aws-sdk-fms 1.28.0 → 1.33.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-fms.rb +3 -2
- data/lib/aws-sdk-fms/client.rb +575 -32
- data/lib/aws-sdk-fms/client_api.rb +396 -0
- data/lib/aws-sdk-fms/types.rb +1220 -50
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: db4d701077981c960c71223fdd45be041e1f894c48223bb2cbe7e81c050a1a87
|
4
|
+
data.tar.gz: 58c0a54e63917e0abb207951b7cf72d9854b4aa3704da1cc65d82a7ca79e33d9
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 55c07a19e2009d812925576000d529d088c67d66e0a541b9558c8ca7686886d7d9200b6328495c74943211feddc60361f478525d4cfc9c28b48175bca3c1063d
|
7
|
+
data.tar.gz: 2183267a9b5331b8c378bcf7d680900e62461ae47628e3a0e86c62383bb9b22bdbf789cd6506709e07f42dac8463d9f6fb36d745ee3cd9ae9b50e1426a3d3875
|
data/lib/aws-sdk-fms.rb
CHANGED
@@ -7,6 +7,7 @@
|
|
7
7
|
#
|
8
8
|
# WARNING ABOUT GENERATED CODE
|
9
9
|
|
10
|
+
|
10
11
|
require 'aws-sdk-core'
|
11
12
|
require 'aws-sigv4'
|
12
13
|
|
@@ -44,9 +45,9 @@ require_relative 'aws-sdk-fms/customizations'
|
|
44
45
|
#
|
45
46
|
# See {Errors} for more information.
|
46
47
|
#
|
47
|
-
#
|
48
|
+
# @!group service
|
48
49
|
module Aws::FMS
|
49
50
|
|
50
|
-
GEM_VERSION = '1.
|
51
|
+
GEM_VERSION = '1.33.0'
|
51
52
|
|
52
53
|
end
|
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -85,13 +85,28 @@ module Aws::FMS
|
|
85
85
|
# * `Aws::Credentials` - Used for configuring static, non-refreshing
|
86
86
|
# credentials.
|
87
87
|
#
|
88
|
+
# * `Aws::SharedCredentials` - Used for loading static credentials from a
|
89
|
+
# shared file, such as `~/.aws/config`.
|
90
|
+
#
|
91
|
+
# * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
|
92
|
+
#
|
93
|
+
# * `Aws::AssumeRoleWebIdentityCredentials` - Used when you need to
|
94
|
+
# assume a role after providing credentials via the web.
|
95
|
+
#
|
96
|
+
# * `Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an
|
97
|
+
# access token generated from `aws login`.
|
98
|
+
#
|
99
|
+
# * `Aws::ProcessCredentials` - Used for loading credentials from a
|
100
|
+
# process that outputs to stdout.
|
101
|
+
#
|
88
102
|
# * `Aws::InstanceProfileCredentials` - Used for loading credentials
|
89
103
|
# from an EC2 IMDS on an EC2 instance.
|
90
104
|
#
|
91
|
-
# * `Aws::
|
92
|
-
#
|
105
|
+
# * `Aws::ECSCredentials` - Used for loading credentials from
|
106
|
+
# instances running in ECS.
|
93
107
|
#
|
94
|
-
# * `Aws::
|
108
|
+
# * `Aws::CognitoIdentityCredentials` - Used for loading credentials
|
109
|
+
# from the Cognito Identity service.
|
95
110
|
#
|
96
111
|
# When `:credentials` are not configured directly, the following
|
97
112
|
# locations will be searched for credentials:
|
@@ -101,10 +116,10 @@ module Aws::FMS
|
|
101
116
|
# * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
|
102
117
|
# * `~/.aws/credentials`
|
103
118
|
# * `~/.aws/config`
|
104
|
-
# * EC2 IMDS instance profile - When used by default, the timeouts
|
105
|
-
# very aggressive. Construct and pass an instance of
|
106
|
-
# `Aws::InstanceProfileCredentails`
|
107
|
-
# timeouts.
|
119
|
+
# * EC2/ECS IMDS instance profile - When used by default, the timeouts
|
120
|
+
# are very aggressive. Construct and pass an instance of
|
121
|
+
# `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
|
122
|
+
# enable retries and extended timeouts.
|
108
123
|
#
|
109
124
|
# @option options [required, String] :region
|
110
125
|
# The AWS region to connect to. The configured `:region` is
|
@@ -360,6 +375,30 @@ module Aws::FMS
|
|
360
375
|
req.send_request(options)
|
361
376
|
end
|
362
377
|
|
378
|
+
# Permanently deletes an AWS Firewall Manager applications list.
|
379
|
+
#
|
380
|
+
# @option params [required, String] :list_id
|
381
|
+
# The ID of the applications list that you want to delete. You can
|
382
|
+
# retrieve this ID from `PutAppsList`, `ListAppsLists`, and
|
383
|
+
# `GetAppsList`.
|
384
|
+
#
|
385
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
386
|
+
#
|
387
|
+
# @example Request syntax with placeholder values
|
388
|
+
#
|
389
|
+
# resp = client.delete_apps_list({
|
390
|
+
# list_id: "ListId", # required
|
391
|
+
# })
|
392
|
+
#
|
393
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteAppsList AWS API Documentation
|
394
|
+
#
|
395
|
+
# @overload delete_apps_list(params = {})
|
396
|
+
# @param [Hash] params ({})
|
397
|
+
def delete_apps_list(params = {}, options = {})
|
398
|
+
req = build_request(:delete_apps_list, params)
|
399
|
+
req.send_request(options)
