@aws-sdk/client-fms 3.554.0 → 3.563.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist-cjs/index.js +63 -1
- package/dist-es/models/models_0.js +16 -0
- package/dist-es/protocols/Aws_json1_1.js +43 -1
- package/dist-types/commands/GetAdminScopeCommand.d.ts +2 -2
- package/dist-types/commands/GetComplianceDetailCommand.d.ts +2 -23
- package/dist-types/commands/GetPolicyCommand.d.ts +41 -1
- package/dist-types/commands/GetProtectionStatusCommand.d.ts +1 -1
- package/dist-types/commands/GetViolationDetailsCommand.d.ts +147 -46
- package/dist-types/commands/ListPoliciesCommand.d.ts +1 -1
- package/dist-types/commands/PutAdminAccountCommand.d.ts +1 -1
- package/dist-types/commands/PutPolicyCommand.d.ts +93 -2
- package/dist-types/models/models_0.d.ts +426 -24
- package/dist-types/ts3.4/models/models_0.d.ts +97 -1
- package/package.json +4 -4
package/dist-cjs/index.js
CHANGED
|
@@ -37,6 +37,8 @@ __export(src_exports, {
|
|
|
37
37
|
DestinationType: () => DestinationType,
|
|
38
38
|
DisassociateAdminAccountCommand: () => DisassociateAdminAccountCommand,
|
|
39
39
|
DisassociateThirdPartyFirewallCommand: () => DisassociateThirdPartyFirewallCommand,
|
|
40
|
+
EntryType: () => EntryType,
|
|
41
|
+
EntryViolationReason: () => EntryViolationReason,
|
|
40
42
|
FMS: () => FMS,
|
|
41
43
|
FMSClient: () => FMSClient,
|
|
42
44
|
FMSServiceException: () => FMSServiceException,
|
|
@@ -71,6 +73,7 @@ __export(src_exports, {
|
|
|
71
73
|
ListTagsForResourceCommand: () => ListTagsForResourceCommand,
|
|
72
74
|
ListThirdPartyFirewallFirewallPoliciesCommand: () => ListThirdPartyFirewallFirewallPoliciesCommand,
|
|
73
75
|
MarketplaceSubscriptionOnboardingStatus: () => MarketplaceSubscriptionOnboardingStatus,
|
|
76
|
+
NetworkAclRuleAction: () => NetworkAclRuleAction,
|
|
74
77
|
NetworkFirewallOverrideAction: () => NetworkFirewallOverrideAction,
|
|
75
78
|
OrganizationStatus: () => OrganizationStatus,
|
|
76
79
|
PolicyComplianceStatusType: () => PolicyComplianceStatusType,
|
|
@@ -291,6 +294,7 @@ var OrganizationStatus = {
|
|
|
291
294
|
var SecurityServiceType = {
|
|
292
295
|
DNS_FIREWALL: "DNS_FIREWALL",
|
|
293
296
|
IMPORT_NETWORK_FIREWALL: "IMPORT_NETWORK_FIREWALL",
|
|
297
|
+
NETWORK_ACL_COMMON: "NETWORK_ACL_COMMON",
|
|
294
298
|
NETWORK_FIREWALL: "NETWORK_FIREWALL",
|
|
295
299
|
SECURITY_GROUPS_COMMON: "SECURITY_GROUPS_COMMON",
|
|
296
300
|
SECURITY_GROUPS_CONTENT_AUDIT: "SECURITY_GROUPS_CONTENT_AUDIT",
|
|
@@ -424,6 +428,7 @@ var ViolationReason = {
|
|
|
424
428
|
FirewallSubnetMissingVPCEndpoint: "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT",
|
|
425
429
|
InternetGatewayMissingExpectedRoute: "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE",
|
|
426
430
|
InternetTrafficNotInspected: "INTERNET_TRAFFIC_NOT_INSPECTED",
|
|
431
|
+
InvalidNetworkAclEntry: "INVALID_NETWORK_ACL_ENTRY",
|
|
427
432
|
InvalidRouteConfiguration: "INVALID_ROUTE_CONFIGURATION",
|
|
428
433
|
MissingExpectedRouteTable: "MISSING_EXPECTED_ROUTE_TABLE",
|
|
429
434
|
MissingFirewall: "MISSING_FIREWALL",
|
|
@@ -453,6 +458,10 @@ var CustomerPolicyStatus = {
|
|
|
453
458
|
ACTIVE: "ACTIVE",
|
|
454
459
|
OUT_OF_ADMIN_SCOPE: "OUT_OF_ADMIN_SCOPE"
|
|
455
460
|
};
|
|
461
|
+
var NetworkAclRuleAction = {
|
|
462
|
+
ALLOW: "allow",
|
|
463
|
+
DENY: "deny"
|
|
464
|
+
};
|
|
456
465
|
var FirewallDeploymentModel = {
|
|
457
466
|
CENTRALIZED: "CENTRALIZED",
|
|
458
467
|
DISTRIBUTED: "DISTRIBUTED"
|
|
@@ -488,6 +497,16 @@ var RemediationActionType = {
|
|
|
488
497
|
Modify: "MODIFY",
|
|
489
498
|
Remove: "REMOVE"
|
|
490
499
|
};
|
|
500
|
+
var EntryType = {
|
|
501
|
+
CustomEntry: "CUSTOM_ENTRY",
|
|
502
|
+
FMSManagedFirstEntry: "FMS_MANAGED_FIRST_ENTRY",
|
|
503
|
+
FMSManagedLastEntry: "FMS_MANAGED_LAST_ENTRY"
|
|
504
|
+
};
|
|
505
|
+
var EntryViolationReason = {
|
|
506
|
+
EntryConflict: "ENTRY_CONFLICT",
|
|
507
|
+
IncorrectEntryOrder: "INCORRECT_ENTRY_ORDER",
|
|
508
|
+
MissingExpectedEntry: "MISSING_EXPECTED_ENTRY"
|
|
509
|
+
};
|
|
491
510
|
var DestinationType = {
|
|
492
511
|
IPV4: "IPV4",
|
|
493
512
|
IPV6: "IPV6",
|
|
@@ -1517,6 +1536,12 @@ var de_PolicyComplianceStatusList = /* @__PURE__ */ __name((output, context) =>
|
|
|
1517
1536
|
});
|
|
1518
1537
|
return retVal;
|
|
1519
1538
|
}, "de_PolicyComplianceStatusList");
