From 7586f6edf647cc4f9fc9978a0211b06970538092 Mon Sep 17 00:00:00 2001 From: awstools Date: Thu, 27 Oct 2022 19:31:12 +0000 Subject: [PATCH] feat(client-fms): Add support NetworkFirewall Managed Rule Group Override flag in GetViolationDetails API --- clients/client-fms/src/models/models_0.ts | 132 +- .../client-fms/src/protocols/Aws_json1_1.ts | 14 + codegen/sdk-codegen/aws-models/fms.json | 1277 +++++++++-------- 3 files changed, 812 insertions(+), 611 deletions(-) diff --git a/clients/client-fms/src/models/models_0.ts b/clients/client-fms/src/models/models_0.ts index c5608e133d9ca..713693e77de13 100644 --- a/clients/client-fms/src/models/models_0.ts +++ b/clients/client-fms/src/models/models_0.ts @@ -779,58 +779,6 @@ export interface SecurityServicePolicyData { *

* *
  • - *

    Specification for SHIELD_ADVANCED for Amazon CloudFront distributions

    - *

    - * "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": - * {\"automaticResponseStatus\":\"ENABLED|IGNORED|DISABLED\", - * \"automaticResponseAction\":\"BLOCK|COUNT\"}, - * \"overrideCustomerWebaclClassic\":true|false}" - *

    - *

    For example: - * "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": - * {\"automaticResponseStatus\":\"ENABLED\", - * \"automaticResponseAction\":\"COUNT\"}}" - *

    - *

    The default value for automaticResponseStatus is - * IGNORED. The value for automaticResponseAction is only - * required when automaticResponseStatus is set to ENABLED. - * The default value for overrideCustomerWebaclClassic is - * false.

    - *

    For other resource types that you can protect with a Shield Advanced policy, this - * ManagedServiceData configuration is an empty string.

    - *
    • - *
  • - *

    Example: WAFV2 - *

    - *

    - * "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}" - *

    - *

    In the loggingConfiguration, you can specify one - * logDestinationConfigs, you can optionally provide up to 20 - * redactedFields, and the RedactedFieldType must be one of - * URI, QUERY_STRING, HEADER, or - * METHOD.

    - *
    • - *
  • - *

    Example: WAF Classic - *

    - *

    - * "{\"type\": \"WAF\", \"ruleGroups\": - * [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" : {\"type\": - * \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}}" - *

    - *
    • - *
  • - *

    Example: WAFV2 - Firewall Manager support for WAF managed rule group versioning - *

    - *

    - * "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"versionEnabled\":true,\"version\":\"Version_2.0\",\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesCommonRuleSet\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}" - *

    - *

    - * To use a specific version of a WAF managed rule group in your Firewall Manager policy, you must set versionEnabled to true, and set version to the version you'd like to use. If you don't set versionEnabled to true, or if you omit versionEnabled, then Firewall Manager uses the default version of the WAF managed rule group. - *

    - *
    • - *
  • *

    Example: SECURITY_GROUPS_COMMON *

    *

    @@ -880,6 +828,58 @@ export interface SecurityServicePolicyData { * "{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}" *

    *
    • + *
  • + *

    Specification for SHIELD_ADVANCED for Amazon CloudFront distributions

    + *

    + * "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": + * {\"automaticResponseStatus\":\"ENABLED|IGNORED|DISABLED\", + * \"automaticResponseAction\":\"BLOCK|COUNT\"}, + * \"overrideCustomerWebaclClassic\":true|false}" + *

    + *

    For example: + * "{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": + * {\"automaticResponseStatus\":\"ENABLED\", + * \"automaticResponseAction\":\"COUNT\"}}" + *

    + *

    The default value for automaticResponseStatus is + * IGNORED. The value for automaticResponseAction is only + * required when automaticResponseStatus is set to ENABLED. + * The default value for overrideCustomerWebaclClassic is + * false.

    + *

    For other resource types that you can protect with a Shield Advanced policy, this + * ManagedServiceData configuration is an empty string.

