Class: AWSCDK::NetworkFirewall::CfnRuleGroup::RulesSourceProperty
- Inherits:
-
Jsii::Struct
- Object
- Jsii::Struct
- AWSCDK::NetworkFirewall::CfnRuleGroup::RulesSourceProperty
- Defined in:
- network_firewall/cfn_rule_group.rb
Overview
The stateless or stateful rules definitions for use in a single rule group.
Each rule group requires a single RulesSource . You can use an instance of this for either stateless rules or stateful rules.
Instance Attribute Summary collapse
-
#rules_source_list ⇒ AWSCDK::IResolvable, ...
readonly
Stateful inspection criteria for a domain list rule group.
-
#rules_string ⇒ String?
readonly
Stateful inspection criteria, provided in Suricata compatible rules.
-
#stateful_rules ⇒ AWSCDK::IResolvable, ...
readonly
An array of individual stateful rules inspection criteria to be used together in a stateful rule group.
-
#stateless_rules_and_custom_actions ⇒ AWSCDK::IResolvable, ...
readonly
Stateless inspection criteria to be used in a stateless rule group.
Class Method Summary collapse
Instance Method Summary collapse
-
#initialize(rules_source_list: nil, rules_string: nil, stateful_rules: nil, stateless_rules_and_custom_actions: nil) ⇒ RulesSourceProperty
constructor
A new instance of RulesSourceProperty.
- #to_jsii ⇒ Object
Constructor Details
#initialize(rules_source_list: nil, rules_string: nil, stateful_rules: nil, stateless_rules_and_custom_actions: nil) ⇒ RulesSourceProperty
Returns a new instance of RulesSourceProperty.
1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 |
# File 'network_firewall/cfn_rule_group.rb', line 1514 def initialize(rules_source_list: nil, rules_string: nil, stateful_rules: nil, stateless_rules_and_custom_actions: nil) @rules_source_list = rules_source_list.is_a?(Hash) ? ::AWSCDK::NetworkFirewall::CfnRuleGroup::RulesSourceListProperty.new(**rules_source_list.transform_keys(&:to_sym)) : rules_source_list Jsii::Type.check_type(@rules_source_list, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19uZXR3b3JrZmlyZXdhbGwuQ2ZuUnVsZUdyb3VwLlJ1bGVzU291cmNlTGlzdFByb3BlcnR5In1dfX0=")), "rulesSourceList") unless @rules_source_list.nil? @rules_string = rules_string Jsii::Type.check_type(@rules_string, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "rulesString") unless @rules_string.nil? @stateful_rules = stateful_rules Jsii::Type.check_type(@stateful_rules, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfbmV0d29ya2ZpcmV3YWxsLkNmblJ1bGVHcm91cC5TdGF0ZWZ1bFJ1bGVQcm9wZXJ0eSJ9XX19LCJraW5kIjoiYXJyYXkifX1dfX0=")), "statefulRules") unless @stateful_rules.nil? @stateless_rules_and_custom_actions = stateless_rules_and_custom_actions.is_a?(Hash) ? ::AWSCDK::NetworkFirewall::CfnRuleGroup::StatelessRulesAndCustomActionsProperty.new(**stateless_rules_and_custom_actions.transform_keys(&:to_sym)) : stateless_rules_and_custom_actions Jsii::Type.check_type(@stateless_rules_and_custom_actions, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19uZXR3b3JrZmlyZXdhbGwuQ2ZuUnVsZUdyb3VwLlN0YXRlbGVzc1J1bGVzQW5kQ3VzdG9tQWN0aW9uc1Byb3BlcnR5In1dfX0=")), "statelessRulesAndCustomActions") unless @stateless_rules_and_custom_actions.nil? end |
Instance Attribute Details
#rules_source_list ⇒ AWSCDK::IResolvable, ... (readonly)
Stateful inspection criteria for a domain list rule group.
1529 1530 1531 |
# File 'network_firewall/cfn_rule_group.rb', line 1529 def rules_source_list @rules_source_list end |
#rules_string ⇒ String? (readonly)
Stateful inspection criteria, provided in Suricata compatible rules.
Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.
These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting.
You can't use the
prioritykeyword if theRuleOrderoption in StatefulRuleOptions is set toSTRICT_ORDER.
1540 1541 1542 |
# File 'network_firewall/cfn_rule_group.rb', line 1540 def rules_string @rules_string end |
#stateful_rules ⇒ AWSCDK::IResolvable, ... (readonly)
An array of individual stateful rules inspection criteria to be used together in a stateful rule group.
Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format .
1547 1548 1549 |
# File 'network_firewall/cfn_rule_group.rb', line 1547 def stateful_rules @stateful_rules end |
#stateless_rules_and_custom_actions ⇒ AWSCDK::IResolvable, ... (readonly)
Stateless inspection criteria to be used in a stateless rule group.
1552 1553 1554 |
# File 'network_firewall/cfn_rule_group.rb', line 1552 def stateless_rules_and_custom_actions @stateless_rules_and_custom_actions end |
Class Method Details
.jsii_properties ⇒ Object
1554 1555 1556 1557 1558 1559 1560 1561 |
# File 'network_firewall/cfn_rule_group.rb', line 1554 def self.jsii_properties { :rules_source_list => "rulesSourceList", :rules_string => "rulesString", :stateful_rules => "statefulRules", :stateless_rules_and_custom_actions => "statelessRulesAndCustomActions", } end |
Instance Method Details
#to_jsii ⇒ Object
1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 |
# File 'network_firewall/cfn_rule_group.rb', line 1563 def to_jsii result = {} result.merge!({ "rulesSourceList" => @rules_source_list, "rulesString" => @rules_string, "statefulRules" => @stateful_rules, "statelessRulesAndCustomActions" => @stateless_rules_and_custom_actions, }) result.compact end |