1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
pub use crate::operation::create_firewall::_create_firewall_input::CreateFirewallInputBuilder;
pub use crate::operation::create_firewall::_create_firewall_output::CreateFirewallOutputBuilder;
impl crate::operation::create_firewall::builders::CreateFirewallInputBuilder {
/// Sends a request with this input using the given client.
pub async fn send_with(
self,
client: &crate::Client,
) -> ::std::result::Result<
crate::operation::create_firewall::CreateFirewallOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::create_firewall::CreateFirewallError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let mut fluent_builder = client.create_firewall();
fluent_builder.inner = self;
fluent_builder.send().await
}
}
/// Fluent builder constructing a request to `CreateFirewall`.
///
/// <p>Creates an Network Firewall <code>Firewall</code> and accompanying <code>FirewallStatus</code> for a VPC.</p>
/// <p>The firewall defines the configuration settings for an Network Firewall firewall. The settings that you can define at creation include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall Amazon Web Services resource.</p>
/// <p>After you create a firewall, you can provide additional settings, like the logging configuration.</p>
/// <p>To update the settings for a firewall, you use the operations that apply to the settings themselves, for example <code>UpdateLoggingConfiguration</code>, <code>AssociateSubnets</code>, and <code>UpdateFirewallDeleteProtection</code>.</p>
/// <p>To manage a firewall's tags, use the standard Amazon Web Services resource tagging operations, <code>ListTagsForResource</code>, <code>TagResource</code>, and <code>UntagResource</code>.</p>
/// <p>To retrieve information about firewalls, use <code>ListFirewalls</code> and <code>DescribeFirewall</code>.</p>
/// <p>To generate a report on the last 30 days of traffic monitored by a firewall, use <code>StartAnalysisReport</code>.</p>
#[derive(::std::clone::Clone, ::std::fmt::Debug)]
pub struct CreateFirewallFluentBuilder {
handle: ::std::sync::Arc<crate::client::Handle>,
inner: crate::operation::create_firewall::builders::CreateFirewallInputBuilder,
config_override: ::std::option::Option<crate::config::Builder>,
}
impl
crate::client::customize::internal::CustomizableSend<
crate::operation::create_firewall::CreateFirewallOutput,
crate::operation::create_firewall::CreateFirewallError,
> for CreateFirewallFluentBuilder
{
fn send(
self,
config_override: crate::config::Builder,
) -> crate::client::customize::internal::BoxFuture<
crate::client::customize::internal::SendResult<
crate::operation::create_firewall::CreateFirewallOutput,
crate::operation::create_firewall::CreateFirewallError,
>,
> {
::std::boxed::Box::pin(async move { self.config_override(config_override).send().await })
}
}
impl CreateFirewallFluentBuilder {
/// Creates a new `CreateFirewallFluentBuilder`.
pub(crate) fn new(handle: ::std::sync::Arc<crate::client::Handle>) -> Self {
Self {
handle,
inner: ::std::default::Default::default(),
config_override: ::std::option::Option::None,
}
}
/// Access the CreateFirewall as a reference.
pub fn as_input(&self) -> &crate::operation::create_firewall::builders::CreateFirewallInputBuilder {
&self.inner
}
/// Sends the request and returns the response.
///
/// If an error occurs, an `SdkError` will be returned with additional details that
/// can be matched against.
///
/// By default, any retryable failures will be retried twice. Retry behavior
/// is configurable with the [RetryConfig](aws_smithy_types::retry::RetryConfig), which can be
/// set when configuring the client.
pub async fn send(
self,
) -> ::std::result::Result<
crate::operation::create_firewall::CreateFirewallOutput,
::aws_smithy_runtime_api::client::result::SdkError<
crate::operation::create_firewall::CreateFirewallError,
::aws_smithy_runtime_api::client::orchestrator::HttpResponse,
>,
> {
let input = self
.inner
.build()
.map_err(::aws_smithy_runtime_api::client::result::SdkError::construction_failure)?;
let runtime_plugins = crate::operation::create_firewall::CreateFirewall::operation_runtime_plugins(
self.handle.runtime_plugins.clone(),
&self.handle.conf,
self.config_override,
);
crate::operation::create_firewall::CreateFirewall::orchestrate(&runtime_plugins, input).await
}
/// Consumes this builder, creating a customizable operation that can be modified before being sent.
