Documentation ¶
Index ¶
- func CfnFirewallDomainList_CFN_RESOURCE_TYPE_NAME() *string
- func CfnFirewallDomainList_IsCfnElement(x interface{}) *bool
- func CfnFirewallDomainList_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnFirewallDomainList_IsConstruct(x interface{}) *bool
- func CfnFirewallRuleGroupAssociation_CFN_RESOURCE_TYPE_NAME() *string
- func CfnFirewallRuleGroupAssociation_IsCfnElement(x interface{}) *bool
- func CfnFirewallRuleGroupAssociation_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnFirewallRuleGroupAssociation_IsConstruct(x interface{}) *bool
- func CfnFirewallRuleGroup_CFN_RESOURCE_TYPE_NAME() *string
- func CfnFirewallRuleGroup_IsCfnElement(x interface{}) *bool
- func CfnFirewallRuleGroup_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnFirewallRuleGroup_IsConstruct(x interface{}) *bool
- func CfnResolverConfig_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverConfig_IsCfnElement(x interface{}) *bool
- func CfnResolverConfig_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverConfig_IsConstruct(x interface{}) *bool
- func CfnResolverDNSSECConfig_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverDNSSECConfig_IsCfnElement(x interface{}) *bool
- func CfnResolverDNSSECConfig_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverDNSSECConfig_IsConstruct(x interface{}) *bool
- func CfnResolverEndpoint_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverEndpoint_IsCfnElement(x interface{}) *bool
- func CfnResolverEndpoint_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverEndpoint_IsConstruct(x interface{}) *bool
- func CfnResolverQueryLoggingConfigAssociation_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverQueryLoggingConfigAssociation_IsCfnElement(x interface{}) *bool
- func CfnResolverQueryLoggingConfigAssociation_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverQueryLoggingConfigAssociation_IsConstruct(x interface{}) *bool
- func CfnResolverQueryLoggingConfig_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverQueryLoggingConfig_IsCfnElement(x interface{}) *bool
- func CfnResolverQueryLoggingConfig_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverQueryLoggingConfig_IsConstruct(x interface{}) *bool
- func CfnResolverRuleAssociation_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverRuleAssociation_IsCfnElement(x interface{}) *bool
- func CfnResolverRuleAssociation_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverRuleAssociation_IsConstruct(x interface{}) *bool
- func CfnResolverRule_CFN_RESOURCE_TYPE_NAME() *string
- func CfnResolverRule_IsCfnElement(x interface{}) *bool
- func CfnResolverRule_IsCfnResource(construct constructs.IConstruct) *bool
- func CfnResolverRule_IsConstruct(x interface{}) *bool
- func FirewallDomainList_IsConstruct(x interface{}) *bool
- func FirewallDomainList_IsResource(construct awscdk.IConstruct) *bool
- func FirewallRuleGroupAssociation_IsConstruct(x interface{}) *bool
- func FirewallRuleGroupAssociation_IsResource(construct awscdk.IConstruct) *bool
- func FirewallRuleGroup_IsConstruct(x interface{}) *bool
- func FirewallRuleGroup_IsResource(construct awscdk.IConstruct) *bool
- func NewCfnFirewallDomainList_Override(c CfnFirewallDomainList, scope awscdk.Construct, id *string, ...)
- func NewCfnFirewallRuleGroupAssociation_Override(c CfnFirewallRuleGroupAssociation, scope awscdk.Construct, id *string, ...)
- func NewCfnFirewallRuleGroup_Override(c CfnFirewallRuleGroup, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverConfig_Override(c CfnResolverConfig, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverDNSSECConfig_Override(c CfnResolverDNSSECConfig, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverEndpoint_Override(c CfnResolverEndpoint, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverQueryLoggingConfigAssociation_Override(c CfnResolverQueryLoggingConfigAssociation, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverQueryLoggingConfig_Override(c CfnResolverQueryLoggingConfig, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverRuleAssociation_Override(c CfnResolverRuleAssociation, scope awscdk.Construct, id *string, ...)
- func NewCfnResolverRule_Override(c CfnResolverRule, scope awscdk.Construct, id *string, ...)
- func NewDnsBlockResponse_Override(d DnsBlockResponse)
- func NewFirewallDomainList_Override(f FirewallDomainList, scope constructs.Construct, id *string, ...)
- func NewFirewallDomains_Override(f FirewallDomains)
- func NewFirewallRuleAction_Override(f FirewallRuleAction)
- func NewFirewallRuleGroupAssociation_Override(f FirewallRuleGroupAssociation, scope constructs.Construct, id *string, ...)
- func NewFirewallRuleGroup_Override(f FirewallRuleGroup, scope constructs.Construct, id *string, ...)
- type CfnFirewallDomainList
- type CfnFirewallDomainListProps
- type CfnFirewallRuleGroup
- type CfnFirewallRuleGroupAssociation
- type CfnFirewallRuleGroupAssociationProps
- type CfnFirewallRuleGroupProps
- type CfnFirewallRuleGroup_FirewallRuleProperty
- type CfnResolverConfig
- type CfnResolverConfigProps
- type CfnResolverDNSSECConfig
- type CfnResolverDNSSECConfigProps
- type CfnResolverEndpoint
- type CfnResolverEndpointProps
- type CfnResolverEndpoint_IpAddressRequestProperty
- type CfnResolverQueryLoggingConfig
- type CfnResolverQueryLoggingConfigAssociation
- type CfnResolverQueryLoggingConfigAssociationProps
- type CfnResolverQueryLoggingConfigProps
- type CfnResolverRule
- type CfnResolverRuleAssociation
- type CfnResolverRuleAssociationProps
- type CfnResolverRuleProps
- type CfnResolverRule_TargetAddressProperty
- type DnsBlockResponse
- type DomainsConfig
- type FirewallDomainList
- type FirewallDomainListProps
- type FirewallDomains
- type FirewallRule
- type FirewallRuleAction
- type FirewallRuleGroup
- type FirewallRuleGroupAssociation
- type FirewallRuleGroupAssociationOptions
- type FirewallRuleGroupAssociationProps
- type FirewallRuleGroupProps
- type IFirewallDomainList
- type IFirewallRuleGroup
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func CfnFirewallDomainList_CFN_RESOURCE_TYPE_NAME ¶
func CfnFirewallDomainList_CFN_RESOURCE_TYPE_NAME() *string
func CfnFirewallDomainList_IsCfnElement ¶
func CfnFirewallDomainList_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnFirewallDomainList_IsCfnResource ¶
func CfnFirewallDomainList_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnFirewallDomainList_IsConstruct ¶
func CfnFirewallDomainList_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnFirewallRuleGroupAssociation_CFN_RESOURCE_TYPE_NAME ¶
func CfnFirewallRuleGroupAssociation_CFN_RESOURCE_TYPE_NAME() *string
func CfnFirewallRuleGroupAssociation_IsCfnElement ¶
func CfnFirewallRuleGroupAssociation_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnFirewallRuleGroupAssociation_IsCfnResource ¶
func CfnFirewallRuleGroupAssociation_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnFirewallRuleGroupAssociation_IsConstruct ¶
func CfnFirewallRuleGroupAssociation_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnFirewallRuleGroup_CFN_RESOURCE_TYPE_NAME ¶
func CfnFirewallRuleGroup_CFN_RESOURCE_TYPE_NAME() *string
func CfnFirewallRuleGroup_IsCfnElement ¶
func CfnFirewallRuleGroup_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnFirewallRuleGroup_IsCfnResource ¶
func CfnFirewallRuleGroup_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnFirewallRuleGroup_IsConstruct ¶
func CfnFirewallRuleGroup_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverConfig_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverConfig_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverConfig_IsCfnElement ¶
func CfnResolverConfig_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverConfig_IsCfnResource ¶
func CfnResolverConfig_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverConfig_IsConstruct ¶
func CfnResolverConfig_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverDNSSECConfig_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverDNSSECConfig_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverDNSSECConfig_IsCfnElement ¶
func CfnResolverDNSSECConfig_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverDNSSECConfig_IsCfnResource ¶
func CfnResolverDNSSECConfig_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverDNSSECConfig_IsConstruct ¶
func CfnResolverDNSSECConfig_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverEndpoint_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverEndpoint_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverEndpoint_IsCfnElement ¶
func CfnResolverEndpoint_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverEndpoint_IsCfnResource ¶
func CfnResolverEndpoint_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverEndpoint_IsConstruct ¶
func CfnResolverEndpoint_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverQueryLoggingConfigAssociation_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverQueryLoggingConfigAssociation_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverQueryLoggingConfigAssociation_IsCfnElement ¶
func CfnResolverQueryLoggingConfigAssociation_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverQueryLoggingConfigAssociation_IsCfnResource ¶
func CfnResolverQueryLoggingConfigAssociation_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverQueryLoggingConfigAssociation_IsConstruct ¶
func CfnResolverQueryLoggingConfigAssociation_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverQueryLoggingConfig_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverQueryLoggingConfig_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverQueryLoggingConfig_IsCfnElement ¶
func CfnResolverQueryLoggingConfig_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverQueryLoggingConfig_IsCfnResource ¶
func CfnResolverQueryLoggingConfig_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverQueryLoggingConfig_IsConstruct ¶
func CfnResolverQueryLoggingConfig_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverRuleAssociation_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverRuleAssociation_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverRuleAssociation_IsCfnElement ¶
func CfnResolverRuleAssociation_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverRuleAssociation_IsCfnResource ¶
func CfnResolverRuleAssociation_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverRuleAssociation_IsConstruct ¶
func CfnResolverRuleAssociation_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func CfnResolverRule_CFN_RESOURCE_TYPE_NAME ¶
func CfnResolverRule_CFN_RESOURCE_TYPE_NAME() *string
func CfnResolverRule_IsCfnElement ¶
func CfnResolverRule_IsCfnElement(x interface{}) *bool
Returns `true` if a construct is a stack element (i.e. part of the synthesized cloudformation template).
