Class CfnRuleGroupProps
Properties for defining a CfnRuleGroup
.
Inheritance
Implements
Namespace: Amazon.CDK.AWS.NetworkFirewall
Assembly: Amazon.CDK.AWS.NetworkFirewall.dll
Syntax (csharp)
public class CfnRuleGroupProps : Object, ICfnRuleGroupProps
Syntax (vb)
Public Class CfnRuleGroupProps
Inherits Object
Implements ICfnRuleGroupProps
Remarks
ExampleMetadata: fixture=_generated
Examples
// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
using Amazon.CDK.AWS.NetworkFirewall;
var cfnRuleGroupProps = new CfnRuleGroupProps {
Capacity = 123,
RuleGroupName = "ruleGroupName",
Type = "type",
// the properties below are optional
Description = "description",
RuleGroup = new RuleGroupProperty {
RulesSource = new RulesSourceProperty {
RulesSourceList = new RulesSourceListProperty {
GeneratedRulesType = "generatedRulesType",
Targets = new [] { "targets" },
TargetTypes = new [] { "targetTypes" }
},
RulesString = "rulesString",
StatefulRules = new [] { new StatefulRuleProperty {
Action = "action",
Header = new HeaderProperty {
Destination = "destination",
DestinationPort = "destinationPort",
Direction = "direction",
Protocol = "protocol",
Source = "source",
SourcePort = "sourcePort"
},
RuleOptions = new [] { new RuleOptionProperty {
Keyword = "keyword",
// the properties below are optional
Settings = new [] { "settings" }
} }
} },
StatelessRulesAndCustomActions = new StatelessRulesAndCustomActionsProperty {
StatelessRules = new [] { new StatelessRuleProperty {
Priority = 123,
RuleDefinition = new RuleDefinitionProperty {
Actions = new [] { "actions" },
MatchAttributes = new MatchAttributesProperty {
DestinationPorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Destinations = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
Protocols = new [] { 123 },
SourcePorts = new [] { new PortRangeProperty {
FromPort = 123,
ToPort = 123
} },
Sources = new [] { new AddressProperty {
AddressDefinition = "addressDefinition"
} },
TcpFlags = new [] { new TCPFlagFieldProperty {
Flags = new [] { "flags" },
// the properties below are optional
Masks = new [] { "masks" }
} }
}
}
} },
// the properties below are optional
CustomActions = new [] { new CustomActionProperty {
ActionDefinition = new ActionDefinitionProperty {
PublishMetricAction = new PublishMetricActionProperty {
Dimensions = new [] { new DimensionProperty {
Value = "value"
} }
}
},
ActionName = "actionName"
} }
}
},
// the properties below are optional
ReferenceSets = new ReferenceSetsProperty {
IpSetReferences = new Dictionary<string, object> {
{ "ipSetReferencesKey", new Dictionary<string, string?> {
{ "referenceArn", "referenceArn" }
} }
}
},
RuleVariables = new RuleVariablesProperty {
IpSets = new Dictionary<string, object> {
{ "ipSetsKey", new Dictionary<string, string[]?> {
{ "definition", new [] { "definition" } }
} }
},
PortSets = new Dictionary<string, object> {
{ "portSetsKey", new PortSetProperty {
Definition = new [] { "definition" }
} }
}
},
StatefulRuleOptions = new StatefulRuleOptionsProperty {
RuleOrder = "ruleOrder"
}
},
Tags = new [] { new CfnTag {
Key = "key",
Value = "value"
} }
};
Synopsis
Constructors
CfnRuleGroupProps() |
Properties
Capacity | The maximum operating resources that this rule group can use. |
Description | A description of the rule group. |
RuleGroup | An object that defines the rule group rules. |
RuleGroupName | The descriptive name of the rule group. |
Tags | An array of key-value pairs to apply to this resource. |
Type | Indicates whether the rule group is stateless or stateful. |
Constructors
CfnRuleGroupProps()
public CfnRuleGroupProps()
Properties
Capacity
The maximum operating resources that this rule group can use.
public double Capacity { get; set; }
Property Value
System.Double
Remarks
You can't change a rule group's capacity setting after you create the rule group. When you update a rule group, you are limited to this capacity. When you reference a rule group from a firewall policy, Network Firewall reserves this capacity for the rule group.
Description
A description of the rule group.
public string Description { get; set; }
Property Value
System.String
Remarks
RuleGroup
An object that defines the rule group rules.
public object RuleGroup { get; set; }
Property Value
System.Object
Remarks
RuleGroupName
The descriptive name of the rule group.
public string RuleGroupName { get; set; }
Property Value
System.String
Remarks
You can't change the name of a rule group after you create it.
Tags
An array of key-value pairs to apply to this resource.
public ICfnTag[] Tags { get; set; }
Property Value
ICfnTag[]
Remarks
Type
Indicates whether the rule group is stateless or stateful.
public string Type { get; set; }
Property Value
System.String
Remarks
If the rule group is stateless, it contains stateless rules. If it is stateful, it contains stateful rules.