1// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. 2 3package fms 4 5import ( 6 "fmt" 7 "time" 8 9 "github.com/aws/aws-sdk-go/aws" 10 "github.com/aws/aws-sdk-go/aws/awsutil" 11 "github.com/aws/aws-sdk-go/aws/request" 12 "github.com/aws/aws-sdk-go/private/protocol" 13 "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" 14) 15 16const opAssociateAdminAccount = "AssociateAdminAccount" 17 18// AssociateAdminAccountRequest generates a "aws/request.Request" representing the 19// client's request for the AssociateAdminAccount operation. The "output" return 20// value will be populated with the request's response once the request completes 21// successfully. 22// 23// Use "Send" method on the returned Request to send the API call to the service. 24// the "output" return value is not valid until after Send returns without error. 25// 26// See AssociateAdminAccount for more information on using the AssociateAdminAccount 27// API call, and error handling. 28// 29// This method is useful when you want to inject custom logic or configuration 30// into the SDK's request lifecycle. Such as custom headers, or retry logic. 31// 32// 33// // Example sending a request using the AssociateAdminAccountRequest method. 34// req, resp := client.AssociateAdminAccountRequest(params) 35// 36// err := req.Send() 37// if err == nil { // resp is now filled 38// fmt.Println(resp) 39// } 40// 41// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount 42func (c *FMS) AssociateAdminAccountRequest(input *AssociateAdminAccountInput) (req *request.Request, output *AssociateAdminAccountOutput) { 43 op := &request.Operation{ 44 Name: opAssociateAdminAccount, 45 HTTPMethod: "POST", 46 HTTPPath: "/", 47 } 48 49 if input == nil { 50 input = &AssociateAdminAccountInput{} 51 } 52 53 output = &AssociateAdminAccountOutput{} 54 req = c.newRequest(op, input, output) 55 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 56 return 57} 58 59// AssociateAdminAccount API operation for Firewall Management Service. 60// 61// Sets the Firewall Manager administrator account. The account must be a member 62// of the organization in Organizations whose resources you want to protect. 63// Firewall Manager sets the permissions that allow the account to administer 64// your Firewall Manager policies. 65// 66// The account that you associate with Firewall Manager is called the Firewall 67// Manager administrator account. 68// 69// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 70// with awserr.Error's Code and Message methods to get detailed information about 71// the error. 72// 73// See the AWS API reference guide for Firewall Management Service's 74// API operation AssociateAdminAccount for usage and error information. 75// 76// Returned Error Types: 77// * InvalidOperationException 78// The operation failed because there was nothing to do or the operation wasn't 79// possible. For example, you might have submitted an AssociateAdminAccount 80// request for an account ID that was already set as the Firewall Manager administrator. 81// Or you might have tried to access a Region that's disabled by default, and 82// that you need to enable for the Firewall Manager administrator account and 83// for Organizations before you can access it. 84// 85// * InvalidInputException 86// The parameters of the request were invalid. 87// 88// * ResourceNotFoundException 89// The specified resource was not found. 90// 91// * InternalErrorException 92// The operation failed because of a system problem, even though the request 93// was valid. Retry your request. 94// 95// * LimitExceededException 96// The operation exceeds a resource limit, for example, the maximum number of 97// policy objects that you can create for an Amazon Web Services account. For 98// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 99// in the WAF Developer Guide. 100// 101// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/AssociateAdminAccount 102func (c *FMS) AssociateAdminAccount(input *AssociateAdminAccountInput) (*AssociateAdminAccountOutput, error) { 103 req, out := c.AssociateAdminAccountRequest(input) 104 return out, req.Send() 105} 106 107// AssociateAdminAccountWithContext is the same as AssociateAdminAccount with the addition of 108// the ability to pass a context and additional request options. 109// 110// See AssociateAdminAccount for details on how to use this API operation. 111// 112// The context must be non-nil and will be used for request cancellation. If 113// the context is nil a panic will occur. In the future the SDK may create 114// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 115// for more information on using Contexts. 116func (c *FMS) AssociateAdminAccountWithContext(ctx aws.Context, input *AssociateAdminAccountInput, opts ...request.Option) (*AssociateAdminAccountOutput, error) { 117 req, out := c.AssociateAdminAccountRequest(input) 118 req.SetContext(ctx) 119 req.ApplyOptions(opts...) 120 return out, req.Send() 121} 122 123const opDeleteAppsList = "DeleteAppsList" 124 125// DeleteAppsListRequest generates a "aws/request.Request" representing the 126// client's request for the DeleteAppsList operation. The "output" return 127// value will be populated with the request's response once the request completes 128// successfully. 129// 130// Use "Send" method on the returned Request to send the API call to the service. 131// the "output" return value is not valid until after Send returns without error. 132// 133// See DeleteAppsList for more information on using the DeleteAppsList 134// API call, and error handling. 135// 136// This method is useful when you want to inject custom logic or configuration 137// into the SDK's request lifecycle. Such as custom headers, or retry logic. 138// 139// 140// // Example sending a request using the DeleteAppsListRequest method. 141// req, resp := client.DeleteAppsListRequest(params) 142// 143// err := req.Send() 144// if err == nil { // resp is now filled 145// fmt.Println(resp) 146// } 147// 148// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteAppsList 149func (c *FMS) DeleteAppsListRequest(input *DeleteAppsListInput) (req *request.Request, output *DeleteAppsListOutput) { 150 op := &request.Operation{ 151 Name: opDeleteAppsList, 152 HTTPMethod: "POST", 153 HTTPPath: "/", 154 } 155 156 if input == nil { 157 input = &DeleteAppsListInput{} 158 } 159 160 output = &DeleteAppsListOutput{} 161 req = c.newRequest(op, input, output) 162 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 163 return 164} 165 166// DeleteAppsList API operation for Firewall Management Service. 167// 168// Permanently deletes an Firewall Manager applications list. 169// 170// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 171// with awserr.Error's Code and Message methods to get detailed information about 172// the error. 173// 174// See the AWS API reference guide for Firewall Management Service's 175// API operation DeleteAppsList for usage and error information. 176// 177// Returned Error Types: 178// * ResourceNotFoundException 179// The specified resource was not found. 180// 181// * InvalidOperationException 182// The operation failed because there was nothing to do or the operation wasn't 183// possible. For example, you might have submitted an AssociateAdminAccount 184// request for an account ID that was already set as the Firewall Manager administrator. 185// Or you might have tried to access a Region that's disabled by default, and 186// that you need to enable for the Firewall Manager administrator account and 187// for Organizations before you can access it. 188// 189// * InternalErrorException 190// The operation failed because of a system problem, even though the request 191// was valid. Retry your request. 192// 193// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteAppsList 194func (c *FMS) DeleteAppsList(input *DeleteAppsListInput) (*DeleteAppsListOutput, error) { 195 req, out := c.DeleteAppsListRequest(input) 196 return out, req.Send() 197} 198 199// DeleteAppsListWithContext is the same as DeleteAppsList with the addition of 200// the ability to pass a context and additional request options. 201// 202// See DeleteAppsList for details on how to use this API operation. 203// 204// The context must be non-nil and will be used for request cancellation. If 205// the context is nil a panic will occur. In the future the SDK may create 206// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 207// for more information on using Contexts. 208func (c *FMS) DeleteAppsListWithContext(ctx aws.Context, input *DeleteAppsListInput, opts ...request.Option) (*DeleteAppsListOutput, error) { 209 req, out := c.DeleteAppsListRequest(input) 210 req.SetContext(ctx) 211 req.ApplyOptions(opts...) 212 return out, req.Send() 213} 214 215const opDeleteNotificationChannel = "DeleteNotificationChannel" 216 217// DeleteNotificationChannelRequest generates a "aws/request.Request" representing the 218// client's request for the DeleteNotificationChannel operation. The "output" return 219// value will be populated with the request's response once the request completes 220// successfully. 221// 222// Use "Send" method on the returned Request to send the API call to the service. 223// the "output" return value is not valid until after Send returns without error. 224// 225// See DeleteNotificationChannel for more information on using the DeleteNotificationChannel 226// API call, and error handling. 227// 228// This method is useful when you want to inject custom logic or configuration 229// into the SDK's request lifecycle. Such as custom headers, or retry logic. 230// 231// 232// // Example sending a request using the DeleteNotificationChannelRequest method. 