Class: Aws::FMS::Types::Policy

Inherits:

Struct

• Object
• Struct
• Aws::FMS::Types::Policy

Includes:

Structure

Defined in:

lib/aws-sdk-fms/types.rb

Overview

Note:

When making an API call, you may pass Policy data as a hash:

{
  policy_id: "PolicyId",
  policy_name: "ResourceName", # required
  policy_update_token: "PolicyUpdateToken",
  security_service_policy_data: { # required
    type: "WAF", # required, accepts WAF
    managed_service_data: "ManagedServiceData",
  },
  resource_type: "ResourceType", # required
  resource_tags: [
    {
      key: "TagKey", # required
      value: "TagValue",
    },
  ],
  exclude_resource_tags: false, # required
  remediation_enabled: false, # required
}

An AWS Firewall Manager policy.

See Also:

• AWS API Documentation

Instance Attribute Summary

• #exclude_resource_tags ⇒ Boolean

  If set to ‘True`, resources with the tags that are specified in the `ResourceTag` array are not protected by the policy.

• #policy_id ⇒ String

  The ID of the AWS Firewall Manager policy.

• #policy_name ⇒ String

  The friendly name of the AWS Firewall Manager policy.

• #policy_update_token ⇒ String

  A unique identifier for each update to the policy.

• #remediation_enabled ⇒ Boolean

  Indicates if the policy should be automatically applied to new resources.

• #resource_tags ⇒ Array<Types::ResourceTag>

  An array of ‘ResourceTag` objects.

• #resource_type ⇒ String

  The type of resource to protect with the policy, either an Application Load Balancer or a CloudFront distribution.

• #security_service_policy_data ⇒ Types::SecurityServicePolicyData

  Details about the security service that is being used to protect the resources.

Instance Attribute Details

#exclude_resource_tags ⇒ Boolean

If set to ‘True`, resources with the tags that are specified in the `ResourceTag` array are not protected by the policy. If set to `False`, and the `ResourceTag` array is not null, only resources with the specified tags are associated with the policy.

Returns:

• (Boolean)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#policy_id ⇒ String

The ID of the AWS Firewall Manager policy.

Returns:

• (String)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#policy_name ⇒ String

The friendly name of the AWS Firewall Manager policy.

Returns:

• (String)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#policy_update_token ⇒ String

A unique identifier for each update to the policy. When issuing a ‘PutPolicy` request, the `PolicyUpdateToken` in the request must match the `PolicyUpdateToken` of the current policy version. To get the `PolicyUpdateToken` of the current policy version, use a `GetPolicy` request.

Returns:

• (String)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#remediation_enabled ⇒ Boolean

Indicates if the policy should be automatically applied to new resources.

Returns:

• (Boolean)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#resource_tags ⇒ Array<Types::ResourceTag>

An array of ‘ResourceTag` objects.

Returns:

• (Array<Types::ResourceTag>)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#resource_type ⇒ String

The type of resource to protect with the policy, either an Application Load Balancer or a CloudFront distribution. This is in the format shown in [AWS Resource Types Reference]. Valid values are ‘AWS::ElasticLoadBalancingV2::LoadBalancer` or `AWS::CloudFront::Distribution`.

[1]: docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html

Returns:

• (String)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end

#security_service_policy_data ⇒ Types::SecurityServicePolicyData

Details about the security service that is being used to protect the resources.

Returns:

• (Types::SecurityServicePolicyData)

# File 'lib/aws-sdk-fms/types.rb', line 435

class Policy < Struct.new(
  :policy_id,
  :policy_name,
  :policy_update_token,
  :security_service_policy_data,
  :resource_type,
  :resource_tags,
  :exclude_resource_tags,
  :remediation_enabled)
  include Aws::Structure
end