AWS cli documentation change
Summary
Added REJECTLIST/ALERTLIST options and alert behavior documentation for firewall rules
Security assessment
Expands documentation for firewall rule updates with new security control options and monitoring capabilities. Enhances security documentation without addressing a specific vulnerability.
Diff
diff --git a/cli/latest/reference/network-firewall/update-rule-group.md b/cli/latest/reference/network-firewall/update-rule-group.md index 390de5fda..a1200e57b 100644 --- a//cli/latest/reference/network-firewall/update-rule-group.md +++ b//cli/latest/reference/network-firewall/update-rule-group.md @@ -15 +15 @@ - * [AWS CLI 2.31.1 Command Reference](../../index.html) » + * [AWS CLI 2.31.3 Command Reference](../../index.html) » @@ -308 +308,5 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/networ ->>>> Whether you want to allow or deny access to the domains in your target list. +>>>> Whether you want to apply allow, reject, alert, or drop behavior to the domains in your target list. +>>>> +>>>> ### Note +>>>> +>>>> When logging is enabled and you choose Alert, traffic that matches the domain specifications generates an alert in the firewall’s logs. Then, traffic either passes, is rejected, or drops based on other rules in the firewall policy. @@ -313,0 +318,2 @@ See also: [AWS API Documentation](https://docs.aws.amazon.com/goto/WebAPI/networ +>>>> * `REJECTLIST` +>>>> * `ALERTLIST` @@ -859 +865 @@ JSON Syntax: - "GeneratedRulesType": "ALLOWLIST"|"DENYLIST" + "GeneratedRulesType": "ALLOWLIST"|"DENYLIST"|"REJECTLIST"|"ALERTLIST" @@ -1512 +1518 @@ RuleGroupResponse -> (structure) - * [AWS CLI 2.31.1 Command Reference](../../index.html) » + * [AWS CLI 2.31.3 Command Reference](../../index.html) »