AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-NWFWFirewallPolicy-FirewallPolicyName <String>-Description <String>-DryRun <Boolean>-EncryptionConfiguration_KeyId <String>-StatefulEngineOptions_RuleOrder <RuleOrder>-FirewallPolicy_StatefulDefaultAction <String[]>-FirewallPolicy_StatefulRuleGroupReference <StatefulRuleGroupReference[]>-FirewallPolicy_StatelessCustomAction <CustomAction[]>-FirewallPolicy_StatelessDefaultAction <String[]>-FirewallPolicy_StatelessFragmentDefaultAction <String[]>-FirewallPolicy_StatelessRuleGroupReference <StatelessRuleGroupReference[]>-Tag <Tag[]>-EncryptionConfiguration_Type <EncryptionType>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
TRUE
, Network Firewall checks whether the request can run successfully, but doesn't actually make the requested changes. The call returns the value that the request would return if you ran it with dry run set to FALSE
, but doesn't make additions or changes to your resources. This option allows you to make sure that you have the required permissions to run the request and that your request parameters are valid. If set to FALSE
, Network Firewall makes the requested changes to your resources. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatefulDefaultActions |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatefulRuleGroupReferences |
StatelessDefaultActions
setting. You name each custom action that you define, and then you can use it by name in your default actions specifications. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatelessCustomActions |
aws:forward_to_sfe
. You must specify one of the standard actions: aws:pass
, aws:drop
, or aws:forward_to_sfe
. In addition, you can specify custom actions that are compatible with your standard section choice.For example, you could specify ["aws:pass"]
or you could specify ["aws:pass", “customActionName”]
. For information about compatibility, see the custom action descriptions under CustomAction. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatelessDefaultActions |
aws:forward_to_sfe
.You must specify one of the standard actions: aws:pass
, aws:drop
, or aws:forward_to_sfe
. In addition, you can specify custom actions that are compatible with your standard section choice.For example, you could specify ["aws:pass"]
or you could specify ["aws:pass", “customActionName”]
. For information about compatibility, see the custom action descriptions under CustomAction. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatelessFragmentDefaultActions |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatelessRuleGroupReferences |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
DEFAULT_ACTION_ORDER
is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | FirewallPolicy_StatefulEngineOptions_RuleOrder |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Tags |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
AWS Tools for PowerShell: 2.x.y.z