Class CfnFirewallPolicy.FirewallPolicyProperty.Builder
- All Implemented Interfaces:
software.amazon.jsii.Builder<CfnFirewallPolicy.FirewallPolicyProperty>
- Enclosing interface:
- CfnFirewallPolicy.FirewallPolicyProperty
CfnFirewallPolicy.FirewallPolicyProperty
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionbuild()
Builds the configured instance.policyVariables
(IResolvable policyVariables) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getPolicyVariables()
policyVariables
(CfnFirewallPolicy.PolicyVariablesProperty policyVariables) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getPolicyVariables()
statefulDefaultActions
(List<String> statefulDefaultActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulDefaultActions()
statefulEngineOptions
(IResolvable statefulEngineOptions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulEngineOptions()
statefulEngineOptions
(CfnFirewallPolicy.StatefulEngineOptionsProperty statefulEngineOptions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulEngineOptions()
statefulRuleGroupReferences
(List<? extends Object> statefulRuleGroupReferences) statefulRuleGroupReferences
(IResolvable statefulRuleGroupReferences) statelessCustomActions
(List<? extends Object> statelessCustomActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessCustomActions()
statelessCustomActions
(IResolvable statelessCustomActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessCustomActions()
statelessDefaultActions
(List<String> statelessDefaultActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessDefaultActions()
statelessFragmentDefaultActions
(List<String> statelessFragmentDefaultActions) statelessRuleGroupReferences
(List<? extends Object> statelessRuleGroupReferences) statelessRuleGroupReferences
(IResolvable statelessRuleGroupReferences)
-
Constructor Details
-
Builder
public Builder()
-
-
Method Details
-
statelessDefaultActions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessDefaultActions(List<String> statelessDefaultActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessDefaultActions()
- Parameters:
statelessDefaultActions
- The actions to take on a packet if it doesn't match any of the stateless rules in the policy. This parameter is required. If you want non-matching packets to be forwarded for stateful inspection, specifyaws:forward_to_sfe
.You must specify one of the standard actions:
aws:pass
,aws:drop
, oraws:forward_to_sfe
. In addition, you can specify custom actions that are compatible with your standard section choice.For example, you could specify
["aws:pass"]
or you could specify["aws:pass", “customActionName”]
. For information about compatibility, see the custom action descriptions.- Returns:
this
-
statelessFragmentDefaultActions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessFragmentDefaultActions(List<String> statelessFragmentDefaultActions) - Parameters:
statelessFragmentDefaultActions
- The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. This parameter is required. If you want non-matching fragmented packets to be forwarded for stateful inspection, specifyaws:forward_to_sfe
.You must specify one of the standard actions:
aws:pass
,aws:drop
, oraws:forward_to_sfe
. In addition, you can specify custom actions that are compatible with your standard section choice.For example, you could specify
["aws:pass"]
or you could specify["aws:pass", “customActionName”]
. For information about compatibility, see the custom action descriptions.- Returns:
this
-
policyVariables
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder policyVariables(IResolvable policyVariables) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getPolicyVariables()
- Parameters:
policyVariables
- Contains variables that you can use to override default Suricata settings in your firewall policy.- Returns:
this
-
policyVariables
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder policyVariables(CfnFirewallPolicy.PolicyVariablesProperty policyVariables) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getPolicyVariables()
- Parameters:
policyVariables
- Contains variables that you can use to override default Suricata settings in your firewall policy.- Returns:
this
-
statefulDefaultActions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statefulDefaultActions(List<String> statefulDefaultActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulDefaultActions()
- Parameters:
statefulDefaultActions
- The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order.Valid values of the stateful default action:
- aws:drop_strict
- aws:drop_established
- aws:alert_strict
- aws:alert_established
For more information, see Strict evaluation order in the AWS Network Firewall Developer Guide .
- Returns:
this
-
statefulEngineOptions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statefulEngineOptions(IResolvable statefulEngineOptions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulEngineOptions()
- Parameters:
statefulEngineOptions
- Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.- Returns:
this
-
statefulEngineOptions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statefulEngineOptions(CfnFirewallPolicy.StatefulEngineOptionsProperty statefulEngineOptions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatefulEngineOptions()
- Parameters:
statefulEngineOptions
- Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.- Returns:
this
-
statefulRuleGroupReferences
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statefulRuleGroupReferences(IResolvable statefulRuleGroupReferences) - Parameters:
statefulRuleGroupReferences
- References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.- Returns:
this
-
statefulRuleGroupReferences
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statefulRuleGroupReferences(List<? extends Object> statefulRuleGroupReferences) - Parameters:
statefulRuleGroupReferences
- References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules.- Returns:
this
-
statelessCustomActions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessCustomActions(IResolvable statelessCustomActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessCustomActions()
- Parameters:
statelessCustomActions
- The custom action definitions that are available for use in the firewall policy'sStatelessDefaultActions
setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.- Returns:
this
-
statelessCustomActions
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessCustomActions(List<? extends Object> statelessCustomActions) Sets the value ofCfnFirewallPolicy.FirewallPolicyProperty.getStatelessCustomActions()
- Parameters:
statelessCustomActions
- The custom action definitions that are available for use in the firewall policy'sStatelessDefaultActions
setting. You name each custom action that you define, and then you can use it by name in your default actions specifications.- Returns:
this
-
statelessRuleGroupReferences
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessRuleGroupReferences(IResolvable statelessRuleGroupReferences) - Parameters:
statelessRuleGroupReferences
- References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.- Returns:
this
-
statelessRuleGroupReferences
@Stability(Stable) public CfnFirewallPolicy.FirewallPolicyProperty.Builder statelessRuleGroupReferences(List<? extends Object> statelessRuleGroupReferences) - Parameters:
statelessRuleGroupReferences
- References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules.- Returns:
this
-
build
Builds the configured instance.- Specified by:
build
in interfacesoftware.amazon.jsii.Builder<CfnFirewallPolicy.FirewallPolicyProperty>
- Returns:
- a new instance of
CfnFirewallPolicy.FirewallPolicyProperty
- Throws:
NullPointerException
- if any required attribute was not provided
-