aws-sdk-shield 1.42.0 → 1.46.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-shield/client.rb +287 -106
- data/lib/aws-sdk-shield/client_api.rb +85 -2
- data/lib/aws-sdk-shield/types.rb +398 -143
- data/lib/aws-sdk-shield.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 3d6373ad000ef650e2a98a06c6fcd44c468774dbedc8f5f4450bf35f2411e6d0
|
|
4
|
+
data.tar.gz: 2794b2131ca23284317bbd039e2e609b6397c3c355b414e59d60a9207c373540
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ba883b89690540cc2192236a09bd9f788ba90d500b1ca721625a35536d3944b8eec690565078861da0c420e5be33056c3f7f73fde89d3cfa064e24513f708e60
|
|
7
|
+
data.tar.gz: 3d93922ae49a9117f570d86b80e3d16ace1b744954c9b73e5b1d366630f42370c1b697ad2c9a62667115a7c2edabad5c9e8b8fb8f80fb5849288027fe362c391
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,26 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.46.0 (2021-12-21)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
8
|
+
|
|
9
|
+
1.45.0 (2021-12-01)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - This release adds API support for Automatic Application Layer DDoS Mitigation for AWS Shield Advanced. Customers can now enable automatic DDoS mitigation in count or block mode for layer 7 protected resources.
|
|
13
|
+
|
|
14
|
+
1.44.0 (2021-11-30)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
18
|
+
|
|
19
|
+
1.43.0 (2021-11-04)
|
|
20
|
+
------------------
|
|
21
|
+
|
|
22
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
23
|
+
|
|
4
24
|
1.42.0 (2021-10-18)
|
|
5
25
|
------------------
|
|
6
26
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.46.0
|
|
@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
|
|
27
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
|
28
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
|
29
29
|
require 'aws-sdk-core/plugins/http_checksum.rb'
|
|
30
|
+
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
|
30
31
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
|
31
32
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
32
33
|
|
|
@@ -73,6 +74,7 @@ module Aws::Shield
|
|
|
73
74
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
|
74
75
|
add_plugin(Aws::Plugins::TransferEncoding)
|
|
75
76
|
add_plugin(Aws::Plugins::HttpChecksum)
|
|
77
|
+
add_plugin(Aws::Plugins::DefaultsMode)
|
|
76
78
|
add_plugin(Aws::Plugins::SignatureV4)
|
|
77
79
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
|
78
80
|
|
|
@@ -119,7 +121,9 @@ module Aws::Shield
|
|
|
119
121
|
# * EC2/ECS IMDS instance profile - When used by default, the timeouts
|
|
120
122
|
# are very aggressive. Construct and pass an instance of
|
|
121
123
|
# `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
|
|
122
|
-
# enable retries and extended timeouts.
|
|
124
|
+
# enable retries and extended timeouts. Instance profile credential
|
|
125
|
+
# fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
|
|
126
|
+
# to true.
|
|
123
127
|
#
|
|
124
128
|
# @option options [required, String] :region
|
|
125
129
|
# The AWS region to connect to. The configured `:region` is
|
|
@@ -173,6 +177,10 @@ module Aws::Shield
|
|
|
173
177
|
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
|
174
178
|
# a clock skew correction and retry requests with skewed client clocks.
|
|
175
179
|
#
|
|
180
|
+
# @option options [String] :defaults_mode ("legacy")
|
|
181
|
+
# See {Aws::DefaultsModeConfiguration} for a list of the
|
|
182
|
+
# accepted modes and the configuration defaults that are included.
|
|
183
|
+
#
|
|
176
184
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
|
177
185
|
# Set to true to disable SDK automatically adding host prefix
|
|
178
186
|
# to default service endpoint when available.
|
|
@@ -285,6 +293,15 @@ module Aws::Shield
|
|
|
285
293
|
# ** Please note ** When response stubbing is enabled, no HTTP
|
|
286
294
|
# requests are made, and retries are disabled.
|
|
287
295
|
#
|
|
296
|
+
# @option options [Boolean] :use_dualstack_endpoint
|
|
297
|
+
# When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
|
|
298
|
+
# will be used if available.
|
|
299
|
+
#
|
|
300
|
+
# @option options [Boolean] :use_fips_endpoint
|
|
301
|
+
# When set to `true`, fips compatible endpoints will be used if available.
|
|
302
|
+
# When a `fips` region is used, the region is normalized and this config
|
|
303
|
+
# is set to `true`.
|
|
304
|
+
#
|
|
288
305
|
# @option options [Boolean] :validate_params (true)
|
|
289
306
|
# When `true`, request parameters are validated before
|
|
290
307
|
# sending the request.
|
|
@@ -296,7 +313,7 @@ module Aws::Shield
|
|
|
296
313
|
# seconds to wait when opening a HTTP session before raising a
|
|
297
314
|
# `Timeout::Error`.
|
|
298
315
|
#
|
|
299
|
-
# @option options [
|
|
316
|
+
# @option options [Float] :http_read_timeout (60) The default
|
|
300
317
|
# number of seconds to wait for response data. This value can
|
|
301
318
|
# safely be set per-request on the session.
|
|
302
319
|
#
|
|
@@ -312,6 +329,9 @@ module Aws::Shield
|
|
|
312
329
|
# disables this behaviour. This value can safely be set per
|
|
313
330
|
# request on the session.
|
|
314
331
|
#
|
|
332
|
+
# @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
|
|
333
|
+
# in seconds.
|
|
334
|
+
#
|
|
315
335
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
|
316
336
|
# HTTP debug output will be sent to the `:logger`.
|
|
317
337
|
#
|
|
@@ -348,8 +368,8 @@ module Aws::Shield
|
|
|
348
368
|
#
|
|
349
369
|
#
|
|
350
370
|
#
|
|
351
|
-
# [1]: https://aws.amazon.com/premiumsupport/business-support/
|
|
352
|
-
# [2]: https://aws.amazon.com/premiumsupport/enterprise-support/
|
|
371
|
+
# [1]: https://docs.aws.amazon.com/premiumsupport/business-support/
|
|
372
|
+
# [2]: https://docs.aws.amazon.com/premiumsupport/enterprise-support/
|
|
353
373
|
#
|
|
354
374
|
# @option params [required, String] :log_bucket
|
|
355
375
|
# The Amazon S3 bucket that contains the logs that you want to share.
|
|
@@ -382,13 +402,12 @@ module Aws::Shield
|
|
|
382
402
|
# `RoleArn`.
|
|
383
403
|
#
|
|
384
404
|
# Prior to making the `AssociateDRTRole` request, you must attach the
|
|
385
|
-
#
|
|
386
|
-
# specify in the request.
|
|
387
|
-
#
|
|
388
|
-
#
|
|
389
|
-
#
|
|
390
|
-
#
|
|
391
|
-
# Elements: Principal][2].
|
|
405
|
+
# `AWSShieldDRTAccessPolicy` managed policy to the role that you'll
|
|
406
|
+
# specify in the request. You can access this policy in the IAM console
|
|
407
|
+
# at [AWSShieldDRTAccessPolicy][1]. For more information see [Adding and
|
|
408
|
+
# removing IAM identity permissions][2]. The role must also trust the
|
|
409
|
+
# service principal `drt.shield.amazonaws.com`. For more information,
|
|
410
|
+
# see [IAM JSON policy elements: Principal][3].
|
|
392
411
|
#
|
|
393
412
|
# The SRT will have access only to your WAF and Shield resources. By
|
|
394
413
|
# submitting this request, you authorize the SRT to inspect your WAF and
|
|
@@ -397,20 +416,21 @@ module Aws::Shield
|
|
|
397
416
|
# by you.
|
|
398
417
|
#
|
|
399
418
|
# You must have the `iam:PassRole` permission to make an
|
|
400
|
-
# `AssociateDRTRole` request. For more information, see [Granting a
|
|
401
|
-
#
|
|
419
|
+
# `AssociateDRTRole` request. For more information, see [Granting a user
|
|
420
|
+
# permissions to pass a role to an Amazon Web Services service][4].
|
|
402
421
|
#
|
|
403
422
|
# To use the services of the SRT and make an `AssociateDRTRole` request,
|
|
404
|
-
# you must be subscribed to the [Business Support plan][
|
|
405
|
-
# [Enterprise Support plan][
|
|
423
|
+
# you must be subscribed to the [Business Support plan][5] or the
|
|
424
|
+
# [Enterprise Support plan][6].
|
|
406
425
|
#
|
|
407
426
|
#
|
|
408
427
|
#
|
|
409
428
|
# [1]: https://console.aws.amazon.com/iam/home?#/policies/arn:aws:iam::aws:policy/service-role/AWSShieldDRTAccessPolicy
|
|
410
|
-
