interface RulesSourceProperty
Language | Type name |
---|---|
![]() | Amazon.CDK.AWS.NetworkFirewall.CfnRuleGroup.RulesSourceProperty |
![]() | github.com/aws/aws-cdk-go/awscdk/v2/awsnetworkfirewall#CfnRuleGroup_RulesSourceProperty |
![]() | software.amazon.awscdk.services.networkfirewall.CfnRuleGroup.RulesSourceProperty |
![]() | aws_cdk.aws_networkfirewall.CfnRuleGroup.RulesSourceProperty |
![]() | aws-cdk-lib » aws_networkfirewall » CfnRuleGroup » RulesSourceProperty |
The stateless or stateful rules definitions for use in a single rule group.
Each rule group requires a single RulesSource
. You can use an instance of this for either stateless rules or stateful rules.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_networkfirewall as networkfirewall } from 'aws-cdk-lib';
const rulesSourceProperty: networkfirewall.CfnRuleGroup.RulesSourceProperty = {
rulesSourceList: {
generatedRulesType: 'generatedRulesType',
targets: ['targets'],
targetTypes: ['targetTypes'],
},
rulesString: 'rulesString',
statefulRules: [{
action: 'action',
header: {
destination: 'destination',
destinationPort: 'destinationPort',
direction: 'direction',
protocol: 'protocol',
source: 'source',
sourcePort: 'sourcePort',
},
ruleOptions: [{
keyword: 'keyword',
// the properties below are optional
settings: ['settings'],
}],
}],
statelessRulesAndCustomActions: {
statelessRules: [{
priority: 123,
ruleDefinition: {
actions: ['actions'],
matchAttributes: {
destinationPorts: [{
fromPort: 123,
toPort: 123,
}],
destinations: [{
addressDefinition: 'addressDefinition',
}],
protocols: [123],
sourcePorts: [{
fromPort: 123,
toPort: 123,
}],
sources: [{
addressDefinition: 'addressDefinition',
}],
tcpFlags: [{
flags: ['flags'],
// the properties below are optional
masks: ['masks'],
}],
},
},
}],
// the properties below are optional
customActions: [{
actionDefinition: {
publishMetricAction: {
dimensions: [{
value: 'value',
}],
},
},
actionName: 'actionName',
}],
},
};
Properties
Name | Type | Description |
---|---|---|
rules | IResolvable | Rules | Stateful inspection criteria for a domain list rule group. |
rules | string | Stateful inspection criteria, provided in Suricata compatible rules. |
stateful | IResolvable | IResolvable | Stateful [] | An array of individual stateful rules inspection criteria to be used together in a stateful rule group. |
stateless | IResolvable | Stateless | Stateless inspection criteria to be used in a stateless rule group. |
rulesSourceList?
Type:
IResolvable
|
Rules
(optional)
Stateful inspection criteria for a domain list rule group.
rulesString?
Type:
string
(optional)
Stateful inspection criteria, provided in Suricata compatible rules.
Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.
These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.
You can't use the
priority
keyword if theRuleOrder
option inStatefulRuleOptions
is set toSTRICT_ORDER
.
statefulRules?
Type:
IResolvable
|
IResolvable
|
Stateful
[]
(optional)
An array of individual stateful rules inspection criteria to be used together in a stateful rule group.
Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules
format, see Rules Format .
statelessRulesAndCustomActions?
Type:
IResolvable
|
Stateless
(optional)
Stateless inspection criteria to be used in a stateless rule group.