aws-sdk-fms 1.21.0 → 1.26.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +5 -5
- data/lib/aws-sdk-fms.rb +7 -4
- data/lib/aws-sdk-fms/client.rb +87 -24
- data/lib/aws-sdk-fms/errors.rb +28 -6
- data/lib/aws-sdk-fms/resource.rb +1 -0
- data/lib/aws-sdk-fms/types.rb +66 -21
- metadata +3 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: bf35baf58bba5a600b7eb3085b376fa9d1b8035a411e86645cc98530c319c79f
|
4
|
+
data.tar.gz: 81af060eb16b51e9407d50a287e87f1b5676de13f615dd9c7451ec4af1a714a9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: d445d2029d0c2151546ac4972212ae92a894adbbdca5a1657f281b3b85eab54a2769e41f1fe9a5bb8898596a4847aa2c56eb557fcbc4cac885262e779047915a
|
7
|
+
data.tar.gz: 97ab8e954743e7d8e43ac6d07db6c6ecea726f443c6fdf15b832d710b76d37f236190ce886e6459a5b395ea1325054b6e69dac01a73b6c55e02ad16687aec681
|
data/lib/aws-sdk-fms.rb
CHANGED
@@ -24,17 +24,20 @@ require_relative 'aws-sdk-fms/customizations'
|
|
24
24
|
# methods each accept a hash of request parameters and return a response
|
25
25
|
# structure.
|
26
26
|
#
|
27
|
+
# fms = Aws::FMS::Client.new
|
28
|
+
# resp = fms.associate_admin_account(params)
|
29
|
+
#
|
27
30
|
# See {Client} for more information.
|
28
31
|
#
|
29
32
|
# # Errors
|
30
33
|
#
|
31
|
-
# Errors returned from Firewall Management Service
|
32
|
-
# extend {Errors::ServiceError}.
|
34
|
+
# Errors returned from Firewall Management Service are defined in the
|
35
|
+
# {Errors} module and all extend {Errors::ServiceError}.
|
33
36
|
#
|
34
37
|
# begin
|
35
38
|
# # do stuff
|
36
39
|
# rescue Aws::FMS::Errors::ServiceError
|
37
|
-
# # rescues all
|
40
|
+
# # rescues all Firewall Management Service API errors
|
38
41
|
# end
|
39
42
|
#
|
40
43
|
# See {Errors} for more information.
|
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-fms/customizations'
|
|
42
45
|
# @service
|
43
46
|
module Aws::FMS
|
44
47
|
|
45
|
-
GEM_VERSION = '1.
|
48
|
+
GEM_VERSION = '1.26.0'
|
46
49
|
|
47
50
|
end
|
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
30
30
|
Aws::Plugins::GlobalConfiguration.add_identifier(:fms)
|
31
31
|
|
32
32
|
module Aws::FMS
|
33
|
+
# An API client for FMS. To construct a client, you need to configure a `:region` and `:credentials`.
|
34
|
+
#
|
35
|
+
# client = Aws::FMS::Client.new(
|
36
|
+
# region: region_name,
|
37
|
+
# credentials: credentials,
|
38
|
+
# # ...
|
39
|
+
# )
|
40
|
+
#
|
41
|
+
# For details on configuring region and credentials see
|
42
|
+
# the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
|
43
|
+
#
|
44
|
+
# See {#initialize} for a full list of supported configuration options.
|
33
45
|
class Client < Seahorse::Client::Base
|
34
46
|
|
35
47
|
include Aws::ClientStubs
|
@@ -93,7 +105,7 @@ module Aws::FMS
|
|
93
105
|
# @option options [required, String] :region
|
94
106
|
# The AWS region to connect to. The configured `:region` is
|
95
107
|
# used to determine the service `:endpoint`. When not passed,
|
96
|
-
# a default `:region` is
|
108
|
+
# a default `:region` is searched for in the following locations:
|
97
109
|
#
|
98
110
|
# * `Aws.config[:region]`
|
99
111
|
# * `ENV['AWS_REGION']`
|
@@ -108,6 +120,12 @@ module Aws::FMS
|
|
108
120
|
# When set to `true`, a thread polling for endpoints will be running in
|
109
121
|
# the background every 60 secs (default). Defaults to `false`.
|
110
122
|
#
|
123
|
+
# @option options [Boolean] :adaptive_retry_wait_to_fill (true)
|
124
|
+
# Used only in `adaptive` retry mode. When true, the request will sleep
|
125
|
+
# until there is sufficent client side capacity to retry the request.
|
126
|
+
# When false, the request will raise a `RetryCapacityNotAvailableError` and will
|
127
|
+
# not retry instead of sleeping.
|
128
|
+
#
|
111
129
|
# @option options [Boolean] :client_side_monitoring (false)
|
112
130
|
# When `true`, client-side metrics will be collected for all API requests from
|
113
131
|
# this client.
|
@@ -132,6 +150,10 @@ module Aws::FMS
|
|
132
150
|
# When `true`, an attempt is made to coerce request parameters into
|
133
151
|
# the required types.
|
134
152
|
#
|
153
|
+
# @option options [Boolean] :correct_clock_skew (true)
|
154
|
+
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
155
|
+
# a clock skew correction and retry requests with skewed client clocks.
|
156
|
+
#
|
135
157
|
# @option options [Boolean] :disable_host_prefix_injection (false)
|
136
158
|
# Set to true to disable SDK automatically adding host prefix
|
137
159
|
# to default service endpoint when available.
|
@@ -139,7 +161,7 @@ module Aws::FMS
|
|
139
161
|
# @option options [String] :endpoint
|
140
162
|
# The client endpoint is normally constructed from the `:region`
|
141
163
|
# option. You should only configure an `:endpoint` when connecting
|
142
|
-
# to test endpoints. This should be
|
164
|
+
# to test endpoints. This should be a valid HTTP(S) URI.
|
143
165
|
#
|
144
166
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
145
167
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -154,7 +176,7 @@ module Aws::FMS
|
|
154
176
|
# requests fetching endpoints information. Defaults to 60 sec.
|
155
177
|
#
|
156
178
|
# @option options [Boolean] :endpoint_discovery (false)
|
157
|
-
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
179
|
+
# When set to `true`, endpoint discovery will be enabled for operations when available.
|
158
180
|
#
|
159
181
|
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
160
182
|
# The log formatter.
|
@@ -166,15 +188,29 @@ module Aws::FMS
|
|
166
188
|
# The Logger instance to send log messages to. If this option
|
167
189
|
# is not set, logging will be disabled.
|
168
190
|
#
|
191
|
+
# @option options [Integer] :max_attempts (3)
|
192
|
+
# An integer representing the maximum number attempts that will be made for
|
193
|
+
# a single request, including the initial attempt. For example,
|
194
|
+
# setting this value to 5 will result in a request being retried up to
|
195
|
+
# 4 times. Used in `standard` and `adaptive` retry modes.
|
196
|
+
#
|
169
197
|
# @option options [String] :profile ("default")
|
170
198
|
# Used when loading credentials from the shared credentials file
|
171
199
|
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
172
200
|
#
|
201
|
+
# @option options [Proc] :retry_backoff
|
202
|
+
# A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
|
203
|
+
# This option is only used in the `legacy` retry mode.
|
204
|
+
#
|
173
205
|
# @option options [Float] :retry_base_delay (0.3)
|
174
|
-
# The base delay in seconds used by the default backoff function.
|
206
|
+
# The base delay in seconds used by the default backoff function. This option
|
207
|
+
# is only used in the `legacy` retry mode.
|
175
208
|
#
|
176
209
|
# @option options [Symbol] :retry_jitter (:none)
|
177
|
-
# A delay randomiser function used by the default backoff function.
|
210
|
+
# A delay randomiser function used by the default backoff function.
|
211
|
+
# Some predefined functions can be referenced by name - :none, :equal, :full,
|
212
|
+
# otherwise a Proc that takes and returns a number. This option is only used
|
213
|
+
# in the `legacy` retry mode.
|
178
214
|
#
|
179
215
|
# @see https://www.awsarchitectureblog.com/2015/03/backoff.html
|
180
216
|
#
|
@@ -182,11 +218,30 @@ module Aws::FMS
|
|
182
218
|
# The maximum number of times to retry failed requests. Only
|
183
219
|
# ~ 500 level server errors and certain ~ 400 level client errors
|
184
220
|
# are retried. Generally, these are throttling errors, data
|
185
|
-
# checksum errors, networking errors, timeout errors
|
186
|
-
# errors from expired credentials.
|
221
|
+
# checksum errors, networking errors, timeout errors, auth errors,
|
222
|
+
# endpoint discovery, and errors from expired credentials.
|
223
|
+
# This option is only used in the `legacy` retry mode.
|
187
224
|
#
|
188
225
|
# @option options [Integer] :retry_max_delay (0)
|
189
|
-
# The maximum number of seconds to delay between retries (0 for no limit)
|
226
|
+
# The maximum number of seconds to delay between retries (0 for no limit)
|
227
|
+
# used by the default backoff function. This option is only used in the
|
228
|
+
# `legacy` retry mode.
|
229
|
+
#
|
230
|
+
# @option options [String] :retry_mode ("legacy")
|
231
|
+
# Specifies which retry algorithm to use. Values are:
|
232
|
+
#
|
233
|
+
# * `legacy` - The pre-existing retry behavior. This is default value if
|
234
|
+
# no retry mode is provided.
|
235
|
+
#
|
236
|
+
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
237
|
+
# This includes support for retry quotas, which limit the number of
|
238
|
+
# unsuccessful retries a client can make.
|
239
|
+
#
|
240
|
+
# * `adaptive` - An experimental retry mode that includes all the
|
241
|
+
# functionality of `standard` mode along with automatic client side
|
242
|
+
# throttling. This is a provisional mode that may change behavior
|
243
|
+
# in the future.
|
244
|
+
#
|
190
245
|
#
|
191
246
|
# @option options [String] :secret_access_key
|
192
247
|
#
|
@@ -219,16 +274,15 @@ module Aws::FMS
|
|
219
274
|
# requests through. Formatted like 'http://proxy.com:123'.
|
220
275
|
#
|
221
276
|
# @option options [Float] :http_open_timeout (15) The number of
|
222
|
-
# seconds to wait when opening a HTTP session before
|
277
|
+
# seconds to wait when opening a HTTP session before raising a
|
223
278
|
# `Timeout::Error`.
|
224
279
|
#
|
225
280
|
# @option options [Integer] :http_read_timeout (60) The default
|
226
281
|
# number of seconds to wait for response data. This value can
|
227
|
-
# safely be set
|
228
|
-
# per-request on the session yeidled by {#session_for}.
|
282
|
+
# safely be set per-request on the session.
|
229
283
|
#
|
230
284
|
# @option options [Float] :http_idle_timeout (5) The number of
|
231
|
-
# seconds a connection is allowed to sit
|
285
|
+
# seconds a connection is allowed to sit idle before it is
|
232
286
|
# considered stale. Stale connections are closed and removed
|
233
287
|
# from the pool before making a request.
|
234
288
|
#
|
@@ -237,7 +291,7 @@ module Aws::FMS
|
|
237
291
|
# request body. This option has no effect unless the request has
|
238
292
|
# "Expect" header set to "100-continue". Defaults to `nil` which
|
