RubyGems - aws-sdk-fms - Versions diffs - 1.42.0 → 1.46.0 - Mend

aws-sdk-fms 1.42.0 → 1.46.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e359e986b62e2278a99613cbb95d95c1e7dd72cedb61430b490f1a3cb06fb86d
-  data.tar.gz: 33f5caad45956ecfdde1075e6fe39f2e0fd572646830c03e55701a421b98b893
+  metadata.gz: 46011c8a0d1ac1a893ddb12eb50359dfc36db299e867e5555c3386515248cb8c
+  data.tar.gz: 991fc8f813518416b8bd633cbc182d17dbfef0e6b312a7bb6c5c01e479638c28
 SHA512:
-  metadata.gz: b1cc41b7ab3cc095ce2a19f629a9f32594e8e535a99e5564f92234021446f7d5a82da52974c506a7fcc7eba101ce05820981a032c26a53675bfff6f195d3cece
-  data.tar.gz: 7fa3b50ece4ae5a47b3fd7011c4dbaaab73fef1f325972dfc029dcd83c2b42e7cd0b2485ff0bc10e7fff445045adf30f1452764ebddf7e7560f73b2fe24b2e93
+  metadata.gz: 72126679e6333a1a7172f239a8b2995dadad58958bd03dccd3115cba67f7e506ecb6070562e5f8ab49217bb9cfd215df500e4352a47c9578fa6c4fd6d548664d
+  data.tar.gz: e1f1c08f993a995377ba5489aa27ad7fa2009406e23b4fe068afc0c428bfe388c8eaf69cd79a091121ed185690c425f02eaca3a397d99044846dec03e0e29e97

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
+1.46.0 (2022-01-12)
+------------------
+* Feature - Shield Advanced policies for Amazon CloudFront resources now support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData ManagedServiceData is now 8192 characters, instead of 4096.
+1.45.0 (2021-12-21)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.44.0 (2021-11-30)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.43.0 (2021-11-04)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
 1.42.0 (2021-10-18)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.42.0
1	+ 1.46.0

data/lib/aws-sdk-fms/client.rb CHANGED Viewed

@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
@@ -73,6 +74,7 @@ module Aws::FMS
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
+    add_plugin(Aws::Plugins::DefaultsMode)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
@@ -119,7 +121,9 @@ module Aws::FMS
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -173,6 +177,10 @@ module Aws::FMS
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -285,6 +293,15 @@ module Aws::FMS
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -296,7 +313,7 @@ module Aws::FMS
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -312,6 +329,9 @@ module Aws::FMS
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -1583,7 +1603,7 @@ module Aws::FMS
     # * An Network Firewall policy, which provides firewall rules to filter
     #   network traffic in specified Amazon VPCs.
     #
-    # * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
+    # * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
     #   rules to filter DNS queries for specified VPCs.
     #
     # Each policy is specific to one of the types. If you want to enforce
@@ -1811,7 +1831,7 @@ module Aws::FMS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-fms'
-      context[:gem_version] = '1.42.0'
+      context[:gem_version] = '1.46.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-fms/types.rb CHANGED Viewed

