aws-sdk-fms 1.52.0 → 1.53.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -320,6 +320,98 @@ module Aws::FMS
320
320
  include Aws::Structure
321
321
  end
322
322
 
323
+ # @note When making an API call, you may pass BatchAssociateResourceRequest
324
+ # data as a hash:
325
+ #
326
+ # {
327
+ # resource_set_identifier: "Identifier", # required
328
+ # items: ["Identifier"], # required
329
+ # }
330
+ #
331
+ # @!attribute [rw] resource_set_identifier
332
+ # A unique identifier for the resource set, used in a TODO to refer to
333
+ # the resource set.
334
+ # @return [String]
335
+ #
336
+ # @!attribute [rw] items
337
+ # The uniform resource identifiers (URIs) of resources that should be
338
+ # associated to the resource set. The URIs must be Amazon Resource
339
+ # Names (ARNs).
340
+ # @return [Array<String>]
341
+ #
342
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchAssociateResourceRequest AWS API Documentation
343
+ #
344
+ class BatchAssociateResourceRequest < Struct.new(
345
+ :resource_set_identifier,
346
+ :items)
347
+ SENSITIVE = []
348
+ include Aws::Structure
349
+ end
350
+
351
+ # @!attribute [rw] resource_set_identifier
352
+ # A unique identifier for the resource set, used in a TODO to refer to
353
+ # the resource set.
354
+ # @return [String]
355
+ #
356
+ # @!attribute [rw] failed_items
357
+ # The resources that failed to associate to the resource set.
358
+ # @return [Array<Types::FailedItem>]
359
+ #
360
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchAssociateResourceResponse AWS API Documentation
361
+ #
362
+ class BatchAssociateResourceResponse < Struct.new(
363
+ :resource_set_identifier,
364
+ :failed_items)
365
+ SENSITIVE = []
366
+ include Aws::Structure
367
+ end
368
+
369
+ # @note When making an API call, you may pass BatchDisassociateResourceRequest
370
+ # data as a hash:
371
+ #
372
+ # {
373
+ # resource_set_identifier: "Identifier", # required
374
+ # items: ["Identifier"], # required
375
+ # }
376
+ #
377
+ # @!attribute [rw] resource_set_identifier
378
+ # A unique identifier for the resource set, used in a TODO to refer to
379
+ # the resource set.
380
+ # @return [String]
381
+ #
382
+ # @!attribute [rw] items
383
+ # The uniform resource identifiers (URI) of resources that should be
384
+ # disassociated from the resource set. The URIs must be Amazon
385
+ # Resource Names (ARNs).
386
+ # @return [Array<String>]
387
+ #
388
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchDisassociateResourceRequest AWS API Documentation
389
+ #
390
+ class BatchDisassociateResourceRequest < Struct.new(
391
+ :resource_set_identifier,
392
+ :items)
393
+ SENSITIVE = []
394
+ include Aws::Structure
395
+ end
396
+
397
+ # @!attribute [rw] resource_set_identifier
398
+ # A unique identifier for the resource set, used in a TODO to refer to
399
+ # the resource set.
400
+ # @return [String]
401
+ #
402
+ # @!attribute [rw] failed_items
403
+ # The resources that failed to disassociate from the resource set.
404
+ # @return [Array<Types::FailedItem>]
405
+ #
406
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchDisassociateResourceResponse AWS API Documentation
407
+ #
408
+ class BatchDisassociateResourceResponse < Struct.new(
409
+ :resource_set_identifier,
410
+ :failed_items)
411
+ SENSITIVE = []
412
+ include Aws::Structure
413
+ end
414
+
323
415
  # Details of the resource that is not protected by the policy.
324
416
  #
325
417
  # @!attribute [rw] resource_id
@@ -460,6 +552,26 @@ module Aws::FMS
460
552
  include Aws::Structure
461
553
  end
462
554
 
555
+ # @note When making an API call, you may pass DeleteResourceSetRequest
556
+ # data as a hash:
557
+ #
558
+ # {
559
+ # identifier: "Base62Id", # required
560
+ # }
561
+ #
562
+ # @!attribute [rw] identifier
563
+ # A unique identifier for the resource set, used in a TODO to refer to
564
+ # the resource set.
565
+ # @return [String]
566
+ #
567
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteResourceSetRequest AWS API Documentation
568
+ #
569
+ class DeleteResourceSetRequest < Struct.new(
570
+ :identifier)
571
+ SENSITIVE = []
572
+ include Aws::Structure
573
+ end
574
+
463
575
  # @api private
464
576
  #
465
577
  # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccountRequest AWS API Documentation
@@ -498,6 +610,37 @@ module Aws::FMS
498
610
  include Aws::Structure
499
611
  end
500
612
 
613
+ # A resource in the organization that's available to be associated with
614
+ # a Firewall Manager resource set.
615
+ #
616
+ # @!attribute [rw] uri
617
+ # The universal resource identifier (URI) of the discovered resource.
618
+ # @return [String]
619
+ #
620
+ # @!attribute [rw] account_id
621
+ # The Amazon Web Services account ID associated with the discovered
622
+ # resource.
623
+ # @return [String]
624
+ #
625
+ # @!attribute [rw] type
626
+ # The type of the discovered resource.
627
+ # @return [String]
628
+ #
629
+ # @!attribute [rw] name
630
+ # The name of the discovered resource.
631
+ # @return [String]
632
+ #
633
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DiscoveredResource AWS API Documentation
634
+ #
635
+ class DiscoveredResource < Struct.new(
636
+ :uri,
637
+ :account_id,
638
+ :type,
639
+ :name)
640
+ SENSITIVE = []
641
+ include Aws::Structure
642
+ end
643
+
501
644
  # A DNS Firewall rule group that Firewall Manager tried to associate
502
645
  # with a VPC is already associated with the VPC and can't be associated
503
646
  # again.
@@ -925,6 +1068,26 @@ module Aws::FMS
925
1068
  include Aws::Structure
926
1069
  end
927
1070
 
1071
+ # Details of a resource that failed when trying to update it's
1072
+ # association to a resource set.
1073
+ #
1074
+ # @!attribute [rw] uri
1075
+ # The univeral resource indicator (URI) of the resource that failed.
1076
+ # @return [String]
1077
+ #
1078
+ # @!attribute [rw] reason
1079
+ # The reason the resource's association could not be updated.
1080
+ # @return [String]
1081
+ #
1082
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/FailedItem AWS API Documentation
1083
+ #
1084
+ class FailedItem < Struct.new(
1085
+ :uri,
1086
+ :reason)
1087
+ SENSITIVE = []
1088
+ include Aws::Structure
1089
+ end
1090
+
928
1091
  # Contains details about the firewall subnet that violates the policy
929
1092
  # scope.
930
1093
  #
@@ -1323,6 +1486,43 @@ module Aws::FMS
1323
1486
  include Aws::Structure
1324
1487
  end
1325
1488
 
1489
+ # @note When making an API call, you may pass GetResourceSetRequest
1490
+ # data as a hash:
1491
+ #
1492
+ # {
1493
+ # identifier: "Base62Id", # required
1494
+ # }
1495
+ #
1496
+ # @!attribute [rw] identifier
1497
+ # A unique identifier for the resource set, used in a TODO to refer to
1498
+ # the resource set.
1499
+ # @return [String]
1500
+ #
1501
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetResourceSetRequest AWS API Documentation
1502
+ #
1503
+ class GetResourceSetRequest < Struct.new(
1504
+ :identifier)
1505
+ SENSITIVE = []
1506
+ include Aws::Structure
1507
+ end
1508
+
1509
+ # @!attribute [rw] resource_set
1510
+ # Information about the specified resource set.
1511
+ # @return [Types::ResourceSet]
1512
+ #
1513
+ # @!attribute [rw] resource_set_arn
1514
+ # The Amazon Resource Name (ARN) of the resource set.
1515
+ # @return [String]
1516
+ #
1517
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetResourceSetResponse AWS API Documentation
1518
+ #
1519
+ class GetResourceSetResponse < Struct.new(
1520
+ :resource_set,
1521
+ :resource_set_arn)
1522
+ SENSITIVE = []
1523
+ include Aws::Structure
1524
+ end
1525
+
1326
1526
  # @note When making an API call, you may pass GetThirdPartyFirewallAssociationStatusRequest
1327
1527
  # data as a hash:
1328
1528
  #
@@ -1653,6 +1853,73 @@ module Aws::FMS
1653
1853
  include Aws::Structure
1654
1854
  end
1655
1855
 
1856
+ # @note When making an API call, you may pass ListDiscoveredResourcesRequest
1857
+ # data as a hash:
1858
+ #
1859
+ # {
1860
+ # member_account_ids: ["AWSAccountId"], # required
1861
+ # resource_type: "ResourceType", # required
1862
+ # max_results: 1,
1863
+ # next_token: "PaginationToken",
1864
+ # }
1865
+ #
1866
+ # @!attribute [rw] member_account_ids
1867
+ # The Amazon Web Services account IDs to discover resources in. Only
1868
+ # one account is supported per request. The account must be a member
1869
+ # of your organization.
1870
+ # @return [Array<String>]
1871
+ #
1872
+ # @!attribute [rw] resource_type
1873
+ # The type of resources to discover.
1874
+ # @return [String]
1875
+ #
1876
+ # @!attribute [rw] max_results
1877
+ # The maximum number of objects that you want Firewall Manager to
1878
+ # return for this request. If more objects are available, in the
1879
+ # response, Firewall Manager provides a `NextToken` value that you can
1880
+ # use in a subsequent call to get the next batch of objects.
1881
+ # @return [Integer]
1882
+ #
1883
+ # @!attribute [rw] next_token
1884
+ # When you request a list of objects with a `MaxResults` setting, if
1885
+ # the number of objects that are still available for retrieval exceeds
1886
+ # the maximum you requested, Firewall Manager returns a `NextToken`
1887
+ # value in the response. To retrieve the next batch of objects, use
1888
+ # the token returned from the prior request in your next request.
1889
+ # @return [String]
1890
+ #
1891
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListDiscoveredResourcesRequest AWS API Documentation
1892
+ #
1893
+ class ListDiscoveredResourcesRequest < Struct.new(
1894
+ :member_account_ids,
1895
+ :resource_type,
1896
+ :max_results,
1897
+ :next_token)
1898
+ SENSITIVE = []
1899
+ include Aws::Structure
1900
+ end
1901
+
1902
+ # @!attribute [rw] items
1903
+ # Details of the resources that were discovered.
1904
+ # @return [Array<Types::DiscoveredResource>]
1905
+ #
1906
+ # @!attribute [rw] next_token
1907
+ # When you request a list of objects with a `MaxResults` setting, if
1908
+ # the number of objects that are still available for retrieval exceeds
1909
+ # the maximum you requested, Firewall Manager returns a `NextToken`
1910
+ # value in the response. To retrieve the next batch of objects, use
1911
+ # the token returned from the prior request in your next request.
1912
+ # @return [String]
1913
+ #
1914
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListDiscoveredResourcesResponse AWS API Documentation
1915
+ #
1916
+ class ListDiscoveredResourcesResponse < Struct.new(
1917
+ :items,
1918
+ :next_token)
1919
+ SENSITIVE = []
1920
+ include Aws::Structure
1921
+ end
1922
+
1656
1923
  # @note When making an API call, you may pass ListMemberAccountsRequest
1657
1924
  # data as a hash:
1658
1925
  #
@@ -1827,6 +2094,120 @@ module Aws::FMS
1827
2094
  include Aws::Structure
1828
2095
  end
1829
2096
 
2097
+ # @note When making an API call, you may pass ListResourceSetResourcesRequest
2098
+ # data as a hash:
2099
+ #
2100
+ # {
2101
+ # identifier: "ResourceId", # required
2102
+ # max_results: 1,
2103
+ # next_token: "PaginationToken",
2104
+ # }
2105
+ #
2106
+ # @!attribute [rw] identifier
2107
+ # A unique identifier for the resource set, used in a TODO to refer to
2108
+ # the resource set.
2109
+ # @return [String]
2110
+ #
2111
+ # @!attribute [rw] max_results
2112
+ # The maximum number of objects that you want Firewall Manager to
2113
+ # return for this request. If more objects are available, in the
2114
+ # response, Firewall Manager provides a `NextToken` value that you can
2115
+ # use in a subsequent call to get the next batch of objects.
2116
+ # @return [Integer]
2117
+ #
2118
+ # @!attribute [rw] next_token
2119
+ # When you request a list of objects with a `MaxResults` setting, if
2120
+ # the number of objects that are still available for retrieval exceeds
2121
+ # the maximum you requested, Firewall Manager returns a `NextToken`
2122
+ # value in the response. To retrieve the next batch of objects, use
2123
+ # the token returned from the prior request in your next request.
2124
+ # @return [String]
2125
+ #
2126
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetResourcesRequest AWS API Documentation
2127
+ #
2128
+ class ListResourceSetResourcesRequest < Struct.new(
2129
+ :identifier,
2130
+ :max_results,
2131
+ :next_token)
2132
+ SENSITIVE = []
2133
+ include Aws::Structure
2134
+ end
2135
+
2136
+ # @!attribute [rw] items
2137
+ # An array of the associated resources' uniform resource identifiers
2138
+ # (URI).
2139
+ # @return [Array<Types::Resource>]
2140
+ #
2141
+ # @!attribute [rw] next_token
2142
+ # When you request a list of objects with a `MaxResults` setting, if
2143
+ # the number of objects that are still available for retrieval exceeds
2144
+ # the maximum you requested, Firewall Manager returns a `NextToken`
2145
+ # value in the response. To retrieve the next batch of objects, use
2146
+ # the token returned from the prior request in your next request.
2147
+ # @return [String]
2148
+ #
2149
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetResourcesResponse AWS API Documentation
2150
+ #
2151
+ class ListResourceSetResourcesResponse < Struct.new(
2152
+ :items,
2153
+ :next_token)
2154
+ SENSITIVE = []
2155
+ include Aws::Structure
2156
+ end
2157
+
2158
+ # @note When making an API call, you may pass ListResourceSetsRequest
2159
+ # data as a hash:
2160
+ #
2161
+ # {
2162
+ # next_token: "PaginationToken",
2163
+ # max_results: 1,
2164
+ # }
2165
+ #
2166
+ # @!attribute [rw] next_token
2167
+ # When you request a list of objects with a `MaxResults` setting, if
2168
+ # the number of objects that are still available for retrieval exceeds
2169
+ # the maximum you requested, Firewall Manager returns a `NextToken`
2170
+ # value in the response. To retrieve the next batch of objects, use
2171
+ # the token returned from the prior request in your next request.
2172
+ # @return [String]
2173
+ #
2174
+ # @!attribute [rw] max_results
2175
+ # The maximum number of objects that you want Firewall Manager to
2176
+ # return for this request. If more objects are available, in the
2177
+ # response, Firewall Manager provides a `NextToken` value that you can
2178
+ # use in a subsequent call to get the next batch of objects.
2179
+ # @return [Integer]
2180
+ #
2181
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetsRequest AWS API Documentation
2182
+ #
2183
+ class ListResourceSetsRequest < Struct.new(
2184
+ :next_token,
2185
+ :max_results)
2186
+ SENSITIVE = []
2187
+ include Aws::Structure
2188
+ end
2189
+
2190
+ # @!attribute [rw] resource_sets
2191
+ # An array of `ResourceSetSummary` objects.
