1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. 2 3package fms 4 5import ( 6 "fmt" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awsutil" 11 "github.com/aws/aws-sdk-go/aws/request" 12 "github.com/aws/aws-sdk-go/private/protocol" 13 "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" 14) 15 16const opAssociateAdminAccount = "AssociateAdminAccount" 17 18// AssociateAdminAccountRequest generates a "aws/request.Request" representing the 19// client's request for the AssociateAdminAccount operation. The "output" return 20// value will be populated with the request's response once the request completes 21// successfully. 22// 23// Use "Send" method on the returned Request to send the API call to the service. 24// the "output" return value is not valid until after Send returns without error. 25// 26// See AssociateAdminAccount for more information on using the AssociateAdminAccount 27// API call, and error handling. 28// 29// This method is useful when you want to inject custom logic or configuration 30// into the SDK's request lifecycle. Such as custom headers, or retry logic. 31// 32// 33// // Example sending a request using the AssociateAdminAccountRequest method. 34// req, resp := client.AssociateAdminAccountRequest(params) 35// 36// err := req.Send() 37// if err == nil { // resp is now filled 38// fmt.Println(resp) 39// } 40// 41// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount 42func (c *FMS) AssociateAdminAccountRequest(input *AssociateAdminAccountInput) (req *request.Request, output *AssociateAdminAccountOutput) { 43 op := &request.Operation{ 44 Name: opAssociateAdminAccount, 45 HTTPMethod: "POST", 46 HTTPPath: "/", 47 } 48 49 if input == nil { 50 input = &AssociateAdminAccountInput{} 51 } 52 53 output = &AssociateAdminAccountOutput{} 54 req = c.newRequest(op, input, output) 55 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 56 return 57} 58 59// AssociateAdminAccount API operation for Firewall Management Service. 60// 61// Sets the AWS Firewall Manager administrator account. AWS Firewall Manager 62// must be associated with the master account of your AWS organization or associated 63// with a member account that has the appropriate permissions. If the account 64// ID that you submit is not an AWS Organizations master account, AWS Firewall 65// Manager will set the appropriate permissions for the given member account. 66// 67// The account that you associate with AWS Firewall Manager is called the AWS 68// Firewall Manager administrator account. 69// 70// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 71// with awserr.Error's Code and Message methods to get detailed information about 72// the error. 73// 74// See the AWS API reference guide for Firewall Management Service's 75// API operation AssociateAdminAccount for usage and error information. 76// 77// Returned Error Types: 78// * InvalidOperationException 79// The operation failed because there was nothing to do. For example, you might 80// have submitted an AssociateAdminAccount request, but the account ID that 81// you submitted was already set as the AWS Firewall Manager administrator. 82// 83// * InvalidInputException 84// The parameters of the request were invalid. 85// 86// * ResourceNotFoundException 87// The specified resource was not found. 88// 89// * InternalErrorException 90// The operation failed because of a system problem, even though the request 91// was valid. Retry your request. 92// 93// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount 94func (c *FMS) AssociateAdminAccount(input *AssociateAdminAccountInput) (*AssociateAdminAccountOutput, error) { 95 req, out := c.AssociateAdminAccountRequest(input) 96 return out, req.Send() 97} 98 99// AssociateAdminAccountWithContext is the same as AssociateAdminAccount with the addition of 100// the ability to pass a context and additional request options. 101// 102// See AssociateAdminAccount for details on how to use this API operation. 103// 104// The context must be non-nil and will be used for request cancellation. If 105// the context is nil a panic will occur. In the future the SDK may create 106// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 107// for more information on using Contexts. 108func (c *FMS) AssociateAdminAccountWithContext(ctx aws.Context, input *AssociateAdminAccountInput, opts ...request.Option) (*AssociateAdminAccountOutput, error) { 109 req, out := c.AssociateAdminAccountRequest(input) 110 req.SetContext(ctx) 111 req.ApplyOptions(opts...) 112 return out, req.Send() 113} 114 115const opDeleteNotificationChannel = "DeleteNotificationChannel" 116 117// DeleteNotificationChannelRequest generates a "aws/request.Request" representing the 118// client's request for the DeleteNotificationChannel operation. The "output" return 119// value will be populated with the request's response once the request completes 120// successfully. 121// 122// Use "Send" method on the returned Request to send the API call to the service. 123// the "output" return value is not valid until after Send returns without error. 124// 125// See DeleteNotificationChannel for more information on using the DeleteNotificationChannel 126// API call, and error handling. 127// 128// This method is useful when you want to inject custom logic or configuration 129// into the SDK's request lifecycle. Such as custom headers, or retry logic. 130// 131// 132// // Example sending a request using the DeleteNotificationChannelRequest method. 133// req, resp := client.DeleteNotificationChannelRequest(params) 134// 135// err := req.Send() 136// if err == nil { // resp is now filled 137// fmt.Println(resp) 138// } 139// 140// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel 141func (c *FMS) DeleteNotificationChannelRequest(input *DeleteNotificationChannelInput) (req *request.Request, output *DeleteNotificationChannelOutput) { 142 op := &request.Operation{ 143 Name: opDeleteNotificationChannel, 144 HTTPMethod: "POST", 145 HTTPPath: "/", 146 } 147 148 if input == nil { 149 input = &DeleteNotificationChannelInput{} 150 } 151 152 output = &DeleteNotificationChannelOutput{} 153 req = c.newRequest(op, input, output) 154 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 155 return 156} 157 158// DeleteNotificationChannel API operation for Firewall Management Service. 159// 160// Deletes an AWS Firewall Manager association with the IAM role and the Amazon 161// Simple Notification Service (SNS) topic that is used to record AWS Firewall 162// Manager SNS logs. 163// 164// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 165// with awserr.Error's Code and Message methods to get detailed information about 166// the error. 167// 168// See the AWS API reference guide for Firewall Management Service's 169// API operation DeleteNotificationChannel for usage and error information. 170// 171// Returned Error Types: 172// * ResourceNotFoundException 173// The specified resource was not found. 174// 175// * InvalidOperationException 176// The operation failed because there was nothing to do. For example, you might 177// have submitted an AssociateAdminAccount request, but the account ID that 178// you submitted was already set as the AWS Firewall Manager administrator. 179// 180// * InternalErrorException 181// The operation failed because of a system problem, even though the request 182// was valid. Retry your request. 183// 184// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel 185func (c *FMS) DeleteNotificationChannel(input *DeleteNotificationChannelInput) (*DeleteNotificationChannelOutput, error) { 186 req, out := c.DeleteNotificationChannelRequest(input) 187 return out, req.Send() 188} 189 190// DeleteNotificationChannelWithContext is the same as DeleteNotificationChannel with the addition of 191// the ability to pass a context and additional request options. 192// 193// See DeleteNotificationChannel for details on how to use this API operation. 194// 195// The context must be non-nil and will be used for request cancellation. If 196// the context is nil a panic will occur. In the future the SDK may create 197// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 198// for more information on using Contexts. 199func (c *FMS) DeleteNotificationChannelWithContext(ctx aws.Context, input *DeleteNotificationChannelInput, opts ...request.Option) (*DeleteNotificationChannelOutput, error) { 200 req, out := c.DeleteNotificationChannelRequest(input) 201 req.SetContext(ctx) 202 req.ApplyOptions(opts...) 203 return out, req.Send() 204} 205 206const opDeletePolicy = "DeletePolicy" 207 208// DeletePolicyRequest generates a "aws/request.Request" representing the 209// client's request for the DeletePolicy operation. The "output" return 210// value will be populated with the request's response once the request completes 211// successfully. 212// 213// Use "Send" method on the returned Request to send the API call to the service. 214// the "output" return value is not valid until after Send returns without error. 215// 216// See DeletePolicy for more information on using the DeletePolicy 217// API call, and error handling. 218// 219// This method is useful when you want to inject custom logic or configuration 220// into the SDK's request lifecycle. Such as custom headers, or retry logic. 221// 222// 223// // Example sending a request using the DeletePolicyRequest method. 224// req, resp := client.DeletePolicyRequest(params) 225// 226// err := req.Send() 227// if err == nil { // resp is now filled 228// fmt.Println(resp) 229// } 230// 231// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy 232func (c *FMS) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { 233 op := &request.Operation{ 234 Name: opDeletePolicy, 235 HTTPMethod: "POST", 236 HTTPPath: "/", 237 } 238 239 if input == nil { 240 input = &DeletePolicyInput{} 241 } 242 243 output = &DeletePolicyOutput{} 244 req = c.newRequest(op, input, output) 245 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 246 return 247} 248 249// DeletePolicy API operation for Firewall Management Service. 250// 251// Permanently deletes an AWS Firewall Manager policy. 252// 253// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 254// with awserr.Error's Code and Message methods to get detailed information about 255// the error. 256// 257// See the AWS API reference guide for Firewall Management Service's 258// API operation DeletePolicy for usage and error information. 259// 260// Returned Error Types: 261// * ResourceNotFoundException 262// The specified resource was not found. 263// 264// * InvalidOperationException 265// The operation failed because there was nothing to do. For example, you might 266// have submitted an AssociateAdminAccount request, but the account ID that 267// you submitted was already set as the AWS Firewall Manager administrator. 268// 269// * InternalErrorException 270// The operation failed because of a system problem, even though the request 271// was valid. Retry your request. 272// 273// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy 274func (c *FMS) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { 275 req, out := c.DeletePolicyRequest(input) 276 return out, req.Send() 277} 278 279// DeletePolicyWithContext is the same as DeletePolicy with the addition of 280// the ability to pass a context and additional request options. 281// 282// See DeletePolicy for details on how to use this API operation. 283// 284// The context must be non-nil and will be used for request cancellation. If 285// the context is nil a panic will occur. In the future the SDK may create 286// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 287// for more information on using Contexts. 288func (c *FMS) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) { 289 req, out := c.DeletePolicyRequest(input) 290 req.SetContext(ctx) 291 req.ApplyOptions(opts...) 292 return out, req.Send() 293} 294 295const opDisassociateAdminAccount = "DisassociateAdminAccount" 296 297// DisassociateAdminAccountRequest generates a "aws/request.Request" representing the 298// client's request for the DisassociateAdminAccount operation. The "output" return 299// value will be populated with the request's response once the request completes 300// successfully. 301// 302// Use "Send" method on the returned Request to send the API call to the service. 303// the "output" return value is not valid until after Send returns without error. 304// 305// See DisassociateAdminAccount for more information on using the DisassociateAdminAccount 306// API call, and error handling. 307// 308// This method is useful when you want to inject custom logic or configuration 309// into the SDK's request lifecycle. Such as custom headers, or retry logic. 310// 311// 312// // Example sending a request using the DisassociateAdminAccountRequest method. 313// req, resp := client.DisassociateAdminAccountRequest(params) 314// 315// err := req.Send() 316// if err == nil { // resp is now filled 317// fmt.Println(resp) 318// } 319// 320// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount 321func (c *FMS) DisassociateAdminAccountRequest(input *DisassociateAdminAccountInput) (req *request.Request, output *DisassociateAdminAccountOutput) { 322 op := &request.Operation{ 323 Name: opDisassociateAdminAccount, 324 HTTPMethod: "POST", 325 HTTPPath: "/", 326 } 327 328 if input == nil { 329 input = &DisassociateAdminAccountInput{} 330 } 331 332 output = &DisassociateAdminAccountOutput{} 333 req = c.newRequest(op, input, output) 334 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 335 return 336} 337 338// DisassociateAdminAccount API operation for Firewall Management Service. 339// 340// Disassociates the account that has been set as the AWS Firewall Manager administrator 341// account. To set a different account as the administrator account, you must 342// submit an AssociateAdminAccount request. 343// 344// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 345// with awserr.Error's Code and Message methods to get detailed information about 346// the error. 347// 348// See the AWS API reference guide for Firewall Management Service's 349// API operation DisassociateAdminAccount for usage and error information. 350// 351// Returned Error Types: 352// * InvalidOperationException 353// The operation failed because there was nothing to do. For example, you might 354// have submitted an AssociateAdminAccount request, but the account ID that 355// you submitted was already set as the AWS Firewall Manager administrator. 356// 357// * ResourceNotFoundException 358// The specified resource was not found. 359// 360// * InternalErrorException 361// The operation failed because of a system problem, even though the request 362// was valid. Retry your request. 363// 364// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount 365func (c *FMS) DisassociateAdminAccount(input *DisassociateAdminAccountInput) (*DisassociateAdminAccountOutput, error) { 366 req, out := c.DisassociateAdminAccountRequest(input) 367 return out, req.Send() 368} 369 370// DisassociateAdminAccountWithContext is the same as DisassociateAdminAccount with the addition of 371// the ability to pass a context and additional request options. 372// 373// See DisassociateAdminAccount for details on how to use this API operation. 374// 375// The context must be non-nil and will be used for request cancellation. If 376// the context is nil a panic will occur. In the future the SDK may create 377// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 378// for more information on using Contexts. 379func (c *FMS) DisassociateAdminAccountWithContext(ctx aws.Context, input *DisassociateAdminAccountInput, opts ...request.Option) (*DisassociateAdminAccountOutput, error) { 380 req, out := c.DisassociateAdminAccountRequest(input) 381 req.SetContext(ctx) 382 req.ApplyOptions(opts...) 383 return out, req.Send() 384} 385 386const opGetAdminAccount = "GetAdminAccount" 387 388// GetAdminAccountRequest generates a "aws/request.Request" representing the 389// client's request for the GetAdminAccount operation. The "output" return 390// value will be populated with the request's response once the request completes 391// successfully. 392// 393// Use "Send" method on the returned Request to send the API call to the service. 394// the "output" return value is not valid until after Send returns without error. 395// 396// See GetAdminAccount for more information on using the GetAdminAccount 397// API call, and error handling. 398// 399// This method is useful when you want to inject custom logic or configuration 400// into the SDK's request lifecycle. Such as custom headers, or retry logic. 401// 402// 403// // Example sending a request using the GetAdminAccountRequest method. 404// req, resp := client.GetAdminAccountRequest(params) 405// 406// err := req.Send() 407// if err == nil { // resp is now filled 408// fmt.Println(resp) 409// } 410// 411// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount 412func (c *FMS) GetAdminAccountRequest(input *GetAdminAccountInput) (req *request.Request, output *GetAdminAccountOutput) { 413 op := &request.Operation{ 414 Name: opGetAdminAccount, 415 HTTPMethod: "POST", 416 HTTPPath: "/", 417 } 418 419 if input == nil { 420 input = &GetAdminAccountInput{} 421 } 422 423 output = &GetAdminAccountOutput{} 424 req = c.newRequest(op, input, output) 425 return 426} 427 428// GetAdminAccount API operation for Firewall Management Service. 429// 430// Returns the AWS Organizations master account that is associated with AWS 431// Firewall Manager as the AWS Firewall Manager administrator. 432// 433// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 434// with awserr.Error's Code and Message methods to get detailed information about 435// the error. 436// 437// See the AWS API reference guide for Firewall Management Service's 438// API operation GetAdminAccount for usage and error information. 439// 440// Returned Error Types: 441// * InvalidOperationException 442// The operation failed because there was nothing to do. For example, you might 443// have submitted an AssociateAdminAccount request, but the account ID that 444// you submitted was already set as the AWS Firewall Manager administrator. 445// 446// * ResourceNotFoundException 447// The specified resource was not found. 448// 449// * InternalErrorException 450// The operation failed because of a system problem, even though the request 451// was valid. Retry your request. 452// 453// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount 454func (c *FMS) GetAdminAccount(input *GetAdminAccountInput) (*GetAdminAccountOutput, error) { 455 req, out := c.GetAdminAccountRequest(input) 456 return out, req.Send() 457} 458 459// GetAdminAccountWithContext is the same as GetAdminAccount with the addition of 460// the ability to pass a context and additional request options. 461// 462// See GetAdminAccount for details on how to use this API operation. 463// 464// The context must be non-nil and will be used for request cancellation. If 465// the context is nil a panic will occur. In the future the SDK may create 466// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 467// for more information on using Contexts. 468func (c *FMS) GetAdminAccountWithContext(ctx aws.Context, input *GetAdminAccountInput, opts ...request.Option) (*GetAdminAccountOutput, error) { 469 req, out := c.GetAdminAccountRequest(input) 470 req.SetContext(ctx) 471 req.ApplyOptions(opts...) 472 return out, req.Send() 473} 474 475const opGetComplianceDetail = "GetComplianceDetail" 476 477// GetComplianceDetailRequest generates a "aws/request.Request" representing the 478// client's request for the GetComplianceDetail operation. The "output" return 479// value will be populated with the request's response once the request completes 480// successfully. 481// 482// Use "Send" method on the returned Request to send the API call to the service. 483// the "output" return value is not valid until after Send returns without error. 484// 485// See GetComplianceDetail for more information on using the GetComplianceDetail 486// API call, and error handling. 