Module aws_sdk_networkfirewall::model [−][src]
Expand description
Data structures used by operation inputs/outputs.
Modules
Structs
A custom action to use in stateless rule actions settings. This is used in CustomAction.
A single IP address specification. This is used in the MatchAttributes
The configuration and status for a single subnet that you've specified for use by the
An optional, non-standard action to use for stateless packet handling. You can define
The value to use in an Amazon CloudWatch custom metric dimension. This is used in the
The firewall defines the configuration settings for an AWS Network Firewall firewall. These settings include the firewall policy, the subnets in your VPC to use for the firewall endpoints, and any tags that are attached to the firewall AWS resource.
High-level information about a firewall, returned by operations like create and
The firewall policy defines the behavior of a firewall using a collection of stateless
High-level information about a firewall policy, returned by operations like create and
The high-level properties of a firewall policy. This, along with the FirewallPolicy, define the policy. You can retrieve all objects for a firewall policy by calling DescribeFirewallPolicy.
Detailed information about the current status of a Firewall. You can retrieve this for a firewall by calling DescribeFirewall and providing the firewall name and ARN.
The basic rule criteria for AWS Network Firewall to use to inspect packet headers in stateful
A list of IP addresses and address ranges, in CIDR notation. This is part of a RuleVariables.
Defines where AWS Network Firewall sends logs for the firewall for one log type. This is used
Defines how AWS Network Firewall performs logging for a Firewall.
Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags.
Provides configuration status for a single policy or rule group that is used for a firewall endpoint. Network Firewall
A single port range specification. This is used for source and destination port ranges
A set of port ranges for use in the rules in a rule group.
Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the
The inspection criteria and action for a single stateless rule. AWS Network Firewall inspects each packet for the specified matching
The object that defines the rules in a rule group. This, along with RuleGroupResponse, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup.
High-level information about a rule group, returned by ListRuleGroups.
The high-level properties of a rule group. This, along with the RuleGroup, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup.
Additional settings for a stateful rule. This is part of the StatefulRule configuration.
Settings that are available for use in the rules in the RuleGroup
The stateless or stateful rules definitions for use in a single rule group. Each rule
Stateful inspection criteria for a domain list rule group.
Configuration settings for the handling of the stateful rule groups in a firewall policy.
A single Suricata rules specification, for use in a stateful rule group.
Identifier for a single stateful rule group, used in a firewall policy to refer to a
Additional options governing how Network Firewall handles the rule group. You can only use these for stateful rule groups.
A single stateless rule. This is used in StatelessRulesAndCustomActions.
Identifier for a single stateless rule group, used in a firewall policy to refer to the
Stateless inspection criteria. Each stateless rule group uses exactly one of these data
The ID for a subnet that you want to associate with the firewall. This is used with
The status of the firewall endpoint and firewall policy configuration for a single VPC
A key:value pair associated with an AWS resource. The key:value pair can be anything you
TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.