aws-sdk-fms 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/lib/aws-sdk-fms/client.rb +610 -0
- data/lib/aws-sdk-fms/client_api.rb +346 -0
- data/lib/aws-sdk-fms/customizations.rb +0 -0
- data/lib/aws-sdk-fms/errors.rb +14 -0
- data/lib/aws-sdk-fms/resource.rb +23 -0
- data/lib/aws-sdk-fms/types.rb +728 -0
- data/lib/aws-sdk-fms.rb +47 -0
- metadata +82 -0
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: b2b1e55de23d8aff2042dafd6231ab13e72cb26c
|
4
|
+
data.tar.gz: 50b0885c03daaad3067c7f92f96382422e3a019f
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: 1b7597f923c907ec3f9e1fad8563cb432027cdc64cd12f4bee1d2ded29d145895ee203744f08fc6409085491f2ae85ddae61bc1be861ff661236de7655479ac4
|
7
|
+
data.tar.gz: 821581f8c5108effbd573b11006a9512600c6cefb950e9507bbbbd09ab6f008c2917d9f187b7eb0676a49dddb38a12eeecb5d4600866bec3f61a801772b013db
|
@@ -0,0 +1,610 @@
|
|
1
|
+
# WARNING ABOUT GENERATED CODE
|
2
|
+
#
|
3
|
+
# This file is generated. See the contributing guide for more information:
|
4
|
+
# https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
|
5
|
+
#
|
6
|
+
# WARNING ABOUT GENERATED CODE
|
7
|
+
|
8
|
+
require 'seahorse/client/plugins/content_length.rb'
|
9
|
+
require 'aws-sdk-core/plugins/credentials_configuration.rb'
|
10
|
+
require 'aws-sdk-core/plugins/logging.rb'
|
11
|
+
require 'aws-sdk-core/plugins/param_converter.rb'
|
12
|
+
require 'aws-sdk-core/plugins/param_validator.rb'
|
13
|
+
require 'aws-sdk-core/plugins/user_agent.rb'
|
14
|
+
require 'aws-sdk-core/plugins/helpful_socket_errors.rb'
|
15
|
+
require 'aws-sdk-core/plugins/retry_errors.rb'
|
16
|
+
require 'aws-sdk-core/plugins/global_configuration.rb'
|
17
|
+
require 'aws-sdk-core/plugins/regional_endpoint.rb'
|
18
|
+
require 'aws-sdk-core/plugins/response_paging.rb'
|
19
|
+
require 'aws-sdk-core/plugins/stub_responses.rb'
|
20
|
+
require 'aws-sdk-core/plugins/idempotency_token.rb'
|
21
|
+
require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
|
22
|
+
require 'aws-sdk-core/plugins/signature_v4.rb'
|
23
|
+
require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
|
24
|
+
|
25
|
+
Aws::Plugins::GlobalConfiguration.add_identifier(:fms)
|
26
|
+
|
27
|
+
module Aws::FMS
|
28
|
+
class Client < Seahorse::Client::Base
|
29
|
+
|
30
|
+
include Aws::ClientStubs
|
31
|
+
|
32
|
+
@identifier = :fms
|
33
|
+
|
34
|
+
set_api(ClientApi::API)
|
35
|
+
|
36
|
+
add_plugin(Seahorse::Client::Plugins::ContentLength)
|
37
|
+
add_plugin(Aws::Plugins::CredentialsConfiguration)
|
38
|
+
add_plugin(Aws::Plugins::Logging)
|
39
|
+
add_plugin(Aws::Plugins::ParamConverter)
|
40
|
+
add_plugin(Aws::Plugins::ParamValidator)
|
41
|
+
add_plugin(Aws::Plugins::UserAgent)
|
42
|
+
add_plugin(Aws::Plugins::HelpfulSocketErrors)
|
43
|
+
add_plugin(Aws::Plugins::RetryErrors)
|
44
|
+
add_plugin(Aws::Plugins::GlobalConfiguration)
|
45
|
+
add_plugin(Aws::Plugins::RegionalEndpoint)
|
46
|
+
add_plugin(Aws::Plugins::ResponsePaging)
|
47
|
+
add_plugin(Aws::Plugins::StubResponses)
|
48
|
+
add_plugin(Aws::Plugins::IdempotencyToken)
|
49
|
+
add_plugin(Aws::Plugins::JsonvalueConverter)
|
50
|
+
add_plugin(Aws::Plugins::SignatureV4)
|
51
|
+
add_plugin(Aws::Plugins::Protocols::JsonRpc)