487// 488// This method is useful when you want to inject custom logic or configuration 489// into the SDK's request lifecycle. Such as custom headers, or retry logic. 490// 491// 492// // Example sending a request using the GetComplianceDetailRequest method. 493// req, resp := client.GetComplianceDetailRequest(params) 494// 495// err := req.Send() 496// if err == nil { // resp is now filled 497// fmt.Println(resp) 498// } 499// 500// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail 501func (c *FMS) GetComplianceDetailRequest(input *GetComplianceDetailInput) (req *request.Request, output *GetComplianceDetailOutput) { 502 op := &request.Operation{ 503 Name: opGetComplianceDetail, 504 HTTPMethod: "POST", 505 HTTPPath: "/", 506 } 507 508 if input == nil { 509 input = &GetComplianceDetailInput{} 510 } 511 512 output = &GetComplianceDetailOutput{} 513 req = c.newRequest(op, input, output) 514 return 515} 516 517// GetComplianceDetail API operation for Firewall Management Service. 518// 519// Returns detailed compliance information about the specified member account. 520// Details include resources that are in and out of compliance with the specified 521// policy. Resources are considered noncompliant for AWS WAF and Shield Advanced 522// policies if the specified policy has not been applied to them. Resources 523// are considered noncompliant for security group policies if they are in scope 524// of the policy, they violate one or more of the policy rules, and remediation 525// is disabled or not possible. 526// 527// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 528// with awserr.Error's Code and Message methods to get detailed information about 529// the error. 530// 531// See the AWS API reference guide for Firewall Management Service's 532// API operation GetComplianceDetail for usage and error information. 533// 534// Returned Error Types: 535// * ResourceNotFoundException 536// The specified resource was not found. 537// 538// * InternalErrorException 539// The operation failed because of a system problem, even though the request 540// was valid. Retry your request. 541// 542// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail 543func (c *FMS) GetComplianceDetail(input *GetComplianceDetailInput) (*GetComplianceDetailOutput, error) { 544 req, out := c.GetComplianceDetailRequest(input) 545 return out, req.Send() 546} 547 548// GetComplianceDetailWithContext is the same as GetComplianceDetail with the addition of 549// the ability to pass a context and additional request options. 550// 551// See GetComplianceDetail for details on how to use this API operation. 552// 553// The context must be non-nil and will be used for request cancellation. If 554// the context is nil a panic will occur. In the future the SDK may create 555// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 556// for more information on using Contexts. 557func (c *FMS) GetComplianceDetailWithContext(ctx aws.Context, input *GetComplianceDetailInput, opts ...request.Option) (*GetComplianceDetailOutput, error) { 558 req, out := c.GetComplianceDetailRequest(input) 559 req.SetContext(ctx) 560 req.ApplyOptions(opts...) 561 return out, req.Send() 562} 563 564const opGetNotificationChannel = "GetNotificationChannel" 565 566// GetNotificationChannelRequest generates a "aws/request.Request" representing the 567// client's request for the GetNotificationChannel operation. The "output" return 568// value will be populated with the request's response once the request completes 569// successfully. 570// 571// Use "Send" method on the returned Request to send the API call to the service. 572// the "output" return value is not valid until after Send returns without error. 573// 574// See GetNotificationChannel for more information on using the GetNotificationChannel 575// API call, and error handling. 576// 577// This method is useful when you want to inject custom logic or configuration 578// into the SDK's request lifecycle. Such as custom headers, or retry logic. 579// 580// 581// // Example sending a request using the GetNotificationChannelRequest method. 582// req, resp := client.GetNotificationChannelRequest(params) 583// 584// err := req.Send() 585// if err == nil { // resp is now filled 586// fmt.Println(resp) 587// } 588// 589// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel 590func (c *FMS) GetNotificationChannelRequest(input *GetNotificationChannelInput) (req *request.Request, output *GetNotificationChannelOutput) { 591 op := &request.Operation{ 592 Name: opGetNotificationChannel, 593 HTTPMethod: "POST", 594 HTTPPath: "/", 595 } 596 597 if input == nil { 598 input = &GetNotificationChannelInput{} 599 } 600 601 output = &GetNotificationChannelOutput{} 602 req = c.newRequest(op, input, output) 603 return 604} 605 606// GetNotificationChannel API operation for Firewall Management Service. 607// 608// Information about the Amazon Simple Notification Service (SNS) topic that 609// is used to record AWS Firewall Manager SNS logs. 610// 611// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 612// with awserr.Error's Code and Message methods to get detailed information about 613// the error. 614// 615// See the AWS API reference guide for Firewall Management Service's 616// API operation GetNotificationChannel for usage and error information. 617// 618// Returned Error Types: 619// * ResourceNotFoundException 620// The specified resource was not found. 621// 622// * InvalidOperationException 623// The operation failed because there was nothing to do. For example, you might 624// have submitted an AssociateAdminAccount request, but the account ID that 625// you submitted was already set as the AWS Firewall Manager administrator. 626// 627// * InternalErrorException 628// The operation failed because of a system problem, even though the request 629// was valid. Retry your request. 630// 631// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel 632func (c *FMS) GetNotificationChannel(input *GetNotificationChannelInput) (*GetNotificationChannelOutput, error) { 633 req, out := c.GetNotificationChannelRequest(input) 634 return out, req.Send() 635} 636 637// GetNotificationChannelWithContext is the same as GetNotificationChannel with the addition of 638// the ability to pass a context and additional request options. 639// 640// See GetNotificationChannel for details on how to use this API operation. 641// 642// The context must be non-nil and will be used for request cancellation. If 643// the context is nil a panic will occur. In the future the SDK may create 644// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 645// for more information on using Contexts. 646func (c *FMS) GetNotificationChannelWithContext(ctx aws.Context, input *GetNotificationChannelInput, opts ...request.Option) (*GetNotificationChannelOutput, error) { 647 req, out := c.GetNotificationChannelRequest(input) 648 req.SetContext(ctx) 649 req.ApplyOptions(opts...) 650 return out, req.Send() 651} 652 653const opGetPolicy = "GetPolicy" 654 655// GetPolicyRequest generates a "aws/request.Request" representing the 656// client's request for the GetPolicy operation. The "output" return 657// value will be populated with the request's response once the request completes 658// successfully. 659// 660// Use "Send" method on the returned Request to send the API call to the service. 661// the "output" return value is not valid until after Send returns without error. 662// 663// See GetPolicy for more information on using the GetPolicy 664// API call, and error handling. 665// 666// This method is useful when you want to inject custom logic or configuration 667// into the SDK's request lifecycle. Such as custom headers, or retry logic. 668// 669// 670// // Example sending a request using the GetPolicyRequest method. 671// req, resp := client.GetPolicyRequest(params) 672// 673// err := req.Send() 674// if err == nil { // resp is now filled 675// fmt.Println(resp) 676// } 677// 678// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy 679func (c *FMS) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) { 680 op := &request.Operation{ 681 Name: opGetPolicy, 682 HTTPMethod: "POST", 683 HTTPPath: "/", 684 } 685 686 if input == nil { 687 input = &GetPolicyInput{} 688 } 689 690 output = &GetPolicyOutput{} 691 req = c.newRequest(op, input, output) 692 return 693} 694 695// GetPolicy API operation for Firewall Management Service. 696// 697// Returns information about the specified AWS Firewall Manager policy. 698// 699// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 700// with awserr.Error's Code and Message methods to get detailed information about 701// the error. 702// 703// See the AWS API reference guide for Firewall Management Service's 704// API operation GetPolicy for usage and error information. 705// 706// Returned Error Types: 707// * ResourceNotFoundException 708// The specified resource was not found. 709// 710// * InvalidOperationException 711// The operation failed because there was nothing to do. For example, you might 712// have submitted an AssociateAdminAccount request, but the account ID that 713// you submitted was already set as the AWS Firewall Manager administrator. 714// 715// * InternalErrorException 716// The operation failed because of a system problem, even though the request 717// was valid. Retry your request. 718// 719// * InvalidTypeException 720// The value of the Type parameter is invalid. 721// 722// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy 723func (c *FMS) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) { 724 req, out := c.GetPolicyRequest(input) 725 return out, req.Send() 726} 727 728// GetPolicyWithContext is the same as GetPolicy with the addition of 729// the ability to pass a context and additional request options. 730// 731// See GetPolicy for details on how to use this API operation. 732// 733// The context must be non-nil and will be used for request cancellation. If 734// the context is nil a panic will occur. In the future the SDK may create 735// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 736// for more information on using Contexts. 737func (c *FMS) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) { 738 req, out := c.GetPolicyRequest(input) 739 req.SetContext(ctx) 740 req.ApplyOptions(opts...) 741 return out, req.Send() 742} 743 744const opGetProtectionStatus = "GetProtectionStatus" 745 746// GetProtectionStatusRequest generates a "aws/request.Request" representing the 747// client's request for the GetProtectionStatus operation. The "output" return 748// value will be populated with the request's response once the request completes 749// successfully. 750// 751// Use "Send" method on the returned Request to send the API call to the service. 752// the "output" return value is not valid until after Send returns without error. 753// 754// See GetProtectionStatus for more information on using the GetProtectionStatus 755// API call, and error handling. 756// 757// This method is useful when you want to inject custom logic or configuration 758// into the SDK's request lifecycle. Such as custom headers, or retry logic. 759// 760// 761// // Example sending a request using the GetProtectionStatusRequest method. 762// req, resp := client.GetProtectionStatusRequest(params) 763// 764// err := req.Send() 765// if err == nil { // resp is now filled 766// fmt.Println(resp) 767// } 768// 769// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtectionStatus 770func (c *FMS) GetProtectionStatusRequest(input *GetProtectionStatusInput) (req *request.Request, output *GetProtectionStatusOutput) { 771 op := &request.Operation{ 772 Name: opGetProtectionStatus, 773 HTTPMethod: "POST", 774 HTTPPath: "/", 775 } 776 777 if input == nil { 778 input = &GetProtectionStatusInput{} 779 } 780 781 output = &GetProtectionStatusOutput{} 782 req = c.newRequest(op, input, output) 783 return 784} 785 786// GetProtectionStatus API operation for Firewall Management Service. 787// 788// If you created a Shield Advanced policy, returns policy-level attack summary 789// information in the event of a potential DDoS attack. Other policy types are 790// currently unsupported. 791// 792// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 793// with awserr.Error's Code and Message methods to get detailed information about 794// the error. 795// 796// See the AWS API reference guide for Firewall Management Service's 797// API operation GetProtectionStatus for usage and error information. 798// 799// Returned Error Types: 800// * InvalidInputException 801// The parameters of the request were invalid. 802// 803// * ResourceNotFoundException 804// The specified resource was not found. 805// 806// * InternalErrorException 807// The operation failed because of a system problem, even though the request 808// was valid. Retry your request. 809// 810// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtectionStatus 811func (c *FMS) GetProtectionStatus(input *GetProtectionStatusInput) (*GetProtectionStatusOutput, error) { 812 req, out := c.GetProtectionStatusRequest(input) 813 return out, req.Send() 814} 815 816// GetProtectionStatusWithContext is the same as GetProtectionStatus with the addition of 817// the ability to pass a context and additional request options. 818// 819// See GetProtectionStatus for details on how to use this API operation. 820// 821// The context must be non-nil and will be used for request cancellation. If 822// the context is nil a panic will occur. In the future the SDK may create 823// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 824// for more information on using Contexts. 825func (c *FMS) GetProtectionStatusWithContext(ctx aws.Context, input *GetProtectionStatusInput, opts ...request.Option) (*GetProtectionStatusOutput, error) { 826 req, out := c.GetProtectionStatusRequest(input) 827 req.SetContext(ctx) 828 req.ApplyOptions(opts...) 829 return out, req.Send() 830} 831 832const opListComplianceStatus = "ListComplianceStatus" 833 834// ListComplianceStatusRequest generates a "aws/request.Request" representing the 835// client's request for the ListComplianceStatus operation. The "output" return 836// value will be populated with the request's response once the request completes 837// successfully. 838// 839// Use "Send" method on the returned Request to send the API call to the service. 840// the "output" return value is not valid until after Send returns without error. 841// 842// See ListComplianceStatus for more information on using the ListComplianceStatus 843// API call, and error handling. 844// 845// This method is useful when you want to inject custom logic or configuration 846// into the SDK's request lifecycle. Such as custom headers, or retry logic. 847// 848// 849// // Example sending a request using the ListComplianceStatusRequest method. 850// req, resp := client.ListComplianceStatusRequest(params) 851// 852// err := req.Send() 853// if err == nil { // resp is now filled 854// fmt.Println(resp) 855// } 856// 857// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus 858func (c *FMS) ListComplianceStatusRequest(input *ListComplianceStatusInput) (req *request.Request, output *ListComplianceStatusOutput) { 859 op := &request.Operation{ 860 Name: opListComplianceStatus, 861 HTTPMethod: "POST", 862 HTTPPath: "/", 863 Paginator: &request.Paginator{ 864 InputTokens: []string{"NextToken"}, 865 OutputTokens: []string{"NextToken"}, 866 LimitToken: "MaxResults", 867 TruncationToken: "", 868 }, 869 } 870 871 if input == nil { 872 input = &ListComplianceStatusInput{} 873 } 874 875 output = &ListComplianceStatusOutput{} 876 req = c.newRequest(op, input, output) 877 return 878} 879 880// ListComplianceStatus API operation for Firewall Management Service. 881// 882// Returns an array of PolicyComplianceStatus objects in the response. Use PolicyComplianceStatus 883// to get a summary of which member accounts are protected by the specified 884// policy. 885// 886// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 887// with awserr.Error's Code and Message methods to get detailed information about 888// the error. 889// 890// See the AWS API reference guide for Firewall Management Service's 891// API operation ListComplianceStatus for usage and error information. 892// 893// Returned Error Types: 894// * ResourceNotFoundException 895// The specified resource was not found. 896// 897// * InternalErrorException 898// The operation failed because of a system problem, even though the request 899// was valid. Retry your request. 900// 901// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus 902func (c *FMS) ListComplianceStatus(input *ListComplianceStatusInput) (*ListComplianceStatusOutput, error) { 903 req, out := c.ListComplianceStatusRequest(input) 904 return out, req.Send() 905} 906 907// ListComplianceStatusWithContext is the same as ListComplianceStatus with the addition of 908// the ability to pass a context and additional request options. 909// 910// See ListComplianceStatus for details on how to use this API operation. 911// 912// The context must be non-nil and will be used for request cancellation. If 913// the context is nil a panic will occur. In the future the SDK may create 914// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 915// for more information on using Contexts. 916func (c *FMS) ListComplianceStatusWithContext(ctx aws.Context, input *ListComplianceStatusInput, opts ...request.Option) (*ListComplianceStatusOutput, error) { 917 req, out := c.ListComplianceStatusRequest(input) 918 req.SetContext(ctx) 919 req.ApplyOptions(opts...) 920 return out, req.Send() 921} 922 923// ListComplianceStatusPages iterates over the pages of a ListComplianceStatus operation, 924// calling the "fn" function with the response data for each page. To stop 925// iterating, return false from the fn function. 926// 927// See ListComplianceStatus method for more information on how to use this operation. 928// 929// Note: This operation can generate multiple requests to a service. 930// 931// // Example iterating over at most 3 pages of a ListComplianceStatus operation. 932// pageNum := 0 933// err := client.ListComplianceStatusPages(params, 934// func(page *fms.ListComplianceStatusOutput, lastPage bool) bool { 935// pageNum++ 936// fmt.Println(page) 937// return pageNum <= 3 938// }) 939// 940func (c *FMS) ListComplianceStatusPages(input *ListComplianceStatusInput, fn func(*ListComplianceStatusOutput, bool) bool) error { 941 return c.ListComplianceStatusPagesWithContext(aws.BackgroundContext(), input, fn) 942} 943 944// ListComplianceStatusPagesWithContext same as ListComplianceStatusPages except 945// it takes a Context and allows setting request options on the pages. 946// 947// The context must be non-nil and will be used for request cancellation. If 948// the context is nil a panic will occur. In the future the SDK may create 949// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 950// for more information on using Contexts. 951func (c *FMS) ListComplianceStatusPagesWithContext(ctx aws.Context, input *ListComplianceStatusInput, fn func(*ListComplianceStatusOutput, bool) bool, opts ...request.Option) error { 952 p := request.Pagination{ 953 NewRequest: func() (*request.Request, error) { 954 var inCpy *ListComplianceStatusInput 955 if input != nil { 956 tmp := *input 957 inCpy = &tmp 958 } 959 req, _ := c.ListComplianceStatusRequest(inCpy) 960 req.SetContext(ctx) 961 req.ApplyOptions(opts...) 962 return req, nil 963 }, 964 } 965 966 for p.Next() { 967 if !fn(p.Page().(*ListComplianceStatusOutput), !p.HasNextPage()) { 968 break 969 } 970 } 971 972 return p.Err() 973} 974 975const opListMemberAccounts = "ListMemberAccounts" 976 977// ListMemberAccountsRequest generates a "aws/request.Request" representing the 978// client's request for the ListMemberAccounts operation. The "output" return 979// value will be populated with the request's response once the request completes 980// successfully. 981// 982// Use "Send" method on the returned Request to send the API call to the service. 