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/
|
|
411
|
-
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/
|
|
412
|
-
# [4]: https://aws.amazon.com/
|
|
413
|
-
# [5]: https://aws.amazon.com/premiumsupport/
|
|
429
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_manage-attach-detach.html
|
|
430
|
+
# [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html
|
|
431
|
+
# [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html
|
|
432
|
+
# [5]: https://docs.aws.amazon.com/premiumsupport/business-support/
|
|
433
|
+
# [6]: https://docs.aws.amazon.com/premiumsupport/enterprise-support/
|
|
414
434
|
#
|
|
415
435
|
# @option params [required, String] :role_arn
|
|
416
436
|
# The Amazon Resource Name (ARN) of the role the SRT will use to access
|
|
@@ -445,9 +465,9 @@ module Aws::Shield
|
|
|
445
465
|
# Adds health-based detection to the Shield Advanced protection for a
|
|
446
466
|
# resource. Shield Advanced health-based detection uses the health of
|
|
447
467
|
# your Amazon Web Services resource to improve responsiveness and
|
|
448
|
-
# accuracy in attack detection and
|
|
468
|
+
# accuracy in attack detection and response.
|
|
449
469
|
#
|
|
450
|
-
# You define the health check in Route
|
|
470
|
+
# You define the health check in Route 53 and then associate it with
|
|
451
471
|
# your Shield Advanced protection. For more information, see [Shield
|
|
452
472
|
# Advanced Health-Based Detection][1] in the *WAF Developer Guide*.
|
|
453
473
|
#
|
|
@@ -541,17 +561,18 @@ module Aws::Shield
|
|
|
541
561
|
# Enables Shield Advanced for a specific Amazon Web Services resource.
|
|
542
562
|
# The resource can be an Amazon CloudFront distribution, Elastic Load
|
|
543
563
|
# Balancing load balancer, Global Accelerator accelerator, Elastic IP
|
|
544
|
-
# Address, or an Amazon Route
|
|
564
|
+
# Address, or an Amazon Route 53 hosted zone.
|
|
545
565
|
#
|
|
546
566
|
# You can add protection to only a single resource with each
|
|
547
|
-
# CreateProtection request.
|
|
548
|
-
# resources at once
|
|
549
|
-
# [
|
|
550
|
-
#
|
|
567
|
+
# `CreateProtection` request. You can add protection to multiple
|
|
568
|
+
# resources at once through the Shield Advanced console at
|
|
569
|
+
# [https://console.aws.amazon.com/wafv2/shieldv2#/][1]. For more
|
|
570
|
+
# information see [Getting Started with Shield Advanced][2] and [Adding
|
|
571
|
+
# Shield Advanced protection to Amazon Web Services resources][3].
|
|
551
572
|
#
|
|
552
573
|
#
|
|
553
574
|
#
|
|
554
|
-
# [1]: https://console.aws.amazon.com/
|
|
575
|
+
# [1]: https://console.aws.amazon.com/wafv2/shieldv2#/
|
|
555
576
|
# [2]: https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html
|
|
556
577
|
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/configure-new-protection.html
|
|
557
578
|
#
|
|
@@ -577,7 +598,7 @@ module Aws::Shield
|
|
|
577
598
|
# * For an Global Accelerator accelerator:
|
|
578
599
|
# `arn:aws:globalaccelerator::account-id:accelerator/accelerator-id `
|
|
579
600
|
#
|
|
580
|
-
# * For Amazon Route
|
|
601
|
+
# * For Amazon Route 53: `arn:aws:route53:::hostedzone/hosted-zone-id `
|
|
581
602
|
#
|
|
582
603
|
# * For an Elastic IP address:
|
|
583
604
|
# `arn:aws:ec2:region:account-id:eip-allocation/allocation-id `
|
|
@@ -772,7 +793,7 @@ module Aws::Shield
|
|
|
772
793
|
# Describes the details of a DDoS attack.
|
|
773
794
|
#
|
|
774
795
|
# @option params [required, String] :attack_id
|
|
775
|
-
# The unique identifier (ID) for the attack
|
|
796
|
+
# The unique identifier (ID) for the attack.
|
|
776
797
|
#
|
|
777
798
|
# @return [Types::DescribeAttackResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
778
799
|
#
|
|
@@ -956,6 +977,7 @@ module Aws::Shield
|
|
|
956
977
|
# resp.protection.health_check_ids #=> Array
|
|
957
978
|
# resp.protection.health_check_ids[0] #=> String
|
|
958
979
|
# resp.protection.protection_arn #=> String
|
|
980
|
+
# resp.protection.application_layer_automatic_response_configuration.status #=> String, one of "ENABLED", "DISABLED"
|
|
959
981
|
#
|
|
960
982
|
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DescribeProtection AWS API Documentation
|
|
961
983
|
#
|
|
@@ -1035,6 +1057,31 @@ module Aws::Shield
|
|
|
1035
1057
|
req.send_request(options)
|
|
1036
1058
|
end
|
|
1037
1059
|
|
|
1060
|
+
# Disable the Shield Advanced automatic application layer DDoS
|
|
1061
|
+
# mitigation feature for the resource. This stops Shield Advanced from
|
|
1062
|
+
# creating, verifying, and applying WAF rules for attacks that it
|
|
1063
|
+
# detects for the resource.
|
|
1064
|
+
#
|
|
1065
|
+
# @option params [required, String] :resource_arn
|
|
1066
|
+
# The ARN (Amazon Resource Name) of the resource.
|
|
1067
|
+
#
|
|
1068
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1069
|
+
#
|
|
1070
|
+
# @example Request syntax with placeholder values
|
|
1071
|
+
#
|
|
1072
|
+
# resp = client.disable_application_layer_automatic_response({
|
|
1073
|
+
# resource_arn: "ResourceArn", # required
|
|
1074
|
+
# })
|
|
1075
|
+
#
|
|
1076
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisableApplicationLayerAutomaticResponse AWS API Documentation
|
|
1077
|
+
#
|
|
1078
|
+
# @overload disable_application_layer_automatic_response(params = {})
|
|
1079
|
+
# @param [Hash] params ({})
|
|
1080
|
+
def disable_application_layer_automatic_response(params = {}, options = {})
|
|
1081
|
+
req = build_request(:disable_application_layer_automatic_response, params)
|
|
1082
|
+
req.send_request(options)
|
|
1083
|
+
end
|
|
1084
|
+
|
|
1038
1085
|
# Removes authorization from the Shield Response Team (SRT) to notify
|
|
1039
1086
|
# contacts about escalations to the SRT and to initiate proactive
|
|
1040
1087
|
# customer support.
|
|
@@ -1053,18 +1100,6 @@ module Aws::Shield
|
|
|
1053
1100
|
# Removes the Shield Response Team's (SRT) access to the specified
|
|
1054
1101
|
# Amazon S3 bucket containing the logs that you shared previously.
|
|
1055
1102
|
#
|
|
1056
|
-
# To make a `DisassociateDRTLogBucket` request, you must be subscribed
|
|
1057
|
-
# to the [Business Support plan][1] or the [Enterprise Support plan][2].
|
|
1058
|
-
# However, if you are not subscribed to one of these support plans, but
|
|
1059
|
-
# had been previously and had granted the SRT access to your account,
|
|
1060
|
-
# you can submit a `DisassociateDRTLogBucket` request to remove this
|
|
1061
|
-
# access.
|
|
1062
|
-
#
|
|
1063
|
-
#
|
|
1064
|
-
#
|
|
1065
|
-
# [1]: https://aws.amazon.com/premiumsupport/business-support/
|
|
1066
|
-
# [2]: https://aws.amazon.com/premiumsupport/enterprise-support/
|
|
1067
|
-
#
|
|
1068
1103
|
# @option params [required, String] :log_bucket
|
|
1069
1104
|
# The Amazon S3 bucket that contains the logs that you want to share.
|
|
1070
1105
|
#
|
|
@@ -1088,17 +1123,6 @@ module Aws::Shield
|
|
|
1088
1123
|
# Removes the Shield Response Team's (SRT) access to your Amazon Web
|
|
1089
1124
|
# Services account.
|
|
1090
1125
|
#
|
|
1091
|
-
# To make a `DisassociateDRTRole` request, you must be subscribed to the
|
|
1092
|
-
# [Business Support plan][1] or the [Enterprise Support plan][2].
|
|
1093
|
-
# However, if you are not subscribed to one of these support plans, but
|
|
1094
|
-
# had been previously and had granted the SRT access to your account,
|
|
1095
|
-
# you can submit a `DisassociateDRTRole` request to remove this access.
|
|
1096
|
-
#
|
|
1097
|
-
#
|
|
1098
|
-
#
|
|
1099
|
-
# [1]: https://aws.amazon.com/premiumsupport/business-support/
|
|
1100
|
-
# [2]: https://aws.amazon.com/premiumsupport/enterprise-support/
|
|
1101
|
-
#
|
|
1102
1126
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1103
1127
|
#
|
|
1104
1128
|
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/DisassociateDRTRole AWS API Documentation
|
|
@@ -1113,9 +1137,9 @@ module Aws::Shield
|
|
|
1113
1137
|
# Removes health-based detection from the Shield Advanced protection for
|
|
1114
1138
|
# a resource. Shield Advanced health-based detection uses the health of
|
|
1115
1139
|
# your Amazon Web Services resource to improve responsiveness and
|
|
1116
|
-
# accuracy in attack detection and
|
|
1140
|
+
# accuracy in attack detection and response.
|
|
1117
1141
|
#
|
|
1118
|
-
# You define the health check in Route
|
|
1142
|
+
# You define the health check in Route 53 and then associate or
|
|
1119
1143
|
# disassociate it with your Shield Advanced protection. For more
|
|
1120
1144
|
# information, see [Shield Advanced Health-Based Detection][1] in the
|
|
1121
1145
|
# *WAF Developer Guide*.
|
|
@@ -1150,6 +1174,76 @@ module Aws::Shield
|
|
|
1150
1174
|
req.send_request(options)
|
|
1151
1175
|
end
|
|
1152
1176
|
|
|
1177
|
+
# Enable the Shield Advanced automatic application layer DDoS mitigation
|
|
1178
|
+
# for the resource.
|
|
1179
|
+
#
|
|
1180
|
+
# <note markdown="1"> This feature is available for Amazon CloudFront distributions only.
|
|
1181
|
+
#
|
|
1182
|
+
# </note>
|
|
1183
|
+
#
|
|
1184
|
+
# This causes Shield Advanced to create, verify, and apply WAF rules for
|
|
1185
|
+
# DDoS attacks that it detects for the resource. Shield Advanced applies
|
|
1186
|
+
# the rules in a Shield rule group inside the web ACL that you've
|
|
1187
|
+
# associated with the resource. For information about how automatic
|
|
1188
|
+
# mitigation works and the requirements for using it, see [Shield
|
|
1189
|
+
# Advanced automatic application layer DDoS mitigation][1].
|
|
1190
|
+
#
|
|
1191
|
+
# Don't use this action to make changes to automatic mitigation
|
|
1192
|
+
# settings when it's already enabled for a resource. Instead, use
|
|
1193
|
+
# UpdateApplicationLayerAutomaticResponse.
|
|
1194
|
+
#
|
|
1195
|
+
# To use this feature, you must associate a web ACL with the protected
|
|
1196
|
+
# resource. The web ACL must be created using the latest version of WAF
|
|
1197
|
+
# (v2). You can associate the web ACL through the Shield Advanced
|
|
1198
|
+
# console at [https://console.aws.amazon.com/wafv2/shieldv2#/][2]. For
|
|
1199
|
+
# more information, see [Getting Started with Shield Advanced][3].
|
|
1200
|
+
#
|
|
1201
|
+
# You can also do this through the WAF console or the WAF API, but you
|
|
1202
|
+
# must manage Shield Advanced automatic mitigation through Shield
|
|
1203
|
+
# Advanced. For information about WAF, see [WAF Developer Guide][4].
|
|
1204
|
+
#
|
|
1205
|
+
#
|
|
1206
|
+
#
|
|
1207
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-automatic-app-layer-response.html
|
|
1208
|
+
# [2]: https://console.aws.amazon.com/wafv2/shieldv2#/
|
|
1209
|
+
# [3]: https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html
|
|
1210
|
+
# [4]: https://docs.aws.amazon.com/waf/latest/developerguide/
|
|
1211
|
+
#
|
|
1212
|
+
# @option params [required, String] :resource_arn
|
|
1213
|
+
# The ARN (Amazon Resource Name) of the resource.
|
|
1214
|
+
#
|
|
1215
|
+
# @option params [required, Types::ResponseAction] :action
|
|
1216
|
+
# Specifies the action setting that Shield Advanced should use in the
|
|
1217
|
+
# WAF rules that it creates on behalf of the protected resource in
|
|
1218
|
+
# response to DDoS attacks. You specify this as part of the
|
|
1219
|
+
# configuration for the automatic application layer DDoS mitigation
|
|
1220
|
+
# feature, when you enable or update automatic mitigation. Shield
|
|
1221
|
+
# Advanced creates the WAF rules in a Shield Advanced-managed rule
|
|
1222
|
+
# group, inside the web ACL that you have associated with the resource.
|
|
1223
|
+
#
|
|
1224
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1225
|
+
#
|
|
1226
|
+
# @example Request syntax with placeholder values
|
|
1227
|
+
#
|
|
1228
|
+
# resp = client.enable_application_layer_automatic_response({
|
|
1229
|
+
# resource_arn: "ResourceArn", # required
|
|
1230
|
+
# action: { # required
|
|
1231
|
+
# block: {
|
|
1232
|
+
# },
|
|
1233
|
+
# count: {
|
|
1234
|
+
# },
|
|
1235
|
+
# },
|
|
1236
|
+
# })
|
|
1237
|
+
#
|
|
1238
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/EnableApplicationLayerAutomaticResponse AWS API Documentation
|
|
1239
|
+
#
|
|
1240
|
+
# @overload enable_application_layer_automatic_response(params = {})
|
|
1241
|
+
# @param [Hash] params ({})
|
|
1242
|
+
def enable_application_layer_automatic_response(params = {}, options = {})
|
|
1243
|
+
req = build_request(:enable_application_layer_automatic_response, params)
|
|
1244
|
+
req.send_request(options)
|
|
1245
|
+
end
|
|
1246
|
+
|
|
1153
1247
|
# Authorizes the Shield Response Team (SRT) to use email and phone to
|
|
1154
1248
|
# notify contacts about escalations to the SRT and to initiate proactive
|
|
1155
1249
|
# customer support.
|
|
@@ -1188,44 +1282,56 @@ module Aws::Shield
|
|
|
1188
1282
|
# specified time period.
|
|
1189
1283
|
#
|
|
1190
1284
|
# @option params [Array<String>] :resource_arns
|
|
1191
|
-
# The
|
|
1192
|
-
#
|
|
1193
|
-
# included.
|
|
1285
|
+
# The ARNs (Amazon Resource Names) of the resources that were attacked.
|
|
1286
|
+
# If you leave this blank, all applicable resources for this account
|
|
1287
|
+
# will be included.
|
|
1194
1288
|
#
|
|
1195
1289
|
# @option params [Types::TimeRange] :start_time
|
|
1196
1290
|
# The start of the time period for the attacks. This is a `timestamp`
|
|
1197
|
-
# type. The
|
|
1198
|
-
#
|
|
1199
|
-
#
|
|
1291
|
+
# type. The request syntax listing for this call indicates a `number`
|
|
1292
|
+
# type, but you can provide the time in any valid [timestamp format][1]
|
|
1293
|
+
# setting.
|
|
1200
1294
|
#
|
|
1201
1295
|
#
|
|
1202
1296
|
#
|
|
1203
|
-
# [1]:
|
|
1297
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters-types.html#parameter-type-timestamp
|
|
1204
1298
|
#
|
|
1205
1299
|
# @option params [Types::TimeRange] :end_time
|
|
1206
1300
|
# The end of the time period for the attacks. This is a `timestamp`
|
|
1207
|
-
# type. The
|
|
1208
|
-
#
|
|
1209
|
-
#
|
|
1301
|
+
# type. The request syntax listing for this call indicates a `number`
|
|
1302
|
+
# type, but you can provide the time in any valid [timestamp format][1]
|
|
1303
|
+
# setting.
|
|
1210
1304
|
#
|
|
1211
1305
|
#
|
|
1212
1306
|
#
|
|
1213
|
-
# [1]:
|
|
1307
|
+
# [1]: https://docs.aws.amazon.com/cli/latest/userguide/cli-usage-parameters-types.html#parameter-type-timestamp
|
|
1214
1308
|
#
|
|
1215
1309
|
# @option params [String] :next_token
|
|
1216
|
-
#
|
|
1217
|
-
#
|
|
1310
|
+
# When you request a list of objects from Shield Advanced, if the
|
|
1311
|
+
# response does not include all of the remaining available objects,
|
|
1312
|
+
# Shield Advanced includes a `NextToken` value in the response. You can
|
|
1313
|
+
# retrieve the next batch of objects by requesting the list again and
|
|
1314
|
+
# providing the token that was returned by the prior call in your
|
|
1315
|
+
# request.
|
|
1316
|
+
#
|
|
1317
|
+
# You can indicate the maximum number of objects that you want Shield
|
|
1318
|
+
# Advanced to return for a single call with the `MaxResults` setting.
|
|
1319
|
+
# Shield Advanced will not return more than `MaxResults` objects, but
|
|
1320
|
+
# may return fewer, even if more objects are still available.
|
|
1321
|
+
#
|
|
1322
|
+
# Whenever more objects remain that Shield Advanced has not yet returned
|
|
1323
|
+
# to you, the response will include a `NextToken` value.
|
|
1324
|
+
#
|
|
1325
|
+
# On your first call to a list operation, leave this setting empty.
|
|
1218
1326
|
#
|
|
1219
1327
|
# @option params [Integer] :max_results
|
|
1220
|
-
# The
|
|
1221
|
-
#
|
|
1328
|
+
# The greatest number of objects that you want Shield Advanced to return
|
|
1329
|
+
# to the list request. Shield Advanced might return fewer objects than
|
|
1330
|
+
# you indicate in this setting, even if more objects are available. If
|
|
1331
|
+
# there are more objects remaining, Shield Advanced will always also
|
|
1332
|
+
# return a `NextToken` value in the response.
|
|
1222
1333
|
#
|
|
1223
|
-
#
|
|
1224
|
-
# smaller batches. That is, the number of objects returned could be less
|
|
1225
|
-
# than `MaxResults`, even if there are still more objects yet to return.
|
|
1226
|
-
# If there are more objects to return, Shield Advanced returns a value
|
|
1227
|
-
# in `NextToken` that you can use in your next request, to get the next
|
|
1228
|
-
# batch of objects.
|
|
1334
|
+
# The default setting is 20.
|
|
1229
1335
|
#
|
|
1230
1336
|
# @return [Types::ListAttacksResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1231
1337
|
#
|
|
@@ -1273,19 +1379,31 @@ module Aws::Shield
|
|
|
1273
1379
|
# Retrieves the ProtectionGroup objects for the account.
|
|
1274
1380
|
#
|
|
1275
1381
|
# @option params [String] :next_token
|
|
1276
|
-
#
|
|
1277
|
-
#
|
|
1382
|
+
# When you request a list of objects from Shield Advanced, if the
|
|
1383
|
+
# response does not include all of the remaining available objects,
|
|
1384
|
+
# Shield Advanced includes a `NextToken` value in the response. You can
|
|
1385
|
+
# retrieve the next batch of objects by requesting the list again and
|
|
1386
|
+
# providing the token that was returned by the prior call in your
|
|
1387
|
+
# request.
|
|
1388
|
+
#
|
|
1389
|
+
# You can indicate the maximum number of objects that you want Shield
|
|
1390
|
+
# Advanced to return for a single call with the `MaxResults` setting.
|
|
1391
|
+
# Shield Advanced will not return more than `MaxResults` objects, but
|
|
1392
|
+
# may return fewer, even if more objects are still available.
|
|
1393
|
+
#
|
|
1394
|
+
# Whenever more objects remain that Shield Advanced has not yet returned
|
|
1395
|
+
# to you, the response will include a `NextToken` value.
|
|
1396
|
+
#
|
|
1397
|
+
# On your first call to a list operation, leave this setting empty.
|
|
1278
1398
|
#
|
|
1279
1399
|
# @option params [Integer] :max_results
|
|
1280
|
-
# The
|
|
1281
|
-
#
|
|
1400
|
+
# The greatest number of objects that you want Shield Advanced to return
|
|
1401
|
+
# to the list request. Shield Advanced might return fewer objects than
|
|
1402
|
+
# you indicate in this setting, even if more objects are available. If
|
|
1403
|
+
# there are more objects remaining, Shield Advanced will always also
|
|
1404
|
+
# return a `NextToken` value in the response.
|
|
1282
1405
|
#
|
|
1283
|
-
#
|
|
1284
|
-
# smaller batches. That is, the number of objects returned could be less
|
|
1285
|
-
# than `MaxResults`, even if there are still more objects yet to return.
|
|
1286
|
-
# If there are more objects to return, Shield Advanced returns a value
|
|
1287
|
-
# in `NextToken` that you can use in your next request, to get the next
|
|
1288
|
-
# batch of objects.
|
|
1406
|
+
# The default setting is 20.
|
|
1289
1407
|
#
|
|
1290
1408
|
# @return [Types::ListProtectionGroupsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1291
1409
|
#
|
|
@@ -1325,19 +1443,31 @@ module Aws::Shield
|
|
|
1325
1443
|
# Lists all Protection objects for the account.
|
|
1326
1444
|
#
|
|
1327
1445
|
# @option params [String] :next_token
|
|
1328
|
-
#
|
|
1329
|
-
#
|
|
1446
|
+
# When you request a list of objects from Shield Advanced, if the
|
|
1447
|
+
# response does not include all of the remaining available objects,
|
|
1448
|
+
# Shield Advanced includes a `NextToken` value in the response. You can
|
|
1449
|
+
# retrieve the next batch of objects by requesting the list again and
|
|
1450
|
+
# providing the token that was returned by the prior call in your
|
|
1451
|
+
# request.
|
|
1452
|
+
#
|
|
1453
|
+
# You can indicate the maximum number of objects that you want Shield
|
|
1454
|
+
# Advanced to return for a single call with the `MaxResults` setting.
|
|
1455
|
+
# Shield Advanced will not return more than `MaxResults` objects, but
|
|
1456
|
+
# may return fewer, even if more objects are still available.
|
|
1457
|
+
#
|
|
1458
|
+
# Whenever more objects remain that Shield Advanced has not yet returned
|
|
1459
|
+
# to you, the response will include a `NextToken` value.
|
|
1460
|
+
#
|
|
1461
|
+
# On your first call to a list operation, leave this setting empty.
|
|
1330
1462
|
#
|
|
1331
1463
|
# @option params [Integer] :max_results
|
|
1332
|
-
# The
|
|
1333
|
-
#
|
|
1464
|
+
# The greatest number of objects that you want Shield Advanced to return
|
|
1465
|
+
# to the list request. Shield Advanced might return fewer objects than
|
|
1466
|
+
# you indicate in this setting, even if more objects are available. If
|
|
1467
|
+
# there are more objects remaining, Shield Advanced will always also
|
|
1468
|
+
# return a `NextToken` value in the response.
|
|
1334
1469
|
#
|
|
1335
|
-
#
|
|
1336
|
-
# smaller batches. That is, the number of objects returned could be less
|
|
1337
|
-
# than `MaxResults`, even if there are still more objects yet to return.
|
|
1338
|
-
# If there are more objects to return, Shield Advanced returns a value
|
|
1339
|
-
# in `NextToken` that you can use in your next request, to get the next
|
|
1340
|
-
# batch of objects.
|
|
1470
|
+
# The default setting is 20.
|
|
1341
1471
|
#
|
|
1342
1472
|
# @return [Types::ListProtectionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1343
1473
|
#
|
|
@@ -1362,6 +1492,7 @@ module Aws::Shield
|
|
|
1362
1492
|
# resp.protections[0].health_check_ids #=> Array
|
|
1363
1493
|
# resp.protections[0].health_check_ids[0] #=> String
|
|
1364
1494
|
# resp.protections[0].protection_arn #=> String
|
|
1495
|
+
# resp.protections[0].application_layer_automatic_response_configuration.status #=> String, one of "ENABLED", "DISABLED"
|
|
1365
1496
|
# resp.next_token #=> String
|
|
1366
1497
|
#
|
|
1367
1498
|
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/ListProtections AWS API Documentation