2192
+ # @return [Array<Types::ResourceSetSummary>]
2193
+ #
2194
+ # @!attribute [rw] next_token
2195
+ # When you request a list of objects with a `MaxResults` setting, if
2196
+ # the number of objects that are still available for retrieval exceeds
2197
+ # the maximum you requested, Firewall Manager returns a `NextToken`
2198
+ # value in the response. To retrieve the next batch of objects, use
2199
+ # the token returned from the prior request in your next request.
2200
+ # @return [String]
2201
+ #
2202
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetsResponse AWS API Documentation
2203
+ #
2204
+ class ListResourceSetsResponse < Struct.new(
2205
+ :resource_sets,
2206
+ :next_token)
2207
+ SENSITIVE = []
2208
+ include Aws::Structure
2209
+ end
2210
+
1830
2211
  # @note When making an API call, you may pass ListTagsForResourceRequest
1831
2212
  # data as a hash:
1832
2213
  #
@@ -2494,7 +2875,7 @@ module Aws::FMS
2494
2875
  # policy_name: "ResourceName", # required
2495
2876
  # policy_update_token: "PolicyUpdateToken",
2496
2877
  # security_service_policy_data: { # required
2497
- # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
2878
+ # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
2498
2879
  # managed_service_data: "ManagedServiceData",
2499
2880
  # policy_option: {
2500
2881
  # network_firewall_policy: {
@@ -2522,6 +2903,8 @@ module Aws::FMS
2522
2903
  # exclude_map: {
2523
2904
  # "ACCOUNT" => ["CustomerPolicyScopeId"],
2524
2905
  # },
2906
+ # resource_set_ids: ["Base62Id"],
2907
+ # policy_description: "ResourceDescription",
2525
2908
  # }
2526
2909
  #
2527
2910
  # @!attribute [rw] policy_id
@@ -2666,6 +3049,14 @@ module Aws::FMS
2666
3049
  # “ouid112”]\}`.
2667
3050
  # @return [Hash<String,Array<String>>]
2668
3051
  #
3052
+ # @!attribute [rw] resource_set_ids
3053
+ # The unique identifiers of the resource sets used by the policy.
3054
+ # @return [Array<String>]
3055
+ #
3056
+ # @!attribute [rw] policy_description
3057
+ # The definition of the Network Firewall firewall policy.
3058
+ # @return [String]
3059
+ #
2669
3060
  # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Policy AWS API Documentation
2670
3061
  #
2671
3062
  class Policy < Struct.new(
@@ -2680,7 +3071,9 @@ module Aws::FMS
2680
3071
  :remediation_enabled,
2681
3072
  :delete_unused_fm_managed_resources,
2682
3073
  :include_map,
2683
- :exclude_map)
3074
+ :exclude_map,
3075
+ :resource_set_ids,
3076
+ :policy_description)
2684
3077
  SENSITIVE = []
2685
3078
  include Aws::Structure
2686
3079
  end
@@ -3135,7 +3528,7 @@ module Aws::FMS
3135
3528
  # policy_name: "ResourceName", # required
3136
3529
  # policy_update_token: "PolicyUpdateToken",
3137
3530
  # security_service_policy_data: { # required
3138
- # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
3531
+ # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
3139
3532
  # managed_service_data: "ManagedServiceData",
3140
3533
  # policy_option: {
3141
3534
  # network_firewall_policy: {
@@ -3163,6 +3556,8 @@ module Aws::FMS
3163
3556
  # exclude_map: {
3164
3557
  # "ACCOUNT" => ["CustomerPolicyScopeId"],
3165
3558
  # },
3559
+ # resource_set_ids: ["Base62Id"],
3560
+ # policy_description: "ResourceDescription",
3166
3561
  # },
3167
3562
  # tag_list: [
3168
3563
  # {
@@ -3263,6 +3658,65 @@ module Aws::FMS
3263
3658
  include Aws::Structure
3264
3659
  end
3265
3660
 
3661
+ # @note When making an API call, you may pass PutResourceSetRequest
3662
+ # data as a hash:
3663
+ #
3664
+ # {
3665
+ # resource_set: { # required
3666
+ # id: "Base62Id",
3667
+ # name: "Name", # required
3668
+ # description: "Description",
3669
+ # update_token: "UpdateToken",
3670
+ # resource_type_list: ["ResourceType"], # required
3671
+ # last_update_time: Time.now,
3672
+ # },
3673
+ # tag_list: [
3674
+ # {
3675
+ # key: "TagKey", # required
3676
+ # value: "TagValue", # required
3677
+ # },
3678
+ # ],
3679
+ # }
3680
+ #
3681
+ # @!attribute [rw] resource_set
3682
+ # Details about the resource set to be created or updated.&gt;
3683
+ # @return [Types::ResourceSet]
3684
+ #
3685
+ # @!attribute [rw] tag_list
3686
+ # Retrieves the tags associated with the specified resource set. Tags
3687
+ # are key:value pairs that you can use to categorize and manage your
3688
+ # resources, for purposes like billing. For example, you might set the
3689
+ # tag key to "customer" and the value to the customer name or ID.
3690
+ # You can specify one or more tags to add to each Amazon Web Services
3691
+ # resource, up to 50 tags for a resource.
3692
+ # @return [Array<Types::Tag>]
3693
+ #
3694
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutResourceSetRequest AWS API Documentation
3695
+ #
3696
+ class PutResourceSetRequest < Struct.new(
3697
+ :resource_set,
3698
+ :tag_list)
3699
+ SENSITIVE = []
3700
+ include Aws::Structure
3701
+ end
3702
+
3703
+ # @!attribute [rw] resource_set
3704
+ # Details about the resource set.
3705
+ # @return [Types::ResourceSet]
3706
+ #
3707
+ # @!attribute [rw] resource_set_arn
3708
+ # The Amazon Resource Name (ARN) of the resource set.
3709
+ # @return [String]
3710
+ #
3711
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutResourceSetResponse AWS API Documentation
3712
+ #
3713
+ class PutResourceSetResponse < Struct.new(
3714
+ :resource_set,
3715
+ :resource_set_arn)
3716
+ SENSITIVE = []
3717
+ include Aws::Structure
3718
+ end
3719
+
3266
3720
  # Information about an individual action you can take to remediate a
3267
3721
  # violation.
3268
3722
  #
@@ -3339,6 +3793,27 @@ module Aws::FMS
3339
3793
  include Aws::Structure
3340
3794
  end
3341
3795
 
3796
+ # Details of a resource that is associated to an Firewall Manager
3797
+ # resource set.
3798
+ #
3799
+ # @!attribute [rw] uri
3800
+ # The resource's universal resource indicator (URI).
3801
+ # @return [String]
3802
+ #
3803
+ # @!attribute [rw] account_id
3804
+ # The Amazon Web Services account ID that the associated resource
3805
+ # belongs to.
3806
+ # @return [String]
3807
+ #
3808
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Resource AWS API Documentation
3809
+ #
3810
+ class Resource < Struct.new(
3811
+ :uri,
3812
+ :account_id)
3813
+ SENSITIVE = []
3814
+ include Aws::Structure
3815
+ end
3816
+
3342
3817
  # The specified resource was not found.
3343
3818
  #
3344
3819
  # @!attribute [rw] message
@@ -3352,6 +3827,112 @@ module Aws::FMS
3352
3827
  include Aws::Structure
3353
3828
  end
3354
3829
 
3830
+ # A set of resources to include in a policy.
3831
+ #
3832
+ # @note When making an API call, you may pass ResourceSet
3833
+ # data as a hash:
3834
+ #
3835
+ # {
3836
+ # id: "Base62Id",
3837
+ # name: "Name", # required
3838
+ # description: "Description",
3839
+ # update_token: "UpdateToken",
3840
+ # resource_type_list: ["ResourceType"], # required
3841
+ # last_update_time: Time.now,
3842
+ # }
3843
+ #
3844
+ # @!attribute [rw] id
3845
+ # A unique identifier for the resource set. This ID is returned in the
3846
+ # responses to create and list commands. You provide it to operations
3847
+ # like update and delete.
