AWS::NetworkFirewall::RuleGroup IPSetReference

Configures one or more IPSetReferences for a Suricata-compatible rule group. An IP set reference is a rule variable that references a resource that you create and manage in another AWS service, such as an Amazon VPC prefix list. Network Firewall IP set references enable you to dynamically update the contents of your rules. When you create, update, or delete the IP set you are referencing in your rule, Network Firewall automatically updates the rule's content with the changes. For more information about IP set references in Network Firewall, see Using IP set references in the Network Firewall Developer Guide.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON


{
  "ReferenceArn" : String
}

YAML


  ReferenceArn: String

Properties

ReferenceArn

The Amazon Resource Name (ARN) of the resource to include in the AWS::NetworkFirewall::RuleGroup IPSetReference.

Required: No

Type: String

Pattern: ^(arn:aws.*)$

Minimum: 1

Maximum: 256

Update requires: No interruption

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

IPSet

MatchAttributes