@aws-sdk/client-network-firewall 3.43.0 → 3.45.0

package/dist-types/models/models_0.d.ts

@@ -667,11 +667,11 @@ export declare enum RuleOrder {
  */
 export interface StatefulEngineOptions {
     /**
-     * <p>Indicates how to manage the order of stateful rule evaluation for the policy. By default, Network Firewall
-     *            leaves the rule evaluation order up to the Suricata rule processing engine. If you set
-     *            this to <code>STRICT_ORDER</code>, your rules are evaluated in the exact order that you provide them
-     *            in the policy. With strict ordering, the rule groups are evaluated by order of priority, starting from the lowest number, and
-     *            the rules in each rule group are processed in the order that they're defined. </p>
+     * <p>Indicates how to manage the order of stateful rule evaluation for the policy. <code>DEFAULT_ACTION_ORDER</code> is
+     *          the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them
+     *          based on certain settings. For more information, see
+     *          <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html">Evaluation order for stateful rules</a> in the <i>AWS Network Firewall Developer Guide</i>.
+     *       </p>
      */
     RuleOrder?: RuleOrder | string;
 }
@@ -681,6 +681,25 @@ export declare namespace StatefulEngineOptions {
      */
     const filterSensitiveLog: (obj: StatefulEngineOptions) => any;
 }
+export declare enum OverrideAction {
+    DROP_TO_ALERT = "DROP_TO_ALERT"
+}
+/**
+ * <p>The setting that allows the policy owner to change the behavior of the rule group within a policy. </p>
+ */
+export interface StatefulRuleGroupOverride {
+    /**
+     * <p>The action that changes the rule group from <code>DROP</code> to <code>ALERT</code>. This only applies to
+     *       managed rule groups.</p>
+     */
+    Action?: OverrideAction | string;
+}
+export declare namespace StatefulRuleGroupOverride {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: StatefulRuleGroupOverride) => any;
+}
 /**
  * <p>Identifier for a single stateful rule group, used in a firewall policy to refer to a
  *          rule group. </p>
@@ -702,6 +721,10 @@ export interface StatefulRuleGroupReference {
      *          200, and so on. </p>
      */
     Priority?: number;
+    /**
+     * <p>The action that allows the policy owner to override the behavior of the rule group within a policy.</p>
+     */
+    Override?: StatefulRuleGroupOverride;
 }
 export declare namespace StatefulRuleGroupReference {
     /**
@@ -821,7 +844,26 @@ export interface FirewallPolicy {
      */
     StatefulRuleGroupReferences?: StatefulRuleGroupReference[];
     /**
-     * <p>The default actions to take on a packet that doesn't match any stateful rules.</p>
+     * <p>The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional,
+     *          and is only valid when using the strict rule order.</p>
+     *          <p>Valid values of the stateful default action:</p>
+     *          <ul>
+     *             <li>
+     *                <p>aws:drop_strict</p>
+     *             </li>
+     *             <li>
+     *                <p>aws:drop_established</p>
+     *             </li>
+     *             <li>
+     *                <p>aws:alert_strict</p>
+     *             </li>
+     *             <li>
+     *                <p>aws:alert_established</p>
+     *             </li>
+     *          </ul>
+     *          <p>For more information, see
+     *          <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-strict-rule-evaluation-order.html">Strict evaluation order</a> in the <i>AWS Network Firewall Developer Guide</i>.
+     *       </p>
      */
     StatefulDefaultActions?: string[];
     /**
@@ -959,8 +1001,7 @@ export declare enum TargetType {
  */
 export interface RulesSourceList {
     /**
-     * <p>The domains that you want to inspect for in your traffic flows. To provide multiple
-     *          domains, separate them with commas. Valid domain specifications are the following:</p>
+     * <p>The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following:</p>
      *          <ul>
      *             <li>
      *                <p>Explicit names. For example, <code>abc.example.com</code> matches only the domain <code>abc.example.com</code>.</p>
@@ -1476,10 +1517,11 @@ export declare namespace RuleVariables {
  */
 export interface StatefulRuleOptions {
     /**
-     * <p>Indicates how to manage the order of the rule evaluation for the rule group. By default, Network Firewall
-     *            leaves the rule evaluation order up to the Suricata rule processing engine. If you set
-     *            this to <code>STRICT_ORDER</code>, your rules are evaluated in the exact order that they're listed
-     *            in your Suricata rules string. </p>
+     * <p>Indicates how to manage the order of the rule evaluation for the rule group. <code>DEFAULT_ACTION_ORDER</code> is
+     *              the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them
+     *              based on certain settings. For more information, see
+     *          <a href="https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html">Evaluation order for stateful rules</a> in the <i>AWS Network Firewall Developer Guide</i>.
+     *       </p>
      */
     RuleOrder?: RuleOrder | string;
 }
@@ -2126,6 +2168,75 @@ export declare namespace DescribeRuleGroupResponse {
      */
     const filterSensitiveLog: (obj: DescribeRuleGroupResponse) => any;
 }
+export interface DescribeRuleGroupMetadataRequest {
+    /**
+     * <p>The descriptive name of the rule group. You can't change the name of a rule group after you create it.</p>
+     *          <p>You must specify the ARN or the name, and you can specify both. </p>
+     */
+    RuleGroupName?: string;
+    /**
+     * <p>The descriptive name of the rule group. You can't change the name of a rule group after you create it.</p>
+     *          <p>You must specify the ARN or the name, and you can specify both. </p>
+     */
+    RuleGroupArn?: string;
+    /**
+     * <p>Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains
+     * stateless rules. If it is stateful, it contains stateful rules. </p>
+     *          <note>
+     *             <p>This setting is required for requests that do not include the <code>RuleGroupARN</code>.</p>
+     *          </note>
+     */
+    Type?: RuleGroupType | string;
+}
+export declare namespace DescribeRuleGroupMetadataRequest {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeRuleGroupMetadataRequest) => any;
+}
+export interface DescribeRuleGroupMetadataResponse {
+    /**
+     * <p>The descriptive name of the rule group. You can't change the name of a rule group after you create it.</p>
+     *          <p>You must specify the ARN or the name, and you can specify both. </p>
+     */
+    RuleGroupArn: string | undefined;
+    /**
+     * <p>The descriptive name of the rule group. You can't change the name of a rule group after you create it.</p>
+     *          <p>You must specify the ARN or the name, and you can specify both. </p>
+     */
+    RuleGroupName: string | undefined;
+    /**
+     * <p>Returns the metadata objects for the specified rule group.
+     *       </p>
+     */
+    Description?: string;
+    /**
+     * <p>Indicates whether the rule group is stateless or stateful. If the rule group is stateless, it contains
+     * stateless rules. If it is stateful, it contains stateful rules. </p>
+     *          <note>
+     *             <p>This setting is required for requests that do not include the <code>RuleGroupARN</code>.</p>
+     *          </note>
+     */
+    Type?: RuleGroupType | string;
+    /**
+     * <p>The maximum operating resources that this rule group can use. Rule group capacity is fixed at creation.
+     *       When you update a rule group, you are limited to this capacity. When you reference a rule group
+     *       from a firewall policy, Network Firewall reserves this capacity for the rule group. </p>
+     *          <p>You can retrieve the capacity that would be required for a rule group before you create the rule group by calling
+     *       <a>CreateRuleGroup</a> with <code>DryRun</code> set to <code>TRUE</code>. </p>
+     */
+    Capacity?: number;
+    /**
+     * <p>Additional options governing how Network Firewall handles the rule group. You can only use these for stateful rule groups.</p>
+     */
+    StatefulRuleOptions?: StatefulRuleOptions;
+}
+export declare namespace DescribeRuleGroupMetadataResponse {
+    /**
+     * @internal
+     */
+    const filterSensitiveLog: (obj: DescribeRuleGroupMetadataResponse) => any;
+}
 export interface DisassociateSubnetsRequest {
     /**
      * <p>An optional token that you can use for optimistic locking. Network Firewall returns a token to your requests that access the firewall. The token marks the state of the firewall resource at the time of the request. </p>
@@ -2306,6 +2417,10 @@ export declare namespace ListFirewallsResponse {
      */
     const filterSensitiveLog: (obj: ListFirewallsResponse) => any;
 }
+export declare enum ResourceManagedStatus {
+    ACCOUNT = "ACCOUNT",
+    MANAGED = "MANAGED"
+}
 export interface ListRuleGroupsRequest {
     /**
      * <p>When you request a list of objects with a <code>MaxResults</code> setting, if the number of objects that are still available
@@ -2319,6 +2434,12 @@ export interface ListRuleGroupsRequest {
      *          <code>NextToken</code> value that you can use in a subsequent call to get the next batch of objects.</p>
      */
     MaxResults?: number;
+    /**
+     * <p>The scope of the request. The default setting of <code>ACCOUNT</code> or a setting of
+     *          <code>NULL</code> returns all of the rule groups in your account. A setting of
+     *          <code>MANAGED</code> returns all available managed rule groups.</p>
+     */
+    Scope?: ResourceManagedStatus | string;
 }
 export declare namespace ListRuleGroupsRequest {
     /**
@@ -2577,7 +2698,9 @@ export interface UpdateFirewallDeleteProtectionResponse {
      */
     FirewallName?: string;
     /**
-     * <p></p>
+     * <p>A flag indicating whether it is possible to delete the firewall. A setting of <code>TRUE</code> indicates
+     *          that the firewall is protected against deletion. Use this setting to protect against
+     *          accidentally deleting a firewall that is in use. When you create a firewall, the operation initializes this flag to <code>TRUE</code>.</p>
      */
     DeleteProtection?: boolean;
     /**

package/dist-types/protocols/Aws_json1_0.d.ts

@@ -14,6 +14,7 @@ import { DescribeFirewallPolicyCommandInput, DescribeFirewallPolicyCommandOutput
 import { DescribeLoggingConfigurationCommandInput, DescribeLoggingConfigurationCommandOutput } from "../commands/DescribeLoggingConfigurationCommand";
 import { DescribeResourcePolicyCommandInput, DescribeResourcePolicyCommandOutput } from "../commands/DescribeResourcePolicyCommand";
 import { DescribeRuleGroupCommandInput, DescribeRuleGroupCommandOutput } from "../commands/DescribeRuleGroupCommand";
+import { DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput } from "../commands/DescribeRuleGroupMetadataCommand";
 import { DisassociateSubnetsCommandInput, DisassociateSubnetsCommandOutput } from "../commands/DisassociateSubnetsCommand";
 import { ListFirewallPoliciesCommandInput, ListFirewallPoliciesCommandOutput } from "../commands/ListFirewallPoliciesCommand";
 import { ListFirewallsCommandInput, ListFirewallsCommandOutput } from "../commands/ListFirewallsCommand";
@@ -43,6 +44,7 @@ export declare const serializeAws_json1_0DescribeFirewallPolicyCommand: (input:
 export declare const serializeAws_json1_0DescribeLoggingConfigurationCommand: (input: DescribeLoggingConfigurationCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DescribeResourcePolicyCommand: (input: DescribeResourcePolicyCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DescribeRuleGroupCommand: (input: DescribeRuleGroupCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
+export declare const serializeAws_json1_0DescribeRuleGroupMetadataCommand: (input: DescribeRuleGroupMetadataCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DisassociateSubnetsCommand: (input: DisassociateSubnetsCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0ListFirewallPoliciesCommand: (input: ListFirewallPoliciesCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0ListFirewallsCommand: (input: ListFirewallsCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
@@ -72,6 +74,7 @@ export declare const deserializeAws_json1_0DescribeFirewallPolicyCommand: (outpu
 export declare const deserializeAws_json1_0DescribeLoggingConfigurationCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeLoggingConfigurationCommandOutput>;
 export declare const deserializeAws_json1_0DescribeResourcePolicyCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeResourcePolicyCommandOutput>;
 export declare const deserializeAws_json1_0DescribeRuleGroupCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeRuleGroupCommandOutput>;
+export declare const deserializeAws_json1_0DescribeRuleGroupMetadataCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeRuleGroupMetadataCommandOutput>;
 export declare const deserializeAws_json1_0DisassociateSubnetsCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DisassociateSubnetsCommandOutput>;
 export declare const deserializeAws_json1_0ListFirewallPoliciesCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<ListFirewallPoliciesCommandOutput>;
 export declare const deserializeAws_json1_0ListFirewallsCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<ListFirewallsCommandOutput>;

