aws-sdk-fms 1.35.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms.rb +1 -1
- data/lib/aws-sdk-fms/client.rb +18 -7
- data/lib/aws-sdk-fms/client_api.rb +27 -0
- data/lib/aws-sdk-fms/types.rb +116 -4
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3c8a99fc75ac8e720319d7d845aa3c487189e179ecce7084ecf84ec12774b1a3
|
4
|
+
data.tar.gz: f875444f4cb29409f92afa7780b806d1633f09b5fe4ee93568a250570fc8fafd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: b16b3ca3cac3486704fcb1d15120f9e51368f8d0684bee65e53f2e4243bd0fe4dda1bb18e98914ab33d19fa3885ddb185306445e25e5dd99625b9927dd0f1197
|
7
|
+
data.tar.gz: ddb957f7fd595f37f5966f27d4064668695998185fe4d7c5813f2efe3772907a5f0c0acf4011dd64dc4048609e1e7ed1fdcc153e64a6f3df72c3601ccbadb9be
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.36.0
|
data/lib/aws-sdk-fms.rb
CHANGED
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -620,7 +620,7 @@ module Aws::FMS
|
|
620
620
|
# resp.policy_compliance_detail.member_account #=> String
|
621
621
|
# resp.policy_compliance_detail.violators #=> Array
|
622
622
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
623
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED"
|
623
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "RESOURCE_MISSING_DNS_FIREWALL"
|
624
624
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
625
625
|
# resp.policy_compliance_detail.evaluation_limit_exceeded #=> Boolean
|
626
626
|
# resp.policy_compliance_detail.expired_at #=> Time
|
@@ -680,7 +680,7 @@ module Aws::FMS
|
|
680
680
|
# resp.policy.policy_id #=> String
|
681
681
|
# resp.policy.policy_name #=> String
|
682
682
|
# resp.policy.policy_update_token #=> String
|
683
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
683
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
684
684
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
685
685
|
# resp.policy.resource_type #=> String
|
686
686
|
# resp.policy.resource_type_list #=> Array
|
@@ -766,7 +766,7 @@ module Aws::FMS
|
|
766
766
|
# @example Response structure
|
767
767
|
#
|
768
768
|
# resp.admin_account_id #=> String
|
769
|
-
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
769
|
+
# resp.service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
770
770
|
# resp.data #=> String
|
771
771
|
# resp.next_token #=> String
|
772
772
|
#
|
@@ -934,6 +934,17 @@ module Aws::FMS
|
|
934
934
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups #=> Array
|
935
935
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups[0].rule_group_name #=> String
|
936
936
|
# resp.violation_detail.resource_violations[0].network_firewall_policy_modified_violation.expected_policy_description.stateful_rule_groups[0].resource_id #=> String
|
937
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.violation_target #=> String
|
938
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.violation_target_description #=> String
|
939
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.conflicting_priority #=> Integer
|
940
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.conflicting_policy_id #=> String
|
941
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.unavailable_priorities #=> Array
|
942
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_priority_conflict_violation.unavailable_priorities[0] #=> Integer
|
943
|
+
# resp.violation_detail.resource_violations[0].dns_duplicate_rule_group_violation.violation_target #=> String
|
944
|
+
# resp.violation_detail.resource_violations[0].dns_duplicate_rule_group_violation.violation_target_description #=> String
|
945
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target #=> String
|
946
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.violation_target_description #=> String
|
947
|
+
# resp.violation_detail.resource_violations[0].dns_rule_group_limit_exceeded_violation.number_of_rule_groups_already_associated #=> Integer
|
937
948
|
# resp.violation_detail.resource_tags #=> Array
|
938
949
|
# resp.violation_detail.resource_tags[0].key #=> String
|
939
950
|
# resp.violation_detail.resource_tags[0].value #=> String
|
@@ -1159,7 +1170,7 @@ module Aws::FMS
|
|
1159
1170
|
# resp.policy_list[0].policy_id #=> String
|
1160
1171
|
# resp.policy_list[0].policy_name #=> String
|
1161
1172
|
# resp.policy_list[0].resource_type #=> String
|
1162
|
-
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
1173
|
+
# resp.policy_list[0].security_service_type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
1163
1174
|
# resp.policy_list[0].remediation_enabled #=> Boolean
|
1164
1175
|
# resp.next_token #=> String
|
1165
1176
|
#
|
@@ -1422,7 +1433,7 @@ module Aws::FMS
|
|
1422
1433
|
# policy_name: "ResourceName", # required
|
1423
1434
|
# policy_update_token: "PolicyUpdateToken",
|
1424
1435
|
# security_service_policy_data: { # required
|
1425
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL
|
1436
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL
|
1426
1437
|
# managed_service_data: "ManagedServiceData",
|
1427
1438
|
# },
|
1428
1439
|
# resource_type: "ResourceType", # required
|
@@ -1455,7 +1466,7 @@ module Aws::FMS
|
|
1455
1466
|
# resp.policy.policy_id #=> String
|
1456
1467
|
# resp.policy.policy_name #=> String
|
1457
1468
|
# resp.policy.policy_update_token #=> String
|
1458
|
-
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL"
|
1469
|
+
# resp.policy.security_service_policy_data.type #=> String, one of "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "DNS_FIREWALL"
|
1459
1470
|
# resp.policy.security_service_policy_data.managed_service_data #=> String
|
1460
1471
|
# resp.policy.resource_type #=> String
|
1461
1472
|
# resp.policy.resource_type_list #=> Array
|
@@ -1614,7 +1625,7 @@ module Aws::FMS
|
|
1614
1625
|
params: params,
|
1615
1626
|
config: config)
|
1616
1627
|
context[:gem_name] = 'aws-sdk-fms'
|
1617
|
-
context[:gem_version] = '1.
|
1628
|
+
context[:gem_version] = '1.36.0'
|
1618
1629
|
Seahorse::Client::Request.new(handlers, context)
|
1619
1630
|
end
|
1620
1631
|
|
@@ -25,6 +25,7 @@ module Aws::FMS
|
|
25
25
|
AwsEc2NetworkInterfaceViolation = Shapes::StructureShape.new(name: 'AwsEc2NetworkInterfaceViolation')
|
26
26
|
AwsEc2NetworkInterfaceViolations = Shapes::ListShape.new(name: 'AwsEc2NetworkInterfaceViolations')
|
27
27
|
AwsVPCSecurityGroupViolation = Shapes::StructureShape.new(name: 'AwsVPCSecurityGroupViolation')
|
28
|
+
BasicInteger = Shapes::IntegerShape.new(name: 'BasicInteger')
|
28
29
|
Boolean = Shapes::BooleanShape.new(name: 'Boolean')
|
29
30
|
CIDR = Shapes::StringShape.new(name: 'CIDR')
|
30
31
|
ComplianceViolator = Shapes::StructureShape.new(name: 'ComplianceViolator')
|
@@ -40,6 +41,11 @@ module Aws::FMS
|
|
40
41
|
DependentServiceName = Shapes::StringShape.new(name: 'DependentServiceName')
|
41
42
|
DetailedInfo = Shapes::StringShape.new(name: 'DetailedInfo')
|
42
43
|
DisassociateAdminAccountRequest = Shapes::StructureShape.new(name: 'DisassociateAdminAccountRequest')
|
44
|
+
DnsDuplicateRuleGroupViolation = Shapes::StructureShape.new(name: 'DnsDuplicateRuleGroupViolation')
|
45
|
+
DnsRuleGroupLimitExceededViolation = Shapes::StructureShape.new(name: 'DnsRuleGroupLimitExceededViolation')
|
46
|
+
DnsRuleGroupPriorities = Shapes::ListShape.new(name: 'DnsRuleGroupPriorities')
|
47
|
+
DnsRuleGroupPriority = Shapes::IntegerShape.new(name: 'DnsRuleGroupPriority')
|
48
|
+
DnsRuleGroupPriorityConflictViolation = Shapes::StructureShape.new(name: 'DnsRuleGroupPriorityConflictViolation')
|
43
49
|
ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
|
44
50
|
EvaluationResult = Shapes::StructureShape.new(name: 'EvaluationResult')
|
45
51
|
EvaluationResults = Shapes::ListShape.new(name: 'EvaluationResults')
|
@@ -232,6 +238,24 @@ module Aws::FMS
|
|
232
238
|
|
233
239
|
DisassociateAdminAccountRequest.struct_class = Types::DisassociateAdminAccountRequest
|
234
240
|
|
241
|
+
DnsDuplicateRuleGroupViolation.add_member(:violation_target, Shapes::ShapeRef.new(shape: ViolationTarget, location_name: "ViolationTarget"))
|
242
|
+
DnsDuplicateRuleGroupViolation.add_member(:violation_target_description, Shapes::ShapeRef.new(shape: LengthBoundedString, location_name: "ViolationTargetDescription"))
|
243
|
+
DnsDuplicateRuleGroupViolation.struct_class = Types::DnsDuplicateRuleGroupViolation
|
244
|
+
|
245
|
+
DnsRuleGroupLimitExceededViolation.add_member(:violation_target, Shapes::ShapeRef.new(shape: ViolationTarget, location_name: "ViolationTarget"))
|
246
|
+
DnsRuleGroupLimitExceededViolation.add_member(:violation_target_description, Shapes::ShapeRef.new(shape: LengthBoundedString, location_name: "ViolationTargetDescription"))
|
247
|
+
DnsRuleGroupLimitExceededViolation.add_member(:number_of_rule_groups_already_associated, Shapes::ShapeRef.new(shape: BasicInteger, location_name: "NumberOfRuleGroupsAlreadyAssociated"))
|
248
|
+
DnsRuleGroupLimitExceededViolation.struct_class = Types::DnsRuleGroupLimitExceededViolation
|
249
|
+
|
250
|
+
DnsRuleGroupPriorities.member = Shapes::ShapeRef.new(shape: DnsRuleGroupPriority)
|
251
|
+
|
252
|
+
DnsRuleGroupPriorityConflictViolation.add_member(:violation_target, Shapes::ShapeRef.new(shape: ViolationTarget, location_name: "ViolationTarget"))
|
253
|
+
DnsRuleGroupPriorityConflictViolation.add_member(:violation_target_description, Shapes::ShapeRef.new(shape: LengthBoundedString, location_name: "ViolationTargetDescription"))
|
254
|
+
DnsRuleGroupPriorityConflictViolation.add_member(:conflicting_priority, Shapes::ShapeRef.new(shape: DnsRuleGroupPriority, location_name: "ConflictingPriority"))
|
255
|
+
DnsRuleGroupPriorityConflictViolation.add_member(:conflicting_policy_id, Shapes::ShapeRef.new(shape: PolicyId, location_name: "ConflictingPolicyId"))
|
256
|
+
DnsRuleGroupPriorityConflictViolation.add_member(:unavailable_priorities, Shapes::ShapeRef.new(shape: DnsRuleGroupPriorities, location_name: "UnavailablePriorities"))
|
257
|
+
DnsRuleGroupPriorityConflictViolation.struct_class = Types::DnsRuleGroupPriorityConflictViolation
|
258
|
+
|
235
259
|
EvaluationResult.add_member(:compliance_status, Shapes::ShapeRef.new(shape: PolicyComplianceStatusType, location_name: "ComplianceStatus"))
|
236
260
|
EvaluationResult.add_member(:violator_count, Shapes::ShapeRef.new(shape: ResourceCount, location_name: "ViolatorCount"))
|
237
261
|
EvaluationResult.add_member(:evaluation_limit_exceeded, Shapes::ShapeRef.new(shape: Boolean, location_name: "EvaluationLimitExceeded"))
|
@@ -528,6 +552,9 @@ module Aws::FMS
|
|
528
552
|
ResourceViolation.add_member(:network_firewall_missing_subnet_violation, Shapes::ShapeRef.new(shape: NetworkFirewallMissingSubnetViolation, location_name: "NetworkFirewallMissingSubnetViolation"))
|
529
553
|
ResourceViolation.add_member(:network_firewall_missing_expected_rt_violation, Shapes::ShapeRef.new(shape: NetworkFirewallMissingExpectedRTViolation, location_name: "NetworkFirewallMissingExpectedRTViolation"))
|
530
554
|
ResourceViolation.add_member(:network_firewall_policy_modified_violation, Shapes::ShapeRef.new(shape: NetworkFirewallPolicyModifiedViolation, location_name: "NetworkFirewallPolicyModifiedViolation"))
|
555
|
+
ResourceViolation.add_member(:dns_rule_group_priority_conflict_violation, Shapes::ShapeRef.new(shape: DnsRuleGroupPriorityConflictViolation, location_name: "DnsRuleGroupPriorityConflictViolation"))
|
556
|
+
ResourceViolation.add_member(:dns_duplicate_rule_group_violation, Shapes::ShapeRef.new(shape: DnsDuplicateRuleGroupViolation, location_name: "DnsDuplicateRuleGroupViolation"))
|
557
|
+
ResourceViolation.add_member(:dns_rule_group_limit_exceeded_violation, Shapes::ShapeRef.new(shape: DnsRuleGroupLimitExceededViolation, location_name: "DnsRuleGroupLimitExceededViolation"))
|
531
558
|
ResourceViolation.struct_class = Types::ResourceViolation
|
532
559
|
|
533
560
|
ResourceViolations.member = Shapes::ShapeRef.new(shape: ResourceViolation)
|
data/lib/aws-sdk-fms/types.rb
CHANGED
@@ -394,6 +394,96 @@ module Aws::FMS
|
|
394
394
|
#
|
395
395
|
class DisassociateAdminAccountRequest < Aws::EmptyStructure; end
|
396
396
|
|
397
|
+
# A DNS Firewall rule group that Firewall Manager tried to associate
|
398
|
+
# with a VPC is already associated with the VPC and can't be associated
|
399
|
+
# again.
|
400
|
+
#
|
401
|
+
# @!attribute [rw] violation_target
|
402
|
+
# The ID of the VPC.
|
403
|
+
# @return [String]
|
404
|
+
#
|
405
|
+
# @!attribute [rw] violation_target_description
|
406
|
+
# A description of the violation that specifies the rule group and
|
407
|
+
# VPC.
|
408
|
+
# @return [String]
|
409
|
+
#
|
410
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DnsDuplicateRuleGroupViolation AWS API Documentation
|
411
|
+
#
|
412
|
+
class DnsDuplicateRuleGroupViolation < Struct.new(
|
413
|
+
:violation_target,
|
414
|
+
:violation_target_description)
|
415
|
+
SENSITIVE = []
|
416
|
+
include Aws::Structure
|
417
|
+
end
|
418
|
+
|
419
|
+
# The VPC that Firewall Manager was applying a DNS Fireall policy to
|
420
|
+
# reached the limit for associated DNS Firewall rule groups. Firewall
|
421
|
+
# Manager tried to associate another rule group with the VPC and failed
|
422
|
+
# due to the limit.
|
423
|
+
#
|
424
|
+
# @!attribute [rw] violation_target
|
425
|
+
# The ID of the VPC.
|
426
|
+
# @return [String]
|
427
|
+
#
|
428
|
+
# @!attribute [rw] violation_target_description
|
429
|
+
# A description of the violation that specifies the rule group and
|
430
|
+
# VPC.
|
431
|
+
# @return [String]
|
432
|
+
#
|
433
|
+
# @!attribute [rw] number_of_rule_groups_already_associated
|
434
|
+
# The number of rule groups currently associated with the VPC.
|
435
|
+
# @return [Integer]
|
436
|
+
#
|
437
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DnsRuleGroupLimitExceededViolation AWS API Documentation
|
438
|
+
#
|
439
|
+
class DnsRuleGroupLimitExceededViolation < Struct.new(
|
440
|
+
:violation_target,
|
441
|
+
:violation_target_description,
|
442
|
+
:number_of_rule_groups_already_associated)
|
443
|
+
SENSITIVE = []
|
444
|
+
include Aws::Structure
|
445
|
+
end
|
446
|
+
|
447
|
+
# A rule group that Firewall Manager tried to associate with a VPC has
|
448
|
+
# the same priority as a rule group that's already associated.
|
449
|
+
#
|
450
|
+
# @!attribute [rw] violation_target
|
451
|
+
# The ID of the VPC.
|
452
|
+
# @return [String]
|
453
|
+
#
|
454
|
+
# @!attribute [rw] violation_target_description
|
455
|
+
# A description of the violation that specifies the VPC and the rule
|
456
|
+
# group that's already associated with it.
|
457
|
+
# @return [String]
|
458
|
+
#
|
459
|
+
# @!attribute [rw] conflicting_priority
|
460
|
+
# The priority setting of the two conflicting rule groups.
|
461
|
+
# @return [Integer]
|
462
|
+
#
|
463
|
+
# @!attribute [rw] conflicting_policy_id
|
464
|
+
# The ID of the Firewall Manager DNS Firewall policy that was already
|
465
|
+
# applied to the VPC. This policy contains the rule group that's
|
466
|
+
# already associated with the VPC.
|
467
|
+
# @return [String]
|
468
|
+
#
|
469
|
+
# @!attribute [rw] unavailable_priorities
|
470
|
+
# The priorities of rule groups that are already associated with the
|
471
|
+
# VPC. To retry your operation, choose priority settings that aren't
|
472
|
+
# in this list for the rule groups in your new DNS Firewall policy.
|
473
|
+
# @return [Array<Integer>]
|
474
|
+
#
|
475
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DnsRuleGroupPriorityConflictViolation AWS API Documentation
|
476
|
+
#
|
477
|
+
class DnsRuleGroupPriorityConflictViolation < Struct.new(
|
478
|
+
:violation_target,
|
479
|
+
:violation_target_description,
|
480
|
+
:conflicting_priority,
|
481
|
+
:conflicting_policy_id,
|
482
|
+
:unavailable_priorities)
|
483
|
+
SENSITIVE = []
|
484
|
+
include Aws::Structure
|
485
|
+
end
|
486
|
+
|
397
487
|
# Describes the compliance status for the account. An account is
|
398
488
|
# considered noncompliant if it includes resources that are not
|
399
489
|
# protected by the specified policy or that don't comply with the
|
@@ -1431,7 +1521,7 @@ module Aws::FMS
|
|
1431
1521
|
# policy_name: "ResourceName", # required
|
1432
1522
|
# policy_update_token: "PolicyUpdateToken",
|
1433
1523
|
# security_service_policy_data: { # required
|
1434
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL
|
1524
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL
|
1435
1525
|
# managed_service_data: "ManagedServiceData",
|
1436
1526
|
# },
|
1437
1527
|
# resource_type: "ResourceType", # required
|
@@ -1951,7 +2041,7 @@ module Aws::FMS
|
|
1951
2041
|
# policy_name: "ResourceName", # required
|
1952
2042
|
# policy_update_token: "PolicyUpdateToken",
|
1953
2043
|
# security_service_policy_data: { # required
|
1954
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL
|
2044
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL
|
1955
2045
|
# managed_service_data: "ManagedServiceData",
|
1956
2046
|
# },
|
1957
2047
|
# resource_type: "ResourceType", # required
|
@@ -2162,6 +2252,25 @@ module Aws::FMS
|
|
2162
2252
|
# stateless rule group, or changed a policy default action.
|
2163
2253
|
# @return [Types::NetworkFirewallPolicyModifiedViolation]
|
2164
2254
|
#
|
2255
|
+
# @!attribute [rw] dns_rule_group_priority_conflict_violation
|
2256
|
+
# Violation detail for a DNS Firewall policy that indicates that a
|
2257
|
+
# rule group that Firewall Manager tried to associate with a VPC has
|
2258
|
+
# the same priority as a rule group that's already associated.
|
2259
|
+
# @return [Types::DnsRuleGroupPriorityConflictViolation]
|
2260
|
+
#
|
2261
|
+
# @!attribute [rw] dns_duplicate_rule_group_violation
|
2262
|
+
# Violation detail for a DNS Firewall policy that indicates that a
|
2263
|
+
# rule group that Firewall Manager tried to associate with a VPC is
|
2264
|
+
# already associated with the VPC and can't be associated again.
|
2265
|
+
# @return [Types::DnsDuplicateRuleGroupViolation]
|
2266
|
+
#
|
2267
|
+
# @!attribute [rw] dns_rule_group_limit_exceeded_violation
|
2268
|
+
# Violation details for a DNS Firewall policy that indicates that the
|
2269
|
+
# VPC reached the limit for associated DNS Firewall rule groups.
|
2270
|
+
# Firewall Manager tried to associate another rule group with the VPC
|
2271
|
+
# and failed.
|
2272
|
+
# @return [Types::DnsRuleGroupLimitExceededViolation]
|
2273
|
+
#
|
2165
2274
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceViolation AWS API Documentation
|
2166
2275
|
#
|
2167
2276
|
class ResourceViolation < Struct.new(
|
@@ -2171,7 +2280,10 @@ module Aws::FMS
|
|
2171
2280
|
:network_firewall_missing_firewall_violation,
|
2172
2281
|
:network_firewall_missing_subnet_violation,
|
2173
2282
|
:network_firewall_missing_expected_rt_violation,
|
2174
|
-
:network_firewall_policy_modified_violation
|
2283
|
+
:network_firewall_policy_modified_violation,
|
2284
|
+
:dns_rule_group_priority_conflict_violation,
|
2285
|
+
:dns_duplicate_rule_group_violation,
|
2286
|
+
:dns_rule_group_limit_exceeded_violation)
|
2175
2287
|
SENSITIVE = []
|
2176
2288
|
include Aws::Structure
|
2177
2289
|
end
|
@@ -2255,7 +2367,7 @@ module Aws::FMS
|
|
2255
2367
|
# data as a hash:
|
2256
2368
|
#
|
2257
2369
|
# {
|
2258
|
-
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL
|
2370
|
+
# type: "WAF", # required, accepts WAF, WAFV2, SHIELD_ADVANCED, SECURITY_GROUPS_COMMON, SECURITY_GROUPS_CONTENT_AUDIT, SECURITY_GROUPS_USAGE_AUDIT, NETWORK_FIREWALL, DNS_FIREWALL
|
2259
2371
|
# managed_service_data: "ManagedServiceData",
|
2260
2372
|
# }
|
2261
2373
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-fms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.36.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-01 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|
@@ -66,8 +66,8 @@ homepage: https://github.com/aws/aws-sdk-ruby
|
|
66
66
|
licenses:
|
67
67
|
- Apache-2.0
|
68
68
|
metadata:
|
69
|
-
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/
|
70
|
-
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/
|
69
|
+
source_code_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-fms
|
70
|
+
changelog_uri: https://github.com/aws/aws-sdk-ruby/tree/version-3/gems/aws-sdk-fms/CHANGELOG.md
|
71
71
|
post_install_message:
|
72
72
|
rdoc_options: []
|
73
73
|
require_paths:
|