@aws-sdk/client-route53resolver 3.1068.0 → 3.1070.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/auth/httpAuthSchemeProvider.js +9 -15
- package/dist-cjs/endpoint/bdd.js +2 -5
- package/dist-cjs/endpoint/endpointResolver.js +7 -11
- package/dist-cjs/index.js +274 -293
- package/dist-cjs/models/Route53ResolverServiceException.js +4 -8
- package/dist-cjs/models/errors.js +35 -55
- package/dist-cjs/runtimeConfig.browser.js +22 -26
- package/dist-cjs/runtimeConfig.js +30 -34
- package/dist-cjs/runtimeConfig.native.js +4 -7
- package/dist-cjs/runtimeConfig.shared.js +20 -24
- package/dist-cjs/schemas/schemas_0.js +593 -387
- package/dist-es/models/enums.js +1 -0
- package/dist-es/schemas/schemas_0.js +26 -10
- package/dist-types/commands/AssociateFirewallRuleGroupCommand.d.ts +2 -1
- package/dist-types/commands/BatchCreateFirewallRuleCommand.d.ts +11 -0
- package/dist-types/commands/BatchDeleteFirewallRuleCommand.d.ts +5 -0
- package/dist-types/commands/BatchUpdateFirewallRuleCommand.d.ts +11 -0
- package/dist-types/commands/CreateFirewallRuleCommand.d.ts +24 -1
- package/dist-types/commands/DeleteFirewallRuleCommand.d.ts +8 -1
- package/dist-types/commands/ListFirewallRuleTypesCommand.d.ts +6 -1
- package/dist-types/commands/ListFirewallRulesCommand.d.ts +8 -2
- package/dist-types/commands/ListResolverEndpointIpAddressesCommand.d.ts +1 -1
- package/dist-types/commands/UpdateFirewallRuleCommand.d.ts +9 -1
- package/dist-types/models/enums.d.ts +1 -0
- package/dist-types/models/models_0.d.ts +198 -17
- package/dist-types/schemas/schemas_0.d.ts +2 -0
- package/dist-types/ts3.4/models/enums.d.ts +1 -0
- package/dist-types/ts3.4/models/models_0.d.ts +11 -0
- package/dist-types/ts3.4/schemas/schemas_0.d.ts +2 -0
- package/package.json +8 -8
|
@@ -638,7 +638,7 @@ export interface DnsThreatProtectionRuleTypeConfig {
|
|
|
638
638
|
* </li>
|
|
639
639
|
* <li>
|
|
640
640
|
* <p>
|
|
641
|
-
* <code>
|
|
641
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
642
642
|
* </li>
|
|
643
643
|
* </ul>
|
|
644
644
|
* @public
|
|
@@ -687,22 +687,40 @@ export interface FirewallAdvancedThreatCategoryConfig {
|
|
|
687
687
|
Category: string | undefined;
|
|
688
688
|
}
|
|
689
689
|
/**
|
|
690
|
-
* <p>The configuration for a rule
|
|
690
|
+
* <p>The configuration for a partner threat-protection rule. To enumerate the partners available in your account, call <a>ListFirewallRuleTypes</a> with <code>RuleType</code> set to <code>PartnerThreatProtection</code> — each returned <a>FirewallRuleTypeDefinition</a> includes a <a>SubscriptionInfo</a> identifying the AWS Marketplace product that backs it.</p>
|
|
691
|
+
* @public
|
|
692
|
+
*/
|
|
693
|
+
export interface PartnerThreatProtectionConfig {
|
|
694
|
+
/**
|
|
695
|
+
* <p>The identifier of the partner threat-protection product, exactly as returned in the <code>Value</code> field of a <a>FirewallRuleTypeDefinition</a> with <code>RuleType</code> set to <code>PartnerThreatProtection</code>. The calling account must hold an active AWS Marketplace subscription to this product.</p>
|
|
696
|
+
* @public
|
|
697
|
+
*/
|
|
698
|
+
Partner: string | undefined;
|
|
699
|
+
}
|
|
700
|
+
/**
|
|
701
|
+
* <p>The rule-type configuration for a DNS Firewall rule. <code>FirewallRuleType</code> is a tagged union — exactly one member must be set per rule, and the member determines what the rule matches against. This shape is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields on <a>CreateFirewallRule</a> and <a>UpdateFirewallRule</a>.</p>
|
|
702
|
+
* <p>Call <a>ListFirewallRuleTypes</a> to discover which rule-type variants and which values within each variant are available in your account and Region.</p>
|
|
691
703
|
* @public
|
|
692
704
|
*/
|
|
693
705
|
export interface FirewallRuleType {
|
|
694
706
|
/**
|
|
695
|
-
* <p>
|
|
707
|
+
* <p>Configures the rule to match a third-party threat feed delivered through AWS Marketplace. The calling account must hold an active subscription to the partner product named in <code>Partner</code>; if the subscription is missing or revoked, the rule is created with <code>Status</code>