|
400
|
+
end
|
401
|
+
|
363
402
|
# Deletes an AWS Firewall Manager association with the IAM role and the
|
364
403
|
# Amazon Simple Notification Service (SNS) topic that is used to record
|
365
404
|
# AWS Firewall Manager SNS logs.
|
@@ -378,8 +417,8 @@ module Aws::FMS
|
|
378
417
|
# Permanently deletes an AWS Firewall Manager policy.
|
379
418
|
#
|
380
419
|
# @option params [required, String] :policy_id
|
381
|
-
# The ID of the policy that you want to delete.
|
382
|
-
#
|
420
|
+
# The ID of the policy that you want to delete. You can retrieve this ID
|
421
|
+
# from `PutPolicy` and `ListPolicies`.
|
383
422
|
#
|
384
423
|
# @option params [Boolean] :delete_all_policy_resources
|
385
424
|
# If `True`, the request performs cleanup according to the policy type.
|
@@ -429,6 +468,30 @@ module Aws::FMS
|
|
429
468
|
req.send_request(options)
|
430
469
|
end
|
431
470
|
|
471
|
+
# Permanently deletes an AWS Firewall Manager protocols list.
|
472
|
+
#
|
473
|
+
# @option params [required, String] :list_id
|
474
|
+
# The ID of the protocols list that you want to delete. You can retrieve
|
475
|
+
# this ID from `PutProtocolsList`, `ListProtocolsLists`, and
|
476
|
+
# `GetProtocolsLost`.
|
477
|
+
#
|
478
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
479
|
+
#
|
480
|
+
# @example Request syntax with placeholder values
|
481
|
+
#
|
482
|
+
# resp = client.delete_protocols_list({
|
483
|
+
# list_id: "ListId", # required
|
484
|
+
# })
|
485
|
+
#
|
486
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteProtocolsList AWS API Documentation
|
487
|
+
#
|
488
|
+
# @overload delete_protocols_list(params = {})
|
489
|
+
# @param [Hash] params ({})
|
490
|
+
def delete_protocols_list(params = {}, options = {})
|
491
|
+
req = build_request(:delete_protocols_list, params)
|
492
|
+
req.send_request(options)
|
493
|
+
end
|
494
|
+
|
432
495
|
# Disassociates the account that has been set as the AWS Firewall
|
433
496
|
# Manager administrator account. To set a different account as the
|
434
497
|
# administrator account, you must submit an `AssociateAdminAccount`
|
@@ -467,6 +530,56 @@ module Aws::FMS
|
|
467
530
|
req.send_request(options)
|
468
531
|
end
|
469
532
|
|
533
|
+
# Returns information about the specified AWS Firewall Manager
|
534
|
+
# applications list.
|
535
|
+
#
|
536
|
+
# @option params [required, String] :list_id
|
537
|
+
# The ID of the AWS Firewall Manager applications list that you want the
|
538
|
+
# details for.
|
539
|
+
#
|
540
|
+
# @option params [Boolean] :default_list
|
541
|
+
# Specifies whether the list to retrieve is a default list owned by AWS
|
542
|
+
# Firewall Manager.
|
543
|
+
#
|
544
|
+
# @return [Types::GetAppsListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
545
|
+
#
|
546
|
+
# * {Types::GetAppsListResponse#apps_list #apps_list} => Types::AppsListData
|
547
|
+
# * {Types::GetAppsListResponse#apps_list_arn #apps_list_arn} => String
|
548
|
+
#
|
549
|
+
# @example Request syntax with placeholder values
|
550
|
+
#
|
551
|
+
# resp = client.get_apps_list({
|
552
|
+
# list_id: "ListId", # required
|
553
|
+
# default_list: false,
|
554
|
+
# })
|
555
|
+
#
|
556
|
+
# @example Response structure
|
557
|
+
#
|
558
|
+
# resp.apps_list.list_id #=> String
|
559
|
+
# resp.apps_list.list_name #=> String
|
560
|
+
# resp.apps_list.list_update_token #=> String
|
561
|
+
# resp.apps_list.create_time #=> Time
|
562
|
+
# resp.apps_list.last_update_time #=> Time
|
563
|
+
# resp.apps_list.apps_list #=> Array
|
564
|
+
# resp.apps_list.apps_list[0].app_name #=> String
|
565
|
+
# resp.apps_list.apps_list[0].protocol #=> String
|
566
|
+
# resp.apps_list.apps_list[0].port #=> Integer
|
567
|
+
# resp.apps_list.previous_apps_list #=> Hash
|
568
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"] #=> Array
|
569
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].app_name #=> String
|
570
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].protocol #=> String
|
571
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].port #=> Integer
|
572
|
+
# resp.apps_list_arn #=> String
|
573
|
+
#
|
574
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsList AWS API Documentation
|
575
|
+
#
|
576
|
+
# @overload get_apps_list(params = {})
|
577
|
+
# @param [Hash] params ({})
|
578
|
+
def get_apps_list(params = {}, options = {})
|
579
|
+
req = build_request(:get_apps_list, params)
|
580
|
+
req.send_request(options)
