This is the new *CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [AWS CloudFormation User Guide](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::NetworkFirewall::RuleGroup RuleOption Additional settings for a stateful rule. ## Syntax To declare this entity in your CloudFormation template, use the following syntax: ### JSON ``` { "[Keyword](#cfn-networkfirewall-rulegroup-ruleoption-keyword)" : {{String}}, "[Settings](#cfn-networkfirewall-rulegroup-ruleoption-settings)" : {{[ String, ... ]}} } ``` ### YAML ``` [Keyword](#cfn-networkfirewall-rulegroup-ruleoption-keyword): {{String}} [Settings](#cfn-networkfirewall-rulegroup-ruleoption-settings): {{ - String}} ``` ## Properties `Keyword` The Suricata rule option keywords. For Network Firewall, the keyword signature ID (sid) is required in the format `sid:112233`. The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://suricata.readthedocs.io/en/suricata-7.0.8/rules/intro.html#rule-options). *Required*: Yes *Type*: String *Pattern*: `^.*$` *Minimum*: `1` *Maximum*: `128` *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `Settings` The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number`. For information about Suricata rule option settings, see [Rule options](https://suricata.readthedocs.io/en/suricata-7.0.8/rules/intro.html#rule-options). *Required*: No *Type*: Array of String *Update requires*: [No interruption](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)