aws-sdk-networkfirewall 1.18.0 → 1.19.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +4 -1
- data/lib/aws-sdk-networkfirewall/client_api.rb +2 -0
- data/lib/aws-sdk-networkfirewall/types.rb +28 -3
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: be09ee175389ae3449ee0b6b244e4a6cb85248f68ae8bde115ae537d287c18f8
|
|
4
|
+
data.tar.gz: 7b4ec448cbb2f8e0d3d27ea2df20722412cedd32b9842a29038395da48788ae3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8664e5c493bae474d7fa36b98376961f25899deabb5c88192fd346c01af62c79a5697df7de4ce7afb06c3846f9484e7cd02435713fdd5c2c7e459fb61b61f8cf
|
|
7
|
+
data.tar.gz: '0690ea32a49da14aaf14afa86002f580f6157466b56153b14f10207110acb8cf0776744b136a19658eb2b297af6a7e023866e71e97eff74f31ff1b6bb0d4e5db'
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.19.0 (2022-10-05)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - StreamExceptionPolicy configures how AWS Network Firewall processes traffic when a network connection breaks midstream
|
|
8
|
+
|
|
4
9
|
1.18.0 (2022-07-21)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.19.0
|
|
@@ -744,6 +744,7 @@ module Aws::NetworkFirewall
|
|
|
744
744
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
745
745
|
# stateful_engine_options: {
|
|
746
746
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
747
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
747
748
|
# },
|
|
748
749
|
# },
|
|
749
750
|
# description: "Description",
|
|
@@ -1419,6 +1420,7 @@ module Aws::NetworkFirewall
|
|
|
1419
1420
|
# resp.firewall_policy.stateful_default_actions #=> Array
|
|
1420
1421
|
# resp.firewall_policy.stateful_default_actions[0] #=> String
|
|
1421
1422
|
# resp.firewall_policy.stateful_engine_options.rule_order #=> String, one of "DEFAULT_ACTION_ORDER", "STRICT_ORDER"
|
|
1423
|
+
# resp.firewall_policy.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE"
|
|
1422
1424
|
#
|
|
1423
1425
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DescribeFirewallPolicy AWS API Documentation
|
|
1424
1426
|
#
|
|
@@ -2454,6 +2456,7 @@ module Aws::NetworkFirewall
|
|
|
2454
2456
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
2455
2457
|
# stateful_engine_options: {
|
|
2456
2458
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
2459
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
2457
2460
|
# },
|
|
2458
2461
|
# },
|
|
2459
2462
|
# description: "Description",
|
|
@@ -2984,7 +2987,7 @@ module Aws::NetworkFirewall
|
|
|
2984
2987
|
params: params,
|
|
2985
2988
|
config: config)
|
|
2986
2989
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
|
2987
|
-
context[:gem_version] = '1.
|
|
2990
|
+
context[:gem_version] = '1.19.0'
|
|
2988
2991
|
Seahorse::Client::Request.new(handlers, context)
|
|
2989
2992
|
end
|
|
2990
2993
|
|
|
@@ -185,6 +185,7 @@ module Aws::NetworkFirewall
|
|
|
185
185
|
StatelessRuleGroupReferences = Shapes::ListShape.new(name: 'StatelessRuleGroupReferences')
|
|
186
186
|
StatelessRules = Shapes::ListShape.new(name: 'StatelessRules')
|
|
187
187
|
StatelessRulesAndCustomActions = Shapes::StructureShape.new(name: 'StatelessRulesAndCustomActions')
|
|
188
|
+
StreamExceptionPolicy = Shapes::StringShape.new(name: 'StreamExceptionPolicy')
|
|
188
189
|
SubnetMapping = Shapes::StructureShape.new(name: 'SubnetMapping')
|
|
189
190
|
SubnetMappings = Shapes::ListShape.new(name: 'SubnetMappings')
|
|
190
191
|
SyncState = Shapes::StructureShape.new(name: 'SyncState')
|
|
@@ -695,6 +696,7 @@ module Aws::NetworkFirewall
|
|
|
695
696
|
StatefulActions.member = Shapes::ShapeRef.new(shape: CollectionMember_String)
|
|
696
697
|
|
|
697
698
|
StatefulEngineOptions.add_member(:rule_order, Shapes::ShapeRef.new(shape: RuleOrder, location_name: "RuleOrder"))
|
|
699
|
+
StatefulEngineOptions.add_member(:stream_exception_policy, Shapes::ShapeRef.new(shape: StreamExceptionPolicy, location_name: "StreamExceptionPolicy"))
|
|
698
700
|
StatefulEngineOptions.struct_class = Types::StatefulEngineOptions
|
|
699
701
|
|
|
700
702
|
StatefulRule.add_member(:action, Shapes::ShapeRef.new(shape: StatefulAction, required: true, location_name: "Action"))
|
|
