Skip to content

List Firewall Rules

route53resolver_list_firewall_rules R Documentation

Retrieves the firewall rules that you have defined for the specified firewall rule group

Description

Retrieves the firewall rules that you have defined for the specified firewall rule group. DNS Firewall uses the rules in a rule group to filter DNS network traffic for a VPC.

A single call might return only a partial list of the rules. For information, see MaxResults.

Usage

route53resolver_list_firewall_rules(FirewallRuleGroupId, Priority,
  Action, MaxResults, NextToken)

Arguments

FirewallRuleGroupId

[required] The unique identifier of the firewall rule group that you want to retrieve the rules for.
Priority

Optional additional filter for the rules to retrieve.

The setting that determines the processing order of the rules in a rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
Action

Optional additional filter for the rules to retrieve.

The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:

  • ALLOW - Permit the request to go through. Not availabe for DNS Firewall Advanced rules.

  • ALERT - Permit the request to go through but send an alert to the logs.

  • BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
MaxResults

The maximum number of objects that you want Resolver to return for this request. If more objects are available, in the response, Resolver provides a NextToken value that you can use in a subsequent call to get the next batch of objects.

If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
NextToken

For the first call to this list request, omit this value.

When you request a list of objects, Resolver returns at most the number of objects specified in MaxResults. If more objects are available for retrieval, Resolver returns a NextToken value in the response. To retrieve the next batch of objects, use the token that was returned for the prior request in your next request.

Value

A list with the following syntax:

list(
  NextToken = "string",
  FirewallRules = list(
    list(
      FirewallRuleGroupId = "string",
      FirewallDomainListId = "string",
      FirewallThreatProtectionId = "string",
      Name = "string",
      Priority = 123,
      Action = "ALLOW"|"BLOCK"|"ALERT",
      BlockResponse = "NODATA"|"NXDOMAIN"|"OVERRIDE",
      BlockOverrideDomain = "string",
      BlockOverrideDnsType = "CNAME",
      BlockOverrideTtl = 123,
      CreatorRequestId = "string",
      CreationTime = "string",
      ModificationTime = "string",
      FirewallDomainRedirectionAction = "INSPECT_REDIRECTION_DOMAIN"|"TRUST_REDIRECTION_DOMAIN",
      Qtype = "string",
      DnsThreatProtection = "DGA"|"DNS_TUNNELING",
      ConfidenceThreshold = "LOW"|"MEDIUM"|"HIGH"
    )
  )
)

Request syntax

svc$list_firewall_rules(
  FirewallRuleGroupId = "string",
  Priority = 123,
  Action = "ALLOW"|"BLOCK"|"ALERT",
  MaxResults = 123,
  NextToken = "string"
)