software.amazon.awscdk.services.networkfirewall

Class CfnFirewall

java.lang.Object

software.constructs.Construct

software.amazon.awscdk.core.Construct

software.amazon.awscdk.core.CfnElement

software.amazon.awscdk.core.CfnRefElement

software.amazon.awscdk.core.CfnResource

software.amazon.awscdk.services.networkfirewall.CfnFirewall

All Implemented Interfaces:

IConstruct, IDependable, IInspectable

@Generated(value="jsii-pacmak/1.74.0 (build 6d08790)",
           date="2023-03-22T19:35:38.881Z")
public class CfnFirewall
extends CfnResource
implements IInspectable

A CloudFormation `AWS::NetworkFirewall::Firewall`.

Use the Firewall to provide stateful, managed, network firewall and intrusion detection and prevention filtering for your VPCs in Amazon VPC .

The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.networkfirewall.*;
 CfnFirewall cfnFirewall = CfnFirewall.Builder.create(this, "MyCfnFirewall")
         .firewallName("firewallName")
         .firewallPolicyArn("firewallPolicyArn")
         .subnetMappings(List.of(SubnetMappingProperty.builder()
                 .subnetId("subnetId")
                 // the properties below are optional
                 .ipAddressType("ipAddressType")
                 .build()))
         .vpcId("vpcId")
         // the properties below are optional
         .deleteProtection(false)
         .description("description")
         .firewallPolicyChangeProtection(false)
         .subnetChangeProtection(false)
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CfnFirewall.Builder A fluent builder for CfnFirewall.
static interface	CfnFirewall.SubnetMappingProperty The ID for a subnet that you want to associate with the firewall.

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable

IInspectable.Jsii$Default, IInspectable.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct

IConstruct.Jsii$Default

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	CFN_RESOURCE_TYPE_NAME The CloudFormation resource type name for this resource class.

Constructor Summary

Constructors

Modifier	Constructor and Description
	CfnFirewall(Construct scope, java.lang.String id, CfnFirewallProps props) Create a new `AWS::NetworkFirewall::Firewall`.
protected	CfnFirewall(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	CfnFirewall(software.amazon.jsii.JsiiObjectRef objRef)

Method Summary

Modifier and Type	Method and Description
java.util.List<java.lang.String>	getAttrEndpointIds() The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.
java.lang.String	getAttrFirewallArn() The Amazon Resource Name (ARN) of the `Firewall` .
java.lang.String	getAttrFirewallId() The name of the `Firewall` resource.
protected java.util.Map<java.lang.String,java.lang.Object>	getCfnProperties()
java.lang.Object	getDeleteProtection() A flag indicating whether it is possible to delete the firewall.
java.lang.String	getDescription() A description of the firewall.
java.lang.String	getFirewallName() The descriptive name of the firewall.
java.lang.String	getFirewallPolicyArn() The Amazon Resource Name (ARN) of the firewall policy.
java.lang.Object	getFirewallPolicyChangeProtection() A setting indicating whether the firewall is protected against a change to the firewall policy association.
java.lang.Object	getSubnetChangeProtection() A setting indicating whether the firewall is protected against changes to the subnet associations.
java.lang.Object	getSubnetMappings() The public subnets that Network Firewall is using for the firewall.
TagManager	getTags() An array of key-value pairs to apply to this resource.
java.lang.String	getVpcId() The unique identifier of the VPC where the firewall is in use.
void	inspect(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.
protected java.util.Map<java.lang.String,java.lang.Object>	renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)
void	setDeleteProtection(java.lang.Boolean value) A flag indicating whether it is possible to delete the firewall.
void	setDeleteProtection(IResolvable value) A flag indicating whether it is possible to delete the firewall.
void	setDescription(java.lang.String value) A description of the firewall.
void	setFirewallName(java.lang.String value) The descriptive name of the firewall.
void	setFirewallPolicyArn(java.lang.String value) The Amazon Resource Name (ARN) of the firewall policy.
void	setFirewallPolicyChangeProtection(java.lang.Boolean value) A setting indicating whether the firewall is protected against a change to the firewall policy association.
void	setFirewallPolicyChangeProtection(IResolvable value) A setting indicating whether the firewall is protected against a change to the firewall policy association.
void	setSubnetChangeProtection(java.lang.Boolean value) A setting indicating whether the firewall is protected against changes to the subnet associations.
void	setSubnetChangeProtection(IResolvable value) A setting indicating whether the firewall is protected against changes to the subnet associations.
void	setSubnetMappings(IResolvable value) The public subnets that Network Firewall is using for the firewall.
void	setSubnetMappings(java.util.List<java.lang.Object> value) The public subnets that Network Firewall is using for the firewall.
void	setVpcId(java.lang.String value) The unique identifier of the VPC where the firewall is in use.