|
581
|
+
end
|
582
|
+
|
470
583
|
# Returns detailed compliance information about the specified member
|
471
584
|
# account. Details include resources that are in and out of compliance
|
472
585
|
# with the specified policy. Resources are considered noncompliant for
|
@@ -474,7 +587,12 @@ module Aws::FMS
|
|
474
587
|
# been applied to them. Resources are considered noncompliant for
|
475
588
|
# security group policies if they are in scope of the policy, they
|
476
589
|
# violate one or more of the policy rules, and remediation is disabled
|
477
|
-
# or not possible.
|
590
|
+
# or not possible. Resources are considered noncompliant for Network
|
591
|
+
# Firewall policies if a firewall is missing in the VPC, if the firewall
|
592
|
+
# endpoint isn't set up in an expected Availability Zone and subnet, if
|
593
|
+
# a subnet created by the Firewall Manager doesn't have the expected
|
594
|
+
# route table, and for modifications to a firewall policy that violate
|
595
|
+
# the Firewall Manager policy's rules.
|
478
596
|
#
|
479
597
|
# @option params [required, String] :policy_id
|
480
598
|
# The ID of the policy that you want to get the details for. `PolicyId`
|
@@ -502,7 +620,7 @@ module Aws::FMS
|
|
502
620
|
# resp.policy_compliance_detail.member_account #=> String
|
503
621
|
# resp.policy_compliance_detail.violators #=> Array
|
504
622
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
505
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT"
|
623
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED"
|
506
624
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
507
625
|
# resp.policy_compliance_detail.evaluation_limit_exceeded #=> Boolean
|
508
626
|
# resp.policy_compliance_detail.expired_at #=> Time
|
@@ -562,7 +680,7 @@ module Aws::FMS
|
|
562
680
|
# resp.policy.policy_id #=> String
|
563
681
|
# resp.policy.policy_name #=> String
|
564
682
|
# resp.policy.policy_update_token #=> String
|
565
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
683
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
566
684
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
567
685
|
# resp.policy.resource_type #=> String
|
568
686
|
# resp.policy.resource_type_list #=> Array
|
@@ -648,7 +766,7 @@ module Aws::FMS
|
|
648
766
|
# @example Response structure
|
649
767
|
#
|
650
768
|
# resp.admin_account_id #=> String
|
651
|
-
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
769
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
652
770
|
# resp.data #=> String
|
653
771
|
# resp.next_token #=> String
|
654
772
|
#
|
@@ -661,9 +779,234 @@ module Aws::FMS
|
|
661
779
|
req.send_request(options)
|
662
780
|
end
|
663
781
|
|
664
|
-
# Returns
|
665
|
-
#
|
666
|
-
#
|
782
|
+
# Returns information about the specified AWS Firewall Manager protocols
|
783
|
+
# list.
|
784
|
+
#
|
785
|
+
# @option params [required, String] :list_id
|
786
|
+
# The ID of the AWS Firewall Manager protocols list that you want the
|
787
|
+
# details for.
|
788
|
+
#
|
789
|
+
# @option params [Boolean] :default_list
|
790
|
+
# Specifies whether the list to retrieve is a default list owned by AWS
|
791
|
+
# Firewall Manager.
|
792
|
+
#
|
793
|
+
# @return [Types::GetProtocolsListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
794
|
+
#
|
795
|
+
# * {Types::GetProtocolsListResponse#protocols_list #protocols_list} => Types::ProtocolsListData
|
796
|
+
# * {Types::GetProtocolsListResponse#protocols_list_arn #protocols_list_arn} => String
|
797
|
+
#
|
798
|
+
# @example Request syntax with placeholder values
|
799
|
+
#
|
800
|
+
# resp = client.get_protocols_list({
|
801
|
+
# list_id: "ListId", # required
|
802
|
+
# default_list: false,
|
803
|
+
# })
|
804
|
+
#
|
805
|
+
# @example Response structure
|
806
|
+
#
|
807
|
+
# resp.protocols_list.list_id #=> String
|
808
|
+
# resp.protocols_list.list_name #=> String
|
809
|
+
# resp.protocols_list.list_update_token #=> String
|
810
|
+
# resp.protocols_list.create_time #=> Time
|
811
|
+
# resp.protocols_list.last_update_time #=> Time
|
812
|
+
# resp.protocols_list.protocols_list #=> Array
|
813
|
+
# resp.protocols_list.protocols_list[0] #=> String
|
814
|
+
# resp.protocols_list.previous_protocols_list #=> Hash
|
815
|
+
# resp.protocols_list.previous_protocols_list["PreviousListVersion"] #=> Array
|
816
|
+
# resp.protocols_list.previous_protocols_list["PreviousListVersion"][0] #=> String
|
817
|
+
# resp.protocols_list_arn #=> String
|
818
|
+
#
|
819
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsList AWS API Documentation
|
820
|
+
#
|
821
|
+
# @overload get_protocols_list(params = {})
|
822
|
+
# @param [Hash] params ({})
|
823
|
+
def get_protocols_list(params = {}, options = {})
|
824
|
+
req = build_request(:get_protocols_list, params)
|
825
|
+
req.send_request(options)
