Custom Resources

You can create and manage named lists in CloudGuard and use them in place of the full list of items. For example, you can define a named list of IP addresses, and refer to the list (by its name) in a Security GroupClosed A set of access control rules that acts as a virtual firewall for your virtual machine instances to control incoming and outgoing traffic. rule definition. Similarly, you can refer to a list of names in a GSL rule.

User-Managed Lists

You can create two types of lists:

  • Generic List contains text values. For example, it can be a list of instance types, OS types, or network names.

    You can create a list of entities and refer to its name in a GSL rule statement. It is not necessary to have the full list in the rule. This makes the rule shorter, and you can use the same list in many rules. Changes to a list affect all the rules that use it when CloudGuard runs the rule the next time.

  • IP List contains IP addresses or CIDR ranges.

    You can create a list of IP addresses or ranges and refer to them in Security Group rules. The same list can be used in many rules, for example, a list of public IP addresses. When there are changes in the IP addresses, update the list, and the rules that use it are updated automatically.

CloudGuard-Managed Lists

For AWSClosed Amazon® Web Services. Public cloud platform that offers global compute, storage, database, application and other cloud services., AzureClosed Collection of integrated cloud services that developers and IT professionals use to build, deploy, and manage applications through a global network of data centers managed by Microsoft®., Alibaba Cloud, and GCPClosed Google® Cloud Platform - a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search, Gmail, Google Drive, and YouTube. environments, CloudGuard automatically creates a Generic list of all onboarded environments, one list for each cloud platform. When you onboard a new environment to CloudGuard, it updates the existing list of onboarded environments with the new entry. You cannot change or delete the lists managed by CloudGuard.

  1. In the Assets menu, navigate to the Custom Resources page.

  2. Click Add List.

  3. Enter a name without spaces and, optionally, a description for the list.

  4. Select the list type – Generic or IP.

  5. Enter a value for each item of the list and click Add to add it. Alternatively, click Upload CSV to upload a CSVClosed Common Vulnerabilities and Exposures is a collection of publicly disclosed vulnerabilities and exposures maintained by the MITRE corporation. file with a list of values and optional comments.

  6. Click Save.

  • Refer to the CloudGuard-managed list of onboarded environments in the GSL Builder to run a GSL rule on all environments.

  • Refer to a managed list in GSL as $<list-name>. For example, the GSL snippet

    ... VirtualMachine should have operatingSystem in($AzureOSTypes)

    refers to the list AzureOSTypes.

    Note - List names do not read apostrophes (') around them in functions such as in(). The GSL builder editor automatically includes apostrophes around some values, so you have to remove these manually (in the GSL text editor).

  • Use a list when you define a rule for a Security Group.