFirewall$fToJSONDescribeFirewall$fToHeadersDescribeFirewall$fNFDataDescribeFirewall$fHashableDescribeFirewall $fNFDataDescribeFirewallResponse$fAWSRequestDescribeFirewall$fEqDescribeFirewallResponse$fReadDescribeFirewallResponse$fShowDescribeFirewallResponse!$fGenericDescribeFirewallResponse$fEqDescribeFirewall$fReadDescribeFirewall$fShowDescribeFirewall$fGenericDescribeFirewallDeleteRuleGroupResponseDeleteRuleGroupResponse'($sel:httpStatus:DeleteRuleGroupResponse'/$sel:ruleGroupResponse:DeleteRuleGroupResponse'DeleteRuleGroupDeleteRuleGroup'"$sel:ruleGroupArn:DeleteRuleGroup'#$sel:ruleGroupName:DeleteRuleGroup'$sel:type':DeleteRuleGroup'newDeleteRuleGroupdeleteRuleGroup_ruleGroupArndeleteRuleGroup_ruleGroupNamedeleteRuleGroup_typenewDeleteRuleGroupResponse"deleteRuleGroupResponse_httpStatus)deleteRuleGroupResponse_ruleGroupResponse$fToQueryDeleteRuleGroup$fToPathDeleteRuleGroup$fToJSONDeleteRuleGroup$fToHeadersDeleteRuleGroup$fNFDataDeleteRuleGroup$fHashableDeleteRuleGroup$fNFDataDeleteRuleGroupResponse$fAWSRequestDeleteRuleGroup$fEqDeleteRuleGroupResponse$fReadDeleteRuleGroupResponse$fShowDeleteRuleGroupResponse $fGenericDeleteRuleGroupResponse$fEqDeleteRuleGroup$fReadDeleteRuleGroup$fShowDeleteRuleGroup$fGenericDeleteRuleGroupDeleteResourcePolicyResponseDeleteResourcePolicyResponse'-$sel:httpStatus:DeleteResourcePolicyResponse'DeleteResourcePolicyDeleteResourcePolicy'&$sel:resourceArn:DeleteResourcePolicy'newDeleteResourcePolicy deleteResourcePolicy_resourceArnnewDeleteResourcePolicyResponse'deleteResourcePolicyResponse_httpStatus$fToQueryDeleteResourcePolicy$fToPathDeleteResourcePolicy$fToJSONDeleteResourcePolicy$fToHeadersDeleteResourcePolicy$fNFDataDeleteResourcePolicy$fHashableDeleteResourcePolicy$$fNFDataDeleteResourcePolicyResponse $fAWSRequestDeleteResourcePolicy $fEqDeleteResourcePolicyResponse"$fReadDeleteResourcePolicyResponse"$fShowDeleteResourcePolicyResponse%$fGenericDeleteResourcePolicyResponse$fEqDeleteResourcePolicy$fReadDeleteResourcePolicy$fShowDeleteResourcePolicy$fGenericDeleteResourcePolicyDeleteFirewallPolicyResponseDeleteFirewallPolicyResponse'-$sel:httpStatus:DeleteFirewallPolicyResponse'9$sel:firewallPolicyResponse:DeleteFirewallPolicyResponse'DeleteFirewallPolicyDeleteFirewallPolicy',$sel:firewallPolicyArn:DeleteFirewallPolicy'-$sel:firewallPolicyName:DeleteFirewallPolicy'newDeleteFirewallPolicy&deleteFirewallPolicy_firewallPolicyArn'deleteFirewallPolicy_firewallPolicyNamenewDeleteFirewallPolicyResponse'deleteFirewallPolicyResponse_httpStatus3deleteFirewallPolicyResponse_firewallPolicyResponse$fToQueryDeleteFirewallPolicy$fToPathDeleteFirewallPolicy$fToJSONDeleteFirewallPolicy$fToHeadersDeleteFirewallPolicy$fNFDataDeleteFirewallPolicy$fHashableDeleteFirewallPolicy$$fNFDataDeleteFirewallPolicyResponse $fAWSRequestDeleteFirewallPolicy $fEqDeleteFirewallPolicyResponse"$fReadDeleteFirewallPolicyResponse"$fShowDeleteFirewallPolicyResponse%$fGenericDeleteFirewallPolicyResponse$fEqDeleteFirewallPolicy$fReadDeleteFirewallPolicy$fShowDeleteFirewallPolicy$fGenericDeleteFirewallPolicyDeleteFirewallResponseDeleteFirewallResponse'%$sel:firewall:DeleteFirewallResponse'+$sel:firewallStatus:DeleteFirewallResponse''$sel:httpStatus:DeleteFirewallResponse'DeleteFirewallDeleteFirewall' $sel:firewallArn:DeleteFirewall'!