class Aws::NetworkFirewall::Types::UpdateRuleGroupRequest

@note When making an API call, you may pass UpdateRuleGroupRequest

data as a hash:

    {
      update_token: "UpdateToken", # required
      rule_group_arn: "ResourceArn",
      rule_group_name: "ResourceName",
      rule_group: {
        rule_variables: {
          ip_sets: {
            "RuleVariableName" => {
              definition: ["VariableDefinition"], # required
            },
          },
          port_sets: {
            "RuleVariableName" => {
              definition: ["VariableDefinition"],
            },
          },
        },
        rules_source: { # required
          rules_string: "RulesString",
          rules_source_list: {
            targets: ["CollectionMember_String"], # required
            target_types: ["TLS_SNI"], # required, accepts TLS_SNI, HTTP_HOST
            generated_rules_type: "ALLOWLIST", # required, accepts ALLOWLIST, DENYLIST
          },
          stateful_rules: [
            {
              action: "PASS", # required, accepts PASS, DROP, ALERT
              header: { # required
                protocol: "IP", # required, accepts IP, TCP, UDP, ICMP, HTTP, FTP, TLS, SMB, DNS, DCERPC, SSH, SMTP, IMAP, MSN, KRB5, IKEV2, TFTP, NTP, DHCP
                source: "Source", # required
                source_port: "Port", # required
                direction: "FORWARD", # required, accepts FORWARD, ANY
                destination: "Destination", # required
                destination_port: "Port", # required
              },
              rule_options: [ # required
                {
                  keyword: "Keyword", # required
                  settings: ["Setting"],
                },
              ],
            },
          ],
          stateless_rules_and_custom_actions: {
            stateless_rules: [ # required
              {
                rule_definition: { # required
                  match_attributes: { # required
                    sources: [
                      {
                        address_definition: "AddressDefinition", # required
                      },
                    ],
                    destinations: [
                      {
                        address_definition: "AddressDefinition", # required
                      },
                    ],
                    source_ports: [
                      {
                        from_port: 1, # required
                        to_port: 1, # required
                      },
                    ],
                    destination_ports: [
                      {
                        from_port: 1, # required
                        to_port: 1, # required
                      },
                    ],
                    protocols: [1],
                    tcp_flags: [
                      {
                        flags: ["FIN"], # required, accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
                        masks: ["FIN"], # accepts FIN, SYN, RST, PSH, ACK, URG, ECE, CWR
                      },
                    ],
                  },
                  actions: ["CollectionMember_String"], # required
                },
                priority: 1, # required
              },
            ],
            custom_actions: [
              {
                action_name: "ActionName", # required
                action_definition: { # required
                  publish_metric_action: {
                    dimensions: [ # required
                      {
                        value: "DimensionValue", # required
                      },
                    ],
                  },
                },
              },
            ],
          },
        },
      },
      rules: "RulesString",
      type: "STATELESS", # accepts STATELESS, STATEFUL
      description: "Description",
      dry_run: false,
    }

@!attribute [rw] update_token

A token used for optimistic locking. Network Firewall returns a
token to your requests that access the rule group. The token marks
the state of the rule group resource at the time of the request.

To make changes to the rule group, you provide the token in your
request. Network Firewall uses the token to ensure that the rule
group hasn't changed since you last retrieved it. If it has
changed, the operation fails with an `InvalidTokenException`. If
this happens, retrieve the rule group again to get a current copy of
it with a current token. Reapply your changes as needed, then try
the operation again using the new token.
@return [String]

@!attribute [rw] rule_group_arn

The Amazon Resource Name (ARN) of the rule group.

You must specify the ARN or the name, and you can specify both.
@return [String]

@!attribute [rw] rule_group_name

The descriptive name of the rule group. You can't change the name
of a rule group after you create it.

You must specify the ARN or the name, and you can specify both.
@return [String]

@!attribute [rw] rule_group

An object that defines the rule group rules.

<note markdown="1"> You must provide either this rule group setting or a `Rules`
setting, but not both.

 </note>
@return [Types::RuleGroup]

@!attribute [rw] rules

A string containing stateful rule group rules specifications in
Suricata flat format, with one rule per line. Use this to import
your existing Suricata compatible rule groups.

<note markdown="1"> You must provide either this rules setting or a populated
`RuleGroup` setting, but not both.

 </note>

You can provide your rule group specification in Suricata flat
format through this setting when you create or update your rule
group. The call response returns a RuleGroup object that Network
Firewall has populated from your string.
@return [String]

@!attribute [rw] type

Indicates whether the rule group is stateless or stateful. If the
rule group is stateless, it contains stateless rules. If it is
stateful, it contains stateful rules.

<note markdown="1"> This setting is required for requests that do not include the
`RuleGroupARN`.

 </note>
@return [String]

@!attribute [rw] description

A description of the rule group.
@return [String]

@!attribute [rw] dry_run

Indicates whether you want Network Firewall to just check the
validity of the request, rather than run the request.

If set to `TRUE`, Network Firewall checks whether the request can
run successfully, but doesn't actually make the requested changes.
The call returns the value that the request would return if you ran
it with dry run set to `FALSE`, but doesn't make additions or
changes to your resources. This option allows you to make sure that
you have the required permissions to run the request and that your
request parameters are valid.

If set to `FALSE`, Network Firewall makes the requested changes to
your resources.
@return [Boolean]

@see docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/UpdateRuleGroupRequest AWS API Documentation

Constants

SENSITIVE