AWS::Route53Resolver::FirewallRuleGroupAssociationCfnFirewallRuleGroupAssociation
An association between a firewall rule group and a VPC, which enables DNS filtering for the VPC.
Import
import { CfnFirewallRuleGroupAssociation } from 'aws-cdk-lib/aws-route53resolver';Or use the module namespace:
import * as route53resolver from 'aws-cdk-lib/aws-route53resolver';
// route53resolver.CfnFirewallRuleGroupAssociationProperties
Configuration passed to the constructor as CfnFirewallRuleGroupAssociationProps.
firewallRuleGroupIdRequiredstring | IFirewallRuleGroupRefThe unique identifier of the firewall rule group.
priorityRequirednumberThe setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall filters VPC traffic starting from rule group with the lowest numeric priority setting. You must specify a unique priority for each rule group that you associate with a single VPC. To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You can change the priority setting for a rule group association after you create it. The allowed values for `Priority` are between 100 and 9900 (excluding 100 and 9900).
vpcIdRequiredstring | IVPCRefThe unique identifier of the VPC that is associated with the rule group.
mutationProtectionOptionalstringIf enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
nameOptionalstringThe name of the association.
tagsOptionalCfnTag[]A list of the tag keys and values that you want to associate with the rule group.
CloudFormation Resource
This L1 construct maps directly to the following CloudFormation resource type.
Learn AWS the Practical Way
Our bi-weekly newsletter teaches hands-on AWS fundamentals. No certification fluff - just practical knowledge.
Subscribe to NewsletterQuick Facts
aws-route53resolverAWS::Route53Resolver::FirewallRuleGroupAssociation