firewall_rule_group_associations
Creates, updates, deletes or gets a firewall_rule_group_association resource or lists firewall_rule_group_associations in a region
Overview
| Name | firewall_rule_group_associations |
| Type | Resource |
| Description | Resource schema for AWS::Route53Resolver::FirewallRuleGroupAssociation. |
| Id | aws.route53resolver.firewall_rule_group_associations |
Fields
| Name | Datatype | Description |
|---|---|---|
id | string | Id |
arn | string | Arn |
firewall_rule_group_id | string | FirewallRuleGroupId |
vpc_id | string | VpcId |
name | string | FirewallRuleGroupAssociationName |
priority | integer | Priority |
mutation_protection | string | MutationProtectionStatus |
managed_owner_name | string | ServicePrincipal |
status | string | ResolverFirewallRuleGroupAssociation, possible values are COMPLETE, DELETING, UPDATING, and INACTIVE_OWNER_ACCOUNT_CLOSED. |
status_message | string | FirewallDomainListAssociationStatus |
creator_request_id | string | The id of the creator request. |
creation_time | string | Rfc3339TimeString |
modification_time | string | Rfc3339TimeString |
tags | array | Tags |
region | string | AWS region. |
Methods
| Name | Accessible by | Required Params |
|---|---|---|
create_resource | INSERT | FirewallRuleGroupId, VpcId, Priority, region |
delete_resource | DELETE | data__Identifier, region |
update_resource | UPDATE | data__Identifier, data__PatchDocument, region |
list_resources | SELECT | region |
get_resource | SELECT | data__Identifier, region |
SELECT examples
Gets all firewall_rule_group_associations in a region.
SELECT
region,
id,
arn,
firewall_rule_group_id,
vpc_id,
name,
priority,
mutation_protection,
managed_owner_name,
status,
status_message,
creator_request_id,
creation_time,
modification_time,
tags
FROM aws.route53resolver.firewall_rule_group_associations
WHERE region = 'us-east-1';
Gets all properties from an individual firewall_rule_group_association.
SELECT
region,
id,
arn,
firewall_rule_group_id,
vpc_id,
name,
priority,
mutation_protection,
managed_owner_name,
status,
status_message,
creator_request_id,
creation_time,
modification_time,
tags
FROM aws.route53resolver.firewall_rule_group_associations
WHERE region = 'us-east-1' AND data__Identifier = '<Id>';
INSERT example
Use the following StackQL query and manifest file to create a new firewall_rule_group_association resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO aws.route53resolver.firewall_rule_group_associations (
FirewallRuleGroupId,
VpcId,
Priority,
region
)
SELECT
'{{ FirewallRuleGroupId }}',
'{{ VpcId }}',
'{{ Priority }}',
'{{ region }}';
/*+ create */
INSERT INTO aws.route53resolver.firewall_rule_group_associations (
FirewallRuleGroupId,
VpcId,
Name,
Priority,
MutationProtection,
Tags,
region
)
SELECT
'{{ FirewallRuleGroupId }}',
'{{ VpcId }}',
'{{ Name }}',
'{{ Priority }}',
'{{ MutationProtection }}',
'{{ Tags }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: firewall_rule_group_association
props:
- name: FirewallRuleGroupId
value: '{{ FirewallRuleGroupId }}'
- name: VpcId
value: '{{ VpcId }}'
- name: Name
value: '{{ Name }}'
- name: Priority
value: '{{ Priority }}'
- name: MutationProtection
value: '{{ MutationProtection }}'
- name: Tags
value:
- Key: '{{ Key }}'
Value: '{{ Value }}'
DELETE example
/*+ delete */
DELETE FROM aws.route53resolver.firewall_rule_group_associations
WHERE data__Identifier = '<Id>'
AND region = 'us-east-1';
Permissions
To operate on the firewall_rule_group_associations resource, the following permissions are required:
Create
route53resolver:*,
ec2:*,
logs:*,
iam:*,
lambda:*,
s3:*
Read
route53resolver:*,
ec2:*,
logs:*,
iam:*,
lambda:*,
s3:*
List
route53resolver:*,
ec2:*,
logs:*,
iam:*,
lambda:*,
s3:*
Delete
route53resolver:*,
ec2:*,
logs:*,
iam:*,
lambda:*,
s3:*
Update
route53resolver:*,
ec2:*,
logs:*,
iam:*,
lambda:*,
s3:*