Uses duck-typing instead of `instanceof` to allow stack elements from different versions of this library to be included in the same stack.
Returns: The construct as a stack element or undefined if it is not a stack element. Experimental.
func CfnResolverRule_IsCfnResource ¶
func CfnResolverRule_IsCfnResource(construct constructs.IConstruct) *bool
Check whether the given construct is a CfnResource. Experimental.
func CfnResolverRule_IsConstruct ¶
func CfnResolverRule_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func FirewallDomainList_IsConstruct ¶
func FirewallDomainList_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func FirewallDomainList_IsResource ¶
func FirewallDomainList_IsResource(construct awscdk.IConstruct) *bool
Check whether the given construct is a Resource. Experimental.
func FirewallRuleGroupAssociation_IsConstruct ¶
func FirewallRuleGroupAssociation_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func FirewallRuleGroupAssociation_IsResource ¶
func FirewallRuleGroupAssociation_IsResource(construct awscdk.IConstruct) *bool
Check whether the given construct is a Resource. Experimental.
func FirewallRuleGroup_IsConstruct ¶
func FirewallRuleGroup_IsConstruct(x interface{}) *bool
Return whether the given object is a Construct. Experimental.
func FirewallRuleGroup_IsResource ¶
func FirewallRuleGroup_IsResource(construct awscdk.IConstruct) *bool
Check whether the given construct is a Resource. Experimental.
func NewCfnFirewallDomainList_Override ¶
func NewCfnFirewallDomainList_Override(c CfnFirewallDomainList, scope awscdk.Construct, id *string, props *CfnFirewallDomainListProps)
Create a new `AWS::Route53Resolver::FirewallDomainList`.
func NewCfnFirewallRuleGroupAssociation_Override ¶
func NewCfnFirewallRuleGroupAssociation_Override(c CfnFirewallRuleGroupAssociation, scope awscdk.Construct, id *string, props *CfnFirewallRuleGroupAssociationProps)
Create a new `AWS::Route53Resolver::FirewallRuleGroupAssociation`.
func NewCfnFirewallRuleGroup_Override ¶
func NewCfnFirewallRuleGroup_Override(c CfnFirewallRuleGroup, scope awscdk.Construct, id *string, props *CfnFirewallRuleGroupProps)
Create a new `AWS::Route53Resolver::FirewallRuleGroup`.
func NewCfnResolverConfig_Override ¶
func NewCfnResolverConfig_Override(c CfnResolverConfig, scope awscdk.Construct, id *string, props *CfnResolverConfigProps)
Create a new `AWS::Route53Resolver::ResolverConfig`.
func NewCfnResolverDNSSECConfig_Override ¶
func NewCfnResolverDNSSECConfig_Override(c CfnResolverDNSSECConfig, scope awscdk.Construct, id *string, props *CfnResolverDNSSECConfigProps)
Create a new `AWS::Route53Resolver::ResolverDNSSECConfig`.
func NewCfnResolverEndpoint_Override ¶
func NewCfnResolverEndpoint_Override(c CfnResolverEndpoint, scope awscdk.Construct, id *string, props *CfnResolverEndpointProps)
Create a new `AWS::Route53Resolver::ResolverEndpoint`.
func NewCfnResolverQueryLoggingConfigAssociation_Override ¶
func NewCfnResolverQueryLoggingConfigAssociation_Override(c CfnResolverQueryLoggingConfigAssociation, scope awscdk.Construct, id *string, props *CfnResolverQueryLoggingConfigAssociationProps)
Create a new `AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation`.
func NewCfnResolverQueryLoggingConfig_Override ¶
func NewCfnResolverQueryLoggingConfig_Override(c CfnResolverQueryLoggingConfig, scope awscdk.Construct, id *string, props *CfnResolverQueryLoggingConfigProps)
Create a new `AWS::Route53Resolver::ResolverQueryLoggingConfig`.
func NewCfnResolverRuleAssociation_Override ¶
func NewCfnResolverRuleAssociation_Override(c CfnResolverRuleAssociation, scope awscdk.Construct, id *string, props *CfnResolverRuleAssociationProps)
Create a new `AWS::Route53Resolver::ResolverRuleAssociation`.
func NewCfnResolverRule_Override ¶
func NewCfnResolverRule_Override(c CfnResolverRule, scope awscdk.Construct, id *string, props *CfnResolverRuleProps)
Create a new `AWS::Route53Resolver::ResolverRule`.
func NewDnsBlockResponse_Override ¶
func NewDnsBlockResponse_Override(d DnsBlockResponse)
Experimental.
func NewFirewallDomainList_Override ¶
func NewFirewallDomainList_Override(f FirewallDomainList, scope constructs.Construct, id *string, props *FirewallDomainListProps)
Experimental.
func NewFirewallDomains_Override ¶
func NewFirewallDomains_Override(f FirewallDomains)
Experimental.
func NewFirewallRuleAction_Override ¶
func NewFirewallRuleAction_Override(f FirewallRuleAction)
Experimental.
func NewFirewallRuleGroupAssociation_Override ¶
func NewFirewallRuleGroupAssociation_Override(f FirewallRuleGroupAssociation, scope constructs.Construct, id *string, props *FirewallRuleGroupAssociationProps)
Experimental.
func NewFirewallRuleGroup_Override ¶
func NewFirewallRuleGroup_Override(f FirewallRuleGroup, scope constructs.Construct, id *string, props *FirewallRuleGroupProps)
Experimental.
Types ¶
type CfnFirewallDomainList ¶
type CfnFirewallDomainList interface { awscdk.CfnResource awscdk.IInspectable // The Amazon Resource Name (ARN) of the firewall domain list. AttrArn() *string // The date and time that the domain list was created, in Unix time format and Coordinated Universal Time (UTC). AttrCreationTime() *string // A unique string defined by you to identify the request. // // This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. AttrCreatorRequestId() *string // The number of domain names that are specified in the domain list. AttrDomainCount() *float64 // The ID of the domain list. AttrId() *string // The owner of the list, used only for lists that are not managed by you. // // For example, the managed domain list `AWSManagedDomainsMalwareDomainList` has the managed owner name `Route 53 Resolver DNS Firewall` . AttrManagedOwnerName() *string // The date and time that the domain list was last modified, in Unix time format and Coordinated Universal Time (UTC). AttrModificationTime() *string // The status of the domain list. AttrStatus() *string // Additional information about the status of the list, if available. AttrStatusMessage() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import. // // The file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line. DomainFileUrl() *string SetDomainFileUrl(val *string) // A list of the domain lists that you have defined. Domains() *[]*string SetDomains(val *[]*string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The name of the domain list. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // A list of the tag keys and values that you want to associate with the domain list. Tags() awscdk.TagManager // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::FirewallDomainList`.
High-level information about a list of firewall domains for use in a [AWS::Route53Resolver::FirewallRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-rule.html) . This is returned by [GetFirewallDomainList](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallDomainList.html) .
To retrieve the domains that are defined for this domain list, call [ListFirewallDomains](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomains.html) .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallDomainList := awscdk.Aws_route53resolver.NewCfnFirewallDomainList(this, jsii.String("MyCfnFirewallDomainList"), &cfnFirewallDomainListProps{ domainFileUrl: jsii.String("domainFileUrl"), domains: []*string{ jsii.String("domains"), }, name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, })
func NewCfnFirewallDomainList ¶
func NewCfnFirewallDomainList(scope awscdk.Construct, id *string, props *CfnFirewallDomainListProps) CfnFirewallDomainList
Create a new `AWS::Route53Resolver::FirewallDomainList`.
type CfnFirewallDomainListProps ¶
type CfnFirewallDomainListProps struct { // The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import. // // The file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line. DomainFileUrl *string `field:"optional" json:"domainFileUrl" yaml:"domainFileUrl"` // A list of the domain lists that you have defined. Domains *[]*string `field:"optional" json:"domains" yaml:"domains"` // The name of the domain list. Name *string `field:"optional" json:"name" yaml:"name"` // A list of the tag keys and values that you want to associate with the domain list. Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnFirewallDomainList`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallDomainListProps := &cfnFirewallDomainListProps{ domainFileUrl: jsii.String("domainFileUrl"), domains: []*string{ jsii.String("domains"), }, name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, }
type CfnFirewallRuleGroup ¶
type CfnFirewallRuleGroup interface { awscdk.CfnResource awscdk.IInspectable // The ARN (Amazon Resource Name) of the rule group. AttrArn() *string // The date and time that the rule group was created, in Unix time format and Coordinated Universal Time (UTC). AttrCreationTime() *string // A unique string defined by you to identify the request. // // This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. AttrCreatorRequestId() *string // The ID of the rule group. AttrId() *string // The date and time that the rule group was last modified, in Unix time format and Coordinated Universal Time (UTC). AttrModificationTime() *string // The AWS account ID for the account that created the rule group. // // When a rule group is shared with your account, this is the account that has shared the rule group with you. AttrOwnerId() *string // The number of rules in the rule group. AttrRuleCount() *float64 // // Sharing is configured through AWS Resource Access Manager ( AWS RAM ). AttrShareStatus() *string // The status of the domain list. AttrStatus() *string // Additional information about the status of the rule group, if available. AttrStatusMessage() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // A list of the rules that you have defined. FirewallRules() interface{} SetFirewallRules(val interface{}) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The name of the rule group. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // A list of the tag keys and values that you want to associate with the rule group. Tags() awscdk.TagManager // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::FirewallRuleGroup`.
High-level information for a firewall rule group. A firewall rule group is a collection of rules that DNS Firewall uses to filter DNS network traffic for a VPC. To retrieve the rules for the rule group, call [ListFirewallRules](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRules.html) .
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallRuleGroup := awscdk.Aws_route53resolver.NewCfnFirewallRuleGroup(this, jsii.String("MyCfnFirewallRuleGroup"), &cfnFirewallRuleGroupProps{ firewallRules: []interface{}{ &firewallRuleProperty{ action: jsii.String("action"), firewallDomainListId: jsii.String("firewallDomainListId"), priority: jsii.Number(123), // the properties below are optional blockOverrideDnsType: jsii.String("blockOverrideDnsType"), blockOverrideDomain: jsii.String("blockOverrideDomain"), blockOverrideTtl: jsii.Number(123), blockResponse: jsii.String("blockResponse"), }, }, name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, })
func NewCfnFirewallRuleGroup ¶
func NewCfnFirewallRuleGroup(scope awscdk.Construct, id *string, props *CfnFirewallRuleGroupProps) CfnFirewallRuleGroup
Create a new `AWS::Route53Resolver::FirewallRuleGroup`.
type CfnFirewallRuleGroupAssociation ¶
type CfnFirewallRuleGroupAssociation interface { awscdk.CfnResource awscdk.IInspectable // The Amazon Resource Name (ARN) of the firewall rule group association. AttrArn() *string // The date and time that the association was created, in Unix time format and Coordinated Universal Time (UTC). AttrCreationTime() *string // A unique string defined by you to identify the request. // // This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. AttrCreatorRequestId() *string // The identifier for the association. AttrId() *string // The owner of the association, used only for associations that are not managed by you. // // If you use AWS Firewall Manager to manage your firewallls from DNS Firewall, then this reports Firewall Manager as the managed owner. AttrManagedOwnerName() *string // The date and time that the association was last modified, in Unix time format and Coordinated Universal Time (UTC). AttrModificationTime() *string // The current status of the association. AttrStatus() *string // Additional information about the status of the response, if available. AttrStatusMessage() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The unique identifier of the firewall rule group. FirewallRuleGroupId() *string SetFirewallRuleGroupId(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. MutationProtection() *string SetMutationProtection(val *string) // The name of the association. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. // // DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. // // You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. // // The allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900). Priority() *float64 SetPriority(val *float64) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // A list of the tag keys and values that you want to associate with the rule group. Tags() awscdk.TagManager // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // The unique identifier of the VPC that is associated with the rule group. VpcId() *string SetVpcId(val *string) // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::FirewallRuleGroupAssociation`.
An association between a firewall rule group and a VPC, which enables DNS filtering for the VPC.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallRuleGroupAssociation := awscdk.Aws_route53resolver.NewCfnFirewallRuleGroupAssociation(this, jsii.String("MyCfnFirewallRuleGroupAssociation"), &cfnFirewallRuleGroupAssociationProps{ firewallRuleGroupId: jsii.String("firewallRuleGroupId"), priority: jsii.Number(123), vpcId: jsii.String("vpcId"), // the properties below are optional mutationProtection: jsii.String("mutationProtection"), name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, })
func NewCfnFirewallRuleGroupAssociation ¶
func NewCfnFirewallRuleGroupAssociation(scope awscdk.Construct, id *string, props *CfnFirewallRuleGroupAssociationProps) CfnFirewallRuleGroupAssociation
Create a new `AWS::Route53Resolver::FirewallRuleGroupAssociation`.
type CfnFirewallRuleGroupAssociationProps ¶
type CfnFirewallRuleGroupAssociationProps struct { // The unique identifier of the firewall rule group. FirewallRuleGroupId *string `field:"required" json:"firewallRuleGroupId" yaml:"firewallRuleGroupId"` // The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. // // DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. // // You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. // // The allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900). Priority *float64 `field:"required" json:"priority" yaml:"priority"` // The unique identifier of the VPC that is associated with the rule group. VpcId *string `field:"required" json:"vpcId" yaml:"vpcId"` // If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. MutationProtection *string `field:"optional" json:"mutationProtection" yaml:"mutationProtection"` // The name of the association. Name *string `field:"optional" json:"name" yaml:"name"` // A list of the tag keys and values that you want to associate with the rule group. Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnFirewallRuleGroupAssociation`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallRuleGroupAssociationProps := &cfnFirewallRuleGroupAssociationProps{ firewallRuleGroupId: jsii.String("firewallRuleGroupId"), priority: jsii.Number(123), vpcId: jsii.String("vpcId"), // the properties below are optional mutationProtection: jsii.String("mutationProtection"), name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, }
type CfnFirewallRuleGroupProps ¶
type CfnFirewallRuleGroupProps struct { // A list of the rules that you have defined. FirewallRules interface{} `field:"optional" json:"firewallRules" yaml:"firewallRules"` // The name of the rule group. Name *string `field:"optional" json:"name" yaml:"name"` // A list of the tag keys and values that you want to associate with the rule group. Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnFirewallRuleGroup`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnFirewallRuleGroupProps := &cfnFirewallRuleGroupProps{ firewallRules: []interface{}{ &firewallRuleProperty{ action: jsii.String("action"), firewallDomainListId: jsii.String("firewallDomainListId"), priority: jsii.Number(123), // the properties below are optional blockOverrideDnsType: jsii.String("blockOverrideDnsType"), blockOverrideDomain: jsii.String("blockOverrideDomain"), blockOverrideTtl: jsii.Number(123), blockResponse: jsii.String("blockResponse"), }, }, name: jsii.String("name"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, }
type CfnFirewallRuleGroup_FirewallRuleProperty ¶
type CfnFirewallRuleGroup_FirewallRuleProperty struct { // The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: - `ALLOW` - Permit the request to go through. // // - `ALERT` - Permit the request to go through but send an alert to the logs. // - `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified. // // if `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified: // // - `BlockOverrideDnsType` // - `BlockOverrideDomain` // - `BlockOverrideTtl`. Action *string `field:"required" json:"action" yaml:"action"` // The ID of the domain list that's used in the rule. FirewallDomainListId *string `field:"required" json:"firewallDomainListId" yaml:"firewallDomainListId"` // The priority of the rule in the rule group. // // This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting. Priority *float64 `field:"required" json:"priority" yaml:"priority"` // The DNS record's type. // // This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . BlockOverrideDnsType *string `field:"optional" json:"blockOverrideDnsType" yaml:"blockOverrideDnsType"` // The custom DNS record to send back in response to the query. // // Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . BlockOverrideDomain *string `field:"optional" json:"blockOverrideDomain" yaml:"blockOverrideDomain"` // The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. // // Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . BlockOverrideTtl *float64 `field:"optional" json:"blockOverrideTtl" yaml:"blockOverrideTtl"` // The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` . // // - `NODATA` - Respond indicating that the query was successful, but no response is available for it. // - `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist. // - `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings. BlockResponse *string `field:"optional" json:"blockResponse" yaml:"blockResponse"` }
A single firewall rule in a rule group.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" firewallRuleProperty := &firewallRuleProperty{ action: jsii.String("action"), firewallDomainListId: jsii.String("firewallDomainListId"), priority: jsii.Number(123), // the properties below are optional blockOverrideDnsType: jsii.String("blockOverrideDnsType"), blockOverrideDomain: jsii.String("blockOverrideDomain"), blockOverrideTtl: jsii.Number(123), blockResponse: jsii.String("blockResponse"), }
type CfnResolverConfig ¶
type CfnResolverConfig interface { awscdk.CfnResource awscdk.IInspectable // The status of whether or not the Route 53 Resolver will create autodefined rules for reverse DNS lookups. // // This is enabled by default. AttrAutodefinedReverse() *string // ID for the Route 53 Resolver configuration. AttrId() *string // The owner account ID of the Amazon Virtual Private Cloud VPC. AttrOwnerId() *string // Represents the desired status of `AutodefinedReverse` . // // The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` . AutodefinedReverseFlag() *string SetAutodefinedReverseFlag(val *string) // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for. ResourceId() *string SetResourceId(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverConfig`.
A complex type that contains information about a Resolver configuration for a VPC.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverConfig := awscdk.Aws_route53resolver.NewCfnResolverConfig(this, jsii.String("MyCfnResolverConfig"), &cfnResolverConfigProps{ autodefinedReverseFlag: jsii.String("autodefinedReverseFlag"), resourceId: jsii.String("resourceId"), })
func NewCfnResolverConfig ¶
func NewCfnResolverConfig(scope awscdk.Construct, id *string, props *CfnResolverConfigProps) CfnResolverConfig
Create a new `AWS::Route53Resolver::ResolverConfig`.
type CfnResolverConfigProps ¶
type CfnResolverConfigProps struct { // Represents the desired status of `AutodefinedReverse` . // // The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` . AutodefinedReverseFlag *string `field:"required" json:"autodefinedReverseFlag" yaml:"autodefinedReverseFlag"` // The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for. ResourceId *string `field:"required" json:"resourceId" yaml:"resourceId"` }
Properties for defining a `CfnResolverConfig`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverConfigProps := &cfnResolverConfigProps{ autodefinedReverseFlag: jsii.String("autodefinedReverseFlag"), resourceId: jsii.String("resourceId"), }
type CfnResolverDNSSECConfig ¶
type CfnResolverDNSSECConfig interface { awscdk.CfnResource awscdk.IInspectable // The primary identifier of this `ResolverDNSSECConfig` resource. // // For example: `rdsc-689d45d1ae623bf3` . AttrId() *string // The AWS account of the owner. // // For example: `111122223333` . AttrOwnerId() *string // The current status of this `ResolverDNSSECConfig` resource. // // For example: `Enabled` . AttrValidationStatus() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for. ResourceId() *string SetResourceId(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverDNSSECConfig`.
