Class CfnRuleGroup.StatelessRuleProperty
A single stateless rule.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class StatelessRuleProperty : Object, CfnRuleGroup.IStatelessRuleProperty
Syntax (vb)
Public Class StatelessRuleProperty
Inherits Object
Implements CfnRuleGroup.IStatelessRuleProperty
Remarks
This is used in RuleGroup.StatelessRulesAndCustomActions
.
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var statelessRuleProperty = new StatelessRuleProperty {
Priority = 123,
RuleDefinition = new RuleDefinitionProperty {
Actions = new [] { "actions" },
MatchAttributes = new MatchAttributesProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
TcpFlags = new [] { new TCPFlagFieldProperty {
Flags = new [] { "flags" },
// the properties below are optional
Masks = new [] { "masks" }
} }
}
}
};
Synopsis
Constructors
StatelessRuleProperty() |
Properties
Priority | Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. |
RuleDefinition | Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria. |
Constructors
StatelessRuleProperty()
public StatelessRuleProperty()
Properties
Priority
Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group.
public double Priority { get; set; }
Property Value
System.Double
Remarks
Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group.
Each stateless rule group uses exactly one StatelessRulesAndCustomActions
object, and each StatelessRulesAndCustomActions
contains exactly one StatelessRules
object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single StatelessRules
object.
You can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on.
RuleDefinition
Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria.
public object RuleDefinition { get; set; }
Property Value
System.Object