There are 3 key components of AWS Network Firewall.
1. Rule Groups
Holds a reusable collection of criteria for inspecting traffic and for handling packets and traffic flows that match the inspection criteria.
Defines a reusable set of stateless and stateful rule groups, along with some policy-level behavior settings.
Connects the inspection rules in the firewall policy to the VPC that the rules protect. Each firewall requires one firewall policy. The firewall additionally defines settings like how to log information about your network traffic and the firewall’s stateful traffic filtering.
AWS Network Firewall is presented as a VPC endpoint in a VPC subnet. This firewall endpoint highly available and is powered by AWS Gateway Load Balancer (GWLB)