Create A Firewall Resource
POST/v1/config/ngfirewalls
Create an NGFW and define configuration settings. The settings that you define at creation include NGFW policy, subnets in your VPC, and tags associated with the NGFW resource.
Request
- application/json
Body
- Array [
- ]
- Array [
- ]
The unique ID of the account.
Possible values: <= 512 characters
, Value must match regular expression ^.*$
Description of the NGFW.
Possible values: [ServiceManaged
, CustomerManaged
]
The management mode used to create endpoints automatically or manually.
Possible values: non-empty
and <= 128 characters
, Value must match regular expression ^[a-zA-Z0-9-]+$
Name of the NGFW, unique in a region for each customer.
Name of the global rulestack.
Name of the local rulestack.
SubnetMappings object[]required
The public subnets for your NGFW. Each subnet must belong to a different Availability Zone in the VPC. NGFW creates an NGFW endpoint in each subnet.
The data center in a region available for use by the AWS customer.
The unique ID of the subnet in your VPC.
Tags object[]
Possible values: <= 50
The key:value pairs to associate with a resource.
A unique identifier in the key-value pair. The constant that defines the data set. .
The variable that belongs to the data set.
The unique identifier of the VPCs that you want NGFW to retrieve. Leave this blank to retrieve all VPCs.
Responses
- 200
OK
- application/json
- Schema
- Example (from schema)
Schema
- InvalidOperationException—Operation failed because it is not valid. For example, when you delete an NGFW or rulestack in use.
- InvalidRequestException—Operation failed due to invalid request. For example, unsupported parameter name or value in the request.
- LimitExceededException—Operation failed due to violation in limit settings.
- ThrottlingException—Operation failed due to throttling limitations.
- InsufficientCapacityException—AWS currently does not have enough capacity to fulfill your request.
- InternalServerError—Your request is valid but Cloud NGFW could not perform the operation due to a system issue.
Response object
The API call response.
The unique ID of the account.
Possible values: non-empty
and <= 64 characters
, Value must match regular expression ^[0-9]+-[0-9]+$
The App-ID version of the specified application.
Default value: true
Specify whether to automatically upgrade to the latest App-ID version.
Description of the NGFW.
Possible values: [ServiceManaged
, CustomerManaged
]
The management mode used to create endpoints automatically or manually.
Possible values: non-empty
and <= 128 characters
, Value must match regular expression ^[a-zA-Z0-9-]+$
Name of the NGFW, unique in a region for each customer.
Name of the global rulestack.
Name of the local rulestack.
The public subnets for your NGFW. Each subnet must belong to a different Availability Zone (AZ) in the VPC. NGFW creates an NGFW endpoint in each subnet.
The key:value pairs to associate with a resource.
Default value: 1
Refresh token.
The unique identifier of the VPCs that you want NGFW to retrieve. Leave this blank to retrieve all VPCs.
ResponseStatus object
The API call response status.
Default value: 0
Default value of a successful response is 0. Any other number indicates an error code.
400—HTTP bad request
500—Bad request
The error description.
{
"Response": {
"AccountId": "string",
"AppIdVersion": "string",
"AutomaticUpgradeAppIdVersion": true,
"Description": "string",
"EndpointMode": "ServiceManaged",
"FirewallName": "string",
"GlobalRuleStackName": "string",
"RuleStackName": "string",
"SubnetMappings": [
{}
],
"Tags": [
{}
],
"UpdateToken": "1",
"VpcId": "string"
},
"ResponseStatus": {
"ErrorCode": 0,
"Reason": "string"
}
}