@aws-sdk/client-network-firewall 3.181.0 → 3.185.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +24 -0
- package/README.md +2 -2
- package/dist-cjs/models/models_0.js +8 -3
- package/dist-cjs/protocols/Aws_json1_0.js +4 -2
- package/dist-es/models/models_0.js +5 -0
- package/dist-es/protocols/Aws_json1_0.js +4 -3
- package/dist-types/NetworkFirewall.d.ts +2 -2
- package/dist-types/NetworkFirewallClient.d.ts +2 -2
- package/dist-types/models/models_0.d.ts +20 -2
- package/dist-types/ts3.4/models/models_0.d.ts +5 -0
- package/package.json +33 -33
package/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,30 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
|
|
5
5
|
|
|
6
|
+
# [3.185.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.184.0...v3.185.0) (2022-10-05)
|
|
7
|
+
|
|
8
|
+
|
|
9
|
+
### Bug Fixes
|
|
10
|
+
|
|
11
|
+
* **codegen:** add deser check for x-amz-request-id ([#4015](https://github.com/aws/aws-sdk-js-v3/issues/4015)) ([6ff07bd](https://github.com/aws/aws-sdk-js-v3/commit/6ff07bd7e72bd56725f318013ac1d6d0fbbcdd9a))
|
|
12
|
+
|
|
13
|
+
|
|
14
|
+
### Features
|
|
15
|
+
|
|
16
|
+
* **client-network-firewall:** StreamExceptionPolicy configures how AWS Network Firewall processes traffic when a network connection breaks midstream ([caa6cba](https://github.com/aws/aws-sdk-js-v3/commit/caa6cbace1e049926106c6aeddfcf631d3d5b2ef))
|
|
17
|
+
|
|
18
|
+
|
|
19
|
+
|
|
20
|
+
|
|
21
|
+
|
|
22
|
+
# [3.183.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.182.0...v3.183.0) (2022-10-03)
|
|
23
|
+
|
|
24
|
+
**Note:** Version bump only for package @aws-sdk/client-network-firewall
|
|
25
|
+
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
|
|
6
30
|
# [3.181.0](https://github.com/aws/aws-sdk-js-v3/compare/v3.180.0...v3.181.0) (2022-09-29)
|
|
7
31
|
|
|
8
32
|
|
package/README.md
CHANGED
|
@@ -35,9 +35,9 @@ Guide</a>.</p>
|
|
|
35
35
|
prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the
|
|
36
36
|
perimeter of your VPC. This includes filtering traffic going to and coming from an internet
|
|
37
37
|
gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible
|
|
38
|
-
with Suricata, a free, open source
|
|
38
|
+
with Suricata, a free, open source network analysis and threat detection engine.
|
|
39
39
|
Network Firewall supports Suricata version 5.0.2. For information about Suricata,
|
|
40
|
-
see the <a href="https://suricata
|
|
40
|
+
see the <a href="https://suricata.io/">Suricata website</a>.</p>
|
|
41
41
|
<p>You can use Network Firewall to monitor and protect your VPC traffic in a number of ways.
|
|
42
42
|
The following are just a few examples: </p>
|
|
43
43
|
<ul>
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
4
|
-
exports.
|
|
5
|
-
exports.UpdateSubnetChangeProtectionResponseFilterSensitiveLog = exports.UpdateSubnetChangeProtectionRequestFilterSensitiveLog = exports.UpdateRuleGroupResponseFilterSensitiveLog = exports.UpdateRuleGroupRequestFilterSensitiveLog = exports.UpdateLoggingConfigurationResponseFilterSensitiveLog = exports.UpdateLoggingConfigurationRequestFilterSensitiveLog = exports.UpdateFirewallPolicyChangeProtectionResponseFilterSensitiveLog = exports.UpdateFirewallPolicyChangeProtectionRequestFilterSensitiveLog = exports.UpdateFirewallPolicyResponseFilterSensitiveLog = exports.UpdateFirewallPolicyRequestFilterSensitiveLog = exports.UpdateFirewallEncryptionConfigurationResponseFilterSensitiveLog = exports.UpdateFirewallEncryptionConfigurationRequestFilterSensitiveLog = exports.UpdateFirewallDescriptionResponseFilterSensitiveLog = exports.UpdateFirewallDescriptionRequestFilterSensitiveLog = exports.UpdateFirewallDeleteProtectionResponseFilterSensitiveLog = exports.UpdateFirewallDeleteProtectionRequestFilterSensitiveLog = exports.UntagResourceResponseFilterSensitiveLog = exports.UntagResourceRequestFilterSensitiveLog = exports.TagResourceResponseFilterSensitiveLog = exports.TagResourceRequestFilterSensitiveLog = exports.PutResourcePolicyResponseFilterSensitiveLog = exports.PutResourcePolicyRequestFilterSensitiveLog = exports.ListTagsForResourceResponseFilterSensitiveLog = exports.ListTagsForResourceRequestFilterSensitiveLog = exports.ListRuleGroupsResponseFilterSensitiveLog = exports.RuleGroupMetadataFilterSensitiveLog = exports.ListRuleGroupsRequestFilterSensitiveLog = exports.ListFirewallsResponseFilterSensitiveLog = exports.ListFirewallsRequestFilterSensitiveLog = exports.ListFirewallPoliciesResponseFilterSensitiveLog = exports.ListFirewallPoliciesRequestFilterSensitiveLog = exports.FirewallPolicyMetadataFilterSensitiveLog = exports.FirewallMetadataFilterSensitiveLog = exports.DisassociateSubnetsResponseFilterSensitiveLog = exports.DisassociateSubnetsRequestFilterSensitiveLog = exports.DescribeRuleGroupMetadataResponseFilterSensitiveLog = exports.DescribeRuleGroupMetadataRequestFilterSensitiveLog = exports.DescribeRuleGroupResponseFilterSensitiveLog = exports.DescribeRuleGroupRequestFilterSensitiveLog = exports.DescribeResourcePolicyResponseFilterSensitiveLog = void 0;
|
|
3
|
+
exports.PerObjectStatusFilterSensitiveLog = exports.FirewallFilterSensitiveLog = exports.CreateFirewallRequestFilterSensitiveLog = exports.TagFilterSensitiveLog = exports.EncryptionConfigurationFilterSensitiveLog = exports.CapacityUsageSummaryFilterSensitiveLog = exports.CIDRSummaryFilterSensitiveLog = exports.IPSetMetadataFilterSensitiveLog = exports.AttachmentFilterSensitiveLog = exports.AssociateSubnetsResponseFilterSensitiveLog = exports.AssociateSubnetsRequestFilterSensitiveLog = exports.SubnetMappingFilterSensitiveLog = exports.AssociateFirewallPolicyResponseFilterSensitiveLog = exports.AssociateFirewallPolicyRequestFilterSensitiveLog = exports.AddressFilterSensitiveLog = exports.ActionDefinitionFilterSensitiveLog = exports.PublishMetricActionFilterSensitiveLog = exports.DimensionFilterSensitiveLog = exports.ResourceOwnerCheckException = exports.LogDestinationPermissionException = exports.ResourceManagedStatus = exports.ResourceManagedType = exports.LogType = exports.LogDestinationType = exports.InvalidResourcePolicyException = exports.UnsupportedOperationException = exports.RuleGroupType = exports.TCPFlag = exports.StatefulRuleProtocol = exports.StatefulRuleDirection = exports.StatefulAction = exports.TargetType = exports.GeneratedRulesType = exports.ResourceStatus = exports.OverrideAction = exports.StreamExceptionPolicy = exports.RuleOrder = exports.LimitExceededException = exports.PerObjectSyncStatus = exports.FirewallStatusValue = exports.EncryptionType = exports.ConfigurationSyncState = exports.AttachmentStatus = exports.InsufficientCapacityException = exports.ThrottlingException = exports.ResourceNotFoundException = exports.InvalidTokenException = exports.InvalidRequestException = exports.InvalidOperationException = exports.InternalServerError = void 0;