983// the "output" return value is not valid until after Send returns without error. 984// 985// See ListMemberAccounts for more information on using the ListMemberAccounts 986// API call, and error handling. 987// 988// This method is useful when you want to inject custom logic or configuration 989// into the SDK's request lifecycle. Such as custom headers, or retry logic. 990// 991// 992// // Example sending a request using the ListMemberAccountsRequest method. 993// req, resp := client.ListMemberAccountsRequest(params) 994// 995// err := req.Send() 996// if err == nil { // resp is now filled 997// fmt.Println(resp) 998// } 999// 1000// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts 1001func (c *FMS) ListMemberAccountsRequest(input *ListMemberAccountsInput) (req *request.Request, output *ListMemberAccountsOutput) { 1002 op := &request.Operation{ 1003 Name: opListMemberAccounts, 1004 HTTPMethod: "POST", 1005 HTTPPath: "/", 1006 Paginator: &request.Paginator{ 1007 InputTokens: []string{"NextToken"}, 1008 OutputTokens: []string{"NextToken"}, 1009 LimitToken: "MaxResults", 1010 TruncationToken: "", 1011 }, 1012 } 1013 1014 if input == nil { 1015 input = &ListMemberAccountsInput{} 1016 } 1017 1018 output = &ListMemberAccountsOutput{} 1019 req = c.newRequest(op, input, output) 1020 return 1021} 1022 1023// ListMemberAccounts API operation for Firewall Management Service. 1024// 1025// Returns a MemberAccounts object that lists the member accounts in the administrator's 1026// AWS organization. 1027// 1028// The ListMemberAccounts must be submitted by the account that is set as the 1029// AWS Firewall Manager administrator. 1030// 1031// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1032// with awserr.Error's Code and Message methods to get detailed information about 1033// the error. 1034// 1035// See the AWS API reference guide for Firewall Management Service's 1036// API operation ListMemberAccounts for usage and error information. 1037// 1038// Returned Error Types: 1039// * ResourceNotFoundException 1040// The specified resource was not found. 1041// 1042// * InternalErrorException 1043// The operation failed because of a system problem, even though the request 1044// was valid. Retry your request. 1045// 1046// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts 1047func (c *FMS) ListMemberAccounts(input *ListMemberAccountsInput) (*ListMemberAccountsOutput, error) { 1048 req, out := c.ListMemberAccountsRequest(input) 1049 return out, req.Send() 1050} 1051 1052// ListMemberAccountsWithContext is the same as ListMemberAccounts with the addition of 1053// the ability to pass a context and additional request options. 1054// 1055// See ListMemberAccounts for details on how to use this API operation. 1056// 1057// The context must be non-nil and will be used for request cancellation. If 1058// the context is nil a panic will occur. In the future the SDK may create 1059// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1060// for more information on using Contexts. 1061func (c *FMS) ListMemberAccountsWithContext(ctx aws.Context, input *ListMemberAccountsInput, opts ...request.Option) (*ListMemberAccountsOutput, error) { 1062 req, out := c.ListMemberAccountsRequest(input) 1063 req.SetContext(ctx) 1064 req.ApplyOptions(opts...) 1065 return out, req.Send() 1066} 1067 1068// ListMemberAccountsPages iterates over the pages of a ListMemberAccounts operation, 1069// calling the "fn" function with the response data for each page. To stop 1070// iterating, return false from the fn function. 1071// 1072// See ListMemberAccounts method for more information on how to use this operation. 1073// 1074// Note: This operation can generate multiple requests to a service. 1075// 1076// // Example iterating over at most 3 pages of a ListMemberAccounts operation. 1077// pageNum := 0 1078// err := client.ListMemberAccountsPages(params, 1079// func(page *fms.ListMemberAccountsOutput, lastPage bool) bool { 1080// pageNum++ 1081// fmt.Println(page) 1082// return pageNum <= 3 1083// }) 1084// 1085func (c *FMS) ListMemberAccountsPages(input *ListMemberAccountsInput, fn func(*ListMemberAccountsOutput, bool) bool) error { 1086 return c.ListMemberAccountsPagesWithContext(aws.BackgroundContext(), input, fn) 1087} 1088 1089// ListMemberAccountsPagesWithContext same as ListMemberAccountsPages except 1090// it takes a Context and allows setting request options on the pages. 1091// 1092// The context must be non-nil and will be used for request cancellation. If 1093// the context is nil a panic will occur. In the future the SDK may create 1094// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1095// for more information on using Contexts. 1096func (c *FMS) ListMemberAccountsPagesWithContext(ctx aws.Context, input *ListMemberAccountsInput, fn func(*ListMemberAccountsOutput, bool) bool, opts ...request.Option) error { 1097 p := request.Pagination{ 1098 NewRequest: func() (*request.Request, error) { 1099 var inCpy *ListMemberAccountsInput 1100 if input != nil { 1101 tmp := *input 1102 inCpy = &tmp 1103 } 1104 req, _ := c.ListMemberAccountsRequest(inCpy) 1105 req.SetContext(ctx) 1106 req.ApplyOptions(opts...) 1107 return req, nil 1108 }, 1109 } 1110 1111 for p.Next() { 1112 if !fn(p.Page().(*ListMemberAccountsOutput), !p.HasNextPage()) { 1113 break 1114 } 1115 } 1116 1117 return p.Err() 1118} 1119 1120const opListPolicies = "ListPolicies" 1121 1122// ListPoliciesRequest generates a "aws/request.Request" representing the 1123// client's request for the ListPolicies operation. The "output" return 1124// value will be populated with the request's response once the request completes 1125// successfully. 1126// 1127// Use "Send" method on the returned Request to send the API call to the service. 1128// the "output" return value is not valid until after Send returns without error. 1129// 1130// See ListPolicies for more information on using the ListPolicies 1131// API call, and error handling. 1132// 1133// This method is useful when you want to inject custom logic or configuration 1134// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1135// 1136// 1137// // Example sending a request using the ListPoliciesRequest method. 1138// req, resp := client.ListPoliciesRequest(params) 1139// 1140// err := req.Send() 1141// if err == nil { // resp is now filled 1142// fmt.Println(resp) 1143// } 1144// 1145// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies 1146func (c *FMS) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { 1147 op := &request.Operation{ 1148 Name: opListPolicies, 1149 HTTPMethod: "POST", 1150 HTTPPath: "/", 1151 Paginator: &request.Paginator{ 1152 InputTokens: []string{"NextToken"}, 1153 OutputTokens: []string{"NextToken"}, 1154 LimitToken: "MaxResults", 1155 TruncationToken: "", 1156 }, 1157 } 1158 1159 if input == nil { 1160 input = &ListPoliciesInput{} 1161 } 1162 1163 output = &ListPoliciesOutput{} 1164 req = c.newRequest(op, input, output) 1165 return 1166} 1167 1168// ListPolicies API operation for Firewall Management Service. 1169// 1170// Returns an array of PolicySummary objects in the response. 1171// 1172// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1173// with awserr.Error's Code and Message methods to get detailed information about 1174// the error. 1175// 1176// See the AWS API reference guide for Firewall Management Service's 1177// API operation ListPolicies for usage and error information. 1178// 1179// Returned Error Types: 1180// * ResourceNotFoundException 1181// The specified resource was not found. 1182// 1183// * InvalidOperationException 1184// The operation failed because there was nothing to do. For example, you might 1185// have submitted an AssociateAdminAccount request, but the account ID that 1186// you submitted was already set as the AWS Firewall Manager administrator. 1187// 1188// * LimitExceededException 1189// The operation exceeds a resource limit, for example, the maximum number of 1190// policy objects that you can create for an AWS account. For more information, 1191// see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 1192// in the AWS WAF Developer Guide. 1193// 1194// * InternalErrorException 1195// The operation failed because of a system problem, even though the request 1196// was valid. Retry your request. 1197// 1198// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies 1199func (c *FMS) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { 1200 req, out := c.ListPoliciesRequest(input) 1201 return out, req.Send() 1202} 1203 1204// ListPoliciesWithContext is the same as ListPolicies with the addition of 1205// the ability to pass a context and additional request options. 1206// 1207// See ListPolicies for details on how to use this API operation. 1208// 1209// The context must be non-nil and will be used for request cancellation. If 1210// the context is nil a panic will occur. In the future the SDK may create 1211// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1212// for more information on using Contexts. 1213func (c *FMS) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) { 1214 req, out := c.ListPoliciesRequest(input) 1215 req.SetContext(ctx) 1216 req.ApplyOptions(opts...) 1217 return out, req.Send() 1218} 1219 1220// ListPoliciesPages iterates over the pages of a ListPolicies operation, 1221// calling the "fn" function with the response data for each page. To stop 1222// iterating, return false from the fn function. 1223// 1224// See ListPolicies method for more information on how to use this operation. 1225// 1226// Note: This operation can generate multiple requests to a service. 1227// 1228// // Example iterating over at most 3 pages of a ListPolicies operation. 1229// pageNum := 0 1230// err := client.ListPoliciesPages(params, 1231// func(page *fms.ListPoliciesOutput, lastPage bool) bool { 1232// pageNum++ 1233// fmt.Println(page) 1234// return pageNum <= 3 1235// }) 1236// 1237func (c *FMS) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error { 1238 return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn) 1239} 1240 1241// ListPoliciesPagesWithContext same as ListPoliciesPages except 1242// it takes a Context and allows setting request options on the pages. 1243// 1244// The context must be non-nil and will be used for request cancellation. If 1245// the context is nil a panic will occur. In the future the SDK may create 1246// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1247// for more information on using Contexts. 1248func (c *FMS) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error { 1249 p := request.Pagination{ 1250 NewRequest: func() (*request.Request, error) { 1251 var inCpy *ListPoliciesInput 1252 if input != nil { 1253 tmp := *input 1254 inCpy = &tmp 1255 } 1256 req, _ := c.ListPoliciesRequest(inCpy) 1257 req.SetContext(ctx) 1258 req.ApplyOptions(opts...) 1259 return req, nil 1260 }, 1261 } 1262 1263 for p.Next() { 1264 if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) { 1265 break 1266 } 1267 } 1268 1269 return p.Err() 1270} 1271 1272const opListTagsForResource = "ListTagsForResource" 1273 1274// ListTagsForResourceRequest generates a "aws/request.Request" representing the 1275// client's request for the ListTagsForResource operation. The "output" return 1276// value will be populated with the request's response once the request completes 1277// successfully. 1278// 1279// Use "Send" method on the returned Request to send the API call to the service. 1280// the "output" return value is not valid until after Send returns without error. 1281// 1282// See ListTagsForResource for more information on using the ListTagsForResource 1283// API call, and error handling. 1284// 1285// This method is useful when you want to inject custom logic or configuration 1286// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1287// 1288// 1289// // Example sending a request using the ListTagsForResourceRequest method. 1290// req, resp := client.ListTagsForResourceRequest(params) 1291// 1292// err := req.Send() 1293// if err == nil { // resp is now filled 1294// fmt.Println(resp) 1295// } 1296// 1297// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResource 1298func (c *FMS) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { 1299 op := &request.Operation{ 1300 Name: opListTagsForResource, 1301 HTTPMethod: "POST", 1302 HTTPPath: "/", 1303 } 1304 1305 if input == nil { 1306 input = &ListTagsForResourceInput{} 1307 } 1308 1309 output = &ListTagsForResourceOutput{} 1310 req = c.newRequest(op, input, output) 1311 return 1312} 1313 1314// ListTagsForResource API operation for Firewall Management Service. 1315// 1316// Retrieves the list of tags for the specified AWS resource. 1317// 1318// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1319// with awserr.Error's Code and Message methods to get detailed information about 1320// the error. 1321// 1322// See the AWS API reference guide for Firewall Management Service's 1323// API operation ListTagsForResource for usage and error information. 1324// 1325// Returned Error Types: 1326// * ResourceNotFoundException 1327// The specified resource was not found. 1328// 1329// * InvalidOperationException 1330// The operation failed because there was nothing to do. For example, you might 1331// have submitted an AssociateAdminAccount request, but the account ID that 1332// you submitted was already set as the AWS Firewall Manager administrator. 1333// 1334// * InternalErrorException 1335// The operation failed because of a system problem, even though the request 1336// was valid. Retry your request. 1337// 1338// * InvalidInputException 1339// The parameters of the request were invalid. 1340// 1341// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResource 1342func (c *FMS) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { 1343 req, out := c.ListTagsForResourceRequest(input) 1344 return out, req.Send() 1345} 1346 1347// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of 1348// the ability to pass a context and additional request options. 1349// 1350// See ListTagsForResource for details on how to use this API operation. 1351// 1352// The context must be non-nil and will be used for request cancellation. If 1353// the context is nil a panic will occur. In the future the SDK may create 1354// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1355// for more information on using Contexts. 1356func (c *FMS) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { 1357 req, out := c.ListTagsForResourceRequest(input) 1358 req.SetContext(ctx) 1359 req.ApplyOptions(opts...) 1360 return out, req.Send() 1361} 1362 1363const opPutNotificationChannel = "PutNotificationChannel" 1364 1365// PutNotificationChannelRequest generates a "aws/request.Request" representing the 1366// client's request for the PutNotificationChannel operation. The "output" return 1367// value will be populated with the request's response once the request completes 1368// successfully. 1369// 1370// Use "Send" method on the returned Request to send the API call to the service. 1371// the "output" return value is not valid until after Send returns without error. 1372// 1373// See PutNotificationChannel for more information on using the PutNotificationChannel 1374// API call, and error handling. 1375// 1376// This method is useful when you want to inject custom logic or configuration 1377// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1378// 1379// 1380// // Example sending a request using the PutNotificationChannelRequest method. 1381// req, resp := client.PutNotificationChannelRequest(params) 1382// 1383// err := req.Send() 1384// if err == nil { // resp is now filled 1385// fmt.Println(resp) 1386// } 1387// 1388// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel 1389func (c *FMS) PutNotificationChannelRequest(input *PutNotificationChannelInput) (req *request.Request, output *PutNotificationChannelOutput) { 1390 op := &request.Operation{ 1391 Name: opPutNotificationChannel, 1392 HTTPMethod: "POST", 1393 HTTPPath: "/", 1394 } 1395 1396 if input == nil { 1397 input = &PutNotificationChannelInput{} 1398 } 1399 1400 output = &PutNotificationChannelOutput{} 1401 req = c.newRequest(op, input, output) 1402 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 1403 return 1404} 1405 1406// PutNotificationChannel API operation for Firewall Management Service. 1407// 1408// Designates the IAM role and Amazon Simple Notification Service (SNS) topic 1409// that AWS Firewall Manager uses to record SNS logs. 1410// 1411// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1412// with awserr.Error's Code and Message methods to get detailed information about 1413// the error. 1414// 1415// See the AWS API reference guide for Firewall Management Service's 1416// API operation PutNotificationChannel for usage and error information. 1417// 1418// Returned Error Types: 1419// * ResourceNotFoundException 1420// The specified resource was not found. 1421// 1422// * InvalidOperationException 1423// The operation failed because there was nothing to do. For example, you might 1424// have submitted an AssociateAdminAccount request, but the account ID that 1425// you submitted was already set as the AWS Firewall Manager administrator. 1426// 1427// * InternalErrorException 1428// The operation failed because of a system problem, even though the request 1429// was valid. Retry your request. 1430// 1431// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel 1432func (c *FMS) PutNotificationChannel(input *PutNotificationChannelInput) (*PutNotificationChannelOutput, error) { 1433 req, out := c.PutNotificationChannelRequest(input) 1434 return out, req.Send() 1435} 1436 1437// PutNotificationChannelWithContext is the same as PutNotificationChannel with the addition of 1438// the ability to pass a context and additional request options. 1439// 1440// See PutNotificationChannel for details on how to use this API operation. 1441// 1442// The context must be non-nil and will be used for request cancellation. If 1443// the context is nil a panic will occur. In the future the SDK may create 1444// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1445// for more information on using Contexts. 1446func (c *FMS) PutNotificationChannelWithContext(ctx aws.Context, input *PutNotificationChannelInput, opts ...request.Option) (*PutNotificationChannelOutput, error) { 1447 req, out := c.PutNotificationChannelRequest(input) 1448 req.SetContext(ctx) 1449 req.ApplyOptions(opts...) 1450 return out, req.Send() 1451} 1452 1453const opPutPolicy = "PutPolicy" 1454 1455// PutPolicyRequest generates a "aws/request.Request" representing the 1456// client's request for the PutPolicy operation. The "output" return 1457// value will be populated with the request's response once the request completes 1458// successfully. 1459// 1460// Use "Send" method on the returned Request to send the API call to the service. 1461// the "output" return value is not valid until after Send returns without error. 1462// 1463// See PutPolicy for more information on using the PutPolicy 1464// API call, and error handling. 1465// 1466// This method is useful when you want to inject custom logic or configuration 1467// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1468// 1469// 1470// // Example sending a request using the PutPolicyRequest method. 1471// req, resp := client.PutPolicyRequest(params) 1472// 1473// err := req.Send() 1474// if err == nil { // resp is now filled 1475// fmt.Println(resp) 1476// } 1477// 1478// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy 1479func (c *FMS) PutPolicyRequest(input *PutPolicyInput) (req *request.Request, output *PutPolicyOutput) { 1480 op := &request.Operation{ 1481 Name: opPutPolicy, 1482 HTTPMethod: "POST", 1483 HTTPPath: "/", 1484 } 1485 1486 if input == nil { 1487 input = &PutPolicyInput{} 1488 } 1489 1490 output = &PutPolicyOutput{} 1491 req = c.newRequest(op, input, output) 1492 return 1493} 1494 1495// PutPolicy API operation for Firewall Management Service. 1496// 1497// Creates an AWS Firewall Manager policy. 1498// 1499// Firewall Manager provides the following types of policies: 1500// 1501// * A Shield Advanced policy, which applies Shield Advanced protection to 1502// specified accounts and resources 1503// 1504// * An AWS WAF policy (type WAFV2), which defines rule groups to run first 1505// in the corresponding AWS WAF web ACL and rule groups to run last in the 1506// web ACL. 1507// 1508// * An AWS WAF Classic policy (type WAF), which defines a rule group. 1509// 1510// * A security group policy, which manages VPC security groups across your 1511// AWS organization. 1512// 1513// Each policy is specific to one of the types. If you want to enforce more 1514// than one policy type across accounts, create multiple policies. You can create 1515// multiple policies for each type. 1516// 1517// You must be subscribed to Shield Advanced to create a Shield Advanced policy. 1518// For more information about subscribing to Shield Advanced, see CreateSubscription 1519// (https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html). 1520// 1521// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1522// with awserr.Error's Code and Message methods to get detailed information about 1523// the error. 1524// 1525// See the AWS API reference guide for Firewall Management Service's 1526// API operation PutPolicy for usage and error information. 1527// 1528// Returned Error Types: 1529// * ResourceNotFoundException 1530// The specified resource was not found. 1531// 1532// * InvalidOperationException 1533// The operation failed because there was nothing to do. For example, you might 1534// have submitted an AssociateAdminAccount request, but the account ID that 1535// you submitted was already set as the AWS Firewall Manager administrator. 1536// 1537// * InvalidInputException 1538// The parameters of the request were invalid. 1539// 1540// * LimitExceededException 1541// The operation exceeds a resource limit, for example, the maximum number of 1542// policy objects that you can create for an AWS account. For more information, 1543// see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 1544// in the AWS WAF Developer Guide. 1545// 1546// * InternalErrorException 1547// The operation failed because of a system problem, even though the request 1548// was valid. Retry your request. 1549// 1550// * InvalidTypeException 1551// The value of the Type parameter is invalid. 1552// 1553// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy 1554func (c *FMS) PutPolicy(input *PutPolicyInput) (*PutPolicyOutput, error) { 1555 req, out := c.PutPolicyRequest(input) 1556 return out, req.Send() 1557} 1558 1559// PutPolicyWithContext is the same as PutPolicy with the addition of 1560// the ability to pass a context and additional request options. 1561// 1562// See PutPolicy for details on how to use this API operation. 1563// 1564// The context must be non-nil and will be used for request cancellation. If 1565// the context is nil a panic will occur. In the future the SDK may create 1566// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1567// for more information on using Contexts. 1568func (c *FMS) PutPolicyWithContext(ctx aws.Context, input *PutPolicyInput, opts ...request.Option) (*PutPolicyOutput, error) { 1569 req, out := c.PutPolicyRequest(input) 1570 req.SetContext(ctx) 1571 req.ApplyOptions(opts...) 1572 return out, req.Send() 1573} 1574 1575const opTagResource = "TagResource" 1576 1577// TagResourceRequest generates a "aws/request.Request" representing the 1578// client's request for the TagResource operation. The "output" return 1579// value will be populated with the request's response once the request completes 1580// successfully. 1581// 1582// Use "Send" method on the returned Request to send the API call to the service. 1583// the "output" return value is not valid until after Send returns without error. 1584// 1585// See TagResource for more information on using the TagResource 1586// API call, and error handling. 1587// 1588// This method is useful when you want to inject custom logic or configuration 1589// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1590// 1591// 1592// // Example sending a request using the TagResourceRequest method. 1593// req, resp := client.TagResourceRequest(params) 1594// 1595// err := req.Send() 1596// if err == nil { // resp is now filled 1597// fmt.Println(resp) 1598// } 1599// 1600// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/TagResource 1601func (c *FMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { 1602 op := &request.Operation{ 1603 Name: opTagResource, 1604 HTTPMethod: "POST", 1605 HTTPPath: "/", 1606 } 1607 1608 if input == nil { 1609 input = &TagResourceInput{} 1610 } 1611 1612 output = &TagResourceOutput{} 1613 req = c.newRequest(op, input, output) 1614 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 1615 return 1616} 1617 1618// TagResource API operation for Firewall Management Service. 1619// 1620// Adds one or more tags to an AWS resource. 1621// 1622// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1623// with awserr.Error's Code and Message methods to get detailed information about 1624// the error. 1625// 1626// See the AWS API reference guide for Firewall Management Service's 1627// API operation TagResource for usage and error information. 1628// 1629// Returned Error Types: 1630// * ResourceNotFoundException 1631// The specified resource was not found. 1632// 1633// * InvalidOperationException 1634// The operation failed because there was nothing to do. For example, you might 1635// have submitted an AssociateAdminAccount request, but the account ID that 1636// you submitted was already set as the AWS Firewall Manager administrator. 1637// 1638// * InternalErrorException 1639// The operation failed because of a system problem, even though the request 1640// was valid. Retry your request. 1641// 1642// * InvalidInputException 1643// The parameters of the request were invalid. 1644// 1645// * LimitExceededException 1646// The operation exceeds a resource limit, for example, the maximum number of 1647// policy objects that you can create for an AWS account. For more information, 1648// see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 1649// in the AWS WAF Developer Guide. 1650// 1651// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/TagResource 1652func (c *FMS) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { 1653 req, out := c.TagResourceRequest(input) 1654 return out, req.Send() 1655} 1656 1657// TagResourceWithContext is the same as TagResource with the addition of 1658// the ability to pass a context and additional request options. 1659// 1660// See TagResource for details on how to use this API operation. 1661// 1662// The context must be non-nil and will be used for request cancellation. If 1663// the context is nil a panic will occur. In the future the SDK may create 1664// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1665// for more information on using Contexts. 1666func (c *FMS) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { 1667 req, out := c.TagResourceRequest(input) 1668 req.SetContext(ctx) 1669 req.ApplyOptions(opts...) 1670 return out, req.Send() 1671} 1672 1673const opUntagResource = "UntagResource" 1674 1675// UntagResourceRequest generates a "aws/request.Request" representing the 1676// client's request for the UntagResource operation. The "output" return 1677// value will be populated with the request's response once the request completes 1678// successfully. 1679// 1680// Use "Send" method on the returned Request to send the API call to the service. 1681// the "output" return value is not valid until after Send returns without error. 1682// 1683// See UntagResource for more information on using the UntagResource 1684// API call, and error handling. 1685// 1686// This method is useful when you want to inject custom logic or configuration 1687// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1688// 1689// 1690// // Example sending a request using the UntagResourceRequest method. 1691// req, resp := client.UntagResourceRequest(params) 1692// 1693// err := req.Send() 1694// if err == nil { // resp is now filled 1695// fmt.Println(resp) 1696// } 1697// 1698// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/UntagResource 1699func (c *FMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { 1700 op := &request.Operation{ 1701 Name: opUntagResource, 1702 HTTPMethod: "POST", 1703 HTTPPath: "/", 1704 } 1705 1706 if input == nil { 1707 input = &UntagResourceInput{} 1708 } 1709 1710 output = &UntagResourceOutput{} 1711 req = c.newRequest(op, input, output) 1712 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 1713 return 1714} 1715 1716// UntagResource API operation for Firewall Management Service. 1717// 1718// Removes one or more tags from an AWS resource. 1719// 1720// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1721// with awserr.Error's Code and Message methods to get detailed information about 1722// the error. 1723// 1724// See the AWS API reference guide for Firewall Management Service's 1725// API operation UntagResource for usage and error information. 1726// 1727// Returned Error Types: 1728// * ResourceNotFoundException 1729// The specified resource was not found. 1730// 1731// * InvalidOperationException 1732// The operation failed because there was nothing to do. For example, you might 1733// have submitted an AssociateAdminAccount request, but the account ID that 1734// you submitted was already set as the AWS Firewall Manager administrator. 1735// 1736// * InternalErrorException 1737// The operation failed because of a system problem, even though the request 1738// was valid. Retry your request. 1739// 1740// * InvalidInputException 1741// The parameters of the request were invalid. 1742// 1743// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/UntagResource 1744func (c *FMS) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { 1745 req, out := c.UntagResourceRequest(input) 1746 return out, req.Send() 1747} 1748 1749// UntagResourceWithContext is the same as UntagResource with the addition of 1750// the ability to pass a context and additional request options. 1751// 1752// See UntagResource for details on how to use this API operation. 1753// 1754// The context must be non-nil and will be used for request cancellation. If 1755// the context is nil a panic will occur. In the future the SDK may create 1756// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1757// for more information on using Contexts. 1758func (c *FMS) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { 1759 req, out := c.UntagResourceRequest(input) 1760 req.SetContext(ctx) 1761 req.ApplyOptions(opts...) 1762 return out, req.Send() 1763} 1764 1765type AssociateAdminAccountInput struct { 1766 _ struct{} `type:"structure"` 1767 1768 // The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall 1769 // Manager administrator account. This can be an AWS Organizations master account 1770 // or a member account. For more information about AWS Organizations and master 1771 // accounts, see Managing the AWS Accounts in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html). 1772 // 1773 // AdminAccount is a required field 1774 AdminAccount *string `min:"1" type:"string" required:"true"` 1775} 1776 1777// String returns the string representation 1778func (s AssociateAdminAccountInput) String() string { 1779 return awsutil.Prettify(s) 1780} 1781 1782// GoString returns the string representation 1783func (s AssociateAdminAccountInput) GoString() string { 1784 return s.String() 1785} 1786 1787// Validate inspects the fields of the type to determine if they are valid. 1788func (s *AssociateAdminAccountInput) Validate() error { 1789 invalidParams := request.ErrInvalidParams{Context: "AssociateAdminAccountInput"} 1790 if s.AdminAccount == nil { 1791 invalidParams.Add(request.NewErrParamRequired("AdminAccount")) 1792 } 1793 if s.AdminAccount != nil && len(*s.AdminAccount) < 1 { 1794 invalidParams.Add(request.NewErrParamMinLen("AdminAccount", 1)) 1795 } 1796 1797 if invalidParams.Len() > 0 { 1798 return invalidParams 1799 } 1800 return nil 1801} 1802 1803// SetAdminAccount sets the AdminAccount field's value. 1804func (s *AssociateAdminAccountInput) SetAdminAccount(v string) *AssociateAdminAccountInput { 1805 s.AdminAccount = &v 1806 return s 1807} 1808 1809type AssociateAdminAccountOutput struct { 1810 _ struct{} `type:"structure"` 1811} 1812 1813// String returns the string representation 1814func (s AssociateAdminAccountOutput) String() string { 1815 return awsutil.Prettify(s) 1816} 1817 1818// GoString returns the string representation 1819func (s AssociateAdminAccountOutput) GoString() string { 1820 return s.String() 1821} 1822 1823// Details of the resource that is not protected by the policy. 1824type ComplianceViolator struct { 1825 _ struct{} `type:"structure"` 1826 1827 // The resource ID. 1828 ResourceId *string `min:"1" type:"string"` 1829 1830 // The resource type. This is in the format shown in the AWS Resource Types 1831 // Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 1832 // For example: AWS::ElasticLoadBalancingV2::LoadBalancer or AWS::CloudFront::Distribution. 1833 ResourceType *string `min:"1" type:"string"` 1834 1835 // The reason that the resource is not protected by the policy. 1836 ViolationReason *string `type:"string" enum:"ViolationReason"` 1837} 1838 1839// String returns the string representation 1840func (s ComplianceViolator) String() string { 1841 return awsutil.Prettify(s) 1842} 1843 1844// GoString returns the string representation 1845func (s ComplianceViolator) GoString() string { 1846 return s.String() 1847} 1848 1849// SetResourceId sets the ResourceId field's value. 1850func (s *ComplianceViolator) SetResourceId(v string) *ComplianceViolator { 1851 s.ResourceId = &v 1852 return s 1853} 1854 1855// SetResourceType sets the ResourceType field's value. 1856func (s *ComplianceViolator) SetResourceType(v string) *ComplianceViolator { 1857 s.ResourceType = &v 1858 return s 1859} 1860 1861// SetViolationReason sets the ViolationReason field's value. 1862func (s *ComplianceViolator) SetViolationReason(v string) *ComplianceViolator { 1863 s.ViolationReason = &v 1864 return s 1865} 1866 1867type DeleteNotificationChannelInput struct { 1868 _ struct{} `type:"structure"` 1869} 1870 1871// String returns the string representation 1872func (s DeleteNotificationChannelInput) String() string { 1873 return awsutil.Prettify(s) 1874} 1875 1876// GoString returns the string representation 1877func (s DeleteNotificationChannelInput) GoString() string { 1878 return s.String() 1879} 1880 1881type DeleteNotificationChannelOutput struct { 1882 _ struct{} `type:"structure"` 1883} 1884 1885// String returns the string representation 1886func (s DeleteNotificationChannelOutput) String() string { 1887 return awsutil.Prettify(s) 1888} 1889 1890// GoString returns the string representation 1891func (s DeleteNotificationChannelOutput) GoString() string { 1892 return s.String() 1893} 1894 1895type DeletePolicyInput struct { 1896 _ struct{} `type:"structure"` 1897 1898 // If True, the request performs cleanup according to the policy type. 1899 // 1900 // For AWS WAF and Shield Advanced policies, the cleanup does the following: 1901 // 1902 // * Deletes rule groups created by AWS Firewall Manager 1903 // 1904 // * Removes web ACLs from in-scope resources 1905 // 1906 // * Deletes web ACLs that contain no rules or rule groups 1907 // 1908 // For security group policies, the cleanup does the following for each security 1909 // group in the policy: 1910 // 1911 // * Disassociates the security group from in-scope resources 1912 // 1913 // * Deletes the security group if it was created through Firewall Manager 1914 // and if it's no longer associated with any resources through another policy 1915 // 1916 // After the cleanup, in-scope resources are no longer protected by web ACLs 1917 // in this policy. Protection of out-of-scope resources remains unchanged. Scope 1918 // is determined by tags that you create and accounts that you associate with 1919 // the policy. When creating the policy, if you specify that only resources 1920 // in specific accounts or with specific tags are in scope of the policy, those 1921 // accounts and resources are handled by the policy. All others are out of scope. 1922 // If you don't specify tags or accounts, all resources are in scope. 1923 DeleteAllPolicyResources *bool `type:"boolean"` 1924 1925 // The ID of the policy that you want to delete. PolicyId is returned by PutPolicy 1926 // and by ListPolicies. 1927 // 1928 // PolicyId is a required field 1929 PolicyId *string `min:"36" type:"string" required:"true"` 1930} 1931 1932// String returns the string representation 1933func (s DeletePolicyInput) String() string { 1934 return awsutil.Prettify(s) 1935} 1936 1937// GoString returns the string representation 1938func (s DeletePolicyInput) GoString() string { 1939 return s.String() 1940} 1941 1942// Validate inspects the fields of the type to determine if they are valid. 1943func (s *DeletePolicyInput) Validate() error { 1944 invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"} 1945 if s.PolicyId == nil { 1946 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 1947 } 1948 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 1949 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 1950 } 1951 1952 if invalidParams.Len() > 0 { 1953 return invalidParams 1954 } 1955 return nil 1956} 1957 1958// SetDeleteAllPolicyResources sets the DeleteAllPolicyResources field's value. 1959func (s *DeletePolicyInput) SetDeleteAllPolicyResources(v bool) *DeletePolicyInput { 1960 s.DeleteAllPolicyResources = &v 1961 return s 1962} 1963 1964// SetPolicyId sets the PolicyId field's value. 1965func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput { 1966 s.PolicyId = &v 1967 return s 1968} 1969 1970type DeletePolicyOutput struct { 1971 _ struct{} `type:"structure"` 1972} 1973 1974// String returns the string representation 1975func (s DeletePolicyOutput) String() string { 1976 return awsutil.Prettify(s) 1977} 1978 1979// GoString returns the string representation 1980func (s DeletePolicyOutput) GoString() string { 1981 return s.String() 1982} 1983 1984type DisassociateAdminAccountInput struct { 1985 _ struct{} `type:"structure"` 1986} 1987 1988// String returns the string representation 1989func (s DisassociateAdminAccountInput) String() string { 1990 return awsutil.Prettify(s) 1991} 1992 1993// GoString returns the string representation 1994func (s DisassociateAdminAccountInput) GoString() string { 1995 return s.String() 1996} 1997 1998type DisassociateAdminAccountOutput struct { 1999 _ struct{} `type:"structure"` 2000} 2001 2002// String returns the string representation 2003func (s DisassociateAdminAccountOutput) String() string { 2004 return awsutil.Prettify(s) 2005} 2006 2007// GoString returns the string representation 2008func (s DisassociateAdminAccountOutput) GoString() string { 2009 return s.String() 2010} 2011 2012// Describes the compliance status for the account. An account is considered 2013// noncompliant if it includes resources that are not protected by the specified 2014// policy or that don't comply with the policy. 2015type EvaluationResult struct { 2016 _ struct{} `type:"structure"` 2017 2018 // Describes an AWS account's compliance with the AWS Firewall Manager policy. 2019 ComplianceStatus *string `type:"string" enum:"PolicyComplianceStatusType"` 2020 2021 // Indicates that over 100 resources are noncompliant with the AWS Firewall 2022 // Manager policy. 2023 EvaluationLimitExceeded *bool `type:"boolean"` 2024 2025 // The number of resources that are noncompliant with the specified policy. 2026 // For AWS WAF and Shield Advanced policies, a resource is considered noncompliant 2027 // if it is not associated with the policy. For security group policies, a resource 2028 // is considered noncompliant if it doesn't comply with the rules of the policy 2029 // and remediation is disabled or not possible. 2030 ViolatorCount *int64 `type:"long"` 2031} 2032 2033// String returns the string representation 2034func (s EvaluationResult) String() string { 2035 return awsutil.Prettify(s) 2036} 2037 2038// GoString returns the string representation 2039func (s EvaluationResult) GoString() string { 2040 return s.String() 2041} 2042 2043// SetComplianceStatus sets the ComplianceStatus field's value. 2044func (s *EvaluationResult) SetComplianceStatus(v string) *EvaluationResult { 2045 s.ComplianceStatus = &v 2046 return s 2047} 2048 2049// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value. 2050func (s *EvaluationResult) SetEvaluationLimitExceeded(v bool) *EvaluationResult { 2051 s.EvaluationLimitExceeded = &v 2052 return s 2053} 2054 2055// SetViolatorCount sets the ViolatorCount field's value. 2056func (s *EvaluationResult) SetViolatorCount(v int64) *EvaluationResult { 2057 s.ViolatorCount = &v 2058 return s 2059} 2060 2061type GetAdminAccountInput struct { 2062 _ struct{} `type:"structure"` 2063} 2064 2065// String returns the string representation 2066func (s GetAdminAccountInput) String() string { 2067 return awsutil.Prettify(s) 2068} 2069 2070// GoString returns the string representation 2071func (s GetAdminAccountInput) GoString() string { 2072 return s.String() 2073} 2074 2075type GetAdminAccountOutput struct { 2076 _ struct{} `type:"structure"` 2077 2078 // The AWS account that is set as the AWS Firewall Manager administrator. 2079 AdminAccount *string `min:"1" type:"string"` 2080 2081 // The status of the AWS account that you set as the AWS Firewall Manager administrator. 2082 RoleStatus *string `type:"string" enum:"AccountRoleStatus"` 2083} 2084 2085// String returns the string representation 2086func (s GetAdminAccountOutput) String() string { 2087 return awsutil.Prettify(s) 2088} 2089 2090// GoString returns the string representation 2091func (s GetAdminAccountOutput) GoString() string { 2092 return s.String() 2093} 2094 2095// SetAdminAccount sets the AdminAccount field's value. 2096func (s *GetAdminAccountOutput) SetAdminAccount(v string) *GetAdminAccountOutput { 2097 s.AdminAccount = &v 2098 return s 2099} 2100 2101// SetRoleStatus sets the RoleStatus field's value. 2102func (s *GetAdminAccountOutput) SetRoleStatus(v string) *GetAdminAccountOutput { 2103 s.RoleStatus = &v 2104 return s 2105} 2106 2107type GetComplianceDetailInput struct { 2108 _ struct{} `type:"structure"` 2109 2110 // The AWS account that owns the resources that you want to get the details 2111 // for. 2112 // 2113 // MemberAccount is a required field 2114 MemberAccount *string `min:"1" type:"string" required:"true"` 2115 2116 // The ID of the policy that you want to get the details for. PolicyId is returned 2117 // by PutPolicy and by ListPolicies. 2118 // 2119 // PolicyId is a required field 2120 PolicyId *string `min:"36" type:"string" required:"true"` 2121} 2122 2123// String returns the string representation 2124func (s GetComplianceDetailInput) String() string { 2125 return awsutil.Prettify(s) 2126} 2127 2128// GoString returns the string representation 2129func (s GetComplianceDetailInput) GoString() string { 2130 return s.String() 2131} 2132 2133// Validate inspects the fields of the type to determine if they are valid. 2134func (s *GetComplianceDetailInput) Validate() error { 2135 invalidParams := request.ErrInvalidParams{Context: "GetComplianceDetailInput"} 2136 if s.MemberAccount == nil { 2137 invalidParams.Add(request.NewErrParamRequired("MemberAccount")) 2138 } 2139 if s.MemberAccount != nil && len(*s.MemberAccount) < 1 { 2140 invalidParams.Add(request.NewErrParamMinLen("MemberAccount", 1)) 2141 } 2142 if s.PolicyId == nil { 2143 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 2144 } 2145 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 2146 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 2147 } 2148 2149 if invalidParams.Len() > 0 { 2150 return invalidParams 2151 } 2152 return nil 2153} 2154 2155// SetMemberAccount sets the MemberAccount field's value. 2156func (s *GetComplianceDetailInput) SetMemberAccount(v string) *GetComplianceDetailInput { 2157 s.MemberAccount = &v 2158 return s 2159} 2160 2161// SetPolicyId sets the PolicyId field's value. 2162func (s *GetComplianceDetailInput) SetPolicyId(v string) *GetComplianceDetailInput { 2163 s.PolicyId = &v 2164 return s 2165} 2166 2167type GetComplianceDetailOutput struct { 2168 _ struct{} `type:"structure"` 2169 2170 // Information about the resources and the policy that you specified in the 2171 // GetComplianceDetail request. 2172 PolicyComplianceDetail *PolicyComplianceDetail `type:"structure"` 2173} 2174 2175// String returns the string representation 2176func (s GetComplianceDetailOutput) String() string { 2177 return awsutil.Prettify(s) 2178} 2179 2180// GoString returns the string representation 2181func (s GetComplianceDetailOutput) GoString() string { 2182 return s.String() 2183} 2184 2185// SetPolicyComplianceDetail sets the PolicyComplianceDetail field's value. 2186func (s *GetComplianceDetailOutput) SetPolicyComplianceDetail(v *PolicyComplianceDetail) *GetComplianceDetailOutput { 2187 s.PolicyComplianceDetail = v 2188 return s 2189} 2190 2191type GetNotificationChannelInput struct { 2192 _ struct{} `type:"structure"` 2193} 2194 2195// String returns the string representation 2196func (s GetNotificationChannelInput) String() string { 2197 return awsutil.Prettify(s) 2198} 2199 2200// GoString returns the string representation 2201func (s GetNotificationChannelInput) GoString() string { 2202 return s.String() 2203} 2204 2205type GetNotificationChannelOutput struct { 2206 _ struct{} `type:"structure"` 2207 2208 // The IAM role that is used by AWS Firewall Manager to record activity to SNS. 2209 SnsRoleName *string `min:"1" type:"string"` 2210 2211 // The SNS topic that records AWS Firewall Manager activity. 2212 SnsTopicArn *string `min:"1" type:"string"` 2213} 2214 2215// String returns the string representation 2216func (s GetNotificationChannelOutput) String() string { 2217 return awsutil.Prettify(s) 2218} 2219 2220// GoString returns the string representation 2221func (s GetNotificationChannelOutput) GoString() string { 2222 return s.String() 2223} 2224 2225// SetSnsRoleName sets the SnsRoleName field's value. 2226func (s *GetNotificationChannelOutput) SetSnsRoleName(v string) *GetNotificationChannelOutput { 2227 s.SnsRoleName = &v 2228 return s 2229} 2230 2231// SetSnsTopicArn sets the SnsTopicArn field's value. 2232func (s *GetNotificationChannelOutput) SetSnsTopicArn(v string) *GetNotificationChannelOutput { 2233 s.SnsTopicArn = &v 2234 return s 2235} 2236 2237type GetPolicyInput struct { 2238 _ struct{} `type:"structure"` 2239 2240 // The ID of the AWS Firewall Manager policy that you want the details for. 2241 // 2242 // PolicyId is a required field 2243 PolicyId *string `min:"36" type:"string" required:"true"` 2244} 2245 2246// String returns the string representation 2247func (s GetPolicyInput) String() string { 2248 return awsutil.Prettify(s) 2249} 2250 2251// GoString returns the string representation 2252func (s GetPolicyInput) GoString() string { 2253 return s.String() 2254} 2255 2256// Validate inspects the fields of the type to determine if they are valid. 2257func (s *GetPolicyInput) Validate() error { 2258 invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"} 2259 if s.PolicyId == nil { 2260 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 2261 } 2262 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 2263 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 2264 } 2265 2266 if invalidParams.Len() > 0 { 2267 return invalidParams 2268 } 2269 return nil 2270} 2271 2272// SetPolicyId sets the PolicyId field's value. 2273func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput { 2274 s.PolicyId = &v 2275 return s 2276} 2277 2278type GetPolicyOutput struct { 2279 _ struct{} `type:"structure"` 2280 2281 // Information about the specified AWS Firewall Manager policy. 2282 Policy *Policy `type:"structure"` 2283 2284 // The Amazon Resource Name (ARN) of the specified policy. 2285 PolicyArn *string `min:"1" type:"string"` 2286} 2287 2288// String returns the string representation 2289func (s GetPolicyOutput) String() string { 2290 return awsutil.Prettify(s) 2291} 2292 2293// GoString returns the string representation 2294func (s GetPolicyOutput) GoString() string { 2295 return s.String() 2296} 2297 2298// SetPolicy sets the Policy field's value. 2299func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput { 2300 s.Policy = v 2301 return s 2302} 2303 2304// SetPolicyArn sets the PolicyArn field's value. 2305func (s *GetPolicyOutput) SetPolicyArn(v string) *GetPolicyOutput { 2306 s.PolicyArn = &v 2307 return s 2308} 2309 2310type GetProtectionStatusInput struct { 2311 _ struct{} `type:"structure"` 2312 2313 // The end of the time period to query for the attacks. This is a timestamp 2314 // type. The request syntax listing indicates a number type because the default 2315 // used by AWS Firewall Manager is Unix time in seconds. However, any valid 2316 // timestamp format is allowed. 2317 EndTime *time.Time `type:"timestamp"` 2318 2319 // Specifies the number of objects that you want AWS Firewall Manager to return 2320 // for this request. If you have more objects than the number that you specify 2321 // for MaxResults, the response includes a NextToken value that you can use 2322 // to get another batch of objects. 2323 MaxResults *int64 `min:"1" type:"integer"` 2324 2325 // The AWS account that is in scope of the policy that you want to get the details 2326 // for. 2327 MemberAccountId *string `min:"1" type:"string"` 2328 2329 // If you specify a value for MaxResults and you have more objects than the 2330 // number that you specify for MaxResults, AWS Firewall Manager returns a NextToken 2331 // value in the response, which you can use to retrieve another group of objects. 2332 // For the second and subsequent GetProtectionStatus requests, specify the value 2333 // of NextToken from the previous response to get information about another 2334 // batch of objects. 2335 NextToken *string `min:"1" type:"string"` 2336 2337 // The ID of the policy for which you want to get the attack information. 2338 // 2339 // PolicyId is a required field 2340 PolicyId *string `min:"36" type:"string" required:"true"` 2341 2342 // The start of the time period to query for the attacks. This is a timestamp 2343 // type. The request syntax listing indicates a number type because the default 2344 // used by AWS Firewall Manager is Unix time in seconds. However, any valid 2345 // timestamp format is allowed. 2346 StartTime *time.Time `type:"timestamp"` 2347} 2348 2349// String returns the string representation 2350func (s GetProtectionStatusInput) String() string { 2351 return awsutil.Prettify(s) 2352} 2353 2354// GoString returns the string representation 2355func (s GetProtectionStatusInput) GoString() string { 2356 return s.String() 2357} 2358 2359// Validate inspects the fields of the type to determine if they are valid. 2360func (s *GetProtectionStatusInput) Validate() error { 2361 invalidParams := request.ErrInvalidParams{Context: "GetProtectionStatusInput"} 2362 if s.MaxResults != nil && *s.MaxResults < 1 { 2363 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 2364 } 2365 if s.MemberAccountId != nil && len(*s.MemberAccountId) < 1 { 2366 invalidParams.Add(request.NewErrParamMinLen("MemberAccountId", 1)) 2367 } 2368 if s.NextToken != nil && len(*s.NextToken) < 1 { 2369 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 2370 } 2371 if s.PolicyId == nil { 2372 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 2373 } 2374 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 2375 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 2376 } 2377 2378 if invalidParams.Len() > 0 { 2379 return invalidParams 2380 } 2381 return nil 2382} 2383 2384// SetEndTime sets the EndTime field's value. 2385func (s *GetProtectionStatusInput) SetEndTime(v time.Time) *GetProtectionStatusInput { 2386 s.EndTime = &v 2387 return s 2388} 2389 2390// SetMaxResults sets the MaxResults field's value. 2391func (s *GetProtectionStatusInput) SetMaxResults(v int64) *GetProtectionStatusInput { 2392 s.MaxResults = &v 2393 return s 2394} 2395 2396// SetMemberAccountId sets the MemberAccountId field's value. 2397func (s *GetProtectionStatusInput) SetMemberAccountId(v string) *GetProtectionStatusInput { 2398 s.MemberAccountId = &v 2399 return s 2400} 2401 2402// SetNextToken sets the NextToken field's value. 2403func (s *GetProtectionStatusInput) SetNextToken(v string) *GetProtectionStatusInput { 2404 s.NextToken = &v 2405 return s 2406} 2407 2408// SetPolicyId sets the PolicyId field's value. 2409func (s *GetProtectionStatusInput) SetPolicyId(v string) *GetProtectionStatusInput { 2410 s.PolicyId = &v 2411 return s 2412} 2413 2414// SetStartTime sets the StartTime field's value. 2415func (s *GetProtectionStatusInput) SetStartTime(v time.Time) *GetProtectionStatusInput { 2416 s.StartTime = &v 2417 return s 2418} 2419 2420type GetProtectionStatusOutput struct { 2421 _ struct{} `type:"structure"` 2422 2423 // The ID of the AWS Firewall administrator account for this policy. 2424 AdminAccountId *string `min:"1" type:"string"` 2425 2426 // Details about the attack, including the following: 2427 // 2428 // * Attack type 2429 // 2430 // * Account ID 2431 // 2432 // * ARN of the resource attacked 2433 // 2434 // * Start time of the attack 2435 // 2436 // * End time of the attack (ongoing attacks will not have an end time) 2437 // 2438 // The details are in JSON format. 2439 Data *string `type:"string"` 2440 2441 // If you have more objects than the number that you specified for MaxResults 2442 // in the request, the response includes a NextToken value. To list more objects, 2443 // submit another GetProtectionStatus request, and specify the NextToken value 2444 // from the response in the NextToken value in the next request. 2445 // 2446 // AWS SDKs provide auto-pagination that identify NextToken in a response and 2447 // make subsequent request calls automatically on your behalf. However, this 2448 // feature is not supported by GetProtectionStatus. You must submit subsequent 2449 // requests with NextToken using your own processes. 2450 NextToken *string `min:"1" type:"string"` 2451 2452 // The service type that is protected by the policy. Currently, this is always 2453 // SHIELD_ADVANCED. 2454 ServiceType *string `type:"string" enum:"SecurityServiceType"` 2455} 2456 2457// String returns the string representation 2458func (s GetProtectionStatusOutput) String() string { 2459 return awsutil.Prettify(s) 2460} 2461 2462// GoString returns the string representation 2463func (s GetProtectionStatusOutput) GoString() string { 2464 return s.String() 2465} 2466 2467// SetAdminAccountId sets the AdminAccountId field's value. 2468func (s *GetProtectionStatusOutput) SetAdminAccountId(v string) *GetProtectionStatusOutput { 2469 s.AdminAccountId = &v 2470 return s 2471} 2472 2473// SetData sets the Data field's value. 2474func (s *GetProtectionStatusOutput) SetData(v string) *GetProtectionStatusOutput { 2475 s.Data = &v 2476 return s 2477} 2478 2479// SetNextToken sets the NextToken field's value. 2480func (s *GetProtectionStatusOutput) SetNextToken(v string) *GetProtectionStatusOutput { 2481 s.NextToken = &v 2482 return s 2483} 2484 2485// SetServiceType sets the ServiceType field's value. 2486func (s *GetProtectionStatusOutput) SetServiceType(v string) *GetProtectionStatusOutput { 2487 s.ServiceType = &v 2488 return s 2489} 2490 2491// The operation failed because of a system problem, even though the request 2492// was valid. Retry your request. 2493type InternalErrorException struct { 2494 _ struct{} `type:"structure"` 2495 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 2496 2497 Message_ *string `locationName:"Message" type:"string"` 2498} 2499 2500// String returns the string representation 2501func (s InternalErrorException) String() string { 2502 return awsutil.Prettify(s) 2503} 2504 2505// GoString returns the string representation 2506func (s InternalErrorException) GoString() string { 2507 return s.String() 2508} 2509 2510func newErrorInternalErrorException(v protocol.ResponseMetadata) error { 2511 return &InternalErrorException{ 2512 RespMetadata: v, 2513 } 2514} 2515 2516// Code returns the exception type name. 2517func (s *InternalErrorException) Code() string { 2518 return "InternalErrorException" 2519} 2520 2521// Message returns the exception's message. 2522func (s *InternalErrorException) Message() string { 2523 if s.Message_ != nil { 2524 return *s.Message_ 2525 } 2526 return "" 2527} 2528 2529// OrigErr always returns nil, satisfies awserr.Error interface. 2530func (s *InternalErrorException) OrigErr() error { 2531 return nil 2532} 2533 2534func (s *InternalErrorException) Error() string { 2535 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 2536} 2537 2538// Status code returns the HTTP status code for the request's response error. 2539func (s *InternalErrorException) StatusCode() int { 2540 return s.RespMetadata.StatusCode 2541} 2542 2543// RequestID returns the service's response RequestID for request. 2544func (s *InternalErrorException) RequestID() string { 2545 return s.RespMetadata.RequestID 2546} 2547 2548// The parameters of the request were invalid. 2549type InvalidInputException struct { 2550 _ struct{} `type:"structure"` 2551 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 2552 2553 Message_ *string `locationName:"Message" type:"string"` 2554} 2555 2556// String returns the string representation 2557func (s InvalidInputException) String() string { 2558 return awsutil.Prettify(s) 2559} 2560 2561// GoString returns the string representation 2562func (s InvalidInputException) GoString() string { 2563 return s.String() 2564} 2565 2566func newErrorInvalidInputException(v protocol.ResponseMetadata) error { 2567 return &InvalidInputException{ 2568 RespMetadata: v, 2569 } 2570} 2571 2572// Code returns the exception type name. 2573func (s *InvalidInputException) Code() string { 2574 return "InvalidInputException" 2575} 2576 2577// Message returns the exception's message. 2578func (s *InvalidInputException) Message() string { 2579 if s.Message_ != nil { 2580 return *s.Message_ 2581 } 2582 return "" 2583} 2584 2585// OrigErr always returns nil, satisfies awserr.Error interface. 2586func (s *InvalidInputException) OrigErr() error { 2587 return nil 2588} 2589 2590func (s *InvalidInputException) Error() string { 2591 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 2592} 2593 2594// Status code returns the HTTP status code for the request's response error. 2595func (s *InvalidInputException) StatusCode() int { 2596 return s.RespMetadata.StatusCode 2597} 2598 2599// RequestID returns the service's response RequestID for request. 2600func (s *InvalidInputException) RequestID() string { 2601 return s.RespMetadata.RequestID 2602} 2603 2604// The operation failed because there was nothing to do. For example, you might 2605// have submitted an AssociateAdminAccount request, but the account ID that 2606// you submitted was already set as the AWS Firewall Manager administrator. 2607type InvalidOperationException struct { 2608 _ struct{} `type:"structure"` 2609 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 2610 2611 Message_ *string `locationName:"Message" type:"string"` 2612} 2613 2614// String returns the string representation 2615func (s InvalidOperationException) String() string { 2616 return awsutil.Prettify(s) 2617} 2618 2619// GoString returns the string representation 2620func (s InvalidOperationException) GoString() string { 2621 return s.String() 2622} 2623 2624func newErrorInvalidOperationException(v protocol.ResponseMetadata) error { 2625 return &InvalidOperationException{ 2626 RespMetadata: v, 2627 } 2628} 2629 2630// Code returns the exception type name. 2631func (s *InvalidOperationException) Code() string { 2632 return "InvalidOperationException" 2633} 2634 2635// Message returns the exception's message. 