aws_sdk_route53globalresolver/client/
create_firewall_rule.rs

1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2impl super::Client {
3    /// Constructs a fluent builder for the [`CreateFirewallRule`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder) operation.
4    ///
5    /// - The fluent builder is configurable:
6    ///   - [`action(FirewallRuleAction)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::action) / [`set_action(Option<FirewallRuleAction>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_action):<br>required: **true**<br><p>The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:</p> <ul>  <li>   <p><code>ALLOW</code> - Permit the request to go through.</p></li>  <li>   <p><code>ALERT</code> - Permit the request and send metrics and logs to CloudWatch.</p></li>  <li>   <p><code>BLOCK</code> - Disallow the request. This option requires additional details in the rule's <code>BlockResponse</code>.</p></li> </ul><br>
7    ///   - [`block_override_dns_type(BlockOverrideDnsQueryType)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::block_override_dns_type) / [`set_block_override_dns_type(Option<BlockOverrideDnsQueryType>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_block_override_dns_type):<br>required: **false**<br><p>The DNS record's type. This determines the format of the record value that you provided in <code>BlockOverrideDomain</code>. Used for the rule action <code>BLOCK</code> with a <code>BlockResponse</code> setting of <code>OVERRIDE</code>.</p> <p>This setting is required if the <code>BlockResponse</code> setting is <code>OVERRIDE</code>.</p><br>
8    ///   - [`block_override_domain(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::block_override_domain) / [`set_block_override_domain(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_block_override_domain):<br>required: **false**<br><p>The custom DNS record to send back in response to the query. Used for the rule action <code>BLOCK</code> with a <code>BlockResponse</code> setting of <code>OVERRIDE</code>.</p> <p>This setting is required if the <code>BlockResponse</code> setting is <code>OVERRIDE</code>.</p><br>
9    ///   - [`block_override_ttl(i32)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::block_override_ttl) / [`set_block_override_ttl(Option<i32>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_block_override_ttl):<br>required: **false**<br><p>The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action <code>BLOCK</code> with a <code>BlockResponse</code> setting of <code>OVERRIDE</code>.</p> <p>This setting is required if the <code>BlockResponse</code> setting is <code>OVERRIDE</code>.</p><br>
10    ///   - [`block_response(FirewallBlockResponse)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::block_response) / [`set_block_response(Option<FirewallBlockResponse>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_block_response):<br>required: **false**<br><p>The response to return when the action is BLOCK. Valid values are NXDOMAIN (domain does not exist), NODATA (domain exists but no records), or OVERRIDE (return custom response).</p><br>
11    ///   - [`client_token(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::client_token) / [`set_client_token(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_client_token):<br>required: **false**<br><p>A unique, case-sensitive identifier to ensure idempotency. This means that making the same request multiple times with the same <code>clientToken</code> has the same result every time.</p><br>
12    ///   - [`confidence_threshold(ConfidenceThreshold)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::confidence_threshold) / [`set_confidence_threshold(Option<ConfidenceThreshold>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_confidence_threshold):<br>required: **false**<br><p>The confidence threshold for advanced threat detection. Valid values are HIGH, MEDIUM, or LOW, indicating the accuracy level required for threat detection.</p><br>
13    ///   - [`description(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::description) / [`set_description(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_description):<br>required: **false**<br><p>An optional description for the firewall rule.</p><br>
14    ///   - [`dns_advanced_protection(DnsAdvancedProtection)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::dns_advanced_protection) / [`set_dns_advanced_protection(Option<DnsAdvancedProtection>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_dns_advanced_protection):<br>required: **false**<br><p>Whether to enable advanced DNS threat protection for this rule. Advanced protection can detect and block DNS tunneling and Domain Generation Algorithm (DGA) threats.</p><br>
15    ///   - [`firewall_domain_list_id(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::firewall_domain_list_id) / [`set_firewall_domain_list_id(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_firewall_domain_list_id):<br>required: **false**<br><p>The ID of the firewall domain list to use in this rule.</p><br>
