CfnFirewallPolicyProps

class aws_cdk.aws_networkfirewall.CfnFirewallPolicyProps(*, firewall_policy, firewall_policy_name, description=None, tags=None)

Bases: object

Properties for defining a CfnFirewallPolicy.

Parameters:

firewall_policy (Union[IResolvable, FirewallPolicyProperty, Dict[str, Any]]) – The traffic filtering behavior of a firewall policy, defined in a collection of stateless and stateful rule groups and other settings.
firewall_policy_name (str) – The descriptive name of the firewall policy. You can’t change the name of a firewall policy after you create it.
description (Optional[str]) – A description of the firewall policy.
tags (Optional[Sequence[Union[CfnTag, Dict[str, Any]]]]) – An array of key-value pairs to apply to this resource. For more information, see Tag .

See:

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewallpolicy.html

ExampleMetadata:

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
from aws_cdk import aws_networkfirewall as networkfirewall

cfn_firewall_policy_props = networkfirewall.CfnFirewallPolicyProps(
    firewall_policy=networkfirewall.CfnFirewallPolicy.FirewallPolicyProperty(
        stateless_default_actions=["statelessDefaultActions"],
        stateless_fragment_default_actions=["statelessFragmentDefaultActions"],

        # the properties below are optional
        policy_variables=networkfirewall.CfnFirewallPolicy.PolicyVariablesProperty(
            rule_variables={
                "rule_variables_key": {
                    "definition": ["definition"]
                }
            }
        ),
        stateful_default_actions=["statefulDefaultActions"],
        stateful_engine_options=networkfirewall.CfnFirewallPolicy.StatefulEngineOptionsProperty(
            flow_timeouts=networkfirewall.CfnFirewallPolicy.FlowTimeoutsProperty(
                tcp_idle_timeout_seconds=123
            ),
            rule_order="ruleOrder",
            stream_exception_policy="streamExceptionPolicy"
        ),
        stateful_rule_group_references=[networkfirewall.CfnFirewallPolicy.StatefulRuleGroupReferenceProperty(
            resource_arn="resourceArn",

            # the properties below are optional
            deep_threat_inspection=False,
            override=networkfirewall.CfnFirewallPolicy.StatefulRuleGroupOverrideProperty(
                action="action"
            ),
            priority=123
        )],
        stateless_custom_actions=[networkfirewall.CfnFirewallPolicy.CustomActionProperty(
            action_definition=networkfirewall.CfnFirewallPolicy.ActionDefinitionProperty(
                publish_metric_action=networkfirewall.CfnFirewallPolicy.PublishMetricActionProperty(
                    dimensions=[networkfirewall.CfnFirewallPolicy.DimensionProperty(
                        value="value"
                    )]
                )
            ),
            action_name="actionName"
        )],
        stateless_rule_group_references=[networkfirewall.CfnFirewallPolicy.StatelessRuleGroupReferenceProperty(
            priority=123,
            resource_arn="resourceArn"
        )],
        tls_inspection_configuration_arn="tlsInspectionConfigurationArn"
    ),
    firewall_policy_name="firewallPolicyName",

    # the properties below are optional
    description="description",
    tags=[CfnTag(
        key="key",
        value="value"
    )]
)