aws-sdk-networkfirewall 1.17.0 → 1.18.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-networkfirewall/client.rb +35 -7
- data/lib/aws-sdk-networkfirewall/client_api.rb +35 -0
- data/lib/aws-sdk-networkfirewall/types.rb +161 -1
- data/lib/aws-sdk-networkfirewall.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: b13f43ce3588c6c4542cafe04c38770518df59d8ac1d51f4544ea0ef03bae8cb
|
|
4
|
+
data.tar.gz: 2e8adacc2451fe8f264e0b67b870a1bbd700c292a67bb1a9c528b96e4dc66020
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 9204851dd108b726d1945b131d1c288ddec3987732d9ab6fe12b776b14fe107c607e4bc65dc69406c9edd03f5a319dc0e92728927563a94db9e740caf23809eb
|
|
7
|
+
data.tar.gz: 57ade2ad3ac3df5424ec6dab830ca3593855995dac31e88c0e6f97b1a5730d61359b2bca58873b7bce112c2a7270c69e0ae6886cc8662c3110711441ad19340a
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.18.0 (2022-07-21)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Network Firewall now supports referencing dynamic IP sets from stateful rule groups, for IP sets stored in Amazon VPC prefix lists.
|
|
8
|
+
|
|
4
9
|
1.17.0 (2022-04-28)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.18.0
|
|
@@ -638,14 +638,18 @@ module Aws::NetworkFirewall
|
|
|
638
638
|
# resp.firewall.encryption_configuration.key_id #=> String
|
|
639
639
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
|
640
640
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
|
641
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
|
641
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
642
642
|
# resp.firewall_status.sync_states #=> Hash
|
|
643
643
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
|
644
644
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
|
645
645
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
|
646
646
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
|
647
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
|
647
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
648
648
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
|
649
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
|
650
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
|
651
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
|
652
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
|
649
653
|
#
|
|
650
654
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CreateFirewall AWS API Documentation
|
|
651
655
|
#
|
|
@@ -922,6 +926,13 @@ module Aws::NetworkFirewall
|
|
|
922
926
|
# },
|
|
923
927
|
# },
|
|
924
928
|
# },
|
|
929
|
+
# reference_sets: {
|
|
930
|
+
# ip_set_references: {
|
|
931
|
+
# "IPSetReferenceName" => {
|
|
932
|
+
# reference_arn: "ResourceArn",
|
|
933
|
+
# },
|
|
934
|
+
# },
|
|
935
|
+
# },
|
|
925
936
|
# rules_source: { # required
|
|
926
937
|
# rules_string: "RulesString",
|
|
927
938
|
# rules_source_list: {
|
|
@@ -1118,14 +1129,18 @@ module Aws::NetworkFirewall
|
|
|
1118
1129
|
# resp.firewall.encryption_configuration.key_id #=> String
|
|
1119
1130
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
|
1120
1131
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
|
1121
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
|
1132
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
1122
1133
|
# resp.firewall_status.sync_states #=> Hash
|
|
1123
1134
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
|
1124
1135
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
|
1125
1136
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
|
1126
1137
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
|
1127
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
|
1138
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
1128
1139
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
|
1140
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
|
1141
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
|
1142
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
|
1143
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
|
1129
1144
|
#
|
|
1130
1145
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DeleteFirewall AWS API Documentation
|
|
1131
1146
|
#
|
|
@@ -1321,14 +1336,18 @@ module Aws::NetworkFirewall
|
|
|
1321
1336
|
# resp.firewall.encryption_configuration.key_id #=> String
|
|
1322
1337
|
# resp.firewall.encryption_configuration.type #=> String, one of "CUSTOMER_KMS", "AWS_OWNED_KMS_KEY"
|
|
1323
1338
|
# resp.firewall_status.status #=> String, one of "PROVISIONING", "DELETING", "READY"
|
|
1324
|
-
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC"
|
|
1339
|
+
# resp.firewall_status.configuration_sync_state_summary #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
1325
1340
|
# resp.firewall_status.sync_states #=> Hash
|
|
1326
1341
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
|
|
1327
1342
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
|
|
1328
1343
|
# resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY"
|
|
1329
1344
|
# resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
|
|
1330
|
-
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC"
|
|
1345
|
+
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
|
|
1331
1346
|
# resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].update_token #=> String
|
|
1347
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.available_cidr_count #=> Integer
|
|
1348
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.utilized_cidr_count #=> Integer
|
|
1349
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references #=> Hash
|
|
1350
|
+
# resp.firewall_status.capacity_usage_summary.cid_rs.ip_set_references["IPSetArn"].resolved_cidr_count #=> Integer
|
|
1332
1351
|
#
|
|
1333
1352
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DescribeFirewall AWS API Documentation
|
|
1334
1353
|
#
|
|
@@ -1529,6 +1548,8 @@ module Aws::NetworkFirewall
|
|
|
1529
1548
|
# resp.rule_group.rule_variables.port_sets #=> Hash
|
|
1530
1549
|
# resp.rule_group.rule_variables.port_sets["RuleVariableName"].definition #=> Array
|
|
1531
1550
|
# resp.rule_group.rule_variables.port_sets["RuleVariableName"].definition[0] #=> String
|
|
1551
|
+
# resp.rule_group.reference_sets.ip_set_references #=> Hash
|
|
1552
|
+
# resp.rule_group.reference_sets.ip_set_references["IPSetReferenceName"].reference_arn #=> String
|
|
1532
1553
|
# resp.rule_group.rules_source.rules_string #=> String
|
|
1533
1554
|
# resp.rule_group.rules_source.rules_source_list.targets #=> Array
|
|
1534
1555
|
# resp.rule_group.rules_source.rules_source_list.targets[0] #=> String
|
|
@@ -2743,6 +2764,13 @@ module Aws::NetworkFirewall
|
|
|
2743
2764
|
# },
|
|
2744
2765
|
# },
|
|
2745
2766
|
# },
|
|
2767
|
+
# reference_sets: {
|
|
2768
|
+
# ip_set_references: {
|
|
2769
|
+
# "IPSetReferenceName" => {
|
|
2770
|
+
# reference_arn: "ResourceArn",
|
|
2771
|
+
# },
|
|
2772
|
+
# },
|
|
2773
|
+
# },
|
|
2746
2774
|
# rules_source: { # required
|
|
2747
2775
|
# rules_string: "RulesString",
|
|
2748
2776
|
# rules_source_list: {
|
|
@@ -2956,7 +2984,7 @@ module Aws::NetworkFirewall
|
|
|
2956
2984
|
params: params,
|
|
2957
2985
|
config: config)
|
|
2958
2986
|
context[:gem_name] = 'aws-sdk-networkfirewall'
|
|
2959
|
-
context[:gem_version] = '1.
|
|
2987
|
+
context[:gem_version] = '1.18.0'
|
|
2960
2988
|
Seahorse::Client::Request.new(handlers, context)
|
|
2961
2989
|
end
|
|
2962
2990
|
|
|
@@ -28,6 +28,9 @@ module Aws::NetworkFirewall
|
|
|
28
28
|
AzSubnet = Shapes::StringShape.new(name: 'AzSubnet')
|
|
29
29
|
AzSubnets = Shapes::ListShape.new(name: 'AzSubnets')
|
|
30
30
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
|
31
|
+
CIDRCount = Shapes::IntegerShape.new(name: 'CIDRCount')
|
|
32
|
+
CIDRSummary = Shapes::StructureShape.new(name: 'CIDRSummary')
|
|
33
|
+
CapacityUsageSummary = Shapes::StructureShape.new(name: 'CapacityUsageSummary')
|
|
31
34
|
CollectionMember_String = Shapes::StringShape.new(name: 'CollectionMember_String')
|
|
32
35
|
ConfigurationSyncState = Shapes::StringShape.new(name: 'ConfigurationSyncState')
|
|
33
36
|
CreateFirewallPolicyRequest = Shapes::StructureShape.new(name: 'CreateFirewallPolicyRequest')
|
|
@@ -84,6 +87,12 @@ module Aws::NetworkFirewall
|
|
|
84
87
|
HashMapValue = Shapes::StringShape.new(name: 'HashMapValue')
|
|
85
88
|
Header = Shapes::StructureShape.new(name: 'Header')
|
|
86
89
|
IPSet = Shapes::StructureShape.new(name: 'IPSet')
|
|
90
|
+
IPSetArn = Shapes::StringShape.new(name: 'IPSetArn')
|
|
91
|
+
IPSetMetadata = Shapes::StructureShape.new(name: 'IPSetMetadata')
|
|
92
|
+
IPSetMetadataMap = Shapes::MapShape.new(name: 'IPSetMetadataMap')
|
|
93
|
+
IPSetReference = Shapes::StructureShape.new(name: 'IPSetReference')
|
|
94
|
+
IPSetReferenceMap = Shapes::MapShape.new(name: 'IPSetReferenceMap')
|
|
95
|
+
IPSetReferenceName = Shapes::StringShape.new(name: 'IPSetReferenceName')
|
|
87
96
|
IPSets = Shapes::MapShape.new(name: 'IPSets')
|
|
88
97
|
InsufficientCapacityException = Shapes::StructureShape.new(name: 'InsufficientCapacityException')
|
|
89
98
|
InternalServerError = Shapes::StructureShape.new(name: 'InternalServerError')
|
|
@@ -130,6 +139,7 @@ module Aws::NetworkFirewall
|
|
|
130
139
|
PublishMetricAction = Shapes::StructureShape.new(name: 'PublishMetricAction')
|
|
131
140
|
PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
|
|
132
141
|
PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
|
|
142
|
+
ReferenceSets = Shapes::StructureShape.new(name: 'ReferenceSets')
|
|
133
143
|
ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
|
|
134
144
|
ResourceId = Shapes::StringShape.new(name: 'ResourceId')
|
|
135
145
|
ResourceManagedStatus = Shapes::StringShape.new(name: 'ResourceManagedStatus')
|
|
@@ -258,6 +268,14 @@ module Aws::NetworkFirewall
|
|
|
258
268
|
|
|
259
269
|
AzSubnets.member = Shapes::ShapeRef.new(shape: AzSubnet)
|
|
260
270
|
|
|
271
|
+
CIDRSummary.add_member(:available_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "AvailableCIDRCount"))
|
|
272
|
+
CIDRSummary.add_member(:utilized_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "UtilizedCIDRCount"))
|
|
273
|
+
CIDRSummary.add_member(:ip_set_references, Shapes::ShapeRef.new(shape: IPSetMetadataMap, location_name: "IPSetReferences"))
|
|
274
|
+
CIDRSummary.struct_class = Types::CIDRSummary
|
|
275
|
+
|
|
276
|
+
CapacityUsageSummary.add_member(:cid_rs, Shapes::ShapeRef.new(shape: CIDRSummary, location_name: "CIDRs"))
|
|
277
|
+
CapacityUsageSummary.struct_class = Types::CapacityUsageSummary
|
|
278
|
+
|
|
261
279
|
CreateFirewallPolicyRequest.add_member(:firewall_policy_name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "FirewallPolicyName"))
|
|
262
280
|
CreateFirewallPolicyRequest.add_member(:firewall_policy, Shapes::ShapeRef.new(shape: FirewallPolicy, required: true, location_name: "FirewallPolicy"))
|
|
263
281
|
CreateFirewallPolicyRequest.add_member(:description, Shapes::ShapeRef.new(shape: Description, location_name: "Description"))
|
|
@@ -462,6 +480,7 @@ module Aws::NetworkFirewall
|
|
|
462
480
|
FirewallStatus.add_member(:status, Shapes::ShapeRef.new(shape: FirewallStatusValue, required: true, location_name: "Status"))
|
|
463
481
|
FirewallStatus.add_member(:configuration_sync_state_summary, Shapes::ShapeRef.new(shape: ConfigurationSyncState, required: true, location_name: "ConfigurationSyncStateSummary"))
|
|
464
482
|
FirewallStatus.add_member(:sync_states, Shapes::ShapeRef.new(shape: SyncStates, location_name: "SyncStates"))
|
|
483
|
+
FirewallStatus.add_member(:capacity_usage_summary, Shapes::ShapeRef.new(shape: CapacityUsageSummary, location_name: "CapacityUsageSummary"))
|
|
465
484
|
FirewallStatus.struct_class = Types::FirewallStatus
|
|
466
485
|
|
|
467
486
|
Firewalls.member = Shapes::ShapeRef.new(shape: FirewallMetadata)
|
|
@@ -479,6 +498,18 @@ module Aws::NetworkFirewall
|
|
|
479
498
|
IPSet.add_member(:definition, Shapes::ShapeRef.new(shape: VariableDefinitionList, required: true, location_name: "Definition"))
|
|
480
499
|
IPSet.struct_class = Types::IPSet
|
|
481
500
|
|
|
501
|
+
IPSetMetadata.add_member(:resolved_cidr_count, Shapes::ShapeRef.new(shape: CIDRCount, location_name: "ResolvedCIDRCount"))
|
|
502
|
+
IPSetMetadata.struct_class = Types::IPSetMetadata
|
|
503
|
+
|
|
504
|
+
IPSetMetadataMap.key = Shapes::ShapeRef.new(shape: IPSetArn)
|
|
505
|
+
IPSetMetadataMap.value = Shapes::ShapeRef.new(shape: IPSetMetadata)
|
|
506
|
+
|
|
507
|
+
IPSetReference.add_member(:reference_arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "ReferenceArn"))
|
|
508
|
+
IPSetReference.struct_class = Types::IPSetReference
|
|
509
|
+
|
|
510
|
+
IPSetReferenceMap.key = Shapes::ShapeRef.new(shape: IPSetReferenceName)
|
|
511
|
+
IPSetReferenceMap.value = Shapes::ShapeRef.new(shape: IPSetReference)
|
|
512
|
+
|
|
482
513
|
IPSets.key = Shapes::ShapeRef.new(shape: RuleVariableName)
|
|
483
514
|
IPSets.value = Shapes::ShapeRef.new(shape: IPSet)
|
|
484
515
|
|
|
@@ -591,6 +622,9 @@ module Aws::NetworkFirewall
|
|
|
591
622
|
|
|
592
623
|
PutResourcePolicyResponse.struct_class = Types::PutResourcePolicyResponse
|
|
593
624
|
|
|
625
|
+
ReferenceSets.add_member(:ip_set_references, Shapes::ShapeRef.new(shape: IPSetReferenceMap, location_name: "IPSetReferences"))
|
|
626
|
+
ReferenceSets.struct_class = Types::ReferenceSets
|
|
627
|
+
|
|
594
628
|
ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "Message"))
|
|
595
629
|
ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
|
|
596
630
|
|
|
@@ -602,6 +636,7 @@ module Aws::NetworkFirewall
|
|
|
602
636
|
RuleDefinition.struct_class = Types::RuleDefinition
|
|
603
637
|
|
|
604
638
|
RuleGroup.add_member(:rule_variables, Shapes::ShapeRef.new(shape: RuleVariables, location_name: "RuleVariables"))
|
|
639
|
+
RuleGroup.add_member(:reference_sets, Shapes::ShapeRef.new(shape: ReferenceSets, location_name: "ReferenceSets"))
|
|
605
640
|
RuleGroup.add_member(:rules_source, Shapes::ShapeRef.new(shape: RulesSource, required: true, location_name: "RulesSource"))
|
|
606
641
|
RuleGroup.add_member(:stateful_rule_options, Shapes::ShapeRef.new(shape: StatefulRuleOptions, location_name: "StatefulRuleOptions"))
|
|
607
642
|
RuleGroup.struct_class = Types::RuleGroup
|
|
@@ -329,6 +329,50 @@ module Aws::NetworkFirewall
|
|
|
329
329
|
include Aws::Structure
|
|
330
330
|
end
|
|
331
331
|
|
|
332
|
+
# Summarizes the CIDR blocks used by the IP set references in a
|
|
333
|
+
# firewall. Network Firewall calculates the number of CIDRs by taking an
|
|
334
|
+
# aggregated count of all CIDRs used by the IP sets you are referencing.
|
|
335
|
+
#
|
|
336
|
+
# @!attribute [rw] available_cidr_count
|
|
337
|
+
# The number of CIDR blocks available for use by the IP set references
|
|
338
|
+
# in a firewall.
|
|
339
|
+
# @return [Integer]
|
|
340
|
+
#
|
|
341
|
+
# @!attribute [rw] utilized_cidr_count
|
|
342
|
+
# The number of CIDR blocks used by the IP set references in a
|
|
343
|
+
# firewall.
|
|
344
|
+
# @return [Integer]
|
|
345
|
+
#
|
|
346
|
+
# @!attribute [rw] ip_set_references
|
|
347
|
+
# The list of the IP set references used by a firewall.
|
|
348
|
+
# @return [Hash<String,Types::IPSetMetadata>]
|
|
349
|
+
#
|
|
350
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CIDRSummary AWS API Documentation
|
|
351
|
+
#
|
|
352
|
+
class CIDRSummary < Struct.new(
|
|
353
|
+
:available_cidr_count,
|
|
354
|
+
:utilized_cidr_count,
|
|
355
|
+
:ip_set_references)
|
|
356
|
+
SENSITIVE = []
|
|
357
|
+
include Aws::Structure
|
|
358
|
+
end
|
|
359
|
+
|
|
360
|
+
# The capacity usage summary of the resources used by the ReferenceSets
|
|
361
|
+
# in a firewall.
|
|
362
|
+
#
|
|
363
|
+
# @!attribute [rw] cid_rs
|
|
364
|
+
# Describes the capacity usage of the CIDR blocks used by the IP set
|
|
365
|
+
# references in a firewall.
|
|
366
|
+
# @return [Types::CIDRSummary]
|
|
367
|
+
#
|
|
368
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CapacityUsageSummary AWS API Documentation
|
|
369
|
+
#
|
|
370
|
+
class CapacityUsageSummary < Struct.new(
|
|
371
|
+
:cid_rs)
|
|
372
|
+
SENSITIVE = []
|
|
373
|
+
include Aws::Structure
|
|
374
|
+
end
|
|
375
|
+
|
|
332
376
|
# @note When making an API call, you may pass CreateFirewallPolicyRequest
|
|
333
377
|
# data as a hash:
|
|
334
378
|
#
|
|
@@ -609,6 +653,13 @@ module Aws::NetworkFirewall
|
|
|
609
653
|
# },
|
|
610
654
|
# },
|
|
611
655
|
# },
|
|
656
|
+
# reference_sets: {
|
|
657
|
+
# ip_set_references: {
|
|
658
|
+
# "IPSetReferenceName" => {
|
|
659
|
+
# reference_arn: "ResourceArn",
|
|
660
|
+
# },
|
|
661
|
+
# },
|
|
662
|
+
# },
|
|
612
663
|
# rules_source: { # required
|
|
613
664
|
# rules_string: "RulesString",
|
|
614
665
|
# rules_source_list: {
|
|
@@ -2120,12 +2171,20 @@ module Aws::NetworkFirewall
|
|
|
2120
2171
|
# and configuration object.
|
|
2121
2172
|
# @return [Hash<String,Types::SyncState>]
|
|
2122
2173
|
#
|
|
2174
|
+
# @!attribute [rw] capacity_usage_summary
|
|
2175
|
+
# Describes the capacity usage of the resources contained in a
|
|
2176
|
+
# firewall's reference sets. Network Firewall calclulates the
|
|
2177
|
+
# capacity usage by taking an aggregated count of all of the resources
|
|
2178
|
+
# used by all of the reference sets in a firewall.
|
|
2179
|
+
# @return [Types::CapacityUsageSummary]
|
|
2180
|
+
#
|
|
2123
2181
|
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/FirewallStatus AWS API Documentation
|
|
2124
2182
|
#
|
|
2125
2183
|
class FirewallStatus < Struct.new(
|
|
2126
2184
|
:status,
|
|
2127
2185
|
:configuration_sync_state_summary,
|
|
2128
|
-
:sync_states
|
|
2186
|
+
:sync_states,
|
|
2187
|
+
:capacity_usage_summary)
|
|
2129
2188
|
SENSITIVE = []
|
|
2130
2189
|
include Aws::Structure
|
|
2131
2190
|
end
|
|
@@ -2255,6 +2314,63 @@ module Aws::NetworkFirewall
|
|
|
2255
2314
|
include Aws::Structure
|
|
2256
2315
|
end
|
|
2257
2316
|
|
|
2317
|
+
# General information about the IP set.
|
|
2318
|
+
#
|
|
2319
|
+
# @!attribute [rw] resolved_cidr_count
|
|
2320
|
+
# Describes the total number of CIDR blocks currently in use by the IP
|
|
2321
|
+
# set references in a firewall. To determine how many CIDR blocks are
|
|
2322
|
+
# available for you to use in a firewall, you can call
|
|
2323
|
+
# `AvailableCIDRCount`.
|
|
2324
|
+
# @return [Integer]
|
|
2325
|
+
#
|
|
2326
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/IPSetMetadata AWS API Documentation
|
|
2327
|
+
#
|
|
2328
|
+
class IPSetMetadata < Struct.new(
|
|
2329
|
+
:resolved_cidr_count)
|
|
2330
|
+
SENSITIVE = []
|
|
2331
|
+
include Aws::Structure
|
|
2332
|
+
end
|
|
2333
|
+
|
|
2334
|
+
# Configures one or more IP set references for a Suricata-compatible
|
|
2335
|
+
# rule group. This is used in CreateRuleGroup or UpdateRuleGroup. An IP
|
|
2336
|
+
# set reference is a rule variable that references a resource that you
|
|
2337
|
+
# create and manage in another Amazon Web Services service, such as an
|
|
2338
|
+
# Amazon VPC prefix list. Network Firewall IP set references enable you
|
|
2339
|
+
# to dynamically update the contents of your rules. When you create,
|
|
2340
|
+
# update, or delete the IP set you are referencing in your rule, Network
|
|
2341
|
+
# Firewall automatically updates the rule's content with the changes.
|
|
2342
|
+
# For more information about IP set references in Network Firewall, see
|
|
2343
|
+
# [Using IP set references][1] in the *Network Firewall Developer
|
|
2344
|
+
# Guide*.
|
|
2345
|
+
#
|
|
2346
|
+
# Network Firewall currently supports only [Amazon VPC prefix lists][2]
|
|
2347
|
+
# as IP set references.
|
|
2348
|
+
#
|
|
2349
|
+
#
|
|
2350
|
+
#
|
|
2351
|
+
# [1]: https://docs.aws.amazon.com/network-firewall/latest/developerguide/rule-groups-ip-set-references
|
|
2352
|
+
# [2]: https://docs.aws.amazon.com/vpc/latest/userguide/managed-prefix-lists.html
|
|
2353
|
+
#
|
|
2354
|
+
# @note When making an API call, you may pass IPSetReference
|
|
2355
|
+
# data as a hash:
|
|
2356
|
+
#
|
|
2357
|
+
# {
|
|
2358
|
+
# reference_arn: "ResourceArn",
|
|
2359
|
+
# }
|
|
2360
|
+
#
|
|
2361
|
+
# @!attribute [rw] reference_arn
|
|
2362
|
+
# The Amazon Resource Name (ARN) of the resource that you are
|
|
2363
|
+
# referencing in your rule group.
|
|
2364
|
+
# @return [String]
|
|
2365
|
+
#
|
|
2366
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/IPSetReference AWS API Documentation
|
|
2367
|
+
#
|
|
2368
|
+
class IPSetReference < Struct.new(
|
|
2369
|
+
:reference_arn)
|
|
2370
|
+
SENSITIVE = []
