A company with VPCs across 50 AWS accounts, utilizing AWS Organizations, aims to implement consistent web filtering across all VPCs using AWS Network Firewall. The network engineer seeks to minimize the number of firewall policies and rule groups required.

Which three-step combination will fulfill these requirements? (Choose three.)