|
52
|
+
|
53
|
+
# @option options [required, Aws::CredentialProvider] :credentials
|
54
|
+
# Your AWS credentials. This can be an instance of any one of the
|
55
|
+
# following classes:
|
56
|
+
#
|
57
|
+
# * `Aws::Credentials` - Used for configuring static, non-refreshing
|
58
|
+
# credentials.
|
59
|
+
#
|
60
|
+
# * `Aws::InstanceProfileCredentials` - Used for loading credentials
|
61
|
+
# from an EC2 IMDS on an EC2 instance.
|
62
|
+
#
|
63
|
+
# * `Aws::SharedCredentials` - Used for loading credentials from a
|
64
|
+
# shared file, such as `~/.aws/config`.
|
65
|
+
#
|
66
|
+
# * `Aws::AssumeRoleCredentials` - Used when you need to assume a role.
|
67
|
+
#
|
68
|
+
# When `:credentials` are not configured directly, the following
|
69
|
+
# locations will be searched for credentials:
|
70
|
+
#
|
71
|
+
# * `Aws.config[:credentials]`
|
72
|
+
# * The `:access_key_id`, `:secret_access_key`, and `:session_token` options.
|
73
|
+
# * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY']
|
74
|
+
# * `~/.aws/credentials`
|
75
|
+
# * `~/.aws/config`
|
76
|
+
# * EC2 IMDS instance profile - When used by default, the timeouts are
|
77
|
+
# very aggressive. Construct and pass an instance of
|
78
|
+
# `Aws::InstanceProfileCredentails` to enable retries and extended
|
79
|
+
# timeouts.
|
80
|
+
#
|
81
|
+
# @option options [required, String] :region
|
82
|
+
# The AWS region to connect to. The configured `:region` is
|
83
|
+
# used to determine the service `:endpoint`. When not passed,
|
84
|
+
# a default `:region` is search for in the following locations:
|
85
|
+
#
|
86
|
+
# * `Aws.config[:region]`
|
87
|
+
# * `ENV['AWS_REGION']`
|
88
|
+
# * `ENV['AMAZON_REGION']`
|
89
|
+
# * `ENV['AWS_DEFAULT_REGION']`
|
90
|
+
# * `~/.aws/credentials`
|
91
|
+
# * `~/.aws/config`
|
92
|
+
#
|
93
|
+
# @option options [String] :access_key_id
|
94
|
+
#
|
95
|
+
# @option options [Boolean] :convert_params (true)
|
96
|
+
# When `true`, an attempt is made to coerce request parameters into
|
97
|
+
# the required types.
|
98
|
+
#
|
99
|
+
# @option options [String] :endpoint
|
100
|
+
# The client endpoint is normally constructed from the `:region`
|
101
|
+
# option. You should only configure an `:endpoint` when connecting
|
102
|
+
# to test endpoints. This should be avalid HTTP(S) URI.
|
103
|
+
#
|
104
|
+
# @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
|
105
|
+
# The log formatter.
|
106
|
+
#
|
107
|
+
# @option options [Symbol] :log_level (:info)
|
108
|
+
# The log level to send messages to the `:logger` at.
|
109
|
+
#
|
110
|
+
# @option options [Logger] :logger
|
111
|
+
# The Logger instance to send log messages to. If this option
|
112
|
+
# is not set, logging will be disabled.
|
113
|
+
#
|
114
|
+
# @option options [String] :profile ("default")
|
115
|
+
# Used when loading credentials from the shared credentials file
|
116
|
+
# at HOME/.aws/credentials. When not specified, 'default' is used.
|
117
|
+
#
|
118
|
+
# @option options [Integer] :retry_limit (3)
|
119
|
+
# The maximum number of times to retry failed requests. Only
|
120
|
+
# ~ 500 level server errors and certain ~ 400 level client errors
|
121
|
+
# are retried. Generally, these are throttling errors, data
|
122
|
+
# checksum errors, networking errors, timeout errors and auth
|
123
|
+
# errors from expired credentials.
|
124
|
+
#
|
125
|
+
# @option options [String] :secret_access_key
|
126
|
+
#
|
127
|
+
# @option options [String] :session_token
|
128
|
+
#
|
129
|
+
# @option options [Boolean] :simple_json (false)
|
130
|
+
# Disables request parameter conversion, validation, and formatting.
|
131
|
+
# Also disable response data type conversions. This option is useful
|
132
|
+
# when you want to ensure the highest level of performance by
|
133
|
+
# avoiding overhead of walking request parameters and response data
|
134
|
+
# structures.
|
135
|
+
#
|
136
|
+
# When `:simple_json` is enabled, the request parameters hash must
|
137
|
+
# be formatted exactly as the DynamoDB API expects.
|
138
|
+
#
|
139
|
+
# @option options [Boolean] :stub_responses (false)
|
140
|
+
# Causes the client to return stubbed responses. By default
|
141
|
+
# fake responses are generated and returned. You can specify
|
142
|
+
# the response data to return or errors to raise by calling
|
143
|
+
# {ClientStubs#stub_responses}. See {ClientStubs} for more information.
|
144
|
+
#
|
145
|
+
# ** Please note ** When response stubbing is enabled, no HTTP
|
146
|
+
# requests are made, and retries are disabled.
|
147
|
+
#
|
148
|
+
# @option options [Boolean] :validate_params (true)
|
149
|
+
# When `true`, request parameters are validated before
|
150
|
+
# sending the request.
|
151
|
+
#
|
152
|
+
def initialize(*args)
|
153
|
+
super
|
154
|
+
end
|
155
|
+
|
156
|
+
# @!group API Operations
|
157
|
+
|
158
|
+
# Sets the AWS Firewall Manager administrator account. AWS Firewall
|
159
|
+
# Manager must be associated with a master account in AWS Organizations
|
160
|
+
# or associated with a member account that has the appropriate
|
161
|
+
# permissions. If the account ID that you submit is not an AWS
|
162
|
+
# Organizations master account, AWS Firewall Manager will set the
|
163
|
+
# appropriate permissions for the given member account.
|
164
|
+
#
|
165
|
+
# The account that you associate with AWS Firewall Manager is called the
|
166
|
+
# AWS Firewall manager administrator account.
|
167
|
+
#
|
168
|
+
# @option params [required, String] :admin_account
|
169
|
+
# The AWS account ID to associate with AWS Firewall Manager as the AWS
|
170
|
+
# Firewall Manager administrator account. This can be an AWS
|
171
|
+
# Organizations master account or a member account. For more information
|
172
|
+
# about AWS Organizations and master accounts, see [Managing the AWS
|
173
|
+
# Accounts in Your Organization][1].
|
174
|
+
#
|
175
|
+
#
|
176
|
+
#
|
177
|
+
# [1]: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html
|
178
|
+
#
|
179
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
180
|
+
#
|
181
|
+
# @example Request syntax with placeholder values
|
182
|
+
#
|
183
|
+
# resp = client.associate_admin_account({
|
184
|
+
# admin_account: "AWSAccountId", # required
|
185
|
+
# })
|
186
|
+
#
|
187
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount AWS API Documentation
|
188
|
+
#
|
189
|
+
# @overload associate_admin_account(params = {})
|
190
|
+
# @param [Hash] params ({})
|
191
|
+
def associate_admin_account(params = {}, options = {})
|
192
|
+
req = build_request(:associate_admin_account, params)
|
193
|
+
req.send_request(options)
|
194
|
+
end
|
195
|
+
|
196
|
+
# Deletes an AWS Firewall Manager association with the IAM role and the
|
197
|
+
# Amazon Simple Notification Service (SNS) topic that is used to record
|
198
|
+
# AWS Firewall Manager SNS logs.
|
199
|
+
#
|
200
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
201
|
+
#
|
202
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel AWS API Documentation
|
203
|
+
#
|
204
|
+
# @overload delete_notification_channel(params = {})
|
205
|
+
# @param [Hash] params ({})
|
206
|
+
def delete_notification_channel(params = {}, options = {})
|
207
|
+
req = build_request(:delete_notification_channel, params)
|
208
|
+
req.send_request(options)
|
209
|
+
end
|
210
|
+
|
211
|
+
# Permanently deletes an AWS Firewall Manager policy.
|
212
|
+
#
|
213
|
+
# @option params [required, String] :policy_id
|
214
|
+
# The ID of the policy that you want to delete. `PolicyId` is returned
|
215
|
+
# by `PutPolicy` and by `ListPolicies`.
|
216
|
+
#
|
217
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
218
|
+
#
|
219
|
+
# @example Request syntax with placeholder values
|
220
|
+
#
|
221
|
+
# resp = client.delete_policy({
|
222
|
+
# policy_id: "PolicyId", # required
|
223
|
+
# })
|
224
|
+
#
|
225
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy AWS API Documentation
|
226
|
+
#
|
227
|
+
# @overload delete_policy(params = {})
|
228
|
+
# @param [Hash] params ({})
|
229
|
+
def delete_policy(params = {}, options = {})
|
230
|
+
req = build_request(:delete_policy, params)
|
231
|
+
req.send_request(options)
|
232
|
+
end
|
233
|
+
|
234
|
+
# Disassociates the account that has been set as the AWS Firewall
|
235
|
+
# Manager administrator account. You will need to submit an
|
236
|
+
# `AssociateAdminAccount` request to set a new account as the AWS
|
237
|
+
# Firewall administrator.
|
238
|
+
#
|
239
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
240
|
+
#
|
241
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount AWS API Documentation
|
242
|
+
#
|
243
|
+
# @overload disassociate_admin_account(params = {})
|
244
|
+
# @param [Hash] params ({})
|
245
|
+
def disassociate_admin_account(params = {}, options = {})
|
246
|
+
req = build_request(:disassociate_admin_account, params)
|
247
|
+
req.send_request(options)
|
248
|
+
end
|
249
|
+
|
250
|
+
# Returns the AWS Organizations master account that is associated with
|
251
|
+
# AWS Firewall Manager as the AWS Firewall Manager administrator.
|
252
|
+
#
|
253
|
+
# @return [Types::GetAdminAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
254
|
+
#
|
255
|
+
# * {Types::GetAdminAccountResponse#admin_account #admin_account} => String
|
256
|
+
#
|
257
|
+
# @example Response structure
|
258
|
+
#
|
259
|
+
# resp.admin_account #=> String
|
260
|
+
#
|
261
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount AWS API Documentation
|
262
|
+
#
|
263
|
+
# @overload get_admin_account(params = {})
|
264
|
+
# @param [Hash] params ({})
|
265
|
+
def get_admin_account(params = {}, options = {})
|
266
|
+
req = build_request(:get_admin_account, params)
|
267
|
+
req.send_request(options)
|
268
|
+
end
|
269
|
+
|
270
|
+
# Returns detailed compliance information about the specified member
|
271
|
+
# account. Details include resources that are in and out of compliance
|
272
|
+
# with the specified policy. Resources are considered non-compliant if
|
273
|
+
# the specified policy has not been applied to them.
|
274
|
+
#
|
275
|
+
# @option params [required, String] :policy_id
|
276
|
+
# The ID of the policy that you want to get the details for. `PolicyId`
|
277
|
+
# is returned by `PutPolicy` and by `ListPolicies`.
|
278
|
+
#
|
279
|
+
# @option params [required, String] :member_account
|
280
|
+
# The AWS account that owns the resources that you want to get the
|
281
|
+
# details for.
|
282
|
+
#
|
283
|
+
# @return [Types::GetComplianceDetailResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
284
|
+
#
|
285
|
+
# * {Types::GetComplianceDetailResponse#policy_compliance_detail #policy_compliance_detail} => Types::PolicyComplianceDetail
|
286
|
+
#
|
287
|
+
# @example Request syntax with placeholder values
|
288
|
+
#
|
289
|
+
# resp = client.get_compliance_detail({
|
290
|
+
# policy_id: "PolicyId", # required
|
291
|
+
# member_account: "AWSAccountId", # required
|
292
|
+
# })
|
293
|
+
#
|
294
|
+
# @example Response structure
|
295
|
+
#
|
296
|
+
# resp.policy_compliance_detail.policy_owner #=> String
|
297
|
+
# resp.policy_compliance_detail.policy_id #=> String
|
298
|
+
# resp.policy_compliance_detail.member_account #=> String
|
299
|
+
# resp.policy_compliance_detail.violators #=> Array
|
300
|
+
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
301
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL"
|
302
|
+
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
303
|
+
# resp.policy_compliance_detail.evaluation_limit_exceeded #=> Boolean
|
304
|
+
# resp.policy_compliance_detail.expired_at #=> Time
|
305
|
+
#
|
306
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail AWS API Documentation
|
307
|
+
#
|
308
|
+
# @overload get_compliance_detail(params = {})
|
309
|
+
# @param [Hash] params ({})
|
310
|
+
def get_compliance_detail(params = {}, options = {})
|
311
|
+
req = build_request(:get_compliance_detail, params)
|
312
|
+
req.send_request(options)
|
313
|
+
end
|
314
|
+
|
315
|
+
# Returns information about the Amazon Simple Notification Service (SNS)
|
316
|
+
# topic that is used to record AWS Firewall Manager SNS logs.
|
317
|
+
#
|
318
|
+
# @return [Types::GetNotificationChannelResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
319
|
+
#
|
320
|
+
# * {Types::GetNotificationChannelResponse#sns_topic_arn #sns_topic_arn} => String
|
321
|
+
# * {Types::GetNotificationChannelResponse#sns_role_name #sns_role_name} => String
|
322
|
+
#
|
323
|
+
# @example Response structure
|
324
|
+
#
|
325
|
+
# resp.sns_topic_arn #=> String
|
326
|
+
# resp.sns_role_name #=> String
|
327
|
+
#
|
328
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel AWS API Documentation
|
329
|
+
#
|
330
|
+
# @overload get_notification_channel(params = {})
|
331
|
+
# @param [Hash] params ({})
|
332
|
+
def get_notification_channel(params = {}, options = {})
|
333
|
+
req = build_request(:get_notification_channel, params)
|
334
|
+
req.send_request(options)
|
335
|
+
end
|
336
|
+
|
337
|
+
# Returns information about the specified AWS Firewall Manager policy.
|
338
|
+
#
|
339
|
+
# @option params [required, String] :policy_id
|
340
|
+
# The ID of the AWS Firewall Manager policy that you want the details
|
341
|
+
# for.
|
342
|
+
#
|
343
|
+
# @return [Types::GetPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
344
|
+
#
|
345
|
+
# * {Types::GetPolicyResponse#policy #policy} => Types::Policy
|
346
|
+
# * {Types::GetPolicyResponse#policy_arn #policy_arn} => String
|
347
|
+
#
|
348
|
+
# @example Request syntax with placeholder values
|
349
|
+
#
|
350
|
+
# resp = client.get_policy({
|
351
|
+
# policy_id: "PolicyId", # required
|
352
|
+
# })
|
353
|
+
#
|
354
|
+
# @example Response structure
|
355
|
+
#
|
356
|
+
# resp.policy.policy_id #=> String
|
357
|
+
# resp.policy.policy_name #=> String
|
358
|
+
# resp.policy.policy_update_token #=> String
|
359
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF"
|
360
|
+
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
361
|
+
# resp.policy.resource_type #=> String
|
362
|
+
# resp.policy.resource_tags #=> Array
|
363
|
+
# resp.policy.resource_tags[0].key #=> String
|
364
|
+
# resp.policy.resource_tags[0].value #=> String
|
365
|
+
# resp.policy.exclude_resource_tags #=> Boolean
|
366
|
+
# resp.policy.remediation_enabled #=> Boolean
|
367
|
+
# resp.policy_arn #=> String
|
368
|
+
#
|
369
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy AWS API Documentation
|
370
|
+
#
|
371
|
+
# @overload get_policy(params = {})
|
372
|
+
# @param [Hash] params ({})
|
373
|
+
def get_policy(params = {}, options = {})
|
374
|
+
req = build_request(:get_policy, params)
|
375
|
+
req.send_request(options)
|
376
|
+
end
|
377
|
+
|
378
|
+
# Returns an array of `PolicyComplianceStatus` objects in the response.
|
379
|
+
# Use `PolicyComplianceStatus` to get a summary of which member accounts
|
380
|
+
# are protected by the specified policy.
|
381
|
+
#
|
382
|
+
# @option params [required, String] :policy_id
|
383
|
+
# The ID of the AWS Firewall Manager policy that you want the details
|
384
|
+
# for.
|
385
|
+
#
|
386
|
+
# @option params [String] :next_token
|
387
|
+
# If you specify a value for `MaxResults` and you have more
|
388
|
+
# `PolicyComplianceStatus` objects than the number that you specify for
|
389
|
+
# `MaxResults`, AWS Firewall Manager returns a `NextToken` value in the
|
390
|
+
# response that allows you to list another group of
|
391
|
+
# `PolicyComplianceStatus` objects. For the second and subsequent
|
392
|
+
# `ListComplianceStatus` requests, specify the value of `NextToken` from
|
393
|
+
# the previous response to get information about another batch of
|
394
|
+
# `PolicyComplianceStatus` objects.
|
395
|
+
#
|
396
|
+
# @option params [Integer] :max_results
|
397
|
+
# Specifies the number of `PolicyComplianceStatus` objects that you want
|
398
|
+
# AWS Firewall Manager to return for this request. If you have more
|
399
|
+
# `PolicyComplianceStatus` objects than the number that you specify for
|
400
|
+
# `MaxResults`, the response includes a `NextToken` value that you can
|
401
|
+
# use to get another batch of `PolicyComplianceStatus` objects.
|
402
|
+
#
|
403
|
+
# @return [Types::ListComplianceStatusResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
404
|
+
#
|
405
|
+
# * {Types::ListComplianceStatusResponse#policy_compliance_status_list #policy_compliance_status_list} => Array<Types::PolicyComplianceStatus>
|
406
|
+
# * {Types::ListComplianceStatusResponse#next_token #next_token} => String
|
407
|
+
#
|
408
|
+
# @example Request syntax with placeholder values
|
409
|
+
#
|
410
|
+
# resp = client.list_compliance_status({
|
411
|
+
# policy_id: "PolicyId", # required
|
412
|
+
# next_token: "PaginationToken",
|
413
|
+
# max_results: 1,
|
414
|
+
# })
|
415
|
+
#
|
416
|
+
# @example Response structure
|
417
|
+
#
|
418
|
+
# resp.policy_compliance_status_list #=> Array
|
419
|
+
# resp.policy_compliance_status_list[0].policy_owner #=> String
|
420
|
+
# resp.policy_compliance_status_list[0].policy_id #=> String
|
421
|
+
# resp.policy_compliance_status_list[0].policy_name #=> String
|
422
|
+
# resp.policy_compliance_status_list[0].member_account #=> String
|
423
|
+
# resp.policy_compliance_status_list[0].evaluation_results #=> Array
|
424
|
+
# resp.policy_compliance_status_list[0].evaluation_results[0].compliance_status #=> String, one of "COMPLIANT", "NON_COMPLIANT"
|
425
|
+
# resp.policy_compliance_status_list[0].evaluation_results[0].violator_count #=> Integer
|
426
|
+
# resp.policy_compliance_status_list[0].evaluation_results[0].evaluation_limit_exceeded #=> Boolean
|
427
|
+
# resp.policy_compliance_status_list[0].last_updated #=> Time
|
428
|
+
# resp.next_token #=> String
|
429
|
+
#
|
430
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus AWS API Documentation
|
431
|
+
#
|
432
|
+
# @overload list_compliance_status(params = {})
|
433
|
+
# @param [Hash] params ({})
|
434
|
+
def list_compliance_status(params = {}, options = {})
|
435
|
+
req = build_request(:list_compliance_status, params)
|
436
|
+
req.send_request(options)
|
437
|
+
end
|
438
|
+
|
439
|
+
# Returns an array of `PolicySummary` objects in the response.
|
440
|
+
#
|
441
|
+
# @option params [String] :next_token
|
442
|
+
# If you specify a value for `MaxResults` and you have more
|
443
|
+
# `PolicySummary` objects than the number that you specify for
|
444
|
+
# `MaxResults`, AWS Firewall Manager returns a `NextToken` value in the
|
445
|
+
# response that allows you to list another group of `PolicySummary`
|
446
|
+
# objects. For the second and subsequent `ListPolicies` requests,
|
447
|
+
# specify the value of `NextToken` from the previous response to get
|
448
|
+
# information about another batch of `PolicySummary` objects.
|
449
|
+
#
|
450
|
+
# @option params [Integer] :max_results
|
451
|
+
# Specifies the number of `PolicySummary` objects that you want AWS
|
452
|
+
# Firewall Manager to return for this request. If you have more
|
453
|
+
# `PolicySummary` objects than the number that you specify for
|
454
|
+
# `MaxResults`, the response includes a `NextToken` value that you can
|
455
|
+
# use to get another batch of `PolicySummary` objects.
|
456
|
+
#
|
457
|
+
# @return [Types::ListPoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
458
|
+
#
|
459
|
+
# * {Types::ListPoliciesResponse#policy_list #policy_list} => Array<Types::PolicySummary>
|
460
|
+
# * {Types::ListPoliciesResponse#next_token #next_token} => String
|
461
|
+
#
|
462
|
+
# @example Request syntax with placeholder values
|
463
|
+
#
|
464
|
+
# resp = client.list_policies({
|
465
|
+
# next_token: "PaginationToken",
|
466
|
+
# max_results: 1,
|
467
|
+
# })
|
468
|
+
#
|
469
|
+
# @example Response structure
|
470
|
+
#
|
471
|
+
# resp.policy_list #=> Array
|
472
|
+
# resp.policy_list[0].policy_arn #=> String
|
473
|
+
# resp.policy_list[0].policy_id #=> String
|
474
|
+
# resp.policy_list[0].policy_name #=> String
|
475
|
+
# resp.policy_list[0].resource_type #=> String
|
476
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF"
|
477
|
+
# resp.policy_list[0].remediation_enabled #=> Boolean
|
478
|
+
# resp.next_token #=> String
|
479
|
+
#
|
480
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies AWS API Documentation
|
481
|
+
#
|
482
|
+
# @overload list_policies(params = {})
|
483
|
+
# @param [Hash] params ({})
|
484
|
+
def list_policies(params = {}, options = {})
|
485
|
+
req = build_request(:list_policies, params)
|
486
|
+
req.send_request(options)
|
487
|
+
end
|
488
|
+
|
489
|
+
# Designates the IAM role and Amazon Simple Notification Service (SNS)
|
490
|
+
# topic that AWS Firewall Manager uses to record SNS logs.
|
491
|
+
#
|
492
|
+
# @option params [required, String] :sns_topic_arn
|
493
|
+
# The Amazon Resource Name (ARN) of the SNS topic that collects
|
494
|
+
# notifications from AWS Firewall Manager.
|
495
|
+
#
|
496
|
+
# @option params [required, String] :sns_role_name
|
497
|
+
# The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS
|
498
|
+
# to record AWS Firewall Manager activity.
|
499
|
+
#
|
500
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
501
|
+
#
|
502
|
+
# @example Request syntax with placeholder values
|
503
|
+
#
|
504
|
+
# resp = client.put_notification_channel({
|
505
|
+
# sns_topic_arn: "ResourceArn", # required
|
506
|
+
# sns_role_name: "ResourceArn", # required
|
507
|
+
# })
|
508
|
+
#
|
509
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel AWS API Documentation
|
510
|
+
#
|
511
|
+
# @overload put_notification_channel(params = {})
|
512
|
+
# @param [Hash] params ({})
|
513
|
+
def put_notification_channel(params = {}, options = {})
|
514
|
+
req = build_request(:put_notification_channel, params)
|
515
|
+
req.send_request(options)
