Interface CfnFirewallPolicy.IStatefulRuleGroupReferenceProperty
Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public interface IStatefulRuleGroupReferenceProperty
Syntax (vb)
Public Interface IStatefulRuleGroupReferenceProperty
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var statefulRuleGroupReferenceProperty = new StatefulRuleGroupReferenceProperty {
ResourceArn = "resourceArn",
// the properties below are optional
Override = new StatefulRuleGroupOverrideProperty {
Action = "action"
},
Priority = 123
};
Synopsis
Properties
Override | The action that allows the policy owner to override the behavior of the rule group within a policy. |
Priority | An integer setting that indicates the order in which to run the stateful rule groups in a single |
ResourceArn | The Amazon Resource Name (ARN) of the stateful rule group. |
Properties
Override
The action that allows the policy owner to override the behavior of the rule group within a policy.
virtual object Override { get; }
Property Value
System.Object
Remarks
Priority
An integer setting that indicates the order in which to run the stateful rule groups in a single FirewallPolicy
.
virtual Nullable<double> Priority { get; }
Property Value
System.Nullable<System.Double>
Remarks
This setting only applies to firewall policies that specify the STRICT_ORDER
rule order in the stateful engine options settings.
Network Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.
You can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.
ResourceArn
The Amazon Resource Name (ARN) of the stateful rule group.
string ResourceArn { get; }
Property Value
System.String