aws-sdk-fms 1.83.0 → 1.84.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-fms/client.rb +12 -5
- data/lib/aws-sdk-fms/client_api.rb +15 -0
- data/lib/aws-sdk-fms/types.rb +65 -14
- data/lib/aws-sdk-fms.rb +1 -1
- data/sig/types.rbs +15 -1
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ebce3b13ed731da3bdc84c48d95048df82160fcbb2183f289f4f867a16fe56d9
|
4
|
+
data.tar.gz: 70f5047dbdfe3733c07ae498903ef695327a90dc4c0a00c7401156a5d0de32cd
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 24c879ec0cc699f346fd8e19268583c75ab37f233d52df376bc10bd30d826f9d12e06271c764b2bc2ec5f18cacb02207bbccf7caeaa93fd83fd8a49a63ec28e8
|
7
|
+
data.tar.gz: eef722ede4a203b0e98823300a1dab4ebe8b4680ae565f7e659915d43fd749ee2b978f7d2d68aac2bf035a926ac68c806a0355a8b3935af61ddc338afea9ed26
|
data/CHANGELOG.md
CHANGED
data/VERSION
CHANGED
@@ -1 +1 @@
|
|
1
|
-
1.
|
1
|
+
1.84.0
|
data/lib/aws-sdk-fms/client.rb
CHANGED
@@ -954,7 +954,7 @@ module Aws::FMS
|
|
954
954
|
# resp.policy_compliance_detail.member_account #=> String
|
955
955
|
# resp.policy_compliance_detail.violators #=> Array
|
956
956
|
# resp.policy_compliance_detail.violators[0].resource_id #=> String
|
957
|
-
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT", "INVALID_NETWORK_ACL_ENTRY"
|
957
|
+
# resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL", "RESOURCE_MISSING_SHIELD_PROTECTION", "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION", "RESOURCE_MISSING_SECURITY_GROUP", "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP", "SECURITY_GROUP_UNUSED", "SECURITY_GROUP_REDUNDANT", "FMS_CREATED_SECURITY_GROUP_EDITED", "MISSING_FIREWALL", "MISSING_FIREWALL_SUBNET_IN_AZ", "MISSING_EXPECTED_ROUTE_TABLE", "NETWORK_FIREWALL_POLICY_MODIFIED", "FIREWALL_SUBNET_IS_OUT_OF_SCOPE", "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE", "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE", "UNEXPECTED_FIREWALL_ROUTES", "UNEXPECTED_TARGET_GATEWAY_ROUTES", "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY", "INVALID_ROUTE_CONFIGURATION", "MISSING_TARGET_GATEWAY", "INTERNET_TRAFFIC_NOT_INSPECTED", "BLACK_HOLE_ROUTE_DETECTED", "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET", "RESOURCE_MISSING_DNS_FIREWALL", "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT", "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT", "INVALID_NETWORK_ACL_ENTRY", "WEB_ACL_CONFIGURATION_OR_SCOPE_OF_USE"
|
958
958
|
# resp.policy_compliance_detail.violators[0].resource_type #=> String
|
959
959
|
# resp.policy_compliance_detail.violators[0].metadata #=> Hash
|
960
960
|
# resp.policy_compliance_detail.violators[0].metadata["LengthBoundedString"] #=> String
|
@@ -1265,6 +1265,8 @@ module Aws::FMS
|
|
1265
1265
|
# The ID of the Firewall Manager policy that you want the details for.
|
1266
1266
|
# You can get violation details for the following policy types:
|
1267
1267
|
#
|
1268
|
+
# * WAF
|
1269
|
+
#
|
1268
1270
|
# * DNS Firewall
|
1269
1271
|
#
|
1270
1272
|
# * Imported Network Firewall
|
@@ -1286,9 +1288,9 @@ module Aws::FMS
|
|
1286
1288
|
# @option params [required, String] :resource_type
|
1287
1289
|
# The resource type. This is in the format shown in the [Amazon Web
|
1288
1290
|
# Services Resource Types Reference][1]. Supported resource types are:
|
1289
|
-
# `AWS::
|
1290
|
-
# `AWS::EC2::
|
1291
|
-
# `AWS::EC2::Subnet`.
|
1291
|
+
# `AWS::WAFv2::WebACL`, `AWS::EC2::Instance`,
|
1292
|
+
# `AWS::EC2::NetworkInterface`, `AWS::EC2::SecurityGroup`,
|
1293
|
+
# `AWS::NetworkFirewall::FirewallPolicy`, and `AWS::EC2::Subnet`.
|
1292
1294
|
#
|
1293
1295
|
#
|
1294
1296
|
#
|
@@ -1708,6 +1710,11 @@ module Aws::FMS
|
|
1708
1710
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].remediation_action.delete_network_acl_entries_action.fms_can_remediate #=> Boolean
|
1709
1711
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].ordered_remediation_actions[0].order #=> Integer
|
1710
1712
|
# resp.violation_detail.resource_violations[0].possible_remediation_actions.actions[0].is_default_action #=> Boolean
|
1713
|
+
# resp.violation_detail.resource_violations[0].web_acl_has_incompatible_configuration_violation.web_acl_arn #=> String
|
1714
|
+
# resp.violation_detail.resource_violations[0].web_acl_has_incompatible_configuration_violation.description #=> String
|
1715
|
+
# resp.violation_detail.resource_violations[0].web_acl_has_out_of_scope_resources_violation.web_acl_arn #=> String
|
1716
|
+
# resp.violation_detail.resource_violations[0].web_acl_has_out_of_scope_resources_violation.out_of_scope_resource_list #=> Array
|
1717
|
+
# resp.violation_detail.resource_violations[0].web_acl_has_out_of_scope_resources_violation.out_of_scope_resource_list[0] #=> String
|
1711
1718
|
# resp.violation_detail.resource_tags #=> Array
|
1712
1719
|
# resp.violation_detail.resource_tags[0].key #=> String
|
1713
1720
|
# resp.violation_detail.resource_tags[0].value #=> String
|
@@ -2947,7 +2954,7 @@ module Aws::FMS
|
|
2947
2954
|
tracer: tracer
|
2948
2955
|
)
|
2949
2956
|
context[:gem_name] = 'aws-sdk-fms'
|
2950
|
-
context[:gem_version] = '1.
|
2957
|
+
context[:gem_version] = '1.84.0'
|
2951
2958
|
Seahorse::Client::Request.new(handlers, context)
|
2952
2959
|
end
|
2953
2960
|
|
@@ -248,6 +248,7 @@ module Aws::FMS
|
|
248
248
|
ReplaceNetworkAclAssociationAction = Shapes::StructureShape.new(name: 'ReplaceNetworkAclAssociationAction')
|
249
249
|
Resource = Shapes::StructureShape.new(name: 'Resource')
|
250
250
|
ResourceArn = Shapes::StringShape.new(name: 'ResourceArn')
|
251
|
+
ResourceArnList = Shapes::ListShape.new(name: 'ResourceArnList')
|
251
252
|
ResourceCount = Shapes::IntegerShape.new(name: 'ResourceCount')
|
252
253
|
ResourceDescription = Shapes::StringShape.new(name: 'ResourceDescription')
|
253
254
|
ResourceId = Shapes::StringShape.new(name: 'ResourceId')
|
@@ -310,6 +311,8 @@ module Aws::FMS
|
|
310
311
|
ViolationDetail = Shapes::StructureShape.new(name: 'ViolationDetail')
|
311
312
|
ViolationReason = Shapes::StringShape.new(name: 'ViolationReason')
|
312
313
|
ViolationTarget = Shapes::StringShape.new(name: 'ViolationTarget')
|
314
|
+
WebACLHasIncompatibleConfigurationViolation = Shapes::StructureShape.new(name: 'WebACLHasIncompatibleConfigurationViolation')
|
315
|
+
WebACLHasOutOfScopeResourcesViolation = Shapes::StructureShape.new(name: 'WebACLHasOutOfScopeResourcesViolation')
|
313
316
|
|
314
317
|
AWSAccountIdList.member = Shapes::ShapeRef.new(shape: AWSAccountId)
|
315
318
|
|
@@ -1119,6 +1122,8 @@ module Aws::FMS
|
|
1119
1122
|
Resource.add_member(:account_id, Shapes::ShapeRef.new(shape: AWSAccountId, location_name: "AccountId"))
|
1120
1123
|
Resource.struct_class = Types::Resource
|
1121
1124
|
|
1125
|
+
ResourceArnList.member = Shapes::ShapeRef.new(shape: ResourceArn)
|
1126
|
+
|
1122
1127
|
ResourceIdList.member = Shapes::ShapeRef.new(shape: ResourceId)
|
1123
1128
|
|
1124
1129
|
ResourceList.member = Shapes::ShapeRef.new(shape: Resource)
|
@@ -1178,6 +1183,8 @@ module Aws::FMS
|
|
1178
1183
|
ResourceViolation.add_member(:firewall_subnet_missing_vpc_endpoint_violation, Shapes::ShapeRef.new(shape: FirewallSubnetMissingVPCEndpointViolation, location_name: "FirewallSubnetMissingVPCEndpointViolation"))
|
1179
1184
|
ResourceViolation.add_member(:invalid_network_acl_entries_violation, Shapes::ShapeRef.new(shape: InvalidNetworkAclEntriesViolation, location_name: "InvalidNetworkAclEntriesViolation"))
|
1180
1185
|
ResourceViolation.add_member(:possible_remediation_actions, Shapes::ShapeRef.new(shape: PossibleRemediationActions, location_name: "PossibleRemediationActions"))
|
1186
|
+
ResourceViolation.add_member(:web_acl_has_incompatible_configuration_violation, Shapes::ShapeRef.new(shape: WebACLHasIncompatibleConfigurationViolation, location_name: "WebACLHasIncompatibleConfigurationViolation"))
|
1187
|
+
ResourceViolation.add_member(:web_acl_has_out_of_scope_resources_violation, Shapes::ShapeRef.new(shape: WebACLHasOutOfScopeResourcesViolation, location_name: "WebACLHasOutOfScopeResourcesViolation"))
|
1181
1188
|
ResourceViolation.struct_class = Types::ResourceViolation
|
1182
1189
|
|
1183
1190
|
ResourceViolations.member = Shapes::ShapeRef.new(shape: ResourceViolation)
|
@@ -1305,6 +1312,14 @@ module Aws::FMS
|
|
1305
1312
|
ViolationDetail.add_member(:resource_description, Shapes::ShapeRef.new(shape: LengthBoundedString, location_name: "ResourceDescription"))
|
1306
1313
|
ViolationDetail.struct_class = Types::ViolationDetail
|
1307
1314
|
|
1315
|
+
WebACLHasIncompatibleConfigurationViolation.add_member(:web_acl_arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "WebACLArn"))
|
1316
|
+
WebACLHasIncompatibleConfigurationViolation.add_member(:description, Shapes::ShapeRef.new(shape: LengthBoundedString, location_name: "Description"))
|
1317
|
+
WebACLHasIncompatibleConfigurationViolation.struct_class = Types::WebACLHasIncompatibleConfigurationViolation
|
1318
|
+
|
1319
|
+
WebACLHasOutOfScopeResourcesViolation.add_member(:web_acl_arn, Shapes::ShapeRef.new(shape: ResourceArn, location_name: "WebACLArn"))
|
1320
|
+
WebACLHasOutOfScopeResourcesViolation.add_member(:out_of_scope_resource_list, Shapes::ShapeRef.new(shape: ResourceArnList, location_name: "OutOfScopeResourceList"))
|
1321
|
+
WebACLHasOutOfScopeResourcesViolation.struct_class = Types::WebACLHasOutOfScopeResourcesViolation
|
1322
|
+
|
1308
1323
|
|
1309
1324
|
# @api private
|
1310
1325
|
API = Seahorse::Model::Api.new.tap do |api|
|
data/lib/aws-sdk-fms/types.rb
CHANGED
@@ -1813,6 +1813,8 @@ module Aws::FMS
|
|
1813
1813
|
# The ID of the Firewall Manager policy that you want the details for.
|
1814
1814
|
# You can get violation details for the following policy types:
|
1815
1815
|
#
|
1816
|
+
# * WAF
|
1817
|
+
#
|
1816
1818
|
# * DNS Firewall
|
1817
1819
|
#
|
1818
1820
|
# * Imported Network Firewall
|
@@ -1837,9 +1839,9 @@ module Aws::FMS
|
|
1837
1839
|
# @!attribute [rw] resource_type
|
1838
1840
|
# The resource type. This is in the format shown in the [Amazon Web
|
1839
1841
|
# Services Resource Types Reference][1]. Supported resource types are:
|
1840
|
-
# `AWS::
|
1841
|
-
# `AWS::EC2::
|
1842
|
-
# and `AWS::EC2::Subnet`.
|
1842
|
+
# `AWS::WAFv2::WebACL`, `AWS::EC2::Instance`,
|
1843
|
+
# `AWS::EC2::NetworkInterface`, `AWS::EC2::SecurityGroup`,
|
1844
|
+
# `AWS::NetworkFirewall::FirewallPolicy`, and `AWS::EC2::Subnet`.
|
1843
1845
|
#
|
1844
1846
|
#
|
1845
1847
|
#
|
@@ -4588,6 +4590,16 @@ module Aws::FMS
|
|
4588
4590
|
# actions.
|
4589
4591
|
# @return [Types::PossibleRemediationActions]
|
4590
4592
|
#
|
4593
|
+
# @!attribute [rw] web_acl_has_incompatible_configuration_violation
|
4594
|
+
# The violation details for a web ACL whose configuration is
|
4595
|
+
# incompatible with the Firewall Manager policy.
|
4596
|
+
# @return [Types::WebACLHasIncompatibleConfigurationViolation]
|
4597
|
+
#
|
4598
|
+
# @!attribute [rw] web_acl_has_out_of_scope_resources_violation
|
4599
|
+
# The violation details for a web ACL that's associated with at least
|
4600
|
+
# one resource that's out of scope of the Firewall Manager policy.
|
4601
|
+
# @return [Types::WebACLHasOutOfScopeResourcesViolation]
|
4602
|
+
#
|
4591
4603
|
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ResourceViolation AWS API Documentation
|
4592
4604
|
#
|
4593
4605
|
class ResourceViolation < Struct.new(
|
@@ -4614,7 +4626,9 @@ module Aws::FMS
|
|
4614
4626
|
:third_party_firewall_missing_expected_route_table_violation,
|
4615
4627
|
:firewall_subnet_missing_vpc_endpoint_violation,
|
4616
4628
|
:invalid_network_acl_entries_violation,
|
4617
|
-
:possible_remediation_actions
|
4629
|
+
:possible_remediation_actions,
|
4630
|
+
:web_acl_has_incompatible_configuration_violation,
|
4631
|
+
:web_acl_has_out_of_scope_resources_violation)
|
4618
4632
|
SENSITIVE = []
|
4619
4633
|
include Aws::Structure
|
4620
4634
|
end
|
@@ -4891,9 +4905,7 @@ module Aws::FMS
|
|
4891
4905
|
#
|
4892
4906
|
# * Example: `SECURITY_GROUPS_COMMON`
|
4893
4907
|
#
|
4894
|
-
# `"\{"type":"SECURITY_GROUPS_COMMON","revertManualSecurityGroupChanges":
|
4895
|
-
# "applyToAllEC2InstanceENIs":false,"securityGroups":[\{"id":"
|
4896
|
-
# sg-000e55995d61a06bd"\}]\}"`
|
4908
|
+
# `"\{"type":"SECURITY_GROUPS_COMMON","securityGroups":[\{"id":"sg-03b1f67d69ed00197"\}],"revertManualSecurityGroupChanges":true,"exclusiveResourceSecurityGroupManagement":true,"applyToAllEC2InstanceENIs":false,"includeSharedVPC":true,"enableSecurityGroupReferencesDistribution":true\}"`
|
4897
4909
|
#
|
4898
4910
|
# * Example: `SECURITY_GROUPS_COMMON` - Security group tag
|
4899
4911
|
# distribution
|
@@ -4922,7 +4934,7 @@ module Aws::FMS
|
|
4922
4934
|
#
|
4923
4935
|
# * Example: `SECURITY_GROUPS_CONTENT_AUDIT`
|
4924
4936
|
#
|
4925
|
-
# `"\{"type":"SECURITY_GROUPS_CONTENT_AUDIT","securityGroups":[\{"id":"sg-
|
4937
|
+
# `"\{"type":"SECURITY_GROUPS_CONTENT_AUDIT","preManagedOptions":[\{"denyProtocolAllValue":true\},\{"auditSgDirection":\{"type":"ALL"\}\}],"securityGroups":[\{"id":"sg-049b2393a25468971"\}],"securityGroupAction":\{"type":"ALLOW"\}\}"`
|
4926
4938
|
#
|
4927
4939
|
# The security group action for content audit can be `ALLOW` or
|
4928
4940
|
# `DENY`. For `ALLOW`, all in-scope security group rules must be
|
@@ -4933,7 +4945,7 @@ module Aws::FMS
|
|
4933
4945
|
#
|
4934
4946
|
# * Example: `SECURITY_GROUPS_USAGE_AUDIT`
|
4935
4947
|
#
|
4936
|
-
# `"\{"type":"SECURITY_GROUPS_USAGE_AUDIT","deleteUnusedSecurityGroups":true,"coalesceRedundantSecurityGroups":true\}"`
|
4948
|
+
# `"\{"type":"SECURITY_GROUPS_USAGE_AUDIT","deleteUnusedSecurityGroups":true,"coalesceRedundantSecurityGroups":true,"optionalDelayForUnusedInMinutes":60\}"`
|
4937
4949
|
#
|
4938
4950
|
# * Example: `SHIELD_ADVANCED` with web ACL management
|
4939
4951
|
#
|
@@ -5072,7 +5084,7 @@ module Aws::FMS
|
|
5072
5084
|
# * Example: `WAFV2` - Firewall Manager support for WAF managed rule
|
5073
5085
|
# group versioning
|
5074
5086
|
#
|
5075
|
-
# `"\{"
|
5087
|
+
# `"\{"preProcessRuleGroups":[\{"ruleGroupType":"ManagedRuleGroup","overrideAction":\{"type":"NONE"\},"sampledRequestsEnabled":true,"managedRuleGroupIdentifier":\{"managedRuleGroupName":"AWSManagedRulesAdminProtectionRuleSet","vendorName":"AWS","managedRuleGroupConfigs":null\}\}],"postProcessRuleGroups":[],"defaultAction":\{"type":"ALLOW"\},"customRequestHandling":null,"tokenDomains":null,"customResponse":null,"type":"WAFV2","overrideCustomerWebACLAssociation":false,"sampledRequestsEnabledForDefaultActions":true,"optimizeUnassociatedWebACL":true,"webACLSource":"RETROFIT_EXISTING"\}"`
|
5076
5088
|
#
|
5077
5089
|
# To use a specific version of a WAF managed rule group in your
|
5078
5090
|
# Firewall Manager policy, you must set `versionEnabled` to `true`,
|
@@ -5111,10 +5123,7 @@ module Aws::FMS
|
|
5111
5123
|
#
|
5112
5124
|
# * Example: `WAF Classic`
|
5113
5125
|
#
|
5114
|
-
# `"\{"type":
|
5115
|
-
# [\{"id":"12345678-1bcd-9012-efga-0987654321ab",
|
5116
|
-
# "overrideAction" : \{"type": "COUNT"\}\}],
|
5117
|
-
# "defaultAction": \{"type": "BLOCK"\}\}"`
|
5126
|
+
# `"\{"ruleGroups":[\{"id":"78cb36c0-1b5e-4d7d-82b2-cf48d3ad9659","overrideAction":\{"type":"NONE"\}\}],"overrideCustomerWebACLAssociation":true,"defaultAction":\{"type":"ALLOW"\},"type":"WAF"\}"`
