CfnFirewallPropsMixin
- class aws_cdk.mixins_preview.aws_networkfirewall.mixins.CfnFirewallPropsMixin(props, *, strategy=None)
Bases:
MixinUse the firewall to provide stateful, managed, network firewall and intrusion detection and prevention filtering for your VPCs in Amazon VPC .
The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.
- See:
- CloudformationResource:
AWS::NetworkFirewall::Firewall
- Mixin:
true
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview import mixins from aws_cdk.mixins_preview.aws_networkfirewall import mixins as networkfirewall_mixins cfn_firewall_props_mixin = networkfirewall_mixins.CfnFirewallPropsMixin(networkfirewall_mixins.CfnFirewallMixinProps( availability_zone_change_protection=False, availability_zone_mappings=[networkfirewall_mixins.CfnFirewallPropsMixin.AvailabilityZoneMappingProperty( availability_zone="availabilityZone" )], delete_protection=False, description="description", enabled_analysis_types=["enabledAnalysisTypes"], firewall_name="firewallName", firewall_policy_arn="firewallPolicyArn", firewall_policy_change_protection=False, subnet_change_protection=False, subnet_mappings=[networkfirewall_mixins.CfnFirewallPropsMixin.SubnetMappingProperty( ip_address_type="ipAddressType", subnet_id="subnetId" )], tags=[CfnTag( key="key", value="value" )], transit_gateway_id="transitGatewayId", vpc_id="vpcId" ), strategy=mixins.PropertyMergeStrategy.OVERRIDE )
Create a mixin to apply properties to
AWS::NetworkFirewall::Firewall.- Parameters:
props (
Union[CfnFirewallMixinProps,Dict[str,Any]]) – L1 properties to apply.strategy (
Optional[PropertyMergeStrategy]) – (experimental) Strategy for merging nested properties. Default: - PropertyMergeStrategy.MERGE
Methods
- apply_to(construct)
Apply the mixin properties to the construct.
- Parameters:
construct (
IConstruct)- Return type:
- supports(construct)
Check if this mixin supports the given construct.
- Parameters:
construct (
IConstruct)- Return type:
bool
Attributes
- CFN_PROPERTY_KEYS = ['availabilityZoneChangeProtection', 'availabilityZoneMappings', 'deleteProtection', 'description', 'enabledAnalysisTypes', 'firewallName', 'firewallPolicyArn', 'firewallPolicyChangeProtection', 'subnetChangeProtection', 'subnetMappings', 'tags', 'transitGatewayId', 'vpcId']
Static Methods
- classmethod is_mixin(x)
(experimental) Checks if
xis a Mixin.- Parameters:
x (
Any) – Any object.- Return type:
bool- Returns:
true if
xis an object created from a class which extendsMixin.- Stability:
experimental
AvailabilityZoneMappingProperty
- class CfnFirewallPropsMixin.AvailabilityZoneMappingProperty(*, availability_zone=None)
Bases:
objectDefines the mapping between an Availability Zone and a firewall endpoint for a transit gateway-attached firewall.
Each mapping represents where the firewall can process traffic. You use these mappings when calling
CreateFirewall,AssociateAvailabilityZones, andDisassociateAvailabilityZones.To retrieve the current Availability Zone mappings for a firewall, use
DescribeFirewall.- Parameters:
availability_zone (
Optional[str]) – The ID of the Availability Zone where the firewall endpoint is located. For example,us-east-2a. The Availability Zone must be in the same Region as the transit gateway.- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_networkfirewall import mixins as networkfirewall_mixins availability_zone_mapping_property = networkfirewall_mixins.CfnFirewallPropsMixin.AvailabilityZoneMappingProperty( availability_zone="availabilityZone" )
Attributes
- availability_zone
The ID of the Availability Zone where the firewall endpoint is located.
For example,
us-east-2a. The Availability Zone must be in the same Region as the transit gateway.
SubnetMappingProperty
- class CfnFirewallPropsMixin.SubnetMappingProperty(*, ip_address_type=None, subnet_id=None)
Bases:
objectThe ID for a subnet that you want to associate with the firewall.
AWS Network Firewall creates an instance of the associated firewall in each subnet that you specify, to filter traffic in the subnet’s Availability Zone.
- Parameters:
ip_address_type (
Optional[str]) – The subnet’s IP address type. You can’t change the IP address type after you create the subnet.subnet_id (
Optional[str]) – The unique identifier for the subnet.
- See:
- ExampleMetadata:
fixture=_generated
Example:
# The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_networkfirewall import mixins as networkfirewall_mixins subnet_mapping_property = networkfirewall_mixins.CfnFirewallPropsMixin.SubnetMappingProperty( ip_address_type="ipAddressType", subnet_id="subnetId" )
Attributes
- ip_address_type
The subnet’s IP address type.
You can’t change the IP address type after you create the subnet.
- subnet_id
The unique identifier for the subnet.