|
516
|
+
end
|
517
|
+
|
518
|
+
# Creates an AWS Firewall Manager policy.
|
519
|
+
#
|
520
|
+
# @option params [required, Types::Policy] :policy
|
521
|
+
# The details of the AWS Firewall Manager policy to be created.
|
522
|
+
#
|
523
|
+
# @return [Types::PutPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
524
|
+
#
|
525
|
+
# * {Types::PutPolicyResponse#policy #policy} => Types::Policy
|
526
|
+
# * {Types::PutPolicyResponse#policy_arn #policy_arn} => String
|
527
|
+
#
|
528
|
+
# @example Request syntax with placeholder values
|
529
|
+
#
|
530
|
+
# resp = client.put_policy({
|
531
|
+
# policy: { # required
|
532
|
+
# policy_id: "PolicyId",
|
533
|
+
# policy_name: "ResourceName", # required
|
534
|
+
# policy_update_token: "PolicyUpdateToken",
|
535
|
+
# security_service_policy_data: { # required
|
536
|
+
# type: "WAF", # required, accepts WAF
|
537
|
+
# managed_service_data: "ManagedServiceData",
|
538
|
+
# },
|
539
|
+
# resource_type: "ResourceType", # required
|
540
|
+
# resource_tags: [
|
541
|
+
# {
|
542
|
+
# key: "TagKey", # required
|
543
|
+
# value: "TagValue",
|
544
|
+
# },
|
545
|
+
# ],
|
546
|
+
# exclude_resource_tags: false, # required
|
547
|
+
# remediation_enabled: false, # required
|
548
|
+
# },
|
549
|
+
# })
|
550
|
+
#
|
551
|
+
# @example Response structure
|
552
|
+
#
|
553
|
+
# resp.policy.policy_id #=> String
|
554
|
+
# resp.policy.policy_name #=> String
|
555
|
+
# resp.policy.policy_update_token #=> String
|
556
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF"
|
557
|
+
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
558
|
+
# resp.policy.resource_type #=> String
|
559
|
+
# resp.policy.resource_tags #=> Array
|
560
|
+
# resp.policy.resource_tags[0].key #=> String
|
561
|
+
# resp.policy.resource_tags[0].value #=> String
|
562
|
+
# resp.policy.exclude_resource_tags #=> Boolean
|
563
|
+
# resp.policy.remediation_enabled #=> Boolean
|
564
|
+
# resp.policy_arn #=> String
|
565
|
+
#
|
566
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy AWS API Documentation
|
567
|
+
#
|
568
|
+
# @overload put_policy(params = {})
|
569
|
+
# @param [Hash] params ({})
|
570
|
+
def put_policy(params = {}, options = {})
|
571
|
+
req = build_request(:put_policy, params)
|
572
|
+
req.send_request(options)
|
573
|
+
end
|
574
|
+
|
575
|
+
# @!endgroup
|
576
|
+
|
577
|
+
# @param params ({})
|
578
|
+
# @api private
|
579
|
+
def build_request(operation_name, params = {})
|
580
|
+
handlers = @handlers.for(operation_name)
|
581
|
+
context = Seahorse::Client::RequestContext.new(
|
582
|
+
operation_name: operation_name,
|
583
|
+
operation: config.api.operation(operation_name),
|
584
|
+
client: self,
|
585
|
+
params: params,
|
586
|
+
config: config)
|
587
|
+
context[:gem_name] = 'aws-sdk-fms'
|
588
|
+
context[:gem_version] = '1.0.0'
|
589
|
+
Seahorse::Client::Request.new(handlers, context)
|
590
|
+
end
|
591
|
+
|
592
|
+
# @api private
|
593
|
+
# @deprecated
|
594
|
+
def waiter_names
|
595
|
+
[]
|
596
|
+
end
|
597
|
+
|
598
|
+
class << self
|
599
|
+
|
600
|
+
# @api private
|
601
|
+
attr_reader :identifier
|
602
|
+
|
603
|
+
# @api private
|
604
|
+
def errors_module
|
605
|
+
Errors
|
606
|
+
end
|
607
|
+
|
608
|
+
end
|
609
|
+
end
|
610
|
+
end
|