aws-sdk-shield 1.22.0 → 1.27.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: bf80c0a4bb5eba49b6f3d3bbac237a8b459c0a6d
-  data.tar.gz: '018327507ab5013ec326504ce6dbadcfc1fc4677'
+SHA256:
+  metadata.gz: ad088fd6dad043fadc94da09bc11bc69b5f8f2495fb8755fd751d6a767fb840c
+  data.tar.gz: ea4763f9c1da0f5c84516c7d9d3b7ba5bf6bd213db4724debcf948f5ec55d78b
 SHA512:
-  metadata.gz: 45b02384d9db5782d0a73beb9cf8ccf072a3abfc6327154c7ddd3cbc39e5ca3039e2eabc5cb9add3516a9a4a2b1d7fbcc3e7017c5c4c8d7554b2f35ce241aa18
-  data.tar.gz: a74eacd974c669c16e4a9704fa07d76a668767067974ae93e37a478e2e9e182c6e06c4e4a3e3f05cfbe85737d72c6b6e75eabbe452a325c9148b22c6915c5a7e
+  metadata.gz: 7a6dfc2fb22404f6fe07536d052cce02e592f606283d1b1a19210823beceddaff3e93f7b41a9944d345c1fcc19e172724711908f7c459df16ae1959181d08833
+  data.tar.gz: 41e5bc1f76945bdd72826287c6ac26eef446a1a4cd623ee7ebfb334c25f49151857bd991ec0fbeff569e984ec313d950171ff3cb8607634f2e25998913a96110

data/lib/aws-sdk-shield.rb

@@ -24,17 +24,20 @@ require_relative 'aws-sdk-shield/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     shield = Aws::Shield::Client.new
+#     resp = shield.associate_drt_log_bucket(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from AWS Shield all
-# extend {Errors::ServiceError}.
+# Errors returned from AWS Shield are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::Shield::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all AWS Shield API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-shield/customizations'
 # @service
 module Aws::Shield
 
-  GEM_VERSION = '1.22.0'
+  GEM_VERSION = '1.27.1'
 
 end

data/lib/aws-sdk-shield/client.rb

@@ -24,12 +24,25 @@ require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
 require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
+require 'aws-sdk-core/plugins/http_checksum.rb'
 require 'aws-sdk-core/plugins/signature_v4.rb'
 require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:shield)
 
 module Aws::Shield
+  # An API client for Shield.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::Shield::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -57,6 +70,7 @@ module Aws::Shield
     add_plugin(Aws::Plugins::ClientMetricsPlugin)
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
+    add_plugin(Aws::Plugins::HttpChecksum)
     add_plugin(Aws::Plugins::SignatureV4)
     add_plugin(Aws::Plugins::Protocols::JsonRpc)
 
@@ -93,7 +107,7 @@ module Aws::Shield
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +122,12 @@ module Aws::Shield
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +152,10 @@ module Aws::Shield
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +163,7 @@ module Aws::Shield
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test or custom endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +178,7 @@ module Aws::Shield
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +190,29 @@ module Aws::Shield
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +220,30 @@ module Aws::Shield
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +276,15 @@ module Aws::Shield
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +293,7 @@ module Aws::Shield
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -264,7 +320,7 @@ module Aws::Shield
 
     # @!group API Operations
 
-    # Authorizes the DDoS Response team (DRT) to access the specified Amazon
+    # Authorizes the DDoS Response Team (DRT) to access the specified Amazon
     # S3 bucket containing your AWS WAF logs. You can associate up to 10
     # Amazon S3 buckets with your subscription.
     #
@@ -297,7 +353,7 @@ module Aws::Shield
       req.send_request(options)
     end
 
-    # Authorizes the DDoS Response team (DRT), using the specified role, to
+    # Authorizes the DDoS Response Team (DRT), using the specified role, to
     # access your AWS account to assist with DDoS attack mitigation during
     # potential attacks. This enables the DRT to inspect your AWS WAF
     # configuration and create or update AWS WAF rules and web ACLs.
@@ -409,6 +465,63 @@ module Aws::Shield
       req.send_request(options)
     end
 
