Skip to content

Commit 033426b

Browse files
author
awstools
committed
feat(client-route53resolver): Route 53 Resolver DNS Firewall Advanced Rules allows you to monitor and block suspicious DNS traffic based on anomalies detected in the queries, such as DNS tunneling and Domain Generation Algorithms (DGAs).
1 parent 11a264e commit 033426b

File tree

7 files changed

+328
-78
lines changed

7 files changed

+328
-78
lines changed

clients/client-route53resolver/src/commands/CreateFirewallRuleCommand.ts

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
3838
* const input = { // CreateFirewallRuleRequest
3939
* CreatorRequestId: "STRING_VALUE", // required
4040
* FirewallRuleGroupId: "STRING_VALUE", // required
41-
* FirewallDomainListId: "STRING_VALUE", // required
41+
* FirewallDomainListId: "STRING_VALUE",
4242
* Priority: Number("int"), // required
4343
* Action: "ALLOW" || "BLOCK" || "ALERT", // required
4444
* BlockResponse: "NODATA" || "NXDOMAIN" || "OVERRIDE",
@@ -48,13 +48,16 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
4848
* Name: "STRING_VALUE", // required
4949
* FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
5050
* Qtype: "STRING_VALUE",
51+
* DnsThreatProtection: "DGA" || "DNS_TUNNELING",
52+
* ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
5153
* };
5254
* const command = new CreateFirewallRuleCommand(input);
5355
* const response = await client.send(command);
5456
* // { // CreateFirewallRuleResponse
5557
* // FirewallRule: { // FirewallRule
5658
* // FirewallRuleGroupId: "STRING_VALUE",
5759
* // FirewallDomainListId: "STRING_VALUE",
60+
* // FirewallThreatProtectionId: "STRING_VALUE",
5861
* // Name: "STRING_VALUE",
5962
* // Priority: Number("int"),
6063
* // Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -67,6 +70,8 @@ export interface CreateFirewallRuleCommandOutput extends CreateFirewallRuleRespo
6770
* // ModificationTime: "STRING_VALUE",
6871
* // FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
6972
* // Qtype: "STRING_VALUE",
73+
* // DnsThreatProtection: "DGA" || "DNS_TUNNELING",
74+
* // ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
7075
* // },
7176
* // };
7277
*

clients/client-route53resolver/src/commands/DeleteFirewallRuleCommand.ts

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,8 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
3737
* const client = new Route53ResolverClient(config);
3838
* const input = { // DeleteFirewallRuleRequest
3939
* FirewallRuleGroupId: "STRING_VALUE", // required
40-
* FirewallDomainListId: "STRING_VALUE", // required
40+
* FirewallDomainListId: "STRING_VALUE",
41+
* FirewallThreatProtectionId: "STRING_VALUE",
4142
* Qtype: "STRING_VALUE",
4243
* };
4344
* const command = new DeleteFirewallRuleCommand(input);
@@ -46,6 +47,7 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
4647
* // FirewallRule: { // FirewallRule
4748
* // FirewallRuleGroupId: "STRING_VALUE",
4849
* // FirewallDomainListId: "STRING_VALUE",
50+
* // FirewallThreatProtectionId: "STRING_VALUE",
4951
* // Name: "STRING_VALUE",
5052
* // Priority: Number("int"),
5153
* // Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -58,6 +60,8 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
5860
* // ModificationTime: "STRING_VALUE",
5961
* // FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
6062
* // Qtype: "STRING_VALUE",
63+
* // DnsThreatProtection: "DGA" || "DNS_TUNNELING",
64+
* // ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
6165
* // },
6266
* // };
6367
*
@@ -83,6 +87,10 @@ export interface DeleteFirewallRuleCommandOutput extends DeleteFirewallRuleRespo
8387
* @throws {@link ThrottlingException} (client fault)
8488
* <p>The request was throttled. Try again in a few minutes.</p>
8589
*
90+
* @throws {@link ValidationException} (client fault)
91+
* <p>You have provided an invalid command. If you ran the <code>UpdateFirewallDomains</code> request. supported values are <code>ADD</code>,
92+
* <code>REMOVE</code>, or <code>REPLACE</code> a domain.</p>
93+
*
8694
* @throws {@link Route53ResolverServiceException}
8795
* <p>Base exception class for all service exceptions from Route53Resolver service.</p>
8896
*

clients/client-route53resolver/src/commands/ListFirewallRulesCommand.ts

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,7 @@ export interface ListFirewallRulesCommandOutput extends ListFirewallRulesRespons
5151
* // { // FirewallRule
5252
* // FirewallRuleGroupId: "STRING_VALUE",
5353
* // FirewallDomainListId: "STRING_VALUE",
54+
* // FirewallThreatProtectionId: "STRING_VALUE",
5455
* // Name: "STRING_VALUE",
5556
* // Priority: Number("int"),
5657
* // Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -63,6 +64,8 @@ export interface ListFirewallRulesCommandOutput extends ListFirewallRulesRespons
6364
* // ModificationTime: "STRING_VALUE",
6465
* // FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
6566
* // Qtype: "STRING_VALUE",
67+
* // DnsThreatProtection: "DGA" || "DNS_TUNNELING",
68+
* // ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
6669
* // },
6770
* // ],
6871
* // };

clients/client-route53resolver/src/commands/UpdateFirewallRuleCommand.ts

Lines changed: 7 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,8 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
3737
* const client = new Route53ResolverClient(config);
3838
* const input = { // UpdateFirewallRuleRequest
3939
* FirewallRuleGroupId: "STRING_VALUE", // required
40-
* FirewallDomainListId: "STRING_VALUE", // required
40+
* FirewallDomainListId: "STRING_VALUE",
41+
* FirewallThreatProtectionId: "STRING_VALUE",
4142
* Priority: Number("int"),
4243
* Action: "ALLOW" || "BLOCK" || "ALERT",
4344
* BlockResponse: "NODATA" || "NXDOMAIN" || "OVERRIDE",
@@ -47,13 +48,16 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
4748
* Name: "STRING_VALUE",
4849
* FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
4950
* Qtype: "STRING_VALUE",
51+
* DnsThreatProtection: "DGA" || "DNS_TUNNELING",
52+
* ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
5053
* };
5154
* const command = new UpdateFirewallRuleCommand(input);
5255
* const response = await client.send(command);
5356
* // { // UpdateFirewallRuleResponse
5457
* // FirewallRule: { // FirewallRule
5558
* // FirewallRuleGroupId: "STRING_VALUE",
5659
* // FirewallDomainListId: "STRING_VALUE",
60+
* // FirewallThreatProtectionId: "STRING_VALUE",
5761
* // Name: "STRING_VALUE",
5862
* // Priority: Number("int"),
5963
* // Action: "ALLOW" || "BLOCK" || "ALERT",
@@ -66,6 +70,8 @@ export interface UpdateFirewallRuleCommandOutput extends UpdateFirewallRuleRespo
6670
* // ModificationTime: "STRING_VALUE",
6771
* // FirewallDomainRedirectionAction: "INSPECT_REDIRECTION_DOMAIN" || "TRUST_REDIRECTION_DOMAIN",
6872
* // Qtype: "STRING_VALUE",
73+
* // DnsThreatProtection: "DGA" || "DNS_TUNNELING",
74+
* // ConfidenceThreshold: "LOW" || "MEDIUM" || "HIGH",
6975
* // },
7076
* // };
7177
*

0 commit comments

Comments
 (0)