aws-sdk-fms 1.45.0 → 1.46.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (7) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-fms/client.rb +2 -2
  5. data/lib/aws-sdk-fms/types.rb +46 -12
  6. data/lib/aws-sdk-fms.rb +1 -1
  7. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: e950287cab784b4458a946d831d09c56b84d281f5ca0b5138018147954b8cea7
4
- data.tar.gz: f5182a7e205bca73f3d205c7cb9cb4699db2aab04c515aeaa50e73c3252eec9d
3
+ metadata.gz: 46011c8a0d1ac1a893ddb12eb50359dfc36db299e867e5555c3386515248cb8c
4
+ data.tar.gz: 991fc8f813518416b8bd633cbc182d17dbfef0e6b312a7bb6c5c01e479638c28
5
5
  SHA512:
6
- metadata.gz: eda78cbfb7faa85d0b541949d43b4f0e70283b62798f7c87b17ecf76743e5f13482483c0f54b9d0c818b37dbd5ca04396d9ea562abcb69d09ab7698b80741a6c
7
- data.tar.gz: d20790ddfee9a7b1c3008a4d15839016e757ff59ef441e87458467708116272f0774c1cf567fe89991426a84b5c3766781d69fe72324c8dab6c73971452cbc5f
6
+ metadata.gz: 72126679e6333a1a7172f239a8b2995dadad58958bd03dccd3115cba67f7e506ecb6070562e5f8ab49217bb9cfd215df500e4352a47c9578fa6c4fd6d548664d
7
+ data.tar.gz: e1f1c08f993a995377ba5489aa27ad7fa2009406e23b4fe068afc0c428bfe388c8eaf69cd79a091121ed185690c425f02eaca3a397d99044846dec03e0e29e97
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.46.0 (2022-01-12)
5
+ ------------------
6
+
7
+ * Feature - Shield Advanced policies for Amazon CloudFront resources now support automatic application layer DDoS mitigation. The max length for SecurityServicePolicyData ManagedServiceData is now 8192 characters, instead of 4096.
8
+
4
9
  1.45.0 (2021-12-21)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.45.0
1
+ 1.46.0
data/lib/aws-sdk-fms/client.rb CHANGED
@@ -1603,7 +1603,7 @@ module Aws::FMS
1603
1603
  # * An Network Firewall policy, which provides firewall rules to filter
1604
1604
  # network traffic in specified Amazon VPCs.
1605
1605
  #
1606
- # * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
1606
+ # * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall
1607
1607
  # rules to filter DNS queries for specified VPCs.
1608
1608
  #
1609
1609
  # Each policy is specific to one of the types. If you want to enforce
@@ -1831,7 +1831,7 @@ module Aws::FMS
1831
1831
  params: params,
1832
1832
  config: config)
1833
1833
  context[:gem_name] = 'aws-sdk-fms'
1834
- context[:gem_version] = '1.45.0'
1834
+ context[:gem_version] = '1.46.0'
1835
1835
  Seahorse::Client::Request.new(handlers, context)
1836
1836
  end
1837
1837
 
