How to add managed stateful rule groups to network firewall with CloudFormation ?

1

Via the console, we can add managed stateful rule groups : how to achieve the same thing using a cloud formation template ?

For example :

PriorityName
1AbusedLegitMalwareDomainsStrictOrder
2BotNetCommandAndControlDomainsStrictOrder
3AbusedLegitBotNetCommandAndControlDomainsStrictOrder
4ThreatSignaturesBotnetStrictOrder
5ThreatSignaturesBotnetWebStrictOrder

The objective is also to have a strict order of priorities as indicated, as an example, in the table above.

Thank you in advance for your answers.

3 Answers
1

Hello,

You can use AWS::NetworkFirewall::FirewallPolicy to add managed rule groups to your Network Firewall policies. Sub-Property StatefulRuleGroupReference can be used to set Priority for each managed rule group specified in property ResourceArn. To get the ARN of the AWS managed rule group, use list-rule-groups AWS CLI. See example for reference.

AWS
SUPPORT ENGINEER
answered 2 years ago
1

ResourceArns for Managed Rulegroups follow the pattern: "arn:aws:network-firewall:<region>:aws-managed:stateful-rulegroup/<rulegroup-name"

For example: "arn:aws:network-firewall:ap-southeast-2:aws-managed:stateful-rulegroup/ThreatSignaturesMalwareMobileActionOrder"

Craig
answered a year ago
0

Hello,

Please follow the below link to add managed stateful rule groups to network firewall with CloudFormation: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-networkfirewall-rulegroup.html#aws-resource-networkfirewall-rulegroup--examples

AWS
SUPPORT ENGINEER
answered 2 years ago
  • Thank you for your answer, but it does not answer my question. The question is about the stateful rule groups managed by AWS, not the rules you create yourself.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions