AWS::NetworkFirewall::RuleGroup IPSetReference - AWS CloudFormation

AWS::NetworkFirewall::RuleGroup IPSetReference

Configures one or more IPSetReferences for a Suricata-compatible rule group. An IP set reference is a rule variable that references a resource that you create and manage in another AWS service, such as an Amazon VPC prefix list. Network Firewall IP set references enable you to dynamically update the contents of your rules. When you create, update, or delete the IP set you are referencing in your rule, Network Firewall automatically updates the rule's content with the changes. For more information about IP set references in Network Firewall, see Using IP set references in the Network Firewall Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "ReferenceArn" : String }

YAML

ReferenceArn: String

Properties

ReferenceArn

The Amazon Resource Name (ARN) of the resource to include in the AWS::NetworkFirewall::RuleGroup IPSetReference.

Required: No

Type: String

Pattern: ^(arn:aws.*)$

Minimum: 1

Maximum: 256

Update requires: No interruption