Data Source: awsNetworkfirewallFirewall
Retrieve information about a firewall.
Example Usage
Find firewall policy by ARN
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsNetworkfirewallFirewall.DataAwsNetworkfirewallFirewall(
this,
"example",
{
arn: "${aws_networkfirewall_firewall.arn}",
}
);
Find firewall policy by Name
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsNetworkfirewallFirewall.DataAwsNetworkfirewallFirewall(
this,
"example",
{
name: "Test",
}
);
Find firewall policy by ARN and Name
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.dataAwsNetworkfirewallFirewall.DataAwsNetworkfirewallFirewall(
this,
"example",
{
arn: "${aws_networkfirewall_firewall.arn}",
name: "Test",
}
);
Argument Reference
One or more of the following arguments are required:
arn- ARN of the firewall.name- Descriptive name of the firewall.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
arn- ARN of the firewall.deleteProtection- Boolean flag indicating whether it is possible to delete the firewall.description- Description of the firewall.encryptionConfiguration- AWS Key Management Service (AWS KMS) encryption settings for the firewall.keyId- The ID of the AWS Key Management Service (AWS KMS) customer managed key.type- The type of the AWS Key Management Service (AWS KMS) key use by the firewall.firewallPolicyArn- ARN of the VPC Firewall policy.firewallPolicyChangeProtection- A boolean flag indicating whether it is possible to change the associated firewall policy.firewallStatus- Nested list of information about the current status of the firewall.syncStates- Set of subnets configured for use by the firewall.attachment- Nested list describing the attachment status of the firewall's association with a single VPC subnet.endpointId- The identifier of the firewall endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.subnetId- The unique identifier of the subnet that you've specified to be used for a firewall endpoint.availabilityZone- The Availability Zone where the subnet is configured.
capacityUsageSummary- Aggregated count of all resources used by reference sets in a firewall.cidrs- Capacity usage of CIDR blocks used by IP set references in a firewall.availableCidrCount- Available number of CIDR blocks available for use by the IP set references in a firewall.ipSetReferences- The list of IP set references used by a firewall.resolvedCidrCount- Total number of CIDR blocks used by the IP set references in a firewall.
utilizedCidrCount- Number of CIDR blocks used by the IP set references in a firewall.
configurationSyncStateSummary- Summary of sync states for all availability zones in which the firewall is configured.id- ARN that identifies the firewall.name- Descriptive name of the firewall.subnetChangeProtection- A boolean flag indicating whether it is possible to change the associated subnet(s).subnetMapping- Set of configuration blocks describing the public subnets. Each subnet must belong to a different Availability Zone in the VPC. AWS Network Firewall creates a firewall endpoint in each subnet.subnetId- The unique identifier for the subnet.tags- Map of resource tags to associate with the resource. If configured with a providerdefaultTagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.updateToken- String token used when updating a firewall.vpcId- Unique identifier of the VPC where AWS Network Firewall should create the firewall.