Class: Aws::FMS::Client

Inherits:
Seahorse::Client::Base
  • Object
show all
Includes:
ClientStubs
Defined in:
lib/aws-sdk-fms/client.rb

Class Attribute Summary collapse

API Operations collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(*args) ⇒ Client

Returns a new instance of Client.

Parameters:

  • options (Hash)

    a customizable set of options



152
153
154
 
# File 'lib/aws-sdk-fms/client.rb', line 152

def initialize(*args)
  super
end

Class Attribute Details

.identifierObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



601
602
603
 
# File 'lib/aws-sdk-fms/client.rb', line 601

def identifier
  @identifier
end

Class Method Details

.errors_moduleObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future. 



604
605
606
 
# File 'lib/aws-sdk-fms/client.rb', line 604

def errors_module
  Errors
end

Instance Method Details

#associate_admin_account(params = {}) ⇒ Struct

Sets the AWS Firewall Manager administrator account. AWS Firewall Manager must be associated with a master account in AWS Organizations or associated with a member account that has the appropriate permissions. If the account ID that you submit is not an AWS Organizations master account, AWS Firewall Manager will set the appropriate permissions for the given member account.

The account that you associate with AWS Firewall Manager is called the AWS Firewall manager administrator account.

Examples:

Request syntax with placeholder values


resp = client.({
  admin_account: "AWSAccountId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

Returns:

  • (Struct)

    Returns an empty response.

See Also:



191
192
193
194
 
# File 'lib/aws-sdk-fms/client.rb', line 191

def (params = {}, options = {})
  req = build_request(:associate_admin_account, params)
  req.send_request(options)
end

#build_request(operation_name, params = {}) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parameters:

  • params ({}) (defaults to: {}) 


579
580
581
582
583
584
585
586
587
588
589
590
 
# File 'lib/aws-sdk-fms/client.rb', line 579

def build_request(operation_name, params = {})
  handlers = @handlers.for(operation_name)
  context = Seahorse::Client::RequestContext.new(
    operation_name: operation_name,
    operation: config.api.operation(operation_name),
    client: self,
    params: params,
    config: config)
  context[:gem_name] = 'aws-sdk-fms'
  context[:gem_version] = '1.0.0'
  Seahorse::Client::Request.new(handlers, context)
end

#delete_notification_channel(params = {}) ⇒ Struct

Deletes an AWS Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs.

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

  • (Struct)

    Returns an empty response.

See Also:



206
207
208
209
 
# File 'lib/aws-sdk-fms/client.rb', line 206

def delete_notification_channel(params = {}, options = {})
  req = build_request(:delete_notification_channel, params)
  req.send_request(options)
end

#delete_policy(params = {}) ⇒ Struct

Permanently deletes an AWS Firewall Manager policy.

Examples:

Request syntax with placeholder values


resp = client.delete_policy({
  policy_id: "PolicyId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :policy_id (required, String)

    The ID of the policy that you want to delete. ‘PolicyId` is returned by `PutPolicy` and by `ListPolicies`.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



229
230
231
232
 
# File 'lib/aws-sdk-fms/client.rb', line 229

def delete_policy(params = {}, options = {})
  req = build_request(:delete_policy, params)
  req.send_request(options)
end

#disassociate_admin_account(params = {}) ⇒ Struct

Disassociates the account that has been set as the AWS Firewall Manager administrator account. You will need to submit an ‘AssociateAdminAccount` request to set a new account as the AWS Firewall administrator.

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

  • (Struct)

    Returns an empty response.

See Also:



245
246
247
248
 
# File 'lib/aws-sdk-fms/client.rb', line 245

def (params = {}, options = {})
  req = build_request(:disassociate_admin_account, params)
  req.send_request(options)
end

#get_admin_account(params = {}) ⇒ Types::GetAdminAccountResponse

Returns the AWS Organizations master account that is associated with AWS Firewall Manager as the AWS Firewall Manager administrator.

Examples:

Response structure


resp. #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



265
266
267
268
 
# File 'lib/aws-sdk-fms/client.rb', line 265

def (params = {}, options = {})
  req = build_request(:get_admin_account, params)
  req.send_request(options)
end

#get_compliance_detail(params = {}) ⇒ Types::GetComplianceDetailResponse

Returns detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy. Resources are considered non-compliant if the specified policy has not been applied to them.

