AWS Native v0.63.0, May 25 23

AWS Native v0.63.0, May 25 23

aws-native.networkfirewall.RuleGroup

Explore with Pulumi AI

Resource type definition for AWS::NetworkFirewall::RuleGroup

Create RuleGroup Resource

new RuleGroup(name: string, args: RuleGroupArgs, opts?: CustomResourceOptions);

@overload
def RuleGroup(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              capacity: Optional[int] = None,
              description: Optional[str] = None,
              rule_group: Optional[RuleGroupArgs] = None,
              rule_group_name: Optional[str] = None,
              tags: Optional[Sequence[RuleGroupTagArgs]] = None,
              type: Optional[RuleGroupTypeEnum] = None)
@overload
def RuleGroup(resource_name: str,
              args: RuleGroupInitArgs,
              opts: Optional[ResourceOptions] = None)

func NewRuleGroup(ctx *Context, name string, args RuleGroupArgs, opts ...ResourceOption) (*RuleGroup, error)

public RuleGroup(string name, RuleGroupArgs args, CustomResourceOptions? opts = null)

public RuleGroup(String name, RuleGroupArgs args)
public RuleGroup(String name, RuleGroupArgs args, CustomResourceOptions options)

type: aws-native:networkfirewall:RuleGroup
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RuleGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args RuleGroupInitArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args RuleGroupArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args RuleGroupArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args RuleGroupArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

RuleGroup Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The RuleGroup resource accepts the following input properties:

Capacity int
Type Pulumi.AwsNative.NetworkFirewall.RuleGroupTypeEnum
Description string
RuleGroupName string
RuleGroupValue Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupArgs
Tags List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupTagArgs>

Capacity int
Type RuleGroupTypeEnum
Description string
RuleGroup RuleGroupTypeArgs
RuleGroupName string
Tags []RuleGroupTagArgs

capacity Integer
type RuleGroupTypeEnum
description String
ruleGroup RuleGroupArgs
ruleGroupName String
tags List<RuleGroupTagArgs>

capacity number
type RuleGroupTypeEnum
description string
ruleGroup RuleGroupArgs
ruleGroupName string
tags RuleGroupTagArgs[]

capacity int
type RuleGroupTypeEnum
description str
rule_group RuleGroupArgs
rule_group_name str
tags Sequence[RuleGroupTagArgs]

capacity Number
type "STATELESS" | "STATEFUL"
description String
ruleGroup Property Map
ruleGroupName String
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the RuleGroup resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
RuleGroupArn string
RuleGroupId string

Id string: The provider-assigned unique ID for this managed resource.
RuleGroupArn string
RuleGroupId string

id String: The provider-assigned unique ID for this managed resource.
ruleGroupArn String
ruleGroupId String

id string: The provider-assigned unique ID for this managed resource.
ruleGroupArn string
ruleGroupId string

id str: The provider-assigned unique ID for this managed resource.
rule_group_arn str
rule_group_id str

id String: The provider-assigned unique ID for this managed resource.
ruleGroupArn String
ruleGroupId String

Supporting Types

RuleGroup

RulesSource Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupRulesSource
ReferenceSets Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupReferenceSets
RuleVariables Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupRuleVariables
StatefulRuleOptions Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupStatefulRuleOptions

RulesSource RuleGroupRulesSource
ReferenceSets RuleGroupReferenceSets
RuleVariables RuleGroupRuleVariables
StatefulRuleOptions RuleGroupStatefulRuleOptions

rulesSource RuleGroupRulesSource
referenceSets RuleGroupReferenceSets
ruleVariables RuleGroupRuleVariables
statefulRuleOptions RuleGroupStatefulRuleOptions

rulesSource RuleGroupRulesSource
referenceSets RuleGroupReferenceSets
ruleVariables RuleGroupRuleVariables
statefulRuleOptions RuleGroupStatefulRuleOptions

rules_source RuleGroupRulesSource
reference_sets RuleGroupReferenceSets
rule_variables RuleGroupRuleVariables
stateful_rule_options RuleGroupStatefulRuleOptions

rulesSource Property Map
referenceSets Property Map
ruleVariables Property Map
statefulRuleOptions Property Map

RuleGroupActionDefinition

PublishMetricAction Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupPublishMetricAction

PublishMetricAction RuleGroupPublishMetricAction

publishMetricAction RuleGroupPublishMetricAction

publishMetricAction RuleGroupPublishMetricAction

publish_metric_action RuleGroupPublishMetricAction

publishMetricAction Property Map

RuleGroupAddress

AddressDefinition string

AddressDefinition string

addressDefinition String

addressDefinition string

address_definition str

addressDefinition String

RuleGroupCustomAction

ActionDefinition Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupActionDefinition
ActionName string