@@ -2152,8 +2152,9 @@ module Aws::FMS
     #   specify a resource type of `ResourceTypeList` and then specify the
     #   resource types in a `ResourceTypeList`.
     #
-    #   For WAF and Shield Advanced, example resource types include
-    #   `AWS::ElasticLoadBalancingV2::LoadBalancer` and
+    #   For WAF and Shield Advanced, resource types include
+    #   `AWS::ElasticLoadBalancingV2::LoadBalancer`,
+    #   `AWS::ElasticLoadBalancing::LoadBalancer`, `AWS::EC2::EIP`, and
     #   `AWS::CloudFront::Distribution`. For a security group common policy,
     #   valid values are `AWS::EC2::NetworkInterface` and
     #   `AWS::EC2::Instance`. For a security group content audit policy,
@@ -2191,10 +2192,16 @@ module Aws::FMS
     #   @return [Boolean]
     #
     # @!attribute [rw] delete_unused_fm_managed_resources
-    #   Indicates whether Firewall Manager should delete Firewall Manager
-    #   managed resources, such as web ACLs and security groups, when they
-    #   are not in use by the Firewall Manager policy. By default, Firewall
-    #   Manager doesn't delete unused Firewall Manager managed resources.
+    #   Indicates whether Firewall Manager should automatically remove
+    #   protections from resources that leave the policy scope and clean up
+    #   resources that Firewall Manager is managing for accounts when those
+    #   accounts leave policy scope. For example, Firewall Manager will
+    #   disassociate a Firewall Manager managed web ACL from a protected
+    #   customer resource when the customer resource leaves policy scope.
+    #
+    #   By default, Firewall Manager doesn't remove protections or delete
+    #   Firewall Manager managed resources.
+    #
     #   This option is not available for Shield Advanced or WAF Classic
     #   policies.
     #   @return [Boolean]
@@ -2427,10 +2434,16 @@ module Aws::FMS
     #   @return [Boolean]
     #
     # @!attribute [rw] delete_unused_fm_managed_resources
-    #   Indicates whether Firewall Manager should delete Firewall Manager
-    #   managed resources, such as web ACLs and security groups, when they
-    #   are not in use by the Firewall Manager policy. By default, Firewall
-    #   Manager doesn't delete unused Firewall Manager managed resources.
+    #   Indicates whether Firewall Manager should automatically remove
+    #   protections from resources that leave the policy scope and clean up
+    #   resources that Firewall Manager is managing for accounts when those
+    #   accounts leave policy scope. For example, Firewall Manager will
+    #   disassociate a Firewall Manager managed web ACL from a protected
+    #   customer resource when the customer resource leaves policy scope.
+    #
+    #   By default, Firewall Manager doesn't remove protections or delete
+    #   Firewall Manager managed resources.
+    #
     #   This option is not available for Shield Advanced or WAF Classic
     #   policies.
     #   @return [Boolean]
@@ -3172,8 +3185,7 @@ module Aws::FMS
     #
     # @!attribute [rw] managed_service_data
     #   Details about the service that are specific to the service type, in
-    #   JSON format. For service type `SHIELD_ADVANCED`, this is an empty
-    #   string.
+    #   JSON format.
     #
     #   * Example: `DNS_FIREWALL`
     #
@@ -3190,6 +3202,28 @@ module Aws::FMS
     #     `"\{"type":"NETWORK_FIREWALL","networkFirewallStatelessRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2","priority":10\}],"networkFirewallStatelessDefaultActions":["aws:pass","custom1"],"networkFirewallStatelessFragmentDefaultActions":["custom2","aws:pass"],"networkFirewallStatelessCustomActions":[\{"actionName":"custom1","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension1"\}]\}\}\},\{"actionName":"custom2","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension2"\}]\}\}\}],"networkFirewallStatefulRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1"\}],"networkFirewallOrchestrationConfig":\{"singleFirewallEndpointPerVPC":true,"allowedIPV4CidrList":["10.24.34.0/28"]\}
     #     \}"`
     #
+    #   * Specification for `SHIELD_ADVANCED` for Amazon CloudFront
+    #     distributions
+    #
+    #     `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
+    #     \{"automaticResponseStatus":"ENABLED|IGNORED|DISABLED",
+    #     "automaticResponseAction":"BLOCK|COUNT"\},
+    #     "overrideCustomerWebaclClassic":true|false\}"`
+    #
+    #     For example:
+    #     `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
+    #     \{"automaticResponseStatus":"ENABLED",
+    #     "automaticResponseAction":"COUNT"\}\}"`
+    #
+    #     The default value for `automaticResponseStatus` is `IGNORED`. The
+    #     value for `automaticResponseAction` is only required when
+    #     `automaticResponseStatus` is set to `ENABLED`. The default value
+    #     for `overrideCustomerWebaclClassic` is `false`.
+    #
+    #     For other resource types that you can protect with a Shield
+    #     Advanced policy, this `ManagedServiceData` configuration is an
+    #     empty string.
+    #
     #   * Example: `WAFV2`
     #
     #     `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[\{"name":"NoUserAgent_HEADER"\}]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`

data/lib/aws-sdk-fms.rb CHANGED Viewed

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-fms/customizations'
 # @!group service
 module Aws::FMS
-  GEM_VERSION = '1.42.0'
+  GEM_VERSION = '1.46.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-fms
 version: !ruby/object:Gem::Version
-  version: 1.42.0
+  version: 1.46.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-10-18 00:00:00.000000000 Z
+date: 2022-01-12 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.121.2
+        version: 3.125.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.121.2
+        version: 3.125.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement