Class: Aws::NetworkFirewall::Types::RuleGroup
- Inherits:
- 
      Struct
      
        - Object
- Struct
- Aws::NetworkFirewall::Types::RuleGroup
 
- Includes:
- Structure
- Defined in:
- lib/aws-sdk-networkfirewall/types.rb
Overview
The object that defines the rules in a rule group. This, along with RuleGroupResponse, define the rule group. You can retrieve all objects for a rule group by calling DescribeRuleGroup.
Network Firewall uses a rule group to inspect and control network traffic. You define stateless rule groups to inspect individual packets and you define stateful rule groups to inspect packets in the context of their traffic flow.
To use a rule group, you include it by reference in an Network Firewall firewall policy, then you use the policy in a firewall. You can reference a rule group from more than one firewall policy, and you can use a firewall policy in more than one firewall.
Constant Summary collapse
- SENSITIVE =
- [] 
Instance Attribute Summary collapse
- 
  
    
      #reference_sets  ⇒ Types::ReferenceSets 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The list of a rule group’s reference sets. 
- 
  
    
      #rule_variables  ⇒ Types::RuleVariables 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    Settings that are available for use in the rules in the rule group. 
- 
  
    
      #rules_source  ⇒ Types::RulesSource 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    The stateful rules or stateless rules for the rule group. 
- 
  
    
      #stateful_rule_options  ⇒ Types::StatefulRuleOptions 
    
    
  
  
  
  
    
    
  
  
  
  
  
  
    Additional options governing how Network Firewall handles stateful rules. 
Instance Attribute Details
#reference_sets ⇒ Types::ReferenceSets
The list of a rule group’s reference sets.
| 4869 4870 4871 4872 4873 4874 4875 4876 | # File 'lib/aws-sdk-networkfirewall/types.rb', line 4869 class RuleGroup < Struct.new( :rule_variables, :reference_sets, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end | 
#rule_variables ⇒ Types::RuleVariables
Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups.
| 4869 4870 4871 4872 4873 4874 4875 4876 | # File 'lib/aws-sdk-networkfirewall/types.rb', line 4869 class RuleGroup < Struct.new( :rule_variables, :reference_sets, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end | 
#rules_source ⇒ Types::RulesSource
The stateful rules or stateless rules for the rule group.
| 4869 4870 4871 4872 4873 4874 4875 4876 | # File 'lib/aws-sdk-networkfirewall/types.rb', line 4869 class RuleGroup < Struct.new( :rule_variables, :reference_sets, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end | 
#stateful_rule_options ⇒ Types::StatefulRuleOptions
Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order] in the *Network Firewall Developer Guide*.
[1]: docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html
| 4869 4870 4871 4872 4873 4874 4875 4876 | # File 'lib/aws-sdk-networkfirewall/types.rb', line 4869 class RuleGroup < Struct.new( :rule_variables, :reference_sets, :rules_source, :stateful_rule_options) SENSITIVE = [] include Aws::Structure end |