class Aws::NetworkFirewall::Types::RulesSourceList

Stateful inspection criteria for a domain list rule group.

For HTTPS traffic, domain filtering is SNI-based. It uses the server name indicator extension of the TLS handshake.

By default, Network Firewall domain list inspection only includes traffic coming from the VPC where you deploy the firewall. To inspect traffic from IP addresses outside of the deployment VPC, you set the `HOME_NET` rule variable to include the CIDR range of the deployment VPC plus the other CIDR ranges. For more information, see RuleVariables in this guide and [Stateful domain list rule groups in AWS Network Firewall] in the *Network Firewall Developer Guide*

[1]: docs.aws.amazon.com/network-firewall/latest/developerguide/stateful-rule-groups-domain-names.html

@note When making an API call, you may pass RulesSourceList

data as a hash:

    {
      targets: ["CollectionMember_String"], # required
      target_types: ["TLS_SNI"], # required, accepts TLS_SNI, HTTP_HOST
      generated_rules_type: "ALLOWLIST", # required, accepts ALLOWLIST, DENYLIST
    }

@!attribute [rw] targets

The domains that you want to inspect for in your traffic flows. To
provide multiple domains, separate them with commas. Valid domain
specifications are the following:

* Explicit names. For example, `abc.example.com` matches only the
  domain `abc.example.com`.

* Names that use a domain wildcard, which you indicate with an
  initial '`.`'. For example,`.example.com` matches `example.com`
  and matches all subdomains of `example.com`, such as
  `abc.example.com` and `www.example.com`.
@return [Array<String>]

@!attribute [rw] target_types

The protocols you want to inspect. Specify `TLS_SNI` for `HTTPS`.
Specity `HTTP_HOST` for `HTTP`. You can specify either or both.
@return [Array<String>]

@!attribute [rw] generated_rules_type

Whether you want to allow or deny access to the domains in your
target list.
@return [String]

@see docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/RulesSourceList AWS API Documentation

Constants

SENSITIVE