Route53GlobalResolver / Client / batch_create_firewall_rule

batch_create_firewall_rule

Route53GlobalResolver.Client.batch_create_firewall_rule(**kwargs)

Creates multiple DNS firewall rules in a single operation. This is more efficient than creating rules individually when you need to set up multiple rules at once.

Warning

Route 53 Global Resolver is a global service that supports resolvers in multiple Amazon Web Services Regions but you must specify the US East (Ohio) Region to create, update, or otherwise work with Route 53 Global Resolver resources. That is, for example, specify --region us-east-2 on Amazon Web Services CLI commands.

See also: AWS API Documentation

Request Syntax

response = client.batch_create_firewall_rule(
    firewallRules=[
        {
            'action': 'ALLOW'|'ALERT'|'BLOCK',
            'blockOverrideDnsType': 'CNAME',
            'blockOverrideDomain': 'string',
            'blockOverrideTtl': 123,
            'blockResponse': 'NODATA'|'NXDOMAIN'|'OVERRIDE',
            'clientToken': 'string',
            'confidenceThreshold': 'LOW'|'MEDIUM'|'HIGH',
            'description': 'string',
            'dnsAdvancedProtection': 'DGA'|'DNS_TUNNELING'|'DICTIONARY_DGA',
            'firewallDomainListId': 'string',
            'name': 'string',
            'priority': 123,
            'dnsViewId': 'string',
            'qType': 'string'
        },
    ]
)
Parameters:

firewallRules (list) –

[REQUIRED]

The BatchCreateFirewallRuleInputItem objects contain the information for each Firewall rule.

  • (dict) –

    Information about a DNS Firewall rule to create in a batch operation.

    • action (string) – [REQUIRED]

      The action to take when a DNS query matches the firewall rule.

    • blockOverrideDnsType (string) –

      The DNS record type for the custom response when the action is BLOCK.

    • blockOverrideDomain (string) –

      The custom domain name for the BLOCK response.

    • blockOverrideTtl (integer) –

      The TTL value for the custom response when the action is BLOCK.

    • blockResponse (string) –

      The type of block response to return when the action is BLOCK.

    • clientToken (string) – [REQUIRED]

      A unique string that identifies the request and ensures idempotency.

    • confidenceThreshold (string) –

      The confidence threshold for advanced threat detection.

    • description (string) –

      A description of the firewall rule.

    • dnsAdvancedProtection (string) –

      Whether to enable advanced DNS threat protection for the firewall rule.

    • firewallDomainListId (string) –

      The ID of the firewall domain list to associate with the rule.

    • name (string) – [REQUIRED]

      A name for the firewall rule.

    • priority (integer) –

      The priority of the firewall rule.

    • dnsViewId (string) – [REQUIRED]

      The ID of the DNS view to associate the firewall rule with.

    • qType (string) –

      The DNS query type that the firewall rule should match.

Return type:

dict

Returns:

Response Syntax

{
    'failures': [
        {
            'firewallRule': {
                'action': 'ALLOW'|'ALERT'|'BLOCK',
                'blockOverrideDnsType': 'CNAME',
                'blockOverrideDomain': 'string',
                'blockOverrideTtl': 123,
                'blockResponse': 'NODATA'|'NXDOMAIN'|'OVERRIDE',
                'clientToken': 'string',
                'confidenceThreshold': 'LOW'|'MEDIUM'|'HIGH',
                'createdAt': datetime(2015, 1, 1),
                'description': 'string',
                'dnsAdvancedProtection': 'DGA'|'DNS_TUNNELING'|'DICTIONARY_DGA',
                'firewallDomainListId': 'string',
                'id': 'string',
                'managedDomainListName': 'string',
                'name': 'string',
                'priority': 123,
                'dnsViewId': 'string',
                'queryType': 'string',
                'status': 'CREATING'|'OPERATIONAL'|'UPDATING'|'DELETING',
                'updatedAt': datetime(2015, 1, 1)
            },
            'code': 123,
            'message': 'string'
        },
    ],
    'successes': [
        {
            'firewallRule': {
                'action': 'ALLOW'|'ALERT'|'BLOCK',
                'blockOverrideDnsType': 'CNAME',
                'blockOverrideDomain': 'string',
                'blockOverrideTtl': 123,
                'blockResponse': 'NODATA'|'NXDOMAIN'|'OVERRIDE',
                'clientToken': 'string',
                'confidenceThreshold': 'LOW'|'MEDIUM'|'HIGH',
                'createdAt': datetime(2015, 1, 1),
                'description': 'string',
                'dnsAdvancedProtection': 'DGA'|'DNS_TUNNELING'|'DICTIONARY_DGA',
                'firewallDomainListId': 'string',
                'id': 'string',
                'managedDomainListName': 'string',
                'name': 'string',
                'priority': 123,
                'dnsViewId': 'string',
                'queryType': 'string',
                'status': 'CREATING'|'OPERATIONAL'|'UPDATING'|'DELETING',
                'updatedAt': datetime(2015, 1, 1)
            },
            'code': 123,
            'message': 'string'
        },
    ]
}

Response Structure

  • (dict) –

    • failures (list) –

      High level information about the DNS Firewall rules that failed to create.

