@aws-sdk/client-shield 3.137.0 → 3.142.0

package/dist-types/Shield.d.ts

@@ -45,7 +45,7 @@ import { ShieldClient } from "./ShieldClient";
 export declare class Shield extends ShieldClient {
     /**
      * <p>Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.</p>
-     *          <p>To use the services of the SRT and make an <code>AssociateDRTLogBucket</code> request, you must be subscribed to the <a href="https://docs.aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="https://docs.aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
+     *          <p>To use the services of the SRT and make an <code>AssociateDRTLogBucket</code> request, you must be subscribed to the <a href="http://aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="http://aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
      */
     associateDRTLogBucket(args: AssociateDRTLogBucketCommandInput, options?: __HttpHandlerOptions): Promise<AssociateDRTLogBucketCommandOutput>;
     associateDRTLogBucket(args: AssociateDRTLogBucketCommandInput, cb: (err: any, data?: AssociateDRTLogBucketCommandOutput) => void): void;
@@ -58,7 +58,7 @@ export declare class Shield extends ShieldClient {
      *
      *          <p>The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.</p>
      *          <p>You must have the <code>iam:PassRole</code> permission to make an <code>AssociateDRTRole</code> request. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html">Granting a user permissions to pass a role to an Amazon Web Services service</a>. </p>
-     *          <p>To use the services of the SRT and make an <code>AssociateDRTRole</code> request, you must be subscribed to the <a href="https://docs.aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="https://docs.aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
+     *          <p>To use the services of the SRT and make an <code>AssociateDRTRole</code> request, you must be subscribed to the <a href="http://aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="http://aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
      */
     associateDRTRole(args: AssociateDRTRoleCommandInput, options?: __HttpHandlerOptions): Promise<AssociateDRTRoleCommandOutput>;
     associateDRTRole(args: AssociateDRTRoleCommandInput, cb: (err: any, data?: AssociateDRTRoleCommandOutput) => void): void;
@@ -82,7 +82,7 @@ export declare class Shield extends ShieldClient {
     associateProactiveEngagementDetails(args: AssociateProactiveEngagementDetailsCommandInput, cb: (err: any, data?: AssociateProactiveEngagementDetailsCommandOutput) => void): void;
     associateProactiveEngagementDetails(args: AssociateProactiveEngagementDetailsCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: AssociateProactiveEngagementDetailsCommandOutput) => void): void;
     /**
-     * <p>Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.</p>
+     * <p>Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Amazon Route 53 hosted zone, Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.</p>
      *          <p>You can add protection to only a single resource with each <code>CreateProtection</code> request. You can add protection to multiple resources
      *           at once through the Shield Advanced console at <a href="https://console.aws.amazon.com/wafv2/shieldv2#/">https://console.aws.amazon.com/wafv2/shieldv2#/</a>.
      *               For more information see
@@ -100,8 +100,11 @@ export declare class Shield extends ShieldClient {
     createProtectionGroup(args: CreateProtectionGroupCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: CreateProtectionGroupCommandOutput) => void): void;
     /**
      * <p>Activates Shield Advanced for an account.</p>
-     *
-     *          <p>When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period.  You can change this by submitting an <code>UpdateSubscription</code> request. </p>
+     *          <note>
+     *             <p>For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,
+     *               regardless of whether the payer account itself is subscribed. </p>
+     *          </note>
+     *          <p>When you initially create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period.  You can change this by submitting an <code>UpdateSubscription</code> request. </p>
      */
     createSubscription(args: CreateSubscriptionCommandInput, options?: __HttpHandlerOptions): Promise<CreateSubscriptionCommandOutput>;
     createSubscription(args: CreateSubscriptionCommandInput, cb: (err: any, data?: CreateSubscriptionCommandOutput) => void): void;
@@ -171,7 +174,7 @@ export declare class Shield extends ShieldClient {
     describeSubscription(args: DescribeSubscriptionCommandInput, cb: (err: any, data?: DescribeSubscriptionCommandOutput) => void): void;
     describeSubscription(args: DescribeSubscriptionCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DescribeSubscriptionCommandOutput) => void): void;
     /**
-     * <p>Disable the Shield Advanced automatic application layer DDoS mitigation feature for the resource. This
+     * <p>Disable the Shield Advanced automatic application layer DDoS mitigation feature for the protected resource. This
      *        stops Shield Advanced from creating, verifying, and applying WAF rules for attacks that it detects for the resource. </p>
      */
     disableApplicationLayerAutomaticResponse(args: DisableApplicationLayerAutomaticResponseCommandInput, options?: __HttpHandlerOptions): Promise<DisableApplicationLayerAutomaticResponseCommandOutput>;
@@ -203,19 +206,20 @@ export declare class Shield extends ShieldClient {
     disassociateHealthCheck(args: DisassociateHealthCheckCommandInput, cb: (err: any, data?: DisassociateHealthCheckCommandOutput) => void): void;
     disassociateHealthCheck(args: DisassociateHealthCheckCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: DisassociateHealthCheckCommandOutput) => void): void;
     /**
-     * <p>Enable the Shield Advanced automatic application layer DDoS mitigation for the resource. </p>
+     * <p>Enable the Shield Advanced automatic application layer DDoS mitigation for the protected resource. </p>
      *          <note>
-     *             <p>This feature is available for Amazon CloudFront distributions only.</p>
+     *             <p>This feature is available for Amazon CloudFront distributions and Application Load Balancers only.</p>
      *          </note>
      *          <p>This causes Shield Advanced to create, verify, and apply WAF rules for DDoS attacks that it detects for the
      *        resource. Shield Advanced applies the rules in a Shield rule group inside the web ACL that you've associated
      *            with the resource. For information about how automatic mitigation works and the requirements for using it, see
      *    <a href="https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-automatic-app-layer-response.html">Shield Advanced automatic application layer DDoS mitigation</a>.</p>
-     *          <p>Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use <a>UpdateApplicationLayerAutomaticResponse</a>.</p>
+     *          <note>
+     *             <p>Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use <a>UpdateApplicationLayerAutomaticResponse</a>.</p>
+     *          </note>
      *          <p>To use this feature, you must associate a web ACL with the protected resource. The web ACL must be created using the latest version of WAF (v2). You can associate the web ACL through the Shield Advanced console
      *            at <a href="https://console.aws.amazon.com/wafv2/shieldv2#/">https://console.aws.amazon.com/wafv2/shieldv2#/</a>. For more information,
-     *                see <a href="https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html">Getting Started with Shield Advanced</a>.</p>
-     *          <p>You can also do this through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see
+     *                see <a href="https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html">Getting Started with Shield Advanced</a>. You can also associate the web ACL to the resource through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see
      *        <a href="https://docs.aws.amazon.com/waf/latest/developerguide/">WAF Developer Guide</a>.</p>
      */
     enableApplicationLayerAutomaticResponse(args: EnableApplicationLayerAutomaticResponseCommandInput, options?: __HttpHandlerOptions): Promise<EnableApplicationLayerAutomaticResponseCommandOutput>;
@@ -241,13 +245,15 @@ export declare class Shield extends ShieldClient {
     listAttacks(args: ListAttacksCommandInput, cb: (err: any, data?: ListAttacksCommandOutput) => void): void;
     listAttacks(args: ListAttacksCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: ListAttacksCommandOutput) => void): void;
     /**
-     * <p>Retrieves the <a>ProtectionGroup</a> objects for the account.</p>
+     * <p>Retrieves <a>ProtectionGroup</a> objects for the account. You can retrieve all protection groups or you can provide
+     *        filtering criteria and retrieve just the subset of protection groups that match the criteria. </p>
      */
     listProtectionGroups(args: ListProtectionGroupsCommandInput, options?: __HttpHandlerOptions): Promise<ListProtectionGroupsCommandOutput>;
     listProtectionGroups(args: ListProtectionGroupsCommandInput, cb: (err: any, data?: ListProtectionGroupsCommandOutput) => void): void;
     listProtectionGroups(args: ListProtectionGroupsCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: ListProtectionGroupsCommandOutput) => void): void;
     /**
-     * <p>Lists all <a>Protection</a> objects for the account.</p>
+     * <p>Retrieves <a>Protection</a> objects for the account. You can retrieve all protections or you can provide
+     *        filtering criteria and retrieve just the subset of protections that match the criteria. </p>
      */
     listProtections(args: ListProtectionsCommandInput, options?: __HttpHandlerOptions): Promise<ListProtectionsCommandOutput>;
     listProtections(args: ListProtectionsCommandInput, cb: (err: any, data?: ListProtectionsCommandOutput) => void): void;
@@ -296,6 +302,10 @@ export declare class Shield extends ShieldClient {
     updateProtectionGroup(args: UpdateProtectionGroupCommandInput, options: __HttpHandlerOptions, cb: (err: any, data?: UpdateProtectionGroupCommandOutput) => void): void;
     /**
      * <p>Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.</p>
+     *          <note>
+     *             <p>For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,
+     *               regardless of whether the payer account itself is subscribed. </p>
+     *          </note>
      */
     updateSubscription(args: UpdateSubscriptionCommandInput, options?: __HttpHandlerOptions): Promise<UpdateSubscriptionCommandOutput>;
     updateSubscription(args: UpdateSubscriptionCommandInput, cb: (err: any, data?: UpdateSubscriptionCommandOutput) => void): void;

package/dist-types/commands/AssociateDRTLogBucketCommand.d.ts

@@ -8,7 +8,7 @@ export interface AssociateDRTLogBucketCommandOutput extends AssociateDRTLogBucke
 }
 /**
  * <p>Authorizes the Shield Response Team (SRT) to access the specified Amazon S3 bucket containing log data such as Application Load Balancer access logs, CloudFront logs, or logs from third party sources. You can associate up to 10 Amazon S3 buckets with your subscription.</p>
- *          <p>To use the services of the SRT and make an <code>AssociateDRTLogBucket</code> request, you must be subscribed to the <a href="https://docs.aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="https://docs.aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
+ *          <p>To use the services of the SRT and make an <code>AssociateDRTLogBucket</code> request, you must be subscribed to the <a href="http://aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="http://aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/AssociateDRTRoleCommand.d.ts

@@ -14,7 +14,7 @@ export interface AssociateDRTRoleCommandOutput extends AssociateDRTRoleResponse,
  *
  *          <p>The SRT will have access only to your WAF and Shield resources. By submitting this request, you authorize the SRT to inspect your WAF and Shield configuration and create and update WAF rules and web ACLs on your behalf. The SRT takes these actions only if explicitly authorized by you.</p>
  *          <p>You must have the <code>iam:PassRole</code> permission to make an <code>AssociateDRTRole</code> request. For more information, see <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html">Granting a user permissions to pass a role to an Amazon Web Services service</a>. </p>
- *          <p>To use the services of the SRT and make an <code>AssociateDRTRole</code> request, you must be subscribed to the <a href="https://docs.aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="https://docs.aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
+ *          <p>To use the services of the SRT and make an <code>AssociateDRTRole</code> request, you must be subscribed to the <a href="http://aws.amazon.com/premiumsupport/business-support/">Business Support plan</a> or the <a href="http://aws.amazon.com/premiumsupport/enterprise-support/">Enterprise Support plan</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/CreateProtectionCommand.d.ts

@@ -7,7 +7,7 @@ export interface CreateProtectionCommandInput extends CreateProtectionRequest {
 export interface CreateProtectionCommandOutput extends CreateProtectionResponse, __MetadataBearer {
 }
 /**
- * <p>Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Elastic Load Balancing load balancer, Global Accelerator accelerator, Elastic IP Address, or an Amazon Route 53 hosted zone.</p>
+ * <p>Enables Shield Advanced for a specific Amazon Web Services resource. The resource can be an Amazon CloudFront distribution, Amazon Route 53 hosted zone, Global Accelerator standard accelerator, Elastic IP Address, Application Load Balancer, or a Classic Load Balancer. You can protect Amazon EC2 instances and Network Load Balancers by association with protected Amazon EC2 Elastic IP addresses.</p>
  *          <p>You can add protection to only a single resource with each <code>CreateProtection</code> request. You can add protection to multiple resources
  *           at once through the Shield Advanced console at <a href="https://console.aws.amazon.com/wafv2/shieldv2#/">https://console.aws.amazon.com/wafv2/shieldv2#/</a>.
  *               For more information see

