Skip to main content

NetworkFirewallPolicy

Resource Icon

Resource Overview

An AWS Network Firewall Policy defines monitoring and protection behavior for Network Firewall.

Associated Resources

Parent Resources

Region

Connected Resources

Resource Configuration

Basic Settings

description : Firewall policy description (maximum 256 characters)
stream_exception_policy : Handling of midstream traffic interruption - DROP, CONTINUE, REJECT

Stateless Default Actions (`stateless_default_action`)

stateless_default_action.enabled_fragment_packet_action : Whether fragment packet handling is enabled - true, false
stateless_default_action.default_action : Default action for packets not matching stateless rules - aws:drop, aws:pass, aws:forward_to_sfe
stateless_default_action.fragment_default_action : Action for fragmented packets not matching rules

Stateless Rule Groups

stateless_rule_group_names : List of stateless rule groups associated with the policy
- key : priority
- value : rule group name

Stateful Default Actions (`stateful_default_action`)

stateful_default_action.rule_evaluation_order : Rule evaluation order - STRICT_ORDER, DEFAULT_ACTION_ORDER
stateful_default_action.default_actions : Default actions for packets not matching stateful rules

Stateful Rule Groups

strict_stateful_rule_group_names : Stateful rule groups evaluated in STRICT_ORDER
default_stateful_rule_group_names : Default stateful rule group names

Rule Variables (`rule_variables`)

rule_variables : Variables used to override Suricata default settings

Encryption Configuration (`encryption_configuration`)

`encrypt

Resource Icon
Resource Overview
Associated Resources
- Parent Resources
- Connected Resources
Resource Configuration