RuleGroup
The RuleGroup resource allows you to manage AWS NetworkFirewall RuleGroups for creating and applying firewall rules to your network traffic.
Minimal Example
Section titled “Minimal Example”Create a basic RuleGroup with required properties and one optional description.
import AWS from "alchemy/aws/control";
const basicRuleGroup = await AWS.NetworkFirewall.RuleGroup("basicRuleGroup", { Type: "STATEFUL", Capacity: 100, RuleGroupName: "BasicRuleGroup", Description: "A simple stateful rule group for basic traffic filtering."});
Advanced Configuration
Section titled “Advanced Configuration”Configure a RuleGroup with detailed rules and tags for better management.
const advancedRuleGroup = await AWS.NetworkFirewall.RuleGroup("advancedRuleGroup", { Type: "STATEFUL", Capacity: 200, RuleGroupName: "AdvancedRuleGroup", RuleGroup: { RulesSource: { RulesString: ` rule1: { action: "PASS", protocol: "TCP", destination: { addresses: ["192.168.1.0/24"], ports: ["80", "443"] } } ` } }, Tags: [ { Key: "Environment", Value: "Production" }, { Key: "Department", Value: "IT" } ]});
Custom Firewall Rules
Section titled “Custom Firewall Rules”Demonstrate how to create a RuleGroup with custom firewall rules that include complex conditions.
const customRulesGroup = await AWS.NetworkFirewall.RuleGroup("customRulesGroup", { Type: "STATEFUL", Capacity: 150, RuleGroupName: "CustomRulesGroup", RuleGroup: { RulesSource: { RulesString: ` rule2: { action: "DROP", protocol: "UDP", source: { addresses: ["10.0.0.0/16"], ports: ["53"] }, destination: { addresses: ["0.0.0.0/0"], ports: ["53"] } } ` } }});
Adoption of Existing RuleGroups
Section titled “Adoption of Existing RuleGroups”Create a new RuleGroup and adopt an existing one if it already exists.
const adoptRuleGroup = await AWS.NetworkFirewall.RuleGroup("adoptRuleGroup", { Type: "STATELESS", Capacity: 100, RuleGroupName: "AdoptedRuleGroup", adopt: true});