|
|
4
|
+
exports.DescribeLoggingConfigurationResponseFilterSensitiveLog = exports.LoggingConfigurationFilterSensitiveLog = exports.LogDestinationConfigFilterSensitiveLog = exports.DescribeLoggingConfigurationRequestFilterSensitiveLog = exports.DescribeFirewallPolicyResponseFilterSensitiveLog = exports.DescribeFirewallPolicyRequestFilterSensitiveLog = exports.DescribeFirewallResponseFilterSensitiveLog = exports.DescribeFirewallRequestFilterSensitiveLog = exports.DeleteRuleGroupResponseFilterSensitiveLog = exports.DeleteRuleGroupRequestFilterSensitiveLog = exports.DeleteResourcePolicyResponseFilterSensitiveLog = exports.DeleteResourcePolicyRequestFilterSensitiveLog = exports.DeleteFirewallPolicyResponseFilterSensitiveLog = exports.DeleteFirewallPolicyRequestFilterSensitiveLog = exports.DeleteFirewallResponseFilterSensitiveLog = exports.DeleteFirewallRequestFilterSensitiveLog = exports.CreateRuleGroupResponseFilterSensitiveLog = exports.RuleGroupResponseFilterSensitiveLog = exports.CreateRuleGroupRequestFilterSensitiveLog = exports.SourceMetadataFilterSensitiveLog = exports.RuleGroupFilterSensitiveLog = exports.StatefulRuleOptionsFilterSensitiveLog = exports.RuleVariablesFilterSensitiveLog = exports.PortSetFilterSensitiveLog = exports.IPSetFilterSensitiveLog = exports.RulesSourceFilterSensitiveLog = exports.StatelessRulesAndCustomActionsFilterSensitiveLog = exports.StatelessRuleFilterSensitiveLog = exports.RuleDefinitionFilterSensitiveLog = exports.MatchAttributesFilterSensitiveLog = exports.TCPFlagFieldFilterSensitiveLog = exports.PortRangeFilterSensitiveLog = exports.StatefulRuleFilterSensitiveLog = exports.RuleOptionFilterSensitiveLog = exports.HeaderFilterSensitiveLog = exports.RulesSourceListFilterSensitiveLog = exports.ReferenceSetsFilterSensitiveLog = exports.IPSetReferenceFilterSensitiveLog = exports.CreateFirewallPolicyResponseFilterSensitiveLog = exports.FirewallPolicyResponseFilterSensitiveLog = exports.CreateFirewallPolicyRequestFilterSensitiveLog = exports.FirewallPolicyFilterSensitiveLog = exports.StatelessRuleGroupReferenceFilterSensitiveLog = exports.CustomActionFilterSensitiveLog = exports.StatefulRuleGroupReferenceFilterSensitiveLog = exports.StatefulRuleGroupOverrideFilterSensitiveLog = exports.StatefulEngineOptionsFilterSensitiveLog = exports.CreateFirewallResponseFilterSensitiveLog = exports.FirewallStatusFilterSensitiveLog = exports.SyncStateFilterSensitiveLog = void 0;
|
|
5
|
+
exports.UpdateSubnetChangeProtectionResponseFilterSensitiveLog = exports.UpdateSubnetChangeProtectionRequestFilterSensitiveLog = exports.UpdateRuleGroupResponseFilterSensitiveLog = exports.UpdateRuleGroupRequestFilterSensitiveLog = exports.UpdateLoggingConfigurationResponseFilterSensitiveLog = exports.UpdateLoggingConfigurationRequestFilterSensitiveLog = exports.UpdateFirewallPolicyChangeProtectionResponseFilterSensitiveLog = exports.UpdateFirewallPolicyChangeProtectionRequestFilterSensitiveLog = exports.UpdateFirewallPolicyResponseFilterSensitiveLog = exports.UpdateFirewallPolicyRequestFilterSensitiveLog = exports.UpdateFirewallEncryptionConfigurationResponseFilterSensitiveLog = exports.UpdateFirewallEncryptionConfigurationRequestFilterSensitiveLog = exports.UpdateFirewallDescriptionResponseFilterSensitiveLog = exports.UpdateFirewallDescriptionRequestFilterSensitiveLog = exports.UpdateFirewallDeleteProtectionResponseFilterSensitiveLog = exports.UpdateFirewallDeleteProtectionRequestFilterSensitiveLog = exports.UntagResourceResponseFilterSensitiveLog = exports.UntagResourceRequestFilterSensitiveLog = exports.TagResourceResponseFilterSensitiveLog = exports.TagResourceRequestFilterSensitiveLog = exports.PutResourcePolicyResponseFilterSensitiveLog = exports.PutResourcePolicyRequestFilterSensitiveLog = exports.ListTagsForResourceResponseFilterSensitiveLog = exports.ListTagsForResourceRequestFilterSensitiveLog = exports.ListRuleGroupsResponseFilterSensitiveLog = exports.RuleGroupMetadataFilterSensitiveLog = exports.ListRuleGroupsRequestFilterSensitiveLog = exports.ListFirewallsResponseFilterSensitiveLog = exports.ListFirewallsRequestFilterSensitiveLog = exports.ListFirewallPoliciesResponseFilterSensitiveLog = exports.ListFirewallPoliciesRequestFilterSensitiveLog = exports.FirewallPolicyMetadataFilterSensitiveLog = exports.FirewallMetadataFilterSensitiveLog = exports.DisassociateSubnetsResponseFilterSensitiveLog = exports.DisassociateSubnetsRequestFilterSensitiveLog = exports.DescribeRuleGroupMetadataResponseFilterSensitiveLog = exports.DescribeRuleGroupMetadataRequestFilterSensitiveLog = exports.DescribeRuleGroupResponseFilterSensitiveLog = exports.DescribeRuleGroupRequestFilterSensitiveLog = exports.DescribeResourcePolicyResponseFilterSensitiveLog = exports.DescribeResourcePolicyRequestFilterSensitiveLog = void 0;
|
|
6
6
|
const NetworkFirewallServiceException_1 = require("./NetworkFirewallServiceException");
|
|
7
7
|
class InternalServerError extends NetworkFirewallServiceException_1.NetworkFirewallServiceException {
|
|
8
8
|
constructor(opts) {
|
|
@@ -151,6 +151,11 @@ var RuleOrder;
|
|
|
151
151
|
RuleOrder["DEFAULT_ACTION_ORDER"] = "DEFAULT_ACTION_ORDER";
|
|
152
152
|
RuleOrder["STRICT_ORDER"] = "STRICT_ORDER";
|
|
153
153
|
})(RuleOrder = exports.RuleOrder || (exports.RuleOrder = {}));
|
|
154
|
+
var StreamExceptionPolicy;
|
|
155
|
+
(function (StreamExceptionPolicy) {
|
|
156
|
+
StreamExceptionPolicy["CONTINUE"] = "CONTINUE";
|
|
157
|
+
StreamExceptionPolicy["DROP"] = "DROP";
|
|
158
|
+
})(StreamExceptionPolicy = exports.StreamExceptionPolicy || (exports.StreamExceptionPolicy = {}));
|
|
154
159
|
var OverrideAction;
|
|
155
160
|
(function (OverrideAction) {
|
|
156
161
|
OverrideAction["DROP_TO_ALERT"] = "DROP_TO_ALERT";
|
|
@@ -2341,6 +2341,7 @@ const serializeAws_json1_0StatefulActions = (input, context) => {
|
|
|
2341
2341
|
const serializeAws_json1_0StatefulEngineOptions = (input, context) => {
|
|
2342
2342
|
return {
|
|
2343
2343
|
...(input.RuleOrder != null && { RuleOrder: input.RuleOrder }),
|
|
2344
|
+
...(input.StreamExceptionPolicy != null && { StreamExceptionPolicy: input.StreamExceptionPolicy }),
|
|
2344
2345
|
};
|
|
2345
2346
|
};
|
|
2346
2347
|
const serializeAws_json1_0StatefulRule = (input, context) => {
|
|
@@ -3302,6 +3303,7 @@ const deserializeAws_json1_0StatefulActions = (output, context) => {
|
|
|
3302
3303
|
const deserializeAws_json1_0StatefulEngineOptions = (output, context) => {
|
|
3303
3304
|
return {
|
|
3304
3305
|
RuleOrder: (0, smithy_client_1.expectString)(output.RuleOrder),
|
|
3306
|
+
StreamExceptionPolicy: (0, smithy_client_1.expectString)(output.StreamExceptionPolicy),
|
|
3305
3307
|
};
|
|
3306
3308
|
};
|
|
3307
3309
|
const deserializeAws_json1_0StatefulRule = (output, context) => {
|
|
@@ -3585,10 +3587,10 @@ const deserializeAws_json1_0VariableDefinitionList = (output, context) => {
|
|
|
3585
3587
|
return retVal;
|
|
3586
3588
|
};
|
|
3587
3589
|
const deserializeMetadata = (output) => {
|
|
3588
|
-
var _a;
|
|
3590
|
+
var _a, _b;
|
|
3589
3591
|
return ({
|
|
3590
3592
|
httpStatusCode: output.statusCode,
|
|
3591
|
-
requestId: (_a = output.headers["x-amzn-requestid"]) !== null && _a !== void 0 ? _a : output.headers["x-amzn-request-id"],
|
|
3593
|
+
requestId: (_b = (_a = output.headers["x-amzn-requestid"]) !== null && _a !== void 0 ? _a : output.headers["x-amzn-request-id"]) !== null && _b !== void 0 ? _b : output.headers["x-amz-request-id"],
|
|
3592
3594
|
extendedRequestId: output.headers["x-amz-id-2"],
|
|
3593
3595
|
cfId: output.headers["x-amz-cf-id"],
|
|
3594
3596
|
});
|
|
@@ -139,6 +139,11 @@ export var RuleOrder;
|
|
|
139
139
|
RuleOrder["DEFAULT_ACTION_ORDER"] = "DEFAULT_ACTION_ORDER";
|
|
140
140
|
RuleOrder["STRICT_ORDER"] = "STRICT_ORDER";
|
|
141
141
|
})(RuleOrder || (RuleOrder = {}));
|
|
142
|
+
export var StreamExceptionPolicy;
|
|
143
|
+
(function (StreamExceptionPolicy) {
|
|
144
|
+
StreamExceptionPolicy["CONTINUE"] = "CONTINUE";
|
|
145
|
+
StreamExceptionPolicy["DROP"] = "DROP";
|
|
146
|
+
})(StreamExceptionPolicy || (StreamExceptionPolicy = {}));
|
|
142
147
|
export var OverrideAction;
|
|
143
148
|
(function (OverrideAction) {
|
|
144
149
|
OverrideAction["DROP_TO_ALERT"] = "DROP_TO_ALERT";
|
|
@@ -2838,7 +2838,7 @@ var serializeAws_json1_0StatefulActions = function (input, context) {
|
|
|
2838
2838
|
});
|
|
2839
2839
|
};
|
|
2840
2840
|
var serializeAws_json1_0StatefulEngineOptions = function (input, context) {
|
|
2841
|
-
return __assign({}, (input.RuleOrder != null && { RuleOrder: input.RuleOrder }));
|
|
2841
|
+
return __assign(__assign({}, (input.RuleOrder != null && { RuleOrder: input.RuleOrder })), (input.StreamExceptionPolicy != null && { StreamExceptionPolicy: input.StreamExceptionPolicy }));
|
|
2842
2842
|
};
|
|
2843
2843
|
var serializeAws_json1_0StatefulRule = function (input, context) {
|
|
2844
2844
|
return __assign(__assign(__assign({}, (input.Action != null && { Action: input.Action })), (input.Header != null && { Header: serializeAws_json1_0Header(input.Header, context) })), (input.RuleOptions != null && { RuleOptions: serializeAws_json1_0RuleOptions(input.RuleOptions, context) }));
|
|
@@ -3711,6 +3711,7 @@ var deserializeAws_json1_0StatefulActions = function (output, context) {
|
|
|
3711
3711
|
var deserializeAws_json1_0StatefulEngineOptions = function (output, context) {
|
|
3712
3712
|
return {
|
|
3713
3713
|
RuleOrder: __expectString(output.RuleOrder),
|
|
3714
|
+
StreamExceptionPolicy: __expectString(output.StreamExceptionPolicy),
|
|
3714
3715
|
};
|
|
3715
3716
|
};
|
|
3716
3717
|
var deserializeAws_json1_0StatefulRule = function (output, context) {
|
|
@@ -3992,10 +3993,10 @@ var deserializeAws_json1_0VariableDefinitionList = function (output, context) {
|
|
|
3992
3993
|
return retVal;
|
|
3993
3994
|
};
|
|
3994
3995
|
var deserializeMetadata = function (output) {
|
|
3995
|
-
var _a;
|
|
3996
|
+
var _a, _b;
|
|
3996
3997
|
return ({
|
|
3997
3998
|
httpStatusCode: output.statusCode,
|
|
3998
|
-
requestId: (_a = output.headers["x-amzn-requestid"]) !== null && _a !== void 0 ? _a : output.headers["x-amzn-request-id"],
|
|
3999
|
+
requestId: (_b = (_a = output.headers["x-amzn-requestid"]) !== null && _a !== void 0 ? _a : output.headers["x-amzn-request-id"]) !== null && _b !== void 0 ? _b : output.headers["x-amz-request-id"],
|
|
3999
4000
|
extendedRequestId: output.headers["x-amz-id-2"],
|
|
4000
4001
|
cfId: output.headers["x-amz-cf-id"],
|
|
4001
4002
|
});
|
|
@@ -58,9 +58,9 @@ import { NetworkFirewallClient } from "./NetworkFirewallClient";
|
|
|
58
58
|
* prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the
|
|
59
59
|
* perimeter of your VPC. This includes filtering traffic going to and coming from an internet
|
|
60
60
|
* gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible
|
|
61
|
-
* with Suricata, a free, open source
|
|
61
|
+
* with Suricata, a free, open source network analysis and threat detection engine.
|
|
62
62
|
* Network Firewall supports Suricata version 5.0.2. For information about Suricata,
|
|
63
|
-
* see the <a href="https://suricata
|
|
63
|
+
* see the <a href="https://suricata.io/">Suricata website</a>.</p>
|
|
64
64
|
* <p>You can use Network Firewall to monitor and protect your VPC traffic in a number of ways.
|
|
65
65
|
* The following are just a few examples: </p>
|
|
66
66
|
* <ul>
|
|
@@ -183,9 +183,9 @@ export interface NetworkFirewallClientResolvedConfig extends NetworkFirewallClie
|
|
|
183
183
|
* prevention service for Amazon Virtual Private Cloud (Amazon VPC). With Network Firewall, you can filter traffic at the
|
|
184
184
|
* perimeter of your VPC. This includes filtering traffic going to and coming from an internet
|
|
185
185
|
* gateway, NAT gateway, or over VPN or Direct Connect. Network Firewall uses rules that are compatible
|
|
186
|
-
* with Suricata, a free, open source
|
|
186
|
+
* with Suricata, a free, open source network analysis and threat detection engine.
|
|
187
187
|
* Network Firewall supports Suricata version 5.0.2. For information about Suricata,
|
|
188
|
-
* see the <a href="https://suricata
|
|
188
|
+
* see the <a href="https://suricata.io/">Suricata website</a>.</p>
|
|
189
189
|
* <p>You can use Network Firewall to monitor and protect your VPC traffic in a number of ways.
|
|
190
190
|
* The following are just a few examples: </p>
|
|
191
191
|
* <ul>
|
|
@@ -607,6 +607,10 @@ export declare enum RuleOrder {
|
|
|
607
607
|
DEFAULT_ACTION_ORDER = "DEFAULT_ACTION_ORDER",
|
|
608
608
|
STRICT_ORDER = "STRICT_ORDER"
|
|
609
609
|
}
|
|
610
|
+
export declare enum StreamExceptionPolicy {
|
|
611
|
+
CONTINUE = "CONTINUE",
|
|
612
|
+
DROP = "DROP"
|
|
613
|
+
}
|
|
610
614
|
/**
|
|
611
615
|
* <p>Configuration settings for the handling of the stateful rule groups in a firewall policy. </p>
|
|
612
616
|
*/
|
|
@@ -619,6 +623,20 @@ export interface StatefulEngineOptions {
|
|
|
619
623
|
* </p>
|
|
620
624
|
*/
|
|
621
625
|
RuleOrder?: RuleOrder | string;
|
|
626
|
+
/**
|
|
627
|
+
* <p>Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself.</p>
|
|
628
|
+
* <ul>
|
|
629
|
+
* <li>
|
|
630
|
+
* <p>
|
|
631
|
+
* <code>DROP</code> - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior.</p>
|
|
632
|
+
* </li>
|
|
633
|
+
* <li>
|
|
634
|
+
* <p>
|
|
635
|
+
* <code>CONTINUE</code> - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to <code>drop http</code> traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a <code>flow:stateless</code> rule would still match, as would the <code>aws:drop_strict</code> default action.</p>
|
|
636
|
+
* </li>
|
|
637
|
+
* </ul>
|
|
638
|
+
*/
|
|
639
|
+
StreamExceptionPolicy?: StreamExceptionPolicy | string;
|
|
622
640
|
}
|
|
623
641
|
export declare enum OverrideAction {
|
|
624
642
|
DROP_TO_ALERT = "DROP_TO_ALERT"
|
|
@@ -1058,7 +1076,7 @@ export interface RuleOption {
|
|
|
1058
1076
|
* <p>A single Suricata rules specification, for use in a stateful rule group.
