Route 53 Resolver DNS Firewall Advanced Rules allows you to monitor and block suspicious DNS traffic based on anomalies detected in the queries, such as DNS tunneling and Domain Generation Algorithms (DGAs).

Author: aws-sdk-dotnet-automation

generator/ServiceModels/route53resolver/route53resolver-2018-04-01.api.json

@@ -241,6 +241,7 @@
         {"shape":"ResourceNotFoundException"},
         {"shape":"AccessDeniedException"},
         {"shape":"InternalServiceErrorException"},
+        {"shape":"ValidationException"},
         {"shape":"ThrottlingException"}
       ]
     },
@@ -1292,6 +1293,14 @@
       ]
     },
     "Boolean":{"type":"boolean"},
+    "ConfidenceThreshold":{
+      "type":"string",
+      "enum":[
+        "LOW",
+        "MEDIUM",
+        "HIGH"
+      ]
+    },
     "ConflictException":{
       "type":"structure",
       "members":{
@@ -1353,7 +1362,6 @@
       "required":[
         "CreatorRequestId",
         "FirewallRuleGroupId",
-        "FirewallDomainListId",
         "Priority",
         "Action",
         "Name"
@@ -1364,7 +1372,10 @@
           "idempotencyToken":true
         },
         "FirewallRuleGroupId":{"shape":"ResourceId"},
-        "FirewallDomainListId":{"shape":"ResourceId"},
+        "FirewallDomainListId":{
+          "shape":"ResourceId",
+          "box":true
+        },
         "Priority":{"shape":"Priority"},
         "Action":{"shape":"Action"},
         "BlockResponse":{
@@ -1391,6 +1402,14 @@
         "Qtype":{
           "shape":"Qtype",
           "box":true
+        },
+        "DnsThreatProtection":{
+          "shape":"DnsThreatProtection",
+          "box":true
+        },
+        "ConfidenceThreshold":{
+          "shape":"ConfidenceThreshold",
+          "box":true
         }
       }
     },
@@ -1567,13 +1586,17 @@
     },
     "DeleteFirewallRuleRequest":{
       "type":"structure",
-      "required":[
-        "FirewallRuleGroupId",
-        "FirewallDomainListId"
-      ],
+      "required":["FirewallRuleGroupId"],
       "members":{
         "FirewallRuleGroupId":{"shape":"ResourceId"},
-        "FirewallDomainListId":{"shape":"ResourceId"},
+        "FirewallDomainListId":{
+          "shape":"ResourceId",
+          "box":true
+        },
+        "FirewallThreatProtectionId":{
+          "shape":"ResourceId",
+          "box":true
+        },
         "Qtype":{"shape":"Qtype"}
       }
     },
@@ -1704,6 +1727,13 @@
         "ResolverRuleAssociation":{"shape":"ResolverRuleAssociation"}
       }
     },
+    "DnsThreatProtection":{
+      "type":"string",
+      "enum":[
+        "DGA",
+        "DNS_TUNNELING"
+      ]
+    },
     "DomainListFileUrl":{
       "type":"string",
       "max":1024,
@@ -1833,6 +1863,7 @@
       "members":{
         "FirewallRuleGroupId":{"shape":"ResourceId"},
         "FirewallDomainListId":{"shape":"ResourceId"},
+        "FirewallThreatProtectionId":{"shape":"ResourceId"},
         "Name":{"shape":"Name"},
         "Priority":{"shape":"Priority"},
         "Action":{"shape":"Action"},
@@ -1844,7 +1875,9 @@
         "CreationTime":{"shape":"Rfc3339TimeString"},
         "ModificationTime":{"shape":"Rfc3339TimeString"},
         "FirewallDomainRedirectionAction":{"shape":"FirewallDomainRedirectionAction"},
-        "Qtype":{"shape":"Qtype"}
+        "Qtype":{"shape":"Qtype"},
+        "DnsThreatProtection":{"shape":"DnsThreatProtection"},
+        "ConfidenceThreshold":{"shape":"ConfidenceThreshold"}
       }
     },
     "FirewallRuleGroup":{
@@ -3342,13 +3375,17 @@
     },
     "UpdateFirewallRuleRequest":{
       "type":"structure",
-      "required":[
-        "FirewallRuleGroupId",
-        "FirewallDomainListId"
-      ],
+      "required":["FirewallRuleGroupId"],
       "members":{
         "FirewallRuleGroupId":{"shape":"ResourceId"},
-        "FirewallDomainListId":{"shape":"ResourceId"},
+        "FirewallDomainListId":{
+          "shape":"ResourceId",
+          "box":true
+        },
+        "FirewallThreatProtectionId":{
+          "shape":"ResourceId",
+          "box":true
+        },
         "Priority":{
           "shape":"Priority",
           "box":true
@@ -3381,7 +3418,15 @@
           "shape":"FirewallDomainRedirectionAction",
           "box":true
         },
-        "Qtype":{"shape":"Qtype"}
+        "Qtype":{"shape":"Qtype"},
+        "DnsThreatProtection":{
+          "shape":"DnsThreatProtection",
+          "box":true
+        },
+        "ConfidenceThreshold":{
+          "shape":"ConfidenceThreshold",
+          "box":true
+        }
       }
     },
     "UpdateFirewallRuleResponse":{