$sel:firewallName:DeleteFirewall'newDeleteFirewalldeleteFirewall_firewallArndeleteFirewall_firewallNamenewDeleteFirewallResponsedeleteFirewallResponse_firewall%deleteFirewallResponse_firewallStatus!deleteFirewallResponse_httpStatus$fToQueryDeleteFirewall$fToPathDeleteFirewall$fToJSONDeleteFirewall$fToHeadersDeleteFirewall$fNFDataDeleteFirewall$fHashableDeleteFirewall$fNFDataDeleteFirewallResponse$fAWSRequestDeleteFirewall$fEqDeleteFirewallResponse$fReadDeleteFirewallResponse$fShowDeleteFirewallResponse$fGenericDeleteFirewallResponse$fEqDeleteFirewall$fReadDeleteFirewall$fShowDeleteFirewall$fGenericDeleteFirewallCreateRuleGroupResponseCreateRuleGroupResponse'($sel:httpStatus:CreateRuleGroupResponse')$sel:updateToken:CreateRuleGroupResponse'/$sel:ruleGroupResponse:CreateRuleGroupResponse'CreateRuleGroupCreateRuleGroup'!$sel:description:CreateRuleGroup'$sel:dryRun:CreateRuleGroup'-$sel:encryptionConfiguration:CreateRuleGroup'$sel:ruleGroup:CreateRuleGroup'$sel:rules:CreateRuleGroup'$$sel:sourceMetadata:CreateRuleGroup'$sel:tags:CreateRuleGroup'#$sel:ruleGroupName:CreateRuleGroup'$sel:type':CreateRuleGroup'$sel:capacity:CreateRuleGroup'newCreateRuleGroupcreateRuleGroup_descriptioncreateRuleGroup_dryRun'createRuleGroup_encryptionConfigurationcreateRuleGroup_ruleGroupcreateRuleGroup_rulescreateRuleGroup_sourceMetadatacreateRuleGroup_tagscreateRuleGroup_ruleGroupNamecreateRuleGroup_typecreateRuleGroup_capacitynewCreateRuleGroupResponse"createRuleGroupResponse_httpStatus#createRuleGroupResponse_updateToken)createRuleGroupResponse_ruleGroupResponse$fToQueryCreateRuleGroup$fToPathCreateRuleGroup$fToJSONCreateRuleGroup$fToHeadersCreateRuleGroup$fNFDataCreateRuleGroup$fHashableCreateRuleGroup$fNFDataCreateRuleGroupResponse$fAWSRequestCreateRuleGroup$fEqCreateRuleGroupResponse$fReadCreateRuleGroupResponse$fShowCreateRuleGroupResponse $fGenericCreateRuleGroupResponse$fEqCreateRuleGroup$fReadCreateRuleGroup$fShowCreateRuleGroup$fGenericCreateRuleGroupCreateFirewallPolicyResponseCreateFirewallPolicyResponse'-$sel:httpStatus:CreateFirewallPolicyResponse'.$sel:updateToken:CreateFirewallPolicyResponse'9$sel:firewallPolicyResponse:CreateFirewallPolicyResponse'CreateFirewallPolicyCreateFirewallPolicy'&$sel:description:CreateFirewallPolicy'!$sel:dryRun:CreateFirewallPolicy'2$sel:encryptionConfiguration:CreateFirewallPolicy'$sel:tags:CreateFirewallPolicy'-$sel:firewallPolicyName:CreateFirewallPolicy')$sel:firewallPolicy:CreateFirewallPolicy'newCreateFirewallPolicy createFirewallPolicy_descriptioncreateFirewallPolicy_dryRun,createFirewallPolicy_encryptionConfigurationcreateFirewallPolicy_tags'createFirewallPolicy_firewallPolicyName#createFirewallPolicy_firewallPolicynewCreateFirewallPolicyResponse'createFirewallPolicyResponse_httpStatus(createFirewallPolicyResponse_updateToken3createFirewallPolicyResponse_firewallPolicyResponse$fToQueryCreateFirewallPolicy$fToPathCreateFirewallPolicy$fToJSONCreateFirewallPolicy$fToHeadersCreateFirewallPolicy$fNFDataCreateFirewallPolicy$fHashableCreateFirewallPolicy$$fNFDataCreateFirewallPolicyResponse $fAWSRequestCreateFirewallPolicy $fEqCreateFirewallPolicyResponse"$fReadCreateFirewallPolicyResponse"$fShowCreateFirewallPolicyResponse%$fGenericCreateFirewallPolicyResponse$fEqCreateFirewallPolicy$fReadCreateFirewallPolicy$fShowCreateFirewallPolicy$fGenericCreateFirewallPolicyCreateFirewallResponseCreateFirewallResponse'%$sel:firewall:CreateFirewallResponse'+$sel:firewallStatus:CreateFirewallResponse''$sel:httpStatus:CreateFirewallResponse'CreateFirewallCreateFirewall'%$sel:deleteProtection:CreateFirewall' $sel:description:CreateFirewall',$sel:encryptionConfiguration:CreateFirewall'3$sel:firewallPolicyChangeProtection:CreateFirewall'+$sel:subnetChangeProtection:CreateFirewall'$sel:tags:CreateFirewall'!$sel:firewallName:CreateFirewall'&$sel:firewallPolicyArn:CreateFirewall'$sel:vpcId:CreateFirewall'#$sel:subnetMappings:CreateFirewall'newCreateFirewallcreateFirewall_deleteProtectioncreateFirewall_description&createFirewall_encryptionConfiguration-createFirewall_firewallPolicyChangeProtection%createFirewall_subnetChangeProtectioncreateFirewall_tagscreateFirewall_firewallName createFirewall_firewallPolicyArncreateFirewall_vpcIdcreateFirewall_subnetMappingsnewCreateFirewallResponsecreateFirewallResponse_firewall%createFirewallResponse_firewallStatus!createFirewallResponse_httpStatus$fToQueryCreateFirewall$fToPathCreateFirewall$fToJSONCreateFirewall$fToHeadersCreateFirewall$fNFDataCreateFirewall$fHashableCreateFirewall$fNFDataCreateFirewallResponse$fAWSRequestCreateFirewall$fEqCreateFirewallResponse$fReadCreateFirewallResponse$fShowCreateFirewallResponse$fGenericCreateFirewallResponse$fEqCreateFirewall$fReadCreateFirewall$fShowCreateFirewall$fGenericCreateFirewallAssociateSubnetsResponseAssociateSubnetsResponse'*$sel:firewallArn:AssociateSubnetsResponse'+$sel:firewallName:AssociateSubnetsResponse'-$sel:subnetMappings:AssociateSubnetsResponse'*$sel:updateToken:AssociateSubnetsResponse')$sel:httpStatus:AssociateSubnetsResponse'AssociateSubnetsAssociateSubnets'"$sel:firewallArn:AssociateSubnets'#$sel:firewallName:AssociateSubnets'"$sel:updateToken:AssociateSubnets'%$sel:subnetMappings:AssociateSubnets'newAssociateSubnetsassociateSubnets_firewallArnassociateSubnets_firewallNameassociateSubnets_updateTokenassociateSubnets_subnetMappingsnewAssociateSubnetsResponse$associateSubnetsResponse_firewallArn%associateSubnetsResponse_firewallName'associateSubnetsResponse_subnetMappings$associateSubnetsResponse_updateToken#associateSubnetsResponse_httpStatus$fToQueryAssociateSubnets$fToPathAssociateSubnets$fToJSONAssociateSubnets$fToHeadersAssociateSubnets$fNFDataAssociateSubnets$fHashableAssociateSubnets $fNFDataAssociateSubnetsResponse$fAWSRequestAssociateSubnets$fEqAssociateSubnetsResponse$fReadAssociateSubnetsResponse$fShowAssociateSubnetsResponse!$fGenericAssociateSubnetsResponse$fEqAssociateSubnets$fReadAssociateSubnets$fShowAssociateSubnets$fGenericAssociateSubnetsAssociateFirewallPolicyResponse AssociateFirewallPolicyResponse'1$sel:firewallArn:AssociateFirewallPolicyResponse'2$sel:firewallName:AssociateFirewallPolicyResponse'7$sel:firewallPolicyArn:AssociateFirewallPolicyResponse'1$sel:updateToken:AssociateFirewallPolicyResponse'0$sel:httpStatus:AssociateFirewallPolicyResponse'AssociateFirewallPolicyAssociateFirewallPolicy')$sel:firewallArn:AssociateFirewallPolicy'*$sel:firewallName:AssociateFirewallPolicy')$sel:updateToken:AssociateFirewallPolicy'/$sel:firewallPolicyArn:AssociateFirewallPolicy'newAssociateFirewallPolicy#associateFirewallPolicy_firewallArn$associateFirewallPolicy_firewallName#associateFirewallPolicy_updateToken)associateFirewallPolicy_firewallPolicyArn"newAssociateFirewallPolicyResponse+associateFirewallPolicyResponse_firewallArn,associateFirewallPolicyResponse_firewallName1associateFirewallPolicyResponse_firewallPolicyArn+associateFirewallPolicyResponse_updateToken*associateFirewallPolicyResponse_httpStatus $fToQueryAssociateFirewallPolicy$fToPathAssociateFirewallPolicy$fToJSONAssociateFirewallPolicy"$fToHeadersAssociateFirewallPolicy$fNFDataAssociateFirewallPolicy!$fHashableAssociateFirewallPolicy'$fNFDataAssociateFirewallPolicyResponse#$fAWSRequestAssociateFirewallPolicy#$fEqAssociateFirewallPolicyResponse%$fReadAssociateFirewallPolicyResponse%$fShowAssociateFirewallPolicyResponse($fGenericAssociateFirewallPolicyResponse$fEqAssociateFirewallPolicy$fReadAssociateFirewallPolicy$fShowAssociateFirewallPolicy $fGenericAssociateFirewallPolicyUntagResourceResponseUntagResourceResponse'&$sel:httpStatus:UntagResourceResponse'UntagResourceUntagResource'$sel:resourceArn:UntagResource'$sel:tagKeys:UntagResource'newUntagResourceuntagResource_resourceArnuntagResource_tagKeysnewUntagResourceResponse untagResourceResponse_httpStatus$fToQueryUntagResource$fToPathUntagResource$fToJSONUntagResource$fToHeadersUntagResource$fNFDataUntagResource$fHashableUntagResource$fNFDataUntagResourceResponse$fAWSRequestUntagResource$fEqUntagResourceResponse$fReadUntagResourceResponse$fShowUntagResourceResponse$fGenericUntagResourceResponse$fEqUntagResource$fReadUntagResource$fShowUntagResource$fGenericUntagResource&UpdateFirewallDeleteProtectionResponse'UpdateFirewallDeleteProtectionResponse'=$sel:deleteProtection:UpdateFirewallDeleteProtectionResponse'8$sel:firewallArn:UpdateFirewallDeleteProtectionResponse'9$sel:firewallName:UpdateFirewallDeleteProtectionResponse'8$sel:updateToken:UpdateFirewallDeleteProtectionResponse'7$sel:httpStatus:UpdateFirewallDeleteProtectionResponse'UpdateFirewallDeleteProtectionUpdateFirewallDeleteProtection'0$sel:firewallArn:UpdateFirewallDeleteProtection'1$sel:firewallName:UpdateFirewallDeleteProtection'0$sel:updateToken:UpdateFirewallDeleteProtection'5$sel:deleteProtection:UpdateFirewallDeleteProtection'!newUpdateFirewallDeleteProtection*updateFirewallDeleteProtection_firewallArn+updateFirewallDeleteProtection_firewallName*updateFirewallDeleteProtection_updateToken/updateFirewallDeleteProtection_deleteProtection)newUpdateFirewallDeleteProtectionResponse7updateFirewallDeleteProtectionResponse_deleteProtection2updateFirewallDeleteProtectionResponse_firewallArn3updateFirewallDeleteProtectionResponse_firewallName2updateFirewallDeleteProtectionResponse_updateToken1updateFirewallDeleteProtectionResponse_httpStatus'$fToQueryUpdateFirewallDeleteProtection&$fToPathUpdateFirewallDeleteProtection&$fToJSONUpdateFirewallDeleteProtection)$fToHeadersUpdateFirewallDeleteProtection&$fNFDataUpdateFirewallDeleteProtection($fHashableUpdateFirewallDeleteProtection.