Class CfnFirewall
A CloudFormation AWS::NetworkFirewall::Firewall
.
Inherited Members
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.AWS.NetworkFirewall.dll
Syntax (csharp)
public class CfnFirewall : CfnResource, IConstruct, IDependable, IInspectable
Syntax (vb)
Public Class CfnFirewall
Inherits CfnResource
Implements IConstruct, IDependable, IInspectable
Remarks
Use the Firewall
to provide stateful, managed, network firewall and intrusion detection and prevention filtering for your VPCs in Amazon VPC .
The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.
CloudformationResource: AWS::NetworkFirewall::Firewall
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var cfnFirewall = new CfnFirewall(this, "MyCfnFirewall", new CfnFirewallProps {
FirewallName = "firewallName",
FirewallPolicyArn = "firewallPolicyArn",
SubnetMappings = new [] { new SubnetMappingProperty {
SubnetId = "subnetId",
// the properties below are optional
IpAddressType = "ipAddressType"
} },
VpcId = "vpcId",
// the properties below are optional
DeleteProtection = false,
Description = "description",
FirewallPolicyChangeProtection = false,
SubnetChangeProtection = false,
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
});
Synopsis
Constructors
CfnFirewall(Construct, String, ICfnFirewallProps) | Create a new |
CfnFirewall(ByRefValue) | Used by jsii to construct an instance of this class from a Javascript-owned object reference |
CfnFirewall(DeputyBase.DeputyProps) | Used by jsii to construct an instance of this class from DeputyProps |
Properties
AttrEndpointIds | The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall. |
AttrFirewallArn | The Amazon Resource Name (ARN) of the |
AttrFirewallId | The name of the |
CFN_RESOURCE_TYPE_NAME | The CloudFormation resource type name for this resource class. |
CfnProperties | |
DeleteProtection | A flag indicating whether it is possible to delete the firewall. |
Description | A description of the firewall. |
FirewallName | The descriptive name of the firewall. |
FirewallPolicyArn | The Amazon Resource Name (ARN) of the firewall policy. |
FirewallPolicyChangeProtection | A setting indicating whether the firewall is protected against a change to the firewall policy association. |
SubnetChangeProtection | A setting indicating whether the firewall is protected against changes to the subnet associations. |
SubnetMappings | The public subnets that Network Firewall is using for the firewall. |
Tags | An array of key-value pairs to apply to this resource. |
VpcId | The unique identifier of the VPC where the firewall is in use. |
Methods
Inspect(TreeInspector) | Examines the CloudFormation resource and discloses attributes. |
RenderProperties(IDictionary<String, Object>) |
Constructors
CfnFirewall(Construct, String, ICfnFirewallProps)
Create a new AWS::NetworkFirewall::Firewall
.
public CfnFirewall(Construct scope, string id, ICfnFirewallProps props)
Parameters
- scope Construct
- scope in which this resource is defined.
- id System.String
- scoped id of the resource.
- props ICfnFirewallProps
- resource properties.
CfnFirewall(ByRefValue)
Used by jsii to construct an instance of this class from a Javascript-owned object reference
protected CfnFirewall(ByRefValue reference)
Parameters
- reference Amazon.JSII.Runtime.Deputy.ByRefValue
The Javascript-owned object reference
CfnFirewall(DeputyBase.DeputyProps)
Used by jsii to construct an instance of this class from DeputyProps
protected CfnFirewall(DeputyBase.DeputyProps props)
Parameters
- props Amazon.JSII.Runtime.Deputy.DeputyBase.DeputyProps
The deputy props
Properties
AttrEndpointIds
The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.
public virtual string[] AttrEndpointIds { get; }
Property Value
System.String[]
Remarks
The subnets are not listed in any particular order. For example: ["us-west-2c:vpce-111122223333", "us-west-2a:vpce-987654321098", "us-west-2b:vpce-012345678901"]
.
CloudformationAttribute: EndpointIds
AttrFirewallArn
The Amazon Resource Name (ARN) of the Firewall
.
public virtual string AttrFirewallArn { get; }
Property Value
System.String
Remarks
CloudformationAttribute: FirewallArn
AttrFirewallId
The name of the Firewall
resource.
public virtual string AttrFirewallId { get; }
Property Value
System.String
Remarks
CloudformationAttribute: FirewallId
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
public static string CFN_RESOURCE_TYPE_NAME { get; }
Property Value
System.String
CfnProperties
protected override IDictionary<string, object> CfnProperties { get; }
Property Value
System.Collections.Generic.IDictionary<System.String, System.Object>
Overrides
DeleteProtection
A flag indicating whether it is possible to delete the firewall.
public virtual object DeleteProtection { get; set; }
Property Value
System.Object
Remarks
A setting of TRUE
indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE
.
Description
A description of the firewall.
public virtual string Description { get; set; }
Property Value
System.String
Remarks
FirewallName
The descriptive name of the firewall.
public virtual string FirewallName { get; set; }
Property Value
System.String
Remarks
You can't change the name of a firewall after you create it.
FirewallPolicyArn
The Amazon Resource Name (ARN) of the firewall policy.
public virtual string FirewallPolicyArn { get; set; }
Property Value
System.String
Remarks
The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.
FirewallPolicyChangeProtection
A setting indicating whether the firewall is protected against a change to the firewall policy association.
public virtual object FirewallPolicyChangeProtection { get; set; }
Property Value
System.Object
Remarks
Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE
.
SubnetChangeProtection
A setting indicating whether the firewall is protected against changes to the subnet associations.
public virtual object SubnetChangeProtection { get; set; }
Property Value
System.Object
Remarks
Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE
.
SubnetMappings
The public subnets that Network Firewall is using for the firewall.
public virtual object SubnetMappings { get; set; }
Property Value
System.Object
Remarks
Each subnet must belong to a different Availability Zone.
Tags
An array of key-value pairs to apply to this resource.
public virtual TagManager Tags { get; }
Property Value
Remarks
VpcId
The unique identifier of the VPC where the firewall is in use.
public virtual string VpcId { get; set; }
Property Value
System.String
Remarks
You can't change the VPC of a firewall after you create the firewall.
Methods
Inspect(TreeInspector)
Examines the CloudFormation resource and discloses attributes.
public virtual void Inspect(TreeInspector inspector)
Parameters
- inspector TreeInspector
- tree inspector to collect and process attributes.
RenderProperties(IDictionary<String, Object>)
protected override IDictionary<string, object> RenderProperties(IDictionary<string, object> props)
Parameters
- props System.Collections.Generic.IDictionary<System.String, System.Object>
Returns
System.Collections.Generic.IDictionary<System.String, System.Object>