NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig / NfwRuleGroupRuleConfig / NfwRuleVariableConfig

Network Firewall rule variable configuration. Use this configuration to define rule variable definitions for Network Firewall. Rule variables can be used in Suricata-compatible and domain list rule definitions. They are not supported in stateful rule IP header definitions.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html

Example

CURRENT SYNTAX: use the following syntax when defining new rule variables in v1.3.1 and newer. The additional example underneath is provided for backward compatibility.

ipSets:
- name: HOME_NET
definition: ['10.0.0.0/16']
portSets:
- name: HOME_NET
definition: ['80', '443']

THE BELOW EXAMPLE SYNTAX IS DEPRECATED: use the above syntax when defining new or more than one rule variable

ipSets:
name: HOME_NET
definition: ['10.0.0.0/16']
portSets:
name: HOME_NET
definition: ['80', '443']

Hierarchy

  • NfwRuleVariableConfig

Implements

Constructors

Properties

Constructors

Properties

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

Generated using TypeDoc