I'm currently writing a config rule. I was able to write a config rule to see if a Network Firewall is attached to the VPC. I am not revieiwing the boto3 documentation [here](https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2.html#EC2.Client.describe_route_tables) to determine if a networkfirewall is being used. Is there a method or certain Filters I can call to determine if the subnet is going to a Network Firewall?

(Boto3) How can I call the VPC Route tables to return an indication that a Network Firewall is being used?

I'm currently writing a config rule. I was able to write a config rule to see if a Network Firewall is attached to the VPC. I am not revieiwing the boto3 documentation here to determine if a networkfirewall is being used.

Is there a method or certain Filters I can call to determine if the subnet is going to a Network Firewall?

주제

네트워킹 및 콘텐츠 전송 보안, 신원 및 규정 준수

태그

아마존 VPC AWS 네트워크 방화벽

언어

English

rePost-User-8984971

질문됨 2년 전286회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

There's nothing that is going to directly indicate that a Network Firewall is being used. However, what you can do is get a list of Network Firewall endpoints that are deployed into the VPC; then check the route entries in each route table and see if the destination is one of those endpoints.

전문가

Brettski-AWS

답변함 2년 전

전문가

Tushar_J

검토됨 2년 전

rePost-User-8984971
2년 전
Do I use filter to get a list of the route entries?

The filters in boto3 docuemntation for describe_route tables?
Brettski-AWS 전문가
2년 전
You may be able to filter on route.gateway-id.

(Boto3) How can I call the VPC Route tables to return an indication that a Network Firewall is being used?

관련 콘텐츠