Interface CfnFirewallRuleGroup.IFirewallRuleProperty
A single firewall rule in a rule group.
Namespace: Amazon.CDK.AWS.Route53Resolver
Assembly: Amazon.CDK.AWS.Route53Resolver.dll
Syntax (csharp)
public interface IFirewallRuleProperty
Syntax (vb)
Public Interface IFirewallRuleProperty
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.Route53Resolver;
var firewallRuleProperty = new FirewallRuleProperty {
Action = "action",
FirewallDomainListId = "firewallDomainListId",
Priority = 123,
// the properties below are optional
BlockOverrideDnsType = "blockOverrideDnsType",
BlockOverrideDomain = "blockOverrideDomain",
BlockOverrideTtl = 123,
BlockResponse = "blockResponse"
};
Synopsis
Properties
Action | The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: - |
BlockOverrideDnsType | The DNS record's type. |
BlockOverrideDomain | The custom DNS record to send back in response to the query. |
BlockOverrideTtl | The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. |
BlockResponse | The way that you want DNS Firewall to block the request. Used for the rule action setting |
FirewallDomainListId | The ID of the domain list that's used in the rule. |
Priority | The priority of the rule in the rule group. |
Properties
Action
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list: - ALLOW
- Permit the request to go through.
string Action { get; }
Property Value
System.String
Remarks
if BlockResponse
is OVERRIDE
, then all of the following OVERRIDE
attributes must be specified:
BlockOverrideDnsType
The DNS record's type.
virtual string BlockOverrideDnsType { get; }
Property Value
System.String
Remarks
This determines the format of the record value that you provided in BlockOverrideDomain
. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
BlockOverrideDomain
The custom DNS record to send back in response to the query.
virtual string BlockOverrideDomain { get; }
Property Value
System.String
Remarks
Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
BlockOverrideTtl
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.
virtual Nullable<double> BlockOverrideTtl { get; }
Property Value
System.Nullable<System.Double>
Remarks
Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
BlockResponse
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK
.
virtual string BlockResponse { get; }
Property Value
System.String
Remarks
FirewallDomainListId
The ID of the domain list that's used in the rule.
string FirewallDomainListId { get; }
Property Value
System.String
Remarks
Priority
The priority of the rule in the rule group.
double Priority { get; }
Property Value
System.Double
Remarks
This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.