AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-NWFWRuleGroup-RuleGroupName <String>-Capacity <Int32>-StatelessRulesAndCustomActions_CustomAction <CustomAction[]>-Description <String>-DryRun <Boolean>-RulesSourceList_GeneratedRulesType <GeneratedRulesType>-RuleVariables_IPSet <Hashtable>-EncryptionConfiguration_KeyId <String>-RuleVariables_PortSet <Hashtable>-StatefulRuleOptions_RuleOrder <RuleOrder>-Rule <String>-RulesSource_RulesString <String>-SourceMetadata_SourceArn <String>-SourceMetadata_SourceUpdateToken <String>-RulesSource_StatefulRule <StatefulRule[]>-StatelessRulesAndCustomActions_StatelessRule <StatelessRule[]>-Tag <Tag[]>-RulesSourceList_Target <String[]>-RulesSourceList_TargetType <String[]>-EncryptionConfiguration_Type <EncryptionType>-Type <RuleGroupType>-Select <String>-PassThru <SwitchParameter>-Force <SwitchParameter>
RuleGroup
or Rules
. DryRun
set to TRUE
.You can't change or exceed this capacity when you update the rule group, so leave room for your rule group to grow. Capacity for a stateless rule groupFor a stateless rule group, the capacity required is the sum of the capacity requirements of the individual rules that you expect to have in the rule group. To calculate the capacity requirement of a single rule, multiply the capacity requirement values of each of the rule's match settings:Any
specified has a value of 1. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
TRUE
, Network Firewall checks whether the request can run successfully, but doesn't actually make the requested changes. The call returns the value that the request would return if you ran it with dry run set to FALSE
, but doesn't make additions or changes to your resources. This option allows you to make sure that you have the required permissions to run the request and that your request parameters are valid. If set to FALSE
, Network Firewall makes the requested changes to your resources. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
RuleGroup
setting, but not both. You can provide your rule group specification in Suricata flat format through this setting when you create or update your rule group. The call response returns a RuleGroup object that Network Firewall has populated from your string. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Rules |
Required? | True |
Position? | 1 |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_RulesString |
Rules
format, see Rules Format. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_StatefulRules |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_RulesSourceList_GeneratedRulesType |
abc.example.com
matches only the domain abc.example.com
..
'. For example,.example.com
matches example.com
and matches all subdomains of example.com
, such as abc.example.com
and www.example.com
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_RulesSourceList_Targets |
TLS_SNI
for HTTPS
. Specify HTTP_HOST
for HTTP
. You can specify either or both. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_RulesSourceList_TargetTypes |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RuleVariables_IPSets |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RuleVariables_PortSets |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
DEFAULT_ACTION_ORDER
is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the Network Firewall Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_StatefulRuleOptions_RuleOrder |
StatelessRulesAndCustomActions
specification. You name each custom action that you define, and then you can use it by name in your StatelessRuleRuleDefinitionActions
specification. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_StatelessRulesAndCustomActions_CustomActions |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RuleGroup_RulesSource_StatelessRulesAndCustomActions_StatelessRules |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | Tags |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
AWS Tools for PowerShell: 2.x.y.z