    + *
    • + *
  • + *

    Example: WAFV2 + *

    + *

    + * "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}" + *

    + *

    In the loggingConfiguration, you can specify one + * logDestinationConfigs, you can optionally provide up to 20 + * redactedFields, and the RedactedFieldType must be one of + * URI, QUERY_STRING, HEADER, or + * METHOD.

    + *
    • + *
  • + *

    Example: WAFV2 - Firewall Manager support for WAF managed rule group versioning + *

    + *

    + * "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"versionEnabled\":true,\"version\":\"Version_2.0\",\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesCommonRuleSet\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}" + *

    + *

    + * To use a specific version of a WAF managed rule group in your Firewall Manager policy, you must set versionEnabled to true, and set version to the version you'd like to use. If you don't set versionEnabled to true, or if you omit versionEnabled, then Firewall Manager uses the default version of the WAF managed rule group. + *

    + *
    • + *
  • + *

    Example: WAF Classic + *

    + *

    + * "{\"type\": \"WAF\", \"ruleGroups\": + * [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" : {\"type\": + * \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}}" + *

    + *
    • * */ ManagedServiceData?: string; @@ -1931,6 +1931,20 @@ export interface StatefulEngineOptions { RuleOrder?: RuleOrder | string; } +export enum NetworkFirewallOverrideAction { + DROP_TO_ALERT = "DROP_TO_ALERT", +} + +/** + *

    The setting that allows the policy owner to change the behavior of the rule group within a policy.

    + */ +export interface NetworkFirewallStatefulRuleGroupOverride { + /** + *

    The action that changes the rule group from DROP to ALERT. This only applies to managed rule groups.

    + */ + Action?: NetworkFirewallOverrideAction | string; +} + /** *

    Network Firewall stateful rule group, used in a NetworkFirewallPolicyDescription.

    */ @@ -1959,6 +1973,11 @@ export interface StatefulRuleGroup { *

    */ Priority?: number; + + /** + *

    The action that allows the policy owner to override the behavior of the rule group within a policy.

    + */ + Override?: NetworkFirewallStatefulRuleGroupOverride; } /** @@ -3729,6 +3748,15 @@ export const StatefulEngineOptionsFilterSensitiveLog = (obj: StatefulEngineOptio ...obj, }); +/** + * @internal + */ +export const NetworkFirewallStatefulRuleGroupOverrideFilterSensitiveLog = ( + obj: NetworkFirewallStatefulRuleGroupOverride +): any => ({ + ...obj, +}); + /** * @internal */ diff --git a/clients/client-fms/src/protocols/Aws_json1_1.ts b/clients/client-fms/src/protocols/Aws_json1_1.ts index 4a99f316ece7d..4906f4fb33a58 100644 --- a/clients/client-fms/src/protocols/Aws_json1_1.ts +++ b/clients/client-fms/src/protocols/Aws_json1_1.ts @@ -177,6 +177,7 @@ import { NetworkFirewallPolicy, NetworkFirewallPolicyDescription, NetworkFirewallPolicyModifiedViolation, + NetworkFirewallStatefulRuleGroupOverride, NetworkFirewallUnexpectedFirewallRoutesViolation, NetworkFirewallUnexpectedGatewayRoutesViolation, PartialMatch, @@ -3482,6 +3483,15 @@ const deserializeAws_json1_1NetworkFirewallPolicyModifiedViolation = ( } as any; }; +const deserializeAws_json1_1NetworkFirewallStatefulRuleGroupOverride = ( + output: any, + context: __SerdeContext +): NetworkFirewallStatefulRuleGroupOverride => { + return { + Action: __expectString(output.Action), + } as any; +}; + const deserializeAws_json1_1NetworkFirewallUnexpectedFirewallRoutesViolation = ( output: any, context: __SerdeContext @@ -4182,6 +4192,10 @@ const deserializeAws_json1_1StatefulEngineOptions = (output: any, context: __Ser const deserializeAws_json1_1StatefulRuleGroup = (output: any, context: __SerdeContext): StatefulRuleGroup => { return { + Override: + output.Override != null + ? deserializeAws_json1_1NetworkFirewallStatefulRuleGroupOverride(output.Override, context) + : undefined, Priority: __expectInt32(output.Priority), ResourceId: __expectString(output.ResourceId), RuleGroupName: __expectString(output.RuleGroupName), diff --git a/codegen/sdk-codegen/aws-models/fms.json b/codegen/sdk-codegen/aws-models/fms.json index b5ac70ddb97a0..53706f6c6957c 100644 --- a/codegen/sdk-codegen/aws-models/fms.json +++ b/codegen/sdk-codegen/aws-models/fms.json @@ -473,9 +473,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -486,9 +486,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -499,9 +499,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -512,9 +512,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -525,9 +525,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -538,9 +538,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -551,9 +551,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -564,9 +564,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -577,9 +577,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -590,9 +590,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -603,9 +603,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -616,9 +616,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-gov-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -629,9 +629,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ca-central-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -642,9 +642,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -655,9 +655,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ca-central-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -668,9 +668,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ca-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -681,9 +681,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-central-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -694,9 +694,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -707,9 +707,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-central-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -720,9 +720,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-central-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -733,9 +733,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -746,9 +746,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -759,9 +759,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -772,9 +772,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -785,9 +785,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -798,9 +798,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -811,9 +811,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -824,9 +824,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -837,9 +837,9 @@ } }, "params": { + "UseFIPS": true, "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -850,9 +850,9 @@ } }, "params": { + "UseFIPS": true, "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -863,9 +863,9 @@ } }, "params": { + "UseFIPS": false, "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -876,9 +876,9 @@ } }, "params": { + "UseFIPS": false, "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -889,9 +889,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -902,9 +902,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -915,9 +915,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -928,9 +928,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -941,9 +941,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -954,9 +954,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -967,9 +967,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -980,9 +980,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -993,9 +993,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1006,9 +1006,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1019,9 +1019,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1032,9 +1032,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1045,9 +1045,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1058,9 +1058,9 @@ } }, "params": { + "UseFIPS": true, "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1071,9 +1071,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1084,9 +1084,9 @@ } }, "params": { + "UseFIPS": false, "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1097,9 +1097,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1110,9 +1110,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1123,9 +1123,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1136,9 +1136,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1149,9 +1149,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1162,9 +1162,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1175,9 +1175,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1188,9 +1188,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1201,9 +1201,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1214,9 +1214,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1227,9 +1227,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1240,9 +1240,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1253,9 +1253,9 @@ } }, "params": { + "UseFIPS": true, "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1266,9 +1266,9 @@ } }, "params": { + "UseFIPS": true, "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1279,9 +1279,9 @@ } }, "params": { + "UseFIPS": false, "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1292,9 +1292,9 @@ } }, "params": { + "UseFIPS": false, "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1305,9 +1305,9 @@ } }, "params": { + "UseFIPS": true, "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1318,9 +1318,9 @@ } }, "params": { + "UseFIPS": true, "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1331,9 +1331,9 @@ } }, "params": { + "UseFIPS": false, "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1344,9 +1344,9 @@ } }, "params": { + "UseFIPS": false, "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1357,9 +1357,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1370,9 +1370,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1383,9 +1383,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1396,9 +1396,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1409,9 +1409,9 @@ } }, "params": { + "UseFIPS": true, "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1422,9 +1422,9 @@ } }, "params": { + "UseFIPS": true, "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1435,9 +1435,9 @@ } }, "params": { + "UseFIPS": false, "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1448,9 +1448,9 @@ } }, "params": { + "UseFIPS": false, "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1461,9 +1461,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-gov-west-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1474,9 +1474,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1487,9 +1487,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-gov-west-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1500,9 +1500,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1513,9 +1513,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1526,9 +1526,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1539,9 +1539,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1552,9 +1552,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1565,9 +1565,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1578,9 +1578,9 @@ } }, "params": { + "UseFIPS": true, "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1591,9 +1591,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1604,9 +1604,9 @@ } }, "params": { + "UseFIPS": false, "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1617,9 +1617,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1630,9 +1630,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1643,9 +1643,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-east-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1656,9 +1656,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-east-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1669,9 +1669,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-east-2", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1682,9 +1682,9 @@ } }, "params": { + "UseFIPS": true, "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1695,9 +1695,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-east-2", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1708,9 +1708,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-east-2", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1721,9 +1721,9 @@ } }, "params": { + "UseFIPS": true, "Region": "cn-northwest-1", - "UseDualStack": true, - "UseFIPS": true + "UseDualStack": true } }, { @@ -1734,9 +1734,9 @@ } }, "params": { + "UseFIPS": true, "Region": "cn-northwest-1", - "UseDualStack": false, - "UseFIPS": true + "UseDualStack": false } }, { @@ -1747,9 +1747,9 @@ } }, "params": { + "UseFIPS": false, "Region": "cn-northwest-1", - "UseDualStack": true, - "UseFIPS": false + "UseDualStack": true } }, { @@ -1760,9 +1760,9 @@ } }, "params": { + "UseFIPS": false, "Region": "cn-northwest-1", - "UseDualStack": false, - "UseFIPS": false + "UseDualStack": false } }, { @@ -1773,9 +1773,9 @@ } }, "params": { + "UseFIPS": false, "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": false, "Endpoint": "https://example.com" } }, @@ -1785,9 +1785,9 @@ "error": "Invalid Configuration: FIPS and custom endpoint are not supported" }, "params": { + "UseFIPS": true, "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": true, "Endpoint": "https://example.com" } }, @@ -1797,9 +1797,9 @@ "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" }, "params": { + "UseFIPS": false, "Region": "us-east-1", "UseDualStack": true, - "UseFIPS": false, "Endpoint": "https://example.com" } } @@ -1809,30 +1809,38 @@ } }, "com.amazonaws.fms#AccountRoleStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "READY", - "name": "Ready" - }, - { - "value": "CREATING", - "name": "Creating" - }, - { - "value": "PENDING_DELETION", - "name": "PendingDeletion" - }, - { - "value": "DELETING", - "name": "Deleting" - }, - { - "value": "DELETED", - "name": "Deleted" + "type": "enum", + "members": { + "Ready": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "READY" + } + }, + "Creating": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATING" } - ] + }, + "PendingDeletion": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PENDING_DELETION" + } + }, + "Deleting": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETING" + } + }, + "Deleted": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETED" + } + } } }, "com.amazonaws.fms#ActionTarget": { @@ -2238,18 +2246,20 @@ } }, "com.amazonaws.fms#CustomerPolicyScopeIdType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "ACCOUNT", - "name": "ACCOUNT" - }, - { - "value": "ORG_UNIT", - "name": "ORG_UNIT" + "type": "enum", + "members": { + "ACCOUNT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACCOUNT" } - ] + }, + "ORG_UNIT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ORG_UNIT" + } + } } }, "com.amazonaws.fms#CustomerPolicyScopeMap": { @@ -2407,45 +2417,55 @@ } }, "com.amazonaws.fms#DependentServiceName": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "AWSCONFIG", - "name": "AWSConfig" - }, - { - "value": "AWSWAF", - "name": "AWSWAF" - }, - { - "value": "AWSSHIELD_ADVANCED", - "name": "AWSShieldAdvanced" - }, - { - "value": "AWSVPC", - "name": "AWSVirtualPrivateCloud" + "type": "enum", + "members": { + "AWSConfig": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSCONFIG" + } + }, + "AWSWAF": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSWAF" + } + }, + "AWSShieldAdvanced": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSSHIELD_ADVANCED" } - ] + }, + "AWSVirtualPrivateCloud": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AWSVPC" + } + } } }, "com.amazonaws.fms#DestinationType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "IPV4", - "name": "IPV4" - }, - { - "value": "IPV6", - "name": "IPV6" - }, - { - "value": "PREFIX_LIST", - "name": "PrefixList" + "type": "enum", + "members": { + "IPV4": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IPV4" } - ] + }, + "IPV6": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IPV6" + } + }, + "PrefixList": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PREFIX_LIST" + } + } } }, "com.amazonaws.fms#DetailedInfo": { @@ -2989,18 +3009,20 @@ } }, "com.amazonaws.fms#FirewallDeploymentModel": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "CENTRALIZED", - "name": "CENTRALIZED" - }, - { - "value": "DISTRIBUTED", - "name": "DISTRIBUTED" + "type": "enum", + "members": { + "CENTRALIZED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CENTRALIZED" } - ] + }, + "DISTRIBUTED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DISTRIBUTED" + } + } } }, "com.amazonaws.fms#FirewallPolicyId": { @@ -4201,22 +4223,26 @@ } }, "com.amazonaws.fms#MarketplaceSubscriptionOnboardingStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "NO_SUBSCRIPTION", - "name": "NO_SUBSCRIPTION" - }, - { - "value": "NOT_COMPLETE", - "name": "NOT_COMPLETE" - }, - { - "value": "COMPLETE", - "name": "COMPLETE" + "type": "enum", + "members": { + "NO_SUBSCRIPTION": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NO_SUBSCRIPTION" + } + }, + "NOT_COMPLETE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_COMPLETE" + } + }, + "COMPLETE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPLETE" } - ] + } } }, "com.amazonaws.fms#MemberAccounts": { @@ -4605,6 +4631,17 @@ "smithy.api#documentation": "

    Violation detail for Network Firewall for an Availability Zone that's\n missing the expected Firewall Manager managed subnet.

    " } }, + "com.amazonaws.fms#NetworkFirewallOverrideAction": { + "type": "enum", + "members": { + "DROP_TO_ALERT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DROP_TO_ALERT" + } + } + } + }, "com.amazonaws.fms#NetworkFirewallPolicy": { "type": "structure", "members": { @@ -4705,6 +4742,20 @@ "smithy.api#pattern": "^[a-zA-Z0-9-]+$" } }, + "com.amazonaws.fms#NetworkFirewallStatefulRuleGroupOverride": { + "type": "structure", + "members": { + "Action": { + "target": "com.amazonaws.fms#NetworkFirewallOverrideAction", + "traits": { + "smithy.api#documentation": "

    The action that changes the rule group from DROP to ALERT. This only applies to managed rule groups.

    " + } + } + }, + "traits": { + "smithy.api#documentation": "

    The setting that allows the policy owner to change the behavior of the rule group within a policy.

    " + } + }, "com.amazonaws.fms#NetworkFirewallUnexpectedFirewallRoutesViolation": { "type": "structure", "members": { @@ -5022,18 +5073,20 @@ } }, "com.amazonaws.fms#PolicyComplianceStatusType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "COMPLIANT", - "name": "Compliant" - }, - { - "value": "NON_COMPLIANT", - "name": "NonCompliant" + "type": "enum", + "members": { + "Compliant": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "COMPLIANT" + } + }, + "NonCompliant": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NON_COMPLIANT" } - ] + } } }, "com.amazonaws.fms#PolicyId": { @@ -5641,18 +5694,20 @@ } }, "com.amazonaws.fms#RemediationActionType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "REMOVE", - "name": "Remove" - }, - { - "value": "MODIFY", - "name": "Modify" + "type": "enum", + "members": { + "Remove": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REMOVE" + } + }, + "Modify": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MODIFY" } - ] + } } }, "com.amazonaws.fms#RemediationActionWithOrder": { @@ -6070,18 +6125,20 @@ } }, "com.amazonaws.fms#RuleOrder": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "STRICT_ORDER", - "name": "STRICT_ORDER" - }, - { - "value": "DEFAULT_ACTION_ORDER", - "name": "DEFAULT_ACTION_ORDER" + "type": "enum", + "members": { + "STRICT_ORDER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "STRICT_ORDER" } - ] + }, + "DEFAULT_ACTION_ORDER": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DEFAULT_ACTION_ORDER" + } + } } }, "com.amazonaws.fms#SecurityGroupRemediationAction": { @@ -6180,7 +6237,7 @@ "ManagedServiceData": { "target": "com.amazonaws.fms#ManagedServiceData", "traits": { - "smithy.api#documentation": "

    Details about the service that are specific to the service type, in JSON format.

    \n " + "smithy.api#documentation": "

    Details about the service that are specific to the service type, in JSON format.

    \n " } }, "PolicyOption": { @@ -6195,46 +6252,62 @@ } }, "com.amazonaws.fms#SecurityServiceType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "WAF", - "name": "WAF" - }, - { - "value": "WAFV2", - "name": "WAFV2" - }, - { - "value": "SHIELD_ADVANCED", - "name": "SHIELD_ADVANCED" - }, - { - "value": "SECURITY_GROUPS_COMMON", - "name": "SECURITY_GROUPS_COMMON" - }, - { - "value": "SECURITY_GROUPS_CONTENT_AUDIT", - "name": "SECURITY_GROUPS_CONTENT_AUDIT" - }, - { - "value": "SECURITY_GROUPS_USAGE_AUDIT", - "name": "SECURITY_GROUPS_USAGE_AUDIT" - }, - { - "value": "NETWORK_FIREWALL", - "name": "NETWORK_FIREWALL" - }, - { - "value": "DNS_FIREWALL", - "name": "DNS_FIREWALL" - }, - { - "value": "THIRD_PARTY_FIREWALL", - "name": "THIRD_PARTY_FIREWALL" + "type": "enum", + "members": { + "WAF": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WAF" + } + }, + "WAFV2": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WAFV2" + } + }, + "SHIELD_ADVANCED": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SHIELD_ADVANCED" + } + }, + "SECURITY_GROUPS_COMMON": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SECURITY_GROUPS_COMMON" + } + }, + "SECURITY_GROUPS_CONTENT_AUDIT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SECURITY_GROUPS_CONTENT_AUDIT" + } + }, + "SECURITY_GROUPS_USAGE_AUDIT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SECURITY_GROUPS_USAGE_AUDIT" + } + }, + "NETWORK_FIREWALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NETWORK_FIREWALL" + } + }, + "DNS_FIREWALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DNS_FIREWALL" + } + }, + "THIRD_PARTY_FIREWALL": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "THIRD_PARTY_FIREWALL" } - ] + } } }, "com.amazonaws.fms#StatefulEngineOptions": { @@ -6271,6 +6344,12 @@ "traits": { "smithy.api#documentation": "

    An integer setting that indicates the order in which to run the stateful rule groups in a single\nNetwork Firewall firewall policy. This setting only applies to firewall policies that specify the STRICT_ORDER\nrule order in the stateful engine options settings.

    \n

    \n Network Firewall evalutes each stateful rule group against a packet starting with the group that has\nthe lowest priority setting. You must ensure that the priority settings are unique within each policy. For information about\n

    \n

    \n You can change the priority settings of your rule groups at any time. To make it easier to insert rule\ngroups later, number them so there's a wide range in between, for example use 100, 200, and so on.\n

    " } + }, + "Override": { + "target": "com.amazonaws.fms#NetworkFirewallStatefulRuleGroupOverride", + "traits": { + "smithy.api#documentation": "

    The action that allows the policy owner to override the behavior of the rule group within a policy.

    " + } } }, "traits": { @@ -6445,50 +6524,68 @@ } }, "com.amazonaws.fms#TargetType": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "GATEWAY", - "name": "Gateway" - }, - { - "value": "CARRIER_GATEWAY", - "name": "CarrierGateway" - }, - { - "value": "INSTANCE", - "name": "Instance" - }, - { - "value": "LOCAL_GATEWAY", - "name": "LocalGateway" - }, - { - "value": "NAT_GATEWAY", - "name": "NatGateway" - }, - { - "value": "NETWORK_INTERFACE", - "name": "NetworkInterface" - }, - { - "value": "VPC_ENDPOINT", - "name": "VPCEndpoint" - }, - { - "value": "VPC_PEERING_CONNECTION", - "name": "VPCPeeringConnection" - }, - { - "value": "EGRESS_ONLY_INTERNET_GATEWAY", - "name": "EgressOnlyInternetGateway" - }, - { - "value": "TRANSIT_GATEWAY", - "name": "TransitGateway" + "type": "enum", + "members": { + "Gateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "GATEWAY" + } + }, + "CarrierGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CARRIER_GATEWAY" + } + }, + "Instance": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INSTANCE" + } + }, + "LocalGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "LOCAL_GATEWAY" + } + }, + "NatGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NAT_GATEWAY" + } + }, + "NetworkInterface": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NETWORK_INTERFACE" + } + }, + "VPCEndpoint": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "VPC_ENDPOINT" + } + }, + "VPCPeeringConnection": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "VPC_PEERING_CONNECTION" + } + }, + "EgressOnlyInternetGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "EGRESS_ONLY_INTERNET_GATEWAY" + } + }, + "TransitGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRANSIT_GATEWAY" } - ] + } } }, "com.amazonaws.fms#TargetViolationReason": { @@ -6508,41 +6605,49 @@ } }, "com.amazonaws.fms#ThirdPartyFirewall": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "PALO_ALTO_NETWORKS_CLOUD_NGFW", - "name": "PALO_ALTO_NETWORKS_CLOUD_NGFW" + "type": "enum", + "members": { + "PALO_ALTO_NETWORKS_CLOUD_NGFW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "PALO_ALTO_NETWORKS_CLOUD_NGFW" } - ] + } } }, "com.amazonaws.fms#ThirdPartyFirewallAssociationStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "ONBOARDING", - "name": "ONBOARDING" - }, - { - "value": "ONBOARD_COMPLETE", - "name": "ONBOARD_COMPLETE" - }, - { - "value": "OFFBOARDING", - "name": "OFFBOARDING" - }, - { - "value": "OFFBOARD_COMPLETE", - "name": "OFFBOARD_COMPLETE" - }, - { - "value": "NOT_EXIST", - "name": "NOT_EXIST" + "type": "enum", + "members": { + "ONBOARDING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONBOARDING" + } + }, + "ONBOARD_COMPLETE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ONBOARD_COMPLETE" + } + }, + "OFFBOARDING": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OFFBOARDING" } - ] + }, + "OFFBOARD_COMPLETE": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OFFBOARD_COMPLETE" + } + }, + "NOT_EXIST": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_EXIST" + } + } } }, "com.amazonaws.fms#ThirdPartyFirewallFirewallPolicies": { @@ -6805,122 +6910,176 @@ } }, "com.amazonaws.fms#ViolationReason": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "WEB_ACL_MISSING_RULE_GROUP", - "name": "WebAclMissingRuleGroup" - }, - { - "value": "RESOURCE_MISSING_WEB_ACL", - "name": "ResourceMissingWebAcl" - }, - { - "value": "RESOURCE_INCORRECT_WEB_ACL", - "name": "ResourceIncorrectWebAcl" - }, - { - "value": "RESOURCE_MISSING_SHIELD_PROTECTION", - "name": "ResourceMissingShieldProtection" - }, - { - "value": "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", - "name": "ResourceMissingWebaclOrShieldProtection" - }, - { - "value": "RESOURCE_MISSING_SECURITY_GROUP", - "name": "ResourceMissingSecurityGroup" - }, - { - "value": "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", - "name": "ResourceViolatesAuditSecurityGroup" - }, - { - "value": "SECURITY_GROUP_UNUSED", - "name": "SecurityGroupUnused" - }, - { - "value": "SECURITY_GROUP_REDUNDANT", - "name": "SecurityGroupRedundant" - }, - { - "value": "FMS_CREATED_SECURITY_GROUP_EDITED", - "name": "FMSCreatedSecurityGroupEdited" - }, - { - "value": "MISSING_FIREWALL", - "name": "MissingFirewall" - }, - { - "value": "MISSING_FIREWALL_SUBNET_IN_AZ", - "name": "MissingFirewallSubnetInAZ" - }, - { - "value": "MISSING_EXPECTED_ROUTE_TABLE", - "name": "MissingExpectedRouteTable" - }, - { - "value": "NETWORK_FIREWALL_POLICY_MODIFIED", - "name": "NetworkFirewallPolicyModified" - }, - { - "value": "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", - "name": "FirewallSubnetIsOutOfScope" - }, - { - "value": "