aws-sdk-networkfirewall 1.55.0 → 1.56.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: b2b7677fa98f8f7d1ad38b65bd6d340afe65a7c3834bbbd52207b44cce5194b7
4
- data.tar.gz: 6ea44510fe448aa9ff67e5744d61f8f631302e945ecd8208bd6d0bf2c542e497
3
+ metadata.gz: d377b97b0266e3fb5945898c8b89b617b0ade5789365deeae077a86a039a75d8
4
+ data.tar.gz: 792d56761eaaaeed2f3886cd99983e1e4e3a5373c749d7984f4044b87099c91d
5
5
  SHA512:
6
- metadata.gz: 7183c883c191a79d1014e52474dc1e25a494257bba020561e6e800989a9516655a00ea2b59c1eeff866025648b25df8643c0c800e36a346d2d7fba8c7fd11928
7
- data.tar.gz: e2b4749a09352f031eea60d9cf02b5a09e73d9afc28d22f66088d8cd49361f4432c06073807420e1959bc90d1cb691ad3800059e5be8a3cf26612c7bc327dbc7
6
+ metadata.gz: 9ef2d952a2c764907196adad4adcd0a7671c4a8adcff9c602cd2c62d8dac0169e77f4af2ff267d727c2b58009e0e9bbaa72acb941211bff74343c2ce4492a549
7
+ data.tar.gz: c28ca0bbf17f32fd46ef35972979786d951febda0b36b97a25b6bf2bbd69389a52a9e72156a84bd04a9705cc4eda751754344e8e81ae1c4caaae9fa395a09f70
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.56.0 (2024-10-30)
5
+ ------------------
6
+
7
+ * Feature - AWS Network Firewall now supports configuring TCP idle timeout
8
+
4
9
  1.55.0 (2024-10-18)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.55.0
1
+ 1.56.0
@@ -843,6 +843,9 @@ module Aws::NetworkFirewall
843
843
  # stateful_engine_options: {
844
844
  # rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
845
845
  # stream_exception_policy: "DROP", # accepts DROP, CONTINUE, REJECT
846
+ # flow_timeouts: {
847
+ # tcp_idle_timeout_seconds: 1,
848
+ # },
846
849
  # },
847
850
  # tls_inspection_configuration_arn: "ResourceArn",
848
851
  # policy_variables: {
@@ -1784,6 +1787,7 @@ module Aws::NetworkFirewall
1784
1787
  # resp.firewall_policy.stateful_default_actions[0] #=> String
1785
1788
  # resp.firewall_policy.stateful_engine_options.rule_order #=> String, one of "DEFAULT_ACTION_ORDER", "STRICT_ORDER"
1786
1789
  # resp.firewall_policy.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT"
1790
+ # resp.firewall_policy.stateful_engine_options.flow_timeouts.tcp_idle_timeout_seconds #=> Integer
1787
1791
  # resp.firewall_policy.tls_inspection_configuration_arn #=> String
1788
1792
  # resp.firewall_policy.policy_variables.rule_variables #=> Hash
1789
1793
  # resp.firewall_policy.policy_variables.rule_variables["RuleVariableName"].definition #=> Array
@@ -2963,6 +2967,9 @@ module Aws::NetworkFirewall
2963
2967
  # stateful_engine_options: {
2964
2968
  # rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
2965
2969
  # stream_exception_policy: "DROP", # accepts DROP, CONTINUE, REJECT
2970
+ # flow_timeouts: {
2971
+ # tcp_idle_timeout_seconds: 1,
2972
+ # },
2966
2973
  # },
2967
2974
  # tls_inspection_configuration_arn: "ResourceArn",
2968
2975
  # policy_variables: {
@@ -3678,7 +3685,7 @@ module Aws::NetworkFirewall
3678
3685
  tracer: tracer
3679
3686
  )
3680
3687
  context[:gem_name] = 'aws-sdk-networkfirewall'
3681
- context[:gem_version] = '1.55.0'
3688
+ context[:gem_version] = '1.56.0'
3682
3689
  Seahorse::Client::Request.new(handlers, context)
3683
3690
  end
3684
3691
 
@@ -93,6 +93,7 @@ module Aws::NetworkFirewall
93
93
  FirewallStatusValue = Shapes::StringShape.new(name: 'FirewallStatusValue')
94
94
  Firewalls = Shapes::ListShape.new(name: 'Firewalls')
95
95
  Flags = Shapes::ListShape.new(name: 'Flags')
96
+ FlowTimeouts = Shapes::StructureShape.new(name: 'FlowTimeouts')
96
97
  GeneratedRulesType = Shapes::StringShape.new(name: 'GeneratedRulesType')
97
98
  HashMapKey = Shapes::StringShape.new(name: 'HashMapKey')
98
99
  HashMapValue = Shapes::StringShape.new(name: 'HashMapValue')
@@ -234,6 +235,7 @@ module Aws::NetworkFirewall
234
235
  TagsPaginationMaxResults = Shapes::IntegerShape.new(name: 'TagsPaginationMaxResults')
235
236
  TargetType = Shapes::StringShape.new(name: 'TargetType')
236
237
  TargetTypes = Shapes::ListShape.new(name: 'TargetTypes')
238
+ TcpIdleTimeoutRangeBound = Shapes::IntegerShape.new(name: 'TcpIdleTimeoutRangeBound')
237
239
  ThrottlingException = Shapes::StructureShape.new(name: 'ThrottlingException')
238
240
  TlsCertificateData = Shapes::StructureShape.new(name: 'TlsCertificateData')
239
241
  UnsupportedOperationException = Shapes::StructureShape.new(name: 'UnsupportedOperationException')
@@ -566,6 +568,9 @@ module Aws::NetworkFirewall
566
568
 
567
569
  Flags.member = Shapes::ShapeRef.new(shape: TCPFlag)
568
570
 
571
+ FlowTimeouts.add_member(:tcp_idle_timeout_seconds, Shapes::ShapeRef.new(shape: TcpIdleTimeoutRangeBound, location_name: "TcpIdleTimeoutSeconds"))
572
+ FlowTimeouts.struct_class = Types::FlowTimeouts
573
+
569
574
  Header.add_member(:protocol, Shapes::ShapeRef.new(shape: StatefulRuleProtocol, required: true, location_name: "Protocol"))
570
575
  Header.add_member(:source, Shapes::ShapeRef.new(shape: Source, required: true, location_name: "Source"))
571
576
  Header.add_member(:source_port, Shapes::ShapeRef.new(shape: Port, required: true, location_name: "SourcePort"))
@@ -811,6 +816,7 @@ module Aws::NetworkFirewall
811
816
 
812
817
  StatefulEngineOptions.add_member(:rule_order, Shapes::ShapeRef.new(shape: RuleOrder, location_name: "RuleOrder"))
813
818
  StatefulEngineOptions.add_member(:stream_exception_policy, Shapes::ShapeRef.new(shape: StreamExceptionPolicy, location_name: "StreamExceptionPolicy"))
819
+ StatefulEngineOptions.add_member(:flow_timeouts, Shapes::ShapeRef.new(shape: FlowTimeouts, location_name: "FlowTimeouts"))
814
820
  StatefulEngineOptions.struct_class = Types::StatefulEngineOptions
815
821
 
816
822
  StatefulRule.add_member(:action, Shapes::ShapeRef.new(shape: StatefulAction, required: true, location_name: "Action"))
@@ -2150,6 +2150,34 @@ module Aws::NetworkFirewall
2150
2150
  include Aws::Structure
2151
2151
  end
2152
2152
 