|
|
1539
|
+
var de_PossibleRemediationActions = /* @__PURE__ */ __name((output, context) => {
|
|
1540
|
+
return (0, import_smithy_client.take)(output, {
|
|
1541
|
+
Actions: import_smithy_client._json,
|
|
1542
|
+
Description: import_smithy_client.expectString
|
|
1543
|
+
});
|
|
1544
|
+
}, "de_PossibleRemediationActions");
|
|
1520
1545
|
var de_ProtocolsListData = /* @__PURE__ */ __name((output, context) => {
|
|
1521
1546
|
return (0, import_smithy_client.take)(output, {
|
|
1522
1547
|
CreateTime: (_) => (0, import_smithy_client.expectNonNull)((0, import_smithy_client.parseEpochTimestamp)((0, import_smithy_client.expectNumber)(_))),
|
|
@@ -1572,6 +1597,40 @@ var de_ResourceSetSummaryList = /* @__PURE__ */ __name((output, context) => {
|
|
|
1572
1597
|
});
|
|
1573
1598
|
return retVal;
|
|
1574
1599
|
}, "de_ResourceSetSummaryList");
|
|
1600
|
+
var de_ResourceViolation = /* @__PURE__ */ __name((output, context) => {
|
|
1601
|
+
return (0, import_smithy_client.take)(output, {
|
|
1602
|
+
AwsEc2InstanceViolation: import_smithy_client._json,
|
|
1603
|
+
AwsEc2NetworkInterfaceViolation: import_smithy_client._json,
|
|
1604
|
+
AwsVPCSecurityGroupViolation: import_smithy_client._json,
|
|
1605
|
+
DnsDuplicateRuleGroupViolation: import_smithy_client._json,
|
|
1606
|
+
DnsRuleGroupLimitExceededViolation: import_smithy_client._json,
|
|
1607
|
+
DnsRuleGroupPriorityConflictViolation: import_smithy_client._json,
|
|
1608
|
+
FirewallSubnetIsOutOfScopeViolation: import_smithy_client._json,
|
|
1609
|
+
FirewallSubnetMissingVPCEndpointViolation: import_smithy_client._json,
|
|
1610
|
+
InvalidNetworkAclEntriesViolation: import_smithy_client._json,
|
|
1611
|
+
NetworkFirewallBlackHoleRouteDetectedViolation: import_smithy_client._json,
|
|
1612
|
+
NetworkFirewallInternetTrafficNotInspectedViolation: import_smithy_client._json,
|
|
1613
|
+
NetworkFirewallInvalidRouteConfigurationViolation: import_smithy_client._json,
|
|
1614
|
+
NetworkFirewallMissingExpectedRTViolation: import_smithy_client._json,
|
|
1615
|
+
NetworkFirewallMissingExpectedRoutesViolation: import_smithy_client._json,
|
|
1616
|
+
NetworkFirewallMissingFirewallViolation: import_smithy_client._json,
|
|
1617
|
+
NetworkFirewallMissingSubnetViolation: import_smithy_client._json,
|
|
1618
|
+
NetworkFirewallPolicyModifiedViolation: import_smithy_client._json,
|
|
1619
|
+
NetworkFirewallUnexpectedFirewallRoutesViolation: import_smithy_client._json,
|
|
1620
|
+
NetworkFirewallUnexpectedGatewayRoutesViolation: import_smithy_client._json,
|
|
1621
|
+
PossibleRemediationActions: (_) => de_PossibleRemediationActions(_, context),
|
|
1622
|
+
RouteHasOutOfScopeEndpointViolation: import_smithy_client._json,
|
|
1623
|
+
ThirdPartyFirewallMissingExpectedRouteTableViolation: import_smithy_client._json,
|
|
1624
|
+
ThirdPartyFirewallMissingFirewallViolation: import_smithy_client._json,
|
|
1625
|
+
ThirdPartyFirewallMissingSubnetViolation: import_smithy_client._json
|
|
1626
|
+
});
|
|
1627
|
+
}, "de_ResourceViolation");
|
|
1628
|
+
var de_ResourceViolations = /* @__PURE__ */ __name((output, context) => {
|
|
1629
|
+
const retVal = (output || []).filter((e) => e != null).map((entry) => {
|
|
1630
|
+
return de_ResourceViolation(entry, context);
|
|
1631
|
+
});
|
|
1632
|
+
return retVal;
|
|
1633
|
+
}, "de_ResourceViolations");
|
|
1575
1634
|
var de_ViolationDetail = /* @__PURE__ */ __name((output, context) => {
|
|
1576
1635
|
return (0, import_smithy_client.take)(output, {
|
|
1577
1636
|
MemberAccount: import_smithy_client.expectString,
|
|
@@ -1580,7 +1639,7 @@ var de_ViolationDetail = /* @__PURE__ */ __name((output, context) => {
|
|
|
1580
1639
|
ResourceId: import_smithy_client.expectString,
|
|
1581
1640
|
ResourceTags: import_smithy_client._json,
|
|
1582
1641
|
ResourceType: import_smithy_client.expectString,
|
|
1583
|
-
ResourceViolations:
|
|
1642
|
+
ResourceViolations: (_) => de_ResourceViolations(_, context)
|
|
1584
1643
|
});
|
|
1585
1644
|
}, "de_ViolationDetail");
|
|
1586
1645
|
var deserializeMetadata = /* @__PURE__ */ __name((output) => ({
|
|
@@ -2481,11 +2540,14 @@ var paginateListThirdPartyFirewallFirewallPolicies = (0, import_core.createPagin
|
|
|
2481
2540
|
ViolationReason,
|
|
2482
2541
|
CustomerPolicyScopeIdType,
