Class: Aws::Route53Resolver::Types::UpdateFirewallRuleEntry

Inherits:

Struct

• Object
• Struct
• Aws::Route53Resolver::Types::UpdateFirewallRuleEntry

Includes:

Structure

Defined in:

lib/aws-sdk-route53resolver/types.rb

Overview

The details for updating a single firewall rule in a batch operation.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ String

  The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule’s domain list, or a threat in a DNS Firewall Advanced rule:.

• #block_override_dns_type ⇒ String

  The DNS record’s type.

• #block_override_domain ⇒ String

  The custom DNS record to send back in response to the query.

• #block_override_ttl ⇒ Integer

  The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.

• #block_response ⇒ String

  The way that you want DNS Firewall to block the request, used with the rule action setting ‘BLOCK`.

• #confidence_threshold ⇒ String

  The confidence threshold for DNS Firewall Advanced.

• #dns_threat_protection ⇒ String

  The type of the DNS Firewall Advanced rule.

• #firewall_domain_list_id ⇒ String

  The ID of the domain list to use in the rule.

• #firewall_domain_redirection_action ⇒ String

  How you want the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.

• #firewall_rule_group_id ⇒ String

  The unique identifier of the firewall rule group for the rule.

• #firewall_rule_type ⇒ Types::FirewallRuleType

  The rule type configuration for the firewall rule.

• #firewall_threat_protection_id ⇒ String

  The ID of the DNS Firewall Advanced rule.

• #name ⇒ String

  The name of the rule.

• #priority ⇒ Integer

  The setting that determines the processing order of the rule in the rule group.

• #qtype ⇒ String

  The DNS query type you want the rule to evaluate.

Instance Attribute Details

#action ⇒ String

The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule’s domain list, or a threat in a DNS Firewall Advanced rule:

• ‘ALLOW` - Permit the request to go through. Not available for DNS Firewall Advanced rules.

• ‘ALERT` - Permit the request and send metrics and logs to CloudWatch.

• ‘BLOCK` - Disallow the request. This option requires additional details in the rule’s ‘BlockResponse`.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_dns_type ⇒ String

The DNS record’s type. This determines the format of the record value that you provided in ‘BlockOverrideDomain`. Used for the rule action `BLOCK` with a `BlockResponse` setting of `OVERRIDE`.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_domain ⇒ String

The custom DNS record to send back in response to the query. Used for the rule action ‘BLOCK` with a `BlockResponse` setting of `OVERRIDE`.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_ttl ⇒ Integer

The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action ‘BLOCK` with a `BlockResponse` setting of `OVERRIDE`.

This setting is required if the ‘BlockResponse` setting is `OVERRIDE`.

Returns:

• (Integer)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_response ⇒ String

The way that you want DNS Firewall to block the request, used with the rule action setting ‘BLOCK`.

• ‘NODATA` - Respond indicating that the query was successful, but no response is available for it.

• ‘NXDOMAIN` - Respond indicating that the domain name that’s in the query doesn’t exist.

• ‘OVERRIDE` - Provide a custom override in the response. This option requires custom handling details in the rule’s ‘BlockOverride*` settings.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#confidence_threshold ⇒ String

The confidence threshold for DNS Firewall Advanced. You must provide this value when you create or update a DNS Firewall Advanced rule. The confidence level values mean:

• ‘LOW`: Provides the highest detection rate for threats, but also increases false positives.

• ‘MEDIUM`: Provides a balance between detecting threats and false positives.

• ‘HIGH`: Detects only the most well corroborated threats with a low rate of false positives.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#dns_threat_protection ⇒ String

The type of the DNS Firewall Advanced rule. This setting is mutually exclusive with ‘FirewallDomainListId` and `FirewallRuleType`. Valid values are:

• ‘DGA`: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to launch malware attacks.

• ‘DNS_TUNNELING`: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.

• ‘DICT_DGA`: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_domain_list_id ⇒ String

The ID of the domain list to use in the rule. This setting is mutually exclusive with ‘DnsThreatProtection` and `FirewallRuleType`.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_domain_redirection_action ⇒ String

How you want the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.

‘INSPECT_REDIRECTION_DOMAIN`: (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.

‘TRUST_REDIRECTION_DOMAIN`: Inspects only the first domain in the redirection chain. You don’t need to add the subsequent domains in the redirection list to the domain list.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_rule_group_id ⇒ String

The unique identifier of the firewall rule group for the rule.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_rule_type ⇒ Types::FirewallRuleType

The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level ‘FirewallDomainListId` and `DnsThreatProtection` fields.

Returns:

• (Types::FirewallRuleType)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_threat_protection_id ⇒ String

The ID of the DNS Firewall Advanced rule.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#name ⇒ String

The name of the rule.

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ Integer

The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.

Returns:

• (Integer)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#qtype ⇒ String

The DNS query type you want the rule to evaluate. Allowed values are:

• A: Returns an IPv4 address.

• AAAA: Returns an IPv6 address.

• CAA: Restricts CAs that can create SSL/TLS certifications for the domain.

• CNAME: Returns another domain name.

• DS: Record that identifies the DNSSEC signing key of a delegated zone.

• MX: Specifies mail servers.

• NAPTR: Regular-expression-based rewriting of domain names.

• NS: Authoritative name servers.

• PTR: Maps an IP address to a domain name.

• SOA: Start of authority record for the zone.

• SPF: Lists the servers authorized to send emails from a domain.

• SRV: Application specific values that identify servers.

• TXT: Verifies email senders and application-specific values.

• A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPENUMBER, where the NUMBER can be 1-65534, for example, TYPE28. For more information, see [List of DNS record types].

[1]: en.wikipedia.org/wiki/List_of_DNS_record_types

Returns:

• (String)

# File 'lib/aws-sdk-route53resolver/types.rb', line 6016

class UpdateFirewallRuleEntry < Struct.new(
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :firewall_threat_protection_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end