Class NfwRuleGroupConfig

NetworkConfig / CentralNetworkServicesConfig / NfwConfig / NfwRuleGroupConfig

Network Firewall rule group configuration. Used to define a rule group for Network Firewall.

See

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html

Example

Stateful rule group:

- name: accelerator-stateful-group
  regions:
    - us-east-1
  capacity: 100
  type: STATEFUL
  ruleGroup:
    rulesSource:
      rulesFile: path/to/rules.txt
  shareTargets:
    organizationalUnits:
      - Root
  tags: []

Stateless rule group:

- name: accelerator-stateless-group
  regions:
    - us-east-1
  capacity: 100
  type: STATELESS
  ruleGroup:
    rulesSource:
      statelessRulesAndCustomActions:
        statelessRules:
          - priority: 100
            ruleDefinition:
              actions: ['aws:pass']
              matchAttributes:
                sources:
                  - 10.1.0.0/16
                sourcePorts:
                  - fromPort: 1024
                    toPort: 65535
                destinations:
                  - 10.0.0.0/16
                destinationPorts:
                  - fromPort: 22
                    toPort: 22
  shareTargets:
    organizationalUnits:
      - Root
  tags: []

Hierarchy

  • NfwRuleGroupConfig

Implements

Constructors

constructor

Properties

capacity description name regions ruleGroup shareTargets tags type

Constructors

constructor

Properties

Readonly capacity

capacity: number = 123

The capacity of the rule group.

Readonly description

description: undefined | string = undefined

A description for the rule group.

Readonly name

name: string = ''

A friendly name for the rule group.

Readonly regions

regions: ("af-south-1" | "ap-east-1" | "ap-south-1" | "ap-southeast-1" | "ap-southeast-2" | "ap-southeast-3" | "ap-northeast-1" | "ap-northeast-2" | "ap-northeast-3" | "ca-central-1" | "eu-central-1" | "eu-west-1" | "eu-west-2" | "eu-west-3" | "eu-north-1" | "eu-south-1" | "eu-south-2" | "me-central-1" | "me-south-1" | "sa-east-1" | "us-east-1" | "us-east-2" | "us-west-1" | "us-west-2" | "cn-north-1" | "cn-northwest-1" | "eu-central-2" | "ap-south-2" | "us-gov-west-1" | "us-gov-east-1" | "us-iso-east-1" | "us-iso-west-1" | "us-isob-east-1" | "ap-southeast-4")[] = []

The regions to deploy the rule group to.

See

t.Region

Readonly ruleGroup

ruleGroup: undefined | NfwRuleGroupRuleConfig = undefined

A Network Firewall rule group configuration.

See

NfwRuleGroupRuleConfig

Readonly shareTargets

shareTargets: undefined | ShareTargets = undefined

Resource Access Manager (RAM) share targets.

Remarks

Targets can be account names and/or organizational units.

See

t.ShareTargets

Readonly tags

tags: undefined | Tag[] = undefined

An array of tags for the rule group.

Readonly type

type: "STATELESS" | "STATEFUL" = 'STATEFUL'

The type of rules in the rule group.

See

nfwRuleType

Settings

Member Visibility

Theme

Generated using TypeDoc