pulumi-aws-kotlin/com.pulumi.aws.networkfirewall.kotlin/FirewallPolicyArgs

FirewallPolicyArgs

data class FirewallPolicyArgs(val description: Output<String>? = null, val encryptionConfiguration: Output<FirewallPolicyEncryptionConfigurationArgs>? = null, val firewallPolicy: Output<FirewallPolicyFirewallPolicyArgs>? = null, val name: Output<String>? = null, val tags: Output<Map<String, String>>? = null) : ConvertibleToJava<FirewallPolicyArgs>

Provides an AWS Network Firewall Firewall Policy Resource

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.FirewallPolicy;
import com.pulumi.aws.networkfirewall.FirewallPolicyArgs;
import com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new FirewallPolicy("example", FirewallPolicyArgs.builder()
            .firewallPolicy(FirewallPolicyFirewallPolicyArgs.builder()
                .statelessDefaultActions("aws:pass")
                .statelessFragmentDefaultActions("aws:drop")
                .statelessRuleGroupReferences(FirewallPolicyFirewallPolicyStatelessRuleGroupReferenceArgs.builder()
                    .priority(1)
                    .resourceArn(aws_networkfirewall_rule_group.example().arn())
                    .build())
                .build())
            .tags(Map.ofEntries(
                Map.entry("Tag1", "Value1"),
                Map.entry("Tag2", "Value2")
            ))
            .build());
    }
}
Content copied to clipboard

Policy with a Custom Action for Stateless Inspection

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.FirewallPolicy;
import com.pulumi.aws.networkfirewall.FirewallPolicyArgs;
import com.pulumi.aws.networkfirewall.inputs.FirewallPolicyFirewallPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var test = new FirewallPolicy("test", FirewallPolicyArgs.builder()
            .firewallPolicy(FirewallPolicyFirewallPolicyArgs.builder()
                .statelessCustomActions(FirewallPolicyFirewallPolicyStatelessCustomActionArgs.builder()
                    .actionDefinition(FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionArgs.builder()
                        .publishMetricAction(FirewallPolicyFirewallPolicyStatelessCustomActionActionDefinitionPublishMetricActionArgs.builder()
                            .dimension(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference))
                            .build())
                        .build())
                    .actionName("ExampleCustomAction")
                    .build())
                .statelessDefaultActions(
                    "aws:pass",
                    "ExampleCustomAction")
                .statelessFragmentDefaultActions("aws:drop")
                .build())
            .build());
    }
}
Content copied to clipboard
resources:
  test:
    type: aws:networkfirewall:FirewallPolicy
    properties:
      firewallPolicy:
        statelessCustomActions:
          - actionDefinition:
              publishMetricAction:
                dimension:
                  - value: '1'
            actionName: ExampleCustomAction
        statelessDefaultActions:
          - aws:pass
          - ExampleCustomAction
        statelessFragmentDefaultActions:
          - aws:drop
Content copied to clipboard

Import

Network Firewall Policies can be imported using their ARN.

$ pulumi import aws:networkfirewall/firewallPolicy:FirewallPolicy example arn:aws:network-firewall:us-west-1:123456789012:firewall-policy/example
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(description: Output<String>? = null, encryptionConfiguration: Output<FirewallPolicyEncryptionConfigurationArgs>? = null, firewallPolicy: Output<FirewallPolicyFirewallPolicyArgs>? = null, name: Output<String>? = null, tags: Output<Map<String, String>>? = null)

Properties

Link copied to clipboard
val description: Output<String>? = null

A friendly description of the firewall policy.

Link copied to clipboard
val encryptionConfiguration: Output<FirewallPolicyEncryptionConfigurationArgs>? = null

KMS encryption configuration settings. See Encryption Configuration below for details.

Link copied to clipboard
val firewallPolicy: Output<FirewallPolicyFirewallPolicyArgs>? = null

A configuration block describing the rule groups and policy actions to use in the firewall policy. See Firewall Policy below for details.

Link copied to clipboard
val name: Output<String>? = null

A friendly name of the firewall policy.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

Functions

Link copied to clipboard
open override fun toJava(): FirewallPolicyArgs