16    ///   - [`name(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::name) / [`set_name(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_name):<br>required: **true**<br><p>A descriptive name for the firewall rule.</p><br>
17    ///   - [`priority(i64)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::priority) / [`set_priority(Option<i64>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_priority):<br>required: **false**<br><p>The priority of this rule. Rules are evaluated in priority order, with lower numbers having higher priority. When a DNS query matches multiple rules, the rule with the highest priority (lowest number) is applied.</p><br>
18    ///   - [`dns_view_id(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::dns_view_id) / [`set_dns_view_id(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_dns_view_id):<br>required: **true**<br><p>The ID of the DNS view to associate with this firewall rule.</p><br>
19    ///   - [`q_type(impl Into<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::q_type) / [`set_q_type(Option<String>)`](crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::set_q_type):<br>required: **false**<br><p>The DNS query type to match for this rule. Examples include A (IPv4 address), AAAA (IPv6 address), MX (mail exchange), or TXT (text record).</p><br>
20    /// - On success, responds with [`CreateFirewallRuleOutput`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput) with field(s):
21    ///   - [`action(FirewallRuleAction)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::action): <p>The action that DNS Firewall takes on DNS queries that match this rule.</p>
22    ///   - [`block_override_dns_type(Option<BlockOverrideDnsQueryType>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::block_override_dns_type): <p>The DNS record type for the custom response when blockResponse is OVERRIDE.</p>
23    ///   - [`block_override_domain(Option<String>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::block_override_domain): <p>The custom domain to return when the action is BLOCK and blockResponse is OVERRIDE.</p>
24    ///   - [`block_override_ttl(Option<i32>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::block_override_ttl): <p>The time-to-live (TTL) value for the custom response when blockResponse is OVERRIDE.</p>
25    ///   - [`block_response(Option<FirewallBlockResponse>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::block_response): <p>The response to return when the action is BLOCK.</p>
26    ///   - [`confidence_threshold(Option<ConfidenceThreshold>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::confidence_threshold): <p>The confidence threshold for advanced threat detection.</p>
27    ///   - [`created_at(DateTime)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::created_at): <p>The date and time when the firewall rule was created.</p>
28    ///   - [`description(Option<String>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::description): <p>The description of the firewall rule.</p>
29    ///   - [`dns_advanced_protection(Option<DnsAdvancedProtection>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::dns_advanced_protection): <p>Whether advanced DNS threat protection is enabled for this rule.</p>
30    ///   - [`firewall_domain_list_id(Option<String>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::firewall_domain_list_id): <p>The ID of the firewall domain list used in this rule.</p>
31    ///   - [`id(String)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::id): <p>The unique identifier for the firewall rule.</p>
32    ///   - [`name(String)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::name): <p>The name of the firewall rule.</p>
33    ///   - [`priority(i64)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::priority): <p>The priority of the firewall rule.</p>
34    ///   - [`dns_view_id(String)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::dns_view_id): <p>The ID of the DNS view associated with this firewall rule.</p>
35    ///   - [`query_type(Option<String>)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::query_type): <p>The DNS query type that this rule matches.</p>
36    ///   - [`status(CrResourceStatus)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::status): <p>The operational status of the firewall rule.</p>
37    ///   - [`updated_at(DateTime)`](crate::operation::create_firewall_rule::CreateFirewallRuleOutput::updated_at): <p>The date and time when the firewall rule was last updated.</p>
38    /// - On failure, responds with [`SdkError<CreateFirewallRuleError>`](crate::operation::create_firewall_rule::CreateFirewallRuleError)
39    pub fn create_firewall_rule(&self) -> crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder {
40        crate::operation::create_firewall_rule::builders::CreateFirewallRuleFluentBuilder::new(self.handle.clone())
41    }
42}