aws-sdk-fms 1.24.0 → 1.29.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-fms.rb +3 -1
- data/lib/aws-sdk-fms/client.rb +491 -18
- data/lib/aws-sdk-fms/client_api.rb +333 -0
- data/lib/aws-sdk-fms/errors.rb +2 -0
- data/lib/aws-sdk-fms/resource.rb +2 -0
- data/lib/aws-sdk-fms/types.rb +977 -20
- metadata +4 -4
data/lib/aws-sdk-fms/errors.rb
CHANGED
data/lib/aws-sdk-fms/resource.rb
CHANGED
data/lib/aws-sdk-fms/types.rb
CHANGED
@@ -1,3 +1,5 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
1
3
|
# WARNING ABOUT GENERATED CODE
|
2
4
|
#
|
3
5
|
# This file is generated. See the contributing guide for more information:
|
@@ -8,6 +10,153 @@
|
|
8
10
|
module Aws::FMS
|
9
11
|
module Types
|
10
12
|
|
13
|
+
# An individual AWS Firewall Manager application.
|
14
|
+
#
|
15
|
+
# @note When making an API call, you may pass App
|
16
|
+
# data as a hash:
|
17
|
+
#
|
18
|
+
# {
|
19
|
+
# app_name: "ResourceName", # required
|
20
|
+
# protocol: "Protocol", # required
|
21
|
+
# port: 1, # required
|
22
|
+
# }
|
23
|
+
#
|
24
|
+
# @!attribute [rw] app_name
|
25
|
+
# The application's name.
|
26
|
+
# @return [String]
|
27
|
+
#
|
28
|
+
# @!attribute [rw] protocol
|
29
|
+
# The IP protocol name or number. The name can be one of `tcp`, `udp`,
|
30
|
+
# or `icmp`. For information on possible numbers, see [Protocol
|
31
|
+
# Numbers][1].
|
32
|
+
#
|
33
|
+
#
|
34
|
+
#
|
35
|
+
# [1]: https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
|
36
|
+
# @return [String]
|
37
|
+
#
|
38
|
+
# @!attribute [rw] port
|
39
|
+
# The application's port number, for example `80`.
|
40
|
+
# @return [Integer]
|
41
|
+
#
|
42
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/App AWS API Documentation
|
43
|
+
#
|
44
|
+
class App < Struct.new(
|
45
|
+
:app_name,
|
46
|
+
:protocol,
|
47
|
+
:port)
|
48
|
+
SENSITIVE = []
|
49
|
+
include Aws::Structure
|
50
|
+
end
|
51
|
+
|
52
|
+
# An AWS Firewall Manager applications list.
|
53
|
+
#
|
54
|
+
# @note When making an API call, you may pass AppsListData
|
55
|
+
# data as a hash:
|
56
|
+
#
|
57
|
+
# {
|
58
|
+
# list_id: "ListId",
|
59
|
+
# list_name: "ResourceName", # required
|
60
|
+
# list_update_token: "UpdateToken",
|
61
|
+
# create_time: Time.now,
|
62
|
+
# last_update_time: Time.now,
|
63
|
+
# apps_list: [ # required
|
64
|
+
# {
|
65
|
+
# app_name: "ResourceName", # required
|
66
|
+
# protocol: "Protocol", # required
|
67
|
+
# port: 1, # required
|
68
|
+
# },
|
69
|
+
# ],
|
70
|
+
# previous_apps_list: {
|
71
|
+
# "PreviousListVersion" => [
|
72
|
+
# {
|
73
|
+
# app_name: "ResourceName", # required
|
74
|
+
# protocol: "Protocol", # required
|
75
|
+
# port: 1, # required
|
76
|
+
# },
|
77
|
+
# ],
|
78
|
+
# },
|
79
|
+
# }
|
80
|
+
#
|
81
|
+
# @!attribute [rw] list_id
|
82
|
+
# The ID of the AWS Firewall Manager applications list.
|
83
|
+
# @return [String]
|
84
|
+
#
|
85
|
+
# @!attribute [rw] list_name
|
86
|
+
# The name of the AWS Firewall Manager applications list.
|
87
|
+
# @return [String]
|
88
|
+
#
|
89
|
+
# @!attribute [rw] list_update_token
|
90
|
+
# A unique identifier for each update to the list. When you update the
|
91
|
+
# list, the update token must match the token of the current version
|
92
|
+
# of the application list. You can retrieve the update token by
|
93
|
+
# getting the list.
|
94
|
+
# @return [String]
|
95
|
+
#
|
96
|
+
# @!attribute [rw] create_time
|
97
|
+
# The time that the AWS Firewall Manager applications list was
|
98
|
+
# created.
|
99
|
+
# @return [Time]
|
100
|
+
#
|
101
|
+
# @!attribute [rw] last_update_time
|
102
|
+
# The time that the AWS Firewall Manager applications list was last
|
103
|
+
# updated.
|
104
|
+
# @return [Time]
|
105
|
+
#
|
106
|
+
# @!attribute [rw] apps_list
|
107
|
+
# An array of applications in the AWS Firewall Manager applications
|
108
|
+
# list.
|
109
|
+
# @return [Array<Types::App>]
|
110
|
+
#
|
111
|
+
# @!attribute [rw] previous_apps_list
|
112
|
+
# A map of previous version numbers to their corresponding `App`
|
113
|
+
# object arrays.
|
114
|
+
# @return [Hash<String,Array<Types::App>>]
|
115
|
+
#
|
116
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AppsListData AWS API Documentation
|
117
|
+
#
|
118
|
+
class AppsListData < Struct.new(
|
119
|
+
:list_id,
|
120
|
+
:list_name,
|
121
|
+
:list_update_token,
|
122
|
+
:create_time,
|
123
|
+
:last_update_time,
|
124
|
+
:apps_list,
|
125
|
+
:previous_apps_list)
|
126
|
+
SENSITIVE = []
|
127
|
+
include Aws::Structure
|
128
|
+
end
|
129
|
+
|
130
|
+
# Details of the AWS Firewall Manager applications list.
|
131
|
+
#
|
132
|
+
# @!attribute [rw] list_arn
|
133
|
+
# The Amazon Resource Name (ARN) of the applications list.
|
134
|
+
# @return [String]
|
135
|
+
#
|
136
|
+
# @!attribute [rw] list_id
|
137
|
+
# The ID of the applications list.
|
138
|
+
# @return [String]
|
139
|
+
#
|
140
|
+
# @!attribute [rw] list_name
|
141
|
+
# The name of the applications list.
|
142
|
+
# @return [String]
|
143
|
+
#
|
144
|
+
# @!attribute [rw] apps_list
|
145
|
+
# An array of `App` objects in the AWS Firewall Manager applications
|
146
|
+
# list.
|
147
|
+
# @return [Array<Types::App>]
|
148
|
+
#
|
149
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AppsListDataSummary AWS API Documentation
|
150
|
+
#
|
151
|
+
class AppsListDataSummary < Struct.new(
|
152
|
+
:list_arn,
|
153
|
+
:list_id,
|
154
|
+
:list_name,
|
155
|
+
:apps_list)
|
156
|
+
SENSITIVE = []
|
157
|
+
include Aws::Structure
|
158
|
+
end
|
159
|
+
|
11
160
|
# @note When making an API call, you may pass AssociateAdminAccountRequest
|
12
161
|
# data as a hash:
|
13
162
|
#
|
@@ -31,6 +180,77 @@ module Aws::FMS
|
|
31
180
|
#
|
32
181
|
class AssociateAdminAccountRequest < Struct.new(
|
33
182
|
:admin_account)
|
183
|
+
SENSITIVE = []
|
184
|
+
include Aws::Structure
|
185
|
+
end
|
186
|
+
|
187
|
+
# Violations for an EC2 instance resource.
|
188
|
+
#
|
189
|
+
# @!attribute [rw] violation_target
|
190
|
+
# The resource ID of the EC2 instance.
|
191
|
+
# @return [String]
|
192
|
+
#
|
193
|
+
# @!attribute [rw] aws_ec2_network_interface_violations
|
194
|
+
# Violations for network interfaces associated with the EC2 instance.
|
195
|
+
# @return [Array<Types::AwsEc2NetworkInterfaceViolation>]
|
196
|
+
#
|
197
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsEc2InstanceViolation AWS API Documentation
|
198
|
+
#
|
199
|
+
class AwsEc2InstanceViolation < Struct.new(
|
200
|
+
:violation_target,
|
201
|
+
:aws_ec2_network_interface_violations)
|
202
|
+
SENSITIVE = []
|
203
|
+
include Aws::Structure
|
204
|
+
end
|
205
|
+
|
206
|
+
# Violations for network interfaces associated with an EC2 instance.
|
207
|
+
#
|
208
|
+
# @!attribute [rw] violation_target
|
209
|
+
# The resource ID of the network interface.
|
210
|
+
# @return [String]
|
211
|
+
#
|
212
|
+
# @!attribute [rw] violating_security_groups
|
213
|
+
# List of security groups that violate the rules specified in the
|
214
|
+
# master security group of the AWS Firewall Manager policy.
|
215
|
+
# @return [Array<String>]
|
216
|
+
#
|
217
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsEc2NetworkInterfaceViolation AWS API Documentation
|
218
|
+
#
|
219
|
+
class AwsEc2NetworkInterfaceViolation < Struct.new(
|
220
|
+
:violation_target,
|
221
|
+
:violating_security_groups)
|
222
|
+
SENSITIVE = []
|
223
|
+
include Aws::Structure
|
224
|
+
end
|
225
|
+
|
226
|
+
# Details of the rule violation in a security group when compared to the
|
227
|
+
# master security group of the AWS Firewall Manager policy.
|
228
|
+
#
|
229
|
+
# @!attribute [rw] violation_target
|
230
|
+
# The security group rule that is being evaluated.
|
231
|
+
# @return [String]
|
232
|
+
#
|
233
|
+
# @!attribute [rw] violation_target_description
|
234
|
+
# A description of the security group that violates the policy.
|
235
|
+
# @return [String]
|
236
|
+
#
|
237
|
+
# @!attribute [rw] partial_matches
|
238
|
+
# List of rules specified in the security group of the AWS Firewall
|
239
|
+
# Manager policy that partially match the `ViolationTarget` rule.
|
240
|
+
# @return [Array<Types::PartialMatch>]
|
241
|
+
#
|
242
|
+
# @!attribute [rw] possible_security_group_remediation_actions
|
243
|
+
# Remediation options for the rule specified in the `ViolationTarget`.
|
244
|
+
# @return [Array<Types::SecurityGroupRemediationAction>]
|
245
|
+
#
|
246
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsVPCSecurityGroupViolation AWS API Documentation
|
247
|
+
#
|
248
|
+
class AwsVPCSecurityGroupViolation < Struct.new(
|
249
|
+
:violation_target,
|
250
|
+
:violation_target_description,
|
251
|
+
:partial_matches,
|
252
|
+
:possible_security_group_remediation_actions)
|
253
|
+
SENSITIVE = []
|
34
254
|
include Aws::Structure
|
35
255
|
end
|
36
256
|
|
@@ -61,6 +281,28 @@ module Aws::FMS
|
|
61
281
|
:resource_id,
|
62
282
|
:violation_reason,
|
63
283
|
:resource_type)
|
284
|
+
SENSITIVE = []
|
285
|
+
include Aws::Structure
|
286
|
+
end
|
287
|
+
|
288
|
+
# @note When making an API call, you may pass DeleteAppsListRequest
|
289
|
+
# data as a hash:
|
290
|
+
#
|
291
|
+
# {
|
292
|
+
# list_id: "ListId", # required
|
293
|
+
# }
|
294
|
+
#
|
295
|
+
# @!attribute [rw] list_id
|
296
|
+
# The ID of the applications list that you want to delete. You can
|
297
|
+
# retrieve this ID from `PutAppsList`, `ListAppsLists`, and
|
298
|
+
# `GetAppsList`.
|
299
|
+
# @return [String]
|
300
|
+
#
|
301
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteAppsListRequest AWS API Documentation
|
302
|
+
#
|
303
|
+
class DeleteAppsListRequest < Struct.new(
|
304
|
+
:list_id)
|
305
|
+
SENSITIVE = []
|
64
306
|
include Aws::Structure
|
65
307
|
end
|
66
308
|
|
@@ -79,8 +321,8 @@ module Aws::FMS
|
|
79
321
|
# }
|
80
322
|
#
|
81
323
|
# @!attribute [rw] policy_id
|
82
|
-
# The ID of the policy that you want to delete.
|
83
|
-
#
|
324
|
+
# The ID of the policy that you want to delete. You can retrieve this
|
325
|
+
# ID from `PutPolicy` and `ListPolicies`.
|
84
326
|
# @return [String]
|
85
327
|
#
|
86
328
|
# @!attribute [rw] delete_all_policy_resources
|
@@ -120,6 +362,28 @@ module Aws::FMS
|
|
120
362
|
class DeletePolicyRequest < Struct.new(
|
121
363
|
:policy_id,
|
122
364
|
:delete_all_policy_resources)
|
365
|
+
SENSITIVE = []
|
366
|
+
include Aws::Structure
|
367
|
+
end
|
368
|
+
|
369
|
+
# @note When making an API call, you may pass DeleteProtocolsListRequest
|
370
|
+
# data as a hash:
|
371
|
+
#
|
372
|
+
# {
|
373
|
+
# list_id: "ListId", # required
|
374
|
+
# }
|
375
|
+
#
|
376
|
+
# @!attribute [rw] list_id
|
377
|
+
# The ID of the protocols list that you want to delete. You can
|
378
|
+
# retrieve this ID from `PutProtocolsList`, `ListProtocolsLists`, and
|
379
|
+
# `GetProtocolsLost`.
|
380
|
+
# @return [String]
|
381
|
+
#
|
382
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteProtocolsListRequest AWS API Documentation
|
383
|
+
#
|
384
|
+
class DeleteProtocolsListRequest < Struct.new(
|
385
|
+
:list_id)
|
386
|
+
SENSITIVE = []
|
123
387
|
include Aws::Structure
|
124
388
|
end
|
125
389
|
|
@@ -159,6 +423,7 @@ module Aws::FMS
|
|
159
423
|
:compliance_status,
|
160
424
|
:violator_count,
|
161
425
|
:evaluation_limit_exceeded)
|
426
|
+
SENSITIVE = []
|
162
427
|
include Aws::Structure
|
163
428
|
end
|
164
429
|
|
@@ -183,6 +448,52 @@ module Aws::FMS
|
|
183
448
|
class GetAdminAccountResponse < Struct.new(
|
184
449
|
:admin_account,
|
185
450
|
:role_status)
|
451
|
+
SENSITIVE = []
|
452
|
+
include Aws::Structure
|
453
|
+
end
|
454
|
+
|
455
|
+
# @note When making an API call, you may pass GetAppsListRequest
|
456
|
+
# data as a hash:
|
457
|
+
#
|
458
|
+
# {
|
459
|
+
# list_id: "ListId", # required
|
460
|
+
# default_list: false,
|
461
|
+
# }
|
462
|
+
#
|
463
|
+
# @!attribute [rw] list_id
|
464
|
+
# The ID of the AWS Firewall Manager applications list that you want
|
465
|
+
# the details for.
|
466
|
+
# @return [String]
|
467
|
+
#
|
468
|
+
# @!attribute [rw] default_list
|
469
|
+
# Specifies whether the list to retrieve is a default list owned by
|
470
|
+
# AWS Firewall Manager.
|
471
|
+
# @return [Boolean]
|
472
|
+
#
|
473
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsListRequest AWS API Documentation
|
474
|
+
#
|
475
|
+
class GetAppsListRequest < Struct.new(
|
476
|
+
:list_id,
|
477
|
+
:default_list)
|
478
|
+
SENSITIVE = []
|
479
|
+
include Aws::Structure
|
480
|
+
end
|
481
|
+
|
482
|
+
# @!attribute [rw] apps_list
|
483
|
+
# Information about the specified AWS Firewall Manager applications
|
484
|
+
# list.
|
485
|
+
# @return [Types::AppsListData]
|
486
|
+
#
|
487
|
+
# @!attribute [rw] apps_list_arn
|
488
|
+
# The Amazon Resource Name (ARN) of the applications list.
|
489
|
+
# @return [String]
|
490
|
+
#
|
491
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsListResponse AWS API Documentation
|
492
|
+
#
|
493
|
+
class GetAppsListResponse < Struct.new(
|
494
|
+
:apps_list,
|
495
|
+
:apps_list_arn)
|
496
|
+
SENSITIVE = []
|
186
497
|
include Aws::Structure
|
187
498
|
end
|
188
499
|
|
@@ -209,6 +520,7 @@ module Aws::FMS
|
|
209
520
|
class GetComplianceDetailRequest < Struct.new(
|
210
521
|
:policy_id,
|
211
522
|
:member_account)
|
523
|
+
SENSITIVE = []
|
212
524
|
include Aws::Structure
|
213
525
|
end
|
214
526
|
|
@@ -221,6 +533,7 @@ module Aws::FMS
|
|
221
533
|
#
|
222
534
|
class GetComplianceDetailResponse < Struct.new(
|
223
535
|
:policy_compliance_detail)
|
536
|
+
SENSITIVE = []
|
224
537
|
include Aws::Structure
|
225
538
|
end
|
226
539
|
|
@@ -244,6 +557,7 @@ module Aws::FMS
|
|
244
557
|
class GetNotificationChannelResponse < Struct.new(
|
245
558
|
:sns_topic_arn,
|
246
559
|
:sns_role_name)
|
560
|
+
SENSITIVE = []
|
247
561
|
include Aws::Structure
|
248
562
|
end
|
249
563
|
|
@@ -263,6 +577,7 @@ module Aws::FMS
|
|
263
577
|
#
|
264
578
|
class GetPolicyRequest < Struct.new(
|
265
579
|
:policy_id)
|
580
|
+
SENSITIVE = []
|
266
581
|
include Aws::Structure
|
267
582
|
end
|
268
583
|
|
@@ -279,6 +594,7 @@ module Aws::FMS
|
|
279
594
|
class GetPolicyResponse < Struct.new(
|
280
595
|
:policy,
|
281
596
|
:policy_arn)
|
597
|
+
SENSITIVE = []
|
282
598
|
include Aws::Structure
|
283
599
|
end
|
284
600
|
|
@@ -344,6 +660,7 @@ module Aws::FMS
|
|
344
660
|
:end_time,
|
345
661
|
:next_token,
|
346
662
|
:max_results)
|
663
|
+
SENSITIVE = []
|
347
664
|
include Aws::Structure
|
348
665
|
end
|
349
666
|
|
@@ -393,6 +710,109 @@ module Aws::FMS
|
|
393
710
|
:service_type,
|
394
711
|
:data,
|
395
712
|
:next_token)
|
713
|
+
SENSITIVE = []
|
714
|
+
include Aws::Structure
|
715
|
+
end
|
716
|
+
|
717
|
+
# @note When making an API call, you may pass GetProtocolsListRequest
|
718
|
+
# data as a hash:
|
719
|
+
#
|
720
|
+
# {
|
721
|
+
# list_id: "ListId", # required
|
722
|
+
# default_list: false,
|
723
|
+
# }
|
724
|
+
#
|
725
|
+
# @!attribute [rw] list_id
|
726
|
+
# The ID of the AWS Firewall Manager protocols list that you want the
|
727
|
+
# details for.
|
728
|
+
# @return [String]
|
729
|
+
#
|
730
|
+
# @!attribute [rw] default_list
|
731
|
+
# Specifies whether the list to retrieve is a default list owned by
|
732
|
+
# AWS Firewall Manager.
|
733
|
+
# @return [Boolean]
|
734
|
+
#
|
735
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsListRequest AWS API Documentation
|
736
|
+
#
|
737
|
+
class GetProtocolsListRequest < Struct.new(
|
738
|
+
:list_id,
|
739
|
+
:default_list)
|
740
|
+
SENSITIVE = []
|
741
|
+
include Aws::Structure
|
742
|
+
end
|
743
|
+
|
744
|
+
# @!attribute [rw] protocols_list
|
745
|
+
# Information about the specified AWS Firewall Manager protocols list.
|
746
|
+
# @return [Types::ProtocolsListData]
|
747
|
+
#
|
748
|
+
# @!attribute [rw] protocols_list_arn
|
749
|
+
# The Amazon Resource Name (ARN) of the specified protocols list.
|
750
|
+
# @return [String]
|
751
|
+
#
|
752
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsListResponse AWS API Documentation
|
753
|
+
#
|
754
|
+
class GetProtocolsListResponse < Struct.new(
|
755
|
+
:protocols_list,
|
756
|
+
:protocols_list_arn)
|
757
|
+
SENSITIVE = []
|
758
|
+
include Aws::Structure
|
759
|
+
end
|
760
|
+
|
761
|
+
# @note When making an API call, you may pass GetViolationDetailsRequest
|
762
|
+
# data as a hash:
|
763
|
+
#
|
764
|
+
# {
|
765
|
+
# policy_id: "PolicyId", # required
|
766
|
+
# member_account: "AWSAccountId", # required
|
767
|
+
# resource_id: "ResourceId", # required
|
768
|
+
# resource_type: "ResourceType", # required
|
769
|
+
# }
|
770
|
+
#
|
771
|
+
# @!attribute [rw] policy_id
|
772
|
+
# The ID of the AWS Firewall Manager policy that you want the details
|
773
|
+
# for. This currently only supports security group content audit
|
774
|
+
# policies.
|
775
|
+
# @return [String]
|
776
|
+
#
|
777
|
+
# @!attribute [rw] member_account
|
778
|
+
# The AWS account ID that you want the details for.
|
779
|
+
# @return [String]
|
780
|
+
#
|
781
|
+
# @!attribute [rw] resource_id
|
782
|
+
# The ID of the resource that has violations.
|
783
|
+
# @return [String]
|
784
|
+
#
|
785
|
+
# @!attribute [rw] resource_type
|
786
|
+
# The resource type. This is in the format shown in the [AWS Resource
|
787
|
+
# Types Reference][1]. Supported resource types are:
|
788
|
+
# `AWS::EC2::Instance`, `AWS::EC2::NetworkInterface`, or
|
789
|
+
# `AWS::EC2::SecurityGroup`.
|
790
|
+
#
|
791
|
+
#
|
792
|
+
#
|
793
|
+
# [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
|
794
|
+
# @return [String]
|
795
|
+
#
|
796
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetailsRequest AWS API Documentation
|
797
|
+
#
|
798
|
+
class GetViolationDetailsRequest < Struct.new(
|
799
|
+
:policy_id,
|
800
|
+
:member_account,
|
801
|
+
:resource_id,
|
802
|
+
:resource_type)
|
803
|
+
SENSITIVE = []
|
804
|
+
include Aws::Structure
|
805
|
+
end
|
806
|
+
|
807
|
+
# @!attribute [rw] violation_detail
|
808
|
+
# Violation detail for a resource.
|
809
|
+
# @return [Types::ViolationDetail]
|
810
|
+
#
|
811
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetailsResponse AWS API Documentation
|
812
|
+
#
|
813
|
+
class GetViolationDetailsResponse < Struct.new(
|
814
|
+
:violation_detail)
|
815
|
+
SENSITIVE = []
|
396
816
|
include Aws::Structure
|
397
817
|
end
|
398
818
|
|
@@ -406,6 +826,7 @@ module Aws::FMS
|
|
406
826
|
#
|
407
827
|
class InternalErrorException < Struct.new(
|
408
828
|
:message)
|
829
|
+
SENSITIVE = []
|
409
830
|
include Aws::Structure
|
410
831
|
end
|
411
832
|
|
@@ -418,13 +839,17 @@ module Aws::FMS
|
|
418
839
|
#
|
419
840
|
class InvalidInputException < Struct.new(
|
420
841
|
:message)
|
842
|
+
SENSITIVE = []
|
421
843
|
include Aws::Structure
|
422
844
|
end
|
423
845
|
|
424
|
-
# The operation failed because there was nothing to do
|
425
|
-
# might have submitted an
|
426
|
-
# account ID that
|
427
|
-
# Manager administrator.
|
846
|
+
# The operation failed because there was nothing to do or the operation
|
847
|
+
# wasn't possible. For example, you might have submitted an
|
848
|
+
# `AssociateAdminAccount` request for an account ID that was already set
|
849
|
+
# as the AWS Firewall Manager administrator. Or you might have tried to
|
850
|
+
# access a Region that's disabled by default, and that you need to
|
851
|
+
# enable for the Firewall Manager administrator account and for AWS
|
852
|
+
# Organizations before you can access it.
|
428
853
|
#
|
429
854
|
# @!attribute [rw] message
|
430
855
|
# @return [String]
|
@@ -433,6 +858,7 @@ module Aws::FMS
|
|
433
858
|
#
|
434
859
|
class InvalidOperationException < Struct.new(
|
435
860
|
:message)
|
861
|
+
SENSITIVE = []
|
436
862
|
include Aws::Structure
|
437
863
|
end
|
438
864
|
|
@@ -445,6 +871,7 @@ module Aws::FMS
|
|
445
871
|
#
|
446
872
|
class InvalidTypeException < Struct.new(
|
447
873
|
:message)
|
874
|
+
SENSITIVE = []
|
448
875
|
include Aws::Structure
|
449
876
|
end
|
450
877
|
|
@@ -464,6 +891,69 @@ module Aws::FMS
|
|
464
891
|
#
|
465
892
|
class LimitExceededException < Struct.new(
|
466
893
|
:message)
|
894
|
+
SENSITIVE = []
|
895
|
+
include Aws::Structure
|
896
|
+
end
|
897
|
+
|
898
|
+
# @note When making an API call, you may pass ListAppsListsRequest
|
899
|
+
# data as a hash:
|
900
|
+
#
|
901
|
+
# {
|
902
|
+
# default_lists: false,
|
903
|
+
# next_token: "PaginationToken",
|
904
|
+
# max_results: 1, # required
|
905
|
+
# }
|
906
|
+
#
|
907
|
+
# @!attribute [rw] default_lists
|
908
|
+
# Specifies whether the lists to retrieve are default lists owned by
|
909
|
+
# AWS Firewall Manager.
|
910
|
+
# @return [Boolean]
|
911
|
+
#
|
912
|
+
# @!attribute [rw] next_token
|
913
|
+
# If you specify a value for `MaxResults` in your list request, and
|
914
|
+
# you have more objects than the maximum, AWS Firewall Manager returns
|
915
|
+
# this token in the response. For all but the first request, you
|
916
|
+
# provide the token returned by the prior request in the request
|
917
|
+
# parameters, to retrieve the next batch of objects.
|
918
|
+
# @return [String]
|
919
|
+
#
|
920
|
+
# @!attribute [rw] max_results
|
921
|
+
# The maximum number of objects that you want AWS Firewall Manager to
|
922
|
+
# return for this request. If more objects are available, in the
|
923
|
+
# response, AWS Firewall Manager provides a `NextToken` value that you
|
924
|
+
# can use in a subsequent call to get the next batch of objects.
|
925
|
+
#
|
926
|
+
# If you don't specify this, AWS Firewall Manager returns all
|
927
|
+
# available objects.
|
928
|
+
# @return [Integer]
|
929
|
+
#
|
930
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsListsRequest AWS API Documentation
|
931
|
+
#
|
932
|
+
class ListAppsListsRequest < Struct.new(
|
933
|
+
:default_lists,
|
934
|
+
:next_token,
|
935
|
+
:max_results)
|
936
|
+
SENSITIVE = []
|
937
|
+
include Aws::Structure
|
938
|
+
end
|
939
|
+
|
940
|
+
# @!attribute [rw] apps_lists
|
941
|
+
# An array of `AppsListDataSummary` objects.
|
942
|
+
# @return [Array<Types::AppsListDataSummary>]
|
943
|
+
#
|
944
|
+
# @!attribute [rw] next_token
|
945
|
+
# If you specify a value for `MaxResults` in your list request, and
|
946
|
+
# you have more objects than the maximum, AWS Firewall Manager returns
|
947
|
+
# this token in the response. You can use this token in subsequent
|
948
|
+
# requests to retrieve the next batch of objects.
|
949
|
+
# @return [String]
|
950
|
+
#
|
951
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsListsResponse AWS API Documentation
|
952
|
+
#
|
953
|
+
class ListAppsListsResponse < Struct.new(
|
954
|
+
:apps_lists,
|
955
|
+
:next_token)
|
956
|
+
SENSITIVE = []
|
467
957
|
include Aws::Structure
|
468
958
|
end
|
469
959
|
|
@@ -507,6 +997,7 @@ module Aws::FMS
|
|
507
997
|
:policy_id,
|
508
998
|
:next_token,
|
509
999
|
:max_results)
|
1000
|
+
SENSITIVE = []
|
510
1001
|
include Aws::Structure
|
511
1002
|
end
|
512
1003
|
|
@@ -528,6 +1019,7 @@ module Aws::FMS
|
|
528
1019
|
class ListComplianceStatusResponse < Struct.new(
|
529
1020
|
:policy_compliance_status_list,
|
530
1021
|
:next_token)
|
1022
|
+
SENSITIVE = []
|
531
1023
|
include Aws::Structure
|
532
1024
|
end
|
533
1025
|
|
@@ -562,6 +1054,7 @@ module Aws::FMS
|
|
562
1054
|
class ListMemberAccountsRequest < Struct.new(
|
563
1055
|
:next_token,
|
564
1056
|
:max_results)
|
1057
|
+
SENSITIVE = []
|
565
1058
|
include Aws::Structure
|
566
1059
|
end
|
567
1060
|
|
@@ -582,6 +1075,7 @@ module Aws::FMS
|
|
582
1075
|
class ListMemberAccountsResponse < Struct.new(
|
583
1076
|
:member_accounts,
|
584
1077
|
:next_token)
|
1078
|
+
SENSITIVE = []
|
585
1079
|
include Aws::Structure
|
586
1080
|
end
|
587
1081
|
|
@@ -617,6 +1111,7 @@ module Aws::FMS
|
|
617
1111
|
class ListPoliciesRequest < Struct.new(
|
618
1112
|
:next_token,
|
619
1113
|
:max_results)
|
1114
|
+
SENSITIVE = []
|
620
1115
|
include Aws::Structure
|
621
1116
|
end
|
622
1117
|
|
@@ -637,6 +1132,69 @@ module Aws::FMS
|
|
637
1132
|
class ListPoliciesResponse < Struct.new(
|
638
1133
|
:policy_list,
|
639
1134
|
:next_token)
|
1135
|
+
SENSITIVE = []
|
1136
|
+
include Aws::Structure
|
1137
|
+
end
|
1138
|
+
|
1139
|
+
# @note When making an API call, you may pass ListProtocolsListsRequest
|
1140
|
+
# data as a hash:
|
1141
|
+
#
|
1142
|
+
# {
|
1143
|
+
# default_lists: false,
|
1144
|
+
# next_token: "PaginationToken",
|
1145
|
+
# max_results: 1, # required
|
1146
|
+
# }
|
1147
|
+
#
|
1148
|
+
# @!attribute [rw] default_lists
|
1149
|
+
# Specifies whether the lists to retrieve are default lists owned by
|
1150
|
+
# AWS Firewall Manager.
|
1151
|
+
# @return [Boolean]
|
1152
|
+
#
|
1153
|
+
# @!attribute [rw] next_token
|
1154
|
+
# If you specify a value for `MaxResults` in your list request, and
|
1155
|
+
# you have more objects than the maximum, AWS Firewall Manager returns
|
1156
|
+
# this token in the response. For all but the first request, you
|
1157
|
+
# provide the token returned by the prior request in the request
|
1158
|
+
# parameters, to retrieve the next batch of objects.
|
1159
|
+
# @return [String]
|
1160
|
+
#
|
1161
|
+
# @!attribute [rw] max_results
|
1162
|
+
# The maximum number of objects that you want AWS Firewall Manager to
|
1163
|
+
# return for this request. If more objects are available, in the
|
1164
|
+
# response, AWS Firewall Manager provides a `NextToken` value that you
|
1165
|
+
# can use in a subsequent call to get the next batch of objects.
|
1166
|
+
#
|
1167
|
+
# If you don't specify this, AWS Firewall Manager returns all
|
1168
|
+
# available objects.
|
1169
|
+
# @return [Integer]
|
1170
|
+
#
|
1171
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsListsRequest AWS API Documentation
|
1172
|
+
#
|
1173
|
+
class ListProtocolsListsRequest < Struct.new(
|
1174
|
+
:default_lists,
|
1175
|
+
:next_token,
|
1176
|
+
:max_results)
|
1177
|
+
SENSITIVE = []
|
1178
|
+
include Aws::Structure
|
1179
|
+
end
|
1180
|
+
|
1181
|
+
# @!attribute [rw] protocols_lists
|
1182
|
+
# An array of `ProtocolsListDataSummary` objects.
|
1183
|
+
# @return [Array<Types::ProtocolsListDataSummary>]
|
1184
|
+
#
|
1185
|
+
# @!attribute [rw] next_token
|
1186
|
+
# If you specify a value for `MaxResults` in your list request, and
|
1187
|
+
# you have more objects than the maximum, AWS Firewall Manager returns
|
1188
|
+
# this token in the response. You can use this token in subsequent
|
1189
|
+
# requests to retrieve the next batch of objects.
|
1190
|
+
# @return [String]
|
1191
|
+
#
|
1192
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsListsResponse AWS API Documentation
|
1193
|
+
#
|
1194
|
+
class ListProtocolsListsResponse < Struct.new(
|
1195
|
+
:protocols_lists,
|
1196
|
+
:next_token)
|
1197
|
+
SENSITIVE = []
|
640
1198
|
include Aws::Structure
|
641
1199
|
end
|
642
1200
|
|
@@ -649,14 +1207,15 @@ module Aws::FMS
|
|
649
1207
|
#
|
650
1208
|
# @!attribute [rw] resource_arn
|
651
1209
|
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
652
|
-
# The Firewall Manager
|
653
|
-
#
|
1210
|
+
# The AWS Firewall Manager resources that support tagging are
|
1211
|
+
# policies, applications lists, and protocols lists.
|
654
1212
|
# @return [String]
|
655
1213
|
#
|
656
1214
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResourceRequest AWS API Documentation
|
657
1215
|
#
|
658
1216
|
class ListTagsForResourceRequest < Struct.new(
|
659
1217
|
:resource_arn)
|
1218
|
+
SENSITIVE = []
|
660
1219
|
include Aws::Structure
|
661
1220
|
end
|
662
1221
|
|
@@ -668,6 +1227,28 @@ module Aws::FMS
|
|
668
1227
|
#
|
669
1228
|
class ListTagsForResourceResponse < Struct.new(
|
670
1229
|
:tag_list)
|
1230
|
+
SENSITIVE = []
|
1231
|
+
include Aws::Structure
|
1232
|
+
end
|
1233
|
+
|
1234
|
+
# The reference rule that partially matches the `ViolationTarget` rule
|
1235
|
+
# and violation reason.
|
1236
|
+
#
|
1237
|
+
# @!attribute [rw] reference
|
1238
|
+
# The reference rule from the master security group of the AWS
|
1239
|
+
# Firewall Manager policy.
|
1240
|
+
# @return [String]
|
1241
|
+
#
|
1242
|
+
# @!attribute [rw] target_violation_reasons
|
1243
|
+
# The violation reason.
|
1244
|
+
# @return [Array<String>]
|
1245
|
+
#
|
1246
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PartialMatch AWS API Documentation
|
1247
|
+
#
|
1248
|
+
class PartialMatch < Struct.new(
|
1249
|
+
:reference,
|
1250
|
+
:target_violation_reasons)
|
1251
|
+
SENSITIVE = []
|
671
1252
|
include Aws::Structure
|
672
1253
|
end
|
673
1254
|
|
@@ -707,7 +1288,7 @@ module Aws::FMS
|
|
707
1288
|
# @return [String]
|
708
1289
|
#
|
709
1290
|
# @!attribute [rw] policy_name
|
710
|
-
# The
|
1291
|
+
# The name of the AWS Firewall Manager policy.
|
711
1292
|
# @return [String]
|
712
1293
|
#
|
713
1294
|
# @!attribute [rw] policy_update_token
|
@@ -835,6 +1416,7 @@ module Aws::FMS
|
|
835
1416
|
:remediation_enabled,
|
836
1417
|
:include_map,
|
837
1418
|
:exclude_map)
|
1419
|
+
SENSITIVE = []
|
838
1420
|
include Aws::Structure
|
839
1421
|
end
|
840
1422
|
|
@@ -888,6 +1470,7 @@ module Aws::FMS
|
|
888
1470
|
:evaluation_limit_exceeded,
|
889
1471
|
:expired_at,
|
890
1472
|
:issue_info_map)
|
1473
|
+
SENSITIVE = []
|
891
1474
|
include Aws::Structure
|
892
1475
|
end
|
893
1476
|
|
@@ -906,7 +1489,7 @@ module Aws::FMS
|
|
906
1489
|
# @return [String]
|
907
1490
|
#
|
908
1491
|
# @!attribute [rw] policy_name
|
909
|
-
# The
|
1492
|
+
# The name of the AWS Firewall Manager policy.
|
910
1493
|
# @return [String]
|
911
1494
|
#
|
912
1495
|
# @!attribute [rw] member_account
|
@@ -938,6 +1521,7 @@ module Aws::FMS
|
|
938
1521
|
:evaluation_results,
|
939
1522
|
:last_updated,
|
940
1523
|
:issue_info_map)
|
1524
|
+
SENSITIVE = []
|
941
1525
|
include Aws::Structure
|
942
1526
|
end
|
943
1527
|
|
@@ -952,7 +1536,7 @@ module Aws::FMS
|
|
952
1536
|
# @return [String]
|
953
1537
|
#
|
954
1538
|
# @!attribute [rw] policy_name
|
955
|
-
# The
|
1539
|
+
# The name of the specified policy.
|
956
1540
|
# @return [String]
|
957
1541
|
#
|
958
1542
|
# @!attribute [rw] resource_type
|
@@ -993,6 +1577,170 @@ module Aws::FMS
|
|
993
1577
|
:resource_type,
|
994
1578
|
:security_service_type,
|
995
1579
|
:remediation_enabled)
|
1580
|
+
SENSITIVE = []
|
1581
|
+
include Aws::Structure
|
1582
|
+
end
|
1583
|
+
|
1584
|
+
# An AWS Firewall Manager protocols list.
|
1585
|
+
#
|
1586
|
+
# @note When making an API call, you may pass ProtocolsListData
|
1587
|
+
# data as a hash:
|
1588
|
+
#
|
1589
|
+
# {
|
1590
|
+
# list_id: "ListId",
|
1591
|
+
# list_name: "ResourceName", # required
|
1592
|
+
# list_update_token: "UpdateToken",
|
1593
|
+
# create_time: Time.now,
|
1594
|
+
# last_update_time: Time.now,
|
1595
|
+
# protocols_list: ["Protocol"], # required
|
1596
|
+
# previous_protocols_list: {
|
1597
|
+
# "PreviousListVersion" => ["Protocol"],
|
1598
|
+
# },
|
1599
|
+
# }
|
1600
|
+
#
|
1601
|
+
# @!attribute [rw] list_id
|
1602
|
+
# The ID of the AWS Firewall Manager protocols list.
|
1603
|
+
# @return [String]
|
1604
|
+
#
|
1605
|
+
# @!attribute [rw] list_name
|
1606
|
+
# The name of the AWS Firewall Manager protocols list.
|
1607
|
+
# @return [String]
|
1608
|
+
#
|
1609
|
+
# @!attribute [rw] list_update_token
|
1610
|
+
# A unique identifier for each update to the list. When you update the
|
1611
|
+
# list, the update token must match the token of the current version
|
1612
|
+
# of the application list. You can retrieve the update token by
|
1613
|
+
# getting the list.
|
1614
|
+
# @return [String]
|
1615
|
+
#
|
1616
|
+
# @!attribute [rw] create_time
|
1617
|
+
# The time that the AWS Firewall Manager protocols list was created.
|
1618
|
+
# @return [Time]
|
1619
|
+
#
|
1620
|
+
# @!attribute [rw] last_update_time
|
1621
|
+
# The time that the AWS Firewall Manager protocols list was last
|
1622
|
+
# updated.
|
1623
|
+
# @return [Time]
|
1624
|
+
#
|
1625
|
+
# @!attribute [rw] protocols_list
|
1626
|
+
# An array of protocols in the AWS Firewall Manager protocols list.
|
1627
|
+
# @return [Array<String>]
|
1628
|
+
#
|
1629
|
+
# @!attribute [rw] previous_protocols_list
|
1630
|
+
# A map of previous version numbers to their corresponding protocol
|
1631
|
+
# arrays.
|
1632
|
+
# @return [Hash<String,Array<String>>]
|
1633
|
+
#
|
1634
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ProtocolsListData AWS API Documentation
|
1635
|
+
#
|
1636
|
+
class ProtocolsListData < Struct.new(
|
1637
|
+
:list_id,
|
1638
|
+
:list_name,
|
1639
|
+
:list_update_token,
|
1640
|
+
:create_time,
|
1641
|
+
:last_update_time,
|
1642
|
+
:protocols_list,
|
1643
|
+
:previous_protocols_list)
|
1644
|
+
SENSITIVE = []
|
1645
|
+
include Aws::Structure
|
1646
|
+
end
|
1647
|
+
|
1648
|
+
# Details of the AWS Firewall Manager protocols list.
|
1649
|
+
#
|
1650
|
+
# @!attribute [rw] list_arn
|
1651
|
+
# The Amazon Resource Name (ARN) of the specified protocols list.
|
1652
|
+
# @return [String]
|
1653
|
+
#
|
1654
|
+
# @!attribute [rw] list_id
|
1655
|
+
# The ID of the specified protocols list.
|
1656
|
+
# @return [String]
|
1657
|
+
#
|
1658
|
+
# @!attribute [rw] list_name
|
1659
|
+
# The name of the specified protocols list.
|
1660
|
+
# @return [String]
|
1661
|
+
#
|
1662
|
+
# @!attribute [rw] protocols_list
|
1663
|
+
# An array of protocols in the AWS Firewall Manager protocols list.
|
1664
|
+
# @return [Array<String>]
|
1665
|
+
#
|
1666
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ProtocolsListDataSummary AWS API Documentation
|
1667
|
+
#
|
1668
|
+
class ProtocolsListDataSummary < Struct.new(
|
1669
|
+
:list_arn,
|
1670
|
+
:list_id,
|
1671
|
+
:list_name,
|
1672
|
+
:protocols_list)
|
1673
|
+
SENSITIVE = []
|
1674
|
+
include Aws::Structure
|
1675
|
+
end
|
1676
|
+
|
1677
|
+
# @note When making an API call, you may pass PutAppsListRequest
|
1678
|
+
# data as a hash:
|
1679
|
+
#
|
1680
|
+
# {
|
1681
|
+
# apps_list: { # required
|
1682
|
+
# list_id: "ListId",
|
1683
|
+
# list_name: "ResourceName", # required
|
1684
|
+
# list_update_token: "UpdateToken",
|
1685
|
+
# create_time: Time.now,
|
1686
|
+
# last_update_time: Time.now,
|
1687
|
+
# apps_list: [ # required
|
1688
|
+
# {
|
1689
|
+
# app_name: "ResourceName", # required
|
1690
|
+
# protocol: "Protocol", # required
|
1691
|
+
# port: 1, # required
|
1692
|
+
# },
|
1693
|
+
# ],
|
1694
|
+
# previous_apps_list: {
|
1695
|
+
# "PreviousListVersion" => [
|
1696
|
+
# {
|
1697
|
+
# app_name: "ResourceName", # required
|
1698
|
+
# protocol: "Protocol", # required
|
1699
|
+
# port: 1, # required
|
1700
|
+
# },
|
1701
|
+
# ],
|
1702
|
+
# },
|
1703
|
+
# },
|
1704
|
+
# tag_list: [
|
1705
|
+
# {
|
1706
|
+
# key: "TagKey", # required
|
1707
|
+
# value: "TagValue", # required
|
1708
|
+
# },
|
1709
|
+
# ],
|
1710
|
+
# }
|
1711
|
+
#
|
1712
|
+
# @!attribute [rw] apps_list
|
1713
|
+
# The details of the AWS Firewall Manager applications list to be
|
1714
|
+
# created.
|
1715
|
+
# @return [Types::AppsListData]
|
1716
|
+
#
|
1717
|
+
# @!attribute [rw] tag_list
|
1718
|
+
# The tags associated with the resource.
|
1719
|
+
# @return [Array<Types::Tag>]
|
1720
|
+
#
|
1721
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsListRequest AWS API Documentation
|
1722
|
+
#
|
1723
|
+
class PutAppsListRequest < Struct.new(
|
1724
|
+
:apps_list,
|
1725
|
+
:tag_list)
|
1726
|
+
SENSITIVE = []
|
1727
|
+
include Aws::Structure
|
1728
|
+
end
|
1729
|
+
|
1730
|
+
# @!attribute [rw] apps_list
|
1731
|
+
# The details of the AWS Firewall Manager applications list.
|
1732
|
+
# @return [Types::AppsListData]
|
1733
|
+
#
|
1734
|
+
# @!attribute [rw] apps_list_arn
|
1735
|
+
# The Amazon Resource Name (ARN) of the applications list.
|
1736
|
+
# @return [String]
|
1737
|
+
#
|
1738
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsListResponse AWS API Documentation
|
1739
|
+
#
|
1740
|
+
class PutAppsListResponse < Struct.new(
|
1741
|
+
:apps_list,
|
1742
|
+
:apps_list_arn)
|
1743
|
+
SENSITIVE = []
|
996
1744
|
include Aws::Structure
|
997
1745
|
end
|
998
1746
|
|
@@ -1019,6 +1767,7 @@ module Aws::FMS
|
|
1019
1767
|
class PutNotificationChannelRequest < Struct.new(
|
1020
1768
|
:sns_topic_arn,
|
1021
1769
|
:sns_role_name)
|
1770
|
+
SENSITIVE = []
|
1022
1771
|
include Aws::Structure
|
1023
1772
|
end
|
1024
1773
|
|
@@ -1072,15 +1821,16 @@ module Aws::FMS
|
|
1072
1821
|
class PutPolicyRequest < Struct.new(
|
1073
1822
|
:policy,
|
1074
1823
|
:tag_list)
|
1824
|
+
SENSITIVE = []
|
1075
1825
|
include Aws::Structure
|
1076
1826
|
end
|
1077
1827
|
|
1078
1828
|
# @!attribute [rw] policy
|
1079
|
-
# The details of the AWS Firewall Manager policy
|
1829
|
+
# The details of the AWS Firewall Manager policy.
|
1080
1830
|
# @return [Types::Policy]
|
1081
1831
|
#
|
1082
1832
|
# @!attribute [rw] policy_arn
|
1083
|
-
# The Amazon Resource Name (ARN) of the policy
|
1833
|
+
# The Amazon Resource Name (ARN) of the policy.
|
1084
1834
|
# @return [String]
|
1085
1835
|
#
|
1086
1836
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicyResponse AWS API Documentation
|
@@ -1088,6 +1838,65 @@ module Aws::FMS
|
|
1088
1838
|
class PutPolicyResponse < Struct.new(
|
1089
1839
|
:policy,
|
1090
1840
|
:policy_arn)
|
1841
|
+
SENSITIVE = []
|
1842
|
+
include Aws::Structure
|
1843
|
+
end
|
1844
|
+
|
1845
|
+
# @note When making an API call, you may pass PutProtocolsListRequest
|
1846
|
+
# data as a hash:
|
1847
|
+
#
|
1848
|
+
# {
|
1849
|
+
# protocols_list: { # required
|
1850
|
+
# list_id: "ListId",
|
1851
|
+
# list_name: "ResourceName", # required
|
1852
|
+
# list_update_token: "UpdateToken",
|
1853
|
+
# create_time: Time.now,
|
1854
|
+
# last_update_time: Time.now,
|
1855
|
+
# protocols_list: ["Protocol"], # required
|
1856
|
+
# previous_protocols_list: {
|
1857
|
+
# "PreviousListVersion" => ["Protocol"],
|
1858
|
+
# },
|
1859
|
+
# },
|
1860
|
+
# tag_list: [
|
1861
|
+
# {
|
1862
|
+
# key: "TagKey", # required
|
1863
|
+
# value: "TagValue", # required
|
1864
|
+
# },
|
1865
|
+
# ],
|
1866
|
+
# }
|
1867
|
+
#
|
1868
|
+
# @!attribute [rw] protocols_list
|
1869
|
+
# The details of the AWS Firewall Manager protocols list to be
|
1870
|
+
# created.
|
1871
|
+
# @return [Types::ProtocolsListData]
|
1872
|
+
#
|
1873
|
+
# @!attribute [rw] tag_list
|
1874
|
+
# The tags associated with the resource.
|
1875
|
+
# @return [Array<Types::Tag>]
|
1876
|
+
#
|
1877
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsListRequest AWS API Documentation
|
1878
|
+
#
|
1879
|
+
class PutProtocolsListRequest < Struct.new(
|
1880
|
+
:protocols_list,
|
1881
|
+
:tag_list)
|
1882
|
+
SENSITIVE = []
|
1883
|
+
include Aws::Structure
|
1884
|
+
end
|
1885
|
+
|
1886
|
+
# @!attribute [rw] protocols_list
|
1887
|
+
# The details of the AWS Firewall Manager protocols list.
|
1888
|
+
# @return [Types::ProtocolsListData]
|
1889
|
+
#
|
1890
|
+
# @!attribute [rw] protocols_list_arn
|
1891
|
+
# The Amazon Resource Name (ARN) of the protocols list.
|
1892
|
+
# @return [String]
|
1893
|
+
#
|
1894
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsListResponse AWS API Documentation
|
1895
|
+
#
|
1896
|
+
class PutProtocolsListResponse < Struct.new(
|
1897
|
+
:protocols_list,
|
1898
|
+
:protocols_list_arn)
|
1899
|
+
SENSITIVE = []
|
1091
1900
|
include Aws::Structure
|
1092
1901
|
end
|
1093
1902
|
|
@@ -1100,6 +1909,7 @@ module Aws::FMS
|
|
1100
1909
|
#
|
1101
1910
|
class ResourceNotFoundException < Struct.new(
|
1102
1911
|
:message)
|
1912
|
+
SENSITIVE = []
|
1103
1913
|
include Aws::Structure
|
1104
1914
|
end
|
1105
1915
|
|
@@ -1138,6 +1948,103 @@ module Aws::FMS
|
|
1138
1948
|
class ResourceTag < Struct.new(
|
1139
1949
|
:key,
|
1140
1950
|
:value)
|
1951
|
+
SENSITIVE = []
|
1952
|
+
include Aws::Structure
|
1953
|
+
end
|
1954
|
+
|
1955
|
+
# Violation detail based on resource type.
|
1956
|
+
#
|
1957
|
+
# @!attribute [rw] aws_vpc_security_group_violation
|
1958
|
+
# Violation details for security groups.
|
1959
|
+
# @return [Types::AwsVPCSecurityGroupViolation]
|
1960
|
+
#
|
1961
|
+
# @!attribute [rw] aws_ec2_network_interface_violation
|
1962
|
+
# Violation details for network interface.
|
1963
|
+
# @return [Types::AwsEc2NetworkInterfaceViolation]
|
1964
|
+
#
|
1965
|
+
# @!attribute [rw] aws_ec2_instance_violation
|
1966
|
+
# Violation details for an EC2 instance.
|
1967
|
+
# @return [Types::AwsEc2InstanceViolation]
|
1968
|
+
#
|
1969
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceViolation AWS API Documentation
|
1970
|
+
#
|
1971
|
+
class ResourceViolation < Struct.new(
|
1972
|
+
:aws_vpc_security_group_violation,
|
1973
|
+
:aws_ec2_network_interface_violation,
|
1974
|
+
:aws_ec2_instance_violation)
|
1975
|
+
SENSITIVE = []
|
1976
|
+
include Aws::Structure
|
1977
|
+
end
|
1978
|
+
|
1979
|
+
# Remediation option for the rule specified in the `ViolationTarget`.
|
1980
|
+
#
|
1981
|
+
# @!attribute [rw] remediation_action_type
|
1982
|
+
# The remediation action that will be performed.
|
1983
|
+
# @return [String]
|
1984
|
+
#
|
1985
|
+
# @!attribute [rw] description
|
1986
|
+
# Brief description of the action that will be performed.
|
1987
|
+
# @return [String]
|
1988
|
+
#
|
1989
|
+
# @!attribute [rw] remediation_result
|
1990
|
+
# The final state of the rule specified in the `ViolationTarget` after
|
1991
|
+
# it is remediated.
|
1992
|
+
# @return [Types::SecurityGroupRuleDescription]
|
1993
|
+
#
|
1994
|
+
# @!attribute [rw] is_default_action
|
1995
|
+
# Indicates if the current action is the default action.
|
1996
|
+
# @return [Boolean]
|
1997
|
+
#
|
1998
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/SecurityGroupRemediationAction AWS API Documentation
|
1999
|
+
#
|
2000
|
+
class SecurityGroupRemediationAction < Struct.new(
|
2001
|
+
:remediation_action_type,
|
2002
|
+
:description,
|
2003
|
+
:remediation_result,
|
2004
|
+
:is_default_action)
|
2005
|
+
SENSITIVE = []