The `AWS::Route53Resolver::ResolverDNSSECConfig` resource is a complex type that contains information about a configuration for DNSSEC validation.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverDNSSECConfig := awscdk.Aws_route53resolver.NewCfnResolverDNSSECConfig(this, jsii.String("MyCfnResolverDNSSECConfig"), &cfnResolverDNSSECConfigProps{ resourceId: jsii.String("resourceId"), })
func NewCfnResolverDNSSECConfig ¶
func NewCfnResolverDNSSECConfig(scope awscdk.Construct, id *string, props *CfnResolverDNSSECConfigProps) CfnResolverDNSSECConfig
Create a new `AWS::Route53Resolver::ResolverDNSSECConfig`.
type CfnResolverDNSSECConfigProps ¶
type CfnResolverDNSSECConfigProps struct { // The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for. ResourceId *string `field:"optional" json:"resourceId" yaml:"resourceId"` }
Properties for defining a `CfnResolverDNSSECConfig`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverDNSSECConfigProps := &cfnResolverDNSSECConfigProps{ resourceId: jsii.String("resourceId"), }
type CfnResolverEndpoint ¶
type CfnResolverEndpoint interface { awscdk.CfnResource awscdk.IInspectable // The Amazon Resource Name (ARN) of the resolver endpoint, such as `arn:aws:route53resolver:us-east-1:123456789012:resolver-endpoint/resolver-endpoint-a1bzhi` . AttrArn() *string // Indicates whether the resolver endpoint allows inbound or outbound DNS queries. AttrDirection() *string // The ID of the VPC that you want to create the resolver endpoint in. AttrHostVpcId() *string // The number of IP addresses that the resolver endpoint can use for DNS queries. AttrIpAddressCount() *string // The name that you assigned to the resolver endpoint when you created the endpoint. AttrName() *string AttrOutpostArn() *string AttrPreferredInstanceType() *string // The ID of the resolver endpoint. AttrResolverEndpointId() *string AttrResolverEndpointType() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:. // // - `INBOUND` : allows DNS queries to your VPC from your network // - `OUTBOUND` : allows DNS queries from your VPC to your network. Direction() *string SetDirection(val *string) // The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). // // The subnet ID uniquely identifies a VPC. IpAddresses() interface{} SetIpAddresses(val interface{}) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // `AWS::Route53Resolver::ResolverEndpoint.OutpostArn`. OutpostArn() *string SetOutpostArn(val *string) // `AWS::Route53Resolver::ResolverEndpoint.PreferredInstanceType`. PreferredInstanceType() *string SetPreferredInstanceType(val *string) // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // `AWS::Route53Resolver::ResolverEndpoint.ResolverEndpointType`. ResolverEndpointType() *string SetResolverEndpointType(val *string) // The ID of one or more security groups that control access to this VPC. // // The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network. SecurityGroupIds() *[]*string SetSecurityGroupIds(val *[]*string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Route 53 Resolver doesn't support updating tags through CloudFormation. Tags() awscdk.TagManager // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverEndpoint`.
Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
- An *inbound Resolver endpoint* forwards DNS queries to the DNS service for a VPC from your network. - An *outbound Resolver endpoint* forwards DNS queries from the DNS service for a VPC to your network.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverEndpoint := awscdk.Aws_route53resolver.NewCfnResolverEndpoint(this, jsii.String("MyCfnResolverEndpoint"), &cfnResolverEndpointProps{ direction: jsii.String("direction"), ipAddresses: []interface{}{ &ipAddressRequestProperty{ subnetId: jsii.String("subnetId"), // the properties below are optional ip: jsii.String("ip"), ipv6: jsii.String("ipv6"), }, }, securityGroupIds: []*string{ jsii.String("securityGroupIds"), }, // the properties below are optional name: jsii.String("name"), outpostArn: jsii.String("outpostArn"), preferredInstanceType: jsii.String("preferredInstanceType"), resolverEndpointType: jsii.String("resolverEndpointType"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, })
func NewCfnResolverEndpoint ¶
func NewCfnResolverEndpoint(scope awscdk.Construct, id *string, props *CfnResolverEndpointProps) CfnResolverEndpoint
Create a new `AWS::Route53Resolver::ResolverEndpoint`.
type CfnResolverEndpointProps ¶
type CfnResolverEndpointProps struct { // Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:. // // - `INBOUND` : allows DNS queries to your VPC from your network // - `OUTBOUND` : allows DNS queries from your VPC to your network. Direction *string `field:"required" json:"direction" yaml:"direction"` // The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). // // The subnet ID uniquely identifies a VPC. IpAddresses interface{} `field:"required" json:"ipAddresses" yaml:"ipAddresses"` // The ID of one or more security groups that control access to this VPC. // // The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network. SecurityGroupIds *[]*string `field:"required" json:"securityGroupIds" yaml:"securityGroupIds"` // A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console. Name *string `field:"optional" json:"name" yaml:"name"` // `AWS::Route53Resolver::ResolverEndpoint.OutpostArn`. OutpostArn *string `field:"optional" json:"outpostArn" yaml:"outpostArn"` // `AWS::Route53Resolver::ResolverEndpoint.PreferredInstanceType`. PreferredInstanceType *string `field:"optional" json:"preferredInstanceType" yaml:"preferredInstanceType"` // `AWS::Route53Resolver::ResolverEndpoint.ResolverEndpointType`. ResolverEndpointType *string `field:"optional" json:"resolverEndpointType" yaml:"resolverEndpointType"` // Route 53 Resolver doesn't support updating tags through CloudFormation. Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` }
Properties for defining a `CfnResolverEndpoint`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverEndpointProps := &cfnResolverEndpointProps{ direction: jsii.String("direction"), ipAddresses: []interface{}{ &ipAddressRequestProperty{ subnetId: jsii.String("subnetId"), // the properties below are optional ip: jsii.String("ip"), ipv6: jsii.String("ipv6"), }, }, securityGroupIds: []*string{ jsii.String("securityGroupIds"), }, // the properties below are optional name: jsii.String("name"), outpostArn: jsii.String("outpostArn"), preferredInstanceType: jsii.String("preferredInstanceType"), resolverEndpointType: jsii.String("resolverEndpointType"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, }
type CfnResolverEndpoint_IpAddressRequestProperty ¶
type CfnResolverEndpoint_IpAddressRequestProperty struct { // The ID of the subnet that contains the IP address. SubnetId *string `field:"required" json:"subnetId" yaml:"subnetId"` // The IP address that you want to use for DNS queries. Ip *string `field:"optional" json:"ip" yaml:"ip"` // `CfnResolverEndpoint.IpAddressRequestProperty.Ipv6`. Ipv6 *string `field:"optional" json:"ipv6" yaml:"ipv6"` }
In a [CreateResolverEndpoint](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) request, the IP address that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). `IpAddressRequest` also includes the ID of the subnet that contains the IP address.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" ipAddressRequestProperty := &ipAddressRequestProperty{ subnetId: jsii.String("subnetId"), // the properties below are optional ip: jsii.String("ip"), ipv6: jsii.String("ipv6"), }
type CfnResolverQueryLoggingConfig ¶
type CfnResolverQueryLoggingConfig interface { awscdk.CfnResource awscdk.IInspectable // The Amazon Resource Name (ARN) for the query logging configuration. AttrArn() *string // The number of VPCs that are associated with the query logging configuration. AttrAssociationCount() *float64 // The date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC). AttrCreationTime() *string // A unique string that identifies the request that created the query logging configuration. // // The `CreatorRequestId` allows failed requests to be retried without the risk of running the operation twice. AttrCreatorRequestId() *string // The ID for the query logging configuration. AttrId() *string // The AWS account ID for the account that created the query logging configuration. AttrOwnerId() *string // // Sharing is configured through AWS Resource Access Manager ( AWS RAM ). AttrShareStatus() *string // The status of the specified query logging configuration. Valid values include the following:. // // - `CREATING` : Resolver is creating the query logging configuration. // - `CREATED` : The query logging configuration was successfully created. Resolver is logging queries that originate in the specified VPC. // - `DELETING` : Resolver is deleting this query logging configuration. // - `FAILED` : Resolver can't deliver logs to the location that is specified in the query logging configuration. Here are two common causes: // // - The specified destination (for example, an Amazon S3 bucket) was deleted. // - Permissions don't allow sending logs to the destination. AttrStatus() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream. DestinationArn() *string SetDestinationArn(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The name of the query logging configuration. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverQueryLoggingConfig`.
The AWS::Route53Resolver::ResolverQueryLoggingConfig resource is a complex type that contains settings for one query logging configuration.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverQueryLoggingConfig := awscdk.Aws_route53resolver.NewCfnResolverQueryLoggingConfig(this, jsii.String("MyCfnResolverQueryLoggingConfig"), &cfnResolverQueryLoggingConfigProps{ destinationArn: jsii.String("destinationArn"), name: jsii.String("name"), })
func NewCfnResolverQueryLoggingConfig ¶
func NewCfnResolverQueryLoggingConfig(scope awscdk.Construct, id *string, props *CfnResolverQueryLoggingConfigProps) CfnResolverQueryLoggingConfig
Create a new `AWS::Route53Resolver::ResolverQueryLoggingConfig`.
type CfnResolverQueryLoggingConfigAssociation ¶
type CfnResolverQueryLoggingConfigAssociation interface { awscdk.CfnResource awscdk.IInspectable // The date and time that the VPC was associated with the query logging configuration, in Unix time format and Coordinated Universal Time (UTC). AttrCreationTime() *string // If the value of `Status` is `FAILED` , the value of `Error` indicates the cause:. // // - `DESTINATION_NOT_FOUND` : The specified destination (for example, an Amazon S3 bucket) was deleted. // - `ACCESS_DENIED` : Permissions don't allow sending logs to the destination. // // If the value of `Status` is a value other than `FAILED` , `Error` is null. AttrError() *string // Contains additional information about the error. // // If the value or `Error` is null, the value of `ErrorMessage` is also null. AttrErrorMessage() *string // The ID of the query logging association. AttrId() *string // The status of the specified query logging association. Valid values include the following:. // // - `CREATING` : Resolver is creating an association between an Amazon Virtual Private Cloud (Amazon VPC) and a query logging configuration. // - `CREATED` : The association between an Amazon VPC and a query logging configuration was successfully created. Resolver is logging queries that originate in the specified VPC. // - `DELETING` : Resolver is deleting this query logging association. // - `FAILED` : Resolver either couldn't create or couldn't delete the query logging association. AttrStatus() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The ID of the query logging configuration that a VPC is associated with. ResolverQueryLogConfigId() *string SetResolverQueryLogConfigId(val *string) // The ID of the Amazon VPC that is associated with the query logging configuration. ResourceId() *string SetResourceId(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation`.
The AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation resource is a configuration for DNS query logging. After you create a query logging configuration, Amazon Route 53 begins to publish log data to an Amazon CloudWatch Logs log group.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverQueryLoggingConfigAssociation := awscdk.Aws_route53resolver.NewCfnResolverQueryLoggingConfigAssociation(this, jsii.String("MyCfnResolverQueryLoggingConfigAssociation"), &cfnResolverQueryLoggingConfigAssociationProps{ resolverQueryLogConfigId: jsii.String("resolverQueryLogConfigId"), resourceId: jsii.String("resourceId"), })
func NewCfnResolverQueryLoggingConfigAssociation ¶
func NewCfnResolverQueryLoggingConfigAssociation(scope awscdk.Construct, id *string, props *CfnResolverQueryLoggingConfigAssociationProps) CfnResolverQueryLoggingConfigAssociation
Create a new `AWS::Route53Resolver::ResolverQueryLoggingConfigAssociation`.
type CfnResolverQueryLoggingConfigAssociationProps ¶
type CfnResolverQueryLoggingConfigAssociationProps struct { // The ID of the query logging configuration that a VPC is associated with. ResolverQueryLogConfigId *string `field:"optional" json:"resolverQueryLogConfigId" yaml:"resolverQueryLogConfigId"` // The ID of the Amazon VPC that is associated with the query logging configuration. ResourceId *string `field:"optional" json:"resourceId" yaml:"resourceId"` }
Properties for defining a `CfnResolverQueryLoggingConfigAssociation`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverQueryLoggingConfigAssociationProps := &cfnResolverQueryLoggingConfigAssociationProps{ resolverQueryLogConfigId: jsii.String("resolverQueryLogConfigId"), resourceId: jsii.String("resourceId"), }
type CfnResolverQueryLoggingConfigProps ¶
type CfnResolverQueryLoggingConfigProps struct { // The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream. DestinationArn *string `field:"optional" json:"destinationArn" yaml:"destinationArn"` // The name of the query logging configuration. Name *string `field:"optional" json:"name" yaml:"name"` }
Properties for defining a `CfnResolverQueryLoggingConfig`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverQueryLoggingConfigProps := &cfnResolverQueryLoggingConfigProps{ destinationArn: jsii.String("destinationArn"), name: jsii.String("name"), }
type CfnResolverRule ¶
type CfnResolverRule interface { awscdk.CfnResource awscdk.IInspectable // The Amazon Resource Name (ARN) of the resolver rule, such as `arn:aws:route53resolver:us-east-1:123456789012:resolver-rule/resolver-rule-a1bzhi` . AttrArn() *string // DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps. // // If a query matches multiple resolver rules (example.com and www.example.com), the query is routed using the resolver rule that contains the most specific domain name (www.example.com). AttrDomainName() *string // A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console. AttrName() *string // The ID of the outbound endpoint that the rule is associated with, such as `rslvr-out-fdc049932dexample` . AttrResolverEndpointId() *string // When the value of `RuleType` is `FORWARD` , the ID that Resolver assigned to the resolver rule when you created it, such as `rslvr-rr-5328a0899aexample` . // // This value isn't applicable when `RuleType` is `SYSTEM` . AttrResolverRuleId() *string // When the value of `RuleType` is `FORWARD` , the IP addresses that the outbound endpoint forwards DNS queries to, typically the IP addresses for DNS resolvers on your network. // // This value isn't applicable when `RuleType` is `SYSTEM` . AttrTargetIps() awscdk.IResolvable // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . // // If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com). DomainName() *string SetDomainName(val *string) // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The name for the Resolver rule, which you specified when you created the Resolver rule. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The ID of the endpoint that the rule is associated with. ResolverEndpointId() *string SetResolverEndpointId(val *string) // When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` . // // When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` . // // For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` . // // Currently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` . RuleType() *string SetRuleType(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Route 53 Resolver doesn't support updating tags through CloudFormation. Tags() awscdk.TagManager // An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. // // Typically, these are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported. TargetIps() interface{} SetTargetIps(val interface{}) // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverRule`.
For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverRule := awscdk.Aws_route53resolver.NewCfnResolverRule(this, jsii.String("MyCfnResolverRule"), &cfnResolverRuleProps{ domainName: jsii.String("domainName"), ruleType: jsii.String("ruleType"), // the properties below are optional name: jsii.String("name"), resolverEndpointId: jsii.String("resolverEndpointId"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, targetIps: []interface{}{ &targetAddressProperty{ ip: jsii.String("ip"), // the properties below are optional port: jsii.String("port"), }, }, })
func NewCfnResolverRule ¶
func NewCfnResolverRule(scope awscdk.Construct, id *string, props *CfnResolverRuleProps) CfnResolverRule
Create a new `AWS::Route53Resolver::ResolverRule`.
type CfnResolverRuleAssociation ¶
type CfnResolverRuleAssociation interface { awscdk.CfnResource awscdk.IInspectable // The name of an association between a resolver rule and a VPC, such as `test.example.com in beta VPC` . AttrName() *string // The ID of the resolver rule association that you want to get information about, such as `rslvr-rrassoc-97242eaf88example` . AttrResolverRuleAssociationId() *string // The ID of the resolver rule that you associated with the VPC that is specified by `VPCId` , such as `rslvr-rr-5328a0899example` . AttrResolverRuleId() *string // The ID of the VPC that you associated the resolver rule with, such as `vpc-03cf94c75cexample` . AttrVpcId() *string // Options for this resource, such as condition, update policy etc. // Experimental. CfnOptions() awscdk.ICfnResourceOptions CfnProperties() *map[string]interface{} // AWS resource type. // Experimental. CfnResourceType() *string // Returns: the stack trace of the point where this Resource was created from, sourced // from the +metadata+ entry typed +aws:cdk:logicalId+, and with the bottom-most // node +internal+ entries filtered. // Experimental. CreationStack() *[]*string // The logical ID for this CloudFormation stack element. // // The logical ID of the element // is calculated from the path of the resource node in the construct tree. // // To override this value, use `overrideLogicalId(newLogicalId)`. // // Returns: the logical ID as a stringified token. This value will only get // resolved during synthesis. // Experimental. LogicalId() *string // The name of an association between a Resolver rule and a VPC. Name() *string SetName(val *string) // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Return a string that will be resolved to a CloudFormation `{ Ref }` for this element. // // If, by any chance, the intrinsic reference of a resource is not a string, you could // coerce it to an IResolvable through `Lazy.any({ produce: resource.ref })`. // Experimental. Ref() *string // The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` . ResolverRuleId() *string SetResolverRuleId(val *string) // The stack in which this element is defined. // // CfnElements must be defined within a stack scope (directly or indirectly). // Experimental. Stack() awscdk.Stack // Return properties modified after initiation. // // Resources that expose mutable properties should override this function to // collect and return the properties object for this resource. // Experimental. UpdatedProperites() *map[string]interface{} // The ID of the VPC that you associated the Resolver rule with. VpcId() *string SetVpcId(val *string) // Syntactic sugar for `addOverride(path, undefined)`. // Experimental. AddDeletionOverride(path *string) // Indicates that this resource depends on another resource and cannot be provisioned unless the other resource has been successfully provisioned. // // This can be used for resources across stacks (or nested stack) boundaries // and the dependency will automatically be transferred to the relevant scope. // Experimental. AddDependsOn(target awscdk.CfnResource) // Add a value to the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. AddMetadata(key *string, value interface{}) // Adds an override to the synthesized CloudFormation resource. // // To add a // property override, either use `addPropertyOverride` or prefix `path` with // "Properties." (i.e. `Properties.TopicName`). // // If the override is nested, separate each nested level using a dot (.) in the path parameter. // If there is an array as part of the nesting, specify the index in the path. // // To include a literal `.` in the property name, prefix with a `\`. In most // programming languages you will need to write this as `"\\."` because the // `\` itself will need to be escaped. // // For example, // “`typescript // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.0.Projection.NonKeyAttributes', ['myattribute']); // cfnResource.addOverride('Properties.GlobalSecondaryIndexes.1.ProjectionType', 'INCLUDE'); // “` // would add the overrides // “`json // "Properties": { // "GlobalSecondaryIndexes": [ // { // "Projection": { // "NonKeyAttributes": [ "myattribute" ] // ... // } // ... // }, // { // "ProjectionType": "INCLUDE" // ... // }, // ] // ... // } // “` // // The `value` argument to `addOverride` will not be processed or translated // in any way. Pass raw JSON values in here with the correct capitalization // for CloudFormation. If you pass CDK classes or structs, they will be // rendered with lowercased key names, and CloudFormation will reject the // template. // Experimental. AddOverride(path *string, value interface{}) // Adds an override that deletes the value of a property from the resource definition. // Experimental. AddPropertyDeletionOverride(propertyPath *string) // Adds an override to a resource property. // // Syntactic sugar for `addOverride("Properties.<...>", value)`. // Experimental. AddPropertyOverride(propertyPath *string, value interface{}) // Sets the deletion policy of the resource based on the removal policy specified. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy, options *awscdk.RemovalPolicyOptions) // Returns a token for an runtime attribute of this resource. // // Ideally, use generated attribute accessors (e.g. `resource.arn`), but this can be used for future compatibility // in case there is no generated attribute. // Experimental. GetAtt(attributeName *string) awscdk.Reference // Retrieve a value value from the CloudFormation Resource Metadata. // See: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/metadata-section-structure.html // // Note that this is a different set of metadata from CDK node metadata; this // metadata ends up in the stack template under the resource, whereas CDK // node metadata ends up in the Cloud Assembly. // // Experimental. GetMetadata(key *string) interface{} // Examines the CloudFormation resource and discloses attributes. Inspect(inspector awscdk.TreeInspector) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Overrides the auto-generated logical ID with a specific ID. // Experimental. OverrideLogicalId(newLogicalId *string) // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() RenderProperties(props *map[string]interface{}) *map[string]interface{} // Can be overridden by subclasses to determine if this resource will be rendered into the cloudformation template. // // Returns: `true` if the resource should be included or `false` is the resource // should be omitted. // Experimental. ShouldSynthesize() *bool // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // // Returns: a string representation of this resource. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string // Experimental. ValidateProperties(_properties interface{}) }
A CloudFormation `AWS::Route53Resolver::ResolverRuleAssociation`.
