in source/networkFirewallAutomation/lib/network-firewall-manager.ts [339:361]
async deleteRuleGroups(policyObject: NetworkFirewall.CreateFirewallPolicyRequest) {
await this.delay(Time.Seconds15)
Logger.log(LOG_LEVEL.DEBUG, `The rule groups currently configured in the firewall `, this.ruleGroupArnsInFirewall)
//retrieve the rule groups in policy Object
let ruleGroupsInFirewallPolicyFile: { [key: string]: string } = {};
if (policyObject.FirewallPolicy.StatefulRuleGroupReferences) {
for (let ruleGroup of policyObject.FirewallPolicy.StatefulRuleGroupReferences) {
ruleGroupsInFirewallPolicyFile[ruleGroup.ResourceArn] = ruleGroup.ResourceArn
}
}
if (policyObject.FirewallPolicy.StatelessRuleGroupReferences) {
for (let ruleGroup of policyObject.FirewallPolicy.StatelessRuleGroupReferences) {
ruleGroupsInFirewallPolicyFile[ruleGroup.ResourceArn] = ruleGroup.ResourceArn
}
}
Logger.log(LOG_LEVEL.DEBUG, `The rule groups configured in the new firewall policy file `, ruleGroupsInFirewallPolicyFile)
for (let oldRuleGroupArn of this.ruleGroupArnsInFirewall) {
if (!ruleGroupsInFirewallPolicyFile[oldRuleGroupArn]) {
await this.service.deleteRuleGroup(oldRuleGroupArn);
}
}
}