Route53GlobalResolver / Client / get_firewall_rule

get_firewall_rule

Route53GlobalResolver.Client.get_firewall_rule(**kwargs)

Retrieves information about a DNS firewall rule.

See also: AWS API Documentation

Request Syntax

response = client.get_firewall_rule(
    firewallRuleId='string'
)
Parameters:

firewallRuleId (string) –

[REQUIRED]

ID of the DNS Firewall rule.

Return type:

dict

Returns:

Response Syntax

{
    'action': 'ALLOW'|'ALERT'|'BLOCK',
    'blockOverrideDnsType': 'CNAME',
    'blockOverrideDomain': 'string',
    'blockOverrideTtl': 123,
    'blockResponse': 'NODATA'|'NXDOMAIN'|'OVERRIDE',
    'confidenceThreshold': 'LOW'|'MEDIUM'|'HIGH',
    'createdAt': datetime(2015, 1, 1),
    'description': 'string',
    'dnsAdvancedProtection': 'DGA'|'DNS_TUNNELING',
    'firewallDomainListId': 'string',
    'id': 'string',
    'name': 'string',
    'priority': 123,
    'dnsViewId': 'string',
    'queryType': 'string',
    'status': 'CREATING'|'OPERATIONAL'|'UPDATING'|'DELETING',
    'updatedAt': datetime(2015, 1, 1)
}

Response Structure

  • (dict) –

    • action (string) –

      The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule’s domain list, or a threat in a DNS Firewall Advanced rule.

    • blockOverrideDnsType (string) –

      The DNS record’s type. This determines the format of the record value that you provided in BlockOverrideDomain. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

    • blockOverrideDomain (string) –

      The custom DNS record to send back in response to the query. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

    • blockOverrideTtl (integer) –

      The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.

    • blockResponse (string) –

      The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.

    • confidenceThreshold (string) –

      The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule.

    • createdAt (datetime) –

      The time and date the DNS Firewall rule was created.

    • description (string) –

      The description of the DNS Firewall rule.

    • dnsAdvancedProtection (string) –

      The type of the DNS Firewall Advanced rule. Valid values are DGA and DNS_TUNNELING.

    • firewallDomainListId (string) –

      The ID of a DNS Firewall domain list.

    • id (string) –

      ID of the DNS Firewall rule.

    • name (string) –

      The name of the DNS Firewall rule.

    • priority (integer) –

      The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.

    • dnsViewId (string) –

      The DNS view ID the DNS Firewall is associated with.

    • queryType (string) –

      The DNS query type you want the rule to evaluate.

    • status (string) –

      The operational status of the DNS Firewall rule.

    • updatedAt (datetime) –

      The date and time the DNS Firewall rule was updated.

Exceptions

  • Route53GlobalResolver.Client.exceptions.InternalServerException

  • Route53GlobalResolver.Client.exceptions.ValidationException

  • Route53GlobalResolver.Client.exceptions.AccessDeniedException

  • Route53GlobalResolver.Client.exceptions.ThrottlingException

  • Route53GlobalResolver.Client.exceptions.ResourceNotFoundException