In the response to an [AssociateResolverRule](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_AssociateResolverRule.html) , [DisassociateResolverRule](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DisassociateResolverRule.html) , or [ListResolverRuleAssociations](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListResolverRuleAssociations.html) request, provides information about an association between a resolver rule and a VPC. The association determines which DNS queries that originate in the VPC are forwarded to your network.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverRuleAssociation := awscdk.Aws_route53resolver.NewCfnResolverRuleAssociation(this, jsii.String("MyCfnResolverRuleAssociation"), &cfnResolverRuleAssociationProps{ resolverRuleId: jsii.String("resolverRuleId"), vpcId: jsii.String("vpcId"), // the properties below are optional name: jsii.String("name"), })
func NewCfnResolverRuleAssociation ¶
func NewCfnResolverRuleAssociation(scope awscdk.Construct, id *string, props *CfnResolverRuleAssociationProps) CfnResolverRuleAssociation
Create a new `AWS::Route53Resolver::ResolverRuleAssociation`.
type CfnResolverRuleAssociationProps ¶
type CfnResolverRuleAssociationProps struct { // The ID of the Resolver rule that you associated with the VPC that is specified by `VPCId` . ResolverRuleId *string `field:"required" json:"resolverRuleId" yaml:"resolverRuleId"` // The ID of the VPC that you associated the Resolver rule with. VpcId *string `field:"required" json:"vpcId" yaml:"vpcId"` // The name of an association between a Resolver rule and a VPC. Name *string `field:"optional" json:"name" yaml:"name"` }
Properties for defining a `CfnResolverRuleAssociation`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverRuleAssociationProps := &cfnResolverRuleAssociationProps{ resolverRuleId: jsii.String("resolverRuleId"), vpcId: jsii.String("vpcId"), // the properties below are optional name: jsii.String("name"), }
type CfnResolverRuleProps ¶
type CfnResolverRuleProps struct { // DNS queries for this domain name are forwarded to the IP addresses that are specified in `TargetIps` . // // If a query matches multiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name (www.example.com). DomainName *string `field:"required" json:"domainName" yaml:"domainName"` // When you want to forward DNS queries for specified domain name to resolvers on your network, specify `FORWARD` . // // When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for a subdomain of that domain, specify `SYSTEM` . // // For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify `FORWARD` for `RuleType` . To then have Resolver process queries for apex.example.com, you create a rule and specify `SYSTEM` for `RuleType` . // // Currently, only Resolver can create rules that have a value of `RECURSIVE` for `RuleType` . RuleType *string `field:"required" json:"ruleType" yaml:"ruleType"` // The name for the Resolver rule, which you specified when you created the Resolver rule. Name *string `field:"optional" json:"name" yaml:"name"` // The ID of the endpoint that the rule is associated with. ResolverEndpointId *string `field:"optional" json:"resolverEndpointId" yaml:"resolverEndpointId"` // Route 53 Resolver doesn't support updating tags through CloudFormation. Tags *[]*awscdk.CfnTag `field:"optional" json:"tags" yaml:"tags"` // An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. // // Typically, these are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported. TargetIps interface{} `field:"optional" json:"targetIps" yaml:"targetIps"` }
Properties for defining a `CfnResolverRule`.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" cfnResolverRuleProps := &cfnResolverRuleProps{ domainName: jsii.String("domainName"), ruleType: jsii.String("ruleType"), // the properties below are optional name: jsii.String("name"), resolverEndpointId: jsii.String("resolverEndpointId"), tags: []cfnTag{ &cfnTag{ key: jsii.String("key"), value: jsii.String("value"), }, }, targetIps: []interface{}{ &targetAddressProperty{ ip: jsii.String("ip"), // the properties below are optional port: jsii.String("port"), }, }, }
type CfnResolverRule_TargetAddressProperty ¶
type CfnResolverRule_TargetAddressProperty struct { // One IP address that you want to forward DNS queries to. // // You can specify only IPv4 addresses. Ip *string `field:"required" json:"ip" yaml:"ip"` // The port at `Ip` that you want to forward DNS queries to. Port *string `field:"optional" json:"port" yaml:"port"` }
In a [CreateResolverRule](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html) request, an array of the IPs that you want to forward DNS queries to.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" targetAddressProperty := &targetAddressProperty{ ip: jsii.String("ip"), // the properties below are optional port: jsii.String("port"), }
type DnsBlockResponse ¶
type DnsBlockResponse interface { // The DNS record's type. // Experimental. BlockOverrideDnsType() *string // The custom DNS record to send back in response to the query. // Experimental. BlockOverrideDomain() *string // The recommended amount of time for the DNS resolver or web browser to cache the provided override record. // Experimental. BlockOverrideTtl() awscdk.Duration // The way that you want DNS Firewall to block the request. // Experimental. BlockResponse() *string }
The way that you want DNS Firewall to block the request.
Example:
var myBlockList firewallDomainList var ruleGroup firewallRuleGroup ruleGroup.addRule(&firewallRule{ priority: jsii.Number(10), firewallDomainList: myBlockList, // block and reply with NXDOMAIN action: route53resolver.firewallRuleAction.block(route53resolver.dnsBlockResponse.nxDomain()), }) ruleGroup.addRule(&firewallRule{ priority: jsii.Number(20), firewallDomainList: myBlockList, // block and override DNS response with a custom domain action: route53resolver.*firewallRuleAction.block(route53resolver.*dnsBlockResponse.override(jsii.String("amazon.com"))), })
Experimental.
func DnsBlockResponse_NoData ¶
func DnsBlockResponse_NoData() DnsBlockResponse
Respond indicating that the query was successful, but no response is available for it. Experimental.
func DnsBlockResponse_NxDomain ¶
func DnsBlockResponse_NxDomain() DnsBlockResponse
Respond indicating that the domain name that's in the query doesn't exist. Experimental.
func DnsBlockResponse_Override ¶
func DnsBlockResponse_Override(domain *string, ttl awscdk.Duration) DnsBlockResponse
Provides a custom override response to the query. Experimental.
type DomainsConfig ¶
type DomainsConfig struct { // The fully qualified URL or URI of the file stored in Amazon S3 that contains the list of domains to import. // // The file must be a text file and must contain // a single domain per line. The content type of the S3 object must be `plain/text`. // Experimental. DomainFileUrl *string `field:"optional" json:"domainFileUrl" yaml:"domainFileUrl"` // A list of domains. // Experimental. Domains *[]*string `field:"optional" json:"domains" yaml:"domains"` }
Domains configuration.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" domainsConfig := &domainsConfig{ domainFileUrl: jsii.String("domainFileUrl"), domains: []*string{ jsii.String("domains"), }, }
Experimental.
type FirewallDomainList ¶
type FirewallDomainList interface { awscdk.Resource IFirewallDomainList // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. // Experimental. Env() *awscdk.ResourceEnvironment // The ARN (Amazon Resource Name) of the domain list. // Experimental. FirewallDomainListArn() *string // The date and time that the domain list was created. // Experimental. FirewallDomainListCreationTime() *string // The creator request ID. // Experimental. FirewallDomainListCreatorRequestId() *string // The number of domains in the list. // Experimental. FirewallDomainListDomainCount() *float64 // The ID of the domain list. // Experimental. FirewallDomainListId() *string // The owner of the list, used only for lists that are not managed by you. // // For example, the managed domain list `AWSManagedDomainsMalwareDomainList` // has the managed owner name `Route 53 Resolver DNS Firewall`. // Experimental. FirewallDomainListManagedOwnerName() *string // The date and time that the domain list was last modified. // Experimental. FirewallDomainListModificationTime() *string // The status of the domain list. // Experimental. FirewallDomainListStatus() *string // Additional information about the status of the rule group. // Experimental. FirewallDomainListStatusMessage() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. // Experimental. PhysicalName() *string // The stack in which this resource is defined. // Experimental. Stack() awscdk.Stack // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy) // Experimental. GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. // Experimental. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. // Experimental. GetResourceNameAttribute(nameAttr *string) *string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string }
A Firewall Domain List.
Example:
blockList := route53resolver.NewFirewallDomainList(this, jsii.String("BlockList"), &firewallDomainListProps{ domains: route53resolver.firewallDomains.fromList([]*string{ jsii.String("bad-domain.com"), jsii.String("bot-domain.net"), }), }) s3List := route53resolver.NewFirewallDomainList(this, jsii.String("S3List"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromS3Url(jsii.String("s3://bucket/prefix/object")), }) assetList := route53resolver.NewFirewallDomainList(this, jsii.String("AssetList"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromAsset(jsii.String("/path/to/domains.txt")), })
Experimental.
func NewFirewallDomainList ¶
func NewFirewallDomainList(scope constructs.Construct, id *string, props *FirewallDomainListProps) FirewallDomainList
Experimental.
type FirewallDomainListProps ¶
type FirewallDomainListProps struct { // A list of domains. // Experimental. Domains FirewallDomains `field:"required" json:"domains" yaml:"domains"` // A name for the domain list. // Experimental. Name *string `field:"optional" json:"name" yaml:"name"` }
Properties for a Firewall Domain List.
Example:
blockList := route53resolver.NewFirewallDomainList(this, jsii.String("BlockList"), &firewallDomainListProps{ domains: route53resolver.firewallDomains.fromList([]*string{ jsii.String("bad-domain.com"), jsii.String("bot-domain.net"), }), }) s3List := route53resolver.NewFirewallDomainList(this, jsii.String("S3List"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromS3Url(jsii.String("s3://bucket/prefix/object")), }) assetList := route53resolver.NewFirewallDomainList(this, jsii.String("AssetList"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromAsset(jsii.String("/path/to/domains.txt")), })
Experimental.
type FirewallDomains ¶
type FirewallDomains interface { // Binds the domains to a domain list. // Experimental. Bind(scope constructs.Construct) *DomainsConfig }
A list of domains.
Example:
blockList := route53resolver.NewFirewallDomainList(this, jsii.String("BlockList"), &firewallDomainListProps{ domains: route53resolver.firewallDomains.fromList([]*string{ jsii.String("bad-domain.com"), jsii.String("bot-domain.net"), }), }) s3List := route53resolver.NewFirewallDomainList(this, jsii.String("S3List"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromS3Url(jsii.String("s3://bucket/prefix/object")), }) assetList := route53resolver.NewFirewallDomainList(this, jsii.String("AssetList"), &firewallDomainListProps{ domains: route53resolver.*firewallDomains.fromAsset(jsii.String("/path/to/domains.txt")), })
Experimental.
func FirewallDomains_FromAsset ¶
func FirewallDomains_FromAsset(assetPath *string) FirewallDomains
Firewall domains created from a local disk path to a text file.
The file must be a text file (`.txt` extension) and must contain a single domain per line. It will be uploaded to S3. Experimental.
func FirewallDomains_FromList ¶
func FirewallDomains_FromList(list *[]*string) FirewallDomains
Firewall domains created from a list of domains. Experimental.
func FirewallDomains_FromS3 ¶
func FirewallDomains_FromS3(bucket awss3.IBucket, key *string) FirewallDomains
Firewall domains created from a file stored in Amazon S3.
The file must be a text file and must contain a single domain per line. The content type of the S3 object must be `plain/text`. Experimental.
func FirewallDomains_FromS3Url ¶
func FirewallDomains_FromS3Url(url *string) FirewallDomains
Firewall domains created from the URL of a file stored in Amazon S3.
The file must be a text file and must contain a single domain per line. The content type of the S3 object must be `plain/text`. Experimental.
type FirewallRule ¶
type FirewallRule struct { // The action for this rule. // Experimental. Action FirewallRuleAction `field:"required" json:"action" yaml:"action"` // The domain list for this rule. // Experimental. FirewallDomainList IFirewallDomainList `field:"required" json:"firewallDomainList" yaml:"firewallDomainList"` // The priority of the rule in the rule group. // // This value must be unique within // the rule group. // Experimental. Priority *float64 `field:"required" json:"priority" yaml:"priority"` }
A Firewall Rule.
Example:
var myBlockList firewallDomainList var ruleGroup firewallRuleGroup ruleGroup.addRule(&firewallRule{ priority: jsii.Number(10), firewallDomainList: myBlockList, // block and reply with NXDOMAIN action: route53resolver.firewallRuleAction.block(route53resolver.dnsBlockResponse.nxDomain()), }) ruleGroup.addRule(&firewallRule{ priority: jsii.Number(20), firewallDomainList: myBlockList, // block and override DNS response with a custom domain action: route53resolver.*firewallRuleAction.block(route53resolver.*dnsBlockResponse.override(jsii.String("amazon.com"))), })
Experimental.
type FirewallRuleAction ¶
type FirewallRuleAction interface { // The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list. // Experimental. Action() *string // The way that you want DNS Firewall to block the request. // Experimental. BlockResponse() DnsBlockResponse }
A Firewall Rule.
Example:
var myBlockList firewallDomainList route53resolver.NewFirewallRuleGroup(this, jsii.String("RuleGroup"), &firewallRuleGroupProps{ rules: []firewallRule{ &firewallRule{ priority: jsii.Number(10), firewallDomainList: myBlockList, // block and reply with NODATA action: route53resolver.firewallRuleAction.block(), }, }, })
Experimental.
func FirewallRuleAction_Alert ¶
func FirewallRuleAction_Alert() FirewallRuleAction
Permit the request to go through but send an alert to the logs. Experimental.
func FirewallRuleAction_Allow ¶
func FirewallRuleAction_Allow() FirewallRuleAction
Permit the request to go through. Experimental.
func FirewallRuleAction_Block ¶
func FirewallRuleAction_Block(response DnsBlockResponse) FirewallRuleAction
Disallow the request. Experimental.
type FirewallRuleGroup ¶
type FirewallRuleGroup interface { awscdk.Resource IFirewallRuleGroup // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. // Experimental. Env() *awscdk.ResourceEnvironment // The ARN (Amazon Resource Name) of the rule group. // Experimental. FirewallRuleGroupArn() *string // The date and time that the rule group was created. // Experimental. FirewallRuleGroupCreationTime() *string // The creator request ID. // Experimental. FirewallRuleGroupCreatorRequestId() *string // The ID of the rule group. // Experimental. FirewallRuleGroupId() *string // The date and time that the rule group was last modified. // Experimental. FirewallRuleGroupModificationTime() *string // The AWS account ID for the account that created the rule group. // Experimental. FirewallRuleGroupOwnerId() *string // The number of rules in the rule group. // Experimental. FirewallRuleGroupRuleCount() *float64 // Experimental. FirewallRuleGroupShareStatus() *string // The status of the rule group. // Experimental. FirewallRuleGroupStatus() *string // Additional information about the status of the rule group. // Experimental. FirewallRuleGroupStatusMessage() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. // Experimental. PhysicalName() *string // The stack in which this resource is defined. // Experimental. Stack() awscdk.Stack // Adds a rule to this group. // Experimental. AddRule(rule *FirewallRule) FirewallRuleGroup // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy) // Associates this Firewall Rule Group with a VPC. // Experimental. Associate(id *string, props *FirewallRuleGroupAssociationOptions) FirewallRuleGroupAssociation // Experimental. GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. // Experimental. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. // Experimental. GetResourceNameAttribute(nameAttr *string) *string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string }
A Firewall Rule Group.
Example:
var myBlockList firewallDomainList route53resolver.NewFirewallRuleGroup(this, jsii.String("RuleGroup"), &firewallRuleGroupProps{ rules: []firewallRule{ &firewallRule{ priority: jsii.Number(10), firewallDomainList: myBlockList, // block and reply with NODATA action: route53resolver.firewallRuleAction.block(), }, }, })
Experimental.
func NewFirewallRuleGroup ¶
func NewFirewallRuleGroup(scope constructs.Construct, id *string, props *FirewallRuleGroupProps) FirewallRuleGroup
Experimental.
type FirewallRuleGroupAssociation ¶
type FirewallRuleGroupAssociation interface { awscdk.Resource // The environment this resource belongs to. // // For resources that are created and managed by the CDK // (generally, those created by creating new class instances like Role, Bucket, etc.), // this is always the same as the environment of the stack they belong to; // however, for imported resources // (those obtained from static methods like fromRoleArn, fromBucketName, etc.), // that might be different than the stack they were imported into. // Experimental. Env() *awscdk.ResourceEnvironment // The ARN (Amazon Resource Name) of the association. // Experimental. FirewallRuleGroupAssociationArn() *string // The date and time that the association was created. // Experimental. FirewallRuleGroupAssociationCreationTime() *string // The creator request ID. // Experimental. FirewallRuleGroupAssociationCreatorRequestId() *string // The ID of the association. // Experimental. FirewallRuleGroupAssociationId() *string // The owner of the association, used only for lists that are not managed by you. // // If you use AWS Firewall Manager to manage your firewallls from DNS Firewall, // then this reports Firewall Manager as the managed owner. // Experimental. FirewallRuleGroupAssociationManagedOwnerName() *string // The date and time that the association was last modified. // Experimental. FirewallRuleGroupAssociationModificationTime() *string // The status of the association. // Experimental. FirewallRuleGroupAssociationStatus() *string // Additional information about the status of the association. // Experimental. FirewallRuleGroupAssociationStatusMessage() *string // The construct tree node associated with this construct. // Experimental. Node() awscdk.ConstructNode // Returns a string-encoded token that resolves to the physical name that should be passed to the CloudFormation resource. // // This value will resolve to one of the following: // - a concrete value (e.g. `"my-awesome-bucket"`) // - `undefined`, when a name should be generated by CloudFormation // - a concrete name generated automatically during synthesis, in // cross-environment scenarios. // Experimental. PhysicalName() *string // The stack in which this resource is defined. // Experimental. Stack() awscdk.Stack // Apply the given removal policy to this resource. // // The Removal Policy controls what happens to this resource when it stops // being managed by CloudFormation, either because you've removed it from the // CDK application or because you've made a change that requires the resource // to be replaced. // // The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS // account for data recovery and cleanup later (`RemovalPolicy.RETAIN`). // Experimental. ApplyRemovalPolicy(policy awscdk.RemovalPolicy) // Experimental. GeneratePhysicalName() *string // Returns an environment-sensitive token that should be used for the resource's "ARN" attribute (e.g. `bucket.bucketArn`). // // Normally, this token will resolve to `arnAttr`, but if the resource is // referenced across environments, `arnComponents` will be used to synthesize // a concrete ARN with the resource's physical name. Make sure to reference // `this.physicalName` in `arnComponents`. // Experimental. GetResourceArnAttribute(arnAttr *string, arnComponents *awscdk.ArnComponents) *string // Returns an environment-sensitive token that should be used for the resource's "name" attribute (e.g. `bucket.bucketName`). // // Normally, this token will resolve to `nameAttr`, but if the resource is // referenced across environments, it will be resolved to `this.physicalName`, // which will be a concrete name. // Experimental. GetResourceNameAttribute(nameAttr *string) *string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. OnPrepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. OnSynthesize(session constructs.ISynthesisSession) // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. OnValidate() *[]*string // Perform final modifications before synthesis. // // This method can be implemented by derived constructs in order to perform // final changes before synthesis. prepare() will be called after child // constructs have been prepared. // // This is an advanced framework feature. Only use this if you // understand the implications. // Experimental. Prepare() // Allows this construct to emit artifacts into the cloud assembly during synthesis. // // This method is usually implemented by framework-level constructs such as `Stack` and `Asset` // as they participate in synthesizing the cloud assembly. // Experimental. Synthesize(session awscdk.ISynthesisSession) // Returns a string representation of this construct. // Experimental. ToString() *string // Validate the current construct. // // This method can be implemented by derived constructs in order to perform // validation logic. It is called on all constructs before synthesis. // // Returns: An array of validation error messages, or an empty array if the construct is valid. // Experimental. Validate() *[]*string }
A Firewall Rule Group Association.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var firewallRuleGroup firewallRuleGroup var vpc vpc firewallRuleGroupAssociation := awscdk.Aws_route53resolver.NewFirewallRuleGroupAssociation(this, jsii.String("MyFirewallRuleGroupAssociation"), &firewallRuleGroupAssociationProps{ firewallRuleGroup: firewallRuleGroup, priority: jsii.Number(123), vpc: vpc, // the properties below are optional mutationProtection: jsii.Boolean(false), name: jsii.String("name"), })
Experimental.
func NewFirewallRuleGroupAssociation ¶
func NewFirewallRuleGroupAssociation(scope constructs.Construct, id *string, props *FirewallRuleGroupAssociationProps) FirewallRuleGroupAssociation
Experimental.
type FirewallRuleGroupAssociationOptions ¶
type FirewallRuleGroupAssociationOptions struct { // The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. // // DNS Firewall filters VPC // traffic starting from rule group with the lowest numeric priority setting. // // This value must be greater than 100 and less than 9,000. // Experimental. Priority *float64 `field:"required" json:"priority" yaml:"priority"` // The VPC that to associate with the rule group. // Experimental. Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"` // If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. // Experimental. MutationProtection *bool `field:"optional" json:"mutationProtection" yaml:"mutationProtection"` // The name of the association. // Experimental. Name *string `field:"optional" json:"name" yaml:"name"` }
Options for a Firewall Rule Group Association.
Example:
import ec2 "github.com/aws/aws-cdk-go/awscdk" var ruleGroup firewallRuleGroup var myVpc vpc ruleGroup.associate(jsii.String("Association"), &firewallRuleGroupAssociationOptions{ priority: jsii.Number(101), vpc: myVpc, })
Experimental.
type FirewallRuleGroupAssociationProps ¶
type FirewallRuleGroupAssociationProps struct { // The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. // // DNS Firewall filters VPC // traffic starting from rule group with the lowest numeric priority setting. // // This value must be greater than 100 and less than 9,000. // Experimental. Priority *float64 `field:"required" json:"priority" yaml:"priority"` // The VPC that to associate with the rule group. // Experimental. Vpc awsec2.IVpc `field:"required" json:"vpc" yaml:"vpc"` // If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. // Experimental. MutationProtection *bool `field:"optional" json:"mutationProtection" yaml:"mutationProtection"` // The name of the association. // Experimental. Name *string `field:"optional" json:"name" yaml:"name"` // The firewall rule group which must be associated. // Experimental. FirewallRuleGroup IFirewallRuleGroup `field:"required" json:"firewallRuleGroup" yaml:"firewallRuleGroup"` }
Properties for a Firewall Rule Group Association.
Example:
// The code below shows an example of how to instantiate this type. // The values are placeholders you should change. import "github.com/aws/aws-cdk-go/awscdk" import "github.com/aws/aws-cdk-go/awscdk" var firewallRuleGroup firewallRuleGroup var vpc vpc firewallRuleGroupAssociationProps := &firewallRuleGroupAssociationProps{ firewallRuleGroup: firewallRuleGroup, priority: jsii.Number(123), vpc: vpc, // the properties below are optional mutationProtection: jsii.Boolean(false), name: jsii.String("name"), }
Experimental.
type FirewallRuleGroupProps ¶
type FirewallRuleGroupProps struct { // The name of the rule group. // Experimental. Name *string `field:"optional" json:"name" yaml:"name"` // A list of rules for this group. // Experimental. Rules *[]*FirewallRule `field:"optional" json:"rules" yaml:"rules"` }
Properties for a Firewall Rule Group.
Example:
var myBlockList firewallDomainList route53resolver.NewFirewallRuleGroup(this, jsii.String("RuleGroup"), &firewallRuleGroupProps{ rules: []firewallRule{ &firewallRule{ priority: jsii.Number(10), firewallDomainList: myBlockList, // block and reply with NODATA action: route53resolver.firewallRuleAction.block(), }, }, })
Experimental.
type IFirewallDomainList ¶
type IFirewallDomainList interface { awscdk.IResource // The ID of the domain list. // Experimental. FirewallDomainListId() *string }
A Firewall Domain List. Experimental.
func FirewallDomainList_FromFirewallDomainListId ¶
func FirewallDomainList_FromFirewallDomainListId(scope constructs.Construct, id *string, firewallDomainListId *string) IFirewallDomainList
Import an existing Firewall Rule Group. Experimental.
type IFirewallRuleGroup ¶
type IFirewallRuleGroup interface { awscdk.IResource // The ID of the rule group. // Experimental. FirewallRuleGroupId() *string }
A Firewall Rule Group. Experimental.
func FirewallRuleGroup_FromFirewallRuleGroupId ¶
func FirewallRuleGroup_FromFirewallRuleGroupId(scope constructs.Construct, id *string, firewallRuleGroupId *string) IFirewallRuleGroup
Import an existing Firewall Rule Group. Experimental.
Source Files ¶
- awsroute53resolver.go
- awsroute53resolver_CfnFirewallDomainList.go
- awsroute53resolver_CfnFirewallDomainListProps.go
- awsroute53resolver_CfnFirewallDomainList__runtime_type_checks.go
- awsroute53resolver_CfnFirewallRuleGroup.go
- awsroute53resolver_CfnFirewallRuleGroupAssociation.go
- awsroute53resolver_CfnFirewallRuleGroupAssociationProps.go
- awsroute53resolver_CfnFirewallRuleGroupAssociation__runtime_type_checks.go
- awsroute53resolver_CfnFirewallRuleGroupProps.go
- awsroute53resolver_CfnFirewallRuleGroup_FirewallRuleProperty.go
- awsroute53resolver_CfnFirewallRuleGroup__runtime_type_checks.go
- awsroute53resolver_CfnResolverConfig.go
- awsroute53resolver_CfnResolverConfigProps.go
- awsroute53resolver_CfnResolverConfig__runtime_type_checks.go
- awsroute53resolver_CfnResolverDNSSECConfig.go
- awsroute53resolver_CfnResolverDNSSECConfigProps.go
- awsroute53resolver_CfnResolverDNSSECConfig__runtime_type_checks.go
- awsroute53resolver_CfnResolverEndpoint.go
- awsroute53resolver_CfnResolverEndpointProps.go
- awsroute53resolver_CfnResolverEndpoint_IpAddressRequestProperty.go
- awsroute53resolver_CfnResolverEndpoint__runtime_type_checks.go
- awsroute53resolver_CfnResolverQueryLoggingConfig.go
- awsroute53resolver_CfnResolverQueryLoggingConfigAssociation.go
- awsroute53resolver_CfnResolverQueryLoggingConfigAssociationProps.go
- awsroute53resolver_CfnResolverQueryLoggingConfigAssociation__runtime_type_checks.go
- awsroute53resolver_CfnResolverQueryLoggingConfigProps.go
- awsroute53resolver_CfnResolverQueryLoggingConfig__runtime_type_checks.go
- awsroute53resolver_CfnResolverRule.go
- awsroute53resolver_CfnResolverRuleAssociation.go
- awsroute53resolver_CfnResolverRuleAssociationProps.go
- awsroute53resolver_CfnResolverRuleAssociation__runtime_type_checks.go
- awsroute53resolver_CfnResolverRuleProps.go
- awsroute53resolver_CfnResolverRule_TargetAddressProperty.go
- awsroute53resolver_CfnResolverRule__runtime_type_checks.go
- awsroute53resolver_DnsBlockResponse.go
- awsroute53resolver_DnsBlockResponse__runtime_type_checks.go
- awsroute53resolver_DomainsConfig.go
- awsroute53resolver_FirewallDomainList.go
- awsroute53resolver_FirewallDomainListProps.go
- awsroute53resolver_FirewallDomainList__runtime_type_checks.go
- awsroute53resolver_FirewallDomains.go
- awsroute53resolver_FirewallDomains__runtime_type_checks.go
- awsroute53resolver_FirewallRule.go
- awsroute53resolver_FirewallRuleAction.go
- awsroute53resolver_FirewallRuleGroup.go
- awsroute53resolver_FirewallRuleGroupAssociation.go
- awsroute53resolver_FirewallRuleGroupAssociationOptions.go
- awsroute53resolver_FirewallRuleGroupAssociationProps.go
- awsroute53resolver_FirewallRuleGroupAssociation__runtime_type_checks.go
- awsroute53resolver_FirewallRuleGroupProps.go
- awsroute53resolver_FirewallRuleGroup__runtime_type_checks.go
- awsroute53resolver_IFirewallDomainList.go
- awsroute53resolver_IFirewallRuleGroup.go