|
|
2483
2542
|
CustomerPolicyStatus,
|
|
2543
|
+
NetworkAclRuleAction,
|
|
2484
2544
|
FirewallDeploymentModel,
|
|
2485
2545
|
InvalidTypeException,
|
|
2486
2546
|
ResourceSetStatus,
|
|
2487
2547
|
MarketplaceSubscriptionOnboardingStatus,
|
|
2488
2548
|
RemediationActionType,
|
|
2549
|
+
EntryType,
|
|
2550
|
+
EntryViolationReason,
|
|
2489
2551
|
DestinationType,
|
|
2490
2552
|
TargetType,
|
|
2491
2553
|
RuleOrder,
|
|
@@ -15,6 +15,7 @@ export const OrganizationStatus = {
|
|
|
15
15
|
export const SecurityServiceType = {
|
|
16
16
|
DNS_FIREWALL: "DNS_FIREWALL",
|
|
17
17
|
IMPORT_NETWORK_FIREWALL: "IMPORT_NETWORK_FIREWALL",
|
|
18
|
+
NETWORK_ACL_COMMON: "NETWORK_ACL_COMMON",
|
|
18
19
|
NETWORK_FIREWALL: "NETWORK_FIREWALL",
|
|
19
20
|
SECURITY_GROUPS_COMMON: "SECURITY_GROUPS_COMMON",
|
|
20
21
|
SECURITY_GROUPS_CONTENT_AUDIT: "SECURITY_GROUPS_CONTENT_AUDIT",
|
|
@@ -123,6 +124,7 @@ export const ViolationReason = {
|
|
|
123
124
|
FirewallSubnetMissingVPCEndpoint: "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT",
|
|
124
125
|
InternetGatewayMissingExpectedRoute: "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE",
|
|
125
126
|
InternetTrafficNotInspected: "INTERNET_TRAFFIC_NOT_INSPECTED",
|
|
127
|
+
InvalidNetworkAclEntry: "INVALID_NETWORK_ACL_ENTRY",
|
|
126
128
|
InvalidRouteConfiguration: "INVALID_ROUTE_CONFIGURATION",
|
|
127
129
|
MissingExpectedRouteTable: "MISSING_EXPECTED_ROUTE_TABLE",
|
|
128
130
|
MissingFirewall: "MISSING_FIREWALL",
|
|
@@ -152,6 +154,10 @@ export const CustomerPolicyStatus = {
|
|
|
152
154
|
ACTIVE: "ACTIVE",
|
|
153
155
|
OUT_OF_ADMIN_SCOPE: "OUT_OF_ADMIN_SCOPE",
|
|
154
156
|
};
|
|
157
|
+
export const NetworkAclRuleAction = {
|
|
158
|
+
ALLOW: "allow",
|
|
159
|
+
DENY: "deny",
|
|
160
|
+
};
|
|
155
161
|
export const FirewallDeploymentModel = {
|
|
156
162
|
CENTRALIZED: "CENTRALIZED",
|
|
157
163
|
DISTRIBUTED: "DISTRIBUTED",
|
|
@@ -182,6 +188,16 @@ export const RemediationActionType = {
|
|
|
182
188
|
Modify: "MODIFY",
|
|
183
189
|
Remove: "REMOVE",
|
|
184
190
|
};
|
|
191
|
+
export const EntryType = {
|
|
192
|
+
CustomEntry: "CUSTOM_ENTRY",
|
|
193
|
+
FMSManagedFirstEntry: "FMS_MANAGED_FIRST_ENTRY",
|
|
194
|
+
FMSManagedLastEntry: "FMS_MANAGED_LAST_ENTRY",
|
|
195
|
+
};
|
|
196
|
+
export const EntryViolationReason = {
|
|
197
|
+
EntryConflict: "ENTRY_CONFLICT",
|
|
198
|
+
IncorrectEntryOrder: "INCORRECT_ENTRY_ORDER",
|
|
199
|
+
MissingExpectedEntry: "MISSING_EXPECTED_ENTRY",
|
|
200
|
+
};
|
|
185
201
|
export const DestinationType = {
|
|
186
202
|
IPV4: "IPV4",
|
|
187
203
|
IPV6: "IPV6",
|
|
@@ -1004,6 +1004,12 @@ const de_PolicyComplianceStatusList = (output, context) => {
|
|
|
1004
1004
|
});
|
|
1005
1005
|
return retVal;
|
|
1006
1006
|
};
|
|
1007
|
+
const de_PossibleRemediationActions = (output, context) => {
|
|
1008
|
+
return take(output, {
|
|
1009
|
+
Actions: _json,
|
|
1010
|
+
Description: __expectString,
|
|
1011
|
+
});
|
|
1012
|
+
};
|
|
1007
1013
|
const de_ProtocolsListData = (output, context) => {
|
|
1008
1014
|
return take(output, {
|
|
1009
1015
|
CreateTime: (_) => __expectNonNull(__parseEpochTimestamp(__expectNumber(_))),
|
|
@@ -1061,6 +1067,42 @@ const de_ResourceSetSummaryList = (output, context) => {
|
|
|
1061
1067
|
});
|
|
1062
1068
|
return retVal;
|
|
1063
1069
|
};
|
|
1070
|
+
const de_ResourceViolation = (output, context) => {
|
|
1071
|
+
return take(output, {
|
|
1072
|
+
AwsEc2InstanceViolation: _json,
|
|
1073
|
+
AwsEc2NetworkInterfaceViolation: _json,
|
|
1074
|
+
AwsVPCSecurityGroupViolation: _json,
|
|
1075
|
+
DnsDuplicateRuleGroupViolation: _json,
|
|
1076
|
+
DnsRuleGroupLimitExceededViolation: _json,
|
|
1077
|
+
DnsRuleGroupPriorityConflictViolation: _json,
|
|
1078
|
+
FirewallSubnetIsOutOfScopeViolation: _json,
|
|
1079
|
+
FirewallSubnetMissingVPCEndpointViolation: _json,
|
|
1080
|
+
InvalidNetworkAclEntriesViolation: _json,
|
|
1081
|
+
NetworkFirewallBlackHoleRouteDetectedViolation: _json,
|
|
1082
|
+
NetworkFirewallInternetTrafficNotInspectedViolation: _json,
|
|
1083
|
+
NetworkFirewallInvalidRouteConfigurationViolation: _json,
|
|
1084
|
+
NetworkFirewallMissingExpectedRTViolation: _json,
|
|
1085
|
+
NetworkFirewallMissingExpectedRoutesViolation: _json,
|
|
1086
|
+