2153
+ # Describes the amount of time that can pass without any traffic sent
2154
+ # through the firewall before the firewall determines that the
2155
+ # connection is idle and Network Firewall removes the flow entry from
2156
+ # its flow table. Existing connections and flows are not impacted when
2157
+ # you update this value. Only new connections after you update this
2158
+ # value are impacted.
2159
+ #
2160
+ # @!attribute [rw] tcp_idle_timeout_seconds
2161
+ # The number of seconds that can pass without any TCP traffic sent
2162
+ # through the firewall before the firewall determines that the
2163
+ # connection is idle. After the idle timeout passes, data packets are
2164
+ # dropped, however, the next TCP SYN packet is considered a new flow
2165
+ # and is processed by the firewall. Clients or targets can use TCP
2166
+ # keepalive packets to reset the idle timeout.
2167
+ #
2168
+ # You can define the `TcpIdleTimeoutSeconds` value to be between 60
2169
+ # and 6000 seconds. If no value is provided, it defaults to 350
2170
+ # seconds.
2171
+ # @return [Integer]
2172
+ #
2173
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/FlowTimeouts AWS API Documentation
2174
+ #
2175
+ class FlowTimeouts < Struct.new(
2176
+ :tcp_idle_timeout_seconds)
2177
+ SENSITIVE = []
2178
+ include Aws::Structure
2179
+ end
2180
+
2153
2181
  # The basic rule criteria for Network Firewall to use to inspect packet
2154
2182
  # headers in stateful traffic flow inspection. Traffic flows that match
2155
2183
  # the criteria are a match for the corresponding StatefulRule.
@@ -3687,11 +3715,18 @@ module Aws::NetworkFirewall
3687
3715
  # subsequent traffic.
3688
3716
  # @return [String]
3689
3717
  #
3718
+ # @!attribute [rw] flow_timeouts
3719
+ # Configures the amount of time that can pass without any traffic sent
3720
+ # through the firewall before the firewall determines that the
3721
+ # connection is idle.
3722
+ # @return [Types::FlowTimeouts]
3723
+ #
3690
3724
  # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/StatefulEngineOptions AWS API Documentation
3691
3725
  #
3692
3726
  class StatefulEngineOptions < Struct.new(
3693
3727
  :rule_order,
3694
- :stream_exception_policy)
3728
+ :stream_exception_policy,
3729
+ :flow_timeouts)
3695
3730
  SENSITIVE = []
3696
3731
  include Aws::Structure
3697
3732
  end
@@ -54,7 +54,7 @@ module Aws::NetworkFirewall
54
54
  autoload :EndpointProvider, 'aws-sdk-networkfirewall/endpoint_provider'
55
55
  autoload :Endpoints, 'aws-sdk-networkfirewall/endpoints'
56
56
 
57
- GEM_VERSION = '1.55.0'
57
+ GEM_VERSION = '1.56.0'
58
58
 
59
59
  end
60
60
 
data/sig/client.rbs CHANGED
@@ -189,7 +189,10 @@ module Aws
189
189
  stateful_default_actions: Array[::String]?,
190
190
  stateful_engine_options: {
191
191
  rule_order: ("DEFAULT_ACTION_ORDER" | "STRICT_ORDER")?,
192
- stream_exception_policy: ("DROP" | "CONTINUE" | "REJECT")?
192
+ stream_exception_policy: ("DROP" | "CONTINUE" | "REJECT")?,
193
+ flow_timeouts: {
194
+ tcp_idle_timeout_seconds: ::Integer?
195
+ }?
193
196
  }?,
194
197
  tls_inspection_configuration_arn: ::String?,
195
198
  policy_variables: {
@@ -770,7 +773,10 @@ module Aws
770
773
  stateful_default_actions: Array[::String]?,
771
774
  stateful_engine_options: {
772
775
  rule_order: ("DEFAULT_ACTION_ORDER" | "STRICT_ORDER")?,
773
- stream_exception_policy: ("DROP" | "CONTINUE" | "REJECT")?
776
+ stream_exception_policy: ("DROP" | "CONTINUE" | "REJECT")?,
777
+ flow_timeouts: {
778
+ tcp_idle_timeout_seconds: ::Integer?
779
+ }?
774
780
  }?,
775
781
  tls_inspection_configuration_arn: ::String?,
776
782
  policy_variables: {
data/sig/types.rbs CHANGED
@@ -400,6 +400,11 @@ module Aws::NetworkFirewall
400
400
  SENSITIVE: []
401
401
  end
402
402
 
403
+ class FlowTimeouts
404
+ attr_accessor tcp_idle_timeout_seconds: ::Integer
405
+ SENSITIVE: []
406
+ end
407
+
403
408
  class Header
404
409
  attr_accessor protocol: ("IP" | "TCP" | "UDP" | "ICMP" | "HTTP" | "FTP" | "TLS" | "SMB" | "DNS" | "DCERPC" | "SSH" | "SMTP" | "IMAP" | "MSN" | "KRB5" | "IKEV2" | "TFTP" | "NTP" | "DHCP")
405
410
  attr_accessor source: ::String
@@ -700,6 +705,7 @@ module Aws::NetworkFirewall
700
705
  class StatefulEngineOptions
701
706
  attr_accessor rule_order: ("DEFAULT_ACTION_ORDER" | "STRICT_ORDER")
702
707
  attr_accessor stream_exception_policy: ("DROP" | "CONTINUE" | "REJECT")
708
+ attr_accessor flow_timeouts: Types::FlowTimeouts
703
709
  SENSITIVE: []
704
710
  end
705
711
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-networkfirewall
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.55.0
4
+ version: 1.56.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-10-18 00:00:00.000000000 Z
11
+ date: 2024-10-30 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core