Attachment
The definition and status of the firewall endpoint for a single subnet. In each configured subnet, Network Firewall instantiates a firewall endpoint to handle network traffic.
This data type is used for any firewall endpoint type:
- 
         For Firewall.SubnetMappings, thisAttachmentis part of theFirewallStatussync states information. You define firewall subnets usingCreateFirewallandAssociateSubnets.
- 
         For VpcEndpointAssociation, thisAttachmentis part of theVpcEndpointAssociationStatussync states information. You define these subnets usingCreateVpcEndpointAssociation.
Contents
- EndpointId
- 
               The identifier of the firewall endpoint that Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint. Type: String Required: No 
- Status
- 
               The current status of the firewall endpoint instantiation in the subnet. When this value is READY, the endpoint is available to handle network traffic. Otherwise, this value reflects its state, for exampleCREATINGorDELETING.Type: String Valid Values: CREATING | DELETING | FAILED | ERROR | SCALING | READYRequired: No 
- StatusMessage
- 
               If Network Firewall fails to create or delete the firewall endpoint in the subnet, it populates this with the reason for the error or failure and how to resolve it. A FAILEDstatus indicates a non-recoverable state, and aERRORstatus indicates an issue that you can fix. Depending on the error, it can take as many as 15 minutes to populate this field. For more information about the causes for failiure or errors and solutions available for this field, see Troubleshooting firewall endpoint failures in the Network Firewall Developer Guide.Type: String Required: No 
- SubnetId
- 
               The unique identifier of the subnet that you've specified to be used for a firewall endpoint. Type: String Length Constraints: Minimum length of 1. Maximum length of 128. Pattern: ^subnet-[0-9a-f]+$Required: No 
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: