aws-sdk-fms 1.67.0 → 1.69.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +309 -119
- data/lib/aws-sdk-fms/client_api.rb +114 -1
- data/lib/aws-sdk-fms/types.rb +560 -38
- data/lib/aws-sdk-fms.rb +1 -1
- data/sig/client.rbs +43 -3
- data/sig/types.rbs +106 -6
- metadata +4 -4
data/lib/aws-sdk-fms/client.rb
CHANGED
|
@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
|
|
|
22
22
|
require 'aws-sdk-core/plugins/response_paging.rb'
|
|
23
23
|
require 'aws-sdk-core/plugins/stub_responses.rb'
|
|
24
24
|
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
|
25
|
+
require 'aws-sdk-core/plugins/invocation_id.rb'
|
|
25
26
|
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
|
26
27
|
require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
|
|
27
28
|
require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
|
|
@@ -72,6 +73,7 @@ module Aws::FMS
|
|
|
72
73
|
add_plugin(Aws::Plugins::ResponsePaging)
|
|
73
74
|
add_plugin(Aws::Plugins::StubResponses)
|
|
74
75
|
add_plugin(Aws::Plugins::IdempotencyToken)
|
|
76
|
+
add_plugin(Aws::Plugins::InvocationId)
|
|
75
77
|
add_plugin(Aws::Plugins::JsonvalueConverter)
|
|
76
78
|
add_plugin(Aws::Plugins::ClientMetricsPlugin)
|
|
77
79
|
add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
|
|
@@ -196,10 +198,17 @@ module Aws::FMS
|
|
|
196
198
|
# When set to 'true' the request body will not be compressed
|
|
197
199
|
# for supported operations.
|
|
198
200
|
#
|
|
199
|
-
# @option options [String] :endpoint
|
|
200
|
-
#
|
|
201
|
-
#
|
|
202
|
-
#
|
|
201
|
+
# @option options [String, URI::HTTPS, URI::HTTP] :endpoint
|
|
202
|
+
# Normally you should not configure the `:endpoint` option
|
|
203
|
+
# directly. This is normally constructed from the `:region`
|
|
204
|
+
# option. Configuring `:endpoint` is normally reserved for
|
|
205
|
+
# connecting to test or custom endpoints. The endpoint should
|
|
206
|
+
# be a URI formatted like:
|
|
207
|
+
#
|
|
208
|
+
# 'http://example.com'
|
|
209
|
+
# 'https://example.com'
|
|
210
|
+
# 'http://example.com:123'
|
|
211
|
+
#
|
|
203
212
|
#
|
|
204
213
|
# @option options [Integer] :endpoint_cache_max_entries (1000)
|
|
205
214
|
# Used for the maximum size limit of the LRU cache storing endpoints data
|
|
@@ -347,50 +356,65 @@ module Aws::FMS
|
|
|
347
356
|
# @option options [Aws::FMS::EndpointProvider] :endpoint_provider
|
|
348
357
|
# The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::FMS::EndpointParameters`
|
|
349
358
|
#
|
|
350
|
-
# @option options [
|
|
351
|
-
#
|
|
352
|
-
#
|
|
353
|
-
#
|
|
354
|
-
#
|
|
355
|
-
#
|
|
356
|
-
#
|
|
357
|
-
#
|
|
358
|
-
#
|
|
359
|
-
#
|
|
360
|
-
#
|
|
361
|
-
# @option options [Float] :
|
|
362
|
-
#
|
|
363
|
-
#
|
|
364
|
-
#
|
|
365
|
-
#
|
|
366
|
-
#
|
|
367
|
-
#
|
|
368
|
-
#
|
|
369
|
-
#
|
|
370
|
-
#
|
|
371
|
-
#
|
|
372
|
-
#
|
|
373
|
-
#
|
|
374
|
-
#
|
|
375
|
-
#
|
|
376
|
-
#
|
|
377
|
-
#
|
|
359
|
+
# @option options [Float] :http_continue_timeout (1)
|
|
360
|
+
# The number of seconds to wait for a 100-continue response before sending the
|
|
361
|
+
# request body. This option has no effect unless the request has "Expect"
|
|
362
|
+
# header set to "100-continue". Defaults to `nil` which disables this
|
|
363
|
+
# behaviour. This value can safely be set per request on the session.
|
|
364
|
+
#
|
|
365
|
+
# @option options [Float] :http_idle_timeout (5)
|
|
366
|
+
# The number of seconds a connection is allowed to sit idle before it
|
|
367
|
+
# is considered stale. Stale connections are closed and removed from the
|
|
368
|
+
# pool before making a request.
|
|
369
|
+
#
|
|
370
|
+
# @option options [Float] :http_open_timeout (15)
|
|
371
|
+
# The default number of seconds to wait for response data.
|
|
372
|
+
# This value can safely be set per-request on the session.
|
|
373
|
+
#
|
|
374
|
+
# @option options [URI::HTTP,String] :http_proxy
|
|
375
|
+
# A proxy to send requests through. Formatted like 'http://proxy.com:123'.
|
|
376
|
+
#
|
|
377
|
+
# @option options [Float] :http_read_timeout (60)
|
|
378
|
+
# The default number of seconds to wait for response data.
|
|
379
|
+
# This value can safely be set per-request on the session.
|
|
380
|
+
#
|
|
381
|
+
# @option options [Boolean] :http_wire_trace (false)
|
|
382
|
+
# When `true`, HTTP debug output will be sent to the `:logger`.
|
|
383
|
+
#
|
|
384
|
+
# @option options [Proc] :on_chunk_received
|
|
385
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
|
386
|
+
# of the response body is received. It provides three arguments: the chunk,
|
|
387
|
+
# the number of bytes received, and the total number of
|
|
388
|
+
# bytes in the response (or nil if the server did not send a `content-length`).
|
|
389
|
+
#
|
|
390
|
+
# @option options [Proc] :on_chunk_sent
|
|
391
|
+
# When a Proc object is provided, it will be used as callback when each chunk
|
|
392
|
+
# of the request body is sent. It provides three arguments: the chunk,
|
|
393
|
+
# the number of bytes read from the body, and the total number of
|
|
394
|
+
# bytes in the body.
|
|
395
|
+
#
|
|
396
|
+
# @option options [Boolean] :raise_response_errors (true)
|
|
397
|
+
# When `true`, response errors are raised.
|
|
398
|
+
#
|
|
399
|
+
# @option options [String] :ssl_ca_bundle
|
|
400
|
+
# Full path to the SSL certificate authority bundle file that should be used when
|
|
401
|
+
# verifying peer certificates. If you do not pass `:ssl_ca_bundle` or
|
|
402
|
+
# `:ssl_ca_directory` the the system default will be used if available.
|
|
403
|
+
#
|
|
404
|
+
# @option options [String] :ssl_ca_directory
|
|
405
|
+
# Full path of the directory that contains the unbundled SSL certificate
|
|
406
|
+
# authority files for verifying peer certificates. If you do
|
|
407
|
+
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
|
|
408
|
+
# default will be used if available.
|
|
378
409
|
#
|
|
379
|
-
# @option options [
|
|
380
|
-
#
|
|
381
|
-
# connection.
|
|
410
|
+
# @option options [String] :ssl_ca_store
|
|
411
|
+
# Sets the X509::Store to verify peer certificate.
|
|
382
412
|
#
|
|
383
|
-
# @option options [
|
|
384
|
-
#
|
|
385
|
-
# verifying peer certificates. If you do not pass
|
|
386
|
-
# `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
|
|
387
|
-
# will be used if available.
|
|
413
|
+
# @option options [Float] :ssl_timeout
|
|
414
|
+
# Sets the SSL timeout in seconds
|
|
388
415
|
#
|
|
389
|
-
# @option options [
|
|
390
|
-
#
|
|
391
|
-
# authority files for verifying peer certificates. If you do
|
|
392
|
-
# not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
|
|
393
|
-
# system default will be used if available.
|
|
416
|
+
# @option options [Boolean] :ssl_verify_peer (true)
|
|
417
|
+
# When `true`, SSL peer certificates are verified when establishing a connection.
|
|
394
418
|
#
|
|
395
419
|
def initialize(*args)
|
|
396
420
|
super
|
|
@@ -771,11 +795,11 @@ module Aws::FMS
|
|
|
771
795
|
end
|
|
772
796
|
|
|
773
797
|
# Returns information about the specified account's administrative
|
|
774
|
-
# scope. The
|
|
798
|
+
# scope. The administrative scope defines the resources that an Firewall
|
|
775
799
|
# Manager administrator can manage.
|
|
776
800
|
#
|
|
777
801
|
# @option params [required, String] :admin_account
|
|
778
|
-
# The
|
|
802
|
+
# The administrator account that you want to get the details for.
|
|
779
803
|
#
|
|
780
804
|
# @return [Types::GetAdminScopeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
781
805
|
#
|
|
@@ -802,7 +826,7 @@ module Aws::FMS
|
|
|
802
826
|
# resp.admin_scope.region_scope.regions[0] #=> String
|
|
803
827
|
# resp.admin_scope.region_scope.all_regions_enabled #=> Boolean
|
|
804
828
|
# resp.admin_scope.policy_type_scope.policy_types #=> Array
|
|
805
|
-
# resp.admin_scope.policy_type_scope.policy_types[0] #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
|
829
|
+
# resp.admin_scope.policy_type_scope.policy_types[0] #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
|
806
830
|
# resp.admin_scope.policy_type_scope.all_policy_types_enabled #=> Boolean
|
|
807
831
|
# resp.status #=> String, one of "ONBOARDING", "ONBOARDING_COMPLETE", "OFFBOARDING", "OFFBOARDING_COMPLETE"
|
|
808
832
|
#
|
|
@@ -869,23 +893,8 @@ module Aws::FMS
|
|
|
869
893
|
# account. Details include resources that are in and out of compliance
|
|
870
894
|
# with the specified policy.
|
|
871
895
|
#
|
|
872
|
-
#
|
|
873
|
-
#
|
|
874
|
-
#
|
|
875
|
-
# * Resources are considered noncompliant for security group policies if
|
|
876
|
-
# they are in scope of the policy, they violate one or more of the
|
|
877
|
-
# policy rules, and remediation is disabled or not possible.
|
|
878
|
-
#
|
|
879
|
-
# * Resources are considered noncompliant for Network Firewall policies
|
|
880
|
-
# if a firewall is missing in the VPC, if the firewall endpoint isn't
|
|
881
|
-
# set up in an expected Availability Zone and subnet, if a subnet
|
|
882
|
-
# created by the Firewall Manager doesn't have the expected route
|
|
883
|
-
# table, and for modifications to a firewall policy that violate the
|
|
884
|
-
# Firewall Manager policy's rules.
|
|
885
|
-
#
|
|
886
|
-
# * Resources are considered noncompliant for DNS Firewall policies if a
|
|
887
|
-
# DNS Firewall rule group is missing from the rule group associations
|
|
888
|
-
# for the VPC.
|
|
896
|
+
# The reasons for resources being considered compliant depend on the
|
|
897
|
+
# Firewall Manager policy type.
|
|
889
898
|
#
|
|
890
899
|
# @option params [required, String] :policy_id
|
|
891
900
|
# The ID of the policy that you want to get the details for. `PolicyId`
|
|
@@ -913,7 +922,7 @@ module Aws::FMS
|
|
|
913
922
|
# resp.policy_compliance_detail.member_account #=> String
|
|
914
923
|
# resp.policy_compliance_detail.violators #=> Array
|
|
915
924
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
|
916
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT"
|
|
925
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT", "INVALID_NETWORK_ACL_ENTRY"
|
|
917
926
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
|
918
927
|
# resp.policy_compliance_detail.violators[0].metadata #=> Hash
|
|
919
928
|
# resp.policy_compliance_detail.violators[0].metadata["LengthBoundedString"] #=> String
|
|
@@ -974,10 +983,32 @@ module Aws::FMS
|
|
|
974
983
|
# resp.policy.policy_id #=> String
|
|
975
984
|
# resp.policy.policy_name #=> String
|
|
976
985
|
# resp.policy.policy_update_token #=> String
|
|
977
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
|
986
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
|
978
987
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
979
988
|
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
980
989
|
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
990
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries #=> Array
|
|
991
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.code #=> Integer
|
|
992
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.type #=> Integer
|
|
993
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].protocol #=> String
|
|
994
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.from #=> Integer
|
|
995
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.to #=> Integer
|
|
996
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].cidr_block #=> String
|
|
997
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].ipv_6_cidr_block #=> String
|
|
998
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].rule_action #=> String, one of "allow", "deny"
|
|
999
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].egress #=> Boolean
|
|
1000
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_first_entries #=> Boolean
|
|
1001
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries #=> Array
|
|
1002
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.code #=> Integer
|
|
1003
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.type #=> Integer
|
|
1004
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].protocol #=> String
|
|
1005
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.from #=> Integer
|
|
1006
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.to #=> Integer
|
|
1007
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].cidr_block #=> String
|
|
1008
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].ipv_6_cidr_block #=> String
|
|
1009
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].rule_action #=> String, one of "allow", "deny"
|
|
1010
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].egress #=> Boolean
|
|
1011
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_last_entries #=> Boolean
|
|
981
1012
|
# resp.policy.resource_type #=> String
|
|
982
1013
|
# resp.policy.resource_type_list #=> Array
|
|
983
1014
|
# resp.policy.resource_type_list[0] #=> String
|
|
@@ -1067,7 +1098,7 @@ module Aws::FMS
|
|
|
1067
1098
|
# @example Response structure
|
|
1068
1099
|
#
|
|
1069
1100
|
# resp.admin_account_id #=> String
|
|
1070
|
-
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
|
1101
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
|
1071
1102
|
# resp.data #=> String
|
|
1072
1103
|
# resp.next_token #=> String
|
|
1073
1104
|
#
|
|
@@ -1210,6 +1241,8 @@ module Aws::FMS
|
|
|
1210
1241
|
#
|
|
1211
1242
|
# * Security group content audit
|
|
1212
1243
|
#
|
|
1244
|
+
# * Network ACL
|
|
1245
|
+
#
|
|
1213
1246
|
# * Third-party firewall
|
|
1214
1247
|
#
|
|
1215
1248
|
# @option params [required, String] :member_account
|
|
@@ -1305,6 +1338,7 @@ module Aws::FMS
|
|
|
1305
1338
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_default_actions #=> Array
|
|
1306
1339
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_default_actions[0] #=> String
|
|
1307
1340
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_engine_options.rule_order #=> String, one of "STRICT_ORDER", "DEFAULT_ACTION_ORDER"
|
|
1341
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.current_policy_description.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT", "FMS_IGNORE"
|
|
1308
1342
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups #=> Array
|
|
1309
1343
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].rule_group_name #=> String
|
|
1310
1344
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateless_rule_groups[0].resource_id #=> String
|
|
@@ -1323,6 +1357,7 @@ module Aws::FMS
|
|
|
1323
1357
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_default_actions #=> Array
|
|
1324
1358
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_default_actions[0] #=> String
|
|
1325
1359
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_engine_options.rule_order #=> String, one of "STRICT_ORDER", "DEFAULT_ACTION_ORDER"
|
|
1360
|
+
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_engine_options.stream_exception_policy #=> String, one of "DROP", "CONTINUE", "REJECT", "FMS_IGNORE"
|
|
1326
1361
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.subnet_id #=> String
|
|
1327
1362
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.subnet_availability_zone #=> String
|
|
1328
1363
|
# resp.violation_detail.resource_violations[0].network_firewall_internet_traffic_not_inspected_violation.route_table_id #=> String
|
|
@@ -1457,6 +1492,95 @@ module Aws::FMS
|
|
|
1457
1492
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target #=> String
|
|
1458
1493
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target_description #=> String
|
|
1459
1494
|
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.number_of_rule_groups_already_associated #=> Integer
|
|
1495
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.firewall_subnet_id #=> String
|
|
1496
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_id #=> String
|
|
1497
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone #=> String
|
|
1498
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone_id #=> String
|
|
1499
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_endpoint_id #=> String
|
|
1500
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_id #=> String
|
|
1501
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.vpc_id #=> String
|
|
1502
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.route_table_id #=> String
|
|
1503
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes #=> Array
|
|
1504
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1505
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1506
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination #=> String
|
|
1507
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target #=> String
|
|
1508
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone #=> String
|
|
1509
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1510
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_firewall_subnet_route_table #=> String
|
|
1511
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_id #=> String
|
|
1512
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes #=> Array
|
|
1513
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1514
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1515
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination #=> String
|
|
1516
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target #=> String
|
|
1517
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_id #=> String
|
|
1518
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_internet_gateway_route_table #=> String
|
|
1519
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes #=> Array
|
|
1520
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1521
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1522
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination #=> String
|
|
1523
|
+
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target #=> String
|
|
1524
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.violation_target #=> String
|
|
1525
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.vpc #=> String
|
|
1526
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.availability_zone #=> String
|
|
1527
