mirror of https://github.com/tidwall/tile38.git
2755 lines
96 KiB
Go
2755 lines
96 KiB
Go
// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT.
|
|
|
|
package fms
|
|
|
|
import (
|
|
"fmt"
|
|
"time"
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
"github.com/aws/aws-sdk-go/aws/awsutil"
|
|
"github.com/aws/aws-sdk-go/aws/request"
|
|
"github.com/aws/aws-sdk-go/private/protocol"
|
|
"github.com/aws/aws-sdk-go/private/protocol/jsonrpc"
|
|
)
|
|
|
|
const opAssociateAdminAccount = "AssociateAdminAccount"
|
|
|
|
// AssociateAdminAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the AssociateAdminAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See AssociateAdminAccount for more information on using the AssociateAdminAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the AssociateAdminAccountRequest method.
|
|
// req, resp := client.AssociateAdminAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount
|
|
func (c *FMS) AssociateAdminAccountRequest(input *AssociateAdminAccountInput) (req *request.Request, output *AssociateAdminAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opAssociateAdminAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &AssociateAdminAccountInput{}
|
|
}
|
|
|
|
output = &AssociateAdminAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// AssociateAdminAccount API operation for Firewall Management Service.
|
|
//
|
|
// Sets the AWS Firewall Manager administrator account. AWS Firewall Manager
|
|
// must be associated with the master account your AWS organization or associated
|
|
// with a member account that has the appropriate permissions. If the account
|
|
// ID that you submit is not an AWS Organizations master account, AWS Firewall
|
|
// Manager will set the appropriate permissions for the given member account.
|
|
//
|
|
// The account that you associate with AWS Firewall Manager is called the AWS
|
|
// Firewall Manager administrator account.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation AssociateAdminAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The parameters of the request were invalid.
|
|
//
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount
|
|
func (c *FMS) AssociateAdminAccount(input *AssociateAdminAccountInput) (*AssociateAdminAccountOutput, error) {
|
|
req, out := c.AssociateAdminAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// AssociateAdminAccountWithContext is the same as AssociateAdminAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See AssociateAdminAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) AssociateAdminAccountWithContext(ctx aws.Context, input *AssociateAdminAccountInput, opts ...request.Option) (*AssociateAdminAccountOutput, error) {
|
|
req, out := c.AssociateAdminAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeleteNotificationChannel = "DeleteNotificationChannel"
|
|
|
|
// DeleteNotificationChannelRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeleteNotificationChannel operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeleteNotificationChannel for more information on using the DeleteNotificationChannel
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeleteNotificationChannelRequest method.
|
|
// req, resp := client.DeleteNotificationChannelRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel
|
|
func (c *FMS) DeleteNotificationChannelRequest(input *DeleteNotificationChannelInput) (req *request.Request, output *DeleteNotificationChannelOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeleteNotificationChannel,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeleteNotificationChannelInput{}
|
|
}
|
|
|
|
output = &DeleteNotificationChannelOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DeleteNotificationChannel API operation for Firewall Management Service.
|
|
//
|
|
// Deletes an AWS Firewall Manager association with the IAM role and the Amazon
|
|
// Simple Notification Service (SNS) topic that is used to record AWS Firewall
|
|
// Manager SNS logs.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation DeleteNotificationChannel for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel
|
|
func (c *FMS) DeleteNotificationChannel(input *DeleteNotificationChannelInput) (*DeleteNotificationChannelOutput, error) {
|
|
req, out := c.DeleteNotificationChannelRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeleteNotificationChannelWithContext is the same as DeleteNotificationChannel with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeleteNotificationChannel for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) DeleteNotificationChannelWithContext(ctx aws.Context, input *DeleteNotificationChannelInput, opts ...request.Option) (*DeleteNotificationChannelOutput, error) {
|
|
req, out := c.DeleteNotificationChannelRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDeletePolicy = "DeletePolicy"
|
|
|
|
// DeletePolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DeletePolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DeletePolicy for more information on using the DeletePolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DeletePolicyRequest method.
|
|
// req, resp := client.DeletePolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy
|
|
func (c *FMS) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opDeletePolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DeletePolicyInput{}
|
|
}
|
|
|
|
output = &DeletePolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DeletePolicy API operation for Firewall Management Service.
|
|
//
|
|
// Permanently deletes an AWS Firewall Manager policy.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation DeletePolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy
|
|
func (c *FMS) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) {
|
|
req, out := c.DeletePolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DeletePolicyWithContext is the same as DeletePolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DeletePolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) {
|
|
req, out := c.DeletePolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opDisassociateAdminAccount = "DisassociateAdminAccount"
|
|
|
|
// DisassociateAdminAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the DisassociateAdminAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See DisassociateAdminAccount for more information on using the DisassociateAdminAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the DisassociateAdminAccountRequest method.
|
|
// req, resp := client.DisassociateAdminAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount
|
|
func (c *FMS) DisassociateAdminAccountRequest(input *DisassociateAdminAccountInput) (req *request.Request, output *DisassociateAdminAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opDisassociateAdminAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &DisassociateAdminAccountInput{}
|
|
}
|
|
|
|
output = &DisassociateAdminAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// DisassociateAdminAccount API operation for Firewall Management Service.
|
|
//
|
|
// Disassociates the account that has been set as the AWS Firewall Manager administrator
|
|
// account. To set a different account as the administrator account, you must
|
|
// submit an AssociateAdminAccount request .
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation DisassociateAdminAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount
|
|
func (c *FMS) DisassociateAdminAccount(input *DisassociateAdminAccountInput) (*DisassociateAdminAccountOutput, error) {
|
|
req, out := c.DisassociateAdminAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// DisassociateAdminAccountWithContext is the same as DisassociateAdminAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See DisassociateAdminAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) DisassociateAdminAccountWithContext(ctx aws.Context, input *DisassociateAdminAccountInput, opts ...request.Option) (*DisassociateAdminAccountOutput, error) {
|
|
req, out := c.DisassociateAdminAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opGetAdminAccount = "GetAdminAccount"
|
|
|
|
// GetAdminAccountRequest generates a "aws/request.Request" representing the
|
|
// client's request for the GetAdminAccount operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See GetAdminAccount for more information on using the GetAdminAccount
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the GetAdminAccountRequest method.
|
|
// req, resp := client.GetAdminAccountRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount
|
|
func (c *FMS) GetAdminAccountRequest(input *GetAdminAccountInput) (req *request.Request, output *GetAdminAccountOutput) {
|
|
op := &request.Operation{
|
|
Name: opGetAdminAccount,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &GetAdminAccountInput{}
|
|
}
|
|
|
|
output = &GetAdminAccountOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// GetAdminAccount API operation for Firewall Management Service.
|
|
//
|
|
// Returns the AWS Organizations master account that is associated with AWS
|
|
// Firewall Manager as the AWS Firewall Manager administrator.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation GetAdminAccount for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount
|
|
func (c *FMS) GetAdminAccount(input *GetAdminAccountInput) (*GetAdminAccountOutput, error) {
|
|
req, out := c.GetAdminAccountRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// GetAdminAccountWithContext is the same as GetAdminAccount with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See GetAdminAccount for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) GetAdminAccountWithContext(ctx aws.Context, input *GetAdminAccountInput, opts ...request.Option) (*GetAdminAccountOutput, error) {
|
|
req, out := c.GetAdminAccountRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opGetComplianceDetail = "GetComplianceDetail"
|
|
|
|
// GetComplianceDetailRequest generates a "aws/request.Request" representing the
|
|
// client's request for the GetComplianceDetail operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See GetComplianceDetail for more information on using the GetComplianceDetail
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the GetComplianceDetailRequest method.
|
|
// req, resp := client.GetComplianceDetailRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail
|
|
func (c *FMS) GetComplianceDetailRequest(input *GetComplianceDetailInput) (req *request.Request, output *GetComplianceDetailOutput) {
|
|
op := &request.Operation{
|
|
Name: opGetComplianceDetail,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &GetComplianceDetailInput{}
|
|
}
|
|
|
|
output = &GetComplianceDetailOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// GetComplianceDetail API operation for Firewall Management Service.
|
|
//
|
|
// Returns detailed compliance information about the specified member account.
|
|
// Details include resources that are in and out of compliance with the specified
|
|
// policy. Resources are considered non-compliant if the specified policy has
|
|
// not been applied to them.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation GetComplianceDetail for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail
|
|
func (c *FMS) GetComplianceDetail(input *GetComplianceDetailInput) (*GetComplianceDetailOutput, error) {
|
|
req, out := c.GetComplianceDetailRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// GetComplianceDetailWithContext is the same as GetComplianceDetail with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See GetComplianceDetail for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) GetComplianceDetailWithContext(ctx aws.Context, input *GetComplianceDetailInput, opts ...request.Option) (*GetComplianceDetailOutput, error) {
|
|
req, out := c.GetComplianceDetailRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opGetNotificationChannel = "GetNotificationChannel"
|
|
|
|
// GetNotificationChannelRequest generates a "aws/request.Request" representing the
|
|
// client's request for the GetNotificationChannel operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See GetNotificationChannel for more information on using the GetNotificationChannel
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the GetNotificationChannelRequest method.
|
|
// req, resp := client.GetNotificationChannelRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel
|
|
func (c *FMS) GetNotificationChannelRequest(input *GetNotificationChannelInput) (req *request.Request, output *GetNotificationChannelOutput) {
|
|
op := &request.Operation{
|
|
Name: opGetNotificationChannel,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &GetNotificationChannelInput{}
|
|
}
|
|
|
|
output = &GetNotificationChannelOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// GetNotificationChannel API operation for Firewall Management Service.
|
|
//
|
|
// Returns information about the Amazon Simple Notification Service (SNS) topic
|
|
// that is used to record AWS Firewall Manager SNS logs.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation GetNotificationChannel for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel
|
|
func (c *FMS) GetNotificationChannel(input *GetNotificationChannelInput) (*GetNotificationChannelOutput, error) {
|
|
req, out := c.GetNotificationChannelRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// GetNotificationChannelWithContext is the same as GetNotificationChannel with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See GetNotificationChannel for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) GetNotificationChannelWithContext(ctx aws.Context, input *GetNotificationChannelInput, opts ...request.Option) (*GetNotificationChannelOutput, error) {
|
|
req, out := c.GetNotificationChannelRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opGetPolicy = "GetPolicy"
|
|
|
|
// GetPolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the GetPolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See GetPolicy for more information on using the GetPolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the GetPolicyRequest method.
|
|
// req, resp := client.GetPolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy
|
|
func (c *FMS) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opGetPolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &GetPolicyInput{}
|
|
}
|
|
|
|
output = &GetPolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// GetPolicy API operation for Firewall Management Service.
|
|
//
|
|
// Returns information about the specified AWS Firewall Manager policy.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation GetPolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// * ErrCodeInvalidTypeException "InvalidTypeException"
|
|
// The value of the Type parameter is invalid.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy
|
|
func (c *FMS) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) {
|
|
req, out := c.GetPolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// GetPolicyWithContext is the same as GetPolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See GetPolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) {
|
|
req, out := c.GetPolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opListComplianceStatus = "ListComplianceStatus"
|
|
|
|
// ListComplianceStatusRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListComplianceStatus operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListComplianceStatus for more information on using the ListComplianceStatus
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListComplianceStatusRequest method.
|
|
// req, resp := client.ListComplianceStatusRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus
|
|
func (c *FMS) ListComplianceStatusRequest(input *ListComplianceStatusInput) (req *request.Request, output *ListComplianceStatusOutput) {
|
|
op := &request.Operation{
|
|
Name: opListComplianceStatus,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListComplianceStatusInput{}
|
|
}
|
|
|
|
output = &ListComplianceStatusOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListComplianceStatus API operation for Firewall Management Service.
|
|
//
|
|
// Returns an array of PolicyComplianceStatus objects in the response. Use PolicyComplianceStatus
|
|
// to get a summary of which member accounts are protected by the specified
|
|
// policy.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation ListComplianceStatus for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus
|
|
func (c *FMS) ListComplianceStatus(input *ListComplianceStatusInput) (*ListComplianceStatusOutput, error) {
|
|
req, out := c.ListComplianceStatusRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListComplianceStatusWithContext is the same as ListComplianceStatus with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListComplianceStatus for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) ListComplianceStatusWithContext(ctx aws.Context, input *ListComplianceStatusInput, opts ...request.Option) (*ListComplianceStatusOutput, error) {
|
|
req, out := c.ListComplianceStatusRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opListMemberAccounts = "ListMemberAccounts"
|
|
|
|
// ListMemberAccountsRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListMemberAccounts operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListMemberAccounts for more information on using the ListMemberAccounts
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListMemberAccountsRequest method.
|
|
// req, resp := client.ListMemberAccountsRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts
|
|
func (c *FMS) ListMemberAccountsRequest(input *ListMemberAccountsInput) (req *request.Request, output *ListMemberAccountsOutput) {
|
|
op := &request.Operation{
|
|
Name: opListMemberAccounts,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListMemberAccountsInput{}
|
|
}
|
|
|
|
output = &ListMemberAccountsOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListMemberAccounts API operation for Firewall Management Service.
|
|
//
|
|
// Returns a MemberAccounts object that lists the member accounts in the administrator's
|
|
// AWS organization.
|
|
//
|
|
// The ListMemberAccounts must be submitted by the account that is set as the
|
|
// AWS Firewall Manager administrator.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation ListMemberAccounts for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts
|
|
func (c *FMS) ListMemberAccounts(input *ListMemberAccountsInput) (*ListMemberAccountsOutput, error) {
|
|
req, out := c.ListMemberAccountsRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListMemberAccountsWithContext is the same as ListMemberAccounts with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListMemberAccounts for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) ListMemberAccountsWithContext(ctx aws.Context, input *ListMemberAccountsInput, opts ...request.Option) (*ListMemberAccountsOutput, error) {
|
|
req, out := c.ListMemberAccountsRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opListPolicies = "ListPolicies"
|
|
|
|
// ListPoliciesRequest generates a "aws/request.Request" representing the
|
|
// client's request for the ListPolicies operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See ListPolicies for more information on using the ListPolicies
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the ListPoliciesRequest method.
|
|
// req, resp := client.ListPoliciesRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies
|
|
func (c *FMS) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) {
|
|
op := &request.Operation{
|
|
Name: opListPolicies,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &ListPoliciesInput{}
|
|
}
|
|
|
|
output = &ListPoliciesOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// ListPolicies API operation for Firewall Management Service.
|
|
//
|
|
// Returns an array of PolicySummary objects in the response.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation ListPolicies for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeLimitExceededException "LimitExceededException"
|
|
// The operation exceeds a resource limit, for example, the maximum number of
|
|
// policy objects that you can create for an AWS account. For more information,
|
|
// see Firewall Manager Limits (http://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html)
|
|
// in the AWS WAF Developer Guide.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies
|
|
func (c *FMS) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) {
|
|
req, out := c.ListPoliciesRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// ListPoliciesWithContext is the same as ListPolicies with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See ListPolicies for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) {
|
|
req, out := c.ListPoliciesRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opPutNotificationChannel = "PutNotificationChannel"
|
|
|
|
// PutNotificationChannelRequest generates a "aws/request.Request" representing the
|
|
// client's request for the PutNotificationChannel operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See PutNotificationChannel for more information on using the PutNotificationChannel
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the PutNotificationChannelRequest method.
|
|
// req, resp := client.PutNotificationChannelRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel
|
|
func (c *FMS) PutNotificationChannelRequest(input *PutNotificationChannelInput) (req *request.Request, output *PutNotificationChannelOutput) {
|
|
op := &request.Operation{
|
|
Name: opPutNotificationChannel,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &PutNotificationChannelInput{}
|
|
}
|
|
|
|
output = &PutNotificationChannelOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler)
|
|
return
|
|
}
|
|
|
|
// PutNotificationChannel API operation for Firewall Management Service.
|
|
//
|
|
// Designates the IAM role and Amazon Simple Notification Service (SNS) topic
|
|
// that AWS Firewall Manager uses to record SNS logs.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation PutNotificationChannel for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel
|
|
func (c *FMS) PutNotificationChannel(input *PutNotificationChannelInput) (*PutNotificationChannelOutput, error) {
|
|
req, out := c.PutNotificationChannelRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// PutNotificationChannelWithContext is the same as PutNotificationChannel with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See PutNotificationChannel for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) PutNotificationChannelWithContext(ctx aws.Context, input *PutNotificationChannelInput, opts ...request.Option) (*PutNotificationChannelOutput, error) {
|
|
req, out := c.PutNotificationChannelRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
const opPutPolicy = "PutPolicy"
|
|
|
|
// PutPolicyRequest generates a "aws/request.Request" representing the
|
|
// client's request for the PutPolicy operation. The "output" return
|
|
// value will be populated with the request's response once the request completes
|
|
// successfully.
|
|
//
|
|
// Use "Send" method on the returned Request to send the API call to the service.
|
|
// the "output" return value is not valid until after Send returns without error.
|
|
//
|
|
// See PutPolicy for more information on using the PutPolicy
|
|
// API call, and error handling.
|
|
//
|
|
// This method is useful when you want to inject custom logic or configuration
|
|
// into the SDK's request lifecycle. Such as custom headers, or retry logic.
|
|
//
|
|
//
|
|
// // Example sending a request using the PutPolicyRequest method.
|
|
// req, resp := client.PutPolicyRequest(params)
|
|
//
|
|
// err := req.Send()
|
|
// if err == nil { // resp is now filled
|
|
// fmt.Println(resp)
|
|
// }
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy
|
|
func (c *FMS) PutPolicyRequest(input *PutPolicyInput) (req *request.Request, output *PutPolicyOutput) {
|
|
op := &request.Operation{
|
|
Name: opPutPolicy,
|
|
HTTPMethod: "POST",
|
|
HTTPPath: "/",
|
|
}
|
|
|
|
if input == nil {
|
|
input = &PutPolicyInput{}
|
|
}
|
|
|
|
output = &PutPolicyOutput{}
|
|
req = c.newRequest(op, input, output)
|
|
return
|
|
}
|
|
|
|
// PutPolicy API operation for Firewall Management Service.
|
|
//
|
|
// Creates an AWS Firewall Manager policy.
|
|
//
|
|
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
|
// with awserr.Error's Code and Message methods to get detailed information about
|
|
// the error.
|
|
//
|
|
// See the AWS API reference guide for Firewall Management Service's
|
|
// API operation PutPolicy for usage and error information.
|
|
//
|
|
// Returned Error Codes:
|
|
// * ErrCodeResourceNotFoundException "ResourceNotFoundException"
|
|
// The specified resource was not found.
|
|
//
|
|
// * ErrCodeInvalidOperationException "InvalidOperationException"
|
|
// The operation failed because there was nothing to do. For example, you might
|
|
// have submitted an AssociateAdminAccount request, but the account ID that
|
|
// you submitted was already set as the AWS Firewall Manager administrator.
|
|
//
|
|
// * ErrCodeInvalidInputException "InvalidInputException"
|
|
// The parameters of the request were invalid.
|
|
//
|
|
// * ErrCodeLimitExceededException "LimitExceededException"
|
|
// The operation exceeds a resource limit, for example, the maximum number of
|
|
// policy objects that you can create for an AWS account. For more information,
|
|
// see Firewall Manager Limits (http://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html)
|
|
// in the AWS WAF Developer Guide.
|
|
//
|
|
// * ErrCodeInternalErrorException "InternalErrorException"
|
|
// The operation failed because of a system problem, even though the request
|
|
// was valid. Retry your request.
|
|
//
|
|
// * ErrCodeInvalidTypeException "InvalidTypeException"
|
|
// The value of the Type parameter is invalid.
|
|
//
|
|
// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy
|
|
func (c *FMS) PutPolicy(input *PutPolicyInput) (*PutPolicyOutput, error) {
|
|
req, out := c.PutPolicyRequest(input)
|
|
return out, req.Send()
|
|
}
|
|
|
|
// PutPolicyWithContext is the same as PutPolicy with the addition of
|
|
// the ability to pass a context and additional request options.
|
|
//
|
|
// See PutPolicy for details on how to use this API operation.
|
|
//
|
|
// The context must be non-nil and will be used for request cancellation. If
|
|
// the context is nil a panic will occur. In the future the SDK may create
|
|
// sub-contexts for http.Requests. See https://golang.org/pkg/context/
|
|
// for more information on using Contexts.
|
|
func (c *FMS) PutPolicyWithContext(ctx aws.Context, input *PutPolicyInput, opts ...request.Option) (*PutPolicyOutput, error) {
|
|
req, out := c.PutPolicyRequest(input)
|
|
req.SetContext(ctx)
|
|
req.ApplyOptions(opts...)
|
|
return out, req.Send()
|
|
}
|
|
|
|
type AssociateAdminAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall
|
|
// Manager administrator account. This can be an AWS Organizations master account
|
|
// or a member account. For more information about AWS Organizations and master
|
|
// accounts, see Managing the AWS Accounts in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html).
|
|
//
|
|
// AdminAccount is a required field
|
|
AdminAccount *string `min:"1" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AssociateAdminAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AssociateAdminAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *AssociateAdminAccountInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "AssociateAdminAccountInput"}
|
|
if s.AdminAccount == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("AdminAccount"))
|
|
}
|
|
if s.AdminAccount != nil && len(*s.AdminAccount) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("AdminAccount", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetAdminAccount sets the AdminAccount field's value.
|
|
func (s *AssociateAdminAccountInput) SetAdminAccount(v string) *AssociateAdminAccountInput {
|
|
s.AdminAccount = &v
|
|
return s
|
|
}
|
|
|
|
type AssociateAdminAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s AssociateAdminAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s AssociateAdminAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Details of the resource that is not protected by the policy.
|
|
type ComplianceViolator struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The resource ID.
|
|
ResourceId *string `min:"1" type:"string"`
|
|
|
|
// The resource type. This is in the format shown in AWS Resource Types Reference
|
|
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).
|
|
// Valid values are AWS::ElasticLoadBalancingV2::LoadBalancer or AWS::CloudFront::Distribution.
|
|
ResourceType *string `min:"1" type:"string"`
|
|
|
|
// The reason that the resource is not protected by the policy.
|
|
ViolationReason *string `type:"string" enum:"ViolationReason"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ComplianceViolator) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ComplianceViolator) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetResourceId sets the ResourceId field's value.
|
|
func (s *ComplianceViolator) SetResourceId(v string) *ComplianceViolator {
|
|
s.ResourceId = &v
|
|
return s
|
|
}
|
|
|
|
// SetResourceType sets the ResourceType field's value.
|
|
func (s *ComplianceViolator) SetResourceType(v string) *ComplianceViolator {
|
|
s.ResourceType = &v
|
|
return s
|
|
}
|
|
|
|
// SetViolationReason sets the ViolationReason field's value.
|
|
func (s *ComplianceViolator) SetViolationReason(v string) *ComplianceViolator {
|
|
s.ViolationReason = &v
|
|
return s
|
|
}
|
|
|
|
type DeleteNotificationChannelInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteNotificationChannelInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteNotificationChannelInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DeleteNotificationChannelOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeleteNotificationChannelOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeleteNotificationChannelOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DeletePolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If True, the request will also delete all web ACLs in this policy. Associated
|
|
// resources will no longer be protected by web ACLs in this policy.
|
|
DeleteAllPolicyResources *bool `type:"boolean"`
|
|
|
|
// The ID of the policy that you want to delete. PolicyId is returned by PutPolicy
|
|
// and by ListPolicies.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `min:"36" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeletePolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeletePolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *DeletePolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.PolicyId != nil && len(*s.PolicyId) < 36 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetDeleteAllPolicyResources sets the DeleteAllPolicyResources field's value.
|
|
func (s *DeletePolicyInput) SetDeleteAllPolicyResources(v bool) *DeletePolicyInput {
|
|
s.DeleteAllPolicyResources = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type DeletePolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DeletePolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DeletePolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DisassociateAdminAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisassociateAdminAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisassociateAdminAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type DisassociateAdminAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s DisassociateAdminAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s DisassociateAdminAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Describes the compliance status for the account. An account is considered
|
|
// non-compliant if it includes resources that are not protected by the specified
|
|
// policy.
|
|
type EvaluationResult struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Describes an AWS account's compliance with the AWS Firewall Manager policy.
|
|
ComplianceStatus *string `type:"string" enum:"PolicyComplianceStatusType"`
|
|
|
|
// Indicates that over 100 resources are non-compliant with the AWS Firewall
|
|
// Manager policy.
|
|
EvaluationLimitExceeded *bool `type:"boolean"`
|
|
|
|
// Number of resources that are non-compliant with the specified policy. A resource
|
|
// is considered non-compliant if it is not associated with the specified policy.
|
|
ViolatorCount *int64 `type:"long"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s EvaluationResult) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s EvaluationResult) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetComplianceStatus sets the ComplianceStatus field's value.
|
|
func (s *EvaluationResult) SetComplianceStatus(v string) *EvaluationResult {
|
|
s.ComplianceStatus = &v
|
|
return s
|
|
}
|
|
|
|
// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value.
|
|
func (s *EvaluationResult) SetEvaluationLimitExceeded(v bool) *EvaluationResult {
|
|
s.EvaluationLimitExceeded = &v
|
|
return s
|
|
}
|
|
|
|
// SetViolatorCount sets the ViolatorCount field's value.
|
|
func (s *EvaluationResult) SetViolatorCount(v int64) *EvaluationResult {
|
|
s.ViolatorCount = &v
|
|
return s
|
|
}
|
|
|
|
type GetAdminAccountInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetAdminAccountInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetAdminAccountInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type GetAdminAccountOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The AWS account that is set as the AWS Firewall Manager administrator.
|
|
AdminAccount *string `min:"1" type:"string"`
|
|
|
|
// The status of the AWS account that you set as the AWS Firewall Manager administrator.
|
|
RoleStatus *string `type:"string" enum:"AccountRoleStatus"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetAdminAccountOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetAdminAccountOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetAdminAccount sets the AdminAccount field's value.
|
|
func (s *GetAdminAccountOutput) SetAdminAccount(v string) *GetAdminAccountOutput {
|
|
s.AdminAccount = &v
|
|
return s
|
|
}
|
|
|
|
// SetRoleStatus sets the RoleStatus field's value.
|
|
func (s *GetAdminAccountOutput) SetRoleStatus(v string) *GetAdminAccountOutput {
|
|
s.RoleStatus = &v
|
|
return s
|
|
}
|
|
|
|
type GetComplianceDetailInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The AWS account that owns the resources that you want to get the details
|
|
// for.
|
|
//
|
|
// MemberAccount is a required field
|
|
MemberAccount *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The ID of the policy that you want to get the details for. PolicyId is returned
|
|
// by PutPolicy and by ListPolicies.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `min:"36" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetComplianceDetailInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetComplianceDetailInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *GetComplianceDetailInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "GetComplianceDetailInput"}
|
|
if s.MemberAccount == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("MemberAccount"))
|
|
}
|
|
if s.MemberAccount != nil && len(*s.MemberAccount) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("MemberAccount", 1))
|
|
}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.PolicyId != nil && len(*s.PolicyId) < 36 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMemberAccount sets the MemberAccount field's value.
|
|
func (s *GetComplianceDetailInput) SetMemberAccount(v string) *GetComplianceDetailInput {
|
|
s.MemberAccount = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *GetComplianceDetailInput) SetPolicyId(v string) *GetComplianceDetailInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type GetComplianceDetailOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Information about the resources and the policy that you specified in the
|
|
// GetComplianceDetail request.
|
|
PolicyComplianceDetail *PolicyComplianceDetail `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetComplianceDetailOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetComplianceDetailOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicyComplianceDetail sets the PolicyComplianceDetail field's value.
|
|
func (s *GetComplianceDetailOutput) SetPolicyComplianceDetail(v *PolicyComplianceDetail) *GetComplianceDetailOutput {
|
|
s.PolicyComplianceDetail = v
|
|
return s
|
|
}
|
|
|
|
type GetNotificationChannelInput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetNotificationChannelInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetNotificationChannelInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type GetNotificationChannelOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The IAM role that is used by AWS Firewall Manager to record activity to SNS.
|
|
SnsRoleName *string `min:"1" type:"string"`
|
|
|
|
// The SNS topic that records AWS Firewall Manager activity.
|
|
SnsTopicArn *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetNotificationChannelOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetNotificationChannelOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetSnsRoleName sets the SnsRoleName field's value.
|
|
func (s *GetNotificationChannelOutput) SetSnsRoleName(v string) *GetNotificationChannelOutput {
|
|
s.SnsRoleName = &v
|
|
return s
|
|
}
|
|
|
|
// SetSnsTopicArn sets the SnsTopicArn field's value.
|
|
func (s *GetNotificationChannelOutput) SetSnsTopicArn(v string) *GetNotificationChannelOutput {
|
|
s.SnsTopicArn = &v
|
|
return s
|
|
}
|
|
|
|
type GetPolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The ID of the AWS Firewall Manager policy that you want the details for.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `min:"36" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetPolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetPolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *GetPolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.PolicyId != nil && len(*s.PolicyId) < 36 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type GetPolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Information about the specified AWS Firewall Manager policy.
|
|
Policy *Policy `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the specified policy.
|
|
PolicyArn *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s GetPolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s GetPolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyArn sets the PolicyArn field's value.
|
|
func (s *GetPolicyOutput) SetPolicyArn(v string) *GetPolicyOutput {
|
|
s.PolicyArn = &v
|
|
return s
|
|
}
|
|
|
|
type ListComplianceStatusInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the number of PolicyComplianceStatus objects that you want AWS
|
|
// Firewall Manager to return for this request. If you have more PolicyComplianceStatus
|
|
// objects than the number that you specify for MaxResults, the response includes
|
|
// a NextToken value that you can use to get another batch of PolicyComplianceStatus
|
|
// objects.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// If you specify a value for MaxResults and you have more PolicyComplianceStatus
|
|
// objects than the number that you specify for MaxResults, AWS Firewall Manager
|
|
// returns a NextToken value in the response that allows you to list another
|
|
// group of PolicyComplianceStatus objects. For the second and subsequent ListComplianceStatus
|
|
// requests, specify the value of NextToken from the previous response to get
|
|
// information about another batch of PolicyComplianceStatus objects.
|
|
NextToken *string `min:"1" type:"string"`
|
|
|
|
// The ID of the AWS Firewall Manager policy that you want the details for.
|
|
//
|
|
// PolicyId is a required field
|
|
PolicyId *string `min:"36" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListComplianceStatusInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListComplianceStatusInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListComplianceStatusInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListComplianceStatusInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.NextToken != nil && len(*s.NextToken) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
|
|
}
|
|
if s.PolicyId == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyId"))
|
|
}
|
|
if s.PolicyId != nil && len(*s.PolicyId) < 36 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListComplianceStatusInput) SetMaxResults(v int64) *ListComplianceStatusInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListComplianceStatusInput) SetNextToken(v string) *ListComplianceStatusInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *ListComplianceStatusInput) SetPolicyId(v string) *ListComplianceStatusInput {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
type ListComplianceStatusOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If you have more PolicyComplianceStatus objects than the number that you
|
|
// specified for MaxResults in the request, the response includes a NextToken
|
|
// value. To list more PolicyComplianceStatus objects, submit another ListComplianceStatus
|
|
// request, and specify the NextToken value from the response in the NextToken
|
|
// value in the next request.
|
|
NextToken *string `min:"1" type:"string"`
|
|
|
|
// An array of PolicyComplianceStatus objects.
|
|
PolicyComplianceStatusList []*PolicyComplianceStatus `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListComplianceStatusOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListComplianceStatusOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListComplianceStatusOutput) SetNextToken(v string) *ListComplianceStatusOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyComplianceStatusList sets the PolicyComplianceStatusList field's value.
|
|
func (s *ListComplianceStatusOutput) SetPolicyComplianceStatusList(v []*PolicyComplianceStatus) *ListComplianceStatusOutput {
|
|
s.PolicyComplianceStatusList = v
|
|
return s
|
|
}
|
|
|
|
type ListMemberAccountsInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the number of member account IDs that you want AWS Firewall Manager
|
|
// to return for this request. If you have more IDs than the number that you
|
|
// specify for MaxResults, the response includes a NextToken value that you
|
|
// can use to get another batch of member account IDs.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// If you specify a value for MaxResults and you have more account IDs than
|
|
// the number that you specify for MaxResults, AWS Firewall Manager returns
|
|
// a NextToken value in the response that allows you to list another group of
|
|
// IDs. For the second and subsequent ListMemberAccountsRequest requests, specify
|
|
// the value of NextToken from the previous response to get information about
|
|
// another batch of member account IDs.
|
|
NextToken *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListMemberAccountsInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListMemberAccountsInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListMemberAccountsInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListMemberAccountsInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.NextToken != nil && len(*s.NextToken) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListMemberAccountsInput) SetMaxResults(v int64) *ListMemberAccountsInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListMemberAccountsInput) SetNextToken(v string) *ListMemberAccountsInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListMemberAccountsOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// An array of account IDs.
|
|
MemberAccounts []*string `type:"list"`
|
|
|
|
// If you have more member account IDs than the number that you specified for
|
|
// MaxResults in the request, the response includes a NextToken value. To list
|
|
// more IDs, submit another ListMemberAccounts request, and specify the NextToken
|
|
// value from the response in the NextToken value in the next request.
|
|
NextToken *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListMemberAccountsOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListMemberAccountsOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetMemberAccounts sets the MemberAccounts field's value.
|
|
func (s *ListMemberAccountsOutput) SetMemberAccounts(v []*string) *ListMemberAccountsOutput {
|
|
s.MemberAccounts = v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListMemberAccountsOutput) SetNextToken(v string) *ListMemberAccountsOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the number of PolicySummary objects that you want AWS Firewall
|
|
// Manager to return for this request. If you have more PolicySummary objects
|
|
// than the number that you specify for MaxResults, the response includes a
|
|
// NextToken value that you can use to get another batch of PolicySummary objects.
|
|
MaxResults *int64 `min:"1" type:"integer"`
|
|
|
|
// If you specify a value for MaxResults and you have more PolicySummary objects
|
|
// than the number that you specify for MaxResults, AWS Firewall Manager returns
|
|
// a NextToken value in the response that allows you to list another group of
|
|
// PolicySummary objects. For the second and subsequent ListPolicies requests,
|
|
// specify the value of NextToken from the previous response to get information
|
|
// about another batch of PolicySummary objects.
|
|
NextToken *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ListPoliciesInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"}
|
|
if s.MaxResults != nil && *s.MaxResults < 1 {
|
|
invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1))
|
|
}
|
|
if s.NextToken != nil && len(*s.NextToken) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("NextToken", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetMaxResults sets the MaxResults field's value.
|
|
func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput {
|
|
s.MaxResults = &v
|
|
return s
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
type ListPoliciesOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// If you have more PolicySummary objects than the number that you specified
|
|
// for MaxResults in the request, the response includes a NextToken value. To
|
|
// list more PolicySummary objects, submit another ListPolicies request, and
|
|
// specify the NextToken value from the response in the NextToken value in the
|
|
// next request.
|
|
NextToken *string `min:"1" type:"string"`
|
|
|
|
// An array of PolicySummary objects.
|
|
PolicyList []*PolicySummary `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ListPoliciesOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ListPoliciesOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetNextToken sets the NextToken field's value.
|
|
func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput {
|
|
s.NextToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyList sets the PolicyList field's value.
|
|
func (s *ListPoliciesOutput) SetPolicyList(v []*PolicySummary) *ListPoliciesOutput {
|
|
s.PolicyList = v
|
|
return s
|
|
}
|
|
|
|
// An AWS Firewall Manager policy.
|
|
type Policy struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Specifies the AWS account IDs to exclude from the policy. The IncludeMap
|
|
// values are evaluated first, with all the appropriate account IDs added to
|
|
// the policy. Then the accounts listed in ExcludeMap are removed, resulting
|
|
// in the final list of accounts to add to the policy.
|
|
//
|
|
// The key to the map is ACCOUNT. For example, a valid ExcludeMap would be {“ACCOUNT”
|
|
// : [“accountID1”, “accountID2”]}.
|
|
ExcludeMap map[string][]*string `type:"map"`
|
|
|
|
// If set to True, resources with the tags that are specified in the ResourceTag
|
|
// array are not protected by the policy. If set to False, and the ResourceTag
|
|
// array is not null, only resources with the specified tags are associated
|
|
// with the policy.
|
|
//
|
|
// ExcludeResourceTags is a required field
|
|
ExcludeResourceTags *bool `type:"boolean" required:"true"`
|
|
|
|
// Specifies the AWS account IDs to include in the policy. If IncludeMap is
|
|
// null, all accounts in the organization in AWS Organizations are included
|
|
// in the policy. If IncludeMap is not null, only values listed in IncludeMap
|
|
// are included in the policy.
|
|
//
|
|
// The key to the map is ACCOUNT. For example, a valid IncludeMap would be {“ACCOUNT”
|
|
// : [“accountID1”, “accountID2”]}.
|
|
IncludeMap map[string][]*string `type:"map"`
|
|
|
|
// The ID of the AWS Firewall Manager policy.
|
|
PolicyId *string `min:"36" type:"string"`
|
|
|
|
// The friendly name of the AWS Firewall Manager policy.
|
|
//
|
|
// PolicyName is a required field
|
|
PolicyName *string `min:"1" type:"string" required:"true"`
|
|
|
|
// A unique identifier for each update to the policy. When issuing a PutPolicy
|
|
// request, the PolicyUpdateToken in the request must match the PolicyUpdateToken
|
|
// of the current policy version. To get the PolicyUpdateToken of the current
|
|
// policy version, use a GetPolicy request.
|
|
PolicyUpdateToken *string `min:"1" type:"string"`
|
|
|
|
// Indicates if the policy should be automatically applied to new resources.
|
|
//
|
|
// RemediationEnabled is a required field
|
|
RemediationEnabled *bool `type:"boolean" required:"true"`
|
|
|
|
// An array of ResourceTag objects.
|
|
ResourceTags []*ResourceTag `type:"list"`
|
|
|
|
// The type of resource to protect with the policy, either an Application Load
|
|
// Balancer or a CloudFront distribution. This is in the format shown in AWS
|
|
// Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).
|
|
// Valid values are AWS::ElasticLoadBalancingV2::LoadBalancer or AWS::CloudFront::Distribution.
|
|
//
|
|
// ResourceType is a required field
|
|
ResourceType *string `min:"1" type:"string" required:"true"`
|
|
|
|
// Details about the security service that is being used to protect the resources.
|
|
//
|
|
// SecurityServicePolicyData is a required field
|
|
SecurityServicePolicyData *SecurityServicePolicyData `type:"structure" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s Policy) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s Policy) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *Policy) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "Policy"}
|
|
if s.ExcludeResourceTags == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ExcludeResourceTags"))
|
|
}
|
|
if s.PolicyId != nil && len(*s.PolicyId) < 36 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36))
|
|
}
|
|
if s.PolicyName == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("PolicyName"))
|
|
}
|
|
if s.PolicyName != nil && len(*s.PolicyName) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1))
|
|
}
|
|
if s.PolicyUpdateToken != nil && len(*s.PolicyUpdateToken) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("PolicyUpdateToken", 1))
|
|
}
|
|
if s.RemediationEnabled == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("RemediationEnabled"))
|
|
}
|
|
if s.ResourceType == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("ResourceType"))
|
|
}
|
|
if s.ResourceType != nil && len(*s.ResourceType) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1))
|
|
}
|
|
if s.SecurityServicePolicyData == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("SecurityServicePolicyData"))
|
|
}
|
|
if s.ResourceTags != nil {
|
|
for i, v := range s.ResourceTags {
|
|
if v == nil {
|
|
continue
|
|
}
|
|
if err := v.Validate(); err != nil {
|
|
invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceTags", i), err.(request.ErrInvalidParams))
|
|
}
|
|
}
|
|
}
|
|
if s.SecurityServicePolicyData != nil {
|
|
if err := s.SecurityServicePolicyData.Validate(); err != nil {
|
|
invalidParams.AddNested("SecurityServicePolicyData", err.(request.ErrInvalidParams))
|
|
}
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetExcludeMap sets the ExcludeMap field's value.
|
|
func (s *Policy) SetExcludeMap(v map[string][]*string) *Policy {
|
|
s.ExcludeMap = v
|
|
return s
|
|
}
|
|
|
|
// SetExcludeResourceTags sets the ExcludeResourceTags field's value.
|
|
func (s *Policy) SetExcludeResourceTags(v bool) *Policy {
|
|
s.ExcludeResourceTags = &v
|
|
return s
|
|
}
|
|
|
|
// SetIncludeMap sets the IncludeMap field's value.
|
|
func (s *Policy) SetIncludeMap(v map[string][]*string) *Policy {
|
|
s.IncludeMap = v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *Policy) SetPolicyId(v string) *Policy {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyName sets the PolicyName field's value.
|
|
func (s *Policy) SetPolicyName(v string) *Policy {
|
|
s.PolicyName = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyUpdateToken sets the PolicyUpdateToken field's value.
|
|
func (s *Policy) SetPolicyUpdateToken(v string) *Policy {
|
|
s.PolicyUpdateToken = &v
|
|
return s
|
|
}
|
|
|
|
// SetRemediationEnabled sets the RemediationEnabled field's value.
|
|
func (s *Policy) SetRemediationEnabled(v bool) *Policy {
|
|
s.RemediationEnabled = &v
|
|
return s
|
|
}
|
|
|
|
// SetResourceTags sets the ResourceTags field's value.
|
|
func (s *Policy) SetResourceTags(v []*ResourceTag) *Policy {
|
|
s.ResourceTags = v
|
|
return s
|
|
}
|
|
|
|
// SetResourceType sets the ResourceType field's value.
|
|
func (s *Policy) SetResourceType(v string) *Policy {
|
|
s.ResourceType = &v
|
|
return s
|
|
}
|
|
|
|
// SetSecurityServicePolicyData sets the SecurityServicePolicyData field's value.
|
|
func (s *Policy) SetSecurityServicePolicyData(v *SecurityServicePolicyData) *Policy {
|
|
s.SecurityServicePolicyData = v
|
|
return s
|
|
}
|
|
|
|
// Describes the non-compliant resources in a member account for a specific
|
|
// AWS Firewall Manager policy. A maximum of 100 entries are displayed. If more
|
|
// than 100 resources are non-compliant, EvaluationLimitExceeded is set to True.
|
|
type PolicyComplianceDetail struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Indicates if over 100 resources are non-compliant with the AWS Firewall Manager
|
|
// policy.
|
|
EvaluationLimitExceeded *bool `type:"boolean"`
|
|
|
|
// A time stamp that indicates when the returned information should be considered
|
|
// out-of-date.
|
|
ExpiredAt *time.Time `type:"timestamp"`
|
|
|
|
// Details about problems with dependent services, such as AWS WAF or AWS Config,
|
|
// that are causing a resource to be non-compliant. The details include the
|
|
// name of the dependent service and the error message received that indicates
|
|
// the problem with the service.
|
|
IssueInfoMap map[string]*string `type:"map"`
|
|
|
|
// The AWS account ID.
|
|
MemberAccount *string `min:"1" type:"string"`
|
|
|
|
// The ID of the AWS Firewall Manager policy.
|
|
PolicyId *string `min:"36" type:"string"`
|
|
|
|
// The AWS account that created the AWS Firewall Manager policy.
|
|
PolicyOwner *string `min:"1" type:"string"`
|
|
|
|
// An array of resources that are not protected by the policy.
|
|
Violators []*ComplianceViolator `type:"list"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicyComplianceDetail) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicyComplianceDetail) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value.
|
|
func (s *PolicyComplianceDetail) SetEvaluationLimitExceeded(v bool) *PolicyComplianceDetail {
|
|
s.EvaluationLimitExceeded = &v
|
|
return s
|
|
}
|
|
|
|
// SetExpiredAt sets the ExpiredAt field's value.
|
|
func (s *PolicyComplianceDetail) SetExpiredAt(v time.Time) *PolicyComplianceDetail {
|
|
s.ExpiredAt = &v
|
|
return s
|
|
}
|
|
|
|
// SetIssueInfoMap sets the IssueInfoMap field's value.
|
|
func (s *PolicyComplianceDetail) SetIssueInfoMap(v map[string]*string) *PolicyComplianceDetail {
|
|
s.IssueInfoMap = v
|
|
return s
|
|
}
|
|
|
|
// SetMemberAccount sets the MemberAccount field's value.
|
|
func (s *PolicyComplianceDetail) SetMemberAccount(v string) *PolicyComplianceDetail {
|
|
s.MemberAccount = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *PolicyComplianceDetail) SetPolicyId(v string) *PolicyComplianceDetail {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyOwner sets the PolicyOwner field's value.
|
|
func (s *PolicyComplianceDetail) SetPolicyOwner(v string) *PolicyComplianceDetail {
|
|
s.PolicyOwner = &v
|
|
return s
|
|
}
|
|
|
|
// SetViolators sets the Violators field's value.
|
|
func (s *PolicyComplianceDetail) SetViolators(v []*ComplianceViolator) *PolicyComplianceDetail {
|
|
s.Violators = v
|
|
return s
|
|
}
|
|
|
|
// Indicates whether the account is compliant with the specified policy. An
|
|
// account is considered non-compliant if it includes resources that are not
|
|
// protected by the policy.
|
|
type PolicyComplianceStatus struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// An array of EvaluationResult objects.
|
|
EvaluationResults []*EvaluationResult `type:"list"`
|
|
|
|
// Details about problems with dependent services, such as AWS WAF or AWS Config,
|
|
// that are causing a resource to be non-compliant. The details include the
|
|
// name of the dependent service and the error message received that indicates
|
|
// the problem with the service.
|
|
IssueInfoMap map[string]*string `type:"map"`
|
|
|
|
// Time stamp of the last update to the EvaluationResult objects.
|
|
LastUpdated *time.Time `type:"timestamp"`
|
|
|
|
// The member account ID.
|
|
MemberAccount *string `min:"1" type:"string"`
|
|
|
|
// The ID of the AWS Firewall Manager policy.
|
|
PolicyId *string `min:"36" type:"string"`
|
|
|
|
// The friendly name of the AWS Firewall Manager policy.
|
|
PolicyName *string `min:"1" type:"string"`
|
|
|
|
// The AWS account that created the AWS Firewall Manager policy.
|
|
PolicyOwner *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicyComplianceStatus) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicyComplianceStatus) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetEvaluationResults sets the EvaluationResults field's value.
|
|
func (s *PolicyComplianceStatus) SetEvaluationResults(v []*EvaluationResult) *PolicyComplianceStatus {
|
|
s.EvaluationResults = v
|
|
return s
|
|
}
|
|
|
|
// SetIssueInfoMap sets the IssueInfoMap field's value.
|
|
func (s *PolicyComplianceStatus) SetIssueInfoMap(v map[string]*string) *PolicyComplianceStatus {
|
|
s.IssueInfoMap = v
|
|
return s
|
|
}
|
|
|
|
// SetLastUpdated sets the LastUpdated field's value.
|
|
func (s *PolicyComplianceStatus) SetLastUpdated(v time.Time) *PolicyComplianceStatus {
|
|
s.LastUpdated = &v
|
|
return s
|
|
}
|
|
|
|
// SetMemberAccount sets the MemberAccount field's value.
|
|
func (s *PolicyComplianceStatus) SetMemberAccount(v string) *PolicyComplianceStatus {
|
|
s.MemberAccount = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *PolicyComplianceStatus) SetPolicyId(v string) *PolicyComplianceStatus {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyName sets the PolicyName field's value.
|
|
func (s *PolicyComplianceStatus) SetPolicyName(v string) *PolicyComplianceStatus {
|
|
s.PolicyName = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyOwner sets the PolicyOwner field's value.
|
|
func (s *PolicyComplianceStatus) SetPolicyOwner(v string) *PolicyComplianceStatus {
|
|
s.PolicyOwner = &v
|
|
return s
|
|
}
|
|
|
|
// Details of the AWS Firewall Manager policy.
|
|
type PolicySummary struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the specified policy.
|
|
PolicyArn *string `min:"1" type:"string"`
|
|
|
|
// The ID of the specified policy.
|
|
PolicyId *string `min:"36" type:"string"`
|
|
|
|
// The friendly name of the specified policy.
|
|
PolicyName *string `min:"1" type:"string"`
|
|
|
|
// Indicates if the policy should be automatically applied to new resources.
|
|
RemediationEnabled *bool `type:"boolean"`
|
|
|
|
// The type of resource to protect with the policy, either an Application Load
|
|
// Balancer or a CloudFront distribution. This is in the format shown in AWS
|
|
// Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html).
|
|
// Valid values are AWS::ElasticLoadBalancingV2::LoadBalancer or AWS::CloudFront::Distribution.
|
|
ResourceType *string `min:"1" type:"string"`
|
|
|
|
// The service that the policy is using to protect the resources. This value
|
|
// is WAF.
|
|
SecurityServiceType *string `type:"string" enum:"SecurityServiceType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PolicySummary) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PolicySummary) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicyArn sets the PolicyArn field's value.
|
|
func (s *PolicySummary) SetPolicyArn(v string) *PolicySummary {
|
|
s.PolicyArn = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyId sets the PolicyId field's value.
|
|
func (s *PolicySummary) SetPolicyId(v string) *PolicySummary {
|
|
s.PolicyId = &v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyName sets the PolicyName field's value.
|
|
func (s *PolicySummary) SetPolicyName(v string) *PolicySummary {
|
|
s.PolicyName = &v
|
|
return s
|
|
}
|
|
|
|
// SetRemediationEnabled sets the RemediationEnabled field's value.
|
|
func (s *PolicySummary) SetRemediationEnabled(v bool) *PolicySummary {
|
|
s.RemediationEnabled = &v
|
|
return s
|
|
}
|
|
|
|
// SetResourceType sets the ResourceType field's value.
|
|
func (s *PolicySummary) SetResourceType(v string) *PolicySummary {
|
|
s.ResourceType = &v
|
|
return s
|
|
}
|
|
|
|
// SetSecurityServiceType sets the SecurityServiceType field's value.
|
|
func (s *PolicySummary) SetSecurityServiceType(v string) *PolicySummary {
|
|
s.SecurityServiceType = &v
|
|
return s
|
|
}
|
|
|
|
type PutNotificationChannelInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to
|
|
// record AWS Firewall Manager activity.
|
|
//
|
|
// SnsRoleName is a required field
|
|
SnsRoleName *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The Amazon Resource Name (ARN) of the SNS topic that collects notifications
|
|
// from AWS Firewall Manager.
|
|
//
|
|
// SnsTopicArn is a required field
|
|
SnsTopicArn *string `min:"1" type:"string" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PutNotificationChannelInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PutNotificationChannelInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *PutNotificationChannelInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "PutNotificationChannelInput"}
|
|
if s.SnsRoleName == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("SnsRoleName"))
|
|
}
|
|
if s.SnsRoleName != nil && len(*s.SnsRoleName) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("SnsRoleName", 1))
|
|
}
|
|
if s.SnsTopicArn == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("SnsTopicArn"))
|
|
}
|
|
if s.SnsTopicArn != nil && len(*s.SnsTopicArn) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("SnsTopicArn", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetSnsRoleName sets the SnsRoleName field's value.
|
|
func (s *PutNotificationChannelInput) SetSnsRoleName(v string) *PutNotificationChannelInput {
|
|
s.SnsRoleName = &v
|
|
return s
|
|
}
|
|
|
|
// SetSnsTopicArn sets the SnsTopicArn field's value.
|
|
func (s *PutNotificationChannelInput) SetSnsTopicArn(v string) *PutNotificationChannelInput {
|
|
s.SnsTopicArn = &v
|
|
return s
|
|
}
|
|
|
|
type PutNotificationChannelOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PutNotificationChannelOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PutNotificationChannelOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
type PutPolicyInput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The details of the AWS Firewall Manager policy to be created.
|
|
//
|
|
// Policy is a required field
|
|
Policy *Policy `type:"structure" required:"true"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PutPolicyInput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PutPolicyInput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *PutPolicyInput) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "PutPolicyInput"}
|
|
if s.Policy == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Policy"))
|
|
}
|
|
if s.Policy != nil {
|
|
if err := s.Policy.Validate(); err != nil {
|
|
invalidParams.AddNested("Policy", err.(request.ErrInvalidParams))
|
|
}
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *PutPolicyInput) SetPolicy(v *Policy) *PutPolicyInput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
type PutPolicyOutput struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The details of the AWS Firewall Manager policy that was created.
|
|
Policy *Policy `type:"structure"`
|
|
|
|
// The Amazon Resource Name (ARN) of the policy that was created.
|
|
PolicyArn *string `min:"1" type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s PutPolicyOutput) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s PutPolicyOutput) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// SetPolicy sets the Policy field's value.
|
|
func (s *PutPolicyOutput) SetPolicy(v *Policy) *PutPolicyOutput {
|
|
s.Policy = v
|
|
return s
|
|
}
|
|
|
|
// SetPolicyArn sets the PolicyArn field's value.
|
|
func (s *PutPolicyOutput) SetPolicyArn(v string) *PutPolicyOutput {
|
|
s.PolicyArn = &v
|
|
return s
|
|
}
|
|
|
|
// The resource tags that AWS Firewall Manager uses to determine if a particular
|
|
// resource should be included or excluded from protection by the AWS Firewall
|
|
// Manager policy. Tags enable you to categorize your AWS resources in different
|
|
// ways, for example, by purpose, owner, or environment. Each tag consists of
|
|
// a key and an optional value, both of which you define. Tags are combined
|
|
// with an "OR." That is, if you add more than one tag, if any of the tags matches,
|
|
// the resource is considered a match for the include or exclude. Working with
|
|
// Tag Editor (https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/tag-editor.html).
|
|
type ResourceTag struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// The resource tag key.
|
|
//
|
|
// Key is a required field
|
|
Key *string `min:"1" type:"string" required:"true"`
|
|
|
|
// The resource tag value.
|
|
Value *string `type:"string"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s ResourceTag) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s ResourceTag) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *ResourceTag) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "ResourceTag"}
|
|
if s.Key == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Key"))
|
|
}
|
|
if s.Key != nil && len(*s.Key) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("Key", 1))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetKey sets the Key field's value.
|
|
func (s *ResourceTag) SetKey(v string) *ResourceTag {
|
|
s.Key = &v
|
|
return s
|
|
}
|
|
|
|
// SetValue sets the Value field's value.
|
|
func (s *ResourceTag) SetValue(v string) *ResourceTag {
|
|
s.Value = &v
|
|
return s
|
|
}
|
|
|
|
// Details about the security service that is being used to protect the resources.
|
|
type SecurityServicePolicyData struct {
|
|
_ struct{} `type:"structure"`
|
|
|
|
// Details about the service. This contains WAF data in JSON format, as shown
|
|
// in the following example:
|
|
//
|
|
// ManagedServiceData": "{\"type\": \"WAF\", \"ruleGroups\": [{\"id\": \"12345678-1bcd-9012-efga-0987654321ab\",
|
|
// \"overrideAction\" : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\":
|
|
// \"BLOCK\"}}
|
|
ManagedServiceData *string `min:"1" type:"string"`
|
|
|
|
// The service that the policy is using to protect the resources. This value
|
|
// is WAF.
|
|
//
|
|
// Type is a required field
|
|
Type *string `type:"string" required:"true" enum:"SecurityServiceType"`
|
|
}
|
|
|
|
// String returns the string representation
|
|
func (s SecurityServicePolicyData) String() string {
|
|
return awsutil.Prettify(s)
|
|
}
|
|
|
|
// GoString returns the string representation
|
|
func (s SecurityServicePolicyData) GoString() string {
|
|
return s.String()
|
|
}
|
|
|
|
// Validate inspects the fields of the type to determine if they are valid.
|
|
func (s *SecurityServicePolicyData) Validate() error {
|
|
invalidParams := request.ErrInvalidParams{Context: "SecurityServicePolicyData"}
|
|
if s.ManagedServiceData != nil && len(*s.ManagedServiceData) < 1 {
|
|
invalidParams.Add(request.NewErrParamMinLen("ManagedServiceData", 1))
|
|
}
|
|
if s.Type == nil {
|
|
invalidParams.Add(request.NewErrParamRequired("Type"))
|
|
}
|
|
|
|
if invalidParams.Len() > 0 {
|
|
return invalidParams
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// SetManagedServiceData sets the ManagedServiceData field's value.
|
|
func (s *SecurityServicePolicyData) SetManagedServiceData(v string) *SecurityServicePolicyData {
|
|
s.ManagedServiceData = &v
|
|
return s
|
|
}
|
|
|
|
// SetType sets the Type field's value.
|
|
func (s *SecurityServicePolicyData) SetType(v string) *SecurityServicePolicyData {
|
|
s.Type = &v
|
|
return s
|
|
}
|
|
|
|
const (
|
|
// AccountRoleStatusReady is a AccountRoleStatus enum value
|
|
AccountRoleStatusReady = "READY"
|
|
|
|
// AccountRoleStatusCreating is a AccountRoleStatus enum value
|
|
AccountRoleStatusCreating = "CREATING"
|
|
|
|
// AccountRoleStatusPendingDeletion is a AccountRoleStatus enum value
|
|
AccountRoleStatusPendingDeletion = "PENDING_DELETION"
|
|
|
|
// AccountRoleStatusDeleting is a AccountRoleStatus enum value
|
|
AccountRoleStatusDeleting = "DELETING"
|
|
|
|
// AccountRoleStatusDeleted is a AccountRoleStatus enum value
|
|
AccountRoleStatusDeleted = "DELETED"
|
|
)
|
|
|
|
const (
|
|
// CustomerPolicyScopeIdTypeAccount is a CustomerPolicyScopeIdType enum value
|
|
CustomerPolicyScopeIdTypeAccount = "ACCOUNT"
|
|
)
|
|
|
|
const (
|
|
// DependentServiceNameAwsconfig is a DependentServiceName enum value
|
|
DependentServiceNameAwsconfig = "AWSCONFIG"
|
|
|
|
// DependentServiceNameAwswaf is a DependentServiceName enum value
|
|
DependentServiceNameAwswaf = "AWSWAF"
|
|
)
|
|
|
|
const (
|
|
// PolicyComplianceStatusTypeCompliant is a PolicyComplianceStatusType enum value
|
|
PolicyComplianceStatusTypeCompliant = "COMPLIANT"
|
|
|
|
// PolicyComplianceStatusTypeNonCompliant is a PolicyComplianceStatusType enum value
|
|
PolicyComplianceStatusTypeNonCompliant = "NON_COMPLIANT"
|
|
)
|
|
|
|
const (
|
|
// SecurityServiceTypeWaf is a SecurityServiceType enum value
|
|
SecurityServiceTypeWaf = "WAF"
|
|
)
|
|
|
|
const (
|
|
// ViolationReasonWebAclMissingRuleGroup is a ViolationReason enum value
|
|
ViolationReasonWebAclMissingRuleGroup = "WEB_ACL_MISSING_RULE_GROUP"
|
|
|
|
// ViolationReasonResourceMissingWebAcl is a ViolationReason enum value
|
|
ViolationReasonResourceMissingWebAcl = "RESOURCE_MISSING_WEB_ACL"
|
|
|
|
// ViolationReasonResourceIncorrectWebAcl is a ViolationReason enum value
|
|
ViolationReasonResourceIncorrectWebAcl = "RESOURCE_INCORRECT_WEB_ACL"
|
|
)
|