aws-sdk-fms 1.46.0 → 1.49.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +15 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +223 -7
- data/lib/aws-sdk-fms/client_api.rb +187 -0
- data/lib/aws-sdk-fms/types.rb +849 -9
- data/lib/aws-sdk-fms.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 16ed215f917debd6e77e26d7aa5c7cb99079aac3b1189cbdb39b10d0ab0dec9d
|
|
4
|
+
data.tar.gz: 358cf904a9452d3a0b5c0a8cc5de573b6c01e1c7f4429298fd8d85ba43e03092
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c03589c37e3610e2ff989687a357302d0dcebbbd8cea89bf3da2537ecf122a8187a853b25c706416ab9bd78dc6b16177e39173223ecab23155dd716ec5343d8b
|
|
7
|
+
data.tar.gz: 957c9504c4d7a4af2850d23587aa67c96b60c332fdcc51e22115ee4ab5bd79b0640c1c6e5f0c8c80efeeca1db8c71af551cbb5d6b9dee69ed75d4a6efff16a74
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,21 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.49.0 (2022-03-30)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - AWS Firewall Manager now supports the configuration of third-party policies that can use either the centralized or distributed deployment models.
|
|
8
|
+
|
|
9
|
+
1.48.0 (2022-02-24)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - AWS Firewall Manager now supports the configuration of AWS Network Firewall policies with either centralized or distributed deployment models. This release also adds support for custom endpoint configuration, where you can choose which Availability Zones to create firewall endpoints in.
|
|
13
|
+
|
|
14
|
+
1.47.0 (2022-02-03)
|
|
15
|
+
------------------
|
|
16
|
+
|
|
17
|
+
* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
|
|
18
|
+
|
|
4
19
|
1.46.0 (2022-01-12)
|
|
5
20
|
------------------
|
|
6
21
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.49.0
|
data/lib/aws-sdk-fms/client.rb
CHANGED
|
@@ -27,7 +27,9 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
|
|
27
27
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
|
28
28
|
require 'aws-sdk-core/plugins/transfer_encoding.rb'
|
|
29
29
|
require 'aws-sdk-core/plugins/http_checksum.rb'
|
|
30
|
+
require 'aws-sdk-core/plugins/checksum_algorithm.rb'
|
|
30
31
|
require 'aws-sdk-core/plugins/defaults_mode.rb'
|
|
32
|
+
require 'aws-sdk-core/plugins/recursion_detection.rb'
|
|
31
33
|
require 'aws-sdk-core/plugins/signature_v4.rb'
|
|
32
34
|
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
|
33
35
|
|
|
@@ -74,7 +76,9 @@ module Aws::FMS
|
|
|
74
76
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
|
75
77
|
add_plugin(Aws::Plugins::TransferEncoding)
|
|
76
78
|
add_plugin(Aws::Plugins::HttpChecksum)
|
|
79
|
+
add_plugin(Aws::Plugins::ChecksumAlgorithm)
|
|
77
80
|
add_plugin(Aws::Plugins::DefaultsMode)
|
|
81
|
+
add_plugin(Aws::Plugins::RecursionDetection)
|
|
78
82
|
add_plugin(Aws::Plugins::SignatureV4)
|
|
79
83
|
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
|
80
84
|
|
|
@@ -393,6 +397,37 @@ module Aws::FMS
|
|
|
393
397
|
req.send_request(options)
|
|
394
398
|
end
|
|
395
399
|
|
|
400
|
+
# Sets the Firewall Manager policy administrator as a tenant
|
|
401
|
+
# administrator of a third-party firewall service. A tenant is an
|
|
402
|
+
# instance of the third-party firewall service that's associated with
|
|
403
|
+
# your Amazon Web Services customer account.
|
|
404
|
+
#
|
|
405
|
+
# @option params [required, String] :third_party_firewall
|
|
406
|
+
# The name of the third-party firewall vendor.
|
|
407
|
+
#
|
|
408
|
+
# @return [Types::AssociateThirdPartyFirewallResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
409
|
+
#
|
|
410
|
+
# * {Types::AssociateThirdPartyFirewallResponse#third_party_firewall_status #third_party_firewall_status} => String
|
|
411
|
+
#
|
|
412
|
+
# @example Request syntax with placeholder values
|
|
413
|
+
#
|
|
414
|
+
# resp = client.associate_third_party_firewall({
|
|
415
|
+
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
416
|
+
# })
|
|
417
|
+
#
|
|
418
|
+
# @example Response structure
|
|
419
|
+
#
|
|
420
|
+
# resp.third_party_firewall_status #=> String, one of "ONBOARDING", "ONBOARD_COMPLETE", "OFFBOARDING", "OFFBOARD_COMPLETE", "NOT_EXIST"
|
|
421
|
+
#
|
|
422
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateThirdPartyFirewall AWS API Documentation
|
|
423
|
+
#
|
|
424
|
+
# @overload associate_third_party_firewall(params = {})
|
|
425
|
+
# @param [Hash] params ({})
|
|
426
|
+
def associate_third_party_firewall(params = {}, options = {})
|
|
427
|
+
req = build_request(:associate_third_party_firewall, params)
|
|
428
|
+
req.send_request(options)
|
|
429
|
+
end
|
|
430
|
+
|
|
396
431
|
# Permanently deletes an Firewall Manager applications list.
|
|
397
432
|
#
|
|
398
433
|
# @option params [required, String] :list_id
|
|
@@ -524,6 +559,37 @@ module Aws::FMS
|
|
|
524
559
|
req.send_request(options)
|
|
525
560
|
end
|
|
526
561
|
|
|
562
|
+
# Disassociates a Firewall Manager policy administrator from a
|
|
563
|
+
# third-party firewall tenant. When you call
|
|
564
|
+
# `DisassociateThirdPartyFirewall`, the third-party firewall vendor
|
|
565
|
+
# deletes all of the firewalls that are associated with the account.
|
|
566
|
+
#
|
|
567
|
+
# @option params [required, String] :third_party_firewall
|
|
568
|
+
# The name of the third-party firewall vendor.
|
|
569
|
+
#
|
|
570
|
+
# @return [Types::DisassociateThirdPartyFirewallResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
571
|
+
#
|
|
572
|
+
# * {Types::DisassociateThirdPartyFirewallResponse#third_party_firewall_status #third_party_firewall_status} => String
|
|
573
|
+
#
|
|
574
|
+
# @example Request syntax with placeholder values
|
|
575
|
+
#
|
|
576
|
+
# resp = client.disassociate_third_party_firewall({
|
|
577
|
+
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
578
|
+
# })
|
|
579
|
+
#
|
|
580
|
+
# @example Response structure
|
|
581
|
+
#
|
|
582
|
+
# resp.third_party_firewall_status #=> String, one of "ONBOARDING", "ONBOARD_COMPLETE", "OFFBOARDING", "OFFBOARD_COMPLETE", "NOT_EXIST"
|
|
583
|
+
#
|
|
584
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateThirdPartyFirewall AWS API Documentation
|
|
585
|
+
#
|
|
586
|
+
# @overload disassociate_third_party_firewall(params = {})
|
|
587
|
+
# @param [Hash] params ({})
|
|
588
|
+
def disassociate_third_party_firewall(params = {}, options = {})
|
|
589
|
+
req = build_request(:disassociate_third_party_firewall, params)
|
|
590
|
+
req.send_request(options)
|
|
591
|
+
end
|
|
592
|
+
|
|
527
593
|
# Returns the Organizations account that is associated with Firewall
|
|
528
594
|
# Manager as the Firewall Manager administrator.
|
|
529
595
|
#
|
|
@@ -644,8 +710,10 @@ module Aws::FMS
|
|
|
644
710
|
# resp.policy_compliance_detail.member_account #=> String
|
|
645
711
|
# resp.policy_compliance_detail.violators #=> Array
|
|
646
712
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
|
647
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL"
|
|
713
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT"
|
|
648
714
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
|
715
|
+
# resp.policy_compliance_detail.violators[0].metadata #=> Hash
|
|
716
|
+
# resp.policy_compliance_detail.violators[0].metadata["LengthBoundedString"] #=> String
|
|
649
717
|
# resp.policy_compliance_detail.evaluation_limit_exceeded #=> Boolean
|
|
650
718
|
# resp.policy_compliance_detail.expired_at #=> Time
|
|
651
719
|
# resp.policy_compliance_detail.issue_info_map #=> Hash
|
|
@@ -703,8 +771,10 @@ module Aws::FMS
|
|
|
703
771
|
# resp.policy.policy_id #=> String
|
|
704
772
|
# resp.policy.policy_name #=> String
|
|
705
773
|
# resp.policy.policy_update_token #=> String
|
|
706
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
|
774
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL"
|
|
707
775
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
776
|
+
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
777
|
+
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
708
778
|
# resp.policy.resource_type #=> String
|
|
709
779
|
# resp.policy.resource_type_list #=> Array
|
|
710
780
|
# resp.policy.resource_type_list[0] #=> String
|
|
@@ -790,7 +860,7 @@ module Aws::FMS
|
|
|
790
860
|
# @example Response structure
|
|
791
861
|
#
|
|
792
862
|
# resp.admin_account_id #=> String
|
|
793
|
-
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
|
863
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL"
|
|
794
864
|
# resp.data #=> String
|
|
795
865
|
# resp.next_token #=> String
|
|
796
866
|
#
|
|
@@ -849,6 +919,37 @@ module Aws::FMS
|
|
|
849
919
|
req.send_request(options)
|
|
850
920
|
end
|
|
851
921
|
|
|
922
|
+
# The onboarding status of a Firewall Manager admin account to
|
|
923
|
+
# third-party firewall vendor tenant.
|
|
924
|
+
#
|
|
925
|
+
# @option params [required, String] :third_party_firewall
|
|
926
|
+
# The name of the third-party firewall vendor.
|
|
927
|
+
#
|
|
928
|
+
# @return [Types::GetThirdPartyFirewallAssociationStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
929
|
+
#
|
|
930
|
+
# * {Types::GetThirdPartyFirewallAssociationStatusResponse#third_party_firewall_status #third_party_firewall_status} => String
|
|
931
|
+
# * {Types::GetThirdPartyFirewallAssociationStatusResponse#marketplace_onboarding_status #marketplace_onboarding_status} => String
|
|
932
|
+
#
|
|
933
|
+
# @example Request syntax with placeholder values
|
|
934
|
+
#
|
|
935
|
+
# resp = client.get_third_party_firewall_association_status({
|
|
936
|
+
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
937
|
+
# })
|
|
938
|
+
#
|
|
939
|
+
# @example Response structure
|
|
940
|
+
#
|
|
941
|
+
# resp.third_party_firewall_status #=> String, one of "ONBOARDING", "ONBOARD_COMPLETE", "OFFBOARDING", "OFFBOARD_COMPLETE", "NOT_EXIST"
|
|
942
|
+
# resp.marketplace_onboarding_status #=> String, one of "NO_SUBSCRIPTION", "NOT_COMPLETE", "COMPLETE"
|
|
943
|
+
#
|
|
944
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetThirdPartyFirewallAssociationStatus AWS API Documentation
|
|
945
|
+
#
|
|
946
|
+
# @overload get_third_party_firewall_association_status(params = {})
|
|
947
|
+
# @param [Hash] params ({})
|
|
948
|
+
def get_third_party_firewall_association_status(params = {}, options = {})
|
|
949
|
+
req = build_request(:get_third_party_firewall_association_status, params)
|
|
950
|
+
req.send_request(options)
