@durkinza/cdk-networkfirewall-l2/API.md

AWS CDK L2 constructs for the AWS Network Firewall (AWS::NetworkFirewall)

# API Reference <a name="API Reference" id="api-reference"></a>

## Constructs <a name="Constructs" id="Constructs"></a>

### Firewall <a name="Firewall" id="@durkinza/cdk-networkfirewall-l2.Firewall"></a>

- *Implements:* <a href="#@durkinza/cdk-networkfirewall-l2.IFirewall">IFirewall</a>

Defines a Network Firewall in the Stack.

#### Initializers <a name="Initializers" id="@durkinza/cdk-networkfirewall-l2.Firewall.Initializer"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

new Firewall(scope: Construct, id: string, props: FirewallProps)
```

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.props">props</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallProps">FirewallProps</a></code> | *No description.* |

---

##### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.scope"></a>

- *Type:* constructs.Construct

---

##### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.id"></a>

- *Type:* string

---

##### `props`<sup>Required</sup> <a name="props" id="@durkinza/cdk-networkfirewall-l2.Firewall.Initializer.parameter.props"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.FirewallProps">FirewallProps</a>

---

#### Methods <a name="Methods" id="Methods"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.toString">toString</a></code> | Returns a string representation of this construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.addLoggingConfigurations">addLoggingConfigurations</a></code> | Add a Logging Configuration to the Firewall. |

---

##### `toString` <a name="toString" id="@durkinza/cdk-networkfirewall-l2.Firewall.toString"></a>

```typescript
public toString(): string
```

Returns a string representation of this construct.

##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="@durkinza/cdk-networkfirewall-l2.Firewall.applyRemovalPolicy"></a>

```typescript
public applyRemovalPolicy(policy: RemovalPolicy): void
```

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops
being managed by CloudFormation, either because you've removed it from the
CDK application or because you've made a change that requires the resource
to be replaced.

The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).

###### `policy`<sup>Required</sup> <a name="policy" id="@durkinza/cdk-networkfirewall-l2.Firewall.applyRemovalPolicy.parameter.policy"></a>

- *Type:* aws-cdk-lib.RemovalPolicy

---

##### `addLoggingConfigurations` <a name="addLoggingConfigurations" id="@durkinza/cdk-networkfirewall-l2.Firewall.addLoggingConfigurations"></a>

```typescript
public addLoggingConfigurations(configurationName: string, logLocations: ILogLocation[]): LoggingConfiguration
```

Add a Logging Configuration to the Firewall.

###### `configurationName`<sup>Required</sup> <a name="configurationName" id="@durkinza/cdk-networkfirewall-l2.Firewall.addLoggingConfigurations.parameter.configurationName"></a>

- *Type:* string

The Name of the Logging configuration type.

---

###### `logLocations`<sup>Required</sup> <a name="logLocations" id="@durkinza/cdk-networkfirewall-l2.Firewall.addLoggingConfigurations.parameter.logLocations"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.ILogLocation">ILogLocation</a>[]

An array of Log Locations.

---

#### Static Functions <a name="Static Functions" id="Static Functions"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallArn">fromFirewallArn</a></code> | Reference an existing Network Firewall, defined outside of the CDK code, by arn. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallName">fromFirewallName</a></code> | Reference an existing Network Firewall, defined outside of the CDK code, by name. |

---

##### ~~`isConstruct`~~ <a name="isConstruct" id="@durkinza/cdk-networkfirewall-l2.Firewall.isConstruct"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

Firewall.isConstruct(x: any)
```

Checks if `x` is a construct.

###### `x`<sup>Required</sup> <a name="x" id="@durkinza/cdk-networkfirewall-l2.Firewall.isConstruct.parameter.x"></a>

- *Type:* any

Any object.

---

##### `isOwnedResource` <a name="isOwnedResource" id="@durkinza/cdk-networkfirewall-l2.Firewall.isOwnedResource"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

Firewall.isOwnedResource(construct: IConstruct)
```

Returns true if the construct was created by CDK, and false otherwise.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.Firewall.isOwnedResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `isResource` <a name="isResource" id="@durkinza/cdk-networkfirewall-l2.Firewall.isResource"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

Firewall.isResource(construct: IConstruct)
```

Check whether the given construct is a Resource.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.Firewall.isResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `fromFirewallArn` <a name="fromFirewallArn" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallArn"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

Firewall.fromFirewallArn(scope: Construct, id: string, firewallArn: string)
```

Reference an existing Network Firewall, defined outside of the CDK code, by arn.

###### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallArn.parameter.scope"></a>

- *Type:* constructs.Construct

---

###### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallArn.parameter.id"></a>

- *Type:* string

---

###### `firewallArn`<sup>Required</sup> <a name="firewallArn" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallArn.parameter.firewallArn"></a>

- *Type:* string

---

##### `fromFirewallName` <a name="fromFirewallName" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallName"></a>

```typescript
import { Firewall } from '@durkinza/cdk-networkfirewall-l2'

Firewall.fromFirewallName(scope: Construct, id: string, firewallName: string)
```

Reference an existing Network Firewall, defined outside of the CDK code, by name.

###### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallName.parameter.scope"></a>

- *Type:* constructs.Construct

---

###### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallName.parameter.id"></a>

- *Type:* string

---

###### `firewallName`<sup>Required</sup> <a name="firewallName" id="@durkinza/cdk-networkfirewall-l2.Firewall.fromFirewallName.parameter.firewallName"></a>

- *Type:* string

---

#### Properties <a name="Properties" id="Properties"></a>

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.endpointIds">endpointIds</a></code> | <code>string[]</code> | The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.firewallArn">firewallArn</a></code> | <code>string</code> | The Arn of the Firewall. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.firewallId">firewallId</a></code> | <code>string</code> | The physical name of the Firewall. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.policy">policy</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.IFirewallPolicy">IFirewallPolicy</a></code> | The associated firewall Policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingCloudWatchLogGroups">loggingCloudWatchLogGroups</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.CloudWatchLogLocationProps">CloudWatchLogLocationProps</a>[]</code> | The Cloud Watch Log Groups to send logs to. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingConfigurations">loggingConfigurations</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.ILoggingConfiguration">ILoggingConfiguration</a>[]</code> | The list of references to the generated logging configurations. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingKinesisDataStreams">loggingKinesisDataStreams</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.KinesisDataFirehoseLogLocationProps">KinesisDataFirehoseLogLocationProps</a>[]</code> | The Kinesis Data Stream locations. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingS3Buckets">loggingS3Buckets</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.S3LogLocationProps">S3LogLocationProps</a>[]</code> | The S3 Buckets to send logs to. |

---

##### `node`<sup>Required</sup> <a name="node" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.node"></a>

```typescript
public readonly node: Node;
```

- *Type:* constructs.Node

The tree node.

---

##### `env`<sup>Required</sup> <a name="env" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.env"></a>

```typescript
public readonly env: ResourceEnvironment;
```

- *Type:* aws-cdk-lib.ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK
(generally, those created by creating new class instances like Role, Bucket, etc.),
this is always the same as the environment of the stack they belong to;
however, for imported resources
(those obtained from static methods like fromRoleArn, fromBucketName, etc.),
that might be different than the stack they were imported into.

---

##### `stack`<sup>Required</sup> <a name="stack" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.stack"></a>

```typescript
public readonly stack: Stack;
```

- *Type:* aws-cdk-lib.Stack

The stack in which this resource is defined.

---

##### `endpointIds`<sup>Required</sup> <a name="endpointIds" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.endpointIds"></a>

```typescript
public readonly endpointIds: string[];
```

- *Type:* string[]

The unique IDs of the firewall endpoints for all of the subnets that you attached to the firewall.

The subnets are not listed in any particular order.

---

##### `firewallArn`<sup>Required</sup> <a name="firewallArn" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.firewallArn"></a>

```typescript
public readonly firewallArn: string;
```

- *Type:* string

The Arn of the Firewall.

---

##### `firewallId`<sup>Required</sup> <a name="firewallId" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.firewallId"></a>

```typescript
public readonly firewallId: string;
```

- *Type:* string

The physical name of the Firewall.

---

##### `policy`<sup>Required</sup> <a name="policy" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.policy"></a>

```typescript
public readonly policy: IFirewallPolicy;
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.IFirewallPolicy">IFirewallPolicy</a>

The associated firewall Policy.

---

##### `loggingCloudWatchLogGroups`<sup>Required</sup> <a name="loggingCloudWatchLogGroups" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingCloudWatchLogGroups"></a>

```typescript
public readonly loggingCloudWatchLogGroups: CloudWatchLogLocationProps[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.CloudWatchLogLocationProps">CloudWatchLogLocationProps</a>[]

The Cloud Watch Log Groups to send logs to.

---

##### `loggingConfigurations`<sup>Required</sup> <a name="loggingConfigurations" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingConfigurations"></a>

```typescript
public readonly loggingConfigurations: ILoggingConfiguration[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.ILoggingConfiguration">ILoggingConfiguration</a>[]

The list of references to the generated logging configurations.

---

##### `loggingKinesisDataStreams`<sup>Required</sup> <a name="loggingKinesisDataStreams" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingKinesisDataStreams"></a>

```typescript
public readonly loggingKinesisDataStreams: KinesisDataFirehoseLogLocationProps[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.KinesisDataFirehoseLogLocationProps">KinesisDataFirehoseLogLocationProps</a>[]

The Kinesis Data Stream locations.

---

##### `loggingS3Buckets`<sup>Required</sup> <a name="loggingS3Buckets" id="@durkinza/cdk-networkfirewall-l2.Firewall.property.loggingS3Buckets"></a>

```typescript
public readonly loggingS3Buckets: S3LogLocationProps[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.S3LogLocationProps">S3LogLocationProps</a>[]

The S3 Buckets to send logs to.

---


### FirewallPolicy <a name="FirewallPolicy" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy"></a>

- *Implements:* <a href="#@durkinza/cdk-networkfirewall-l2.IFirewallPolicy">IFirewallPolicy</a>

Defines a Firewall Policy in the stack.

#### Initializers <a name="Initializers" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

new FirewallPolicy(scope: Construct, id: string, props: FirewallPolicyProps)
```

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.props">props</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicyProps">FirewallPolicyProps</a></code> | *No description.* |

---

##### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.scope"></a>

- *Type:* constructs.Construct

---

##### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.id"></a>

- *Type:* string

---

##### `props`<sup>Required</sup> <a name="props" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.Initializer.parameter.props"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicyProps">FirewallPolicyProps</a>

---

#### Methods <a name="Methods" id="Methods"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.toString">toString</a></code> | Returns a string representation of this construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatefulRuleGroup">addStatefulRuleGroup</a></code> | Add a stateful rule group to the policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatelessRuleGroup">addStatelessRuleGroup</a></code> | Add a stateless rule group to the policy. |

---

##### `toString` <a name="toString" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.toString"></a>

```typescript
public toString(): string
```

Returns a string representation of this construct.

##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.applyRemovalPolicy"></a>

```typescript
public applyRemovalPolicy(policy: RemovalPolicy): void
```

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops
being managed by CloudFormation, either because you've removed it from the
CDK application or because you've made a change that requires the resource
to be replaced.

The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).

###### `policy`<sup>Required</sup> <a name="policy" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.applyRemovalPolicy.parameter.policy"></a>

- *Type:* aws-cdk-lib.RemovalPolicy

---

##### `addStatefulRuleGroup` <a name="addStatefulRuleGroup" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatefulRuleGroup"></a>

```typescript
public addStatefulRuleGroup(ruleGroup: StatefulRuleGroupList): void
```

Add a stateful rule group to the policy.

###### `ruleGroup`<sup>Required</sup> <a name="ruleGroup" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatefulRuleGroup.parameter.ruleGroup"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.StatefulRuleGroupList">StatefulRuleGroupList</a>

The stateful rule group to add to the policy.

---

##### `addStatelessRuleGroup` <a name="addStatelessRuleGroup" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatelessRuleGroup"></a>