|
|
708
|
+
* <code>CREATION_FAILED</code> and cannot be modified — only deleted. See <a>PartnerThreatProtectionConfig</a>.</p>
|
|
709
|
+
* @public
|
|
710
|
+
*/
|
|
711
|
+
PartnerThreatProtection?: PartnerThreatProtectionConfig | undefined;
|
|
712
|
+
/**
|
|
713
|
+
* <p>Configures the rule to match an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>). See <a>FirewallAdvancedContentCategoryConfig</a>.</p>
|
|
696
714
|
* @public
|
|
697
715
|
*/
|
|
698
716
|
FirewallAdvancedContentCategory?: FirewallAdvancedContentCategoryConfig | undefined;
|
|
699
717
|
/**
|
|
700
|
-
* <p>
|
|
718
|
+
* <p>Configures the rule to match an AWS-managed advanced threat category (for example, <code>PHISHING</code>). See <a>FirewallAdvancedThreatCategoryConfig</a>.</p>
|
|
701
719
|
* @public
|
|
702
720
|
*/
|
|
703
721
|
FirewallAdvancedThreatCategory?: FirewallAdvancedThreatCategoryConfig | undefined;
|
|
704
722
|
/**
|
|
705
|
-
* <p>
|
|
723
|
+
* <p>Configures the rule to match a built-in DNS Firewall Advanced threat detector — <code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>. See <a>DnsThreatProtectionRuleTypeConfig</a>.</p>
|
|
706
724
|
* @public
|
|
707
725
|
*/
|
|
708
726
|
DnsThreatProtection?: DnsThreatProtectionRuleTypeConfig | undefined;
|
|
@@ -862,7 +880,7 @@ export interface CreateFirewallRuleEntry {
|
|
|
862
880
|
* </li>
|
|
863
881
|
* <li>
|
|
864
882
|
* <p>
|
|
865
|
-
* <code>
|
|
883
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
866
884
|
* </li>
|
|
867
885
|
* </ul>
|
|
868
886
|
* @public
|
|
@@ -888,7 +906,26 @@ export interface CreateFirewallRuleEntry {
|
|
|
888
906
|
*/
|
|
889
907
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
890
908
|
/**
|
|
891
|
-
* <p>The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields
|
|
909
|
+
* <p>The rule type configuration for the firewall rule. This is a tagged union — set exactly one of its members. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields. Use one of:</p>
|
|
910
|
+
* <ul>
|
|
911
|
+
* <li>
|
|
912
|
+
* <p>
|
|
913
|
+
* <code>FirewallAdvancedContentCategory</code> — match an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>).</p>
|
|
914
|
+
* </li>
|
|
915
|
+
* <li>
|
|
916
|
+
* <p>
|
|
917
|
+
* <code>FirewallAdvancedThreatCategory</code> — match an AWS-managed advanced threat category (for example, <code>PHISHING</code>).</p>
|
|
918
|
+
* </li>
|
|
919
|
+
* <li>
|
|
920
|
+
* <p>
|
|
921
|
+
* <code>DnsThreatProtection</code> — match a built-in DNS Firewall Advanced threat detector (<code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>).</p>
|
|
922
|
+
* </li>
|
|
923
|
+
* <li>
|
|
924
|
+
* <p>
|
|
925
|
+
* <code>PartnerThreatProtection</code> — match a third-party threat feed delivered through AWS Marketplace. The selected partner must be an active subscription on the calling account.</p>
|
|
926
|
+
* </li>
|
|
927
|
+
* </ul>
|
|
928
|
+
* <p>To enumerate the values supported in your account, call <a>ListFirewallRuleTypes</a>.</p>
|
|
892
929
|
* @public
|
|
893
930
|
*/
|
|
894
931
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
@@ -1081,13 +1118,17 @@ export interface FirewallRule {
|
|
|
1081
1118
|
* <li>
|
|
1082
1119
|
* <p>
|
|
1083
1120
|
* <code>DGA</code>: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains
|
|
1084
|
-
* to
|
|
1121
|
+
* to launch malware attacks.</p>
|
|
1085
1122
|
* </li>
|
|
1086
1123
|
* <li>
|
|
1087
1124
|
* <p>
|
|
1088
1125
|
* <code>DNS_TUNNELING</code>: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without
|
|
1089
1126
|
* making a network connection to the client.</p>
|
|
1090
1127
|
* </li>
|
|
1128
|
+
* <li>
|
|
1129
|
+
* <p>
|
|
1130
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
1131
|
+
* </li>
|
|
1091
1132
|
* </ul>
|
|
1092
1133
|
* @public
|
|
1093
1134
|
*/
|
|
@@ -1115,10 +1156,54 @@ export interface FirewallRule {
|
|
|
1115
1156
|
*/
|
|
1116
1157
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
1117
1158
|
/**
|
|
1118
|
-
* <p>The rule type configuration for the firewall rule.