|
|
951
|
+
end
|
|
952
|
+
|
|
852
953
|
# Retrieves violations for a resource based on the specified Firewall
|
|
853
954
|
# Manager policy and Amazon Web Services account.
|
|
854
955
|
#
|
|
@@ -1140,8 +1241,56 @@ module Aws::FMS
|
|
|
1140
1241
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.ec2_create_route_table_action.description #=> String
|
|
1141
1242
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.ec2_create_route_table_action.vpc_id.resource_id #=> String
|
|
1142
1243
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.ec2_create_route_table_action.vpc_id.description #=> String
|
|
1244
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.description #=> String
|
|
1245
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.firewall_creation_config #=> String
|
|
1143
1246
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].order #=> Integer
|
|
1144
1247
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].is_default_action #=> Boolean
|
|
1248
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.firewall_subnet_id #=> String
|
|
1249
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_id #=> String
|
|
1250
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone #=> String
|
|
1251
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone_id #=> String
|
|
1252
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_endpoint_id #=> String
|
|
1253
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_id #=> String
|
|
1254
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.vpc_id #=> String
|
|
1255
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.route_table_id #=> String
|
|
1256
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes #=> Array
|
|
1257
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1258
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1259
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination #=> String
|
|
1260
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target #=> String
|
|
1261
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone #=> String
|
|
1262
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1263
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_firewall_subnet_route_table #=> String
|
|
1264
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_id #=> String
|
|
1265
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes #=> Array
|
|
1266
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1267
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1268
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination #=> String
|
|
1269
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target #=> String
|
|
1270
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_id #=> String
|
|
1271
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_internet_gateway_route_table #=> String
|
|
1272
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes #=> Array
|
|
1273
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1274
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1275
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination #=> String
|
|
1276
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target #=> String
|
|
1277
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.violation_target #=> String
|
|
1278
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.vpc #=> String
|
|
1279
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.availability_zone #=> String
|
|
1280
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.target_violation_reason #=> String
|
|
1281
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.violation_target #=> String
|
|
1282
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.vpc #=> String
|
|
1283
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.availability_zone #=> String
|
|
1284
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.target_violation_reason #=> String
|
|
1285
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.violation_target #=> String
|
|
1286
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.vpc #=> String
|
|
1287
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.availability_zone #=> String
|
|
1288
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.current_route_table #=> String
|
|
1289
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.expected_route_table #=> String
|
|
1290
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.firewall_subnet_id #=> String
|
|
1291
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.vpc_id #=> String
|
|
1292
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone #=> String
|
|
1293
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1145
1294
|
# resp.violation_detail.resource_tags #=> Array
|
|
1146
1295
|
# resp.violation_detail.resource_tags[0].key #=> String
|
|
1147
1296
|
# resp.violation_detail.resource_tags[0].value #=> String
|
|
@@ -1368,7 +1517,7 @@ module Aws::FMS
|
|
|
1368
1517
|
# resp.policy_list[0].policy_id #=> String
|
|
1369
1518
|
# resp.policy_list[0].policy_name #=> String
|
|
1370
1519
|
# resp.policy_list[0].resource_type #=> String
|
|
1371
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
|
1520
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL"
|
|
1372
1521
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
|
1373
1522
|
# resp.policy_list[0].delete_unused_fm_managed_resources #=> Boolean
|
|
1374
1523
|
# resp.next_token #=> String
|
|
@@ -1471,6 +1620,63 @@ module Aws::FMS
|
|
|
1471
1620
|
req.send_request(options)
|
|
1472
1621
|
end
|
|
1473
1622
|
|
|
1623
|
+
# Retrieves a list of all of the third-party firewall policies that are
|
|
1624
|
+
# associated with the third-party firewall administrator's account.
|
|
1625
|
+
#
|
|
1626
|
+
# @option params [required, String] :third_party_firewall
|
|
1627
|
+
# The name of the third-party firewall vendor.
|
|
1628
|
+
#
|
|
1629
|
+
# @option params [String] :next_token
|
|
1630
|
+
# If the previous response included a `NextToken` element, the specified
|
|
1631
|
+
# third-party firewall vendor is associated with more third-party
|
|
1632
|
+
# firewall policies. To get more third-party firewall policies, submit
|
|
1633
|
+
# another `ListThirdPartyFirewallFirewallPoliciesRequest` request.
|
|
1634
|
+
#
|
|
1635
|
+
# For the value of `NextToken`, specify the value of `NextToken` from
|
|
1636
|
+
# the previous response. If the previous response didn't include a
|
|
1637
|
+
# `NextToken` element, there are no more third-party firewall policies
|
|
1638
|
+
# to get.
|
|
1639
|
+
#
|
|
1640
|
+
# @option params [required, Integer] :max_results
|
|
1641
|
+
# The maximum number of third-party firewall policies that you want
|
|
1642
|
+
# Firewall Manager to return. If the specified third-party firewall
|
|
1643
|
+
# vendor is associated with more than `MaxResults` firewall policies,
|
|
1644
|
+
# the response includes a `NextToken` element. `NextToken` contains an
|
|
1645
|
+
# encrypted token that identifies the first third-party firewall
|
|
1646
|
+
# policies that Firewall Manager will return if you submit another
|
|
1647
|
+
# request.
|
|
1648
|
+
#
|
|
1649
|
+
# @return [Types::ListThirdPartyFirewallFirewallPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
1650
|
+
#
|
|
1651
|
+
# * {Types::ListThirdPartyFirewallFirewallPoliciesResponse#third_party_firewall_firewall_policies #third_party_firewall_firewall_policies} => Array<Types::ThirdPartyFirewallFirewallPolicy>
|
|
1652
|
+
# * {Types::ListThirdPartyFirewallFirewallPoliciesResponse#next_token #next_token} => String
|
|
1653
|
+
#
|
|
1654
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
1655
|
+
#
|
|
1656
|
+
# @example Request syntax with placeholder values
|
|
1657
|
+
#
|
|
1658
|
+
# resp = client.list_third_party_firewall_firewall_policies({
|
|
1659
|
+
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
1660
|
+
# next_token: "PaginationToken",
|
|
1661
|
+
# max_results: 1, # required
|
|
1662
|
+
# })
|
|
1663
|
+
#
|
|
1664
|
+
# @example Response structure
|
|
1665
|
+
#
|
|
1666
|
+
# resp.third_party_firewall_firewall_policies #=> Array
|
|
1667
|
+
# resp.third_party_firewall_firewall_policies[0].firewall_policy_id #=> String
|
|
1668
|
+
# resp.third_party_firewall_firewall_policies[0].firewall_policy_name #=> String
|
|
1669
|
+
# resp.next_token #=> String
|
|
1670
|
+
#
|
|
1671
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListThirdPartyFirewallFirewallPolicies AWS API Documentation
|
|
1672
|
+
#
|
|
1673
|
+
# @overload list_third_party_firewall_firewall_policies(params = {})
|
|
1674
|
+
# @param [Hash] params ({})
|
|
1675
|
+
def list_third_party_firewall_firewall_policies(params = {}, options = {})
|
|
1676
|
+
req = build_request(:list_third_party_firewall_firewall_policies, params)
|
|
1677
|
+
req.send_request(options)
|
|
1678
|
+
end
|
|
1679
|
+
|
|
1474
1680
|
# Creates an Firewall Manager applications list.
|
|
1475
1681
|
#
|
|
1476
1682
|
# @option params [required, Types::AppsListData] :apps_list
|
|
@@ -1637,8 +1843,16 @@ module Aws::FMS
|
|
|
1637
1843
|
# policy_name: "ResourceName", # required
|
|
1638
1844
|
# policy_update_token: "PolicyUpdateToken",
|
|
1639
1845
|
# security_service_policy_data: { # required
|
|
1640
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL
|
|
1846
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
|
|
1641
1847
|
# managed_service_data: "ManagedServiceData",
|
|
1848
|
+
# policy_option: {
|
|
1849
|
+
# network_firewall_policy: {
|
|
1850
|
+
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
1851
|
+
# },
|
|
1852
|
+
# third_party_firewall_policy: {
|
|
1853
|
+
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
1854
|
+
# },
|
|
1855
|
+
# },
|
|
1642
1856
|
# },
|
|
1643
1857
|
# resource_type: "ResourceType", # required
|
|
1644
1858
|
# resource_type_list: ["ResourceType"],
|
|
@@ -1671,8 +1885,10 @@ module Aws::FMS
|
|
|
1671
1885
|
# resp.policy.policy_id #=> String
|
|
1672
1886
|
# resp.policy.policy_name #=> String
|
|
1673
1887
|
# resp.policy.policy_update_token #=> String
|
|
1674
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
|
1888
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL"
|
|
1675
1889
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
1890
|
+
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
1891
|
+
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
1676
1892
|
# resp.policy.resource_type #=> String
|
|
1677
1893
|
# resp.policy.resource_type_list #=> Array
|
|
1678
1894
|
# resp.policy.resource_type_list[0] #=> String
|
|
@@ -1831,7 +2047,7 @@ module Aws::FMS
|
|
|
1831
2047
|
params: params,
|
|
1832
2048
|
config: config)
|
|
1833
2049
|
context[:gem_name] = 'aws-sdk-fms'
|
|
1834
|
-
context[:gem_version] = '1.
|
|
2050
|
+
context[:gem_version] = '1.49.0'
|
|
1835
2051
|
Seahorse::Client::Request.new(handlers, context)
|
|
1836
2052
|
end
|
|
1837
2053
|
|