239
293
|
# disables this behaviour. This value can safely be set per
|
240
|
-
# request on the session
|
294
|
+
# request on the session.
|
241
295
|
#
|
242
296
|
# @option options [Boolean] :http_wire_trace (false) When `true`,
|
243
297
|
# HTTP debug output will be sent to the `:logger`.
|
@@ -504,7 +558,7 @@ module Aws::FMS
|
|
504
558
|
# resp.policy.policy_id #=> String
|
505
559
|
# resp.policy.policy_name #=> String
|
506
560
|
# resp.policy.policy_update_token #=> String
|
507
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
561
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
508
562
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
509
563
|
# resp.policy.resource_type #=> String
|
510
564
|
# resp.policy.resource_type_list #=> Array
|
@@ -590,7 +644,7 @@ module Aws::FMS
|
|
590
644
|
# @example Response structure
|
591
645
|
#
|
592
646
|
# resp.admin_account_id #=> String
|
593
|
-
# resp.service_type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
647
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
594
648
|
# resp.data #=> String
|
595
649
|
# resp.next_token #=> String
|
596
650
|
#
|
@@ -633,6 +687,8 @@ module Aws::FMS
|
|
633
687
|
# * {Types::ListComplianceStatusResponse#policy_compliance_status_list #policy_compliance_status_list} => Array<Types::PolicyComplianceStatus>
|
634
688
|
# * {Types::ListComplianceStatusResponse#next_token #next_token} => String
|
635
689
|
#
|
690
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
691
|
+
#
|
636
692
|
# @example Request syntax with placeholder values
|
637
693
|
#
|
638
694
|
# resp = client.list_compliance_status({
|
@@ -693,6 +749,8 @@ module Aws::FMS
|
|
693
749
|
# * {Types::ListMemberAccountsResponse#member_accounts #member_accounts} => Array<String>
|
694
750
|
# * {Types::ListMemberAccountsResponse#next_token #next_token} => String
|
695
751
|
#
|
752
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
753
|
+
#
|
696
754
|
# @example Request syntax with placeholder values
|
697
755
|
#
|
698
756
|
# resp = client.list_member_accounts({
|
@@ -738,6 +796,8 @@ module Aws::FMS
|
|
738
796
|
# * {Types::ListPoliciesResponse#policy_list #policy_list} => Array<Types::PolicySummary>
|
739
797
|
# * {Types::ListPoliciesResponse#next_token #next_token} => String
|
740
798
|
#
|
799
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
800
|
+
#
|
741
801
|
# @example Request syntax with placeholder values
|
742
802
|
#
|
743
803
|
# resp = client.list_policies({
|
@@ -752,7 +812,7 @@ module Aws::FMS
|
|
752
812
|
# resp.policy_list[0].policy_id #=> String
|
753
813
|
# resp.policy_list[0].policy_name #=> String
|
754
814
|
# resp.policy_list[0].resource_type #=> String
|
755
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
815
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
756
816
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
757
817
|
# resp.next_token #=> String
|
758
818
|
#
|
@@ -833,15 +893,18 @@ module Aws::FMS
|
|
833
893
|
# * A Shield Advanced policy, which applies Shield Advanced protection
|
834
894
|
# to specified accounts and resources
|
835
895
|
#
|
836
|
-
# * An AWS WAF policy, which
|
837
|
-
#
|
896
|
+
# * An AWS WAF policy (type WAFV2), which defines rule groups to run
|
897
|
+
# first in the corresponding AWS WAF web ACL and rule groups to run
|
898
|
+
# last in the web ACL.
|
899
|
+
#
|
900
|
+
# * An AWS WAF Classic policy (type WAF), which defines a rule group.
|
838
901
|
#
|
839
902
|
# * A security group policy, which manages VPC security groups across
|
840
903
|
# your AWS organization.
|
841
904
|
#
|
842
|
-
# Each policy is specific to one of the
|
843
|
-
#
|
844
|
-
#
|
905
|
+
# Each policy is specific to one of the types. If you want to enforce
|
906
|
+
# more than one policy type across accounts, create multiple policies.
|
907
|
+
# You can create multiple policies for each type.
|
845
908
|
#
|
846
909
|
# You must be subscribed to Shield Advanced to create a Shield Advanced
|
847
910
|
# policy. For more information about subscribing to Shield Advanced, see
|
@@ -870,7 +933,7 @@ module Aws::FMS
|
|
870
933
|
# policy_name: "ResourceName", # required
|
871
934
|
# policy_update_token: "PolicyUpdateToken",
|
872
935
|
# security_service_policy_data: { # required
|
873
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
936
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
874
937
|
# managed_service_data: "ManagedServiceData",
|
875
938
|
# },
|
876
939
|
# resource_type: "ResourceType", # required
|
@@ -903,7 +966,7 @@ module Aws::FMS
|
|
903
966
|
# resp.policy.policy_id #=> String
|
904
967
|
# resp.policy.policy_name #=> String
|
905
968
|
# resp.policy.policy_update_token #=> String
|
906
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
969
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
907
970
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
908
971
|
# resp.policy.resource_type #=> String
|
909
972
|
# resp.policy.resource_type_list #=> Array
|
@@ -1004,7 +1067,7 @@ module Aws::FMS
|
|
1004
1067
|
params: params,
|
1005
1068
|
config: config)
|
1006
1069
|
context[:gem_name] = 'aws-sdk-fms'
|
1007
|
-
context[:gem_version] = '1.
|
1070
|
+
context[:gem_version] = '1.26.0'
|
1008
1071
|
Seahorse::Client::Request.new(handlers, context)
|
1009
1072
|
end
|
1010
1073
|
|
data/lib/aws-sdk-fms/errors.rb
CHANGED
@@ -6,6 +6,34 @@
|
|
6
6
|
# WARNING ABOUT GENERATED CODE
|
7
7
|
|
8
8
|
module Aws::FMS
|
9
|
+
|
10
|
+
# When FMS returns an error response, the Ruby SDK constructs and raises an error.
|
11
|
+
# These errors all extend Aws::FMS::Errors::ServiceError < {Aws::Errors::ServiceError}
|
12
|
+
#
|
13
|
+
# You can rescue all FMS errors using ServiceError:
|
14
|
+
#
|
15
|
+
# begin
|
16
|
+
# # do stuff
|
17
|
+
# rescue Aws::FMS::Errors::ServiceError
|
18
|
+
# # rescues all FMS API errors
|
19
|
+
# end
|
20
|
+
#
|
21
|
+
#
|
22
|
+
# ## Request Context
|
23
|
+
# ServiceError objects have a {Aws::Errors::ServiceError#context #context} method that returns
|
24
|
+
# information about the request that generated the error.
|
25
|
+
# See {Seahorse::Client::RequestContext} for more information.
|
26
|
+
#
|
27
|
+
# ## Error Classes
|
28
|
+
# * {InternalErrorException}
|
29
|
+
# * {InvalidInputException}
|
30
|
+
# * {InvalidOperationException}
|
31
|
+
# * {InvalidTypeException}
|
32
|
+
# * {LimitExceededException}
|
33
|
+
# * {ResourceNotFoundException}
|
34
|
+
#
|
35
|
+
# Additionally, error classes are dynamically generated for service errors based on the error code
|
36
|
+
# if they are not defined above.
|
9
37
|
module Errors
|
10
38
|
|
11
39
|
extend Aws::Errors::DynamicErrors
|
@@ -23,7 +51,6 @@ module Aws::FMS
|
|
23
51
|
def message
|
24
52
|
@message || @data[:message]
|
25
53
|
end
|
26
|
-
|
27
54
|
end
|
28
55
|
|
29
56
|
class InvalidInputException < ServiceError
|
@@ -39,7 +66,6 @@ module Aws::FMS
|
|
39
66
|
def message
|
40
67
|
@message || @data[:message]
|
41
68
|
end
|
42
|
-
|
43
69
|
end
|
44
70
|
|
45
71
|
class InvalidOperationException < ServiceError
|
@@ -55,7 +81,6 @@ module Aws::FMS
|
|
55
81
|
def message
|
56
82
|
@message || @data[:message]
|
57
83
|
end
|
58
|
-
|
59
84
|
end
|
60
85
|
|
61
86
|
class InvalidTypeException < ServiceError
|
@@ -71,7 +96,6 @@ module Aws::FMS
|
|
71
96
|
def message
|
72
97
|
@message || @data[:message]
|
73
98
|
end
|
74
|
-
|
75
99
|
end
|
76
100
|
|
77
101
|
class LimitExceededException < ServiceError
|
@@ -87,7 +111,6 @@ module Aws::FMS
|
|
87
111
|
def message
|
88
112
|
@message || @data[:message]
|
89
113
|
end
|
90
|
-
|
91
114
|
end
|
92
115
|
|
93
116
|
class ResourceNotFoundException < ServiceError
|
@@ -103,7 +126,6 @@ module Aws::FMS
|
|
103
126
|
def message
|
104
127
|
@message || @data[:message]
|
105
128
|
end
|
106
|
-
|
107
129
|
end
|
108
130
|
|
109
131
|
end
|
data/lib/aws-sdk-fms/resource.rb
CHANGED
data/lib/aws-sdk-fms/types.rb
CHANGED
@@ -681,7 +681,7 @@ module Aws::FMS
|
|
681
681
|
# policy_name: "ResourceName", # required
|
682
682
|
# policy_update_token: "PolicyUpdateToken",
|
683
683
|
# security_service_policy_data: { # required
|
684
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
684
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
685
685
|
# managed_service_data: "ManagedServiceData",
|
686
686
|
# },
|
687
687
|
# resource_type: "ResourceType", # required
|
@@ -762,24 +762,63 @@ module Aws::FMS
|
|
762
762
|
# @return [Boolean]
|
763
763
|
#
|
764
764
|
# @!attribute [rw] include_map
|
765
|
-
# Specifies the AWS account IDs
|
766
|
-
#
|
767
|
-
#
|
768
|
-
#
|
769
|
-
#
|
770
|
-
#
|
771
|
-
#
|
765
|
+
# Specifies the AWS account IDs and AWS Organizations organizational
|
766
|
+
# units (OUs) to include in the policy. Specifying an OU is the
|
767
|
+
# equivalent of specifying all accounts in the OU and in any of its
|
768
|
+
# child OUs, including any child OUs and accounts that are added at a
|
769
|
+
# later time.
|
770
|
+
#
|
771
|
+
# You can specify inclusions or exclusions, but not both. If you
|
772
|
+
# specify an `IncludeMap`, AWS Firewall Manager applies the policy to
|
773
|
+
# all accounts specified by the `IncludeMap`, and does not evaluate
|
774
|
+
# any `ExcludeMap` specifications. If you do not specify an
|
775
|
+
# `IncludeMap`, then Firewall Manager applies the policy to all
|
776
|
+
# accounts except for those specified by the `ExcludeMap`.
|
777
|
+
#
|
778
|
+
# You can specify account IDs, OUs, or a combination:
|
779
|
+
#
|
780
|
+
# * Specify account IDs by setting the key to `ACCOUNT`. For example,
|
781
|
+
# the following is a valid map: `\{“ACCOUNT” : [“accountID1”,
|
782
|
+
# “accountID2”]\}`.
|
783
|
+
#
|
784
|
+
# * Specify OUs by setting the key to `ORG_UNIT`. For example, the
|
785
|
+
# following is a valid map: `\{“ORG_UNIT” : [“ouid111”,
|
786
|
+
# “ouid112”]\}`.
|
787
|
+
#
|
788
|
+
# * Specify accounts and OUs together in a single map, separated with
|
789
|
+
# a comma. For example, the following is a valid map: `\{“ACCOUNT” :
|
790
|
+
# [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
|
791
|
+
# “ouid112”]\}`.
|
772
792
|
# @return [Hash<String,Array<String>>]
|
773
793
|
#
|
774
794
|
# @!attribute [rw] exclude_map
|
775
|
-
# Specifies the AWS account IDs
|
776
|
-
#
|
777
|
-
#
|
778
|
-
#
|
779
|
-
#
|
780
|
-
#
|
781
|
-
#
|
782
|
-
#
|
795
|
+
# Specifies the AWS account IDs and AWS Organizations organizational
|
796
|
+
# units (OUs) to exclude from the policy. Specifying an OU is the
|
797
|
+
# equivalent of specifying all accounts in the OU and in any of its
|
798
|
+
# child OUs, including any child OUs and accounts that are added at a
|
799
|
+
# later time.
|
800
|
+
#
|
801
|
+
# You can specify inclusions or exclusions, but not both. If you
|
802
|
+
# specify an `IncludeMap`, AWS Firewall Manager applies the policy to
|
803
|
+
# all accounts specified by the `IncludeMap`, and does not evaluate
|
804
|
+
# any `ExcludeMap` specifications. If you do not specify an
|
805
|
+
# `IncludeMap`, then Firewall Manager applies the policy to all
|
806
|
+
# accounts except for those specified by the `ExcludeMap`.
|
807
|
+
#
|
808
|
+
# You can specify account IDs, OUs, or a combination:
|
809
|
+
#
|
810
|
+
# * Specify account IDs by setting the key to `ACCOUNT`. For example,
|
811
|
+
# the following is a valid map: `\{“ACCOUNT” : [“accountID1”,
|
812
|
+
# “accountID2”]\}`.
|
813
|
+
#
|
814
|
+
# * Specify OUs by setting the key to `ORG_UNIT`. For example, the
|
815
|
+
# following is a valid map: `\{“ORG_UNIT” : [“ouid111”,
|
816
|
+
# “ouid112”]\}`.
|
817
|
+
#
|
818
|
+
# * Specify accounts and OUs together in a single map, separated with
|
819
|
+
# a comma. For example, the following is a valid map: `\{“ACCOUNT” :
|
820
|
+
# [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
|
821
|
+
# “ouid112”]\}`.
|
783
822
|
# @return [Hash<String,Array<String>>]
|
784
823
|
#
|
785
824
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Policy AWS API Documentation
|
@@ -992,7 +1031,7 @@ module Aws::FMS
|
|
992
1031
|
# policy_name: "ResourceName", # required
|
993
1032
|
# policy_update_token: "PolicyUpdateToken",
|
994
1033
|
# security_service_policy_data: { # required
|
995
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
1034
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
996
1035
|
# managed_service_data: "ManagedServiceData",
|
997
1036
|
# },
|
998
1037
|
# resource_type: "ResourceType", # required
|
@@ -1109,7 +1148,7 @@ module Aws::FMS
|
|
1109
1148
|
# data as a hash:
|
1110
1149
|
#
|
1111
1150
|
# {
|
1112
|
-
# type: "WAF", # required, accepts WAF, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
1151
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
1113
1152
|
# managed_service_data: "ManagedServiceData",
|
1114
1153
|
# }
|
1115
1154
|
#
|
@@ -1128,16 +1167,22 @@ module Aws::FMS
|
|
1128
1167
|
# JSON format. For service type `SHIELD_ADVANCED`, this is an empty
|
1129
1168
|
# string.
|
1130
1169
|
#
|
1131
|
-
# * Example: `
|
1170
|
+
# * Example: `WAFV2`
|
1171
|
+
#
|
1172
|
+
# `"ManagedServiceData":
|
1173
|
+
# "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"excludedRules":[\{"name":"EntityName"\}],"ruleGroupType":"RuleGroup"\}],"postProcessRuleGroups":[\{"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendor":"AWS"\},"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"NONE"\},"excludedRules":[],"ruleGroupType":"ManagedRuleGroup"\}],"overrideCustomerWebACLAssociation":false\}"`
|
1174
|
+
#
|
1175
|
+
# * Example: `WAF Classic`
|
1132
1176
|
#
|
1133
|
-
# `ManagedServiceData": "\{"type": "WAF", "ruleGroups":
|
1177
|
+
# `"ManagedServiceData": "\{"type": "WAF", "ruleGroups":
|
1134
1178
|
# [\{"id": "12345678-1bcd-9012-efga-0987654321ab",
|
1135
1179
|
# "overrideAction" : \{"type": "COUNT"\}\}],
|
1136
1180
|
# "defaultAction": \{"type": "BLOCK"\}\}`
|
1137
1181
|
#
|
1138
1182
|
# * Example: `SECURITY_GROUPS_COMMON`
|
1139
1183
|
#
|
1140
|
-
# `"SecurityServicePolicyData":\{"Type":"SECURITY_GROUPS_COMMON","ManagedServiceData":"\{"type":"SECURITY_GROUPS_COMMON","revertManualSecurityGroupChanges":false,"exclusiveResourceSecurityGroupManagement":false,
|
1184
|
+
# `"SecurityServicePolicyData":\{"Type":"SECURITY_GROUPS_COMMON","ManagedServiceData":"\{"type":"SECURITY_GROUPS_COMMON","revertManualSecurityGroupChanges":false,"exclusiveResourceSecurityGroupManagement":false,
|
1185
|
+
# "applyToAllEC2InstanceENIs":false,"securityGroups":[\{"id":"
|
1141
1186
|
# sg-000e55995d61a06bd"\}]\}"\},"RemediationEnabled":false,"ResourceType":"AWS::EC2::NetworkInterface"\}`
|
1142
1187
|
#
|
1143
1188
|
# * Example: `SECURITY_GROUPS_CONTENT_AUDIT`
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-fms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.26.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-05-28 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -81,7 +81,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
81
81
|
version: '0'
|
82
82
|
requirements: []
|
83
83
|
rubyforge_project:
|
84
|
-
rubygems_version: 2.
|
84
|
+
rubygems_version: 2.7.6.2
|
85
85
|
signing_key:
|
86
86
|
specification_version: 4
|
87
87
|
summary: AWS SDK for Ruby - FMS
|