Class: Aws::NetworkFirewall::Types::RulesSource

Inherits:

Struct

• Object
• Struct
• Aws::NetworkFirewall::Types::RulesSource

Includes:

Structure

Defined in:

lib/aws-sdk-networkfirewall/types.rb

Overview

The stateless or stateful rules definitions for use in a single rule group. Each rule group requires a single ‘RulesSource`. You can use an instance of this for either stateless rules or stateful rules.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #rules_source_list ⇒ Types::RulesSourceList

  Stateful inspection criteria for a domain list rule group.

• #rules_string ⇒ String

  Stateful inspection criteria, provided in Suricata compatible rules.

• #stateful_rules ⇒ Array<Types::StatefulRule>

  An array of individual stateful rules inspection criteria to be used together in a stateful rule group.

• #stateless_rules_and_custom_actions ⇒ Types::StatelessRulesAndCustomActions

  Stateless inspection criteria to be used in a stateless rule group.

Instance Attribute Details

#rules_source_list ⇒ Types::RulesSourceList

Stateful inspection criteria for a domain list rule group.

Returns:

• (Types::RulesSourceList)

# File 'lib/aws-sdk-networkfirewall/types.rb', line 3418

class RulesSource < Struct.new(
  :rules_string,
  :rules_source_list,
  :stateful_rules,
  :stateless_rules_and_custom_actions)
  SENSITIVE = []
  include Aws::Structure
end

#rules_string ⇒ String

Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection.

These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn’t have a separate action setting.

<note markdown=“1”> You can’t use the ‘priority` keyword if the `RuleOrder` option in StatefulRuleOptions is set to `STRICT_ORDER`.

</note>

Returns:

• (String)

# File 'lib/aws-sdk-networkfirewall/types.rb', line 3418

class RulesSource < Struct.new(
  :rules_string,
  :rules_source_list,
  :stateful_rules,
  :stateless_rules_and_custom_actions)
  SENSITIVE = []
  include Aws::Structure
end

#stateful_rules ⇒ Array<Types::StatefulRule>

An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata ‘Rules` format, see [Rules Format].

[1]: suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html

Returns:

• (Array<Types::StatefulRule>)

# File 'lib/aws-sdk-networkfirewall/types.rb', line 3418

class RulesSource < Struct.new(
  :rules_string,
  :rules_source_list,
  :stateful_rules,
  :stateless_rules_and_custom_actions)
  SENSITIVE = []
  include Aws::Structure
end

#stateless_rules_and_custom_actions ⇒ Types::StatelessRulesAndCustomActions

Stateless inspection criteria to be used in a stateless rule group.

Returns:

• (Types::StatelessRulesAndCustomActions)

# File 'lib/aws-sdk-networkfirewall/types.rb', line 3418

class RulesSource < Struct.new(
  :rules_string,
  :rules_source_list,
  :stateful_rules,
  :stateless_rules_and_custom_actions)
  SENSITIVE = []
  include Aws::Structure
end