233// req, resp := client.DeleteNotificationChannelRequest(params) 234// 235// err := req.Send() 236// if err == nil { // resp is now filled 237// fmt.Println(resp) 238// } 239// 240// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel 241func (c *FMS) DeleteNotificationChannelRequest(input *DeleteNotificationChannelInput) (req *request.Request, output *DeleteNotificationChannelOutput) { 242 op := &request.Operation{ 243 Name: opDeleteNotificationChannel, 244 HTTPMethod: "POST", 245 HTTPPath: "/", 246 } 247 248 if input == nil { 249 input = &DeleteNotificationChannelInput{} 250 } 251 252 output = &DeleteNotificationChannelOutput{} 253 req = c.newRequest(op, input, output) 254 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 255 return 256} 257 258// DeleteNotificationChannel API operation for Firewall Management Service. 259// 260// Deletes an Firewall Manager association with the IAM role and the Amazon 261// Simple Notification Service (SNS) topic that is used to record Firewall Manager 262// SNS logs. 263// 264// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 265// with awserr.Error's Code and Message methods to get detailed information about 266// the error. 267// 268// See the AWS API reference guide for Firewall Management Service's 269// API operation DeleteNotificationChannel for usage and error information. 270// 271// Returned Error Types: 272// * ResourceNotFoundException 273// The specified resource was not found. 274// 275// * InvalidOperationException 276// The operation failed because there was nothing to do or the operation wasn't 277// possible. For example, you might have submitted an AssociateAdminAccount 278// request for an account ID that was already set as the Firewall Manager administrator. 279// Or you might have tried to access a Region that's disabled by default, and 280// that you need to enable for the Firewall Manager administrator account and 281// for Organizations before you can access it. 282// 283// * InternalErrorException 284// The operation failed because of a system problem, even though the request 285// was valid. Retry your request. 286// 287// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteNotificationChannel 288func (c *FMS) DeleteNotificationChannel(input *DeleteNotificationChannelInput) (*DeleteNotificationChannelOutput, error) { 289 req, out := c.DeleteNotificationChannelRequest(input) 290 return out, req.Send() 291} 292 293// DeleteNotificationChannelWithContext is the same as DeleteNotificationChannel with the addition of 294// the ability to pass a context and additional request options. 295// 296// See DeleteNotificationChannel for details on how to use this API operation. 297// 298// The context must be non-nil and will be used for request cancellation. If 299// the context is nil a panic will occur. In the future the SDK may create 300// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 301// for more information on using Contexts. 302func (c *FMS) DeleteNotificationChannelWithContext(ctx aws.Context, input *DeleteNotificationChannelInput, opts ...request.Option) (*DeleteNotificationChannelOutput, error) { 303 req, out := c.DeleteNotificationChannelRequest(input) 304 req.SetContext(ctx) 305 req.ApplyOptions(opts...) 306 return out, req.Send() 307} 308 309const opDeletePolicy = "DeletePolicy" 310 311// DeletePolicyRequest generates a "aws/request.Request" representing the 312// client's request for the DeletePolicy operation. The "output" return 313// value will be populated with the request's response once the request completes 314// successfully. 315// 316// Use "Send" method on the returned Request to send the API call to the service. 317// the "output" return value is not valid until after Send returns without error. 318// 319// See DeletePolicy for more information on using the DeletePolicy 320// API call, and error handling. 321// 322// This method is useful when you want to inject custom logic or configuration 323// into the SDK's request lifecycle. Such as custom headers, or retry logic. 324// 325// 326// // Example sending a request using the DeletePolicyRequest method. 327// req, resp := client.DeletePolicyRequest(params) 328// 329// err := req.Send() 330// if err == nil { // resp is now filled 331// fmt.Println(resp) 332// } 333// 334// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy 335func (c *FMS) DeletePolicyRequest(input *DeletePolicyInput) (req *request.Request, output *DeletePolicyOutput) { 336 op := &request.Operation{ 337 Name: opDeletePolicy, 338 HTTPMethod: "POST", 339 HTTPPath: "/", 340 } 341 342 if input == nil { 343 input = &DeletePolicyInput{} 344 } 345 346 output = &DeletePolicyOutput{} 347 req = c.newRequest(op, input, output) 348 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 349 return 350} 351 352// DeletePolicy API operation for Firewall Management Service. 353// 354// Permanently deletes an Firewall Manager policy. 355// 356// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 357// with awserr.Error's Code and Message methods to get detailed information about 358// the error. 359// 360// See the AWS API reference guide for Firewall Management Service's 361// API operation DeletePolicy for usage and error information. 362// 363// Returned Error Types: 364// * ResourceNotFoundException 365// The specified resource was not found. 366// 367// * InvalidOperationException 368// The operation failed because there was nothing to do or the operation wasn't 369// possible. For example, you might have submitted an AssociateAdminAccount 370// request for an account ID that was already set as the Firewall Manager administrator. 371// Or you might have tried to access a Region that's disabled by default, and 372// that you need to enable for the Firewall Manager administrator account and 373// for Organizations before you can access it. 374// 375// * InternalErrorException 376// The operation failed because of a system problem, even though the request 377// was valid. Retry your request. 378// 379// * InvalidInputException 380// The parameters of the request were invalid. 381// 382// * LimitExceededException 383// The operation exceeds a resource limit, for example, the maximum number of 384// policy objects that you can create for an Amazon Web Services account. For 385// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 386// in the WAF Developer Guide. 387// 388// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeletePolicy 389func (c *FMS) DeletePolicy(input *DeletePolicyInput) (*DeletePolicyOutput, error) { 390 req, out := c.DeletePolicyRequest(input) 391 return out, req.Send() 392} 393 394// DeletePolicyWithContext is the same as DeletePolicy with the addition of 395// the ability to pass a context and additional request options. 396// 397// See DeletePolicy for details on how to use this API operation. 398// 399// The context must be non-nil and will be used for request cancellation. If 400// the context is nil a panic will occur. In the future the SDK may create 401// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 402// for more information on using Contexts. 403func (c *FMS) DeletePolicyWithContext(ctx aws.Context, input *DeletePolicyInput, opts ...request.Option) (*DeletePolicyOutput, error) { 404 req, out := c.DeletePolicyRequest(input) 405 req.SetContext(ctx) 406 req.ApplyOptions(opts...) 407 return out, req.Send() 408} 409 410const opDeleteProtocolsList = "DeleteProtocolsList" 411 412// DeleteProtocolsListRequest generates a "aws/request.Request" representing the 413// client's request for the DeleteProtocolsList operation. The "output" return 414// value will be populated with the request's response once the request completes 415// successfully. 416// 417// Use "Send" method on the returned Request to send the API call to the service. 418// the "output" return value is not valid until after Send returns without error. 419// 420// See DeleteProtocolsList for more information on using the DeleteProtocolsList 421// API call, and error handling. 422// 423// This method is useful when you want to inject custom logic or configuration 424// into the SDK's request lifecycle. Such as custom headers, or retry logic. 425// 426// 427// // Example sending a request using the DeleteProtocolsListRequest method. 428// req, resp := client.DeleteProtocolsListRequest(params) 429// 430// err := req.Send() 431// if err == nil { // resp is now filled 432// fmt.Println(resp) 433// } 434// 435// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteProtocolsList 436func (c *FMS) DeleteProtocolsListRequest(input *DeleteProtocolsListInput) (req *request.Request, output *DeleteProtocolsListOutput) { 437 op := &request.Operation{ 438 Name: opDeleteProtocolsList, 439 HTTPMethod: "POST", 440 HTTPPath: "/", 441 } 442 443 if input == nil { 444 input = &DeleteProtocolsListInput{} 445 } 446 447 output = &DeleteProtocolsListOutput{} 448 req = c.newRequest(op, input, output) 449 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 450 return 451} 452 453// DeleteProtocolsList API operation for Firewall Management Service. 454// 455// Permanently deletes an Firewall Manager protocols list. 456// 457// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 458// with awserr.Error's Code and Message methods to get detailed information about 459// the error. 460// 461// See the AWS API reference guide for Firewall Management Service's 462// API operation DeleteProtocolsList for usage and error information. 463// 464// Returned Error Types: 465// * ResourceNotFoundException 466// The specified resource was not found. 467// 468// * InvalidOperationException 469// The operation failed because there was nothing to do or the operation wasn't 470// possible. For example, you might have submitted an AssociateAdminAccount 471// request for an account ID that was already set as the Firewall Manager administrator. 