RubyGems - aws-sdk-fms - Versions diffs - 1.39.0 → 1.40.0 - Mend

aws-sdk-fms 1.39.0 → 1.40.0

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-fms/client.rb +5 -1
data/lib/aws-sdk-fms/client_api.rb +2 -0
data/lib/aws-sdk-fms/types.rb +30 -2
data/lib/aws-sdk-fms.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: becfcbb56878bdf00e71066303609ed16aef0e79950ac8562ef540c887392155
-  data.tar.gz: a39dddee775640d7b8259d76e21ab1e4511cdcf0a078d8159d0497df0ece0299
+  metadata.gz: 1ff95f0782e7d071defc0774619cd3da1b2af7b963eb869f08f05765d14fe5aa
+  data.tar.gz: b5fecd80348e420784e65139a8be691a9bdbd42b47f9dd143a33e90da3101a0a
 SHA512:
-  metadata.gz: 9cc647912e393f5315059c5e6250a2021dbdaea63a2f089056d9c0360e842adec8d2feb231d97342fe970385ca13700db5721f3fa294c8d5e1be8b8d8658f5fa
-  data.tar.gz: a032f2ac5d058aaa3c251152b70be0797246c5560f2e6ee6c2d099b522f25f378fee4adf112481806e43f4a8b4c20fbd115f592da687d40b2b06cb68d63367f5
+  metadata.gz: 748fa9b88b5957eb2a0f607bdea51953b2a094d0f28c160b3ad0504cd8cc479cbab30c3e9d8a0ccddf6a27ccf81d6055ebd6f8786e413d2772eb636465abdc7f
+  data.tar.gz: a5dfd16705a67084af39875c21b6f587cb2f09ead7b21956602084073aba25d9d41b3c6b7c4b2768863e64e4ec97ddb8402d9556f5d566ad0d8ba24493865634

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.40.0 (2021-08-25)
+------------------
+* Feature - AWS Firewall Manager now supports triggering resource cleanup workflow when account or resource goes out of policy scope for AWS WAF, Security group, AWS Network Firewall, and Amazon Route 53 Resolver DNS Firewall policies.
 1.39.0 (2021-07-30)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.39.0
1	+ 1.40.0

data/lib/aws-sdk-fms/client.rb CHANGED Viewed

@@ -693,6 +693,7 @@ module Aws::FMS
     #   resp.policy.resource_tags[0].value #=> String
     #   resp.policy.exclude_resource_tags #=> Boolean
     #   resp.policy.remediation_enabled #=> Boolean
+    #   resp.policy.delete_unused_fm_managed_resources #=> Boolean
     #   resp.policy.include_map #=> Hash
     #   resp.policy.include_map["CustomerPolicyScopeIdType"] #=> Array
     #   resp.policy.include_map["CustomerPolicyScopeIdType"][0] #=> String
@@ -1349,6 +1350,7 @@ module Aws::FMS
     #   resp.policy_list[0].resource_type #=> String
     #   resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
     #   resp.policy_list[0].remediation_enabled #=> Boolean
+    #   resp.policy_list[0].delete_unused_fm_managed_resources #=> Boolean
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies AWS API Documentation
@@ -1628,6 +1630,7 @@ module Aws::FMS
     #       ],
     #       exclude_resource_tags: false, # required
     #       remediation_enabled: false, # required
+    #       delete_unused_fm_managed_resources: false,
     #       include_map: {
     #         "ACCOUNT" => ["CustomerPolicyScopeId"],
     #       },
@@ -1658,6 +1661,7 @@ module Aws::FMS
     #   resp.policy.resource_tags[0].value #=> String
     #   resp.policy.exclude_resource_tags #=> Boolean
     #   resp.policy.remediation_enabled #=> Boolean
+    #   resp.policy.delete_unused_fm_managed_resources #=> Boolean
     #   resp.policy.include_map #=> Hash
     #   resp.policy.include_map["CustomerPolicyScopeIdType"] #=> Array
     #   resp.policy.include_map["CustomerPolicyScopeIdType"][0] #=> String
@@ -1807,7 +1811,7 @@ module Aws::FMS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-fms'
-      context[:gem_version] = '1.39.0'
+      context[:gem_version] = '1.40.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-fms/client_api.rb CHANGED Viewed

@@ -593,6 +593,7 @@ module Aws::FMS
     Policy.add_member(:resource_tags, Shapes::ShapeRef.new(shape: ResourceTags, location_name: "ResourceTags"))
     Policy.add_member(:exclude_resource_tags, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "ExcludeResourceTags"))
     Policy.add_member(:remediation_enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "RemediationEnabled"))
+    Policy.add_member(:delete_unused_fm_managed_resources, Shapes::ShapeRef.new(shape: Boolean, location_name: "DeleteUnusedFMManagedResources"))
     Policy.add_member(:include_map, Shapes::ShapeRef.new(shape: CustomerPolicyScopeMap, location_name: "IncludeMap"))
     Policy.add_member(:exclude_map, Shapes::ShapeRef.new(shape: CustomerPolicyScopeMap, location_name: "ExcludeMap"))
     Policy.struct_class = Types::Policy
@@ -623,6 +624,7 @@ module Aws::FMS
     PolicySummary.add_member(:resource_type, Shapes::ShapeRef.new(shape: ResourceType, location_name: "ResourceType"))
     PolicySummary.add_member(:security_service_type, Shapes::ShapeRef.new(shape: SecurityServiceType, location_name: "SecurityServiceType"))
     PolicySummary.add_member(:remediation_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "RemediationEnabled"))
+    PolicySummary.add_member(:delete_unused_fm_managed_resources, Shapes::ShapeRef.new(shape: Boolean, location_name: "DeleteUnusedFMManagedResources"))
     PolicySummary.struct_class = Types::PolicySummary
     PolicySummaryList.member = Shapes::ShapeRef.new(shape: PolicySummary)