2636func (s *InvalidOperationException) Message() string { 2637 if s.Message_ != nil { 2638 return *s.Message_ 2639 } 2640 return "" 2641} 2642 2643// OrigErr always returns nil, satisfies awserr.Error interface. 2644func (s *InvalidOperationException) OrigErr() error { 2645 return nil 2646} 2647 2648func (s *InvalidOperationException) Error() string { 2649 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 2650} 2651 2652// Status code returns the HTTP status code for the request's response error. 2653func (s *InvalidOperationException) StatusCode() int { 2654 return s.RespMetadata.StatusCode 2655} 2656 2657// RequestID returns the service's response RequestID for request. 2658func (s *InvalidOperationException) RequestID() string { 2659 return s.RespMetadata.RequestID 2660} 2661 2662// The value of the Type parameter is invalid. 2663type InvalidTypeException struct { 2664 _ struct{} `type:"structure"` 2665 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 2666 2667 Message_ *string `locationName:"Message" type:"string"` 2668} 2669 2670// String returns the string representation 2671func (s InvalidTypeException) String() string { 2672 return awsutil.Prettify(s) 2673} 2674 2675// GoString returns the string representation 2676func (s InvalidTypeException) GoString() string { 2677 return s.String() 2678} 2679 2680func newErrorInvalidTypeException(v protocol.ResponseMetadata) error { 2681 return &InvalidTypeException{ 2682 RespMetadata: v, 2683 } 2684} 2685 2686// Code returns the exception type name. 2687func (s *InvalidTypeException) Code() string { 2688 return "InvalidTypeException" 2689} 2690 2691// Message returns the exception's message. 2692func (s *InvalidTypeException) Message() string { 2693 if s.Message_ != nil { 2694 return *s.Message_ 2695 } 2696 return "" 2697} 2698 2699// OrigErr always returns nil, satisfies awserr.Error interface. 2700func (s *InvalidTypeException) OrigErr() error { 2701 return nil 2702} 2703 2704func (s *InvalidTypeException) Error() string { 2705 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 2706} 2707 2708// Status code returns the HTTP status code for the request's response error. 2709func (s *InvalidTypeException) StatusCode() int { 2710 return s.RespMetadata.StatusCode 2711} 2712 2713// RequestID returns the service's response RequestID for request. 2714func (s *InvalidTypeException) RequestID() string { 2715 return s.RespMetadata.RequestID 2716} 2717 2718// The operation exceeds a resource limit, for example, the maximum number of 2719// policy objects that you can create for an AWS account. For more information, 2720// see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 2721// in the AWS WAF Developer Guide. 2722type LimitExceededException struct { 2723 _ struct{} `type:"structure"` 2724 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 2725 2726 Message_ *string `locationName:"Message" type:"string"` 2727} 2728 2729// String returns the string representation 2730func (s LimitExceededException) String() string { 2731 return awsutil.Prettify(s) 2732} 2733 2734// GoString returns the string representation 2735func (s LimitExceededException) GoString() string { 2736 return s.String() 2737} 2738 2739func newErrorLimitExceededException(v protocol.ResponseMetadata) error { 2740 return &LimitExceededException{ 2741 RespMetadata: v, 2742 } 2743} 2744 2745// Code returns the exception type name. 2746func (s *LimitExceededException) Code() string { 2747 return "LimitExceededException" 2748} 2749 2750// Message returns the exception's message. 2751func (s *LimitExceededException) Message() string { 2752 if s.Message_ != nil { 2753 return *s.Message_ 2754 } 2755 return "" 2756} 2757 2758// OrigErr always returns nil, satisfies awserr.Error interface. 2759func (s *LimitExceededException) OrigErr() error { 2760 return nil 2761} 2762 2763func (s *LimitExceededException) Error() string { 2764 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 2765} 2766 2767// Status code returns the HTTP status code for the request's response error. 2768func (s *LimitExceededException) StatusCode() int { 2769 return s.RespMetadata.StatusCode 2770} 2771 2772// RequestID returns the service's response RequestID for request. 2773func (s *LimitExceededException) RequestID() string { 2774 return s.RespMetadata.RequestID 2775} 2776 2777type ListComplianceStatusInput struct { 2778 _ struct{} `type:"structure"` 2779 2780 // Specifies the number of PolicyComplianceStatus objects that you want AWS 2781 // Firewall Manager to return for this request. If you have more PolicyComplianceStatus 2782 // objects than the number that you specify for MaxResults, the response includes 2783 // a NextToken value that you can use to get another batch of PolicyComplianceStatus 2784 // objects. 2785 MaxResults *int64 `min:"1" type:"integer"` 2786 2787 // If you specify a value for MaxResults and you have more PolicyComplianceStatus 2788 // objects than the number that you specify for MaxResults, AWS Firewall Manager 2789 // returns a NextToken value in the response that allows you to list another 2790 // group of PolicyComplianceStatus objects. For the second and subsequent ListComplianceStatus 2791 // requests, specify the value of NextToken from the previous response to get 2792 // information about another batch of PolicyComplianceStatus objects. 2793 NextToken *string `min:"1" type:"string"` 2794 2795 // The ID of the AWS Firewall Manager policy that you want the details for. 2796 // 2797 // PolicyId is a required field 2798 PolicyId *string `min:"36" type:"string" required:"true"` 2799} 2800 2801// String returns the string representation 2802func (s ListComplianceStatusInput) String() string { 2803 return awsutil.Prettify(s) 2804} 2805 2806// GoString returns the string representation 2807func (s ListComplianceStatusInput) GoString() string { 2808 return s.String() 2809} 2810 2811// Validate inspects the fields of the type to determine if they are valid. 2812func (s *ListComplianceStatusInput) Validate() error { 2813 invalidParams := request.ErrInvalidParams{Context: "ListComplianceStatusInput"} 2814 if s.MaxResults != nil && *s.MaxResults < 1 { 2815 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 2816 } 2817 if s.NextToken != nil && len(*s.NextToken) < 1 { 2818 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 2819 } 2820 if s.PolicyId == nil { 2821 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 2822 } 2823 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 2824 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 2825 } 2826 2827 if invalidParams.Len() > 0 { 2828 return invalidParams 2829 } 2830 return nil 2831} 2832 2833// SetMaxResults sets the MaxResults field's value. 2834func (s *ListComplianceStatusInput) SetMaxResults(v int64) *ListComplianceStatusInput { 2835 s.MaxResults = &v 2836 return s 2837} 2838 2839// SetNextToken sets the NextToken field's value. 2840func (s *ListComplianceStatusInput) SetNextToken(v string) *ListComplianceStatusInput { 2841 s.NextToken = &v 2842 return s 2843} 2844 2845// SetPolicyId sets the PolicyId field's value. 2846func (s *ListComplianceStatusInput) SetPolicyId(v string) *ListComplianceStatusInput { 2847 s.PolicyId = &v 2848 return s 2849} 2850 2851type ListComplianceStatusOutput struct { 2852 _ struct{} `type:"structure"` 2853 2854 // If you have more PolicyComplianceStatus objects than the number that you 2855 // specified for MaxResults in the request, the response includes a NextToken 2856 // value. To list more PolicyComplianceStatus objects, submit another ListComplianceStatus 2857 // request, and specify the NextToken value from the response in the NextToken 2858 // value in the next request. 2859 NextToken *string `min:"1" type:"string"` 2860 2861 // An array of PolicyComplianceStatus objects. 2862 PolicyComplianceStatusList []*PolicyComplianceStatus `type:"list"` 2863} 2864 2865// String returns the string representation 2866func (s ListComplianceStatusOutput) String() string { 2867 return awsutil.Prettify(s) 2868} 2869 2870// GoString returns the string representation 2871func (s ListComplianceStatusOutput) GoString() string { 2872 return s.String() 2873} 2874 2875// SetNextToken sets the NextToken field's value. 2876func (s *ListComplianceStatusOutput) SetNextToken(v string) *ListComplianceStatusOutput { 2877 s.NextToken = &v 2878 return s 2879} 2880 2881// SetPolicyComplianceStatusList sets the PolicyComplianceStatusList field's value. 2882func (s *ListComplianceStatusOutput) SetPolicyComplianceStatusList(v []*PolicyComplianceStatus) *ListComplianceStatusOutput { 2883 s.PolicyComplianceStatusList = v 2884 return s 2885} 2886 2887type ListMemberAccountsInput struct { 2888 _ struct{} `type:"structure"` 2889 2890 // Specifies the number of member account IDs that you want AWS Firewall Manager 2891 // to return for this request. If you have more IDs than the number that you 2892 // specify for MaxResults, the response includes a NextToken value that you 2893 // can use to get another batch of member account IDs. 2894 MaxResults *int64 `min:"1" type:"integer"` 2895 2896 // If you specify a value for MaxResults and you have more account IDs than 2897 // the number that you specify for MaxResults, AWS Firewall Manager returns 2898 // a NextToken value in the response that allows you to list another group of 2899 // IDs. For the second and subsequent ListMemberAccountsRequest requests, specify 2900 // the value of NextToken from the previous response to get information about 2901 // another batch of member account IDs. 2902 NextToken *string `min:"1" type:"string"` 2903} 2904 2905// String returns the string representation 2906func (s ListMemberAccountsInput) String() string { 2907 return awsutil.Prettify(s) 2908} 2909 2910// GoString returns the string representation 2911func (s ListMemberAccountsInput) GoString() string { 2912 return s.String() 2913} 2914 2915// Validate inspects the fields of the type to determine if they are valid. 2916func (s *ListMemberAccountsInput) Validate() error { 2917 invalidParams := request.ErrInvalidParams{Context: "ListMemberAccountsInput"} 2918 if s.MaxResults != nil && *s.MaxResults < 1 { 2919 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 2920 } 2921 if s.NextToken != nil && len(*s.NextToken) < 1 { 2922 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 2923 } 2924 2925 if invalidParams.Len() > 0 { 2926 return invalidParams 2927 } 2928 return nil 2929} 2930 2931// SetMaxResults sets the MaxResults field's value. 2932func (s *ListMemberAccountsInput) SetMaxResults(v int64) *ListMemberAccountsInput { 2933 s.MaxResults = &v 2934 return s 2935} 2936 2937// SetNextToken sets the NextToken field's value. 2938func (s *ListMemberAccountsInput) SetNextToken(v string) *ListMemberAccountsInput { 2939 s.NextToken = &v 2940 return s 2941} 2942 2943type ListMemberAccountsOutput struct { 2944 _ struct{} `type:"structure"` 2945 2946 // An array of account IDs. 2947 MemberAccounts []*string `type:"list"` 2948 2949 // If you have more member account IDs than the number that you specified for 2950 // MaxResults in the request, the response includes a NextToken value. To list 2951 // more IDs, submit another ListMemberAccounts request, and specify the NextToken 2952 // value from the response in the NextToken value in the next request. 2953 NextToken *string `min:"1" type:"string"` 2954} 2955 2956// String returns the string representation 2957func (s ListMemberAccountsOutput) String() string { 2958 return awsutil.Prettify(s) 2959} 2960 2961// GoString returns the string representation 2962func (s ListMemberAccountsOutput) GoString() string { 2963 return s.String() 2964} 2965 2966// SetMemberAccounts sets the MemberAccounts field's value. 2967func (s *ListMemberAccountsOutput) SetMemberAccounts(v []*string) *ListMemberAccountsOutput { 2968 s.MemberAccounts = v 2969 return s 2970} 2971 2972// SetNextToken sets the NextToken field's value. 2973func (s *ListMemberAccountsOutput) SetNextToken(v string) *ListMemberAccountsOutput { 2974 s.NextToken = &v 2975 return s 2976} 2977 2978type ListPoliciesInput struct { 2979 _ struct{} `type:"structure"` 2980 2981 // Specifies the number of PolicySummary objects that you want AWS Firewall 2982 // Manager to return for this request. If you have more PolicySummary objects 2983 // than the number that you specify for MaxResults, the response includes a 2984 // NextToken value that you can use to get another batch of PolicySummary objects. 2985 MaxResults *int64 `min:"1" type:"integer"` 2986 2987 // If you specify a value for MaxResults and you have more PolicySummary objects 2988 // than the number that you specify for MaxResults, AWS Firewall Manager returns 2989 // a NextToken value in the response that allows you to list another group of 2990 // PolicySummary objects. For the second and subsequent ListPolicies requests, 2991 // specify the value of NextToken from the previous response to get information 2992 // about another batch of PolicySummary objects. 2993 NextToken *string `min:"1" type:"string"` 2994} 2995 2996// String returns the string representation 2997func (s ListPoliciesInput) String() string { 2998 return awsutil.Prettify(s) 2999} 3000 3001// GoString returns the string representation 3002func (s ListPoliciesInput) GoString() string { 3003 return s.String() 3004} 3005 3006// Validate inspects the fields of the type to determine if they are valid. 3007func (s *ListPoliciesInput) Validate() error { 3008 invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"} 3009 if s.MaxResults != nil && *s.MaxResults < 1 { 3010 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 3011 } 3012 if s.NextToken != nil && len(*s.NextToken) < 1 { 3013 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 3014 } 3015 3016 if invalidParams.Len() > 0 { 3017 return invalidParams 3018 } 3019 return nil 3020} 3021 3022// SetMaxResults sets the MaxResults field's value. 3023func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput { 3024 s.MaxResults = &v 3025 return s 3026} 3027 3028// SetNextToken sets the NextToken field's value. 3029func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput { 3030 s.NextToken = &v 3031 return s 3032} 3033 3034type ListPoliciesOutput struct { 3035 _ struct{} `type:"structure"` 3036 3037 // If you have more PolicySummary objects than the number that you specified 3038 // for MaxResults in the request, the response includes a NextToken value. To 3039 // list more PolicySummary objects, submit another ListPolicies request, and 3040 // specify the NextToken value from the response in the NextToken value in the 3041 // next request. 3042 NextToken *string `min:"1" type:"string"` 3043 3044 // An array of PolicySummary objects. 3045 PolicyList []*PolicySummary `type:"list"` 3046} 3047 3048// String returns the string representation 3049func (s ListPoliciesOutput) String() string { 3050 return awsutil.Prettify(s) 3051} 3052 3053// GoString returns the string representation 3054func (s ListPoliciesOutput) GoString() string { 3055 return s.String() 3056} 3057 3058// SetNextToken sets the NextToken field's value. 3059func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput { 3060 s.NextToken = &v 3061 return s 3062} 3063 3064// SetPolicyList sets the PolicyList field's value. 3065func (s *ListPoliciesOutput) SetPolicyList(v []*PolicySummary) *ListPoliciesOutput { 3066 s.PolicyList = v 3067 return s 3068} 3069 3070type ListTagsForResourceInput struct { 3071 _ struct{} `type:"structure"` 3072 3073 // The Amazon Resource Name (ARN) of the resource to return tags for. The Firewall 3074 // Manager policy is the only AWS resource that supports tagging, so this ARN 3075 // is a policy ARN.. 3076 // 3077 // ResourceArn is a required field 3078 ResourceArn *string `min:"1" type:"string" required:"true"` 3079} 3080 3081// String returns the string representation 3082func (s ListTagsForResourceInput) String() string { 3083 return awsutil.Prettify(s) 3084} 3085 3086// GoString returns the string representation 3087func (s ListTagsForResourceInput) GoString() string { 3088 return s.String() 3089} 3090 3091// Validate inspects the fields of the type to determine if they are valid. 3092func (s *ListTagsForResourceInput) Validate() error { 3093 invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} 3094 if s.ResourceArn == nil { 3095 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 3096 } 3097 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 3098 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 3099 } 3100 3101 if invalidParams.Len() > 0 { 3102 return invalidParams 3103 } 3104 return nil 3105} 3106 3107// SetResourceArn sets the ResourceArn field's value. 3108func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { 3109 s.ResourceArn = &v 3110 return s 3111} 3112 3113type ListTagsForResourceOutput struct { 3114 _ struct{} `type:"structure"` 3115 3116 // The tags associated with the resource. 3117 TagList []*Tag `type:"list"` 3118} 3119 3120// String returns the string representation 3121func (s ListTagsForResourceOutput) String() string { 3122 return awsutil.Prettify(s) 3123} 3124 3125// GoString returns the string representation 3126func (s ListTagsForResourceOutput) GoString() string { 3127 return s.String() 3128} 3129 3130// SetTagList sets the TagList field's value. 3131func (s *ListTagsForResourceOutput) SetTagList(v []*Tag) *ListTagsForResourceOutput { 3132 s.TagList = v 3133 return s 3134} 3135 3136// An AWS Firewall Manager policy. 3137type Policy struct { 3138 _ struct{} `type:"structure"` 3139 3140 // Specifies the AWS account IDs and AWS Organizations organizational units 3141 // (OUs) to exclude from the policy. Specifying an OU is the equivalent of specifying 3142 // all accounts in the OU and in any of its child OUs, including any child OUs 3143 // and accounts that are added at a later time. 3144 // 3145 // You can specify inclusions or exclusions, but not both. If you specify an 3146 // IncludeMap, AWS Firewall Manager applies the policy to all accounts specified 3147 // by the IncludeMap, and does not evaluate any ExcludeMap specifications. If 3148 // you do not specify an IncludeMap, then Firewall Manager applies the policy 3149 // to all accounts except for those specified by the ExcludeMap. 3150 // 3151 // You can specify account IDs, OUs, or a combination: 3152 // 3153 // * Specify account IDs by setting the key to ACCOUNT. For example, the 3154 // following is a valid map: {“ACCOUNT” : [“accountID1”, “accountID2”]}. 3155 // 3156 // * Specify OUs by setting the key to ORG_UNIT. For example, the following 3157 // is a valid map: {“ORG_UNIT” : [“ouid111”, “ouid112”]}. 3158 // 3159 // * Specify accounts and OUs together in a single map, separated with a 3160 // comma. For example, the following is a valid map: {“ACCOUNT” : [“accountID1”, 3161 // “accountID2”], “ORG_UNIT” : [“ouid111”, “ouid112”]}. 3162 ExcludeMap map[string][]*string `type:"map"` 3163 3164 // If set to True, resources with the tags that are specified in the ResourceTag 3165 // array are not in scope of the policy. If set to False, and the ResourceTag 3166 // array is not null, only resources with the specified tags are in scope of 3167 // the policy. 3168 // 3169 // ExcludeResourceTags is a required field 3170 ExcludeResourceTags *bool `type:"boolean" required:"true"` 3171 3172 // Specifies the AWS account IDs and AWS Organizations organizational units 3173 // (OUs) to include in the policy. Specifying an OU is the equivalent of specifying 3174 // all accounts in the OU and in any of its child OUs, including any child OUs 3175 // and accounts that are added at a later time. 3176 // 3177 // You can specify inclusions or exclusions, but not both. If you specify an 3178 // IncludeMap, AWS Firewall Manager applies the policy to all accounts specified 3179 // by the IncludeMap, and does not evaluate any ExcludeMap specifications. If 3180 // you do not specify an IncludeMap, then Firewall Manager applies the policy 3181 // to all accounts except for those specified by the ExcludeMap. 