This is the new *Amazon CloudFormation Template Reference Guide*. Please update your bookmarks and links. For help getting started with CloudFormation, see the [Amazon CloudFormation User Guide](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/Welcome.html). # AWS::NetworkFirewall::RuleGroup RuleGroup The object that defines the rules in a rule group. Amazon Network Firewall uses a rule group to inspect and control network traffic. You define stateless rule groups to inspect individual packets and you define stateful rule groups to inspect packets in the context of their traffic flow. To use a rule group, you include it by reference in an Network Firewall firewall policy, then you use the policy in a firewall. You can reference a rule group from more than one firewall policy, and you can use a firewall policy in more than one firewall. ## Syntax To declare this entity in your Amazon CloudFormation template, use the following syntax: ### JSON ``` { "[ReferenceSets](#cfn-networkfirewall-rulegroup-rulegroup-referencesets)" : ReferenceSets, "[RulesSource](#cfn-networkfirewall-rulegroup-rulegroup-rulessource)" : RulesSource, "[RuleVariables](#cfn-networkfirewall-rulegroup-rulegroup-rulevariables)" : RuleVariables, "[StatefulRuleOptions](#cfn-networkfirewall-rulegroup-rulegroup-statefulruleoptions)" : StatefulRuleOptions } ``` ### YAML ``` [ReferenceSets](#cfn-networkfirewall-rulegroup-rulegroup-referencesets): ReferenceSets [RulesSource](#cfn-networkfirewall-rulegroup-rulegroup-rulessource): RulesSource [RuleVariables](#cfn-networkfirewall-rulegroup-rulegroup-rulevariables): RuleVariables [StatefulRuleOptions](#cfn-networkfirewall-rulegroup-rulegroup-statefulruleoptions): StatefulRuleOptions ``` ## Properties `ReferenceSets` The reference sets for the stateful rule group. *Required*: No *Type*: [ReferenceSets](aws-properties-networkfirewall-rulegroup-referencesets.md) *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `RulesSource` The stateful rules or stateless rules for the rule group. *Required*: Yes *Type*: [RulesSource](aws-properties-networkfirewall-rulegroup-rulessource.md) *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `RuleVariables` Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups. *Required*: No *Type*: [RuleVariables](aws-properties-networkfirewall-rulegroup-rulevariables.md) *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt) `StatefulRuleOptions` Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.amazonaws.cn/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *Amazon Network Firewall Developer Guide*. *Required*: No *Type*: [StatefulRuleOptions](aws-properties-networkfirewall-rulegroup-statefulruleoptions.md) *Update requires*: [No interruption](https://docs.amazonaws.cn/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-no-interrupt)