|
|
@@ -1381,19 +1512,31 @@ module Aws::Shield
|
|
|
1381
1512
|
# example to update, delete, or describe it.
|
|
1382
1513
|
#
|
|
1383
1514
|
# @option params [String] :next_token
|
|
1384
|
-
#
|
|
1385
|
-
#
|
|
1515
|
+
# When you request a list of objects from Shield Advanced, if the
|
|
1516
|
+
# response does not include all of the remaining available objects,
|
|
1517
|
+
# Shield Advanced includes a `NextToken` value in the response. You can
|
|
1518
|
+
# retrieve the next batch of objects by requesting the list again and
|
|
1519
|
+
# providing the token that was returned by the prior call in your
|
|
1520
|
+
# request.
|
|
1521
|
+
#
|
|
1522
|
+
# You can indicate the maximum number of objects that you want Shield
|
|
1523
|
+
# Advanced to return for a single call with the `MaxResults` setting.
|
|
1524
|
+
# Shield Advanced will not return more than `MaxResults` objects, but
|
|
1525
|
+
# may return fewer, even if more objects are still available.
|
|
1526
|
+
#
|
|
1527
|
+
# Whenever more objects remain that Shield Advanced has not yet returned
|
|
1528
|
+
# to you, the response will include a `NextToken` value.
|
|
1529
|
+
#
|
|
1530
|
+
# On your first call to a list operation, leave this setting empty.
|
|
1386
1531
|
#
|
|
1387
1532
|
# @option params [Integer] :max_results
|
|
1388
|
-
# The
|
|
1389
|
-
#
|
|
1533
|
+
# The greatest number of objects that you want Shield Advanced to return
|
|
1534
|
+
# to the list request. Shield Advanced might return fewer objects than
|
|
1535
|
+
# you indicate in this setting, even if more objects are available. If
|
|
1536
|
+
# there are more objects remaining, Shield Advanced will always also
|
|
1537
|
+
# return a `NextToken` value in the response.
|
|
1390
1538
|
#
|
|
1391
|
-
#
|
|
1392
|
-
# smaller batches. That is, the number of objects returned could be less
|
|
1393
|
-
# than `MaxResults`, even if there are still more objects yet to return.
|
|
1394
|
-
# If there are more objects to return, Shield Advanced returns a value
|
|
1395
|
-
# in `NextToken` that you can use in your next request, to get the next
|
|
1396
|
-
# batch of objects.
|
|
1539
|
+
# The default setting is 20.
|
|
1397
1540
|
#
|
|
1398
1541
|
# @return [Types::ListResourcesInProtectionGroupResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1399
1542
|
#
|
|
@@ -1515,6 +1658,44 @@ module Aws::Shield
|
|
|
1515
1658
|
req.send_request(options)
|
|
1516
1659
|
end
|
|
1517
1660
|
|
|
1661
|
+
# Updates an existing Shield Advanced automatic application layer DDoS
|
|
1662
|
+
# mitigation configuration for the specified resource.
|
|
1663
|
+
#
|
|
1664
|
+
# @option params [required, String] :resource_arn
|
|
1665
|
+
# The ARN (Amazon Resource Name) of the resource.
|
|
1666
|
+
#
|
|
1667
|
+
# @option params [required, Types::ResponseAction] :action
|
|
1668
|
+
# Specifies the action setting that Shield Advanced should use in the
|
|
1669
|
+
# WAF rules that it creates on behalf of the protected resource in
|
|
1670
|
+
# response to DDoS attacks. You specify this as part of the
|
|
1671
|
+
# configuration for the automatic application layer DDoS mitigation
|
|
1672
|
+
# feature, when you enable or update automatic mitigation. Shield
|
|
1673
|
+
# Advanced creates the WAF rules in a Shield Advanced-managed rule
|
|
1674
|
+
# group, inside the web ACL that you have associated with the resource.
|
|
1675
|
+
#
|
|
1676
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
1677
|
+
#
|
|
1678
|
+
# @example Request syntax with placeholder values
|
|
1679
|
+
#
|
|
1680
|
+
# resp = client.update_application_layer_automatic_response({
|
|
1681
|
+
# resource_arn: "ResourceArn", # required
|
|
1682
|
+
# action: { # required
|
|
1683
|
+
# block: {
|
|
1684
|
+
# },
|
|
1685
|
+
# count: {
|
|
1686
|
+
# },
|
|
1687
|
+
# },
|
|
1688
|
+
# })
|
|
1689
|
+
#
|
|
1690
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/shield-2016-06-02/UpdateApplicationLayerAutomaticResponse AWS API Documentation
|
|
1691
|
+
#
|
|
1692
|
+
# @overload update_application_layer_automatic_response(params = {})
|
|
1693
|
+
# @param [Hash] params ({})
|
|
1694
|
+
def update_application_layer_automatic_response(params = {}, options = {})
|
|
1695
|
+
req = build_request(:update_application_layer_automatic_response, params)
|
|
1696
|
+
req.send_request(options)
|
|
1697
|
+
end
|
|
1698
|
+
|
|
1518
1699
|
# Updates the details of the list of email addresses and phone numbers
|
|
1519
1700
|
# that the Shield Response Team (SRT) can use to contact you if you have
|
|
1520
1701
|
# proactive engagement enabled, for escalations to the SRT and to
|
|
@@ -1659,7 +1840,7 @@ module Aws::Shield
|
|
|
1659
1840
|
params: params,
|
|
1660
1841
|
config: config)
|
|
1661
1842
|
context[:gem_name] = 'aws-sdk-shield'
|
|
1662
|
-
context[:gem_version] = '1.
|
|
1843
|
+
context[:gem_version] = '1.46.0'
|
|
1663
1844
|
Seahorse::Client::Request.new(handlers, context)
|
|
1664
1845
|
end
|
|
1665
1846
|
|