3182 // 3183 // You can specify account IDs, OUs, or a combination: 3184 // 3185 // * Specify account IDs by setting the key to ACCOUNT. For example, the 3186 // following is a valid map: {“ACCOUNT” : [“accountID1”, “accountID2”]}. 3187 // 3188 // * Specify OUs by setting the key to ORG_UNIT. For example, the following 3189 // is a valid map: {“ORG_UNIT” : [“ouid111”, “ouid112”]}. 3190 // 3191 // * Specify accounts and OUs together in a single map, separated with a 3192 // comma. For example, the following is a valid map: {“ACCOUNT” : [“accountID1”, 3193 // “accountID2”], “ORG_UNIT” : [“ouid111”, “ouid112”]}. 3194 IncludeMap map[string][]*string `type:"map"` 3195 3196 // The ID of the AWS Firewall Manager policy. 3197 PolicyId *string `min:"36" type:"string"` 3198 3199 // The friendly name of the AWS Firewall Manager policy. 3200 // 3201 // PolicyName is a required field 3202 PolicyName *string `min:"1" type:"string" required:"true"` 3203 3204 // A unique identifier for each update to the policy. When issuing a PutPolicy 3205 // request, the PolicyUpdateToken in the request must match the PolicyUpdateToken 3206 // of the current policy version. To get the PolicyUpdateToken of the current 3207 // policy version, use a GetPolicy request. 3208 PolicyUpdateToken *string `min:"1" type:"string"` 3209 3210 // Indicates if the policy should be automatically applied to new resources. 3211 // 3212 // RemediationEnabled is a required field 3213 RemediationEnabled *bool `type:"boolean" required:"true"` 3214 3215 // An array of ResourceTag objects. 3216 ResourceTags []*ResourceTag `type:"list"` 3217 3218 // The type of resource protected by or in scope of the policy. This is in the 3219 // format shown in the AWS Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 3220 // For AWS WAF and Shield Advanced, examples include AWS::ElasticLoadBalancingV2::LoadBalancer 3221 // and AWS::CloudFront::Distribution. For a security group common policy, valid 3222 // values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security 3223 // group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, 3224 // and AWS::EC2::Instance. For a security group usage audit policy, the value 3225 // is AWS::EC2::SecurityGroup. 3226 // 3227 // ResourceType is a required field 3228 ResourceType *string `min:"1" type:"string" required:"true"` 3229 3230 // An array of ResourceType. 3231 ResourceTypeList []*string `type:"list"` 3232 3233 // Details about the security service that is being used to protect the resources. 3234 // 3235 // SecurityServicePolicyData is a required field 3236 SecurityServicePolicyData *SecurityServicePolicyData `type:"structure" required:"true"` 3237} 3238 3239// String returns the string representation 3240func (s Policy) String() string { 3241 return awsutil.Prettify(s) 3242} 3243 3244// GoString returns the string representation 3245func (s Policy) GoString() string { 3246 return s.String() 3247} 3248 3249// Validate inspects the fields of the type to determine if they are valid. 3250func (s *Policy) Validate() error { 3251 invalidParams := request.ErrInvalidParams{Context: "Policy"} 3252 if s.ExcludeResourceTags == nil { 3253 invalidParams.Add(request.NewErrParamRequired("ExcludeResourceTags")) 3254 } 3255 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 3256 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 3257 } 3258 if s.PolicyName == nil { 3259 invalidParams.Add(request.NewErrParamRequired("PolicyName")) 3260 } 3261 if s.PolicyName != nil && len(*s.PolicyName) < 1 { 3262 invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1)) 3263 } 3264 if s.PolicyUpdateToken != nil && len(*s.PolicyUpdateToken) < 1 { 3265 invalidParams.Add(request.NewErrParamMinLen("PolicyUpdateToken", 1)) 3266 } 3267 if s.RemediationEnabled == nil { 3268 invalidParams.Add(request.NewErrParamRequired("RemediationEnabled")) 3269 } 3270 if s.ResourceType == nil { 3271 invalidParams.Add(request.NewErrParamRequired("ResourceType")) 3272 } 3273 if s.ResourceType != nil && len(*s.ResourceType) < 1 { 3274 invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) 3275 } 3276 if s.SecurityServicePolicyData == nil { 3277 invalidParams.Add(request.NewErrParamRequired("SecurityServicePolicyData")) 3278 } 3279 if s.ResourceTags != nil { 3280 for i, v := range s.ResourceTags { 3281 if v == nil { 3282 continue 3283 } 3284 if err := v.Validate(); err != nil { 3285 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceTags", i), err.(request.ErrInvalidParams)) 3286 } 3287 } 3288 } 3289 if s.SecurityServicePolicyData != nil { 3290 if err := s.SecurityServicePolicyData.Validate(); err != nil { 3291 invalidParams.AddNested("SecurityServicePolicyData", err.(request.ErrInvalidParams)) 3292 } 3293 } 3294 3295 if invalidParams.Len() > 0 { 3296 return invalidParams 3297 } 3298 return nil 3299} 3300 3301// SetExcludeMap sets the ExcludeMap field's value. 3302func (s *Policy) SetExcludeMap(v map[string][]*string) *Policy { 3303 s.ExcludeMap = v 3304 return s 3305} 3306 3307// SetExcludeResourceTags sets the ExcludeResourceTags field's value. 3308func (s *Policy) SetExcludeResourceTags(v bool) *Policy { 3309 s.ExcludeResourceTags = &v 3310 return s 3311} 3312 3313// SetIncludeMap sets the IncludeMap field's value. 3314func (s *Policy) SetIncludeMap(v map[string][]*string) *Policy { 3315 s.IncludeMap = v 3316 return s 3317} 3318 3319// SetPolicyId sets the PolicyId field's value. 3320func (s *Policy) SetPolicyId(v string) *Policy { 3321 s.PolicyId = &v 3322 return s 3323} 3324 3325// SetPolicyName sets the PolicyName field's value. 3326func (s *Policy) SetPolicyName(v string) *Policy { 3327 s.PolicyName = &v 3328 return s 3329} 3330 3331// SetPolicyUpdateToken sets the PolicyUpdateToken field's value. 3332func (s *Policy) SetPolicyUpdateToken(v string) *Policy { 3333 s.PolicyUpdateToken = &v 3334 return s 3335} 3336 3337// SetRemediationEnabled sets the RemediationEnabled field's value. 3338func (s *Policy) SetRemediationEnabled(v bool) *Policy { 3339 s.RemediationEnabled = &v 3340 return s 3341} 3342 3343// SetResourceTags sets the ResourceTags field's value. 3344func (s *Policy) SetResourceTags(v []*ResourceTag) *Policy { 3345 s.ResourceTags = v 3346 return s 3347} 3348 3349// SetResourceType sets the ResourceType field's value. 3350func (s *Policy) SetResourceType(v string) *Policy { 3351 s.ResourceType = &v 3352 return s 3353} 3354 3355// SetResourceTypeList sets the ResourceTypeList field's value. 3356func (s *Policy) SetResourceTypeList(v []*string) *Policy { 3357 s.ResourceTypeList = v 3358 return s 3359} 3360 3361// SetSecurityServicePolicyData sets the SecurityServicePolicyData field's value. 3362func (s *Policy) SetSecurityServicePolicyData(v *SecurityServicePolicyData) *Policy { 3363 s.SecurityServicePolicyData = v 3364 return s 3365} 3366 3367// Describes the noncompliant resources in a member account for a specific AWS 3368// Firewall Manager policy. A maximum of 100 entries are displayed. If more 3369// than 100 resources are noncompliant, EvaluationLimitExceeded is set to True. 3370type PolicyComplianceDetail struct { 3371 _ struct{} `type:"structure"` 3372 3373 // Indicates if over 100 resources are noncompliant with the AWS Firewall Manager 3374 // policy. 3375 EvaluationLimitExceeded *bool `type:"boolean"` 3376 3377 // A timestamp that indicates when the returned information should be considered 3378 // out of date. 3379 ExpiredAt *time.Time `type:"timestamp"` 3380 3381 // Details about problems with dependent services, such as AWS WAF or AWS Config, 3382 // that are causing a resource to be noncompliant. The details include the name 3383 // of the dependent service and the error message received that indicates the 3384 // problem with the service. 3385 IssueInfoMap map[string]*string `type:"map"` 3386 3387 // The AWS account ID. 3388 MemberAccount *string `min:"1" type:"string"` 3389 3390 // The ID of the AWS Firewall Manager policy. 3391 PolicyId *string `min:"36" type:"string"` 3392 3393 // The AWS account that created the AWS Firewall Manager policy. 3394 PolicyOwner *string `min:"1" type:"string"` 3395 3396 // An array of resources that aren't protected by the AWS WAF or Shield Advanced 3397 // policy or that aren't in compliance with the security group policy. 3398 Violators []*ComplianceViolator `type:"list"` 3399} 3400 3401// String returns the string representation 3402func (s PolicyComplianceDetail) String() string { 3403 return awsutil.Prettify(s) 3404} 3405 3406// GoString returns the string representation 3407func (s PolicyComplianceDetail) GoString() string { 3408 return s.String() 3409} 3410 3411// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value. 3412func (s *PolicyComplianceDetail) SetEvaluationLimitExceeded(v bool) *PolicyComplianceDetail { 3413 s.EvaluationLimitExceeded = &v 3414 return s 3415} 3416 3417// SetExpiredAt sets the ExpiredAt field's value. 3418func (s *PolicyComplianceDetail) SetExpiredAt(v time.Time) *PolicyComplianceDetail { 3419 s.ExpiredAt = &v 3420 return s 3421} 3422 3423// SetIssueInfoMap sets the IssueInfoMap field's value. 3424func (s *PolicyComplianceDetail) SetIssueInfoMap(v map[string]*string) *PolicyComplianceDetail { 3425 s.IssueInfoMap = v 3426 return s 3427} 3428 3429// SetMemberAccount sets the MemberAccount field's value. 3430func (s *PolicyComplianceDetail) SetMemberAccount(v string) *PolicyComplianceDetail { 3431 s.MemberAccount = &v 3432 return s 3433} 3434 3435// SetPolicyId sets the PolicyId field's value. 3436func (s *PolicyComplianceDetail) SetPolicyId(v string) *PolicyComplianceDetail { 3437 s.PolicyId = &v 3438 return s 3439} 3440 3441// SetPolicyOwner sets the PolicyOwner field's value. 3442func (s *PolicyComplianceDetail) SetPolicyOwner(v string) *PolicyComplianceDetail { 3443 s.PolicyOwner = &v 3444 return s 3445} 3446 3447// SetViolators sets the Violators field's value. 3448func (s *PolicyComplianceDetail) SetViolators(v []*ComplianceViolator) *PolicyComplianceDetail { 3449 s.Violators = v 3450 return s 3451} 3452 3453// Indicates whether the account is compliant with the specified policy. An 3454// account is considered noncompliant if it includes resources that are not 3455// protected by the policy, for AWS WAF and Shield Advanced policies, or that 3456// are noncompliant with the policy, for security group policies. 3457type PolicyComplianceStatus struct { 3458 _ struct{} `type:"structure"` 3459 3460 // An array of EvaluationResult objects. 3461 EvaluationResults []*EvaluationResult `type:"list"` 3462 3463 // Details about problems with dependent services, such as AWS WAF or AWS Config, 3464 // that are causing a resource to be noncompliant. The details include the name 3465 // of the dependent service and the error message received that indicates the 3466 // problem with the service. 3467 IssueInfoMap map[string]*string `type:"map"` 3468 3469 // Timestamp of the last update to the EvaluationResult objects. 3470 LastUpdated *time.Time `type:"timestamp"` 3471 3472 // The member account ID. 3473 MemberAccount *string `min:"1" type:"string"` 3474 3475 // The ID of the AWS Firewall Manager policy. 3476 PolicyId *string `min:"36" type:"string"` 3477 3478 // The friendly name of the AWS Firewall Manager policy. 3479 PolicyName *string `min:"1" type:"string"` 3480 3481 // The AWS account that created the AWS Firewall Manager policy. 3482 PolicyOwner *string `min:"1" type:"string"` 3483} 3484 3485// String returns the string representation 3486func (s PolicyComplianceStatus) String() string { 3487 return awsutil.Prettify(s) 3488} 3489 3490// GoString returns the string representation 3491func (s PolicyComplianceStatus) GoString() string { 3492 return s.String() 3493} 3494 3495// SetEvaluationResults sets the EvaluationResults field's value. 3496func (s *PolicyComplianceStatus) SetEvaluationResults(v []*EvaluationResult) *PolicyComplianceStatus { 3497 s.EvaluationResults = v 3498 return s 3499} 3500 3501// SetIssueInfoMap sets the IssueInfoMap field's value. 3502func (s *PolicyComplianceStatus) SetIssueInfoMap(v map[string]*string) *PolicyComplianceStatus { 3503 s.IssueInfoMap = v 3504 return s 3505} 3506 3507// SetLastUpdated sets the LastUpdated field's value. 3508func (s *PolicyComplianceStatus) SetLastUpdated(v time.Time) *PolicyComplianceStatus { 3509 s.LastUpdated = &v 3510 return s 3511} 3512 3513// SetMemberAccount sets the MemberAccount field's value. 3514func (s *PolicyComplianceStatus) SetMemberAccount(v string) *PolicyComplianceStatus { 3515 s.MemberAccount = &v 3516 return s 3517} 3518 3519// SetPolicyId sets the PolicyId field's value. 3520func (s *PolicyComplianceStatus) SetPolicyId(v string) *PolicyComplianceStatus { 3521 s.PolicyId = &v 3522 return s 3523} 3524 3525// SetPolicyName sets the PolicyName field's value. 3526func (s *PolicyComplianceStatus) SetPolicyName(v string) *PolicyComplianceStatus { 3527 s.PolicyName = &v 3528 return s 3529} 3530 3531// SetPolicyOwner sets the PolicyOwner field's value. 3532func (s *PolicyComplianceStatus) SetPolicyOwner(v string) *PolicyComplianceStatus { 3533 s.PolicyOwner = &v 3534 return s 3535} 3536 3537// Details of the AWS Firewall Manager policy. 3538type PolicySummary struct { 3539 _ struct{} `type:"structure"` 3540 3541 // The Amazon Resource Name (ARN) of the specified policy. 3542 PolicyArn *string `min:"1" type:"string"` 3543 3544 // The ID of the specified policy. 3545 PolicyId *string `min:"36" type:"string"` 3546 3547 // The friendly name of the specified policy. 3548 PolicyName *string `min:"1" type:"string"` 3549 3550 // Indicates if the policy should be automatically applied to new resources. 3551 RemediationEnabled *bool `type:"boolean"` 3552 3553 // The type of resource protected by or in scope of the policy. This is in the 3554 // format shown in the AWS Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 3555 // For AWS WAF and Shield Advanced, examples include AWS::ElasticLoadBalancingV2::LoadBalancer 3556 // and AWS::CloudFront::Distribution. For a security group common policy, valid 3557 // values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security 3558 // group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, 3559 // and AWS::EC2::Instance. For a security group usage audit policy, the value 3560 // is AWS::EC2::SecurityGroup. 3561 ResourceType *string `min:"1" type:"string"` 3562 3563 // The service that the policy is using to protect the resources. This specifies 3564 // the type of policy that is created, either an AWS WAF policy, a Shield Advanced 3565 // policy, or a security group policy. 3566 SecurityServiceType *string `type:"string" enum:"SecurityServiceType"` 3567} 3568 3569// String returns the string representation 3570func (s PolicySummary) String() string { 3571 return awsutil.Prettify(s) 3572} 3573 3574// GoString returns the string representation 3575func (s PolicySummary) GoString() string { 3576 return s.String() 3577} 3578 3579// SetPolicyArn sets the PolicyArn field's value. 3580func (s *PolicySummary) SetPolicyArn(v string) *PolicySummary { 3581 s.PolicyArn = &v 3582 return s 3583} 3584 3585// SetPolicyId sets the PolicyId field's value. 3586func (s *PolicySummary) SetPolicyId(v string) *PolicySummary { 3587 s.PolicyId = &v 3588 return s 3589} 3590 3591// SetPolicyName sets the PolicyName field's value. 3592func (s *PolicySummary) SetPolicyName(v string) *PolicySummary { 3593 s.PolicyName = &v 3594 return s 3595} 3596 3597// SetRemediationEnabled sets the RemediationEnabled field's value. 3598func (s *PolicySummary) SetRemediationEnabled(v bool) *PolicySummary { 3599 s.RemediationEnabled = &v 3600 return s 3601} 3602 3603// SetResourceType sets the ResourceType field's value. 3604func (s *PolicySummary) SetResourceType(v string) *PolicySummary { 3605 s.ResourceType = &v 3606 return s 3607} 3608 3609// SetSecurityServiceType sets the SecurityServiceType field's value. 3610func (s *PolicySummary) SetSecurityServiceType(v string) *PolicySummary { 3611 s.SecurityServiceType = &v 3612 return s 3613} 3614 3615type PutNotificationChannelInput struct { 3616 _ struct{} `type:"structure"` 3617 3618 // The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to 3619 // record AWS Firewall Manager activity. 3620 // 3621 // SnsRoleName is a required field 3622 SnsRoleName *string `min:"1" type:"string" required:"true"` 3623 3624 // The Amazon Resource Name (ARN) of the SNS topic that collects notifications 3625 // from AWS Firewall Manager. 3626 // 3627 // SnsTopicArn is a required field 3628 SnsTopicArn *string `min:"1" type:"string" required:"true"` 3629} 3630 3631// String returns the string representation 3632func (s PutNotificationChannelInput) String() string { 3633 return awsutil.Prettify(s) 3634} 3635 3636// GoString returns the string representation 3637func (s PutNotificationChannelInput) GoString() string { 3638 return s.String() 3639} 3640 3641// Validate inspects the fields of the type to determine if they are valid. 3642func (s *PutNotificationChannelInput) Validate() error { 3643 invalidParams := request.ErrInvalidParams{Context: "PutNotificationChannelInput"} 3644 if s.SnsRoleName == nil { 3645 invalidParams.Add(request.NewErrParamRequired("SnsRoleName")) 3646 } 3647 if s.SnsRoleName != nil && len(*s.SnsRoleName) < 1 { 3648 invalidParams.Add(request.NewErrParamMinLen("SnsRoleName", 1)) 3649 } 3650 if s.SnsTopicArn == nil { 3651 invalidParams.Add(request.NewErrParamRequired("SnsTopicArn")) 3652 } 3653 if s.SnsTopicArn != nil && len(*s.SnsTopicArn) < 1 { 3654 invalidParams.Add(request.NewErrParamMinLen("SnsTopicArn", 1)) 3655 } 3656 3657 if invalidParams.Len() > 0 { 3658 return invalidParams 3659 } 3660 return nil 3661} 3662 3663// SetSnsRoleName sets the SnsRoleName field's value. 3664func (s *PutNotificationChannelInput) SetSnsRoleName(v string) *PutNotificationChannelInput { 3665 s.SnsRoleName = &v 3666 return s 3667} 3668 3669// SetSnsTopicArn sets the SnsTopicArn field's value. 3670func (s *PutNotificationChannelInput) SetSnsTopicArn(v string) *PutNotificationChannelInput { 3671 s.SnsTopicArn = &v 3672 return s 3673} 3674 3675type PutNotificationChannelOutput struct { 3676 _ struct{} `type:"structure"` 3677} 3678 3679// String returns the string representation 3680func (s PutNotificationChannelOutput) String() string { 3681 return awsutil.Prettify(s) 3682} 3683 3684// GoString returns the string representation 3685func (s PutNotificationChannelOutput) GoString() string { 3686 return s.String() 3687} 3688 3689type PutPolicyInput struct { 3690 _ struct{} `type:"structure"` 3691 3692 // The details of the AWS Firewall Manager policy to be created. 3693 // 3694 // Policy is a required field 3695 Policy *Policy `type:"structure" required:"true"` 3696 3697 // The tags to add to the AWS resource. 3698 TagList []*Tag `type:"list"` 3699} 3700 3701// String returns the string representation 3702func (s PutPolicyInput) String() string { 3703 return awsutil.Prettify(s) 3704} 3705 3706// GoString returns the string representation 3707func (s PutPolicyInput) GoString() string { 3708 return s.String() 3709} 3710 3711// Validate inspects the fields of the type to determine if they are valid. 3712func (s *PutPolicyInput) Validate() error { 3713 invalidParams := request.ErrInvalidParams{Context: "PutPolicyInput"} 3714 if s.Policy == nil { 3715 invalidParams.Add(request.NewErrParamRequired("Policy")) 3716 } 3717 if s.Policy != nil { 3718 if err := s.Policy.Validate(); err != nil { 3719 invalidParams.AddNested("Policy", err.(request.ErrInvalidParams)) 3720 } 3721 } 3722 if s.TagList != nil { 3723 for i, v := range s.TagList { 3724 if v == nil { 3725 continue 3726 } 3727 if err := v.Validate(); err != nil { 3728 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 3729 } 3730 } 3731 } 3732 3733 if invalidParams.Len() > 0 { 3734 return invalidParams 3735 } 3736 return nil 3737} 3738 3739// SetPolicy sets the Policy field's value. 3740func (s *PutPolicyInput) SetPolicy(v *Policy) *PutPolicyInput { 3741 s.Policy = v 3742 return s 3743} 3744 3745// SetTagList sets the TagList field's value. 3746func (s *PutPolicyInput) SetTagList(v []*Tag) *PutPolicyInput { 3747 s.TagList = v 3748 return s 3749} 3750 3751type PutPolicyOutput struct { 3752 _ struct{} `type:"structure"` 3753 3754 // The details of the AWS Firewall Manager policy that was created. 3755 Policy *Policy `type:"structure"` 3756 3757 // The Amazon Resource Name (ARN) of the policy that was created. 3758 PolicyArn *string `min:"1" type:"string"` 3759} 3760 3761// String returns the string representation 3762func (s PutPolicyOutput) String() string { 3763 return awsutil.Prettify(s) 3764} 3765 3766// GoString returns the string representation 3767func (s PutPolicyOutput) GoString() string { 3768 return s.String() 3769} 3770 3771// SetPolicy sets the Policy field's value. 3772func (s *PutPolicyOutput) SetPolicy(v *Policy) *PutPolicyOutput { 3773 s.Policy = v 3774 return s 3775} 3776 3777// SetPolicyArn sets the PolicyArn field's value. 3778func (s *PutPolicyOutput) SetPolicyArn(v string) *PutPolicyOutput { 3779 s.PolicyArn = &v 3780 return s 3781} 3782 3783// The specified resource was not found. 3784type ResourceNotFoundException struct { 3785 _ struct{} `type:"structure"` 3786 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 3787 3788 Message_ *string `locationName:"Message" type:"string"` 3789} 3790 3791// String returns the string representation 3792func (s ResourceNotFoundException) String() string { 3793 return awsutil.Prettify(s) 3794} 3795 3796// GoString returns the string representation 3797func (s ResourceNotFoundException) GoString() string { 3798 return s.String() 3799} 3800 3801func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { 3802 return &ResourceNotFoundException{ 3803 RespMetadata: v, 3804 } 3805} 3806 3807// Code returns the exception type name. 3808func (s *ResourceNotFoundException) Code() string { 3809 return "ResourceNotFoundException" 3810} 3811 3812// Message returns the exception's message. 3813func (s *ResourceNotFoundException) Message() string { 3814 if s.Message_ != nil { 3815 return *s.Message_ 3816 } 3817 return "" 3818} 3819 3820// OrigErr always returns nil, satisfies awserr.Error interface. 3821func (s *ResourceNotFoundException) OrigErr() error { 3822 return nil 3823} 3824 3825func (s *ResourceNotFoundException) Error() string { 3826 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 3827} 3828 3829// Status code returns the HTTP status code for the request's response error. 3830func (s *ResourceNotFoundException) StatusCode() int { 3831 return s.RespMetadata.StatusCode 3832} 3833 3834// RequestID returns the service's response RequestID for request. 3835func (s *ResourceNotFoundException) RequestID() string { 3836 return s.RespMetadata.RequestID 3837} 3838 3839// The resource tags that AWS Firewall Manager uses to determine if a particular 3840// resource should be included or excluded from the AWS Firewall Manager policy. 3841// Tags enable you to categorize your AWS resources in different ways, for example, 3842// by purpose, owner, or environment. Each tag consists of a key and an optional 3843// value. Firewall Manager combines the tags with "AND" so that, if you add 3844// more than one tag to a policy scope, a resource must have all the specified 3845// tags to be included or excluded. For more information, see Working with Tag 3846// Editor (https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/tag-editor.html). 3847type ResourceTag struct { 3848 _ struct{} `type:"structure"` 3849 3850 // The resource tag key. 3851 // 3852 // Key is a required field 3853 Key *string `min:"1" type:"string" required:"true"` 3854 3855 // The resource tag value. 3856 Value *string `type:"string"` 3857} 3858 3859// String returns the string representation 3860func (s ResourceTag) String() string { 3861 return awsutil.Prettify(s) 3862} 3863 3864// GoString returns the string representation 3865func (s ResourceTag) GoString() string { 3866 return s.String() 3867} 3868 3869// Validate inspects the fields of the type to determine if they are valid. 3870func (s *ResourceTag) Validate() error { 3871 invalidParams := request.ErrInvalidParams{Context: "ResourceTag"} 3872 if s.Key == nil { 3873 invalidParams.Add(request.NewErrParamRequired("Key")) 3874 } 3875 if s.Key != nil && len(*s.Key) < 1 { 3876 invalidParams.Add(request.NewErrParamMinLen("Key", 1)) 3877 } 3878 3879 if invalidParams.Len() > 0 { 3880 return invalidParams 3881 } 3882 return nil 3883} 3884 3885// SetKey sets the Key field's value. 3886func (s *ResourceTag) SetKey(v string) *ResourceTag { 3887 s.Key = &v 3888 return s 3889} 3890 3891// SetValue sets the Value field's value. 3892func (s *ResourceTag) SetValue(v string) *ResourceTag { 3893 s.Value = &v 3894 return s 3895} 3896 3897// Details about the security service that is being used to protect the resources. 3898type SecurityServicePolicyData struct { 3899 _ struct{} `type:"structure"` 3900 3901 // Details about the service that are specific to the service type, in JSON 3902 // format. For service type SHIELD_ADVANCED, this is an empty string. 3903 // 3904 // * Example: WAFV2 "ManagedServiceData": "{\"type\":\"WAFV2\",\"defaultAction\":{\"type\":\"ALLOW\"},\"preProcessRuleGroups\":[{\"managedRuleGroupIdentifier\":null,\"ruleGroupArn\":\"rulegrouparn\",\"overrideAction\":{\"type\":\"COUNT\"},\"excludedRules\":[{\"name\":\"EntityName\"}],\"ruleGroupType\":\"RuleGroup\"}],\"postProcessRuleGroups\":[{\"managedRuleGroupIdentifier\":{\"managedRuleGroupName\":\"AWSManagedRulesAdminProtectionRuleSet\",\"vendor\":\"AWS\"},\"ruleGroupArn\":\"rulegrouparn\",\"overrideAction\":{\"type\":\"NONE\"},\"excludedRules\":[],\"ruleGroupType\":\"ManagedRuleGroup\"}],\"overrideCustomerWebACLAssociation\":false}" 3905 // 3906 // * Example: WAF Classic "ManagedServiceData": "{\"type\": \"WAF\", \"ruleGroups\": 3907 // [{\"id\": \"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" 3908 // : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}} 3909 // 3910 // * Example: SECURITY_GROUPS_COMMON "SecurityServicePolicyData":{"Type":"SECURITY_GROUPS_COMMON","ManagedServiceData":"{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, 3911 // \"applyToAllEC2InstanceENIs\":false,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"},"RemediationEnabled":false,"ResourceType":"AWS::EC2::NetworkInterface"} 3912 // 3913 // * Example: SECURITY_GROUPS_CONTENT_AUDIT "SecurityServicePolicyData":{"Type":"SECURITY_GROUPS_CONTENT_AUDIT","ManagedServiceData":"{\"type\":\"SECURITY_GROUPS_CONTENT_AUDIT\",\"securityGroups\":[{\"id\":\" 3914 // sg-000e55995d61a06bd \"}],\"securityGroupAction\":{\"type\":\"ALLOW\"}}"},"RemediationEnabled":false,"ResourceType":"AWS::EC2::NetworkInterface"} 3915 // The security group action for content audit can be ALLOW or DENY. For 3916 // ALLOW, all in-scope security group rules must be within the allowed range 3917 // of the policy's security group rules. For DENY, all in-scope security 3918 // group rules must not contain a value or a range that matches a rule value 3919 // or range in the policy security group. 3920 // 3921 // * Example: SECURITY_GROUPS_USAGE_AUDIT "SecurityServicePolicyData":{"Type":"SECURITY_GROUPS_USAGE_AUDIT","ManagedServiceData":"{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}"},"RemediationEnabled":false,"Resou 3922 // rceType":"AWS::EC2::SecurityGroup"} 3923 ManagedServiceData *string `min:"1" type:"string"` 3924 3925 // The service that the policy is using to protect the resources. This specifies 3926 // the type of policy that is created, either an AWS WAF policy, a Shield Advanced 3927 // policy, or a security group policy. For security group policies, Firewall 3928 // Manager supports one security group for each common policy and for each content 3929 // audit policy. This is an adjustable limit that you can increase by contacting 3930 // AWS Support. 3931 // 3932 // Type is a required field 3933 Type *string `type:"string" required:"true" enum:"SecurityServiceType"` 3934} 3935 3936// String returns the string representation 3937func (s SecurityServicePolicyData) String() string { 3938 return awsutil.Prettify(s) 3939} 3940 3941// GoString returns the string representation 3942func (s SecurityServicePolicyData) GoString() string { 3943 return s.String() 3944} 3945 3946// Validate inspects the fields of the type to determine if they are valid. 3947func (s *SecurityServicePolicyData) Validate() error { 3948 invalidParams := request.ErrInvalidParams{Context: "SecurityServicePolicyData"} 3949 if s.ManagedServiceData != nil && len(*s.ManagedServiceData) < 1 { 3950 invalidParams.Add(request.NewErrParamMinLen("ManagedServiceData", 1)) 3951 } 3952 if s.Type == nil { 3953 invalidParams.Add(request.NewErrParamRequired("Type")) 3954 } 3955 3956 if invalidParams.Len() > 0 { 3957 return invalidParams 3958 } 3959 return nil 3960} 3961 3962// SetManagedServiceData sets the ManagedServiceData field's value. 3963func (s *SecurityServicePolicyData) SetManagedServiceData(v string) *SecurityServicePolicyData { 3964 s.ManagedServiceData = &v 3965 return s 3966} 3967 3968// SetType sets the Type field's value. 3969func (s *SecurityServicePolicyData) SetType(v string) *SecurityServicePolicyData { 3970 s.Type = &v 3971 return s 3972} 3973 3974// A collection of key:value pairs associated with an AWS resource. The key:value 3975// pair can be anything you define. Typically, the tag key represents a category 3976// (such as "environment") and the tag value represents a specific value within 3977// that category (such as "test," "development," or "production"). You can add 3978// up to 50 tags to each AWS resource. 3979type Tag struct { 3980 _ struct{} `type:"structure"` 3981 3982 // Part of the key:value pair that defines a tag. You can use a tag key to describe 3983 // a category of information, such as "customer." Tag keys are case-sensitive. 3984 // 3985 // Key is a required field 3986 Key *string `min:"1" type:"string" required:"true"` 3987 3988 // Part of the key:value pair that defines a tag. You can use a tag value to 3989 // describe a specific value within a category, such as "companyA" or "companyB." 3990 // Tag values are case-sensitive. 3991 // 3992 // Value is a required field 3993 Value *string `type:"string" required:"true"` 3994} 3995 3996// String returns the string representation 3997func (s Tag) String() string { 3998 return awsutil.Prettify(s) 3999} 4000 4001// GoString returns the string representation 4002func (s Tag) GoString() string { 4003 return s.String() 4004} 4005 4006// Validate inspects the fields of the type to determine if they are valid. 4007func (s *Tag) Validate() error { 4008 invalidParams := request.ErrInvalidParams{Context: "Tag"} 4009 if s.Key == nil { 4010 invalidParams.Add(request.NewErrParamRequired("Key")) 4011 } 4012 if s.Key != nil && len(*s.Key) < 1 { 4013 invalidParams.Add(request.NewErrParamMinLen("Key", 1)) 4014 } 4015 if s.Value == nil { 4016 invalidParams.Add(request.NewErrParamRequired("Value")) 4017 } 4018 4019 if invalidParams.Len() > 0 { 4020 return invalidParams 4021 } 4022 return nil 4023} 4024 4025// SetKey sets the Key field's value. 4026func (s *Tag) SetKey(v string) *Tag { 4027 s.Key = &v 4028 return s 4029} 4030 4031// SetValue sets the Value field's value. 4032func (s *Tag) SetValue(v string) *Tag { 4033 s.Value = &v 4034 return s 4035} 4036 4037type TagResourceInput struct { 4038 _ struct{} `type:"structure"` 4039 4040 // The Amazon Resource Name (ARN) of the resource. The Firewall Manager policy 4041 // is the only AWS resource that supports tagging, so this ARN is a policy ARN. 4042 // 4043 // ResourceArn is a required field 4044 ResourceArn *string `min:"1" type:"string" required:"true"` 4045 4046 // The tags to add to the resource. 4047 // 4048 // TagList is a required field 4049 TagList []*Tag `type:"list" required:"true"` 4050} 4051 4052// String returns the string representation 4053func (s TagResourceInput) String() string { 4054 return awsutil.Prettify(s) 4055} 4056 4057// GoString returns the string representation 4058func (s TagResourceInput) GoString() string { 4059 return s.String() 4060} 4061 4062// Validate inspects the fields of the type to determine if they are valid. 4063func (s *TagResourceInput) Validate() error { 4064 invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"} 4065 if s.ResourceArn == nil { 4066 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 4067 } 4068 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 4069 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 4070 } 4071 if s.TagList == nil { 4072 invalidParams.Add(request.NewErrParamRequired("TagList")) 4073 } 4074 if s.TagList != nil { 4075 for i, v := range s.TagList { 4076 if v == nil { 4077 continue 4078 } 4079 if err := v.Validate(); err != nil { 4080 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 4081 } 4082 } 4083 } 4084 4085 if invalidParams.Len() > 0 { 4086 return invalidParams 4087 } 4088 return nil 4089} 4090 4091// SetResourceArn sets the ResourceArn field's value. 4092func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput { 4093 s.ResourceArn = &v 4094 return s 4095} 4096 4097// SetTagList sets the TagList field's value. 4098func (s *TagResourceInput) SetTagList(v []*Tag) *TagResourceInput { 4099 s.TagList = v 4100 return s 4101} 4102 4103type TagResourceOutput struct { 4104 _ struct{} `type:"structure"` 4105} 4106 4107// String returns the string representation 4108func (s TagResourceOutput) String() string { 4109 return awsutil.Prettify(s) 4110} 4111 4112// GoString returns the string representation 4113func (s TagResourceOutput) GoString() string { 4114 return s.String() 4115} 4116 4117type UntagResourceInput struct { 4118 _ struct{} `type:"structure"` 4119 4120 // The Amazon Resource Name (ARN) of the resource. The Firewall Manager policy 4121 // is the only AWS resource that supports tagging, so this ARN is a policy ARN. 4122 // 4123 // ResourceArn is a required field 4124 ResourceArn *string `min:"1" type:"string" required:"true"` 4125 4126 // The keys of the tags to remove from the resource. 4127 // 4128 // TagKeys is a required field 4129 TagKeys []*string `type:"list" required:"true"` 4130} 4131 4132// String returns the string representation 4133func (s UntagResourceInput) String() string { 4134 return awsutil.Prettify(s) 4135} 4136 4137// GoString returns the string representation 4138func (s UntagResourceInput) GoString() string { 4139 return s.String() 4140} 4141 4142// Validate inspects the fields of the type to determine if they are valid. 4143func (s *UntagResourceInput) Validate() error { 4144 invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} 4145 if s.ResourceArn == nil { 4146 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 4147 } 4148 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 4149 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 4150 } 4151 if s.TagKeys == nil { 4152 invalidParams.Add(request.NewErrParamRequired("TagKeys")) 4153 } 4154 4155 if invalidParams.Len() > 0 { 4156 return invalidParams 4157 } 4158 return nil 4159} 4160 4161// SetResourceArn sets the ResourceArn field's value. 4162func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { 4163 s.ResourceArn = &v 4164 return s 4165} 4166 4167// SetTagKeys sets the TagKeys field's value. 4168func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { 4169 s.TagKeys = v 4170 return s 4171} 4172 4173type UntagResourceOutput struct { 4174 _ struct{} `type:"structure"` 4175} 4176 4177// String returns the string representation 4178func (s UntagResourceOutput) String() string { 4179 return awsutil.Prettify(s) 4180} 4181 4182// GoString returns the string representation 4183func (s UntagResourceOutput) GoString() string { 4184 return s.String() 4185} 4186 4187const ( 4188 // AccountRoleStatusReady is a AccountRoleStatus enum value 4189 AccountRoleStatusReady = "READY" 4190 4191 // AccountRoleStatusCreating is a AccountRoleStatus enum value 4192 AccountRoleStatusCreating = "CREATING" 4193 4194 // AccountRoleStatusPendingDeletion is a AccountRoleStatus enum value 4195 AccountRoleStatusPendingDeletion = "PENDING_DELETION" 4196 4197 // AccountRoleStatusDeleting is a AccountRoleStatus enum value 4198 AccountRoleStatusDeleting = "DELETING" 4199 4200 // AccountRoleStatusDeleted is a AccountRoleStatus enum value 4201 AccountRoleStatusDeleted = "DELETED" 4202) 4203 4204const ( 4205 // CustomerPolicyScopeIdTypeAccount is a CustomerPolicyScopeIdType enum value 4206 CustomerPolicyScopeIdTypeAccount = "ACCOUNT" 4207 4208 // CustomerPolicyScopeIdTypeOrgUnit is a CustomerPolicyScopeIdType enum value 4209 CustomerPolicyScopeIdTypeOrgUnit = "ORG_UNIT" 4210) 4211 4212const ( 4213 // DependentServiceNameAwsconfig is a DependentServiceName enum value 4214 DependentServiceNameAwsconfig = "AWSCONFIG" 4215 4216 // DependentServiceNameAwswaf is a DependentServiceName enum value 4217 DependentServiceNameAwswaf = "AWSWAF" 4218 4219 // DependentServiceNameAwsshieldAdvanced is a DependentServiceName enum value 4220 DependentServiceNameAwsshieldAdvanced = "AWSSHIELD_ADVANCED" 4221 4222 // DependentServiceNameAwsvpc is a DependentServiceName enum value 4223 DependentServiceNameAwsvpc = "AWSVPC" 4224) 4225 4226const ( 4227 // PolicyComplianceStatusTypeCompliant is a PolicyComplianceStatusType enum value 4228 PolicyComplianceStatusTypeCompliant = "COMPLIANT" 4229 4230 // PolicyComplianceStatusTypeNonCompliant is a PolicyComplianceStatusType enum value 4231 PolicyComplianceStatusTypeNonCompliant = "NON_COMPLIANT" 4232) 4233 4234const ( 4235 // SecurityServiceTypeWaf is a SecurityServiceType enum value 4236 SecurityServiceTypeWaf = "WAF" 4237 4238 // SecurityServiceTypeWafv2 is a SecurityServiceType enum value 4239 SecurityServiceTypeWafv2 = "WAFV2" 4240 4241 // SecurityServiceTypeShieldAdvanced is a SecurityServiceType enum value 4242 SecurityServiceTypeShieldAdvanced = "SHIELD_ADVANCED" 4243 4244 // SecurityServiceTypeSecurityGroupsCommon is a SecurityServiceType enum value 4245 SecurityServiceTypeSecurityGroupsCommon = "SECURITY_GROUPS_COMMON" 4246 4247 // SecurityServiceTypeSecurityGroupsContentAudit is a SecurityServiceType enum value 4248 SecurityServiceTypeSecurityGroupsContentAudit = "SECURITY_GROUPS_CONTENT_AUDIT" 4249 4250 // SecurityServiceTypeSecurityGroupsUsageAudit is a SecurityServiceType enum value 4251 SecurityServiceTypeSecurityGroupsUsageAudit = "SECURITY_GROUPS_USAGE_AUDIT" 4252) 4253 4254const ( 4255 // ViolationReasonWebAclMissingRuleGroup is a ViolationReason enum value 4256 ViolationReasonWebAclMissingRuleGroup = "WEB_ACL_MISSING_RULE_GROUP" 4257 4258 // ViolationReasonResourceMissingWebAcl is a ViolationReason enum value 4259 ViolationReasonResourceMissingWebAcl = "RESOURCE_MISSING_WEB_ACL" 4260 4261 // ViolationReasonResourceIncorrectWebAcl is a ViolationReason enum value 4262 ViolationReasonResourceIncorrectWebAcl = "RESOURCE_INCORRECT_WEB_ACL" 4263 4264 // ViolationReasonResourceMissingShieldProtection is a ViolationReason enum value 4265 ViolationReasonResourceMissingShieldProtection = "RESOURCE_MISSING_SHIELD_PROTECTION" 4266 4267 // ViolationReasonResourceMissingWebAclOrShieldProtection is a ViolationReason enum value 4268 ViolationReasonResourceMissingWebAclOrShieldProtection = "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" 4269 4270 // ViolationReasonResourceMissingSecurityGroup is a ViolationReason enum value 4271 ViolationReasonResourceMissingSecurityGroup = "RESOURCE_MISSING_SECURITY_GROUP" 4272 4273 // ViolationReasonResourceViolatesAuditSecurityGroup is a ViolationReason enum value 4274 ViolationReasonResourceViolatesAuditSecurityGroup = "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" 4275 4276 // ViolationReasonSecurityGroupUnused is a ViolationReason enum value 4277 ViolationReasonSecurityGroupUnused = "SECURITY_GROUP_UNUSED" 4278 4279 // ViolationReasonSecurityGroupRedundant is a ViolationReason enum value 4280 ViolationReasonSecurityGroupRedundant = "SECURITY_GROUP_REDUNDANT" 4281) 4282