generator/ServiceModels/route53resolver/route53resolver-2018-04-01.docs.json

@@ -198,6 +198,11 @@
     <min>1</min>
     <max>64</max>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.Route53Resolver.Model.DeleteFirewallRuleRequest.FirewallThreatProtectionId</property>
+    <min>1</min>
+    <max>64</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.Route53Resolver.Model.DeleteFirewallRuleRequest.Qtype</property>
     <min>1</min>
@@ -596,6 +601,11 @@
     <min>1</min>
     <max>64</max>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.Route53Resolver.Model.UpdateFirewallRuleRequest.FirewallThreatProtectionId</property>
+    <min>1</min>
+    <max>64</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.Route53Resolver.Model.UpdateFirewallRuleRequest.Name</property>
     <max>64</max>
@@ -765,6 +775,11 @@
     <min>1</min>
     <max>64</max>
   </property-value-rule>
+  <property-value-rule>
+    <property>Amazon.Route53Resolver.Model.FirewallRule.FirewallThreatProtectionId</property>
+    <min>1</min>
+    <max>64</max>
+  </property-value-rule>
   <property-value-rule>
     <property>Amazon.Route53Resolver.Model.FirewallRule.ModificationTime</property>
     <min>20</min>

generator/ServiceModels/route53resolver/route53resolver-2018-04-01.normal.json

@@ -41,7 +41,9 @@ public partial class CreateFirewallRuleRequest : AmazonRoute53ResolverRequest
         private string _blockOverrideDomain;
         private int? _blockOverrideTtl;
         private BlockResponse _blockResponse;
+        private ConfidenceThreshold _confidenceThreshold;
         private string _creatorRequestId;
+        private DnsThreatProtection _dnsThreatProtection;
         private string _firewallDomainListId;
         private FirewallDomainRedirectionAction _firewallDomainRedirectionAction;
         private string _firewallRuleGroupId;
@@ -53,11 +55,12 @@ public partial class CreateFirewallRuleRequest : AmazonRoute53ResolverRequest
         /// Gets and sets the property Action. 
         /// <para>
         /// The action that DNS Firewall should take on a DNS query when it matches one of the
-        /// domains in the rule's domain list:
+        /// domains in the rule's domain list, or a threat in a DNS Firewall Advanced rule:
         /// </para>
         ///  <ul> <li> 
         /// <para>
-        ///  <c>ALLOW</c> - Permit the request to go through.
+        ///  <c>ALLOW</c> - Permit the request to go through. Not available for DNS Firewall Advanced
+        /// rules.
         /// </para>
         ///  </li> <li> 
         /// <para>
@@ -194,6 +197,40 @@ internal bool IsSetBlockResponse()
             return this._blockResponse != null;
         }
 
+        /// <summary>
+        /// Gets and sets the property ConfidenceThreshold. 
+        /// <para>
+        ///  The confidence threshold for DNS Firewall Advanced. You must provide this value when
+        /// you create a DNS Firewall Advanced rule. The confidence level values mean: 
+        /// </para>
+        ///  <ul> <li> 
+        /// <para>
+        ///  <c>LOW</c>: Provides the highest detection rate for threats, but also increases false
+        /// positives.
+        /// </para>
+        ///  </li> <li> 
+        /// <para>
+        ///  <c>MEDIUM</c>: Provides a balance between detecting threats and false positives.
+        /// </para>
+        ///  </li> <li> 
+        /// <para>
+        ///  <c>HIGH</c>: Detects only the most well corroborated threats with a low rate of false
+        /// positives. 
+        /// </para>
+        ///  </li> </ul>
+        /// </summary>
+        public ConfidenceThreshold ConfidenceThreshold
+        {
+            get { return this._confidenceThreshold; }
+            set { this._confidenceThreshold = value; }
+        }
+
+        // Check to see if ConfidenceThreshold property is set
+        internal bool IsSetConfidenceThreshold()
+        {
+            return this._confidenceThreshold != null;
+        }
+
         /// <summary>
         /// Gets and sets the property CreatorRequestId. 
         /// <para>
@@ -215,13 +252,32 @@ internal bool IsSetCreatorRequestId()
             return this._creatorRequestId != null;
         }
 
+        /// <summary>
+        /// Gets and sets the property DnsThreatProtection. 
+        /// <para>
+        ///  Use to create a DNS Firewall Advanced rule. 
+        /// </para>
+        /// </summary>
+        public DnsThreatProtection DnsThreatProtection
+        {
+            get { return this._dnsThreatProtection; }
+            set { this._dnsThreatProtection = value; }
+        }
+
+        // Check to see if DnsThreatProtection property is set
+        internal bool IsSetDnsThreatProtection()
+        {
+            return this._dnsThreatProtection != null;
+        }
+
         /// <summary>
         /// Gets and sets the property FirewallDomainListId. 
         /// <para>
-        /// The ID of the domain list that you want to use in the rule. 
+        /// The ID of the domain list that you want to use in the rule. Can't be used together
+        /// with <c>DnsThreatProtecton</c>.
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Min=1, Max=64)]
+        [AWSProperty(Min=1, Max=64)]
         public string FirewallDomainListId
         {
             get { return this._firewallDomainListId; }
@@ -242,13 +298,13 @@ internal bool IsSetFirewallDomainListId()
         /// </para>
         ///  
         /// <para>
-        ///  <c>Inspect_Redirection_Domain </c>(Default) inspects all domains in the redirection
+        ///  <c>INSPECT_REDIRECTION_DOMAIN</c>: (Default) inspects all domains in the redirection
         /// chain. The individual domains in the redirection chain must be added to the domain
         /// list.
         /// </para>
         ///  
         /// <para>
-        ///  <c>Trust_Redirection_Domain </c> inspects only the first domain in the redirection
+        ///  <c>TRUST_REDIRECTION_DOMAIN</c>: Inspects only the first domain in the redirection
         /// chain. You don't need to add the subsequent domains in the domain in the redirection
         /// list to the domain list.
         /// </para>

sdk/code-analysis/ServiceAnalysis/Route53Resolver/Generated/PropertyValueRules.xml

@@ -37,6 +37,7 @@ public partial class DeleteFirewallRuleRequest : AmazonRoute53ResolverRequest
     {
         private string _firewallDomainListId;
         private string _firewallRuleGroupId;
+        private string _firewallThreatProtectionId;
         private string _qtype;
 
         /// <summary>
@@ -45,7 +46,7 @@ public partial class DeleteFirewallRuleRequest : AmazonRoute53ResolverRequest
         /// The ID of the domain list that's used in the rule. 
         /// </para>
         /// </summary>
-        [AWSProperty(Required=true, Min=1, Max=64)]
+        [AWSProperty(Min=1, Max=64)]
         public string FirewallDomainListId
         {
             get { return this._firewallDomainListId; }
@@ -78,6 +79,25 @@ internal bool IsSetFirewallRuleGroupId()
             return this._firewallRuleGroupId != null;
         }
 
+        /// <summary>
+        /// Gets and sets the property FirewallThreatProtectionId. 
+        /// <para>
+        ///  The ID that is created for a DNS Firewall Advanced rule. 
+        /// </para>
+        /// </summary>
+        [AWSProperty(Min=1, Max=64)]
+        public string FirewallThreatProtectionId
+        {
+            get { return this._firewallThreatProtectionId; }
+            set { this._firewallThreatProtectionId = value; }
+        }
+
+        // Check to see if FirewallThreatProtectionId property is set
+        internal bool IsSetFirewallThreatProtectionId()
+        {
+            return this._firewallThreatProtectionId != null;
+        }
+
         /// <summary>
         /// Gets and sets the property Qtype. 
         /// <para>