NAME
Paws::NetworkFirewall::RulesSourceList
USAGE
This class represents one of two things:
Arguments in a call to a service
Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. Each attribute should be used as a named argument in the calls that expect this type of object.
As an example, if Att1 is expected to be a Paws::NetworkFirewall::RulesSourceList object:
$service_obj->Method(Att1 => { GeneratedRulesType => $value, ..., TargetTypes => $value });
Results returned from an API call
Use accessors for each attribute. If Att1 is expected to be an Paws::NetworkFirewall::RulesSourceList object:
$result = $service_obj->Method(...);
$result->Att1->GeneratedRulesType
DESCRIPTION
Stateful inspection criteria for a domain list rule group.
For HTTPS traffic, domain filtering is SNI-based. It uses the server name indicator extension of the TLS handshake.
By default, Network Firewall domain list inspection only includes traffic coming from the VPC where you deploy the firewall. To inspect traffic from IP addresses outside of the deployment VPC, you set the HOME_NET
rule variable to include the CIDR range of the deployment VPC plus the other CIDR ranges. For more information, see RuleVariables in this guide and Stateful domain list rule groups in AWS Network Firewall (https://docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html) in the Network Firewall Developer Guide
ATTRIBUTES
REQUIRED GeneratedRulesType => Str
Whether you want to allow or deny access to the domains in your target list.
REQUIRED Targets => ArrayRef[Str|Undef]
The domains that you want to inspect for in your traffic flows. To provide multiple domains, separate them with commas. Valid domain specifications are the following:
Explicit names. For example,
abc.example.com
matches only the domainabc.example.com
.Names that use a domain wildcard, which you indicate with an initial '
.
'. For example,.example.com
matchesexample.com
and matches all subdomains ofexample.com
, such asabc.example.com
andwww.example.com
.
REQUIRED TargetTypes => ArrayRef[Str|Undef]
The protocols you want to inspect. Specify TLS_SNI
for HTTPS
. Specity HTTP_HOST
for HTTP
. You can specify either or both.
SEE ALSO
This class forms part of Paws, describing an object used in Paws::NetworkFirewall
BUGS and CONTRIBUTIONS
The source code is located here: https://github.com/pplu/aws-sdk-perl
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues