commonMain.aws.sdk.kotlin.services.firehose.model.VpcConfiguration.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of firehose-jvm Show documentation
Show all versions of firehose-jvm Show documentation
The AWS SDK for Kotlin client for Firehose
// Code generated by smithy-kotlin-codegen. DO NOT EDIT!
package aws.sdk.kotlin.services.firehose.model
import aws.smithy.kotlin.runtime.SdkDsl
/**
* The details of the VPC of the Amazon OpenSearch or Amazon OpenSearch Serverless destination.
*/
public class VpcConfiguration private constructor(builder: Builder) {
/**
* The ARN of the IAM role that you want the Firehose stream to use to create endpoints in the destination VPC. You can use your existing Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Firehose service principal and that it grants the following permissions:
* + `ec2:DescribeVpcs`
* + `ec2:DescribeVpcAttribute`
* + `ec2:DescribeSubnets`
* + `ec2:DescribeSecurityGroups`
* + `ec2:DescribeNetworkInterfaces`
* + `ec2:CreateNetworkInterface`
* + `ec2:CreateNetworkInterfacePermission`
* + `ec2:DeleteNetworkInterface`
*
* When you specify subnets for delivering data to the destination in a private VPC, make sure you have enough number of free IP addresses in chosen subnets. If there is no available free IP address in a specified subnet, Firehose cannot create or add ENIs for the data delivery in the private VPC, and the delivery will be degraded or fail.
*/
public val roleArn: kotlin.String = requireNotNull(builder.roleArn) { "A non-null value must be provided for roleArn" }
/**
* The IDs of the security groups that you want Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more information about security group rules, see [Security group rules](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#SecurityGroupRules) in the Amazon VPC documentation.
*/
public val securityGroupIds: List = requireNotNull(builder.securityGroupIds) { "A non-null value must be provided for securityGroupIds" }
/**
* The IDs of the subnets that you want Firehose to use to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.
*
* The number of ENIs that Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Firehose can create up to three ENIs for this Firehose stream for each of the subnets specified here. For more information about ENI quota, see [Network Interfaces ](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-enis) in the Amazon VPC Quotas topic.
*/
public val subnetIds: List = requireNotNull(builder.subnetIds) { "A non-null value must be provided for subnetIds" }
public companion object {
public operator fun invoke(block: Builder.() -> kotlin.Unit): aws.sdk.kotlin.services.firehose.model.VpcConfiguration = Builder().apply(block).build()
}
override fun toString(): kotlin.String = buildString {
append("VpcConfiguration(")
append("roleArn=$roleArn,")
append("securityGroupIds=$securityGroupIds,")
append("subnetIds=$subnetIds")
append(")")
}
override fun hashCode(): kotlin.Int {
var result = roleArn.hashCode()
result = 31 * result + (securityGroupIds.hashCode())
result = 31 * result + (subnetIds.hashCode())
return result
}
override fun equals(other: kotlin.Any?): kotlin.Boolean {
if (this === other) return true
if (other == null || this::class != other::class) return false
other as VpcConfiguration
if (roleArn != other.roleArn) return false
if (securityGroupIds != other.securityGroupIds) return false
if (subnetIds != other.subnetIds) return false
return true
}
public inline fun copy(block: Builder.() -> kotlin.Unit = {}): aws.sdk.kotlin.services.firehose.model.VpcConfiguration = Builder(this).apply(block).build()
@SdkDsl
public class Builder {
/**
* The ARN of the IAM role that you want the Firehose stream to use to create endpoints in the destination VPC. You can use your existing Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Firehose service principal and that it grants the following permissions:
* + `ec2:DescribeVpcs`
* + `ec2:DescribeVpcAttribute`
* + `ec2:DescribeSubnets`
* + `ec2:DescribeSecurityGroups`
* + `ec2:DescribeNetworkInterfaces`
* + `ec2:CreateNetworkInterface`
* + `ec2:CreateNetworkInterfacePermission`
* + `ec2:DeleteNetworkInterface`
*
* When you specify subnets for delivering data to the destination in a private VPC, make sure you have enough number of free IP addresses in chosen subnets. If there is no available free IP address in a specified subnet, Firehose cannot create or add ENIs for the data delivery in the private VPC, and the delivery will be degraded or fail.
*/
public var roleArn: kotlin.String? = null
/**
* The IDs of the security groups that you want Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. For more information about security group rules, see [Security group rules](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html#SecurityGroupRules) in the Amazon VPC documentation.
*/
public var securityGroupIds: List? = null
/**
* The IDs of the subnets that you want Firehose to use to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs.
*
* The number of ENIs that Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Firehose can create up to three ENIs for this Firehose stream for each of the subnets specified here. For more information about ENI quota, see [Network Interfaces ](https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-enis) in the Amazon VPC Quotas topic.
*/
public var subnetIds: List? = null
@PublishedApi
internal constructor()
@PublishedApi
internal constructor(x: aws.sdk.kotlin.services.firehose.model.VpcConfiguration) : this() {
this.roleArn = x.roleArn
this.securityGroupIds = x.securityGroupIds
this.subnetIds = x.subnetIds
}
@PublishedApi
internal fun build(): aws.sdk.kotlin.services.firehose.model.VpcConfiguration = VpcConfiguration(this)
internal fun correctErrors(): Builder {
if (roleArn == null) roleArn = ""
if (securityGroupIds == null) securityGroupIds = emptyList()
if (subnetIds == null) subnetIds = emptyList()
return this
}
}
}