My Saved Presets
You must be logged in to view saved presets

Loading Library ...

Stateful Rule Group with Suricata Format and Variables

This template sets up a stateful rule group using rule variables and Suricata format rules in AWS Network Firewall.

example

aws_networkfirewall_rule_group

encryption_configuration


rule_group
reference_sets
ip_set_reference


rule_variables
ip_sets

ip_set

definition


ip_set

definition

port_sets

port_set

definition

rules_source
rules_source_list

target_types

targets


stateful_rule
header




rule_option

settings

stateless_rules_and_custom_actions
custom_action
action_definition
publish_metric_action
dimension


stateless_rule
rule_definition

actions

match_attributes
destination

destination_port

protocols

source

source_port
tcp_flag

flags

masks

stateful_rule_options

depends_on


lifecycle

ignore_changes

replace_triggered_by

precondition


postcondition



Terraform Template

resource "aws_networkfirewall_rule_group" "example" {
  capacity = 100
  name = "example"

  rule_group {

    rule_variables {

      ip_sets {

        ip_set {
          definition = ["10.0.0.0/16", "10.0.1.0/24", "192.168.0.0/16"]
        }
        key = "WEBSERVERS_HOSTS"
      }

      ip_sets {

        ip_set {
          definition = ["1.2.3.4/32"]
        }
        key = "EXTERNAL_HOST"
      }

      port_sets {
        key = "HTTP_PORTS"

        port_set {
          definition = ["443", "80"]
        }
      }
    }

    rules_source {
      rules_string = file("suricata_rules_file")
    }
  }

  tags = {
    Tag1 = "Value1"
    Tag2 = "Value2"
  }
  type = "STATEFUL"
}

© 2024 asecurecloud. All rights reserved.