aws-sdk-fms 1.21.0 → 1.26.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/lib/aws-sdk-fms.rb +7 -4
- data/lib/aws-sdk-fms/client.rb +87 -24
- data/lib/aws-sdk-fms/errors.rb +28 -6
- data/lib/aws-sdk-fms/resource.rb +1 -0
- data/lib/aws-sdk-fms/types.rb +66 -21
- metadata +3 -3
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
|
-
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
2
|
+
SHA256:
|
|
3
|
+
metadata.gz: bf35baf58bba5a600b7eb3085b376fa9d1b8035a411e86645cc98530c319c79f
|
|
4
|
+
data.tar.gz: 81af060eb16b51e9407d50a287e87f1b5676de13f615dd9c7451ec4af1a714a9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d445d2029d0c2151546ac4972212ae92a894adbbdca5a1657f281b3b85eab54a2769e41f1fe9a5bb8898596a4847aa2c56eb557fcbc4cac885262e779047915a
|
|
7
|
+
data.tar.gz: 97ab8e954743e7d8e43ac6d07db6c6ecea726f443c6fdf15b832d710b76d37f236190ce886e6459a5b395ea1325054b6e69dac01a73b6c55e02ad16687aec681
|
data/lib/aws-sdk-fms.rb
CHANGED
|
@@ -24,17 +24,20 @@ require_relative 'aws-sdk-fms/customizations'
|
|
|
24
24
|
# methods each accept a hash of request parameters and return a response
|
|
25
25
|
# structure.
|
|
26
26
|
#
|
|
27
|
+
# fms = Aws::FMS::Client.new
|
|
28
|
+
# resp = fms.associate_admin_account(params)
|
|
29
|
+
#
|
|
27
30
|
# See {Client} for more information.
|
|
28
31
|
#
|
|
29
32
|
# # Errors
|
|
30
33
|
#
|
|
31
|
-
# Errors returned from Firewall Management Service
|
|
32
|
-
# extend {Errors::ServiceError}.
|
|
34
|
+
# Errors returned from Firewall Management Service are defined in the
|
|
35
|
+
# {Errors} module and all extend {Errors::ServiceError}.
|
|
33
36
|
#
|
|
34
37
|
# begin
|
|
35
38
|
# # do stuff
|
|
36
39
|
# rescue Aws::FMS::Errors::ServiceError
|
|
37
|
-
# # rescues all
|
|
40
|
+
# # rescues all Firewall Management Service API errors
|
|
38
41
|
# end
|
|
39
42
|
#
|
|
40
43
|
# See {Errors} for more information.
|
|
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-fms/customizations'
|
|
|
42
45
|
# @service
|
|
43
46
|
module Aws::FMS
|
|
44
47
|
|
|
45
|
-
GEM_VERSION = '1.
|
|
48
|
+
GEM_VERSION = '1.26.0'
|
|
46
49
|
|
|
47
50
|
end
|
data/lib/aws-sdk-fms/client.rb
CHANGED
|
@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
|
30
30
|
Aws::Plugins::GlobalConfiguration.add_identifier(:fms)