```typescript
public addStatelessRuleGroup(ruleGroup: StatelessRuleGroupList): void
```

Add a stateless rule group to the policy.

###### `ruleGroup`<sup>Required</sup> <a name="ruleGroup" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.addStatelessRuleGroup.parameter.ruleGroup"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.StatelessRuleGroupList">StatelessRuleGroupList</a>

The stateless rule group to add to the policy.

---

#### Static Functions <a name="Static Functions" id="Static Functions"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyArn">fromFirewallPolicyArn</a></code> | Reference existing firewall policy by Arn. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyName">fromFirewallPolicyName</a></code> | Reference existing firewall policy name. |

---

##### ~~`isConstruct`~~ <a name="isConstruct" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isConstruct"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

FirewallPolicy.isConstruct(x: any)
```

Checks if `x` is a construct.

###### `x`<sup>Required</sup> <a name="x" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isConstruct.parameter.x"></a>

- *Type:* any

Any object.

---

##### `isOwnedResource` <a name="isOwnedResource" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isOwnedResource"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

FirewallPolicy.isOwnedResource(construct: IConstruct)
```

Returns true if the construct was created by CDK, and false otherwise.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isOwnedResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `isResource` <a name="isResource" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isResource"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

FirewallPolicy.isResource(construct: IConstruct)
```

Check whether the given construct is a Resource.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.isResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `fromFirewallPolicyArn` <a name="fromFirewallPolicyArn" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyArn"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

FirewallPolicy.fromFirewallPolicyArn(scope: Construct, id: string, firewallPolicyArn: string)
```

Reference existing firewall policy by Arn.

###### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyArn.parameter.scope"></a>

- *Type:* constructs.Construct

---

###### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyArn.parameter.id"></a>

- *Type:* string

---

###### `firewallPolicyArn`<sup>Required</sup> <a name="firewallPolicyArn" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyArn.parameter.firewallPolicyArn"></a>

- *Type:* string

the ARN of the existing firewall policy.

---

##### `fromFirewallPolicyName` <a name="fromFirewallPolicyName" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyName"></a>

```typescript
import { FirewallPolicy } from '@durkinza/cdk-networkfirewall-l2'

FirewallPolicy.fromFirewallPolicyName(scope: Construct, id: string, firewallPolicyName: string)
```

Reference existing firewall policy name.

###### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyName.parameter.scope"></a>

- *Type:* constructs.Construct

---

###### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyName.parameter.id"></a>

- *Type:* string

---

###### `firewallPolicyName`<sup>Required</sup> <a name="firewallPolicyName" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.fromFirewallPolicyName.parameter.firewallPolicyName"></a>

- *Type:* string

The name of the existing firewall policy.

---

#### Properties <a name="Properties" id="Properties"></a>

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.firewallPolicyArn">firewallPolicyArn</a></code> | <code>string</code> | The Arn of the policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.firewallPolicyId">firewallPolicyId</a></code> | <code>string</code> | The physical name of the firewall policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statefulDefaultActions">statefulDefaultActions</a></code> | <code>string[]</code> | The Default actions for packets that don't match a stateful rule. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statefulRuleGroups">statefulRuleGroups</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.StatefulRuleGroupList">StatefulRuleGroupList</a>[]</code> | The stateful rule groups in this policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessDefaultActions">statelessDefaultActions</a></code> | <code>string[]</code> | The Default actions for packets that don't match a stateless rule. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessFragmentDefaultActions">statelessFragmentDefaultActions</a></code> | <code>string[]</code> | The Default actions for fragment packets that don't match a stateless rule. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessRuleGroups">statelessRuleGroups</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.StatelessRuleGroupList">StatelessRuleGroupList</a>[]</code> | The stateless rule groups in this policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.tags">tags</a></code> | <code>aws-cdk-lib.Tag[]</code> | Tags to be added to the policy. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.tlsInspectionConfiguration">tlsInspectionConfiguration</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.ITLSInspectionConfiguration">ITLSInspectionConfiguration</a></code> | The TLS Inspection Configuration. |

---

##### `node`<sup>Required</sup> <a name="node" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.node"></a>

