1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package networkfirewall 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11) 12 13// Creates or updates an AWS Identity and Access Management policy for your rule 14// group or firewall policy. Use this to share rule groups and firewall policies 15// between accounts. This operation works in conjunction with the AWS Resource 16// Access Manager (RAM) service to manage resource sharing for Network Firewall. 17// Use this operation to create or update a resource policy for your rule group or 18// firewall policy. In the policy, you specify the accounts that you want to share 19// the resource with and the operations that you want the accounts to be able to 20// perform. When you add an account in the resource policy, you then run the 21// following Resource Access Manager (RAM) operations to access and accept the 22// shared rule group or firewall policy. 23// 24// * GetResourceShareInvitations 25// (https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html) 26// - Returns the Amazon Resource Names (ARNs) of the resource share invitations. 27// 28// * 29// AcceptResourceShareInvitation 30// (https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html) 31// - Accepts the share invitation for a specified resource share. 32// 33// For additional 34// information about resource sharing using RAM, see AWS Resource Access Manager 35// User Guide (https://docs.aws.amazon.com/ram/latest/userguide/what-is.html). 36func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolicyInput, optFns ...func(*Options)) (*PutResourcePolicyOutput, error) { 37 if params == nil { 38 params = &PutResourcePolicyInput{} 39 } 40 41 result, metadata, err := c.invokeOperation(ctx, "PutResourcePolicy", params, optFns, c.addOperationPutResourcePolicyMiddlewares) 42 if err != nil { 43 return nil, err 44 } 45 46 out := result.(*PutResourcePolicyOutput) 47 out.ResultMetadata = metadata 48 return out, nil 49} 50 51type PutResourcePolicyInput struct { 52 53 // The AWS Identity and Access Management policy statement that lists the accounts 54 // that you want to share your rule group or firewall policy with and the 55 // operations that you want the accounts to be able to perform. For a rule group 56 // resource, you can specify the following operations in the Actions section of the 57 // statement: 58 // 59 // * network-firewall:CreateFirewallPolicy 60 // 61 // * 62 // network-firewall:UpdateFirewallPolicy 63 // 64 // * network-firewall:ListRuleGroups 65 // 66 // For a 67 // firewall policy resource, you can specify the following operations in the 68 // Actions section of the statement: 69 // 70 // * network-firewall:CreateFirewall 71 // 72 // * 73 // network-firewall:UpdateFirewall 74 // 75 // * network-firewall:AssociateFirewallPolicy 76 // 77 // * 78 // network-firewall:ListFirewallPolicies 79 // 80 // In the Resource section of the statement, 81 // you specify the ARNs for the rule groups and firewall policies that you want to 82 // share with the account that you specified in Arn. 83 // 84 // This member is required. 85 Policy *string 86 87 // The Amazon Resource Name (ARN) of the account that you want to share rule groups 88 // and firewall policies with. 89 // 90 // This member is required. 91 ResourceArn *string 92 93 noSmithyDocumentSerde 94} 95 96type PutResourcePolicyOutput struct { 97 // Metadata pertaining to the operation's result. 98 ResultMetadata middleware.Metadata 99 100 noSmithyDocumentSerde 101} 102 103func (c *Client) addOperationPutResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { 104 err = stack.Serialize.Add(&awsAwsjson10_serializeOpPutResourcePolicy{}, middleware.After) 105 if err != nil { 106 return err 107 } 108 err = stack.Deserialize.Add(&awsAwsjson10_deserializeOpPutResourcePolicy{}, middleware.After) 109 if err != nil { 110 return err 111 } 112 if err = addSetLoggerMiddleware(stack, options); err != nil { 113 return err 114 } 115 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 116 return err 117 } 118 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 119 return err 120 } 121 if err = addResolveEndpointMiddleware(stack, options); err != nil { 122 return err 123 } 124 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 125 return err 126 } 127 if err = addRetryMiddlewares(stack, options); err != nil { 128 return err 129 } 130 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 131 return err 132 } 133 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 134 return err 135 } 136 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 137 return err 138 } 139 if err = addClientUserAgent(stack); err != nil { 140 return err 141 } 142 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 143 return err 144 } 145 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 146 return err 147 } 148 if err = addOpPutResourcePolicyValidationMiddleware(stack); err != nil { 149 return err 150 } 151 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutResourcePolicy(options.Region), middleware.Before); err != nil { 152 return err 153 } 154 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 155 return err 156 } 157 if err = addResponseErrorMiddleware(stack); err != nil { 158 return err 159 } 160 if err = addRequestResponseLogging(stack, options); err != nil { 161 return err 162 } 163 return nil 164} 165 166func newServiceMetadataMiddleware_opPutResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { 167 return &awsmiddleware.RegisterServiceMetadata{ 168 Region: region, 169 ServiceID: ServiceID, 170 SigningName: "network-firewall", 171 OperationName: "PutResourcePolicy", 172 } 173} 174