aws-cdk-lib.aws_networkfirewall.CfnRuleGroup.StatefulRuleOptionsProperty

interface StatefulRuleOptionsProperty

LanguageType name
.NETAmazon.CDK.AWS.NetworkFirewall.CfnRuleGroup.StatefulRuleOptionsProperty
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awsnetworkfirewall#CfnRuleGroup_StatefulRuleOptionsProperty
Javasoftware.amazon.awscdk.services.networkfirewall.CfnRuleGroup.StatefulRuleOptionsProperty
Pythonaws_cdk.aws_networkfirewall.CfnRuleGroup.StatefulRuleOptionsProperty
TypeScript aws-cdk-lib » aws_networkfirewall » CfnRuleGroup » StatefulRuleOptionsProperty

Additional options governing how Network Firewall handles the rule group.

You can only use these for stateful rule groups.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import { aws_networkfirewall as networkfirewall } from 'aws-cdk-lib';
const statefulRuleOptionsProperty: networkfirewall.CfnRuleGroup.StatefulRuleOptionsProperty = {
  ruleOrder: 'ruleOrder',
};

Properties

NameTypeDescription
ruleOrder?stringIndicates how to manage the order of the rule evaluation for the rule group.

ruleOrder?

Type: string (optional)

Indicates how to manage the order of the rule evaluation for the rule group.

DEFAULT_ACTION_ORDER is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see Evaluation order for stateful rules in the AWS Network Firewall Developer Guide .