|
|
1159
|
+
* <p>The rule type configuration for the firewall rule. This is a tagged union — exactly one of its members will be populated. Possible members are:</p>
|
|
1160
|
+
* <ul>
|
|
1161
|
+
* <li>
|
|
1162
|
+
* <p>
|
|
1163
|
+
* <code>FirewallAdvancedContentCategory</code> — an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>).</p>
|
|
1164
|
+
* </li>
|
|
1165
|
+
* <li>
|
|
1166
|
+
* <p>
|
|
1167
|
+
* <code>FirewallAdvancedThreatCategory</code> — an AWS-managed advanced threat category (for example, <code>PHISHING</code>).</p>
|
|
1168
|
+
* </li>
|
|
1169
|
+
* <li>
|
|
1170
|
+
* <p>
|
|
1171
|
+
* <code>DnsThreatProtection</code> — a built-in DNS Firewall Advanced threat detector (<code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>).</p>
|
|
1172
|
+
* </li>
|
|
1173
|
+
* <li>
|
|
1174
|
+
* <p>
|
|
1175
|
+
* <code>PartnerThreatProtection</code> — a third-party threat feed delivered through AWS Marketplace.</p>
|
|
1176
|
+
* </li>
|
|
1177
|
+
* </ul>
|
|
1178
|
+
* <p>To enumerate the values supported in your account, call <a>ListFirewallRuleTypes</a>.</p>
|
|
1119
1179
|
* @public
|
|
1120
1180
|
*/
|
|
1121
1181
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
1182
|
+
/**
|
|
1183
|
+
* <p>The lifecycle state of the firewall rule. Possible values:</p>
|
|
1184
|
+
* <ul>
|
|
1185
|
+
* <li>
|
|
1186
|
+
* <p>
|
|
1187
|
+
* <code>CREATING</code> — DNS Firewall is provisioning the rule. Rules created with the <code>PartnerThreatProtection</code> rule type begin in this state while DNS Firewall verifies the calling account's AWS Marketplace entitlement.</p>
|
|
1188
|
+
* </li>
|
|
1189
|
+
* <li>
|
|
1190
|
+
* <p>
|
|
1191
|
+
* <code>COMPLETE</code> — The rule is provisioned and enforcing matches.</p>
|
|
1192
|
+
* </li>
|
|
1193
|
+
* <li>
|
|
1194
|
+
* <p>
|
|
1195
|
+
* <code>CREATION_FAILED</code> — Provisioning failed. <code>StatusMessage</code> contains a human-readable reason. A rule in this state is immutable: <a>UpdateFirewallRule</a> rejects the request, and the rule must be removed with <a>DeleteFirewallRule</a>.</p>
|
|
1196
|
+
* </li>
|
|
1197
|
+
* </ul>
|
|
1198
|
+
* <p>For rules that do not require asynchronous provisioning, this field may be absent.</p>
|
|
1199
|
+
* @public
|
|
1200
|
+
*/
|
|
1201
|
+
Status?: string | undefined;
|
|
1202
|
+
/**
|
|
1203
|
+
* <p>An additional message about the rule's lifecycle state. Populated when <code>Status</code> is <code>CREATION_FAILED</code> to describe why provisioning failed.</p>
|
|
1204
|
+
* @public
|
|
1205
|
+
*/
|
|
1206
|
+
StatusMessage?: string | undefined;
|
|
1122
1207
|
}
|
|
1123
1208
|
/**
|
|
1124
1209
|
* <p>An error that occurred while creating a firewall rule in a batch operation.</p>
|
|
@@ -1383,7 +1468,7 @@ export interface UpdateFirewallRuleEntry {
|
|
|
1383
1468
|
* </li>
|
|
1384
1469
|
* <li>
|
|
1385
1470
|
* <p>
|
|
1386
|
-
* <code>
|
|
1471
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
1387
1472
|
* </li>
|
|
1388
1473
|
* </ul>
|
|
1389
1474
|
* @public
|
|
@@ -1409,7 +1494,26 @@ export interface UpdateFirewallRuleEntry {
|
|
|
1409
1494
|
*/
|
|
1410
1495
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
1411
1496
|
/**
|
|
1412
|
-
* <p>The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields
|
|
1497
|
+