ActionDefinition RuleGroupActionDefinition
ActionName string

actionDefinition RuleGroupActionDefinition
actionName String

actionDefinition RuleGroupActionDefinition
actionName string

action_definition RuleGroupActionDefinition
action_name str

actionDefinition Property Map
actionName String

RuleGroupDimension

Value string

Value string

value String

value string

value str

value String

RuleGroupGeneratedRulesType

Allowlist: ALLOWLIST
Denylist: DENYLIST

RuleGroupGeneratedRulesTypeAllowlist: ALLOWLIST
RuleGroupGeneratedRulesTypeDenylist: DENYLIST

Allowlist: ALLOWLIST
Denylist: DENYLIST

Allowlist: ALLOWLIST
Denylist: DENYLIST

ALLOWLIST: ALLOWLIST
DENYLIST: DENYLIST

"ALLOWLIST": ALLOWLIST
"DENYLIST": DENYLIST

RuleGroupHeader

Destination string
DestinationPort string
Direction Pulumi.AwsNative.NetworkFirewall.RuleGroupHeaderDirection
Protocol Pulumi.AwsNative.NetworkFirewall.RuleGroupHeaderProtocol
Source string
SourcePort string

Destination string
DestinationPort string
Direction RuleGroupHeaderDirection
Protocol RuleGroupHeaderProtocol
Source string
SourcePort string

destination String
destinationPort String
direction RuleGroupHeaderDirection
protocol RuleGroupHeaderProtocol
source String
sourcePort String

destination string
destinationPort string
direction RuleGroupHeaderDirection
protocol RuleGroupHeaderProtocol
source string
sourcePort string

destination str
destination_port str
direction RuleGroupHeaderDirection
protocol RuleGroupHeaderProtocol
source str
source_port str

destination String
destinationPort String
direction "FORWARD" | "ANY"
protocol "IP" | "TCP" | "UDP" | "ICMP" | "HTTP" | "FTP" | "TLS" | "SMB" | "DNS" | "DCERPC" | "SSH" | "SMTP" | "IMAP" | "MSN" | "KRB5" | "IKEV2" | "TFTP" | "NTP" | "DHCP"
source String
sourcePort String

RuleGroupHeaderDirection

Forward: FORWARD
Any: ANY

RuleGroupHeaderDirectionForward: FORWARD
RuleGroupHeaderDirectionAny: ANY

Forward: FORWARD
Any: ANY

Forward: FORWARD
Any: ANY

FORWARD: FORWARD
ANY: ANY

"FORWARD": FORWARD
"ANY": ANY

RuleGroupHeaderProtocol

Ip: IP
Tcp: TCP
Udp: UDP
Icmp: ICMP
Http: HTTP
Ftp: FTP
Tls: TLS
Smb: SMB
Dns: DNS
Dcerpc: DCERPC
Ssh: SSH
Smtp: SMTP
Imap: IMAP
Msn: MSN
Krb5: KRB5
Ikev2: IKEV2
Tftp: TFTP
Ntp: NTP
Dhcp: DHCP

RuleGroupHeaderProtocolIp: IP
RuleGroupHeaderProtocolTcp: TCP
RuleGroupHeaderProtocolUdp: UDP
RuleGroupHeaderProtocolIcmp: ICMP
RuleGroupHeaderProtocolHttp: HTTP
RuleGroupHeaderProtocolFtp: FTP
RuleGroupHeaderProtocolTls: TLS
RuleGroupHeaderProtocolSmb: SMB
RuleGroupHeaderProtocolDns: DNS
RuleGroupHeaderProtocolDcerpc: DCERPC
RuleGroupHeaderProtocolSsh: SSH
RuleGroupHeaderProtocolSmtp: SMTP
RuleGroupHeaderProtocolImap: IMAP
RuleGroupHeaderProtocolMsn: MSN
RuleGroupHeaderProtocolKrb5: KRB5
RuleGroupHeaderProtocolIkev2: IKEV2
RuleGroupHeaderProtocolTftp: TFTP
RuleGroupHeaderProtocolNtp: NTP
RuleGroupHeaderProtocolDhcp: DHCP

Ip: IP
Tcp: TCP
Udp: UDP
Icmp: ICMP
Http: HTTP
Ftp: FTP
Tls: TLS
Smb: SMB
Dns: DNS
Dcerpc: DCERPC
Ssh: SSH
Smtp: SMTP
Imap: IMAP
Msn: MSN
Krb5: KRB5
Ikev2: IKEV2
Tftp: TFTP
Ntp: NTP
Dhcp: DHCP

Ip: IP
Tcp: TCP
Udp: UDP
Icmp: ICMP
Http: HTTP
Ftp: FTP
Tls: TLS
Smb: SMB
Dns: DNS
Dcerpc: DCERPC
Ssh: SSH
Smtp: SMTP
Imap: IMAP
Msn: MSN
Krb5: KRB5
Ikev2: IKEV2
Tftp: TFTP
Ntp: NTP
Dhcp: DHCP

IP: IP
TCP: TCP
UDP: UDP
ICMP: ICMP
HTTP: HTTP
FTP: FTP
TLS: TLS
SMB: SMB
DNS: DNS
DCERPC: DCERPC
SSH: SSH
SMTP: SMTP
IMAP: IMAP
MSN: MSN
KRB5: KRB5
IKEV2: IKEV2
TFTP: TFTP
NTP: NTP
DHCP: DHCP

"IP": IP
"TCP": TCP
"UDP": UDP
"ICMP": ICMP
"HTTP": HTTP
"FTP": FTP
"TLS": TLS
"SMB": SMB
"DNS": DNS
"DCERPC": DCERPC
"SSH": SSH
"SMTP": SMTP
"IMAP": IMAP
"MSN": MSN
"KRB5": KRB5
"IKEV2": IKEV2
"TFTP": TFTP
"NTP": NTP
"DHCP": DHCP

RuleGroupMatchAttributes

DestinationPorts List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupPortRange>
Destinations List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupAddress>
Protocols List<int>
SourcePorts List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupPortRange>
Sources List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupAddress>
TCPFlags List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupTCPFlagField>

DestinationPorts []RuleGroupPortRange
Destinations []RuleGroupAddress
Protocols []int
SourcePorts []RuleGroupPortRange
Sources []RuleGroupAddress
TCPFlags []RuleGroupTCPFlagField

destinationPorts List<RuleGroupPortRange>
destinations List<RuleGroupAddress>
protocols List<Integer>
sourcePorts List<RuleGroupPortRange>
sources List<RuleGroupAddress>
tCPFlags List<RuleGroupTCPFlagField>

destinationPorts RuleGroupPortRange[]
destinations RuleGroupAddress[]
protocols number[]
sourcePorts RuleGroupPortRange[]
sources RuleGroupAddress[]
tCPFlags RuleGroupTCPFlagField[]

destination_ports Sequence[RuleGroupPortRange]
destinations Sequence[RuleGroupAddress]
protocols Sequence[int]
source_ports Sequence[RuleGroupPortRange]
sources Sequence[RuleGroupAddress]
t_cp_flags Sequence[RuleGroupTCPFlagField]

destinationPorts List<Property Map>
destinations List<Property Map>
protocols List<Number>
sourcePorts List<Property Map>
sources List<Property Map>
tCPFlags List<Property Map>

RuleGroupPortRange

FromPort int
ToPort int

FromPort int
ToPort int

fromPort Integer
toPort Integer

fromPort number
toPort number

from_port int
to_port int

fromPort Number
toPort Number

RuleGroupPublishMetricAction

Dimensions List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupDimension>

Dimensions []RuleGroupDimension

dimensions List<RuleGroupDimension>

dimensions RuleGroupDimension[]

dimensions Sequence[RuleGroupDimension]

dimensions List<Property Map>

RuleGroupReferenceSets

IPSetReferences object

IPSetReferences interface{}

iPSetReferences Object

iPSetReferences any

i_p_set_references Any

iPSetReferences Any

RuleGroupRuleDefinition

Actions List<string>
MatchAttributes Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupMatchAttributes

Actions []string
MatchAttributes RuleGroupMatchAttributes

actions List<String>
matchAttributes RuleGroupMatchAttributes

actions string[]
matchAttributes RuleGroupMatchAttributes

actions Sequence[str]
match_attributes RuleGroupMatchAttributes

actions List<String>
matchAttributes Property Map

RuleGroupRuleOption

Keyword string
Settings List<string>

Keyword string
Settings []string

keyword String
settings List<String>

keyword string
settings string[]

keyword str
settings Sequence[str]

keyword String
settings List<String>

RuleGroupRuleOrder

DefaultActionOrder: DEFAULT_ACTION_ORDER
StrictOrder: STRICT_ORDER

RuleGroupRuleOrderDefaultActionOrder: DEFAULT_ACTION_ORDER
RuleGroupRuleOrderStrictOrder: STRICT_ORDER

