pulumi-aws-kotlin/com.pulumi.aws.route53.kotlin/ResolverFirewallConfigArgs

ResolverFirewallConfigArgs

data class ResolverFirewallConfigArgs(val firewallFailOpen: Output<String>? = null, val resourceId: Output<String>? = null) : ConvertibleToJava<ResolverFirewallConfigArgs>

Provides a Route 53 Resolver DNS Firewall config resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.ec2.Vpc("example", {
    cidrBlock: "10.0.0.0/16",
    enableDnsSupport: true,
    enableDnsHostnames: true,
});
const exampleResolverFirewallConfig = new aws.route53.ResolverFirewallConfig("example", {
    resourceId: example.id,
    firewallFailOpen: "ENABLED",
});
Content copied to clipboard
import pulumi
import pulumi_aws as aws
example = aws.ec2.Vpc("example",
    cidr_block="10.0.0.0/16",
    enable_dns_support=True,
    enable_dns_hostnames=True)
example_resolver_firewall_config = aws.route53.ResolverFirewallConfig("example",
    resource_id=example.id,
    firewall_fail_open="ENABLED")
Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
    var example = new Aws.Ec2.Vpc("example", new()
    {
        CidrBlock = "10.0.0.0/16",
        EnableDnsSupport = true,
        EnableDnsHostnames = true,
    });
    var exampleResolverFirewallConfig = new Aws.Route53.ResolverFirewallConfig("example", new()
    {
        ResourceId = example.Id,
        FirewallFailOpen = "ENABLED",
    });
});
Content copied to clipboard
package main
import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/route53"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := ec2.NewVpc(ctx, "example", &ec2.VpcArgs{
			CidrBlock:          pulumi.String("10.0.0.0/16"),
			EnableDnsSupport:   pulumi.Bool(true),
			EnableDnsHostnames: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = route53.NewResolverFirewallConfig(ctx, "example", &route53.ResolverFirewallConfigArgs{
			ResourceId:       example.ID(),
			FirewallFailOpen: pulumi.String("ENABLED"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.Vpc;
import com.pulumi.aws.ec2.VpcArgs;
import com.pulumi.aws.route53.ResolverFirewallConfig;
import com.pulumi.aws.route53.ResolverFirewallConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new Vpc("example", VpcArgs.builder()
            .cidrBlock("10.0.0.0/16")
            .enableDnsSupport(true)
            .enableDnsHostnames(true)
            .build());
        var exampleResolverFirewallConfig = new ResolverFirewallConfig("exampleResolverFirewallConfig", ResolverFirewallConfigArgs.builder()
            .resourceId(example.id())
            .firewallFailOpen("ENABLED")
            .build());
    }
}
Content copied to clipboard
resources:
  example:
    type: aws:ec2:Vpc
    properties:
      cidrBlock: 10.0.0.0/16
      enableDnsSupport: true
      enableDnsHostnames: true
  exampleResolverFirewallConfig:
    type: aws:route53:ResolverFirewallConfig
    name: example
    properties:
      resourceId: ${example.id}
      firewallFailOpen: ENABLED
Content copied to clipboard

Import

Using pulumi import, import Route 53 Resolver DNS Firewall configs using the Route 53 Resolver DNS Firewall config ID. For example:

$ pulumi import aws:route53/resolverFirewallConfig:ResolverFirewallConfig example rdsc-be1866ecc1683e95
Content copied to clipboard

Constructors

Link copied to clipboard
fun ResolverFirewallConfigArgs(firewallFailOpen: Output<String>? = null, resourceId: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): ResolverFirewallConfigArgs

Properties

Link copied to clipboard
val firewallFailOpen: Output<String>? = null

Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall blocks queries that it is unable to evaluate properly. If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. Valid values: ENABLED, DISABLED.

Link copied to clipboard
val resourceId: Output<String>? = null

The ID of the VPC that the configuration is for.