Examples:

Request syntax with placeholder values


resp = client.get_compliance_detail({
  policy_id: "PolicyId", # required
  member_account: "AWSAccountId", # required
})

Response structure


resp.policy_compliance_detail.policy_owner #=> String
resp.policy_compliance_detail.policy_id #=> String
resp.policy_compliance_detail. #=> String
resp.policy_compliance_detail.violators #=> Array
resp.policy_compliance_detail.violators[0].resource_id #=> String
resp.policy_compliance_detail.violators[0].violation_reason #=> String, one of "WEB_ACL_MISSING_RULE_GROUP", "RESOURCE_MISSING_WEB_ACL", "RESOURCE_INCORRECT_WEB_ACL"
resp.policy_compliance_detail.violators[0].resource_type #=> String
resp.policy_compliance_detail.evaluation_limit_exceeded #=> Boolean
resp.policy_compliance_detail.expired_at #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :policy_id (required, String)

    The ID of the policy that you want to get the details for. ‘PolicyId` is returned by `PutPolicy` and by `ListPolicies`.

  • :member_account (required, String)

    The AWS account that owns the resources that you want to get the details for.

Returns:

See Also:



310
311
312
313
 
# File 'lib/aws-sdk-fms/client.rb', line 310

def get_compliance_detail(params = {}, options = {})
  req = build_request(:get_compliance_detail, params)
  req.send_request(options)
end

#get_notification_channel(params = {}) ⇒ Types::GetNotificationChannelResponse

Returns information about the Amazon Simple Notification Service (SNS) topic that is used to record AWS Firewall Manager SNS logs.

Examples:

Response structure


resp.sns_topic_arn #=> String
resp.sns_role_name #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Returns:

See Also:



332
333
334
335
 
# File 'lib/aws-sdk-fms/client.rb', line 332

def get_notification_channel(params = {}, options = {})
  req = build_request(:get_notification_channel, params)
  req.send_request(options)
end

#get_policy(params = {}) ⇒ Types::GetPolicyResponse

Returns information about the specified AWS Firewall Manager policy.

Examples:

Request syntax with placeholder values


resp = client.get_policy({
  policy_id: "PolicyId", # required
})

Response structure


resp.policy.policy_id #=> String
resp.policy.policy_name #=> String
resp.policy.policy_update_token #=> String
resp.policy.security_service_policy_data.type #=> String, one of "WAF"
resp.policy.security_service_policy_data.managed_service_data #=> String
resp.policy.resource_type #=> String
resp.policy.resource_tags #=> Array
resp.policy.resource_tags[0].key #=> String
resp.policy.resource_tags[0].value #=> String
resp.policy.exclude_resource_tags #=> Boolean
resp.policy.remediation_enabled #=> Boolean
resp.policy_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :policy_id (required, String)

    The ID of the AWS Firewall Manager policy that you want the details for.

Returns:

See Also:



373
374
375
376
 
# File 'lib/aws-sdk-fms/client.rb', line 373

def get_policy(params = {}, options = {})
  req = build_request(:get_policy, params)
  req.send_request(options)
end

#list_compliance_status(params = {}) ⇒ Types::ListComplianceStatusResponse

Returns an array of ‘PolicyComplianceStatus` objects in the response. Use `PolicyComplianceStatus` to get a summary of which member accounts are protected by the specified policy.

Examples:

Request syntax with placeholder values


resp = client.list_compliance_status({
  policy_id: "PolicyId", # required
  next_token: "PaginationToken",
  max_results: 1,
})

Response structure


resp.policy_compliance_status_list #=> Array
resp.policy_compliance_status_list[0].policy_owner #=> String
resp.policy_compliance_status_list[0].policy_id #=> String
resp.policy_compliance_status_list[0].policy_name #=> String
resp.policy_compliance_status_list[0]. #=> String
resp.policy_compliance_status_list[0].evaluation_results #=> Array
resp.policy_compliance_status_list[0].evaluation_results[0].compliance_status #=> String, one of "COMPLIANT", "NON_COMPLIANT"
resp.policy_compliance_status_list[0].evaluation_results[0].violator_count #=> Integer
resp.policy_compliance_status_list[0].evaluation_results[0].evaluation_limit_exceeded #=> Boolean
resp.policy_compliance_status_list[0].last_updated #=> Time
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :policy_id (required, String)

    The ID of the AWS Firewall Manager policy that you want the details for.

  • :next_token (String)

    If you specify a value for ‘MaxResults` and you have more `PolicyComplianceStatus` objects than the number that you specify for `MaxResults`, AWS Firewall Manager returns a `NextToken` value in the response that allows you to list another group of `PolicyComplianceStatus` objects. For the second and subsequent `ListComplianceStatus` requests, specify the value of `NextToken` from the previous response to get information about another batch of `PolicyComplianceStatus` objects.

  • :max_results (Integer)

    Specifies the number of ‘PolicyComplianceStatus` objects that you want AWS Firewall Manager to return for this request. If you have more `PolicyComplianceStatus` objects than the number that you specify for `MaxResults`, the response includes a `NextToken` value that you can use to get another batch of `PolicyComplianceStatus` objects.

Returns:

See Also:



434
435
436
437
 
# File 'lib/aws-sdk-fms/client.rb', line 434

def list_compliance_status(params = {}, options = {})
  req = build_request(:list_compliance_status, params)
  req.send_request(options)
end

#list_policies(params = {}) ⇒ Types::ListPoliciesResponse

Returns an array of ‘PolicySummary` objects in the response.

Examples:

Request syntax with placeholder values


resp = client.list_policies({
  next_token: "PaginationToken",
  max_results: 1,
})

Response structure


resp.policy_list #=> Array
resp.policy_list[0].policy_arn #=> String
resp.policy_list[0].policy_id #=> String
resp.policy_list[0].policy_name #=> String
resp.policy_list[0].resource_type #=> String
resp.policy_list[0].security_service_type #=> String, one of "WAF"
resp.policy_list[0].remediation_enabled #=> Boolean
resp.next_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :next_token (String)

    If you specify a value for ‘MaxResults` and you have more `PolicySummary` objects than the number that you specify for `MaxResults`, AWS Firewall Manager returns a `NextToken` value in the response that allows you to list another group of `PolicySummary` objects. For the second and subsequent `ListPolicies` requests, specify the value of `NextToken` from the previous response to get information about another batch of `PolicySummary` objects.

  • :max_results (Integer)

    Specifies the number of ‘PolicySummary` objects that you want AWS Firewall Manager to return for this request. If you have more `PolicySummary` objects than the number that you specify for `MaxResults`, the response includes a `NextToken` value that you can use to get another batch of `PolicySummary` objects.

Returns:

See Also:



484
485
486
487
 
# File 'lib/aws-sdk-fms/client.rb', line 484

def list_policies(params = {}, options = {})
  req = build_request(:list_policies, params)
  req.send_request(options)
end

#put_notification_channel(params = {}) ⇒ Struct

Designates the IAM role and Amazon Simple Notification Service (SNS) topic that AWS Firewall Manager uses to record SNS logs.

Examples:

Request syntax with placeholder values


resp = client.put_notification_channel({
  sns_topic_arn: "ResourceArn", # required
  sns_role_name: "ResourceArn", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :sns_topic_arn (required, String)

    The Amazon Resource Name (ARN) of the SNS topic that collects notifications from AWS Firewall Manager.

  • :sns_role_name (required, String)

    The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to record AWS Firewall Manager activity.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



513
514
515
516
 
# File 'lib/aws-sdk-fms/client.rb', line 513

def put_notification_channel(params = {}, options = {})
  req = build_request(:put_notification_channel, params)
  req.send_request(options)
end

#put_policy(params = {}) ⇒ Types::PutPolicyResponse

Creates an AWS Firewall Manager policy.

Examples:

Request syntax with placeholder values


resp = client.put_policy({
  policy: { # required
    policy_id: "PolicyId",
    policy_name: "ResourceName", # required
    policy_update_token: "PolicyUpdateToken",
    security_service_policy_data: { # required
      type: "WAF", # required, accepts WAF
      managed_service_data: "ManagedServiceData",
    },
    resource_type: "ResourceType", # required
    resource_tags: [
      {
        key: "TagKey", # required
        value: "TagValue",
      },
    ],
    exclude_resource_tags: false, # required
    remediation_enabled: false, # required
  },
})

Response structure


resp.policy.policy_id #=> String
resp.policy.policy_name #=> String
resp.policy.policy_update_token #=> String
resp.policy.security_service_policy_data.type #=> String, one of "WAF"
resp.policy.security_service_policy_data.managed_service_data #=> String
resp.policy.resource_type #=> String
resp.policy.resource_tags #=> Array
resp.policy.resource_tags[0].key #=> String
resp.policy.resource_tags[0].value #=> String
resp.policy.exclude_resource_tags #=> Boolean
resp.policy.remediation_enabled #=> Boolean
resp.policy_arn #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :policy (required, Types::Policy)

    The details of the AWS Firewall Manager policy to be created.

Returns:

See Also:



570
571
572
573
 
# File 'lib/aws-sdk-fms/client.rb', line 570

def put_policy(params = {}, options = {})
  req = build_request(:put_policy, params)
  req.send_request(options)
end

#waiter_namesObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Deprecated. 


594
595
596
 
# File 'lib/aws-sdk-fms/client.rb', line 594

def waiter_names
  []
end