DefaultActionOrder: DEFAULT_ACTION_ORDER
StrictOrder: STRICT_ORDER

DefaultActionOrder: DEFAULT_ACTION_ORDER
StrictOrder: STRICT_ORDER

DEFAULT_ACTION_ORDER: DEFAULT_ACTION_ORDER
STRICT_ORDER: STRICT_ORDER

"DEFAULT_ACTION_ORDER": DEFAULT_ACTION_ORDER
"STRICT_ORDER": STRICT_ORDER

RuleGroupRuleVariables

IPSets object
PortSets object

IPSets interface{}
PortSets interface{}

iPSets Object
portSets Object

iPSets any
portSets any

i_p_sets Any
port_sets Any

iPSets Any
portSets Any

RuleGroupRulesSource

RulesSourceList Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupRulesSourceList
RulesString string
StatefulRules List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupStatefulRule>
StatelessRulesAndCustomActions Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupStatelessRulesAndCustomActions

RulesSourceList RuleGroupRulesSourceList
RulesString string
StatefulRules []RuleGroupStatefulRule
StatelessRulesAndCustomActions RuleGroupStatelessRulesAndCustomActions

rulesSourceList RuleGroupRulesSourceList
rulesString String
statefulRules List<RuleGroupStatefulRule>
statelessRulesAndCustomActions RuleGroupStatelessRulesAndCustomActions

rulesSourceList RuleGroupRulesSourceList
rulesString string
statefulRules RuleGroupStatefulRule[]
statelessRulesAndCustomActions RuleGroupStatelessRulesAndCustomActions

rules_source_list RuleGroupRulesSourceList
rules_string str
stateful_rules Sequence[RuleGroupStatefulRule]
stateless_rules_and_custom_actions RuleGroupStatelessRulesAndCustomActions

rulesSourceList Property Map
rulesString String
statefulRules List<Property Map>
statelessRulesAndCustomActions Property Map

RuleGroupRulesSourceList

GeneratedRulesType Pulumi.AwsNative.NetworkFirewall.RuleGroupGeneratedRulesType
TargetTypes List<Pulumi.AwsNative.NetworkFirewall.RuleGroupTargetType>
Targets List<string>

GeneratedRulesType RuleGroupGeneratedRulesType
TargetTypes []RuleGroupTargetType
Targets []string

generatedRulesType RuleGroupGeneratedRulesType
targetTypes List<RuleGroupTargetType>
targets List<String>

generatedRulesType RuleGroupGeneratedRulesType
targetTypes RuleGroupTargetType[]
targets string[]

generated_rules_type RuleGroupGeneratedRulesType
target_types Sequence[RuleGroupTargetType]
targets Sequence[str]

generatedRulesType "ALLOWLIST" | "DENYLIST"
targetTypes List<"TLS_SNI" | "HTTP_HOST">
targets List<String>

RuleGroupStatefulRule

Action Pulumi.AwsNative.NetworkFirewall.RuleGroupStatefulRuleAction
Header Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupHeader
RuleOptions List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupRuleOption>

Action RuleGroupStatefulRuleAction
Header RuleGroupHeader
RuleOptions []RuleGroupRuleOption

action RuleGroupStatefulRuleAction
header RuleGroupHeader
ruleOptions List<RuleGroupRuleOption>

action RuleGroupStatefulRuleAction
header RuleGroupHeader
ruleOptions RuleGroupRuleOption[]

action RuleGroupStatefulRuleAction
header RuleGroupHeader
rule_options Sequence[RuleGroupRuleOption]

action "PASS" | "DROP" | "ALERT" | "REJECT"
header Property Map
ruleOptions List<Property Map>

RuleGroupStatefulRuleAction

Pass: PASS
Drop: DROP
Alert: ALERT
Reject: REJECT

RuleGroupStatefulRuleActionPass: PASS
RuleGroupStatefulRuleActionDrop: DROP
RuleGroupStatefulRuleActionAlert: ALERT
RuleGroupStatefulRuleActionReject: REJECT

Pass: PASS
Drop: DROP
Alert: ALERT
Reject: REJECT

Pass: PASS
Drop: DROP
Alert: ALERT
Reject: REJECT

PASS_: PASS
DROP: DROP
ALERT: ALERT
REJECT: REJECT

"PASS": PASS
"DROP": DROP
"ALERT": ALERT
"REJECT": REJECT

RuleGroupStatefulRuleOptions

RuleOrder Pulumi.AwsNative.NetworkFirewall.RuleGroupRuleOrder

RuleOrder RuleGroupRuleOrder

ruleOrder RuleGroupRuleOrder

ruleOrder RuleGroupRuleOrder

rule_order RuleGroupRuleOrder

ruleOrder "DEFAULT_ACTION_ORDER" | "STRICT_ORDER"

