Class StatefulRuleGroupReference
- All Implemented Interfaces:
Serializable
,SdkPojo
,ToCopyableBuilder<StatefulRuleGroupReference.Builder,
StatefulRuleGroupReference>
Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.
- See Also:
-
Nested Class Summary
Nested Classes -
Method Summary
Modifier and TypeMethodDescriptionbuilder()
final Boolean
Network Firewall plans to augment the active threat defense managed rule group with an additional deep threat inspection capability.final boolean
final boolean
equalsBySdkFields
(Object obj) Indicates whether some other object is "equal to" this one by SDK fields.final <T> Optional
<T> getValueForField
(String fieldName, Class<T> clazz) final int
hashCode()
override()
The action that allows the policy owner to override the behavior of the rule group within a policy.final Integer
priority()
An integer setting that indicates the order in which to run the stateful rule groups in a single FirewallPolicy.final String
The Amazon Resource Name (ARN) of the stateful rule group.static Class
<? extends StatefulRuleGroupReference.Builder> Take this object and create a builder that contains all of the current property values of this object.final String
toString()
Returns a string representation of this object.Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy
-
Method Details
-
resourceArn
The Amazon Resource Name (ARN) of the stateful rule group.
- Returns:
- The Amazon Resource Name (ARN) of the stateful rule group.
-
priority
An integer setting that indicates the order in which to run the stateful rule groups in a single FirewallPolicy. This setting only applies to firewall policies that specify the
STRICT_ORDER
rule order in the stateful engine options settings.Network Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.
You can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.
- Returns:
- An integer setting that indicates the order in which to run the stateful rule groups in a single
FirewallPolicy. This setting only applies to firewall policies that specify the
STRICT_ORDER
rule order in the stateful engine options settings.Network Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy.
You can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on.
-
override
The action that allows the policy owner to override the behavior of the rule group within a policy.
- Returns:
- The action that allows the policy owner to override the behavior of the rule group within a policy.
-
deepThreatInspection
Network Firewall plans to augment the active threat defense managed rule group with an additional deep threat inspection capability. When this capability is released, Amazon Web Services will analyze service logs of network traffic processed by these rule groups to identify threat indicators across customers. Amazon Web Services will use these threat indicators to improve the active threat defense managed rule groups and protect the security of Amazon Web Services customers and services.
Customers can opt-out of deep threat inspection at any time through the Network Firewall console or API. When customers opt out, Network Firewall will not use the network traffic processed by those customers' active threat defense rule groups for rule group improvement.
- Returns:
- Network Firewall plans to augment the active threat defense managed rule group with an additional deep
threat inspection capability. When this capability is released, Amazon Web Services will analyze service
logs of network traffic processed by these rule groups to identify threat indicators across customers.
Amazon Web Services will use these threat indicators to improve the active threat defense managed rule
groups and protect the security of Amazon Web Services customers and services.
Customers can opt-out of deep threat inspection at any time through the Network Firewall console or API. When customers opt out, Network Firewall will not use the network traffic processed by those customers' active threat defense rule groups for rule group improvement.
-
toBuilder
Description copied from interface:ToCopyableBuilder
Take this object and create a builder that contains all of the current property values of this object.- Specified by:
toBuilder
in interfaceToCopyableBuilder<StatefulRuleGroupReference.Builder,
StatefulRuleGroupReference> - Returns:
- a builder for type T
-
builder
-
serializableBuilderClass
-
hashCode
-
equals
-
equalsBySdkFields
Description copied from interface:SdkPojo
Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in anSdkPojo
class, and is generated based on a service model.If an
SdkPojo
class does not have any inherited fields,equalsBySdkFields
andequals
are essentially the same.- Specified by:
equalsBySdkFields
in interfaceSdkPojo
- Parameters:
obj
- the object to be compared with- Returns:
- true if the other object equals to this object by sdk fields, false otherwise.
-
toString
-
getValueForField
-
sdkFields
-
sdkFieldNameToField
- Specified by:
sdkFieldNameToField
in interfaceSdkPojo
- Returns:
- The mapping between the field name and its corresponding field.
-