Attachment

The configuration and status for a single subnet that you've specified for use by the AWS Network Firewall firewall. This is part of the FirewallStatus.

Contents

EndpointId

The identifier of the firewall endpoint that Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.

Type: String

Required: No

Status

The current status of the firewall endpoint in the subnet. This value reflects both the instantiation of the endpoint in the VPC subnet and the sync states that are reported in the Config settings. When this value is READY, the endpoint is available and configured properly to handle network traffic. When the endpoint isn't available for traffic, this value will reflect its state, for example CREATING or DELETING.

Type: String

Valid Values: CREATING | DELETING | FAILED | ERROR | SCALING | READY

Required: No

StatusMessage

If Network Firewall fails to create or delete the firewall endpoint in the subnet, it populates this with the reason for the error or failure and how to resolve it. A FAILED status indicates a non-recoverable state, and a ERROR status indicates an issue that you can fix. Depending on the error, it can take as many as 15 minutes to populate this field. For more information about the causes for failiure or errors and solutions available for this field, see Troubleshooting firewall endpoint failures in the Network Firewall Developer Guide.

Type: String

Required: No

SubnetId

The unique identifier of the subnet that you've specified to be used for a firewall endpoint.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: ^subnet-[0-9a-f]+$

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

• AWS SDK for C++

• AWS SDK for Go

• AWS SDK for Java V2

• AWS SDK for Ruby V3