networkfirewall/aws.sdk.kotlin.services.networkfirewall.model/RulesSourceList

RulesSourceList

class RulesSourceList

Stateful inspection criteria for a domain list rule group.

For HTTPS traffic, domain filtering is SNI-based. It uses the server name indicator extension of the TLS handshake.

By default, Network Firewall domain list inspection only includes traffic coming from the VPC where you deploy the firewall. To inspect traffic from IP addresses outside of the deployment VPC, you set the HOME_NET rule variable to include the CIDR range of the deployment VPC plus the other CIDR ranges. For more information, see RuleVariables in this guide and Stateful domain list rule groups in Network Firewall in the Network Firewall Developer Guide.

Types

Link copied to clipboard
class Builder
Link copied to clipboard
object Companion

Properties

Link copied to clipboard
val generatedRulesType: GeneratedRulesType

Whether you want to allow or deny access to the domains in your target list.

Link copied to clipboard
val targets: List<String>

The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:

Link copied to clipboard
val targetTypes: List<TargetType>

The protocols you want to inspect. Specify TLS_SNI for HTTPS. Specify HTTP_HOST for HTTP. You can specify either or both.

Functions

Link copied to clipboard
inline fun copy(block: RulesSourceList.Builder.() -> Unit = {}): RulesSourceList
Link copied to clipboard
open operator override fun equals(other: Any?): Boolean
Link copied to clipboard
open override fun hashCode(): Int
Link copied to clipboard
open override fun toString(): String