Class: Aws::NetworkFirewall::Types::RuleGroup
- Inherits:
-
Struct
- Object
- Struct
- Aws::NetworkFirewall::Types::RuleGroup
- Defined in:
- gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb
Overview
When making an API call, you may pass RuleGroup data as a hash:
{
rule_variables: {
ip_sets: {
"RuleVariableName" => {
definition: ["VariableDefinition"], # required
},
},
port_sets: {
"RuleVariableName" => {
definition: ["VariableDefinition"],
},
},
},
rules_source: { # required
rules_string: "RulesString",
rules_source_list: {
targets: ["CollectionMember_String"], # required
target_types: ["TLS_SNI"], # required, accepts TLS_SNI, HTTP_HOST
generated_rules_type: "ALLOWLIST", # required, accepts ALLOWLIST, DENYLIST
},
stateful_rules: [
{
action: "PASS", # required, accepts PASS, DROP, ALERT
header: { # required
protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
source: "Source", # required
source_port: "Port", # required
direction: "FORWARD", # required, accepts FORWARD, ANY
destination: "Destination", # required
destination_port: "Port", # required
},
rule_options: [ # required
{
keyword: "Keyword", # required
settings: ["Setting"],
},
],
},
],
stateless_rules_and_custom_actions: {
stateless_rules: [ # required
{
rule_definition: { # required
match_attributes: { # required
sources: [
{
address_definition: "AddressDefinition", # required
},
],
destinations: [
{
address_definition: "AddressDefinition", # required
},
],
source_ports: [
{
from_port: 1, # required
to_port: 1, # required
},
],
destination_ports: [
{
from_port: 1, # required
to_port: 1, # required
},
],
protocols: [1],
tcp_flags: [
{
flags: ["FIN"], # required, accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
masks: ["FIN"], # accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
},
],
},
actions: ["CollectionMember_String"], # required
},
priority: 1, # required
},
],
custom_actions: [
{
action_name: "ActionName", # required
action_definition: { # required
publish_metric_action: {
dimensions: [ # required
{
value: "DimensionValue", # required
},
],
},
},
},
],
},
},
stateful_rule_options: {
rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
},
}
The object that defines the rules in a rule group. This, along with RuleGroupResponse, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup.
Network Firewall uses a rule group to inspect and control network traffic. You define stateless rule groups to inspect individual packets and you define stateful rule groups to inspect packets in the context of their traffic flow.
To use a rule group, you include it by reference in an Network Firewall firewall policy, then you use the policy in a firewall. You can reference a rule group from more than one firewall policy, and you can use a firewall policy in more than one firewall.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#rule_variables ⇒ Types::RuleVariables
Settings that are available for use in the rules in the rule group.
-
#rules_source ⇒ Types::RulesSource
The stateful rules or stateless rules for the rule group.
-
#stateful_rule_options ⇒ Types::StatefulRuleOptions
Additional options governing how Network Firewall handles stateful rules.
Instance Attribute Details
#rule_variables ⇒ Types::RuleVariables
Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.
3244 3245 3246 3247 3248 3249 3250 |
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 3244 class RuleGroup < Struct.new( :rule_variables, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end |
#rules_source ⇒ Types::RulesSource
The stateful rules or stateless rules for the rule group.
3244 3245 3246 3247 3248 3249 3250 |
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 3244 class RuleGroup < Struct.new( :rule_variables, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end |
#stateful_rule_options ⇒ Types::StatefulRuleOptions
Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings.
3244 3245 3246 3247 3248 3249 3250 |
# File 'gems/aws-sdk-networkfirewall/lib/aws-sdk-networkfirewall/types.rb', line 3244 class RuleGroup < Struct.new( :rule_variables, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end |