FirewallRuleGroup
The FirewallRuleGroup resource lets you manage AWS Route53Resolver FirewallRuleGroups for controlling DNS queries and applying firewall rules.
Minimal Example
Section titled “Minimal Example”Create a simple FirewallRuleGroup with a basic rule and a descriptive name.
import AWS from "alchemy/aws/control";
const firewallRuleGroup = await AWS.Route53Resolver.FirewallRuleGroup("basicFirewallRuleGroup", {  name: "BasicFirewallRuleGroup",  FirewallRules: [{    Action: "ALLOW",    Name: "AllowSpecificIP",    Priority: 1,    RuleAction: {      Action: "ALLOW"    },    FirewallDomainListId: "example-domain-list-id",    BlockResponse: "NODATA"  }],  Tags: [{    Key: "Environment",    Value: "Development"  }]});Advanced Configuration
Section titled “Advanced Configuration”Configure a FirewallRuleGroup with multiple firewall rules and additional tags for better organization.
const advancedFirewallRuleGroup = await AWS.Route53Resolver.FirewallRuleGroup("advancedFirewallRuleGroup", {  name: "AdvancedFirewallRuleGroup",  FirewallRules: [    {      Action: "BLOCK",      Name: "BlockMaliciousDomains",      Priority: 2,      RuleAction: {        Action: "BLOCK"      },      FirewallDomainListId: "malicious-domain-list-id",      BlockResponse: "NXDOMAIN"    },    {      Action: "ALLOW",      Name: "AllowTrustedIP",      Priority: 1,      RuleAction: {        Action: "ALLOW"      },      FirewallDomainListId: "trusted-domain-list-id",      BlockResponse: "NODATA"    }  ],  Tags: [    {      Key: "Project",      Value: "Security"    },    {      Key: "Owner",      Value: "TeamA"    }  ]});Using Existing Resources
Section titled “Using Existing Resources”Adopt an existing FirewallRuleGroup if it already exists instead of creating a new one.
const adoptedFirewallRuleGroup = await AWS.Route53Resolver.FirewallRuleGroup("adoptedFirewallRuleGroup", {  name: "AdoptedFirewallRuleGroup",  adopt: true,  FirewallRules: [{    Action: "ALLOW",    Name: "AllowInternalTraffic",    Priority: 1,    RuleAction: {      Action: "ALLOW"    },    FirewallDomainListId: "internal-domain-list-id",    BlockResponse: "NODATA"  }]});Multiple Rules with Different Actions
Section titled “Multiple Rules with Different Actions”Create a FirewallRuleGroup with a mix of ALLOW and BLOCK actions to manage traffic effectively.
const mixedRulesFirewallRuleGroup = await AWS.Route53Resolver.FirewallRuleGroup("mixedRulesFirewallRuleGroup", {  name: "MixedRulesFirewallRuleGroup",  FirewallRules: [    {      Action: "BLOCK",      Name: "BlockUnauthorizedAccess",      Priority: 2,      RuleAction: {        Action: "BLOCK"      },      FirewallDomainListId: "unauthorized-domain-list-id",      BlockResponse: "NXDOMAIN"    },    {      Action: "ALLOW",      Name: "AllowCorporateNetwork",      Priority: 1,      RuleAction: {        Action: "ALLOW"      },      FirewallDomainListId: "corporate-domain-list-id",      BlockResponse: "NODATA"    }  ]});