NetworkFirewallMissingFirewallViolation: _json,
|
|
1087
|
+
NetworkFirewallMissingSubnetViolation: _json,
|
|
1088
|
+
NetworkFirewallPolicyModifiedViolation: _json,
|
|
1089
|
+
NetworkFirewallUnexpectedFirewallRoutesViolation: _json,
|
|
1090
|
+
NetworkFirewallUnexpectedGatewayRoutesViolation: _json,
|
|
1091
|
+
PossibleRemediationActions: (_) => de_PossibleRemediationActions(_, context),
|
|
1092
|
+
RouteHasOutOfScopeEndpointViolation: _json,
|
|
1093
|
+
ThirdPartyFirewallMissingExpectedRouteTableViolation: _json,
|
|
1094
|
+
ThirdPartyFirewallMissingFirewallViolation: _json,
|
|
1095
|
+
ThirdPartyFirewallMissingSubnetViolation: _json,
|
|
1096
|
+
});
|
|
1097
|
+
};
|
|
1098
|
+
const de_ResourceViolations = (output, context) => {
|
|
1099
|
+
const retVal = (output || [])
|
|
1100
|
+
.filter((e) => e != null)
|
|
1101
|
+
.map((entry) => {
|
|
1102
|
+
return de_ResourceViolation(entry, context);
|
|
1103
|
+
});
|
|
1104
|
+
return retVal;
|
|
1105
|
+
};
|
|
1064
1106
|
const de_ViolationDetail = (output, context) => {
|
|
1065
1107
|
return take(output, {
|
|
1066
1108
|
MemberAccount: __expectString,
|
|
@@ -1069,7 +1111,7 @@ const de_ViolationDetail = (output, context) => {
|
|
|
1069
1111
|
ResourceId: __expectString,
|
|
1070
1112
|
ResourceTags: _json,
|
|
1071
1113
|
ResourceType: __expectString,
|
|
1072
|
-
ResourceViolations:
|
|
1114
|
+
ResourceViolations: (_) => de_ResourceViolations(_, context),
|
|
1073
1115
|
});
|
|
1074
1116
|
};
|
|
1075
1117
|
const deserializeMetadata = (output) => ({
|
|
@@ -26,7 +26,7 @@ declare const GetAdminScopeCommand_base: {
|
|
|
26
26
|
getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
|
|
27
27
|
};
|
|
28
28
|
/**
|
|
29
|
-
* <p>Returns information about the specified account's administrative scope. The
|
|
29
|
+
* <p>Returns information about the specified account's administrative scope. The administrative scope defines the resources that an Firewall Manager administrator can manage.</p>
|
|
30
30
|
* @example
|
|
31
31
|
* Use a bare-bones client and the command you need to make an API call.
|
|
32
32
|
* ```javascript
|
|
@@ -62,7 +62,7 @@ declare const GetAdminScopeCommand_base: {
|
|
|
62
62
|
* // },
|
|
63
63
|
* // PolicyTypeScope: { // PolicyTypeScope
|
|
64
64
|
* // PolicyTypes: [ // SecurityServiceTypeList
|
|
65
|
-
* // "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL",
|
|
65
|
+
* // "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL" || "NETWORK_ACL_COMMON",
|
|
66
66
|
* // ],
|
|
67
67
|
* // AllPolicyTypesEnabled: true || false,
|
|
68
68
|
* // },
|
|
@@ -28,28 +28,7 @@ declare const GetComplianceDetailCommand_base: {
|
|
|
28
28
|
/**
|
|
29
29
|
* <p>Returns detailed compliance information about the specified member account. Details
|
|
30
30
|
* include resources that are in and out of compliance with the specified policy. </p>
|
|
31
|
-
* <
|
|
32
|
-
* <li>
|
|
33
|
-
* <p>Resources are
|
|
34
|
-
* considered noncompliant for WAF and Shield Advanced policies if the specified policy has
|
|
35
|
-
* not been applied to them.</p>
|
|
36
|
-
* </li>
|
|
37
|
-
* <li>
|
|
38
|
-
* <p>Resources are considered noncompliant for security group policies if
|
|
39
|
-
* they are in scope of the policy, they violate one or more of the policy rules, and remediation
|
|
40
|
-
* is disabled or not possible.</p>
|
|
41
|
-
* </li>
|
|
42
|
-
* <li>
|
|
43
|
-
* <p>Resources are considered noncompliant for Network Firewall policies
|
|
44
|
-
* if a firewall is missing in the VPC, if the firewall endpoint isn't set up in an expected Availability Zone and subnet,
|
|
45
|
-
* if a subnet created by the Firewall Manager doesn't have the expected route table,
|
|
46
|
-
* and for modifications to a firewall policy that violate the Firewall Manager policy's rules.</p>
|
|
47
|
-
* </li>
|
|
48
|
-
* <li>
|
|
49
|
-
* <p>Resources are considered noncompliant for DNS Firewall policies
|
|
50
|
-
* if a DNS Firewall rule group is missing from the rule group associations for the VPC. </p>
|
|
51
|
-
* </li>
|
|
52
|
-
* </ul>
|
|
31
|
+
* <p>The reasons for resources being considered compliant depend on the Firewall Manager policy type. </p>
|
|
53
32
|
* @example
|
|
54
33
|
* Use a bare-bones client and the command you need to make an API call.
