software.amazon.awscdk.services.networkfirewall

Class CfnFirewall

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.CfnElement

software.amazon.awscdk.CfnRefElement

software.amazon.awscdk.CfnResource

software.amazon.awscdk.services.networkfirewall.CfnFirewall

All Implemented Interfaces:

IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.67.0 (build 2c027f5)",
           date="2022-09-19T20:26:41.021Z")
 @Stability(value=Stable)
public class CfnFirewall
extends CfnResource
implements IInspectable

A CloudFormation `AWS::NetworkFirewall::Firewall`.

Use the Firewall to provide stateful, managed, network firewall and intrusion detection and prevention filtering for your VPCs in Amazon VPC .

The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.networkfirewall.*;
 CfnFirewall cfnFirewall = CfnFirewall.Builder.create(this, "MyCfnFirewall")
         .firewallName("firewallName")
         .firewallPolicyArn("firewallPolicyArn")
         .subnetMappings(List.of(SubnetMappingProperty.builder()
                 .subnetId("subnetId")
                 .build()))
         .vpcId("vpcId")
         // the properties below are optional
         .deleteProtection(false)
         .description("description")
         .firewallPolicyChangeProtection(false)
         .subnetChangeProtection(false)
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnFirewall.Builder A fluent builder for CfnFirewall.
static interface	CfnFirewall.SubnetMappingProperty The ID for a subnet that you want to associate with the firewall.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnFirewall(software.constructs.Construct scope, String id, CfnFirewallProps props) Create a new `AWS::NetworkFirewall::Firewall`.
protected	CfnFirewall(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnFirewall(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
List<String>	getAttrEndpointIds() The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.
String	getAttrFirewallArn() The Amazon Resource Name (ARN) of the `Firewall` .
String	getAttrFirewallId() The name of the `Firewall` resource.
protected Map<String,Object>	getCfnProperties()
Object	getDeleteProtection() A flag indicating whether it is possible to delete the firewall.
String	getDescription() A description of the firewall.
String	getFirewallName() The descriptive name of the firewall.
String	getFirewallPolicyArn() The Amazon Resource Name (ARN) of the firewall policy.
Object	getFirewallPolicyChangeProtection() A setting indicating whether the firewall is protected against a change to the firewall policy association.
Object	getSubnetChangeProtection() A setting indicating whether the firewall is protected against changes to the subnet associations.
Object	getSubnetMappings() The public subnets that Network Firewall is using for the firewall.
TagManager	getTags() An array of key-value pairs to apply to this resource.
String	getVpcId() The unique identifier of the VPC where the firewall is in use.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected Map<String,Object>	renderProperties(Map<String,Object> props)
void	setDeleteProtection(Boolean value) A flag indicating whether it is possible to delete the firewall.
void	setDeleteProtection(IResolvable value) A flag indicating whether it is possible to delete the firewall.
void	setDescription(String value) A description of the firewall.
void	setFirewallName(String value) The descriptive name of the firewall.
void	setFirewallPolicyArn(String value) The Amazon Resource Name (ARN) of the firewall policy.
void	setFirewallPolicyChangeProtection(Boolean value) A setting indicating whether the firewall is protected against a change to the firewall policy association.
void	setFirewallPolicyChangeProtection(IResolvable value) A setting indicating whether the firewall is protected against a change to the firewall policy association.
void	setSubnetChangeProtection(Boolean value) A setting indicating whether the firewall is protected against changes to the subnet associations.
void	setSubnetChangeProtection(IResolvable value) A setting indicating whether the firewall is protected against changes to the subnet associations.
void	setSubnetMappings(IResolvable value) The public subnets that Network Firewall is using for the firewall.
void	setSubnetMappings(List<Object> value) The public subnets that Network Firewall is using for the firewall.
void	setVpcId(String value) The unique identifier of the VPC where the firewall is in use.