data/lib/aws-sdk-fms/types.rb CHANGED Viewed

@@ -2115,6 +2115,7 @@ module Aws::FMS
     #         ],
     #         exclude_resource_tags: false, # required
     #         remediation_enabled: false, # required
+    #         delete_unused_fm_managed_resources: false,
     #         include_map: {
     #           "ACCOUNT" => ["CustomerPolicyScopeId"],
     #         },
@@ -2189,6 +2190,15 @@ module Aws::FMS
     #   resources.
     #   @return [Boolean]
     #
+    # @!attribute [rw] delete_unused_fm_managed_resources
+    #   Indicates whether Firewall Manager should delete Firewall Manager
+    #   managed resources, such as web ACLs and security groups, when they
+    #   are not in use by the Firewall Manager policy. By default, Firewall
+    #   Manager doesn't delete unused Firewall Manager managed resources.
+    #   This option is not available for Shield Advanced or WAF Classic
+    #   policies.
+    #   @return [Boolean]
+    #
     # @!attribute [rw] include_map
     #   Specifies the Amazon Web Services account IDs and Organizations
     #   organizational units (OUs) to include in the policy. Specifying an
@@ -2261,6 +2271,7 @@ module Aws::FMS
       :resource_tags,
       :exclude_resource_tags,
       :remediation_enabled,
+      :delete_unused_fm_managed_resources,
       :include_map,
       :exclude_map)
       SENSITIVE = []
@@ -2415,6 +2426,15 @@ module Aws::FMS
     #   resources.
     #   @return [Boolean]
     #
+    # @!attribute [rw] delete_unused_fm_managed_resources
+    #   Indicates whether Firewall Manager should delete Firewall Manager
+    #   managed resources, such as web ACLs and security groups, when they
+    #   are not in use by the Firewall Manager policy. By default, Firewall
+    #   Manager doesn't delete unused Firewall Manager managed resources.
+    #   This option is not available for Shield Advanced or WAF Classic
+    #   policies.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PolicySummary AWS API Documentation
     #
     class PolicySummary < Struct.new(
@@ -2423,7 +2443,8 @@ module Aws::FMS
       :policy_name,
       :resource_type,
       :security_service_type,
-      :remediation_enabled)
+      :remediation_enabled,
+      :delete_unused_fm_managed_resources)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2682,6 +2703,7 @@ module Aws::FMS
     #           ],
     #           exclude_resource_tags: false, # required
     #           remediation_enabled: false, # required
+    #           delete_unused_fm_managed_resources: false,
     #           include_map: {
     #             "ACCOUNT" => ["CustomerPolicyScopeId"],
     #           },
@@ -3157,6 +3179,12 @@ module Aws::FMS
     #
     #     `"\{"type":"DNS_FIREWALL","preProcessRuleGroups":[\{"ruleGroupId":"rslvr-frg-1","priority":10\}],"postProcessRuleGroups":[\{"ruleGroupId":"rslvr-frg-2","priority":9911\}]\}"`
     #
+    #     <note markdown="1"> Valid values for `preProcessRuleGroups` are between 1 and 99.
+    #     Valid values for `postProcessRuleGroups` are between 9901 and
+    #     10000.
+    #
+    #      </note>
+    #
     #   * Example: `NETWORK_FIREWALL`
     #
     #     `"\{"type":"NETWORK_FIREWALL","networkFirewallStatelessRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2","priority":10\}],"networkFirewallStatelessDefaultActions":["aws:pass","custom1"],"networkFirewallStatelessFragmentDefaultActions":["custom2","aws:pass"],"networkFirewallStatelessCustomActions":[\{"actionName":"custom1","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension1"\}]\}\}\},\{"actionName":"custom2","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension2"\}]\}\}\}],"networkFirewallStatefulRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1"\}],"networkFirewallOrchestrationConfig":\{"singleFirewallEndpointPerVPC":true,"allowedIPV4CidrList":["10.24.34.0/28"]\}
@@ -3164,7 +3192,7 @@ module Aws::FMS
     #
     #   * Example: `WAFV2`
     #
-    #     `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`
+    #     `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[\{"name":"NoUserAgent_HEADER"\}]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`
     #
     #     In the `loggingConfiguration`, you can specify one
     #     `logDestinationConfigs`, you can optionally provide up to 20

data/lib/aws-sdk-fms.rb CHANGED Viewed

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-fms/customizations'
 # @!group service
 module Aws::FMS
-  GEM_VERSION = '1.39.0'
+  GEM_VERSION = '1.40.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-fms
 version: !ruby/object:Gem::Version
-  version: 1.39.0
+  version: 1.40.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-07-30 00:00:00.000000000 Z
+date: 2021-08-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core