libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall
Copyright(c) 2013-2021 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone

Amazonka.NetworkFirewall.CreateFirewall

Description

Creates an AWS Network Firewall Firewall and accompanying FirewallStatus for a VPC.

The firewall defines the configuration settings for an AWS Network Firewall firewall. The settings that you can define at creation include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.

After you create a firewall, you can provide additional settings, like the logging configuration.

To update the settings for a firewall, you use the operations that apply to the settings themselves, for example UpdateLoggingConfiguration, AssociateSubnets, and UpdateFirewallDeleteProtection.

To manage a firewall's tags, use the standard AWS resource tagging operations, ListTagsForResource, TagResource, and UntagResource.

To retrieve information about firewalls, use ListFirewalls and DescribeFirewall.

Synopsis

Creating a Request

data CreateFirewall Source #

See: newCreateFirewall smart constructor.

Constructors

CreateFirewall' 

Fields

  • firewallPolicyChangeProtection :: Maybe Bool

    A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

  • subnetChangeProtection :: Maybe Bool

    A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

  • deleteProtection :: Maybe Bool

    A flag indicating whether it is possible to delete the firewall. A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE.

  • description :: Maybe Text

    A description of the firewall.

  • tags :: Maybe (NonEmpty Tag)

    The key:value pairs to associate with the resource.

  • firewallName :: Text

    The descriptive name of the firewall. You can't change the name of a firewall after you create it.

  • firewallPolicyArn :: Text

    The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for the firewall.

  • vpcId :: Text

    The unique identifier of the VPC where Network Firewall should create the firewall.

    You can't change this setting after you create the firewall.

  • subnetMappings :: [SubnetMapping]

    The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.

Instances

Instances details
Eq CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Read CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Show CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Generic CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Associated Types

type Rep CreateFirewall :: Type -> Type #

NFData CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Methods

rnf :: CreateFirewall -> () #

Hashable CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

ToJSON CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

AWSRequest CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Associated Types

type AWSResponse CreateFirewall #

ToHeaders CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

ToPath CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

ToQuery CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

type Rep CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

type Rep CreateFirewall = D1 ('MetaData "CreateFirewall" "Amazonka.NetworkFirewall.CreateFirewall" "libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall" 'False) (C1 ('MetaCons "CreateFirewall'" 'PrefixI 'True) (((S1 ('MetaSel ('Just "firewallPolicyChangeProtection") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool)) :*: S1 ('MetaSel ('Just "subnetChangeProtection") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool))) :*: (S1 ('MetaSel ('Just "deleteProtection") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool)) :*: S1 ('MetaSel ('Just "description") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :*: ((S1 ('MetaSel ('Just "tags") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe (NonEmpty Tag))) :*: S1 ('MetaSel ('Just "firewallName") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)) :*: (S1 ('MetaSel ('Just "firewallPolicyArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: (S1 ('MetaSel ('Just "vpcId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "subnetMappings") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 [SubnetMapping]))))))
type AWSResponse CreateFirewall Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

newCreateFirewall Source #

Create a value of CreateFirewall with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:firewallPolicyChangeProtection:CreateFirewall', createFirewall_firewallPolicyChangeProtection - A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

$sel:subnetChangeProtection:CreateFirewall', createFirewall_subnetChangeProtection - A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

$sel:deleteProtection:CreateFirewall', createFirewall_deleteProtection - A flag indicating whether it is possible to delete the firewall. A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE.

$sel:description:CreateFirewall', createFirewall_description - A description of the firewall.

$sel:tags:CreateFirewall', createFirewall_tags - The key:value pairs to associate with the resource.

$sel:firewallName:CreateFirewall', createFirewall_firewallName - The descriptive name of the firewall. You can't change the name of a firewall after you create it.

$sel:firewallPolicyArn:CreateFirewall', createFirewall_firewallPolicyArn - The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for the firewall.

