Class: Aws::Route53Resolver::Types::CreateFirewallRuleEntry

Inherits:

Struct

• Object
• Struct
• Aws::Route53Resolver::Types::CreateFirewallRuleEntry

Defined in:

gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb

Overview

The details for creating a single firewall rule in a batch operation.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #action ⇒ String

  The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:.

• #block_override_dns_type ⇒ String

  The DNS record's type.

• #block_override_domain ⇒ String

  The custom DNS record to send back in response to the query.

• #block_override_ttl ⇒ Integer

  The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record.

• #block_response ⇒ String

  The way that you want DNS Firewall to block the request, used with the rule action setting BLOCK.

• #confidence_threshold ⇒ String

  The confidence threshold for DNS Firewall Advanced.

• #creator_request_id ⇒ String

  A unique string that identifies the request and that allows you to retry failed requests without the risk of running the operation twice.

• #dns_threat_protection ⇒ String

  The type of the DNS Firewall Advanced rule.

• #firewall_domain_list_id ⇒ String

  The ID of the domain list that you want to use in the rule.

• #firewall_domain_redirection_action ⇒ String

  How you want the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.

• #firewall_rule_group_id ⇒ String

  The unique identifier of the firewall rule group where you want to create the rule.

• #firewall_rule_type ⇒ Types::FirewallRuleType

  The rule type configuration for the firewall rule.

• #name ⇒ String

  A name that lets you identify the rule in the rule group.

• #priority ⇒ Integer

  The setting that determines the processing order of the rule in the rule group.

• #qtype ⇒ String

  The DNS query type you want the rule to evaluate.

Instance Attribute Details

#action ⇒ String

The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:

• ALLOW - Permit the request to go through. Not available for DNS Firewall Advanced rules.

• ALERT - Permit the request and send metrics and logs to CloudWatch.

• BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_dns_type ⇒ String

The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_domain ⇒ String

The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_override_ttl ⇒ Integer

The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

This setting is required if the BlockResponse setting is OVERRIDE.

Returns:

• (Integer)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#block_response ⇒ String

The way that you want DNS Firewall to block the request, used with the rule action setting BLOCK.

• NODATA - Respond indicating that the query was successful, but no response is available for it.

• NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.

• OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#confidence_threshold ⇒ String

The confidence threshold for DNS Firewall Advanced. You must provide this value when you create or update a DNS Firewall Advanced rule. The confidence level values mean:

• LOW: Provides the highest detection rate for threats, but also increases false positives.

• MEDIUM: Provides a balance between detecting threats and false positives.

• HIGH: Detects only the most well corroborated threats with a low rate of false positives.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#creator_request_id ⇒ String

A unique string that identifies the request and that allows you to retry failed requests without the risk of running the operation twice. CreatorRequestId can be any unique string, for example, a date/time stamp.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#dns_threat_protection ⇒ String

The type of the DNS Firewall Advanced rule. This setting is mutually exclusive with FirewallDomainListId and FirewallRuleType. Valid values are:

• DGA: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to launch malware attacks.

• DNS_TUNNELING: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.

• DICT_DGA: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_domain_list_id ⇒ String

The ID of the domain list that you want to use in the rule. This setting is mutually exclusive with DnsThreatProtection and FirewallRuleType.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_domain_redirection_action ⇒ String

How you want the rule to evaluate DNS redirection in the DNS redirection chain, such as CNAME or DNAME.

INSPECT_REDIRECTION_DOMAIN: (Default) inspects all domains in the redirection chain. The individual domains in the redirection chain must be added to the domain list.

TRUST_REDIRECTION_DOMAIN: Inspects only the first domain in the redirection chain. You don't need to add the subsequent domains in the redirection list to the domain list.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_rule_group_id ⇒ String

The unique identifier of the firewall rule group where you want to create the rule.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_rule_type ⇒ Types::FirewallRuleType

The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level FirewallDomainListId and DnsThreatProtection fields.

Returns:

• (Types::FirewallRuleType)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#name ⇒ String

A name that lets you identify the rule in the rule group.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#priority ⇒ Integer

The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.

Returns:

• (Integer)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end

#qtype ⇒ String

The DNS query type you want the rule to evaluate. Allowed values are:

• A: Returns an IPv4 address.

• AAAA: Returns an IPv6 address.

• CAA: Restricts CAs that can create SSL/TLS certifications for the domain.

• CNAME: Returns another domain name.

• DS: Record that identifies the DNSSEC signing key of a delegated zone.

• MX: Specifies mail servers.

• NAPTR: Regular-expression-based rewriting of domain names.

• NS: Authoritative name servers.

• PTR: Maps an IP address to a domain name.

• SOA: Start of authority record for the zone.

• SPF: Lists the servers authorized to send emails from a domain.

• SRV: Application specific values that identify servers.

• TXT: Verifies email senders and application-specific values.

• A query type you define by using the DNS type ID, for example 28 for AAAA. The values must be defined as TYPENUMBER, where the NUMBER can be 1-65534, for example, TYPE28. For more information, see List of DNS record types.

Returns:

• (String)

# File 'gems/aws-sdk-route53resolver/lib/aws-sdk-route53resolver/types.rb', line 619

class CreateFirewallRuleEntry < Struct.new(
  :creator_request_id,
  :firewall_rule_group_id,
  :firewall_domain_list_id,
  :priority,
  :action,
  :block_response,
  :block_override_domain,
  :block_override_dns_type,
  :block_override_ttl,
  :name,
  :firewall_domain_redirection_action,
  :qtype,
  :dns_threat_protection,
  :confidence_threshold,
  :firewall_rule_type)
  SENSITIVE = []
  include Aws::Structure
end