@@ -413,6 +413,7 @@ module Aws::NetworkFirewall
|
|
|
413
413
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
414
414
|
# stateful_engine_options: {
|
|
415
415
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
416
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
416
417
|
# },
|
|
417
418
|
# },
|
|
418
419
|
# description: "Description",
|
|
@@ -1933,6 +1934,7 @@ module Aws::NetworkFirewall
|
|
|
1933
1934
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
1934
1935
|
# stateful_engine_options: {
|
|
1935
1936
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
1937
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
1936
1938
|
# },
|
|
1937
1939
|
# }
|
|
1938
1940
|
#
|
|
@@ -3711,7 +3713,7 @@ module Aws::NetworkFirewall
|
|
|
3711
3713
|
#
|
|
3712
3714
|
#
|
|
3713
3715
|
#
|
|
3714
|
-
# [1]: https://suricata.readthedocs.io/
|
|
3716
|
+
# [1]: https://suricata.readthedocs.io/rules/intro.html#
|
|
3715
3717
|
# @return [Array<Types::StatefulRule>]
|
|
3716
3718
|
#
|
|
3717
3719
|
# @!attribute [rw] stateless_rules_and_custom_actions
|
|
@@ -3837,6 +3839,7 @@ module Aws::NetworkFirewall
|
|
|
3837
3839
|
#
|
|
3838
3840
|
# {
|
|
3839
3841
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
3842
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
3840
3843
|
# }
|
|
3841
3844
|
#
|
|
3842
3845
|
# @!attribute [rw] rule_order
|
|
@@ -3852,10 +3855,31 @@ module Aws::NetworkFirewall
|
|
|
3852
3855
|
# [1]: https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html
|
|
3853
3856
|
# @return [String]
|
|
3854
3857
|
#
|
|
3858
|
+
# @!attribute [rw] stream_exception_policy
|
|
3859
|
+
# Configures how Network Firewall processes traffic when a network
|
|
3860
|
+
# connection breaks midstream. Network connections can break due to
|
|
3861
|
+
# disruptions in external networks or within the firewall itself.
|
|
3862
|
+
#
|
|
3863
|
+
# * `DROP` - Network Firewall fails closed and drops all subsequent
|
|
3864
|
+
# traffic going to the firewall. This is the default behavior.
|
|
3865
|
+
#
|
|
3866
|
+
# * `CONTINUE` - Network Firewall continues to apply rules to the
|
|
3867
|
+
# subsequent traffic without context from traffic before the break.
|
|
3868
|
+
# This impacts the behavior of rules that depend on this context.
|
|
3869
|
+
# For example, if you have a stateful rule to `drop http` traffic,
|
|
3870
|
+
# Network Firewall won't match the traffic for this rule because
|
|
3871
|
+
# the service won't have the context from session initialization
|
|
3872
|
+
# defining the application layer protocol as HTTP. However, this
|
|
3873
|
+
# behavior is rule dependent—a TCP-layer rule using a
|
|
3874
|
+
# `flow:stateless` rule would still match, as would the
|
|
3875
|
+
# `aws:drop_strict` default action.
|
|
3876
|
+
# @return [String]
|
|
3877
|
+
#
|
|
3855
3878
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/StatefulEngineOptions AWS API Documentation
|
|
3856
3879
|
#
|
|
3857
3880
|
class StatefulEngineOptions < Struct.new(
|
|
3858
|
-
:rule_order
|
|
3881
|
+
:rule_order,
|
|
3882
|
+
:stream_exception_policy)
|
|
3859
3883
|
SENSITIVE = []
|
|
3860
3884
|
include Aws::Structure
|
|
3861
3885
|
end
|
|
@@ -3868,7 +3892,7 @@ module Aws::NetworkFirewall
|
|
|
3868
3892
|
#
|
|
3869
3893
|
#
|
|
3870
3894
|
#
|
|
3871
|
-
# [1]: https://suricata.readthedocs.io/
|
|
3895
|
+
# [1]: https://suricata.readthedocs.io/rules/intro.html#
|
|
3872
3896
|
#
|
|
3873
3897
|
# @note When making an API call, you may pass StatefulRule
|
|
3874
3898
|
# data as a hash:
|
|
@@ -4953,6 +4977,7 @@ module Aws::NetworkFirewall
|
|
|
4953
4977
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
4954
4978
|
# stateful_engine_options: {
|
|
4955
4979
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
4980
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
4956
4981
|
# },
|
|
4957
4982
|
# },
|
|
4958
4983
|
# description: "Description",
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-networkfirewall
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.19.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|