aws-sdk-fms 1.45.0 → 1.46.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +2 -2
- data/lib/aws-sdk-fms/types.rb +46 -12
- data/lib/aws-sdk-fms.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 46011c8a0d1ac1a893ddb12eb50359dfc36db299e867e5555c3386515248cb8c
|
|
4
|
+
data.tar.gz: 991fc8f813518416b8bd633cbc182d17dbfef0e6b312a7bb6c5c01e479638c28
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 72126679e6333a1a7172f239a8b2995dadad58958bd03dccd3115cba67f7e506ecb6070562e5f8ab49217bb9cfd215df500e4352a47c9578fa6c4fd6d548664d
|
|
7
|
+
data.tar.gz: e1f1c08f993a995377ba5489aa27ad7fa2009406e23b4fe068afc0c428bfe388c8eaf69cd79a091121ed185690c425f02eaca3a397d99044846dec03e0e29e97
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.46.0 (2022-01-12)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Shield Advanced policies for Amazon CloudFront resources now support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData ManagedServiceData is now 8192 characters, instead of 4096.
|
|
8
|
+
|
|
4
9
|
1.45.0 (2021-12-21)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.46.0
|
data/lib/aws-sdk-fms/client.rb
CHANGED
|
@@ -1603,7 +1603,7 @@ module Aws::FMS
|
|
|
1603
1603
|
# * An Network Firewall policy, which provides firewall rules to filter
|
|
1604
1604
|
# network traffic in specified Amazon VPCs.
|
|
1605
1605
|
#
|
|
1606
|
-
# * A DNS Firewall policy, which provides Route
|
|
1606
|
+
# * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
|
|
1607
1607
|
# rules to filter DNS queries for specified VPCs.
|
|
1608
1608
|
#
|
|
1609
1609
|
# Each policy is specific to one of the types. If you want to enforce
|
|
@@ -1831,7 +1831,7 @@ module Aws::FMS
|
|
|
1831
1831
|
params: params,
|
|
1832
1832
|
config: config)
|
|
1833
1833
|
context[:gem_name] = 'aws-sdk-fms'
|
|
1834
|
-
context[:gem_version] = '1.
|
|
1834
|
+
context[:gem_version] = '1.46.0'
|
|
1835
1835
|
Seahorse::Client::Request.new(handlers, context)
|
|
1836
1836
|
end
|
|
1837
1837
|
|
data/lib/aws-sdk-fms/types.rb
CHANGED
|
@@ -2152,8 +2152,9 @@ module Aws::FMS
|
|
|
2152
2152
|
# specify a resource type of `ResourceTypeList` and then specify the
|
|
2153
2153
|
# resource types in a `ResourceTypeList`.
|
|
2154
2154
|
#
|
|
2155
|
-
# For WAF and Shield Advanced,
|
|
2156
|
-
# `AWS::ElasticLoadBalancingV2::LoadBalancer
|
|
2155
|
+
# For WAF and Shield Advanced, resource types include
|
|
2156
|
+
# `AWS::ElasticLoadBalancingV2::LoadBalancer`,
|
|
2157
|
+
# `AWS::ElasticLoadBalancing::LoadBalancer`, `AWS::EC2::EIP`, and
|
|
2157
2158
|
# `AWS::CloudFront::Distribution`. For a security group common policy,
|
|
2158
2159
|
# valid values are `AWS::EC2::NetworkInterface` and
|
|
2159
2160
|
# `AWS::EC2::Instance`. For a security group content audit policy,
|
|
@@ -2191,10 +2192,16 @@ module Aws::FMS
|
|
|
2191
2192
|
# @return [Boolean]
|
|
2192
2193
|
#
|
|
2193
2194
|
# @!attribute [rw] delete_unused_fm_managed_resources
|
|
2194
|
-
# Indicates whether Firewall Manager should
|
|
2195
|
-
#
|
|
2196
|
-
#
|
|
2197
|
-
#
|
|
2195
|
+
# Indicates whether Firewall Manager should automatically remove
|
|
2196
|
+
# protections from resources that leave the policy scope and clean up
|
|
2197
|
+
# resources that Firewall Manager is managing for accounts when those
|
|
2198
|
+
# accounts leave policy scope. For example, Firewall Manager will
|
|
2199
|
+
# disassociate a Firewall Manager managed web ACL from a protected
|
|
2200
|
+
# customer resource when the customer resource leaves policy scope.
|
|
2201
|
+
#
|
|
2202
|
+
# By default, Firewall Manager doesn't remove protections or delete
|
|
2203
|
+
# Firewall Manager managed resources.
|
|
2204
|
+
#
|
|
2198
2205
|
# This option is not available for Shield Advanced or WAF Classic
|
|
2199
2206
|
# policies.
|
|
2200
2207
|
# @return [Boolean]
|
|
@@ -2427,10 +2434,16 @@ module Aws::FMS
|
|
|
2427
2434
|
# @return [Boolean]
|
|
2428
2435
|
#
|
|
2429
2436
|
# @!attribute [rw] delete_unused_fm_managed_resources
|
|
2430
|
-
# Indicates whether Firewall Manager should
|
|
2431
|
-
#
|
|
2432
|
-
#
|
|
2433
|
-
#
|
|
2437
|
+
# Indicates whether Firewall Manager should automatically remove
|
|
2438
|
+
# protections from resources that leave the policy scope and clean up
|
|
2439
|
+
# resources that Firewall Manager is managing for accounts when those
|
|
2440
|
+
# accounts leave policy scope. For example, Firewall Manager will
|
|
2441
|
+
# disassociate a Firewall Manager managed web ACL from a protected
|
|
2442
|
+
# customer resource when the customer resource leaves policy scope.
|
|
2443
|
+
#
|
|
2444
|
+
# By default, Firewall Manager doesn't remove protections or delete
|
|
2445
|
+
# Firewall Manager managed resources.
|
|
2446
|
+
#
|
|
2434
2447
|
# This option is not available for Shield Advanced or WAF Classic
|
|
2435
2448
|
# policies.
|
|
2436
2449
|
# @return [Boolean]
|
|
@@ -3172,8 +3185,7 @@ module Aws::FMS
|
|
|
3172
3185
|
#
|
|
3173
3186
|
# @!attribute [rw] managed_service_data
|
|
3174
3187
|
# Details about the service that are specific to the service type, in
|
|
3175
|
-
# JSON format.
|
|
3176
|
-
# string.
|
|
3188
|
+
# JSON format.
|
|
3177
3189
|
#
|
|
3178
3190
|
# * Example: `DNS_FIREWALL`
|
|
3179
3191
|
#
|
|
@@ -3190,6 +3202,28 @@ module Aws::FMS
|
|
|
3190
3202
|
# `"\{"type":"NETWORK_FIREWALL","networkFirewallStatelessRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2","priority":10\}],"networkFirewallStatelessDefaultActions":["aws:pass","custom1"],"networkFirewallStatelessFragmentDefaultActions":["custom2","aws:pass"],"networkFirewallStatelessCustomActions":[\{"actionName":"custom1","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension1"\}]\}\}\},\{"actionName":"custom2","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension2"\}]\}\}\}],"networkFirewallStatefulRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1"\}],"networkFirewallOrchestrationConfig":\{"singleFirewallEndpointPerVPC":true,"allowedIPV4CidrList":["10.24.34.0/28"]\}
|
|
3191
3203
|
# \}"`
|
|
3192
3204
|
#
|
|
3205
|
+
# * Specification for `SHIELD_ADVANCED` for Amazon CloudFront
|
|
3206
|
+
# distributions
|
|
3207
|
+
#
|
|
3208
|
+
# `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
|
|
3209
|
+
# \{"automaticResponseStatus":"ENABLED|IGNORED|DISABLED",
|
|
3210
|
+
# "automaticResponseAction":"BLOCK|COUNT"\},
|
|
3211
|
+
# "overrideCustomerWebaclClassic":true|false\}"`
|
|
3212
|
+
#
|
|
3213
|
+
# For example:
|
|
3214
|
+
# `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
|
|
3215
|
+
# \{"automaticResponseStatus":"ENABLED",
|
|
3216
|
+
# "automaticResponseAction":"COUNT"\}\}"`
|
|
3217
|
+
#
|
|
3218
|
+
# The default value for `automaticResponseStatus` is `IGNORED`. The
|
|
3219
|
+
# value for `automaticResponseAction` is only required when
|
|
3220
|
+
# `automaticResponseStatus` is set to `ENABLED`. The default value
|
|
3221
|
+
# for `overrideCustomerWebaclClassic` is `false`.
|
|
3222
|
+
#
|
|
3223
|
+
# For other resource types that you can protect with a Shield
|
|
3224
|
+
# Advanced policy, this `ManagedServiceData` configuration is an
|
|
3225
|
+
# empty string.
|
|
3226
|
+
#
|
|
3193
3227
|
# * Example: `WAFV2`
|
|
3194
3228
|
#
|
|
3195
3229
|
# `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[\{"name":"NoUserAgent_HEADER"\}]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`
|
data/lib/aws-sdk-fms.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-fms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.46.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2022-01-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|