aws-sdk-fms 1.52.0 → 1.54.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +366 -10
- data/lib/aws-sdk-fms/client_api.rb +233 -0
- data/lib/aws-sdk-fms/endpoint_parameters.rb +3 -0
- data/lib/aws-sdk-fms/endpoint_provider.rb +74 -75
- data/lib/aws-sdk-fms/endpoints.rb +112 -0
- data/lib/aws-sdk-fms/plugins/endpoints.rb +16 -0
- data/lib/aws-sdk-fms/types.rb +483 -437
- data/lib/aws-sdk-fms.rb +1 -1
- metadata +2 -2
data/lib/aws-sdk-fms/types.rb
CHANGED
|
@@ -31,15 +31,6 @@ module Aws::FMS
|
|
|
31
31
|
|
|
32
32
|
# An individual Firewall Manager application.
|
|
33
33
|
#
|
|
34
|
-
# @note When making an API call, you may pass App
|
|
35
|
-
# data as a hash:
|
|
36
|
-
#
|
|
37
|
-
# {
|
|
38
|
-
# app_name: "ResourceName", # required
|
|
39
|
-
# protocol: "Protocol", # required
|
|
40
|
-
# port: 1, # required
|
|
41
|
-
# }
|
|
42
|
-
#
|
|
43
34
|
# @!attribute [rw] app_name
|
|
44
35
|
# The application's name.
|
|
45
36
|
# @return [String]
|
|
@@ -70,33 +61,6 @@ module Aws::FMS
|
|
|
70
61
|
|
|
71
62
|
# An Firewall Manager applications list.
|
|
72
63
|
#
|
|
73
|
-
# @note When making an API call, you may pass AppsListData
|
|
74
|
-
# data as a hash:
|
|
75
|
-
#
|
|
76
|
-
# {
|
|
77
|
-
# list_id: "ListId",
|
|
78
|
-
# list_name: "ResourceName", # required
|
|
79
|
-
# list_update_token: "UpdateToken",
|
|
80
|
-
# create_time: Time.now,
|
|
81
|
-
# last_update_time: Time.now,
|
|
82
|
-
# apps_list: [ # required
|
|
83
|
-
# {
|
|
84
|
-
# app_name: "ResourceName", # required
|
|
85
|
-
# protocol: "Protocol", # required
|
|
86
|
-
# port: 1, # required
|
|
87
|
-
# },
|
|
88
|
-
# ],
|
|
89
|
-
# previous_apps_list: {
|
|
90
|
-
# "PreviousListVersion" => [
|
|
91
|
-
# {
|
|
92
|
-
# app_name: "ResourceName", # required
|
|
93
|
-
# protocol: "Protocol", # required
|
|
94
|
-
# port: 1, # required
|
|
95
|
-
# },
|
|
96
|
-
# ],
|
|
97
|
-
# },
|
|
98
|
-
# }
|
|
99
|
-
#
|
|
100
64
|
# @!attribute [rw] list_id
|
|
101
65
|
# The ID of the Firewall Manager applications list.
|
|
102
66
|
# @return [String]
|
|
@@ -173,13 +137,6 @@ module Aws::FMS
|
|
|
173
137
|
include Aws::Structure
|
|
174
138
|
end
|
|
175
139
|
|
|
176
|
-
# @note When making an API call, you may pass AssociateAdminAccountRequest
|
|
177
|
-
# data as a hash:
|
|
178
|
-
#
|
|
179
|
-
# {
|
|
180
|
-
# admin_account: "AWSAccountId", # required
|
|
181
|
-
# }
|
|
182
|
-
#
|
|
183
140
|
# @!attribute [rw] admin_account
|
|
184
141
|
# The Amazon Web Services account ID to associate with Firewall
|
|
185
142
|
# Manager as the Firewall Manager administrator account. This must be
|
|
@@ -200,13 +157,6 @@ module Aws::FMS
|
|
|
200
157
|
include Aws::Structure
|
|
201
158
|
end
|
|
202
159
|
|
|
203
|
-
# @note When making an API call, you may pass AssociateThirdPartyFirewallRequest
|
|
204
|
-
# data as a hash:
|
|
205
|
-
#
|
|
206
|
-
# {
|
|
207
|
-
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
208
|
-
# }
|
|
209
|
-
#
|
|
210
160
|
# @!attribute [rw] third_party_firewall
|
|
211
161
|
# The name of the third-party firewall vendor.
|
|
212
162
|
# @return [String]
|
|
@@ -320,6 +270,82 @@ module Aws::FMS
|
|
|
320
270
|
include Aws::Structure
|
|
321
271
|
end
|
|
322
272
|
|
|
273
|
+
# @!attribute [rw] resource_set_identifier
|
|
274
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
275
|
+
# the resource set.
|
|
276
|
+
# @return [String]
|
|
277
|
+
#
|
|
278
|
+
# @!attribute [rw] items
|
|
279
|
+
# The uniform resource identifiers (URIs) of resources that should be
|
|
280
|
+
# associated to the resource set. The URIs must be Amazon Resource
|
|
281
|
+
# Names (ARNs).
|
|
282
|
+
# @return [Array<String>]
|
|
283
|
+
#
|
|
284
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchAssociateResourceRequest AWS API Documentation
|
|
285
|
+
#
|
|
286
|
+
class BatchAssociateResourceRequest < Struct.new(
|
|
287
|
+
:resource_set_identifier,
|
|
288
|
+
:items)
|
|
289
|
+
SENSITIVE = []
|
|
290
|
+
include Aws::Structure
|
|
291
|
+
end
|
|
292
|
+
|
|
293
|
+
# @!attribute [rw] resource_set_identifier
|
|
294
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
295
|
+
# the resource set.
|
|
296
|
+
# @return [String]
|
|
297
|
+
#
|
|
298
|
+
# @!attribute [rw] failed_items
|
|
299
|
+
# The resources that failed to associate to the resource set.
|
|
300
|
+
# @return [Array<Types::FailedItem>]
|
|
301
|
+
#
|
|
302
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchAssociateResourceResponse AWS API Documentation
|
|
303
|
+
#
|
|
304
|
+
class BatchAssociateResourceResponse < Struct.new(
|
|
305
|
+
:resource_set_identifier,
|
|
306
|
+
:failed_items)
|
|
307
|
+
SENSITIVE = []
|
|
308
|
+
include Aws::Structure
|
|
309
|
+
end
|
|
310
|
+
|
|
311
|
+
# @!attribute [rw] resource_set_identifier
|
|
312
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
313
|
+
# the resource set.
|
|
314
|
+
# @return [String]
|
|
315
|
+
#
|
|
316
|
+
# @!attribute [rw] items
|
|
317
|
+
# The uniform resource identifiers (URI) of resources that should be
|
|
318
|
+
# disassociated from the resource set. The URIs must be Amazon
|
|
319
|
+
# Resource Names (ARNs).
|
|
320
|
+
# @return [Array<String>]
|
|
321
|
+
#
|
|
322
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchDisassociateResourceRequest AWS API Documentation
|
|
323
|
+
#
|
|
324
|
+
class BatchDisassociateResourceRequest < Struct.new(
|
|
325
|
+
:resource_set_identifier,
|
|
326
|
+
:items)
|
|
327
|
+
SENSITIVE = []
|
|
328
|
+
include Aws::Structure
|
|
329
|
+
end
|
|
330
|
+
|
|
331
|
+
# @!attribute [rw] resource_set_identifier
|
|
332
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
333
|
+
# the resource set.
|
|
334
|
+
# @return [String]
|
|
335
|
+
#
|
|
336
|
+
# @!attribute [rw] failed_items
|
|
337
|
+
# The resources that failed to disassociate from the resource set.
|
|
338
|
+
# @return [Array<Types::FailedItem>]
|
|
339
|
+
#
|
|
340
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/BatchDisassociateResourceResponse AWS API Documentation
|
|
341
|
+
#
|
|
342
|
+
class BatchDisassociateResourceResponse < Struct.new(
|
|
343
|
+
:resource_set_identifier,
|
|
344
|
+
:failed_items)
|
|
345
|
+
SENSITIVE = []
|
|
346
|
+
include Aws::Structure
|
|
347
|
+
end
|
|
348
|
+
|
|
323
349
|
# Details of the resource that is not protected by the policy.
|
|
324
350
|
#
|
|
325
351
|
# @!attribute [rw] resource_id
|
|
@@ -358,13 +384,6 @@ module Aws::FMS
|
|
|
358
384
|
include Aws::Structure
|
|
359
385
|
end
|
|
360
386
|
|
|
361
|
-
# @note When making an API call, you may pass DeleteAppsListRequest
|
|
362
|
-
# data as a hash:
|
|
363
|
-
#
|
|
364
|
-
# {
|
|
365
|
-
# list_id: "ListId", # required
|
|
366
|
-
# }
|
|
367
|
-
#
|
|
368
387
|
# @!attribute [rw] list_id
|
|
369
388
|
# The ID of the applications list that you want to delete. You can
|
|
370
389
|
# retrieve this ID from `PutAppsList`, `ListAppsLists`, and
|
|
@@ -385,14 +404,6 @@ module Aws::FMS
|
|
|
385
404
|
#
|
|
386
405
|
class DeleteNotificationChannelRequest < Aws::EmptyStructure; end
|
|
387
406
|
|
|
388
|
-
# @note When making an API call, you may pass DeletePolicyRequest
|
|
389
|
-
# data as a hash:
|
|
390
|
-
#
|
|
391
|
-
# {
|
|
392
|
-
# policy_id: "PolicyId", # required
|
|
393
|
-
# delete_all_policy_resources: false,
|
|
394
|
-
# }
|
|
395
|
-
#
|
|
396
407
|
# @!attribute [rw] policy_id
|
|
397
408
|
# The ID of the policy that you want to delete. You can retrieve this
|
|
398
409
|
# ID from `PutPolicy` and `ListPolicies`.
|
|
@@ -439,13 +450,6 @@ module Aws::FMS
|
|
|
439
450
|
include Aws::Structure
|
|
440
451
|
end
|
|
441
452
|
|
|
442
|
-
# @note When making an API call, you may pass DeleteProtocolsListRequest
|
|
443
|
-
# data as a hash:
|
|
444
|
-
#
|
|
445
|
-
# {
|
|
446
|
-
# list_id: "ListId", # required
|
|
447
|
-
# }
|
|
448
|
-
#
|
|
449
453
|
# @!attribute [rw] list_id
|
|
450
454
|
# The ID of the protocols list that you want to delete. You can
|
|
451
455
|
# retrieve this ID from `PutProtocolsList`, `ListProtocolsLists`, and
|
|
@@ -460,19 +464,25 @@ module Aws::FMS
|
|
|
460
464
|
include Aws::Structure
|
|
461
465
|
end
|
|
462
466
|
|
|
467
|
+
# @!attribute [rw] identifier
|
|
468
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
469
|
+
# the resource set.
|
|
470
|
+
# @return [String]
|
|
471
|
+
#
|
|
472
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteResourceSetRequest AWS API Documentation
|
|
473
|
+
#
|
|
474
|
+
class DeleteResourceSetRequest < Struct.new(
|
|
475
|
+
:identifier)
|
|
476
|
+
SENSITIVE = []
|
|
477
|
+
include Aws::Structure
|
|
478
|
+
end
|
|
479
|
+
|
|
463
480
|
# @api private
|
|
464
481
|
#
|
|
465
482
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccountRequest AWS API Documentation
|
|
466
483
|
#
|
|
467
484
|
class DisassociateAdminAccountRequest < Aws::EmptyStructure; end
|
|
468
485
|
|
|
469
|
-
# @note When making an API call, you may pass DisassociateThirdPartyFirewallRequest
|
|
470
|
-
# data as a hash:
|
|
471
|
-
#
|
|
472
|
-
# {
|
|
473
|
-
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
474
|
-
# }
|
|
475
|
-
#
|
|
476
486
|
# @!attribute [rw] third_party_firewall
|
|
477
487
|
# The name of the third-party firewall vendor.
|
|
478
488
|
# @return [String]
|
|
@@ -498,6 +508,37 @@ module Aws::FMS
|
|
|
498
508
|
include Aws::Structure
|
|
499
509
|
end
|
|
500
510
|
|
|
511
|
+
# A resource in the organization that's available to be associated with
|
|
512
|
+
# a Firewall Manager resource set.
|
|
513
|
+
#
|
|
514
|
+
# @!attribute [rw] uri
|
|
515
|
+
# The universal resource identifier (URI) of the discovered resource.
|
|
516
|
+
# @return [String]
|
|
517
|
+
#
|
|
518
|
+
# @!attribute [rw] account_id
|
|
519
|
+
# The Amazon Web Services account ID associated with the discovered
|
|
520
|
+
# resource.
|
|
521
|
+
# @return [String]
|
|
522
|
+
#
|
|
523
|
+
# @!attribute [rw] type
|
|
524
|
+
# The type of the discovered resource.
|
|
525
|
+
# @return [String]
|
|
526
|
+
#
|
|
527
|
+
# @!attribute [rw] name
|
|
528
|
+
# The name of the discovered resource.
|
|
529
|
+
# @return [String]
|
|
530
|
+
#
|
|
531
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DiscoveredResource AWS API Documentation
|
|
532
|
+
#
|
|
533
|
+
class DiscoveredResource < Struct.new(
|
|
534
|
+
:uri,
|
|
535
|
+
:account_id,
|
|
536
|
+
:type,
|
|
537
|
+
:name)
|
|
538
|
+
SENSITIVE = []
|
|
539
|
+
include Aws::Structure
|
|
540
|
+
end
|
|
541
|
+
|
|
501
542
|
# A DNS Firewall rule group that Firewall Manager tried to associate
|
|
502
543
|
# with a VPC is already associated with the VPC and can't be associated
|
|
503
544
|
# again.
|
|
@@ -925,6 +966,26 @@ module Aws::FMS
|
|
|
925
966
|
include Aws::Structure
|
|
926
967
|
end
|
|
927
968
|
|
|
969
|
+
# Details of a resource that failed when trying to update it's
|
|
970
|
+
# association to a resource set.
|
|
971
|
+
#
|
|
972
|
+
# @!attribute [rw] uri
|
|
973
|
+
# The univeral resource indicator (URI) of the resource that failed.
|
|
974
|
+
# @return [String]
|
|
975
|
+
#
|
|
976
|
+
# @!attribute [rw] reason
|
|
977
|
+
# The reason the resource's association could not be updated.
|
|
978
|
+
# @return [String]
|
|
979
|
+
#
|
|
980
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/FailedItem AWS API Documentation
|
|
981
|
+
#
|
|
982
|
+
class FailedItem < Struct.new(
|
|
983
|
+
:uri,
|
|
984
|
+
:reason)
|
|
985
|
+
SENSITIVE = []
