aws-cdk-lib.aws_route53resolver.CfnFirewallRuleGroupAssociationProps

interface CfnFirewallRuleGroupAssociationProps

LanguageType name
.NETAmazon.CDK.AWS.Route53Resolver.CfnFirewallRuleGroupAssociationProps
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsroute53resolver#CfnFirewallRuleGroupAssociationProps
Javasoftware.amazon.awscdk.services.route53resolver.CfnFirewallRuleGroupAssociationProps
Pythonaws_cdk.aws_route53resolver.CfnFirewallRuleGroupAssociationProps
TypeScript aws-cdk-lib » aws_route53resolver » CfnFirewallRuleGroupAssociationProps

Properties for defining a CfnFirewallRuleGroupAssociation.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_route53resolver as route53resolver } from 'aws-cdk-lib';
const cfnFirewallRuleGroupAssociationProps: route53resolver.CfnFirewallRuleGroupAssociationProps = {
  firewallRuleGroupId: 'firewallRuleGroupId',
  priority: 123,
  vpcId: 'vpcId',

  // the properties below are optional
  mutationProtection: 'mutationProtection',
  name: 'name',
  tags: [{
    key: 'key',
    value: 'value',
  }],
};

Properties

NameTypeDescription
firewallRuleGroupIdstringThe unique identifier of the firewall rule group.
prioritynumberThe setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC.
vpcIdstringThe unique identifier of the VPC that is associated with the rule group.
mutationProtection?stringIf enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
name?stringThe name of the association.
tags?CfnTag[]A list of the tag keys and values that you want to associate with the rule group.

firewallRuleGroupId

Type: string

The unique identifier of the firewall rule group.


priority

Type: number

The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC.

DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting.

You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it.

The allowed values for Priority are between 100 and 9900 (excluding 100 and 9900).


vpcId

Type: string

The unique identifier of the VPC that is associated with the rule group.


mutationProtection?

Type: string (optional)

If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.


name?

Type: string (optional)

The name of the association.


tags?

Type: CfnTag[] (optional)

A list of the tag keys and values that you want to associate with the rule group.