Package Exports
- firewall-construct
- firewall-construct/lib/index.js
This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (firewall-construct) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.
Readme
AWS Network Firewall Accelerator
This CDK app takes a few optional parameters and creates a VPC with AWS Network Firewall. This includes the proper Edge Route Table routes and the proper VPC Endpoint of the GWLB. It also includes a default set of stateless rules to only allow 80/tcp, 443/tcp, 123/udp, and 53/ip out. Also has a default set of white listed domains - mainly for common software updates.
Supported Parameters:
cidr?: string
maxAzs?: number
firewallsubnetname?: string
publicsubnetname?: string
privatesubnetname?: string
firewallmask?: number
publicmask?: number
privatemask?: number
domainlist?: string[]Example for deploying
#!/usr/bin/env node
import 'source-map-support/register';
import * as cdk from '@aws-cdk/core';
import { FirewallStack, FWVPCProps } from '../lib/firewall-stack';
const app = new cdk.App();
new FirewallStack(app, 'FirewallStack', {}, {cidr: '192.168.0.0/24', privatesubnetname: 'tgw-attach'});Blog: https://medium.com/@matthewvenne/cdk-once-more-unto-the-breach-f2673cf219a6