CfnRuleGroupMixinProps
- class aws_cdk.mixins_preview.aws_networkfirewall.mixins.CfnRuleGroupMixinProps(*, capacity=None, description=None, rule_group=None, rule_group_name=None, summary_configuration=None, tags=None, type=None)
Bases:
objectProperties for CfnRuleGroupPropsMixin.
- Parameters:
capacity (
Union[int,float,None]) – The maximum operating resources that this rule group can use. You can’t change a rule group’s capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.description (
Optional[str]) – A description of the rule group.rule_group (
Union[IResolvable,RuleGroupProperty,Dict[str,Any],None]) – An object that defines the rule group rules.rule_group_name (
Optional[str]) – The descriptive name of the rule group. You can’t change the name of a rule group after you create it.summary_configuration (
Union[IResolvable,SummaryConfigurationProperty,Dict[str,Any],None]) – A complex type containing the currently selected rule option fields that will be displayed for rule summarization returned byDescribeRuleGroupSummary. - TheRuleOptionsspecified inSummaryConfiguration- Rule metadata organization preferencestags (
Optional[Sequence[Union[CfnTag,Dict[str,Any]]]]) – An array of key-value pairs to apply to this resource. For more information, see Tag .type (
Optional[str]) – Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains stateless rules. If it is stateful, it contains stateful rules.
- See:
- ExampleMetadata:
fixture=_generated
Example:
from aws_cdk import CfnTag # The code below shows an example of how to instantiate this type. # The values are placeholders you should change. from aws_cdk.mixins_preview.aws_networkfirewall import mixins as networkfirewall_mixins cfn_rule_group_mixin_props = networkfirewall_mixins.CfnRuleGroupMixinProps( capacity=123, description="description", rule_group=networkfirewall_mixins.CfnRuleGroupPropsMixin.RuleGroupProperty( reference_sets=networkfirewall_mixins.CfnRuleGroupPropsMixin.ReferenceSetsProperty( ip_set_references={ "ip_set_references_key": { "reference_arn": "referenceArn" } } ), rules_source=networkfirewall_mixins.CfnRuleGroupPropsMixin.RulesSourceProperty( rules_source_list=networkfirewall_mixins.CfnRuleGroupPropsMixin.RulesSourceListProperty( generated_rules_type="generatedRulesType", targets=["targets"], target_types=["targetTypes"] ), rules_string="rulesString", stateful_rules=[networkfirewall_mixins.CfnRuleGroupPropsMixin.StatefulRuleProperty( action="action", header=networkfirewall_mixins.CfnRuleGroupPropsMixin.HeaderProperty( destination="destination", destination_port="destinationPort", direction="direction", protocol="protocol", source="source", source_port="sourcePort" ), rule_options=[networkfirewall_mixins.CfnRuleGroupPropsMixin.RuleOptionProperty( keyword="keyword", settings=["settings"] )] )], stateless_rules_and_custom_actions=networkfirewall_mixins.CfnRuleGroupPropsMixin.StatelessRulesAndCustomActionsProperty( custom_actions=[networkfirewall_mixins.CfnRuleGroupPropsMixin.CustomActionProperty( action_definition=networkfirewall_mixins.CfnRuleGroupPropsMixin.ActionDefinitionProperty( publish_metric_action=networkfirewall_mixins.CfnRuleGroupPropsMixin.PublishMetricActionProperty( dimensions=[networkfirewall_mixins.CfnRuleGroupPropsMixin.DimensionProperty( value="value" )] ) ), action_name="actionName" )], stateless_rules=[networkfirewall_mixins.CfnRuleGroupPropsMixin.StatelessRuleProperty( priority=123, rule_definition=networkfirewall_mixins.CfnRuleGroupPropsMixin.RuleDefinitionProperty( actions=["actions"], match_attributes=networkfirewall_mixins.CfnRuleGroupPropsMixin.MatchAttributesProperty( destination_ports=[networkfirewall_mixins.CfnRuleGroupPropsMixin.PortRangeProperty( from_port=123, to_port=123 )], destinations=[networkfirewall_mixins.CfnRuleGroupPropsMixin.AddressProperty( address_definition="addressDefinition" )], protocols=[123], source_ports=[networkfirewall_mixins.CfnRuleGroupPropsMixin.PortRangeProperty( from_port=123, to_port=123 )], sources=[networkfirewall_mixins.CfnRuleGroupPropsMixin.AddressProperty( address_definition="addressDefinition" )], tcp_flags=[networkfirewall_mixins.CfnRuleGroupPropsMixin.TCPFlagFieldProperty( flags=["flags"], masks=["masks"] )] ) ) )] ) ), rule_variables=networkfirewall_mixins.CfnRuleGroupPropsMixin.RuleVariablesProperty( ip_sets={ "ip_sets_key": { "definition": ["definition"] } }, port_sets={ "port_sets_key": networkfirewall_mixins.CfnRuleGroupPropsMixin.PortSetProperty( definition=["definition"] ) } ), stateful_rule_options=networkfirewall_mixins.CfnRuleGroupPropsMixin.StatefulRuleOptionsProperty( rule_order="ruleOrder" ) ), rule_group_name="ruleGroupName", summary_configuration=networkfirewall_mixins.CfnRuleGroupPropsMixin.SummaryConfigurationProperty( rule_options=["ruleOptions"] ), tags=[CfnTag( key="key", value="value" )], type="type" )
Attributes
- capacity
The maximum operating resources that this rule group can use.
You can’t change a rule group’s capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.
- description
A description of the rule group.
- rule_group
An object that defines the rule group rules.
- rule_group_name
The descriptive name of the rule group.
You can’t change the name of a rule group after you create it.
- summary_configuration
A complex type containing the currently selected rule option fields that will be displayed for rule summarization returned by
DescribeRuleGroupSummary.The
RuleOptionsspecified inSummaryConfigurationRule metadata organization preferences
- type
Indicates whether the rule group is stateless or stateful.
If the rule group is stateless, it contains stateless rules. If it is stateful, it contains stateful rules.