package/dist-types/ts3.4/NetworkFirewall.d.ts

@@ -13,6 +13,7 @@ import { DescribeFirewallPolicyCommandInput, DescribeFirewallPolicyCommandOutput
 import { DescribeLoggingConfigurationCommandInput, DescribeLoggingConfigurationCommandOutput } from "./commands/DescribeLoggingConfigurationCommand";
 import { DescribeResourcePolicyCommandInput, DescribeResourcePolicyCommandOutput } from "./commands/DescribeResourcePolicyCommand";
 import { DescribeRuleGroupCommandInput, DescribeRuleGroupCommandOutput } from "./commands/DescribeRuleGroupCommand";
+import { DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput } from "./commands/DescribeRuleGroupMetadataCommand";
 import { DisassociateSubnetsCommandInput, DisassociateSubnetsCommandOutput } from "./commands/DisassociateSubnetsCommand";
 import { ListFirewallPoliciesCommandInput, ListFirewallPoliciesCommandOutput } from "./commands/ListFirewallPoliciesCommand";
 import { ListFirewallsCommandInput, ListFirewallsCommandOutput } from "./commands/ListFirewallsCommand";
@@ -88,6 +89,10 @@ export declare class NetworkFirewall extends NetworkFirewallClient {
     describeRuleGroup(args: DescribeRuleGroupCommandInput, cb: (err: any, data?: DescribeRuleGroupCommandOutput) => void): void;
     describeRuleGroup(args: DescribeRuleGroupCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribeRuleGroupCommandOutput) => void): void;
     
+    describeRuleGroupMetadata(args: DescribeRuleGroupMetadataCommandInput, options?: __HttpHandlerOptions): Promise<DescribeRuleGroupMetadataCommandOutput>;
+    describeRuleGroupMetadata(args: DescribeRuleGroupMetadataCommandInput, cb: (err: any, data?: DescribeRuleGroupMetadataCommandOutput) => void): void;
+    describeRuleGroupMetadata(args: DescribeRuleGroupMetadataCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribeRuleGroupMetadataCommandOutput) => void): void;
+    
     disassociateSubnets(args: DisassociateSubnetsCommandInput, options?: __HttpHandlerOptions): Promise<DisassociateSubnetsCommandOutput>;
     disassociateSubnets(args: DisassociateSubnetsCommandInput, cb: (err: any, data?: DisassociateSubnetsCommandOutput) => void): void;
     disassociateSubnets(args: DisassociateSubnetsCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DisassociateSubnetsCommandOutput) => void): void;

package/dist-types/ts3.4/NetworkFirewallClient.d.ts

@@ -20,6 +20,7 @@ import { DescribeFirewallPolicyCommandInput, DescribeFirewallPolicyCommandOutput
 import { DescribeLoggingConfigurationCommandInput, DescribeLoggingConfigurationCommandOutput } from "./commands/DescribeLoggingConfigurationCommand";
 import { DescribeResourcePolicyCommandInput, DescribeResourcePolicyCommandOutput } from "./commands/DescribeResourcePolicyCommand";
 import { DescribeRuleGroupCommandInput, DescribeRuleGroupCommandOutput } from "./commands/DescribeRuleGroupCommand";
+import { DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput } from "./commands/DescribeRuleGroupMetadataCommand";
 import { DisassociateSubnetsCommandInput, DisassociateSubnetsCommandOutput } from "./commands/DisassociateSubnetsCommand";
 import { ListFirewallPoliciesCommandInput, ListFirewallPoliciesCommandOutput } from "./commands/ListFirewallPoliciesCommand";
 import { ListFirewallsCommandInput, ListFirewallsCommandOutput } from "./commands/ListFirewallsCommand";
@@ -35,8 +36,8 @@ import { UpdateFirewallPolicyCommandInput, UpdateFirewallPolicyCommandOutput } f
 import { UpdateLoggingConfigurationCommandInput, UpdateLoggingConfigurationCommandOutput } from "./commands/UpdateLoggingConfigurationCommand";
 import { UpdateRuleGroupCommandInput, UpdateRuleGroupCommandOutput } from "./commands/UpdateRuleGroupCommand";
 import { UpdateSubnetChangeProtectionCommandInput, UpdateSubnetChangeProtectionCommandOutput } from "./commands/UpdateSubnetChangeProtectionCommand";
-export declare type ServiceInputTypes = AssociateFirewallPolicyCommandInput | AssociateSubnetsCommandInput | CreateFirewallCommandInput | CreateFirewallPolicyCommandInput | CreateRuleGroupCommandInput | DeleteFirewallCommandInput | DeleteFirewallPolicyCommandInput | DeleteResourcePolicyCommandInput | DeleteRuleGroupCommandInput | DescribeFirewallCommandInput | DescribeFirewallPolicyCommandInput | DescribeLoggingConfigurationCommandInput | DescribeResourcePolicyCommandInput | DescribeRuleGroupCommandInput | DisassociateSubnetsCommandInput | ListFirewallPoliciesCommandInput | ListFirewallsCommandInput | ListRuleGroupsCommandInput | ListTagsForResourceCommandInput | PutResourcePolicyCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateFirewallDeleteProtectionCommandInput | UpdateFirewallDescriptionCommandInput | UpdateFirewallPolicyChangeProtectionCommandInput | UpdateFirewallPolicyCommandInput | UpdateLoggingConfigurationCommandInput | UpdateRuleGroupCommandInput | UpdateSubnetChangeProtectionCommandInput;
-export declare type ServiceOutputTypes = AssociateFirewallPolicyCommandOutput | AssociateSubnetsCommandOutput | CreateFirewallCommandOutput | CreateFirewallPolicyCommandOutput | CreateRuleGroupCommandOutput | DeleteFirewallCommandOutput | DeleteFirewallPolicyCommandOutput | DeleteResourcePolicyCommandOutput | DeleteRuleGroupCommandOutput | DescribeFirewallCommandOutput | DescribeFirewallPolicyCommandOutput | DescribeLoggingConfigurationCommandOutput | DescribeResourcePolicyCommandOutput | DescribeRuleGroupCommandOutput | DisassociateSubnetsCommandOutput | ListFirewallPoliciesCommandOutput | ListFirewallsCommandOutput | ListRuleGroupsCommandOutput | ListTagsForResourceCommandOutput | PutResourcePolicyCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateFirewallDeleteProtectionCommandOutput | UpdateFirewallDescriptionCommandOutput | UpdateFirewallPolicyChangeProtectionCommandOutput | UpdateFirewallPolicyCommandOutput | UpdateLoggingConfigurationCommandOutput | UpdateRuleGroupCommandOutput | UpdateSubnetChangeProtectionCommandOutput;
+export declare type ServiceInputTypes = AssociateFirewallPolicyCommandInput | AssociateSubnetsCommandInput | CreateFirewallCommandInput | CreateFirewallPolicyCommandInput | CreateRuleGroupCommandInput | DeleteFirewallCommandInput | DeleteFirewallPolicyCommandInput | DeleteResourcePolicyCommandInput | DeleteRuleGroupCommandInput | DescribeFirewallCommandInput | DescribeFirewallPolicyCommandInput | DescribeLoggingConfigurationCommandInput | DescribeResourcePolicyCommandInput | DescribeRuleGroupCommandInput | DescribeRuleGroupMetadataCommandInput | DisassociateSubnetsCommandInput | ListFirewallPoliciesCommandInput | ListFirewallsCommandInput | ListRuleGroupsCommandInput | ListTagsForResourceCommandInput | PutResourcePolicyCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateFirewallDeleteProtectionCommandInput | UpdateFirewallDescriptionCommandInput | UpdateFirewallPolicyChangeProtectionCommandInput | UpdateFirewallPolicyCommandInput | UpdateLoggingConfigurationCommandInput | UpdateRuleGroupCommandInput | UpdateSubnetChangeProtectionCommandInput;
+export declare type ServiceOutputTypes = AssociateFirewallPolicyCommandOutput | AssociateSubnetsCommandOutput | CreateFirewallCommandOutput | CreateFirewallPolicyCommandOutput | CreateRuleGroupCommandOutput | DeleteFirewallCommandOutput | DeleteFirewallPolicyCommandOutput | DeleteResourcePolicyCommandOutput | DeleteRuleGroupCommandOutput | DescribeFirewallCommandOutput | DescribeFirewallPolicyCommandOutput | DescribeLoggingConfigurationCommandOutput | DescribeResourcePolicyCommandOutput | DescribeRuleGroupCommandOutput | DescribeRuleGroupMetadataCommandOutput | DisassociateSubnetsCommandOutput | ListFirewallPoliciesCommandOutput | ListFirewallsCommandOutput | ListRuleGroupsCommandOutput | ListTagsForResourceCommandOutput | PutResourcePolicyCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateFirewallDeleteProtectionCommandOutput | UpdateFirewallDescriptionCommandOutput | UpdateFirewallPolicyChangeProtectionCommandOutput | UpdateFirewallPolicyCommandOutput | UpdateLoggingConfigurationCommandOutput | UpdateRuleGroupCommandOutput | UpdateSubnetChangeProtectionCommandOutput;
 export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> {
     
     requestHandler?: __HttpHandler;