pub fn customize(
self,
) -> crate::client::customize::CustomizableOperation<
crate::operation::create_firewall::CreateFirewallOutput,
crate::operation::create_firewall::CreateFirewallError,
Self,
> {
crate::client::customize::CustomizableOperation::new(self)
}
pub(crate) fn config_override(mut self, config_override: impl ::std::convert::Into<crate::config::Builder>) -> Self {
self.set_config_override(::std::option::Option::Some(config_override.into()));
self
}
pub(crate) fn set_config_override(&mut self, config_override: ::std::option::Option<crate::config::Builder>) -> &mut Self {
self.config_override = config_override;
self
}
/// <p>The descriptive name of the firewall. You can't change the name of a firewall after you create it.</p>
pub fn firewall_name(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.firewall_name(input.into());
self
}
/// <p>The descriptive name of the firewall. You can't change the name of a firewall after you create it.</p>
pub fn set_firewall_name(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_firewall_name(input);
self
}
/// <p>The descriptive name of the firewall. You can't change the name of a firewall after you create it.</p>
pub fn get_firewall_name(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_firewall_name()
}
/// <p>The Amazon Resource Name (ARN) of the <code>FirewallPolicy</code> that you want to use for the firewall.</p>
pub fn firewall_policy_arn(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.firewall_policy_arn(input.into());
self
}
/// <p>The Amazon Resource Name (ARN) of the <code>FirewallPolicy</code> that you want to use for the firewall.</p>
pub fn set_firewall_policy_arn(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_firewall_policy_arn(input);
self
}
/// <p>The Amazon Resource Name (ARN) of the <code>FirewallPolicy</code> that you want to use for the firewall.</p>
pub fn get_firewall_policy_arn(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_firewall_policy_arn()
}
/// <p>The unique identifier of the VPC where Network Firewall should create the firewall.</p>
/// <p>You can't change this setting after you create the firewall.</p>
pub fn vpc_id(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.vpc_id(input.into());
self
}
/// <p>The unique identifier of the VPC where Network Firewall should create the firewall.</p>
/// <p>You can't change this setting after you create the firewall.</p>
pub fn set_vpc_id(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_vpc_id(input);
self
}
/// <p>The unique identifier of the VPC where Network Firewall should create the firewall.</p>
/// <p>You can't change this setting after you create the firewall.</p>
pub fn get_vpc_id(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_vpc_id()
}
///
/// Appends an item to `SubnetMappings`.
///
/// To override the contents of this collection use [`set_subnet_mappings`](Self::set_subnet_mappings).
///
/// <p>The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.</p>
pub fn subnet_mappings(mut self, input: crate::types::SubnetMapping) -> Self {
self.inner = self.inner.subnet_mappings(input);
self
}
/// <p>The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.</p>
pub fn set_subnet_mappings(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::SubnetMapping>>) -> Self {
self.inner = self.inner.set_subnet_mappings(input);
self
}
/// <p>The public subnets to use for your Network Firewall firewalls. Each subnet must belong to a different Availability Zone in the VPC. Network Firewall creates a firewall endpoint in each subnet.</p>
pub fn get_subnet_mappings(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::SubnetMapping>> {
self.inner.get_subnet_mappings()
}
/// <p>A flag indicating whether it is possible to delete the firewall. A setting of <code>TRUE</code> indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to <code>TRUE</code>.</p>
pub fn delete_protection(mut self, input: bool) -> Self {
self.inner = self.inner.delete_protection(input);
self
}
/// <p>A flag indicating whether it is possible to delete the firewall. A setting of <code>TRUE</code> indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to <code>TRUE</code>.</p>
pub fn set_delete_protection(mut self, input: ::std::option::Option<bool>) -> Self {
self.inner = self.inner.set_delete_protection(input);
self
}
/// <p>A flag indicating whether it is possible to delete the firewall. A setting of <code>TRUE</code> indicates that the firewall is protected against deletion. Use this setting to protect against accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to <code>TRUE</code>.</p>
pub fn get_delete_protection(&self) -> &::std::option::Option<bool> {
self.inner.get_delete_protection()
}
/// <p>A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn subnet_change_protection(mut self, input: bool) -> Self {
self.inner = self.inner.subnet_change_protection(input);
self
}
/// <p>A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn set_subnet_change_protection(mut self, input: ::std::option::Option<bool>) -> Self {
self.inner = self.inner.set_subnet_change_protection(input);
self
}
/// <p>A setting indicating whether the firewall is protected against changes to the subnet associations. Use this setting to protect against accidentally modifying the subnet associations for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn get_subnet_change_protection(&self) -> &::std::option::Option<bool> {
self.inner.get_subnet_change_protection()
}
/// <p>A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn firewall_policy_change_protection(mut self, input: bool) -> Self {
self.inner = self.inner.firewall_policy_change_protection(input);
self
}
/// <p>A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn set_firewall_policy_change_protection(mut self, input: ::std::option::Option<bool>) -> Self {
self.inner = self.inner.set_firewall_policy_change_protection(input);
self
}
/// <p>A setting indicating whether the firewall is protected against a change to the firewall policy association. Use this setting to protect against accidentally modifying the firewall policy for a firewall that is in use. When you create a firewall, the operation initializes this setting to <code>TRUE</code>.</p>
pub fn get_firewall_policy_change_protection(&self) -> &::std::option::Option<bool> {
self.inner.get_firewall_policy_change_protection()
}
/// <p>A description of the firewall.</p>
pub fn description(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.description(input.into());
self
}
/// <p>A description of the firewall.</p>
pub fn set_description(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_description(input);
self
}
/// <p>A description of the firewall.</p>
pub fn get_description(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_description()
}
///
/// Appends an item to `Tags`.
///
/// To override the contents of this collection use [`set_tags`](Self::set_tags).
///
/// <p>The key:value pairs to associate with the resource.</p>
pub fn tags(mut self, input: crate::types::Tag) -> Self {
self.inner = self.inner.tags(input);
self
}
/// <p>The key:value pairs to associate with the resource.</p>
pub fn set_tags(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::Tag>>) -> Self {
self.inner = self.inner.set_tags(input);
self
}
/// <p>The key:value pairs to associate with the resource.</p>
pub fn get_tags(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::Tag>> {
self.inner.get_tags()
}
/// <p>A complex type that contains settings for encryption of your firewall resources.</p>
pub fn encryption_configuration(mut self, input: crate::types::EncryptionConfiguration) -> Self {
self.inner = self.inner.encryption_configuration(input);
self
}
/// <p>A complex type that contains settings for encryption of your firewall resources.</p>
pub fn set_encryption_configuration(mut self, input: ::std::option::Option<crate::types::EncryptionConfiguration>) -> Self {
self.inner = self.inner.set_encryption_configuration(input);
self
}
/// <p>A complex type that contains settings for encryption of your firewall resources.</p>
pub fn get_encryption_configuration(&self) -> &::std::option::Option<crate::types::EncryptionConfiguration> {
self.inner.get_encryption_configuration()
}
///
/// Appends an item to `EnabledAnalysisTypes`.
///
/// To override the contents of this collection use [`set_enabled_analysis_types`](Self::set_enabled_analysis_types).
///
/// <p>An optional setting indicating the specific traffic analysis types to enable on the firewall.</p>
pub fn enabled_analysis_types(mut self, input: crate::types::EnabledAnalysisType) -> Self {
self.inner = self.inner.enabled_analysis_types(input);
self
}
/// <p>An optional setting indicating the specific traffic analysis types to enable on the firewall.</p>
pub fn set_enabled_analysis_types(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::EnabledAnalysisType>>) -> Self {
self.inner = self.inner.set_enabled_analysis_types(input);
self
}
/// <p>An optional setting indicating the specific traffic analysis types to enable on the firewall.</p>
pub fn get_enabled_analysis_types(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::EnabledAnalysisType>> {
self.inner.get_enabled_analysis_types()
}
/// <p>Required when creating a transit gateway-attached firewall. The unique identifier of the transit gateway to attach to this firewall. You can provide either a transit gateway from your account or one that has been shared with you through Resource Access Manager.</p><important>
/// <p>After creating the firewall, you cannot change the transit gateway association. To use a different transit gateway, you must create a new firewall.</p>
/// </important>
/// <p>For information about creating firewalls, see <code>CreateFirewall</code>. For specific guidance about transit gateway-attached firewalls, see <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/tgw-firewall-considerations.html">Considerations for transit gateway-attached firewalls</a> in the <i>Network Firewall Developer Guide</i>.</p>
pub fn transit_gateway_id(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
self.inner = self.inner.transit_gateway_id(input.into());
self
}
/// <p>Required when creating a transit gateway-attached firewall. The unique identifier of the transit gateway to attach to this firewall. You can provide either a transit gateway from your account or one that has been shared with you through Resource Access Manager.</p><important>
/// <p>After creating the firewall, you cannot change the transit gateway association. To use a different transit gateway, you must create a new firewall.</p>
/// </important>
/// <p>For information about creating firewalls, see <code>CreateFirewall</code>. For specific guidance about transit gateway-attached firewalls, see <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/tgw-firewall-considerations.html">Considerations for transit gateway-attached firewalls</a> in the <i>Network Firewall Developer Guide</i>.</p>
pub fn set_transit_gateway_id(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
self.inner = self.inner.set_transit_gateway_id(input);
self
}
/// <p>Required when creating a transit gateway-attached firewall. The unique identifier of the transit gateway to attach to this firewall. You can provide either a transit gateway from your account or one that has been shared with you through Resource Access Manager.</p><important>
/// <p>After creating the firewall, you cannot change the transit gateway association. To use a different transit gateway, you must create a new firewall.</p>
/// </important>
/// <p>For information about creating firewalls, see <code>CreateFirewall</code>. For specific guidance about transit gateway-attached firewalls, see <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/tgw-firewall-considerations.html">Considerations for transit gateway-attached firewalls</a> in the <i>Network Firewall Developer Guide</i>.</p>
pub fn get_transit_gateway_id(&self) -> &::std::option::Option<::std::string::String> {
self.inner.get_transit_gateway_id()
}
///
/// Appends an item to `AvailabilityZoneMappings`.
