aws-cdk-lib

import * as constructs from 'constructs'; import * as cdk from '../../core'; import * as cfn_parse from '../../core/lib/helpers-internal'; /** * Properties for defining a `CfnFirewallDomainList` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html */ export interface CfnFirewallDomainListProps { /** * The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import. * * The file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-domainfileurl */ readonly domainFileUrl?: string; /** * A list of the domain lists that you have defined. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-domains */ readonly domains?: string[]; /** * The name of the domain list. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-name */ readonly name?: string; /** * A list of the tag keys and values that you want to associate with the domain list. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-tags */ readonly tags?: cdk.CfnTag[]; } /** * A CloudFormation `AWS::Route53Resolver::FirewallDomainList` * * High-level information about a list of firewall domains for use in a [AWS::Route53Resolver::FirewallRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-rule.html) . This is returned by [GetFirewallDomainList](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetFirewallDomainList.html) . * * To retrieve the domains that are defined for this domain list, call [ListFirewallDomains](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallDomains.html) . * * @cloudformationResource AWS::Route53Resolver::FirewallDomainList * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html */ export declare class CfnFirewallDomainList extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::FirewallDomainList"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnFirewallDomainList; /** * The Amazon Resource Name (ARN) of the firewall domain list. * @cloudformationAttribute Arn */ readonly attrArn: string; /** * The date and time that the domain list was created, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute CreationTime */ readonly attrCreationTime: string; /** * A unique string defined by you to identify the request. This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. * @cloudformationAttribute CreatorRequestId */ readonly attrCreatorRequestId: string; /** * The number of domain names that are specified in the domain list. * @cloudformationAttribute DomainCount */ readonly attrDomainCount: number; /** * The ID of the domain list. * @cloudformationAttribute Id */ readonly attrId: string; /** * The owner of the list, used only for lists that are not managed by you. For example, the managed domain list `AWSManagedDomainsMalwareDomainList` has the managed owner name `Route 53 Resolver DNS Firewall` . * @cloudformationAttribute ManagedOwnerName */ readonly attrManagedOwnerName: string; /** * The date and time that the domain list was last modified, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute ModificationTime */ readonly attrModificationTime: string; /** * The status of the domain list. * @cloudformationAttribute Status */ readonly attrStatus: string; /** * Additional information about the status of the list, if available. * @cloudformationAttribute StatusMessage */ readonly attrStatusMessage: string; /** * The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (Amazon S3) that contains the list of domains to import. * * The file must be in an S3 bucket that's in the same Region as your DNS Firewall. The file must be a text file and must contain a single domain per line. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-domainfileurl */ domainFileUrl: string | undefined; /** * A list of the domain lists that you have defined. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-domains */ domains: string[] | undefined; /** * The name of the domain list. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-name */ name: string | undefined; /** * A list of the tag keys and values that you want to associate with the domain list. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewalldomainlist.html#cfn-route53resolver-firewalldomainlist-tags */ readonly tags: cdk.TagManager; /** * Create a new `AWS::Route53Resolver::FirewallDomainList`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnFirewallDomainListProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } /** * Properties for defining a `CfnFirewallRuleGroup` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html */ export interface CfnFirewallRuleGroupProps { /** * A list of the rules that you have defined. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-firewallrules */ readonly firewallRules?: Array<CfnFirewallRuleGroup.FirewallRuleProperty | cdk.IResolvable> | cdk.IResolvable; /** * The name of the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-name */ readonly name?: string; /** * A list of the tag keys and values that you want to associate with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-tags */ readonly tags?: cdk.CfnTag[]; } /** * A CloudFormation `AWS::Route53Resolver::FirewallRuleGroup` * * High-level information for a firewall rule group. A firewall rule group is a collection of rules that DNS Firewall uses to filter DNS network traffic for a VPC. To retrieve the rules for the rule group, call [ListFirewallRules](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_ListFirewallRules.html) . * * @cloudformationResource AWS::Route53Resolver::FirewallRuleGroup * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html */ export declare class CfnFirewallRuleGroup extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::FirewallRuleGroup"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnFirewallRuleGroup; /** * The