This is the new CloudFormation Template Reference Guide. Please update your bookmarks and links. For help getting started with CloudFormation, see the AWS CloudFormation User Guide.
AWS::Route53Resolver::FirewallRuleGroup FirewallRuleType
The rule-type configuration for a DNS Firewall rule. FirewallRuleType is a tagged union — exactly one member must be set per rule, and the member determines what the rule matches against. This shape is mutually exclusive with the top-level FirewallDomainListId and DnsThreatProtection fields on CreateFirewallRule and UpdateFirewallRule.
Call ListFirewallRuleTypes to discover which rule-type variants and which values within each variant are available in your account and Region.
Syntax
To declare this entity in your CloudFormation template, use the following syntax:
JSON
{ "FirewallAdvancedContentCategory" :FirewallAdvancedContentCategoryConfig, "FirewallAdvancedThreatCategory" :FirewallAdvancedThreatCategoryConfig}
YAML
FirewallAdvancedContentCategory:FirewallAdvancedContentCategoryConfigFirewallAdvancedThreatCategory:FirewallAdvancedThreatCategoryConfig
Properties
FirewallAdvancedContentCategory-
Configures the rule to match an AWS-managed content category (for example,
VIOLENCE_AND_HATE_SPEECH). See FirewallAdvancedContentCategoryConfig.Required: No
Type: FirewallAdvancedContentCategoryConfig
Update requires: No interruption
FirewallAdvancedThreatCategory-
Configures the rule to match an AWS-managed advanced threat category (for example,
PHISHING). See FirewallAdvancedThreatCategoryConfig.Required: No
Type: FirewallAdvancedThreatCategoryConfig
Update requires: No interruption
