| Class | Description |
|---|---|
| ActionDefinition |
A custom action to use in stateless rule actions settings.
|
| Address |
A single IP address specification.
|
| AnalysisResult |
The analysis result for Network Firewall's stateless rule group analyzer.
|
| AssociateFirewallPolicyRequest | |
| AssociateFirewallPolicyResult | |
| AssociateSubnetsRequest | |
| AssociateSubnetsResult | |
| Attachment |
The configuration and status for a single subnet that you've specified for use by the Network Firewall firewall.
|
| CapacityUsageSummary |
The capacity usage summary of the resources used by the ReferenceSets in a firewall.
|
| CheckCertificateRevocationStatusActions |
Defines the actions to take on the SSL/TLS connection if the certificate presented by the server in the connection
has a revoked or unknown status.
|
| CIDRSummary |
Summarizes the CIDR blocks used by the IP set references in a firewall.
|
| CreateFirewallPolicyRequest | |
| CreateFirewallPolicyResult | |
| CreateFirewallRequest | |
| CreateFirewallResult | |
| CreateRuleGroupRequest | |
| CreateRuleGroupResult | |
| CreateTLSInspectionConfigurationRequest | |
| CreateTLSInspectionConfigurationResult | |
| CustomAction |
An optional, non-standard action to use for stateless packet handling.
|
| DeleteFirewallPolicyRequest | |
| DeleteFirewallPolicyResult | |
| DeleteFirewallRequest | |
| DeleteFirewallResult | |
| DeleteResourcePolicyRequest | |
| DeleteResourcePolicyResult | |
| DeleteRuleGroupRequest | |
| DeleteRuleGroupResult | |
| DeleteTLSInspectionConfigurationRequest | |
| DeleteTLSInspectionConfigurationResult | |
| DescribeFirewallPolicyRequest | |
| DescribeFirewallPolicyResult | |
| DescribeFirewallRequest | |
| DescribeFirewallResult | |
| DescribeLoggingConfigurationRequest | |
| DescribeLoggingConfigurationResult | |
| DescribeResourcePolicyRequest | |
| DescribeResourcePolicyResult | |
| DescribeRuleGroupMetadataRequest | |
| DescribeRuleGroupMetadataResult | |
| DescribeRuleGroupRequest | |
| DescribeRuleGroupResult | |
| DescribeTLSInspectionConfigurationRequest | |
| DescribeTLSInspectionConfigurationResult | |
| Dimension |
The value to use in an Amazon CloudWatch custom metric dimension.
|
| DisassociateSubnetsRequest | |
| DisassociateSubnetsResult | |
| EncryptionConfiguration |
A complex type that contains optional Amazon Web Services Key Management Service (KMS) encryption settings for your
Network Firewall resources.
|
| Firewall |
The firewall defines the configuration settings for an Network Firewall firewall.
|
| FirewallMetadata |
High-level information about a firewall, returned by operations like create and describe.
|
| FirewallPolicy |
The firewall policy defines the behavior of a firewall using a collection of stateless and stateful rule groups and
other settings.
|
| FirewallPolicyMetadata |
High-level information about a firewall policy, returned by operations like create and describe.
|
| FirewallPolicyResponse |
The high-level properties of a firewall policy.
|
| FirewallStatus |
Detailed information about the current status of a Firewall.
|
| Header |
The basic rule criteria for Network Firewall to use to inspect packet headers in stateful traffic flow inspection.
|
| IPSet |
A list of IP addresses and address ranges, in CIDR notation.
|
| IPSetMetadata |
General information about the IP set.
|
| IPSetReference |
Configures one or more IP set references for a Suricata-compatible rule group.
|
| ListFirewallPoliciesRequest | |
| ListFirewallPoliciesResult | |
| ListFirewallsRequest | |
| ListFirewallsResult | |
| ListRuleGroupsRequest | |
| ListRuleGroupsResult | |
| ListTagsForResourceRequest | |
| ListTagsForResourceResult | |
| ListTLSInspectionConfigurationsRequest | |
| ListTLSInspectionConfigurationsResult | |
| LogDestinationConfig |
Defines where Network Firewall sends logs for the firewall for one log type.
|
| LoggingConfiguration |
Defines how Network Firewall performs logging for a Firewall.
|
| MatchAttributes |
Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection.
|
| PerObjectStatus |
Provides configuration status for a single policy or rule group that is used for a firewall endpoint.
|
| PolicyVariables |
Contains variables that you can use to override default Suricata settings in your firewall policy.
|
| PortRange |
A single port range specification.
|
| PortSet |
A set of port ranges for use in the rules in a rule group.
|
| PublishMetricAction |
Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet.
|
| PutResourcePolicyRequest | |
| PutResourcePolicyResult | |
| ReferenceSets |
Contains a set of IP set references.
|
| RuleDefinition |
The inspection criteria and action for a single stateless rule.