+    # Initializes proactive engagement and sets the list of contacts for the
+    # DDoS Response Team (DRT) to use. You must provide at least one phone
+    # number in the emergency contact list.
+    #
+    # After you have initialized proactive engagement using this call, to
+    # disable or enable proactive engagement, use the calls
+    # `DisableProactiveEngagement` and `EnableProactiveEngagement`.
+    #
+    # <note markdown="1"> This call defines the list of email addresses and phone numbers that
+    # the DDoS Response Team (DRT) can use to contact you for escalations to
+    # the DRT and to initiate proactive customer support.
+    #
+    #  The contacts that you provide in the request replace any contacts that
+    # were already defined. If you already have contacts defined and want to
+    # use them, retrieve the list using `DescribeEmergencyContactSettings`
+    # and then provide it to this call.
+    #
+    #  </note>
+    #
+    # @option params [required, Array<Types::EmergencyContact>] :emergency_contact_list
+    #   A list of email addresses and phone numbers that the DDoS Response
+    #   Team (DRT) can use to contact you for escalations to the DRT and to
+    #   initiate proactive customer support.
+    #
+    #   To enable proactive engagement, the contact list must include at least
+    #   one phone number.
+    #
+    #   <note markdown="1"> The contacts that you provide here replace any contacts that were
+    #   already defined. If you already have contacts defined and want to use
+    #   them, retrieve the list using `DescribeEmergencyContactSettings` and
+    #   then provide it here.
+    #
+    #    </note>
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.associate_proactive_engagement_details({
+    #     emergency_contact_list: [ # required
+    #       {
+    #         email_address: "EmailAddress", # required
+    #         phone_number: "PhoneNumber",
+    #         contact_notes: "ContactNotes",
+    #       },
+    #     ],
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/AssociateProactiveEngagementDetails AWS API Documentation
+    #
+    # @overload associate_proactive_engagement_details(params = {})
+    # @param [Hash] params ({})
+    def associate_proactive_engagement_details(params = {}, options = {})
+      req = build_request(:associate_proactive_engagement_details, params)
+      req.send_request(options)
+    end
+
     # Enables AWS Shield Advanced for a specific AWS resource. The resource
     # can be an Amazon CloudFront distribution, Elastic Load Balancing load
     # balancer, AWS Global Accelerator accelerator, Elastic IP Address, or
@@ -479,26 +592,11 @@ module Aws::Shield
 
     # Activates AWS Shield Advanced for an account.
     #
-    # As part of this request you can specify `EmergencySettings` that
-    # automaticaly grant the DDoS response team (DRT) needed permissions to
-    # assist you during a suspected DDoS attack. For more information see
-    # [Authorize the DDoS Response Team to Create Rules and Web ACLs on Your
-    # Behalf][1].
-    #
-    # To use the services of the DRT, you must be subscribed to the
-    # [Business Support plan][2] or the [Enterprise Support plan][3].
-    #
     # When you initally create a subscription, your subscription is set to
     # be automatically renewed at the end of the existing subscription
     # period. You can change this by submitting an `UpdateSubscription`
     # request.
     #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/waf/latest/developerguide/authorize-DRT.html
-    # [2]: https://aws.amazon.com/premiumsupport/business-support/
-    # [3]: https://aws.amazon.com/premiumsupport/enterprise-support/
-    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/CreateSubscription AWS API Documentation
@@ -615,7 +713,7 @@ module Aws::Shield
     end
 
     # Returns the current role and list of Amazon S3 log buckets used by the
-    # DDoS Response team (DRT) to access your AWS account while assisting
+    # DDoS Response Team (DRT) to access your AWS account while assisting
     # with attack mitigation.
     #
     # @return [Types::DescribeDRTAccessResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -638,8 +736,10 @@ module Aws::Shield
       req.send_request(options)
     end
 
