feat(client-route53resolver): Route 53 Resolver DNS Firewall Advanced…

… Rules allows you to monitor and block suspicious DNS traffic based on anomalies detected in the queries, such as DNS tunneling and Domain Generation Algorithms (DGAs).
aws · Nov 15, 2024 · 033426b · 033426b
1 parent 11a264e
commit 033426b
Show file tree

Hide file tree

Showing 7 changed files with 328 additions and 78 deletions.
diff --git a/clients/client-route53resolver/src/commands/CreateFirewallRuleCommand.ts b/clients/client-route53resolver/src/commands/CreateFirewallRuleCommand.ts
@@ -38,7 +38,7 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
  * const input = { // CreateFirewallRuleRequest
  *   CreatorRequestId: "STRING_VALUE", // required
  *   FirewallRuleGroupId: "STRING_VALUE", // required
- *   FirewallDomainListId: "STRING_VALUE", // required
+ *   FirewallDomainListId: "STRING_VALUE",
  *   Priority: Number("int"), // required
  *   Action: "ALLOW" || "BLOCK" || "ALERT", // required
  *   BlockResponse: "NODATA" || "NXDOMAIN" || "OVERRIDE",
@@ -48,13 +48,16 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
  *   Name: "STRING_VALUE", // required
  *   FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  *   Qtype: "STRING_VALUE",
+ *   DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ *   ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * };
  * const command = new CreateFirewallRuleCommand(input);
  * const response = await client.send(command);
  * // { // CreateFirewallRuleResponse
  * //   FirewallRule: { // FirewallRule
  * //     FirewallRuleGroupId: "STRING_VALUE",
  * //     FirewallDomainListId: "STRING_VALUE",
+ * //     FirewallThreatProtectionId: "STRING_VALUE",
  * //     Name: "STRING_VALUE",
  * //     Priority: Number("int"),
  * //     Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -67,6 +70,8 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
  * //     ModificationTime: "STRING_VALUE",
  * //     FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  * //     Qtype: "STRING_VALUE",
+ * //     DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ * //     ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * //   },
  * // };
  *

diff --git a/clients/client-route53resolver/src/commands/DeleteFirewallRuleCommand.ts b/clients/client-route53resolver/src/commands/DeleteFirewallRuleCommand.ts
@@ -37,7 +37,8 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
  * const client = new Route53ResolverClient(config);
  * const input = { // DeleteFirewallRuleRequest
  *   FirewallRuleGroupId: "STRING_VALUE", // required
- *   FirewallDomainListId: "STRING_VALUE", // required
+ *   FirewallDomainListId: "STRING_VALUE",
+ *   FirewallThreatProtectionId: "STRING_VALUE",
  *   Qtype: "STRING_VALUE",
  * };
  * const command = new DeleteFirewallRuleCommand(input);
@@ -46,6 +47,7 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
  * //   FirewallRule: { // FirewallRule
  * //     FirewallRuleGroupId: "STRING_VALUE",
  * //     FirewallDomainListId: "STRING_VALUE",
+ * //     FirewallThreatProtectionId: "STRING_VALUE",
  * //     Name: "STRING_VALUE",
  * //     Priority: Number("int"),
  * //     Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -58,6 +60,8 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
  * //     ModificationTime: "STRING_VALUE",
  * //     FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  * //     Qtype: "STRING_VALUE",
+ * //     DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ * //     ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * //   },
  * // };
  *
@@ -83,6 +87,10 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
  * @throws {@link ThrottlingException} (client fault)
  *  <p>The request was throttled. Try again in a few minutes.</p>
  *
+ * @throws {@link ValidationException} (client fault)
+ *  <p>You have provided an invalid command. If you ran the <code>UpdateFirewallDomains</code> request. supported values are <code>ADD</code>,
+ * 			<code>REMOVE</code>, or <code>REPLACE</code> a domain.</p>
+ *
  * @throws {@link Route53ResolverServiceException}
  * <p>Base exception class for all service exceptions from Route53Resolver service.</p>
  *

diff --git a/clients/client-route53resolver/src/commands/ListFirewallRulesCommand.ts b/clients/client-route53resolver/src/commands/ListFirewallRulesCommand.ts
@@ -51,6 +51,7 @@ export interface ListFirewallRulesCommandOutput extends ListFirewallRulesRespons
  * //     { // FirewallRule
  * //       FirewallRuleGroupId: "STRING_VALUE",
  * //       FirewallDomainListId: "STRING_VALUE",
+ * //       FirewallThreatProtectionId: "STRING_VALUE",
  * //       Name: "STRING_VALUE",
  * //       Priority: Number("int"),
  * //       Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -63,6 +64,8 @@ export interface ListFirewallRulesCommandOutput extends ListFirewallRulesRespons
  * //       ModificationTime: "STRING_VALUE",
  * //       FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  * //       Qtype: "STRING_VALUE",
+ * //       DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ * //       ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * //     },
  * //   ],
  * // };

diff --git a/clients/client-route53resolver/src/commands/UpdateFirewallRuleCommand.ts b/clients/client-route53resolver/src/commands/UpdateFirewallRuleCommand.ts
@@ -37,7 +37,8 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
  * const client = new Route53ResolverClient(config);
  * const input = { // UpdateFirewallRuleRequest
  *   FirewallRuleGroupId: "STRING_VALUE", // required
- *   FirewallDomainListId: "STRING_VALUE", // required
+ *   FirewallDomainListId: "STRING_VALUE",
+ *   FirewallThreatProtectionId: "STRING_VALUE",
  *   Priority: Number("int"),
  *   Action: "ALLOW" || "BLOCK" || "ALERT",
  *   BlockResponse: "NODATA" || "NXDOMAIN" || "OVERRIDE",
@@ -47,13 +48,16 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
  *   Name: "STRING_VALUE",
  *   FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  *   Qtype: "STRING_VALUE",
+ *   DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ *   ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * };
  * const command = new UpdateFirewallRuleCommand(input);
  * const response = await client.send(command);
  * // { // UpdateFirewallRuleResponse
  * //   FirewallRule: { // FirewallRule
  * //     FirewallRuleGroupId: "STRING_VALUE",
  * //     FirewallDomainListId: "STRING_VALUE",
+ * //     FirewallThreatProtectionId: "STRING_VALUE",
  * //     Name: "STRING_VALUE",
  * //     Priority: Number("int"),
  * //     Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -66,6 +70,8 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
  * //     ModificationTime: "STRING_VALUE",
  * //     FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
  * //     Qtype: "STRING_VALUE",
+ * //     DnsThreatProtection: "DGA" || "DNS_TUNNELING",
+ * //     ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
  * //   },
  * // };
  *