software.amazon.awssdk.services.networkfirewall.DefaultNetworkFirewallClient Maven / Gradle / Ivy
/*
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package software.amazon.awssdk.services.networkfirewall;
import java.util.Collections;
import java.util.List;
import java.util.function.Consumer;
import software.amazon.awssdk.annotations.Generated;
import software.amazon.awssdk.annotations.SdkInternalApi;
import software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler;
import software.amazon.awssdk.awscore.exception.AwsServiceException;
import software.amazon.awssdk.awscore.internal.AwsProtocolMetadata;
import software.amazon.awssdk.awscore.internal.AwsServiceProtocol;
import software.amazon.awssdk.awscore.retry.AwsRetryStrategy;
import software.amazon.awssdk.core.RequestOverrideConfiguration;
import software.amazon.awssdk.core.SdkPlugin;
import software.amazon.awssdk.core.SdkRequest;
import software.amazon.awssdk.core.client.config.ClientOverrideConfiguration;
import software.amazon.awssdk.core.client.config.SdkClientConfiguration;
import software.amazon.awssdk.core.client.config.SdkClientOption;
import software.amazon.awssdk.core.client.handler.ClientExecutionParams;
import software.amazon.awssdk.core.client.handler.SyncClientHandler;
import software.amazon.awssdk.core.exception.SdkClientException;
import software.amazon.awssdk.core.http.HttpResponseHandler;
import software.amazon.awssdk.core.metrics.CoreMetric;
import software.amazon.awssdk.core.retry.RetryMode;
import software.amazon.awssdk.metrics.MetricCollector;
import software.amazon.awssdk.metrics.MetricPublisher;
import software.amazon.awssdk.metrics.NoOpMetricCollector;
import software.amazon.awssdk.protocols.core.ExceptionMetadata;
import software.amazon.awssdk.protocols.json.AwsJsonProtocol;
import software.amazon.awssdk.protocols.json.AwsJsonProtocolFactory;
import software.amazon.awssdk.protocols.json.BaseAwsJsonProtocolFactory;
import software.amazon.awssdk.protocols.json.JsonOperationMetadata;
import software.amazon.awssdk.retries.api.RetryStrategy;
import software.amazon.awssdk.services.networkfirewall.internal.NetworkFirewallServiceClientConfigurationBuilder;
import software.amazon.awssdk.services.networkfirewall.model.AssociateFirewallPolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.AssociateFirewallPolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.AssociateSubnetsRequest;
import software.amazon.awssdk.services.networkfirewall.model.AssociateSubnetsResponse;
import software.amazon.awssdk.services.networkfirewall.model.CreateFirewallPolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.CreateFirewallPolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.CreateFirewallRequest;
import software.amazon.awssdk.services.networkfirewall.model.CreateFirewallResponse;
import software.amazon.awssdk.services.networkfirewall.model.CreateRuleGroupRequest;
import software.amazon.awssdk.services.networkfirewall.model.CreateRuleGroupResponse;
import software.amazon.awssdk.services.networkfirewall.model.CreateTlsInspectionConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.CreateTlsInspectionConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.DeleteFirewallPolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.DeleteFirewallPolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.DeleteFirewallRequest;
import software.amazon.awssdk.services.networkfirewall.model.DeleteFirewallResponse;
import software.amazon.awssdk.services.networkfirewall.model.DeleteResourcePolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.DeleteResourcePolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.DeleteRuleGroupRequest;
import software.amazon.awssdk.services.networkfirewall.model.DeleteRuleGroupResponse;
import software.amazon.awssdk.services.networkfirewall.model.DeleteTlsInspectionConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.DeleteTlsInspectionConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeFirewallPolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeFirewallPolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeFirewallRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeFirewallResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeLoggingConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeLoggingConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeResourcePolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeResourcePolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeRuleGroupMetadataRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeRuleGroupMetadataResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeRuleGroupRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeRuleGroupResponse;
import software.amazon.awssdk.services.networkfirewall.model.DescribeTlsInspectionConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.DescribeTlsInspectionConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.DisassociateSubnetsRequest;
import software.amazon.awssdk.services.networkfirewall.model.DisassociateSubnetsResponse;
import software.amazon.awssdk.services.networkfirewall.model.InsufficientCapacityException;
import software.amazon.awssdk.services.networkfirewall.model.InternalServerErrorException;
import software.amazon.awssdk.services.networkfirewall.model.InvalidOperationException;
import software.amazon.awssdk.services.networkfirewall.model.InvalidRequestException;
import software.amazon.awssdk.services.networkfirewall.model.InvalidResourcePolicyException;
import software.amazon.awssdk.services.networkfirewall.model.InvalidTokenException;
import software.amazon.awssdk.services.networkfirewall.model.LimitExceededException;
import software.amazon.awssdk.services.networkfirewall.model.ListFirewallPoliciesRequest;
import software.amazon.awssdk.services.networkfirewall.model.ListFirewallPoliciesResponse;
import software.amazon.awssdk.services.networkfirewall.model.ListFirewallsRequest;
import software.amazon.awssdk.services.networkfirewall.model.ListFirewallsResponse;
import software.amazon.awssdk.services.networkfirewall.model.ListRuleGroupsRequest;
import software.amazon.awssdk.services.networkfirewall.model.ListRuleGroupsResponse;
import software.amazon.awssdk.services.networkfirewall.model.ListTagsForResourceRequest;
import software.amazon.awssdk.services.networkfirewall.model.ListTagsForResourceResponse;
import software.amazon.awssdk.services.networkfirewall.model.ListTlsInspectionConfigurationsRequest;
import software.amazon.awssdk.services.networkfirewall.model.ListTlsInspectionConfigurationsResponse;
import software.amazon.awssdk.services.networkfirewall.model.LogDestinationPermissionException;
import software.amazon.awssdk.services.networkfirewall.model.NetworkFirewallException;
import software.amazon.awssdk.services.networkfirewall.model.PutResourcePolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.PutResourcePolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.ResourceNotFoundException;
import software.amazon.awssdk.services.networkfirewall.model.ResourceOwnerCheckException;
import software.amazon.awssdk.services.networkfirewall.model.TagResourceRequest;
import software.amazon.awssdk.services.networkfirewall.model.TagResourceResponse;
import software.amazon.awssdk.services.networkfirewall.model.ThrottlingException;
import software.amazon.awssdk.services.networkfirewall.model.UnsupportedOperationException;
import software.amazon.awssdk.services.networkfirewall.model.UntagResourceRequest;
import software.amazon.awssdk.services.networkfirewall.model.UntagResourceResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallDeleteProtectionRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallDeleteProtectionResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallDescriptionRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallDescriptionResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallEncryptionConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallEncryptionConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallPolicyChangeProtectionRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallPolicyChangeProtectionResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallPolicyRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateFirewallPolicyResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateLoggingConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateLoggingConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateRuleGroupRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateRuleGroupResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateSubnetChangeProtectionRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateSubnetChangeProtectionResponse;
import software.amazon.awssdk.services.networkfirewall.model.UpdateTlsInspectionConfigurationRequest;
import software.amazon.awssdk.services.networkfirewall.model.UpdateTlsInspectionConfigurationResponse;
import software.amazon.awssdk.services.networkfirewall.transform.AssociateFirewallPolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.AssociateSubnetsRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.CreateFirewallPolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.CreateFirewallRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.CreateRuleGroupRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.CreateTlsInspectionConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DeleteFirewallPolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DeleteFirewallRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DeleteResourcePolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DeleteRuleGroupRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DeleteTlsInspectionConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeFirewallPolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeFirewallRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeLoggingConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeResourcePolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeRuleGroupMetadataRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeRuleGroupRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DescribeTlsInspectionConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.DisassociateSubnetsRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.ListFirewallPoliciesRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.ListFirewallsRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.ListRuleGroupsRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.ListTagsForResourceRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.ListTlsInspectionConfigurationsRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.PutResourcePolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.TagResourceRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UntagResourceRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateFirewallDeleteProtectionRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateFirewallDescriptionRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateFirewallEncryptionConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateFirewallPolicyChangeProtectionRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateFirewallPolicyRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateLoggingConfigurationRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateRuleGroupRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateSubnetChangeProtectionRequestMarshaller;
import software.amazon.awssdk.services.networkfirewall.transform.UpdateTlsInspectionConfigurationRequestMarshaller;
import software.amazon.awssdk.utils.Logger;
/**
* Internal implementation of {@link NetworkFirewallClient}.
*
* @see NetworkFirewallClient#builder()
*/
@Generated("software.amazon.awssdk:codegen")
@SdkInternalApi
final class DefaultNetworkFirewallClient implements NetworkFirewallClient {
private static final Logger log = Logger.loggerFor(DefaultNetworkFirewallClient.class);
private static final AwsProtocolMetadata protocolMetadata = AwsProtocolMetadata.builder()
.serviceProtocol(AwsServiceProtocol.AWS_JSON).build();
private final SyncClientHandler clientHandler;
private final AwsJsonProtocolFactory protocolFactory;
private final SdkClientConfiguration clientConfiguration;
protected DefaultNetworkFirewallClient(SdkClientConfiguration clientConfiguration) {
this.clientHandler = new AwsSyncClientHandler(clientConfiguration);
this.clientConfiguration = clientConfiguration.toBuilder().option(SdkClientOption.SDK_CLIENT, this).build();
this.protocolFactory = init(AwsJsonProtocolFactory.builder()).build();
}
/**
*
* Associates a FirewallPolicy to a Firewall.
*
*
* A firewall policy defines how to monitor and manage your VPC network traffic, using a collection of inspection
* rule groups and other settings. Each firewall requires one firewall policy association, and you can use the same
* firewall policy for multiple firewalls.
*
*
* @param associateFirewallPolicyRequest
* @return Result of the AssociateFirewallPolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.AssociateFirewallPolicy
* @see AWS API Documentation
*/
@Override
public AssociateFirewallPolicyResponse associateFirewallPolicy(AssociateFirewallPolicyRequest associateFirewallPolicyRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidTokenException, InvalidOperationException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, AssociateFirewallPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(associateFirewallPolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, associateFirewallPolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "AssociateFirewallPolicy");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("AssociateFirewallPolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(associateFirewallPolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new AssociateFirewallPolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Associates the specified subnets in the Amazon VPC to the firewall. You can specify one subnet for each of the
* Availability Zones that the VPC spans.
*
*
* This request creates an Network Firewall firewall endpoint in each of the subnets. To enable the firewall's
* protections, you must also modify the VPC's route tables for each subnet's Availability Zone, to redirect the
* traffic that's coming into and going out of the zone through the firewall endpoint.
*
*
* @param associateSubnetsRequest
* @return Result of the AssociateSubnets operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws InsufficientCapacityException
* Amazon Web Services doesn't currently have enough available capacity to fulfill your request. Try your
* request later.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.AssociateSubnets
* @see AWS API Documentation
*/
@Override
public AssociateSubnetsResponse associateSubnets(AssociateSubnetsRequest associateSubnetsRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidTokenException, InvalidOperationException, InsufficientCapacityException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
AssociateSubnetsResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(associateSubnetsRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, associateSubnetsRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "AssociateSubnets");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("AssociateSubnets").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(associateSubnetsRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new AssociateSubnetsRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Creates an Network Firewall Firewall and accompanying FirewallStatus for a VPC.
*
*
* The firewall defines the configuration settings for an Network Firewall firewall. The settings that you can
* define at creation include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and
* any tags that are attached to the firewall Amazon Web Services resource.
*
*
* After you create a firewall, you can provide additional settings, like the logging configuration.
*
*
* To update the settings for a firewall, you use the operations that apply to the settings themselves, for example
* UpdateLoggingConfiguration, AssociateSubnets, and UpdateFirewallDeleteProtection.
*
*
* To manage a firewall's tags, use the standard Amazon Web Services resource tagging operations,
* ListTagsForResource, TagResource, and UntagResource.
*
*
* To retrieve information about firewalls, use ListFirewalls and DescribeFirewall.