///
/// To override the contents of this collection use [`set_availability_zone_mappings`](Self::set_availability_zone_mappings).
///
/// <p>Required. The Availability Zones where you want to create firewall endpoints for a transit gateway-attached firewall. You must specify at least one Availability Zone. Consider enabling the firewall in every Availability Zone where you have workloads to maintain Availability Zone isolation.</p>
/// <p>You can modify Availability Zones later using <code>AssociateAvailabilityZones</code> or <code>DisassociateAvailabilityZones</code>, but this may briefly disrupt traffic. The <code>AvailabilityZoneChangeProtection</code> setting controls whether you can make these modifications.</p>
pub fn availability_zone_mappings(mut self, input: crate::types::AvailabilityZoneMapping) -> Self {
self.inner = self.inner.availability_zone_mappings(input);
self
}
/// <p>Required. The Availability Zones where you want to create firewall endpoints for a transit gateway-attached firewall. You must specify at least one Availability Zone. Consider enabling the firewall in every Availability Zone where you have workloads to maintain Availability Zone isolation.</p>
/// <p>You can modify Availability Zones later using <code>AssociateAvailabilityZones</code> or <code>DisassociateAvailabilityZones</code>, but this may briefly disrupt traffic. The <code>AvailabilityZoneChangeProtection</code> setting controls whether you can make these modifications.</p>
pub fn set_availability_zone_mappings(mut self, input: ::std::option::Option<::std::vec::Vec<crate::types::AvailabilityZoneMapping>>) -> Self {
self.inner = self.inner.set_availability_zone_mappings(input);
self
}
/// <p>Required. The Availability Zones where you want to create firewall endpoints for a transit gateway-attached firewall. You must specify at least one Availability Zone. Consider enabling the firewall in every Availability Zone where you have workloads to maintain Availability Zone isolation.</p>
/// <p>You can modify Availability Zones later using <code>AssociateAvailabilityZones</code> or <code>DisassociateAvailabilityZones</code>, but this may briefly disrupt traffic. The <code>AvailabilityZoneChangeProtection</code> setting controls whether you can make these modifications.</p>
pub fn get_availability_zone_mappings(&self) -> &::std::option::Option<::std::vec::Vec<crate::types::AvailabilityZoneMapping>> {
self.inner.get_availability_zone_mappings()
}
/// <p>Optional. A setting indicating whether the firewall is protected against changes to its Availability Zone configuration. When set to <code>TRUE</code>, you cannot add or remove Availability Zones without first disabling this protection using <code>UpdateAvailabilityZoneChangeProtection</code>.</p>
/// <p>Default value: <code>FALSE</code></p>
pub fn availability_zone_change_protection(mut self, input: bool) -> Self {
self.inner = self.inner.availability_zone_change_protection(input);
self
}
/// <p>Optional. A setting indicating whether the firewall is protected against changes to its Availability Zone configuration. When set to <code>TRUE</code>, you cannot add or remove Availability Zones without first disabling this protection using <code>UpdateAvailabilityZoneChangeProtection</code>.</p>
/// <p>Default value: <code>FALSE</code></p>
pub fn set_availability_zone_change_protection(mut self, input: ::std::option::Option<bool>) -> Self {
self.inner = self.inner.set_availability_zone_change_protection(input);
self
}
/// <p>Optional. A setting indicating whether the firewall is protected against changes to its Availability Zone configuration. When set to <code>TRUE</code>, you cannot add or remove Availability Zones without first disabling this protection using <code>UpdateAvailabilityZoneChangeProtection</code>.</p>
/// <p>Default value: <code>FALSE</code></p>
pub fn get_availability_zone_change_protection(&self) -> &::std::option::Option<bool> {
self.inner.get_availability_zone_change_protection()
}
}