Methods inherited from class software.amazon.awscdk.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, getUpdatedProperties, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.constructs.Construct

getNode, isConstruct

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Field Detail

CFN_RESOURCE_TYPE_NAME

@Stability(value=Stable)
public static final String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnFirewall

protected CfnFirewall(software.amazon.jsii.JsiiObjectRef objRef)

CfnFirewall

protected CfnFirewall(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnFirewall

@Stability(value=Stable)
public CfnFirewall(@NotNull
                                            software.constructs.Construct scope,
                                            @NotNull
                                            String id,
                                            @NotNull
                                            CfnFirewallProps props)

Create a new `AWS::NetworkFirewall::Firewall`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

@Stability(value=Stable)
public void inspect(@NotNull
                                             TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> renderProperties(@NotNull
                                                                                 Map<String,Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrEndpointIds

@Stability(value=Stable)
 @NotNull
public List<String> getAttrEndpointIds()

The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.

The subnets are not listed in any particular order. For example: ["us-west-2c:vpce-111122223333", "us-west-2a:vpce-987654321098", "us-west-2b:vpce-012345678901"] .

getAttrFirewallArn

@Stability(value=Stable)
 @NotNull
public String getAttrFirewallArn()

The Amazon Resource Name (ARN) of the `Firewall` .

getAttrFirewallId

@Stability(value=Stable)
 @NotNull
public String getAttrFirewallId()

The name of the `Firewall` resource.

getCfnProperties

@Stability(value=Stable)
 @NotNull
protected Map<String,Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getTags

@Stability(value=Stable)
 @NotNull
public TagManager getTags()

An array of key-value pairs to apply to this resource.

For more information, see Tag .

getFirewallName

@Stability(value=Stable)
 @NotNull
public String getFirewallName()

The descriptive name of the firewall.

You can't change the name of a firewall after you create it.

setFirewallName

@Stability(value=Stable)
public void setFirewallName(@NotNull
                                                     String value)

The descriptive name of the firewall.

You can't change the name of a firewall after you create it.

getFirewallPolicyArn

@Stability(value=Stable)
 @NotNull
public String getFirewallPolicyArn()

The Amazon Resource Name (ARN) of the firewall policy.

The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

setFirewallPolicyArn

@Stability(value=Stable)
public void setFirewallPolicyArn(@NotNull
                                                          String value)

The Amazon Resource Name (ARN) of the firewall policy.

The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

getSubnetMappings

@Stability(value=Stable)
 @NotNull
public Object getSubnetMappings()

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

setSubnetMappings

@Stability(value=Stable)
public void setSubnetMappings(@NotNull
                                                       IResolvable value)

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

setSubnetMappings

@Stability(value=Stable)
public void setSubnetMappings(@NotNull
                                                       List<Object> value)

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

getVpcId

@Stability(value=Stable)
 @NotNull
public String getVpcId()

The unique identifier of the VPC where the firewall is in use.

You can't change the VPC of a firewall after you create the firewall.

setVpcId

@Stability(value=Stable)
public void setVpcId(@NotNull
                                              String value)

The unique identifier of the VPC where the firewall is in use.

You can't change the VPC of a firewall after you create the firewall.

getDeleteProtection

@Stability(value=Stable)
 @Nullable
public Object getDeleteProtection()

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

setDeleteProtection

@Stability(value=Stable)
public void setDeleteProtection(@Nullable
                                                         Boolean value)

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

setDeleteProtection

@Stability(value=Stable)
public void setDeleteProtection(@Nullable
                                                         IResolvable value)

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

getDescription

@Stability(value=Stable)
 @Nullable
public String getDescription()

A description of the firewall.

setDescription

@Stability(value=Stable)
public void setDescription(@Nullable
                                                    String value)

A description of the firewall.

getFirewallPolicyChangeProtection

@Stability(value=Stable)
 @Nullable
public Object getFirewallPolicyChangeProtection()

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setFirewallPolicyChangeProtection

@Stability(value=Stable)
public void setFirewallPolicyChangeProtection(@Nullable
                                                                       Boolean value)

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setFirewallPolicyChangeProtection

@Stability(value=Stable)
public void setFirewallPolicyChangeProtection(@Nullable
                                                                       IResolvable value)

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

getSubnetChangeProtection

@Stability(value=Stable)
 @Nullable
public Object getSubnetChangeProtection()

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setSubnetChangeProtection

@Stability(value=Stable)
public void setSubnetChangeProtection(@Nullable
                                                               Boolean value)

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setSubnetChangeProtection

@Stability(value=Stable)
public void setSubnetChangeProtection(@Nullable
                                                               IResolvable value)

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .