aws-sdk-networkfirewall 1.18.0 → 1.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +4 -1
- data/lib/aws-sdk-networkfirewall/client_api.rb +2 -0
- data/lib/aws-sdk-networkfirewall/types.rb +28 -3
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: be09ee175389ae3449ee0b6b244e4a6cb85248f68ae8bde115ae537d287c18f8
|
|
4
|
+
data.tar.gz: 7b4ec448cbb2f8e0d3d27ea2df20722412cedd32b9842a29038395da48788ae3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8664e5c493bae474d7fa36b98376961f25899deabb5c88192fd346c01af62c79a5697df7de4ce7afb06c3846f9484e7cd02435713fdd5c2c7e459fb61b61f8cf
|
|
7
|
+
data.tar.gz: '0690ea32a49da14aaf14afa86002f580f6157466b56153b14f10207110acb8cf0776744b136a19658eb2b297af6a7e023866e71e97eff74f31ff1b6bb0d4e5db'
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.19.0 (2022-10-05)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - StreamExceptionPolicy configures how AWS Network Firewall processes traffic when a network connection breaks midstream
|
|
8
|
+
|
|
4
9
|
1.18.0 (2022-07-21)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.19.0
|
|
@@ -744,6 +744,7 @@ module Aws::NetworkFirewall
|
|
|
744
744
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
745
745
|
# stateful_engine_options: {
|
|
746
746
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
747
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
747
748
|
# },
|
|
748
749
|
# },
|
|
749
750
|
# description: "Description",
|
|
@@ -1419,6 +1420,7 @@ module Aws::NetworkFirewall
|
|
|
1419
1420
|
# resp.firewall_policy.stateful_default_actions #=> Array
|
|
1420
1421
|
# resp.firewall_policy.stateful_default_actions[0] #=> String
|
|
1421
1422
|
# resp.firewall_policy.stateful_engine_options.rule_order #=> String, one of "DEFAULT_ACTION_ORDER", "STRICT_ORDER"
|
|
1423
|
+
# resp.firewall_policy.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE"
|
|
1422
1424
|
#
|
|
1423
1425
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DescribeFirewallPolicy AWS API Documentation
|
|
1424
1426
|
#
|
|
@@ -2454,6 +2456,7 @@ module Aws::NetworkFirewall
|
|
|
2454
2456
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
2455
2457
|
# stateful_engine_options: {
|
|
2456
2458
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
2459
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
2457
2460
|
# },
|
|
2458
2461
|
# },
|
|
2459
2462
|
# description: "Description",
|
|
@@ -2984,7 +2987,7 @@ module Aws::NetworkFirewall
|
|
|
2984
2987
|
params: params,
|
|
2985
2988
|
config: config)
|
|
2986
2989
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
|
2987
|
-
context[:gem_version] = '1.
|
|
2990
|
+
context[:gem_version] = '1.19.0'
|
|
2988
2991
|
Seahorse::Client::Request.new(handlers, context)
|
|
2989
2992
|
end
|
|
2990
2993
|
|
|
@@ -185,6 +185,7 @@ module Aws::NetworkFirewall
|
|
|
185
185
|
StatelessRuleGroupReferences = Shapes::ListShape.new(name: 'StatelessRuleGroupReferences')
|
|
186
186
|
StatelessRules = Shapes::ListShape.new(name: 'StatelessRules')
|
|
187
187
|
StatelessRulesAndCustomActions = Shapes::StructureShape.new(name: 'StatelessRulesAndCustomActions')
|
|
188
|
+
StreamExceptionPolicy = Shapes::StringShape.new(name: 'StreamExceptionPolicy')
|
|
188
189
|
SubnetMapping = Shapes::StructureShape.new(name: 'SubnetMapping')
|
|
189
190
|
SubnetMappings = Shapes::ListShape.new(name: 'SubnetMappings')
|
|
190
191
|
SyncState = Shapes::StructureShape.new(name: 'SyncState')
|
|
@@ -695,6 +696,7 @@ module Aws::NetworkFirewall
|
|
|
695
696
|
StatefulActions.member = Shapes::ShapeRef.new(shape: CollectionMember_String)
|
|
696
697
|
|
|
697
698
|
StatefulEngineOptions.add_member(:rule_order, Shapes::ShapeRef.new(shape: RuleOrder, location_name: "RuleOrder"))
|
|
699
|
+
StatefulEngineOptions.add_member(:stream_exception_policy, Shapes::ShapeRef.new(shape: StreamExceptionPolicy, location_name: "StreamExceptionPolicy"))
|
|
698
700
|
StatefulEngineOptions.struct_class = Types::StatefulEngineOptions
|
|
699
701
|
|
|
700
702
|
StatefulRule.add_member(:action, Shapes::ShapeRef.new(shape: StatefulAction, required: true, location_name: "Action"))
|
|
@@ -413,6 +413,7 @@ module Aws::NetworkFirewall
|
|
|
413
413
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
414
414
|
# stateful_engine_options: {
|
|
415
415
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
416
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
416
417
|
# },
|
|
417
418
|
# },
|
|
418
419
|
# description: "Description",
|
|
@@ -1933,6 +1934,7 @@ module Aws::NetworkFirewall
|
|
|
1933
1934
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
1934
1935
|
# stateful_engine_options: {
|
|
1935
1936
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
1937
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
1936
1938
|
# },
|
|
1937
1939
|
# }
|
|
1938
1940
|
#
|
|
@@ -3711,7 +3713,7 @@ module Aws::NetworkFirewall
|
|
|
3711
3713
|
#
|
|
3712
3714
|
#
|
|
3713
3715
|
#
|
|
3714
|
-
# [1]: https://suricata.readthedocs.io/
|
|
3716
|
+
# [1]: https://suricata.readthedocs.io/rules/intro.html#
|
|
3715
3717
|
# @return [Array<Types::StatefulRule>]
|
|
3716
3718
|
#
|
|
3717
3719
|
# @!attribute [rw] stateless_rules_and_custom_actions
|
|
@@ -3837,6 +3839,7 @@ module Aws::NetworkFirewall
|
|
|
3837
3839
|
#
|
|
3838
3840
|
# {
|
|
3839
3841
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
3842
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
3840
3843
|
# }
|
|
3841
3844
|
#
|
|
3842
3845
|
# @!attribute [rw] rule_order
|
|
@@ -3852,10 +3855,31 @@ module Aws::NetworkFirewall
|
|
|
3852
3855
|
# [1]: https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html
|
|
3853
3856
|
# @return [String]
|
|
3854
3857
|
#
|
|
3858
|
+
# @!attribute [rw] stream_exception_policy
|
|
3859
|
+
# Configures how Network Firewall processes traffic when a network
|
|
3860
|
+
# connection breaks midstream. Network connections can break due to
|
|
3861
|
+
# disruptions in external networks or within the firewall itself.
|
|
3862
|
+
#
|
|
3863
|
+
# * `DROP` - Network Firewall fails closed and drops all subsequent
|
|
3864
|
+
# traffic going to the firewall. This is the default behavior.
|
|
3865
|
+
#
|
|
3866
|
+
# * `CONTINUE` - Network Firewall continues to apply rules to the
|
|
3867
|
+
# subsequent traffic without context from traffic before the break.
|
|
3868
|
+
# This impacts the behavior of rules that depend on this context.
|
|
3869
|
+
# For example, if you have a stateful rule to `drop http` traffic,
|
|
3870
|
+
# Network Firewall won't match the traffic for this rule because
|
|
3871
|
+
# the service won't have the context from session initialization
|
|
3872
|
+
# defining the application layer protocol as HTTP. However, this
|
|
3873
|
+
# behavior is rule dependent—a TCP-layer rule using a
|
|
3874
|
+
# `flow:stateless` rule would still match, as would the
|
|
3875
|
+
# `aws:drop_strict` default action.
|
|
3876
|
+
# @return [String]
|
|
3877
|
+
#
|
|
3855
3878
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/StatefulEngineOptions AWS API Documentation
|
|
3856
3879
|
#
|
|
3857
3880
|
class StatefulEngineOptions < Struct.new(
|
|
3858
|
-
:rule_order
|
|
3881
|
+
:rule_order,
|
|
3882
|
+
:stream_exception_policy)
|
|
3859
3883
|
SENSITIVE = []
|
|
3860
3884
|
include Aws::Structure
|
|
3861
3885
|
end
|
|
@@ -3868,7 +3892,7 @@ module Aws::NetworkFirewall
|
|
|
3868
3892
|
#
|
|
3869
3893
|
#
|
|
3870
3894
|
#
|
|
3871
|
-
# [1]: https://suricata.readthedocs.io/
|
|
3895
|
+
# [1]: https://suricata.readthedocs.io/rules/intro.html#
|
|
3872
3896
|
#
|
|
3873
3897
|
# @note When making an API call, you may pass StatefulRule
|
|
3874
3898
|
# data as a hash:
|
|
@@ -4953,6 +4977,7 @@ module Aws::NetworkFirewall
|
|
|
4953
4977
|
# stateful_default_actions: ["CollectionMember_String"],
|
|
4954
4978
|
# stateful_engine_options: {
|
|
4955
4979
|
# rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
|
|
4980
|
+
# stream_exception_policy: "DROP", # accepts DROP, CONTINUE
|
|
4956
4981
|
# },
|
|
4957
4982
|
# },
|
|
4958
4983
|
# description: "Description",
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-networkfirewall
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.19.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-10-05 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|