|
5118
5127
|
#
|
5119
5128
|
#
|
5120
5129
|
#
|
@@ -5542,6 +5551,48 @@ module Aws::FMS
|
|
5542
5551
|
include Aws::Structure
|
5543
5552
|
end
|
5544
5553
|
|
5554
|
+
# The violation details for a web ACL whose configuration is
|
5555
|
+
# incompatible with the Firewall Manager policy.
|
5556
|
+
#
|
5557
|
+
# @!attribute [rw] web_acl_arn
|
5558
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
5559
|
+
# @return [String]
|
5560
|
+
#
|
5561
|
+
# @!attribute [rw] description
|
5562
|
+
# Information about the problems that Firewall Manager encountered
|
5563
|
+
# with the web ACL configuration.
|
5564
|
+
# @return [String]
|
5565
|
+
#
|
5566
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/WebACLHasIncompatibleConfigurationViolation AWS API Documentation
|
5567
|
+
#
|
5568
|
+
class WebACLHasIncompatibleConfigurationViolation < Struct.new(
|
5569
|
+
:web_acl_arn,
|
5570
|
+
:description)
|
5571
|
+
SENSITIVE = []
|
5572
|
+
include Aws::Structure
|
5573
|
+
end
|
5574
|
+
|
5575
|
+
# The violation details for a web ACL that's associated with at least
|
5576
|
+
# one resource that's out of scope of the Firewall Manager policy.
|
5577
|
+
#
|
5578
|
+
# @!attribute [rw] web_acl_arn
|
5579
|
+
# The Amazon Resource Name (ARN) of the web ACL.
|
5580
|
+
# @return [String]
|
5581
|
+
#
|
5582
|
+
# @!attribute [rw] out_of_scope_resource_list
|
5583
|
+
# An array of Amazon Resource Name (ARN) for the resources that are
|
5584
|
+
# out of scope of the policy and are associated with the web ACL.
|
5585
|
+
# @return [Array<String>]
|
5586
|
+
#
|
5587
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/WebACLHasOutOfScopeResourcesViolation AWS API Documentation
|
5588
|
+
#
|
5589
|
+
class WebACLHasOutOfScopeResourcesViolation < Struct.new(
|
5590
|
+
:web_acl_arn,
|
5591
|
+
:out_of_scope_resource_list)
|
5592
|
+
SENSITIVE = []
|
5593
|
+
include Aws::Structure
|
5594
|
+
end
|
5595
|
+
|
5545
5596
|
end
|
5546
5597
|
end
|
5547
5598
|
|
data/lib/aws-sdk-fms.rb
CHANGED
data/sig/types.rbs
CHANGED
@@ -123,7 +123,7 @@ module Aws::FMS
|
|
123
123
|
|
124
124
|
class ComplianceViolator
|
125
125
|
attr_accessor resource_id: ::String
|
126
|
-
attr_accessor violation_reason: ("WEB_ACL_MISSING_RULE_GROUP" | "RESOURCE_MISSING_WEB_ACL" | "RESOURCE_INCORRECT_WEB_ACL" | "RESOURCE_MISSING_SHIELD_PROTECTION" | "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" | "RESOURCE_MISSING_SECURITY_GROUP" | "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" | "SECURITY_GROUP_UNUSED" | "SECURITY_GROUP_REDUNDANT" | "FMS_CREATED_SECURITY_GROUP_EDITED" | "MISSING_FIREWALL" | "MISSING_FIREWALL_SUBNET_IN_AZ" | "MISSING_EXPECTED_ROUTE_TABLE" | "NETWORK_FIREWALL_POLICY_MODIFIED" | "FIREWALL_SUBNET_IS_OUT_OF_SCOPE" | "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" | "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" | "UNEXPECTED_FIREWALL_ROUTES" | "UNEXPECTED_TARGET_GATEWAY_ROUTES" | "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" | "INVALID_ROUTE_CONFIGURATION" | "MISSING_TARGET_GATEWAY" | "INTERNET_TRAFFIC_NOT_INSPECTED" | "BLACK_HOLE_ROUTE_DETECTED" | "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" | "RESOURCE_MISSING_DNS_FIREWALL" | "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT" | "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT" | "INVALID_NETWORK_ACL_ENTRY")
|
126
|
+
attr_accessor violation_reason: ("WEB_ACL_MISSING_RULE_GROUP" | "RESOURCE_MISSING_WEB_ACL" | "RESOURCE_INCORRECT_WEB_ACL" | "RESOURCE_MISSING_SHIELD_PROTECTION" | "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" | "RESOURCE_MISSING_SECURITY_GROUP" | "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" | "SECURITY_GROUP_UNUSED" | "SECURITY_GROUP_REDUNDANT" | "FMS_CREATED_SECURITY_GROUP_EDITED" | "MISSING_FIREWALL" | "MISSING_FIREWALL_SUBNET_IN_AZ" | "MISSING_EXPECTED_ROUTE_TABLE" | "NETWORK_FIREWALL_POLICY_MODIFIED" | "FIREWALL_SUBNET_IS_OUT_OF_SCOPE" | "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" | "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" | "UNEXPECTED_FIREWALL_ROUTES" | "UNEXPECTED_TARGET_GATEWAY_ROUTES" | "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" | "INVALID_ROUTE_CONFIGURATION" | "MISSING_TARGET_GATEWAY" | "INTERNET_TRAFFIC_NOT_INSPECTED" | "BLACK_HOLE_ROUTE_DETECTED" | "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" | "RESOURCE_MISSING_DNS_FIREWALL" | "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT" | "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT" | "INVALID_NETWORK_ACL_ENTRY" | "WEB_ACL_CONFIGURATION_OR_SCOPE_OF_USE")
|
127
127
|
attr_accessor resource_type: ::String
|
128
128
|
attr_accessor metadata: ::Hash[::String, ::String]
|
129
129
|
SENSITIVE: []
|
@@ -1081,6 +1081,8 @@ module Aws::FMS
|
|
1081
1081
|
attr_accessor firewall_subnet_missing_vpc_endpoint_violation: Types::FirewallSubnetMissingVPCEndpointViolation
|
1082
1082
|
attr_accessor invalid_network_acl_entries_violation: Types::InvalidNetworkAclEntriesViolation
|
1083
1083
|
attr_accessor possible_remediation_actions: Types::PossibleRemediationActions
|
1084
|
+
attr_accessor web_acl_has_incompatible_configuration_violation: Types::WebACLHasIncompatibleConfigurationViolation
|
1085
|
+
attr_accessor web_acl_has_out_of_scope_resources_violation: Types::WebACLHasOutOfScopeResourcesViolation
|
1084
1086
|
SENSITIVE: []
|
1085
1087
|
end
|
1086
1088
|
|
@@ -1224,5 +1226,17 @@ module Aws::FMS
|
|
1224
1226
|
attr_accessor resource_description: ::String
|
1225
1227
|
SENSITIVE: []
|
1226
1228
|
end
|
1229
|
+
|
1230
|
+
class WebACLHasIncompatibleConfigurationViolation
|
1231
|
+
attr_accessor web_acl_arn: ::String
|
1232
|
+
attr_accessor description: ::String
|
1233
|
+
SENSITIVE: []
|
1234
|
+
end
|
1235
|
+
|
1236
|
+
class WebACLHasOutOfScopeResourcesViolation
|
1237
|
+
attr_accessor web_acl_arn: ::String
|
1238
|
+
attr_accessor out_of_scope_resource_list: ::Array[::String]
|
1239
|
+
SENSITIVE: []
|
1240
|
+
end
|
1227
1241
|
end
|
1228
1242
|
end
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-fms
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.84.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2024-10-
|
11
|
+
date: 2024-10-21 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|