Class: Aws::NetworkFirewall::Types::CreateFirewallRequest

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb

Overview

Note:

When making an API call, you may pass CreateFirewallRequest data as a hash:

{
  firewall_name: "ResourceName", # required
  firewall_policy_arn: "ResourceArn", # required
  vpc_id: "VpcId", # required
  subnet_mappings: [ # required
    {
      subnet_id: "CollectionMember_String", # required
    },
  ],
  delete_protection: false,
  subnet_change_protection: false,
  firewall_policy_change_protection: false,
  description: "Description",
  tags: [
    {
      key: "TagKey", # required
      value: "TagValue", # required
    },
  ],
  encryption_configuration: {
    key_id: "KeyId",
    type: "CUSTOMER_KMS", # required, accepts CUSTOMER_KMS, AWS_OWNED_KMS_KEY
  },
}

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#delete_protectionBoolean

A flag indicating whether it is possible to delete the firewall. A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE.

Returns:

  • (Boolean)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionString

A description of the firewall.

Returns:

  • (String)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#encryption_configurationTypes::EncryptionConfiguration

A complex type that contains settings for encryption of your firewall resources.



602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_nameString

The descriptive name of the firewall. You can't change the name of a firewall after you create it.

Returns:

  • (String)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_policy_arnString

The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for the firewall.

Returns:

  • (String)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_policy_change_protectionBoolean

A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

Returns:

  • (Boolean)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#subnet_change_protectionBoolean

A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

Returns:

  • (Boolean)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#subnet_mappingsArray<Types::SubnetMapping>

The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.

Returns:



602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#tagsArray<Types::Tag>

The key:value pairs to associate with the resource.

Returns:



602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end

#vpc_idString

The unique identifier of the VPC where Network Firewall should create the firewall.

You can't change this setting after you create the firewall.

Returns:

  • (String)


602
603
604
605
606
607
608
609
610
611
612
613
614
615
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 602

class CreateFirewallRequest < Struct.new(
  :firewall_name,
  :firewall_policy_arn,
  :vpc_id,
  :subnet_mappings,
  :delete_protection,
  :subnet_change_protection,
  :firewall_policy_change_protection,
  :description,
  :tags,
  :encryption_configuration)
  SENSITIVE = []
  include Aws::Structure
end