aws-sdk-networkfirewall 1.91.0 → 1.92.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cef07bc7454403358a4fb856db8ffa2d88e1539cf4588330fc4517f5a479d72b
4
- data.tar.gz: a4926fd25361cbdff16d9f593f8c5c19fcb738d00aeba3ea15765222d821ee1c
3
+ metadata.gz: aed8c98ca520cfdfe1c2043ba74a8ba4d8b87983f1b8b0c52f6a721659f2cd35
4
+ data.tar.gz: c1b96f2b04676f2b0502612c5ae01bb7f4746235c6f36cab1057d0591d853a20
5
5
  SHA512:
6
- metadata.gz: 41f3dfc9a77acb7af4af27b7828bdb91963c2d5c25c5d6a348084d770e36fde8dd2f3cf505bf426171b19527d66c7c569b570ecd802a9c8e635656151265432f
7
- data.tar.gz: cdbcc61d20bdffeeb00864faae0735f722cd71176936470e65a675fbad2ceea30a0c32c028bf67b49ca2b8dcc0d7c60749050216170c4f6ce1e38b38d8d2a588
6
+ metadata.gz: 2fcababfb6903af2d9ee10f61e27a254c4260475ccc1345c9f6b8bf46f6e0130d42c0079fadf88cd4d2dbf2bdfcbb9c70b4d63a6440d16e15f9a8ea5445cece8
7
+ data.tar.gz: 62353776733483210098d3f2bde584f44fe74c080c885bf529ddd9c837dfeef51806868989a62fd2b01c6563ef4b66f4537dc7cf3987441b83277fedc64fd063
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.92.0 (2026-06-30)
5
+ ------------------
6
+
7
+ * Feature - AWS Network Firewall now supports container associations for monitoring ECS and EKS workloads. You can create container associations to dynamically track the IP addresses of running containers in your Amazon ECS and Amazon EKS clusters.
8
+
4
9
  1.91.0 (2026-05-22)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.91.0
1
+ 1.92.0
@@ -846,6 +846,99 @@ module Aws::NetworkFirewall
846
846
  req.send_request(options)
847
847
  end
848
848
 
849
+ # Creates a container association for Network Firewall. A container
850
+ # association links container clusters (ECS or EKS) to Network Firewall,
851
+ # enabling dynamic IP resolution for firewall rules based on container
852
+ # attributes.
853
+ #
854
+ # To manage a container association's tags, use the standard Amazon Web
855
+ # Services resource tagging operations, ListTagsForResource,
856
+ # TagResource, and UntagResource.
857
+ #
858
+ # To retrieve information about container associations, use
859
+ # ListContainerAssociations and DescribeContainerAssociation.
860
+ #
861
+ # @option params [required, String] :container_association_name
862
+ # The descriptive name of the container association. You can't change
863
+ # the name of a container association after you create it.
864
+ #
865
+ # @option params [String] :description
866
+ # A description of the container association.
867
+ #
868
+ # @option params [required, String] :type
869
+ # The type of container orchestration platform for the clusters in this
870
+ # association. Valid values are `ECS` and `EKS`. You can't change the
871
+ # type after creation.
872
+ #
873
+ # @option params [required, Array<Types::ContainerMonitoringConfiguration>] :container_monitoring_configurations
874
+ # The list of container monitoring configurations that define which
875
+ # clusters and container attributes to monitor.
876
+ #
877
+ # @option params [Array<Types::Tag>] :tags
878
+ # The key:value pairs to associate with the resource.
879
+ #
880
+ # @return [Types::CreateContainerAssociationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
881
+ #
882
+ # * {Types::CreateContainerAssociationResponse#container_association_name #container_association_name} => String
883
+ # * {Types::CreateContainerAssociationResponse#container_association_arn #container_association_arn} => String
884
+ # * {Types::CreateContainerAssociationResponse#description #description} => String
885
+ # * {Types::CreateContainerAssociationResponse#type #type} => String
886
+ # * {Types::CreateContainerAssociationResponse#container_monitoring_configurations #container_monitoring_configurations} => Array&lt;Types::ContainerMonitoringConfiguration&gt;
887
+ # * {Types::CreateContainerAssociationResponse#status #status} => String
888
+ # * {Types::CreateContainerAssociationResponse#tags #tags} => Array&lt;Types::Tag&gt;
889
+ # * {Types::CreateContainerAssociationResponse#update_token #update_token} => String
890
+ #
891
+ # @example Request syntax with placeholder values
892
+ #
893
+ # resp = client.create_container_association({
894
+ # container_association_name: "ResourceName", # required
895
+ # description: "Description",
896
+ # type: "ECS", # required, accepts ECS, EKS
897
+ # container_monitoring_configurations: [ # required
898
+ # {
899
+ # cluster_arn: "ResourceArn", # required
900
+ # attribute_filters: [
901
+ # {
902
+ # key: "ContainerAttributeKey", # required
903
+ # value: "ContainerAttributeValue", # required
904
+ # },
905
+ # ],
906
+ # },
907
+ # ],
908
+ # tags: [
909
+ # {
910
+ # key: "TagKey", # required
911
+ # value: "TagValue", # required
912
+ # },
913
+ # ],
914
+ # })
915
+ #
916
+ # @example Response structure
917
+ #
918
+ # resp.container_association_name #=> String
919
+ # resp.container_association_arn #=> String
920
+ # resp.description #=> String
921
+ # resp.type #=> String, one of "ECS", "EKS"
922
+ # resp.container_monitoring_configurations #=> Array
923
+ # resp.container_monitoring_configurations[0].cluster_arn #=> String
924
+ # resp.container_monitoring_configurations[0].attribute_filters #=> Array
925
+ # resp.container_monitoring_configurations[0].attribute_filters[0].key #=> String
926
+ # resp.container_monitoring_configurations[0].attribute_filters[0].value #=> String
927
+ # resp.status #=> String, one of "ACTIVE", "CREATING", "DELETING"
928
+ # resp.tags #=> Array
929
+ # resp.tags[0].key #=> String
930
+ # resp.tags[0].value #=> String
931
+ # resp.update_token #=> String
932
+ #
933
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/CreateContainerAssociation AWS API Documentation
934
+ #
935
+ # @overload create_container_association(params = {})
936
+ # @param [Hash] params ({})
937
+ def create_container_association(params = {}, options = {})
938
+ req = build_request(:create_container_association, params)
939
+ req.send_request(options)
940
+ end
941
+
849
942
  # Creates an Network Firewall Firewall and accompanying FirewallStatus
850
943
  # for a VPC.
851
944
  #
@@ -2235,6 +2328,47 @@ module Aws::NetworkFirewall
2235
2328
  req.send_request(options)
2236
2329
  end
2237
2330
 
2331
+ # Deletes the specified container association. When you delete a
2332
+ # container association, Network Firewall stops monitoring the
2333
+ # associated container clusters and removes the resolved IP addresses
2334
+ # from firewall rules.
2335
+ #
2336
+ # @option params [String] :container_association_name
2337
+ # The descriptive name of the container association. You must specify
2338
+ # the ARN or the name, and you can specify both.
2339
+ #
2340
+ # @option params [String] :container_association_arn
2341
+ # The Amazon Resource Name (ARN) of the container association. You must
2342
+ # specify the ARN or the name, and you can specify both.
2343
+ #
2344
+ # @return [Types::DeleteContainerAssociationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2345
+ #
2346
+ # * {Types::DeleteContainerAssociationResponse#container_association_name #container_association_name} => String
2347
+ # * {Types::DeleteContainerAssociationResponse#container_association_arn #container_association_arn} => String
2348
+ # * {Types::DeleteContainerAssociationResponse#status #status} => String
2349
+ #
2350
+ # @example Request syntax with placeholder values
2351
+ #
2352
+ # resp = client.delete_container_association({
2353
+ # container_association_name: "ResourceName",
2354
+ # container_association_arn: "ResourceArn",
2355
+ # })
2356
+ #
2357
+ # @example Response structure
2358
+ #
2359
+ # resp.container_association_name #=> String
2360
+ # resp.container_association_arn #=> String
2361
+ # resp.status #=> String, one of "ACTIVE", "CREATING", "DELETING"
2362
+ #
2363
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DeleteContainerAssociation AWS API Documentation
2364
+ #
2365
+ # @overload delete_container_association(params = {})
2366
+ # @param [Hash] params ({})
2367
+ def delete_container_association(params = {}, options = {})
2368
+ req = build_request(:delete_container_association, params)
2369
+ req.send_request(options)
2370
+ end
2371
+
2238
2372
  # Deletes the specified Firewall and its FirewallStatus. This operation
2239
2373
  # requires the firewall's `DeleteProtection` flag to be `FALSE`. You
2240
2374
  # can't revert this operation.
@@ -2825,6 +2959,64 @@ module Aws::NetworkFirewall
2825
2959
  req.send_request(options)
2826
2960
  end
2827
2961
 
2962
+ # Returns the properties of a container association.
2963
+ #
2964
+ # @option params [String] :container_association_name
2965
+ # The descriptive name of the container association. You must specify
2966
+ # the ARN or the name, and you can specify both.
2967
+ #
2968
+ # @option params [String] :container_association_arn
2969
+ # The Amazon Resource Name (ARN) of the container association. You must
2970
+ # specify the ARN or the name, and you can specify both.
2971
+ #
2972
+ # @return [Types::DescribeContainerAssociationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
2973
+ #
2974
+ # * {Types::DescribeContainerAssociationResponse#container_association_name #container_association_name} => String
2975
+ # * {Types::DescribeContainerAssociationResponse#container_association_arn #container_association_arn} => String
2976
+ # * {Types::DescribeContainerAssociationResponse#description #description} => String
2977
+ # * {Types::DescribeContainerAssociationResponse#type #type} => String
2978
+ # * {Types::DescribeContainerAssociationResponse#container_monitoring_configurations #container_monitoring_configurations} => Array&lt;Types::ContainerMonitoringConfiguration&gt;
2979
+ # * {Types::DescribeContainerAssociationResponse#status #status} => String
2980
+ # * {Types::DescribeContainerAssociationResponse#resolved_cidr_count #resolved_cidr_count} => Integer
2981
+ # * {Types::DescribeContainerAssociationResponse#last_updated_time #last_updated_time} => Time
2982
+ # * {Types::DescribeContainerAssociationResponse#tags #tags} => Array&lt;Types::Tag&gt;
2983
+ # * {Types::DescribeContainerAssociationResponse#update_token #update_token} => String
2984
+ #
2985
+ # @example Request syntax with placeholder values
2986
+ #
2987
+ # resp = client.describe_container_association({
2988
+ # container_association_name: "ResourceName",
2989
+ # container_association_arn: "ResourceArn",
2990
+ # })
2991
+ #
2992
+ # @example Response structure
2993
+ #
2994
+ # resp.container_association_name #=> String
2995
+ # resp.container_association_arn #=> String
2996
+ # resp.description #=> String
2997
+ # resp.type #=> String, one of "ECS", "EKS"
2998
+ # resp.container_monitoring_configurations #=> Array
2999
+ # resp.container_monitoring_configurations[0].cluster_arn #=> String
3000
+ # resp.container_monitoring_configurations[0].attribute_filters #=> Array
3001
+ # resp.container_monitoring_configurations[0].attribute_filters[0].key #=> String
3002
+ # resp.container_monitoring_configurations[0].attribute_filters[0].value #=> String
3003
+ # resp.status #=> String, one of "ACTIVE", "CREATING", "DELETING"
3004
+ # resp.resolved_cidr_count #=> Integer
3005
+ # resp.last_updated_time #=> Time
3006
+ # resp.tags #=> Array
3007
+ # resp.tags[0].key #=> String
3008
+ # resp.tags[0].value #=> String
3009
+ # resp.update_token #=> String
3010
+ #
3011
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/DescribeContainerAssociation AWS API Documentation
3012
+ #
3013
+ # @overload describe_container_association(params = {})
3014
+ # @param [Hash] params ({})
3015
+ def describe_container_association(params = {}, options = {})
3016
+ req = build_request(:describe_container_association, params)
3017
+ req.send_request(options)
3018
+ end
3019
+
2828
3020
  # Returns the data objects for the specified firewall.
2829
3021
  #
2830
3022
  # @option params [String] :firewall_name
@@ -4184,6 +4376,52 @@ module Aws::NetworkFirewall
4184
4376
  req.send_request(options)
4185
4377
  end
4186
4378
 
4379
+ # Retrieves the metadata for the container associations that you have
4380
+ # defined. You can optionally page through results.
4381
+ #
4382
+ # @option params [Integer] :max_results
4383
+ # The maximum number of objects that you want Network Firewall to return
4384
+ # for this request. If more objects are available, in the response,
4385
+ # Network Firewall provides a `NextToken` value that you can use in a
4386
+ # subsequent call to get the next batch of objects.
4387
+ #
4388
+ # @option params [String] :next_token
4389
+ # When you request a list of objects with a `MaxResults` setting, if the
4390
+ # number of objects that are still available for retrieval exceeds the
4391
+ # maximum you requested, Network Firewall returns a `NextToken` value in
4392
+ # the response. To retrieve the next batch of objects, use the token
4393
+ # returned from the prior request in your next request.
4394
+ #
4395
+ # @return [Types::ListContainerAssociationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4396
+ #
4397
+ # * {Types::ListContainerAssociationsResponse#container_associations #container_associations} => Array&lt;Types::ContainerAssociationSummary&gt;
4398
+ # * {Types::ListContainerAssociationsResponse#next_token #next_token} => String
4399
+ #
4400
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4401
+ #
4402
+ # @example Request syntax with placeholder values
4403
+ #
4404
+ # resp = client.list_container_associations({
4405
+ # max_results: 1,
4406
+ # next_token: "PaginationToken",
4407
+ # })
4408
+ #
4409
+ # @example Response structure
4410
+ #
4411
+ # resp.container_associations #=> Array
4412
+ # resp.container_associations[0].arn #=> String
4413
+ # resp.container_associations[0].name #=> String
4414
+ # resp.next_token #=> String
4415
+ #
4416
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/ListContainerAssociations AWS API Documentation
4417
+ #
4418
+ # @overload list_container_associations(params = {})
4419
+ # @param [Hash] params ({})
4420
+ def list_container_associations(params = {}, options = {})
4421
+ req = build_request(:list_container_associations, params)
4422
+ req.send_request(options)
4423
+ end
4424
+
4187
4425
  # Retrieves the metadata for the firewall policies that you have
4188
4426
  # defined. Depending on your setting for max results and the number of
4189
4427
  # firewall policies, a single call might not return the full list.
@@ -5356,6 +5594,108 @@ module Aws::NetworkFirewall
5356
5594
  req.send_request(options)
5357
5595
  end
5358
5596
 
5597
+ # Updates the properties of an existing container association. Use this
5598
+ # to modify the container monitoring configurations or description.
5599
+ #
5600
+ # @option params [String] :container_association_name
5601
+ # The descriptive name of the container association. You must specify
5602
+ # the ARN or the name, and you can specify both.
5603
+ #
5604
+ # @option params [String] :container_association_arn
5605
+ # The Amazon Resource Name (ARN) of the container association. You must
5606
+ # specify the ARN or the name, and you can specify both.
5607
+ #
5608
+ # @option params [String] :description
5609
+ # A description of the container association.
5610
+ #
5611
+ # @option params [required, String] :type
5612
+ # The type of container orchestration platform. This must match the type
5613
+ # specified when the container association was created.
5614
+ #
5615
+ # @option params [required, Array<Types::ContainerMonitoringConfiguration>] :container_monitoring_configurations
5616
+ # The updated list of container monitoring configurations that define
5617
+ # which clusters and container attributes to monitor.
5618
+ #
5619
+ # @option params [Array<Types::Tag>] :tags
5620
+ # The key:value pairs associated with the resource.
5621
+ #
5622
+ # @option params [required, String] :update_token
5623
+ # A token used for optimistic locking. Network Firewall returns a token
5624
+ # to your requests that access the container association. The token
5625
+ # marks the state of the container association resource at the time of
5626
+ # the request. To make an update to the container association, provide
5627
+ # the token in your request. Network Firewall uses the token to ensure
5628
+ # that the container association hasn't changed since you last
5629
+ # retrieved it. If it has changed, the operation fails with an
5630
+ # `InvalidTokenException`. If this happens, retrieve the container
5631
+ # association again to get a current copy of it with a new token.
5632
+ # Reapply your changes as needed, then try the operation again using the
5633
+ # new token.
5634
+ #
5635
+ # @return [Types::UpdateContainerAssociationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5636
+ #
5637
+ # * {Types::UpdateContainerAssociationResponse#container_association_name #container_association_name} => String
5638
+ # * {Types::UpdateContainerAssociationResponse#container_association_arn #container_association_arn} => String
5639
+ # * {Types::UpdateContainerAssociationResponse#description #description} => String
5640
+ # * {Types::UpdateContainerAssociationResponse#type #type} => String
5641
+ # * {Types::UpdateContainerAssociationResponse#container_monitoring_configurations #container_monitoring_configurations} => Array&lt;Types::ContainerMonitoringConfiguration&gt;
5642
+ # * {Types::UpdateContainerAssociationResponse#status #status} => String
5643
+ # * {Types::UpdateContainerAssociationResponse#tags #tags} => Array&lt;Types::Tag&gt;
5644
+ # * {Types::UpdateContainerAssociationResponse#update_token #update_token} => String
5645
+ #
5646
+ # @example Request syntax with placeholder values
5647
+ #
5648
+ # resp = client.update_container_association({
5649
+ # container_association_name: "ResourceName",
5650
+ # container_association_arn: "ResourceArn",
5651
+ # description: "Description",
5652
+ # type: "ECS", # required, accepts ECS, EKS
5653
+ # container_monitoring_configurations: [ # required
5654
+ # {
5655
+ # cluster_arn: "ResourceArn", # required
5656
+ # attribute_filters: [
5657
+ # {
5658
+ # key: "ContainerAttributeKey", # required
5659
+ # value: "ContainerAttributeValue", # required
5660
+ # },
5661
+ # ],
5662
+ # },
5663
+ # ],
5664
+ # tags: [
5665
+ # {
5666
+ # key: "TagKey", # required
5667
+ # value: "TagValue", # required
5668
+ # },
5669
+ # ],
5670
+ # update_token: "UpdateToken", # required
5671
+ # })
5672
+ #
5673
+ # @example Response structure
5674
+ #
5675
+ # resp.container_association_name #=> String
5676
+ # resp.container_association_arn #=> String
5677
+ # resp.description #=> String
5678
+ # resp.type #=> String, one of "ECS", "EKS"
5679
+ # resp.container_monitoring_configurations #=> Array
5680
+ # resp.container_monitoring_configurations[0].cluster_arn #=> String
5681
+ # resp.container_monitoring_configurations[0].attribute_filters #=> Array
5682
+ # resp.container_monitoring_configurations[0].attribute_filters[0].key #=> String
5683
+ # resp.container_monitoring_configurations[0].attribute_filters[0].value #=> String
5684
+ # resp.status #=> String, one of "ACTIVE", "CREATING", "DELETING"
5685
+ # resp.tags #=> Array
5686
+ # resp.tags[0].key #=> String
5687
+ # resp.tags[0].value #=> String
5688
+ # resp.update_token #=> String
5689
+ #
5690
+ # @see http://docs.aws.amazon.com/goto/WebAPI/network-firewall-2020-11-12/UpdateContainerAssociation AWS API Documentation
5691
+ #
5692
+ # @overload update_container_association(params = {})
5693
+ # @param [Hash] params ({})
5694
+ def update_container_association(params = {}, options = {})
5695
+ req = build_request(:update_container_association, params)
5696
+ req.send_request(options)
5697
+ end
5698
+
5359
5699
  # Enables specific types of firewall analysis on a specific firewall you
5360
5700
  # define.
5361
5701
  #
@@ -6922,7 +7262,7 @@ module Aws::NetworkFirewall
6922
7262
  tracer: tracer
6923
7263
  )
6924
7264
  context[:gem_name] = 'aws-sdk-networkfirewall'
6925
- context[:gem_version] = '1.91.0'
7265
+ context[:gem_version] = '1.92.0'
6926
7266
  Seahorse::Client::Request.new(handlers, context)
6927
7267
  end
6928
7268