RubyGems - aws-sdk-networkfirewall - Versions diffs - 1.27.0 → 1.28.0 - Mend

aws-sdk-networkfirewall 1.27.0 → 1.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-networkfirewall/client.rb +7 -7
data/lib/aws-sdk-networkfirewall/types.rb +19 -2
data/lib/aws-sdk-networkfirewall.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 848dc5acca2271ff27fe731050b218de6eb5bd90c5cf3f9238d2e7876bd779f1
-  data.tar.gz: 5020c9ed7a2fdde8c547c9e45989ae6c57531ebef798c35c69b18ca031845bf1
+  metadata.gz: 0777bee33353956140748399c259f21e1da2819f69f84f0353b438725e003c62
+  data.tar.gz: b3e1cf9cde792809cc2963d6b3293aca1915965a1be408eeb21ee22b4ba2db7f
 SHA512:
-  metadata.gz: 198569d2c17cdc7db5247a1e39838ec54582a80bafb30946911c02ef36e3482a09a2288407e9bdc86dd9cc8e63914f4dcf4f2b2eb156e220db172cafb8d9d393
-  data.tar.gz: 56255332e20a9726aba325f3e512b28dad5dfcbd4cc7317df5be254aac4a2c5bddaa6f3ec11fb7d0539938866568997a93cf4c9615e1c83de9b4620f5101cbae
+  metadata.gz: b50dc676821f92c9b96e1e41536c72c770c294240907afb2508d9c8001621dd797921395222c3e8d632dddd0415b68a883b6784a2d93f0142ac53089c72cb9ea
+  data.tar.gz: d8ce58d223868c23b80041a606de67df91f313f6adbf17066cb11d5b3d4a814a3ac1d294b413371ae371be9faf215d98bb85fa169d4cb13e0ddc9266da6002fb

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.28.0 (2023-05-04)
+------------------
+* Feature - This release adds support for the Suricata REJECT option in midstream exception configurations.
 1.27.0 (2023-05-03)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.27.0
1	+ 1.28.0

data/lib/aws-sdk-networkfirewall/client.rb CHANGED Viewed

@@ -663,7 +663,7 @@ module Aws::NetworkFirewall
     #   resp.firewall_status.sync_states #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
-    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY", "FAILED", "ERROR"
+    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "FAILED", "ERROR", "SCALING", "READY"
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status_message #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
@@ -766,7 +766,7 @@ module Aws::NetworkFirewall
     #       stateful_default_actions: ["CollectionMember_String"],
     #       stateful_engine_options: {
     #         rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
-    #         stream_exception_policy: "DROP", # accepts DROP, CONTINUE
+    #         stream_exception_policy: "DROP", # accepts DROP, CONTINUE, REJECT
     #       },
     #       tls_inspection_configuration_arn: "ResourceArn",
     #       policy_variables: {
@@ -1331,7 +1331,7 @@ module Aws::NetworkFirewall
     #   resp.firewall_status.sync_states #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
-    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY", "FAILED", "ERROR"
+    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "FAILED", "ERROR", "SCALING", "READY"
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status_message #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
@@ -1593,7 +1593,7 @@ module Aws::NetworkFirewall
     #   resp.firewall_status.sync_states #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.subnet_id #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.endpoint_id #=> String
-    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "SCALING", "READY", "FAILED", "ERROR"
+    #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status #=> String, one of "CREATING", "DELETING", "FAILED", "ERROR", "SCALING", "READY"
     #   resp.firewall_status.sync_states["AvailabilityZone"].attachment.status_message #=> String
     #   resp.firewall_status.sync_states["AvailabilityZone"].config #=> Hash
     #   resp.firewall_status.sync_states["AvailabilityZone"].config["ResourceName"].sync_status #=> String, one of "PENDING", "IN_SYNC", "CAPACITY_CONSTRAINED"
@@ -1673,7 +1673,7 @@ module Aws::NetworkFirewall
     #   resp.firewall_policy.stateful_default_actions #=> Array
     #   resp.firewall_policy.stateful_default_actions[0] #=> String
     #   resp.firewall_policy.stateful_engine_options.rule_order #=> String, one of "DEFAULT_ACTION_ORDER", "STRICT_ORDER"
-    #   resp.firewall_policy.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE"
+    #   resp.firewall_policy.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT"
     #   resp.firewall_policy.tls_inspection_configuration_arn #=> String
     #   resp.firewall_policy.policy_variables.rule_variables #=> Hash
     #   resp.firewall_policy.policy_variables.rule_variables["RuleVariableName"].definition #=> Array
@@ -2831,7 +2831,7 @@ module Aws::NetworkFirewall
     #       stateful_default_actions: ["CollectionMember_String"],
     #       stateful_engine_options: {
     #         rule_order: "DEFAULT_ACTION_ORDER", # accepts DEFAULT_ACTION_ORDER, STRICT_ORDER
-    #         stream_exception_policy: "DROP", # accepts DROP, CONTINUE
+    #         stream_exception_policy: "DROP", # accepts DROP, CONTINUE, REJECT
     #       },
     #       tls_inspection_configuration_arn: "ResourceArn",
     #       policy_variables: {
@@ -3520,7 +3520,7 @@ module Aws::NetworkFirewall
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-networkfirewall'
-      context[:gem_version] = '1.27.0'
+      context[:gem_version] = '1.28.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-networkfirewall/types.rb CHANGED Viewed

@@ -3197,7 +3197,7 @@ module Aws::NetworkFirewall
     #
     #
     #
-    #   [1]: https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html
+    #   [1]: https://suricata.readthedocs.iorules/intro.html#
     #   @return [Array<Types::StatefulRule>]
     #
     # @!attribute [rw] stateless_rules_and_custom_actions
@@ -3449,6 +3449,13 @@ module Aws::NetworkFirewall
     #     behavior is rule dependent—a TCP-layer rule using a
     #     `flow:stateless` rule would still match, as would the
     #     `aws:drop_strict` default action.
+    #
+    #   * `REJECT` - Network Firewall fails closed and drops all subsequent
+    #     traffic going to the firewall. Network Firewall also sends a TCP
+    #     reject packet back to your client so that the client can
+    #     immediately establish a new session. Network Firewall will have
+    #     context about the new session and will apply rules to the
+    #     subsequent traffic.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/StatefulEngineOptions AWS API Documentation
@@ -3468,7 +3475,7 @@ module Aws::NetworkFirewall
     #
     #
     #
-    # [1]: https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html
+    # [1]: https://suricata.readthedocs.iorules/intro.html#
     #
     # @!attribute [rw] action
     #   Defines what Network Firewall should do with the packets in a
@@ -3492,6 +3499,16 @@ module Aws::NetworkFirewall
     #     drop traffic. You can enable the rule with `ALERT` action, verify
     #     in the logs that the rule is filtering as you want, then change
     #     the action to `DROP`.
+    #
+    #   * **REJECT** - Drops TCP traffic that matches the conditions of the
+    #     stateful rule, and sends a TCP reset packet back to sender of the
+    #     packet. A TCP reset packet is a packet with no payload and a `RST`
+    #     bit contained in the TCP header flags. Also sends an alert log
+    #     mesage if alert logging is configured in the Firewall
+    #     LoggingConfiguration.
+    #
+    #     `REJECT` isn't currently available for use with IMAP and FTP
+    #     protocols.
     #   @return [String]
     #
     # @!attribute [rw] header

data/lib/aws-sdk-networkfirewall.rb CHANGED Viewed

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-networkfirewall/customizations'
 # @!group service
 module Aws::NetworkFirewall
-  GEM_VERSION = '1.27.0'
+  GEM_VERSION = '1.28.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-networkfirewall
 version: !ruby/object:Gem::Version
-  version: 1.27.0
+  version: 1.28.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-05-03 00:00:00.000000000 Z
+date: 2023-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core