-    # Lists the email addresses that the DRT can use to contact you during a
-    # suspected attack.
+    # A list of email addresses and phone numbers that the DDoS Response
+    # Team (DRT) can use to contact you if you have proactive engagement
+    # enabled, for escalations to the DRT and to initiate proactive customer
+    # support.
     #
     # @return [Types::DescribeEmergencyContactSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -649,6 +749,8 @@ module Aws::Shield
     #
     #   resp.emergency_contact_list #=> Array
     #   resp.emergency_contact_list[0].email_address #=> String
+    #   resp.emergency_contact_list[0].phone_number #=> String
+    #   resp.emergency_contact_list[0].contact_notes #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeEmergencyContactSettings AWS API Documentation
     #
@@ -716,6 +818,7 @@ module Aws::Shield
     #   resp.subscription.limits #=> Array
     #   resp.subscription.limits[0].type #=> String
     #   resp.subscription.limits[0].max #=> Integer
+    #   resp.subscription.proactive_engagement_status #=> String, one of "ENABLED", "DISABLED", "PENDING"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeSubscription AWS API Documentation
     #
@@ -726,7 +829,22 @@ module Aws::Shield
       req.send_request(options)
     end
 
-    # Removes the DDoS Response team's (DRT) access to the specified Amazon
+    # Removes authorization from the DDoS Response Team (DRT) to notify
+    # contacts about escalations to the DRT and to initiate proactive
+    # customer support.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableProactiveEngagement AWS API Documentation
+    #
+    # @overload disable_proactive_engagement(params = {})
+    # @param [Hash] params ({})
+    def disable_proactive_engagement(params = {}, options = {})
+      req = build_request(:disable_proactive_engagement, params)
+      req.send_request(options)
+    end
+
+    # Removes the DDoS Response Team's (DRT) access to the specified Amazon
     # S3 bucket containing your AWS WAF logs.
     #
     # To make a `DisassociateDRTLogBucket` request, you must be subscribed
@@ -761,7 +879,7 @@ module Aws::Shield
       req.send_request(options)
     end
 
-    # Removes the DDoS Response team's (DRT) access to your AWS account.
+    # Removes the DDoS Response Team's (DRT) access to your AWS account.
     #
     # To make a `DisassociateDRTRole` request, you must be subscribed to the
     # [Business Support plan][1] or the [Enterprise Support plan][2].
@@ -826,6 +944,21 @@ module Aws::Shield
       req.send_request(options)
     end
 
+    # Authorizes the DDoS Response Team (DRT) to use email and phone to
+    # notify contacts about escalations to the DRT and to initiate proactive
+    # customer support.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/EnableProactiveEngagement AWS API Documentation
+    #
+    # @overload enable_proactive_engagement(params = {})
+    # @param [Hash] params ({})
+    def enable_proactive_engagement(params = {}, options = {})
+      req = build_request(:enable_proactive_engagement, params)
+      req.send_request(options)
+    end
+
     # Returns the `SubscriptionState`, either `Active` or `Inactive`.
     #
     # @return [Types::GetSubscriptionStateResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -893,6 +1026,8 @@ module Aws::Shield
     #   * {Types::ListAttacksResponse#attack_summaries #attack_summaries} => Array&lt;Types::AttackSummary&gt;
     #   * {Types::ListAttacksResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_attacks({
@@ -950,6 +1085,8 @@ module Aws::Shield
     #   * {Types::ListProtectionsResponse#protections #protections} => Array&lt;Types::Protection&gt;
     #   * {Types::ListProtectionsResponse#next_token #next_token} => String
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_protections({
@@ -976,12 +1113,19 @@ module Aws::Shield
       req.send_request(options)
     end
 
-    # Updates the details of the list of email addresses that the DRT can
-    # use to contact you during a suspected attack.
+    # Updates the details of the list of email addresses and phone numbers
+    # that the DDoS Response Team (DRT) can use to contact you if you have
+    # proactive engagement enabled, for escalations to the DRT and to
+    # initiate proactive customer support.
     #
     # @option params [Array<Types::EmergencyContact>] :emergency_contact_list
-    #   A list of email addresses that the DRT can use to contact you during a
-    #   suspected attack.
+    #   A list of email addresses and phone numbers that the DDoS Response
+    #   Team (DRT) can use to contact you if you have proactive engagement
+    #   enabled, for escalations to the DRT and to initiate proactive customer
+    #   support.
+    #
+    #   If you have proactive engagement enabled, the contact list must
+    #   include at least one phone number.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -991,6 +1135,8 @@ module Aws::Shield
     #     emergency_contact_list: [
     #       {
     #         email_address: "EmailAddress", # required
+    #         phone_number: "PhoneNumber",
+    #         contact_notes: "ContactNotes",
     #       },
     #     ],
     #   })
@@ -1045,7 +1191,7 @@ module Aws::Shield
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-shield'
-      context[:gem_version] = '1.22.0'
+      context[:gem_version] = '1.27.1'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-shield/client_api.rb

@@ -19,6 +19,8 @@ module Aws::Shield
     AssociateDRTRoleResponse = Shapes::StructureShape.new(name: 'AssociateDRTRoleResponse')
     AssociateHealthCheckRequest = Shapes::StructureShape.new(name: 'AssociateHealthCheckRequest')
     AssociateHealthCheckResponse = Shapes::StructureShape.new(name: 'AssociateHealthCheckResponse')
+    AssociateProactiveEngagementDetailsRequest = Shapes::StructureShape.new(name: 'AssociateProactiveEngagementDetailsRequest')
+    AssociateProactiveEngagementDetailsResponse = Shapes::StructureShape.new(name: 'AssociateProactiveEngagementDetailsResponse')
     AttackDetail = Shapes::StructureShape.new(name: 'AttackDetail')
     AttackId = Shapes::StringShape.new(name: 'AttackId')
     AttackLayer = Shapes::StringShape.new(name: 'AttackLayer')
@@ -31,6 +33,7 @@ module Aws::Shield
     AttackVectorDescription = Shapes::StructureShape.new(name: 'AttackVectorDescription')
     AttackVectorDescriptionList = Shapes::ListShape.new(name: 'AttackVectorDescriptionList')
     AutoRenew = Shapes::StringShape.new(name: 'AutoRenew')
+    ContactNotes = Shapes::StringShape.new(name: 'ContactNotes')
     Contributor = Shapes::StructureShape.new(name: 'Contributor')
     CreateProtectionRequest = Shapes::StructureShape.new(name: 'CreateProtectionRequest')
     CreateProtectionResponse = Shapes::StructureShape.new(name: 'CreateProtectionResponse')
@@ -50,6 +53,8 @@ module Aws::Shield
     DescribeProtectionResponse = Shapes::StructureShape.new(name: 'DescribeProtectionResponse')
     DescribeSubscriptionRequest = Shapes::StructureShape.new(name: 'DescribeSubscriptionRequest')
     DescribeSubscriptionResponse = Shapes::StructureShape.new(name: 'DescribeSubscriptionResponse')
+    DisableProactiveEngagementRequest = Shapes::StructureShape.new(name: 'DisableProactiveEngagementRequest')
+    DisableProactiveEngagementResponse = Shapes::StructureShape.new(name: 'DisableProactiveEngagementResponse')
     DisassociateDRTLogBucketRequest = Shapes::StructureShape.new(name: 'DisassociateDRTLogBucketRequest')
     DisassociateDRTLogBucketResponse = Shapes::StructureShape.new(name: 'DisassociateDRTLogBucketResponse')
     DisassociateDRTRoleRequest = Shapes::StructureShape.new(name: 'DisassociateDRTRoleRequest')
@@ -61,6 +66,8 @@ module Aws::Shield
     EmailAddress = Shapes::StringShape.new(name: 'EmailAddress')
     EmergencyContact = Shapes::StructureShape.new(name: 'EmergencyContact')
     EmergencyContactList = Shapes::ListShape.new(name: 'EmergencyContactList')
+    EnableProactiveEngagementRequest = Shapes::StructureShape.new(name: 'EnableProactiveEngagementRequest')
+    EnableProactiveEngagementResponse = Shapes::StructureShape.new(name: 'EnableProactiveEngagementResponse')
     GetSubscriptionStateRequest = Shapes::StructureShape.new(name: 'GetSubscriptionStateRequest')
     GetSubscriptionStateResponse = Shapes::StructureShape.new(name: 'GetSubscriptionStateResponse')
     HealthCheckArn = Shapes::StringShape.new(name: 'HealthCheckArn')
@@ -90,6 +97,8 @@ module Aws::Shield
     MitigationList = Shapes::ListShape.new(name: 'MitigationList')
     NoAssociatedRoleException = Shapes::StructureShape.new(name: 'NoAssociatedRoleException')
     OptimisticLockException = Shapes::StructureShape.new(name: 'OptimisticLockException')
+    PhoneNumber = Shapes::StringShape.new(name: 'PhoneNumber')
+    ProactiveEngagementStatus = Shapes::StringShape.new(name: 'ProactiveEngagementStatus')
     Protection = Shapes::StructureShape.new(name: 'Protection')
     ProtectionId = Shapes::StringShape.new(name: 'ProtectionId')
     ProtectionName = Shapes::StringShape.new(name: 'ProtectionName')
@@ -142,6 +151,11 @@ module Aws::Shield
 
