aws-sdk-networkfirewall 1.17.0 → 1.18.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +35 -7
- data/lib/aws-sdk-networkfirewall/client_api.rb +35 -0
- data/lib/aws-sdk-networkfirewall/types.rb +161 -1
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: b13f43ce3588c6c4542cafe04c38770518df59d8ac1d51f4544ea0ef03bae8cb
|
4
|
+
data.tar.gz: 2e8adacc2451fe8f264e0b67b870a1bbd700c292a67bb1a9c528b96e4dc66020
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 9204851dd108b726d1945b131d1c288ddec3987732d9ab6fe12b776b14fe107c607e4bc65dc69406c9edd03f5a319dc0e92728927563a94db9e740caf23809eb
|
7
|
+
data.tar.gz: 57ade2ad3ac3df5424ec6dab830ca3593855995dac31e88c0e6f97b1a5730d61359b2bca58873b7bce112c2a7270c69e0ae6886cc8662c3110711441ad19340a
|
data/CHANGELOG.md
CHANGED
@@ -1,6 +1,11 @@
|
|
1
1
|
Unreleased Changes
|
2
2
|
------------------
|
3
3
|
|
4
|
+
1.18.0 (2022-07-21)
|
5
|
+
------------------
|
6
|
+
|
7
|
+
* Feature - Network Firewall now supports referencing dynamic IP sets from stateful rule groups, for IP sets stored in Amazon VPC prefix lists.
|
8
|
+
|
4
9
|
1.17.0 (2022-04-28)
|
5
10
|
------------------
|
6
11
|
|
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.18.0
|
@@ -638,14 +638,18 @@ module Aws::NetworkFirewall
|
|
638
638
|
# resp.firewall.encryption_configuration.key_id #=> String
|
639
639
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
640
640
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
641
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
641
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
642
642
|
# resp.firewall_status.sync_states #=> Hash
|
643
643
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
644
644
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
645
645
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
646
646
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
647
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
647
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
648
648
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
649
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
650
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
651
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
652
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
649
653
|
#
|
650
654
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CreateFirewall AWS API Documentation
|
651
655
|
#
|
@@ -922,6 +926,13 @@ module Aws::NetworkFirewall
|
|
922
926
|
# },
|
923
927
|
# },
|
924
928
|
# },
|
929
|
+
# reference_sets: {
|
930
|
+
# ip_set_references: {
|
931
|
+
# "IPSetReferenceName" => {
|
932
|
+
# reference_arn: "ResourceArn",
|
933
|
+
# },
|
934
|
+
# },
|
935
|
+
# },
|
925
936
|
# rules_source: { # required
|
926
937
|
# rules_string: "RulesString",
|
927
938
|
# rules_source_list: {
|
@@ -1118,14 +1129,18 @@ module Aws::NetworkFirewall
|
|
1118
1129
|
# resp.firewall.encryption_configuration.key_id #=> String
|
1119
1130
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
1120
1131
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
1121
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
1132
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
1122
1133
|
# resp.firewall_status.sync_states #=> Hash
|
1123
1134
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
1124
1135
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
1125
1136
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
1126
1137
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
1127
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
1138
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
1128
1139
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
1140
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
1141
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
1142