|
|
986
|
+
include Aws::Structure
|
|
987
|
+
end
|
|
988
|
+
|
|
928
989
|
# Contains details about the firewall subnet that violates the policy
|
|
929
990
|
# scope.
|
|
930
991
|
#
|
|
@@ -1018,14 +1079,6 @@ module Aws::FMS
|
|
|
1018
1079
|
include Aws::Structure
|
|
1019
1080
|
end
|
|
1020
1081
|
|
|
1021
|
-
# @note When making an API call, you may pass GetAppsListRequest
|
|
1022
|
-
# data as a hash:
|
|
1023
|
-
#
|
|
1024
|
-
# {
|
|
1025
|
-
# list_id: "ListId", # required
|
|
1026
|
-
# default_list: false,
|
|
1027
|
-
# }
|
|
1028
|
-
#
|
|
1029
1082
|
# @!attribute [rw] list_id
|
|
1030
1083
|
# The ID of the Firewall Manager applications list that you want the
|
|
1031
1084
|
# details for.
|
|
@@ -1062,14 +1115,6 @@ module Aws::FMS
|
|
|
1062
1115
|
include Aws::Structure
|
|
1063
1116
|
end
|
|
1064
1117
|
|
|
1065
|
-
# @note When making an API call, you may pass GetComplianceDetailRequest
|
|
1066
|
-
# data as a hash:
|
|
1067
|
-
#
|
|
1068
|
-
# {
|
|
1069
|
-
# policy_id: "PolicyId", # required
|
|
1070
|
-
# member_account: "AWSAccountId", # required
|
|
1071
|
-
# }
|
|
1072
|
-
#
|
|
1073
1118
|
# @!attribute [rw] policy_id
|
|
1074
1119
|
# The ID of the policy that you want to get the details for.
|
|
1075
1120
|
# `PolicyId` is returned by `PutPolicy` and by `ListPolicies`.
|
|
@@ -1126,13 +1171,6 @@ module Aws::FMS
|
|
|
1126
1171
|
include Aws::Structure
|
|
1127
1172
|
end
|
|
1128
1173
|
|
|
1129
|
-
# @note When making an API call, you may pass GetPolicyRequest
|
|
1130
|
-
# data as a hash:
|
|
1131
|
-
#
|
|
1132
|
-
# {
|
|
1133
|
-
# policy_id: "PolicyId", # required
|
|
1134
|
-
# }
|
|
1135
|
-
#
|
|
1136
1174
|
# @!attribute [rw] policy_id
|
|
1137
1175
|
# The ID of the Firewall Manager policy that you want the details for.
|
|
1138
1176
|
# @return [String]
|
|
@@ -1162,18 +1200,6 @@ module Aws::FMS
|
|
|
1162
1200
|
include Aws::Structure
|
|
1163
1201
|
end
|
|
1164
1202
|
|
|
1165
|
-
# @note When making an API call, you may pass GetProtectionStatusRequest
|
|
1166
|
-
# data as a hash:
|
|
1167
|
-
#
|
|
1168
|
-
# {
|
|
1169
|
-
# policy_id: "PolicyId", # required
|
|
1170
|
-
# member_account_id: "AWSAccountId",
|
|
1171
|
-
# start_time: Time.now,
|
|
1172
|
-
# end_time: Time.now,
|
|
1173
|
-
# next_token: "PaginationToken",
|
|
1174
|
-
# max_results: 1,
|
|
1175
|
-
# }
|
|
1176
|
-
#
|
|
1177
1203
|
# @!attribute [rw] policy_id
|
|
1178
1204
|
# The ID of the policy for which you want to get the attack
|
|
1179
1205
|
# information.
|
|
@@ -1279,14 +1305,6 @@ module Aws::FMS
|
|
|
1279
1305
|
include Aws::Structure
|
|
1280
1306
|
end
|
|
1281
1307
|
|
|
1282
|
-
# @note When making an API call, you may pass GetProtocolsListRequest
|
|
1283
|
-
# data as a hash:
|
|
1284
|
-
#
|
|
1285
|
-
# {
|
|
1286
|
-
# list_id: "ListId", # required
|
|
1287
|
-
# default_list: false,
|
|
1288
|
-
# }
|
|
1289
|
-
#
|
|
1290
1308
|
# @!attribute [rw] list_id
|
|
1291
1309
|
# The ID of the Firewall Manager protocols list that you want the
|
|
1292
1310
|
# details for.
|
|
@@ -1323,13 +1341,36 @@ module Aws::FMS
|
|
|
1323
1341
|
include Aws::Structure
|
|
1324
1342
|
end
|
|
1325
1343
|
|
|
1326
|
-
#
|
|
1327
|
-
#
|
|
1344
|
+
# @!attribute [rw] identifier
|
|
1345
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
1346
|
+
# the resource set.
|
|
1347
|
+
# @return [String]
|
|
1328
1348
|
#
|
|
1329
|
-
#
|
|
1330
|
-
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
1331
|
-
# }
|
|
1349
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetResourceSetRequest AWS API Documentation
|
|
1332
1350
|
#
|
|
1351
|
+
class GetResourceSetRequest < Struct.new(
|
|
1352
|
+
:identifier)
|
|
1353
|
+
SENSITIVE = []
|
|
1354
|
+
include Aws::Structure
|
|
1355
|
+
end
|
|
1356
|
+
|
|
1357
|
+
# @!attribute [rw] resource_set
|
|
1358
|
+
# Information about the specified resource set.
|
|
1359
|
+
# @return [Types::ResourceSet]
|
|
1360
|
+
#
|
|
1361
|
+
# @!attribute [rw] resource_set_arn
|
|
1362
|
+
# The Amazon Resource Name (ARN) of the resource set.
|
|
1363
|
+
# @return [String]
|
|
1364
|
+
#
|
|
1365
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetResourceSetResponse AWS API Documentation
|
|
1366
|
+
#
|
|
1367
|
+
class GetResourceSetResponse < Struct.new(
|
|
1368
|
+
:resource_set,
|
|
1369
|
+
:resource_set_arn)
|
|
1370
|
+
SENSITIVE = []
|
|
1371
|
+
include Aws::Structure
|
|
1372
|
+
end
|
|
1373
|
+
|
|
1333
1374
|
# @!attribute [rw] third_party_firewall
|
|
1334
1375
|
# The name of the third-party firewall vendor.
|
|
1335
1376
|
# @return [String]
|
|
@@ -1390,16 +1431,6 @@ module Aws::FMS
|
|
|
1390
1431
|
include Aws::Structure
|
|
1391
1432
|
end
|
|
1392
1433
|
|
|
1393
|
-
# @note When making an API call, you may pass GetViolationDetailsRequest
|
|
1394
|
-
# data as a hash:
|
|
1395
|
-
#
|
|
1396
|
-
# {
|
|
1397
|
-
# policy_id: "PolicyId", # required
|
|
1398
|
-
# member_account: "AWSAccountId", # required
|
|
1399
|
-
# resource_id: "ResourceId", # required
|
|
1400
|
-
# resource_type: "ResourceType", # required
|
|
1401
|
-
# }
|
|
1402
|
-
#
|
|
1403
1434
|
# @!attribute [rw] policy_id
|
|
1404
1435
|
# The ID of the Firewall Manager policy that you want the details for.
|
|
1405
1436
|
# This currently only supports security group content audit policies.
|
|
@@ -1527,15 +1558,6 @@ module Aws::FMS
|
|
|
1527
1558
|
include Aws::Structure
|
|
1528
1559
|
end
|
|
1529
1560
|
|
|
1530
|
-
# @note When making an API call, you may pass ListAppsListsRequest
|
|
1531
|
-
# data as a hash:
|
|
1532
|
-
#
|
|
1533
|
-
# {
|
|
1534
|
-
# default_lists: false,
|
|
1535
|
-
# next_token: "PaginationToken",
|
|
1536
|
-
# max_results: 1, # required
|
|
1537
|
-
# }
|
|
1538
|
-
#
|
|
1539
1561
|
# @!attribute [rw] default_lists
|
|
1540
1562
|
# Specifies whether the lists to retrieve are default lists owned by
|
|
1541
1563
|
# Firewall Manager.
|
|
@@ -1589,15 +1611,6 @@ module Aws::FMS
|
|
|
1589
1611
|
include Aws::Structure
|
|
1590
1612
|
end
|
|
1591
1613
|
|
|
1592
|
-
# @note When making an API call, you may pass ListComplianceStatusRequest
|
|
1593
|
-
# data as a hash:
|
|
1594
|
-
#
|
|
1595
|
-
# {
|
|
1596
|
-
# policy_id: "PolicyId", # required
|
|
1597
|
-
# next_token: "PaginationToken",
|
|
1598
|
-
# max_results: 1,
|
|
1599
|
-
# }
|
|
1600
|
-
#
|
|
1601
1614
|
# @!attribute [rw] policy_id
|
|
1602
1615
|
# The ID of the Firewall Manager policy that you want the details for.
|
|
1603
1616
|
# @return [String]
|
|
@@ -1653,14 +1666,63 @@ module Aws::FMS
|
|
|
1653
1666
|
include Aws::Structure
|
|
1654
1667
|
end
|
|
1655
1668
|
|
|
1656
|
-
#
|
|
1657
|
-
#
|
|
1669
|
+
# @!attribute [rw] member_account_ids
|
|
1670
|
+
# The Amazon Web Services account IDs to discover resources in. Only
|
|
1671
|
+
# one account is supported per request. The account must be a member
|
|
1672
|
+
# of your organization.
|
|
1673
|
+
# @return [Array<String>]
|
|
1674
|
+
#
|
|
1675
|
+
# @!attribute [rw] resource_type
|
|
1676
|
+
# The type of resources to discover.
|
|
1677
|
+
# @return [String]
|
|
1678
|
+
#
|
|
1679
|
+
# @!attribute [rw] max_results
|
|
1680
|
+
# The maximum number of objects that you want Firewall Manager to
|
|
1681
|
+
# return for this request. If more objects are available, in the
|
|
1682
|
+
# response, Firewall Manager provides a `NextToken` value that you can
|
|
1683
|
+
# use in a subsequent call to get the next batch of objects.
|
|
1684
|
+
# @return [Integer]
|
|
1685
|
+
#
|
|
1686
|
+
# @!attribute [rw] next_token
|
|
1687
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1688
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1689
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1690
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1691
|
+
# the token returned from the prior request in your next request.
|
|
1692
|
+
# @return [String]
|
|
1693
|
+
#
|
|
1694
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListDiscoveredResourcesRequest AWS API Documentation
|
|
1695
|
+
#
|
|
1696
|
+
class ListDiscoveredResourcesRequest < Struct.new(
|
|
1697
|
+
:member_account_ids,
|
|
1698
|
+
:resource_type,
|
|
1699
|
+
:max_results,
|
|
1700
|
+
:next_token)
|
|
1701
|
+
SENSITIVE = []
|
|
1702
|
+
include Aws::Structure
|
|
1703
|
+
end
|
|
1704
|
+
|
|
1705
|
+
# @!attribute [rw] items
|
|
1706
|
+
# Details of the resources that were discovered.
|
|
1707
|
+
# @return [Array<Types::DiscoveredResource>]
|
|
1708
|
+
#
|
|
1709
|
+
# @!attribute [rw] next_token
|
|
1710
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1711
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1712
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1713
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1714
|
+
# the token returned from the prior request in your next request.
|
|
1715
|
+
# @return [String]
|
|
1658
1716
|
#
|
|
1659
|
-
#
|
|
1660
|
-
# next_token: "PaginationToken",
|
|
1661
|
-
# max_results: 1,
|
|
1662
|
-
# }
|
|
1717
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListDiscoveredResourcesResponse AWS API Documentation
|
|
1663
1718
|
#
|
|
1719
|
+
class ListDiscoveredResourcesResponse < Struct.new(
|
|
1720
|
+
:items,
|
|
1721
|
+
:next_token)
|
|
1722
|
+
SENSITIVE = []
|
|
1723
|
+
include Aws::Structure
|
|
1724
|
+
end
|
|
1725
|
+
|
|
1664
1726
|
# @!attribute [rw] next_token
|
|
1665
1727
|
# If you specify a value for `MaxResults` and you have more account
|
|
1666
1728
|
# IDs than the number that you specify for `MaxResults`, Firewall
|
|
@@ -1709,14 +1771,6 @@ module Aws::FMS
|
|
|
1709
1771
|
include Aws::Structure
|
|
1710
1772
|
end
|
|
1711
1773
|
|
|
1712
|
-
# @note When making an API call, you may pass ListPoliciesRequest
|
|
1713
|
-
# data as a hash:
|
|
1714
|
-
#
|
|
1715
|
-
# {
|
|
1716
|
-
# next_token: "PaginationToken",
|
|
1717
|
-
# max_results: 1,
|
|
1718
|
-
# }
|
|
1719
|
-
#
|
|
1720
1774
|
# @!attribute [rw] next_token
|
|
1721
1775
|
# If you specify a value for `MaxResults` and you have more
|
|
1722
1776
|
# `PolicySummary` objects than the number that you specify for
|
|
@@ -1765,15 +1819,6 @@ module Aws::FMS
|
|
|
1765
1819
|
include Aws::Structure
|
|
1766
1820
|
end
|
|
1767
1821
|
|
|
1768
|
-
# @note When making an API call, you may pass ListProtocolsListsRequest
|
|
1769
|
-
# data as a hash:
|
|
1770
|
-
#
|
|
1771
|
-
# {
|
|
1772
|
-
# default_lists: false,
|
|
1773
|
-
# next_token: "PaginationToken",
|
|
1774
|
-
# max_results: 1, # required
|
|
1775
|
-
# }
|
|
1776
|
-
#
|
|
1777
1822
|
# @!attribute [rw] default_lists
|
|
1778
1823
|
# Specifies whether the lists to retrieve are default lists owned by
|
|
1779
1824
|
# Firewall Manager.
|
|
@@ -1827,13 +1872,103 @@ module Aws::FMS
|
|
|
1827
1872
|
include Aws::Structure
|
|
1828
1873
|
end
|
|
1829
1874
|
|
|
1830
|
-
#
|
|
1831
|
-
#
|
|
1875
|
+
# @!attribute [rw] identifier
|
|
1876
|
+
# A unique identifier for the resource set, used in a TODO to refer to
|
|
1877
|
+
# the resource set.
|
|
1878
|
+
# @return [String]
|
|
1832
1879
|
#
|
|
1833
|
-
#
|
|
1834
|
-
#
|
|
1835
|
-
#
|
|
1880
|
+
# @!attribute [rw] max_results
|
|
1881
|
+
# The maximum number of objects that you want Firewall Manager to
|
|
1882
|
+
# return for this request. If more objects are available, in the
|
|
1883
|
+
# response, Firewall Manager provides a `NextToken` value that you can
|
|
1884
|
+
# use in a subsequent call to get the next batch of objects.
|
|
1885
|
+
# @return [Integer]
|
|
1886
|
+
#
|
|
1887
|
+
# @!attribute [rw] next_token
|
|
1888
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1889
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1890
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1891
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1892
|
+
# the token returned from the prior request in your next request.
|
|
1893
|
+
# @return [String]
|
|
1894
|
+
#
|
|
1895
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetResourcesRequest AWS API Documentation
|
|
1896
|
+
#
|
|
1897
|
+
class ListResourceSetResourcesRequest < Struct.new(
|
|
1898
|
+
:identifier,
|
|
1899
|
+
:max_results,
|
|
1900
|
+
:next_token)
|
|
1901
|
+
SENSITIVE = []
|
|
1902
|
+
include Aws::Structure
|
|
1903
|
+
end
|
|
1904
|
+
|
|
1905
|
+
# @!attribute [rw] items
|
|
1906
|
+
# An array of the associated resources' uniform resource identifiers
|
|
1907
|
+
# (URI).
|
|
1908
|
+
# @return [Array<Types::Resource>]
|
|
1909
|
+
#
|
|
1910
|
+
# @!attribute [rw] next_token
|
|
1911
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1912
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1913
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1914
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1915
|
+
# the token returned from the prior request in your next request.
|
|
1916
|
+
# @return [String]
|
|
1917
|
+
#
|
|
1918
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetResourcesResponse AWS API Documentation
|
|
1919
|
+
#
|
|
1920
|
+
class ListResourceSetResourcesResponse < Struct.new(
|
|
1921
|
+
:items,
|
|
1922
|
+
:next_token)
|
|
1923
|
+
SENSITIVE = []
|
|
1924
|
+
include Aws::Structure
|
|
1925
|
+
end
|
|
1926
|
+
|
|
1927
|
+
# @!attribute [rw] next_token
|
|
1928
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1929
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1930
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1931
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1932
|
+
# the token returned from the prior request in your next request.
|
|
1933
|
+
# @return [String]
|
|
1934
|
+
#
|
|
1935
|
+
# @!attribute [rw] max_results
|
|
1936
|
+
# The maximum number of objects that you want Firewall Manager to
|
|
1937
|
+
# return for this request. If more objects are available, in the
|
|
1938
|
+
# response, Firewall Manager provides a `NextToken` value that you can
|
|
1939
|
+
# use in a subsequent call to get the next batch of objects.
|
|
1940
|
+
# @return [Integer]
|
|
1941
|
+
#
|
|
1942
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetsRequest AWS API Documentation
|
|
1943
|
+
#
|
|
1944
|
+
class ListResourceSetsRequest < Struct.new(
|
|
1945
|
+
:next_token,
|
|
1946
|
+
:max_results)
|
|
1947
|
+
SENSITIVE = []
|
|
1948
|
+
include Aws::Structure
|
|
1949
|
+
end
|
|
1950
|
+
|
|
1951
|
+
# @!attribute [rw] resource_sets
|
|
1952
|
+
# An array of `ResourceSetSummary` objects.
|
|
1953
|
+
# @return [Array<Types::ResourceSetSummary>]
|
|
1954
|
+
#
|
|
1955
|
+
# @!attribute [rw] next_token
|
|
1956
|
+
# When you request a list of objects with a `MaxResults` setting, if
|
|
1957
|
+
# the number of objects that are still available for retrieval exceeds
|
|
1958
|
+
# the maximum you requested, Firewall Manager returns a `NextToken`
|
|
1959
|
+
# value in the response. To retrieve the next batch of objects, use
|
|
1960
|
+
# the token returned from the prior request in your next request.
|
|
1961
|
+
# @return [String]
|
|
1962
|
+
#
|
|
1963
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListResourceSetsResponse AWS API Documentation
|
|
1836
1964
|
#
|
|
1965
|
+
class ListResourceSetsResponse < Struct.new(
|
|
1966
|
+
:resource_sets,
|
|
1967
|
+
:next_token)
|
|
1968
|
+
SENSITIVE = []
|
|
1969
|
+
include Aws::Structure
|
|
1970
|
+
end
|
|
1971
|
+
|
|
1837
1972
|
# @!attribute [rw] resource_arn
|
|
1838
1973
|
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
|
1839
1974
|
# The Firewall Manager resources that support tagging are policies,
|
|
@@ -1860,15 +1995,6 @@ module Aws::FMS
|
|
|
1860
1995
|
include Aws::Structure
|
|
1861
1996
|
end
|
|
1862
1997
|
|
|
1863
|
-
# @note When making an API call, you may pass ListThirdPartyFirewallFirewallPoliciesRequest
|
|
1864
|
-
# data as a hash:
|
|
1865
|
-
#
|
|
1866
|
-
# {
|
|
1867
|
-
# third_party_firewall: "PALO_ALTO_NETWORKS_CLOUD_NGFW", # required, accepts PALO_ALTO_NETWORKS_CLOUD_NGFW
|
|
1868
|
-
# next_token: "PaginationToken",
|
|
1869
|
-
# max_results: 1, # required
|
|
1870
|
-
# }
|
|
1871
|
-
#
|
|
1872
1998
|
# @!attribute [rw] third_party_firewall
|
|
1873
1999
|
# The name of the third-party firewall vendor.
|
|
1874
2000
|
# @return [String]
|
|
@@ -2267,13 +2393,6 @@ module Aws::FMS
|
|
|
2267
2393
|
#
|
|
2268
2394
|
# [1]: https://docs.aws.amazon.com/network-firewall/latest/developerguide/architectures.html
|
|
2269
2395
|
#
|
|
2270
|
-
# @note When making an API call, you may pass NetworkFirewallPolicy
|
|
2271
|
-
# data as a hash:
|
|
2272
|
-
#
|
|
2273
|
-
# {
|
|
2274
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2275
|
-
# }
|
|
2276
|
-
#
|
|
2277
2396
|
# @!attribute [rw] firewall_deployment_model
|
|
2278
2397
|
# Defines the deployment model to use for the firewall policy. To use
|
|
2279
2398
|
# a distributed model, set [PolicyOption][1] to `NULL`.
|
|
@@ -2486,44 +2605,6 @@ module Aws::FMS
|
|
|
2486
2605
|
|
|
2487
2606
|
# An Firewall Manager policy.
|
|
2488
2607
|
#
|
|
2489
|
-
# @note When making an API call, you may pass Policy
|
|
2490
|
-
# data as a hash:
|
|
2491
|
-
#
|
|
2492
|
-
# {
|
|
2493
|
-
# policy_id: "PolicyId",
|
|
2494
|
-
# policy_name: "ResourceName", # required
|
|
2495
|
-
# policy_update_token: "PolicyUpdateToken",
|
|
2496
|
-
# security_service_policy_data: { # required
|
|
2497
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
|
|
2498
|
-
# managed_service_data: "ManagedServiceData",
|
|
2499
|
-
# policy_option: {
|
|
2500
|
-
# network_firewall_policy: {
|
|
2501
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2502
|
-
# },
|
|
2503
|
-
# third_party_firewall_policy: {
|
|
2504
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2505
|
-
# },
|
|
2506
|
-
# },
|
|
2507
|
-
# },
|
|
2508
|
-
# resource_type: "ResourceType", # required
|
|
2509
|
-
# resource_type_list: ["ResourceType"],
|
|
2510
|
-
# resource_tags: [
|
|
2511
|
-
# {
|
|
2512
|
-
# key: "ResourceTagKey", # required
|
|
2513
|
-
# value: "ResourceTagValue",
|
|
2514
|
-
# },
|
|
2515
|
-
# ],
|
|
2516
|
-
# exclude_resource_tags: false, # required
|
|
2517
|
-
# remediation_enabled: false, # required
|
|
2518
|
-
# delete_unused_fm_managed_resources: false,
|
|
2519
|
-
# include_map: {
|
|
2520
|
-
# "ACCOUNT" => ["CustomerPolicyScopeId"],
|
|
2521
|
-
# },
|
|
2522
|
-
# exclude_map: {
|
|
2523
|
-
# "ACCOUNT" => ["CustomerPolicyScopeId"],
|
|
2524
|
-
# },
|
|
2525
|
-
# }
|
|
2526
|
-
#
|
|
2527
2608
|
# @!attribute [rw] policy_id
|
|
2528
2609
|
# The ID of the Firewall Manager policy.
|
|
2529
2610
|
# @return [String]
|
|
@@ -2666,6 +2747,14 @@ module Aws::FMS
|
|
|
2666
2747
|
# “ouid112”]\}`.
|
|
2667
2748
|
# @return [Hash<String,Array<String>>]
|
|
2668
2749
|
#
|
|
2750
|
+
# @!attribute [rw] resource_set_ids
|
|
2751
|
+
# The unique identifiers of the resource sets used by the policy.
|
|
2752
|
+
# @return [Array<String>]
|
|
2753
|
+
#
|
|
2754
|
+
# @!attribute [rw] policy_description
|
|
2755
|
+
# The definition of the Network Firewall firewall policy.
|
|
2756
|
+
# @return [String]
|
|
2757
|
+
#
|
|
2669
2758
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Policy AWS API Documentation
|
|
2670
2759
|
#
|
|
2671
2760
|
class Policy < Struct.new(
|
|
@@ -2680,7 +2769,9 @@ module Aws::FMS
|
|
|
2680
2769
|
:remediation_enabled,
|
|
2681
2770
|
:delete_unused_fm_managed_resources,
|
|
2682
2771
|
:include_map,
|
|
2683
|
-
:exclude_map
|
|
2772
|
+
:exclude_map,
|
|
2773
|
+
:resource_set_ids,
|
|
2774
|
+
:policy_description)
|
|
2684
2775
|
SENSITIVE = []
|
|
2685
2776
|
include Aws::Structure
|
|
2686
2777
|
end
|
|
@@ -2792,18 +2883,6 @@ module Aws::FMS
|
|
|
2792
2883
|
# Contains the Network Firewall firewall policy options to configure the
|
|
2793
2884
|
# policy's deployment model and third-party firewall policy settings.
|
|
2794
2885
|
#
|
|
2795
|
-
# @note When making an API call, you may pass PolicyOption
|
|
2796
|
-
# data as a hash:
|
|
2797
|
-
#
|
|
2798
|
-
# {
|
|
2799
|
-
# network_firewall_policy: {
|
|
2800
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2801
|
-
# },
|
|
2802
|
-
# third_party_firewall_policy: {
|
|
2803
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2804
|
-
# },
|
|
2805
|
-
# }
|
|
2806
|
-
#
|
|
2807
2886
|
# @!attribute [rw] network_firewall_policy
|
|
2808
2887
|
# Defines the deployment model to use for the firewall policy.
|
|
2809
2888
|
# @return [Types::NetworkFirewallPolicy]
|
|
@@ -2940,21 +3019,6 @@ module Aws::FMS
|
|
|
2940
3019
|
|
|
2941
3020
|
# An Firewall Manager protocols list.
|
|
2942
3021
|
#
|
|
2943
|
-
# @note When making an API call, you may pass ProtocolsListData
|
|
2944
|
-
# data as a hash:
|
|
2945
|
-
#
|
|
2946
|
-
# {
|
|
2947
|
-
# list_id: "ListId",
|
|
2948
|
-
# list_name: "ResourceName", # required
|
|
2949
|
-
# list_update_token: "UpdateToken",
|
|
2950
|
-
# create_time: Time.now,
|
|
2951
|
-
# last_update_time: Time.now,
|
|
2952
|
-
# protocols_list: ["Protocol"], # required
|
|
2953
|
-
# previous_protocols_list: {
|
|
2954
|
-
# "PreviousListVersion" => ["Protocol"],
|
|
2955
|
-
# },
|
|
2956
|
-
# }
|
|
2957
|
-
#
|
|
2958
3022
|
# @!attribute [rw] list_id
|
|
2959
3023
|
# The ID of the Firewall Manager protocols list.
|
|
2960
3024
|
# @return [String]
|
|
@@ -3030,41 +3094,6 @@ module Aws::FMS
|
|
|
3030
3094
|
include Aws::Structure
|
|
3031
3095
|
end
|
|
3032
3096
|
|
|
3033
|
-
# @note When making an API call, you may pass PutAppsListRequest
|
|
3034
|
-
# data as a hash:
|
|
3035
|
-
#
|
|
3036
|
-
# {
|
|
3037
|
-
# apps_list: { # required
|
|
3038
|
-
# list_id: "ListId",
|
|
3039
|
-
# list_name: "ResourceName", # required
|
|
3040
|
-
# list_update_token: "UpdateToken",
|
|
3041
|
-
# create_time: Time.now,
|
|
3042
|
-
# last_update_time: Time.now,
|
|
3043
|
-
# apps_list: [ # required
|
|
3044
|
-
# {
|
|
3045
|
-
# app_name: "ResourceName", # required
|
|
3046
|
-
# protocol: "Protocol", # required
|
|
3047
|
-
# port: 1, # required
|
|
3048
|
-
# },
|
|
3049
|
-
# ],
|
|
3050
|
-
# previous_apps_list: {
|
|
3051
|
-
# "PreviousListVersion" => [
|
|
3052
|
-
# {
|
|
3053
|
-
# app_name: "ResourceName", # required
|
|
3054
|
-
# protocol: "Protocol", # required
|
|
3055
|
-
# port: 1, # required
|
|
3056
|
-
# },
|
|
3057
|
-
# ],
|
|
3058
|
-
# },
|
|
3059
|
-
# },
|
|
3060
|
-
# tag_list: [
|
|
3061
|
-
# {
|
|
3062
|
-
# key: "TagKey", # required
|
|
3063
|
-
# value: "TagValue", # required
|
|
3064
|
-
# },
|
|
3065
|
-
# ],
|
|
3066
|
-
# }
|
|
3067
|
-
#
|
|
3068
3097
|
# @!attribute [rw] apps_list
|
|
3069
3098
|
# The details of the Firewall Manager applications list to be created.
|
|
3070
3099
|
# @return [Types::AppsListData]
|
|
@@ -3099,14 +3128,6 @@ module Aws::FMS
|
|
|
3099
3128
|
include Aws::Structure
|
|
3100
3129
|
end
|
|
3101
3130
|
|
|
3102
|
-
# @note When making an API call, you may pass PutNotificationChannelRequest
|
|
3103
|
-
# data as a hash:
|
|
3104
|
-
#
|
|
3105
|
-
# {
|
|
3106
|
-
# sns_topic_arn: "ResourceArn", # required
|
|
3107
|
-
# sns_role_name: "ResourceArn", # required
|
|
3108
|
-
# }
|
|
3109
|
-
#
|
|
3110
3131
|
# @!attribute [rw] sns_topic_arn
|
|
3111
3132
|
# The Amazon Resource Name (ARN) of the SNS topic that collects
|
|
3112
3133
|
# notifications from Firewall Manager.
|
|
@@ -3126,52 +3147,6 @@ module Aws::FMS
|
|
|
3126
3147
|
include Aws::Structure
|
|
3127
3148
|
end
|
|
3128
3149
|
|
|
3129
|
-
# @note When making an API call, you may pass PutPolicyRequest
|
|
3130
|
-
# data as a hash:
|
|
3131
|
-
#
|
|
3132
|
-
# {
|
|
3133
|
-
# policy: { # required
|
|
3134
|
-
# policy_id: "PolicyId",
|
|
3135
|
-
# policy_name: "ResourceName", # required
|
|
3136
|
-
# policy_update_token: "PolicyUpdateToken",
|
|
3137
|
-
# security_service_policy_data: { # required
|
|
3138
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
|
|
3139
|
-
# managed_service_data: "ManagedServiceData",
|
|
3140
|
-
# policy_option: {
|
|
3141
|
-
# network_firewall_policy: {
|
|
3142
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
3143
|
-
# },
|
|
3144
|
-
# third_party_firewall_policy: {
|
|
3145
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
3146
|
-
# },
|
|
3147
|
-
# },
|
|
3148
|
-
# },
|
|
3149
|
-
# resource_type: "ResourceType", # required
|
|
3150
|
-
# resource_type_list: ["ResourceType"],
|
|
3151
|
-
# resource_tags: [
|
|
3152
|
-
# {
|
|
3153
|
-
# key: "ResourceTagKey", # required
|
|
3154
|
-
# value: "ResourceTagValue",
|
|
3155
|
-
# },
|
|
3156
|
-
# ],
|
|
3157
|
-
# exclude_resource_tags: false, # required
|
|
3158
|
-
# remediation_enabled: false, # required
|
|
3159
|
-
# delete_unused_fm_managed_resources: false,
|
|
3160
|
-
# include_map: {
|
|
3161
|
-
# "ACCOUNT" => ["CustomerPolicyScopeId"],
|
|
3162
|
-
# },
|
|
3163
|
-
# exclude_map: {
|
|
3164
|
-
# "ACCOUNT" => ["CustomerPolicyScopeId"],
|
|
3165
|
-
# },
|
|
3166
|
-
# },
|
|
3167
|
-
# tag_list: [
|
|
3168
|
-
# {
|
|
3169
|
-
# key: "TagKey", # required
|
|
3170
|
-
# value: "TagValue", # required
|
|
3171
|
-
# },
|
|
3172
|
-
# ],
|
|
3173
|
-
# }
|
|
3174
|
-
#
|
|
3175
3150
|
# @!attribute [rw] policy
|
|
3176
3151
|
# The details of the Firewall Manager policy to be created.
|
|
3177
3152
|
# @return [Types::Policy]
|
|
@@ -3206,29 +3181,6 @@ module Aws::FMS
|
|
|
3206
3181
|
include Aws::Structure
|
|
3207
3182
|
end
|
|
3208
3183
|
|
|
3209
|
-
# @note When making an API call, you may pass PutProtocolsListRequest
|
|
3210
|
-
# data as a hash:
|
|
3211
|
-
#
|
|
3212
|
-
# {
|
|
3213
|
-
# protocols_list: { # required
|
|
3214
|
-
# list_id: "ListId",
|
|
3215
|
-
# list_name: "ResourceName", # required
|
|
3216
|
-
# list_update_token: "UpdateToken",
|
|
3217
|
-
# create_time: Time.now,
|
|
3218
|
-
# last_update_time: Time.now,
|
|
3219
|
-
# protocols_list: ["Protocol"], # required
|
|
3220
|
-
# previous_protocols_list: {
|
|
3221
|
-
# "PreviousListVersion" => ["Protocol"],
|
|
3222
|
-
# },
|
|
3223
|
-
# },
|
|
3224
|
-
# tag_list: [
|
|
3225
|
-
# {
|
|
3226
|
-
# key: "TagKey", # required
|
|
3227
|
-
# value: "TagValue", # required
|
|
3228
|
-
# },
|
|
3229
|
-
# ],
|
|
3230
|
-
# }
|
|
3231
|
-
#
|
|
3232
3184
|
# @!attribute [rw] protocols_list
|
|
3233
3185
|
# The details of the Firewall Manager protocols list to be created.
|
|
3234
3186
|
# @return [Types::ProtocolsListData]
|
|
@@ -3263,6 +3215,45 @@ module Aws::FMS
|
|
|
3263
3215
|
include Aws::Structure
|
|
3264
3216
|
end
|
|
3265
3217
|
|
|
3218
|
+
# @!attribute [rw] resource_set
|
|
3219
|
+
# Details about the resource set to be created or updated.>
|
|
3220
|
+
# @return [Types::ResourceSet]
|
|
3221
|
+
#
|
|
3222
|
+
# @!attribute [rw] tag_list
|
|
3223
|
+
# Retrieves the tags associated with the specified resource set. Tags
|
|
3224
|
+
# are key:value pairs that you can use to categorize and manage your
|
|
3225
|
+
# resources, for purposes like billing. For example, you might set the
|
|
3226
|
+
# tag key to "customer" and the value to the customer name or ID.
|
|
3227
|
+
# You can specify one or more tags to add to each Amazon Web Services
|
|
3228
|
+
# resource, up to 50 tags for a resource.
|
|
3229
|
+
# @return [Array<Types::Tag>]
|
|
3230
|
+
#
|
|
3231
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutResourceSetRequest AWS API Documentation
|
|
3232
|
+
#
|
|
3233
|
+
class PutResourceSetRequest < Struct.new(
|
|
3234
|
+
:resource_set,
|
|
3235
|
+
:tag_list)
|
|
3236
|
+
SENSITIVE = []
|
|
3237
|
+
include Aws::Structure
|
|
3238
|
+
end
|
|
3239
|
+
|
|
3240
|
+
# @!attribute [rw] resource_set
|
|
3241
|
+
# Details about the resource set.
|
|
3242
|
+
# @return [Types::ResourceSet]
|
|
3243
|
+
#
|
|
3244
|
+
# @!attribute [rw] resource_set_arn
|
|
3245
|
+
# The Amazon Resource Name (ARN) of the resource set.
|
|
3246
|
+
# @return [String]
|
|
3247
|
+
#
|
|
3248
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutResourceSetResponse AWS API Documentation
|
|
3249
|
+
#
|
|
3250
|
+
class PutResourceSetResponse < Struct.new(
|
|
3251
|
+
:resource_set,
|
|
3252
|
+
:resource_set_arn)
|
|
3253
|
+
SENSITIVE = []
|
|
3254
|
+
include Aws::Structure
|
|
3255
|
+
end
|
|
3256
|
+
|
|
3266
3257
|
# Information about an individual action you can take to remediate a
|
|
3267
3258
|
# violation.
|
|
3268
3259
|
#
|
|
@@ -3339,6 +3330,27 @@ module Aws::FMS
|
|
|
3339
3330
|
include Aws::Structure
|
|
3340
3331
|
end
|
|
3341
3332
|
|
|
3333
|
+
# Details of a resource that is associated to an Firewall Manager
|
|
3334
|
+
# resource set.
|
|
3335
|
+
#
|
|
3336
|
+
# @!attribute [rw] uri
|
|
3337
|
+
# The resource's universal resource indicator (URI).
|
|
3338
|
+
# @return [String]
|
|
3339
|
+
#
|
|
3340
|
+
# @!attribute [rw] account_id
|
|
3341
|
+
# The Amazon Web Services account ID that the associated resource
|
|
3342
|
+
# belongs to.
|
|
3343
|
+
# @return [String]
|
|
3344
|
+
#
|
|
3345
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Resource AWS API Documentation
|
|
3346
|
+
#
|
|
3347
|
+
class Resource < Struct.new(
|
|
3348
|
+
:uri,
|
|
3349
|
+
:account_id)
|
|
3350
|
+
SENSITIVE = []
|
|
3351
|
+
include Aws::Structure
|
|
3352
|
+
end
|
|
3353
|
+
|
|
3342
3354
|
# The specified resource was not found.
|
|
3343
3355
|
#
|
|
3344
3356
|
# @!attribute [rw] message
|
|
@@ -3352,6 +3364,100 @@ module Aws::FMS
|
|
|
3352
3364
|
include Aws::Structure
|
|
3353
3365
|
end
|
|
3354
3366
|
|
|
3367
|
+
# A set of resources to include in a policy.
|
|
3368
|
+
#
|
|
3369
|
+
# @!attribute [rw] id
|
|
3370
|
+
# A unique identifier for the resource set. This ID is returned in the
|
|
3371
|
+
# responses to create and list commands. You provide it to operations
|
|
3372
|
+
# like update and delete.
|
|
3373
|
+
# @return [String]
|
|
3374
|
+
#
|
|
3375
|
+
# @!attribute [rw] name
|
|
3376
|
+
# The descriptive name of the resource set. You can't change the name
|
|
3377
|
+
# of a resource set after you create it.
|
|
3378
|
+
# @return [String]
|
|
3379
|
+
#
|
|
3380
|
+
# @!attribute [rw] description
|
|
3381
|
+
# A description of the resource set.
|
|
3382
|
+
# @return [String]
|
|
3383
|
+
#
|
|
3384
|
+
# @!attribute [rw] update_token
|
|
3385
|
+
# An optional token that you can use for optimistic locking. Firewall
|
|
3386
|
+
# Manager returns a token to your requests that access the resource
|
|
3387
|
+
# set. The token marks the state of the resource set resource at the
|
|
3388
|
+
# time of the request. Update tokens are not allowed when creating a
|
|
3389
|
+
# resource set. After creation, each subsequent update call to the
|
|
3390
|
+
# resource set requires the update token.
|
|
3391
|
+
#
|
|
3392
|
+
# To make an unconditional change to the resource set, omit the token
|
|
3393
|
+
# in your update request. Without the token, Firewall Manager performs
|
|
3394
|
+
# your updates regardless of whether the resource set has changed
|
|
3395
|
+
# since you last retrieved it.
|
|
3396
|
+
#
|
|
3397
|
+
# To make a conditional change to the resource set, provide the token
|
|
3398
|
+
# in your update request. Firewall Manager uses the token to ensure
|
|
3399
|
+
# that the resource set hasn't changed since you last retrieved it.
|
|
3400
|
+
# If it has changed, the operation fails with an
|
|
3401
|
+
# `InvalidTokenException`. If this happens, retrieve the resource set
|
|
3402
|
+
# again to get a current copy of it with a new token. Reapply your
|
|
3403
|
+
# changes as needed, then try the operation again using the new token.
|
|
3404
|
+
# @return [String]
|
|
3405
|
+
#
|
|
3406
|
+
# @!attribute [rw] resource_type_list
|
|
3407
|
+
# Determines the resources that can be associated to the resource set.
|
|
3408
|
+
# Depending on your setting for max results and the number of resource
|
|
3409
|
+
# sets, a single call might not return the full list.
|
|
3410
|
+
# @return [Array<String>]
|
|
3411
|
+
#
|
|
3412
|
+
# @!attribute [rw] last_update_time
|
|
3413
|
+
# The last time that the resource set was changed.
|
|
3414
|
+
# @return [Time]
|
|
3415
|
+
#
|
|
3416
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceSet AWS API Documentation
|
|
3417
|
+
#
|
|
3418
|
+
class ResourceSet < Struct.new(
|
|
3419
|
+
:id,
|
|
3420
|
+
:name,
|
|
3421
|
+
:description,
|
|
3422
|
+
:update_token,
|
|
3423
|
+
:resource_type_list,
|
|
3424
|
+
:last_update_time)
|
|
3425
|
+
SENSITIVE = []
|
|
3426
|
+
include Aws::Structure
|
|
3427
|
+
end
|
|
3428
|
+
|
|
3429
|
+
# Summarizes the resource sets used in a policy.
|
|
3430
|
+
#
|
|
3431
|
+
# @!attribute [rw] id
|
|
3432
|
+
# A unique identifier for the resource set. This ID is returned in the
|
|
3433
|
+
# responses to create and list commands. You provide it to operations
|
|
3434
|
+
# like update and delete.
|
|
3435
|
+
# @return [String]
|
|
3436
|
+
#
|
|
3437
|
+
# @!attribute [rw] name
|
|
3438
|
+
# The descriptive name of the resource set. You can't change the name
|
|
3439
|
+
# of a resource set after you create it.
|
|
3440
|
+
# @return [String]
|
|
3441
|
+
#
|
|
3442
|
+
# @!attribute [rw] description
|
|
3443
|
+
# A description of the resource set.
|
|
3444
|
+
# @return [String]
|
|
3445
|
+
#
|
|
3446
|
+
# @!attribute [rw] last_update_time
|
|
3447
|
+
# The last time that the resource set was changed.
|
|
3448
|
+
# @return [Time]
|
|
3449
|
+
#
|
|
3450
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceSetSummary AWS API Documentation
|
|
3451
|
+
#
|
|
3452
|
+
class ResourceSetSummary < Struct.new(
|
|
3453
|
+
:id,
|
|
3454
|
+
:name,
|
|
3455
|
+
:description,
|
|
3456
|
+
:last_update_time)
|
|
3457
|
+
SENSITIVE = []
|
|
3458
|
+
include Aws::Structure
|
|
3459
|
+
end
|
|
3460
|
+
|
|
3355
3461
|
# The resource tags that Firewall Manager uses to determine if a
|
|
3356
3462
|
# particular resource should be included or excluded from the Firewall
|
|
3357
3463
|
# Manager policy. Tags enable you to categorize your Amazon Web Services
|
|
@@ -3366,14 +3472,6 @@ module Aws::FMS
|
|
|
3366
3472
|
#
|
|
3367
3473
|
# [1]: https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/tag-editor.html
|
|
3368
3474
|
#
|
|
3369
|
-
# @note When making an API call, you may pass ResourceTag
|
|
3370
|
-
# data as a hash:
|
|
3371
|
-
#
|
|
3372
|
-
# {
|
|
3373
|
-
# key: "ResourceTagKey", # required
|
|
3374
|
-
# value: "ResourceTagValue",
|
|
3375
|
-
# }
|
|
3376
|
-
#
|
|
3377
3475
|
# @!attribute [rw] key
|
|
3378
3476
|
# The resource tag key.
|
|
3379
3477
|
# @return [String]
|
|
@@ -3718,22 +3816,6 @@ module Aws::FMS
|
|
|
3718
3816
|
# Details about the security service that is being used to protect the
|
|
3719
3817
|
# resources.
|
|
3720
3818
|
#
|
|
3721
|
-
# @note When making an API call, you may pass SecurityServicePolicyData
|
|
3722
|
-
# data as a hash:
|
|
3723
|
-
#
|
|
3724
|
-
# {
|
|
3725
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL
|
|
3726
|
-
# managed_service_data: "ManagedServiceData",
|
|
3727
|
-
# policy_option: {
|
|
3728
|
-
# network_firewall_policy: {
|
|
3729
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
3730
|
-
# },
|
|
3731
|
-
# third_party_firewall_policy: {
|
|
3732
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
3733
|
-
# },
|
|
3734
|
-
# },
|
|
3735
|
-
# }
|
|
3736
|
-
#
|
|
3737
3819
|
# @!attribute [rw] type
|
|
3738
3820
|
# The service that the policy is using to protect the resources. This
|
|
3739
3821
|
# specifies the type of policy that is created, either an WAF policy,
|
|
@@ -4049,14 +4131,6 @@ module Aws::FMS
|
|
|
4049
4131
|
# "test," "development," or "production"). You can add up to 50
|
|
4050
4132
|
# tags to each Amazon Web Services resource.
|
|
4051
4133
|
#
|
|
4052
|
-
# @note When making an API call, you may pass Tag
|
|
4053
|
-
# data as a hash:
|
|
4054
|
-
#
|
|
4055
|
-
# {
|
|
4056
|
-
# key: "TagKey", # required
|
|
4057
|
-
# value: "TagValue", # required
|
|
4058
|
-
# }
|
|
4059
|
-
#
|
|
4060
4134
|
# @!attribute [rw] key
|
|
4061
4135
|
# Part of the key:value pair that defines a tag. You can use a tag key
|
|
4062
4136
|
# to describe a category of information, such as "customer." Tag
|
|
@@ -4078,19 +4152,6 @@ module Aws::FMS
|
|
|
4078
4152
|
include Aws::Structure
|
|
4079
4153
|
end
|
|
4080
4154
|
|
|
4081
|
-
# @note When making an API call, you may pass TagResourceRequest
|
|
4082
|
-
# data as a hash:
|
|
4083
|
-
#
|
|
4084
|
-
# {
|
|
4085
|
-
# resource_arn: "ResourceArn", # required
|
|
4086
|
-
# tag_list: [ # required
|
|
4087
|
-
# {
|
|
4088
|
-
# key: "TagKey", # required
|
|
4089
|
-
# value: "TagValue", # required
|
|
4090
|
-
# },
|
|
4091
|
-
# ],
|
|
4092
|
-
# }
|
|
4093
|
-
#
|
|
4094
4155
|
# @!attribute [rw] resource_arn
|
|
4095
4156
|
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
|
4096
4157
|
# The Firewall Manager resources that support tagging are policies,
|
|
@@ -4240,13 +4301,6 @@ module Aws::FMS
|
|
|
4240
4301
|
|
|
4241
4302
|
# Configures the deployment model for the third-party firewall.
|
|
4242
4303
|
#
|
|
4243
|
-
# @note When making an API call, you may pass ThirdPartyFirewallPolicy
|
|
4244
|
-
# data as a hash:
|
|
4245
|
-
#
|
|
4246
|
-
# {
|
|
4247
|
-
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
4248
|
-
# }
|
|
4249
|
-
#
|
|
4250
4304
|
# @!attribute [rw] firewall_deployment_model
|
|
4251
4305
|
# Defines the deployment model to use for the third-party firewall
|
|
4252
4306
|
# policy.
|
|
@@ -4260,14 +4314,6 @@ module Aws::FMS
|
|
|
4260
4314
|
include Aws::Structure
|
|
4261
4315
|
end
|
|
4262
4316
|
|
|
4263
|
-
# @note When making an API call, you may pass UntagResourceRequest
|
|
4264
|
-
# data as a hash:
|
|
4265
|
-
#
|
|
4266
|
-
# {
|
|
4267
|
-
# resource_arn: "ResourceArn", # required
|
|
4268
|
-
# tag_keys: ["TagKey"], # required
|
|
4269
|
-
# }
|
|
4270
|
-
#
|
|
4271
4317
|
# @!attribute [rw] resource_arn
|
|
4272
4318
|
# The Amazon Resource Name (ARN) of the resource to return tags for.
|
|
4273
4319
|
# The Firewall Manager resources that support tagging are policies,
|