|
826
|
+
end
|
827
|
+
|
828
|
+
# Retrieves violations for a resource based on the specified AWS
|
829
|
+
# Firewall Manager policy and AWS account.
|
830
|
+
#
|
831
|
+
# @option params [required, String] :policy_id
|
832
|
+
# The ID of the AWS Firewall Manager policy that you want the details
|
833
|
+
# for. This currently only supports security group content audit
|
834
|
+
# policies.
|
835
|
+
#
|
836
|
+
# @option params [required, String] :member_account
|
837
|
+
# The AWS account ID that you want the details for.
|
838
|
+
#
|
839
|
+
# @option params [required, String] :resource_id
|
840
|
+
# The ID of the resource that has violations.
|
841
|
+
#
|
842
|
+
# @option params [required, String] :resource_type
|
843
|
+
# The resource type. This is in the format shown in the [AWS Resource
|
844
|
+
# Types Reference][1]. Supported resource types are:
|
845
|
+
# `AWS::EC2::Instance`, `AWS::EC2::NetworkInterface`,
|
846
|
+
# `AWS::EC2::SecurityGroup`, `AWS::NetworkFirewall::FirewallPolicy`, and
|
847
|
+
# `AWS::EC2::Subnet`.
|
848
|
+
#
|
849
|
+
#
|
850
|
+
#
|
851
|
+
# [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html
|
852
|
+
#
|
853
|
+
# @return [Types::GetViolationDetailsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
854
|
+
#
|
855
|
+
# * {Types::GetViolationDetailsResponse#violation_detail #violation_detail} => Types::ViolationDetail
|
856
|
+
#
|
857
|
+
# @example Request syntax with placeholder values
|
858
|
+
#
|
859
|
+
# resp = client.get_violation_details({
|
860
|
+
# policy_id: "PolicyId", # required
|
861
|
+
# member_account: "AWSAccountId", # required
|
862
|
+
# resource_id: "ResourceId", # required
|
863
|
+
# resource_type: "ResourceType", # required
|
864
|
+
# })
|
865
|
+
#
|
866
|
+
# @example Response structure
|
867
|
+
#
|
868
|
+
# resp.violation_detail.policy_id #=> String
|
869
|
+
# resp.violation_detail.member_account #=> String
|
870
|
+
# resp.violation_detail.resource_id #=> String
|
871
|
+
# resp.violation_detail.resource_type #=> String
|
872
|
+
# resp.violation_detail.resource_violations #=> Array
|
873
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.violation_target #=> String
|
874
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.violation_target_description #=> String
|
875
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.partial_matches #=> Array
|
876
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.partial_matches[0].reference #=> String
|
877
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.partial_matches[0].target_violation_reasons #=> Array
|
878
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.partial_matches[0].target_violation_reasons[0] #=> String
|
879
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions #=> Array
|
880
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_action_type #=> String, one of "REMOVE", "MODIFY"
|
881
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].description #=> String
|
882
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.ipv4_range #=> String
|
883
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.ipv6_range #=> String
|
884
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.prefix_list_id #=> String
|
885
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.protocol #=> String
|
886
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.from_port #=> Integer
|
887
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].remediation_result.to_port #=> Integer
|
888
|
+
# resp.violation_detail.resource_violations[0].aws_vpc_security_group_violation.possible_security_group_remediation_actions[0].is_default_action #=> Boolean
|
889
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_network_interface_violation.violation_target #=> String
|
890
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_network_interface_violation.violating_security_groups #=> Array
|
891
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_network_interface_violation.violating_security_groups[0] #=> String
|
892
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_instance_violation.violation_target #=> String
|
893
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_instance_violation.aws_ec2_network_interface_violations #=> Array
|
894
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_instance_violation.aws_ec2_network_interface_violations[0].violation_target #=> String
|
895
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_instance_violation.aws_ec2_network_interface_violations[0].violating_security_groups #=> Array
|
896
|
+
# resp.violation_detail.resource_violations[0].aws_ec2_instance_violation.aws_ec2_network_interface_violations[0].violating_security_groups[0] #=> String
|
897
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_firewall_violation.violation_target #=> String
|
898
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_firewall_violation.vpc #=> String
|
899
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_firewall_violation.availability_zone #=> String
|
900
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_firewall_violation.target_violation_reason #=> String
|
901
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_subnet_violation.violation_target #=> String
|
902
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_subnet_violation.vpc #=> String
|
903
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_subnet_violation.availability_zone #=> String
|
904
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_subnet_violation.target_violation_reason #=> String
|
905
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_expected_rt_violation.violation_target #=> String
|
906
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_expected_rt_violation.vpc #=> String
|
907
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_expected_rt_violation.availability_zone #=> String
|
908
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_expected_rt_violation.current_route_table #=> String
|
909
|
+
# resp.violation_detail.resource_violations[0].network_firewall_missing_expected_rt_violation.expected_route_table #=> String
|
910
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.violation_target #=> String
|
911
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_rule_groups #=> Array
|
912
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_rule_groups[0].rule_group_name #=> String
|
913
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_rule_groups[0].resource_id #=> String
|
914
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_rule_groups[0].priority #=> Integer
|
915
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_default_actions #=> Array
|
916
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_default_actions[0] #=> String
|
917
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_fragment_default_actions #=> Array
|
918
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_fragment_default_actions[0] #=> String
|
919
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_custom_actions #=> Array
|
920
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateless_custom_actions[0] #=> String
|
921
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_rule_groups #=> Array
|
922
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_rule_groups[0].rule_group_name #=> String
|
923
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_rule_groups[0].resource_id #=> String
|
924
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups #=> Array
|
925
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].rule_group_name #=> String
|
926
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].resource_id #=> String
|
927
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].priority #=> Integer
|
928
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_default_actions #=> Array
|
929
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_default_actions[0] #=> String
|
930
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_fragment_default_actions #=> Array
|
931
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_fragment_default_actions[0] #=> String
|
932
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_custom_actions #=> Array
|
933
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_custom_actions[0] #=> String
|
934
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups #=> Array
|
935
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups[0].rule_group_name #=> String
|
936
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups[0].resource_id #=> String
|
937
|
+
# resp.violation_detail.resource_tags #=> Array
|
938
|
+
# resp.violation_detail.resource_tags[0].key #=> String
|
939
|
+
# resp.violation_detail.resource_tags[0].value #=> String
|
940
|
+
# resp.violation_detail.resource_description #=> String
|
941
|
+
#
|
942
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetails AWS API Documentation
|
943
|
+
#
|
944
|
+
# @overload get_violation_details(params = {})
|
945
|
+
# @param [Hash] params ({})
|
946
|
+
def get_violation_details(params = {}, options = {})
|
947
|
+
req = build_request(:get_violation_details, params)
|
948
|
+
req.send_request(options)
|
949
|
+
end
|
950
|
+
|
951
|
+
# Returns an array of `AppsListDataSummary` objects.
|
952
|
+
#
|
953
|
+
# @option params [Boolean] :default_lists
|
954
|
+
# Specifies whether the lists to retrieve are default lists owned by AWS
|
955
|
+
# Firewall Manager.
|
956
|
+
#
|
957
|
+
# @option params [String] :next_token
|
958
|
+
# If you specify a value for `MaxResults` in your list request, and you
|
959
|
+
# have more objects than the maximum, AWS Firewall Manager returns this
|
960
|
+
# token in the response. For all but the first request, you provide the
|
961
|
+
# token returned by the prior request in the request parameters, to
|
962
|
+
# retrieve the next batch of objects.
|
963
|
+
#
|
964
|
+
# @option params [required, Integer] :max_results
|
965
|
+
# The maximum number of objects that you want AWS Firewall Manager to
|
966
|
+
# return for this request. If more objects are available, in the
|
967
|
+
# response, AWS Firewall Manager provides a `NextToken` value that you
|
968
|
+
# can use in a subsequent call to get the next batch of objects.
|
969
|
+
#
|
970
|
+
# If you don't specify this, AWS Firewall Manager returns all available
|
971
|
+
# objects.
|
972
|
+
#
|
973
|
+
# @return [Types::ListAppsListsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
974
|
+
#
|
975
|
+
# * {Types::ListAppsListsResponse#apps_lists #apps_lists} => Array<Types::AppsListDataSummary>
|
976
|
+
# * {Types::ListAppsListsResponse#next_token #next_token} => String
|
977
|
+
#
|
978
|
+
# @example Request syntax with placeholder values
|
979
|
+
#
|
980
|
+
# resp = client.list_apps_lists({
|
981
|
+
# default_lists: false,
|
982
|
+
# next_token: "PaginationToken",
|
983
|
+
# max_results: 1, # required
|
984
|
+
# })
|
985
|
+
#
|
986
|
+
# @example Response structure
|
987
|
+
#
|
988
|
+
# resp.apps_lists #=> Array
|
989
|
+
# resp.apps_lists[0].list_arn #=> String
|
990
|
+
# resp.apps_lists[0].list_id #=> String
|
991
|
+
# resp.apps_lists[0].list_name #=> String
|
992
|
+
# resp.apps_lists[0].apps_list #=> Array
|
993
|
+
# resp.apps_lists[0].apps_list[0].app_name #=> String
|
994
|
+
# resp.apps_lists[0].apps_list[0].protocol #=> String
|
995
|
+
# resp.apps_lists[0].apps_list[0].port #=> Integer
|
996
|
+
# resp.next_token #=> String
|
997
|
+
#
|
998
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsLists AWS API Documentation
|
999
|
+
#
|
1000
|
+
# @overload list_apps_lists(params = {})
|
1001
|
+
# @param [Hash] params ({})
|
1002
|
+
def list_apps_lists(params = {}, options = {})
|
1003
|
+
req = build_request(:list_apps_lists, params)
|
1004
|
+
req.send_request(options)
|
1005
|
+
end
|
1006
|
+
|
1007
|
+
# Returns an array of `PolicyComplianceStatus` objects. Use
|
1008
|
+
# `PolicyComplianceStatus` to get a summary of which member accounts are
|
1009
|
+
# protected by the specified policy.
|
667
1010
|
#
|
668
1011
|
# @option params [required, String] :policy_id
|
669
1012
|
# The ID of the AWS Firewall Manager policy that you want the details
|
@@ -777,7 +1120,7 @@ module Aws::FMS
|
|
777
1120
|
req.send_request(options)
|
778
1121
|
end
|
779
1122
|
|
780
|
-
# Returns an array of `PolicySummary` objects
|
1123
|
+
# Returns an array of `PolicySummary` objects.
|
781
1124
|
#
|
782
1125
|
# @option params [String] :next_token
|
783
1126
|
# If you specify a value for `MaxResults` and you have more
|
@@ -816,7 +1159,7 @@ module Aws::FMS
|
|
816
1159
|
# resp.policy_list[0].policy_id #=> String
|
817
1160
|
# resp.policy_list[0].policy_name #=> String
|
818
1161
|
# resp.policy_list[0].resource_type #=> String
|
819
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
1162
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
820
1163
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
821
1164
|
# resp.next_token #=> String
|
822
1165
|
#
|
@@ -829,12 +1172,66 @@ module Aws::FMS
|
|
829
1172
|
req.send_request(options)
|
830
1173
|
end
|
831
1174
|
|
1175
|
+
# Returns an array of `ProtocolsListDataSummary` objects.
|
1176
|
+
#
|
1177
|
+
# @option params [Boolean] :default_lists
|
1178
|
+
# Specifies whether the lists to retrieve are default lists owned by AWS
|
1179
|
+
# Firewall Manager.
|
1180
|
+
#
|
1181
|
+
# @option params [String] :next_token
|
1182
|
+
# If you specify a value for `MaxResults` in your list request, and you
|
1183
|
+
# have more objects than the maximum, AWS Firewall Manager returns this
|
1184
|
+
# token in the response. For all but the first request, you provide the
|
1185
|
+
# token returned by the prior request in the request parameters, to
|
1186
|
+
# retrieve the next batch of objects.
|
1187
|
+
#
|
1188
|
+
# @option params [required, Integer] :max_results
|
1189
|
+
# The maximum number of objects that you want AWS Firewall Manager to
|
1190
|
+
# return for this request. If more objects are available, in the
|
1191
|
+
# response, AWS Firewall Manager provides a `NextToken` value that you
|
1192
|
+
# can use in a subsequent call to get the next batch of objects.
|
1193
|
+
#
|
1194
|
+
# If you don't specify this, AWS Firewall Manager returns all available
|
1195
|
+
# objects.
|
1196
|
+
#
|
1197
|
+
# @return [Types::ListProtocolsListsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1198
|
+
#
|
1199
|
+
# * {Types::ListProtocolsListsResponse#protocols_lists #protocols_lists} => Array<Types::ProtocolsListDataSummary>
|
1200
|
+
# * {Types::ListProtocolsListsResponse#next_token #next_token} => String
|
1201
|
+
#
|
1202
|
+
# @example Request syntax with placeholder values
|
1203
|
+
#
|
1204
|
+
# resp = client.list_protocols_lists({
|
1205
|
+
# default_lists: false,
|
1206
|
+
# next_token: "PaginationToken",
|
1207
|
+
# max_results: 1, # required
|
1208
|
+
# })
|
1209
|
+
#
|
1210
|
+
# @example Response structure
|
1211
|
+
#
|
1212
|
+
# resp.protocols_lists #=> Array
|
1213
|
+
# resp.protocols_lists[0].list_arn #=> String
|
1214
|
+
# resp.protocols_lists[0].list_id #=> String
|
1215
|
+
# resp.protocols_lists[0].list_name #=> String
|
1216
|
+
# resp.protocols_lists[0].protocols_list #=> Array
|
1217
|
+
# resp.protocols_lists[0].protocols_list[0] #=> String
|
1218
|
+
# resp.next_token #=> String
|
1219
|
+
#
|
1220
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsLists AWS API Documentation
|
1221
|
+
#
|
1222
|
+
# @overload list_protocols_lists(params = {})
|
1223
|
+
# @param [Hash] params ({})
|
1224
|
+
def list_protocols_lists(params = {}, options = {})
|
1225
|
+
req = build_request(:list_protocols_lists, params)
|
1226
|
+
req.send_request(options)
|
1227
|
+
end
|
1228
|
+
|
832
1229
|
# Retrieves the list of tags for the specified AWS resource.
|
833
1230
|
#
|
834
1231
|
# @option params [required, String] :resource_arn
|
835
1232
|
# The Amazon Resource Name (ARN) of the resource to return tags for. The
|
836
|
-
# Firewall Manager
|
837
|
-
#
|
1233
|
+
# AWS Firewall Manager resources that support tagging are policies,
|
1234
|
+
# applications lists, and protocols lists.
|
838
1235
|
#
|
839
1236
|
# @return [Types::ListTagsForResourceResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
840
1237
|
#
|
@@ -861,9 +1258,94 @@ module Aws::FMS
|
|
861
1258
|
req.send_request(options)
|
862
1259
|
end
|
863
1260
|
|
1261
|
+
# Creates an AWS Firewall Manager applications list.
|
1262
|
+
#
|
1263
|
+
# @option params [required, Types::AppsListData] :apps_list
|
1264
|
+
# The details of the AWS Firewall Manager applications list to be
|
1265
|
+
# created.
|
1266
|
+
#
|
1267
|
+
# @option params [Array<Types::Tag>] :tag_list
|
1268
|
+
# The tags associated with the resource.
|
1269
|
+
#
|
1270
|
+
# @return [Types::PutAppsListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1271
|
+
#
|
1272
|
+
# * {Types::PutAppsListResponse#apps_list #apps_list} => Types::AppsListData
|
1273
|
+
# * {Types::PutAppsListResponse#apps_list_arn #apps_list_arn} => String
|
1274
|
+
#
|
1275
|
+
# @example Request syntax with placeholder values
|
1276
|
+
#
|
1277
|
+
# resp = client.put_apps_list({
|
1278
|
+
# apps_list: { # required
|
1279
|
+
# list_id: "ListId",
|
1280
|
+
# list_name: "ResourceName", # required
|
1281
|
+
# list_update_token: "UpdateToken",
|
1282
|
+
# create_time: Time.now,
|
1283
|
+
# last_update_time: Time.now,
|
1284
|
+
# apps_list: [ # required
|
1285
|
+
# {
|
1286
|
+
# app_name: "ResourceName", # required
|
1287
|
+
# protocol: "Protocol", # required
|
1288
|
+
# port: 1, # required
|
1289
|
+
# },
|
1290
|
+
# ],
|
1291
|
+
# previous_apps_list: {
|
1292
|
+
# "PreviousListVersion" => [
|
1293
|
+
# {
|
1294
|
+
# app_name: "ResourceName", # required
|
1295
|
+
# protocol: "Protocol", # required
|
1296
|
+
# port: 1, # required
|
1297
|
+
# },
|
1298
|
+
# ],
|
1299
|
+
# },
|
1300
|
+
# },
|
1301
|
+
# tag_list: [
|
1302
|
+
# {
|
1303
|
+
# key: "TagKey", # required
|
1304
|
+
# value: "TagValue", # required
|
1305
|
+
# },
|
1306
|
+
# ],
|
1307
|
+
# })
|
1308
|
+
#
|
1309
|
+
# @example Response structure
|
1310
|
+
#
|
1311
|
+
# resp.apps_list.list_id #=> String
|
1312
|
+
# resp.apps_list.list_name #=> String
|
1313
|
+
# resp.apps_list.list_update_token #=> String
|
1314
|
+
# resp.apps_list.create_time #=> Time
|
1315
|
+
# resp.apps_list.last_update_time #=> Time
|
1316
|
+
# resp.apps_list.apps_list #=> Array
|
1317
|
+
# resp.apps_list.apps_list[0].app_name #=> String
|
1318
|
+
# resp.apps_list.apps_list[0].protocol #=> String
|
1319
|
+
# resp.apps_list.apps_list[0].port #=> Integer
|
1320
|
+
# resp.apps_list.previous_apps_list #=> Hash
|
1321
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"] #=> Array
|
1322
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].app_name #=> String
|
1323
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].protocol #=> String
|
1324
|
+
# resp.apps_list.previous_apps_list["PreviousListVersion"][0].port #=> Integer
|
1325
|
+
# resp.apps_list_arn #=> String
|
1326
|
+
#
|
1327
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsList AWS API Documentation
|
1328
|
+
#
|
1329
|
+
# @overload put_apps_list(params = {})
|
1330
|
+
# @param [Hash] params ({})
|
1331
|
+
def put_apps_list(params = {}, options = {})
|
1332
|
+
req = build_request(:put_apps_list, params)
|
1333
|
+
req.send_request(options)
|
1334
|
+
end
|
1335
|
+
|
864
1336
|
# Designates the IAM role and Amazon Simple Notification Service (SNS)
|
865
1337
|
# topic that AWS Firewall Manager uses to record SNS logs.
|
866
1338
|
#
|
1339
|
+
# To perform this action outside of the console, you must configure the
|
1340
|
+
# SNS topic to allow the Firewall Manager role `AWSServiceRoleForFMS` to
|
1341
|
+
# publish SNS logs. For more information, see [Firewall Manager required
|
1342
|
+
# permissions for API actions][1] in the *AWS Firewall Manager Developer
|
1343
|
+
# Guide*.
|
1344
|
+
#
|
1345
|
+
#
|
1346
|
+
#
|
1347
|
+
# [1]: https://docs.aws.amazon.com/waf/latest/developerguide/fms-api-permissions-ref.html
|
1348
|
+
#
|
867
1349
|
# @option params [required, String] :sns_topic_arn
|
868
1350
|
# The Amazon Resource Name (ARN) of the SNS topic that collects
|
869
1351
|
# notifications from AWS Firewall Manager.
|
@@ -894,18 +1376,21 @@ module Aws::FMS
|
|
894
1376
|
#
|
895
1377
|
# Firewall Manager provides the following types of policies:
|
896
1378
|
#
|
897
|
-
# * A Shield Advanced policy, which applies Shield Advanced protection
|
898
|
-
# to specified accounts and resources
|
899
|
-
#
|
900
1379
|
# * An AWS WAF policy (type WAFV2), which defines rule groups to run
|
901
1380
|
# first in the corresponding AWS WAF web ACL and rule groups to run
|
902
1381
|
# last in the web ACL.
|
903
1382
|
#
|
904
1383
|
# * An AWS WAF Classic policy (type WAF), which defines a rule group.
|
905
1384
|
#
|
1385
|
+
# * A Shield Advanced policy, which applies Shield Advanced protection
|
1386
|
+
# to specified accounts and resources.
|
1387
|
+
#
|
906
1388
|
# * A security group policy, which manages VPC security groups across
|
907
1389
|
# your AWS organization.
|
908
1390
|
#
|
1391
|
+
# * An AWS Network Firewall policy, which provides firewall rules to
|
1392
|
+
# filter network traffic in specified Amazon VPCs.
|
1393
|
+
#
|
909
1394
|
# Each policy is specific to one of the types. If you want to enforce
|
910
1395
|
# more than one policy type across accounts, create multiple policies.
|
911
1396
|
# You can create multiple policies for each type.
|
@@ -937,7 +1422,7 @@ module Aws::FMS
|
|
937
1422
|
# policy_name: "ResourceName", # required
|
938
1423
|
# policy_update_token: "PolicyUpdateToken",
|
939
1424
|
# security_service_policy_data: { # required
|
940
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT
|
1425
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL
|
941
1426
|
# managed_service_data: "ManagedServiceData",
|
942
1427
|
# },
|
943
1428
|
# resource_type: "ResourceType", # required
|
@@ -970,7 +1455,7 @@ module Aws::FMS
|
|
970
1455
|
# resp.policy.policy_id #=> String
|
971
1456
|
# resp.policy.policy_name #=> String
|
972
1457
|
# resp.policy.policy_update_token #=> String
|
973
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT"
|
1458
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
974
1459
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
975
1460
|
# resp.policy.resource_type #=> String
|
976
1461
|
# resp.policy.resource_type_list #=> Array
|
@@ -997,12 +1482,70 @@ module Aws::FMS
|
|
997
1482
|
req.send_request(options)
|
998
1483
|
end
|
999
1484
|
|
1485
|
+
# Creates an AWS Firewall Manager protocols list.
|
1486
|
+
#
|
1487
|
+
# @option params [required, Types::ProtocolsListData] :protocols_list
|
1488
|
+
# The details of the AWS Firewall Manager protocols list to be created.
|
1489
|
+
#
|
1490
|
+
# @option params [Array<Types::Tag>] :tag_list
|
1491
|
+
# The tags associated with the resource.
|
1492
|
+
#
|
1493
|
+
# @return [Types::PutProtocolsListResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
1494
|
+
#
|
1495
|
+
# * {Types::PutProtocolsListResponse#protocols_list #protocols_list} => Types::ProtocolsListData
|
1496
|
+
# * {Types::PutProtocolsListResponse#protocols_list_arn #protocols_list_arn} => String
|
1497
|
+
#
|
1498
|
+
# @example Request syntax with placeholder values
|
1499
|
+
#
|
1500
|
+
# resp = client.put_protocols_list({
|
1501
|
+
# protocols_list: { # required
|
1502
|
+
# list_id: "ListId",
|
1503
|
+
# list_name: "ResourceName", # required
|
1504
|
+
# list_update_token: "UpdateToken",
|
1505
|
+
# create_time: Time.now,
|
1506
|
+
# last_update_time: Time.now,
|
1507
|
+
# protocols_list: ["Protocol"], # required
|
1508
|
+
# previous_protocols_list: {
|
1509
|
+
# "PreviousListVersion" => ["Protocol"],
|
1510
|
+
# },
|
1511
|
+
# },
|
1512
|
+
# tag_list: [
|
1513
|
+
# {
|
1514
|
+
# key: "TagKey", # required
|
1515
|
+
# value: "TagValue", # required
|
1516
|
+
# },
|
1517
|
+
# ],
|
1518
|
+
# })
|
1519
|
+
#
|
1520
|
+
# @example Response structure
|
1521
|
+
#
|
1522
|
+
# resp.protocols_list.list_id #=> String
|
1523
|
+
# resp.protocols_list.list_name #=> String
|
1524
|
+
# resp.protocols_list.list_update_token #=> String
|
1525
|
+
# resp.protocols_list.create_time #=> Time
|
1526
|
+
# resp.protocols_list.last_update_time #=> Time
|
1527
|
+
# resp.protocols_list.protocols_list #=> Array
|
1528
|
+
# resp.protocols_list.protocols_list[0] #=> String
|
1529
|
+
# resp.protocols_list.previous_protocols_list #=> Hash
|
1530
|
+
# resp.protocols_list.previous_protocols_list["PreviousListVersion"] #=> Array
|
1531
|
+
# resp.protocols_list.previous_protocols_list["PreviousListVersion"][0] #=> String
|
1532
|
+
# resp.protocols_list_arn #=> String
|
1533
|
+
#
|
1534
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsList AWS API Documentation
|
1535
|
+
#
|
1536
|
+
# @overload put_protocols_list(params = {})
|
1537
|
+
# @param [Hash] params ({})
|
1538
|
+
def put_protocols_list(params = {}, options = {})
|
1539
|
+
req = build_request(:put_protocols_list, params)
|
1540
|
+
req.send_request(options)
|
1541
|
+
end
|
1542
|
+
|
1000
1543
|
# Adds one or more tags to an AWS resource.
|
1001
1544
|
#
|
1002
1545
|
# @option params [required, String] :resource_arn
|
1003
|
-
# The Amazon Resource Name (ARN) of the resource. The
|
1004
|
-
#
|
1005
|
-
#
|
1546
|
+
# The Amazon Resource Name (ARN) of the resource to return tags for. The
|
1547
|
+
# AWS Firewall Manager resources that support tagging are policies,
|
1548
|
+
# applications lists, and protocols lists.
|
1006
1549
|
#
|
1007
1550
|
# @option params [required, Array<Types::Tag>] :tag_list
|
1008
1551
|
# The tags to add to the resource.
|
@@ -1033,9 +1576,9 @@ module Aws::FMS
|
|
1033
1576
|
# Removes one or more tags from an AWS resource.
|
1034
1577
|
#
|
1035
1578
|
# @option params [required, String] :resource_arn
|
1036
|
-
# The Amazon Resource Name (ARN) of the resource. The
|
1037
|
-
#
|
1038
|
-
#
|
1579
|
+
# The Amazon Resource Name (ARN) of the resource to return tags for. The
|
1580
|
+
# AWS Firewall Manager resources that support tagging are policies,
|
1581
|
+
# applications lists, and protocols lists.
|
1039
1582
|
#
|
1040
1583
|
# @option params [required, Array<String>] :tag_keys
|
1041
1584
|
# The keys of the tags to remove from the resource.
|
@@ -1071,7 +1614,7 @@ module Aws::FMS
|
|
1071
1614
|
params: params,
|
1072
1615
|
config: config)
|
1073
1616
|
context[:gem_name] = 'aws-sdk-fms'
|
1074
|
-
context[:gem_version] = '1.
|
1617
|
+
context[:gem_version] = '1.33.0'
|
1075
1618
|
Seahorse::Client::Request.new(handlers, context)
|
1076
1619
|
end
|
1077
1620
|
|