NAME

Paws::NetworkFirewall::RulesSourceList

USAGE

This class represents one of two things:

Arguments in a call to a service

Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. Each attribute should be used as a named argument in the calls that expect this type of object.

As an example, if Att1 is expected to be a Paws::NetworkFirewall::RulesSourceList object:

$service_obj->Method(Att1 => { GeneratedRulesType => $value, ..., TargetTypes => $value  });

Results returned from an API call

Use accessors for each attribute. If Att1 is expected to be an Paws::NetworkFirewall::RulesSourceList object:

$result = $service_obj->Method(...);
$result->Att1->GeneratedRulesType

DESCRIPTION

Stateful inspection criteria for a domain list rule group.

For HTTPS traffic, domain filtering is SNI-based. It uses the server name indicator extension of the TLS handshake.

By default, Network Firewall domain list inspection only includes traffic coming from the VPC where you deploy the firewall. To inspect traffic from IP addresses outside of the deployment VPC, you set the HOME_NET rule variable to include the CIDR range of the deployment VPC plus the other CIDR ranges. For more information, see RuleVariables in this guide and Stateful domain list rule groups in AWS Network Firewall (https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html) in the Network Firewall Developer Guide

ATTRIBUTES

REQUIRED GeneratedRulesType => Str

Whether you want to allow or deny access to the domains in your target list.

REQUIRED Targets => ArrayRef[Str|Undef]

The domains that you want to inspect for in your traffic flows. To provide multiple domains, separate them with commas. Valid domain specifications are the following:

  • Explicit names. For example, abc.example.com matches only the domain abc.example.com.

  • Names that use a domain wildcard, which you indicate with an initial '.'. For example,.example.com matches example.com and matches all subdomains of example.com, such as abc.example.com and www.example.com.

REQUIRED TargetTypes => ArrayRef[Str|Undef]

The protocols you want to inspect. Specify TLS_SNI for HTTPS. Specity HTTP_HOST for HTTP. You can specify either or both.

SEE ALSO

This class forms part of Paws, describing an object used in Paws::NetworkFirewall

BUGS and CONTRIBUTIONS

The source code is located here: https://github.com/pplu/aws-sdk-perl

Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues