interface PolicyVariablesProperty
| Language | Type name |
|---|---|
 .NET | Amazon.CDK.AWS.NetworkFirewall.CfnFirewallPolicy.PolicyVariablesProperty |
 Go | github.com/aws/aws-cdk-go/awscdk/v2/awsnetworkfirewall#CfnFirewallPolicy_PolicyVariablesProperty |
 Java | software.amazon.awscdk.services.networkfirewall.CfnFirewallPolicy.PolicyVariablesProperty |
 Python | aws_cdk.aws_networkfirewall.CfnFirewallPolicy.PolicyVariablesProperty |
 TypeScript | aws-cdk-lib » aws_networkfirewall » CfnFirewallPolicy » PolicyVariablesProperty |
Contains variables that you can use to override default Suricata settings in your firewall policy.
Example
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_networkfirewall as networkfirewall } from 'aws-cdk-lib';
const policyVariablesProperty: networkfirewall.CfnFirewallPolicy.PolicyVariablesProperty = {
ruleVariables: {
ruleVariablesKey: {
definition: ['definition'],
},
},
};
Properties
| Name | Type | Description |
|---|---|---|
| rule | IResolvable | { [string]: IResolvable | IPSet } | The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata HOME_NET variable. |
ruleVariables?
Type:
IResolvable | { [string]: IResolvable | IPSet }
(optional)
The IPv4 or IPv6 addresses in CIDR notation to use for the Suricata HOME_NET variable.
If your firewall uses an inspection VPC, you might want to override the HOME_NET variable with the CIDRs of your home networks. If you don't override HOME_NET with your own CIDRs, Network Firewall by default uses the CIDR of your inspection VPC.