$sel:vpcId:CreateFirewall', createFirewall_vpcId - The unique identifier of the VPC where Network Firewall should create the firewall.

You can't change this setting after you create the firewall.

$sel:subnetMappings:CreateFirewall', createFirewall_subnetMappings - The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.

Request Lenses

createFirewall_firewallPolicyChangeProtection :: Lens' CreateFirewall (Maybe Bool) Source #

A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

createFirewall_subnetChangeProtection :: Lens' CreateFirewall (Maybe Bool) Source #

A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to TRUE.

createFirewall_deleteProtection :: Lens' CreateFirewall (Maybe Bool) Source #

A flag indicating whether it is possible to delete the firewall. A setting of TRUE indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to TRUE.

createFirewall_description :: Lens' CreateFirewall (Maybe Text) Source #

A description of the firewall.

createFirewall_tags :: Lens' CreateFirewall (Maybe (NonEmpty Tag)) Source #

The key:value pairs to associate with the resource.

createFirewall_firewallName :: Lens' CreateFirewall Text Source #

The descriptive name of the firewall. You can't change the name of a firewall after you create it.

createFirewall_firewallPolicyArn :: Lens' CreateFirewall Text Source #

The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for the firewall.

createFirewall_vpcId :: Lens' CreateFirewall Text Source #

The unique identifier of the VPC where Network Firewall should create the firewall.

You can't change this setting after you create the firewall.

createFirewall_subnetMappings :: Lens' CreateFirewall [SubnetMapping] Source #

The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.

Destructuring the Response

data CreateFirewallResponse Source #

See: newCreateFirewallResponse smart constructor.

Constructors

CreateFirewallResponse' 

Fields

  • firewallStatus :: Maybe FirewallStatus

    Detailed information about the current status of a Firewall. You can retrieve this for a firewall by calling DescribeFirewall and providing the firewall name and ARN.

  • firewall :: Maybe Firewall

    The configuration settings for the firewall. These settings include the firewall policy and the subnets in your VPC to use for the firewall endpoints.

  • httpStatus :: Int

    The response's http status code.

Instances

Instances details
Eq CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Read CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Show CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Generic CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Associated Types

type Rep CreateFirewallResponse :: Type -> Type #

NFData CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

Methods

rnf :: CreateFirewallResponse -> () #

type Rep CreateFirewallResponse Source # 
Instance details

Defined in Amazonka.NetworkFirewall.CreateFirewall

type Rep CreateFirewallResponse = D1 ('MetaData "CreateFirewallResponse" "Amazonka.NetworkFirewall.CreateFirewall" "libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall" 'False) (C1 ('MetaCons "CreateFirewallResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "firewallStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe FirewallStatus)) :*: (S1 ('MetaSel ('Just "firewall") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Firewall)) :*: S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int))))

newCreateFirewallResponse Source #

Create a value of CreateFirewallResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:firewallStatus:CreateFirewallResponse', createFirewallResponse_firewallStatus - Detailed information about the current status of a Firewall. You can retrieve this for a firewall by calling DescribeFirewall and providing the firewall name and ARN.

$sel:firewall:CreateFirewallResponse', createFirewallResponse_firewall - The configuration settings for the firewall. These settings include the firewall policy and the subnets in your VPC to use for the firewall endpoints.

$sel:httpStatus:CreateFirewallResponse', createFirewallResponse_httpStatus - The response's http status code.

Response Lenses

createFirewallResponse_firewallStatus :: Lens' CreateFirewallResponse (Maybe FirewallStatus) Source #

Detailed information about the current status of a Firewall. You can retrieve this for a firewall by calling DescribeFirewall and providing the firewall name and ARN.

createFirewallResponse_firewall :: Lens' CreateFirewallResponse (Maybe Firewall) Source #

The configuration settings for the firewall. These settings include the firewall policy and the subnets in your VPC to use for the firewall endpoints.