Class DnsFirewallRuleGroupConfig

NetworkConfig / CentralNetworkServicesConfig / ResolverConfig / DnsFirewallRuleGroupConfig

Route 53 DNS firewall rule group configuration. Use this configuration to define a group of rules for your DNS firewall. Rule groups contain one to many rules that can be associated with VPCs in your environment. These rules allow you to define the behavior of your DNS firewall.

The following example creates a rule group that contains one rule entry. The rule blocks a list of custom domains contained in a file in the accelerator configuration repository. The rule group is shared to the entire organization.

Example

- name: accelerator-rule-group
  regions:
    - us-east-1
  rules:
    - name: accelerator-dns-rule
      action: BLOCK
      priority: 100
      blockResponse: NXDOMAIN
      customDomainList: path/to/domains.txt
  shareTargets:
    organizationalUnits:
      - Root
  tags: []

Hierarchy

  • DnsFirewallRuleGroupConfig

Implements

Constructors

constructor

Properties

name regions rules shareTargets tags

Constructors

constructor

Properties

Readonly name

name: string = ''

A friendly name for the DNS firewall rule group.

Remarks

CAUTION: Changing this property value after initial deployment causes the configuration to be recreated. Please be aware that any downstream dependencies may cause this property update to fail.

Readonly regions

regions: string[] = ...

The regions to deploy the rule group to.

See

Region

Readonly rules

rules: DnsFirewallRulesConfig[] = []

An array of DNS firewall rule configurations.

See

DnsFirewallRulesConfig

Readonly shareTargets

shareTargets: undefined | ShareTargets = undefined

(OPTIONAL) Resource Access Manager (RAM) share targets.

Remarks

Targets can be account names and/or organizational units. Targets must include the account(s)/OU(s) of any VPCs that the logging configuration will be associated with. You do not need to target the delegated admin account.

See

ShareTargets

Readonly tags

tags: undefined | Tag[] = undefined

An array of tags for the rule group.

Settings

Member Visibility

Theme

Generated using TypeDoc