Class NfwRuleVariableConfig

NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig / NfwRuleGroupRuleConfig / NfwRuleVariableConfig

Network Firewall rule variable configuration. Use this configuration to define rule variable definitions for Network Firewall. Rule variables can be used in Suricata-compatible and domain list rule definitions. They are not supported in stateful rule IP header definitions.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-networkfirewall-rulegroup-rulevariables.html

Example

CURRENT SYNTAX: use the following syntax when defining new rule variables in v1.3.1 and newer. The additional example underneath is provided for backward compatibility.

ipSets:
  - name: HOME_NET
    definition: ['10.0.0.0/16']
portSets:
  - name: HOME_NET
    definition: ['80', '443']

THE BELOW EXAMPLE SYNTAX IS DEPRECATED: use the above syntax when defining new or more than one rule variable

ipSets:
  name: HOME_NET
  definition: ['10.0.0.0/16']
portSets:
  name: HOME_NET
  definition: ['80', '443']

Hierarchy

  • NfwRuleVariableConfig

Implements

Constructors

constructor

Properties

ipSets portSets

Constructors

constructor

Properties

Readonly ipSets

ipSets: NfwRuleVariableDefinitionConfig | NfwRuleVariableDefinitionConfig[] = ...

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

Readonly portSets

portSets: NfwRuleVariableDefinitionConfig | NfwRuleVariableDefinitionConfig[] = ...

A Network Firewall rule variable definition configuration.

See

NfwRuleVariableDefinitionConfig

Settings

Member Visibility

Theme

Generated using TypeDoc