|
|
31
31
|
|
|
32
32
|
module Aws::FMS
|
|
33
|
+
# An API client for FMS. To construct a client, you need to configure a `:region` and `:credentials`.
|
|
34
|
+
#
|
|
35
|
+
# client = Aws::FMS::Client.new(
|
|
36
|
+
# region: region_name,
|
|
37
|
+
# credentials: credentials,
|
|
38
|
+
# # ...
|
|
39
|
+
# )
|
|
40
|
+
#
|
|
41
|
+
# For details on configuring region and credentials see
|
|
42
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
|
43
|
+
#
|
|
44
|
+
# See {#initialize} for a full list of supported configuration options.
|
|
33
45
|
class Client < Seahorse::Client::Base
|
|
34
46
|
|
|
35
47
|
include Aws::ClientStubs
|
|
@@ -93,7 +105,7 @@ module Aws::FMS
|
|
|
93
105
|
# @option options [required, String] :region
|
|
94
106
|
# The AWS region to connect to. The configured `:region` is
|
|
95
107
|
# used to determine the service `:endpoint`. When not passed,
|
|
96
|
-
# a default `:region` is
|
|
108
|
+
# a default `:region` is searched for in the following locations:
|
|
97
109
|
#
|
|
98
110
|
# * `Aws.config[:region]`
|
|
99
111
|
# * `ENV['AWS_REGION']`
|
|
@@ -108,6 +120,12 @@ module Aws::FMS
|
|
|
108
120
|
# When set to `true`, a thread polling for endpoints will be running in
|
|
109
121
|
# the background every 60 secs (default). Defaults to `false`.
|
|
110
122
|
#
|
|
123
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
|
124
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
|
125
|
+
# until there is sufficent client side capacity to retry the request.
|
|
126
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
|
127
|
+
# not retry instead of sleeping.
|
|
128
|
+
#
|
|
111
129
|
# @option options [Boolean] :client_side_monitoring (false)
|
|
112
130
|
# When `true`, client-side metrics will be collected for all API requests from
|
|
113
131
|
# this client.
|
|
@@ -132,6 +150,10 @@ module Aws::FMS
|
|
|
132
150
|
# When `true`, an attempt is made to coerce request parameters into
|
|
133
151
|
# the required types.
|
|
134
152
|
#
|
|
153
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
|
154
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
|
155
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
|
156
|
+
#
|
|
135
157
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
|
136
158
|
# Set to true to disable SDK automatically adding host prefix
|
|
137
159
|
# to default service endpoint when available.
|
|
@@ -139,7 +161,7 @@ module Aws::FMS
|
|
|
139
161
|
# @option options [String] :endpoint
|
|
140
162
|
# The client endpoint is normally constructed from the `:region`
|
|
141
163
|
# option. You should only configure an `:endpoint` when connecting
|
|
142
|
-
# to test endpoints. This should be
|
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
|
143
165
|
#
|
|
144
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
|
145
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
|
@@ -154,7 +176,7 @@ module Aws::FMS
|
|
|
154
176
|
# requests fetching endpoints information. Defaults to 60 sec.
|
|
155
177
|
#
|
|
156
178
|
# @option options [Boolean] :endpoint_discovery (false)
|
|
157
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
|
179
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
|
158
180
|
#
|
|
159
181
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
|
160
182
|
# The log formatter.
|
|
@@ -166,15 +188,29 @@ module Aws::FMS
|
|
|
166
188
|
# The Logger instance to send log messages to. If this option
|
|
167
189
|
# is not set, logging will be disabled.
|
|
168
190
|
#
|
|
191
|
+
# @option options [Integer] :max_attempts (3)
|
|
192
|
+
# An integer representing the maximum number attempts that will be made for
|
|
193
|
+
# a single request, including the initial attempt. For example,
|
|
194
|
+
# setting this value to 5 will result in a request being retried up to
|
|
195
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
|
196
|
+
#
|
|
169
197
|
# @option options [String] :profile ("default")
|
|
170
198
|
# Used when loading credentials from the shared credentials file
|
|
171
199
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
|
172
200
|
#
|
|
201
|
+
# @option options [Proc] :retry_backoff
|
|
202
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
|
203
|
+
# This option is only used in the `legacy` retry mode.
|
|
204
|
+
#
|
|
173
205
|
# @option options [Float] :retry_base_delay (0.3)
|
|
174
|
-
# The base delay in seconds used by the default backoff function.
|
|
206
|
+
# The base delay in seconds used by the default backoff function. This option
|
|
207
|
+
# is only used in the `legacy` retry mode.
|
|
175
208
|
#
|
|
176
209
|
# @option options [Symbol] :retry_jitter (:none)
|
|
177
|
-
# A delay randomiser function used by the default backoff function.
|
|
210
|
+
# A delay randomiser function used by the default backoff function.
|
|
211
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
|
212
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
|
213
|
+
# in the `legacy` retry mode.
|
|
178
214
|
#
|
|
179
215
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
|
180
216
|
#
|
|
@@ -182,11 +218,30 @@ module Aws::FMS
|
|
|
182
218
|
# The maximum number of times to retry failed requests. Only
|
|
183
219
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
|
184
220
|
# are retried. Generally, these are throttling errors, data
|
|
185
|
-
# checksum errors, networking errors, timeout errors
|
|
186
|
-
# errors from expired credentials.
|
|
221
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
|
222
|
+
# endpoint discovery, and errors from expired credentials.
|
|
223
|
+
# This option is only used in the `legacy` retry mode.
|
|
187
224
|
#
|
|
188
225
|
# @option options [Integer] :retry_max_delay (0)
|
|
189
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
|
226
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
|
227
|
+
# used by the default backoff function. This option is only used in the
|
|
228
|
+
# `legacy` retry mode.
|
|
229
|
+
#
|
|
230
|
+
# @option options [String] :retry_mode ("legacy")
|
|
231
|
+
# Specifies which retry algorithm to use. Values are:
|
|
232
|
+
#
|
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
|
234
|
+
# no retry mode is provided.
|
|
235
|
+
#
|
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
|
238
|
+
# unsuccessful retries a client can make.
|
|
239
|
+
#
|
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
|
243
|
+
# in the future.
|
|
244
|
+
#
|
|
190
245
|
#
|
|
191
246
|
# @option options [String] :secret_access_key
|
|
192
247
|
#
|
|
@@ -219,16 +274,15 @@ module Aws::FMS
|
|
|
219
274
|
# requests through. Formatted like 'http://proxy.com:123'.
|
|
220
275
|
#
|
|
221
276
|
# @option options [Float] :http_open_timeout (15) The number of
|
|
222
|
-
# seconds to wait when opening a HTTP session before
|
|
277
|
+
# seconds to wait when opening a HTTP session before raising a
|
|
223
278
|
# `Timeout::Error`.
|
|
224
279
|
#
|
|
225
280
|
# @option options [Integer] :http_read_timeout (60) The default
|
|
226
281
|
# number of seconds to wait for response data. This value can
|
|
227
|
-
# safely be set
|
|
228
|
-
# per-request on the session yeidled by {#session_for}.
|
|
282
|
+
# safely be set per-request on the session.
|
|
229
283
|
#
|
|
230
284
|
# @option options [Float] :http_idle_timeout (5) The number of
|
|
231
|
-
# seconds a connection is allowed to sit
|
|
285
|
+
# seconds a connection is allowed to sit idle before it is
|
|
232
286
|
# considered stale. Stale connections are closed and removed
|
|
233
287
|
# from the pool before making a request.
|
|
234
288
|
#
|
|
@@ -237,7 +291,7 @@ module Aws::FMS
|
|
|
237
291
|
# request body. This option has no effect unless the request has
|
|
238
292
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
|
239
293
|
# disables this behaviour. This value can safely be set per
|
|
240
|
-
# request on the session
|
|
294
|
+
# request on the session.
|
|
241
295
|
#
|
|
242
296
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
|
243
297
|
# HTTP debug output will be sent to the `:logger`.
|
|
@@ -504,7 +558,7 @@ module Aws::FMS
|
|
|
504
558
|
# resp.policy.policy_id #=> String
|
|
505
559
|
# resp.policy.policy_name #=> String
|
|
506
560
|
# resp.policy.policy_update_token #=> String
|
|
507
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
561
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
508
562
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
509
563
|
# resp.policy.resource_type #=> String
|
|
510
564
|
# resp.policy.resource_type_list #=> Array
|
|
@@ -590,7 +644,7 @@ module Aws::FMS
|
|
|
590
644
|
# @example Response structure
|
|
591
645
|
#
|
|
592
646
|
# resp.admin_account_id #=> String
|
|
593
|
-
# resp.service_type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
647
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
