Class: Aws::Route53GlobalResolver::Types::CreateFirewallRuleInput

Inherits:

Struct

• Object
• Struct
• Aws::Route53GlobalResolver::Types::CreateFirewallRuleInput

Defined in:

gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb

Overview

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ String

  The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:.

• #block_override_dns_type ⇒ String

  The DNS record's type.

• #block_override_domain ⇒ String

  The custom DNS record to send back in response to the query.

• #block_override_ttl ⇒ Integer

  The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.

• #block_response ⇒ String

  The response to return when the action is BLOCK.

• #client_token ⇒ String

  A unique, case-sensitive identifier to ensure idempotency.

• #confidence_threshold ⇒ String

  The confidence threshold for advanced threat detection.

• #description ⇒ String

  An optional description for the firewall rule.

• #dns_advanced_protection ⇒ String

  Whether to enable advanced DNS threat protection for this rule.

• #dns_view_id ⇒ String

  The ID of the DNS view to associate with this firewall rule.

• #firewall_domain_list_id ⇒ String

  The ID of the firewall domain list to use in this rule.

• #name ⇒ String

  A descriptive name for the firewall rule.

• #priority ⇒ Integer

  The priority of this rule.

• #q_type ⇒ String

  The DNS query type to match for this rule.

Instance Attribute Details

#action ⇒ String

The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:

• ALLOW - Permit the request to go through.

• ALERT - Permit the request and send metrics and logs to CloudWatch.

• BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_dns_type ⇒ String

The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

This setting is required if the BlockResponse setting is OVERRIDE.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_domain ⇒ String

The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

This setting is required if the BlockResponse setting is OVERRIDE.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_ttl ⇒ Integer

The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

This setting is required if the BlockResponse setting is OVERRIDE.

Returns:

• (Integer)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_response ⇒ String

The response to return when the action is BLOCK. Valid values are NXDOMAIN (domain does not exist), NODATA (domain exists but no records), or OVERRIDE (return custom response).

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#client_token ⇒ String

A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same clientToken has the same result every time.

A suitable default value is auto-generated. You should normally not need to pass this option.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#confidence_threshold ⇒ String

The confidence threshold for advanced threat detection. Valid values are HIGH, MEDIUM, or LOW, indicating the accuracy level required for threat detection.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#description ⇒ String

An optional description for the firewall rule.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#dns_advanced_protection ⇒ String

Whether to enable advanced DNS threat protection for this rule. Advanced protection can detect and block DNS tunneling and Domain Generation Algorithm (DGA) threats.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#dns_view_id ⇒ String

The ID of the DNS view to associate with this firewall rule.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_domain_list_id ⇒ String

The ID of the firewall domain list to use in this rule.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#name ⇒ String

A descriptive name for the firewall rule.

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ Integer

The priority of this rule. Rules are evaluated in priority order, with lower numbers having higher priority. When a DNS query matches multiple rules, the rule with the highest priority (lowest number) is applied.

Returns:

• (Integer)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end

#q_type ⇒ String

The DNS query type to match for this rule. Examples include A (IPv4 address), AAAA (IPv6 address), MX (mail exchange), or TXT (text record).

Returns:

• (String)

# File 'gems/aws-sdk-route53globalresolver/lib/aws-sdk-route53globalresolver/types.rb', line 1341

class CreateFirewallRuleInput < Struct.new(
  :action,
  :block_override_dns_type,
  :block_override_domain,
  :block_override_ttl,
  :block_response,
  :client_token,
  :confidence_threshold,
  :description,
  :dns_advanced_protection,
  :firewall_domain_list_id,
  :name,
  :priority,
  :dns_view_id,
  :q_type)
  SENSITIVE = []
  include Aws::Structure
end