Package software.amazon.awscdk.cfnpropertymixins.services.networkfirewall

Interface CfnRuleGroupPropsMixin.RulesSourceProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnRuleGroupPropsMixin.RulesSourceProperty.Jsii$Proxy

Enclosing class:

CfnRuleGroupPropsMixin

@Stability(Stable)
public static interface CfnRuleGroupPropsMixin.RulesSourceProperty
extends software.amazon.jsii.JsiiSerializable

The stateless or stateful rules definitions for use in a single rule group.

Each rule group requires a single RulesSource . You can use an instance of this for either stateless rules or stateful rules.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.cfnpropertymixins.services.networkfirewall.*;
 RulesSourceProperty rulesSourceProperty = RulesSourceProperty.builder()
         .rulesSourceList(RulesSourceListProperty.builder()
                 .generatedRulesType("generatedRulesType")
                 .targets(List.of("targets"))
                 .targetTypes(List.of("targetTypes"))
                 .build())
         .rulesString("rulesString")
         .statefulRules(List.of(StatefulRuleProperty.builder()
                 .action("action")
                 .header(HeaderProperty.builder()
                         .destination("destination")
                         .destinationPort("destinationPort")
                         .direction("direction")
                         .protocol("protocol")
                         .source("source")
                         .sourcePort("sourcePort")
                         .build())
                 .ruleOptions(List.of(RuleOptionProperty.builder()
                         .keyword("keyword")
                         .settings(List.of("settings"))
                         .build()))
                 .build()))
         .statelessRulesAndCustomActions(StatelessRulesAndCustomActionsProperty.builder()
                 .customActions(List.of(CustomActionProperty.builder()
                         .actionDefinition(ActionDefinitionProperty.builder()
                                 .publishMetricAction(PublishMetricActionProperty.builder()
                                         .dimensions(List.of(DimensionProperty.builder()
                                                 .value("value")
                                                 .build()))
                                         .build())
                                 .build())
                         .actionName("actionName")
                         .build()))
                 .statelessRules(List.of(StatelessRuleProperty.builder()
                         .priority(123)
                         .ruleDefinition(RuleDefinitionProperty.builder()
                                 .actions(List.of("actions"))
                                 .matchAttributes(MatchAttributesProperty.builder()
                                         .destinationPorts(List.of(PortRangeProperty.builder()
                                                 .fromPort(123)
                                                 .toPort(123)
                                                 .build()))
                                         .destinations(List.of(AddressProperty.builder()
                                                 .addressDefinition("addressDefinition")
                                                 .build()))
                                         .protocols(List.of(123))
                                         .sourcePorts(List.of(PortRangeProperty.builder()
                                                 .fromPort(123)
                                                 .toPort(123)
                                                 .build()))
                                         .sources(List.of(AddressProperty.builder()
                                                 .addressDefinition("addressDefinition")
                                                 .build()))
                                         .tcpFlags(List.of(TCPFlagFieldProperty.builder()
                                                 .flags(List.of("flags"))
                                                 .masks(List.of("masks"))
                                                 .build()))
                                         .build())
                                 .build())
                         .build()))
                 .build())
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnRuleGroupPropsMixin.RulesSourceProperty.Builder	A builder for CfnRuleGroupPropsMixin.RulesSourceProperty
static final class	CfnRuleGroupPropsMixin.RulesSourceProperty.Jsii$Proxy	An implementation for CfnRuleGroupPropsMixin.RulesSourceProperty

Method Summary

Modifier and Type	Method	Description
static CfnRuleGroupPropsMixin.RulesSourceProperty.Builder	builder()
default Object	getRulesSourceList()	Stateful inspection criteria for a domain list rule group.
default String	getRulesString()	Stateful inspection criteria, provided in Suricata compatible rules.
default Object	getStatefulRules()	An array of individual stateful rules inspection criteria to be used together in a stateful rule group.
default Object	getStatelessRulesAndCustomActions()	Stateless inspection criteria to be used in a stateless rule group.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getRulesSourceList

@Stability(Stable)
@Nullable
default Object getRulesSourceList()

Stateful inspection criteria for a domain list rule group.

Returns union: either IResolvable or CfnRuleGroupPropsMixin.RulesSourceListProperty

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-rulessourcelist

getRulesString

@Stability(Stable)
@Nullable
default String getRulesString()

Stateful inspection criteria, provided in Suricata compatible rules.

Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.

These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.

You can't use the priority keyword if the RuleOrder option in StatefulRuleOptions is set to STRICT_ORDER .

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-rulesstring

getStatefulRules

@Stability(Stable)
@Nullable
default Object getStatefulRules()

An array of individual stateful rules inspection criteria to be used together in a stateful rule group.

Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format .

Returns union: either IResolvable or Listinvalid input: '<'either IResolvable or CfnRuleGroupPropsMixin.StatefulRuleProperty>

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-statefulrules

getStatelessRulesAndCustomActions

@Stability(Stable)
@Nullable
default Object getStatelessRulesAndCustomActions()

Stateless inspection criteria to be used in a stateless rule group.

Returns union: either IResolvable or CfnRuleGroupPropsMixin.StatelessRulesAndCustomActionsProperty

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulessource.html#cfn-networkfirewall-rulegroup-rulessource-statelessrulesandcustomactions

builder

@Stability(Stable)
static CfnRuleGroupPropsMixin.RulesSourceProperty.Builder builder()

Returns:

a CfnRuleGroupPropsMixin.RulesSourceProperty.Builder of CfnRuleGroupPropsMixin.RulesSourceProperty