1// Code generated by smithy-go-codegen DO NOT EDIT.
2
3package networkfirewall
4
5import (
6	"context"
7	awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware"
8	"github.com/aws/aws-sdk-go-v2/aws/signer/v4"
9	"github.com/aws/aws-sdk-go-v2/service/networkfirewall/types"
10	"github.com/aws/smithy-go/middleware"
11	smithyhttp "github.com/aws/smithy-go/transport/http"
12)
13
14// Creates an AWS Network Firewall Firewall and accompanying FirewallStatus for a
15// VPC. The firewall defines the configuration settings for an AWS Network Firewall
16// firewall. The settings that you can define at creation include the firewall
17// policy, the subnets in your VPC to use for the firewall endpoints, and any tags
18// that are attached to the firewall AWS resource. After you create a firewall, you
19// can provide additional settings, like the logging configuration. To update the
20// settings for a firewall, you use the operations that apply to the settings
21// themselves, for example UpdateLoggingConfiguration, AssociateSubnets, and
22// UpdateFirewallDeleteProtection. To manage a firewall's tags, use the standard
23// AWS resource tagging operations, ListTagsForResource, TagResource, and
24// UntagResource. To retrieve information about firewalls, use ListFirewalls and
25// DescribeFirewall.
26func (c *Client) CreateFirewall(ctx context.Context, params *CreateFirewallInput, optFns ...func(*Options)) (*CreateFirewallOutput, error) {
27	if params == nil {
28		params = &CreateFirewallInput{}
29	}
30
31	result, metadata, err := c.invokeOperation(ctx, "CreateFirewall", params, optFns, addOperationCreateFirewallMiddlewares)
32	if err != nil {
33		return nil, err
34	}
35
36	out := result.(*CreateFirewallOutput)
37	out.ResultMetadata = metadata
38	return out, nil
39}
40
41type CreateFirewallInput struct {
42
43	// The descriptive name of the firewall. You can't change the name of a firewall
44	// after you create it.
45	//
46	// This member is required.
47	FirewallName *string
48
49	// The Amazon Resource Name (ARN) of the FirewallPolicy that you want to use for
50	// the firewall.
51	//
52	// This member is required.
53	FirewallPolicyArn *string
54
55	// The public subnets to use for your Network Firewall firewalls. Each subnet must
56	// belong to a different Availability Zone in the VPC. Network Firewall creates a
57	// firewall endpoint in each subnet.
58	//
59	// This member is required.
60	SubnetMappings []types.SubnetMapping
61
62	// The unique identifier of the VPC where Network Firewall should create the
63	// firewall. You can't change this setting after you create the firewall.
64	//
65	// This member is required.
66	VpcId *string
67
68	// A flag indicating whether it is possible to delete the firewall. A setting of
69	// TRUE indicates that the firewall is protected against deletion. Use this setting
70	// to protect against accidentally deleting a firewall that is in use. When you
71	// create a firewall, the operation initializes this flag to TRUE.
72	DeleteProtection bool
73
74	// A description of the firewall.
75	Description *string
76
77	// A setting indicating whether the firewall is protected against a change to the
78	// firewall policy association. Use this setting to protect against accidentally
79	// modifying the firewall policy for a firewall that is in use. When you create a
80	// firewall, the operation initializes this setting to TRUE.
81	FirewallPolicyChangeProtection bool
82
83	// A setting indicating whether the firewall is protected against changes to the
84	// subnet associations. Use this setting to protect against accidentally modifying
85	// the subnet associations for a firewall that is in use. When you create a
86	// firewall, the operation initializes this setting to TRUE.
87	SubnetChangeProtection bool
88
89	// The key:value pairs to associate with the resource.
90	Tags []types.Tag
91}
92
93type CreateFirewallOutput struct {
94
95	// The configuration settings for the firewall. These settings include the firewall
96	// policy and the subnets in your VPC to use for the firewall endpoints.
97	Firewall *types.Firewall
98
99	// Detailed information about the current status of a Firewall. You can retrieve
100	// this for a firewall by calling DescribeFirewall and providing the firewall name
101	// and ARN.
102	FirewallStatus *types.FirewallStatus
103
104	// Metadata pertaining to the operation's result.
105	ResultMetadata middleware.Metadata
106}
107
108func addOperationCreateFirewallMiddlewares(stack *middleware.Stack, options Options) (err error) {
109	err = stack.Serialize.Add(&awsAwsjson10_serializeOpCreateFirewall{}, middleware.After)
110	if err != nil {
111		return err
112	}
113	err = stack.Deserialize.Add(&awsAwsjson10_deserializeOpCreateFirewall{}, middleware.After)
114	if err != nil {
115		return err
116	}
117	if err = addSetLoggerMiddleware(stack, options); err != nil {
118		return err
119	}
120	if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil {
121		return err
122	}
123	if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil {
124		return err
125	}
126	if err = addResolveEndpointMiddleware(stack, options); err != nil {
127		return err
128	}
129	if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil {
130		return err
131	}
132	if err = addRetryMiddlewares(stack, options); err != nil {
133		return err
134	}
135	if err = addHTTPSignerV4Middleware(stack, options); err != nil {
136		return err
137	}
138	if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil {
139		return err
140	}
141	if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil {
142		return err
143	}
144	if err = addClientUserAgent(stack); err != nil {
145		return err
146	}
147	if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil {
148		return err
149	}
150	if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil {
151		return err
152	}
153	if err = addOpCreateFirewallValidationMiddleware(stack); err != nil {
154		return err
155	}
156	if err = stack.Initialize.Add(newServiceMetadataMiddleware_opCreateFirewall(options.Region), middleware.Before); err != nil {
157		return err
158	}
159	if err = addRequestIDRetrieverMiddleware(stack); err != nil {
160		return err
161	}
162	if err = addResponseErrorMiddleware(stack); err != nil {
163		return err
164	}
165	if err = addRequestResponseLogging(stack, options); err != nil {
166		return err
167	}
168	return nil
169}
170
171func newServiceMetadataMiddleware_opCreateFirewall(region string) *awsmiddleware.RegisterServiceMetadata {
172	return &awsmiddleware.RegisterServiceMetadata{
173		Region:        region,
174		ServiceID:     ServiceID,
175		SigningName:   "network-firewall",
176		OperationName: "CreateFirewall",
177	}
178}
179