      • (dict) –

        Information about the result of creating a DNS Firewall rule in a batch operation.

        • firewallRule (dict) –

          The firewall rule that was created in the batch operation.

          • action (string) –

            The action configured for the created firewall rule.

          • blockOverrideDnsType (string) –

            The DNS record type configured for the created firewall rule’s custom response.

          • blockOverrideDomain (string) –

            The custom domain name configured for the created firewall rule’s BLOCK response.

          • blockOverrideTtl (integer) –

            The TTL value configured for the created firewall rule’s custom response.

          • blockResponse (string) –

            The type of block response configured for the created firewall rule.

          • clientToken (string) –

            The unique string that identified the request and ensured idempotency.

          • confidenceThreshold (string) –

            The confidence threshold configured for the created firewall rule’s advanced threat detection.

          • createdAt (datetime) –

            The date and time when the firewall rule was created.

          • description (string) –

            The description of the created firewall rule.

          • dnsAdvancedProtection (string) –

            Whether advanced DNS threat protection is enabled for the created firewall rule.

          • firewallDomainListId (string) –

            The ID of the firewall domain list associated with the created firewall rule.

          • id (string) –

            The unique identifier of the created firewall rule.

          • managedDomainListName (string) –

            The name of the managed domain list associated with the created firewall rule.

          • name (string) –

            The name of the created firewall rule.

          • priority (integer) –

            The priority of the created firewall rule.

          • dnsViewId (string) –

            The ID of the DNS view associated with the created firewall rule.

          • queryType (string) –

            The DNS query type that the created firewall rule matches.

          • status (string) –

            The current status of the created firewall rule.

          • updatedAt (datetime) –

            The date and time when the firewall rule was last updated.

        • code (integer) –

          The HTTP response code for the batch operation result.

        • message (string) –

          A message describing the result of the batch operation, including error details if applicable.

    • successes (list) –

      High level information about the DNS Firewall rules that were created.

      • (dict) –

        Information about the result of creating a DNS Firewall rule in a batch operation.

        • firewallRule (dict) –

          The firewall rule that was created in the batch operation.

          • action (string) –

            The action configured for the created firewall rule.

          • blockOverrideDnsType (string) –

            The DNS record type configured for the created firewall rule’s custom response.

          • blockOverrideDomain (string) –

            The custom domain name configured for the created firewall rule’s BLOCK response.

          • blockOverrideTtl (integer) –

            The TTL value configured for the created firewall rule’s custom response.

          • blockResponse (string) –

            The type of block response configured for the created firewall rule.

          • clientToken (string) –

            The unique string that identified the request and ensured idempotency.

          • confidenceThreshold (string) –

            The confidence threshold configured for the created firewall rule’s advanced threat detection.

          • createdAt (datetime) –

            The date and time when the firewall rule was created.

          • description (string) –

            The description of the created firewall rule.

          • dnsAdvancedProtection (string) –

            Whether advanced DNS threat protection is enabled for the created firewall rule.

          • firewallDomainListId (string) –

            The ID of the firewall domain list associated with the created firewall rule.

          • id (string) –

            The unique identifier of the created firewall rule.

          • managedDomainListName (string) –

            The name of the managed domain list associated with the created firewall rule.

          • name (string) –

            The name of the created firewall rule.

          • priority (integer) –

            The priority of the created firewall rule.

          • dnsViewId (string) –

            The ID of the DNS view associated with the created firewall rule.

          • queryType (string) –

            The DNS query type that the created firewall rule matches.

          • status (string) –

            The current status of the created firewall rule.

          • updatedAt (datetime) –

            The date and time when the firewall rule was last updated.

        • code (integer) –

          The HTTP response code for the batch operation result.

        • message (string) –

          A message describing the result of the batch operation, including error details if applicable.

Exceptions

  • Route53GlobalResolver.Client.exceptions.InternalServerException

  • Route53GlobalResolver.Client.exceptions.ValidationException

  • Route53GlobalResolver.Client.exceptions.AccessDeniedException

  • Route53GlobalResolver.Client.exceptions.ThrottlingException