data/lib/aws-sdk-fms/types.rb CHANGED
@@ -2152,8 +2152,9 @@ module Aws::FMS
2152
2152
  # specify a resource type of `ResourceTypeList` and then specify the
2153
2153
  # resource types in a `ResourceTypeList`.
2154
2154
  #
2155
- # For WAF and Shield Advanced, example resource types include
2156
- # `AWS::ElasticLoadBalancingV2::LoadBalancer` and
2155
+ # For WAF and Shield Advanced, resource types include
2156
+ # `AWS::ElasticLoadBalancingV2::LoadBalancer`,
2157
+ # `AWS::ElasticLoadBalancing::LoadBalancer`, `AWS::EC2::EIP`, and
2157
2158
  # `AWS::CloudFront::Distribution`. For a security group common policy,
2158
2159
  # valid values are `AWS::EC2::NetworkInterface` and
2159
2160
  # `AWS::EC2::Instance`. For a security group content audit policy,
@@ -2191,10 +2192,16 @@ module Aws::FMS
2191
2192
  # @return [Boolean]
2192
2193
  #
2193
2194
  # @!attribute [rw] delete_unused_fm_managed_resources
2194
- # Indicates whether Firewall Manager should delete Firewall Manager
2195
- # managed resources, such as web ACLs and security groups, when they
2196
- # are not in use by the Firewall Manager policy. By default, Firewall
2197
- # Manager doesn't delete unused Firewall Manager managed resources.
2195
+ # Indicates whether Firewall Manager should automatically remove
2196
+ # protections from resources that leave the policy scope and clean up
2197
+ # resources that Firewall Manager is managing for accounts when those
2198
+ # accounts leave policy scope. For example, Firewall Manager will
2199
+ # disassociate a Firewall Manager managed web ACL from a protected
2200
+ # customer resource when the customer resource leaves policy scope.
2201
+ #
2202
+ # By default, Firewall Manager doesn't remove protections or delete
2203
+ # Firewall Manager managed resources.
2204
+ #
2198
2205
  # This option is not available for Shield Advanced or WAF Classic
2199
2206
  # policies.
2200
2207
  # @return [Boolean]
@@ -2427,10 +2434,16 @@ module Aws::FMS
2427
2434
  # @return [Boolean]
2428
2435
  #
2429
2436
  # @!attribute [rw] delete_unused_fm_managed_resources
2430
- # Indicates whether Firewall Manager should delete Firewall Manager
2431
- # managed resources, such as web ACLs and security groups, when they
2432
- # are not in use by the Firewall Manager policy. By default, Firewall
2433
- # Manager doesn't delete unused Firewall Manager managed resources.
2437
+ # Indicates whether Firewall Manager should automatically remove
2438
+ # protections from resources that leave the policy scope and clean up
2439
+ # resources that Firewall Manager is managing for accounts when those
2440
+ # accounts leave policy scope. For example, Firewall Manager will
2441
+ # disassociate a Firewall Manager managed web ACL from a protected
2442
+ # customer resource when the customer resource leaves policy scope.
2443
+ #
2444
+ # By default, Firewall Manager doesn't remove protections or delete
2445
+ # Firewall Manager managed resources.
2446
+ #
2434
2447
  # This option is not available for Shield Advanced or WAF Classic
2435
2448
  # policies.
2436
2449
  # @return [Boolean]
@@ -3172,8 +3185,7 @@ module Aws::FMS
3172
3185
  #
3173
3186
  # @!attribute [rw] managed_service_data
3174
3187
  # Details about the service that are specific to the service type, in
3175
- # JSON format. For service type `SHIELD_ADVANCED`, this is an empty
3176
- # string.
3188
+ # JSON format.
3177
3189
  #
3178
3190
  # * Example: `DNS_FIREWALL`
3179
3191
  #
@@ -3190,6 +3202,28 @@ module Aws::FMS
3190
3202
  # `"\{"type":"NETWORK_FIREWALL","networkFirewallStatelessRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2","priority":10\}],"networkFirewallStatelessDefaultActions":["aws:pass","custom1"],"networkFirewallStatelessFragmentDefaultActions":["custom2","aws:pass"],"networkFirewallStatelessCustomActions":[\{"actionName":"custom1","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension1"\}]\}\}\},\{"actionName":"custom2","actionDefinition":\{"publishMetricAction":\{"dimensions":[\{"value":"dimension2"\}]\}\}\}],"networkFirewallStatefulRuleGroupReferences":[\{"resourceARN":"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1"\}],"networkFirewallOrchestrationConfig":\{"singleFirewallEndpointPerVPC":true,"allowedIPV4CidrList":["10.24.34.0/28"]\}
3191
3203
  # \}"`
3192
3204
  #
3205
+ # * Specification for `SHIELD_ADVANCED` for Amazon CloudFront
3206
+ # distributions
3207
+ #
3208
+ # `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
3209
+ # \{"automaticResponseStatus":"ENABLED|IGNORED|DISABLED",
3210
+ # "automaticResponseAction":"BLOCK|COUNT"\},
3211
+ # "overrideCustomerWebaclClassic":true|false\}"`
3212
+ #
3213
+ # For example:
3214
+ # `"\{"type":"SHIELD_ADVANCED","automaticResponseConfiguration":
3215
+ # \{"automaticResponseStatus":"ENABLED",
3216
+ # "automaticResponseAction":"COUNT"\}\}"`
3217
+ #
3218
+ # The default value for `automaticResponseStatus` is `IGNORED`. The
3219
+ # value for `automaticResponseAction` is only required when
3220
+ # `automaticResponseStatus` is set to `ENABLED`. The default value
3221
+ # for `overrideCustomerWebaclClassic` is `false`.
3222
+ #
3223
+ # For other resource types that you can protect with a Shield
3224
+ # Advanced policy, this `ManagedServiceData` configuration is an
3225
+ # empty string.
3226
+ #
3193
3227
  # * Example: `WAFV2`
3194
3228
  #
3195
3229
  # `"\{"type":"WAFV2","preProcessRuleGroups":[\{"ruleGroupArn":null,"overrideAction":\{"type":"NONE"\},"managedRuleGroupIdentifier":\{"version":null,"vendorName":"AWS","managedRuleGroupName":"AWSManagedRulesAmazonIpReputationList"\},"ruleGroupType":"ManagedRuleGroup","excludeRules":[\{"name":"NoUserAgent_HEADER"\}]\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"overrideCustomerWebACLAssociation":false,"loggingConfiguration":\{"logDestinationConfigs":["arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination"],"redactedFields":[\{"redactedFieldType":"SingleHeader","redactedFieldValue":"Cookies"\},\{"redactedFieldType":"Method"\}]\}\}"`
data/lib/aws-sdk-fms.rb CHANGED
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-fms/customizations'
48
48
  # @!group service
49
49
  module Aws::FMS
50
50
 
51
- GEM_VERSION = '1.45.0'
51
+ GEM_VERSION = '1.46.0'
52
52
 
53
53
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-fms
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.45.0
4
+ version: 1.46.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-12-21 00:00:00.000000000 Z
11
+ date: 2022-01-12 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core