AWS::NetworkFirewall::RuleGroup StatefulRule

A single Suricata rules specification, for use in a stateful rule group. Use this option to specify a simple Suricata rule with protocol, source and destination, ports, direction, and rule options. For information about the Suricata Rules format, see Rules Format.

Syntax

To declare this entity in your AWS CloudFormation template, use the following syntax:

JSON

{ "Action" : String, "Header" : Header, "RuleOptions" : [ RuleOption, ... ] }

Properties

Action

Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow.

The actions for a stateful rule are defined as follows:

Required: Yes

Type: String

Allowed values: ALERT | DROP | PASS | REJECT

Update requires: No interruption

Header

The stateful inspection criteria for this rule, used to inspect traffic flows.

Required: Yes

Type: Header

Update requires: No interruption

RuleOptions

Additional settings for a stateful rule, provided as keywords and settings.

Required: Yes

Type: List of RuleOption

Update requires: No interruption