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", - "name": "InternetGatewayMissingExpectedRoute" - }, - { - "value": "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", - "name": "FirewallSubnetMissingExpectedRoute" - }, - { - "value": "UNEXPECTED_FIREWALL_ROUTES", - "name": "UnexpectedFirewallRoutes" - }, - { - "value": "UNEXPECTED_TARGET_GATEWAY_ROUTES", - "name": "UnexpectedTargetGatewayRoutes" - }, - { - "value": "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", - "name": "TrafficInspectionCrossesAZBoundary" - }, - { - "value": "INVALID_ROUTE_CONFIGURATION", - "name": "InvalidRouteConfiguration" - }, - { - "value": "MISSING_TARGET_GATEWAY", - "name": "MissingTargetGateway" - }, - { - "value": "INTERNET_TRAFFIC_NOT_INSPECTED", - "name": "InternetTrafficNotInspected" - }, - { - "value": "BLACK_HOLE_ROUTE_DETECTED", - "name": "BlackHoleRouteDetected" - }, - { - "value": "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", - "name": "BlackHoleRouteDetectedInFirewallSubnet" - }, - { - "value": "RESOURCE_MISSING_DNS_FIREWALL", - "name": "ResourceMissingDnsFirewall" - }, - { - "value": "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", - "name": "RouteHasOutOfScopeEndpoint" - }, - { - "value": "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT", - "name": "FirewallSubnetMissingVPCEndpoint" + "type": "enum", + "members": { + "WebAclMissingRuleGroup": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "WEB_ACL_MISSING_RULE_GROUP" + } + }, + "ResourceMissingWebAcl": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_MISSING_WEB_ACL" + } + }, + "ResourceIncorrectWebAcl": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_INCORRECT_WEB_ACL" + } + }, + "ResourceMissingShieldProtection": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_MISSING_SHIELD_PROTECTION" + } + }, + "ResourceMissingWebaclOrShieldProtection": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" + } + }, + "ResourceMissingSecurityGroup": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_MISSING_SECURITY_GROUP" + } + }, + "ResourceViolatesAuditSecurityGroup": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" } - ] + }, + "SecurityGroupUnused": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SECURITY_GROUP_UNUSED" + } + }, + "SecurityGroupRedundant": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SECURITY_GROUP_REDUNDANT" + } + }, + "FMSCreatedSecurityGroupEdited": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FMS_CREATED_SECURITY_GROUP_EDITED" + } + }, + "MissingFirewall": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MISSING_FIREWALL" + } + }, + "MissingFirewallSubnetInAZ": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MISSING_FIREWALL_SUBNET_IN_AZ" + } + }, + "MissingExpectedRouteTable": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MISSING_EXPECTED_ROUTE_TABLE" + } + }, + "NetworkFirewallPolicyModified": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NETWORK_FIREWALL_POLICY_MODIFIED" + } + }, + "FirewallSubnetIsOutOfScope": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FIREWALL_SUBNET_IS_OUT_OF_SCOPE" + } + }, + "InternetGatewayMissingExpectedRoute": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" + } + }, + "FirewallSubnetMissingExpectedRoute": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" + } + }, + "UnexpectedFirewallRoutes": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNEXPECTED_FIREWALL_ROUTES" + } + }, + "UnexpectedTargetGatewayRoutes": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UNEXPECTED_TARGET_GATEWAY_ROUTES" + } + }, + "TrafficInspectionCrossesAZBoundary": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" + } + }, + "InvalidRouteConfiguration": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INVALID_ROUTE_CONFIGURATION" + } + }, + "MissingTargetGateway": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "MISSING_TARGET_GATEWAY" + } + }, + "InternetTrafficNotInspected": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INTERNET_TRAFFIC_NOT_INSPECTED" + } + }, + "BlackHoleRouteDetected": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BLACK_HOLE_ROUTE_DETECTED" + } + }, + "BlackHoleRouteDetectedInFirewallSubnet": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" + } + }, + "ResourceMissingDnsFirewall": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RESOURCE_MISSING_DNS_FIREWALL" + } + }, + "RouteHasOutOfScopeEndpoint": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT" + } + }, + "FirewallSubnetMissingVPCEndpoint": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT" + } + } } }, "com.amazonaws.fms#ViolationTarget": { @@ -6934,4 +7093,4 @@ } } } -} \ No newline at end of file +}