Package software.amazon.awscdk.services.networkfirewall

Class CfnFirewall

java.lang.Object
software.amazon.jsii.JsiiObject
software.constructs.Construct
software.amazon.awscdk.core.Construct
software.amazon.awscdk.core.CfnElement
software.amazon.awscdk.core.CfnRefElement
software.amazon.awscdk.core.CfnResource
software.amazon.awscdk.services.networkfirewall.CfnFirewall
All Implemented Interfaces:
IConstruct, IDependable, IInspectable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct
@Generated(value="jsii-pacmak/1.84.0 (build 5404dcf)", date="2023-06-19T16:30:00.397Z") @Stability(Stable) public class CfnFirewall extends CfnResource implements IInspectable
A CloudFormation AWS::NetworkFirewall::Firewall.

Use the Firewall to provide stateful, managed, network firewall and intrusion detection and prevention filtering for your VPCs in Amazon VPC .

The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.

Example: 

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.networkfirewall.*;
 CfnFirewall cfnFirewall = CfnFirewall.Builder.create(this, "MyCfnFirewall")
         .firewallName("firewallName")
         .firewallPolicyArn("firewallPolicyArn")
         .subnetMappings(List.of(SubnetMappingProperty.builder()
                 .subnetId("subnetId")
                 // the properties below are optional
                 .ipAddressType("ipAddressType")
                 .build()))
         .vpcId("vpcId")
         // the properties below are optional
         .deleteProtection(false)
         .description("description")
         .firewallPolicyChangeProtection(false)
         .subnetChangeProtection(false)
         .tags(List.of(CfnTag.builder()
                 .key("key")
                 .value("value")
                 .build()))
         .build();

  • Field Details

    • CFN_RESOURCE_TYPE_NAME

      @Stability(Stable) public static final String CFN_RESOURCE_TYPE_NAME
      The CloudFormation resource type name for this resource class.

  • Constructor Details

    • CfnFirewall

      protected CfnFirewall(software.amazon.jsii.JsiiObjectRef objRef)

    • CfnFirewall

      protected CfnFirewall(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

    • CfnFirewall

      @Stability(Stable) public CfnFirewall(@NotNull Construct scope, @NotNull String id, @NotNull CfnFirewallProps props)
      Create a new AWS::NetworkFirewall::Firewall.

      Parameters:
      scope -
      • scope in which this resource is defined.
      This parameter is required.
      id -
      • scoped id of the resource.
      This parameter is required.
      props -
      • resource properties.
      This parameter is required.

  • Method Details

    • inspect

      @Stability(Stable) public void inspect(@NotNull TreeInspector inspector)
      Examines the CloudFormation resource and discloses attributes.

      Specified by:
      inspect in interface IInspectable
      Parameters:
      inspector -
      • tree inspector to collect and process attributes.
      This parameter is required.

    • renderProperties

      @Stability(Stable) @NotNull protected Map<String,Object> renderProperties(@NotNull Map<String,Object> props)
      Overrides:
      renderProperties in class CfnResource
      Parameters:
      props - This parameter is required.

    • getAttrEndpointIds

      @Stability(Stable) @NotNull public List<String> getAttrEndpointIds()
      The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.

      The subnets are not listed in any particular order. For example: ["us-west-2c:vpce-111122223333", "us-west-2a:vpce-987654321098", "us-west-2b:vpce-012345678901"] .

    • getAttrFirewallArn

      @Stability(Stable) @NotNull public String getAttrFirewallArn()
      The Amazon Resource Name (ARN) of the Firewall .

    • getAttrFirewallId

      @Stability(Stable) @NotNull public String getAttrFirewallId()
      The name of the Firewall resource.

    • getCfnProperties

      @Stability(Stable) @NotNull protected Map<String,Object> getCfnProperties()
      Overrides:
      getCfnProperties in class CfnResource

    • getTags

      @Stability(Stable) @NotNull public TagManager getTags()
      An array of key-value pairs to apply to this resource.

