The CDK Construct Library for AWS::Route53Resolver

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aws-cdk from gravatar.com aws-cdk Avatar for osa-amazon from gravatar.com osa-amazon

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: OSI Approved (Apache-2.0)
  • Author: Amazon Web Services
  • Requires: Python >=3.6
Classifiers
Report project as malware

Project description

Amazon Route53 Resolver Construct Library

---

cdk-constructs: Experimental

The APIs of higher level constructs in this module are experimental and under active development. They are subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model and breaking changes will be announced in the release notes. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

DNS Firewall

With Route 53 Resolver DNS Firewall, you can filter and regulate outbound DNS traffic for your virtual private connections (VPCs). To do this, you create reusable collections of filtering rules in DNS Firewall rule groups and associate the rule groups to your VPC.

DNS Firewall provides protection for outbound DNS requests from your VPCs. These requests route through Resolver for domain name resolution. A primary use of DNS Firewall protections is to help prevent DNS exfiltration of your data. DNS exfiltration can happen when a bad actor compromises an application instance in your VPC and then uses DNS lookup to send data out of the VPC to a domain that they control. With DNS Firewall, you can monitor and control the domains that your applications can query. You can deny access to the domains that you know to be bad and allow all other queries to pass through. Alternately, you can deny access to all domains except for the ones that you explicitly trust.

Domain lists

Domain lists can be created using a list of strings, a text file stored in Amazon S3 or a local text file:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
block_list = route53resolver.FirewallDomainList(self, "BlockList",
    domains=route53resolver.FirewallDomains.from_list(["bad-domain.com", "bot-domain.net"])
)

s3_list = route53resolver.FirewallDomainList(self, "S3List",
    domains=route53resolver.FirewallDomains.from_s3_url("s3://bucket/prefix/object")
)

asset_list = route53resolver.FirewallDomainList(self, "AssetList",
    domains=route53resolver.FirewallDomains.from_asset("/path/to/domains.txt")
)

The file must be a text file and must contain a single domain per line.

Use FirewallDomainList.fromFirewallDomainListId() to import an existing or AWS managed domain list:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
# AWSManagedDomainsMalwareDomainList in us-east-1
malware_list = route53resolver.FirewallDomainList.from_firewall_domain_list_id(self, "Malware", "rslvr-fdl-2c46f2ecbfec4dcc")

Rule group

Create a rule group:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
route53resolver.FirewallRuleGroup(self, "RuleGroup",
    rules=[{
        "priority": 10,
        "firewall_domain_list": my_block_list,
        # block and reply with NODATA
        "action": route53resolver.FirewallRuleAction.block()
    }
    ]
)

Rules can be added at construction time or using addRule():

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
rule_group.add_rule(
    priority=10,
    firewall_domain_list=block_list,
    # block and reply with NXDOMAIN
    action=route53resolver.FirewallRuleAction.block(route53resolver.DnsBlockResponse.nx_domain())
)

rule_group.add_rule(
    priority=20,
    firewall_domain_list=block_list,
    # block and override DNS response with a custom domain
    action=route53resolver.FirewallRuleAction.block(route53resolver.DnsBlockResponse.override("amazon.com"))
)

Use associate() to associate a rule group with a VPC:

# Example automatically generated without compilation. See https://github.com/aws/jsii/issues/826
rule_group.associate(
    priority=101,
    vpc=my_vpc
)

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for aws-cdk from gravatar.com aws-cdk Avatar for osa-amazon from gravatar.com osa-amazon

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: OSI Approved (Apache-2.0)
  • Author: Amazon Web Services
  • Requires: Python >=3.6
Classifiers

Release history Release notifications | RSS feed

2.243.0a0 pre-release

2.242.0a0 pre-release

2.241.0a0 pre-release

2.240.0a0 pre-release

2.239.0a0 pre-release

2.238.0a0 pre-release

2.237.1a0 pre-release

2.237.0a0 pre-release

2.236.0a0 pre-release

2.235.1a0 pre-release

2.235.0a0 pre-release

2.234.1a0 pre-release

2.234.0a0 pre-release

2.233.0a0 pre-release

2.232.2a0 pre-release

2.232.1a0 pre-release

2.232.0a0 pre-release

2.231.0a0 pre-release

2.230.0a0 pre-release

2.229.1a0 pre-release

2.229.0a0 pre-release

2.228.0a0 pre-release

2.227.0a0 pre-release

2.226.0a0 pre-release

2.225.0a0 pre-release

2.224.0a0 pre-release

2.223.0a0 pre-release

2.222.0a0 pre-release

2.221.1a0 pre-release

2.221.0a0 pre-release

2.220.0a0 pre-release

2.219.0a0 pre-release

2.218.0a0 pre-release

2.217.0a0 pre-release

2.216.0a0 pre-release

2.215.0a0 pre-release

2.214.1a0 pre-release

2.214.0a0 pre-release

2.213.0a0 pre-release

2.212.0a0 pre-release

2.211.0a0 pre-release

2.210.0a0 pre-release

2.209.1a0 pre-release

2.209.0a0 pre-release

2.208.0a0 pre-release

2.207.0a0 pre-release

2.206.0a0 pre-release

2.205.0a0 pre-release

2.204.0a0 pre-release

2.203.1a0 pre-release

2.203.0a0 pre-release

2.202.0a0 pre-release

2.201.0a0 pre-release

2.200.2a0 pre-release

2.200.1a0 pre-release

2.200.0a0 pre-release

2.199.0a0 pre-release

2.198.0a0 pre-release

2.197.0a0 pre-release

2.196.1a0 pre-release

2.196.0a0 pre-release

2.195.0a0 pre-release

2.194.0a0 pre-release

2.193.0a0 pre-release

2.192.0a0 pre-release

2.191.0a0 pre-release

2.190.0a0 pre-release

2.189.1a0 pre-release

2.189.0a0 pre-release

2.188.0a0 pre-release

2.187.0a0 pre-release

2.186.0a0 pre-release

2.185.0a0 pre-release

2.184.1a0 pre-release

2.184.0a0 pre-release

2.183.0a0 pre-release

2.182.0a0 pre-release

2.181.1a0 pre-release

2.181.0a0 pre-release

2.180.0a0 pre-release

2.179.0a0 pre-release

2.178.2a0 pre-release

2.178.1a0 pre-release

2.178.0a0 pre-release

2.177.0a0 pre-release

2.176.0a0 pre-release

2.175.1a0 pre-release

2.175.0a0 pre-release

2.174.1a0 pre-release

2.174.0a0 pre-release

2.173.4a0 pre-release

2.173.3a0 pre-release

2.173.2a0 pre-release

2.173.1a0 pre-release

2.173.0a0 pre-release

2.172.0a0 pre-release

2.171.1a0 pre-release

2.171.0a0 pre-release

2.170.0a0 pre-release

2.169.0a0 pre-release

2.168.0a0 pre-release

2.167.2a0 pre-release

2.167.1a0 pre-release

2.167.0a0 pre-release

2.166.0a0 pre-release

2.165.0a0 pre-release

2.164.1a0 pre-release

2.164.0a0 pre-release

2.163.1a0 pre-release

2.163.0a0 pre-release

2.162.1a0 pre-release

2.162.0a0 pre-release

2.161.1a0 pre-release

2.161.0a0 pre-release

2.160.0a0 pre-release

2.159.1a0 pre-release

2.159.0a0 pre-release

2.158.0a0 pre-release

2.157.0a0 pre-release

2.156.0a0 pre-release

2.155.0a0 pre-release

2.154.1a0 pre-release

2.154.0a0 pre-release

2.153.0a0 pre-release

2.152.0a0 pre-release

2.151.1a0 pre-release

2.151.0a0 pre-release

2.150.0a0 pre-release

2.149.0a0 pre-release

2.148.1a0 pre-release

2.148.0a0 pre-release

2.147.3a0 pre-release

2.147.2a0 pre-release

2.147.1a0 pre-release

2.147.0a0 pre-release

