aws-sdk-fms 1.24.0 → 1.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # WARNING ABOUT GENERATED CODE
2
4
  #
3
5
  # This file is generated. See the contributing guide for more information:
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # WARNING ABOUT GENERATED CODE
2
4
  #
3
5
  # This file is generated. See the contributing guide for more information:
@@ -1,3 +1,5 @@
1
+ # frozen_string_literal: true
2
+
1
3
  # WARNING ABOUT GENERATED CODE
2
4
  #
3
5
  # This file is generated. See the contributing guide for more information:
@@ -8,6 +10,153 @@
8
10
  module Aws::FMS
9
11
  module Types
10
12
 
13
+ # An individual AWS Firewall Manager application.
14
+ #
15
+ # @note When making an API call, you may pass App
16
+ # data as a hash:
17
+ #
18
+ # {
19
+ # app_name: "ResourceName", # required
20
+ # protocol: "Protocol", # required
21
+ # port: 1, # required
22
+ # }
23
+ #
24
+ # @!attribute [rw] app_name
25
+ # The application's name.
26
+ # @return [String]
27
+ #
28
+ # @!attribute [rw] protocol
29
+ # The IP protocol name or number. The name can be one of `tcp`, `udp`,
30
+ # or `icmp`. For information on possible numbers, see [Protocol
31
+ # Numbers][1].
32
+ #
33
+ #
34
+ #
35
+ # [1]: https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
36
+ # @return [String]
37
+ #
38
+ # @!attribute [rw] port
39
+ # The application's port number, for example `80`.
40
+ # @return [Integer]
41
+ #
42
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/App AWS API Documentation
43
+ #
44
+ class App < Struct.new(
45
+ :app_name,
46
+ :protocol,
47
+ :port)
48
+ SENSITIVE = []
49
+ include Aws::Structure
50
+ end
51
+
52
+ # An AWS Firewall Manager applications list.
53
+ #
54
+ # @note When making an API call, you may pass AppsListData
55
+ # data as a hash:
56
+ #
57
+ # {
58
+ # list_id: "ListId",
59
+ # list_name: "ResourceName", # required
60
+ # list_update_token: "UpdateToken",
61
+ # create_time: Time.now,
62
+ # last_update_time: Time.now,
63
+ # apps_list: [ # required
64
+ # {
65
+ # app_name: "ResourceName", # required
66
+ # protocol: "Protocol", # required
67
+ # port: 1, # required
68
+ # },
69
+ # ],
70
+ # previous_apps_list: {
71
+ # "PreviousListVersion" => [
72
+ # {
73
+ # app_name: "ResourceName", # required
74
+ # protocol: "Protocol", # required
75
+ # port: 1, # required
76
+ # },
77
+ # ],
78
+ # },
79
+ # }
80
+ #
81
+ # @!attribute [rw] list_id
82
+ # The ID of the AWS Firewall Manager applications list.
83
+ # @return [String]
84
+ #
85
+ # @!attribute [rw] list_name
86
+ # The name of the AWS Firewall Manager applications list.
87
+ # @return [String]
88
+ #
89
+ # @!attribute [rw] list_update_token
90
+ # A unique identifier for each update to the list. When you update the
91
+ # list, the update token must match the token of the current version
92
+ # of the application list. You can retrieve the update token by
93
+ # getting the list.
94
+ # @return [String]
95
+ #
96
+ # @!attribute [rw] create_time
97
+ # The time that the AWS Firewall Manager applications list was
98
+ # created.
99
+ # @return [Time]
100
+ #
101
+ # @!attribute [rw] last_update_time
102
+ # The time that the AWS Firewall Manager applications list was last
103
+ # updated.
104
+ # @return [Time]
105
+ #
106
+ # @!attribute [rw] apps_list
107
+ # An array of applications in the AWS Firewall Manager applications
108
+ # list.
109
+ # @return [Array<Types::App>]
110
+ #
111
+ # @!attribute [rw] previous_apps_list
112
+ # A map of previous version numbers to their corresponding `App`
113
+ # object arrays.
114
+ # @return [Hash<String,Array<Types::App>>]
115
+ #
116
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AppsListData AWS API Documentation
117
+ #
118
+ class AppsListData < Struct.new(
119
+ :list_id,
120
+ :list_name,
121
+ :list_update_token,
122
+ :create_time,
123
+ :last_update_time,
124
+ :apps_list,
125
+ :previous_apps_list)
126
+ SENSITIVE = []
127
+ include Aws::Structure
128
+ end
129
+
130
+ # Details of the AWS Firewall Manager applications list.
131
+ #
132
+ # @!attribute [rw] list_arn
133
+ # The Amazon Resource Name (ARN) of the applications list.
134
+ # @return [String]
135
+ #
136
+ # @!attribute [rw] list_id
137
+ # The ID of the applications list.
138
+ # @return [String]
139
+ #
140
+ # @!attribute [rw] list_name
141
+ # The name of the applications list.
142
+ # @return [String]
143
+ #
144
+ # @!attribute [rw] apps_list
145
+ # An array of `App` objects in the AWS Firewall Manager applications
146
+ # list.
147
+ # @return [Array<Types::App>]
148
+ #
149
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AppsListDataSummary AWS API Documentation
150
+ #
151
+ class AppsListDataSummary < Struct.new(
152
+ :list_arn,
153
+ :list_id,
154
+ :list_name,
155
+ :apps_list)
156
+ SENSITIVE = []
157
+ include Aws::Structure
158
+ end
159
+
11
160
  # @note When making an API call, you may pass AssociateAdminAccountRequest
12
161
  # data as a hash:
13
162
  #
@@ -31,6 +180,77 @@ module Aws::FMS
31
180
  #
32
181
  class AssociateAdminAccountRequest < Struct.new(
33
182
  :admin_account)
183
+ SENSITIVE = []
184
+ include Aws::Structure
185
+ end
186
+
187
+ # Violations for an EC2 instance resource.
188
+ #
189
+ # @!attribute [rw] violation_target
190
+ # The resource ID of the EC2 instance.
191
+ # @return [String]
192
+ #
193
+ # @!attribute [rw] aws_ec2_network_interface_violations
194
+ # Violations for network interfaces associated with the EC2 instance.
195
+ # @return [Array<Types::AwsEc2NetworkInterfaceViolation>]
196
+ #
197
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsEc2InstanceViolation AWS API Documentation
198
+ #
199
+ class AwsEc2InstanceViolation < Struct.new(
200
+ :violation_target,
201
+ :aws_ec2_network_interface_violations)
202
+ SENSITIVE = []
203
+ include Aws::Structure
204
+ end
205
+
206
+ # Violations for network interfaces associated with an EC2 instance.
207
+ #
208
+ # @!attribute [rw] violation_target
209
+ # The resource ID of the network interface.
210
+ # @return [String]
211
+ #
212
+ # @!attribute [rw] violating_security_groups
213
+ # List of security groups that violate the rules specified in the
214
+ # master security group of the AWS Firewall Manager policy.
215
+ # @return [Array<String>]
216
+ #
217
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsEc2NetworkInterfaceViolation AWS API Documentation
218
+ #
219
+ class AwsEc2NetworkInterfaceViolation < Struct.new(
220
+ :violation_target,
221
+ :violating_security_groups)
222
+ SENSITIVE = []
223
+ include Aws::Structure
224
+ end
225
+
226
+ # Details of the rule violation in a security group when compared to the
227
+ # master security group of the AWS Firewall Manager policy.
228
+ #
229
+ # @!attribute [rw] violation_target
230
+ # The security group rule that is being evaluated.
231
+ # @return [String]
232
+ #
233
+ # @!attribute [rw] violation_target_description
234
+ # A description of the security group that violates the policy.
235
+ # @return [String]
236
+ #
237
+ # @!attribute [rw] partial_matches
238
+ # List of rules specified in the security group of the AWS Firewall
239
+ # Manager policy that partially match the `ViolationTarget` rule.
240
+ # @return [Array<Types::PartialMatch>]
241
+ #
242
+ # @!attribute [rw] possible_security_group_remediation_actions
243
+ # Remediation options for the rule specified in the `ViolationTarget`.
244
+ # @return [Array<Types::SecurityGroupRemediationAction>]
245
+ #
246
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AwsVPCSecurityGroupViolation AWS API Documentation
247
+ #
248
+ class AwsVPCSecurityGroupViolation < Struct.new(
249
+ :violation_target,
250
+ :violation_target_description,
251
+ :partial_matches,
252
+ :possible_security_group_remediation_actions)
253
+ SENSITIVE = []
34
254
  include Aws::Structure
35
255
  end
36
256
 
@@ -61,6 +281,28 @@ module Aws::FMS
61
281
  :resource_id,
62
282
  :violation_reason,
63
283
  :resource_type)
284
+ SENSITIVE = []
285
+ include Aws::Structure
286
+ end
287
+
288
+ # @note When making an API call, you may pass DeleteAppsListRequest
289
+ # data as a hash:
290
+ #
291
+ # {
292
+ # list_id: "ListId", # required
293
+ # }
294
+ #
295
+ # @!attribute [rw] list_id
296
+ # The ID of the applications list that you want to delete. You can
297
+ # retrieve this ID from `PutAppsList`, `ListAppsLists`, and
298
+ # `GetAppsList`.
299
+ # @return [String]
300
+ #
301
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteAppsListRequest AWS API Documentation
302
+ #
303
+ class DeleteAppsListRequest < Struct.new(
304
+ :list_id)
305
+ SENSITIVE = []
64
306
  include Aws::Structure
65
307
  end
66
308
 
@@ -79,8 +321,8 @@ module Aws::FMS
79
321
  # }
80
322
  #
81
323
  # @!attribute [rw] policy_id
82
- # The ID of the policy that you want to delete. `PolicyId` is returned
83
- # by `PutPolicy` and by `ListPolicies`.
324
+ # The ID of the policy that you want to delete. You can retrieve this
325
+ # ID from `PutPolicy` and `ListPolicies`.
84
326
  # @return [String]
85
327
  #
86
328
  # @!attribute [rw] delete_all_policy_resources
@@ -120,6 +362,28 @@ module Aws::FMS
120
362
  class DeletePolicyRequest < Struct.new(
121
363
  :policy_id,
122
364
  :delete_all_policy_resources)
365
+ SENSITIVE = []
366
+ include Aws::Structure
367
+ end
368
+
369
+ # @note When making an API call, you may pass DeleteProtocolsListRequest
370
+ # data as a hash:
371
+ #
372
+ # {
373
+ # list_id: "ListId", # required
374
+ # }
375
+ #
376
+ # @!attribute [rw] list_id
377
+ # The ID of the protocols list that you want to delete. You can
378
+ # retrieve this ID from `PutProtocolsList`, `ListProtocolsLists`, and
379
+ # `GetProtocolsLost`.
380
+ # @return [String]
381
+ #
382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteProtocolsListRequest AWS API Documentation
383
+ #
384
+ class DeleteProtocolsListRequest < Struct.new(
385
+ :list_id)
386
+ SENSITIVE = []
123
387
  include Aws::Structure
124
388
  end
125
389
 
@@ -159,6 +423,7 @@ module Aws::FMS
159
423
  :compliance_status,
160
424
  :violator_count,
161
425
  :evaluation_limit_exceeded)
426
+ SENSITIVE = []
162
427
  include Aws::Structure
163
428
  end
164
429
 
@@ -183,6 +448,52 @@ module Aws::FMS
183
448
  class GetAdminAccountResponse < Struct.new(
184
449
  :admin_account,
185
450
  :role_status)
451
+ SENSITIVE = []
452
+ include Aws::Structure
453
+ end
454
+
455
+ # @note When making an API call, you may pass GetAppsListRequest
456
+ # data as a hash:
457
+ #
458
+ # {
459
+ # list_id: "ListId", # required
460
+ # default_list: false,
461
+ # }
462
+ #
463
+ # @!attribute [rw] list_id
464
+ # The ID of the AWS Firewall Manager applications list that you want
465
+ # the details for.
466
+ # @return [String]
467
+ #
468
+ # @!attribute [rw] default_list
469
+ # Specifies whether the list to retrieve is a default list owned by
470
+ # AWS Firewall Manager.
471
+ # @return [Boolean]
472
+ #
473
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsListRequest AWS API Documentation
474
+ #
475
+ class GetAppsListRequest < Struct.new(
476
+ :list_id,
477
+ :default_list)
478
+ SENSITIVE = []
479
+ include Aws::Structure
480
+ end
481
+
482
+ # @!attribute [rw] apps_list
483
+ # Information about the specified AWS Firewall Manager applications
484
+ # list.
485
+ # @return [Types::AppsListData]
486
+ #
487
+ # @!attribute [rw] apps_list_arn
488
+ # The Amazon Resource Name (ARN) of the applications list.
489
+ # @return [String]
490
+ #
491
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsListResponse AWS API Documentation
492
+ #
493
+ class GetAppsListResponse < Struct.new(
494
+ :apps_list,
495
+ :apps_list_arn)
496
+ SENSITIVE = []
186
497
  include Aws::Structure
187
498
  end
188
499
 
@@ -209,6 +520,7 @@ module Aws::FMS
209
520
  class GetComplianceDetailRequest < Struct.new(
210
521
  :policy_id,
211
522
  :member_account)
523
+ SENSITIVE = []
212
524
  include Aws::Structure
213
525
  end
214
526
 
@@ -221,6 +533,7 @@ module Aws::FMS
221
533
  #
222
534
  class GetComplianceDetailResponse < Struct.new(
223
535
  :policy_compliance_detail)
536
+ SENSITIVE = []
224
537
  include Aws::Structure
225
538
  end
226
539
 
@@ -244,6 +557,7 @@ module Aws::FMS
244
557
  class GetNotificationChannelResponse < Struct.new(
245
558
  :sns_topic_arn,
246
559
  :sns_role_name)
560
+ SENSITIVE = []
247
561
  include Aws::Structure
248
562
  end
249
563
 
@@ -263,6 +577,7 @@ module Aws::FMS
263
577
  #
264
578
  class GetPolicyRequest < Struct.new(
265
579
  :policy_id)
580
+ SENSITIVE = []
266
581
  include Aws::Structure
267
582
  end
268
583
 
@@ -279,6 +594,7 @@ module Aws::FMS
279
594
  class GetPolicyResponse < Struct.new(
280
595
  :policy,
281
596
  :policy_arn)
597
+ SENSITIVE = []
282
598
  include Aws::Structure
283
599
  end
284
600
 
@@ -344,6 +660,7 @@ module Aws::FMS
344
660
  :end_time,
345
661
  :next_token,
346
662
  :max_results)
663
+ SENSITIVE = []
347
664
  include Aws::Structure
348
665
  end
349
666
 
@@ -393,6 +710,109 @@ module Aws::FMS
393
710
  :service_type,
394
711
  :data,
395
712
  :next_token)
713
+ SENSITIVE = []
714
+ include Aws::Structure
715
+ end
716
+
717
+ # @note When making an API call, you may pass GetProtocolsListRequest
718
+ # data as a hash:
719
+ #
720
+ # {
721
+ # list_id: "ListId", # required
722
+ # default_list: false,
723
+ # }
724
+ #
725
+ # @!attribute [rw] list_id
726
+ # The ID of the AWS Firewall Manager protocols list that you want the
727
+ # details for.
728
+ # @return [String]
729
+ #
730
+ # @!attribute [rw] default_list
731
+ # Specifies whether the list to retrieve is a default list owned by
732
+ # AWS Firewall Manager.
733
+ # @return [Boolean]
734
+ #
735
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsListRequest AWS API Documentation
736
+ #
737
+ class GetProtocolsListRequest < Struct.new(
738
+ :list_id,
739
+ :default_list)
740
+ SENSITIVE = []
741
+ include Aws::Structure
742
+ end
743
+
744
+ # @!attribute [rw] protocols_list
745
+ # Information about the specified AWS Firewall Manager protocols list.
746
+ # @return [Types::ProtocolsListData]
747
+ #
748
+ # @!attribute [rw] protocols_list_arn
749
+ # The Amazon Resource Name (ARN) of the specified protocols list.
750
+ # @return [String]
751
+ #
752
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsListResponse AWS API Documentation
753
+ #
754
+ class GetProtocolsListResponse < Struct.new(
755
+ :protocols_list,
756
+ :protocols_list_arn)
757
+ SENSITIVE = []
758
+ include Aws::Structure
759
+ end
760
+
761
+ # @note When making an API call, you may pass GetViolationDetailsRequest
762
+ # data as a hash:
763
+ #
764
+ # {
765
+ # policy_id: "PolicyId", # required
766
+ # member_account: "AWSAccountId", # required
767
+ # resource_id: "ResourceId", # required
768
+ # resource_type: "ResourceType", # required
769
+ # }
770
+ #
771
+ # @!attribute [rw] policy_id
772
+ # The ID of the AWS Firewall Manager policy that you want the details
773
+ # for. This currently only supports security group content audit
774
+ # policies.
775
+ # @return [String]
776
+ #
777
+ # @!attribute [rw] member_account
778
+ # The AWS account ID that you want the details for.
779
+ # @return [String]
780
+ #
781
+ # @!attribute [rw] resource_id
782
+ # The ID of the resource that has violations.
783
+ # @return [String]
784
+ #
785
+ # @!attribute [rw] resource_type
786
+ # The resource type. This is in the format shown in the [AWS Resource
787
+ # Types Reference][1]. Supported resource types are:
788
+ # `AWS::EC2::Instance`, `AWS::EC2::NetworkInterface`, or
789
+ # `AWS::EC2::SecurityGroup`.
790
+ #
791
+ #
792
+ #
793
+ # [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
794
+ # @return [String]
795
+ #
796
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetailsRequest AWS API Documentation
797
+ #
798
+ class GetViolationDetailsRequest < Struct.new(
799
+ :policy_id,
800
+ :member_account,
801
+ :resource_id,
802
+ :resource_type)
803
+ SENSITIVE = []
804
+ include Aws::Structure
805
+ end
806
+
807
+ # @!attribute [rw] violation_detail
808
+ # Violation detail for a resource.
809
+ # @return [Types::ViolationDetail]
810
+ #
811
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetailsResponse AWS API Documentation
812
+ #
813
+ class GetViolationDetailsResponse < Struct.new(
814
+ :violation_detail)
815
+ SENSITIVE = []
396
816
  include Aws::Structure
397
817
  end
398
818
 
@@ -406,6 +826,7 @@ module Aws::FMS
406
826
  #
407
827
  class InternalErrorException < Struct.new(
408
828
  :message)
829
+ SENSITIVE = []
409
830
  include Aws::Structure
410
831
  end
411
832
 
@@ -418,13 +839,17 @@ module Aws::FMS
418
839
  #
419
840
  class InvalidInputException < Struct.new(
420
841
  :message)
842
+ SENSITIVE = []
421
843
  include Aws::Structure
422
844
  end
423
845
 
424
- # The operation failed because there was nothing to do. For example, you
425
- # might have submitted an `AssociateAdminAccount` request, but the
426
- # account ID that you submitted was already set as the AWS Firewall
427
- # Manager administrator.
846
+ # The operation failed because there was nothing to do or the operation
847
+ # wasn't possible. For example, you might have submitted an
848
+ # `AssociateAdminAccount` request for an account ID that was already set
849
+ # as the AWS Firewall Manager administrator. Or you might have tried to
850
+ # access a Region that's disabled by default, and that you need to
851
+ # enable for the Firewall Manager administrator account and for AWS
852
+ # Organizations before you can access it.
428
853
  #
429
854
  # @!attribute [rw] message
430
855
  # @return [String]
@@ -433,6 +858,7 @@ module Aws::FMS
433
858
  #
434
859
  class InvalidOperationException < Struct.new(
435
860
  :message)
861
+ SENSITIVE = []
436
862
  include Aws::Structure
437
863
  end
438
864
 
@@ -445,6 +871,7 @@ module Aws::FMS
445
871
  #
446
872
  class InvalidTypeException < Struct.new(
447
873
  :message)
874
+ SENSITIVE = []
448
875
  include Aws::Structure
449
876
  end
450
877
 
@@ -464,6 +891,69 @@ module Aws::FMS
464
891
  #
465
892
  class LimitExceededException < Struct.new(
466
893
  :message)
894
+ SENSITIVE = []
895
+ include Aws::Structure
896
+ end
897
+
898
+ # @note When making an API call, you may pass ListAppsListsRequest
899
+ # data as a hash:
900
+ #
901
+ # {
902
+ # default_lists: false,
903
+ # next_token: "PaginationToken",
904
+ # max_results: 1, # required
905
+ # }
906
+ #
907
+ # @!attribute [rw] default_lists
908
+ # Specifies whether the lists to retrieve are default lists owned by
909
+ # AWS Firewall Manager.
910
+ # @return [Boolean]
911
+ #
912
+ # @!attribute [rw] next_token
913
+ # If you specify a value for `MaxResults` in your list request, and
914
+ # you have more objects than the maximum, AWS Firewall Manager returns
915
+ # this token in the response. For all but the first request, you
916
+ # provide the token returned by the prior request in the request
917
+ # parameters, to retrieve the next batch of objects.
918
+ # @return [String]
919
+ #
920
+ # @!attribute [rw] max_results
921
+ # The maximum number of objects that you want AWS Firewall Manager to
922
+ # return for this request. If more objects are available, in the
923
+ # response, AWS Firewall Manager provides a `NextToken` value that you
924
+ # can use in a subsequent call to get the next batch of objects.
925
+ #
926
+ # If you don't specify this, AWS Firewall Manager returns all
927
+ # available objects.
928
+ # @return [Integer]
929
+ #
930
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsListsRequest AWS API Documentation
931
+ #
932
+ class ListAppsListsRequest < Struct.new(
933
+ :default_lists,
934
+ :next_token,
935
+ :max_results)
936
+ SENSITIVE = []
937
+ include Aws::Structure
938
+ end
939
+
940
+ # @!attribute [rw] apps_lists
941
+ # An array of `AppsListDataSummary` objects.
942
+ # @return [Array<Types::AppsListDataSummary>]
943
+ #
944
+ # @!attribute [rw] next_token
945
+ # If you specify a value for `MaxResults` in your list request, and
946
+ # you have more objects than the maximum, AWS Firewall Manager returns
947
+ # this token in the response. You can use this token in subsequent
948
+ # requests to retrieve the next batch of objects.
949
+ # @return [String]
950
+ #
951
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsListsResponse AWS API Documentation
952
+ #
953
+ class ListAppsListsResponse < Struct.new(
954
+ :apps_lists,
955
+ :next_token)
956
+ SENSITIVE = []
467
957
  include Aws::Structure
468
958
  end
469
959
 
@@ -507,6 +997,7 @@ module Aws::FMS
507
997
  :policy_id,
508
998
  :next_token,
509
999
  :max_results)
1000
+ SENSITIVE = []
510
1001
  include Aws::Structure
511
1002
  end
512
1003
 
@@ -528,6 +1019,7 @@ module Aws::FMS
528
1019
  class ListComplianceStatusResponse < Struct.new(
529
1020
  :policy_compliance_status_list,
530
1021
  :next_token)
1022
+ SENSITIVE = []
531
1023
  include Aws::Structure
532
1024
  end
533
1025
 
@@ -562,6 +1054,7 @@ module Aws::FMS
562
1054
  class ListMemberAccountsRequest < Struct.new(
563
1055
  :next_token,
564
1056
  :max_results)
1057
+ SENSITIVE = []
565
1058
  include Aws::Structure
566
1059
  end
567
1060
 
@@ -582,6 +1075,7 @@ module Aws::FMS
582
1075
  class ListMemberAccountsResponse < Struct.new(
583
1076
  :member_accounts,
584
1077
  :next_token)
1078
+ SENSITIVE = []
585
1079
  include Aws::Structure
586
1080
  end
587
1081
 
@@ -617,6 +1111,7 @@ module Aws::FMS
617
1111
  class ListPoliciesRequest < Struct.new(
618
1112
  :next_token,
619
1113
  :max_results)
1114
+ SENSITIVE = []
620
1115
  include Aws::Structure
621
1116
  end
622
1117
 
@@ -637,6 +1132,69 @@ module Aws::FMS
637
1132
  class ListPoliciesResponse < Struct.new(
638
1133
  :policy_list,
639
1134
  :next_token)
1135
+ SENSITIVE = []
1136
+ include Aws::Structure
1137
+ end
1138
+
1139
+ # @note When making an API call, you may pass ListProtocolsListsRequest
1140
+ # data as a hash:
1141
+ #
1142
+ # {
1143
+ # default_lists: false,
1144
+ # next_token: "PaginationToken",
1145
+ # max_results: 1, # required
1146
+ # }
1147
+ #
1148
+ # @!attribute [rw] default_lists
1149
+ # Specifies whether the lists to retrieve are default lists owned by
1150
+ # AWS Firewall Manager.
1151
+ # @return [Boolean]
1152
+ #
1153
+ # @!attribute [rw] next_token
1154
+ # If you specify a value for `MaxResults` in your list request, and
1155
+ # you have more objects than the maximum, AWS Firewall Manager returns
1156
+ # this token in the response. For all but the first request, you
1157
+ # provide the token returned by the prior request in the request
1158
+ # parameters, to retrieve the next batch of objects.
1159
+ # @return [String]
1160
+ #
1161
+ # @!attribute [rw] max_results
1162
+ # The maximum number of objects that you want AWS Firewall Manager to
1163
+ # return for this request. If more objects are available, in the
1164
+ # response, AWS Firewall Manager provides a `NextToken` value that you
1165
+ # can use in a subsequent call to get the next batch of objects.
1166
+ #
1167
+ # If you don't specify this, AWS Firewall Manager returns all
1168
+ # available objects.
1169
+ # @return [Integer]
1170
+ #
1171
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsListsRequest AWS API Documentation
1172
+ #
1173
+ class ListProtocolsListsRequest < Struct.new(
1174
+ :default_lists,
1175
+ :next_token,
1176
+ :max_results)
1177
+ SENSITIVE = []
1178
+ include Aws::Structure
1179
+ end
1180
+
1181
+ # @!attribute [rw] protocols_lists
1182
+ # An array of `ProtocolsListDataSummary` objects.
1183
+ # @return [Array<Types::ProtocolsListDataSummary>]
1184
+ #
1185
+ # @!attribute [rw] next_token
1186
+ # If you specify a value for `MaxResults` in your list request, and
1187
+ # you have more objects than the maximum, AWS Firewall Manager returns
1188
+ # this token in the response. You can use this token in subsequent
1189
+ # requests to retrieve the next batch of objects.
1190
+ # @return [String]
1191
+ #
1192
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsListsResponse AWS API Documentation
1193
+ #
1194
+ class ListProtocolsListsResponse < Struct.new(
1195
+ :protocols_lists,
1196
+ :next_token)
1197
+ SENSITIVE = []
640
1198
  include Aws::Structure
641
1199
  end
642
1200
 
@@ -649,14 +1207,15 @@ module Aws::FMS
649
1207
  #
650
1208
  # @!attribute [rw] resource_arn
651
1209
  # The Amazon Resource Name (ARN) of the resource to return tags for.
652
- # The Firewall Manager policy is the only AWS resource that supports
653
- # tagging, so this ARN is a policy ARN..
1210
+ # The AWS Firewall Manager resources that support tagging are
1211
+ # policies, applications lists, and protocols lists.
654
1212
  # @return [String]
655
1213
  #
656
1214
  # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResourceRequest AWS API Documentation
657
1215
  #
658
1216
  class ListTagsForResourceRequest < Struct.new(
659
1217
  :resource_arn)
1218
+ SENSITIVE = []
660
1219
  include Aws::Structure
661
1220
  end
662
1221
 
@@ -668,6 +1227,28 @@ module Aws::FMS
668
1227
  #
669
1228
  class ListTagsForResourceResponse < Struct.new(
670
1229
  :tag_list)
1230
+ SENSITIVE = []
1231
+ include Aws::Structure
1232
+ end
1233
+
1234
+ # The reference rule that partially matches the `ViolationTarget` rule
1235
+ # and violation reason.
1236
+ #
1237
+ # @!attribute [rw] reference
1238
+ # The reference rule from the master security group of the AWS
1239
+ # Firewall Manager policy.
1240
+ # @return [String]
1241
+ #
1242
+ # @!attribute [rw] target_violation_reasons
1243
+ # The violation reason.
1244
+ # @return [Array<String>]
1245
+ #
1246
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PartialMatch AWS API Documentation
1247
+ #
1248
+ class PartialMatch < Struct.new(
1249
+ :reference,
1250
+ :target_violation_reasons)
1251
+ SENSITIVE = []
671
1252
  include Aws::Structure
672
1253
  end
673
1254
 
@@ -707,7 +1288,7 @@ module Aws::FMS
707
1288
  # @return [String]
708
1289
  #
709
1290
  # @!attribute [rw] policy_name
710
- # The friendly name of the AWS Firewall Manager policy.
1291
+ # The name of the AWS Firewall Manager policy.
711
1292
  # @return [String]
712
1293
  #
713
1294
  # @!attribute [rw] policy_update_token
@@ -835,6 +1416,7 @@ module Aws::FMS
835
1416
  :remediation_enabled,
836
1417
  :include_map,
837
1418
  :exclude_map)
1419
+ SENSITIVE = []
838
1420
  include Aws::Structure
839
1421
  end
840
1422
 
@@ -888,6 +1470,7 @@ module Aws::FMS
888
1470
  :evaluation_limit_exceeded,
889
1471
  :expired_at,
890
1472
  :issue_info_map)
1473
+ SENSITIVE = []
891
1474
  include Aws::Structure
892
1475
  end
893
1476
 
@@ -906,7 +1489,7 @@ module Aws::FMS
906
1489
  # @return [String]
907
1490
  #
908
1491
  # @!attribute [rw] policy_name
909
- # The friendly name of the AWS Firewall Manager policy.
1492
+ # The name of the AWS Firewall Manager policy.
910
1493
  # @return [String]
911
1494
  #
912
1495
  # @!attribute [rw] member_account
@@ -938,6 +1521,7 @@ module Aws::FMS
938
1521
  :evaluation_results,
939
1522
  :last_updated,
940
1523
  :issue_info_map)
1524
+ SENSITIVE = []
941
1525
  include Aws::Structure
942
1526
  end
943
1527
 
@@ -952,7 +1536,7 @@ module Aws::FMS
952
1536
  # @return [String]
953
1537
  #
954
1538
  # @!attribute [rw] policy_name
955
- # The friendly name of the specified policy.
1539
+ # The name of the specified policy.
956
1540
  # @return [String]
957
1541
  #
958
1542
  # @!attribute [rw] resource_type
@@ -993,6 +1577,170 @@ module Aws::FMS
993
1577
  :resource_type,
994
1578
  :security_service_type,
995
1579
  :remediation_enabled)
1580
+ SENSITIVE = []
1581
+ include Aws::Structure
1582
+ end
1583
+
1584
+ # An AWS Firewall Manager protocols list.
1585
+ #
1586
+ # @note When making an API call, you may pass ProtocolsListData
1587
+ # data as a hash:
1588
+ #
1589
+ # {
1590
+ # list_id: "ListId",
1591
+ # list_name: "ResourceName", # required
1592
+ # list_update_token: "UpdateToken",
1593
+ # create_time: Time.now,
1594
+ # last_update_time: Time.now,
1595
+ # protocols_list: ["Protocol"], # required
1596
+ # previous_protocols_list: {
1597
+ # "PreviousListVersion" => ["Protocol"],
1598
+ # },
1599
+ # }
1600
+ #
1601
+ # @!attribute [rw] list_id
1602
+ # The ID of the AWS Firewall Manager protocols list.
1603
+ # @return [String]
1604
+ #
1605
+ # @!attribute [rw] list_name
1606
+ # The name of the AWS Firewall Manager protocols list.
1607
+ # @return [String]
1608
+ #
1609
+ # @!attribute [rw] list_update_token
1610
+ # A unique identifier for each update to the list. When you update the
1611
+ # list, the update token must match the token of the current version
1612
+ # of the application list. You can retrieve the update token by
1613
+ # getting the list.
1614
+ # @return [String]
1615
+ #
1616
+ # @!attribute [rw] create_time
1617
+ # The time that the AWS Firewall Manager protocols list was created.
1618
+ # @return [Time]
1619
+ #
1620
+ # @!attribute [rw] last_update_time
1621
+ # The time that the AWS Firewall Manager protocols list was last
1622
+ # updated.
1623
+ # @return [Time]
1624
+ #
1625
+ # @!attribute [rw] protocols_list
1626
+ # An array of protocols in the AWS Firewall Manager protocols list.
1627
+ # @return [Array<String>]
1628
+ #
1629
+ # @!attribute [rw] previous_protocols_list
1630
+ # A map of previous version numbers to their corresponding protocol
1631
+ # arrays.
1632
+ # @return [Hash<String,Array<String>>]
1633
+ #
1634
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ProtocolsListData AWS API Documentation
1635
+ #
1636
+ class ProtocolsListData < Struct.new(
1637
+ :list_id,
1638
+ :list_name,
1639
+ :list_update_token,
1640
+ :create_time,
1641
+ :last_update_time,
1642
+ :protocols_list,
1643
+ :previous_protocols_list)
1644
+ SENSITIVE = []
1645
+ include Aws::Structure
1646
+ end
1647
+
1648
+ # Details of the AWS Firewall Manager protocols list.
1649
+ #
1650
+ # @!attribute [rw] list_arn
1651
+ # The Amazon Resource Name (ARN) of the specified protocols list.
1652
+ # @return [String]
1653
+ #
1654
+ # @!attribute [rw] list_id
1655
+ # The ID of the specified protocols list.
1656
+ # @return [String]
1657
+ #
1658
+ # @!attribute [rw] list_name
1659
+ # The name of the specified protocols list.
1660
+ # @return [String]
1661
+ #
1662
+ # @!attribute [rw] protocols_list
1663
+ # An array of protocols in the AWS Firewall Manager protocols list.
1664
+ # @return [Array<String>]
1665
+ #
1666
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ProtocolsListDataSummary AWS API Documentation
1667
+ #
1668
+ class ProtocolsListDataSummary < Struct.new(
1669
+ :list_arn,
1670
+ :list_id,
1671
+ :list_name,
1672
+ :protocols_list)
1673
+ SENSITIVE = []
1674
+ include Aws::Structure
1675
+ end
1676
+
1677
+ # @note When making an API call, you may pass PutAppsListRequest
1678
+ # data as a hash:
1679
+ #
1680
+ # {
1681
+ # apps_list: { # required
1682
+ # list_id: "ListId",
1683
+ # list_name: "ResourceName", # required
1684
+ # list_update_token: "UpdateToken",
1685
+ # create_time: Time.now,
1686
+ # last_update_time: Time.now,
1687
+ # apps_list: [ # required
1688
+ # {
1689
+ # app_name: "ResourceName", # required
1690
+ # protocol: "Protocol", # required
1691
+ # port: 1, # required
1692
+ # },
1693
+ # ],
1694
+ # previous_apps_list: {
1695
+ # "PreviousListVersion" => [
1696
+ # {
1697
+ # app_name: "ResourceName", # required
1698
+ # protocol: "Protocol", # required
1699
+ # port: 1, # required
1700
+ # },
1701
+ # ],
1702
+ # },
1703
+ # },
1704
+ # tag_list: [
1705
+ # {
1706
+ # key: "TagKey", # required
1707
+ # value: "TagValue", # required
1708
+ # },
1709
+ # ],
1710
+ # }
1711
+ #
1712
+ # @!attribute [rw] apps_list
1713
+ # The details of the AWS Firewall Manager applications list to be
1714
+ # created.
1715
+ # @return [Types::AppsListData]
1716
+ #
1717
+ # @!attribute [rw] tag_list
1718
+ # The tags associated with the resource.
1719
+ # @return [Array<Types::Tag>]
1720
+ #
1721
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsListRequest AWS API Documentation
1722
+ #
1723
+ class PutAppsListRequest < Struct.new(
1724
+ :apps_list,
1725
+ :tag_list)
1726
+ SENSITIVE = []
1727
+ include Aws::Structure
1728
+ end
1729
+
1730
+ # @!attribute [rw] apps_list
1731
+ # The details of the AWS Firewall Manager applications list.
1732
+ # @return [Types::AppsListData]
1733
+ #
1734
+ # @!attribute [rw] apps_list_arn
1735
+ # The Amazon Resource Name (ARN) of the applications list.
1736
+ # @return [String]
1737
+ #
1738
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsListResponse AWS API Documentation
1739
+ #
1740
+ class PutAppsListResponse < Struct.new(
1741
+ :apps_list,
1742
+ :apps_list_arn)
1743
+ SENSITIVE = []
996
1744
  include Aws::Structure
997
1745
  end
998
1746
 
@@ -1019,6 +1767,7 @@ module Aws::FMS
1019
1767
  class PutNotificationChannelRequest < Struct.new(
1020
1768
  :sns_topic_arn,
1021
1769
  :sns_role_name)
1770
+ SENSITIVE = []
1022
1771
  include Aws::Structure
1023
1772
  end
1024
1773
 
@@ -1072,15 +1821,16 @@ module Aws::FMS
1072
1821
  class PutPolicyRequest < Struct.new(
1073
1822
  :policy,
1074
1823
  :tag_list)
1824
+ SENSITIVE = []
1075
1825
  include Aws::Structure
1076
1826
  end
1077
1827
 
1078
1828
  # @!attribute [rw] policy
1079
- # The details of the AWS Firewall Manager policy that was created.
1829
+ # The details of the AWS Firewall Manager policy.
1080
1830
  # @return [Types::Policy]
1081
1831
  #
1082
1832
  # @!attribute [rw] policy_arn
1083
- # The Amazon Resource Name (ARN) of the policy that was created.
1833
+ # The Amazon Resource Name (ARN) of the policy.
1084
1834
  # @return [String]
1085
1835
  #
1086
1836
  # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicyResponse AWS API Documentation
@@ -1088,6 +1838,65 @@ module Aws::FMS
1088
1838
  class PutPolicyResponse < Struct.new(
1089
1839
  :policy,
1090
1840
  :policy_arn)
1841
+ SENSITIVE = []
1842
+ include Aws::Structure
1843
+ end
1844
+
1845
+ # @note When making an API call, you may pass PutProtocolsListRequest
1846
+ # data as a hash:
1847
+ #
1848
+ # {
1849
+ # protocols_list: { # required
1850
+ # list_id: "ListId",
1851
+ # list_name: "ResourceName", # required
1852
+ # list_update_token: "UpdateToken",
1853
+ # create_time: Time.now,
1854
+ # last_update_time: Time.now,
1855
+ # protocols_list: ["Protocol"], # required
1856
+ # previous_protocols_list: {
1857
+ # "PreviousListVersion" => ["Protocol"],
1858
+ # },
1859
+ # },
1860
+ # tag_list: [
1861
+ # {
1862
+ # key: "TagKey", # required
1863
+ # value: "TagValue", # required
1864
+ # },
1865
+ # ],
1866
+ # }
1867
+ #
1868
+ # @!attribute [rw] protocols_list
1869
+ # The details of the AWS Firewall Manager protocols list to be
1870
+ # created.
1871
+ # @return [Types::ProtocolsListData]
1872
+ #
1873
+ # @!attribute [rw] tag_list
1874
+ # The tags associated with the resource.
1875
+ # @return [Array<Types::Tag>]
1876
+ #
1877
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsListRequest AWS API Documentation
1878
+ #
1879
+ class PutProtocolsListRequest < Struct.new(
1880
+ :protocols_list,
1881
+ :tag_list)
1882
+ SENSITIVE = []
1883
+ include Aws::Structure
1884
+ end
1885
+
1886
+ # @!attribute [rw] protocols_list
1887
+ # The details of the AWS Firewall Manager protocols list.
1888
+ # @return [Types::ProtocolsListData]
1889
+ #
1890
+ # @!attribute [rw] protocols_list_arn
1891
+ # The Amazon Resource Name (ARN) of the protocols list.
1892
+ # @return [String]
1893
+ #
1894
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsListResponse AWS API Documentation
1895
+ #
1896
+ class PutProtocolsListResponse < Struct.new(
1897
+ :protocols_list,
1898
+ :protocols_list_arn)
1899
+ SENSITIVE = []
1091
1900
  include Aws::Structure
1092
1901
  end
1093
1902
 
@@ -1100,6 +1909,7 @@ module Aws::FMS
1100
1909
  #
1101
1910
  class ResourceNotFoundException < Struct.new(
1102
1911
  :message)
1912
+ SENSITIVE = []
1103
1913
  include Aws::Structure
1104
1914
  end
1105
1915
 
@@ -1138,6 +1948,103 @@ module Aws::FMS
1138
1948
  class ResourceTag < Struct.new(
1139
1949
  :key,
1140
1950
  :value)
1951
+ SENSITIVE = []
1952
+ include Aws::Structure
1953
+ end
1954
+
1955
+ # Violation detail based on resource type.
1956
+ #
1957
+ # @!attribute [rw] aws_vpc_security_group_violation
1958
+ # Violation details for security groups.
1959
+ # @return [Types::AwsVPCSecurityGroupViolation]
1960
+ #
1961
+ # @!attribute [rw] aws_ec2_network_interface_violation
1962
+ # Violation details for network interface.
1963
+ # @return [Types::AwsEc2NetworkInterfaceViolation]
1964
+ #
1965
+ # @!attribute [rw] aws_ec2_instance_violation
1966
+ # Violation details for an EC2 instance.
1967
+ # @return [Types::AwsEc2InstanceViolation]
1968
+ #
1969
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceViolation AWS API Documentation
1970
+ #
1971
+ class ResourceViolation < Struct.new(
1972
+ :aws_vpc_security_group_violation,
1973
+ :aws_ec2_network_interface_violation,
1974
+ :aws_ec2_instance_violation)
1975
+ SENSITIVE = []
1976
+ include Aws::Structure
1977
+ end
1978
+
1979
+ # Remediation option for the rule specified in the `ViolationTarget`.
1980
+ #
1981
+ # @!attribute [rw] remediation_action_type
1982
+ # The remediation action that will be performed.
1983
+ # @return [String]
1984
+ #
1985
+ # @!attribute [rw] description
1986
+ # Brief description of the action that will be performed.
1987
+ # @return [String]
1988
+ #
1989
+ # @!attribute [rw] remediation_result
1990
+ # The final state of the rule specified in the `ViolationTarget` after
1991
+ # it is remediated.
1992
+ # @return [Types::SecurityGroupRuleDescription]
1993
+ #
1994
+ # @!attribute [rw] is_default_action
1995
+ # Indicates if the current action is the default action.
1996
+ # @return [Boolean]
1997
+ #
1998
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/SecurityGroupRemediationAction AWS API Documentation
1999
+ #
2000
+ class SecurityGroupRemediationAction < Struct.new(
2001
+ :remediation_action_type,
2002
+ :description,
2003
+ :remediation_result,
2004
+ :is_default_action)
2005
+ SENSITIVE = []
2006
+ include Aws::Structure
2007
+ end
2008
+
2009
+ # Describes a set of permissions for a security group rule.
2010
+ #
2011
+ # @!attribute [rw] ipv4_range
2012
+ # The IPv4 ranges for the security group rule.
2013
+ # @return [String]
2014
+ #
2015
+ # @!attribute [rw] ipv6_range
2016
+ # The IPv6 ranges for the security group rule.
2017
+ # @return [String]
2018
+ #
2019
+ # @!attribute [rw] prefix_list_id
2020
+ # The ID of the prefix list for the security group rule.
2021
+ # @return [String]
2022
+ #
2023
+ # @!attribute [rw] protocol
2024
+ # The IP protocol name (`tcp`, `udp`, `icmp`, `icmpv6`) or number.
2025
+ # @return [String]
2026
+ #
2027
+ # @!attribute [rw] from_port
2028
+ # The start of the port range for the TCP and UDP protocols, or an
2029
+ # ICMP/ICMPv6 type number. A value of `-1` indicates all ICMP/ICMPv6
2030
+ # types.
2031
+ # @return [Integer]
2032
+ #
2033
+ # @!attribute [rw] to_port
2034
+ # The end of the port range for the TCP and UDP protocols, or an
2035
+ # ICMP/ICMPv6 code. A value of `-1` indicates all ICMP/ICMPv6 codes.
2036
+ # @return [Integer]
2037
+ #
2038
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/SecurityGroupRuleDescription AWS API Documentation
2039
+ #
2040
+ class SecurityGroupRuleDescription < Struct.new(
2041
+ :ipv4_range,
2042
+ :ipv6_range,
2043
+ :prefix_list_id,
2044
+ :protocol,
2045
+ :from_port,
2046
+ :to_port)
2047
+ SENSITIVE = []
1141
2048
  include Aws::Structure
1142
2049
  end
1143
2050
 
@@ -1170,7 +2077,7 @@ module Aws::FMS
1170
2077
  # * Example: `WAFV2`
1171
2078
  #
1172
2079
  # `"ManagedServiceData":
1173
- # "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"excludedRules":[\{"name":"EntityName"\}],"ruleGroupType":"RuleGroup"\}],"postProcessRuleGroups":[\{"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendor":"AWS"\},"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"NONE"\},"excludedRules":[],"ruleGroupType":"ManagedRuleGroup"\}],"overrideCustomerWebACLAssociation":false\}"`
2080
+ # "\{"type":"WAFV2","defaultAction":\{"type":"ALLOW"\},"preProcessRuleGroups":[\{"managedRuleGroupIdentifier":null,"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"COUNT"\},"excludeRules":[\{"name":"EntityName"\}],"ruleGroupType":"RuleGroup"\}],"postProcessRuleGroups":[\{"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendorName":"AWS"\},"ruleGroupArn":"rulegrouparn","overrideAction":\{"type":"NONE"\},"excludeRules":[],"ruleGroupType":"ManagedRuleGroup"\}],"overrideCustomerWebACLAssociation":false\}"`
1174
2081
  #
1175
2082
  # * Example: `WAF Classic`
1176
2083
  #
@@ -1209,6 +2116,7 @@ module Aws::FMS
1209
2116
  class SecurityServicePolicyData < Struct.new(
1210
2117
  :type,
1211
2118
  :managed_service_data)
2119
+ SENSITIVE = []
1212
2120
  include Aws::Structure
1213
2121
  end
1214
2122
 
@@ -1244,6 +2152,7 @@ module Aws::FMS
1244
2152
  class Tag < Struct.new(
1245
2153
  :key,
1246
2154
  :value)
2155
+ SENSITIVE = []
1247
2156
  include Aws::Structure
1248
2157
  end
1249
2158
 
@@ -1261,9 +2170,9 @@ module Aws::FMS
1261
2170
  # }
1262
2171
  #
1263
2172
  # @!attribute [rw] resource_arn
1264
- # The Amazon Resource Name (ARN) of the resource. The Firewall Manager
1265
- # policy is the only AWS resource that supports tagging, so this ARN
1266
- # is a policy ARN.
2173
+ # The Amazon Resource Name (ARN) of the resource to return tags for.
2174
+ # The AWS Firewall Manager resources that support tagging are
2175
+ # policies, applications lists, and protocols lists.
1267
2176
  # @return [String]
1268
2177
  #
1269
2178
  # @!attribute [rw] tag_list
@@ -1275,6 +2184,7 @@ module Aws::FMS
1275
2184
  class TagResourceRequest < Struct.new(
1276
2185
  :resource_arn,
1277
2186
  :tag_list)
2187
+ SENSITIVE = []
1278
2188
  include Aws::Structure
1279
2189
  end
1280
2190
 
@@ -1291,9 +2201,9 @@ module Aws::FMS
1291
2201
  # }
1292
2202
  #
1293
2203
  # @!attribute [rw] resource_arn
1294
- # The Amazon Resource Name (ARN) of the resource. The Firewall Manager
1295
- # policy is the only AWS resource that supports tagging, so this ARN
1296
- # is a policy ARN.
2204
+ # The Amazon Resource Name (ARN) of the resource to return tags for.
2205
+ # The AWS Firewall Manager resources that support tagging are
2206
+ # policies, applications lists, and protocols lists.
1297
2207
  # @return [String]
1298
2208
  #
1299
2209
  # @!attribute [rw] tag_keys
@@ -1305,6 +2215,7 @@ module Aws::FMS
1305
2215
  class UntagResourceRequest < Struct.new(
1306
2216
  :resource_arn,
1307
2217
  :tag_keys)
2218
+ SENSITIVE = []
1308
2219
  include Aws::Structure
1309
2220
  end
1310
2221
 
@@ -1312,5 +2223,51 @@ module Aws::FMS
1312
2223
  #
1313
2224
  class UntagResourceResponse < Aws::EmptyStructure; end
1314
2225
 
2226
+ # Violations for a resource based on the specified AWS Firewall Manager
2227
+ # policy and AWS account.
2228
+ #
2229
+ # @!attribute [rw] policy_id
2230
+ # The ID of the AWS Firewall Manager policy that the violation details
2231
+ # were requested for.
2232
+ # @return [String]
2233
+ #
2234
+ # @!attribute [rw] member_account
2235
+ # The AWS account that the violation details were requested for.
2236
+ # @return [String]
2237
+ #
2238
+ # @!attribute [rw] resource_id
2239
+ # The resource ID that the violation details were requested for.
2240
+ # @return [String]
2241
+ #
2242
+ # @!attribute [rw] resource_type
2243
+ # The resource type that the violation details were requested for.
2244
+ # @return [String]
2245
+ #
2246
+ # @!attribute [rw] resource_violations
2247
+ # List of violations for the requested resource.
2248
+ # @return [Array<Types::ResourceViolation>]
2249
+ #
2250
+ # @!attribute [rw] resource_tags
2251
+ # The `ResourceTag` objects associated with the resource.
2252
+ # @return [Array<Types::Tag>]
2253
+ #
2254
+ # @!attribute [rw] resource_description
2255
+ # Brief description for the requested resource.
2256
+ # @return [String]
2257
+ #
2258
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ViolationDetail AWS API Documentation
2259
+ #
2260
+ class ViolationDetail < Struct.new(
2261
+ :policy_id,
2262
+ :member_account,
2263
+ :resource_id,
2264
+ :resource_type,
2265
+ :resource_violations,
2266
+ :resource_tags,
2267
+ :resource_description)
2268
+ SENSITIVE = []
2269
+ include Aws::Structure
2270
+ end
2271
+
1315
2272
  end
1316
2273
  end