      For more information, see Tag .

    • getFirewallName

      @Stability(Stable) @NotNull public String getFirewallName()
      The descriptive name of the firewall.

      You can't change the name of a firewall after you create it.

    • setFirewallName

      @Stability(Stable) public void setFirewallName(@NotNull String value)
      The descriptive name of the firewall.

      You can't change the name of a firewall after you create it.

    • getFirewallPolicyArn

      @Stability(Stable) @NotNull public String getFirewallPolicyArn()
      The Amazon Resource Name (ARN) of the firewall policy.

      The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

    • setFirewallPolicyArn

      @Stability(Stable) public void setFirewallPolicyArn(@NotNull String value)
      The Amazon Resource Name (ARN) of the firewall policy.

      The relationship of firewall to firewall policy is many to one. Each firewall requires one firewall policy association, and you can use the same firewall policy for multiple firewalls.

    • getSubnetMappings

      @Stability(Stable) @NotNull public Object getSubnetMappings()
      The public subnets that Network Firewall is using for the firewall.

      Each subnet must belong to a different Availability Zone.

    • setSubnetMappings

      @Stability(Stable) public void setSubnetMappings(@NotNull IResolvable value)
      The public subnets that Network Firewall is using for the firewall.

      Each subnet must belong to a different Availability Zone.

    • setSubnetMappings

      @Stability(Stable) public void setSubnetMappings(@NotNull List<Object> value)
      The public subnets that Network Firewall is using for the firewall.

      Each subnet must belong to a different Availability Zone.

    • getVpcId

      @Stability(Stable) @NotNull public String getVpcId()
      The unique identifier of the VPC where the firewall is in use.

      You can't change the VPC of a firewall after you create the firewall.

    • setVpcId

      @Stability(Stable) public void setVpcId(@NotNull String value)
      The unique identifier of the VPC where the firewall is in use.

      You can't change the VPC of a firewall after you create the firewall.

    • getDeleteProtection

      @Stability(Stable) @Nullable public Object getDeleteProtection()
      A flag indicating whether it is possible to delete the firewall.

      A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

    • setDeleteProtection

      @Stability(Stable) public void setDeleteProtection(@Nullable Boolean value)
      A flag indicating whether it is possible to delete the firewall.

      A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

    • setDeleteProtection

      @Stability(Stable) public void setDeleteProtection(@Nullable IResolvable value)
      A flag indicating whether it is possible to delete the firewall.

      A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE .

    • getDescription

      @Stability(Stable) @Nullable public String getDescription()
      A description of the firewall.

    • setDescription

      @Stability(Stable) public void setDescription(@Nullable String value)
      A description of the firewall.

    • getFirewallPolicyChangeProtection

      @Stability(Stable) @Nullable public Object getFirewallPolicyChangeProtection()
      A setting indicating whether the firewall is protected against a change to the firewall policy association.

      Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

    • setFirewallPolicyChangeProtection

      @Stability(Stable) public void setFirewallPolicyChangeProtection(@Nullable Boolean value)
      A setting indicating whether the firewall is protected against a change to the firewall policy association.

      Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

    • setFirewallPolicyChangeProtection

      @Stability(Stable) public void setFirewallPolicyChangeProtection(@Nullable IResolvable value)
      A setting indicating whether the firewall is protected against a change to the firewall policy association.

      Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

    • getSubnetChangeProtection

      @Stability(Stable) @Nullable public Object getSubnetChangeProtection()
      A setting indicating whether the firewall is protected against changes to the subnet associations.

      Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

    • setSubnetChangeProtection

      @Stability(Stable) public void setSubnetChangeProtection(@Nullable Boolean value)
      A setting indicating whether the firewall is protected against changes to the subnet associations.

      Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .

    • setSubnetChangeProtection

      @Stability(Stable) public void setSubnetChangeProtection(@Nullable IResolvable value)
      A setting indicating whether the firewall is protected against changes to the subnet associations.

      Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE .