aws-sdk-fms 1.67.0 → 1.69.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +309 -119
- data/lib/aws-sdk-fms/client_api.rb +114 -1
- data/lib/aws-sdk-fms/types.rb +560 -38
- data/lib/aws-sdk-fms.rb +1 -1
- data/sig/client.rbs +43 -3
- data/sig/types.rbs +106 -6
- metadata +4 -4
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
|
22
22
|
require 'aws-sdk-core/plugins/response_paging.rb'
|
23
23
|
require 'aws-sdk-core/plugins/stub_responses.rb'
|
24
24
|
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
25
|
+
require 'aws-sdk-core/plugins/invocation_id.rb'
|
25
26
|
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
26
27
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
27
28
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
@@ -72,6 +73,7 @@ module Aws::FMS
|
|
72
73
|
add_plugin(Aws::Plugins::ResponsePaging)
|
73
74
|
add_plugin(Aws::Plugins::StubResponses)
|
74
75
|
add_plugin(Aws::Plugins::IdempotencyToken)
|
76
|
+
add_plugin(Aws::Plugins::InvocationId)
|
75
77
|
add_plugin(Aws::Plugins::JsonvalueConverter)
|
76
78
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
77
79
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
@@ -196,10 +198,17 @@ module Aws::FMS
|
|
196
198
|
# When set to 'true' the request body will not be compressed
|
197
199
|
# for supported operations.
|
198
200
|
#
|
199
|
-
# @option options [String] :endpoint
|
200
|
-
#
|
201
|
-
#
|
202
|
-
#
|
201
|
+
# @option options [String, URI::HTTPS, URI::HTTP] :endpoint
|
202
|
+
# Normally you should not configure the `:endpoint` option
|
203
|
+
# directly. This is normally constructed from the `:region`
|
204
|
+
# option. Configuring `:endpoint` is normally reserved for
|
205
|
+
# connecting to test or custom endpoints. The endpoint should
|
206
|
+
# be a URI formatted like:
|
207
|
+
#
|
208
|
+
# 'http://example.com'
|
209
|
+
# 'https://example.com'
|
210
|
+
# 'http://example.com:123'
|
211
|
+
#
|
203
212
|
#
|
204
213
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
205
214
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
@@ -347,50 +356,65 @@ module Aws::FMS
|
|
347
356
|
# @option options [Aws::FMS::EndpointProvider] :endpoint_provider
|
348
357
|
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::FMS::EndpointParameters`
|
349
358
|
#
|
350
|
-
# @option options [
|
351
|
-
#
|
352
|
-
#
|
353
|
-
#
|
354
|
-
#
|
355
|
-
#
|
356
|
-
#
|
357
|
-
#
|
358
|
-
#
|
359
|
-
#
|
360
|
-
#
|
361
|
-
# @option options [Float] :
|
362
|
-
#
|
363
|
-
#
|
364
|
-
#
|
365
|
-
#
|
366
|
-
#
|
367
|
-
#
|
368
|
-
#
|
369
|
-
#
|
370
|
-
#
|
371
|
-
#
|
372
|
-
#
|
373
|
-
#
|
374
|
-
#
|
375
|
-
#
|
376
|
-
#
|
377
|
-
#
|
359
|
+
# @option options [Float] :http_continue_timeout (1)
|
360
|
+
# The number of seconds to wait for a 100-continue response before sending the
|
361
|
+
# request body. This option has no effect unless the request has "Expect"
|
362
|
+
# header set to "100-continue". Defaults to `nil` which disables this
|
363
|
+
# behaviour. This value can safely be set per request on the session.
|
364
|
+
#
|
365
|
+
# @option options [Float] :http_idle_timeout (5)
|
366
|
+
# The number of seconds a connection is allowed to sit idle before it
|
367
|
+
# is considered stale. Stale connections are closed and removed from the
|
368
|
+
# pool before making a request.
|
369
|
+
#
|
370
|
+
# @option options [Float] :http_open_timeout (15)
|
371
|
+
# The default number of seconds to wait for response data.
|
372
|
+
# This value can safely be set per-request on the session.
|
373
|
+
#
|
374
|
+
# @option options [URI::HTTP,String] :http_proxy
|
375
|
+
# A proxy to send requests through. Formatted like 'http://proxy.com:123'.
|
376
|
+
#
|
377
|
+
# @option options [Float] :http_read_timeout (60)
|
378
|
+
# The default number of seconds to wait for response data.
|
379
|
+
# This value can safely be set per-request on the session.
|
380
|
+
#
|
381
|
+
# @option options [Boolean] :http_wire_trace (false)
|
382
|
+
# When `true`, HTTP debug output will be sent to the `:logger`.
|
383
|
+
#
|
384
|
+
# @option options [Proc] :on_chunk_received
|
385
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
386
|
+
# of the response body is received. It provides three arguments: the chunk,
|
387
|
+
# the number of bytes received, and the total number of
|
388
|
+
# bytes in the response (or nil if the server did not send a `content-length`).
|
389
|
+
#
|
390
|
+
# @option options [Proc] :on_chunk_sent
|
391
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
392
|
+
# of the request body is sent. It provides three arguments: the chunk,
|
393
|
+
# the number of bytes read from the body, and the total number of
|
394
|
+
# bytes in the body.
|
395
|
+
#
|
396
|
+
# @option options [Boolean] :raise_response_errors (true)
|
397
|
+
# When `true`, response errors are raised.
|
398
|
+
#
|
399
|
+
# @option options [String] :ssl_ca_bundle
|
400
|
+
# Full path to the SSL certificate authority bundle file that should be used when
|
401
|
+
# verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
|
402
|
+
# `:ssl_ca_directory` the the system default will be used if available.
|
403
|
+
#
|
404
|
+
# @option options [String] :ssl_ca_directory
|
405
|
+
# Full path of the directory that contains the unbundled SSL certificate
|
406
|
+
# authority files for verifying peer certificates. If you do
|
407
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
|
408
|
+
# default will be used if available.
|
378
409
|
#
|
379
|
-
# @option options [
|
380
|
-
#
|
381
|
-
# connection.
|
410
|
+
# @option options [String] :ssl_ca_store
|
411
|
+
# Sets the X509::Store to verify peer certificate.
|
382
412
|
#
|
383
|
-
# @option options [
|
384
|
-
#
|
385
|
-
# verifying peer certificates. If you do not pass
|
386
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
387
|
-
# will be used if available.
|
413
|
+
# @option options [Float] :ssl_timeout
|
414
|
+
# Sets the SSL timeout in seconds
|
388
415
|
#
|
389
|
-
# @option options [
|
390
|
-
#
|
391
|
-
# authority files for verifying peer certificates. If you do
|
392
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
393
|
-
# system default will be used if available.
|
416
|
+
# @option options [Boolean] :ssl_verify_peer (true)
|
417
|
+
# When `true`, SSL peer certificates are verified when establishing a connection.
|
394
418
|
#
|
395
419
|
def initialize(*args)
|
396
420
|
super
|
@@ -771,11 +795,11 @@ module Aws::FMS
|
|
771
795
|
end
|
772
796
|
|
773
797
|
# Returns information about the specified account's administrative
|
774
|
-
# scope. The
|
798
|
+
# scope. The administrative scope defines the resources that an Firewall
|
775
799
|
# Manager administrator can manage.
|
776
800
|
#
|
777
801
|
# @option params [required, String] :admin_account
|
778
|
-
# The
|
802
|
+
# The administrator account that you want to get the details for.
|
779
803
|
#
|
780
804
|
# @return [Types::GetAdminScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
781
805
|
#
|
@@ -802,7 +826,7 @@ module Aws::FMS
|
|
802
826
|
# resp.admin_scope.region_scope.regions[0] #=> String
|
803
827
|
# resp.admin_scope.region_scope.all_regions_enabled #=> Boolean
|
804
828
|
# resp.admin_scope.policy_type_scope.policy_types #=> Array
|
805
|
-
# resp.admin_scope.policy_type_scope.policy_types[0] #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
829
|
+
# resp.admin_scope.policy_type_scope.policy_types[0] #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
806
830
|
# resp.admin_scope.policy_type_scope.all_policy_types_enabled #=> Boolean
|
807
831
|
# resp.status #=> String, one of "ONBOARDING", "ONBOARDING_COMPLETE", "OFFBOARDING", "OFFBOARDING_COMPLETE"
|
808
832
|
#
|
@@ -869,23 +893,8 @@ module Aws::FMS
|
|
869
893
|
# account. Details include resources that are in and out of compliance
|
870
894
|
# with the specified policy.
|
871
895
|
#
|
872
|
-
#
|
873
|
-
#
|
874
|
-
#
|
875
|
-
# * Resources are considered noncompliant for security group policies if
|
876
|
-
# they are in scope of the policy, they violate one or more of the
|
877
|
-
# policy rules, and remediation is disabled or not possible.
|
878
|
-
#
|
879
|
-
# * Resources are considered noncompliant for Network Firewall policies
|
880
|
-
# if a firewall is missing in the VPC, if the firewall endpoint isn't
|
881
|
-
# set up in an expected Availability Zone and subnet, if a subnet
|
882
|
-
# created by the Firewall Manager doesn't have the expected route
|
883
|
-
# table, and for modifications to a firewall policy that violate the
|
884
|
-
# Firewall Manager policy's rules.
|
885
|
-
#
|
886
|
-
# * Resources are considered noncompliant for DNS Firewall policies if a
|
887
|
-
# DNS Firewall rule group is missing from the rule group associations
|
888
|
-
# for the VPC.
|
896
|
+
# The reasons for resources being considered compliant depend on the
|
897
|
+
# Firewall Manager policy type.
|
889
898
|
#
|
890
899
|
# @option params [required, String] :policy_id
|
891
900
|
# The ID of the policy that you want to get the details for. `PolicyId`
|
@@ -913,7 +922,7 @@ module Aws::FMS
|
|
913
922
|
# resp.policy_compliance_detail.member_account #=> String
|
914
923
|
# resp.policy_compliance_detail.violators #=> Array
|
915
924
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
916
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT"
|
925
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT", "INVALID_NETWORK_ACL_ENTRY"
|
917
926
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
918
927
|
# resp.policy_compliance_detail.violators[0].metadata #=> Hash
|
919
928
|
# resp.policy_compliance_detail.violators[0].metadata["LengthBoundedString"] #=> String
|
@@ -974,10 +983,32 @@ module Aws::FMS
|
|
974
983
|
# resp.policy.policy_id #=> String
|
975
984
|
# resp.policy.policy_name #=> String
|
976
985
|
# resp.policy.policy_update_token #=> String
|
977
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
986
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
978
987
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
979
988
|
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
980
989
|
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
990
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries #=> Array
|
991
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.code #=> Integer
|
992
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.type #=> Integer
|
993
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].protocol #=> String
|
994
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.from #=> Integer
|
995
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.to #=> Integer
|
996
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].cidr_block #=> String
|
997
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].ipv_6_cidr_block #=> String
|
998
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].rule_action #=> String, one of "allow", "deny"
|
999
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].egress #=> Boolean
|
1000
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_first_entries #=> Boolean
|
1001
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries #=> Array
|
1002
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.code #=> Integer
|
1003
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.type #=> Integer
|
1004
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].protocol #=> String
|
1005
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.from #=> Integer
|
1006
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.to #=> Integer
|
1007
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].cidr_block #=> String
|
1008
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].ipv_6_cidr_block #=> String
|
1009
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].rule_action #=> String, one of "allow", "deny"
|
1010
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].egress #=> Boolean
|
1011
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_last_entries #=> Boolean
|
981
1012
|
# resp.policy.resource_type #=> String
|
982
1013
|
# resp.policy.resource_type_list #=> Array
|
983
1014
|
# resp.policy.resource_type_list[0] #=> String
|
@@ -1067,7 +1098,7 @@ module Aws::FMS
|
|
1067
1098
|
# @example Response structure
|
1068
1099
|
#
|
1069
1100
|
# resp.admin_account_id #=> String
|
1070
|
-
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
1101
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
1071
1102
|
# resp.data #=> String
|
1072
1103
|
# resp.next_token #=> String
|
1073
1104
|
#
|
@@ -1210,6 +1241,8 @@ module Aws::FMS
|
|
1210
1241
|
#
|
1211
1242
|
# * Security group content audit
|
1212
1243
|
#
|
1244
|
+
# * Network ACL
|
1245
|
+
#
|
1213
1246
|
# * Third-party firewall
|
1214
1247
|
#
|
1215
1248
|
# @option params [required, String] :member_account
|
@@ -1305,6 +1338,7 @@ module Aws::FMS
|
|
1305
1338
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_default_actions #=> Array
|
1306
1339
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_default_actions[0] #=> String
|
1307
1340
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_engine_options.rule_order #=> String, one of "STRICT_ORDER", "DEFAULT_ACTION_ORDER"
|
1341
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT", "FMS_IGNORE"
|
1308
1342
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups #=> Array
|
1309
1343
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].rule_group_name #=> String
|
1310
1344
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].resource_id #=> String
|
@@ -1323,6 +1357,7 @@ module Aws::FMS
|
|
1323
1357
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_default_actions #=> Array
|
1324
1358
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_default_actions[0] #=> String
|
1325
1359
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_engine_options.rule_order #=> String, one of "STRICT_ORDER", "DEFAULT_ACTION_ORDER"
|
1360
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT", "FMS_IGNORE"
|
1326
1361
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.subnet_id #=> String
|
1327
1362
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.subnet_availability_zone #=> String
|
1328
1363
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.route_table_id #=> String
|
@@ -1457,6 +1492,95 @@ module Aws::FMS
|
|
1457
1492
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target #=> String
|
1458
1493
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target_description #=> String
|
1459
1494
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.number_of_rule_groups_already_associated #=> Integer
|
1495
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.firewall_subnet_id #=> String
|
1496
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_id #=> String
|
1497
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone #=> String
|
1498
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone_id #=> String
|
1499
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_endpoint_id #=> String
|
1500
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_id #=> String
|
1501
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.vpc_id #=> String
|
1502
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.route_table_id #=> String
|
1503
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes #=> Array
|
1504
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1505
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1506
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination #=> String
|
1507
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target #=> String
|
1508
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone #=> String
|
1509
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone_id #=> String
|
1510
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_firewall_subnet_route_table #=> String
|
1511
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_id #=> String
|
1512
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes #=> Array
|
1513
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1514
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1515
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination #=> String
|
1516
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target #=> String
|
1517
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_id #=> String
|
1518
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_internet_gateway_route_table #=> String
|
1519
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes #=> Array
|
1520
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1521
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1522
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination #=> String
|
1523
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target #=> String
|
1524
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.violation_target #=> String
|
1525
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.vpc #=> String
|
1526
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.availability_zone #=> String
|
1527
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.target_violation_reason #=> String
|
1528
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.violation_target #=> String
|
1529
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.vpc #=> String
|
1530
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.availability_zone #=> String
|
1531
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.target_violation_reason #=> String
|
1532
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.violation_target #=> String
|
1533
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.vpc #=> String
|
1534
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.availability_zone #=> String
|
1535
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.current_route_table #=> String
|
1536
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.expected_route_table #=> String
|
1537
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.firewall_subnet_id #=> String
|
1538
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.vpc_id #=> String
|
1539
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone #=> String
|
1540
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone_id #=> String
|
1541
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.vpc #=> String
|
1542
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.subnet #=> String
|
1543
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.subnet_availability_zone #=> String
|
1544
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.current_associated_network_acl #=> String
|
1545
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations #=> Array
|
1546
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.icmp_type_code.code #=> Integer
|
1547
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.icmp_type_code.type #=> Integer
|
1548
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.protocol #=> String
|
1549
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.port_range.from #=> Integer
|
1550
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.port_range.to #=> Integer
|
1551
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.cidr_block #=> String
|
1552
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.ipv_6_cidr_block #=> String
|
1553
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.rule_action #=> String, one of "allow", "deny"
|
1554
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.egress #=> Boolean
|
1555
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_rule_number #=> Integer
|
1556
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
1557
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_evaluation_order #=> String
|
1558
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].actual_evaluation_order #=> String
|
1559
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.icmp_type_code.code #=> Integer
|
1560
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.icmp_type_code.type #=> Integer
|
1561
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.protocol #=> String
|
1562
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.port_range.from #=> Integer
|
1563
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.port_range.to #=> Integer
|
1564
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.cidr_block #=> String
|
1565
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.ipv_6_cidr_block #=> String
|
1566
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.rule_action #=> String, one of "allow", "deny"
|
1567
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.egress #=> Boolean
|
1568
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_rule_number #=> Integer
|
1569
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
1570
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts #=> Array
|
1571
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.icmp_type_code.code #=> Integer
|
1572
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.icmp_type_code.type #=> Integer
|
1573
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.protocol #=> String
|
1574
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.port_range.from #=> Integer
|
1575
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.port_range.to #=> Integer
|
1576
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.cidr_block #=> String
|
1577
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.ipv_6_cidr_block #=> String
|
1578
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
1579
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.egress #=> Boolean
|
1580
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_rule_number #=> Integer
|
1581
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
1582
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_violation_reasons #=> Array
|
1583
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_violation_reasons[0] #=> String, one of "MISSING_EXPECTED_ENTRY", "INCORRECT_ENTRY_ORDER", "ENTRY_CONFLICT"
|
1460
1584
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.description #=> String
|
1461
1585
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions #=> Array
|
1462
1586
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].description #=> String
|
@@ -1508,54 +1632,50 @@ module Aws::FMS
|
|
1508
1632
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.ec2_create_route_table_action.vpc_id.description #=> String
|
1509
1633
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.description #=> String
|
1510
1634
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.firewall_creation_config #=> String
|
1635
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.description #=> String
|
1636
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.vpc.resource_id #=> String
|
1637
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.vpc.description #=> String
|
1638
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.fms_can_remediate #=> Boolean
|
1639
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.description #=> String
|
1640
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.association_id.resource_id #=> String
|
1641
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.association_id.description #=> String
|
1642
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.network_acl_id.resource_id #=> String
|
1643
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.network_acl_id.description #=> String
|
1644
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.fms_can_remediate #=> Boolean
|
1645
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.description #=> String
|
1646
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_id.resource_id #=> String
|
1647
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_id.description #=> String
|
1648
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created #=> Array
|
1649
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.icmp_type_code.code #=> Integer
|
1650
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.icmp_type_code.type #=> Integer
|
1651
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.protocol #=> String
|
1652
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.port_range.from #=> Integer
|
1653
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.port_range.to #=> Integer
|
1654
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.cidr_block #=> String
|
1655
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.ipv_6_cidr_block #=> String
|
1656
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
1657
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.egress #=> Boolean
|
1658
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_rule_number #=> Integer
|
1659
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
1660
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.fms_can_remediate #=> Boolean
|
1661
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.description #=> String
|
1662
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_id.resource_id #=> String
|
1663
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_id.description #=> String
|
1664
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted #=> Array
|
1665
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.icmp_type_code.code #=> Integer
|
1666
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.icmp_type_code.type #=> Integer
|
1667
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.protocol #=> String
|
1668
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.port_range.from #=> Integer
|
1669
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.port_range.to #=> Integer
|
1670
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.cidr_block #=> String
|
1671
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.ipv_6_cidr_block #=> String
|
1672
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
1673
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.egress #=> Boolean
|
1674
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_rule_number #=> Integer
|
1675
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
1676
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.fms_can_remediate #=> Boolean
|
1511
1677
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].order #=> Integer
|
1512
1678
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].is_default_action #=> Boolean
|
1513
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.firewall_subnet_id #=> String
|
1514
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_id #=> String
|
1515
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone #=> String
|
1516
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone_id #=> String
|
1517
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_endpoint_id #=> String
|
1518
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_id #=> String
|
1519
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.vpc_id #=> String
|
1520
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.route_table_id #=> String
|
1521
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes #=> Array
|
1522
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1523
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1524
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination #=> String
|
1525
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target #=> String
|
1526
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone #=> String
|
1527
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone_id #=> String
|
1528
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_firewall_subnet_route_table #=> String
|
1529
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_id #=> String
|
1530
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes #=> Array
|
1531
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1532
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1533
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination #=> String
|
1534
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target #=> String
|
1535
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_id #=> String
|
1536
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_internet_gateway_route_table #=> String
|
1537
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes #=> Array
|
1538
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
1539
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
1540
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination #=> String
|
1541
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target #=> String
|
1542
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.violation_target #=> String
|
1543
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.vpc #=> String
|
1544
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.availability_zone #=> String
|
1545
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.target_violation_reason #=> String
|
1546
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.violation_target #=> String
|
1547
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.vpc #=> String
|
1548
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.availability_zone #=> String
|
1549
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.target_violation_reason #=> String
|
1550
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.violation_target #=> String
|
1551
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.vpc #=> String
|
1552
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.availability_zone #=> String
|
1553
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.current_route_table #=> String
|
1554
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.expected_route_table #=> String
|
1555
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.firewall_subnet_id #=> String
|
1556
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.vpc_id #=> String
|
1557
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone #=> String
|
1558
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone_id #=> String
|
1559
1679
|
# resp.violation_detail.resource_tags #=> Array
|
1560
1680
|
# resp.violation_detail.resource_tags[0].key #=> String
|
1561
1681
|
# resp.violation_detail.resource_tags[0].value #=> String
|
@@ -1937,7 +2057,7 @@ module Aws::FMS
|
|
1937
2057
|
# resp.policy_list[0].policy_id #=> String
|
1938
2058
|
# resp.policy_list[0].policy_name #=> String
|
1939
2059
|
# resp.policy_list[0].resource_type #=> String
|
1940
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
2060
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
1941
2061
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
1942
2062
|
# resp.policy_list[0].delete_unused_fm_managed_resources #=> Boolean
|
1943
2063
|
# resp.policy_list[0].policy_status #=> String, one of "ACTIVE", "OUT_OF_ADMIN_SCOPE"
|
@@ -2249,7 +2369,7 @@ module Aws::FMS
|
|
2249
2369
|
# all_regions_enabled: false,
|
2250
2370
|
# },
|
2251
2371
|
# policy_type_scope: {
|
2252
|
-
# policy_types: ["WAF"], # accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
|
2372
|
+
# policy_types: ["WAF"], # accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL, NETWORK_ACL_COMMON
|
2253
2373
|
# all_policy_types_enabled: false,
|
2254
2374
|
# },
|
2255
2375
|
# },
|
@@ -2393,6 +2513,9 @@ module Aws::FMS
|
|
2393
2513
|
#
|
2394
2514
|
# Firewall Manager provides the following types of policies:
|
2395
2515
|
#
|
2516
|
+
# * **WAF policy** - This policy applies WAF web ACL protections to
|
2517
|
+
# specified accounts and resources.
|
2518
|
+
#
|
2396
2519
|
# * **Shield Advanced policy** - This policy applies Shield Advanced
|
2397
2520
|
# protection to specified accounts and resources.
|
2398
2521
|
#
|
@@ -2401,6 +2524,11 @@ module Aws::FMS
|
|
2401
2524
|
# Organizations and lets you enforce a baseline set of rules across
|
2402
2525
|
# your organization.
|
2403
2526
|
#
|
2527
|
+
# * **Network ACL policy** - This type of policy gives you control over
|
2528
|
+
# the network ACLs that are in use throughout your organization in
|
2529
|
+
# Organizations and lets you enforce a baseline set of first and last
|
2530
|
+
# network ACL rules across your organization.
|
2531
|
+
#
|
2404
2532
|
# * **Network Firewall policy** - This policy applies Network Firewall
|
2405
2533
|
# protection to your organization's VPCs.
|
2406
2534
|
#
|
@@ -2447,7 +2575,7 @@ module Aws::FMS
|
|
2447
2575
|
# policy_name: "ResourceName", # required
|
2448
2576
|
# policy_update_token: "PolicyUpdateToken",
|
2449
2577
|
# security_service_policy_data: { # required
|
2450
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
|
2578
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL, NETWORK_ACL_COMMON
|
2451
2579
|
# managed_service_data: "ManagedServiceData",
|
2452
2580
|
# policy_option: {
|
2453
2581
|
# network_firewall_policy: {
|
@@ -2456,6 +2584,46 @@ module Aws::FMS
|
|
2456
2584
|
# third_party_firewall_policy: {
|
2457
2585
|
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
2458
2586
|
# },
|
2587
|
+
# network_acl_common_policy: {
|
2588
|
+
# network_acl_entry_set: { # required
|
2589
|
+
# first_entries: [
|
2590
|
+
# {
|
2591
|
+
# icmp_type_code: {
|
2592
|
+
# code: 1,
|
2593
|
+
# type: 1,
|
2594
|
+
# },
|
2595
|
+
# protocol: "LengthBoundedString", # required
|
2596
|
+
# port_range: {
|
2597
|
+
# from: 1,
|
2598
|
+
# to: 1,
|
2599
|
+
# },
|
2600
|
+
# cidr_block: "LengthBoundedNonEmptyString",
|
2601
|
+
# ipv_6_cidr_block: "LengthBoundedNonEmptyString",
|
2602
|
+
# rule_action: "allow", # required, accepts allow, deny
|
2603
|
+
# egress: false, # required
|
2604
|
+
# },
|
2605
|
+
# ],
|
2606
|
+
# force_remediate_for_first_entries: false, # required
|
2607
|
+
# last_entries: [
|
2608
|
+
# {
|
2609
|
+
# icmp_type_code: {
|
2610
|
+
# code: 1,
|
2611
|
+
# type: 1,
|
2612
|
+
# },
|
2613
|
+
# protocol: "LengthBoundedString", # required
|
2614
|
+
# port_range: {
|
2615
|
+
# from: 1,
|
2616
|
+
# to: 1,
|
2617
|
+
# },
|
2618
|
+
# cidr_block: "LengthBoundedNonEmptyString",
|
2619
|
+
# ipv_6_cidr_block: "LengthBoundedNonEmptyString",
|
2620
|
+
# rule_action: "allow", # required, accepts allow, deny
|
2621
|
+
# egress: false, # required
|
2622
|
+
# },
|
2623
|
+
# ],
|
2624
|
+
# force_remediate_for_last_entries: false, # required
|
2625
|
+
# },
|
2626
|
+
# },
|
2459
2627
|
# },
|
2460
2628
|
# },
|
2461
2629
|
# resource_type: "ResourceType", # required
|
@@ -2492,10 +2660,32 @@ module Aws::FMS
|
|
2492
2660
|
# resp.policy.policy_id #=> String
|
2493
2661
|
# resp.policy.policy_name #=> String
|
2494
2662
|
# resp.policy.policy_update_token #=> String
|
2495
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
2663
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
2496
2664
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
2497
2665
|
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
2498
2666
|
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
2667
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries #=> Array
|
2668
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.code #=> Integer
|
2669
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.type #=> Integer
|
2670
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].protocol #=> String
|
2671
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.from #=> Integer
|
2672
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.to #=> Integer
|
2673
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].cidr_block #=> String
|
2674
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].ipv_6_cidr_block #=> String
|
2675
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].rule_action #=> String, one of "allow", "deny"
|
2676
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].egress #=> Boolean
|
2677
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_first_entries #=> Boolean
|
2678
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries #=> Array
|
2679
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.code #=> Integer
|
2680
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.type #=> Integer
|
2681
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].protocol #=> String
|
2682
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.from #=> Integer
|
2683
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.to #=> Integer
|
2684
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].cidr_block #=> String
|
2685
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].ipv_6_cidr_block #=> String
|
2686
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].rule_action #=> String, one of "allow", "deny"
|
2687
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].egress #=> Boolean
|
2688
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_last_entries #=> Boolean
|
2499
2689
|
# resp.policy.resource_type #=> String
|
2500
2690
|
# resp.policy.resource_type_list #=> Array
|
2501
2691
|
# resp.policy.resource_type_list[0] #=> String
|
@@ -2720,7 +2910,7 @@ module Aws::FMS
|
|
2720
2910
|
params: params,
|
2721
2911
|
config: config)
|
2722
2912
|
context[:gem_name] = 'aws-sdk-fms'
|
2723
|
-
context[:gem_version] = '1.
|
2913
|
+
context[:gem_version] = '1.69.0'
|
2724
2914
|
Seahorse::Client::Request.new(handlers, context)
|
2725
2915
|
end
|
2726
2916
|
|