472// Or you might have tried to access a Region that's disabled by default, and 473// that you need to enable for the Firewall Manager administrator account and 474// for Organizations before you can access it. 475// 476// * InternalErrorException 477// The operation failed because of a system problem, even though the request 478// was valid. Retry your request. 479// 480// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DeleteProtocolsList 481func (c *FMS) DeleteProtocolsList(input *DeleteProtocolsListInput) (*DeleteProtocolsListOutput, error) { 482 req, out := c.DeleteProtocolsListRequest(input) 483 return out, req.Send() 484} 485 486// DeleteProtocolsListWithContext is the same as DeleteProtocolsList with the addition of 487// the ability to pass a context and additional request options. 488// 489// See DeleteProtocolsList for details on how to use this API operation. 490// 491// The context must be non-nil and will be used for request cancellation. If 492// the context is nil a panic will occur. In the future the SDK may create 493// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 494// for more information on using Contexts. 495func (c *FMS) DeleteProtocolsListWithContext(ctx aws.Context, input *DeleteProtocolsListInput, opts ...request.Option) (*DeleteProtocolsListOutput, error) { 496 req, out := c.DeleteProtocolsListRequest(input) 497 req.SetContext(ctx) 498 req.ApplyOptions(opts...) 499 return out, req.Send() 500} 501 502const opDisassociateAdminAccount = "DisassociateAdminAccount" 503 504// DisassociateAdminAccountRequest generates a "aws/request.Request" representing the 505// client's request for the DisassociateAdminAccount operation. The "output" return 506// value will be populated with the request's response once the request completes 507// successfully. 508// 509// Use "Send" method on the returned Request to send the API call to the service. 510// the "output" return value is not valid until after Send returns without error. 511// 512// See DisassociateAdminAccount for more information on using the DisassociateAdminAccount 513// API call, and error handling. 514// 515// This method is useful when you want to inject custom logic or configuration 516// into the SDK's request lifecycle. Such as custom headers, or retry logic. 517// 518// 519// // Example sending a request using the DisassociateAdminAccountRequest method. 520// req, resp := client.DisassociateAdminAccountRequest(params) 521// 522// err := req.Send() 523// if err == nil { // resp is now filled 524// fmt.Println(resp) 525// } 526// 527// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount 528func (c *FMS) DisassociateAdminAccountRequest(input *DisassociateAdminAccountInput) (req *request.Request, output *DisassociateAdminAccountOutput) { 529 op := &request.Operation{ 530 Name: opDisassociateAdminAccount, 531 HTTPMethod: "POST", 532 HTTPPath: "/", 533 } 534 535 if input == nil { 536 input = &DisassociateAdminAccountInput{} 537 } 538 539 output = &DisassociateAdminAccountOutput{} 540 req = c.newRequest(op, input, output) 541 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 542 return 543} 544 545// DisassociateAdminAccount API operation for Firewall Management Service. 546// 547// Disassociates the account that has been set as the Firewall Manager administrator 548// account. To set a different account as the administrator account, you must 549// submit an AssociateAdminAccount request. 550// 551// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 552// with awserr.Error's Code and Message methods to get detailed information about 553// the error. 554// 555// See the AWS API reference guide for Firewall Management Service's 556// API operation DisassociateAdminAccount for usage and error information. 557// 558// Returned Error Types: 559// * InvalidOperationException 560// The operation failed because there was nothing to do or the operation wasn't 561// possible. For example, you might have submitted an AssociateAdminAccount 562// request for an account ID that was already set as the Firewall Manager administrator. 563// Or you might have tried to access a Region that's disabled by default, and 564// that you need to enable for the Firewall Manager administrator account and 565// for Organizations before you can access it. 566// 567// * ResourceNotFoundException 568// The specified resource was not found. 569// 570// * InternalErrorException 571// The operation failed because of a system problem, even though the request 572// was valid. Retry your request. 573// 574// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/DisassociateAdminAccount 575func (c *FMS) DisassociateAdminAccount(input *DisassociateAdminAccountInput) (*DisassociateAdminAccountOutput, error) { 576 req, out := c.DisassociateAdminAccountRequest(input) 577 return out, req.Send() 578} 579 580// DisassociateAdminAccountWithContext is the same as DisassociateAdminAccount with the addition of 581// the ability to pass a context and additional request options. 582// 583// See DisassociateAdminAccount for details on how to use this API operation. 584// 585// The context must be non-nil and will be used for request cancellation. If 586// the context is nil a panic will occur. In the future the SDK may create 587// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 588// for more information on using Contexts. 589func (c *FMS) DisassociateAdminAccountWithContext(ctx aws.Context, input *DisassociateAdminAccountInput, opts ...request.Option) (*DisassociateAdminAccountOutput, error) { 590 req, out := c.DisassociateAdminAccountRequest(input) 591 req.SetContext(ctx) 592 req.ApplyOptions(opts...) 593 return out, req.Send() 594} 595 596const opGetAdminAccount = "GetAdminAccount" 597 598// GetAdminAccountRequest generates a "aws/request.Request" representing the 599// client's request for the GetAdminAccount operation. The "output" return 600// value will be populated with the request's response once the request completes 601// successfully. 602// 603// Use "Send" method on the returned Request to send the API call to the service. 604// the "output" return value is not valid until after Send returns without error. 605// 606// See GetAdminAccount for more information on using the GetAdminAccount 607// API call, and error handling. 608// 609// This method is useful when you want to inject custom logic or configuration 610// into the SDK's request lifecycle. Such as custom headers, or retry logic. 611// 612// 613// // Example sending a request using the GetAdminAccountRequest method. 614// req, resp := client.GetAdminAccountRequest(params) 615// 616// err := req.Send() 617// if err == nil { // resp is now filled 618// fmt.Println(resp) 619// } 620// 621// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount 622func (c *FMS) GetAdminAccountRequest(input *GetAdminAccountInput) (req *request.Request, output *GetAdminAccountOutput) { 623 op := &request.Operation{ 624 Name: opGetAdminAccount, 625 HTTPMethod: "POST", 626 HTTPPath: "/", 627 } 628 629 if input == nil { 630 input = &GetAdminAccountInput{} 631 } 632 633 output = &GetAdminAccountOutput{} 634 req = c.newRequest(op, input, output) 635 return 636} 637 638// GetAdminAccount API operation for Firewall Management Service. 639// 640// Returns the Organizations account that is associated with Firewall Manager 641// as the Firewall Manager administrator. 642// 643// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 644// with awserr.Error's Code and Message methods to get detailed information about 645// the error. 646// 647// See the AWS API reference guide for Firewall Management Service's 648// API operation GetAdminAccount for usage and error information. 649// 650// Returned Error Types: 651// * InvalidOperationException 652// The operation failed because there was nothing to do or the operation wasn't 653// possible. For example, you might have submitted an AssociateAdminAccount 654// request for an account ID that was already set as the Firewall Manager administrator. 655// Or you might have tried to access a Region that's disabled by default, and 656// that you need to enable for the Firewall Manager administrator account and 657// for Organizations before you can access it. 658// 659// * ResourceNotFoundException 660// The specified resource was not found. 661// 662// * InternalErrorException 663// The operation failed because of a system problem, even though the request 664// was valid. Retry your request. 665// 666// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAdminAccount 667func (c *FMS) GetAdminAccount(input *GetAdminAccountInput) (*GetAdminAccountOutput, error) { 668 req, out := c.GetAdminAccountRequest(input) 669 return out, req.Send() 670} 671 672// GetAdminAccountWithContext is the same as GetAdminAccount with the addition of 673// the ability to pass a context and additional request options. 674// 675// See GetAdminAccount for details on how to use this API operation. 676// 677// The context must be non-nil and will be used for request cancellation. If 678// the context is nil a panic will occur. In the future the SDK may create 679// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 680// for more information on using Contexts. 681func (c *FMS) GetAdminAccountWithContext(ctx aws.Context, input *GetAdminAccountInput, opts ...request.Option) (*GetAdminAccountOutput, error) { 682 req, out := c.GetAdminAccountRequest(input) 683 req.SetContext(ctx) 684 req.ApplyOptions(opts...) 685 return out, req.Send() 686} 687 688const opGetAppsList = "GetAppsList" 689 690// GetAppsListRequest generates a "aws/request.Request" representing the 691// client's request for the GetAppsList operation. The "output" return 692// value will be populated with the request's response once the request completes 693// successfully. 694// 695// Use "Send" method on the returned Request to send the API call to the service. 696// the "output" return value is not valid until after Send returns without error. 697// 698// See GetAppsList for more information on using the GetAppsList 699// API call, and error handling. 700// 701// This method is useful when you want to inject custom logic or configuration 702// into the SDK's request lifecycle. Such as custom headers, or retry logic. 703// 704// 705// // Example sending a request using the GetAppsListRequest method. 706// req, resp := client.GetAppsListRequest(params) 707// 708// err := req.Send() 709// if err == nil { // resp is now filled 710// fmt.Println(resp) 711// } 712// 713// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsList 714func (c *FMS) GetAppsListRequest(input *GetAppsListInput) (req *request.Request, output *GetAppsListOutput) { 715 op := &request.Operation{ 716 Name: opGetAppsList, 717 HTTPMethod: "POST", 718 HTTPPath: "/", 719 } 720 721 if input == nil { 722 input = &GetAppsListInput{} 723 } 724 725 output = &GetAppsListOutput{} 726 req = c.newRequest(op, input, output) 727 return 728} 729 730// GetAppsList API operation for Firewall Management Service. 731// 732// Returns information about the specified Firewall Manager applications list. 733// 734// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 735// with awserr.Error's Code and Message methods to get detailed information about 736// the error. 737// 738// See the AWS API reference guide for Firewall Management Service's 739// API operation GetAppsList for usage and error information. 740// 741// Returned Error Types: 742// * ResourceNotFoundException 743// The specified resource was not found. 744// 745// * InvalidOperationException 746// The operation failed because there was nothing to do or the operation wasn't 747// possible. For example, you might have submitted an AssociateAdminAccount 748// request for an account ID that was already set as the Firewall Manager administrator. 749// Or you might have tried to access a Region that's disabled by default, and 750// that you need to enable for the Firewall Manager administrator account and 751// for Organizations before you can access it. 752// 753// * InternalErrorException 754// The operation failed because of a system problem, even though the request 755// was valid. Retry your request. 756// 757// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetAppsList 758func (c *FMS) GetAppsList(input *GetAppsListInput) (*GetAppsListOutput, error) { 759 req, out := c.GetAppsListRequest(input) 760 return out, req.Send() 761} 762 763// GetAppsListWithContext is the same as GetAppsList with the addition of 764// the ability to pass a context and additional request options. 765// 766// See GetAppsList for details on how to use this API operation. 767// 768// The context must be non-nil and will be used for request cancellation. If 769// the context is nil a panic will occur. In the future the SDK may create 770// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 771// for more information on using Contexts. 772func (c *FMS) GetAppsListWithContext(ctx aws.Context, input *GetAppsListInput, opts ...request.Option) (*GetAppsListOutput, error) { 773 req, out := c.GetAppsListRequest(input) 774 req.SetContext(ctx) 775 req.ApplyOptions(opts...) 776 return out, req.Send() 777} 778 779const opGetComplianceDetail = "GetComplianceDetail" 780 781// GetComplianceDetailRequest generates a "aws/request.Request" representing the 782// client's request for the GetComplianceDetail operation. The "output" return 783// value will be populated with the request's response once the request completes 784// successfully. 785// 786// Use "Send" method on the returned Request to send the API call to the service. 787// the "output" return value is not valid until after Send returns without error. 788// 789// See GetComplianceDetail for more information on using the GetComplianceDetail 790// API call, and error handling. 791// 792// This method is useful when you want to inject custom logic or configuration 793// into the SDK's request lifecycle. Such as custom headers, or retry logic. 794// 795// 796// // Example sending a request using the GetComplianceDetailRequest method. 797// req, resp := client.GetComplianceDetailRequest(params) 798// 799// err := req.Send() 800// if err == nil { // resp is now filled 801// fmt.Println(resp) 802// } 803// 804// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail 805func (c *FMS) GetComplianceDetailRequest(input *GetComplianceDetailInput) (req *request.Request, output *GetComplianceDetailOutput) { 806 op := &request.Operation{ 807 Name: opGetComplianceDetail, 808 HTTPMethod: "POST", 809 HTTPPath: "/", 810 } 811 812 if input == nil { 813 input = &GetComplianceDetailInput{} 814 } 815 816 output = &GetComplianceDetailOutput{} 817 req = c.newRequest(op, input, output) 818 return 819} 820 821// GetComplianceDetail API operation for Firewall Management Service. 822// 823// Returns detailed compliance information about the specified member account. 824// Details include resources that are in and out of compliance with the specified 825// policy. 826// 827// * Resources are considered noncompliant for WAF and Shield Advanced policies 828// if the specified policy has not been applied to them. 829// 830// * Resources are considered noncompliant for security group policies if 831// they are in scope of the policy, they violate one or more of the policy 832// rules, and remediation is disabled or not possible. 833// 834// * Resources are considered noncompliant for Network Firewall policies 835// if a firewall is missing in the VPC, if the firewall endpoint isn't set 836// up in an expected Availability Zone and subnet, if a subnet created by 837// the Firewall Manager doesn't have the expected route table, and for modifications 838// to a firewall policy that violate the Firewall Manager policy's rules. 839// 840// * Resources are considered noncompliant for DNS Firewall policies if a 841// DNS Firewall rule group is missing from the rule group associations for 842// the VPC. 843// 844// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 845// with awserr.Error's Code and Message methods to get detailed information about 846// the error. 847// 848// See the AWS API reference guide for Firewall Management Service's 849// API operation GetComplianceDetail for usage and error information. 850// 851// Returned Error Types: 852// * ResourceNotFoundException 853// The specified resource was not found. 854// 855// * InternalErrorException 856// The operation failed because of a system problem, even though the request 857// was valid. Retry your request. 858// 859// * InvalidInputException 860// The parameters of the request were invalid. 861// 862// * InvalidOperationException 863// The operation failed because there was nothing to do or the operation wasn't 864// possible. For example, you might have submitted an AssociateAdminAccount 865// request for an account ID that was already set as the Firewall Manager administrator. 866// Or you might have tried to access a Region that's disabled by default, and 867// that you need to enable for the Firewall Manager administrator account and 868// for Organizations before you can access it. 869// 870// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetComplianceDetail 871func (c *FMS) GetComplianceDetail(input *GetComplianceDetailInput) (*GetComplianceDetailOutput, error) { 872 req, out := c.GetComplianceDetailRequest(input) 873 return out, req.Send() 874} 875 876// GetComplianceDetailWithContext is the same as GetComplianceDetail with the addition of 877// the ability to pass a context and additional request options. 878// 879// See GetComplianceDetail for details on how to use this API operation. 880// 881// The context must be non-nil and will be used for request cancellation. If 882// the context is nil a panic will occur. In the future the SDK may create 883// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 884// for more information on using Contexts. 885func (c *FMS) GetComplianceDetailWithContext(ctx aws.Context, input *GetComplianceDetailInput, opts ...request.Option) (*GetComplianceDetailOutput, error) { 886 req, out := c.GetComplianceDetailRequest(input) 887 req.SetContext(ctx) 888 req.ApplyOptions(opts...) 889 return out, req.Send() 890} 891 892const opGetNotificationChannel = "GetNotificationChannel" 893 894// GetNotificationChannelRequest generates a "aws/request.Request" representing the 895// client's request for the GetNotificationChannel operation. The "output" return 896// value will be populated with the request's response once the request completes 897// successfully. 898// 899// Use "Send" method on the returned Request to send the API call to the service. 900// the "output" return value is not valid until after Send returns without error. 901// 902// See GetNotificationChannel for more information on using the GetNotificationChannel 903// API call, and error handling. 904// 905// This method is useful when you want to inject custom logic or configuration 906// into the SDK's request lifecycle. Such as custom headers, or retry logic. 907// 908// 909// // Example sending a request using the GetNotificationChannelRequest method. 910// req, resp := client.GetNotificationChannelRequest(params) 911// 912// err := req.Send() 913// if err == nil { // resp is now filled 914// fmt.Println(resp) 915// } 916// 917// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel 918func (c *FMS) GetNotificationChannelRequest(input *GetNotificationChannelInput) (req *request.Request, output *GetNotificationChannelOutput) { 919 op := &request.Operation{ 920 Name: opGetNotificationChannel, 921 HTTPMethod: "POST", 922 HTTPPath: "/", 923 } 924 925 if input == nil { 926 input = &GetNotificationChannelInput{} 927 } 928 929 output = &GetNotificationChannelOutput{} 930 req = c.newRequest(op, input, output) 931 return 932} 933 934// GetNotificationChannel API operation for Firewall Management Service. 935// 936// Information about the Amazon Simple Notification Service (SNS) topic that 937// is used to record Firewall Manager SNS logs. 938// 939// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 940// with awserr.Error's Code and Message methods to get detailed information about 941// the error. 942// 943// See the AWS API reference guide for Firewall Management Service's 944// API operation GetNotificationChannel for usage and error information. 945// 946// Returned Error Types: 947// * ResourceNotFoundException 948// The specified resource was not found. 949// 950// * InvalidOperationException 951// The operation failed because there was nothing to do or the operation wasn't 952// possible. For example, you might have submitted an AssociateAdminAccount 953// request for an account ID that was already set as the Firewall Manager administrator. 954// Or you might have tried to access a Region that's disabled by default, and 955// that you need to enable for the Firewall Manager administrator account and 956// for Organizations before you can access it. 957// 958// * InternalErrorException 959// The operation failed because of a system problem, even though the request 960// was valid. Retry your request. 961// 962// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetNotificationChannel 963func (c *FMS) GetNotificationChannel(input *GetNotificationChannelInput) (*GetNotificationChannelOutput, error) { 964 req, out := c.GetNotificationChannelRequest(input) 965 return out, req.Send() 966} 967 968// GetNotificationChannelWithContext is the same as GetNotificationChannel with the addition of 969// the ability to pass a context and additional request options. 970// 971// See GetNotificationChannel for details on how to use this API operation. 972// 973// The context must be non-nil and will be used for request cancellation. If 974// the context is nil a panic will occur. In the future the SDK may create 975// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 976// for more information on using Contexts. 977func (c *FMS) GetNotificationChannelWithContext(ctx aws.Context, input *GetNotificationChannelInput, opts ...request.Option) (*GetNotificationChannelOutput, error) { 978 req, out := c.GetNotificationChannelRequest(input) 979 req.SetContext(ctx) 980 req.ApplyOptions(opts...) 981 return out, req.Send() 982} 983 984const opGetPolicy = "GetPolicy" 985 986// GetPolicyRequest generates a "aws/request.Request" representing the 987// client's request for the GetPolicy operation. The "output" return 988// value will be populated with the request's response once the request completes 989// successfully. 990// 991// Use "Send" method on the returned Request to send the API call to the service. 992// the "output" return value is not valid until after Send returns without error. 993// 994// See GetPolicy for more information on using the GetPolicy 995// API call, and error handling. 996// 997// This method is useful when you want to inject custom logic or configuration 998// into the SDK's request lifecycle. Such as custom headers, or retry logic. 999// 1000// 1001// // Example sending a request using the GetPolicyRequest method. 1002// req, resp := client.GetPolicyRequest(params) 1003// 1004// err := req.Send() 1005// if err == nil { // resp is now filled 1006// fmt.Println(resp) 1007// } 1008// 1009// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy 1010func (c *FMS) GetPolicyRequest(input *GetPolicyInput) (req *request.Request, output *GetPolicyOutput) { 1011 op := &request.Operation{ 1012 Name: opGetPolicy, 1013 HTTPMethod: "POST", 1014 HTTPPath: "/", 1015 } 1016 1017 if input == nil { 1018 input = &GetPolicyInput{} 1019 } 1020 1021 output = &GetPolicyOutput{} 1022 req = c.newRequest(op, input, output) 1023 return 1024} 1025 1026// GetPolicy API operation for Firewall Management Service. 1027// 1028// Returns information about the specified Firewall Manager policy. 1029// 1030// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1031// with awserr.Error's Code and Message methods to get detailed information about 1032// the error. 1033// 1034// See the AWS API reference guide for Firewall Management Service's 1035// API operation GetPolicy for usage and error information. 1036// 1037// Returned Error Types: 1038// * ResourceNotFoundException 1039// The specified resource was not found. 1040// 1041// * InvalidOperationException 1042// The operation failed because there was nothing to do or the operation wasn't 1043// possible. For example, you might have submitted an AssociateAdminAccount 1044// request for an account ID that was already set as the Firewall Manager administrator. 1045// Or you might have tried to access a Region that's disabled by default, and 1046// that you need to enable for the Firewall Manager administrator account and 1047// for Organizations before you can access it. 1048// 1049// * InternalErrorException 1050// The operation failed because of a system problem, even though the request 1051// was valid. Retry your request. 1052// 1053// * InvalidTypeException 1054// The value of the Type parameter is invalid. 1055// 1056// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetPolicy 1057func (c *FMS) GetPolicy(input *GetPolicyInput) (*GetPolicyOutput, error) { 1058 req, out := c.GetPolicyRequest(input) 1059 return out, req.Send() 1060} 1061 1062// GetPolicyWithContext is the same as GetPolicy with the addition of 1063// the ability to pass a context and additional request options. 1064// 1065// See GetPolicy for details on how to use this API operation. 1066// 1067// The context must be non-nil and will be used for request cancellation. If 1068// the context is nil a panic will occur. In the future the SDK may create 1069// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1070// for more information on using Contexts. 1071func (c *FMS) GetPolicyWithContext(ctx aws.Context, input *GetPolicyInput, opts ...request.Option) (*GetPolicyOutput, error) { 1072 req, out := c.GetPolicyRequest(input) 1073 req.SetContext(ctx) 1074 req.ApplyOptions(opts...) 1075 return out, req.Send() 1076} 1077 1078const opGetProtectionStatus = "GetProtectionStatus" 1079 1080// GetProtectionStatusRequest generates a "aws/request.Request" representing the 1081// client's request for the GetProtectionStatus operation. The "output" return 1082// value will be populated with the request's response once the request completes 1083// successfully. 1084// 1085// Use "Send" method on the returned Request to send the API call to the service. 1086// the "output" return value is not valid until after Send returns without error. 1087// 1088// See GetProtectionStatus for more information on using the GetProtectionStatus 1089// API call, and error handling. 1090// 1091// This method is useful when you want to inject custom logic or configuration 1092// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1093// 1094// 1095// // Example sending a request using the GetProtectionStatusRequest method. 1096// req, resp := client.GetProtectionStatusRequest(params) 1097// 1098// err := req.Send() 1099// if err == nil { // resp is now filled 1100// fmt.Println(resp) 1101// } 1102// 1103// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtectionStatus 1104func (c *FMS) GetProtectionStatusRequest(input *GetProtectionStatusInput) (req *request.Request, output *GetProtectionStatusOutput) { 1105 op := &request.Operation{ 1106 Name: opGetProtectionStatus, 1107 HTTPMethod: "POST", 1108 HTTPPath: "/", 1109 } 1110 1111 if input == nil { 1112 input = &GetProtectionStatusInput{} 1113 } 1114 1115 output = &GetProtectionStatusOutput{} 1116 req = c.newRequest(op, input, output) 1117 return 1118} 1119 1120// GetProtectionStatus API operation for Firewall Management Service. 1121// 1122// If you created a Shield Advanced policy, returns policy-level attack summary 1123// information in the event of a potential DDoS attack. Other policy types are 1124// currently unsupported. 1125// 1126// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1127// with awserr.Error's Code and Message methods to get detailed information about 1128// the error. 1129// 1130// See the AWS API reference guide for Firewall Management Service's 1131// API operation GetProtectionStatus for usage and error information. 1132// 1133// Returned Error Types: 1134// * InvalidInputException 1135// The parameters of the request were invalid. 1136// 1137// * ResourceNotFoundException 1138// The specified resource was not found. 1139// 1140// * InternalErrorException 1141// The operation failed because of a system problem, even though the request 1142// was valid. Retry your request. 1143// 1144// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtectionStatus 1145func (c *FMS) GetProtectionStatus(input *GetProtectionStatusInput) (*GetProtectionStatusOutput, error) { 1146 req, out := c.GetProtectionStatusRequest(input) 1147 return out, req.Send() 1148} 1149 1150// GetProtectionStatusWithContext is the same as GetProtectionStatus with the addition of 1151// the ability to pass a context and additional request options. 1152// 1153// See GetProtectionStatus for details on how to use this API operation. 1154// 1155// The context must be non-nil and will be used for request cancellation. If 1156// the context is nil a panic will occur. In the future the SDK may create 1157// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1158// for more information on using Contexts. 1159func (c *FMS) GetProtectionStatusWithContext(ctx aws.Context, input *GetProtectionStatusInput, opts ...request.Option) (*GetProtectionStatusOutput, error) { 1160 req, out := c.GetProtectionStatusRequest(input) 1161 req.SetContext(ctx) 1162 req.ApplyOptions(opts...) 1163 return out, req.Send() 1164} 1165 1166const opGetProtocolsList = "GetProtocolsList" 1167 1168// GetProtocolsListRequest generates a "aws/request.Request" representing the 1169// client's request for the GetProtocolsList operation. The "output" return 1170// value will be populated with the request's response once the request completes 1171// successfully. 1172// 1173// Use "Send" method on the returned Request to send the API call to the service. 1174// the "output" return value is not valid until after Send returns without error. 1175// 1176// See GetProtocolsList for more information on using the GetProtocolsList 1177// API call, and error handling. 1178// 1179// This method is useful when you want to inject custom logic or configuration 1180// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1181// 1182// 1183// // Example sending a request using the GetProtocolsListRequest method. 1184// req, resp := client.GetProtocolsListRequest(params) 1185// 1186// err := req.Send() 1187// if err == nil { // resp is now filled 1188// fmt.Println(resp) 1189// } 1190// 1191// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsList 1192func (c *FMS) GetProtocolsListRequest(input *GetProtocolsListInput) (req *request.Request, output *GetProtocolsListOutput) { 1193 op := &request.Operation{ 1194 Name: opGetProtocolsList, 1195 HTTPMethod: "POST", 1196 HTTPPath: "/", 1197 } 1198 1199 if input == nil { 1200 input = &GetProtocolsListInput{} 1201 } 1202 1203 output = &GetProtocolsListOutput{} 1204 req = c.newRequest(op, input, output) 1205 return 1206} 1207 1208// GetProtocolsList API operation for Firewall Management Service. 1209// 1210// Returns information about the specified Firewall Manager protocols list. 1211// 1212// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1213// with awserr.Error's Code and Message methods to get detailed information about 1214// the error. 1215// 1216// See the AWS API reference guide for Firewall Management Service's 1217// API operation GetProtocolsList for usage and error information. 1218// 1219// Returned Error Types: 1220// * ResourceNotFoundException 1221// The specified resource was not found. 1222// 1223// * InvalidOperationException 1224// The operation failed because there was nothing to do or the operation wasn't 1225// possible. For example, you might have submitted an AssociateAdminAccount 1226// request for an account ID that was already set as the Firewall Manager administrator. 1227// Or you might have tried to access a Region that's disabled by default, and 1228// that you need to enable for the Firewall Manager administrator account and 1229// for Organizations before you can access it. 1230// 1231// * InternalErrorException 1232// The operation failed because of a system problem, even though the request 1233// was valid. Retry your request. 1234// 1235// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetProtocolsList 1236func (c *FMS) GetProtocolsList(input *GetProtocolsListInput) (*GetProtocolsListOutput, error) { 1237 req, out := c.GetProtocolsListRequest(input) 1238 return out, req.Send() 1239} 1240 1241// GetProtocolsListWithContext is the same as GetProtocolsList with the addition of 1242// the ability to pass a context and additional request options. 1243// 1244// See GetProtocolsList for details on how to use this API operation. 1245// 1246// The context must be non-nil and will be used for request cancellation. If 1247// the context is nil a panic will occur. In the future the SDK may create 1248// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1249// for more information on using Contexts. 1250func (c *FMS) GetProtocolsListWithContext(ctx aws.Context, input *GetProtocolsListInput, opts ...request.Option) (*GetProtocolsListOutput, error) { 1251 req, out := c.GetProtocolsListRequest(input) 1252 req.SetContext(ctx) 1253 req.ApplyOptions(opts...) 1254 return out, req.Send() 1255} 1256 1257const opGetViolationDetails = "GetViolationDetails" 1258 1259// GetViolationDetailsRequest generates a "aws/request.Request" representing the 1260// client's request for the GetViolationDetails operation. The "output" return 1261// value will be populated with the request's response once the request completes 1262// successfully. 1263// 1264// Use "Send" method on the returned Request to send the API call to the service. 1265// the "output" return value is not valid until after Send returns without error. 1266// 1267// See GetViolationDetails for more information on using the GetViolationDetails 1268// API call, and error handling. 1269// 1270// This method is useful when you want to inject custom logic or configuration 1271// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1272// 1273// 1274// // Example sending a request using the GetViolationDetailsRequest method. 1275// req, resp := client.GetViolationDetailsRequest(params) 1276// 1277// err := req.Send() 1278// if err == nil { // resp is now filled 1279// fmt.Println(resp) 1280// } 1281// 1282// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetails 1283func (c *FMS) GetViolationDetailsRequest(input *GetViolationDetailsInput) (req *request.Request, output *GetViolationDetailsOutput) { 1284 op := &request.Operation{ 1285 Name: opGetViolationDetails, 1286 HTTPMethod: "POST", 1287 HTTPPath: "/", 1288 } 1289 1290 if input == nil { 1291 input = &GetViolationDetailsInput{} 1292 } 1293 1294 output = &GetViolationDetailsOutput{} 1295 req = c.newRequest(op, input, output) 1296 return 1297} 1298 1299// GetViolationDetails API operation for Firewall Management Service. 1300// 1301// Retrieves violations for a resource based on the specified Firewall Manager 1302// policy and Amazon Web Services account. 1303// 1304// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1305// with awserr.Error's Code and Message methods to get detailed information about 1306// the error. 1307// 1308// See the AWS API reference guide for Firewall Management Service's 1309// API operation GetViolationDetails for usage and error information. 1310// 1311// Returned Error Types: 1312// * ResourceNotFoundException 1313// The specified resource was not found. 1314// 1315// * InvalidInputException 1316// The parameters of the request were invalid. 1317// 1318// * InternalErrorException 1319// The operation failed because of a system problem, even though the request 1320// was valid. Retry your request. 1321// 1322// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/GetViolationDetails 1323func (c *FMS) GetViolationDetails(input *GetViolationDetailsInput) (*GetViolationDetailsOutput, error) { 1324 req, out := c.GetViolationDetailsRequest(input) 1325 return out, req.Send() 1326} 1327 1328// GetViolationDetailsWithContext is the same as GetViolationDetails with the addition of 1329// the ability to pass a context and additional request options. 1330// 1331// See GetViolationDetails for details on how to use this API operation. 1332// 1333// The context must be non-nil and will be used for request cancellation. If 1334// the context is nil a panic will occur. In the future the SDK may create 1335// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1336// for more information on using Contexts. 1337func (c *FMS) GetViolationDetailsWithContext(ctx aws.Context, input *GetViolationDetailsInput, opts ...request.Option) (*GetViolationDetailsOutput, error) { 1338 req, out := c.GetViolationDetailsRequest(input) 1339 req.SetContext(ctx) 1340 req.ApplyOptions(opts...) 1341 return out, req.Send() 1342} 1343 1344const opListAppsLists = "ListAppsLists" 1345 1346// ListAppsListsRequest generates a "aws/request.Request" representing the 1347// client's request for the ListAppsLists operation. The "output" return 1348// value will be populated with the request's response once the request completes 1349// successfully. 1350// 1351// Use "Send" method on the returned Request to send the API call to the service. 1352// the "output" return value is not valid until after Send returns without error. 1353// 1354// See ListAppsLists for more information on using the ListAppsLists 1355// API call, and error handling. 1356// 1357// This method is useful when you want to inject custom logic or configuration 1358// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1359// 1360// 1361// // Example sending a request using the ListAppsListsRequest method. 1362// req, resp := client.ListAppsListsRequest(params) 1363// 1364// err := req.Send() 1365// if err == nil { // resp is now filled 1366// fmt.Println(resp) 1367// } 1368// 1369// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsLists 1370func (c *FMS) ListAppsListsRequest(input *ListAppsListsInput) (req *request.Request, output *ListAppsListsOutput) { 1371 op := &request.Operation{ 1372 Name: opListAppsLists, 1373 HTTPMethod: "POST", 1374 HTTPPath: "/", 1375 Paginator: &request.Paginator{ 1376 InputTokens: []string{"NextToken"}, 1377 OutputTokens: []string{"NextToken"}, 1378 LimitToken: "MaxResults", 1379 TruncationToken: "", 1380 }, 1381 } 1382 1383 if input == nil { 1384 input = &ListAppsListsInput{} 1385 } 1386 1387 output = &ListAppsListsOutput{} 1388 req = c.newRequest(op, input, output) 1389 return 1390} 1391 1392// ListAppsLists API operation for Firewall Management Service. 1393// 1394// Returns an array of AppsListDataSummary objects. 1395// 1396// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1397// with awserr.Error's Code and Message methods to get detailed information about 1398// the error. 1399// 1400// See the AWS API reference guide for Firewall Management Service's 1401// API operation ListAppsLists for usage and error information. 1402// 1403// Returned Error Types: 1404// * ResourceNotFoundException 1405// The specified resource was not found. 1406// 1407// * InvalidOperationException 1408// The operation failed because there was nothing to do or the operation wasn't 1409// possible. For example, you might have submitted an AssociateAdminAccount 1410// request for an account ID that was already set as the Firewall Manager administrator. 1411// Or you might have tried to access a Region that's disabled by default, and 1412// that you need to enable for the Firewall Manager administrator account and 1413// for Organizations before you can access it. 1414// 1415// * LimitExceededException 1416// The operation exceeds a resource limit, for example, the maximum number of 1417// policy objects that you can create for an Amazon Web Services account. For 1418// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 1419// in the WAF Developer Guide. 1420// 1421// * InternalErrorException 1422// The operation failed because of a system problem, even though the request 1423// was valid. Retry your request. 1424// 1425// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListAppsLists 1426func (c *FMS) ListAppsLists(input *ListAppsListsInput) (*ListAppsListsOutput, error) { 1427 req, out := c.ListAppsListsRequest(input) 1428 return out, req.Send() 1429} 1430 1431// ListAppsListsWithContext is the same as ListAppsLists with the addition of 1432// the ability to pass a context and additional request options. 1433// 1434// See ListAppsLists for details on how to use this API operation. 1435// 1436// The context must be non-nil and will be used for request cancellation. If 1437// the context is nil a panic will occur. In the future the SDK may create 1438// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1439// for more information on using Contexts. 1440func (c *FMS) ListAppsListsWithContext(ctx aws.Context, input *ListAppsListsInput, opts ...request.Option) (*ListAppsListsOutput, error) { 1441 req, out := c.ListAppsListsRequest(input) 1442 req.SetContext(ctx) 1443 req.ApplyOptions(opts...) 1444 return out, req.Send() 1445} 1446 1447// ListAppsListsPages iterates over the pages of a ListAppsLists operation, 1448// calling the "fn" function with the response data for each page. To stop 1449// iterating, return false from the fn function. 1450// 1451// See ListAppsLists method for more information on how to use this operation. 1452// 1453// Note: This operation can generate multiple requests to a service. 1454// 1455// // Example iterating over at most 3 pages of a ListAppsLists operation. 1456// pageNum := 0 1457// err := client.ListAppsListsPages(params, 1458// func(page *fms.ListAppsListsOutput, lastPage bool) bool { 1459// pageNum++ 1460// fmt.Println(page) 1461// return pageNum <= 3 1462// }) 1463// 1464func (c *FMS) ListAppsListsPages(input *ListAppsListsInput, fn func(*ListAppsListsOutput, bool) bool) error { 1465 return c.ListAppsListsPagesWithContext(aws.BackgroundContext(), input, fn) 1466} 1467 1468// ListAppsListsPagesWithContext same as ListAppsListsPages except 1469// it takes a Context and allows setting request options on the pages. 1470// 1471// The context must be non-nil and will be used for request cancellation. If 1472// the context is nil a panic will occur. In the future the SDK may create 1473// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1474// for more information on using Contexts. 1475func (c *FMS) ListAppsListsPagesWithContext(ctx aws.Context, input *ListAppsListsInput, fn func(*ListAppsListsOutput, bool) bool, opts ...request.Option) error { 1476 p := request.Pagination{ 1477 NewRequest: func() (*request.Request, error) { 1478 var inCpy *ListAppsListsInput 1479 if input != nil { 1480 tmp := *input 1481 inCpy = &tmp 1482 } 1483 req, _ := c.ListAppsListsRequest(inCpy) 1484 req.SetContext(ctx) 1485 req.ApplyOptions(opts...) 1486 return req, nil 1487 }, 1488 } 1489 1490 for p.Next() { 1491 if !fn(p.Page().(*ListAppsListsOutput), !p.HasNextPage()) { 1492 break 1493 } 1494 } 1495 1496 return p.Err() 1497} 1498 1499const opListComplianceStatus = "ListComplianceStatus" 1500 1501// ListComplianceStatusRequest generates a "aws/request.Request" representing the 1502// client's request for the ListComplianceStatus operation. The "output" return 1503// value will be populated with the request's response once the request completes 1504// successfully. 1505// 1506// Use "Send" method on the returned Request to send the API call to the service. 1507// the "output" return value is not valid until after Send returns without error. 1508// 1509// See ListComplianceStatus for more information on using the ListComplianceStatus 1510// API call, and error handling. 1511// 1512// This method is useful when you want to inject custom logic or configuration 1513// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1514// 1515// 1516// // Example sending a request using the ListComplianceStatusRequest method. 1517// req, resp := client.ListComplianceStatusRequest(params) 1518// 1519// err := req.Send() 1520// if err == nil { // resp is now filled 1521// fmt.Println(resp) 1522// } 1523// 1524// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus 1525func (c *FMS) ListComplianceStatusRequest(input *ListComplianceStatusInput) (req *request.Request, output *ListComplianceStatusOutput) { 1526 op := &request.Operation{ 1527 Name: opListComplianceStatus, 1528 HTTPMethod: "POST", 1529 HTTPPath: "/", 1530 Paginator: &request.Paginator{ 1531 InputTokens: []string{"NextToken"}, 1532 OutputTokens: []string{"NextToken"}, 1533 LimitToken: "MaxResults", 1534 TruncationToken: "", 1535 }, 1536 } 1537 1538 if input == nil { 1539 input = &ListComplianceStatusInput{} 1540 } 1541 1542 output = &ListComplianceStatusOutput{} 1543 req = c.newRequest(op, input, output) 1544 return 1545} 1546 1547// ListComplianceStatus API operation for Firewall Management Service. 1548// 1549// Returns an array of PolicyComplianceStatus objects. Use PolicyComplianceStatus 1550// to get a summary of which member accounts are protected by the specified 1551// policy. 1552// 1553// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1554// with awserr.Error's Code and Message methods to get detailed information about 1555// the error. 1556// 1557// See the AWS API reference guide for Firewall Management Service's 1558// API operation ListComplianceStatus for usage and error information. 1559// 1560// Returned Error Types: 1561// * ResourceNotFoundException 1562// The specified resource was not found. 1563// 1564// * InternalErrorException 1565// The operation failed because of a system problem, even though the request 1566// was valid. Retry your request. 1567// 1568// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListComplianceStatus 1569func (c *FMS) ListComplianceStatus(input *ListComplianceStatusInput) (*ListComplianceStatusOutput, error) { 1570 req, out := c.ListComplianceStatusRequest(input) 1571 return out, req.Send() 1572} 1573 1574// ListComplianceStatusWithContext is the same as ListComplianceStatus with the addition of 1575// the ability to pass a context and additional request options. 1576// 1577// See ListComplianceStatus for details on how to use this API operation. 1578// 1579// The context must be non-nil and will be used for request cancellation. If 1580// the context is nil a panic will occur. In the future the SDK may create 1581// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1582// for more information on using Contexts. 1583func (c *FMS) ListComplianceStatusWithContext(ctx aws.Context, input *ListComplianceStatusInput, opts ...request.Option) (*ListComplianceStatusOutput, error) { 1584 req, out := c.ListComplianceStatusRequest(input) 1585 req.SetContext(ctx) 1586 req.ApplyOptions(opts...) 1587 return out, req.Send() 1588} 1589 1590// ListComplianceStatusPages iterates over the pages of a ListComplianceStatus operation, 1591// calling the "fn" function with the response data for each page. To stop 1592// iterating, return false from the fn function. 1593// 1594// See ListComplianceStatus method for more information on how to use this operation. 1595// 1596// Note: This operation can generate multiple requests to a service. 1597// 1598// // Example iterating over at most 3 pages of a ListComplianceStatus operation. 1599// pageNum := 0 1600// err := client.ListComplianceStatusPages(params, 1601// func(page *fms.ListComplianceStatusOutput, lastPage bool) bool { 1602// pageNum++ 1603// fmt.Println(page) 1604// return pageNum <= 3 1605// }) 1606// 1607func (c *FMS) ListComplianceStatusPages(input *ListComplianceStatusInput, fn func(*ListComplianceStatusOutput, bool) bool) error { 1608 return c.ListComplianceStatusPagesWithContext(aws.BackgroundContext(), input, fn) 1609} 1610 1611// ListComplianceStatusPagesWithContext same as ListComplianceStatusPages except 1612// it takes a Context and allows setting request options on the pages. 1613// 1614// The context must be non-nil and will be used for request cancellation. If 1615// the context is nil a panic will occur. In the future the SDK may create 1616// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1617// for more information on using Contexts. 