*
*
* @param createFirewallRequest
* @return Result of the CreateFirewall operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws LimitExceededException
* Unable to perform the operation because doing so would violate a limit setting.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InsufficientCapacityException
* Amazon Web Services doesn't currently have enough available capacity to fulfill your request. Try your
* request later.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.CreateFirewall
* @see AWS API Documentation
*/
@Override
public CreateFirewallResponse createFirewall(CreateFirewallRequest createFirewallRequest) throws InvalidRequestException,
LimitExceededException, InternalServerErrorException, ThrottlingException, InsufficientCapacityException,
InvalidOperationException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
CreateFirewallResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(createFirewallRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, createFirewallRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "CreateFirewall");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateFirewall").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(createFirewallRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new CreateFirewallRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Creates the firewall policy for the firewall according to the specifications.
*
*
* An Network Firewall firewall policy defines the behavior of a firewall, in a collection of stateless and stateful
* rule groups and other settings. You can use one firewall policy for multiple firewalls.
*
*
* @param createFirewallPolicyRequest
* @return Result of the CreateFirewallPolicy operation returned by the service.
* @throws LimitExceededException
* Unable to perform the operation because doing so would violate a limit setting.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws InsufficientCapacityException
* Amazon Web Services doesn't currently have enough available capacity to fulfill your request. Try your
* request later.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.CreateFirewallPolicy
* @see AWS API Documentation
*/
@Override
public CreateFirewallPolicyResponse createFirewallPolicy(CreateFirewallPolicyRequest createFirewallPolicyRequest)
throws LimitExceededException, InvalidRequestException, ThrottlingException, InternalServerErrorException,
InsufficientCapacityException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, CreateFirewallPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(createFirewallPolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, createFirewallPolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "CreateFirewallPolicy");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateFirewallPolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(createFirewallPolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new CreateFirewallPolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Creates the specified stateless or stateful rule group, which includes the rules for network traffic inspection,
* a capacity setting, and tags.
*
*
* You provide your rule group specification in your request using either RuleGroup or
* Rules.
*
*
* @param createRuleGroupRequest
* @return Result of the CreateRuleGroup operation returned by the service.
* @throws LimitExceededException
* Unable to perform the operation because doing so would violate a limit setting.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws InsufficientCapacityException
* Amazon Web Services doesn't currently have enough available capacity to fulfill your request. Try your
* request later.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.CreateRuleGroup
* @see AWS API Documentation
*/
@Override
public CreateRuleGroupResponse createRuleGroup(CreateRuleGroupRequest createRuleGroupRequest) throws LimitExceededException,
InvalidRequestException, ThrottlingException, InternalServerErrorException, InsufficientCapacityException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
CreateRuleGroupResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(createRuleGroupRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, createRuleGroupRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "CreateRuleGroup");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("CreateRuleGroup").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(createRuleGroupRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new CreateRuleGroupRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Creates an Network Firewall TLS inspection configuration. Network Firewall uses TLS inspection configurations to
* decrypt your firewall's inbound and outbound SSL/TLS traffic. After decryption, Network Firewall inspects the
* traffic according to your firewall policy's stateful rules, and then re-encrypts it before sending it to its
* destination. You can enable inspection of your firewall's inbound traffic, outbound traffic, or both. To use TLS
* inspection with your firewall, you must first import or provision certificates using ACM, create a TLS inspection
* configuration, add that configuration to a new firewall policy, and then associate that policy with your
* firewall.
*
*
* To update the settings for a TLS inspection configuration, use UpdateTLSInspectionConfiguration.
*
*
* To manage a TLS inspection configuration's tags, use the standard Amazon Web Services resource tagging
* operations, ListTagsForResource, TagResource, and UntagResource.
*
*
* To retrieve information about TLS inspection configurations, use ListTLSInspectionConfigurations and
* DescribeTLSInspectionConfiguration.
*
*
* For more information about TLS inspection configurations, see Inspecting SSL/TLS
* traffic with TLS inspection configurations in the Network Firewall Developer Guide.
*
*
* @param createTlsInspectionConfigurationRequest
* @return Result of the CreateTLSInspectionConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws LimitExceededException
* Unable to perform the operation because doing so would violate a limit setting.
* @throws InsufficientCapacityException
* Amazon Web Services doesn't currently have enough available capacity to fulfill your request. Try your
* request later.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.CreateTLSInspectionConfiguration
* @see AWS API Documentation
*/
@Override
public CreateTlsInspectionConfigurationResponse createTLSInspectionConfiguration(
CreateTlsInspectionConfigurationRequest createTlsInspectionConfigurationRequest) throws InvalidRequestException,
ThrottlingException, InternalServerErrorException, LimitExceededException, InsufficientCapacityException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, CreateTlsInspectionConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(createTlsInspectionConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
createTlsInspectionConfigurationRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "CreateTLSInspectionConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("CreateTLSInspectionConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(createTlsInspectionConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new CreateTlsInspectionConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Deletes the specified Firewall and its FirewallStatus. This operation requires the firewall's
* DeleteProtection flag to be FALSE. You can't revert this operation.
*
*
* You can check whether a firewall is in use by reviewing the route tables for the Availability Zones where you
* have firewall subnet mappings. Retrieve the subnet mappings by calling DescribeFirewall. You define and
* update the route tables through Amazon VPC. As needed, update the route tables for the zones to remove the
* firewall endpoints. When the route tables no longer use the firewall endpoints, you can remove the firewall
* safely.
*
*
* To delete a firewall, remove the delete protection if you need to using UpdateFirewallDeleteProtection,
* then delete the firewall by calling DeleteFirewall.
*
*
* @param deleteFirewallRequest
* @return Result of the DeleteFirewall operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws UnsupportedOperationException
* The operation you requested isn't supported by Network Firewall.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DeleteFirewall
* @see AWS API Documentation
*/
@Override
public DeleteFirewallResponse deleteFirewall(DeleteFirewallRequest deleteFirewallRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, UnsupportedOperationException,
InvalidOperationException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
DeleteFirewallResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(deleteFirewallRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, deleteFirewallRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DeleteFirewall");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteFirewall").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(deleteFirewallRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DeleteFirewallRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Deletes the specified FirewallPolicy.
*
*
* @param deleteFirewallPolicyRequest
* @return Result of the DeleteFirewallPolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws UnsupportedOperationException
* The operation you requested isn't supported by Network Firewall.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DeleteFirewallPolicy
* @see AWS API Documentation
*/
@Override
public DeleteFirewallPolicyResponse deleteFirewallPolicy(DeleteFirewallPolicyRequest deleteFirewallPolicyRequest)
throws InvalidRequestException, ResourceNotFoundException, ThrottlingException, InternalServerErrorException,
UnsupportedOperationException, InvalidOperationException, AwsServiceException, SdkClientException,
NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DeleteFirewallPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(deleteFirewallPolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, deleteFirewallPolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DeleteFirewallPolicy");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteFirewallPolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(deleteFirewallPolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DeleteFirewallPolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Deletes a resource policy that you created in a PutResourcePolicy request.
*
*
* @param deleteResourcePolicyRequest
* @return Result of the DeleteResourcePolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidResourcePolicyException
* The policy statement failed validation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DeleteResourcePolicy
* @see AWS API Documentation
*/
@Override
public DeleteResourcePolicyResponse deleteResourcePolicy(DeleteResourcePolicyRequest deleteResourcePolicyRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidResourcePolicyException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DeleteResourcePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(deleteResourcePolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, deleteResourcePolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DeleteResourcePolicy");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteResourcePolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(deleteResourcePolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DeleteResourcePolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Deletes the specified RuleGroup.
*
*
* @param deleteRuleGroupRequest
* @return Result of the DeleteRuleGroup operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws UnsupportedOperationException
* The operation you requested isn't supported by Network Firewall.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DeleteRuleGroup
* @see AWS API Documentation
*/
@Override
public DeleteRuleGroupResponse deleteRuleGroup(DeleteRuleGroupRequest deleteRuleGroupRequest) throws InvalidRequestException,
ResourceNotFoundException, ThrottlingException, InternalServerErrorException, UnsupportedOperationException,
InvalidOperationException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
DeleteRuleGroupResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(deleteRuleGroupRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, deleteRuleGroupRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DeleteRuleGroup");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DeleteRuleGroup").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(deleteRuleGroupRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DeleteRuleGroupRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Deletes the specified TLSInspectionConfiguration.
*
*
* @param deleteTlsInspectionConfigurationRequest
* @return Result of the DeleteTLSInspectionConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DeleteTLSInspectionConfiguration
* @see AWS API Documentation
*/
@Override
public DeleteTlsInspectionConfigurationResponse deleteTLSInspectionConfiguration(
DeleteTlsInspectionConfigurationRequest deleteTlsInspectionConfigurationRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, InvalidOperationException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DeleteTlsInspectionConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(deleteTlsInspectionConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
deleteTlsInspectionConfigurationRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DeleteTLSInspectionConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DeleteTLSInspectionConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(deleteTlsInspectionConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DeleteTlsInspectionConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Returns the data objects for the specified firewall.
*
*
* @param describeFirewallRequest
* @return Result of the DescribeFirewall operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeFirewall
* @see AWS API Documentation
*/
@Override
public DescribeFirewallResponse describeFirewall(DescribeFirewallRequest describeFirewallRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
DescribeFirewallResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeFirewallRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeFirewallRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeFirewall");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DescribeFirewall").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeFirewallRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeFirewallRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Returns the data objects for the specified firewall policy.
*
*
* @param describeFirewallPolicyRequest
* @return Result of the DescribeFirewallPolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeFirewallPolicy
* @see AWS API Documentation
*/
@Override
public DescribeFirewallPolicyResponse describeFirewallPolicy(DescribeFirewallPolicyRequest describeFirewallPolicyRequest)
throws InvalidRequestException, ResourceNotFoundException, ThrottlingException, InternalServerErrorException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DescribeFirewallPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeFirewallPolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeFirewallPolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeFirewallPolicy");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DescribeFirewallPolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeFirewallPolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeFirewallPolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Returns the logging configuration for the specified firewall.
*
*
* @param describeLoggingConfigurationRequest
* @return Result of the DescribeLoggingConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeLoggingConfiguration
* @see AWS API Documentation
*/
@Override
public DescribeLoggingConfigurationResponse describeLoggingConfiguration(
DescribeLoggingConfigurationRequest describeLoggingConfigurationRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DescribeLoggingConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeLoggingConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeLoggingConfigurationRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeLoggingConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DescribeLoggingConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeLoggingConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeLoggingConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves a resource policy that you created in a PutResourcePolicy request.
*
*
* @param describeResourcePolicyRequest
* @return Result of the DescribeResourcePolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeResourcePolicy
* @see AWS API Documentation
*/
@Override
public DescribeResourcePolicyResponse describeResourcePolicy(DescribeResourcePolicyRequest describeResourcePolicyRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DescribeResourcePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeResourcePolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeResourcePolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeResourcePolicy");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DescribeResourcePolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeResourcePolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeResourcePolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Returns the data objects for the specified rule group.
*
*
* @param describeRuleGroupRequest
* @return Result of the DescribeRuleGroup operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeRuleGroup
* @see AWS API Documentation
*/
@Override
public DescribeRuleGroupResponse describeRuleGroup(DescribeRuleGroupRequest describeRuleGroupRequest)
throws InvalidRequestException, ResourceNotFoundException, ThrottlingException, InternalServerErrorException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
DescribeRuleGroupResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeRuleGroupRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeRuleGroupRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeRuleGroup");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DescribeRuleGroup").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeRuleGroupRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeRuleGroupRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* High-level information about a rule group, returned by operations like create and describe. You can use the
* information provided in the metadata to retrieve and manage a rule group. You can retrieve all objects for a rule
* group by calling DescribeRuleGroup.
*
*
* @param describeRuleGroupMetadataRequest
* @return Result of the DescribeRuleGroupMetadata operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeRuleGroupMetadata
* @see AWS API Documentation
*/
@Override
public DescribeRuleGroupMetadataResponse describeRuleGroupMetadata(
DescribeRuleGroupMetadataRequest describeRuleGroupMetadataRequest) throws InvalidRequestException,
ResourceNotFoundException, ThrottlingException, InternalServerErrorException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DescribeRuleGroupMetadataResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeRuleGroupMetadataRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, describeRuleGroupMetadataRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeRuleGroupMetadata");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DescribeRuleGroupMetadata").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeRuleGroupMetadataRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeRuleGroupMetadataRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Returns the data objects for the specified TLS inspection configuration.
*
*
* @param describeTlsInspectionConfigurationRequest
* @return Result of the DescribeTLSInspectionConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DescribeTLSInspectionConfiguration
* @see AWS API Documentation
*/
@Override
public DescribeTlsInspectionConfigurationResponse describeTLSInspectionConfiguration(
DescribeTlsInspectionConfigurationRequest describeTlsInspectionConfigurationRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DescribeTlsInspectionConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(describeTlsInspectionConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
describeTlsInspectionConfigurationRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DescribeTLSInspectionConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("DescribeTLSInspectionConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(describeTlsInspectionConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DescribeTlsInspectionConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Removes the specified subnet associations from the firewall. This removes the firewall endpoints from the subnets
* and removes any network filtering protections that the endpoints were providing.
*
*
* @param disassociateSubnetsRequest
* @return Result of the DisassociateSubnets operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws InvalidOperationException
* The operation failed because it's not valid. For example, you might have tried to delete a rule group or
* firewall policy that's in use.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.DisassociateSubnets
* @see AWS API Documentation
*/
@Override
public DisassociateSubnetsResponse disassociateSubnets(DisassociateSubnetsRequest disassociateSubnetsRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidTokenException, InvalidOperationException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, DisassociateSubnetsResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(disassociateSubnetsRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, disassociateSubnetsRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "DisassociateSubnets");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("DisassociateSubnets").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(disassociateSubnetsRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new DisassociateSubnetsRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves the metadata for the firewall policies that you have defined. Depending on your setting for max results
* and the number of firewall policies, a single call might not return the full list.
*
*
* @param listFirewallPoliciesRequest
* @return Result of the ListFirewallPolicies operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.ListFirewallPolicies
* @see AWS API Documentation
*/
@Override
public ListFirewallPoliciesResponse listFirewallPolicies(ListFirewallPoliciesRequest listFirewallPoliciesRequest)
throws InvalidRequestException, ThrottlingException, InternalServerErrorException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, ListFirewallPoliciesResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(listFirewallPoliciesRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, listFirewallPoliciesRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "ListFirewallPolicies");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListFirewallPolicies").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(listFirewallPoliciesRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new ListFirewallPoliciesRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves the metadata for the firewalls that you have defined. If you provide VPC identifiers in your request,
* this returns only the firewalls for those VPCs.
*
*
* Depending on your setting for max results and the number of firewalls, a single call might not return the full
* list.
*
*
* @param listFirewallsRequest
* @return Result of the ListFirewalls operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.ListFirewalls
* @see AWS API Documentation
*/
@Override
public ListFirewallsResponse listFirewalls(ListFirewallsRequest listFirewallsRequest) throws InvalidRequestException,
InternalServerErrorException, ThrottlingException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
ListFirewallsResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(listFirewallsRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, listFirewallsRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "ListFirewalls");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListFirewalls").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(listFirewallsRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new ListFirewallsRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves the metadata for the rule groups that you have defined. Depending on your setting for max results and
* the number of rule groups, a single call might not return the full list.
*
*
* @param listRuleGroupsRequest
* @return Result of the ListRuleGroups operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.ListRuleGroups
* @see AWS API Documentation
*/
@Override
public ListRuleGroupsResponse listRuleGroups(ListRuleGroupsRequest listRuleGroupsRequest) throws InvalidRequestException,
ThrottlingException, InternalServerErrorException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
ListRuleGroupsResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(listRuleGroupsRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, listRuleGroupsRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "ListRuleGroups");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListRuleGroups").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(listRuleGroupsRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new ListRuleGroupsRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves the metadata for the TLS inspection configurations that you have defined. Depending on your setting for
* max results and the number of TLS inspection configurations, a single call might not return the full list.
*
*
* @param listTlsInspectionConfigurationsRequest
* @return Result of the ListTLSInspectionConfigurations operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.ListTLSInspectionConfigurations
* @see AWS API Documentation
*/
@Override
public ListTlsInspectionConfigurationsResponse listTLSInspectionConfigurations(
ListTlsInspectionConfigurationsRequest listTlsInspectionConfigurationsRequest) throws InvalidRequestException,
InternalServerErrorException, ThrottlingException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, ListTlsInspectionConfigurationsResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(listTlsInspectionConfigurationsRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
listTlsInspectionConfigurationsRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "ListTLSInspectionConfigurations");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("ListTLSInspectionConfigurations").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(listTlsInspectionConfigurationsRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new ListTlsInspectionConfigurationsRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Retrieves the tags associated with the specified resource. Tags are key:value pairs that you can use to
* categorize and manage your resources, for purposes like billing. For example, you might set the tag key to
* "customer" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web
* Services resource, up to 50 tags for a resource.
*
*
* You can tag the Amazon Web Services resources that you manage through Network Firewall: firewalls, firewall
* policies, and rule groups.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.ListTagsForResource
* @see AWS API Documentation
*/
@Override
public ListTagsForResourceResponse listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest)
throws ThrottlingException, InternalServerErrorException, ResourceNotFoundException, InvalidRequestException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, ListTagsForResourceResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(listTagsForResourceRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, listTagsForResourceRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "ListTagsForResource");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("ListTagsForResource").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(listTagsForResourceRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new ListTagsForResourceRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Creates or updates an IAM policy for your rule group or firewall policy. Use this to share rule groups and
* firewall policies between accounts. This operation works in conjunction with the Amazon Web Services Resource
* Access Manager (RAM) service to manage resource sharing for Network Firewall.
*
*
* Use this operation to create or update a resource policy for your rule group or firewall policy. In the policy,
* you specify the accounts that you want to share the resource with and the operations that you want the accounts
* to be able to perform.
*
*
* When you add an account in the resource policy, you then run the following Resource Access Manager (RAM)
* operations to access and accept the shared rule group or firewall policy.
*
*
* -
*
*
* GetResourceShareInvitations - Returns the Amazon Resource Names (ARNs) of the resource share invitations.
*
*
* -
*
*
* AcceptResourceShareInvitation - Accepts the share invitation for a specified resource share.
*
*
*
*
* For additional information about resource sharing using RAM, see Resource Access Manager User Guide.
*
*
* @param putResourcePolicyRequest
* @return Result of the PutResourcePolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidResourcePolicyException
* The policy statement failed validation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.PutResourcePolicy
* @see AWS API Documentation
*/
@Override
public PutResourcePolicyResponse putResourcePolicy(PutResourcePolicyRequest putResourcePolicyRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidResourcePolicyException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
PutResourcePolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(putResourcePolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, putResourcePolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "PutResourcePolicy");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("PutResourcePolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(putResourcePolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new PutResourcePolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Adds the specified tags to the specified resource. Tags are key:value pairs that you can use to categorize and
* manage your resources, for purposes like billing. For example, you might set the tag key to "customer" and the
* value to the customer name or ID. You can specify one or more tags to add to each Amazon Web Services resource,
* up to 50 tags for a resource.
*
*
* You can tag the Amazon Web Services resources that you manage through Network Firewall: firewalls, firewall
* policies, and rule groups.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.TagResource
* @see AWS
* API Documentation
*/
@Override
public TagResourceResponse tagResource(TagResourceRequest tagResourceRequest) throws ThrottlingException,
InternalServerErrorException, ResourceNotFoundException, InvalidRequestException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
TagResourceResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(tagResourceRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, tagResourceRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "TagResource");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("TagResource").withProtocolMetadata(protocolMetadata).withResponseHandler(responseHandler)
.withErrorResponseHandler(errorResponseHandler).withRequestConfiguration(clientConfiguration)
.withInput(tagResourceRequest).withMetricCollector(apiCallMetricCollector)
.withMarshaller(new TagResourceRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Removes the tags with the specified keys from the specified resource. Tags are key:value pairs that you can use
* to categorize and manage your resources, for purposes like billing. For example, you might set the tag key to
* "customer" and the value to the customer name or ID. You can specify one or more tags to add to each Amazon Web
* Services resource, up to 50 tags for a resource.
*
*
* You can manage tags for the Amazon Web Services resources that you manage through Network Firewall: firewalls,
* firewall policies, and rule groups.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UntagResource
* @see AWS API Documentation
*/
@Override
public UntagResourceResponse untagResource(UntagResourceRequest untagResourceRequest) throws ThrottlingException,
InternalServerErrorException, ResourceNotFoundException, InvalidRequestException, AwsServiceException,
SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
UntagResourceResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(untagResourceRequest, this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, untagResourceRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UntagResource");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("UntagResource").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(untagResourceRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UntagResourceRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Modifies the flag, DeleteProtection, which indicates whether it is possible to delete the firewall.
* If the flag is set to TRUE, the firewall is protected against deletion. This setting helps protect
* against accidentally deleting a firewall that's in use.
*
*
* @param updateFirewallDeleteProtectionRequest
* @return Result of the UpdateFirewallDeleteProtection operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws ResourceOwnerCheckException
* Unable to change the resource because your account doesn't own it.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateFirewallDeleteProtection
* @see AWS API Documentation
*/
@Override
public UpdateFirewallDeleteProtectionResponse updateFirewallDeleteProtection(
UpdateFirewallDeleteProtectionRequest updateFirewallDeleteProtectionRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, InvalidTokenException,
ResourceOwnerCheckException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateFirewallDeleteProtectionResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateFirewallDeleteProtectionRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
updateFirewallDeleteProtectionRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateFirewallDeleteProtection");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateFirewallDeleteProtection").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateFirewallDeleteProtectionRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateFirewallDeleteProtectionRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Modifies the description for the specified firewall. Use the description to help you identify the firewall when
* you're working with it.
*
*
* @param updateFirewallDescriptionRequest
* @return Result of the UpdateFirewallDescription operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateFirewallDescription
* @see AWS API Documentation
*/
@Override
public UpdateFirewallDescriptionResponse updateFirewallDescription(
UpdateFirewallDescriptionRequest updateFirewallDescriptionRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, InvalidTokenException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateFirewallDescriptionResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateFirewallDescriptionRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, updateFirewallDescriptionRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateFirewallDescription");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateFirewallDescription").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateFirewallDescriptionRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateFirewallDescriptionRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* A complex type that contains settings for encryption of your firewall resources.
*
*
* @param updateFirewallEncryptionConfigurationRequest
* @return Result of the UpdateFirewallEncryptionConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws ResourceOwnerCheckException
* Unable to change the resource because your account doesn't own it.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateFirewallEncryptionConfiguration
* @see AWS API Documentation
*/
@Override
public UpdateFirewallEncryptionConfigurationResponse updateFirewallEncryptionConfiguration(
UpdateFirewallEncryptionConfigurationRequest updateFirewallEncryptionConfigurationRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidTokenException, ResourceOwnerCheckException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(operationMetadata, UpdateFirewallEncryptionConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateFirewallEncryptionConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
updateFirewallEncryptionConfigurationRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateFirewallEncryptionConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateFirewallEncryptionConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration)
.withInput(updateFirewallEncryptionConfigurationRequest).withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateFirewallEncryptionConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Updates the properties of the specified firewall policy.
*
*
* @param updateFirewallPolicyRequest
* @return Result of the UpdateFirewallPolicy operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateFirewallPolicy
* @see AWS API Documentation
*/
@Override
public UpdateFirewallPolicyResponse updateFirewallPolicy(UpdateFirewallPolicyRequest updateFirewallPolicyRequest)
throws InvalidRequestException, ResourceNotFoundException, ThrottlingException, InternalServerErrorException,
InvalidTokenException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateFirewallPolicyResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateFirewallPolicyRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, updateFirewallPolicyRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateFirewallPolicy");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("UpdateFirewallPolicy").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateFirewallPolicyRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateFirewallPolicyRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Modifies the flag, ChangeProtection, which indicates whether it is possible to change the firewall.
* If the flag is set to TRUE, the firewall is protected from changes. This setting helps protect
* against accidentally changing a firewall that's in use.
*
*
* @param updateFirewallPolicyChangeProtectionRequest
* @return Result of the UpdateFirewallPolicyChangeProtection operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws ResourceOwnerCheckException
* Unable to change the resource because your account doesn't own it.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateFirewallPolicyChangeProtection
* @see AWS API Documentation
*/
@Override
public UpdateFirewallPolicyChangeProtectionResponse updateFirewallPolicyChangeProtection(
UpdateFirewallPolicyChangeProtectionRequest updateFirewallPolicyChangeProtectionRequest)
throws InvalidRequestException, InternalServerErrorException, ResourceNotFoundException, ThrottlingException,
InvalidTokenException, ResourceOwnerCheckException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory
.createResponseHandler(operationMetadata, UpdateFirewallPolicyChangeProtectionResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateFirewallPolicyChangeProtectionRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
updateFirewallPolicyChangeProtectionRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateFirewallPolicyChangeProtection");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateFirewallPolicyChangeProtection").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateFirewallPolicyChangeProtectionRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateFirewallPolicyChangeProtectionRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Sets the logging configuration for the specified firewall.
*
*
* To change the logging configuration, retrieve the LoggingConfiguration by calling
* DescribeLoggingConfiguration, then change it and provide the modified object to this update call. You must
* change the logging configuration one LogDestinationConfig at a time inside the retrieved
* LoggingConfiguration object.
*
*
* You can perform only one of the following actions in any call to UpdateLoggingConfiguration:
*
*
* -
*
* Create a new log destination object by adding a single LogDestinationConfig array element to
* LogDestinationConfigs.
*
*
* -
*
* Delete a log destination object by removing a single LogDestinationConfig array element from
* LogDestinationConfigs.
*
*
* -
*
* Change the LogDestination setting in a single LogDestinationConfig array element.
*
*
*
*
* You can't change the LogDestinationType or LogType in a
* LogDestinationConfig. To change these settings, delete the existing
* LogDestinationConfig object and create a new one, using two separate calls to this update operation.
*
*
* @param updateLoggingConfigurationRequest
* @return Result of the UpdateLoggingConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws LogDestinationPermissionException
* Unable to send logs to a configured logging destination.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateLoggingConfiguration
* @see AWS API Documentation
*/
@Override
public UpdateLoggingConfigurationResponse updateLoggingConfiguration(
UpdateLoggingConfigurationRequest updateLoggingConfigurationRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, InvalidTokenException,
LogDestinationPermissionException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateLoggingConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateLoggingConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, updateLoggingConfigurationRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateLoggingConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateLoggingConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateLoggingConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateLoggingConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Updates the rule settings for the specified rule group. You use a rule group by reference in one or more firewall
* policies. When you modify a rule group, you modify all firewall policies that use the rule group.
*
*
* To update a rule group, first call DescribeRuleGroup to retrieve the current RuleGroup object,
* update the object as needed, and then provide the updated object to this call.
*
*
* @param updateRuleGroupRequest
* @return Result of the UpdateRuleGroup operation returned by the service.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateRuleGroup
* @see AWS API Documentation
*/
@Override
public UpdateRuleGroupResponse updateRuleGroup(UpdateRuleGroupRequest updateRuleGroupRequest)
throws ResourceNotFoundException, InvalidRequestException, ThrottlingException, InternalServerErrorException,
InvalidTokenException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(operationMetadata,
UpdateRuleGroupResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateRuleGroupRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, updateRuleGroupRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateRuleGroup");
return clientHandler.execute(new ClientExecutionParams()
.withOperationName("UpdateRuleGroup").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateRuleGroupRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateRuleGroupRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
*
* @param updateSubnetChangeProtectionRequest
* @return Result of the UpdateSubnetChangeProtection operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws ResourceOwnerCheckException
* Unable to change the resource because your account doesn't own it.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateSubnetChangeProtection
* @see AWS API Documentation
*/
@Override
public UpdateSubnetChangeProtectionResponse updateSubnetChangeProtection(
UpdateSubnetChangeProtectionRequest updateSubnetChangeProtectionRequest) throws InvalidRequestException,
InternalServerErrorException, ResourceNotFoundException, ThrottlingException, InvalidTokenException,
ResourceOwnerCheckException, AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateSubnetChangeProtectionResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateSubnetChangeProtectionRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration, updateSubnetChangeProtectionRequest
.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateSubnetChangeProtection");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateSubnetChangeProtection").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateSubnetChangeProtectionRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateSubnetChangeProtectionRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
/**
*
* Updates the TLS inspection configuration settings for the specified TLS inspection configuration. You use a TLS
* inspection configuration by referencing it in one or more firewall policies. When you modify a TLS inspection
* configuration, you modify all firewall policies that use the TLS inspection configuration.
*
*
* To update a TLS inspection configuration, first call DescribeTLSInspectionConfiguration to retrieve the
* current TLSInspectionConfiguration object, update the object as needed, and then provide the updated
* object to this call.
*
*
* @param updateTlsInspectionConfigurationRequest
* @return Result of the UpdateTLSInspectionConfiguration operation returned by the service.
* @throws InvalidRequestException
* The operation failed because of a problem with your request. Examples include:
*
* -
*
* You specified an unsupported parameter name or value.
*
*
* -
*
* You tried to update a property with a value that isn't among the available types.
*
*
* -
*
* Your request references an ARN that is malformed, or corresponds to a resource that isn't valid in the
* context of the request.
*
*
* @throws ResourceNotFoundException
* Unable to locate a resource using the parameters that you provided.
* @throws ThrottlingException
* Unable to process the request due to throttling limitations.
* @throws InternalServerErrorException
* Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
* Retry your request.
* @throws InvalidTokenException
* The token you provided is stale or isn't valid for the operation.
* @throws SdkException
* Base class for all exceptions that can be thrown by the SDK (both service and client). Can be used for
* catch all scenarios.
* @throws SdkClientException
* If any client side error occurs such as an IO related failure, failure to get credentials, etc.
* @throws NetworkFirewallException
* Base class for all service exceptions. Unknown exceptions will be thrown as an instance of this type.
* @sample NetworkFirewallClient.UpdateTLSInspectionConfiguration
* @see AWS API Documentation
*/
@Override
public UpdateTlsInspectionConfigurationResponse updateTLSInspectionConfiguration(
UpdateTlsInspectionConfigurationRequest updateTlsInspectionConfigurationRequest) throws InvalidRequestException,
ResourceNotFoundException, ThrottlingException, InternalServerErrorException, InvalidTokenException,
AwsServiceException, SdkClientException, NetworkFirewallException {
JsonOperationMetadata operationMetadata = JsonOperationMetadata.builder().hasStreamingSuccessResponse(false)
.isPayloadJson(true).build();
HttpResponseHandler responseHandler = protocolFactory.createResponseHandler(
operationMetadata, UpdateTlsInspectionConfigurationResponse::builder);
HttpResponseHandler errorResponseHandler = createErrorResponseHandler(protocolFactory,
operationMetadata);
SdkClientConfiguration clientConfiguration = updateSdkClientConfiguration(updateTlsInspectionConfigurationRequest,
this.clientConfiguration);
List metricPublishers = resolveMetricPublishers(clientConfiguration,
updateTlsInspectionConfigurationRequest.overrideConfiguration().orElse(null));
MetricCollector apiCallMetricCollector = metricPublishers.isEmpty() ? NoOpMetricCollector.create() : MetricCollector
.create("ApiCall");
try {
apiCallMetricCollector.reportMetric(CoreMetric.SERVICE_ID, "Network Firewall");
apiCallMetricCollector.reportMetric(CoreMetric.OPERATION_NAME, "UpdateTLSInspectionConfiguration");
return clientHandler
.execute(new ClientExecutionParams()
.withOperationName("UpdateTLSInspectionConfiguration").withProtocolMetadata(protocolMetadata)
.withResponseHandler(responseHandler).withErrorResponseHandler(errorResponseHandler)
.withRequestConfiguration(clientConfiguration).withInput(updateTlsInspectionConfigurationRequest)
.withMetricCollector(apiCallMetricCollector)
.withMarshaller(new UpdateTlsInspectionConfigurationRequestMarshaller(protocolFactory)));
} finally {
metricPublishers.forEach(p -> p.publish(apiCallMetricCollector.collect()));
}
}
@Override
public final String serviceName() {
return SERVICE_NAME;
}
private static List resolveMetricPublishers(SdkClientConfiguration clientConfiguration,
RequestOverrideConfiguration requestOverrideConfiguration) {
List publishers = null;
if (requestOverrideConfiguration != null) {
publishers = requestOverrideConfiguration.metricPublishers();
}
if (publishers == null || publishers.isEmpty()) {
publishers = clientConfiguration.option(SdkClientOption.METRIC_PUBLISHERS);
}
if (publishers == null) {
publishers = Collections.emptyList();
}
return publishers;
}
private HttpResponseHandler createErrorResponseHandler(BaseAwsJsonProtocolFactory protocolFactory,
JsonOperationMetadata operationMetadata) {
return protocolFactory.createErrorResponseHandler(operationMetadata);
}
private void updateRetryStrategyClientConfiguration(SdkClientConfiguration.Builder configuration) {
ClientOverrideConfiguration.Builder builder = configuration.asOverrideConfigurationBuilder();
RetryMode retryMode = builder.retryMode();
if (retryMode != null) {
configuration.option(SdkClientOption.RETRY_STRATEGY, AwsRetryStrategy.forRetryMode(retryMode));
} else {
Consumer> configurator = builder.retryStrategyConfigurator();
if (configurator != null) {
RetryStrategy.Builder defaultBuilder = AwsRetryStrategy.defaultRetryStrategy().toBuilder();
configurator.accept(defaultBuilder);
configuration.option(SdkClientOption.RETRY_STRATEGY, defaultBuilder.build());
} else {
RetryStrategy retryStrategy = builder.retryStrategy();
if (retryStrategy != null) {
configuration.option(SdkClientOption.RETRY_STRATEGY, retryStrategy);
}
}
}
configuration.option(SdkClientOption.CONFIGURED_RETRY_MODE, null);
configuration.option(SdkClientOption.CONFIGURED_RETRY_STRATEGY, null);
configuration.option(SdkClientOption.CONFIGURED_RETRY_CONFIGURATOR, null);
}
private SdkClientConfiguration updateSdkClientConfiguration(SdkRequest request, SdkClientConfiguration clientConfiguration) {
List plugins = request.overrideConfiguration().map(c -> c.plugins()).orElse(Collections.emptyList());
SdkClientConfiguration.Builder configuration = clientConfiguration.toBuilder();
if (plugins.isEmpty()) {
return configuration.build();
}
NetworkFirewallServiceClientConfigurationBuilder serviceConfigBuilder = new NetworkFirewallServiceClientConfigurationBuilder(
configuration);
for (SdkPlugin plugin : plugins) {
plugin.configureClient(serviceConfigBuilder);
}
updateRetryStrategyClientConfiguration(configuration);
return configuration.build();
}
private > T init(T builder) {
return builder
.clientConfiguration(clientConfiguration)
.defaultServiceExceptionSupplier(NetworkFirewallException::builder)
.protocol(AwsJsonProtocol.AWS_JSON)
.protocolVersion("1.0")
.registerModeledException(
ExceptionMetadata.builder().errorCode("InvalidOperationException")
.exceptionBuilderSupplier(InvalidOperationException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("InvalidRequestException")
.exceptionBuilderSupplier(InvalidRequestException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("LogDestinationPermissionException")
.exceptionBuilderSupplier(LogDestinationPermissionException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("ThrottlingException")
.exceptionBuilderSupplier(ThrottlingException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("InsufficientCapacityException")
.exceptionBuilderSupplier(InsufficientCapacityException::builder).httpStatusCode(500).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("InvalidResourcePolicyException")
.exceptionBuilderSupplier(InvalidResourcePolicyException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("LimitExceededException")
.exceptionBuilderSupplier(LimitExceededException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("InvalidTokenException")
.exceptionBuilderSupplier(InvalidTokenException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("ResourceNotFoundException")
.exceptionBuilderSupplier(ResourceNotFoundException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("ResourceOwnerCheckException")
.exceptionBuilderSupplier(ResourceOwnerCheckException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("UnsupportedOperationException")
.exceptionBuilderSupplier(UnsupportedOperationException::builder).httpStatusCode(400).build())
.registerModeledException(
ExceptionMetadata.builder().errorCode("InternalServerError")
.exceptionBuilderSupplier(InternalServerErrorException::builder).httpStatusCode(500).build());
}
@Override
public final NetworkFirewallServiceClientConfiguration serviceClientConfiguration() {
return new NetworkFirewallServiceClientConfigurationBuilder(this.clientConfiguration.toBuilder()).build();
}
@Override
public void close() {
clientHandler.close();
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy