Stateless firewall rule config example has error

[rhyslewis-aws]

Describe the bug

The LZA code describes a stateless firewall rule configuration that fails because it is missing a protocol

To Reproduce

Create a stateless firewall rule as described here: https://github.com/awslabs/landing-zone-accelerator-on-aws/blob/main/source/packages/%40aws-accelerator/config/lib/models/network-config.ts#L5921

eg.

      - name: TESTSTATELESS
        regions:
          - *HOME_REGION
        capacity: 10
        type: STATELESS
        ruleGroup:
          rulesSource:
            statelessRulesAndCustomActions:
              statelessRules:
                - priority: 100
                  ruleDefinition:
                    actions:
                      - aws:pass
                    matchAttributes:
                      sources:
                        - 10.1.0.0/16
                      sourcePorts:
                        - fromPort: 1024
                          toPort: 65535
                      destinations:
                        - 10.0.0.0/16
                      destinationPorts:
                        - fromPort: 22
                          toPort: 22

This returns an error during the Deploy | Network_Prepare action:

AWSAccelerator-NetworkPrepStack-413126159926-ap-southeast-2 \| 10:29:51 PM \| CREATE_FAILED        \| AWS::NetworkFirewall::RuleGroup                  \| TeststatelessNetworkFirewallRuleGroup (TeststatelessNetworkFirewallRuleGroupD0D2CB93) Resource handler returned message: "SourcePorts, Protocols cannot exist together, parameter: [(1024, 65535), []], context: StatelessRulesAndCustomActions.StatelessRules[Priority=100].RuleDefinition (Service: NetworkFirewall, Status Code: 400, Request ID: 63966680-59e7-4b28-9c3b-288c6a127774)" (RequestToken: c7b82408-ba4e-c132-1081-0d2dc92bf9a4, HandlerErrorCode: InvalidRequest)
--
283 |  

Which appears to report that there is a request being made to the provisioning API with a protocol of [] because the parameter is not supplied in the config.

Expected behavior

I expected the stateless rule to be created

Please complete the following information about the solution:

• [ v1.9.0 ] Version: [e.g. v1.5.1]

To get the version of the solution, you can look at the description of the created AWS CloudFormation stack used to install the LZA (AWSAccelerator-InstallerStack). For example, "(SO0199) Landing Zone Accelerator on AWS. Version 1.5.1.". If the description does not contain the version information, you can look at the Parameters of the stack for the RepositoryBranchName as that should contain the version number.

• [ ap-southeast-2] Region: [e.g. us-east-1]
• [No ] Was the solution modified from the version published on this repository?
• [ ] If the answer to the previous question was yes, are the changes available on GitHub?
• [ No, N/A] Have you checked your service quotas for the services this solution uses?
• [See above ] Were there any errors in the CloudWatch Logs?

Screenshots If applicable, add screenshots to help explain your problem (please DO NOT include sensitive information).

Additional context Add any other context about the problem here.

[rhyslewis-aws]

The example on line 5876 ( https://github.com/awslabs/landing-zone-accelerator-on-aws/blob/main/source/packages/%40aws-accelerator/config/lib/models/network-config.ts#L5877C1-L5887C20 ) does work, so it appear that the issue is that protocols is a mandatory parameter.