|
| RuleGroup |
The object that defines the rules in a rule group.
|
| RuleGroupMetadata |
High-level information about a rule group, returned by ListRuleGroups.
|
| RuleGroupResponse |
The high-level properties of a rule group.
|
| RuleOption |
Additional settings for a stateful rule.
|
| RulesSource |
The stateless or stateful rules definitions for use in a single rule group.
|
| RulesSourceList |
Stateful inspection criteria for a domain list rule group.
|
| RuleVariables |
Settings that are available for use in the rules in the RuleGroup where this is defined.
|
| ServerCertificate |
Any Certificate Manager (ACM) Secure Sockets Layer/Transport Layer Security (SSL/TLS) server certificate that's
associated with a ServerCertificateConfiguration.
|
| ServerCertificateConfiguration |
Configures the Certificate Manager certificates and scope that Network Firewall uses to decrypt and re-encrypt
traffic using a TLSInspectionConfiguration.
|
| ServerCertificateScope |
Settings that define the Secure Sockets Layer/Transport Layer Security (SSL/TLS) traffic that Network Firewall should
decrypt for inspection by the stateful rule engine.
|
| SourceMetadata |
High-level information about the managed rule group that your own rule group is copied from.
|
| StatefulEngineOptions |
Configuration settings for the handling of the stateful rule groups in a firewall policy.
|
| StatefulRule |
A single Suricata rules specification, for use in a stateful rule group.
|
| StatefulRuleGroupOverride |
The setting that allows the policy owner to change the behavior of the rule group within a policy.
|
| StatefulRuleGroupReference |
Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.
|
| StatefulRuleOptions |
Additional options governing how Network Firewall handles the rule group.
|
| StatelessRule |
A single stateless rule.
|
| StatelessRuleGroupReference |
Identifier for a single stateless rule group, used in a firewall policy to refer to the rule group.
|
| StatelessRulesAndCustomActions |
Stateless inspection criteria.
|
| SubnetMapping |
The ID for a subnet that you want to associate with the firewall.
|
| SyncState |
The status of the firewall endpoint and firewall policy configuration for a single VPC subnet.
|
| Tag |
A key:value pair associated with an Amazon Web Services resource.
|
| TagResourceRequest | |
| TagResourceResult | |
| TCPFlagField |
TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.
|
| TlsCertificateData |
Contains metadata about an Certificate Manager certificate.
|
| TLSInspectionConfiguration |
The object that defines a TLS inspection configuration.
|
| TLSInspectionConfigurationMetadata |
High-level information about a TLS inspection configuration, returned by
ListTLSInspectionConfigurations
. |
| TLSInspectionConfigurationResponse |
The high-level properties of a TLS inspection configuration.
|
| UntagResourceRequest | |
| UntagResourceResult | |
| UpdateFirewallDeleteProtectionRequest | |
| UpdateFirewallDeleteProtectionResult | |
| UpdateFirewallDescriptionRequest | |
| UpdateFirewallDescriptionResult | |
| UpdateFirewallEncryptionConfigurationRequest | |
| UpdateFirewallEncryptionConfigurationResult | |
| UpdateFirewallPolicyChangeProtectionRequest | |
| UpdateFirewallPolicyChangeProtectionResult | |
| UpdateFirewallPolicyRequest | |
| UpdateFirewallPolicyResult | |
| UpdateLoggingConfigurationRequest | |
| UpdateLoggingConfigurationResult | |
| UpdateRuleGroupRequest | |
| UpdateRuleGroupResult | |
| UpdateSubnetChangeProtectionRequest | |
| UpdateSubnetChangeProtectionResult | |
| UpdateTLSInspectionConfigurationRequest | |
| UpdateTLSInspectionConfigurationResult |
| Exception | Description |
|---|---|
| AWSNetworkFirewallException |
Base exception for all service exceptions thrown by AWS Network Firewall
|
| InsufficientCapacityException |
Amazon Web Services doesn't currently have enough available capacity to fulfill your request.
|
| InternalServerErrorException |
Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.
|
| InvalidOperationException |
The operation failed because it's not valid.
|
| InvalidRequestException |
The operation failed because of a problem with your request.
|
| InvalidResourcePolicyException |
The policy statement failed validation.
|
| InvalidTokenException |
The token you provided is stale or isn't valid for the operation.
|
| LimitExceededException |
Unable to perform the operation because doing so would violate a limit setting.
|
| LogDestinationPermissionException |
Unable to send logs to a configured logging destination.
|
| ResourceNotFoundException |
Unable to locate a resource using the parameters that you provided.
|
| ResourceOwnerCheckException |
Unable to change the resource because your account doesn't own it.
|
| ThrottlingException |
Unable to process the request due to throttling limitations.
|
| UnsupportedOperationException |
The operation you requested isn't supported by Network Firewall.
|