* <p>The rule type configuration for the firewall rule. This is a tagged union — set exactly one of its members. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields. Use one of:</p>
|
|
1498
|
+
* <ul>
|
|
1499
|
+
* <li>
|
|
1500
|
+
* <p>
|
|
1501
|
+
* <code>FirewallAdvancedContentCategory</code> — match an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>).</p>
|
|
1502
|
+
* </li>
|
|
1503
|
+
* <li>
|
|
1504
|
+
* <p>
|
|
1505
|
+
* <code>FirewallAdvancedThreatCategory</code> — match an AWS-managed advanced threat category (for example, <code>PHISHING</code>).</p>
|
|
1506
|
+
* </li>
|
|
1507
|
+
* <li>
|
|
1508
|
+
* <p>
|
|
1509
|
+
* <code>DnsThreatProtection</code> — match a built-in DNS Firewall Advanced threat detector (<code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>).</p>
|
|
1510
|
+
* </li>
|
|
1511
|
+
* <li>
|
|
1512
|
+
* <p>
|
|
1513
|
+
* <code>PartnerThreatProtection</code> — match a third-party threat feed delivered through AWS Marketplace. The selected partner must be an active subscription on the calling account.</p>
|
|
1514
|
+
* </li>
|
|
1515
|
+
* </ul>
|
|
1516
|
+
* <p>To enumerate the values supported in your account, call <a>ListFirewallRuleTypes</a>.</p>
|
|
1413
1517
|
* @public
|
|
1414
1518
|
*/
|
|
1415
1519
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
@@ -1725,8 +1829,22 @@ export interface CreateFirewallRuleRequest {
|
|
|
1725
1829
|
Qtype?: string | undefined;
|
|
1726
1830
|
/**
|
|
1727
1831
|
* <p>
|
|
1728
|
-
*
|
|
1832
|
+
* The type of the DNS Firewall Advanced rule. This setting is mutually exclusive with <code>FirewallDomainListId</code> and <code>FirewallRuleType</code>. Valid values are:
|
|
1729
1833
|
* </p>
|
|
1834
|
+
* <ul>
|
|
1835
|
+
* <li>
|
|
1836
|
+
* <p>
|
|
1837
|
+
* <code>DGA</code>: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains to launch malware attacks.</p>
|
|
1838
|
+
* </li>
|
|
1839
|
+
* <li>
|
|
1840
|
+
* <p>
|
|
1841
|
+
* <code>DNS_TUNNELING</code>: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without making a network connection to the client.</p>
|
|
1842
|
+
* </li>
|
|
1843
|
+
* <li>
|
|
1844
|
+
* <p>
|
|
1845
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
1846
|
+
* </li>
|
|
1847
|
+
* </ul>
|
|
1730
1848
|
* @public
|
|
1731
1849
|
*/
|
|
1732
1850
|
DnsThreatProtection?: DnsThreatProtection | undefined;
|
|
@@ -1753,7 +1871,26 @@ export interface CreateFirewallRuleRequest {
|
|
|
1753
1871
|
*/
|
|
1754
1872
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
1755
1873
|
/**
|
|
1756
|
-
* <p>The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields
|
|
1874
|
+
* <p>The rule type configuration for the firewall rule. This is a tagged union — set exactly one of its members. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields. Use one of:</p>
|
|
1875
|
+
* <ul>
|
|
1876
|
+
* <li>
|
|
1877
|
+
* <p>
|
|
1878
|
+
* <code>FirewallAdvancedContentCategory</code> — match an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>).</p>
|
|
1879
|
+
* </li>
|
|
1880
|
+
* <li>
|
|
1881
|
+
* <p>
|
|
1882
|
+
* <code>FirewallAdvancedThreatCategory</code> — match an AWS-managed advanced threat category (for example, <code>PHISHING</code>).</p>
|
|
1883
|
+
* </li>
|
|
1884
|
+
* <li>
|
|
1885
|
+
* <p>
|
|
1886
|
+
* <code>DnsThreatProtection</code> — match a built-in DNS Firewall Advanced threat detector (<code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>).</p>
|
|
1887
|
+
* </li>
|
|
1888
|
+
* <li>
|
|
1889
|
+
* <p>
|
|
1890
|
+
* <code>PartnerThreatProtection</code> — match a third-party threat feed delivered through AWS Marketplace. The selected partner must be an active subscription on the calling account.</p>
|
|
1891
|
+
* </li>
|
|
1892
|
+
* </ul>
|
|
1893
|
+
* <p>To enumerate the values supported in your account, call <a>ListFirewallRuleTypes</a>.</p>
|
|
1757
1894
|
* @public
|
|
1758
1895
|
*/
|
|
1759
1896
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
@@ -3260,6 +3397,22 @@ export interface FirewallRuleGroupMetadata {
|
|
|
3260
3397
|
*/
|
|
3261
3398
|
ShareStatus?: ShareStatus | undefined;
|
|
3262
3399
|
}
|
|
3400
|
+
/**
|
|
3401
|
+
* <p>Identifies the AWS Marketplace product that backs a partner-managed rule type. Returned as part of <a>FirewallRuleTypeDefinition</a> when the rule type variant requires an active customer subscription to the named product.</p>
|
|
3402
|
+
* @public
|
|
3403
|
+
*/
|
|
3404
|
+
export interface SubscriptionInfo {
|
|
3405
|
+
/**
|
|
3406
|
+
* <p>The name of the AWS Marketplace seller (vendor) that publishes the partner threat-protection product (for example, <code>Palo Alto Networks</code>).</p>
|
|
3407
|
+
* @public
|
|
3408
|
+
*/
|
|
3409
|
+
VendorName?: string | undefined;
|
|
3410
|
+
/**
|
|
3411
|
+
* <p>The AWS Marketplace product identifier of the partner threat-protection product. Use this value to verify or manage the calling account's subscription in AWS Marketplace.</p>
|
|
3412
|
+
* @public
|
|
3413
|
+
*/
|
|
3414
|
+
ProductId?: string | undefined;
|
|
3415
|
+
}
|
|
3263
3416
|
/**
|
|
3264
3417
|
* <p>The definition of an available rule type that can be used in DNS Firewall rules. This is returned by <a>ListFirewallRuleTypes</a>.</p>
|
|
3265
3418
|
* @public
|
|
@@ -3285,6 +3438,11 @@ export interface FirewallRuleTypeDefinition {
|
|
|
3285
3438
|
* @public
|
|
3286
3439
|
*/
|
|
3287
3440
|
Description?: string | undefined;
|
|
3441
|
+
/**
|
|
3442
|
+
* <p>For rule types that require an external subscription (today, only the <code>PartnerThreatProtection</code> variant), describes the AWS Marketplace product that backs the rule type. Absent for rule types that are managed by AWS and do not require a separate subscription. See <a>SubscriptionInfo</a>.</p>
|
|
3443
|
+
* @public
|
|
3444
|
+
*/
|
|
3445
|
+
SubscriptionInfo?: SubscriptionInfo | undefined;
|
|
3288
3446
|
}
|
|
3289
3447
|
/**
|
|
3290
3448
|
* @public
|
|
@@ -4086,7 +4244,7 @@ export interface ListFirewallRulesResponse {
|
|
|
4086
4244
|
*/
|
|
4087
4245
|
export interface ListFirewallRuleTypesRequest {
|
|
4088
4246
|
/**
|
|
4089
|
-
* <p>
|
|
4247
|
+
* <p>An optional filter that restricts the response to a single <a>FirewallRuleType</a> variant. Supported values: <code>FirewallAdvancedContentCategory</code>, <code>FirewallAdvancedThreatCategory</code>, <code>DnsThreatProtection</code>, and <code>PartnerThreatProtection</code>. If omitted, definitions across all variants are returned.</p>
|
|
4090
4248
|
* @public
|
|
4091
4249
|
*/
|
|
4092
4250
|
RuleType?: string | undefined;
|
|
@@ -5311,19 +5469,23 @@ export interface UpdateFirewallRuleRequest {
|
|
|
5311
5469
|
Qtype?: string | undefined;
|
|
5312
5470
|
/**
|
|
5313
5471
|
* <p>
|
|
5314
|
-
* The type of the DNS Firewall Advanced rule. Valid values are:
|
|
5472
|
+
* The type of the DNS Firewall Advanced rule. This setting is mutually exclusive with <code>FirewallDomainListId</code> and <code>FirewallRuleType</code>. Valid values are:
|
|
5315
5473
|
* </p>
|
|
5316
5474
|
* <ul>
|
|
5317
5475
|
* <li>
|
|
5318
5476
|
* <p>
|
|
5319
5477
|
* <code>DGA</code>: Domain generation algorithms detection. DGAs are used by attackers to generate a large number of domains
|
|
5320
|
-
* to
|
|
5478
|
+
* to launch malware attacks.</p>
|
|
5321
5479
|
* </li>
|
|
5322
5480
|
* <li>
|
|
5323
5481
|
* <p>
|
|
5324
5482
|
* <code>DNS_TUNNELING</code>: DNS tunneling detection. DNS tunneling is used by attackers to exfiltrate data from the client by using the DNS tunnel without
|
|
5325
5483
|
* making a network connection to the client.</p>
|
|
5326
5484
|
* </li>
|
|
5485
|
+
* <li>
|
|
5486
|
+
* <p>
|
|
5487
|
+
* <code>DICTIONARY_DGA</code>: Dictionary-based domain generation algorithms detection. Dictionary DGAs use wordlists to generate domains that appear more legitimate, making them harder to detect than traditional DGAs.</p>
|
|
5488
|
+
* </li>
|
|
5327
5489
|
* </ul>
|
|
5328
5490
|
* @public
|
|
5329
5491
|
*/
|
|
@@ -5351,7 +5513,26 @@ export interface UpdateFirewallRuleRequest {
|
|
|
5351
5513
|
*/
|
|
5352
5514
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
5353
5515
|
/**
|
|
5354
|
-
* <p>The rule type configuration for the firewall rule. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields
|
|
5516
|
+
* <p>The rule type configuration for the firewall rule. This is a tagged union — set exactly one of its members. This setting is mutually exclusive with the top-level <code>FirewallDomainListId</code> and <code>DnsThreatProtection</code> fields. Use one of:</p>
|
|
5517
|
+
* <ul>
|
|
5518
|
+
* <li>
|
|
5519
|
+
* <p>
|
|
5520
|
+
* <code>FirewallAdvancedContentCategory</code> — match an AWS-managed content category (for example, <code>VIOLENCE_AND_HATE_SPEECH</code>).</p>
|
|
5521
|
+
* </li>
|
|
5522
|
+
* <li>
|
|
5523
|
+
* <p>
|
|
5524
|
+
* <code>FirewallAdvancedThreatCategory</code> — match an AWS-managed advanced threat category (for example, <code>PHISHING</code>).</p>
|
|
5525
|
+
* </li>
|
|
5526
|
+
* <li>
|
|
5527
|
+
* <p>
|
|
5528
|
+
* <code>DnsThreatProtection</code> — match a built-in DNS Firewall Advanced threat detector (<code>DGA</code>, <code>DNS_TUNNELING</code>, or <code>DICTIONARY_DGA</code>).</p>
|
|
5529
|
+
* </li>
|
|
5530
|
+
* <li>
|
|
5531
|
+
* <p>
|
|
5532
|
+
* <code>PartnerThreatProtection</code> — match a third-party threat feed delivered through AWS Marketplace. The selected partner must be an active subscription on the calling account.</p>
|
|
5533
|
+
* </li>
|
|
5534
|
+
* </ul>
|
|
5535
|
+
* <p>To enumerate the values supported in your account, call <a>ListFirewallRuleTypes</a>.</p>
|
|
5355
5536
|
* @public
|
|
5356
5537
|
*/
|
|
5357
5538
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
@@ -162,6 +162,7 @@ export declare var ListResolverRulesResponse$: StaticStructureSchema;
|
|
|
162
162
|
export declare var ListTagsForResourceRequest$: StaticStructureSchema;
|
|
163
163
|
export declare var ListTagsForResourceResponse$: StaticStructureSchema;
|
|
164
164
|
export declare var OutpostResolver$: StaticStructureSchema;
|
|
165
|
+
export declare var PartnerThreatProtectionConfig$: StaticStructureSchema;
|
|
165
166
|
export declare var PutFirewallRuleGroupPolicyRequest$: StaticStructureSchema;
|
|
166
167
|
export declare var PutFirewallRuleGroupPolicyResponse$: StaticStructureSchema;
|
|
167
168
|
export declare var PutResolverQueryLogConfigPolicyRequest$: StaticStructureSchema;
|
|
@@ -176,6 +177,7 @@ export declare var ResolverQueryLogConfigAssociation$: StaticStructureSchema;
|
|
|
176
177
|
export declare var ResolverRule$: StaticStructureSchema;
|
|
177
178
|
export declare var ResolverRuleAssociation$: StaticStructureSchema;
|
|
178
179
|
export declare var ResolverRuleConfig$: StaticStructureSchema;
|
|
180
|
+
export declare var SubscriptionInfo$: StaticStructureSchema;
|
|
179
181
|
export declare var Tag$: StaticStructureSchema;
|
|
180
182
|
export declare var TagResourceRequest$: StaticStructureSchema;
|
|
181
183
|
export declare var TagResourceResponse$: StaticStructureSchema;
|
|
@@ -221,6 +221,7 @@ export declare const IpAddressStatus: {
|
|
|
221
221
|
readonly Deleting: "DELETING";
|
|
222
222
|
readonly Detaching: "DETACHING";
|
|
223
223
|
readonly FailedCreation: "FAILED_CREATION";
|
|
224
|
+
readonly FailedCreationInsufficientEC2CapacityInOutpost: "FAILED_CREATION_INSUFFICIENT_EC2_CAPACITY_IN_OUTPOST";
|
|
224
225
|
readonly FailedResourceGone: "FAILED_RESOURCE_GONE";
|
|
225
226
|
readonly Isolated: "ISOLATED";
|
|
226
227
|
readonly RemapAttaching: "REMAP_ATTACHING";
|
|
@@ -142,7 +142,11 @@ export interface FirewallAdvancedContentCategoryConfig {
|
|
|
142
142
|
export interface FirewallAdvancedThreatCategoryConfig {
|
|
143
143
|
Category: string | undefined;
|
|
144
144
|
}
|
|
145
|
+
export interface PartnerThreatProtectionConfig {
|
|
146
|
+
Partner: string | undefined;
|
|
147
|
+
}
|
|
145
148
|
export interface FirewallRuleType {
|
|
149
|
+
PartnerThreatProtection?: PartnerThreatProtectionConfig | undefined;
|
|
146
150
|
FirewallAdvancedContentCategory?:
|
|
147
151
|
| FirewallAdvancedContentCategoryConfig
|
|
148
152
|
| undefined;
|
|
@@ -190,6 +194,8 @@ export interface FirewallRule {
|
|
|
190
194
|
DnsThreatProtection?: DnsThreatProtection | undefined;
|
|
191
195
|
ConfidenceThreshold?: ConfidenceThreshold | undefined;
|
|
192
196
|
FirewallRuleType?: FirewallRuleType | undefined;
|
|
197
|
+
Status?: string | undefined;
|
|
198
|
+
StatusMessage?: string | undefined;
|
|
193
199
|
}
|
|
194
200
|
export interface BatchCreateFirewallRuleError {
|
|
195
201
|
FirewallRule?: CreateFirewallRuleEntry | undefined;
|
|
@@ -517,11 +523,16 @@ export interface FirewallRuleGroupMetadata {
|
|
|
517
523
|
CreatorRequestId?: string | undefined;
|
|
518
524
|
ShareStatus?: ShareStatus | undefined;
|
|
519
525
|
}
|
|
526
|
+
export interface SubscriptionInfo {
|
|
527
|
+
VendorName?: string | undefined;
|
|
528
|
+
ProductId?: string | undefined;
|
|
529
|
+
}
|
|
520
530
|
export interface FirewallRuleTypeDefinition {
|
|
521
531
|
RuleType?: string | undefined;
|
|
522
532
|
Value?: string | undefined;
|
|
523
533
|
DisplayName?: string | undefined;
|
|
524
534
|
Description?: string | undefined;
|
|
535
|
+
SubscriptionInfo?: SubscriptionInfo | undefined;
|
|
525
536
|
}
|
|
526
537
|
export interface GetFirewallConfigRequest {
