Class: Aws::Route53Resolver::Types::FirewallRuleType

Inherits:

Struct

• Object
• Struct
• Aws::Route53Resolver::Types::FirewallRuleType

Includes:

Structure

Defined in:

lib/aws-sdk-route53resolver/types.rb

Overview

The rule-type configuration for a DNS Firewall rule. ‘FirewallRuleType` is a tagged union — exactly one member must be set per rule, and the member determines what the rule matches against. This shape is mutually exclusive with the top-level `FirewallDomainListId` and `DnsThreatProtection` fields on CreateFirewallRule and UpdateFirewallRule.

Call ListFirewallRuleTypes to discover which rule-type variants and which values within each variant are available in your account and Region.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #dns_threat_protection ⇒ Types::DnsThreatProtectionRuleTypeConfig

  Configures the rule to match a built-in DNS Firewall Advanced threat detector — ‘DGA`, `DNS_TUNNELING`, or `DICTIONARY_DGA`.

• #firewall_advanced_content_category ⇒ Types::FirewallAdvancedContentCategoryConfig

  Configures the rule to match an AWS-managed content category (for example, ‘VIOLENCE_AND_HATE_SPEECH`).

• #firewall_advanced_threat_category ⇒ Types::FirewallAdvancedThreatCategoryConfig

  Configures the rule to match an AWS-managed advanced threat category (for example, ‘PHISHING`).

• #partner_threat_protection ⇒ Types::PartnerThreatProtectionConfig

  Configures the rule to match a third-party threat feed delivered through AWS Marketplace.

Instance Attribute Details

#dns_threat_protection ⇒ Types::DnsThreatProtectionRuleTypeConfig

Configures the rule to match a built-in DNS Firewall Advanced threat detector — ‘DGA`, `DNS_TUNNELING`, or `DICTIONARY_DGA`. See DnsThreatProtectionRuleTypeConfig.

Returns:

• (Types::DnsThreatProtectionRuleTypeConfig)

# File 'lib/aws-sdk-route53resolver/types.rb', line 2738

class FirewallRuleType < Struct.new(
  :partner_threat_protection,
  :firewall_advanced_content_category,
  :firewall_advanced_threat_category,
  :dns_threat_protection)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_advanced_content_category ⇒ Types::FirewallAdvancedContentCategoryConfig

Configures the rule to match an AWS-managed content category (for example, ‘VIOLENCE_AND_HATE_SPEECH`). See FirewallAdvancedContentCategoryConfig.

Returns:

• (Types::FirewallAdvancedContentCategoryConfig)

# File 'lib/aws-sdk-route53resolver/types.rb', line 2738

class FirewallRuleType < Struct.new(
  :partner_threat_protection,
  :firewall_advanced_content_category,
  :firewall_advanced_threat_category,
  :dns_threat_protection)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_advanced_threat_category ⇒ Types::FirewallAdvancedThreatCategoryConfig

Configures the rule to match an AWS-managed advanced threat category (for example, ‘PHISHING`). See FirewallAdvancedThreatCategoryConfig.

Returns:

• (Types::FirewallAdvancedThreatCategoryConfig)

# File 'lib/aws-sdk-route53resolver/types.rb', line 2738

class FirewallRuleType < Struct.new(
  :partner_threat_protection,
  :firewall_advanced_content_category,
  :firewall_advanced_threat_category,
  :dns_threat_protection)
  SENSITIVE = []
  include Aws::Structure
end

#partner_threat_protection ⇒ Types::PartnerThreatProtectionConfig

Configures the rule to match a third-party threat feed delivered through AWS Marketplace. The calling account must hold an active subscription to the partner product named in ‘Partner`; if the subscription is missing or revoked, the rule is created with `Status` `CREATION_FAILED` and cannot be modified — only deleted. See PartnerThreatProtectionConfig.

Returns:

• (Types::PartnerThreatProtectionConfig)

# File 'lib/aws-sdk-route53resolver/types.rb', line 2738

class FirewallRuleType < Struct.new(
  :partner_threat_protection,
  :firewall_advanced_content_category,
  :firewall_advanced_threat_category,
  :dns_threat_protection)
  SENSITIVE = []
  include Aws::Structure
end