AWS cli documentation change
Summary
Added REJECTLIST/ALERTLIST options and alert behavior documentation for firewall rules
Security assessment
Documents new security control options (REJECTLIST/ALERTLIST) and alert-based monitoring behavior in rule descriptions. Enhances security documentation without indicating a vulnerability fix.
Diff
diff --git a/cli/latest/reference/network-firewall/describe-rule-group.md b/cli/latest/reference/network-firewall/describe-rule-group.md index f4c0e5631..b9a93fafc 100644 --- a//cli/latest/reference/network-firewall/describe-rule-group.md +++ b//cli/latest/reference/network-firewall/describe-rule-group.md @@ -15 +15 @@ - * [AWS CLI 2.31.1 Command Reference](../../index.html) » + * [AWS CLI 2.31.3 Command Reference](../../index.html) » @@ -416 +416,5 @@ RuleGroup -> (structure) ->>>> Whether you want to allow or deny access to the domains in your target list. +>>>> Whether you want to apply allow, reject, alert, or drop behavior to the domains in your target list. +>>>> +>>>> ### Note +>>>> +>>>> When logging is enabled and you choose Alert, traffic that matches the domain specifications generates an alert in the firewall’s logs. Then, traffic either passes, is rejected, or drops based on other rules in the firewall policy. @@ -421,0 +426,2 @@ RuleGroup -> (structure) +>>>> * `REJECTLIST` +>>>> * `ALERTLIST` @@ -1215 +1221 @@ RuleGroupResponse -> (structure) - * [AWS CLI 2.31.1 Command Reference](../../index.html) » + * [AWS CLI 2.31.3 Command Reference](../../index.html) »