# netfw-subnet-change-protection-enabled
<a name="netfw-subnet-change-protection-enabled"></a>

Checks if AWS Network Firewall has subnet change protection enabled. The rule is NON\$1COMPLIANT if subnet change protection is not enabled. 



**Identifier:** NETFW\$1SUBNET\$1CHANGE\$1PROTECTION\$1ENABLED

**Resource Types:** AWS::NetworkFirewall::Firewall

**Trigger type:** Configuration changes

**AWS Region:** All supported AWS regions except Asia Pacific (New Zealand), Asia Pacific (Thailand), Asia Pacific (Malaysia), Mexico (Central), Asia Pacific (Taipei) Region

**Parameters:**

None  

## AWS CloudFormation template
<a name="w2aac20c16c17b7e1169c19"></a>

To create AWS Config managed rules with AWS CloudFormation templates, see [Creating AWS Config Managed Rules With AWS CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).