2.146.0a0 pre-release

2.145.0a0 pre-release

2.144.0a0 pre-release

2.143.1a0 pre-release

2.143.0a0 pre-release

2.142.1a0 pre-release

2.142.0a0 pre-release

2.141.0a0 pre-release

2.140.0a0 pre-release

2.139.1a0 pre-release

2.139.0a0 pre-release

2.138.0a0 pre-release

2.137.0a0 pre-release

2.136.1a0 pre-release

2.136.0a0 pre-release

2.135.0a0 pre-release

2.134.0a0 pre-release

2.133.0a0 pre-release

2.132.1a0 pre-release

2.132.0a0 pre-release

2.131.0a0 pre-release

2.130.0a0 pre-release

2.129.0a0 pre-release

2.128.0a0 pre-release

2.127.0a0 pre-release

2.126.0a0 pre-release

2.125.0a0 pre-release

2.124.0a0 pre-release

2.123.0a0 pre-release

2.122.0a0 pre-release

2.121.1a0 pre-release

2.121.0a0 pre-release

2.120.0a0 pre-release

2.119.0a0 pre-release

2.118.0a0 pre-release

2.117.0a0 pre-release

2.116.1a0 pre-release

2.116.0a0 pre-release

2.115.0a0 pre-release

2.114.1a0 pre-release

2.114.0a0 pre-release

2.113.0a0 pre-release

2.112.0a0 pre-release

2.111.0a0 pre-release

2.110.1a0 pre-release

2.110.0a0 pre-release

2.109.0a0 pre-release

2.108.1a0 pre-release

2.108.0a0 pre-release

2.107.0a0 pre-release

2.106.1a0 pre-release

2.106.0a0 pre-release

2.105.0a0 pre-release

2.104.0a0 pre-release

2.103.1a0 pre-release

2.103.0a0 pre-release

2.102.1a0 pre-release

2.102.0a0 pre-release

2.101.1a0 pre-release

2.101.0a0 pre-release

2.100.0a0 pre-release

2.99.1a0 pre-release

2.99.0a0 pre-release

2.98.0a0 pre-release

2.97.1a0 pre-release

2.97.0a0 pre-release

2.96.2a0 pre-release

2.96.1a0 pre-release

2.96.0a0 pre-release

2.95.1a0 pre-release

2.95.0a0 pre-release

2.94.0a0 pre-release

2.93.0a0 pre-release

2.92.0a0 pre-release

2.91.0a0 pre-release

2.90.0a0 pre-release

2.89.0a0 pre-release

2.88.0a0 pre-release

2.87.0a0 pre-release

2.86.0a0 pre-release

2.85.0a0 pre-release

2.84.0a0 pre-release

2.83.1a0 pre-release

2.83.0a0 pre-release

2.82.0a0 pre-release

2.81.0a0 pre-release

2.80.0a0 pre-release

2.79.1a0 pre-release

2.79.0a0 pre-release

2.78.0a0 pre-release

2.77.0a0 pre-release

2.76.0a0 pre-release

2.75.1a0 pre-release

2.75.0a0 pre-release

2.74.0a0 pre-release

2.73.0a0 pre-release

2.72.1a0 pre-release

2.72.0a0 pre-release

2.71.0a0 pre-release

2.70.0a0 pre-release

2.69.0a0 pre-release

2.68.0a0 pre-release

2.67.0a0 pre-release

2.66.1a0 pre-release

2.66.0a0 pre-release

2.65.0a0 pre-release

2.64.0a0 pre-release

2.63.2a0 pre-release

2.63.1a0 pre-release

2.63.0a0 pre-release

2.62.2a0 pre-release

2.62.1a0 pre-release

2.62.0a0 pre-release

2.61.1a0 pre-release

2.61.0a0 pre-release

2.60.0a0 pre-release

2.59.0a0 pre-release

2.58.1a0 pre-release

2.58.0a0 pre-release

2.57.0a0 pre-release

2.56.1a0 pre-release

2.56.0a0 pre-release

2.55.1a0 pre-release

2.55.0a0 pre-release

2.54.0a0 pre-release

2.53.0a0 pre-release

2.52.1a0 pre-release

2.52.0a0 pre-release

2.51.1a0 pre-release

2.51.0a0 pre-release

2.50.0a0 pre-release

2.49.1a0 pre-release

2.49.0a0 pre-release

2.48.0a0 pre-release

2.47.0a0 pre-release

2.46.0a0 pre-release

2.45.0a0 pre-release

2.44.0a0 pre-release

2.43.1a0 pre-release

2.43.0a0 pre-release

2.42.1a0 pre-release

2.42.0a0 pre-release

2.41.0a0 pre-release

2.40.0a0 pre-release

2.39.1a0 pre-release

2.39.0a0 pre-release

2.38.1a0 pre-release

2.38.0a0 pre-release

2.37.1a0 pre-release

2.37.0a0 pre-release

2.36.0a0 pre-release

2.35.0a0 pre-release

2.34.2a0 pre-release

2.34.1a0 pre-release

2.34.0a0 pre-release

2.33.0a0 pre-release

2.32.1a0 pre-release

2.32.0a0 pre-release

2.31.2a0 pre-release

2.31.1a0 pre-release

2.31.0a0 pre-release

2.30.0a0 pre-release

2.29.1a0 pre-release

2.29.0a0 pre-release

2.28.1a0 pre-release

2.28.0a0 pre-release

2.27.0a0 pre-release

2.26.0a0 pre-release

2.25.0a0 pre-release

2.24.1a0 pre-release

2.24.0a0 pre-release

2.23.0a0 pre-release

2.22.0a0 pre-release

2.21.1a0 pre-release

2.21.0a0 pre-release

2.20.0a0 pre-release

2.19.0a0 pre-release

2.18.0a0 pre-release

2.17.0a0 pre-release

2.16.0a0 pre-release

2.15.0a0 pre-release

2.14.0a0 pre-release

2.13.0a0 pre-release

2.12.0a0 pre-release

2.11.0a0 pre-release

2.10.0a0 pre-release

2.9.0a0 pre-release

2.8.0a0 pre-release

2.7.0a0 pre-release

2.6.0a0 pre-release

2.5.0a0 pre-release

2.4.0a0 pre-release

2.3.0a0 pre-release

2.2.0a0 pre-release

2.1.0a0 pre-release

2.0.0rc24 pre-release

2.0.0rc23 pre-release

2.0.0a11 pre-release

2.0.0a10 pre-release

2.0.0a9 pre-release

2.0.0a8 pre-release

This version

2.0.0a7 pre-release

2.0.0a6 pre-release

2.0.0a5 pre-release

2.0.0a4 pre-release

2.0.0a3 pre-release

2.0.0a2 pre-release

2.0.0a1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws-cdk.aws-route53resolver-alpha-2.0.0a7.tar.gz (308.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aws_cdk.aws_route53resolver_alpha-2.0.0a7-py3-none-any.whl (307.7 kB view details)

Uploaded Python 3

File details

Details for the file aws-cdk.aws-route53resolver-alpha-2.0.0a7.tar.gz.

File metadata

  • Download URL: aws-cdk.aws-route53resolver-alpha-2.0.0a7.tar.gz
  • Upload date:
  • Size: 308.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.6.0 importlib_metadata/4.8.2 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.6.5

File hashes

Hashes for aws-cdk.aws-route53resolver-alpha-2.0.0a7.tar.gz
Algorithm Hash digest
SHA256 bd6a9a9c037f7c2b8a0a5e4bf21150b33f7837c08e15703f5d6c033049f5662c
MD5 7df3bdae3e74c3574658d236fe0ce2f9
BLAKE2b-256 5494593d8626767c0b616fb967c4f142e2b066afa7149bc021370e456b40df60

See more details on using hashes here.

File details

Details for the file aws_cdk.aws_route53resolver_alpha-2.0.0a7-py3-none-any.whl.

File metadata

  • Download URL: aws_cdk.aws_route53resolver_alpha-2.0.0a7-py3-none-any.whl
  • Upload date:
  • Size: 307.7 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.6.0 importlib_metadata/4.8.2 pkginfo/1.7.1 requests/2.26.0 requests-toolbelt/0.9.1 tqdm/4.62.3 CPython/3.6.5

File hashes

Hashes for aws_cdk.aws_route53resolver_alpha-2.0.0a7-py3-none-any.whl
Algorithm Hash digest
SHA256 ff58af0c98750a6ac5907780cb69decf10aa887f9fa3f0b7c7faf59e667ce881
MD5 d3ba909767a0111230b8a04a023b12e0
BLAKE2b-256 369720f5f5b8460c9111f915cfeaff6cb4185af00c3c2cac2a334b85d056d35f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page