594
648
|
# resp.data #=> String
|
|
595
649
|
# resp.next_token #=> String
|
|
596
650
|
#
|
|
@@ -633,6 +687,8 @@ module Aws::FMS
|
|
|
633
687
|
# * {Types::ListComplianceStatusResponse#policy_compliance_status_list #policy_compliance_status_list} => Array<Types::PolicyComplianceStatus>
|
|
634
688
|
# * {Types::ListComplianceStatusResponse#next_token #next_token} => String
|
|
635
689
|
#
|
|
690
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
691
|
+
#
|
|
636
692
|
# @example Request syntax with placeholder values
|
|
637
693
|
#
|
|
638
694
|
# resp = client.list_compliance_status({
|
|
@@ -693,6 +749,8 @@ module Aws::FMS
|
|
|
693
749
|
# * {Types::ListMemberAccountsResponse#member_accounts #member_accounts} => Array<String>
|
|
694
750
|
# * {Types::ListMemberAccountsResponse#next_token #next_token} => String
|
|
695
751
|
#
|
|
752
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
753
|
+
#
|
|
696
754
|
# @example Request syntax with placeholder values
|
|
697
755
|
#
|
|
698
756
|
# resp = client.list_member_accounts({
|
|
@@ -738,6 +796,8 @@ module Aws::FMS
|
|
|
738
796
|
# * {Types::ListPoliciesResponse#policy_list #policy_list} => Array<Types::PolicySummary>
|
|
739
797
|
# * {Types::ListPoliciesResponse#next_token #next_token} => String
|
|
740
798
|
#
|
|
799
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
800
|
+
#
|
|
741
801
|
# @example Request syntax with placeholder values
|
|
742
802
|
#
|
|
743
803
|
# resp = client.list_policies({
|
|
@@ -752,7 +812,7 @@ module Aws::FMS
|
|
|
752
812
|
# resp.policy_list[0].policy_id #=> String
|
|
753
813
|
# resp.policy_list[0].policy_name #=> String
|
|
754
814
|
# resp.policy_list[0].resource_type #=> String
|
|
755
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
815
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
756
816
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
|
757
817
|
# resp.next_token #=> String
|
|
758
818
|
#
|
|
@@ -833,15 +893,18 @@ module Aws::FMS
|
|
|
833
893
|
# * A Shield Advanced policy, which applies Shield Advanced protection
|
|
834
894
|
# to specified accounts and resources
|
|
835
895
|
#
|
|
836
|
-
# * An AWS WAF policy, which
|
|
837
|
-
#
|
|
896
|
+
# * An AWS WAF policy (type WAFV2), which defines rule groups to run
|
|
897
|
+
# first in the corresponding AWS WAF web ACL and rule groups to run
|
|
898
|
+
# last in the web ACL.
|
|
899
|
+
#
|
|
900
|
+
# * An AWS WAF Classic policy (type WAF), which defines a rule group.
|
|
838
901
|
#
|
|
839
902
|
# * A security group policy, which manages VPC security groups across
|
|
840
903
|
# your AWS organization.
|
|
841
904
|
#
|
|
842
|
-
# Each policy is specific to one of the
|
|
843
|
-
#
|
|
844
|
-
#
|
|
905
|
+
# Each policy is specific to one of the types. If you want to enforce
|
|
906
|
+
# more than one policy type across accounts, create multiple policies.
|
|
907
|
+
# You can create multiple policies for each type.
|
|
845
908
|
#
|
|
846
909
|
# You must be subscribed to Shield Advanced to create a Shield Advanced
|
|
847
910
|
# policy. For more information about subscribing to Shield Advanced, see
|
|
@@ -870,7 +933,7 @@ module Aws::FMS
|
|
|
870
933
|
# policy_name: "ResourceName", # required
|
|
871
934
|
# policy_update_token: "PolicyUpdateToken",
|
|
872
935
|
# security_service_policy_data: { # required
|
|
873
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
936
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
874
937
|
# managed_service_data: "ManagedServiceData",
|
|
875
938
|
# },
|
|
876
939
|
# resource_type: "ResourceType", # required
|
|
@@ -903,7 +966,7 @@ module Aws::FMS
|
|
|
903
966
|
# resp.policy.policy_id #=> String
|
|
904
967
|
# resp.policy.policy_name #=> String
|
|
905
968
|
# resp.policy.policy_update_token #=> String
|
|
906
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
969
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
|
907
970
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
908
971
|
# resp.policy.resource_type #=> String
|
|
909
972
|
# resp.policy.resource_type_list #=> Array
|
|
@@ -1004,7 +1067,7 @@ module Aws::FMS
|
|
|
1004
1067
|
params: params,
|
|
1005
1068
|
config: config)
|
|
1006
1069
|
context[:gem_name] = 'aws-sdk-fms'
|
|
1007
|
-
context[:gem_version] = '1.
|
|
1070
|
+
context[:gem_version] = '1.26.0'
|
|
1008
1071
|
Seahorse::Client::Request.new(handlers, context)
|
|
1009
1072
|
end
|
|
1010
1073
|
|
data/lib/aws-sdk-fms/errors.rb
CHANGED
|
@@ -6,6 +6,34 @@
|
|
|
6
6
|
# WARNING ABOUT GENERATED CODE
|
|
7
7
|
|
|
8
8
|
module Aws::FMS
|
|
9
|
+
|
|
10
|
+
# When FMS returns an error response, the Ruby SDK constructs and raises an error.
|
|
11
|
+
# These errors all extend Aws::FMS::Errors::ServiceError < {Aws::Errors::ServiceError}
|
|
12
|
+
#
|
|
13
|
+
# You can rescue all FMS errors using ServiceError:
|
|
14
|
+
#
|
|
15
|
+
# begin
|
|
16
|
+
# # do stuff
|
|
17
|
+
# rescue Aws::FMS::Errors::ServiceError
|
|
18
|
+
# # rescues all FMS API errors
|
|
19
|
+
# end
|
|
20
|
+
#
|
|
21
|
+
#
|
|
22
|
+
# ## Request Context
|
|
23
|
+
# ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
|
|
24
|
+
# information about the request that generated the error.
|
|
25
|
+
# See {Seahorse::Client::RequestContext} for more information.
|
|
26
|
+
#
|
|
27
|
+
# ## Error Classes
|
|
28
|
+
# * {InternalErrorException}
|
|
29
|
+
# * {InvalidInputException}
|
|
30
|
+
# * {InvalidOperationException}
|
|
31
|
+
# * {InvalidTypeException}
|
|
32
|
+
# * {LimitExceededException}
|
|
33
|
+
# * {ResourceNotFoundException}
|
|
34
|
+
#
|
|
35
|
+
# Additionally, error classes are dynamically generated for service errors based on the error code
|
|
36
|
+
# if they are not defined above.
|
|
9
37
|
module Errors
|
|
10
38
|
|
|
11
39
|
extend Aws::Errors::DynamicErrors
|
|
@@ -23,7 +51,6 @@ module Aws::FMS
|
|
|
23
51
|
def message
|
|
24
52
|
@message || @data[:message]
|
|
25
53
|
end
|
|
26
|
-
|
|
27
54
|
end
|
|
28
55
|
|
|
29
56
|
class InvalidInputException < ServiceError
|
|
@@ -39,7 +66,6 @@ module Aws::FMS
|
|
|
39
66
|
def message
|
|
40
67
|
@message || @data[:message]
|
|
41
68
|
end
|
|
42
|
-
|
|
43
69
|
end
|
|
44
70
|
|
|
45
71
|
class InvalidOperationException < ServiceError
|
|
@@ -55,7 +81,6 @@ module Aws::FMS
|
|
|
55
81
|
def message
|
|
56
82
|
@message || @data[:message]
|
|
57
83
|
end
|
|
58
|
-
|
|
59
84
|
end
|
|
60
85
|
|
|
61
86
|
class InvalidTypeException < ServiceError
|
|
@@ -71,7 +96,6 @@ module Aws::FMS
|
|
|
71
96
|
def message
|
|
72
97
|
@message || @data[:message]
|
|
73
98
|
end
|
|
74
|
-
|
|
75
99
|
end
|
|
76
100
|
|
|
77
101
|
class LimitExceededException < ServiceError
|
|
@@ -87,7 +111,6 @@ module Aws::FMS
|
|
|
87
111
|
def message
|
|
88
112
|
@message || @data[:message]
|
|
89
113
|
end
|
|
90
|
-
|
|
91
114
|
end
|
|
92
115
|
|
|
93
116
|
class ResourceNotFoundException < ServiceError
|
|
@@ -103,7 +126,6 @@ module Aws::FMS
|
|
|
103
126
|
def message
|
|
104
127
|
@message || @data[:message]
|
|
105
128
|
end
|
|
106
|
-
|
|
107
129
|
end
|
|
108
130
|
|
|
109
131
|
end
|
data/lib/aws-sdk-fms/resource.rb
CHANGED
data/lib/aws-sdk-fms/types.rb
CHANGED
|
@@ -681,7 +681,7 @@ module Aws::FMS
|
|
|
681
681
|
# policy_name: "ResourceName", # required
|
|
682
682
|
# policy_update_token: "PolicyUpdateToken",
|
|
683
683
|
# security_service_policy_data: { # required
|
|
684
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
684
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
685
685
|
# managed_service_data: "ManagedServiceData",
|
|
686
686
|
# },
|
|
687
687
|
# resource_type: "ResourceType", # required
|
|
@@ -762,24 +762,63 @@ module Aws::FMS
|
|
|
762
762
|
# @return [Boolean]
|
|
763
763
|
#
|
|
764
764
|
# @!attribute [rw] include_map
|
|
765
|
-
# Specifies the AWS account IDs
|
|
766
|
-
#
|
|
767
|
-
#
|
|
768
|
-
#
|
|
769
|
-
#
|
|
770
|
-
#
|
|
771
|
-
#
|
|
765
|
+
# Specifies the AWS account IDs and AWS Organizations organizational
|
|
766
|
+
# units (OUs) to include in the policy. Specifying an OU is the
|
|
767
|
+
# equivalent of specifying all accounts in the OU and in any of its
|
|
768
|
+
# child OUs, including any child OUs and accounts that are added at a
|
|
769
|
+
# later time.
|
|
770
|
+
#
|
|
771
|
+
# You can specify inclusions or exclusions, but not both. If you
|
|
772
|
+
# specify an `IncludeMap`, AWS Firewall Manager applies the policy to
|
|
773
|
+
# all accounts specified by the `IncludeMap`, and does not evaluate
|
|
774
|
+
# any `ExcludeMap` specifications. If you do not specify an
|
|
775
|
+
# `IncludeMap`, then Firewall Manager applies the policy to all
|
|
776
|
+
# accounts except for those specified by the `ExcludeMap`.
|
|
777
|
+
#
|
|
778
|
+
# You can specify account IDs, OUs, or a combination:
|
|
779
|
+
#
|
|
780
|
+
# * Specify account IDs by setting the key to `ACCOUNT`. For example,
|
|
781
|
+
# the following is a valid map: `\{“ACCOUNT” : [“accountID1”,
|
|
782
|
+
# “accountID2”]\}`.
|
|
783
|
+
#
|
|
784
|
+
# * Specify OUs by setting the key to `ORG_UNIT`. For example, the
|
|
785
|
+
# following is a valid map: `\{“ORG_UNIT” : [“ouid111”,
|
|
786
|
+
# “ouid112”]\}`.
|
|
787
|
+
#
|
|
788
|
+
# * Specify accounts and OUs together in a single map, separated with
|
|
789
|
+
# a comma. For example, the following is a valid map: `\{“ACCOUNT” :
|
|
790
|
+
# [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
|
|
791
|
+
# “ouid112”]\}`.
|
|
772
792
|
# @return [Hash<String,Array<String>>]
|
|
773
793
|
#
|
|
774
794
|
# @!attribute [rw] exclude_map
|
|
775
|
-
# Specifies the AWS account IDs
|
|
776
|
-
#
|
|
777
|
-
#
|
|
778
|
-
#
|
|
779
|
-
#
|
|
780
|
-
#
|
|
781
|
-
#
|
|
782
|
-
#
|
|
795
|
+
# Specifies the AWS account IDs and AWS Organizations organizational
|
|
796
|
+
# units (OUs) to exclude from the policy. Specifying an OU is the
|
|
797
|
+
# equivalent of specifying all accounts in the OU and in any of its
|
|
798
|
+
# child OUs, including any child OUs and accounts that are added at a
|
|
799
|
+
# later time.
|
|
800
|
+
#
|
|
801
|
+
# You can specify inclusions or exclusions, but not both. If you
|
|
802
|
+
# specify an `IncludeMap`, AWS Firewall Manager applies the policy to
|
|
803
|
+
# all accounts specified by the `IncludeMap`, and does not evaluate
|
|
804
|
+
# any `ExcludeMap` specifications. If you do not specify an
|
|
805
|
+
# `IncludeMap`, then Firewall Manager applies the policy to all
|
|
806
|
+
# accounts except for those specified by the `ExcludeMap`.
|
|
807
|
+
#
|
|
808
|
+
# You can specify account IDs, OUs, or a combination:
|
|
809
|
+
#
|
|
810
|
+
# * Specify account IDs by setting the key to `ACCOUNT`. For example,
|
|
811
|
+
# the following is a valid map: `\{“ACCOUNT” : [“accountID1”,
|
|
812
|
+
# “accountID2”]\}`.
|
|
813
|
+
#
|
|
814
|
+
# * Specify OUs by setting the key to `ORG_UNIT`. For example, the
|
|
815
|
+
# following is a valid map: `\{“ORG_UNIT” : [“ouid111”,
|
|
816
|
+
# “ouid112”]\}`.
|
|
817
|
+
#
|
|
818
|
+
# * Specify accounts and OUs together in a single map, separated with
|
|
819
|
+
# a comma. For example, the following is a valid map: `\{“ACCOUNT” :
|
|
820
|
+
# [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
|
|
821
|
+
# “ouid112”]\}`.
|
|
783
822
|
# @return [Hash<String,Array<String>>]
|
|
784
823
|
#
|
|
785
824
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Policy AWS API Documentation
|
|
@@ -992,7 +1031,7 @@ module Aws::FMS
|
|
|
992
1031
|
# policy_name: "ResourceName", # required
|
|
993
1032
|
# policy_update_token: "PolicyUpdateToken",
|
|
994
1033
|
# security_service_policy_data: { # required
|
|
995
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
1034
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
996
1035
|
# managed_service_data: "ManagedServiceData",
|
|
997
1036
|
# },
|
|
998
1037
|
# resource_type: "ResourceType", # required
|
|
@@ -1109,7 +1148,7 @@ module Aws::FMS
|
|
|
1109
1148
|
# data as a hash:
|
|
1110
1149
|
#
|
|
1111
1150
|
# {
|
|
1112
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
1151
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
|
1113
1152
|
# managed_service_data: "ManagedServiceData",
|
|
1114
1153
|
# }
|
|
1115
1154
|
#
|
|
@@ -1128,16 +1167,22 @@ module Aws::FMS
|
|
|
1128
1167
|
# JSON format. For service type `SHIELD_ADVANCED`, this is an empty
|
|
1129
1168
|
# string.
|
|
1130
1169
|
#
|
|
1131
|
-
# * Example: `
|
|
1170
|
+
# * Example: `WAFV2`
|
|
1171
|
+
#
|
|
1172
|
+
# `"ManagedServiceData":
|
|
1173
|
+
# "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"excludedRules":[\{"name":"EntityName"\}],"ruleGroupType":"RuleGroup"\}],"postProcessRuleGroups":[\{"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendor":"AWS"\},"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"NONE"\},"excludedRules":[],"ruleGroupType":"ManagedRuleGroup"\}],"overrideCustomerWebACLAssociation":false\}"`
|
|
1174
|
+
#
|
|
1175
|
+
# * Example: `WAF Classic`
|
|
1132
1176
|
#
|
|
1133
|
-
# `ManagedServiceData": "\{"type": "WAF", "ruleGroups":
|
|
1177
|
+
# `"ManagedServiceData": "\{"type": "WAF", "ruleGroups":
|
|
1134
1178
|
# [\{"id": "12345678-1bcd-9012-efga-0987654321ab",
|
|
1135
1179
|
# "overrideAction" : \{"type": "COUNT"\}\}],
|
|
1136
1180
|
# "defaultAction": \{"type": "BLOCK"\}\}`
|
|
1137
1181
|
#
|
|
1138
1182
|
# * Example: `SECURITY_GROUPS_COMMON`
|
|
1139
1183
|
#
|
|
1140
|
-
# `"SecurityServicePolicyData":\{"Type":"SECURITY_GROUPS_COMMON","ManagedServiceData":"\{"type":"SECURITY_GROUPS_COMMON","revertManualSecurityGroupChanges":false,"exclusiveResourceSecurityGroupManagement":false,
|
|
1184
|
+
# `"SecurityServicePolicyData":\{"Type":"SECURITY_GROUPS_COMMON","ManagedServiceData":"\{"type":"SECURITY_GROUPS_COMMON","revertManualSecurityGroupChanges":false,"exclusiveResourceSecurityGroupManagement":false,
|
|
1185
|
+
# "applyToAllEC2InstanceENIs":false,"securityGroups":[\{"id":"
|
|
1141
1186
|
# sg-000e55995d61a06bd"\}]\}"\},"RemediationEnabled":false,"ResourceType":"AWS::EC2::NetworkInterface"\}`
|
|
1142
1187
|
#
|
|
1143
1188
|
# * Example: `SECURITY_GROUPS_CONTENT_AUDIT`
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-sdk-fms
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.26.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Amazon Web Services
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2020-
|
|
11
|
+
date: 2020-05-28 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
@@ -81,7 +81,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
81
81
|
version: '0'
|
|
82
82
|
requirements: []
|
|
83
83
|
rubyforge_project:
|
|
84
|
-
rubygems_version: 2.
|
|
84
|
+
rubygems_version: 2.7.6.2
|
|
85
85
|
signing_key:
|
|
86
86
|
specification_version: 4
|
|
87
87
|
summary: AWS SDK for Ruby - FMS
|