RuleGroupStatelessRule

Priority int
RuleDefinition Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupRuleDefinition

Priority int
RuleDefinition RuleGroupRuleDefinition

priority Integer
ruleDefinition RuleGroupRuleDefinition

priority number
ruleDefinition RuleGroupRuleDefinition

priority int
rule_definition RuleGroupRuleDefinition

priority Number
ruleDefinition Property Map

RuleGroupStatelessRulesAndCustomActions

StatelessRules List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupStatelessRule>
CustomActions List<Pulumi.AwsNative.NetworkFirewall.Inputs.RuleGroupCustomAction>

StatelessRules []RuleGroupStatelessRule
CustomActions []RuleGroupCustomAction

statelessRules List<RuleGroupStatelessRule>
customActions List<RuleGroupCustomAction>

statelessRules RuleGroupStatelessRule[]
customActions RuleGroupCustomAction[]

stateless_rules Sequence[RuleGroupStatelessRule]
custom_actions Sequence[RuleGroupCustomAction]

statelessRules List<Property Map>
customActions List<Property Map>

RuleGroupTCPFlag

Fin: FIN
Syn: SYN
Rst: RST
Psh: PSH
Ack: ACK
Urg: URG
Ece: ECE
Cwr: CWR

RuleGroupTCPFlagFin: FIN
RuleGroupTCPFlagSyn: SYN
RuleGroupTCPFlagRst: RST
RuleGroupTCPFlagPsh: PSH
RuleGroupTCPFlagAck: ACK
RuleGroupTCPFlagUrg: URG
RuleGroupTCPFlagEce: ECE
RuleGroupTCPFlagCwr: CWR

Fin: FIN
Syn: SYN
Rst: RST
Psh: PSH
Ack: ACK
Urg: URG
Ece: ECE
Cwr: CWR

Fin: FIN
Syn: SYN
Rst: RST
Psh: PSH
Ack: ACK
Urg: URG
Ece: ECE
Cwr: CWR

FIN: FIN
SYN: SYN
RST: RST
PSH: PSH
ACK: ACK
URG: URG
ECE: ECE
CWR: CWR

"FIN": FIN
"SYN": SYN
"RST": RST
"PSH": PSH
"ACK": ACK
"URG": URG
"ECE": ECE
"CWR": CWR

RuleGroupTCPFlagField

Flags List<Pulumi.AwsNative.NetworkFirewall.RuleGroupTCPFlag>
Masks List<Pulumi.AwsNative.NetworkFirewall.RuleGroupTCPFlag>

Flags []RuleGroupTCPFlag
Masks []RuleGroupTCPFlag

flags List<RuleGroupTCPFlag>
masks List<RuleGroupTCPFlag>

flags RuleGroupTCPFlag[]
masks RuleGroupTCPFlag[]

flags Sequence[RuleGroupTCPFlag]
masks Sequence[RuleGroupTCPFlag]

flags List<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">
masks List<"FIN" | "SYN" | "RST" | "PSH" | "ACK" | "URG" | "ECE" | "CWR">

RuleGroupTag

Key string
Value string

Key string
Value string

key String
value String

key string
value string

key str
value str

key String
value String

RuleGroupTargetType

TlsSni: TLS_SNI
HttpHost: HTTP_HOST

RuleGroupTargetTypeTlsSni: TLS_SNI
RuleGroupTargetTypeHttpHost: HTTP_HOST

TlsSni: TLS_SNI
HttpHost: HTTP_HOST

TlsSni: TLS_SNI
HttpHost: HTTP_HOST

TLS_SNI: TLS_SNI
HTTP_HOST: HTTP_HOST

"TLS_SNI": TLS_SNI
"HTTP_HOST": HTTP_HOST

RuleGroupTypeEnum

Stateless: STATELESS
Stateful: STATEFUL

RuleGroupTypeEnumStateless: STATELESS
RuleGroupTypeEnumStateful: STATEFUL

Stateless: STATELESS
Stateful: STATEFUL

Stateless: STATELESS
Stateful: STATEFUL

STATELESS: STATELESS
STATEFUL: STATEFUL

"STATELESS": STATELESS
"STATEFUL": STATEFUL

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0