NetworkFirewall / Client / create_proxy_rule_group
create_proxy_rule_group¶
- NetworkFirewall.Client.create_proxy_rule_group(**kwargs)¶
Creates an Network Firewall ProxyRuleGroup
Collections of related proxy filtering rules. Rule groups help you manage and reuse sets of rules across multiple proxy configurations.
To manage a proxy rule group’s tags, use the standard Amazon Web Services resource tagging operations, ListTagsForResource, TagResource, and UntagResource.
To retrieve information about proxy rule groups, use ListProxyRuleGroups and DescribeProxyRuleGroup.
To retrieve information about individual proxy rules, use DescribeProxyRuleGroup and DescribeProxyRule.
See also: AWS API Documentation
Request Syntax
response = client.create_proxy_rule_group( ProxyRuleGroupName='string', Description='string', Rules={ 'PreDNS': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ], 'PreREQUEST': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ], 'PostRESPONSE': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ] }, Tags=[ { 'Key': 'string', 'Value': 'string' }, ] )
- Parameters:
ProxyRuleGroupName (string) –
[REQUIRED]
The descriptive name of the proxy rule group. You can’t change the name of a proxy rule group after you create it.
Description (string) – A description of the proxy rule group.
Rules (dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
PreDNS (list) –
Before domain resolution.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
PreREQUEST (list) –
After DNS, before request.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
PostRESPONSE (list) –
After receiving response.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
Tags (list) –
The key:value pairs to associate with the resource.
(dict) –
A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as “environment”) and the tag value represents a specific value within that category (such as “test,” “development,” or “production”). You can add up to 50 tags to each Amazon Web Services resource.
Key (string) – [REQUIRED]
The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as “customer.” Tag keys are case-sensitive.
Value (string) – [REQUIRED]
The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as “companyA” or “companyB.” Tag values are case-sensitive.
- Return type:
dict
- Returns:
Response Syntax
{ 'ProxyRuleGroup': { 'ProxyRuleGroupName': 'string', 'ProxyRuleGroupArn': 'string', 'CreateTime': datetime(2015, 1, 1), 'DeleteTime': datetime(2015, 1, 1), 'Rules': { 'PreDNS': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ], 'PreREQUEST': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ], 'PostRESPONSE': [ { 'ProxyRuleName': 'string', 'Description': 'string', 'Action': 'ALLOW'|'DENY'|'ALERT', 'Conditions': [ { 'ConditionOperator': 'string', 'ConditionKey': 'string', 'ConditionValues': [ 'string', ] }, ] }, ] }, 'Description': 'string', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, 'UpdateToken': 'string' }
Response Structure
(dict) –
ProxyRuleGroup (dict) –
The properties that define the proxy rule group.
ProxyRuleGroupName (string) –
The descriptive name of the proxy rule group. You can’t change the name of a proxy rule group after you create it.
ProxyRuleGroupArn (string) –
The Amazon Resource Name (ARN) of a proxy rule group.
CreateTime (datetime) –
Time the Proxy Rule Group was created.
DeleteTime (datetime) –
Time the Proxy Rule Group was deleted.
Rules (dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
PreDNS (list) –
Before domain resolution.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
PreREQUEST (list) –
After DNS, before request.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
PostRESPONSE (list) –
After receiving response.
(dict) –
Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).
ProxyRuleName (string) –
The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.
Description (string) –
A description of the proxy rule.
Action (string) –
Action to take.
Conditions (list) –
Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.
(dict) –
Match criteria that specify what traffic attributes to examine.
ConditionOperator (string) –
Defines how to perform a match.
ConditionKey (string) –
Defines what is to be matched.
ConditionValues (list) –
Specifes the exact value that needs to be matched against.
(string) –
Description (string) –
A description of the proxy rule group.
Tags (list) –
The key:value pairs to associate with the resource.
(dict) –
A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as “environment”) and the tag value represents a specific value within that category (such as “test,” “development,” or “production”). You can add up to 50 tags to each Amazon Web Services resource.
Key (string) –
The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as “customer.” Tag keys are case-sensitive.
Value (string) –
The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as “companyA” or “companyB.” Tag values are case-sensitive.
UpdateToken (string) –
A token used for optimistic locking. Network Firewall returns a token to your requests that access the proxy rule group. The token marks the state of the proxy rule group resource at the time of the request.
To make changes to the proxy rule group, you provide the token in your request. Network Firewall uses the token to ensure that the proxy rule group hasn’t changed since you last retrieved it. If it has changed, the operation fails with an
InvalidTokenException. If this happens, retrieve the proxy rule group again to get a current copy of it with a current token. Reapply your changes as needed, then try the operation again using the new token.
Exceptions