pkg.gl

Describes the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle and Network Firewall removes the flow entry from its flow table.

The basic rule criteria for Network Firewall to use to inspect packet headers in stateful traffic flow inspection.

Hits

Attempts made to a access domain.

InsufficientCapacityException

Amazon Web Services doesn't currently have enough available capacity to fulfill your request.

InternalServerError

Your request is valid, but Network Firewall couldn't perform the operation because of a system problem.

InvalidOperationException

The operation failed because it's not valid.

InvalidRequestException

The operation failed because of a problem with your request.

InvalidResourcePolicyException

The policy statement failed validation.

InvalidTokenException

The token you provided is stale or isn't valid for the operation.

IPSet

A list of IP addresses and address ranges, in CIDR notation.

IPSetMetadata

General information about the IP set.

IPSetReference

Configures one or more IP set references for a Suricata-compatible rule group.

LimitExceededException

Unable to perform the operation because doing so would violate a limit setting.

LogDestinationConfig

Defines where Network Firewall sends logs for the firewall for one log type.

LogDestinationPermissionException

Unable to send logs to a configured logging destination.

LoggingConfiguration

Defines how Network Firewall performs logging for a Firewall.

MatchAttributes

Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection.

PerObjectStatus

Provides configuration status for a single policy or rule group that is used for a firewall endpoint.

PolicyVariables

Contains variables that you can use to override default Suricata settings in your firewall policy.

PortRange

A single port range specification.

PortSet

A set of port ranges for use in the rules in a rule group.

PublishMetricAction

Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet.

ReferenceSets

Contains a set of IP set references.

ResourceNotFoundException

Unable to locate a resource using the parameters that you provided.

ResourceOwnerCheckException

Unable to change the resource because your account doesn't own it.

RuleDefinition

The inspection criteria and action for a single stateless rule.

RuleGroup

The object that defines the rules in a rule group.

RuleGroupMetadata

High-level information about a rule group, returned by ListRuleGroups.

RuleGroupResponse

The high-level properties of a rule group.

RuleOption

Additional settings for a stateful rule.

RulesSource

The stateless or stateful rules definitions for use in a single rule group.

RulesSourceList

Stateful inspection criteria for a domain list rule group.

RuleVariables

Settings that are available for use in the rules in the RuleGroup where this is defined.

ServerCertificate

Any Certificate Manager (ACM) Secure Sockets Layer/Transport Layer Security (SSL/TLS) server certificate that's associated with a ServerCertificateConfiguration.

ServerCertificateConfiguration

Configures the Certificate Manager certificates and scope that Network Firewall uses to decrypt and re-encrypt traffic using a TLSInspectionConfiguration.

ServerCertificateScope

Settings that define the Secure Sockets Layer/Transport Layer Security (SSL/TLS) traffic that Network Firewall should decrypt for inspection by the stateful rule engine.

SourceMetadata

High-level information about the managed rule group that your own rule group is copied from.

StatefulEngineOptions

Configuration settings for the handling of the stateful rule groups in a firewall policy.

StatefulRule

A single Suricata rules specification, for use in a stateful rule group.

StatefulRuleGroupOverride

The setting that allows the policy owner to change the behavior of the rule group within a policy.

StatefulRuleGroupReference

Identifier for a single stateful rule group, used in a firewall policy to refer to a rule group.

StatefulRuleOptions

Additional options governing how Network Firewall handles the rule group.

StatelessRule

A single stateless rule.

StatelessRuleGroupReference

Identifier for a single stateless rule group, used in a firewall policy to refer to the rule group.

StatelessRulesAndCustomActions

Stateless inspection criteria.

SubnetMapping

The ID for a subnet that you want to associate with the firewall.

SyncState

The status of the firewall endpoint and firewall policy configuration for a single VPC subnet.

Tag

A key:value pair associated with an Amazon Web Services resource.

TCPFlagField

TCP flags and masks to inspect packets for, used in stateless rules MatchAttributes settings.

ThrottlingException

Unable to process the request due to throttling limitations.

TlsCertificateData

Contains metadata about an Certificate Manager certificate.

TLSInspectionConfiguration

The object that defines a TLS inspection configuration.

TLSInspectionConfigurationMetadata

High-level information about a TLS inspection configuration, returned by ListTLSInspectionConfigurations .

TLSInspectionConfigurationResponse

The high-level properties of a TLS inspection configuration.

UniqueSources

A unique source IP address that connected to a domain.

UnsupportedOperationException

The operation you requested isn't supported by Network Firewall.