3848
+ # @return [String]
3849
+ #
3850
+ # @!attribute [rw] name
3851
+ # The descriptive name of the resource set. You can't change the name
3852
+ # of a resource set after you create it.
3853
+ # @return [String]
3854
+ #
3855
+ # @!attribute [rw] description
3856
+ # A description of the resource set.
3857
+ # @return [String]
3858
+ #
3859
+ # @!attribute [rw] update_token
3860
+ # An optional token that you can use for optimistic locking. Firewall
3861
+ # Manager returns a token to your requests that access the resource
3862
+ # set. The token marks the state of the resource set resource at the
3863
+ # time of the request. Update tokens are not allowed when creating a
3864
+ # resource set. After creation, each subsequent update call to the
3865
+ # resource set requires the update token.
3866
+ #
3867
+ # To make an unconditional change to the resource set, omit the token
3868
+ # in your update request. Without the token, Firewall Manager performs
3869
+ # your updates regardless of whether the resource set has changed
3870
+ # since you last retrieved it.
3871
+ #
3872
+ # To make a conditional change to the resource set, provide the token
3873
+ # in your update request. Firewall Manager uses the token to ensure
3874
+ # that the resource set hasn't changed since you last retrieved it.
3875
+ # If it has changed, the operation fails with an
3876
+ # `InvalidTokenException`. If this happens, retrieve the resource set
3877
+ # again to get a current copy of it with a new token. Reapply your
3878
+ # changes as needed, then try the operation again using the new token.
3879
+ # @return [String]
3880
+ #
3881
+ # @!attribute [rw] resource_type_list
3882
+ # Determines the resources that can be associated to the resource set.
3883
+ # Depending on your setting for max results and the number of resource
3884
+ # sets, a single call might not return the full list.
3885
+ # @return [Array<String>]
3886
+ #
3887
+ # @!attribute [rw] last_update_time
3888
+ # The last time that the resource set was changed.
3889
+ # @return [Time]
3890
+ #
3891
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceSet AWS API Documentation
3892
+ #
3893
+ class ResourceSet < Struct.new(
3894
+ :id,
3895
+ :name,
3896
+ :description,
3897
+ :update_token,
3898
+ :resource_type_list,
3899
+ :last_update_time)
3900
+ SENSITIVE = []
3901
+ include Aws::Structure
3902
+ end
3903
+
3904
+ # Summarizes the resource sets used in a policy.
3905
+ #
3906
+ # @!attribute [rw] id
3907
+ # A unique identifier for the resource set. This ID is returned in the
3908
+ # responses to create and list commands. You provide it to operations
3909
+ # like update and delete.
3910
+ # @return [String]
3911
+ #
3912
+ # @!attribute [rw] name
3913
+ # The descriptive name of the resource set. You can't change the name
3914
+ # of a resource set after you create it.
3915
+ # @return [String]
3916
+ #
3917
+ # @!attribute [rw] description
3918
+ # A description of the resource set.
3919
+ # @return [String]
3920
+ #
3921
+ # @!attribute [rw] last_update_time
3922
+ # The last time that the resource set was changed.
3923
+ # @return [Time]
3924
+ #
3925
+ # @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceSetSummary AWS API Documentation
3926
+ #
3927
+ class ResourceSetSummary < Struct.new(
3928
+ :id,
3929
+ :name,
3930
+ :description,
3931
+ :last_update_time)
3932
+ SENSITIVE = []
3933
+ include Aws::Structure
3934
+ end
3935
+
3355
3936
  # The resource tags that Firewall Manager uses to determine if a
3356
3937
  # particular resource should be included or excluded from the Firewall
3357
3938
  # Manager policy. Tags enable you to categorize your Amazon Web Services
@@ -3722,7 +4303,7 @@ module Aws::FMS
3722
4303
  # data as a hash:
3723
4304
  #
3724
4305
  # {
3725
- # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
4306
+ # type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
3726
4307
  # managed_service_data: "ManagedServiceData",
3727
4308
  # policy_option: {
3728
4309
  # network_firewall_policy: {