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
1143
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
1129
1144
|
#
|
1130
1145
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DeleteFirewall AWS API Documentation
|
1131
1146
|
#
|
@@ -1321,14 +1336,18 @@ module Aws::NetworkFirewall
|
|
1321
1336
|
# resp.firewall.encryption_configuration.key_id #=> String
|
1322
1337
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
1323
1338
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
1324
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
1339
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
1325
1340
|
# resp.firewall_status.sync_states #=> Hash
|
1326
1341
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
1327
1342
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
1328
1343
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
1329
1344
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
1330
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
1345
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
1331
1346
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
1347
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
1348
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
1349
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
1350
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
1332
1351
|
#
|
1333
1352
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DescribeFirewall AWS API Documentation
|
1334
1353
|
#
|
@@ -1529,6 +1548,8 @@ module Aws::NetworkFirewall
|
|
1529
1548
|
# resp.rule_group.rule_variables.port_sets #=> Hash
|
1530
1549
|
# resp.rule_group.rule_variables.port_sets["RuleVariableName"].definition #=> Array
|
1531
1550
|
# resp.rule_group.rule_variables.port_sets["RuleVariableName"].definition[0] #=> String
|
1551
|
+
# resp.rule_group.reference_sets.ip_set_references #=> Hash
|
1552
|
+
# resp.rule_group.reference_sets.ip_set_references["IPSetReferenceName"].reference_arn #=> String
|
1532
1553
|
# resp.rule_group.rules_source.rules_string #=> String
|
1533
1554
|
# resp.rule_group.rules_source.rules_source_list.targets #=> Array
|
1534
1555
|
# resp.rule_group.rules_source.rules_source_list.targets[0] #=> String
|
@@ -2743,6 +2764,13 @@ module Aws::NetworkFirewall
|
|
2743
2764
|
# },
|
2744
2765
|
# },
|
2745
2766
|
# },
|
2767
|
+
# reference_sets: {
|
2768
|
+
# ip_set_references: {
|
2769
|
+
# "IPSetReferenceName" => {
|
2770
|
+
# reference_arn: "ResourceArn",
|
2771
|
+
# },
|
2772
|
+
# },
|
2773
|
+
# },
|
2746
2774
|
# rules_source: { # required
|
2747
2775
|
# rules_string: "RulesString",
|
2748
2776
|
# rules_source_list: {
|
@@ -2956,7 +2984,7 @@ module Aws::NetworkFirewall
|
|
2956
2984
|
params: params,
|
2957
2985
|
config: config)
|
2958
2986
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
2959
|
-
context[:gem_version] = '1.
|
2987
|
+
context[:gem_version] = '1.18.0'
|
2960
2988
|
Seahorse::Client::Request.new(handlers, context)
|
2961
2989
|
end
|
2962
2990
|
|
@@ -28,6 +28,9 @@ module Aws::NetworkFirewall
|
|
28
28
|
AzSubnet = Shapes::StringShape.new(name: 'AzSubnet')
|
29
29
|
AzSubnets = Shapes::ListShape.new(name: 'AzSubnets')
|
30
30
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
31
|
+
CIDRCount = Shapes::IntegerShape.new(name: 'CIDRCount')
|
32
|
+
CIDRSummary = Shapes::StructureShape.new(name: 'CIDRSummary')
|
33
|
+
CapacityUsageSummary = Shapes::StructureShape.new(name: 'CapacityUsageSummary')
|
31
34
|
CollectionMember_String = Shapes::StringShape.new(name: 'CollectionMember_String')
|
32
35
|
ConfigurationSyncState = Shapes::StringShape.new(name: 'ConfigurationSyncState')
|
33
36
|
CreateFirewallPolicyRequest = Shapes::StructureShape.new(name: 'CreateFirewallPolicyRequest')
|
@@ -84,6 +87,12 @@ module Aws::NetworkFirewall
|
|
84
87
|
HashMapValue = Shapes::StringShape.new(name: 'HashMapValue')
|
85
88
|
Header = Shapes::StructureShape.new(name: 'Header')
|
86
89
|
IPSet = Shapes::StructureShape.new(name: 'IPSet')
|
90
|
+
IPSetArn = Shapes::StringShape.new(name: 'IPSetArn')
|
91
|
+
IPSetMetadata = Shapes::StructureShape.new(name: 'IPSetMetadata')
|
92
|
+
IPSetMetadataMap = Shapes::MapShape.new(name: 'IPSetMetadataMap')
|
93
|
+
IPSetReference = Shapes::StructureShape.new(name: 'IPSetReference')
|
94
|
+
IPSetReferenceMap = Shapes::MapShape.new(name: 'IPSetReferenceMap')
|
95
|
+
IPSetReferenceName = Shapes::StringShape.new(name: 'IPSetReferenceName')
|
87
96
|
IPSets = Shapes::MapShape.new(name: 'IPSets')
|
88
97
|
InsufficientCapacityException = Shapes::StructureShape.new(name: 'InsufficientCapacityException')
|
89
98
|
InternalServerError = Shapes::StructureShape.new(name: 'InternalServerError')
|
@@ -130,6 +139,7 @@ module Aws::NetworkFirewall
|
|
130
139
|
PublishMetricAction = Shapes::StructureShape.new(name: 'PublishMetricAction')
|
131
140
|
PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
|
132
141
|
PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
|
142
|
+
ReferenceSets = Shapes::StructureShape.new(name: 'ReferenceSets')
|
133
143
|
ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
|
134
144
|
ResourceId = Shapes::StringShape.new(name: 'ResourceId')
|
135
145
|
ResourceManagedStatus = Shapes::StringShape.new(name: 'ResourceManagedStatus')
|
@@ -258,6 +268,14 @@ module Aws::NetworkFirewall
|
|
258
268
|
|
259
269
|
AzSubnets.member = Shapes::ShapeRef.new(shape: AzSubnet)
|
260
270
|
|
271
|
+
CIDRSummary.add_member(:available_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "AvailableCIDRCount"))
|
272
|
+
CIDRSummary.add_member(:utilized_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "UtilizedCIDRCount"))
|
273
|
+
CIDRSummary.add_member(:ip_set_references, Shapes::ShapeRef.new(shape: IPSetMetadataMap, location_name: "IPSetReferences"))
|
274
|
+
CIDRSummary.struct_class = Types::CIDRSummary
|
275
|
+
|
276
|
+
CapacityUsageSummary.add_member(:cid_rs, Shapes::ShapeRef.new(shape: CIDRSummary, location_name: "CIDRs"))
|
277
|
+
CapacityUsageSummary.struct_class = Types::CapacityUsageSummary
|
278
|
+
|
261
279
|
CreateFirewallPolicyRequest.add_member(:firewall_policy_name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "FirewallPolicyName"))
|
262
280
|
CreateFirewallPolicyRequest.add_member(:firewall_policy, Shapes::ShapeRef.new(shape: FirewallPolicy, required: true, location_name: "FirewallPolicy"))
|
263
281
|
CreateFirewallPolicyRequest.add_member(:description, Shapes::ShapeRef.new(shape: Description, location_name: "Description"))
|
@@ -462,6 +480,7 @@ module Aws::NetworkFirewall
|
|
462
480
|
FirewallStatus.add_member(:status, Shapes::ShapeRef.new(shape: FirewallStatusValue, required: true, location_name: "Status"))
|
463
481
|
FirewallStatus.add_member(:configuration_sync_state_summary, Shapes::ShapeRef.new(shape: ConfigurationSyncState, required: true, location_name: "ConfigurationSyncStateSummary"))
|
464
482
|
FirewallStatus.add_member(:sync_states, Shapes::ShapeRef.new(shape: SyncStates, location_name: "SyncStates"))
|
483
|
+
FirewallStatus.add_member(:capacity_usage_summary, Shapes::ShapeRef.new(shape: CapacityUsageSummary, location_name: "CapacityUsageSummary"))
|
465
484
|
FirewallStatus.struct_class = Types::FirewallStatus
|
466
485
|
|
467
486
|
Firewalls.member = Shapes::ShapeRef.new(shape: FirewallMetadata)
|
@@ -479,6 +498,18 @@ module Aws::NetworkFirewall
|
|
479
498
|
IPSet.add_member(:definition, Shapes::ShapeRef.new(shape: VariableDefinitionList, required: true, location_name: "Definition"))
|
480
499
|
IPSet.struct_class = Types::IPSet
|
481
500
|
|
501
|
+
IPSetMetadata.add_member(:resolved_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "ResolvedCIDRCount"))
|
502
|
+
IPSetMetadata.struct_class = Types::IPSetMetadata
|
503
|
+
|
504
|
+
IPSetMetadataMap.key = Shapes::ShapeRef.new(shape: IPSetArn)
|
505
|
+
IPSetMetadataMap.value = Shapes::ShapeRef.new(shape: IPSetMetadata)
|
506
|
+
|
507
|
+
IPSetReference.add_member(:reference_arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "ReferenceArn"))
|
508
|
+
IPSetReference.struct_class = Types::IPSetReference
|
509
|
+
|
510
|
+
IPSetReferenceMap.key = Shapes::ShapeRef.new(shape: IPSetReferenceName)
|
511
|
+
IPSetReferenceMap.value = Shapes::ShapeRef.new(shape: IPSetReference)
|
512
|
+
|
482
513
|
IPSets.key = Shapes::ShapeRef.new(shape: RuleVariableName)
|
483
514
|
IPSets.value = Shapes::ShapeRef.new(shape: IPSet)
|
484
515
|
|
@@ -591,6 +622,9 @@ module Aws::NetworkFirewall
|
|
591
622
|
|
592
623
|
PutResourcePolicyResponse.struct_class = Types::PutResourcePolicyResponse
|
593
624
|
|
625
|
+
ReferenceSets.add_member(:ip_set_references, Shapes::ShapeRef.new(shape: IPSetReferenceMap, location_name: "IPSetReferences"))
|
626
|
+
ReferenceSets.struct_class = Types::ReferenceSets
|
627
|
+
|
594
628
|
ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
595
629
|
ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
|
596
630
|
|
@@ -602,6 +636,7 @@ module Aws::NetworkFirewall
|
|
602
636
|
RuleDefinition.struct_class = Types::RuleDefinition
|
603
637
|
|
604
638
|
RuleGroup.add_member(:rule_variables, Shapes::ShapeRef.new(shape: RuleVariables, location_name: "RuleVariables"))
|
639
|
+
RuleGroup.add_member(:reference_sets, Shapes::ShapeRef.new(shape: ReferenceSets, location_name: "ReferenceSets"))
|
605
640
|
RuleGroup.add_member(:rules_source, Shapes::ShapeRef.new(shape: RulesSource, required: true, location_name: "RulesSource"))
|
606
641
|
RuleGroup.add_member(:stateful_rule_options, Shapes::ShapeRef.new(shape: StatefulRuleOptions, location_name: "StatefulRuleOptions"))
|
607
642
|
RuleGroup.struct_class = Types::RuleGroup
|
@@ -329,6 +329,50 @@ module Aws::NetworkFirewall
|
|
329
329
|
include Aws::Structure
|
330
330
|
end
|
331
331
|
|
332
|
+
# Summarizes the CIDR blocks used by the IP set references in a
|
333
|
+
# firewall. Network Firewall calculates the number of CIDRs by taking an
|
334
|
+
# aggregated count of all CIDRs used by the IP sets you are referencing.
|
335
|
+
#
|
336
|
+
# @!attribute [rw] available_cidr_count
|
337
|
+
# The number of CIDR blocks available for use by the IP set references
|
338
|
+
# in a firewall.
|
339
|
+
# @return [Integer]
|
340
|
+
#
|
341
|
+
# @!attribute [rw] utilized_cidr_count
|
342
|
+
# The number of CIDR blocks used by the IP set references in a
|
343
|
+
# firewall.
|
344
|
+
# @return [Integer]
|
345
|
+
#
|
346
|
+
# @!attribute [rw] ip_set_references
|
347
|
+
# The list of the IP set references used by a firewall.
|
348
|
+
# @return [Hash<String,Types::IPSetMetadata>]
|
349
|
+
#
|
350
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CIDRSummary AWS API Documentation
|
351
|
+
#
|
352
|
+
class CIDRSummary < Struct.new(
|
353
|
+
:available_cidr_count,
|
354
|
+
:utilized_cidr_count,
|
355
|
+
:ip_set_references)
|
356
|
+
SENSITIVE = []
|
357
|
+
include Aws::Structure
|
358
|
+
end
|
359
|
+
|
360
|
+
# The capacity usage summary of the resources used by the ReferenceSets
|
361
|
+
# in a firewall.
|
362
|
+
#
|
363
|
+
# @!attribute [rw] cid_rs
|
364
|
+
# Describes the capacity usage of the CIDR blocks used by the IP set
|
365
|
+
# references in a firewall.
|
366
|
+
# @return [Types::CIDRSummary]
|
367
|
+
#
|
368
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CapacityUsageSummary AWS API Documentation
|
369
|
+
#
|
370
|
+
class CapacityUsageSummary < Struct.new(
|
371
|
+
:cid_rs)
|
372
|
+
SENSITIVE = []
