AWS::NetworkFirewall::Firewall SubnetMapping - Amazon CloudFormation
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::NetworkFirewall::Firewall SubnetMapping

The ID for a subnet that you want to associate with the firewall. Amazon Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet's Availability Zone.


To declare this entity in your Amazon CloudFormation template, use the following syntax:


{ "IPAddressType" : String, "SubnetId" : String }


IPAddressType: String SubnetId: String



The subnet's IP address type. You can't change the IP address type after you create the subnet.

Required: No

Type: String

Allowed values: DUALSTACK | IPV4 | IPV6

Update requires: No interruption


The unique identifier for the subnet.

Required: Yes

Type: String

Update requires: No interruption