ARN (Amazon Resource Name) of the rule group. * @cloudformationAttribute Arn */ readonly attrArn: string; /** * The date and time that the rule group was created, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute CreationTime */ readonly attrCreationTime: string; /** * A unique string defined by you to identify the request. This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. * @cloudformationAttribute CreatorRequestId */ readonly attrCreatorRequestId: string; /** * The ID of the rule group. * @cloudformationAttribute Id */ readonly attrId: string; /** * The date and time that the rule group was last modified, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute ModificationTime */ readonly attrModificationTime: string; /** * The AWS account ID for the account that created the rule group. When a rule group is shared with your account, this is the account that has shared the rule group with you. * @cloudformationAttribute OwnerId */ readonly attrOwnerId: string; /** * The number of rules in the rule group. * @cloudformationAttribute RuleCount */ readonly attrRuleCount: number; /** * Whether the rule group is shared with other AWS accounts , or was shared with the current account by another AWS account . Sharing is configured through AWS Resource Access Manager ( AWS RAM ). * @cloudformationAttribute ShareStatus */ readonly attrShareStatus: string; /** * The status of the domain list. * @cloudformationAttribute Status */ readonly attrStatus: string; /** * Additional information about the status of the rule group, if available. * @cloudformationAttribute StatusMessage */ readonly attrStatusMessage: string; /** * A list of the rules that you have defined. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-firewallrules */ firewallRules: Array<CfnFirewallRuleGroup.FirewallRuleProperty | cdk.IResolvable> | cdk.IResolvable | undefined; /** * The name of the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-name */ name: string | undefined; /** * A list of the tag keys and values that you want to associate with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroup.html#cfn-route53resolver-firewallrulegroup-tags */ readonly tags: cdk.TagManager; /** * Create a new `AWS::Route53Resolver::FirewallRuleGroup`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnFirewallRuleGroupProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } export declare namespace CfnFirewallRuleGroup { /** * A single firewall rule in a rule group. * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html */ interface FirewallRuleProperty { /** * The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: * * - `ALLOW` - Permit the request to go through. * - `ALERT` - Permit the request to go through but send an alert to the logs. * - `BLOCK` - Disallow the request. If this is specified,then `BlockResponse` must also be specified. * * if `BlockResponse` is `OVERRIDE` , then all of the following `OVERRIDE` attributes must be specified: * * - `BlockOverrideDnsType` * - `BlockOverrideDomain` * - `BlockOverrideTtl` * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-action */ readonly action: string; /** * The DNS record's type. This determines the format of the record value that you provided in `BlockOverrideDomain` . Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-blockoverridednstype */ readonly blockOverrideDnsType?: string; /** * The custom DNS record to send back in response to the query. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-blockoverridedomain */ readonly blockOverrideDomain?: string; /** * The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE` . * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-blockoverridettl */ readonly blockOverrideTtl?: number; /** * The way that you want DNS Firewall to block the request. Used for the rule action setting `BLOCK` . * * - `NODATA` - Respond indicating that the query was successful, but no response is available for it. * - `NXDOMAIN` - Respond indicating that the domain name that's in the query doesn't exist. * - `OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule's `BlockOverride*` settings. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-blockresponse */ readonly blockResponse?: string; /** * The ID of the domain list that's used in the rule. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-firewalldomainlistid */ readonly firewallDomainListId: string; /** * The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-firewallrulegroup-firewallrule.html#cfn-route53resolver-firewallrulegroup-firewallrule-priority */ readonly priority: number; } } /** * Properties for defining a `CfnFirewallRuleGroupAssociation` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html */ export interface CfnFirewallRuleGroupAssociationProps { /** * The unique identifier of the firewall rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-firewallrulegroupid */ readonly firewallRuleGroupId: string; /** * The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. * * You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. * * The allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900). * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-priority */ readonly priority: number; /** * The unique identifier of the VPC that is associated with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-vpcid */ readonly vpcId: string; /** * If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-mutationprotection */ readonly mutationProtection?: string; /** * The name of the association. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-name */ readonly name?: string; /** * A list of the tag keys and values that you want to associate with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-tags */ readonly tags?: cdk.CfnTag[]; } /** * A CloudFormation `AWS::Route53Resolver::FirewallRuleGroupAssociation` * * An association between a firewall rule group and a VPC, which enables DNS filtering for the VPC. * * @cloudformationResource AWS::Route53Resolver::FirewallRuleGroupAssociation * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html */ export declare class CfnFirewallRuleGroupAssociation extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::FirewallRuleGroupAssociation"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnFirewallRuleGroupAssociation; /** * The Amazon Resource Name (ARN) of the firewall rule group association. * @cloudformationAttribute Arn */ readonly attrArn: string; /** * The date and time that the association was created, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute CreationTime */ readonly attrCreationTime: string; /** * A unique string defined by you to identify the request. This allows you to retry failed requests without the risk of running the operation twice. This can be any unique string, for example, a timestamp. * @cloudformationAttribute CreatorRequestId */ readonly attrCreatorRequestId: string; /** * The identifier for the association. * @cloudformationAttribute Id */ readonly attrId: string; /** * The owner of the association, used only for associations that are not managed by you. If you use AWS Firewall Manager to manage your firewallls from DNS Firewall, then this reports Firewall Manager as the managed owner. * @cloudformationAttribute ManagedOwnerName */ readonly attrManagedOwnerName: string; /** * The date and time that the association was last modified, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute ModificationTime */ readonly attrModificationTime: string; /** * The current status of the association. * @cloudformationAttribute Status */ readonly attrStatus: string; /** * Additional information about the status of the response, if available. * @cloudformationAttribute StatusMessage */ readonly attrStatusMessage: string; /** * The unique identifier of the firewall rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-firewallrulegroupid */ firewallRuleGroupId: string; /** * The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. * * You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. * * The allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900). * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-priority */ priority: number; /** * The unique identifier of the VPC that is associated with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-vpcid */ vpcId: string; /** * If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-mutationprotection */ mutationProtection: string | undefined; /** * The name of the association. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-name */ name: string | undefined; /** * A list of the tag keys and values that you want to associate with the rule group. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-tags */ readonly tags: cdk.TagManager; /** * Create a new `AWS::Route53Resolver::FirewallRuleGroupAssociation`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnFirewallRuleGroupAssociationProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } /** * Properties for defining a `CfnResolverConfig` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html */ export interface CfnResolverConfigProps { /** * Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` . * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html#cfn-route53resolver-resolverconfig-autodefinedreverseflag */ readonly autodefinedReverseFlag: string; /** * The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html#cfn-route53resolver-resolverconfig-resourceid */ readonly resourceId: string; } /** * A CloudFormation `AWS::Route53Resolver::ResolverConfig` * * A complex type that contains information about a Resolver configuration for a VPC. * * @cloudformationResource AWS::Route53Resolver::ResolverConfig * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html */ export declare class CfnResolverConfig extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::ResolverConfig"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnResolverConfig; /** * The status of whether or not the Route 53 Resolver will create autodefined rules for reverse DNS lookups. This is enabled by default. * @cloudformationAttribute AutodefinedReverse */ readonly attrAutodefinedReverse: string; /** * ID for the Route 53 Resolver configuration. * @cloudformationAttribute Id */ readonly attrId: string; /** * The owner account ID of the Amazon Virtual Private Cloud VPC. * @cloudformationAttribute OwnerId */ readonly attrOwnerId: string; /** * Represents the desired status of `AutodefinedReverse` . The only supported value on creation is `DISABLE` . Deletion of this resource will return `AutodefinedReverse` to its default value of `ENABLED` . * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html#cfn-route53resolver-resolverconfig-autodefinedreverseflag */ autodefinedReverseFlag: string; /** * The ID of the Amazon Virtual Private Cloud VPC that you're configuring Resolver for. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverconfig.html#cfn-route53resolver-resolverconfig-resourceid */ resourceId: string; /** * Create a new `AWS::Route53Resolver::ResolverConfig`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnResolverConfigProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } /** * Properties for defining a `CfnResolverDNSSECConfig` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html */ export interface CfnResolverDNSSECConfigProps { /** * The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html#cfn-route53resolver-resolverdnssecconfig-resourceid */ readonly resourceId?: string; } /** * A CloudFormation `AWS::Route53Resolver::ResolverDNSSECConfig` * * The `AWS::Route53Resolver::ResolverDNSSECConfig` resource is a complex type that contains information about a configuration for DNSSEC validation. * * @cloudformationResource AWS::Route53Resolver::ResolverDNSSECConfig * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html */ export declare class CfnResolverDNSSECConfig extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::ResolverDNSSECConfig"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnResolverDNSSECConfig; /** * The primary identifier of this `ResolverDNSSECConfig` resource. For example: `rdsc-689d45d1ae623bf3` . * @cloudformationAttribute Id */ readonly attrId: string; /** * The AWS account of the owner. For example: `111122223333` . * @cloudformationAttribute OwnerId */ readonly attrOwnerId: string; /** * The current status of this `ResolverDNSSECConfig` resource. For example: `Enabled` . * @cloudformationAttribute ValidationStatus */ readonly attrValidationStatus: string; /** * The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverdnssecconfig.html#cfn-route53resolver-resolverdnssecconfig-resourceid */ resourceId: string | undefined; /** * Create a new `AWS::Route53Resolver::ResolverDNSSECConfig`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props?: CfnResolverDNSSECConfigProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } /** * Properties for defining a `CfnResolverEndpoint` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html */ export interface CfnResolverEndpointProps { /** * Indicates whether the Resolver endpoint allows inbound or outbound DNS queries: * * - `INBOUND` : allows DNS queries to your VPC from your network * - `OUTBOUND` : allows DNS queries from your VPC to your network * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-direction */ readonly direction: string; /** * The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-ipaddresses */ readonly ipAddresses: Array<CfnResolverEndpoint.IpAddressRequestProperty | cdk.IResolvable> | cdk.IResolvable; /** * The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-securitygroupids */ readonly securityGroupIds: string[]; /** * A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-name */ readonly name?: string; /** * `AWS::Route53Resolver::ResolverEndpoint.OutpostArn` * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-outpostarn */ readonly outpostArn?: string; /** * `AWS::Route53Resolver::ResolverEndpoint.PreferredInstanceType` * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-preferredinstancetype */ readonly preferredInstanceType?: string; /** * The Resolver endpoint IP address type. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-resolverendpointtype */ readonly resolverEndpointType?: string; /** * Route 53 Resolver doesn't support updating tags through CloudFormation. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-tags */ readonly tags?: cdk.CfnTag[]; } /** * A CloudFormation `AWS::Route53Resolver::ResolverEndpoint` * * Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound: * * - An *inbound Resolver endpoint* forwards DNS queries to the DNS service for a VPC from your network. * - An *outbound Resolver endpoint* forwards DNS queries from the DNS service for a VPC to your network. * * > - You cannot update `ResolverEndpointType` and `IpAddresses` in the same request. * > - When you update a dual-stack IP address, you must update both IP addresses. You can’t update only an IPv4 or IPv6 and keep an existing IP address. * * @cloudformationResource AWS::Route53Resolver::ResolverEndpoint * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html */ export declare class CfnResolverEndpoint extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::ResolverEndpoint"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnResolverEndpoint; /** * The Amazon Resource Name (ARN) of the resolver endpoint, such as `arn:aws:route53resolver:us-east-1:123456789012:resolver-endpoint/resolver-endpoint-a1bzhi` . * @cloudformationAttribute Arn */ readonly attrArn: string; /** * Indicates whether the resolver endpoint allows inbound or outbound DNS queries. * @cloudformationAttribute Direction */ readonly attrDirection: string; /** * The ID of the VPC that you want to create the resolver endpoint in. * @cloudformationAttribute HostVPCId */ readonly attrHostVpcId: string; /** * The number of IP addresses that the resolver endpoint can use for DNS queries. * @cloudformationAttribute IpAddressCount */ readonly attrIpAddressCount: string; /** * The name that you assigned to the resolver endpoint when you created the endpoint. * @cloudformationAttribute Name */ readonly attrName: string; /** * * @cloudformationAttribute OutpostArn */ readonly attrOutpostArn: string; /** * * @cloudformationAttribute PreferredInstanceType */ readonly attrPreferredInstanceType: string; /** * The ID of the resolver endpoint. * @cloudformationAttribute ResolverEndpointId */ readonly attrResolverEndpointId: string; /** * For the endpoint type you can choose either IPv4, IPv6. or dual-stack. A dual-stack endpoint means that it will resolve via both IPv4 and IPv6. If you choose either IPv4 or IPv6, this endpoint type is applied to all IP addresses. * @cloudformationAttribute ResolverEndpointType */ readonly attrResolverEndpointType: string; /** * Indicates whether the Resolver endpoint allows inbound or outbound DNS queries: * * - `INBOUND` : allows DNS queries to your VPC from your network * - `OUTBOUND` : allows DNS queries from your VPC to your network * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-direction */ direction: string; /** * The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-ipaddresses */ ipAddresses: Array<CfnResolverEndpoint.IpAddressRequestProperty | cdk.IResolvable> | cdk.IResolvable; /** * The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules (for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-securitygroupids */ securityGroupIds: string[]; /** * A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-name */ name: string | undefined; /** * `AWS::Route53Resolver::ResolverEndpoint.OutpostArn` * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-outpostarn */ outpostArn: string | undefined; /** * `AWS::Route53Resolver::ResolverEndpoint.PreferredInstanceType` * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-preferredinstancetype */ preferredInstanceType: string | undefined; /** * The Resolver endpoint IP address type. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-resolverendpointtype */ resolverEndpointType: string | undefined; /** * Route 53 Resolver doesn't support updating tags through CloudFormation. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverendpoint.html#cfn-route53resolver-resolverendpoint-tags */ readonly tags: cdk.TagManager; /** * Create a new `AWS::Route53Resolver::ResolverEndpoint`. * * @param scope - scope in which this resource is defined * @param id - scoped id of the resource * @param props - resource properties */ constructor(scope: constructs.Construct, id: string, props: CfnResolverEndpointProps); /** * Examines the CloudFormation resource and discloses attributes. * * @param inspector - tree inspector to collect and process attributes * */ inspect(inspector: cdk.TreeInspector): void; protected get cfnProperties(): { [key: string]: any; }; protected renderProperties(props: { [key: string]: any; }): { [key: string]: any; }; } export declare namespace CfnResolverEndpoint { /** * In a [CreateResolverEndpoint](https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html) request, the IP address that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). `IpAddressRequest` also includes the ID of the subnet that contains the IP address. * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverendpoint-ipaddressrequest.html */ interface IpAddressRequestProperty { /** * The IPv4 address that you want to use for DNS queries. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverendpoint-ipaddressrequest.html#cfn-route53resolver-resolverendpoint-ipaddressrequest-ip */ readonly ip?: string; /** * The IPv6 address that you want to use for DNS queries. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverendpoint-ipaddressrequest.html#cfn-route53resolver-resolverendpoint-ipaddressrequest-ipv6 */ readonly ipv6?: string; /** * The ID of the subnet that contains the IP address. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53resolver-resolverendpoint-ipaddressrequest.html#cfn-route53resolver-resolverendpoint-ipaddressrequest-subnetid */ readonly subnetId: string; } } /** * Properties for defining a `CfnResolverQueryLoggingConfig` * * @struct * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverqueryloggingconfig.html */ export interface CfnResolverQueryLoggingConfigProps { /** * The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverqueryloggingconfig.html#cfn-route53resolver-resolverqueryloggingconfig-destinationarn */ readonly destinationArn?: string; /** * The name of the query logging configuration. * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverqueryloggingconfig.html#cfn-route53resolver-resolverqueryloggingconfig-name */ readonly name?: string; } /** * A CloudFormation `AWS::Route53Resolver::ResolverQueryLoggingConfig` * * The AWS::Route53Resolver::ResolverQueryLoggingConfig resource is a complex type that contains settings for one query logging configuration. * * @cloudformationResource AWS::Route53Resolver::ResolverQueryLoggingConfig * @stability external * * @link http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-resolverqueryloggingconfig.html */ export declare class CfnResolverQueryLoggingConfig extends cdk.CfnResource implements cdk.IInspectable { /** * The CloudFormation resource type name for this resource class. */ static readonly CFN_RESOURCE_TYPE_NAME = "AWS::Route53Resolver::ResolverQueryLoggingConfig"; /** * A factory method that creates a new instance of this class from an object * containing the CloudFormation properties of this resource. * Used in the @aws-cdk/cloudformation-include module. * * @internal */ static _fromCloudFormation(scope: constructs.Construct, id: string, resourceAttributes: any, options: cfn_parse.FromCloudFormationOptions): CfnResolverQueryLoggingConfig; /** * The Amazon Resource Name (ARN) for the query logging configuration. * @cloudformationAttribute Arn */ readonly attrArn: string; /** * The number of VPCs that are associated with the query logging configuration. * @cloudformationAttribute AssociationCount */ readonly attrAssociationCount: number; /** * The date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC). * @cloudformationAttribute CreationTime */ readonly attrCreationTime: string; /** * A unique string that identifies the request that created the query logging configuration. The `CreatorRequestId` allows failed requests to be retried without the risk of running the operation twice. * @cloudformationAttribute CreatorRequestId */ readonly attrCreatorRequestId: string; /** * The ID for the query logging configuration. * @cloudformationAttribute Id */ readonly attrId: str