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.target_violation_reason #=> String
|
|
1528
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.violation_target #=> String
|
|
1529
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.vpc #=> String
|
|
1530
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.availability_zone #=> String
|
|
1531
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.target_violation_reason #=> String
|
|
1532
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.violation_target #=> String
|
|
1533
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.vpc #=> String
|
|
1534
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.availability_zone #=> String
|
|
1535
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.current_route_table #=> String
|
|
1536
|
+
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.expected_route_table #=> String
|
|
1537
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.firewall_subnet_id #=> String
|
|
1538
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.vpc_id #=> String
|
|
1539
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone #=> String
|
|
1540
|
+
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1541
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.vpc #=> String
|
|
1542
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.subnet #=> String
|
|
1543
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.subnet_availability_zone #=> String
|
|
1544
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.current_associated_network_acl #=> String
|
|
1545
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations #=> Array
|
|
1546
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.icmp_type_code.code #=> Integer
|
|
1547
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.icmp_type_code.type #=> Integer
|
|
1548
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.protocol #=> String
|
|
1549
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.port_range.from #=> Integer
|
|
1550
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.port_range.to #=> Integer
|
|
1551
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.cidr_block #=> String
|
|
1552
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.ipv_6_cidr_block #=> String
|
|
1553
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.rule_action #=> String, one of "allow", "deny"
|
|
1554
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_detail.egress #=> Boolean
|
|
1555
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_rule_number #=> Integer
|
|
1556
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_entry.entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
|
1557
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].expected_evaluation_order #=> String
|
|
1558
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].actual_evaluation_order #=> String
|
|
1559
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.icmp_type_code.code #=> Integer
|
|
1560
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.icmp_type_code.type #=> Integer
|
|
1561
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.protocol #=> String
|
|
1562
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.port_range.from #=> Integer
|
|
1563
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.port_range.to #=> Integer
|
|
1564
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.cidr_block #=> String
|
|
1565
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.ipv_6_cidr_block #=> String
|
|
1566
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.rule_action #=> String, one of "allow", "deny"
|
|
1567
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_detail.egress #=> Boolean
|
|
1568
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_rule_number #=> Integer
|
|
1569
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_at_expected_evaluation_order.entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
|
1570
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts #=> Array
|
|
1571
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.icmp_type_code.code #=> Integer
|
|
1572
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.icmp_type_code.type #=> Integer
|
|
1573
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.protocol #=> String
|
|
1574
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.port_range.from #=> Integer
|
|
1575
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.port_range.to #=> Integer
|
|
1576
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.cidr_block #=> String
|
|
1577
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.ipv_6_cidr_block #=> String
|
|
1578
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
|
1579
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_detail.egress #=> Boolean
|
|
1580
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_rule_number #=> Integer
|
|
1581
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entries_with_conflicts[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
|
1582
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_violation_reasons #=> Array
|
|
1583
|
+
# resp.violation_detail.resource_violations[0].invalid_network_acl_entries_violation.entry_violations[0].entry_violation_reasons[0] #=> String, one of "MISSING_EXPECTED_ENTRY", "INCORRECT_ENTRY_ORDER", "ENTRY_CONFLICT"
|
|
1460
1584
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.description #=> String
|
|
1461
1585
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions #=> Array
|
|
1462
1586
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].description #=> String
|
|
@@ -1508,54 +1632,50 @@ module Aws::FMS
|
|
|
1508
1632
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.ec2_create_route_table_action.vpc_id.description #=> String
|
|
1509
1633
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.description #=> String
|
|
1510
1634
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.fms_policy_update_firewall_creation_config_action.firewall_creation_config #=> String
|
|
1635
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.description #=> String
|
|
1636
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.vpc.resource_id #=> String
|
|
1637
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.vpc.description #=> String
|
|
1638
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_action.fms_can_remediate #=> Boolean
|
|
1639
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.description #=> String
|
|
1640
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.association_id.resource_id #=> String
|
|
1641
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.association_id.description #=> String
|
|
1642
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.network_acl_id.resource_id #=> String
|
|
1643
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.network_acl_id.description #=> String
|
|
1644
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.replace_network_acl_association_action.fms_can_remediate #=> Boolean
|
|
1645
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.description #=> String
|
|
1646
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_id.resource_id #=> String
|
|
1647
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_id.description #=> String
|
|
1648
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created #=> Array
|
|
1649
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.icmp_type_code.code #=> Integer
|
|
1650
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.icmp_type_code.type #=> Integer
|
|
1651
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.protocol #=> String
|
|
1652
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.port_range.from #=> Integer
|
|
1653
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.port_range.to #=> Integer
|
|
1654
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.cidr_block #=> String
|
|
1655
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.ipv_6_cidr_block #=> String
|
|
1656
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
|
1657
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_detail.egress #=> Boolean
|
|
1658
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_rule_number #=> Integer
|
|
1659
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.network_acl_entries_to_be_created[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
|
1660
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.create_network_acl_entries_action.fms_can_remediate #=> Boolean
|
|
1661
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.description #=> String
|
|
1662
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_id.resource_id #=> String
|
|
1663
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_id.description #=> String
|
|
1664
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted #=> Array
|
|
1665
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.icmp_type_code.code #=> Integer
|
|
1666
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.icmp_type_code.type #=> Integer
|
|
1667
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.protocol #=> String
|
|
1668
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.port_range.from #=> Integer
|
|
1669
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.port_range.to #=> Integer
|
|
1670
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.cidr_block #=> String
|
|
1671
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.ipv_6_cidr_block #=> String
|
|
1672
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.rule_action #=> String, one of "allow", "deny"
|
|
1673
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_detail.egress #=> Boolean
|
|
1674
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_rule_number #=> Integer
|
|
1675
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.network_acl_entries_to_be_deleted[0].entry_type #=> String, one of "FMS_MANAGED_FIRST_ENTRY", "FMS_MANAGED_LAST_ENTRY", "CUSTOM_ENTRY"
|
|
1676
|
+
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.fms_can_remediate #=> Boolean
|
|
1511
1677
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].order #=> Integer
|
|
1512
1678
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].is_default_action #=> Boolean
|
|
1513
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.firewall_subnet_id #=> String
|
|
1514
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_id #=> String
|
|
1515
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone #=> String
|
|
1516
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.subnet_availability_zone_id #=> String
|
|
1517
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_is_out_of_scope_violation.vpc_endpoint_id #=> String
|
|
1518
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_id #=> String
|
|
1519
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.vpc_id #=> String
|
|
1520
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.route_table_id #=> String
|
|
1521
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes #=> Array
|
|
1522
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1523
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1524
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].destination #=> String
|
|
1525
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.violating_routes[0].target #=> String
|
|
1526
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone #=> String
|
|
1527
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1528
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_firewall_subnet_route_table #=> String
|
|
1529
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_id #=> String
|
|
1530
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes #=> Array
|
|
1531
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1532
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1533
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].destination #=> String
|
|
1534
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.firewall_subnet_routes[0].target #=> String
|
|
1535
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_id #=> String
|
|
1536
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.current_internet_gateway_route_table #=> String
|
|
1537
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes #=> Array
|
|
1538
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination_type #=> String, one of "IPV4", "IPV6", "PREFIX_LIST"
|
|
1539
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target_type #=> String, one of "GATEWAY", "CARRIER_GATEWAY", "INSTANCE", "LOCAL_GATEWAY", "NAT_GATEWAY", "NETWORK_INTERFACE", "VPC_ENDPOINT", "VPC_PEERING_CONNECTION", "EGRESS_ONLY_INTERNET_GATEWAY", "TRANSIT_GATEWAY"
|
|
1540
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].destination #=> String
|
|
1541
|
-
# resp.violation_detail.resource_violations[0].route_has_out_of_scope_endpoint_violation.internet_gateway_routes[0].target #=> String
|
|
1542
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.violation_target #=> String
|
|
1543
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.vpc #=> String
|
|
1544
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.availability_zone #=> String
|
|
1545
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_firewall_violation.target_violation_reason #=> String
|
|
1546
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.violation_target #=> String
|
|
1547
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.vpc #=> String
|
|
1548
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.availability_zone #=> String
|
|
1549
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_subnet_violation.target_violation_reason #=> String
|
|
1550
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.violation_target #=> String
|
|
1551
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.vpc #=> String
|
|
1552
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.availability_zone #=> String
|
|
1553
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.current_route_table #=> String
|
|
1554
|
-
# resp.violation_detail.resource_violations[0].third_party_firewall_missing_expected_route_table_violation.expected_route_table #=> String
|
|
1555
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.firewall_subnet_id #=> String
|
|
1556
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.vpc_id #=> String
|
|
1557
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone #=> String
|
|
1558
|
-
# resp.violation_detail.resource_violations[0].firewall_subnet_missing_vpc_endpoint_violation.subnet_availability_zone_id #=> String
|
|
1559
1679
|
# resp.violation_detail.resource_tags #=> Array
|
|
1560
1680
|
# resp.violation_detail.resource_tags[0].key #=> String
|
|
1561
1681
|
# resp.violation_detail.resource_tags[0].value #=> String
|
|
@@ -1937,7 +2057,7 @@ module Aws::FMS
|
|
|
1937
2057
|
# resp.policy_list[0].policy_id #=> String
|
|
1938
2058
|
# resp.policy_list[0].policy_name #=> String
|
|
1939
2059
|
# resp.policy_list[0].resource_type #=> String
|
|
1940
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
|
2060
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
|
1941
2061
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
|
1942
2062
|
# resp.policy_list[0].delete_unused_fm_managed_resources #=> Boolean
|
|
1943
2063
|
# resp.policy_list[0].policy_status #=> String, one of "ACTIVE", "OUT_OF_ADMIN_SCOPE"
|
|
@@ -2249,7 +2369,7 @@ module Aws::FMS
|
|
|
2249
2369
|
# all_regions_enabled: false,
|
|
2250
2370
|
# },
|
|
2251
2371
|
# policy_type_scope: {
|
|
2252
|
-
# policy_types: ["WAF"], # accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
|
|
2372
|
+
# policy_types: ["WAF"], # accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL, NETWORK_ACL_COMMON
|
|
2253
2373
|
# all_policy_types_enabled: false,
|
|
2254
2374
|
# },
|
|
2255
2375
|
# },
|
|
@@ -2393,6 +2513,9 @@ module Aws::FMS
|
|
|
2393
2513
|
#
|
|
2394
2514
|
# Firewall Manager provides the following types of policies:
|
|
2395
2515
|
#
|
|
2516
|
+
# * **WAF policy** - This policy applies WAF web ACL protections to
|
|
2517
|
+
# specified accounts and resources.
|
|
2518
|
+
#
|
|
2396
2519
|
# * **Shield Advanced policy** - This policy applies Shield Advanced
|
|
2397
2520
|
# protection to specified accounts and resources.
|
|
2398
2521
|
#
|
|
@@ -2401,6 +2524,11 @@ module Aws::FMS
|
|
|
2401
2524
|
# Organizations and lets you enforce a baseline set of rules across
|
|
2402
2525
|
# your organization.
|
|
2403
2526
|
#
|
|
2527
|
+
# * **Network ACL policy** - This type of policy gives you control over
|
|
2528
|
+
# the network ACLs that are in use throughout your organization in
|
|
2529
|
+
# Organizations and lets you enforce a baseline set of first and last
|
|
2530
|
+
# network ACL rules across your organization.
|
|
2531
|
+
#
|
|
2404
2532
|
# * **Network Firewall policy** - This policy applies Network Firewall
|
|
2405
2533
|
# protection to your organization's VPCs.
|
|
2406
2534
|
#
|
|
@@ -2447,7 +2575,7 @@ module Aws::FMS
|
|
|
2447
2575
|
# policy_name: "ResourceName", # required
|
|
2448
2576
|
# policy_update_token: "PolicyUpdateToken",
|
|
2449
2577
|
# security_service_policy_data: { # required
|
|
2450
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL
|
|
2578
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL, THIRD_PARTY_FIREWALL, IMPORT_NETWORK_FIREWALL, NETWORK_ACL_COMMON
|
|
2451
2579
|
# managed_service_data: "ManagedServiceData",
|
|
2452
2580
|
# policy_option: {
|
|
2453
2581
|
# network_firewall_policy: {
|
|
@@ -2456,6 +2584,46 @@ module Aws::FMS
|
|
|
2456
2584
|
# third_party_firewall_policy: {
|
|
2457
2585
|
# firewall_deployment_model: "CENTRALIZED", # accepts CENTRALIZED, DISTRIBUTED
|
|
2458
2586
|
# },
|
|
2587
|
+
# network_acl_common_policy: {
|
|
2588
|
+
# network_acl_entry_set: { # required
|
|
2589
|
+
# first_entries: [
|
|
2590
|
+
# {
|
|
2591
|
+
# icmp_type_code: {
|
|
2592
|
+
# code: 1,
|
|
2593
|
+
# type: 1,
|
|
2594
|
+
# },
|
|
2595
|
+
# protocol: "LengthBoundedString", # required
|
|
2596
|
+
# port_range: {
|
|
2597
|
+
# from: 1,
|
|
2598
|
+
# to: 1,
|
|
2599
|
+
# },
|
|
2600
|
+
# cidr_block: "LengthBoundedNonEmptyString",
|
|
2601
|
+
# ipv_6_cidr_block: "LengthBoundedNonEmptyString",
|
|
2602
|
+
# rule_action: "allow", # required, accepts allow, deny
|
|
2603
|
+
# egress: false, # required
|
|
2604
|
+
# },
|
|
2605
|
+
# ],
|
|
2606
|
+
# force_remediate_for_first_entries: false, # required
|
|
2607
|
+
# last_entries: [
|
|
2608
|
+
# {
|
|
2609
|
+
# icmp_type_code: {
|
|
2610
|
+
# code: 1,
|
|
2611
|
+
# type: 1,
|
|
2612
|
+
# },
|
|
2613
|
+
# protocol: "LengthBoundedString", # required
|
|
2614
|
+
# port_range: {
|
|
2615
|
+
# from: 1,
|
|
2616
|
+
# to: 1,
|
|
2617
|
+
# },
|
|
2618
|
+
# cidr_block: "LengthBoundedNonEmptyString",
|
|
2619
|
+
# ipv_6_cidr_block: "LengthBoundedNonEmptyString",
|
|
2620
|
+
# rule_action: "allow", # required, accepts allow, deny
|
|
2621
|
+
# egress: false, # required
|
|
2622
|
+
# },
|
|
2623
|
+
# ],
|
|
2624
|
+
# force_remediate_for_last_entries: false, # required
|
|
2625
|
+
# },
|
|
2626
|
+
# },
|
|
2459
2627
|
# },
|
|
2460
2628
|
# },
|
|
2461
2629
|
# resource_type: "ResourceType", # required
|
|
@@ -2492,10 +2660,32 @@ module Aws::FMS
|
|
|
2492
2660
|
# resp.policy.policy_id #=> String
|
|
2493
2661
|
# resp.policy.policy_name #=> String
|
|
2494
2662
|
# resp.policy.policy_update_token #=> String
|
|
2495
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL"
|
|
2663
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL", "THIRD_PARTY_FIREWALL", "IMPORT_NETWORK_FIREWALL", "NETWORK_ACL_COMMON"
|
|
2496
2664
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
|
2497
2665
|
# resp.policy.security_service_policy_data.policy_option.network_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
2498
2666
|
# resp.policy.security_service_policy_data.policy_option.third_party_firewall_policy.firewall_deployment_model #=> String, one of "CENTRALIZED", "DISTRIBUTED"
|
|
2667
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries #=> Array
|
|
2668
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.code #=> Integer
|
|
2669
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].icmp_type_code.type #=> Integer
|
|
2670
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].protocol #=> String
|
|
2671
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.from #=> Integer
|
|
2672
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].port_range.to #=> Integer
|
|
2673
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].cidr_block #=> String
|
|
2674
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].ipv_6_cidr_block #=> String
|
|
2675
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].rule_action #=> String, one of "allow", "deny"
|
|
2676
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries[0].egress #=> Boolean
|
|
2677
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_first_entries #=> Boolean
|
|
2678
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries #=> Array
|
|
2679
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.code #=> Integer
|
|
2680
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].icmp_type_code.type #=> Integer
|
|
2681
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].protocol #=> String
|
|
2682
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.from #=> Integer
|
|
2683
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].port_range.to #=> Integer
|
|
2684
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].cidr_block #=> String
|
|
2685
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].ipv_6_cidr_block #=> String
|
|
2686
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].rule_action #=> String, one of "allow", "deny"
|
|
2687
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries[0].egress #=> Boolean
|
|
2688
|
+
# resp.policy.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.force_remediate_for_last_entries #=> Boolean
|
|
2499
2689
|
# resp.policy.resource_type #=> String
|
|
2500
2690
|
# resp.policy.resource_type_list #=> Array
|
|
2501
2691
|
# resp.policy.resource_type_list[0] #=> String
|
|
@@ -2720,7 +2910,7 @@ module Aws::FMS
|
|
|
2720
2910
|
params: params,
|
|
2721
2911
|
config: config)
|
|
2722
2912
|
context[:gem_name] = 'aws-sdk-fms'
|
|
2723
|
-
context[:gem_version] = '1.
|
|
2913
|
+
context[:gem_version] = '1.69.0'
|
|
2724
2914
|
Seahorse::Client::Request.new(handlers, context)
|
|
2725
2915
|
end
|
|
2726
2916
|
|