package/dist-types/ts3.4/commands/DescribeRuleGroupMetadataCommand.d.ts

@@ -0,0 +1,17 @@
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
+import { DescribeRuleGroupMetadataRequest, DescribeRuleGroupMetadataResponse } from "../models/models_0";
+import { NetworkFirewallClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../NetworkFirewallClient";
+export interface DescribeRuleGroupMetadataCommandInput extends DescribeRuleGroupMetadataRequest {
+}
+export interface DescribeRuleGroupMetadataCommandOutput extends DescribeRuleGroupMetadataResponse, __MetadataBearer {
+}
+
+export declare class DescribeRuleGroupMetadataCommand extends $Command<DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput, NetworkFirewallClientResolvedConfig> {
+    readonly input: DescribeRuleGroupMetadataCommandInput;
+    constructor(input: DescribeRuleGroupMetadataCommandInput);
+    
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: NetworkFirewallClientResolvedConfig, options?: __HttpHandlerOptions): Handler<DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput>;
+    private serialize;
+    private deserialize;
+}

package/dist-types/ts3.4/commands/index.d.ts

@@ -12,6 +12,7 @@ export * from "./DescribeFirewallPolicyCommand";
 export * from "./DescribeLoggingConfigurationCommand";
 export * from "./DescribeResourcePolicyCommand";
 export * from "./DescribeRuleGroupCommand";
+export * from "./DescribeRuleGroupMetadataCommand";
 export * from "./DisassociateSubnetsCommand";
 export * from "./ListFirewallPoliciesCommand";
 export * from "./ListFirewallsCommand";

package/dist-types/ts3.4/models/models_0.d.ts

@@ -338,12 +338,26 @@ export declare namespace StatefulEngineOptions {
     
     const filterSensitiveLog: (obj: StatefulEngineOptions) => any;
 }
+export declare enum OverrideAction {
+    DROP_TO_ALERT = "DROP_TO_ALERT"
+}
+
+export interface StatefulRuleGroupOverride {
+    
+    Action?: OverrideAction | string;
+}
+export declare namespace StatefulRuleGroupOverride {
+    
+    const filterSensitiveLog: (obj: StatefulRuleGroupOverride) => any;
+}
 
 export interface StatefulRuleGroupReference {
     
     ResourceArn: string | undefined;
     
     Priority?: number;
+    
+    Override?: StatefulRuleGroupOverride;
 }
 export declare namespace StatefulRuleGroupReference {
     
@@ -987,6 +1001,36 @@ export declare namespace DescribeRuleGroupResponse {
     
     const filterSensitiveLog: (obj: DescribeRuleGroupResponse) => any;
 }
+export interface DescribeRuleGroupMetadataRequest {
+    
+    RuleGroupName?: string;
+    
+    RuleGroupArn?: string;
+    
+    Type?: RuleGroupType | string;
+}
+export declare namespace DescribeRuleGroupMetadataRequest {
+    
+    const filterSensitiveLog: (obj: DescribeRuleGroupMetadataRequest) => any;
+}
+export interface DescribeRuleGroupMetadataResponse {
+    
+    RuleGroupArn: string | undefined;
+    
+    RuleGroupName: string | undefined;
+    
+    Description?: string;
+    
+    Type?: RuleGroupType | string;
+    
+    Capacity?: number;
+    
+    StatefulRuleOptions?: StatefulRuleOptions;
+}
+export declare namespace DescribeRuleGroupMetadataResponse {
+    
+    const filterSensitiveLog: (obj: DescribeRuleGroupMetadataResponse) => any;
+}
 export interface DisassociateSubnetsRequest {
     
     UpdateToken?: string;
@@ -1079,11 +1123,17 @@ export declare namespace ListFirewallsResponse {
     
     const filterSensitiveLog: (obj: ListFirewallsResponse) => any;
 }
+export declare enum ResourceManagedStatus {
+    ACCOUNT = "ACCOUNT",
+    MANAGED = "MANAGED"
+}
 export interface ListRuleGroupsRequest {
     
     NextToken?: string;
     
