Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

networkfirewall_policy should allow managed stateful rule group to run in alert mode #2100

Open
1 task done
linusguan opened this issue May 22, 2024 · 0 comments
Open
1 task done

networkfirewall_policy should allow managed stateful rule group to run in alert mode #2100

linusguan opened this issue May 22, 2024 · 0 comments

Comments

@linusguan
Copy link

Summary

When add or update managed stateful groups, AWS allows you to run it in alert mode. This is very useful when there is false positive and you want to disable a managed rule group temporarily.
While you can do it in the console, the Ansible module currently does not allow you to specify a mode when adding managed stateful rule group.

image

Issue Type

Feature Idea

Component Name

networkfirewall_policy

Additional Information

- name: NFW policy
  community.aws.networkfirewall_policy:
    name: 'test-1'
    state: present
    region: "ap-southeast-2"
    stateful_rule_groups:
      - name: "arn:aws:network-firewall:ap-southeast-2:aws-managed:stateful-rulegroup/AbusedLegitMalwareDomainsStrictOrder"
        alert_mode: true

Code of Conduct

  • I agree to follow the Ansible Code of Conduct
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@linusguan