```typescript
public readonly node: Node;
```

- *Type:* constructs.Node

The tree node.

---

##### `env`<sup>Required</sup> <a name="env" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.env"></a>

```typescript
public readonly env: ResourceEnvironment;
```

- *Type:* aws-cdk-lib.ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK
(generally, those created by creating new class instances like Role, Bucket, etc.),
this is always the same as the environment of the stack they belong to;
however, for imported resources
(those obtained from static methods like fromRoleArn, fromBucketName, etc.),
that might be different than the stack they were imported into.

---

##### `stack`<sup>Required</sup> <a name="stack" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.stack"></a>

```typescript
public readonly stack: Stack;
```

- *Type:* aws-cdk-lib.Stack

The stack in which this resource is defined.

---

##### `firewallPolicyArn`<sup>Required</sup> <a name="firewallPolicyArn" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.firewallPolicyArn"></a>

```typescript
public readonly firewallPolicyArn: string;
```

- *Type:* string

The Arn of the policy.

---

##### `firewallPolicyId`<sup>Required</sup> <a name="firewallPolicyId" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.firewallPolicyId"></a>

```typescript
public readonly firewallPolicyId: string;
```

- *Type:* string

The physical name of the firewall policy.

---

##### `statefulDefaultActions`<sup>Required</sup> <a name="statefulDefaultActions" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statefulDefaultActions"></a>

```typescript
public readonly statefulDefaultActions: string[];
```

- *Type:* string[]

The Default actions for packets that don't match a stateful rule.

---

##### `statefulRuleGroups`<sup>Required</sup> <a name="statefulRuleGroups" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statefulRuleGroups"></a>

```typescript
public readonly statefulRuleGroups: StatefulRuleGroupList[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.StatefulRuleGroupList">StatefulRuleGroupList</a>[]

The stateful rule groups in this policy.

---

##### `statelessDefaultActions`<sup>Required</sup> <a name="statelessDefaultActions" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessDefaultActions"></a>

```typescript
public readonly statelessDefaultActions: string[];
```

- *Type:* string[]

The Default actions for packets that don't match a stateless rule.

---

##### `statelessFragmentDefaultActions`<sup>Required</sup> <a name="statelessFragmentDefaultActions" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessFragmentDefaultActions"></a>

```typescript
public readonly statelessFragmentDefaultActions: string[];
```

- *Type:* string[]

The Default actions for fragment packets that don't match a stateless rule.

---

##### `statelessRuleGroups`<sup>Required</sup> <a name="statelessRuleGroups" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.statelessRuleGroups"></a>

```typescript
public readonly statelessRuleGroups: StatelessRuleGroupList[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.StatelessRuleGroupList">StatelessRuleGroupList</a>[]

The stateless rule groups in this policy.

---

##### `tags`<sup>Required</sup> <a name="tags" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.tags"></a>

```typescript
public readonly tags: Tag[];
```

- *Type:* aws-cdk-lib.Tag[]

Tags to be added to the policy.

---

##### `tlsInspectionConfiguration`<sup>Optional</sup> <a name="tlsInspectionConfiguration" id="@durkinza/cdk-networkfirewall-l2.FirewallPolicy.property.tlsInspectionConfiguration"></a>

```typescript
public readonly tlsInspectionConfiguration: ITLSInspectionConfiguration;
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.ITLSInspectionConfiguration">ITLSInspectionConfiguration</a>

The TLS Inspection Configuration.

---


### LoggingConfiguration <a name="LoggingConfiguration" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration"></a>

- *Implements:* <a href="#@durkinza/cdk-networkfirewall-l2.ILoggingConfiguration">ILoggingConfiguration</a>

Defines a Logging Configuration in the Stack.

