AWS Route 53 Resolver Firewall Rule Group Association

This page shows how to write Terraform and CloudFormation for Route 53 Resolver Firewall Rule Group Association and write them securely.

aws_route53_resolver_firewall_rule_group_association (Terraform)

The Firewall Rule Group Association in Route 53 Resolver can be configured in Terraform with the resource name aws_route53_resolver_firewall_rule_group_association. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following argument is supported:

  • name - (Required) A name that lets you identify the rule group association, to manage and use it.
  • firewall_rule_group_id - (Required) The unique identifier of the firewall rule group.
  • mutation_protection - (Optional) If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. Valid values: ENABLED, DISABLED.
  • priority - (Required) The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall filters VPC traffic starting from the rule group with the lowest numeric priority setting.
  • vpc_id - (Required) The unique identifier of the VPC that you want to associate with the rule group.
  • tags - (Optional) Key-value map of resource tags. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

In addition to all arguments above, the following attributes are exported:

  • arn - The ARN (Amazon Resource Name) of the firewall rule group association.
  • id - The identifier for the association.
  • tags_all - A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Explanation in Terraform Registry

Provides a Route 53 Resolver DNS Firewall rule group association resource.

AWS::Route53Resolver::FirewallRuleGroupAssociation (CloudFormation)

The FirewallRuleGroupAssociation in Route53Resolver can be configured in CloudFormation with the resource name AWS::Route53Resolver::FirewallRuleGroupAssociation. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

template.json#L611
    "AWS::Route53Resolver::FirewallRuleGroupAssociation": {
      "Type": "AWS::Route53Resolver::FirewallRuleGroupAssociation",
      "Properties": {}
    },
    "AWS::NetworkFirewall::RuleGroup": {
      "Type": "AWS::NetworkFirewall::RuleGroup",
integ.firewall.expected.json#L292
      "Type": "AWS::Route53Resolver::FirewallRuleGroupAssociation",
      "Properties": {
        "FirewallRuleGroupId": {
          "Fn::GetAtt": [
            "RuleGroup06BA8844",
            "Id"
integ.firewall.expected.json#L292
      "Type": "AWS::Route53Resolver::FirewallRuleGroupAssociation",
      "Properties": {
        "FirewallRuleGroupId": {
          "Fn::GetAtt": [
            "RuleGroup06BA8844",
            "Id"
integ.firewall.expected.json#L292
      "Type": "AWS::Route53Resolver::FirewallRuleGroupAssociation",
      "Properties": {
        "FirewallRuleGroupId": {
          "Fn::GetAtt": [
            "RuleGroup06BA8844",
            "Id"

Parameters

Explanation in CloudFormation Registry

An association between a firewall rule group and a VPC, which enables DNS filtering for the VPC.

Frequently asked questions

What is AWS Route 53 Resolver Firewall Rule Group Association?

AWS Route 53 Resolver Firewall Rule Group Association is a resource for Route 53 Resolver of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Route 53 Resolver Firewall Rule Group Association?

For CloudFormation, the mhlabs/aws-icons-directory, manishmittal12/aws-cdk and rajmbnz/aws-cdk source code examples are useful. See the CloudFormation Example section for further details.