Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

RulesSource - AWS Network Firewall

RulesSource

The stateless or stateful rules definitions for use in a single rule group. Each rule group requires a single RulesSource. You can use an instance of this for either stateless rules or stateful rules.

Contents

RulesSourceList

Stateful inspection criteria for a domain list rule group.

Type: RulesSourceList object

Required: No

RulesString

Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.

These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.

Note

You can't use the priority keyword if the RuleOrder option in StatefulRuleOptions is set to STRICT_ORDER.

Type: String

Length Constraints: Minimum length of 0. Maximum length of 2000000.

Required: No

StatefulRules

An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format.

Type: Array of StatefulRule objects

Required: No

StatelessRulesAndCustomActions

Stateless inspection criteria to be used in a stateless rule group.

Type: StatelessRulesAndCustomActions object

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

PrivacySite termsCookie preferences
© 2025, Amazon Web Services, Inc. or its affiliates. All rights reserved.