Interface INfwRuleVariableConfig

NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig / NfwRuleGroupRuleConfig / NfwRuleVariableConfig

Network Firewall rule variable configuration.

Description

Use this configuration to define rule variable definitions for Network Firewall. Rule variables can be used in Suricata-compatible and domain list rule definitions. They are not supported in stateful rule IP header definitions.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html

Example

CURRENT SYNTAX: use the following syntax when defining new rule variables in v1.3.1 and newer. The additional example underneath is provided for backward compatibility.

ipSets:
  - name: HOME_NET
    definition: ['10.0.0.0/16']
portSets:
  - name: HOME_NET
    definition: ['80', '443']

THE BELOW EXAMPLE SYNTAX IS DEPRECATED: use the above syntax when defining new or more than one rule variable

ipSets:
  name: HOME_NET
  definition: ['10.0.0.0/16']
portSets:
  name: HOME_NET
  definition: ['80', '443']
interface INfwRuleVariableConfig {
    ipSets: INfwRuleVariableDefinitionConfig | INfwRuleVariableDefinitionConfig[];
    portSets: INfwRuleVariableDefinitionConfig | INfwRuleVariableDefinitionConfig[];
}

Properties

ipSets portSets

Properties

ReadonlyipSets

ipSets: INfwRuleVariableDefinitionConfig | INfwRuleVariableDefinitionConfig[]

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

ReadonlyportSets

portSets: INfwRuleVariableDefinitionConfig | INfwRuleVariableDefinitionConfig[]

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

Settings

Member Visibility

On This Page

Properties