SyncState - AWS Network Firewall

SyncState

The status of the firewall endpoint and firewall policy configuration for a single VPC subnet.

For each VPC subnet that you associate with a firewall, AWS Network Firewall does the following:

  • Instantiates a firewall endpoint in the subnet, ready to take traffic.

  • Configures the endpoint with the current firewall policy settings, to provide the filtering behavior for the endpoint.

When you update a firewall, for example to add a subnet association or change a rule group in the firewall policy, the affected sync states reflect out-of-sync or not ready status until the changes are complete.

Contents

Attachment

The attachment status of the firewall's association with a single VPC subnet. For each configured subnet, Network Firewall creates the attachment by instantiating the firewall endpoint in the subnet so that it's ready to take traffic. This is part of the FirewallStatus.

Type: Attachment object

Required: No

Config

The configuration status of the firewall endpoint in a single VPC subnet. Network Firewall provides each endpoint with the rules that are configured in the firewall policy. Each time you add a subnet or modify the associated firewall policy, Network Firewall synchronizes the rules in the endpoint, so it can properly filter network traffic. This is part of the FirewallStatus.

Type: String to PerObjectStatus object map

Key Length Constraints: Minimum length of 1. Maximum length of 128.

Key Pattern: ^[a-zA-Z0-9-]+$

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: