Class CfnFirewallRuleGroup.FirewallRuleProperty
A single firewall rule in a rule group.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.Route53Resolver
Assembly: Amazon.CDK.AWS.Route53Resolver.dll
Syntax (csharp)
public class FirewallRuleProperty : Object, CfnFirewallRuleGroup.IFirewallRulePropertySyntax (vb)
Public Class FirewallRuleProperty
Inherits Object
Implements CfnFirewallRuleGroup.IFirewallRulePropertyRemarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Route53Resolver;
FirewallRuleProperty firewallRuleProperty = new FirewallRuleProperty {
Action = "action",
FirewallDomainListId = "firewallDomainListId",
Priority = 123,
// the properties below are optional
BlockOverrideDnsType = "blockOverrideDnsType",
BlockOverrideDomain = "blockOverrideDomain",
BlockOverrideTtl = 123,
BlockResponse = "blockResponse"
};Synopsis
Constructors
| FirewallRuleProperty() |
Properties
| Action | The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: - |
| BlockOverrideDnsType | The DNS record's type. |
| BlockOverrideDomain | The custom DNS record to send back in response to the query. |
| BlockOverrideTtl | The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. |
| BlockResponse | The way that you want DNS Firewall to block the request. Used for the rule action setting |
| FirewallDomainListId | The ID of the domain list that's used in the rule. |
| Priority | The priority of the rule in the rule group. |
Constructors
FirewallRuleProperty()
public FirewallRuleProperty()Properties
Action
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: - ALLOW - Permit the request to go through.
public string Action { get; set; }Property Value
System.String
Remarks
if BlockResponse is OVERRIDE , then all of the following OVERRIDE attributes must be specified:
BlockOverrideDnsType
The DNS record's type.
public string BlockOverrideDnsType { get; set; }Property Value
System.String
Remarks
This determines the format of the record value that you provided in BlockOverrideDomain . Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE .
BlockOverrideDomain
The custom DNS record to send back in response to the query.
public string BlockOverrideDomain { get; set; }Property Value
System.String
Remarks
Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE .
BlockOverrideTtl
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.
public Nullable<double> BlockOverrideTtl { get; set; }Property Value
System.Nullable<System.Double>
Remarks
Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE .
BlockResponse
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK .
public string BlockResponse { get; set; }Property Value
System.String
Remarks
FirewallDomainListId
The ID of the domain list that's used in the rule.
public string FirewallDomainListId { get; set; }Property Value
System.String
Remarks
Priority
The priority of the rule in the rule group.
public double Priority { get; set; }Property Value
System.Double
Remarks
This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.