firewall
Gets an individual firewall resource
Overview
| Name | firewall |
| Type | Resource |
| Description | firewall |
| Id | awscc.networkfirewall.firewall |
Fields
| Name | Datatype | Description |
|---|---|---|
firewall_name | string | |
firewall_arn | string | |
firewall_id | string | |
firewall_policy_arn | string | |
vpc_id | string | |
subnet_mappings | array | |
delete_protection | boolean | |
subnet_change_protection | boolean | |
firewall_policy_change_protection | boolean | |
description | string | |
endpoint_ids | array | |
tags | array | |
region | string | AWS region. |
Methods
Currently only SELECT is supported for this resource resource.
Example
SELECT
region,
firewall_name,
firewall_arn,
firewall_id,
firewall_policy_arn,
vpc_id,
subnet_mappings,
delete_protection,
subnet_change_protection,
firewall_policy_change_protection,
description,
endpoint_ids,
tags
FROM awscc.networkfirewall.firewall
WHERE data__Identifier = '<FirewallArn>';
Permissions
To operate on the firewall resource, the following permissions are required:
Read
network-firewall:DescribeFirewall,
network-firewall:ListTagsForResources
Update
network-firewall:AssociateSubnets,
network-firewall:DisassociateSubnets,
network-firewall:UpdateFirewallDescription,
network-firewall:UpdateFirewallDeleteProtection,
network-firewall:UpdateSubnetChangeProtection,
network-firewall:UpdateFirewallPolicyChangeProtection,
network-firewall:AssociateFirewallPolicy,
network-firewall:TagResource,
network-firewall:UntagResource,
network-firewall:DescribeFirewall
Delete
ec2:DeleteVpcEndpoints,
ec2:DescribeRouteTables,
logs:DescribeLogGroups,
logs:DescribeResourcePolicies,
logs:GetLogDelivery,
logs:ListLogDeliveries,
network-firewall:DeleteFirewall,
network-firewall:UntagResource,
network-firewall:DescribeFirewall