|
|
1059
1077
|
* Use this option to specify a simple Suricata rule with protocol, source and destination, ports, direction, and rule options.
|
|
1060
1078
|
* For information about the Suricata <code>Rules</code> format, see
|
|
1061
|
-
* <a href="https://suricata.readthedocs.io/
|
|
1079
|
+
* <a href="https://suricata.readthedocs.io/rules/intro.html#">Rules Format</a>. </p>
|
|
1062
1080
|
*/
|
|
1063
1081
|
export interface StatefulRule {
|
|
1064
1082
|
/**
|
|
@@ -1305,7 +1323,7 @@ export interface RulesSource {
|
|
|
1305
1323
|
* <p>An array of individual stateful rules inspection criteria to be used together in a stateful rule group.
|
|
1306
1324
|
* Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options.
|
|
1307
1325
|
* For information about the Suricata <code>Rules</code> format, see
|
|
1308
|
-
* <a href="https://suricata.readthedocs.io/
|
|
1326
|
+
* <a href="https://suricata.readthedocs.io/rules/intro.html#">Rules Format</a>. </p>
|
|
1309
1327
|
*/
|
|
1310
1328
|
StatefulRules?: StatefulRule[];
|
|
1311
1329
|
/**
|
|
@@ -200,8 +200,13 @@ export declare enum RuleOrder {
|
|
|
200
200
|
DEFAULT_ACTION_ORDER = "DEFAULT_ACTION_ORDER",
|
|
201
201
|
STRICT_ORDER = "STRICT_ORDER",
|
|
202
202
|
}
|
|
203
|
+
export declare enum StreamExceptionPolicy {
|
|
204
|
+
CONTINUE = "CONTINUE",
|
|
205
|
+
DROP = "DROP",
|
|
206
|
+
}
|
|
203
207
|
export interface StatefulEngineOptions {
|
|
204
208
|
RuleOrder?: RuleOrder | string;
|
|
209
|
+
StreamExceptionPolicy?: StreamExceptionPolicy | string;
|
|
205
210
|
}
|
|
206
211
|
export declare enum OverrideAction {
|
|
207
212
|
DROP_TO_ALERT = "DROP_TO_ALERT",
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/client-network-firewall",
|
|
3
3
|
"description": "AWS SDK for JavaScript Network Firewall Client for Node.js, Browser and React Native",
|
|
4
|
-
"version": "3.
|
|
4
|
+
"version": "3.185.0",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
|
|
7
7
|
"build:cjs": "tsc -p tsconfig.cjs.json",
|
|
@@ -19,41 +19,41 @@
|
|
|
19
19
|
"dependencies": {
|
|
20
20
|
"@aws-crypto/sha256-browser": "2.0.0",
|
|
21
21
|
"@aws-crypto/sha256-js": "2.0.0",
|
|
22
|
-
"@aws-sdk/client-sts": "3.
|
|
23
|
-
"@aws-sdk/config-resolver": "3.
|
|
24
|
-
"@aws-sdk/credential-provider-node": "3.
|
|
25
|
-
"@aws-sdk/fetch-http-handler": "3.
|
|
26
|
-
"@aws-sdk/hash-node": "3.
|
|
27
|
-
"@aws-sdk/invalid-dependency": "3.
|
|
28
|
-
"@aws-sdk/middleware-content-length": "3.
|
|
29
|
-
"@aws-sdk/middleware-host-header": "3.
|
|
30
|
-
"@aws-sdk/middleware-logger": "3.
|
|
31
|
-
"@aws-sdk/middleware-recursion-detection": "3.
|
|
32
|
-
"@aws-sdk/middleware-retry": "3.
|
|
33
|
-
"@aws-sdk/middleware-serde": "3.
|
|
34
|
-
"@aws-sdk/middleware-signing": "3.
|
|
35
|
-
"@aws-sdk/middleware-stack": "3.
|
|
36
|
-
"@aws-sdk/middleware-user-agent": "3.
|
|
37
|
-
"@aws-sdk/node-config-provider": "3.
|
|
38
|
-
"@aws-sdk/node-http-handler": "3.
|
|
39
|
-
"@aws-sdk/protocol-http": "3.
|
|
40
|
-
"@aws-sdk/smithy-client": "3.
|
|
41
|
-
"@aws-sdk/types": "3.
|
|
42
|
-
"@aws-sdk/url-parser": "3.
|
|
43
|
-
"@aws-sdk/util-base64-browser": "3.
|
|
44
|
-
"@aws-sdk/util-base64-node": "3.
|
|
45
|
-
"@aws-sdk/util-body-length-browser": "3.
|
|
46
|
-
"@aws-sdk/util-body-length-node": "3.
|
|
47
|
-
"@aws-sdk/util-defaults-mode-browser": "3.
|
|
48
|
-
"@aws-sdk/util-defaults-mode-node": "3.
|
|
49
|
-
"@aws-sdk/util-user-agent-browser": "3.
|
|
50
|
-
"@aws-sdk/util-user-agent-node": "3.
|
|
51
|
-
"@aws-sdk/util-utf8-browser": "3.
|
|
52
|
-
"@aws-sdk/util-utf8-node": "3.
|
|
22
|
+
"@aws-sdk/client-sts": "3.185.0",
|
|
23
|
+
"@aws-sdk/config-resolver": "3.183.0",
|
|
24
|
+
"@aws-sdk/credential-provider-node": "3.185.0",
|
|
25
|
+
"@aws-sdk/fetch-http-handler": "3.183.0",
|
|
26
|
+
"@aws-sdk/hash-node": "3.183.0",
|
|
27
|
+
"@aws-sdk/invalid-dependency": "3.183.0",
|
|
28
|
+
"@aws-sdk/middleware-content-length": "3.183.0",
|
|
29
|
+
"@aws-sdk/middleware-host-header": "3.183.0",
|
|
30
|
+
"@aws-sdk/middleware-logger": "3.183.0",
|
|
31
|
+
"@aws-sdk/middleware-recursion-detection": "3.183.0",
|
|
32
|
+
"@aws-sdk/middleware-retry": "3.185.0",
|
|
33
|
+
"@aws-sdk/middleware-serde": "3.183.0",
|
|
34
|
+
"@aws-sdk/middleware-signing": "3.183.0",
|
|
35
|
+
"@aws-sdk/middleware-stack": "3.183.0",
|
|
36
|
+
"@aws-sdk/middleware-user-agent": "3.183.0",
|
|
37
|
+
"@aws-sdk/node-config-provider": "3.183.0",
|
|
38
|
+
"@aws-sdk/node-http-handler": "3.185.0",
|
|
39
|
+
"@aws-sdk/protocol-http": "3.183.0",
|
|
40
|
+
"@aws-sdk/smithy-client": "3.183.0",
|
|
41
|
+
"@aws-sdk/types": "3.183.0",
|
|
42
|
+
"@aws-sdk/url-parser": "3.183.0",
|
|
43
|
+
"@aws-sdk/util-base64-browser": "3.183.0",
|
|
44
|
+
"@aws-sdk/util-base64-node": "3.183.0",
|
|
45
|
+
"@aws-sdk/util-body-length-browser": "3.183.0",
|
|
46
|
+
"@aws-sdk/util-body-length-node": "3.183.0",
|
|
47
|
+
"@aws-sdk/util-defaults-mode-browser": "3.183.0",
|
|
48
|
+
"@aws-sdk/util-defaults-mode-node": "3.183.0",
|
|
49
|
+
"@aws-sdk/util-user-agent-browser": "3.183.0",
|
|
50
|
+
"@aws-sdk/util-user-agent-node": "3.183.0",
|
|
51
|
+
"@aws-sdk/util-utf8-browser": "3.183.0",
|
|
52
|
+
"@aws-sdk/util-utf8-node": "3.183.0",
|
|
53
53
|
"tslib": "^2.3.1"
|
|
54
54
|
},
|
|
55
55
|
"devDependencies": {
|
|
56
|
-
"@aws-sdk/service-client-documentation-generator": "3.
|
|
56
|
+
"@aws-sdk/service-client-documentation-generator": "3.183.0",
|
|
57
57
|
"@tsconfig/recommended": "1.0.1",
|
|
58
58
|
"@types/node": "^12.7.5",
|
|
59
59
|
"concurrently": "7.0.0",
|