Methods inherited from class software.amazon.awscdk.core.CfnResource

addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties

Methods inherited from class software.amazon.awscdk.core.CfnRefElement

getRef

Methods inherited from class software.amazon.awscdk.core.CfnElement

getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId

Methods inherited from class software.amazon.awscdk.core.Construct

getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Field Detail

CFN_RESOURCE_TYPE_NAME

public static final java.lang.String CFN_RESOURCE_TYPE_NAME

The CloudFormation resource type name for this resource class.

Constructor Detail

CfnFirewall

protected CfnFirewall(software.amazon.jsii.JsiiObjectRef objRef)

CfnFirewall

protected CfnFirewall(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

CfnFirewall

public CfnFirewall(Construct scope,
                   java.lang.String id,
                   CfnFirewallProps props)

Create a new `AWS::NetworkFirewall::Firewall`.

Parameters:

scope - - scope in which this resource is defined. This parameter is required.

id - - scoped id of the resource. This parameter is required.

props - - resource properties. This parameter is required.

Method Detail

inspect

public void inspect(TreeInspector inspector)

Examines the CloudFormation resource and discloses attributes.

Specified by:

inspect in interface IInspectable

Parameters:

inspector - - tree inspector to collect and process attributes. This parameter is required.

renderProperties

protected java.util.Map<java.lang.String,java.lang.Object> renderProperties(java.util.Map<java.lang.String,java.lang.Object> props)

Overrides:

renderProperties in class CfnResource

Parameters:

props - This parameter is required.

getAttrEndpointIds

public java.util.List<java.lang.String> getAttrEndpointIds()

The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.

The subnets are not listed in any particular order. For example: ["us-west-2c:vpce-111122223333", "us-west-2a:vpce-987654321098", "us-west-2b:vpce-012345678901"] .

getAttrFirewallArn

public java.lang.String getAttrFirewallArn()

The Amazon Resource Name (ARN) of the `Firewall` .

getAttrFirewallId

public java.lang.String getAttrFirewallId()

The name of the `Firewall` resource.

getCfnProperties

protected java.util.Map<java.lang.String,java.lang.Object> getCfnProperties()

Overrides:

getCfnProperties in class CfnResource

getTags

public TagManager getTags()

An array of key-value pairs to apply to this resource.

For more information, see Tag .

getFirewallName

public java.lang.String getFirewallName()

The descriptive name of the firewall.

You can't change the name of a firewall after you create it.

setFirewallName

public void setFirewallName(java.lang.String value)

The descriptive name of the firewall.

You can't change the name of a firewall after you create it.

getFirewallPolicyArn

public java.lang.String getFirewallPolicyArn()

The Amazon Resource Name (ARN) of the firewall policy.

The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

setFirewallPolicyArn

public void setFirewallPolicyArn(java.lang.String value)

The Amazon Resource Name (ARN) of the firewall policy.

The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

getSubnetMappings

public java.lang.Object getSubnetMappings()

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

setSubnetMappings

public void setSubnetMappings(IResolvable value)

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

setSubnetMappings

public void setSubnetMappings(java.util.List<java.lang.Object> value)

The public subnets that Network Firewall is using for the firewall.

Each subnet must belong to a different Availability Zone.

getVpcId

public java.lang.String getVpcId()

The unique identifier of the VPC where the firewall is in use.

You can't change the VPC of a firewall after you create the firewall.

setVpcId

public void setVpcId(java.lang.String value)

The unique identifier of the VPC where the firewall is in use.

You can't change the VPC of a firewall after you create the firewall.

getDeleteProtection

public java.lang.Object getDeleteProtection()

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

setDeleteProtection

public void setDeleteProtection(java.lang.Boolean value)

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

setDeleteProtection

public void setDeleteProtection(IResolvable value)

A flag indicating whether it is possible to delete the firewall.

A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

getDescription

public java.lang.String getDescription()

A description of the firewall.

setDescription

public void setDescription(java.lang.String value)

A description of the firewall.

getFirewallPolicyChangeProtection

public java.lang.Object getFirewallPolicyChangeProtection()

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setFirewallPolicyChangeProtection

public void setFirewallPolicyChangeProtection(java.lang.Boolean value)

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setFirewallPolicyChangeProtection

public void setFirewallPolicyChangeProtection(IResolvable value)

A setting indicating whether the firewall is protected against a change to the firewall policy association.

Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

getSubnetChangeProtection

public java.lang.Object getSubnetChangeProtection()

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setSubnetChangeProtection

public void setSubnetChangeProtection(java.lang.Boolean value)

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

setSubnetChangeProtection

public void setSubnetChangeProtection(IResolvable value)

A setting indicating whether the firewall is protected against changes to the subnet associations.

Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .