pulumi-aws-kotlin/com.pulumi.aws.route53.kotlin/ResolverFirewallRule

ResolverFirewallRule

class ResolverFirewallRule : KotlinCustomResource

Provides a Route 53 Resolver DNS Firewall rule resource.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.route53.ResolverFirewallDomainList;
import com.pulumi.aws.route53.ResolverFirewallDomainListArgs;
import com.pulumi.aws.route53.ResolverFirewallRuleGroup;
import com.pulumi.aws.route53.ResolverFirewallRuleGroupArgs;
import com.pulumi.aws.route53.ResolverFirewallRule;
import com.pulumi.aws.route53.ResolverFirewallRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleResolverFirewallDomainList = new ResolverFirewallDomainList("exampleResolverFirewallDomainList", ResolverFirewallDomainListArgs.builder()
            .domains("example.com")
            .tags()
            .build());
        var exampleResolverFirewallRuleGroup = new ResolverFirewallRuleGroup("exampleResolverFirewallRuleGroup", ResolverFirewallRuleGroupArgs.builder()
            .tags()
            .build());
        var exampleResolverFirewallRule = new ResolverFirewallRule("exampleResolverFirewallRule", ResolverFirewallRuleArgs.builder()
            .action("BLOCK")
            .blockOverrideDnsType("CNAME")
            .blockOverrideDomain("example.com")
            .blockOverrideTtl(1)
            .blockResponse("OVERRIDE")
            .firewallDomainListId(exampleResolverFirewallDomainList.id())
            .firewallRuleGroupId(exampleResolverFirewallRuleGroup.id())
            .priority(100)
            .build());
    }
}

Import

Route 53 Resolver DNS Firewall rules can be imported using the Route 53 Resolver DNS Firewall rule group ID and domain list ID separated by ':', e.g.,

$ pulumi import aws:route53/resolverFirewallRule:ResolverFirewallRule example rslvr-frg-0123456789abcdef:rslvr-fdl-0123456789abcdef

Properties

action

val action: Output<String>

The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list. Valid values: ALLOW, BLOCK, ALERT.

blockOverrideDnsType

val blockOverrideDnsType: Output<String>?

The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain. Value values: CNAME.

blockOverrideDomain

val blockOverrideDomain: Output<String>?

The custom DNS record to send back in response to the query.

blockOverrideTtl

val blockOverrideTtl: Output<Int>?

The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Minimum value of 0. Maximum value of 604800.

blockResponse

val blockResponse: Output<String>?

The way that you want DNS Firewall to block the request. Valid values: NODATA, NXDOMAIN, OVERRIDE.

firewallDomainListId

val firewallDomainListId: Output<String>

The ID of the domain list that you want to use in the rule.

firewallRuleGroupId

val firewallRuleGroupId: Output<String>

The unique identifier of the firewall rule group where you want to create the rule.

val id: Output<String>

name

val name: Output<String>

A name that lets you identify the rule, to manage and use it.

priority

val priority: Output<Int>

The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.

pulumiChildResources

val pulumiChildResources: Set<KotlinResource>

pulumiResourceName

val pulumiResourceName: String

pulumiResourceType

val pulumiResourceType: String

urn

val urn: Output<String>