Package software.amazon.awssdk.services.networkfirewall.model
package software.amazon.awssdk.services.networkfirewall.model
-
ClassDescriptionA custom action to use in stateless rule actions settings.A single IP address specification.A report that captures key activity from the last 30 days of network traffic monitored by your firewall.The analysis result for Network Firewall's stateless rule group analyzer.The results of a
COMPLETED
analysis report generated with StartAnalysisReport.The definition and status of the firewall endpoint for a single subnet.Defines the mapping between an Availability Zone and a firewall endpoint for a transit gateway-attached firewall.High-level information about an Availability Zone where the firewall has an endpoint defined.The status of the firewall endpoint defined by aVpcEndpointAssociation
.The capacity usage summary of the resources used by the ReferenceSets in a firewall.Defines the actions to take on the SSL/TLS connection if the certificate presented by the server in the connection has a revoked or unknown status.Summarizes the CIDR blocks used by the IP set references in a firewall.An optional, non-standard action to use for stateless packet handling.The value to use in an Amazon CloudWatch custom metric dimension.A complex type that contains optional Amazon Web Services Key Management Service (KMS) encryption settings for your Network Firewall resources.A firewall defines the behavior of a firewall, the main VPC where the firewall is used, the Availability Zones where the firewall can be used, and one subnet to use for a firewall endpoint within each of the Availability Zones.High-level information about a firewall, returned by operations like create and describe.The firewall policy defines the behavior of a firewall using a collection of stateless and stateful rule groups and other settings.High-level information about a firewall policy, returned by operations like create and describe.The high-level properties of a firewall policy.Detailed information about the current status of a Firewall.Any number of arrays, where each array is a single flow identified in the scope of the operation.Defines the scope a flow operation.Contains information about a flow operation, such as related statuses, unique identifiers, and all filters defined in the operation.An array of objects with metadata about the requestedFlowOperation
.Describes the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle and Network Firewall removes the flow entry from its flow table.The basic rule criteria for Network Firewall to use to inspect packet headers in stateful traffic flow inspection.Attempts made to a access domain.Amazon Web Services doesn't currently have enough available capacity to fulfill your request.Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.The operation failed because it's not valid.The operation failed because of a problem with your request.The policy statement failed validation.The token you provided is stale or isn't valid for the operation.A list of IP addresses and address ranges, in CIDR notation.General information about the IP set.Configures one or more IP set references for a Suricata-compatible rule group.Unable to perform the operation because doing so would violate a limit setting.Defines where Network Firewall sends logs for the firewall for one log type.Unable to send logs to a configured logging destination.Defines how Network Firewall performs logging for a Firewall.Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection.Provides configuration status for a single policy or rule group that is used for a firewall endpoint.Contains variables that you can use to override default Suricata settings in your firewall policy.A single port range specification.A set of port ranges for use in the rules in a rule group.Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet.Contains a set of IP set references.Unable to locate a resource using the parameters that you provided.Unable to change the resource because your account doesn't own it.The inspection criteria and action for a single stateless rule.The object that defines the rules in a rule group.High-level information about a rule group, returned by ListRuleGroups.The high-level properties of a rule group.Additional settings for a stateful rule.The stateless or stateful rules definitions for use in a single rule group.Stateful inspection criteria for a domain list rule group.A complex type containing details about a Suricata rule.Settings that are available for use in the rules in the RuleGroup where this is defined.Any Certificate Manager (ACM) Secure Sockets Layer/Transport Layer Security (SSL/TLS) server certificate that's associated with a ServerCertificateConfiguration.Configures the Certificate Manager certificates and scope that Network Firewall uses to decrypt and re-encrypt traffic using a TLSInspectionConfiguration.Settings that define the Secure Sockets Layer/Transport Layer Security (SSL/TLS) traffic that Network Firewall should decrypt for inspection by the stateful rule engine.High-level information about the managed rule group that your own rule group is copied from.Configuration settings for the handling of the stateful rule groups in a firewall policy.A single Suricata rules specification, for use in a stateful rule group.The setting that allows the policy owner to change the behavior of the rule group within a policy.Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.Additional options governing how Network Firewall handles the rule group.A single stateless rule.Identifier for a single stateless rule group, used in a firewall policy to refer to the rule group.Stateless inspection criteria.The ID for a subnet that's used in an association with a firewall.A complex type containing summaries of security protections provided by a rule group.A complex type that specifies which Suricata rule metadata fields to use when displaying threat information.The status of the firewall endpoint and firewall policy configuration for a single VPC subnet.A key:value pair associated with an Amazon Web Services resource.TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.Unable to process the request due to throttling limitations.Contains metadata about an Certificate Manager certificate.The object that defines a TLS inspection configuration.High-level information about a TLS inspection configuration, returned byListTLSInspectionConfigurations
.The high-level properties of a TLS inspection configuration.Contains information about the synchronization state of a transit gateway attachment, including its current status and any error messages.A unique source IP address that connected to a domain.The operation you requested isn't supported by Network Firewall.A VPC endpoint association defines a single subnet to use for a firewall endpoint for aFirewall
.High-level information about a VPC endpoint association, returned byListVpcEndpointAssociations
.Detailed information about the current status of a VpcEndpointAssociation.