$fNFDataUpdateFirewallDeleteProtectionResponse*$fAWSRequestUpdateFirewallDeleteProtection*$fEqUpdateFirewallDeleteProtectionResponse,$fReadUpdateFirewallDeleteProtectionResponse,$fShowUpdateFirewallDeleteProtectionResponse/$fGenericUpdateFirewallDeleteProtectionResponse"$fEqUpdateFirewallDeleteProtection$$fReadUpdateFirewallDeleteProtection$$fShowUpdateFirewallDeleteProtection'$fGenericUpdateFirewallDeleteProtection!UpdateFirewallDescriptionResponse"UpdateFirewallDescriptionResponse'3$sel:description:UpdateFirewallDescriptionResponse'3$sel:firewallArn:UpdateFirewallDescriptionResponse'4$sel:firewallName:UpdateFirewallDescriptionResponse'3$sel:updateToken:UpdateFirewallDescriptionResponse'2$sel:httpStatus:UpdateFirewallDescriptionResponse'UpdateFirewallDescriptionUpdateFirewallDescription'+$sel:description:UpdateFirewallDescription'+$sel:firewallArn:UpdateFirewallDescription',$sel:firewallName:UpdateFirewallDescription'+$sel:updateToken:UpdateFirewallDescription'newUpdateFirewallDescription%updateFirewallDescription_description%updateFirewallDescription_firewallArn&updateFirewallDescription_firewallName%updateFirewallDescription_updateToken$newUpdateFirewallDescriptionResponse-updateFirewallDescriptionResponse_description-updateFirewallDescriptionResponse_firewallArn.updateFirewallDescriptionResponse_firewallName-updateFirewallDescriptionResponse_updateToken,updateFirewallDescriptionResponse_httpStatus"$fToQueryUpdateFirewallDescription!$fToPathUpdateFirewallDescription!$fToJSONUpdateFirewallDescription$$fToHeadersUpdateFirewallDescription!$fNFDataUpdateFirewallDescription#$fHashableUpdateFirewallDescription)$fNFDataUpdateFirewallDescriptionResponse%$fAWSRequestUpdateFirewallDescription%$fEqUpdateFirewallDescriptionResponse'$fReadUpdateFirewallDescriptionResponse'$fShowUpdateFirewallDescriptionResponse*$fGenericUpdateFirewallDescriptionResponse$fEqUpdateFirewallDescription$fReadUpdateFirewallDescription$fShowUpdateFirewallDescription"$fGenericUpdateFirewallDescription-UpdateFirewallEncryptionConfigurationResponse.UpdateFirewallEncryptionConfigurationResponse'Ë $sel:encryptionConfiguration:UpdateFirewallEncryptionConfigurationResponse'?$sel:firewallArn:UpdateFirewallEncryptionConfigurationResponse'À $sel:firewallName:UpdateFirewallEncryptionConfigurationResponse'?$sel:updateToken:UpdateFirewallEncryptionConfigurationResponse'>$sel:httpStatus:UpdateFirewallEncryptionConfigurationResponse'%UpdateFirewallEncryptionConfiguration&UpdateFirewallEncryptionConfiguration'Ã $sel:encryptionConfiguration:UpdateFirewallEncryptionConfiguration'7$sel:firewallArn:UpdateFirewallEncryptionConfiguration'8$sel:firewallName:UpdateFirewallEncryptionConfiguration'7$sel:updateToken:UpdateFirewallEncryptionConfiguration'(newUpdateFirewallEncryptionConfiguration=updateFirewallEncryptionConfiguration_encryptionConfiguration1updateFirewallEncryptionConfiguration_firewallArn2updateFirewallEncryptionConfiguration_firewallName1updateFirewallEncryptionConfiguration_updateToken0newUpdateFirewallEncryptionConfigurationResponseÅ updateFirewallEncryptionConfigurationResponse_encryptionConfiguration9updateFirewallEncryptionConfigurationResponse_firewallArn:updateFirewallEncryptionConfigurationResponse_firewallName9updateFirewallEncryptionConfigurationResponse_updateToken8updateFirewallEncryptionConfigurationResponse_httpStatus.$fToQueryUpdateFirewallEncryptionConfiguration-$fToPathUpdateFirewallEncryptionConfiguration-$fToJSONUpdateFirewallEncryptionConfiguration0$fToHeadersUpdateFirewallEncryptionConfiguration-$fNFDataUpdateFirewallEncryptionConfiguration/$fHashableUpdateFirewallEncryptionConfiguration5$fNFDataUpdateFirewallEncryptionConfigurationResponse1$fAWSRequestUpdateFirewallEncryptionConfiguration1$fEqUpdateFirewallEncryptionConfigurationResponse3$fReadUpdateFirewallEncryptionConfigurationResponse3$fShowUpdateFirewallEncryptionConfigurationResponse6$fGenericUpdateFirewallEncryptionConfigurationResponse)$fEqUpdateFirewallEncryptionConfiguration+$fReadUpdateFirewallEncryptionConfiguration+$fShowUpdateFirewallEncryptionConfiguration.$fGenericUpdateFirewallEncryptionConfigurationUpdateFirewallPolicyResponseUpdateFirewallPolicyResponse'-$sel:httpStatus:UpdateFirewallPolicyResponse'.$sel:updateToken:UpdateFirewallPolicyResponse'9$sel:firewallPolicyResponse:UpdateFirewallPolicyResponse'UpdateFirewallPolicyUpdateFirewallPolicy'&$sel:description:UpdateFirewallPolicy'!$sel:dryRun:UpdateFirewallPolicy'2$sel:encryptionConfiguration:UpdateFirewallPolicy',$sel:firewallPolicyArn:UpdateFirewallPolicy'-$sel:firewallPolicyName:UpdateFirewallPolicy'&$sel:updateToken:UpdateFirewallPolicy')$sel:firewallPolicy:UpdateFirewallPolicy'newUpdateFirewallPolicy updateFirewallPolicy_descriptionupdateFirewallPolicy_dryRun,updateFirewallPolicy_encryptionConfiguration&updateFirewallPolicy_firewallPolicyArn'updateFirewallPolicy_firewallPolicyName updateFirewallPolicy_updateToken#updateFirewallPolicy_firewallPolicynewUpdateFirewallPolicyResponse'updateFirewallPolicyResponse_httpStatus(updateFirewallPolicyResponse_updateToken3updateFirewallPolicyResponse_firewallPolicyResponse$fToQueryUpdateFirewallPolicy$fToPathUpdateFirewallPolicy$fToJSONUpdateFirewallPolicy$fToHeadersUpdateFirewallPolicy$fNFDataUpdateFirewallPolicy$fHashableUpdateFirewallPolicy$$fNFDataUpdateFirewallPolicyResponse $fAWSRequestUpdateFirewallPolicy $fEqUpdateFirewallPolicyResponse"$fReadUpdateFirewallPolicyResponse"$fShowUpdateFirewallPolicyResponse%$fGenericUpdateFirewallPolicyResponse$fEqUpdateFirewallPolicy$fReadUpdateFirewallPolicy$fShowUpdateFirewallPolicy$fGenericUpdateFirewallPolicy,UpdateFirewallPolicyChangeProtectionResponse-UpdateFirewallPolicyChangeProtectionResponse'>$sel:firewallArn:UpdateFirewallPolicyChangeProtectionResponse'?