package/dist-types/commands/CreateSubscriptionCommand.d.ts

@@ -8,8 +8,11 @@ export interface CreateSubscriptionCommandOutput extends CreateSubscriptionRespo
 }
 /**
  * <p>Activates Shield Advanced for an account.</p>
- *
- *          <p>When you initally create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period.  You can change this by submitting an <code>UpdateSubscription</code> request. </p>
+ *          <note>
+ *             <p>For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,
+ *               regardless of whether the payer account itself is subscribed. </p>
+ *          </note>
+ *          <p>When you initially create a subscription, your subscription is set to be automatically renewed at the end of the existing subscription period.  You can change this by submitting an <code>UpdateSubscription</code> request. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DisableApplicationLayerAutomaticResponseCommand.d.ts

@@ -7,7 +7,7 @@ export interface DisableApplicationLayerAutomaticResponseCommandInput extends Di
 export interface DisableApplicationLayerAutomaticResponseCommandOutput extends DisableApplicationLayerAutomaticResponseResponse, __MetadataBearer {
 }
 /**
- * <p>Disable the Shield Advanced automatic application layer DDoS mitigation feature for the resource. This
+ * <p>Disable the Shield Advanced automatic application layer DDoS mitigation feature for the protected resource. This
  *        stops Shield Advanced from creating, verifying, and applying WAF rules for attacks that it detects for the resource. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/EnableApplicationLayerAutomaticResponseCommand.d.ts

@@ -7,19 +7,20 @@ export interface EnableApplicationLayerAutomaticResponseCommandInput extends Ena
 export interface EnableApplicationLayerAutomaticResponseCommandOutput extends EnableApplicationLayerAutomaticResponseResponse, __MetadataBearer {
 }
 /**
- * <p>Enable the Shield Advanced automatic application layer DDoS mitigation for the resource. </p>
+ * <p>Enable the Shield Advanced automatic application layer DDoS mitigation for the protected resource. </p>
  *          <note>
- *             <p>This feature is available for Amazon CloudFront distributions only.</p>
+ *             <p>This feature is available for Amazon CloudFront distributions and Application Load Balancers only.</p>
  *          </note>
  *          <p>This causes Shield Advanced to create, verify, and apply WAF rules for DDoS attacks that it detects for the
  *        resource. Shield Advanced applies the rules in a Shield rule group inside the web ACL that you've associated
  *            with the resource. For information about how automatic mitigation works and the requirements for using it, see
  *    <a href="https://docs.aws.amazon.com/waf/latest/developerguide/ddos-advanced-automatic-app-layer-response.html">Shield Advanced automatic application layer DDoS mitigation</a>.</p>
- *          <p>Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use <a>UpdateApplicationLayerAutomaticResponse</a>.</p>
+ *          <note>
+ *             <p>Don't use this action to make changes to automatic mitigation settings when it's already enabled for a resource. Instead, use <a>UpdateApplicationLayerAutomaticResponse</a>.</p>
+ *          </note>
  *          <p>To use this feature, you must associate a web ACL with the protected resource. The web ACL must be created using the latest version of WAF (v2). You can associate the web ACL through the Shield Advanced console
  *            at <a href="https://console.aws.amazon.com/wafv2/shieldv2#/">https://console.aws.amazon.com/wafv2/shieldv2#/</a>. For more information,
- *                see <a href="https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html">Getting Started with Shield Advanced</a>.</p>
- *          <p>You can also do this through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see
+ *                see <a href="https://docs.aws.amazon.com/waf/latest/developerguide/getting-started-ddos.html">Getting Started with Shield Advanced</a>. You can also associate the web ACL to the resource through the WAF console or the WAF API, but you must manage Shield Advanced automatic mitigation through Shield Advanced. For information about WAF, see
  *        <a href="https://docs.aws.amazon.com/waf/latest/developerguide/">WAF Developer Guide</a>.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

package/dist-types/commands/ListProtectionGroupsCommand.d.ts

@@ -7,7 +7,8 @@ export interface ListProtectionGroupsCommandInput extends ListProtectionGroupsRe
 export interface ListProtectionGroupsCommandOutput extends ListProtectionGroupsResponse, __MetadataBearer {
 }
 /**
- * <p>Retrieves the <a>ProtectionGroup</a> objects for the account.</p>
+ * <p>Retrieves <a>ProtectionGroup</a> objects for the account. You can retrieve all protection groups or you can provide
+ *        filtering criteria and retrieve just the subset of protection groups that match the criteria. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/ListProtectionsCommand.d.ts

@@ -7,7 +7,8 @@ export interface ListProtectionsCommandInput extends ListProtectionsRequest {
 export interface ListProtectionsCommandOutput extends ListProtectionsResponse, __MetadataBearer {
 }
 /**
- * <p>Lists all <a>Protection</a> objects for the account.</p>
+ * <p>Retrieves <a>Protection</a> objects for the account. You can retrieve all protections or you can provide
+ *        filtering criteria and retrieve just the subset of protections that match the criteria. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UpdateSubscriptionCommand.d.ts

@@ -8,6 +8,10 @@ export interface UpdateSubscriptionCommandOutput extends UpdateSubscriptionRespo
 }
 /**
  * <p>Updates the details of an existing subscription. Only enter values for parameters you want to change. Empty parameters are not updated.</p>
+ *          <note>
+ *             <p>For accounts that are members of an Organizations organization, Shield Advanced subscriptions are billed against the organization's payer account,
+ *               regardless of whether the payer account itself is subscribed. </p>
+ *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/models/models_0.d.ts

@@ -162,7 +162,7 @@ export declare class LimitsExceededException extends __BaseException {
     constructor(opts: __ExceptionOptionType<LimitsExceededException, __BaseException>);
 }
 /**
- * <p>The ARN of the role that you specifed does not exist.</p>
+ * <p>The ARN of the role that you specified does not exist.</p>
  */
 export declare class NoAssociatedRoleException extends __BaseException {
     readonly name: "NoAssociatedRoleException";
@@ -614,7 +614,7 @@ export interface CreateProtectionRequest {
      *                </p>
      *             </li>
      *             <li>
-     *                <p>For an Global Accelerator accelerator: <code>arn:aws:globalaccelerator::<i>account-id</i>:accelerator/<i>accelerator-id</i>
+     *                <p>For an Global Accelerator standard accelerator: <code>arn:aws:globalaccelerator::<i>account-id</i>:accelerator/<i>accelerator-id</i>
      *                   </code>
      *                </p>
      *             </li>
@@ -759,7 +759,7 @@ export interface DescribeAttackRequest {
 }
 export interface DescribeAttackResponse {
     /**
-     * <p>The attack that is described.</p>
+     * <p>The attack that you requested. </p>
      */
     Attack?: AttackDetail;
 }
@@ -780,7 +780,7 @@ export interface TimeRange {
 }
 export interface DescribeAttackStatisticsResponse {
     /**
-     * <p>The time range. </p>
+     * <p>The time range of the attack.</p>
      */
     TimeRange: TimeRange | undefined;
     /**
@@ -810,13 +810,13 @@ export interface DescribeEmergencyContactSettingsResponse {
 }
 export interface DescribeProtectionRequest {
     /**
-     * <p>The unique identifier (ID) for the <a>Protection</a> object that is
-     *          described. When submitting the <code>DescribeProtection</code> request you must provide either the <code>ResourceArn</code> or the <code>ProtectionID</code>, but not both.</p>
+     * <p>The unique identifier (ID) for the <a>Protection</a> object to describe.
+     *            You must provide either the <code>ResourceArn</code> of the protected resource or the <code>ProtectionID</code> of the protection, but not both.</p>
      */
     ProtectionId?: string;
     /**
-     * <p>The ARN (Amazon Resource Name) of the Amazon Web Services resource for the <a>Protection</a> object that is
-     *          described. When submitting the <code>DescribeProtection</code> request you must provide either the <code>ResourceArn</code> or the <code>ProtectionID</code>, but not both.</p>
+     * <p>The ARN (Amazon Resource Name) of the protected Amazon Web Services resource.
+     *            You must provide either the <code>ResourceArn</code> of the protected resource or the <code>ProtectionID</code> of the protection, but not both.</p>
      */
     ResourceArn?: string;
 }
@@ -853,7 +853,7 @@ export interface Protection {
 }
 export interface DescribeProtectionResponse {
     /**
-     * <p>The <a>Protection</a> object that is described.</p>
+     * <p>The <a>Protection</a> that you requested. </p>
      */
     Protection?: Protection;
 }
@@ -887,7 +887,7 @@ export interface ProtectionGroup {
      */
     Aggregation: ProtectionGroupAggregation | string | undefined;
     /**
-     * <p>The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource Amazon Resource Names (ARNs), or include all resources of a specified resource type.</p>
+     * <p>The criteria to use to choose the protected resources for inclusion in the group. You can include all resources that have protections, provide a list of resource ARNs (Amazon Resource Names), or include all resources of a specified resource type.</p>
      */
     Pattern: ProtectionGroupPattern | string | undefined;
     /**
@@ -896,7 +896,7 @@ export interface ProtectionGroup {
      */
     ResourceType?: ProtectedResourceType | string;
     /**
-     * <p>The Amazon Resource Names (ARNs) of the resources to include in the protection group. You must set this when you set <code>Pattern</code> to <code>ARBITRARY</code> and you must not set it for any other <code>Pattern</code> setting. </p>
+     * <p>The ARNs (Amazon Resource Names) of the resources to include in the protection group. You must set this when you set <code>Pattern</code> to <code>ARBITRARY</code> and you must not set it for any other <code>Pattern</code> setting. </p>
      */
     Members: string[] | undefined;
     /**
@@ -1031,7 +1031,7 @@ export interface DescribeSubscriptionResponse {
 }
 export interface DisableApplicationLayerAutomaticResponseRequest {
     /**
-     * <p>The ARN (Amazon Resource Name) of the resource.</p>
+     * <p>The ARN (Amazon Resource Name) of the protected resource.</p>
      */
     ResourceArn: string | undefined;
 }
@@ -1067,7 +1067,7 @@ export interface DisassociateHealthCheckResponse {
 }
 export interface EnableApplicationLayerAutomaticResponseRequest {
     /**
-     * <p>The ARN (Amazon Resource Name) of the resource.</p>
+     * <p>The ARN (Amazon Resource Name) of the protected resource.</p>
      */
     ResourceArn: string | undefined;
     /**
@@ -1155,6 +1155,27 @@ export declare class InvalidPaginationTokenException extends __BaseException {
      */
     constructor(opts: __ExceptionOptionType<InvalidPaginationTokenException, __BaseException>);
 }
+/**
+ * <p>Narrows the set of protection groups that the call retrieves. You can retrieve a single protection group by its name and you can retrieve all protection groups that are configured with a specific pattern, aggregation, or resource type. You can provide up to one criteria per filter type. Shield Advanced returns the protection groups that exactly match all of the search criteria that you provide.</p>
+ */
+export interface InclusionProtectionGroupFilters {
+    /**
+     * <p>The ID of the protection group that you want to retrieve.  </p>
+     */
+    ProtectionGroupIds?: string[];
+    /**
+     * <p>The pattern specification of the protection groups that you want to retrieve.  </p>
+     */
+    Patterns?: (ProtectionGroupPattern | string)[];
+    /**
+     * <p>The resource type configuration of the protection groups that you want to retrieve. In the protection group configuration, you specify the resource type when you set the group's <code>Pattern</code> to <code>BY_RESOURCE_TYPE</code>. </p>
+     */
+    ResourceTypes?: (ProtectedResourceType | string)[];
+    /**
+     * <p>The aggregation setting of the protection groups that you want to retrieve.  </p>
+     */
+    Aggregations?: (ProtectionGroupAggregation | string)[];
+}
 export interface ListProtectionGroupsRequest {
     /**
      * <p>When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,
@@ -1173,6 +1194,10 @@ export interface ListProtectionGroupsRequest {
      *          <p>The default setting is 20.</p>
      */
     MaxResults?: number;
+    /**
+     * <p>Narrows the set of protection groups that the call retrieves. You can retrieve a single protection group by its name and you can retrieve all protection groups that are configured with specific pattern or aggregation settings. You can provide up to one criteria per filter type. Shield Advanced returns the protection groups that exactly match all of the search criteria that you provide.</p>
+     */
+    InclusionFilters?: InclusionProtectionGroupFilters;
 }
 export interface ListProtectionGroupsResponse {
     /**
@@ -1189,6 +1214,23 @@ export interface ListProtectionGroupsResponse {
      */
     NextToken?: string;
 }
+/**
+ * <p>Narrows the set of protections that the call retrieves. You can retrieve a single protection by providing its name or the ARN (Amazon Resource Name) of its protected resource. You can also retrieve all protections for a specific resource type. You can provide up to one criteria per filter type. Shield Advanced returns protections that exactly match all of the filter criteria that you provide.</p>
+ */
+export interface InclusionProtectionFilters {
+    /**
+     * <p>The ARN (Amazon Resource Name) of the resource whose protection you want to retrieve.  </p>
+     */
+    ResourceArns?: string[];
+    /**
+     * <p>The name of the protection that you want to retrieve.  </p>
+     */
+    ProtectionNames?: string[];
+    /**
+     * <p>The type of protected resource whose protections you want to retrieve.  </p>
+     */
+    ResourceTypes?: (ProtectedResourceType | string)[];
+}
 export interface ListProtectionsRequest {
     /**
      * <p>When you request a list of objects from Shield Advanced, if the response does not include all of the remaining available objects,
@@ -1207,6 +1249,10 @@ export interface ListProtectionsRequest {
      *          <p>The default setting is 20.</p>
      */
     MaxResults?: number;
+    /**
+     * <p>Narrows the set of protections that the call retrieves. You can retrieve a single protection by providing its name or the ARN (Amazon Resource Name) of its protected resource. You can also retrieve all protections for a specific resource type. You can provide up to one criteria per filter type. Shield Advanced returns protections that exactly match all of the filter criteria that you provide.</p>
+     */
+    InclusionFilters?: InclusionProtectionFilters;
 }
 export interface ListProtectionsResponse {
     /**
@@ -1688,6 +1734,10 @@ export declare const ListAttacksRequestFilterSensitiveLog: (obj: ListAttacksRequ
  * @internal
  */
 export declare const ListAttacksResponseFilterSensitiveLog: (obj: ListAttacksResponse) => any;
+/**
+ * @internal
+ */
+export declare const InclusionProtectionGroupFiltersFilterSensitiveLog: (obj: InclusionProtectionGroupFilters) => any;
 /**
  * @internal
  */
@@ -1696,6 +1746,10 @@ export declare const ListProtectionGroupsRequestFilterSensitiveLog: (obj: ListPr
  * @internal
  */
 export declare const ListProtectionGroupsResponseFilterSensitiveLog: (obj: ListProtectionGroupsResponse) => any;
+/**
+ * @internal
+ */
+export declare const InclusionProtectionFiltersFilterSensitiveLog: (obj: InclusionProtectionFilters) => any;
 /**
  * @internal
  */

package/dist-types/ts3.4/models/models_0.d.ts

@@ -609,11 +609,24 @@ export declare class InvalidPaginationTokenException extends __BaseException {
     
     constructor(opts: __ExceptionOptionType<InvalidPaginationTokenException, __BaseException>);
 }
+
+export interface InclusionProtectionGroupFilters {
+    
+    ProtectionGroupIds?: string[];
+    
+    Patterns?: (ProtectionGroupPattern | string)[];
+    
+    ResourceTypes?: (ProtectedResourceType | string)[];
+    
+    Aggregations?: (ProtectionGroupAggregation | string)[];
+}
 export interface ListProtectionGroupsRequest {
     
     NextToken?: string;
     
     MaxResults?: number;
+    
+    InclusionFilters?: InclusionProtectionGroupFilters;
 }
 export interface ListProtectionGroupsResponse {
     
@@ -621,11 +634,22 @@ export interface ListProtectionGroupsResponse {
     
     NextToken?: string;
 }
+
+export interface InclusionProtectionFilters {
+    
+    ResourceArns?: string[];
+    
+    ProtectionNames?: string[];
+    
+    ResourceTypes?: (ProtectedResourceType | string)[];
+}
 export interface ListProtectionsRequest {
     
     NextToken?: string;
     
     MaxResults?: number;
+    
+    InclusionFilters?: InclusionProtectionFilters;
 }
 export interface ListProtectionsResponse {
     
@@ -868,10 +892,14 @@ export declare const ListAttacksRequestFilterSensitiveLog: (obj: ListAttacksRequ
 
 export declare const ListAttacksResponseFilterSensitiveLog: (obj: ListAttacksResponse) => any;
 
+export declare const InclusionProtectionGroupFiltersFilterSensitiveLog: (obj: InclusionProtectionGroupFilters) => any;
+
 export declare const ListProtectionGroupsRequestFilterSensitiveLog: (obj: ListProtectionGroupsRequest) => any;
 
 export declare const ListProtectionGroupsResponseFilterSensitiveLog: (obj: ListProtectionGroupsResponse) => any;
 
+export declare const InclusionProtectionFiltersFilterSensitiveLog: (obj: InclusionProtectionFilters) => any;
+
 export declare const ListProtectionsRequestFilterSensitiveLog: (obj: ListProtectionsRequest) => any;
 
 export declare const ListProtectionsResponseFilterSensitiveLog: (obj: ListProtectionsResponse) => any;

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-shield",
   "description": "AWS SDK for JavaScript Shield Client for Node.js, Browser and React Native",
-  "version": "3.137.0",
+  "version": "3.142.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -18,9 +18,9 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "2.0.0",
     "@aws-crypto/sha256-js": "2.0.0",
-    "@aws-sdk/client-sts": "3.137.0",
+    "@aws-sdk/client-sts": "3.142.0",
     "@aws-sdk/config-resolver": "3.130.0",
-    "@aws-sdk/credential-provider-node": "3.137.0",
+    "@aws-sdk/credential-provider-node": "3.142.0",
     "@aws-sdk/fetch-http-handler": "3.131.0",
     "@aws-sdk/hash-node": "3.127.0",
     "@aws-sdk/invalid-dependency": "3.127.0",
@@ -36,15 +36,15 @@
     "@aws-sdk/node-config-provider": "3.127.0",
     "@aws-sdk/node-http-handler": "3.127.0",
     "@aws-sdk/protocol-http": "3.127.0",
-    "@aws-sdk/smithy-client": "3.137.0",
+    "@aws-sdk/smithy-client": "3.142.0",
     "@aws-sdk/types": "3.127.0",
     "@aws-sdk/url-parser": "3.127.0",
     "@aws-sdk/util-base64-browser": "3.109.0",
     "@aws-sdk/util-base64-node": "3.55.0",
     "@aws-sdk/util-body-length-browser": "3.55.0",
     "@aws-sdk/util-body-length-node": "3.55.0",
-    "@aws-sdk/util-defaults-mode-browser": "3.137.0",
-    "@aws-sdk/util-defaults-mode-node": "3.137.0",
+    "@aws-sdk/util-defaults-mode-browser": "3.142.0",
+    "@aws-sdk/util-defaults-mode-node": "3.142.0",
     "@aws-sdk/util-user-agent-browser": "3.127.0",
     "@aws-sdk/util-user-agent-node": "3.127.0",
     "@aws-sdk/util-utf8-browser": "3.109.0",