|
|
55
34
|
* ```javascript
|
|
@@ -70,7 +49,7 @@ declare const GetComplianceDetailCommand_base: {
|
|
|
70
49
|
* // Violators: [ // ComplianceViolators
|
|
71
50
|
* // { // ComplianceViolator
|
|
72
51
|
* // ResourceId: "STRING_VALUE",
|
|
73
|
-
* // ViolationReason: "WEB_ACL_MISSING_RULE_GROUP" || "RESOURCE_MISSING_WEB_ACL" || "RESOURCE_INCORRECT_WEB_ACL" || "RESOURCE_MISSING_SHIELD_PROTECTION" || "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" || "RESOURCE_MISSING_SECURITY_GROUP" || "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" || "SECURITY_GROUP_UNUSED" || "SECURITY_GROUP_REDUNDANT" || "FMS_CREATED_SECURITY_GROUP_EDITED" || "MISSING_FIREWALL" || "MISSING_FIREWALL_SUBNET_IN_AZ" || "MISSING_EXPECTED_ROUTE_TABLE" || "NETWORK_FIREWALL_POLICY_MODIFIED" || "FIREWALL_SUBNET_IS_OUT_OF_SCOPE" || "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" || "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" || "UNEXPECTED_FIREWALL_ROUTES" || "UNEXPECTED_TARGET_GATEWAY_ROUTES" || "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" || "INVALID_ROUTE_CONFIGURATION" || "MISSING_TARGET_GATEWAY" || "INTERNET_TRAFFIC_NOT_INSPECTED" || "BLACK_HOLE_ROUTE_DETECTED" || "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" || "RESOURCE_MISSING_DNS_FIREWALL" || "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT" || "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT",
|
|
52
|
+
* // ViolationReason: "WEB_ACL_MISSING_RULE_GROUP" || "RESOURCE_MISSING_WEB_ACL" || "RESOURCE_INCORRECT_WEB_ACL" || "RESOURCE_MISSING_SHIELD_PROTECTION" || "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" || "RESOURCE_MISSING_SECURITY_GROUP" || "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" || "SECURITY_GROUP_UNUSED" || "SECURITY_GROUP_REDUNDANT" || "FMS_CREATED_SECURITY_GROUP_EDITED" || "MISSING_FIREWALL" || "MISSING_FIREWALL_SUBNET_IN_AZ" || "MISSING_EXPECTED_ROUTE_TABLE" || "NETWORK_FIREWALL_POLICY_MODIFIED" || "FIREWALL_SUBNET_IS_OUT_OF_SCOPE" || "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" || "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" || "UNEXPECTED_FIREWALL_ROUTES" || "UNEXPECTED_TARGET_GATEWAY_ROUTES" || "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" || "INVALID_ROUTE_CONFIGURATION" || "MISSING_TARGET_GATEWAY" || "INTERNET_TRAFFIC_NOT_INSPECTED" || "BLACK_HOLE_ROUTE_DETECTED" || "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" || "RESOURCE_MISSING_DNS_FIREWALL" || "ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT" || "FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT" || "INVALID_NETWORK_ACL_ENTRY",
|
|
74
53
|
* // ResourceType: "STRING_VALUE",
|
|
75
54
|
* // Metadata: { // ComplianceViolatorMetadata
|
|
76
55
|
* // "<keys>": "STRING_VALUE",
|
|
@@ -44,7 +44,7 @@ declare const GetPolicyCommand_base: {
|
|
|
44
44
|
* // PolicyName: "STRING_VALUE", // required
|
|
45
45
|
* // PolicyUpdateToken: "STRING_VALUE",
|
|
46
46
|
* // SecurityServicePolicyData: { // SecurityServicePolicyData
|
|
47
|
-
* // Type: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL", // required
|
|
47
|
+
* // Type: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL" || "NETWORK_ACL_COMMON", // required
|
|
48
48
|
* // ManagedServiceData: "STRING_VALUE",
|
|
49
49
|
* // PolicyOption: { // PolicyOption
|
|
50
50
|
* // NetworkFirewallPolicy: { // NetworkFirewallPolicy
|
|
@@ -53,6 +53,46 @@ declare const GetPolicyCommand_base: {
|
|
|
53
53
|
* // ThirdPartyFirewallPolicy: { // ThirdPartyFirewallPolicy
|
|
54
54
|
* // FirewallDeploymentModel: "CENTRALIZED" || "DISTRIBUTED",
|
|
55
55
|
* // },
|
|
56
|
+
* // NetworkAclCommonPolicy: { // NetworkAclCommonPolicy
|
|
57
|
+
* // NetworkAclEntrySet: { // NetworkAclEntrySet
|
|
58
|
+
* // FirstEntries: [ // NetworkAclEntries
|
|
59
|
+
* // { // NetworkAclEntry
|
|
60
|
+
* // IcmpTypeCode: { // NetworkAclIcmpTypeCode
|
|
61
|
+
* // Code: Number("int"),
|
|
62
|
+
* // Type: Number("int"),
|
|
63
|
+
* // },
|
|
64
|
+
* // Protocol: "STRING_VALUE", // required
|
|
65
|
+
* // PortRange: { // NetworkAclPortRange
|
|
66
|
+
* // From: Number("int"),
|
|
67
|
+
* // To: Number("int"),
|
|
68
|
+
* // },
|
|
69
|
+
* // CidrBlock: "STRING_VALUE",
|
|
70
|
+
* // Ipv6CidrBlock: "STRING_VALUE",
|
|
71
|
+
* // RuleAction: "allow" || "deny", // required
|
|
72
|
+
* // Egress: true || false, // required
