{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "$id": "https://raw.githubusercontent.com/api-evangelist/amazon-route53-resolver/refs/heads/main/json-schema/amazon-route53-resolver-openapi-firewall-config-schema.json",
  "title": "FirewallConfig",
  "description": "Configuration of the firewall behavior provided by DNS Firewall for a single VPC from Amazon Virtual Private Cloud (Amazon VPC). ",
  "type": "object",
  "properties": {
    "Id": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ResourceId"
        },
        {
          "description": "The ID of the firewall configuration."
        }
      ]
    },
    "ResourceId": {
      "allOf": [
        {
          "$ref": "#/components/schemas/ResourceId"
        },
        {
          "description": "The ID of the VPC that this firewall configuration applies to."
        }
      ]
    },
    "OwnerId": {
      "allOf": [
        {
          "$ref": "#/components/schemas/AccountId"
        },
        {
          "description": "The Amazon Web Services account ID of the owner of the VPC that this firewall configuration applies to."
        }
      ]
    },
    "FirewallFailOpen": {
      "allOf": [
        {
          "$ref": "#/components/schemas/FirewallFailOpenStatus"
        },
        {
          "description": "<p>Determines how DNS Firewall operates during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply. </p> <ul> <li> <p>By default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall returns a failure error when it is unable to properly evaluate a query. </p> </li> <li> <p>If you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it is unable to properly evaluate them. </p> </li> </ul> <p>This behavior is only enforced for VPCs that have at least one DNS Firewall rule group association. </p>"
        }
      ]
    }
  }
}