CfnFirewallRuleGroupAssociationProps

class aws_cdk.aws_route53resolver.CfnFirewallRuleGroupAssociationProps(*, firewall_rule_group_id, priority, vpc_id, mutation_protection=None, name=None, tags=None)

Bases: object

Properties for defining a CfnFirewallRuleGroupAssociation.

Parameters
  • firewall_rule_group_id (str) – The unique identifier of the firewall rule group.

  • priority (Union[int, float]) – The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. The allowed values for Priority are between 100 and 9900 (excluding 100 and 9900).

  • vpc_id (str) – The unique identifier of the VPC that is associated with the rule group.

  • mutation_protection (Optional[str]) – If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.

  • name (Optional[str]) – The name of the association.

  • tags (Optional[Sequence[CfnTag]]) – A list of the tag keys and values that you want to associate with the rule group.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html

ExampleMetadata

fixture=_generated

Example:

# The code below shows an example of how to instantiate this type.
# The values are placeholders you should change.
import aws_cdk.aws_route53resolver as route53resolver

cfn_firewall_rule_group_association_props = route53resolver.CfnFirewallRuleGroupAssociationProps(
    firewall_rule_group_id="firewallRuleGroupId",
    priority=123,
    vpc_id="vpcId",

    # the properties below are optional
    mutation_protection="mutationProtection",
    name="name",
    tags=[CfnTag(
        key="key",
        value="value"
    )]
)

Attributes

firewall_rule_group_id

The unique identifier of the firewall rule group.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-firewallrulegroupid

Return type

str

mutation_protection

If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-mutationprotection

Return type

Optional[str]

name

The name of the association.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-name

Return type

Optional[str]

priority

The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC.

DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.

You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.

The allowed values for Priority are between 100 and 9900 (excluding 100 and 9900).

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-priority

Return type

Union[int, float]

tags

A list of the tag keys and values that you want to associate with the rule group.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-tags

Return type

Optional[List[CfnTag]]

vpc_id

The unique identifier of the VPC that is associated with the rule group.

Link

http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-route53resolver-firewallrulegroupassociation.html#cfn-route53resolver-firewallrulegroupassociation-vpcid

Return type

str