NetworkFirewall / Client / describe_proxy_rule_group

describe_proxy_rule_group

NetworkFirewall.Client.describe_proxy_rule_group(**kwargs)

Returns the data objects for the specified proxy rule group.

See also: AWS API Documentation

Request Syntax

response = client.describe_proxy_rule_group(
    ProxyRuleGroupName='string',
    ProxyRuleGroupArn='string'
)

Parameters:

• ProxyRuleGroupName (string) –

  The descriptive name of the proxy rule group. You can’t change the name of a proxy rule group after you create it.

  You must specify the ARN or the name, and you can specify both.

• ProxyRuleGroupArn (string) –

  The Amazon Resource Name (ARN) of a proxy rule group.

  You must specify the ARN or the name, and you can specify both.

Return type:

dict

Returns:

Response Syntax

{
    'ProxyRuleGroup': {
        'ProxyRuleGroupName': 'string',
        'ProxyRuleGroupArn': 'string',
        'CreateTime': datetime(2015, 1, 1),
        'DeleteTime': datetime(2015, 1, 1),
        'Rules': {
            'PreDNS': [
                {
                    'ProxyRuleName': 'string',
                    'Description': 'string',
                    'Action': 'ALLOW'|'DENY'|'ALERT',
                    'Conditions': [
                        {
                            'ConditionOperator': 'string',
                            'ConditionKey': 'string',
                            'ConditionValues': [
                                'string',
                            ]
                        },
                    ]
                },
            ],
            'PreREQUEST': [
                {
                    'ProxyRuleName': 'string',
                    'Description': 'string',
                    'Action': 'ALLOW'|'DENY'|'ALERT',
                    'Conditions': [
                        {
                            'ConditionOperator': 'string',
                            'ConditionKey': 'string',
                            'ConditionValues': [
                                'string',
                            ]
                        },
                    ]
                },
            ],
            'PostRESPONSE': [
                {
                    'ProxyRuleName': 'string',
                    'Description': 'string',
                    'Action': 'ALLOW'|'DENY'|'ALERT',
                    'Conditions': [
                        {
                            'ConditionOperator': 'string',
                            'ConditionKey': 'string',
                            'ConditionValues': [
                                'string',
                            ]
                        },
                    ]
                },
            ]
        },
        'Description': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    },
    'UpdateToken': 'string'
}

Response Structure

• (dict) –

  • ProxyRuleGroup (dict) –

    The configuration for the specified proxy rule group.

    • ProxyRuleGroupName (string) –

      The descriptive name of the proxy rule group. You can’t change the name of a proxy rule group after you create it.

    • ProxyRuleGroupArn (string) –

      The Amazon Resource Name (ARN) of a proxy rule group.

    • CreateTime (datetime) –

      Time the Proxy Rule Group was created.

    • DeleteTime (datetime) –

      Time the Proxy Rule Group was deleted.

    • Rules (dict) –

      Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).

      • PreDNS (list) –

        Before domain resolution.

        • (dict) –

          Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).

          • ProxyRuleName (string) –

            The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.

          • Description (string) –

            A description of the proxy rule.

          • Action (string) –

            Action to take.

          • Conditions (list) –

            Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.

            • (dict) –

              Match criteria that specify what traffic attributes to examine.

              • ConditionOperator (string) –

                Defines how to perform a match.

              • ConditionKey (string) –

                Defines what is to be matched.

              • ConditionValues (list) –

                Specifes the exact value that needs to be matched against.

                • (string) –

      • PreREQUEST (list) –

        After DNS, before request.

        • (dict) –

          Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).

          • ProxyRuleName (string) –

            The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.

          • Description (string) –

            A description of the proxy rule.

          • Action (string) –

            Action to take.

          • Conditions (list) –

            Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.

            • (dict) –

              Match criteria that specify what traffic attributes to examine.

              • ConditionOperator (string) –

                Defines how to perform a match.

              • ConditionKey (string) –

                Defines what is to be matched.

              • ConditionValues (list) –

                Specifes the exact value that needs to be matched against.

                • (string) –

      • PostRESPONSE (list) –

        After receiving response.

        • (dict) –

          Individual rules that define match conditions and actions for application-layer traffic. Rules specify what to inspect (domains, headers, methods) and what action to take (allow, deny, alert).

          • ProxyRuleName (string) –

            The descriptive name of the proxy rule. You can’t change the name of a proxy rule after you create it.

          • Description (string) –

            A description of the proxy rule.

          • Action (string) –

            Action to take.

          • Conditions (list) –

            Match criteria that specify what traffic attributes to examine. Conditions include operators (StringEquals, StringLike) and values to match against.

            • (dict) –

              Match criteria that specify what traffic attributes to examine.

              • ConditionOperator (string) –

                Defines how to perform a match.

              • ConditionKey (string) –

                Defines what is to be matched.

              • ConditionValues (list) –

                Specifes the exact value that needs to be matched against.

                • (string) –

    • Description (string) –

      A description of the proxy rule group.

    • Tags (list) –

      The key:value pairs to associate with the resource.

      • (dict) –

        A key:value pair associated with an Amazon Web Services resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as “environment”) and the tag value represents a specific value within that category (such as “test,” “development,” or “production”). You can add up to 50 tags to each Amazon Web Services resource.

        • Key (string) –

          The part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as “customer.” Tag keys are case-sensitive.

        • Value (string) –

          The part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as “companyA” or “companyB.” Tag values are case-sensitive.

  • UpdateToken (string) –

    A token used for optimistic locking. Network Firewall returns a token to your requests that access the proxy rule group. The token marks the state of the proxy rule group resource at the time of the request.

    To make changes to the proxy rule group, you provide the token in your request. Network Firewall uses the token to ensure that the proxy rule group hasn’t changed since you last retrieved it. If it has changed, the operation fails with an InvalidTokenException. If this happens, retrieve the proxy rule group again to get a current copy of it with a current token. Reapply your changes as needed, then try the operation again using the new token.

Exceptions

• NetworkFirewall.Client.exceptions.InvalidRequestException

• NetworkFirewall.Client.exceptions.InternalServerError

• NetworkFirewall.Client.exceptions.ResourceNotFoundException

• NetworkFirewall.Client.exceptions.ThrottlingException