|
373
|
+
include Aws::Structure
|
374
|
+
end
|
375
|
+
|
332
376
|
# @note When making an API call, you may pass CreateFirewallPolicyRequest
|
333
377
|
# data as a hash:
|
334
378
|
#
|
@@ -609,6 +653,13 @@ module Aws::NetworkFirewall
|
|
609
653
|
# },
|
610
654
|
# },
|
611
655
|
# },
|
656
|
+
# reference_sets: {
|
657
|
+
# ip_set_references: {
|
658
|
+
# "IPSetReferenceName" => {
|
659
|
+
# reference_arn: "ResourceArn",
|
660
|
+
# },
|
661
|
+
# },
|
662
|
+
# },
|
612
663
|
# rules_source: { # required
|
613
664
|
# rules_string: "RulesString",
|
614
665
|
# rules_source_list: {
|
@@ -2120,12 +2171,20 @@ module Aws::NetworkFirewall
|
|
2120
2171
|
# and configuration object.
|
2121
2172
|
# @return [Hash<String,Types::SyncState>]
|
2122
2173
|
#
|
2174
|
+
# @!attribute [rw] capacity_usage_summary
|
2175
|
+
# Describes the capacity usage of the resources contained in a
|
2176
|
+
# firewall's reference sets. Network Firewall calclulates the
|
2177
|
+
# capacity usage by taking an aggregated count of all of the resources
|
2178
|
+
# used by all of the reference sets in a firewall.
|
2179
|
+
# @return [Types::CapacityUsageSummary]
|
2180
|
+
#
|
2123
2181
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/FirewallStatus AWS API Documentation
|
2124
2182
|
#
|
2125
2183
|
class FirewallStatus < Struct.new(
|
2126
2184
|
:status,
|
2127
2185
|
:configuration_sync_state_summary,
|
2128
|
-
:sync_states
|
2186
|
+
:sync_states,
|
2187
|
+
:capacity_usage_summary)
|
2129
2188
|
SENSITIVE = []
|
2130
2189
|
include Aws::Structure
|
2131
2190
|
end
|
@@ -2255,6 +2314,63 @@ module Aws::NetworkFirewall
|
|
2255
2314
|
include Aws::Structure
|
2256
2315
|
end
|
2257
2316
|
|
2317
|
+
# General information about the IP set.
|
2318
|
+
#
|
2319
|
+
# @!attribute [rw] resolved_cidr_count
|
2320
|
+
# Describes the total number of CIDR blocks currently in use by the IP
|
2321
|
+
# set references in a firewall. To determine how many CIDR blocks are
|
2322
|
+
# available for you to use in a firewall, you can call
|
2323
|
+
# `AvailableCIDRCount`.
|
2324
|
+
# @return [Integer]
|
2325
|
+
#
|
2326
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/IPSetMetadata AWS API Documentation
|
2327
|
+
#
|
2328
|
+
class IPSetMetadata < Struct.new(
|
2329
|
+
:resolved_cidr_count)
|
2330
|
+
SENSITIVE = []
|
2331
|
+
include Aws::Structure
|
2332
|
+
end
|
2333
|
+
|
2334
|
+
# Configures one or more IP set references for a Suricata-compatible
|
2335
|
+
# rule group. This is used in CreateRuleGroup or UpdateRuleGroup. An IP
|
2336
|
+
# set reference is a rule variable that references a resource that you
|
2337
|
+
# create and manage in another Amazon Web Services service, such as an
|
2338
|
+
# Amazon VPC prefix list. Network Firewall IP set references enable you
|
2339
|
+
# to dynamically update the contents of your rules. When you create,
|
2340
|
+
# update, or delete the IP set you are referencing in your rule, Network
|
2341
|
+
# Firewall automatically updates the rule's content with the changes.
|
2342
|
+
# For more information about IP set references in Network Firewall, see
|
2343
|
+
# [Using IP set references][1] in the *Network Firewall Developer
|
2344
|
+
# Guide*.
|
2345
|
+
#
|
2346
|
+
# Network Firewall currently supports only [Amazon VPC prefix lists][2]
|
2347
|
+
# as IP set references.
|
2348
|
+
#
|
2349
|
+
#
|
2350
|
+
#
|
2351
|
+
# [1]: https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-references
|
2352
|
+
# [2]: https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html
|
2353
|
+
#
|
2354
|
+
# @note When making an API call, you may pass IPSetReference
|
2355
|
+
# data as a hash:
|
2356
|
+
#
|
2357
|
+
# {
|
2358
|
+
# reference_arn: "ResourceArn",
|
2359
|
+
# }
|
2360
|
+
#
|
2361
|
+
# @!attribute [rw] reference_arn
|
2362
|
+
# The Amazon Resource Name (ARN) of the resource that you are
|
2363
|
+
# referencing in your rule group.
|
2364
|
+
# @return [String]
|
2365
|
+
#
|
2366
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/IPSetReference AWS API Documentation
|
2367
|
+
#
|
2368
|
+
class IPSetReference < Struct.new(
|
2369
|
+
:reference_arn)
|
2370
|
+
SENSITIVE = []
|
2371
|
+
include Aws::Structure
|
2372
|
+
end
|
2373
|
+
|
2258
2374
|
# Amazon Web Services doesn't currently have enough available capacity
|
2259
2375
|
# to fulfill your request. Try your request later.
|
2260
2376
|
#
|
@@ -2983,6 +3099,31 @@ module Aws::NetworkFirewall
|
|
2983
3099
|
#
|
2984
3100
|
class PutResourcePolicyResponse < Aws::EmptyStructure; end
|
2985
3101
|
|
3102
|
+
# Contains a set of IP set references.
|
3103
|
+
#
|
3104
|
+
# @note When making an API call, you may pass ReferenceSets
|
3105
|
+
# data as a hash:
|
3106
|
+
#
|
3107
|
+
# {
|
3108
|
+
# ip_set_references: {
|
3109
|
+
# "IPSetReferenceName" => {
|
3110
|
+
# reference_arn: "ResourceArn",
|
3111
|
+
# },
|
3112
|
+
# },
|
3113
|
+
# }
|
3114
|
+
#
|
3115
|
+
# @!attribute [rw] ip_set_references
|
3116
|
+
# The list of IP set references.
|
3117
|
+
# @return [Hash<String,Types::IPSetReference>]
|
3118
|
+
#
|
3119
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/ReferenceSets AWS API Documentation
|
3120
|
+
#
|
3121
|
+
class ReferenceSets < Struct.new(
|
3122
|
+
:ip_set_references)
|
3123
|
+
SENSITIVE = []
|
3124
|
+
include Aws::Structure
|
3125
|
+
end
|
3126
|
+
|
2986
3127
|
# Unable to locate a resource using the parameters that you provided.
|
2987
3128
|
#
|
2988
3129
|
# @!attribute [rw] message
|
@@ -3136,6 +3277,13 @@ module Aws::NetworkFirewall
|
|
3136
3277
|
# },
|
3137
3278
|
# },
|
3138
3279
|
# },
|
3280
|
+
# reference_sets: {
|
3281
|
+
# ip_set_references: {
|
3282
|
+
# "IPSetReferenceName" => {
|
3283
|
+
# reference_arn: "ResourceArn",
|
3284
|
+
# },
|
3285
|
+
# },
|
3286
|
+
# },
|
3139
3287
|
# rules_source: { # required
|
3140
3288
|
# rules_string: "RulesString",
|
3141
3289
|
# rules_source_list: {
|
@@ -3228,6 +3376,10 @@ module Aws::NetworkFirewall
|
|
3228
3376
|
# You can only use these for stateful rule groups.
|
3229
3377
|
# @return [Types::RuleVariables]
|
3230
3378
|
#
|
3379
|
+
# @!attribute [rw] reference_sets
|
3380
|
+
# The list of a rule group's reference sets.
|
3381
|
+
# @return [Types::ReferenceSets]
|
3382
|
+
#
|
3231
3383
|
# @!attribute [rw] rules_source
|
3232
3384
|
# The stateful rules or stateless rules for the rule group.
|
3233
3385
|
# @return [Types::RulesSource]
|
@@ -3243,6 +3395,7 @@ module Aws::NetworkFirewall
|
|
3243
3395
|
#
|
3244
3396
|
class RuleGroup < Struct.new(
|
3245
3397
|
:rule_variables,
|
3398
|
+
:reference_sets,
|
3246
3399
|
:rules_source,
|
3247
3400
|
:stateful_rule_options)
|
3248
3401
|
SENSITIVE = []
|
@@ -5000,6 +5153,13 @@ module Aws::NetworkFirewall
|
|
5000
5153
|
# },
|
5001
5154
|
# },
|
5002
5155
|
# },
|
5156
|
+
# reference_sets: {
|
5157
|
+
# ip_set_references: {
|
5158
|
+
# "IPSetReferenceName" => {
|
5159
|
+
# reference_arn: "ResourceArn",
|
5160
|
+
# },
|
5161
|
+
# },
|
5162
|
+
# },
|
5003
5163
|
# rules_source: { # required
|
5004
5164
|
# rules_string: "RulesString",
|
5005
5165
|
# rules_source_list: {
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-networkfirewall
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.18.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2022-
|
11
|
+
date: 2022-07-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|