AWS::NetworkFirewall::FirewallPolicy StatefulRuleGroupOverride - Amazon CloudFormation
SyntaxProperties
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::NetworkFirewall::FirewallPolicy StatefulRuleGroupOverride

The setting that allows the policy owner to change the behavior of the rule group within a policy.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Action" : String
}

YAML

  Action: String

Properties

Action

The action that changes the rule group from DROP to ALERT. This only applies to managed rule groups.

Required: No

Type: String

Allowed values: DROP_TO_ALERT

Update requires: No interruption