|
|
2371
|
+
include Aws::Structure
|
|
2372
|
+
end
|
|
2373
|
+
|
|
2258
2374
|
# Amazon Web Services doesn't currently have enough available capacity
|
|
2259
2375
|
# to fulfill your request. Try your request later.
|
|
2260
2376
|
#
|
|
@@ -2983,6 +3099,31 @@ module Aws::NetworkFirewall
|
|
|
2983
3099
|
#
|
|
2984
3100
|
class PutResourcePolicyResponse < Aws::EmptyStructure; end
|
|
2985
3101
|
|
|
3102
|
+
# Contains a set of IP set references.
|
|
3103
|
+
#
|
|
3104
|
+
# @note When making an API call, you may pass ReferenceSets
|
|
3105
|
+
# data as a hash:
|
|
3106
|
+
#
|
|
3107
|
+
# {
|
|
3108
|
+
# ip_set_references: {
|
|
3109
|
+
# "IPSetReferenceName" => {
|
|
3110
|
+
# reference_arn: "ResourceArn",
|
|
3111
|
+
# },
|
|
3112
|
+
# },
|
|
3113
|
+
# }
|
|
3114
|
+
#
|
|
3115
|
+
# @!attribute [rw] ip_set_references
|
|
3116
|
+
# The list of IP set references.
|
|
3117
|
+
# @return [Hash<String,Types::IPSetReference>]
|
|
3118
|
+
#
|
|
3119
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/ReferenceSets AWS API Documentation
|
|
3120
|
+
#
|
|
3121
|
+
class ReferenceSets < Struct.new(
|
|
3122
|
+
:ip_set_references)
|
|
3123
|
+
SENSITIVE = []
|
|
3124
|
+
include Aws::Structure
|
|
3125
|
+
end
|
|
3126
|
+
|
|
2986
3127
|
# Unable to locate a resource using the parameters that you provided.
|
|
2987
3128
|
#
|
|
2988
3129
|
# @!attribute [rw] message
|
|
@@ -3136,6 +3277,13 @@ module Aws::NetworkFirewall
|
|
|
3136
3277
|
# },
|
|
3137
3278
|
# },
|
|
3138
3279
|
# },
|
|
3280
|
+
# reference_sets: {
|
|
3281
|
+
# ip_set_references: {
|
|
3282
|
+
# "IPSetReferenceName" => {
|
|
3283
|
+
# reference_arn: "ResourceArn",
|
|
3284
|
+
# },
|
|
3285
|
+
# },
|
|
3286
|
+
# },
|
|
3139
3287
|
# rules_source: { # required
|
|
3140
3288
|
# rules_string: "RulesString",
|
|
3141
3289
|
# rules_source_list: {
|
|
@@ -3228,6 +3376,10 @@ module Aws::NetworkFirewall
|
|
|
3228
3376
|
# You can only use these for stateful rule groups.
|
|
3229
3377
|
# @return [Types::RuleVariables]
|
|
3230
3378
|
#
|
|
3379
|
+
# @!attribute [rw] reference_sets
|
|
3380
|
+
# The list of a rule group's reference sets.
|
|
3381
|
+
# @return [Types::ReferenceSets]
|
|
3382
|
+
#
|
|
3231
3383
|
# @!attribute [rw] rules_source
|
|
3232
3384
|
# The stateful rules or stateless rules for the rule group.
|
|
3233
3385
|
# @return [Types::RulesSource]
|
|
@@ -3243,6 +3395,7 @@ module Aws::NetworkFirewall
|
|
|
3243
3395
|
#
|
|
3244
3396
|
class RuleGroup < Struct.new(
|
|
3245
3397
|
:rule_variables,
|
|
3398
|
+
:reference_sets,
|
|
3246
3399
|
:rules_source,
|
|
3247
3400
|
:stateful_rule_options)
|
|
3248
3401
|
SENSITIVE = []
|
|
@@ -5000,6 +5153,13 @@ module Aws::NetworkFirewall
|
|
|
5000
5153
|
# },
|
|
5001
5154
|
# },
|
|
5002
5155
|
# },
|
|
5156
|
+
# reference_sets: {
|
|
5157
|
+
# ip_set_references: {
|
|
5158
|
+
# "IPSetReferenceName" => {
|
|
5159
|
+
# reference_arn: "ResourceArn",
|
|
5160
|
+
# },
|
|
5161
|
+
# },
|
|
5162
|
+
# },
|
|
5003
5163
|
# rules_source: { # required
|
|
5004
5164
|
# rules_string: "RulesString",
|
|
5005
5165
|
# rules_source_list: {
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-networkfirewall
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.18.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2022-
|
|
11
|
+
date: 2022-07-21 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|