$sel:firewallName:UpdateFirewallPolicyChangeProtectionResponse'Ñ $sel:firewallPolicyChangeProtection:UpdateFirewallPolicyChangeProtectionResponse'>$sel:updateToken:UpdateFirewallPolicyChangeProtectionResponse'=$sel:httpStatus:UpdateFirewallPolicyChangeProtectionResponse'$UpdateFirewallPolicyChangeProtection%UpdateFirewallPolicyChangeProtection'6$sel:firewallArn:UpdateFirewallPolicyChangeProtection'7$sel:firewallName:UpdateFirewallPolicyChangeProtection'6$sel:updateToken:UpdateFirewallPolicyChangeProtection'É $sel:firewallPolicyChangeProtection:UpdateFirewallPolicyChangeProtection''newUpdateFirewallPolicyChangeProtection0updateFirewallPolicyChangeProtection_firewallArn1updateFirewallPolicyChangeProtection_firewallName0updateFirewallPolicyChangeProtection_updateTokenÃ updateFirewallPolicyChangeProtection_firewallPolicyChangeProtection/newUpdateFirewallPolicyChangeProtectionResponse8updateFirewallPolicyChangeProtectionResponse_firewallArn9updateFirewallPolicyChangeProtectionResponse_firewallNameË updateFirewallPolicyChangeProtectionResponse_firewallPolicyChangeProtection8updateFirewallPolicyChangeProtectionResponse_updateToken7updateFirewallPolicyChangeProtectionResponse_httpStatus-$fToQueryUpdateFirewallPolicyChangeProtection,$fToPathUpdateFirewallPolicyChangeProtection,$fToJSONUpdateFirewallPolicyChangeProtection/$fToHeadersUpdateFirewallPolicyChangeProtection,$fNFDataUpdateFirewallPolicyChangeProtection.$fHashableUpdateFirewallPolicyChangeProtection4$fNFDataUpdateFirewallPolicyChangeProtectionResponse0$fAWSRequestUpdateFirewallPolicyChangeProtection0$fEqUpdateFirewallPolicyChangeProtectionResponse2$fReadUpdateFirewallPolicyChangeProtectionResponse2$fShowUpdateFirewallPolicyChangeProtectionResponse5$fGenericUpdateFirewallPolicyChangeProtectionResponse($fEqUpdateFirewallPolicyChangeProtection*$fReadUpdateFirewallPolicyChangeProtection*$fShowUpdateFirewallPolicyChangeProtection-$fGenericUpdateFirewallPolicyChangeProtection"UpdateLoggingConfigurationResponse#UpdateLoggingConfigurationResponse'4$sel:firewallArn:UpdateLoggingConfigurationResponse'5$sel:firewallName:UpdateLoggingConfigurationResponse'=$sel:loggingConfiguration:UpdateLoggingConfigurationResponse'3$sel:httpStatus:UpdateLoggingConfigurationResponse'UpdateLoggingConfigurationUpdateLoggingConfiguration',$sel:firewallArn:UpdateLoggingConfiguration'-$sel:firewallName:UpdateLoggingConfiguration'5$sel:loggingConfiguration:UpdateLoggingConfiguration'newUpdateLoggingConfiguration&updateLoggingConfiguration_firewallArn'updateLoggingConfiguration_firewallName/updateLoggingConfiguration_loggingConfiguration%newUpdateLoggingConfigurationResponse.updateLoggingConfigurationResponse_firewallArn/updateLoggingConfigurationResponse_firewallName7updateLoggingConfigurationResponse_loggingConfiguration-updateLoggingConfigurationResponse_httpStatus#$fToQueryUpdateLoggingConfiguration"$fToPathUpdateLoggingConfiguration"$fToJSONUpdateLoggingConfiguration%$fToHeadersUpdateLoggingConfiguration"$fNFDataUpdateLoggingConfiguration$$fHashableUpdateLoggingConfiguration*$fNFDataUpdateLoggingConfigurationResponse&$fAWSRequestUpdateLoggingConfiguration&$fEqUpdateLoggingConfigurationResponse($fReadUpdateLoggingConfigurationResponse($fShowUpdateLoggingConfigurationResponse+$fGenericUpdateLoggingConfigurationResponse$fEqUpdateLoggingConfiguration $fReadUpdateLoggingConfiguration $fShowUpdateLoggingConfiguration#$fGenericUpdateLoggingConfigurationUpdateRuleGroupResponseUpdateRuleGroupResponse'($sel:httpStatus:UpdateRuleGroupResponse')$sel:updateToken:UpdateRuleGroupResponse'/$sel:ruleGroupResponse:UpdateRuleGroupResponse'UpdateRuleGroupUpdateRuleGroup'!