Readonly
delete(OPTIONAL) Enable for deletion protection on the firewall.
Readonly
description(OPTIONAL) A description for the firewall.
Readonly
firewallThe friendly name of the Network Firewall policy.
This is the logical name
property of the policy as defined in network-config.yaml.
Readonly
firewall(OPTIONAL) Enable to disallow firewall policy changes.
Readonly
loggingReadonly
nameA friendly name for the firewall.
CAUTION: Changing this property value after initial deployment causes the firewall to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.
Readonly
subnet(OPTIONAL) Enable to disallow firewall subnet changes.
Readonly
subnetsAn array of the friendly names of subnets to deploy Network Firewall to.
This is the logical name
property of the subnets as defined in network-config.yaml.
The listed subnets must exist in the VPC referenced in the vpc
property.
Readonly
tags(OPTIONAL) An array of tags for the firewall.
Readonly
vpcThe friendly name of the VPC to deploy Network Firewall to.
CAUTION: Changing this property value after initial deployment causes the firewall to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.
This is the logical name
property of the VPC as defined in network-config.yaml.
Generated using TypeDoc
NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwFirewallConfig
Network Firewall firewall configuration. Use this configuration to define a Network Firewall firewall. An AWS Network Firewall firewall connects a firewall policy, which defines network traffic monitoring and filtering behavior, to the VPC that you want to protect. The firewall configuration includes specifications for the Availability Zones and subnets where the firewall endpoints are placed. It also defines high-level settings like the firewall logging configuration and tagging on the AWS firewall resource.
See
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-firewall.html.
The following example creates a firewall named
accelerator-nfw
in the VPC namedNetwork-Inspection
. Firewall endpoints are deployed to the subnets namedSubnet-A
andSubnet-B
in that VPC.Example