aws-sdk-fms 1.45.0 → 1.46.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +2 -2
- data/lib/aws-sdk-fms/types.rb +46 -12
- data/lib/aws-sdk-fms.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 46011c8a0d1ac1a893ddb12eb50359dfc36db299e867e5555c3386515248cb8c
|
4
|
+
data.tar.gz: 991fc8f813518416b8bd633cbc182d17dbfef0e6b312a7bb6c5c01e479638c28
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 72126679e6333a1a7172f239a8b2995dadad58958bd03dccd3115cba67f7e506ecb6070562e5f8ab49217bb9cfd215df500e4352a47c9578fa6c4fd6d548664d
|
7
|
+
data.tar.gz: e1f1c08f993a995377ba5489aa27ad7fa2009406e23b4fe068afc0c428bfe388c8eaf69cd79a091121ed185690c425f02eaca3a397d99044846dec03e0e29e97
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,11 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.46.0 (2022-01-12)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Shield Advanced policies for Amazon CloudFront resources now support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData ManagedServiceData is now 8192 characters, instead of 4096.
|
8
|
+
|
4
9
|
1.45.0 (2021-12-21)
|
5
10
|
------------------
|
6
11
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.46.0
|
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -1603,7 +1603,7 @@ module Aws::FMS
|
|
1603
1603
|
# * An Network Firewall policy, which provides firewall rules to filter
|
1604
1604
|
# network traffic in specified Amazon VPCs.
|
1605
1605
|
#
|
1606
|
-
# * A DNS Firewall policy, which provides Route
|
1606
|
+
# * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
|
1607
1607
|
# rules to filter DNS queries for specified VPCs.
|
1608
1608
|
#
|
1609
1609
|
# Each policy is specific to one of the types. If you want to enforce
|
@@ -1831,7 +1831,7 @@ module Aws::FMS
|
|
1831
1831
|
params: params,
|
1832
1832
|
config: config)
|
1833
1833
|
context[:gem_name] = 'aws-sdk-fms'
|
1834
|
-
context[:gem_version] = '1.
|
1834
|
+
context[:gem_version] = '1.46.0'
|
1835
1835
|
Seahorse::Client::Request.new(handlers, context)