|
|
527
538
|
ResourceId: string | undefined;
|
|
@@ -161,6 +161,7 @@ export declare var ListResolverRulesResponse$: StaticStructureSchema;
|
|
|
161
161
|
export declare var ListTagsForResourceRequest$: StaticStructureSchema;
|
|
162
162
|
export declare var ListTagsForResourceResponse$: StaticStructureSchema;
|
|
163
163
|
export declare var OutpostResolver$: StaticStructureSchema;
|
|
164
|
+
export declare var PartnerThreatProtectionConfig$: StaticStructureSchema;
|
|
164
165
|
export declare var PutFirewallRuleGroupPolicyRequest$: StaticStructureSchema;
|
|
165
166
|
export declare var PutFirewallRuleGroupPolicyResponse$: StaticStructureSchema;
|
|
166
167
|
export declare var PutResolverQueryLogConfigPolicyRequest$: StaticStructureSchema;
|
|
@@ -175,6 +176,7 @@ export declare var ResolverQueryLogConfigAssociation$: StaticStructureSchema;
|
|
|
175
176
|
export declare var ResolverRule$: StaticStructureSchema;
|
|
176
177
|
export declare var ResolverRuleAssociation$: StaticStructureSchema;
|
|
177
178
|
export declare var ResolverRuleConfig$: StaticStructureSchema;
|
|
179
|
+
export declare var SubscriptionInfo$: StaticStructureSchema;
|
|
178
180
|
export declare var Tag$: StaticStructureSchema;
|
|
179
181
|
export declare var TagResourceRequest$: StaticStructureSchema;
|
|
180
182
|
export declare var TagResourceResponse$: StaticStructureSchema;
|
package/package.json
CHANGED
|
@@ -1,17 +1,17 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@aws-sdk/client-route53resolver",
|
|
3
3
|
"description": "AWS SDK for JavaScript Route53resolver Client for Node.js, Browser and React Native",
|
|
4
|
-
"version": "3.
|
|
4
|
+
"version": "3.1070.0",
|
|
5
5
|
"scripts": {
|
|
6
6
|
"build": "concurrently 'yarn:build:types' 'yarn:build:es' && yarn build:cjs",
|
|
7
7
|
"build:cjs": "node ../../scripts/compilation/inline",
|
|
8
|
-
"build:es": "tsc -p tsconfig.es.json",
|
|
8
|
+
"build:es": "premove dist-es && tsc -p tsconfig.es.json",
|
|
9
9
|
"build:include:deps": "yarn g:turbo run build -F=\"$npm_package_name\"",
|
|
10
|
-
"build:types": "tsc -p tsconfig.types.json",
|
|
10
|
+
"build:types": "premove dist-types && tsc -p tsconfig.types.json",
|
|
11
11
|
"build:types:downlevel": "downlevel-dts dist-types dist-types/ts3.4",
|
|
12
|
-
"clean": "premove dist-cjs dist-es dist-types
|
|
12
|
+
"clean": "premove dist-cjs dist-es dist-types",
|
|
13
13
|
"extract:docs": "api-extractor run --local",
|
|
14
|
-
"generate:client": "node ../../scripts/generate-clients/single-service
|
|
14
|
+
"generate:client": "node ../../scripts/generate-clients/single-service",
|
|
15
15
|
"test:index": "tsc --noEmit ./test/index-types.ts && node ./test/index-objects.spec.mjs"
|
|
16
16
|
},
|
|
17
17
|
"main": "./dist-cjs/index.js",
|
|
@@ -21,9 +21,9 @@
|
|
|
21
21
|
"dependencies": {
|
|
22
22
|
"@aws-crypto/sha256-browser": "5.2.0",
|
|
23
23
|
"@aws-crypto/sha256-js": "5.2.0",
|
|
24
|
-
"@aws-sdk/core": "^3.974.
|
|
25
|
-
"@aws-sdk/credential-provider-node": "^3.972.
|
|
26
|
-
"@aws-sdk/types": "^3.973.
|
|
24
|
+
"@aws-sdk/core": "^3.974.21",
|
|
25
|
+
"@aws-sdk/credential-provider-node": "^3.972.56",
|
|
26
|
+
"@aws-sdk/types": "^3.973.13",
|
|
27
27
|
"@smithy/core": "^3.24.6",
|
|
28
28
|
"@smithy/fetch-http-handler": "^5.4.6",
|
|
29
29
|
"@smithy/node-http-handler": "^4.7.6",
|