#### Initializers <a name="Initializers" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer"></a>

```typescript
import { LoggingConfiguration } from '@durkinza/cdk-networkfirewall-l2'

new LoggingConfiguration(scope: Construct, id: string, props: LoggingConfigurationProps)
```

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.props">props</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfigurationProps">LoggingConfigurationProps</a></code> | *No description.* |

---

##### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.scope"></a>

- *Type:* constructs.Construct

---

##### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.id"></a>

- *Type:* string

---

##### `props`<sup>Required</sup> <a name="props" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.Initializer.parameter.props"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfigurationProps">LoggingConfigurationProps</a>

---

#### Methods <a name="Methods" id="Methods"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.toString">toString</a></code> | Returns a string representation of this construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.iLogLocationsToLogDestinationConfigProperty">iLogLocationsToLogDestinationConfigProperty</a></code> | Convert ILogLocation array to L1 LogDestinationConfigProperty array. |

---

##### `toString` <a name="toString" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.toString"></a>

```typescript
public toString(): string
```

Returns a string representation of this construct.

##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.applyRemovalPolicy"></a>

```typescript
public applyRemovalPolicy(policy: RemovalPolicy): void
```

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops
being managed by CloudFormation, either because you've removed it from the
CDK application or because you've made a change that requires the resource
to be replaced.

The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).

###### `policy`<sup>Required</sup> <a name="policy" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.applyRemovalPolicy.parameter.policy"></a>

- *Type:* aws-cdk-lib.RemovalPolicy

---

##### `iLogLocationsToLogDestinationConfigProperty` <a name="iLogLocationsToLogDestinationConfigProperty" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.iLogLocationsToLogDestinationConfigProperty"></a>

```typescript
public iLogLocationsToLogDestinationConfigProperty(logLocations: ILogLocation[]): LogDestinationConfigProperty[]
```

Convert ILogLocation array to L1 LogDestinationConfigProperty array.

###### `logLocations`<sup>Required</sup> <a name="logLocations" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.iLogLocationsToLogDestinationConfigProperty.parameter.logLocations"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.ILogLocation">ILogLocation</a>[]

An array of assorted Log Locations.

---

#### Static Functions <a name="Static Functions" id="Static Functions"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isResource">isResource</a></code> | Check whether the given construct is a Resource. |

---

##### ~~`isConstruct`~~ <a name="isConstruct" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isConstruct"></a>

```typescript
import { LoggingConfiguration } from '@durkinza/cdk-networkfirewall-l2'

LoggingConfiguration.isConstruct(x: any)
```

Checks if `x` is a construct.

###### `x`<sup>Required</sup> <a name="x" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isConstruct.parameter.x"></a>

- *Type:* any

Any object.

---

##### `isOwnedResource` <a name="isOwnedResource" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isOwnedResource"></a>

```typescript
import { LoggingConfiguration } from '@durkinza/cdk-networkfirewall-l2'

LoggingConfiguration.isOwnedResource(construct: IConstruct)
```

Returns true if the construct was created by CDK, and false otherwise.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isOwnedResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `isResource` <a name="isResource" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isResource"></a>

```typescript
import { LoggingConfiguration } from '@durkinza/cdk-networkfirewall-l2'

LoggingConfiguration.isResource(construct: IConstruct)
```

Check whether the given construct is a Resource.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.isResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

#### Properties <a name="Properties" id="Properties"></a>

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.firewallRef">firewallRef</a></code> | <code>string</code> | The associated firewall Arn. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.firewallName">firewallName</a></code> | <code>string</code> | The associated firewall Name. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.loggingLocations">loggingLocations</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.ILogLocation">ILogLocation</a>[]</code> | Defines how AWS Network Firewall performs logging for a Firewall. |

---

##### `node`<sup>Required</sup> <a name="node" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.node"></a>

```typescript
public readonly node: Node;
```

- *Type:* constructs.Node

The tree node.

---

##### `env`<sup>Required</sup> <a name="env" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.env"></a>

```typescript
public readonly env: ResourceEnvironment;
```

- *Type:* aws-cdk-lib.ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK
(generally, those created by creating new class instances like Role, Bucket, etc.),
this is always the same as the environment of the stack they belong to;
however, for imported resources
(those obtained from static methods like fromRoleArn, fromBucketName, etc.),
that might be different than the stack they were imported into.

---

##### `stack`<sup>Required</sup> <a name="stack" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.stack"></a>

```typescript
public readonly stack: Stack;
```

- *Type:* aws-cdk-lib.Stack

The stack in which this resource is defined.

---

##### `firewallRef`<sup>Required</sup> <a name="firewallRef" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.firewallRef"></a>

```typescript
public readonly firewallRef: string;
```

- *Type:* string

The associated firewall Arn.

---

##### `firewallName`<sup>Optional</sup> <a name="firewallName" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.firewallName"></a>

```typescript
public readonly firewallName: string;
```

- *Type:* string

The associated firewall Name.

---

##### `loggingLocations`<sup>Required</sup> <a name="loggingLocations" id="@durkinza/cdk-networkfirewall-l2.LoggingConfiguration.property.loggingLocations"></a>

```typescript
public readonly loggingLocations: ILogLocation[];
```

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.ILogLocation">ILogLocation</a>[]

Defines how AWS Network Firewall performs logging for a Firewall.

---


### Stateful5TupleRuleGroup <a name="Stateful5TupleRuleGroup" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup"></a>

- *Implements:* <a href="#@durkinza/cdk-networkfirewall-l2.IStatefulRuleGroup">IStatefulRuleGroup</a>

A Stateful Rule group that holds 5Tuple Rules.

#### Initializers <a name="Initializers" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer"></a>

```typescript
import { Stateful5TupleRuleGroup } from '@durkinza/cdk-networkfirewall-l2'

new Stateful5TupleRuleGroup(scope: Construct, id: string, props?: Stateful5TupleRuleGroupProps)
```

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.scope">scope</a></code> | <code>constructs.Construct</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.id">id</a></code> | <code>string</code> | *No description.* |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.props">props</a></code> | <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroupProps">Stateful5TupleRuleGroupProps</a></code> | *No description.* |

---

##### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.scope"></a>

- *Type:* constructs.Construct

---

##### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.id"></a>

- *Type:* string

---

##### `props`<sup>Optional</sup> <a name="props" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.Initializer.parameter.props"></a>

- *Type:* <a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroupProps">Stateful5TupleRuleGroupProps</a>

---

#### Methods <a name="Methods" id="Methods"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.toString">toString</a></code> | Returns a string representation of this construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.applyRemovalPolicy">applyRemovalPolicy</a></code> | Apply the given removal policy to this resource. |

---

##### `toString` <a name="toString" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.toString"></a>

```typescript
public toString(): string
```

Returns a string representation of this construct.

##### `applyRemovalPolicy` <a name="applyRemovalPolicy" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.applyRemovalPolicy"></a>

```typescript
public applyRemovalPolicy(policy: RemovalPolicy): void
```

Apply the given removal policy to this resource.

The Removal Policy controls what happens to this resource when it stops
being managed by CloudFormation, either because you've removed it from the
CDK application or because you've made a change that requires the resource
to be replaced.

The resource can be deleted (`RemovalPolicy.DESTROY`), or left in your AWS
account for data recovery and cleanup later (`RemovalPolicy.RETAIN`).

###### `policy`<sup>Required</sup> <a name="policy" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.applyRemovalPolicy.parameter.policy"></a>

- *Type:* aws-cdk-lib.RemovalPolicy

---

#### Static Functions <a name="Static Functions" id="Static Functions"></a>

| **Name** | **Description** |
| --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isConstruct">isConstruct</a></code> | Checks if `x` is a construct. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isOwnedResource">isOwnedResource</a></code> | Returns true if the construct was created by CDK, and false otherwise. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isResource">isResource</a></code> | Check whether the given construct is a Resource. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.fromRuleGroupArn">fromRuleGroupArn</a></code> | Reference existing Rule Group. |

---

##### ~~`isConstruct`~~ <a name="isConstruct" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isConstruct"></a>

```typescript
import { Stateful5TupleRuleGroup } from '@durkinza/cdk-networkfirewall-l2'

Stateful5TupleRuleGroup.isConstruct(x: any)
```

Checks if `x` is a construct.

###### `x`<sup>Required</sup> <a name="x" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isConstruct.parameter.x"></a>

- *Type:* any

Any object.

---

##### `isOwnedResource` <a name="isOwnedResource" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isOwnedResource"></a>

```typescript
import { Stateful5TupleRuleGroup } from '@durkinza/cdk-networkfirewall-l2'

Stateful5TupleRuleGroup.isOwnedResource(construct: IConstruct)
```

Returns true if the construct was created by CDK, and false otherwise.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isOwnedResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `isResource` <a name="isResource" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isResource"></a>

```typescript
import { Stateful5TupleRuleGroup } from '@durkinza/cdk-networkfirewall-l2'

Stateful5TupleRuleGroup.isResource(construct: IConstruct)
```

Check whether the given construct is a Resource.

###### `construct`<sup>Required</sup> <a name="construct" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.isResource.parameter.construct"></a>

- *Type:* constructs.IConstruct

---

##### `fromRuleGroupArn` <a name="fromRuleGroupArn" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.fromRuleGroupArn"></a>

```typescript
import { Stateful5TupleRuleGroup } from '@durkinza/cdk-networkfirewall-l2'

Stateful5TupleRuleGroup.fromRuleGroupArn(scope: Construct, id: string, ruleGroupArn: string)
```

Reference existing Rule Group.

###### `scope`<sup>Required</sup> <a name="scope" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.fromRuleGroupArn.parameter.scope"></a>

- *Type:* constructs.Construct

---

###### `id`<sup>Required</sup> <a name="id" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.fromRuleGroupArn.parameter.id"></a>

- *Type:* string

---

###### `ruleGroupArn`<sup>Required</sup> <a name="ruleGroupArn" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.fromRuleGroupArn.parameter.ruleGroupArn"></a>

- *Type:* string

---

#### Properties <a name="Properties" id="Properties"></a>

| **Name** | **Type** | **Description** |
| --- | --- | --- |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.node">node</a></code> | <code>constructs.Node</code> | The tree node. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.env">env</a></code> | <code>aws-cdk-lib.ResourceEnvironment</code> | The environment this resource belongs to. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.stack">stack</a></code> | <code>aws-cdk-lib.Stack</code> | The stack in which this resource is defined. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.ruleGroupArn">ruleGroupArn</a></code> | <code>string</code> | The Arn of the rule group. |
| <code><a href="#@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.ruleGroupId">ruleGroupId</a></code> | <code>string</code> | the physical name of the rule group. |

---

##### `node`<sup>Required</sup> <a name="node" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.node"></a>

```typescript
public readonly node: Node;
```

- *Type:* constructs.Node

The tree node.

---

##### `env`<sup>Required</sup> <a name="env" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.env"></a>

```typescript
public readonly env: ResourceEnvironment;
```

- *Type:* aws-cdk-lib.ResourceEnvironment

The environment this resource belongs to.

For resources that are created and managed by the CDK
(generally, those created by creating new class instances like Role, Bucket, etc.),
this is always the same as the environment of the stack they belong to;
however, for imported resources
(those obtained from static methods like fromRoleArn, fromBucketName, etc.),
that might be different than the stack they were imported into.

---

##### `stack`<sup>Required</sup> <a name="stack" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.stack"></a>

```typescript
public readonly stack: Stack;
```

- *Type:* aws-cdk-lib.Stack

The stack in which this resource is defined.

---

##### `ruleGroupArn`<sup>Required</sup> <a name="ruleGroupArn" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.ruleGroupArn"></a>

```typescript
public readonly ruleGroupArn: string;
```

- *Type:* string

The Arn of the rule group.

---

##### `ruleGroupId`<sup>Required</sup> <a name="ruleGroupId" id="@durkinza/cdk-networkfirewall-l2.Stateful5TupleRuleGroup.property.ruleGroupId"></a>

```typescript
public readonly ruleGroupId: string;
```

- *Type:* string

the physical name of the rule group.

---


### StatefulDomainListRuleGroup <a name="StatefulDomainListRuleGroup" id="@durkinza/cdk-networkfirewall-l2.StatefulDomainListRuleGroup"></a>

- *Implements:* <a href="#@durkinza/cdk-networkfirewall-l2.IStatefulRuleGroup">IStatefulRuleGroup</a>

A Stateful Rule group that holds Domain List Rules