$sel:description:UpdateRuleGroup'$sel:dryRun:UpdateRuleGroup'-$sel:encryptionConfiguration:UpdateRuleGroup'$sel:ruleGroup:UpdateRuleGroup'"$sel:ruleGroupArn:UpdateRuleGroup'#$sel:ruleGroupName:UpdateRuleGroup'$sel:rules:UpdateRuleGroup'$$sel:sourceMetadata:UpdateRuleGroup'$sel:type':UpdateRuleGroup'!$sel:updateToken:UpdateRuleGroup'newUpdateRuleGroupupdateRuleGroup_descriptionupdateRuleGroup_dryRun'updateRuleGroup_encryptionConfigurationupdateRuleGroup_ruleGroupupdateRuleGroup_ruleGroupArnupdateRuleGroup_ruleGroupNameupdateRuleGroup_rulesupdateRuleGroup_sourceMetadataupdateRuleGroup_typeupdateRuleGroup_updateTokennewUpdateRuleGroupResponse"updateRuleGroupResponse_httpStatus#updateRuleGroupResponse_updateToken)updateRuleGroupResponse_ruleGroupResponse$fToQueryUpdateRuleGroup$fToPathUpdateRuleGroup$fToJSONUpdateRuleGroup$fToHeadersUpdateRuleGroup$fNFDataUpdateRuleGroup$fHashableUpdateRuleGroup$fNFDataUpdateRuleGroupResponse$fAWSRequestUpdateRuleGroup$fEqUpdateRuleGroupResponse$fReadUpdateRuleGroupResponse$fShowUpdateRuleGroupResponse $fGenericUpdateRuleGroupResponse$fEqUpdateRuleGroup$fReadUpdateRuleGroup$fShowUpdateRuleGroup$fGenericUpdateRuleGroup$UpdateSubnetChangeProtectionResponse%UpdateSubnetChangeProtectionResponse'6$sel:firewallArn:UpdateSubnetChangeProtectionResponse'7$sel:firewallName:UpdateSubnetChangeProtectionResponse'Á $sel:subnetChangeProtection:UpdateSubnetChangeProtectionResponse'6$sel:updateToken:UpdateSubnetChangeProtectionResponse'5$sel:httpStatus:UpdateSubnetChangeProtectionResponse'UpdateSubnetChangeProtectionUpdateSubnetChangeProtection'.$sel:firewallArn:UpdateSubnetChangeProtection'/$sel:firewallName:UpdateSubnetChangeProtection'.$sel:updateToken:UpdateSubnetChangeProtection'9$sel:subnetChangeProtection:UpdateSubnetChangeProtection'newUpdateSubnetChangeProtection(updateSubnetChangeProtection_firewallArn)updateSubnetChangeProtection_firewallName(updateSubnetChangeProtection_updateToken3updateSubnetChangeProtection_subnetChangeProtection'newUpdateSubnetChangeProtectionResponse0updateSubnetChangeProtectionResponse_firewallArn1updateSubnetChangeProtectionResponse_firewallName;updateSubnetChangeProtectionResponse_subnetChangeProtection0updateSubnetChangeProtectionResponse_updateToken/updateSubnetChangeProtectionResponse_httpStatus%$fToQueryUpdateSubnetChangeProtection$$fToPathUpdateSubnetChangeProtection$$fToJSONUpdateSubnetChangeProtection'$fToHeadersUpdateSubnetChangeProtection$$fNFDataUpdateSubnetChangeProtection&$fHashableUpdateSubnetChangeProtection,$fNFDataUpdateSubnetChangeProtectionResponse($fAWSRequestUpdateSubnetChangeProtection($fEqUpdateSubnetChangeProtectionResponse*$fReadUpdateSubnetChangeProtectionResponse*$fShowUpdateSubnetChangeProtectionResponse-$fGenericUpdateSubnetChangeProtectionResponse $fEqUpdateSubnetChangeProtection"$fReadUpdateSubnetChangeProtection"$fShowUpdateSubnetChangeProtection%$fGenericUpdateSubnetChangeProtection