|
1836
1836
|
end
|
1837
1837
|
|
data/lib/aws-sdk-fms/types.rb
CHANGED
@@ -2152,8 +2152,9 @@ module Aws::FMS
|
|
2152
2152
|
# specify a resource type of `ResourceTypeList` and then specify the
|
2153
2153
|
# resource types in a `ResourceTypeList`.
|
2154
2154
|
#
|
2155
|
-
# For WAF and Shield Advanced,
|
2156
|
-
# `AWS::ElasticLoadBalancingV2::LoadBalancer
|
2155
|
+
# For WAF and Shield Advanced, resource types include
|
2156
|
+
# `AWS::ElasticLoadBalancingV2::LoadBalancer`,
|
2157
|
+
# `AWS::ElasticLoadBalancing::LoadBalancer`, `AWS::EC2::EIP`, and
|
2157
2158
|
# `AWS::CloudFront::Distribution`. For a security group common policy,
|
2158
2159
|
# valid values are `AWS::EC2::NetworkInterface` and
|
2159
2160
|
# `AWS::EC2::Instance`. For a security group content audit policy,
|
@@ -2191,10 +2192,16 @@ module Aws::FMS
|
|
2191
2192
|
# @return [Boolean]
|
2192
2193
|
#
|
2193
2194
|
# @!attribute [rw] delete_unused_fm_managed_resources
|
2194
|
-
# Indicates whether Firewall Manager should
|
2195
|
-
#
|
2196
|
-
#
|
2197
|
-
#
|
2195
|
+
# Indicates whether Firewall Manager should automatically remove
|
2196
|
+
# protections from resources that leave the policy scope and clean up
|
2197
|
+
# resources that Firewall Manager is managing for accounts when those
|
2198
|
+
# accounts leave policy scope. For example, Firewall Manager will
|
2199
|
+
# disassociate a Firewall Manager managed web ACL from a protected
|
2200
|
+
# customer resource when the customer resource leaves policy scope.
|
2201
|
+
#
|
2202
|
+
# By default, Firewall Manager doesn't remove protections or delete
|
2203
|
+
# Firewall Manager managed resources.
|
2204
|
+
#
|
2198
2205
|
# This option is not available for Shield Advanced or WAF Classic
|
2199
2206
|
# policies.
|
2200
2207
|
# @return [Boolean]
|
@@ -2427,10 +2434,16 @@ module Aws::FMS
|
|
2427
2434
|
# @return [Boolean]
|
2428
2435
|
#
|
2429
2436
|
# @!attribute [rw] delete_unused_fm_managed_resources
|
2430
|
-
# Indicates whether Firewall Manager should
|
2431
|
-
#
|
2432
|
-
#
|
2433
|
-
#
|
2437
|
+
# Indicates whether Firewall Manager should automatically remove
|
2438
|
+
# protections from resources that leave the policy scope and clean up
|
2439
|
+
# resources that Firewall Manager is managing for accounts when those
|
2440
|
+
# accounts leave policy scope. For example, Firewall Manager will
|
2441
|
+
# disassociate a Firewall Manager managed web ACL from a protected
|
2442
|
+
# customer resource when the customer resource leaves policy scope.
|
2443
|
+
#
|
2444
|
+
# By default, Firewall Manager doesn't remove protections or delete
|
2445
|
+
# Firewall Manager managed resources.
|
2446
|
+
#
|
2434
2447
|
# This option is not available for Shield Advanced or WAF Classic
|
2435
2448
|
# policies.
|
2436
2449
|
# @return [Boolean]
|
@@ -3172,8 +3185,7 @@ module Aws::FMS
|
|
3172
3185
|
#
|
3173
3186
|
# @!attribute [rw] managed_service_data
|
3174
3187
|
# Details about the service that are specific to the service type, in
|
3175
|
-
# JSON format.
|
3176
|
-
# string.
|
3188
|
+
# JSON format.
|
3177
3189
|
#
|
3178
3190
|
# * Example: `DNS_FIREWALL`
|
3179
3191
|
#
|
@@ -3190,6 +3202,28 @@ module Aws::FMS
|
|
3190
3202
|
# `"\{"type":"NETWORK_FIREWALL","networkFirewallStatelessRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2","priority":10\}],"networkFirewallStatelessDefaultActions":["aws:pass","custom1"],"networkFirewallStatelessFragmentDefaultActions":["custom2","aws:pass"],"networkFirewallStatelessCustomActions":[\{"actionName":"custom1","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension1"\}]\}\}\},\{"actionName":"custom2","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension2"\}]\}\}\}],"networkFirewallStatefulRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1"\}],"networkFirewallOrchestrationConfig":\{"singleFirewallEndpointPerVPC":true,"allowedIPV4CidrList":["10.24.34.0/28"]\}
|
3191
3203
|
# \}"`
|
3192
3204
|
#
|
3205
|
+
# * Specification for `SHIELD_ADVANCED` for Amazon CloudFront
|
3206
|
+
# distributions
|
3207
|
+
#
|
3208
|
+
# `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
|
3209
|
+
# \{"automaticResponseStatus":"ENABLED|IGNORED|DISABLED",
|
3210
|
+
# "automaticResponseAction":"BLOCK|COUNT"\},
|
3211
|
+
# "overrideCustomerWebaclClassic":true|false\}"`
|
3212
|
+
#
|
3213
|
+
# For example:
|
3214
|
+
# `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
|
3215
|
+
# \{"automaticResponseStatus":"ENABLED",
|
3216
|
+
# "automaticResponseAction":"COUNT"\}\}"`
|
3217
|
+
#
|
3218
|
+
# The default value for `automaticResponseStatus` is `IGNORED`. The
|
3219
|
+
# value for `automaticResponseAction` is only required when
|
3220
|
+
# `automaticResponseStatus` is set to `ENABLED`. The default value
|
3221
|
+
# for `overrideCustomerWebaclClassic` is `false`.
|
3222
|
+
#
|
3223
|
+
# For other resource types that you can protect with a Shield
|
3224
|
+
# Advanced policy, this `ManagedServiceData` configuration is an
|
3225
|
+
# empty string.
|
3226
|
+
#
|
3193
3227
|
# * Example: `WAFV2`
|
3194
3228
|
#
|
3195
3229
|
# `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[\{"name":"NoUserAgent_HEADER"\}]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`
|
data/lib/aws-sdk-fms.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-fms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.46.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2022-01-12 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|