Skip to content

Latest commit

 

History

History
234 lines (142 loc) · 7.64 KB

API.md

File metadata and controls

234 lines (142 loc) · 7.64 KB
Raw

API Reference

Constructs

FirewallStack

Initializers 

import { FirewallStack } from 'cdk-nwfirewall'

new FirewallStack(scope: Construct, id: string, fwprops: FWVPCProps)
Name Type Description
scope* constructs.Construct No description.
id* string No description.
fwprops* cdk-nwfirewall.FWVPCProps No description.
scopeRequired
idRequired
  • Type: string
fwpropsRequired

Methods

Name Description
listFirewallSubnets Use only if used default subnet names.
listPrivateSubnets Use only if used default subnet names.
listPublicSubnets No description.
vpcId No description.
vpcObj No description.
listFirewallSubnets 
public listFirewallSubnets()
listPrivateSubnets 
public listPrivateSubnets()
listPublicSubnets 
public listPublicSubnets()
vpcId 
public vpcId()
vpcObj 
public vpcObj()

Structs

FWVPCProps

Initializer 

import { FWVPCProps } from 'cdk-nwfirewall'

const fWVPCProps: FWVPCProps = { ... }

Properties

Name Type Description
appenddomains boolean provide a list of domains you wish to whitelist, this is optional as a list of commonly used domains for patching is included.
cidr string No description.
domainlist string[] CIDR mask of private subnets - e.g. 28.
firewallmask number Name of private subnets that require NAT to reach internet - if you are using the firewall as an egress VPC with TGW, this is where tgw-attachment would go.
firewallsubnetname string Maximum number of AZs to iterate thru.
maxAzs number CIDR block for the VPC - would recommend using at least a /24.
privatemask number CIDR mask of public subnets - e.g. 28.
privatesubnetname string Name of public subnets - where NAT GW and resources requiring public IPs.
publicmask number CIDR mask of firewall subnets - e.g. 28.
publicsubnetname string Name of subnets hosting AWS NFW.
appenddomainsOptional 
public readonly appenddomains: boolean;
  • Type: boolean

provide a list of domains you wish to whitelist, this is optional as a list of commonly used domains for patching is included.

cidrOptional 
public readonly cidr: string;
  • Type: string
domainlistOptional 
public readonly domainlist: string[];
  • Type: string[]

CIDR mask of private subnets - e.g. 28.

firewallmaskOptional 
public readonly firewallmask: number;
  • Type: number

Name of private subnets that require NAT to reach internet - if you are using the firewall as an egress VPC with TGW, this is where tgw-attachment would go.

firewallsubnetnameOptional 
public readonly firewallsubnetname: string;
  • Type: string

Maximum number of AZs to iterate thru.

maxAzsOptional 
public readonly maxAzs: number;
  • Type: number

CIDR block for the VPC - would recommend using at least a /24.

privatemaskOptional 
public readonly privatemask: number;
  • Type: number

CIDR mask of public subnets - e.g. 28.

privatesubnetnameOptional 
public readonly privatesubnetname: string;
  • Type: string

Name of public subnets - where NAT GW and resources requiring public IPs.

publicmaskOptional 
public readonly publicmask: number;
  • Type: number

CIDR mask of firewall subnets - e.g. 28.

publicsubnetnameOptional 
public readonly publicsubnetname: string;
  • Type: string

Name of subnets hosting AWS NFW.