Package software.amazon.awscdk.services.networkfirewall

Class CfnFirewallPolicy.FirewallPolicyProperty.Jsii$Proxy

java.lang.Object

software.amazon.jsii.JsiiObject

software.amazon.awscdk.services.networkfirewall.CfnFirewallPolicy.FirewallPolicyProperty.Jsii$Proxy

All Implemented Interfaces:

CfnFirewallPolicy.FirewallPolicyProperty, software.amazon.jsii.JsiiSerializable

Enclosing interface:

CfnFirewallPolicy.FirewallPolicyProperty

@Stability(Stable)
@Internal
public static final class CfnFirewallPolicy.FirewallPolicyProperty.Jsii$Proxy
extends software.amazon.jsii.JsiiObject
implements CfnFirewallPolicy.FirewallPolicyProperty

An implementation for CfnFirewallPolicy.FirewallPolicyProperty

Nested Class Summary

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.networkfirewall.CfnFirewallPolicy.FirewallPolicyProperty

CfnFirewallPolicy.FirewallPolicyProperty.Builder, CfnFirewallPolicy.FirewallPolicyProperty.Jsii$Proxy

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	Jsii$Proxy(CfnFirewallPolicy.FirewallPolicyProperty.Builder builder)	Constructor that initializes the object based on literal property values passed by the CfnFirewallPolicy.FirewallPolicyProperty.Builder.
protected	Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)	Constructor that initializes the object based on values retrieved from the JsiiObject.

Method Summary

Modifier and Type	Method	Description
com.fasterxml.jackson.databind.JsonNode	$jsii$toJson()
final boolean	equals(Object o)
final Object	getPolicyVariables()	Contains variables that you can use to override default Suricata settings in your firewall policy.
final List<String>	getStatefulDefaultActions()	The default actions to take on a packet that doesn't match any stateful rules.
final Object	getStatefulEngineOptions()	Additional options governing how Network Firewall handles stateful rules.
final Object	getStatefulRuleGroupReferences()	References to the stateful rule groups that are used in the policy.
final Object	getStatelessCustomActions()	The custom action definitions that are available for use in the firewall policy's StatelessDefaultActions setting.
final List<String>	getStatelessDefaultActions()	The actions to take on a packet if it doesn't match any of the stateless rules in the policy.
final List<String>	getStatelessFragmentDefaultActions()	The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy.
final Object	getStatelessRuleGroupReferences()	References to the stateless rule groups that are used in the policy.
final int	hashCode()

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Constructor Details

Jsii$Proxy

protected Jsii$Proxy(software.amazon.jsii.JsiiObjectRef objRef)

Constructor that initializes the object based on values retrieved from the JsiiObject.

Parameters:

objRef - Reference to the JSII managed object.

Jsii$Proxy

protected Jsii$Proxy(CfnFirewallPolicy.FirewallPolicyProperty.Builder builder)

Constructor that initializes the object based on literal property values passed by the CfnFirewallPolicy.FirewallPolicyProperty.Builder.

Method Details

getStatelessDefaultActions

public final List<String> getStatelessDefaultActions()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

The actions to take on a packet if it doesn't match any of the stateless rules in the policy.

If you want non-matching packets to be forwarded for stateful inspection, specify aws:forward_to_sfe .

You must specify one of the standard actions: aws:pass , aws:drop , or aws:forward_to_sfe . In addition, you can specify custom actions that are compatible with your standard section choice.

For example, you could specify ["aws:pass"] or you could specify ["aws:pass", “customActionName”] . For information about compatibility, see the custom action descriptions.

Specified by:

getStatelessDefaultActions in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatelessFragmentDefaultActions

public final List<String> getStatelessFragmentDefaultActions()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy.

If you want non-matching fragmented packets to be forwarded for stateful inspection, specify aws:forward_to_sfe .

You must specify one of the standard actions: aws:pass , aws:drop , or aws:forward_to_sfe . In addition, you can specify custom actions that are compatible with your standard section choice.

For example, you could specify ["aws:pass"] or you could specify ["aws:pass", “customActionName”] . For information about compatibility, see the custom action descriptions.

Specified by:

getStatelessFragmentDefaultActions in interface CfnFirewallPolicy.FirewallPolicyProperty

getPolicyVariables

public final Object getPolicyVariables()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

Contains variables that you can use to override default Suricata settings in your firewall policy.

Specified by:

getPolicyVariables in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatefulDefaultActions

public final List<String> getStatefulDefaultActions()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

The default actions to take on a packet that doesn't match any stateful rules.

The stateful default action is optional, and is only valid when using the strict rule order.

Valid values of the stateful default action:

• aws:drop_strict
• aws:drop_established
• aws:alert_strict
• aws:alert_established

For more information, see Strict evaluation order in the AWS Network Firewall Developer Guide .

Specified by:

getStatefulDefaultActions in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatefulEngineOptions

public final Object getStatefulEngineOptions()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

Additional options governing how Network Firewall handles stateful rules.

The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings.

Specified by:

getStatefulEngineOptions in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatefulRuleGroupReferences

public final Object getStatefulRuleGroupReferences()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

References to the stateful rule groups that are used in the policy.

These define the inspection criteria in stateful rules.

Specified by:

getStatefulRuleGroupReferences in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatelessCustomActions

public final Object getStatelessCustomActions()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

The custom action definitions that are available for use in the firewall policy's StatelessDefaultActions setting.

You name each custom action that you define, and then you can use it by name in your default actions specifications.

Specified by:

getStatelessCustomActions in interface CfnFirewallPolicy.FirewallPolicyProperty

getStatelessRuleGroupReferences

public final Object getStatelessRuleGroupReferences()

Description copied from interface: CfnFirewallPolicy.FirewallPolicyProperty

References to the stateless rule groups that are used in the policy.

These define the matching criteria in stateless rules.

Specified by:

getStatelessRuleGroupReferences in interface CfnFirewallPolicy.FirewallPolicyProperty

$jsii$toJson

@Internal
public com.fasterxml.jackson.databind.JsonNode $jsii$toJson()

Specified by:

$jsii$toJson in interface software.amazon.jsii.JsiiSerializable

equals

public final boolean equals(Object o)

Overrides:

equals in class Object

hashCode

public final int hashCode()

Overrides:

hashCode in class Object