StatefulRuleGroup
Amazon Network Firewall stateful rule group, used in a NetworkFirewallPolicyDescription.
Contents
- Override
-
The action that allows the policy owner to override the behavior of the rule group within a policy.
Type: NetworkFirewallStatefulRuleGroupOverride object
Required: No
- Priority
-
An integer setting that indicates the order in which to run the stateful rule groups in a single Network Firewall firewall policy. This setting only applies to firewall policies that specify the
STRICT_ORDER
rule order in the stateful engine options settings.Network Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy. For information about
You can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.
Type: Integer
Required: No
- ResourceId
-
The resource ID of the rule group.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 1024.
Pattern:
^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
Required: No
- RuleGroupName
-
The name of the rule group.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern:
^[a-zA-Z0-9-]+$
Required: No
See Also
For more information about using this API in one of the language-specific Amazon SDKs, see the following: