Class CfnFirewallPolicy
java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.networkfirewall.CfnFirewallPolicy
- All Implemented Interfaces:
IConstruct
,IDependable
,IInspectable
,software.amazon.jsii.JsiiSerializable
,software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)",
date="2023-06-19T16:30:00.400Z")
@Stability(Stable)
public class CfnFirewallPolicy
extends CfnResource
implements IInspectable
A CloudFormation
AWS::NetworkFirewall::FirewallPolicy
.
Use the FirewallPolicy
to define the stateless and stateful network traffic filtering behavior for your Firewall
. You can use one firewall policy for multiple firewalls.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import software.amazon.awscdk.services.networkfirewall.*; CfnFirewallPolicy cfnFirewallPolicy = CfnFirewallPolicy.Builder.create(this, "MyCfnFirewallPolicy") .firewallPolicy(FirewallPolicyProperty.builder() .statelessDefaultActions(List.of("statelessDefaultActions")) .statelessFragmentDefaultActions(List.of("statelessFragmentDefaultActions")) // the properties below are optional .policyVariables(PolicyVariablesProperty.builder() .ruleVariables(Map.of( "ruleVariablesKey", Map.of( "definition", List.of("definition")))) .build()) .statefulDefaultActions(List.of("statefulDefaultActions")) .statefulEngineOptions(StatefulEngineOptionsProperty.builder() .ruleOrder("ruleOrder") .streamExceptionPolicy("streamExceptionPolicy") .build()) .statefulRuleGroupReferences(List.of(StatefulRuleGroupReferenceProperty.builder() .resourceArn("resourceArn") // the properties below are optional .override(StatefulRuleGroupOverrideProperty.builder() .action("action") .build()) .priority(123) .build())) .statelessCustomActions(List.of(CustomActionProperty.builder() .actionDefinition(ActionDefinitionProperty.builder() .publishMetricAction(PublishMetricActionProperty.builder() .dimensions(List.of(DimensionProperty.builder() .value("value") .build())) .build()) .build()) .actionName("actionName") .build())) .statelessRuleGroupReferences(List.of(StatelessRuleGroupReferenceProperty.builder() .priority(123) .resourceArn("resourceArn") .build())) .build()) .firewallPolicyName("firewallPolicyName") // the properties below are optional .description("description") .tags(List.of(CfnTag.builder() .key("key") .value("value") .build())) .build();
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic interface
A custom action to use in stateless rule actions settings.static final class
A fluent builder forCfnFirewallPolicy
.static interface
An optional, non-standard action to use for stateless packet handling.static interface
The value to use in an Amazon CloudWatch custom metric dimension.static interface
The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.static interface
A list of IP addresses and address ranges, in CIDR notation.static interface
Contains variables that you can use to override default Suricata settings in your firewall policy.static interface
Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet.static interface
Configuration settings for the handling of the stateful rule groups in a firewall policy.static interface
The setting that allows the policy owner to change the behavior of the rule group within a policy.static interface
Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.static interface
Identifier for a single stateless rule group, used in a firewall policy to refer to the rule group.Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject
software.amazon.jsii.JsiiObject.InitializationMode
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IConstruct
IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.constructs.IConstruct
software.constructs.IConstruct.Jsii$Default
Nested classes/interfaces inherited from interface software.amazon.awscdk.core.IInspectable
IInspectable.Jsii$Default, IInspectable.Jsii$Proxy
-
Field Summary
Modifier and TypeFieldDescriptionstatic final String
The CloudFormation resource type name for this resource class. -
Constructor Summary
ModifierConstructorDescriptionCfnFirewallPolicy
(Construct scope, String id, CfnFirewallPolicyProps props) Create a newAWS::NetworkFirewall::FirewallPolicy
.protected
CfnFirewallPolicy
(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) protected
CfnFirewallPolicy
(software.amazon.jsii.JsiiObjectRef objRef) -
Method Summary
Modifier and TypeMethodDescriptionThe Amazon Resource Name (ARN) of theFirewallPolicy
.The unique ID of theFirewallPolicy
resource.A description of the firewall policy.The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.The descriptive name of the firewall policy.getTags()
An array of key-value pairs to apply to this resource.void
inspect
(TreeInspector inspector) Examines the CloudFormation resource and discloses attributes.renderProperties
(Map<String, Object> props) void
setDescription
(String value) A description of the firewall policy.void
setFirewallPolicy
(IResolvable value) The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.void
The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.void
setFirewallPolicyName
(String value) The descriptive name of the firewall policy.Methods inherited from class software.amazon.awscdk.core.CfnResource
addDeletionOverride, addDependsOn, addMetadata, addOverride, addPropertyDeletionOverride, addPropertyOverride, applyRemovalPolicy, applyRemovalPolicy, applyRemovalPolicy, getAtt, getCfnOptions, getCfnResourceType, getMetadata, getUpdatedProperites, isCfnResource, shouldSynthesize, toString, validateProperties
Methods inherited from class software.amazon.awscdk.core.CfnRefElement
getRef
Methods inherited from class software.amazon.awscdk.core.CfnElement
getCreationStack, getLogicalId, getStack, isCfnElement, overrideLogicalId
Methods inherited from class software.amazon.awscdk.core.Construct
getNode, isConstruct, onPrepare, onSynthesize, onValidate, prepare, synthesize, validate
Methods inherited from class software.amazon.jsii.JsiiObject
jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
Methods inherited from interface software.amazon.jsii.JsiiSerializable
$jsii$toJson
-
Field Details
-
CFN_RESOURCE_TYPE_NAME
The CloudFormation resource type name for this resource class.
-
-
Constructor Details
-
CfnFirewallPolicy
protected CfnFirewallPolicy(software.amazon.jsii.JsiiObjectRef objRef) -
CfnFirewallPolicy
protected CfnFirewallPolicy(software.amazon.jsii.JsiiObject.InitializationMode initializationMode) -
CfnFirewallPolicy
@Stability(Stable) public CfnFirewallPolicy(@NotNull Construct scope, @NotNull String id, @NotNull CfnFirewallPolicyProps props) Create a newAWS::NetworkFirewall::FirewallPolicy
.- Parameters:
scope
-- scope in which this resource is defined.
id
-- scoped id of the resource.
props
-- resource properties.
-
-
Method Details
-
inspect
Examines the CloudFormation resource and discloses attributes.- Specified by:
inspect
in interfaceIInspectable
- Parameters:
inspector
-- tree inspector to collect and process attributes.
-
renderProperties
@Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String, Object> props) - Overrides:
renderProperties
in classCfnResource
- Parameters:
props
- This parameter is required.
-
getAttrFirewallPolicyArn
The Amazon Resource Name (ARN) of theFirewallPolicy
. -
getAttrFirewallPolicyId
The unique ID of theFirewallPolicy
resource. -
getCfnProperties
- Overrides:
getCfnProperties
in classCfnResource
-
getTags
An array of key-value pairs to apply to this resource.For more information, see Tag .
-
getFirewallPolicy
The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings. -
setFirewallPolicy
The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings. -
setFirewallPolicy
@Stability(Stable) public void setFirewallPolicy(@NotNull CfnFirewallPolicy.FirewallPolicyProperty value) The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings. -
getFirewallPolicyName
The descriptive name of the firewall policy.You can't change the name of a firewall policy after you create it.
-
setFirewallPolicyName
The descriptive name of the firewall policy.You can't change the name of a firewall policy after you create it.
-
getDescription
A description of the firewall policy. -
setDescription
A description of the firewall policy.
-