     AssociateHealthCheckResponse.struct_class = Types::AssociateHealthCheckResponse
 
+    AssociateProactiveEngagementDetailsRequest.add_member(:emergency_contact_list, Shapes::ShapeRef.new(shape: EmergencyContactList, required: true, location_name: "EmergencyContactList"))
+    AssociateProactiveEngagementDetailsRequest.struct_class = Types::AssociateProactiveEngagementDetailsRequest
+
+    AssociateProactiveEngagementDetailsResponse.struct_class = Types::AssociateProactiveEngagementDetailsResponse
+
     AttackDetail.add_member(:attack_id, Shapes::ShapeRef.new(shape: AttackId, location_name: "AttackId"))
     AttackDetail.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "ResourceArn"))
     AttackDetail.add_member(:sub_resources, Shapes::ShapeRef.new(shape: SubResourceSummaryList, location_name: "SubResources"))
@@ -228,6 +242,10 @@ module Aws::Shield
     DescribeSubscriptionResponse.add_member(:subscription, Shapes::ShapeRef.new(shape: Subscription, location_name: "Subscription"))
     DescribeSubscriptionResponse.struct_class = Types::DescribeSubscriptionResponse
 
+    DisableProactiveEngagementRequest.struct_class = Types::DisableProactiveEngagementRequest
+
+    DisableProactiveEngagementResponse.struct_class = Types::DisableProactiveEngagementResponse
+
     DisassociateDRTLogBucketRequest.add_member(:log_bucket, Shapes::ShapeRef.new(shape: LogBucket, required: true, location_name: "LogBucket"))
     DisassociateDRTLogBucketRequest.struct_class = Types::DisassociateDRTLogBucketRequest
 
@@ -244,10 +262,16 @@ module Aws::Shield
     DisassociateHealthCheckResponse.struct_class = Types::DisassociateHealthCheckResponse
 
     EmergencyContact.add_member(:email_address, Shapes::ShapeRef.new(shape: EmailAddress, required: true, location_name: "EmailAddress"))
+    EmergencyContact.add_member(:phone_number, Shapes::ShapeRef.new(shape: PhoneNumber, location_name: "PhoneNumber"))
+    EmergencyContact.add_member(:contact_notes, Shapes::ShapeRef.new(shape: ContactNotes, location_name: "ContactNotes"))
     EmergencyContact.struct_class = Types::EmergencyContact
 
     EmergencyContactList.member = Shapes::ShapeRef.new(shape: EmergencyContact)
 
+    EnableProactiveEngagementRequest.struct_class = Types::EnableProactiveEngagementRequest
+
+    EnableProactiveEngagementResponse.struct_class = Types::EnableProactiveEngagementResponse
+
     GetSubscriptionStateRequest.struct_class = Types::GetSubscriptionStateRequest
 
     GetSubscriptionStateResponse.add_member(:subscription_state, Shapes::ShapeRef.new(shape: SubscriptionState, required: true, location_name: "SubscriptionState"))
@@ -345,6 +369,7 @@ module Aws::Shield
     Subscription.add_member(:time_commitment_in_seconds, Shapes::ShapeRef.new(shape: DurationInSeconds, location_name: "TimeCommitmentInSeconds"))
     Subscription.add_member(:auto_renew, Shapes::ShapeRef.new(shape: AutoRenew, location_name: "AutoRenew"))
     Subscription.add_member(:limits, Shapes::ShapeRef.new(shape: Limits, location_name: "Limits"))
+    Subscription.add_member(:proactive_engagement_status, Shapes::ShapeRef.new(shape: ProactiveEngagementStatus, location_name: "ProactiveEngagementStatus"))
     Subscription.struct_class = Types::Subscription
 
     SummarizedAttackVector.add_member(:vector_type, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VectorType"))
@@ -441,6 +466,19 @@ module Aws::Shield
         o.errors << Shapes::ShapeRef.new(shape: OptimisticLockException)
       end)
 
+      api.add_operation(:associate_proactive_engagement_details, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "AssociateProactiveEngagementDetails"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: AssociateProactiveEngagementDetailsRequest)
+        o.output = Shapes::ShapeRef.new(shape: AssociateProactiveEngagementDetailsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OptimisticLockException)
+      end)
+
       api.add_operation(:create_protection, Seahorse::Model::Operation.new.tap do |o|
         o.name = "CreateProtection"
         o.http_method = "POST"
@@ -540,6 +578,19 @@ module Aws::Shield
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
       end)
 
+      api.add_operation(:disable_proactive_engagement, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DisableProactiveEngagement"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: DisableProactiveEngagementRequest)
+        o.output = Shapes::ShapeRef.new(shape: DisableProactiveEngagementResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OptimisticLockException)
+      end)
+
       api.add_operation(:disassociate_drt_log_bucket, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DisassociateDRTLogBucket"
         o.http_method = "POST"
@@ -578,6 +629,19 @@ module Aws::Shield
         o.errors << Shapes::ShapeRef.new(shape: OptimisticLockException)
       end)
 
+      api.add_operation(:enable_proactive_engagement, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "EnableProactiveEngagement"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: EnableProactiveEngagementRequest)
+        o.output = Shapes::ShapeRef.new(shape: EnableProactiveEngagementResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: OptimisticLockException)
+      end)
+
       api.add_operation(:get_subscription_state, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetSubscriptionState"
         o.http_method = "POST"
@@ -596,6 +660,12 @@ module Aws::Shield
         o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidOperationException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
       end)
 
       api.add_operation(:list_protections, Seahorse::Model::Operation.new.tap do |o|
@@ -607,6 +677,12 @@ module Aws::Shield
         o.errors << Shapes::ShapeRef.new(shape: InternalErrorException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidPaginationTokenException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
       end)
 
       api.add_operation(:update_emergency_contact_settings, Seahorse::Model::Operation.new.tap do |o|

data/lib/aws-sdk-shield/errors.rb

@@ -6,6 +6,41 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::Shield
+
+  # When Shield returns an error response, the Ruby SDK constructs and raises an error.
+  # These errors all extend Aws::Shield::Errors::ServiceError < {Aws::Errors::ServiceError}
+  #
+  # You can rescue all Shield errors using ServiceError:
+  #
+  #     begin
+  #       # do stuff
+  #     rescue Aws::Shield::Errors::ServiceError
+  #       # rescues all Shield API errors
+  #     end
+  #
+  #
+  # ## Request Context
+  # ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
+  # information about the request that generated the error.
+  # See {Seahorse::Client::RequestContext} for more information.
+  #
+  # ## Error Classes
+  # * {AccessDeniedException}
+  # * {AccessDeniedForDependencyException}
+  # * {InternalErrorException}
+  # * {InvalidOperationException}
+  # * {InvalidPaginationTokenException}
+  # * {InvalidParameterException}
+  # * {InvalidResourceException}
+  # * {LimitsExceededException}
+  # * {LockedSubscriptionException}
+  # * {NoAssociatedRoleException}
+  # * {OptimisticLockException}
+  # * {ResourceAlreadyExistsException}
+  # * {ResourceNotFoundException}
+  #
+  # Additionally, error classes are dynamically generated for service errors based on the error code
+  # if they are not defined above.
   module Errors
 
     extend Aws::Errors::DynamicErrors
@@ -23,7 +58,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class AccessDeniedForDependencyException < ServiceError
@@ -39,7 +73,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class InternalErrorException < ServiceError
@@ -55,7 +88,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidOperationException < ServiceError
@@ -71,7 +103,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidPaginationTokenException < ServiceError
@@ -87,7 +118,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidParameterException < ServiceError
@@ -103,7 +133,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class InvalidResourceException < ServiceError
@@ -119,7 +148,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class LimitsExceededException < ServiceError
@@ -145,7 +173,6 @@ module Aws::Shield
       def limit
         @data[:limit]
       end
-
     end
 
     class LockedSubscriptionException < ServiceError
@@ -161,7 +188,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class NoAssociatedRoleException < ServiceError
@@ -177,7 +203,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class OptimisticLockException < ServiceError
@@ -193,7 +218,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceAlreadyExistsException < ServiceError
@@ -209,7 +233,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
     class ResourceNotFoundException < ServiceError
@@ -225,7 +248,6 @@ module Aws::Shield
       def message
         @message || @data[:message]
       end
-
     end
 
   end

data/lib/aws-sdk-shield/resource.rb

@@ -6,6 +6,7 @@
 # WARNING ABOUT GENERATED CODE
 
 module Aws::Shield
+
   class Resource
 
     # @param options ({})

data/lib/aws-sdk-shield/types.rb

@@ -22,9 +22,9 @@ module Aws::Shield
       include Aws::Structure
     end
 
-    # In order to grant the necessary access to the DDoS Response Team, the
-    # user submitting the request must have the `iam:PassRole` permission.
-    # This error indicates the user did not have the appropriate
+    # In order to grant the necessary access to the DDoS Response Team
+    # (DRT), the user submitting the request must have the `iam:PassRole`
+    # permission. This error indicates the user did not have the appropriate
     # permissions. For more information, see [Granting a User Permissions to
     # Pass a Role to an AWS Service][1].
     #
@@ -126,6 +126,46 @@ module Aws::Shield
     #
     class AssociateHealthCheckResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass AssociateProactiveEngagementDetailsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         emergency_contact_list: [ # required
+    #           {
+    #             email_address: "EmailAddress", # required
+    #             phone_number: "PhoneNumber",
+    #             contact_notes: "ContactNotes",
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] emergency_contact_list
+    #   A list of email addresses and phone numbers that the DDoS Response
+    #   Team (DRT) can use to contact you for escalations to the DRT and to
+    #   initiate proactive customer support.
+    #
+    #   To enable proactive engagement, the contact list must include at
+    #   least one phone number.
+    #
+    #   <note markdown="1"> The contacts that you provide here replace any contacts that were
+    #   already defined. If you already have contacts defined and want to
+    #   use them, retrieve the list using `DescribeEmergencyContactSettings`
+    #   and then provide it here.
+    #
+    #    </note>
+    #   @return [Array<Types::EmergencyContact>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/AssociateProactiveEngagementDetailsRequest AWS API Documentation
+    #
+    class AssociateProactiveEngagementDetailsRequest < Struct.new(
+      :emergency_contact_list)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/AssociateProactiveEngagementDetailsResponse AWS API Documentation
+    #
+    class AssociateProactiveEngagementDetailsResponse < Aws::EmptyStructure; end
+
     # The details of a DDoS attack.
     #
     # @!attribute [rw] attack_id
@@ -500,8 +540,10 @@ module Aws::Shield
     class DescribeEmergencyContactSettingsRequest < Aws::EmptyStructure; end
 
     # @!attribute [rw] emergency_contact_list
-    #   A list of email addresses that the DRT can use to contact you during
-    #   a suspected attack.
+    #   A list of email addresses and phone numbers that the DDoS Response
+    #   Team (DRT) can use to contact you if you have proactive engagement
+    #   enabled, for escalations to the DRT and to initiate proactive
+    #   customer support.
     #   @return [Array<Types::EmergencyContact>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeEmergencyContactSettingsResponse AWS API Documentation
@@ -569,6 +611,16 @@ module Aws::Shield
       include Aws::Structure
     end
 
+    # @api private
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableProactiveEngagementRequest AWS API Documentation
+    #
+    class DisableProactiveEngagementRequest < Aws::EmptyStructure; end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableProactiveEngagementResponse AWS API Documentation
+    #
+    class DisableProactiveEngagementResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass DisassociateDRTLogBucketRequest
     #   data as a hash:
     #
@@ -631,28 +683,50 @@ module Aws::Shield
     #
     class DisassociateHealthCheckResponse < Aws::EmptyStructure; end
 
-    # Contact information that the DRT can use to contact you during a
-    # suspected attack.
+    # Contact information that the DRT can use to contact you if you have
+    # proactive engagement enabled, for escalations to the DRT and to
+    # initiate proactive customer support.
     #
     # @note When making an API call, you may pass EmergencyContact
     #   data as a hash:
     #
     #       {
     #         email_address: "EmailAddress", # required
+    #         phone_number: "PhoneNumber",
+    #         contact_notes: "ContactNotes",
     #       }
     #
     # @!attribute [rw] email_address
-    #   An email address that the DRT can use to contact you during a
-    #   suspected attack.
+    #   The email address for the contact.
+    #   @return [String]
+    #
+    # @!attribute [rw] phone_number
+    #   The phone number for the contact.
+    #   @return [String]
+    #
+    # @!attribute [rw] contact_notes
+    #   Additional notes regarding the contact.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/EmergencyContact AWS API Documentation
     #
     class EmergencyContact < Struct.new(
-      :email_address)
+      :email_address,
+      :phone_number,
+      :contact_notes)
       include Aws::Structure
     end
 
+    # @api private
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/EnableProactiveEngagementRequest AWS API Documentation
+    #
+    class EnableProactiveEngagementRequest < Aws::EmptyStructure; end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/EnableProactiveEngagementResponse AWS API Documentation
+    #
+    class EnableProactiveEngagementResponse < Aws::EmptyStructure; end
+
     # @api private
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/GetSubscriptionStateRequest AWS API Documentation
@@ -976,8 +1050,8 @@ module Aws::Shield
       include Aws::Structure
     end
 
-    # Exception that indicates that the protection state has been modified
-    # by another client. You can retry the request.
+    # Exception that indicates that the resource state has been modified by
+    # another client. Retrieve the resource and then retry your request.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -1107,6 +1181,19 @@ module Aws::Shield
     #   Specifies how many protections of a given type you can create.
     #   @return [Array<Types::Limit>]
     #
+    # @!attribute [rw] proactive_engagement_status
+    #   If `ENABLED`, the DDoS Response Team (DRT) will use email and phone
+    #   to notify contacts about escalations to the DRT and to initiate
+    #   proactive customer support.
+    #
+    #   If `PENDING`, you have requested proactive engagement and the
+    #   request is pending. The status changes to `ENABLED` when your
+    #   request is fully processed.
+    #
+    #   If `DISABLED`, the DRT will not proactively notify contacts about
+    #   escalations or to initiate proactive customer support.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/Subscription AWS API Documentation
     #
     class Subscription < Struct.new(
@@ -1114,7 +1201,8 @@ module Aws::Shield
       :end_time,
       :time_commitment_in_seconds,
       :auto_renew,
-      :limits)
+      :limits,
+      :proactive_engagement_status)
       include Aws::Structure
     end
 
@@ -1217,13 +1305,20 @@ module Aws::Shield
     #         emergency_contact_list: [
     #           {
     #             email_address: "EmailAddress", # required
+    #             phone_number: "PhoneNumber",
+    #             contact_notes: "ContactNotes",
     #           },
     #         ],
     #       }
     #
     # @!attribute [rw] emergency_contact_list
-    #   A list of email addresses that the DRT can use to contact you during
-    #   a suspected attack.
+    #   A list of email addresses and phone numbers that the DDoS Response
+    #   Team (DRT) can use to contact you if you have proactive engagement
+    #   enabled, for escalations to the DRT and to initiate proactive
+    #   customer support.
+    #
+    #   If you have proactive engagement enabled, the contact list must
+    #   include at least one phone number.
     #   @return [Array<Types::EmergencyContact>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateEmergencyContactSettingsRequest AWS API Documentation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-shield
 version: !ruby/object:Gem::Version
-  version: 1.22.0
+  version: 1.27.1
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-02-14 00:00:00.000000000 Z
+date: 2020-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.71.0
+        version: 3.99.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.71.0
+        version: 3.99.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -81,7 +81,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.2.3
+rubygems_version: 2.7.6.2
 signing_key: 
 specification_version: 4
 summary: AWS SDK for Ruby - AWS Shield