software.amazon.awscdk.services.networkfirewall

Interface CfnRuleGroup.StatefulRuleProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnRuleGroup.StatefulRuleProperty.Jsii$Proxy

Enclosing class:

CfnRuleGroup

@Stability(value=Stable)
public static interface CfnRuleGroup.StatefulRuleProperty
extends software.amazon.jsii.JsiiSerializable

A single Suricata rules specification, for use in a stateful rule group.

Use this option to specify a simple Suricata rule with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format .

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.networkfirewall.*;
 StatefulRuleProperty statefulRuleProperty = StatefulRuleProperty.builder()
         .action("action")
         .header(HeaderProperty.builder()
                 .destination("destination")
                 .destinationPort("destinationPort")
                 .direction("direction")
                 .protocol("protocol")
                 .source("source")
                 .sourcePort("sourcePort")
                 .build())
         .ruleOptions(List.of(RuleOptionProperty.builder()
                 .keyword("keyword")
                 // the properties below are optional
                 .settings(List.of("settings"))
                 .build()))
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Interface and Description
static class	CfnRuleGroup.StatefulRuleProperty.Builder A builder for CfnRuleGroup.StatefulRuleProperty
static class	CfnRuleGroup.StatefulRuleProperty.Jsii$Proxy An implementation for CfnRuleGroup.StatefulRuleProperty

Method Summary

Modifier and Type	Method and Description
static CfnRuleGroup.StatefulRuleProperty.Builder	builder()
String	getAction() Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria.
Object	getHeader() The stateful inspection criteria for this rule, used to inspect traffic flows.
Object	getRuleOptions() Additional settings for a stateful rule, provided as keywords and settings.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Detail

getAction

@Stability(value=Stable)
 @NotNull
String getAction()

Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria.

For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.

The actions for a stateful rule are defined as follows:

• PASS - Permits the packets to go to the intended destination.
• DROP - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the firewall's LoggingConfiguration .
• ALERT - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the firewall's LoggingConfiguration .

You can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with ALERT action, verify in the logs that the rule is filtering as you want, then change the action to DROP .

getHeader

@Stability(value=Stable)
 @NotNull
Object getHeader()

The stateful inspection criteria for this rule, used to inspect traffic flows.

getRuleOptions

@Stability(value=Stable)
 @NotNull
Object getRuleOptions()

Additional settings for a stateful rule, provided as keywords and settings.

builder

@Stability(value=Stable)
static CfnRuleGroup.StatefulRuleProperty.Builder builder()

Returns:

a CfnRuleGroup.StatefulRuleProperty.Builder of CfnRuleGroup.StatefulRuleProperty