:doc:`Route53GlobalResolver <../../route53globalresolver>` / Client / get_firewall_rule

*****************
get_firewall_rule
*****************



.. py:method:: Route53GlobalResolver.Client.get_firewall_rule(**kwargs)

  

  Retrieves information about a DNS firewall rule.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/route53globalresolver-2022-09-27/GetFirewallRule>`_  


  **Request Syntax**
  ::

    response = client.get_firewall_rule(
        firewallRuleId='string'
    )
    
  :type firewallRuleId: string
  :param firewallRuleId: **[REQUIRED]** 

    ID of the DNS Firewall rule.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'action': 'ALLOW'|'ALERT'|'BLOCK',
          'blockOverrideDnsType': 'CNAME',
          'blockOverrideDomain': 'string',
          'blockOverrideTtl': 123,
          'blockResponse': 'NODATA'|'NXDOMAIN'|'OVERRIDE',
          'confidenceThreshold': 'LOW'|'MEDIUM'|'HIGH',
          'createdAt': datetime(2015, 1, 1),
          'description': 'string',
          'dnsAdvancedProtection': 'DGA'|'DNS_TUNNELING',
          'firewallDomainListId': 'string',
          'id': 'string',
          'name': 'string',
          'priority': 123,
          'dnsViewId': 'string',
          'queryType': 'string',
          'status': 'CREATING'|'OPERATIONAL'|'UPDATING'|'DELETING',
          'updatedAt': datetime(2015, 1, 1)
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **action** *(string) --* 

        The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule.

        
      

      - **blockOverrideDnsType** *(string) --* 

        The DNS record's type. This determines the format of the record value that you provided in ``BlockOverrideDomain``. Used for the rule action ``BLOCK`` with a ``BlockResponse`` setting of ``OVERRIDE``.

        
      

      - **blockOverrideDomain** *(string) --* 

        The custom DNS record to send back in response to the query. Used for the rule action ``BLOCK`` with a ``BlockResponse`` setting of ``OVERRIDE``.

        
      

      - **blockOverrideTtl** *(integer) --* 

        The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action ``BLOCK`` with a ``BlockResponse`` setting of ``OVERRIDE``.

        
      

      - **blockResponse** *(string) --* 

        The way that you want DNS Firewall to block the request. Used for the rule action setting ``BLOCK``.

        
      

      - **confidenceThreshold** *(string) --* 

        The confidence threshold for DNS Firewall Advanced. You must provide this value when you create a DNS Firewall Advanced rule.

        
      

      - **createdAt** *(datetime) --* 

        The time and date the DNS Firewall rule was created.

        
      

      - **description** *(string) --* 

        The description of the DNS Firewall rule.

        
      

      - **dnsAdvancedProtection** *(string) --* 

        The type of the DNS Firewall Advanced rule. Valid values are DGA and DNS_TUNNELING.

        
      

      - **firewallDomainListId** *(string) --* 

        The ID of a DNS Firewall domain list.

        
      

      - **id** *(string) --* 

        ID of the DNS Firewall rule.

        
      

      - **name** *(string) --* 

        The name of the DNS Firewall rule.

        
      

      - **priority** *(integer) --* 

        The setting that determines the processing order of the rule in the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.

        
      

      - **dnsViewId** *(string) --* 

        The DNS view ID the DNS Firewall is associated with.

        
      

      - **queryType** *(string) --* 

        The DNS query type you want the rule to evaluate.

        
      

      - **status** *(string) --* 

        The operational status of the DNS Firewall rule.

        
      

      - **updatedAt** *(datetime) --* 

        The date and time the DNS Firewall rule was updated.

        
  
  **Exceptions**
  
  *   :py:class:`Route53GlobalResolver.Client.exceptions.InternalServerException`

  
  *   :py:class:`Route53GlobalResolver.Client.exceptions.ValidationException`

  
  *   :py:class:`Route53GlobalResolver.Client.exceptions.AccessDeniedException`

  
  *   :py:class:`Route53GlobalResolver.Client.exceptions.ThrottlingException`

  
  *   :py:class:`Route53GlobalResolver.Client.exceptions.ResourceNotFoundException`

  