Amazon Route 53 Resolver · Schema
UpdateFirewallConfigRequest
UpdateFirewallConfigRequest schema from openapi
DNSHybrid CloudNetworking
Properties
| Name | Type | Description |
|---|---|---|
| ResourceId | object | |
| FirewallFailOpen | object |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://raw.githubusercontent.com/api-evangelist/amazon-route53-resolver/refs/heads/main/json-schema/amazon-route53-resolver-openapi-update-firewall-config-request-schema.json",
"title": "UpdateFirewallConfigRequest",
"description": "UpdateFirewallConfigRequest schema from openapi",
"type": "object",
"properties": {
"ResourceId": {
"allOf": [
{
"$ref": "#/components/schemas/ResourceId"
},
{
"description": "The ID of the VPC that the configuration is for."
}
]
},
"FirewallFailOpen": {
"allOf": [
{
"$ref": "#/components/schemas/FirewallFailOpenStatus"
},
{
"description": "<p>Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. </p> <ul> <li> <p>By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall blocks queries that it is unable to evaluate properly. </p> </li> <li> <p>If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. </p> </li> </ul> <p>This behavior is only enforced for VPCs that have at least one DNS Firewall rule group association. </p>"
}
]
}
},
"required": [
"ResourceId",
"FirewallFailOpen"
]
}