|
|
73
|
+
* // },
|
|
74
|
+
* // ],
|
|
75
|
+
* // ForceRemediateForFirstEntries: true || false, // required
|
|
76
|
+
* // LastEntries: [
|
|
77
|
+
* // {
|
|
78
|
+
* // IcmpTypeCode: {
|
|
79
|
+
* // Code: Number("int"),
|
|
80
|
+
* // Type: Number("int"),
|
|
81
|
+
* // },
|
|
82
|
+
* // Protocol: "STRING_VALUE", // required
|
|
83
|
+
* // PortRange: {
|
|
84
|
+
* // From: Number("int"),
|
|
85
|
+
* // To: Number("int"),
|
|
86
|
+
* // },
|
|
87
|
+
* // CidrBlock: "STRING_VALUE",
|
|
88
|
+
* // Ipv6CidrBlock: "STRING_VALUE",
|
|
89
|
+
* // RuleAction: "allow" || "deny", // required
|
|
90
|
+
* // Egress: true || false, // required
|
|
91
|
+
* // },
|
|
92
|
+
* // ],
|
|
93
|
+
* // ForceRemediateForLastEntries: true || false, // required
|
|
94
|
+
* // },
|
|
95
|
+
* // },
|
|
56
96
|
* // },
|
|
57
97
|
* // },
|
|
58
98
|
* // ResourceType: "STRING_VALUE", // required
|
|
@@ -46,7 +46,7 @@ declare const GetProtectionStatusCommand_base: {
|
|
|
46
46
|
* const response = await client.send(command);
|
|
47
47
|
* // { // GetProtectionStatusResponse
|
|
48
48
|
* // AdminAccountId: "STRING_VALUE",
|
|
49
|
-
* // ServiceType: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL",
|
|
49
|
+
* // ServiceType: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL" || "NETWORK_ACL_COMMON",
|
|
50
50
|
* // Data: "STRING_VALUE",
|
|
51
51
|
* // NextToken: "STRING_VALUE",
|
|
52
52
|
* // };
|
|
@@ -350,6 +350,126 @@ declare const GetViolationDetailsCommand_base: {
|
|
|
350
350
|
* // ViolationTargetDescription: "STRING_VALUE",
|
|
351
351
|
* // NumberOfRuleGroupsAlreadyAssociated: Number("int"),
|
|
352
352
|
* // },
|
|
353
|
+
* // FirewallSubnetIsOutOfScopeViolation: { // FirewallSubnetIsOutOfScopeViolation
|
|
354
|
+
* // FirewallSubnetId: "STRING_VALUE",
|
|
355
|
+
* // VpcId: "STRING_VALUE",
|
|
356
|
+
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
357
|
+
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
358
|
+
* // VpcEndpointId: "STRING_VALUE",
|
|
359
|
+
* // },
|
|
360
|
+
* // RouteHasOutOfScopeEndpointViolation: { // RouteHasOutOfScopeEndpointViolation
|
|
361
|
+
* // SubnetId: "STRING_VALUE",
|
|
362
|
+
* // VpcId: "STRING_VALUE",
|
|
363
|
+
* // RouteTableId: "STRING_VALUE",
|
|
364
|
+
* // ViolatingRoutes: "<Routes>",
|
|
365
|
+
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
366
|
+
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
367
|
+
* // CurrentFirewallSubnetRouteTable: "STRING_VALUE",
|
|
368
|
+
* // FirewallSubnetId: "STRING_VALUE",
|
|
369
|
+
* // FirewallSubnetRoutes: "<Routes>",
|
|
370
|
+
* // InternetGatewayId: "STRING_VALUE",
|
|
371
|
+
* // CurrentInternetGatewayRouteTable: "STRING_VALUE",
|
|
372
|
+
* // InternetGatewayRoutes: "<Routes>",
|
|
373
|
+
* // },
|
|
374
|
+
* // ThirdPartyFirewallMissingFirewallViolation: { // ThirdPartyFirewallMissingFirewallViolation
|
|
375
|
+
* // ViolationTarget: "STRING_VALUE",
|
|
376
|
+
* // VPC: "STRING_VALUE",
|
|
377
|
+
* // AvailabilityZone: "STRING_VALUE",
|
|
378
|
+
* // TargetViolationReason: "STRING_VALUE",
|
|
379
|
+
* // },
|
|
380
|
+
* // ThirdPartyFirewallMissingSubnetViolation: { // ThirdPartyFirewallMissingSubnetViolation
|
|
381
|
+
* // ViolationTarget: "STRING_VALUE",
|
|
382
|
+
* // VPC: "STRING_VALUE",
|
|
383
|
+
* // AvailabilityZone: "STRING_VALUE",
|
|
384
|
+
* // TargetViolationReason: "STRING_VALUE",
|
|
385
|
+
* // },
|
|
386
|
+
* // ThirdPartyFirewallMissingExpectedRouteTableViolation: { // ThirdPartyFirewallMissingExpectedRouteTableViolation
|
|
387
|
+
* // ViolationTarget: "STRING_VALUE",
|
|
388
|
+
* // VPC: "STRING_VALUE",
|
|
389
|
+
* // AvailabilityZone: "STRING_VALUE",
|
|
390
|
+
* // CurrentRouteTable: "STRING_VALUE",
|
|
391
|
+
* // ExpectedRouteTable: "STRING_VALUE",
|
|
392
|
+
* // },
|
|
393
|
+
* // FirewallSubnetMissingVPCEndpointViolation: { // FirewallSubnetMissingVPCEndpointViolation
|
|
394
|
+
* // FirewallSubnetId: "STRING_VALUE",
|
|
395
|
+
* // VpcId: "STRING_VALUE",
|
|
396
|
+
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
397
|
+
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
398
|
+
* // },
|
|
399
|
+
* // InvalidNetworkAclEntriesViolation: { // InvalidNetworkAclEntriesViolation
|
|
400
|
+
* // Vpc: "STRING_VALUE",
|
|
401
|
+
* // Subnet: "STRING_VALUE",
|
|
402
|
+
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
403
|
+
* // CurrentAssociatedNetworkAcl: "STRING_VALUE",
|
|
404
|
+
* // EntryViolations: [ // EntryViolations
|
|
405
|
+
* // { // EntryViolation
|
|
406
|
+
* // ExpectedEntry: { // EntryDescription
|
|
407
|
+
* // EntryDetail: { // NetworkAclEntry
|
|
408
|
+
* // IcmpTypeCode: { // NetworkAclIcmpTypeCode
|
|
409
|
+
* // Code: Number("int"),
|
|
410
|
+
* // Type: Number("int"),
|
|
411
|
+
* // },
|
|
412
|
+
* // Protocol: "STRING_VALUE", // required
|
|
413
|
+
* // PortRange: { // NetworkAclPortRange
|
|
414
|
+
* // From: Number("int"),
|
|
415
|
+
* // To: Number("int"),
|
|
416
|
+
* // },
|
|
417
|
+
* // CidrBlock: "STRING_VALUE",
|
|
418
|
+
* // Ipv6CidrBlock: "STRING_VALUE",
|
|
419
|
+
* // RuleAction: "allow" || "deny", // required
|
|
420
|
+
* // Egress: true || false, // required
|
|
421
|
+
* // },
|
|
422
|
+
* // EntryRuleNumber: Number("int"),
|
|
423
|
+
* // EntryType: "FMS_MANAGED_FIRST_ENTRY" || "FMS_MANAGED_LAST_ENTRY" || "CUSTOM_ENTRY",
|
|
424
|
+
* // },
|
|
425
|
+
* // ExpectedEvaluationOrder: "STRING_VALUE",
|
|
426
|
+
* // ActualEvaluationOrder: "STRING_VALUE",
|
|
427
|
+
* // EntryAtExpectedEvaluationOrder: {
|
|
428
|
+
* // EntryDetail: {
|
|
429
|
+
* // IcmpTypeCode: {
|
|
430
|
+
* // Code: Number("int"),
|
|
431
|
+
* // Type: Number("int"),
|
|
432
|
+
* // },
|
|
433
|
+
* // Protocol: "STRING_VALUE", // required
|
|
434
|
+
* // PortRange: {
|
|
435
|
+
* // From: Number("int"),
|
|
436
|
+
* // To: Number("int"),
|
|
437
|
+
* // },
|
|
438
|
+
* // CidrBlock: "STRING_VALUE",
|
|
439
|
+
* // Ipv6CidrBlock: "STRING_VALUE",
|
|
440
|
+
* // RuleAction: "allow" || "deny", // required
|
|
441
|
+
* // Egress: true || false, // required
|
|
442
|
+
* // },
|
|
443
|
+
* // EntryRuleNumber: Number("int"),
|
|
444
|
+
* // EntryType: "FMS_MANAGED_FIRST_ENTRY" || "FMS_MANAGED_LAST_ENTRY" || "CUSTOM_ENTRY",
|
|
445
|
+
* // },
|
|
446
|
+
* // EntriesWithConflicts: [ // EntriesWithConflicts
|
|
447
|
+
* // {
|
|
448
|
+
* // EntryDetail: {
|
|
449
|
+
* // IcmpTypeCode: {
|
|
450
|
+
* // Code: Number("int"),
|
|
451
|
+
* // Type: Number("int"),
|
|
452
|
+
* // },
|
|
453
|
+
* // Protocol: "STRING_VALUE", // required
|
|
454
|
+
* // PortRange: {
|
|
455
|
+
* // From: Number("int"),
|
|
456
|
+
* // To: Number("int"),
|
|
457
|
+
* // },
|
|
458
|
+
* // CidrBlock: "STRING_VALUE",
|
|
459
|
+
* // Ipv6CidrBlock: "STRING_VALUE",
|
|
460
|
+
* // RuleAction: "allow" || "deny", // required
|
|
461
|
+
* // Egress: true || false, // required
|
|
462
|
+
* // },
|
|
463
|
+
* // EntryRuleNumber: Number("int"),
|
|
464
|
+
* // EntryType: "FMS_MANAGED_FIRST_ENTRY" || "FMS_MANAGED_LAST_ENTRY" || "CUSTOM_ENTRY",
|
|
465
|
+
* // },
|
|
466
|
+
* // ],
|
|
467
|
+
* // EntryViolationReasons: [ // EntryViolationReasons
|
|
468
|
+
* // "MISSING_EXPECTED_ENTRY" || "INCORRECT_ENTRY_ORDER" || "ENTRY_CONFLICT",
|
|
469
|
+
* // ],
|
|
470
|
+
* // },
|
|
471
|
+
* // ],
|
|
472
|
+
* // },
|
|
353
473
|
* // PossibleRemediationActions: { // PossibleRemediationActions
|
|
354
474
|
* // Description: "STRING_VALUE",
|
|
355
475
|
* // Actions: [ // PossibleRemediationActionList
|
|
@@ -422,6 +542,33 @@ declare const GetViolationDetailsCommand_base: {
|
|
|
422
542
|
* // Description: "STRING_VALUE",
|
|
423
543
|
* // FirewallCreationConfig: "STRING_VALUE",
|
|
424
544
|
* // },
|
|
545
|
+
* // CreateNetworkAclAction: { // CreateNetworkAclAction
|
|
546
|
+
* // Description: "STRING_VALUE",
|
|
547
|
+
* // Vpc: "<ActionTarget>",
|
|
548
|
+
* // FMSCanRemediate: true || false,
|
|
549
|
+
* // },
|
|
550
|
+
* // ReplaceNetworkAclAssociationAction: { // ReplaceNetworkAclAssociationAction
|
|
551
|
+
* // Description: "STRING_VALUE",
|
|
552
|
+
* // AssociationId: "<ActionTarget>",
|
|
553
|
+
* // NetworkAclId: "<ActionTarget>",
|
|
554
|
+
* // FMSCanRemediate: true || false,
|
|
555
|
+
* // },
|
|
556
|
+
* // CreateNetworkAclEntriesAction: { // CreateNetworkAclEntriesAction
|
|
557
|
+
* // Description: "STRING_VALUE",
|
|
558
|
+
* // NetworkAclId: "<ActionTarget>",
|
|
559
|
+
* // NetworkAclEntriesToBeCreated: [ // EntriesDescription
|
|
560
|
+
* // "<EntryDescription>",
|
|
561
|
+
* // ],
|
|
562
|
+
* // FMSCanRemediate: true || false,
|
|
563
|
+
* // },
|
|
564
|
+
* // DeleteNetworkAclEntriesAction: { // DeleteNetworkAclEntriesAction
|
|
565
|
+
* // Description: "STRING_VALUE",
|
|
566
|
+
* // NetworkAclId: "<ActionTarget>",
|
|
567
|
+
* // NetworkAclEntriesToBeDeleted: [
|
|
568
|
+
* // "<EntryDescription>",
|
|
569
|
+
* // ],
|
|
570
|
+
* // FMSCanRemediate: true || false,
|
|
571
|
+
* // },
|
|
425
572
|
* // },
|
|
426
573
|
* // Order: Number("int"),
|
|
427
574
|
* // },
|
|
@@ -430,52 +577,6 @@ declare const GetViolationDetailsCommand_base: {
|
|
|
430
577
|
* // },
|
|
431
578
|
* // ],
|
|
432
579
|
* // },
|
|
433
|
-
* // FirewallSubnetIsOutOfScopeViolation: { // FirewallSubnetIsOutOfScopeViolation
|
|
434
|
-
* // FirewallSubnetId: "STRING_VALUE",
|
|
435
|
-
* // VpcId: "STRING_VALUE",
|
|
436
|
-
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
437
|
-
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
438
|
-
* // VpcEndpointId: "STRING_VALUE",
|
|
439
|
-
* // },
|
|
440
|
-
* // RouteHasOutOfScopeEndpointViolation: { // RouteHasOutOfScopeEndpointViolation
|
|
441
|
-
* // SubnetId: "STRING_VALUE",
|
|
442
|
-
* // VpcId: "STRING_VALUE",
|
|
443
|
-
* // RouteTableId: "STRING_VALUE",
|
|
444
|
-
* // ViolatingRoutes: "<Routes>",
|
|
445
|
-
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
446
|
-
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
447
|
-
* // CurrentFirewallSubnetRouteTable: "STRING_VALUE",
|
|
448
|
-
* // FirewallSubnetId: "STRING_VALUE",
|
|
449
|
-
* // FirewallSubnetRoutes: "<Routes>",
|
|
450
|
-
* // InternetGatewayId: "STRING_VALUE",
|
|
451
|
-
* // CurrentInternetGatewayRouteTable: "STRING_VALUE",
|
|
452
|
-
* // InternetGatewayRoutes: "<Routes>",
|
|
453
|
-
* // },
|
|
454
|
-
* // ThirdPartyFirewallMissingFirewallViolation: { // ThirdPartyFirewallMissingFirewallViolation
|
|
455
|
-
* // ViolationTarget: "STRING_VALUE",
|
|
456
|
-
* // VPC: "STRING_VALUE",
|
|
457
|
-
* // AvailabilityZone: "STRING_VALUE",
|
|
458
|
-
* // TargetViolationReason: "STRING_VALUE",
|
|
459
|
-
* // },
|
|
460
|
-
* // ThirdPartyFirewallMissingSubnetViolation: { // ThirdPartyFirewallMissingSubnetViolation
|
|
461
|
-
* // ViolationTarget: "STRING_VALUE",
|
|
462
|
-
* // VPC: "STRING_VALUE",
|
|
463
|
-
* // AvailabilityZone: "STRING_VALUE",
|
|
464
|
-
* // TargetViolationReason: "STRING_VALUE",
|
|
465
|
-
* // },
|
|
466
|
-
* // ThirdPartyFirewallMissingExpectedRouteTableViolation: { // ThirdPartyFirewallMissingExpectedRouteTableViolation
|
|
467
|
-
* // ViolationTarget: "STRING_VALUE",
|
|
468
|
-
* // VPC: "STRING_VALUE",
|
|
469
|
-
* // AvailabilityZone: "STRING_VALUE",
|
|
470
|
-
* // CurrentRouteTable: "STRING_VALUE",
|
|
471
|
-
* // ExpectedRouteTable: "STRING_VALUE",
|
|
472
|
-
* // },
|
|
473
|
-
* // FirewallSubnetMissingVPCEndpointViolation: { // FirewallSubnetMissingVPCEndpointViolation
|
|
474
|
-
* // FirewallSubnetId: "STRING_VALUE",
|
|
475
|
-
* // VpcId: "STRING_VALUE",
|
|
476
|
-
* // SubnetAvailabilityZone: "STRING_VALUE",
|
|
477
|
-
* // SubnetAvailabilityZoneId: "STRING_VALUE",
|
|
478
|
-
* // },
|
|
479
580
|
* // },
|
|
480
581
|
* // ],
|
|
481
582
|
* // ResourceTags: [ // TagList
|
|
@@ -46,7 +46,7 @@ declare const ListPoliciesCommand_base: {
|
|
|
46
46
|
* // PolicyId: "STRING_VALUE",
|
|
47
47
|
* // PolicyName: "STRING_VALUE",
|
|
48
48
|
* // ResourceType: "STRING_VALUE",
|
|
49
|
-
* // SecurityServiceType: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL",
|
|
49
|
+
* // SecurityServiceType: "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL" || "NETWORK_ACL_COMMON",
|
|
50
50
|
* // RemediationEnabled: true || false,
|
|
51
51
|
* // DeleteUnusedFMManagedResources: true || false,
|
|
52
52
|
* // PolicyStatus: "ACTIVE" || "OUT_OF_ADMIN_SCOPE",
|
|
@@ -59,7 +59,7 @@ declare const PutAdminAccountCommand_base: {
|
|
|
59
59
|
* },
|
|
60
60
|
* PolicyTypeScope: { // PolicyTypeScope
|
|
61
61
|
* PolicyTypes: [ // SecurityServiceTypeList
|
|
62
|
-
* "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL",
|
|
62
|
+
* "WAF" || "WAFV2" || "SHIELD_ADVANCED" || "SECURITY_GROUPS_COMMON" || "SECURITY_GROUPS_CONTENT_AUDIT" || "SECURITY_GROUPS_USAGE_AUDIT" || "NETWORK_FIREWALL" || "DNS_FIREWALL" || "THIRD_PARTY_FIREWALL" || "IMPORT_NETWORK_FIREWALL" || "NETWORK_ACL_COMMON",
|
|
63
63
|
* ],
|
|
64
64
|
* AllPolicyTypesEnabled: true || false,
|
|
65
65
|
* },
|