|
2006
|
+
include Aws::Structure
|
2007
|
+
end
|
2008
|
+
|
2009
|
+
# Describes a set of permissions for a security group rule.
|
2010
|
+
#
|
2011
|
+
# @!attribute [rw] ipv4_range
|
2012
|
+
# The IPv4 ranges for the security group rule.
|
2013
|
+
# @return [String]
|
2014
|
+
#
|
2015
|
+
# @!attribute [rw] ipv6_range
|
2016
|
+
# The IPv6 ranges for the security group rule.
|
2017
|
+
# @return [String]
|
2018
|
+
#
|
2019
|
+
# @!attribute [rw] prefix_list_id
|
2020
|
+
# The ID of the prefix list for the security group rule.
|
2021
|
+
# @return [String]
|
2022
|
+
#
|
2023
|
+
# @!attribute [rw] protocol
|
2024
|
+
# The IP protocol name (`tcp`, `udp`, `icmp`, `icmpv6`) or number.
|
2025
|
+
# @return [String]
|
2026
|
+
#
|
2027
|
+
# @!attribute [rw] from_port
|
2028
|
+
# The start of the port range for the TCP and UDP protocols, or an
|
2029
|
+
# ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6
|
2030
|
+
# types.
|
2031
|
+
# @return [Integer]
|
2032
|
+
#
|
2033
|
+
# @!attribute [rw] to_port
|
2034
|
+
# The end of the port range for the TCP and UDP protocols, or an
|
2035
|
+
# ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes.
|
2036
|
+
# @return [Integer]
|
2037
|
+
#
|
2038
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/SecurityGroupRuleDescription AWS API Documentation
|
2039
|
+
#
|
2040
|
+
class SecurityGroupRuleDescription < Struct.new(
|
2041
|
+
:ipv4_range,
|
2042
|
+
:ipv6_range,
|
2043
|
+
:prefix_list_id,
|
2044
|
+
:protocol,
|
2045
|
+
:from_port,
|
2046
|
+
:to_port)
|
2047
|
+
SENSITIVE = []
|
1141
2048
|
include Aws::Structure
|
1142
2049
|
end
|
1143
2050
|
|
@@ -1170,7 +2077,7 @@ module Aws::FMS
|
|
1170
2077
|
# * Example: `WAFV2`
|
1171
2078
|
#
|
1172
2079
|
# `"ManagedServiceData":
|
1173
|
-
# "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"
|
2080
|
+
# "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"excludeRules":[\{"name":"EntityName"\}],"ruleGroupType":"RuleGroup"\}],"postProcessRuleGroups":[\{"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendorName":"AWS"\},"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"NONE"\},"excludeRules":[],"ruleGroupType":"ManagedRuleGroup"\}],"overrideCustomerWebACLAssociation":false\}"`
|
1174
2081
|
#
|
1175
2082
|
# * Example: `WAF Classic`
|
1176
2083
|
#
|
@@ -1209,6 +2116,7 @@ module Aws::FMS
|
|
1209
2116
|
class SecurityServicePolicyData < Struct.new(
|
1210
2117
|
:type,
|
1211
2118
|
:managed_service_data)
|
2119
|
+
SENSITIVE = []
|
1212
2120
|
include Aws::Structure
|
1213
2121
|
end
|
1214
2122
|
|
@@ -1244,6 +2152,7 @@ module Aws::FMS
|
|
1244
2152
|
class Tag < Struct.new(
|
1245
2153
|
:key,
|
1246
2154
|
:value)
|
2155
|
+
SENSITIVE = []
|
1247
2156
|
include Aws::Structure
|
1248
2157
|
end
|
1249
2158
|
|
@@ -1261,9 +2170,9 @@ module Aws::FMS
|
|
1261
2170
|
# }
|
1262
2171
|
#
|
1263
2172
|
# @!attribute [rw] resource_arn
|
1264
|
-
# The Amazon Resource Name (ARN) of the resource
|
1265
|
-
#
|
1266
|
-
#
|
2173
|
+
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
2174
|
+
# The AWS Firewall Manager resources that support tagging are
|
2175
|
+
# policies, applications lists, and protocols lists.
|
1267
2176
|
# @return [String]
|
1268
2177
|
#
|
1269
2178
|
# @!attribute [rw] tag_list
|
@@ -1275,6 +2184,7 @@ module Aws::FMS
|
|
1275
2184
|
class TagResourceRequest < Struct.new(
|
1276
2185
|
:resource_arn,
|
1277
2186
|
:tag_list)
|
2187
|
+
SENSITIVE = []
|
1278
2188
|
include Aws::Structure
|
1279
2189
|
end
|
1280
2190
|
|
@@ -1291,9 +2201,9 @@ module Aws::FMS
|
|
1291
2201
|
# }
|
1292
2202
|
#
|
1293
2203
|
# @!attribute [rw] resource_arn
|
1294
|
-
# The Amazon Resource Name (ARN) of the resource
|
1295
|
-
#
|
1296
|
-
#
|
2204
|
+
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
2205
|
+
# The AWS Firewall Manager resources that support tagging are
|
2206
|
+
# policies, applications lists, and protocols lists.
|
1297
2207
|
# @return [String]
|
1298
2208
|
#
|
1299
2209
|
# @!attribute [rw] tag_keys
|
@@ -1305,6 +2215,7 @@ module Aws::FMS
|
|
1305
2215
|
class UntagResourceRequest < Struct.new(
|
1306
2216
|
:resource_arn,
|
1307
2217
|
:tag_keys)
|
2218
|
+
SENSITIVE = []
|
1308
2219
|
include Aws::Structure
|
1309
2220
|
end
|
1310
2221
|
|
@@ -1312,5 +2223,51 @@ module Aws::FMS
|
|
1312
2223
|
#
|
1313
2224
|
class UntagResourceResponse < Aws::EmptyStructure; end
|
1314
2225
|
|
2226
|
+
# Violations for a resource based on the specified AWS Firewall Manager
|
2227
|
+
# policy and AWS account.
|
2228
|
+
#
|
2229
|
+
# @!attribute [rw] policy_id
|
2230
|
+
# The ID of the AWS Firewall Manager policy that the violation details
|
2231
|
+
# were requested for.
|
2232
|
+
# @return [String]
|
2233
|
+
#
|
2234
|
+
# @!attribute [rw] member_account
|
2235
|
+
# The AWS account that the violation details were requested for.
|
2236
|
+
# @return [String]
|
2237
|
+
#
|
2238
|
+
# @!attribute [rw] resource_id
|
2239
|
+
# The resource ID that the violation details were requested for.
|
2240
|
+
# @return [String]
|
2241
|
+
#
|
2242
|
+
# @!attribute [rw] resource_type
|
2243
|
+
# The resource type that the violation details were requested for.
|
2244
|
+
# @return [String]
|
2245
|
+
#
|
2246
|
+
# @!attribute [rw] resource_violations
|
2247
|
+
# List of violations for the requested resource.
|
2248
|
+
# @return [Array<Types::ResourceViolation>]
|
2249
|
+
#
|
2250
|
+
# @!attribute [rw] resource_tags
|
2251
|
+
# The `ResourceTag` objects associated with the resource.
|
2252
|
+
# @return [Array<Types::Tag>]
|
2253
|
+
#
|
2254
|
+
# @!attribute [rw] resource_description
|
2255
|
+
# Brief description for the requested resource.
|
2256
|
+
# @return [String]
|
2257
|
+
#
|
2258
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ViolationDetail AWS API Documentation
|
2259
|
+
#
|
2260
|
+
class ViolationDetail < Struct.new(
|
2261
|
+
:policy_id,
|
2262
|
+
:member_account,
|
2263
|
+
:resource_id,
|
2264
|
+
:resource_type,
|
2265
|
+
:resource_violations,
|
2266
|
+
:resource_tags,
|
2267
|
+
:resource_description)
|
2268
|
+
SENSITIVE = []
|
2269
|
+
include Aws::Structure
|
2270
|
+
end
|
2271
|
+
|
1315
2272
|
end
|
1316
2273
|
end
|