     MaxResults?: number;
+    
+    Scope?: ResourceManagedStatus | string;
 }
 export declare namespace ListRuleGroupsRequest {
     

package/dist-types/ts3.4/protocols/Aws_json1_0.d.ts

@@ -14,6 +14,7 @@ import { DescribeFirewallPolicyCommandInput, DescribeFirewallPolicyCommandOutput
 import { DescribeLoggingConfigurationCommandInput, DescribeLoggingConfigurationCommandOutput } from "../commands/DescribeLoggingConfigurationCommand";
 import { DescribeResourcePolicyCommandInput, DescribeResourcePolicyCommandOutput } from "../commands/DescribeResourcePolicyCommand";
 import { DescribeRuleGroupCommandInput, DescribeRuleGroupCommandOutput } from "../commands/DescribeRuleGroupCommand";
+import { DescribeRuleGroupMetadataCommandInput, DescribeRuleGroupMetadataCommandOutput } from "../commands/DescribeRuleGroupMetadataCommand";
 import { DisassociateSubnetsCommandInput, DisassociateSubnetsCommandOutput } from "../commands/DisassociateSubnetsCommand";
 import { ListFirewallPoliciesCommandInput, ListFirewallPoliciesCommandOutput } from "../commands/ListFirewallPoliciesCommand";
 import { ListFirewallsCommandInput, ListFirewallsCommandOutput } from "../commands/ListFirewallsCommand";
@@ -43,6 +44,7 @@ export declare const serializeAws_json1_0DescribeFirewallPolicyCommand: (input:
 export declare const serializeAws_json1_0DescribeLoggingConfigurationCommand: (input: DescribeLoggingConfigurationCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DescribeResourcePolicyCommand: (input: DescribeResourcePolicyCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DescribeRuleGroupCommand: (input: DescribeRuleGroupCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
+export declare const serializeAws_json1_0DescribeRuleGroupMetadataCommand: (input: DescribeRuleGroupMetadataCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0DisassociateSubnetsCommand: (input: DisassociateSubnetsCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0ListFirewallPoliciesCommand: (input: ListFirewallPoliciesCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 export declare const serializeAws_json1_0ListFirewallsCommand: (input: ListFirewallsCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
@@ -72,6 +74,7 @@ export declare const deserializeAws_json1_0DescribeFirewallPolicyCommand: (outpu
 export declare const deserializeAws_json1_0DescribeLoggingConfigurationCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeLoggingConfigurationCommandOutput>;
 export declare const deserializeAws_json1_0DescribeResourcePolicyCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeResourcePolicyCommandOutput>;
 export declare const deserializeAws_json1_0DescribeRuleGroupCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeRuleGroupCommandOutput>;
+export declare const deserializeAws_json1_0DescribeRuleGroupMetadataCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DescribeRuleGroupMetadataCommandOutput>;
 export declare const deserializeAws_json1_0DisassociateSubnetsCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<DisassociateSubnetsCommandOutput>;
 export declare const deserializeAws_json1_0ListFirewallPoliciesCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<ListFirewallPoliciesCommandOutput>;
 export declare const deserializeAws_json1_0ListFirewallsCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<ListFirewallsCommandOutput>;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-network-firewall",
   "description": "AWS SDK for JavaScript Network Firewall Client for Node.js, Browser and React Native",
-  "version": "3.43.0",
+  "version": "3.45.0",
   "scripts": {
     "build": "yarn build:cjs && yarn build:es && yarn build:types",
     "build:cjs": "tsc -p tsconfig.json",
@@ -21,9 +21,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "2.0.0",
     "@aws-crypto/sha256-js": "2.0.0",
-    "@aws-sdk/client-sts": "3.43.0",
-    "@aws-sdk/config-resolver": "3.40.0",
-    "@aws-sdk/credential-provider-node": "3.41.0",
+    "@aws-sdk/client-sts": "3.45.0",
+    "@aws-sdk/config-resolver": "3.45.0",
+    "@aws-sdk/credential-provider-node": "3.45.0",
     "@aws-sdk/fetch-http-handler": "3.40.0",
     "@aws-sdk/hash-node": "3.40.0",
     "@aws-sdk/invalid-dependency": "3.40.0",
@@ -32,7 +32,7 @@
     "@aws-sdk/middleware-logger": "3.40.0",
     "@aws-sdk/middleware-retry": "3.40.0",
     "@aws-sdk/middleware-serde": "3.40.0",
-    "@aws-sdk/middleware-signing": "3.40.0",
+    "@aws-sdk/middleware-signing": "3.45.0",
     "@aws-sdk/middleware-stack": "3.40.0",
     "@aws-sdk/middleware-user-agent": "3.40.0",
     "@aws-sdk/node-config-provider": "3.40.0",