1618func (c *FMS) ListComplianceStatusPagesWithContext(ctx aws.Context, input *ListComplianceStatusInput, fn func(*ListComplianceStatusOutput, bool) bool, opts ...request.Option) error { 1619 p := request.Pagination{ 1620 NewRequest: func() (*request.Request, error) { 1621 var inCpy *ListComplianceStatusInput 1622 if input != nil { 1623 tmp := *input 1624 inCpy = &tmp 1625 } 1626 req, _ := c.ListComplianceStatusRequest(inCpy) 1627 req.SetContext(ctx) 1628 req.ApplyOptions(opts...) 1629 return req, nil 1630 }, 1631 } 1632 1633 for p.Next() { 1634 if !fn(p.Page().(*ListComplianceStatusOutput), !p.HasNextPage()) { 1635 break 1636 } 1637 } 1638 1639 return p.Err() 1640} 1641 1642const opListMemberAccounts = "ListMemberAccounts" 1643 1644// ListMemberAccountsRequest generates a "aws/request.Request" representing the 1645// client's request for the ListMemberAccounts operation. The "output" return 1646// value will be populated with the request's response once the request completes 1647// successfully. 1648// 1649// Use "Send" method on the returned Request to send the API call to the service. 1650// the "output" return value is not valid until after Send returns without error. 1651// 1652// See ListMemberAccounts for more information on using the ListMemberAccounts 1653// API call, and error handling. 1654// 1655// This method is useful when you want to inject custom logic or configuration 1656// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1657// 1658// 1659// // Example sending a request using the ListMemberAccountsRequest method. 1660// req, resp := client.ListMemberAccountsRequest(params) 1661// 1662// err := req.Send() 1663// if err == nil { // resp is now filled 1664// fmt.Println(resp) 1665// } 1666// 1667// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts 1668func (c *FMS) ListMemberAccountsRequest(input *ListMemberAccountsInput) (req *request.Request, output *ListMemberAccountsOutput) { 1669 op := &request.Operation{ 1670 Name: opListMemberAccounts, 1671 HTTPMethod: "POST", 1672 HTTPPath: "/", 1673 Paginator: &request.Paginator{ 1674 InputTokens: []string{"NextToken"}, 1675 OutputTokens: []string{"NextToken"}, 1676 LimitToken: "MaxResults", 1677 TruncationToken: "", 1678 }, 1679 } 1680 1681 if input == nil { 1682 input = &ListMemberAccountsInput{} 1683 } 1684 1685 output = &ListMemberAccountsOutput{} 1686 req = c.newRequest(op, input, output) 1687 return 1688} 1689 1690// ListMemberAccounts API operation for Firewall Management Service. 1691// 1692// Returns a MemberAccounts object that lists the member accounts in the administrator's 1693// Amazon Web Services organization. 1694// 1695// The ListMemberAccounts must be submitted by the account that is set as the 1696// Firewall Manager administrator. 1697// 1698// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1699// with awserr.Error's Code and Message methods to get detailed information about 1700// the error. 1701// 1702// See the AWS API reference guide for Firewall Management Service's 1703// API operation ListMemberAccounts for usage and error information. 1704// 1705// Returned Error Types: 1706// * ResourceNotFoundException 1707// The specified resource was not found. 1708// 1709// * InternalErrorException 1710// The operation failed because of a system problem, even though the request 1711// was valid. Retry your request. 1712// 1713// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListMemberAccounts 1714func (c *FMS) ListMemberAccounts(input *ListMemberAccountsInput) (*ListMemberAccountsOutput, error) { 1715 req, out := c.ListMemberAccountsRequest(input) 1716 return out, req.Send() 1717} 1718 1719// ListMemberAccountsWithContext is the same as ListMemberAccounts with the addition of 1720// the ability to pass a context and additional request options. 1721// 1722// See ListMemberAccounts for details on how to use this API operation. 1723// 1724// The context must be non-nil and will be used for request cancellation. If 1725// the context is nil a panic will occur. In the future the SDK may create 1726// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1727// for more information on using Contexts. 1728func (c *FMS) ListMemberAccountsWithContext(ctx aws.Context, input *ListMemberAccountsInput, opts ...request.Option) (*ListMemberAccountsOutput, error) { 1729 req, out := c.ListMemberAccountsRequest(input) 1730 req.SetContext(ctx) 1731 req.ApplyOptions(opts...) 1732 return out, req.Send() 1733} 1734 1735// ListMemberAccountsPages iterates over the pages of a ListMemberAccounts operation, 1736// calling the "fn" function with the response data for each page. To stop 1737// iterating, return false from the fn function. 1738// 1739// See ListMemberAccounts method for more information on how to use this operation. 1740// 1741// Note: This operation can generate multiple requests to a service. 1742// 1743// // Example iterating over at most 3 pages of a ListMemberAccounts operation. 1744// pageNum := 0 1745// err := client.ListMemberAccountsPages(params, 1746// func(page *fms.ListMemberAccountsOutput, lastPage bool) bool { 1747// pageNum++ 1748// fmt.Println(page) 1749// return pageNum <= 3 1750// }) 1751// 1752func (c *FMS) ListMemberAccountsPages(input *ListMemberAccountsInput, fn func(*ListMemberAccountsOutput, bool) bool) error { 1753 return c.ListMemberAccountsPagesWithContext(aws.BackgroundContext(), input, fn) 1754} 1755 1756// ListMemberAccountsPagesWithContext same as ListMemberAccountsPages except 1757// it takes a Context and allows setting request options on the pages. 1758// 1759// The context must be non-nil and will be used for request cancellation. If 1760// the context is nil a panic will occur. In the future the SDK may create 1761// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1762// for more information on using Contexts. 1763func (c *FMS) ListMemberAccountsPagesWithContext(ctx aws.Context, input *ListMemberAccountsInput, fn func(*ListMemberAccountsOutput, bool) bool, opts ...request.Option) error { 1764 p := request.Pagination{ 1765 NewRequest: func() (*request.Request, error) { 1766 var inCpy *ListMemberAccountsInput 1767 if input != nil { 1768 tmp := *input 1769 inCpy = &tmp 1770 } 1771 req, _ := c.ListMemberAccountsRequest(inCpy) 1772 req.SetContext(ctx) 1773 req.ApplyOptions(opts...) 1774 return req, nil 1775 }, 1776 } 1777 1778 for p.Next() { 1779 if !fn(p.Page().(*ListMemberAccountsOutput), !p.HasNextPage()) { 1780 break 1781 } 1782 } 1783 1784 return p.Err() 1785} 1786 1787const opListPolicies = "ListPolicies" 1788 1789// ListPoliciesRequest generates a "aws/request.Request" representing the 1790// client's request for the ListPolicies operation. The "output" return 1791// value will be populated with the request's response once the request completes 1792// successfully. 1793// 1794// Use "Send" method on the returned Request to send the API call to the service. 1795// the "output" return value is not valid until after Send returns without error. 1796// 1797// See ListPolicies for more information on using the ListPolicies 1798// API call, and error handling. 1799// 1800// This method is useful when you want to inject custom logic or configuration 1801// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1802// 1803// 1804// // Example sending a request using the ListPoliciesRequest method. 1805// req, resp := client.ListPoliciesRequest(params) 1806// 1807// err := req.Send() 1808// if err == nil { // resp is now filled 1809// fmt.Println(resp) 1810// } 1811// 1812// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies 1813func (c *FMS) ListPoliciesRequest(input *ListPoliciesInput) (req *request.Request, output *ListPoliciesOutput) { 1814 op := &request.Operation{ 1815 Name: opListPolicies, 1816 HTTPMethod: "POST", 1817 HTTPPath: "/", 1818 Paginator: &request.Paginator{ 1819 InputTokens: []string{"NextToken"}, 1820 OutputTokens: []string{"NextToken"}, 1821 LimitToken: "MaxResults", 1822 TruncationToken: "", 1823 }, 1824 } 1825 1826 if input == nil { 1827 input = &ListPoliciesInput{} 1828 } 1829 1830 output = &ListPoliciesOutput{} 1831 req = c.newRequest(op, input, output) 1832 return 1833} 1834 1835// ListPolicies API operation for Firewall Management Service. 1836// 1837// Returns an array of PolicySummary objects. 1838// 1839// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1840// with awserr.Error's Code and Message methods to get detailed information about 1841// the error. 1842// 1843// See the AWS API reference guide for Firewall Management Service's 1844// API operation ListPolicies for usage and error information. 1845// 1846// Returned Error Types: 1847// * ResourceNotFoundException 1848// The specified resource was not found. 1849// 1850// * InvalidOperationException 1851// The operation failed because there was nothing to do or the operation wasn't 1852// possible. For example, you might have submitted an AssociateAdminAccount 1853// request for an account ID that was already set as the Firewall Manager administrator. 1854// Or you might have tried to access a Region that's disabled by default, and 1855// that you need to enable for the Firewall Manager administrator account and 1856// for Organizations before you can access it. 1857// 1858// * LimitExceededException 1859// The operation exceeds a resource limit, for example, the maximum number of 1860// policy objects that you can create for an Amazon Web Services account. For 1861// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 1862// in the WAF Developer Guide. 1863// 1864// * InternalErrorException 1865// The operation failed because of a system problem, even though the request 1866// was valid. Retry your request. 1867// 1868// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListPolicies 1869func (c *FMS) ListPolicies(input *ListPoliciesInput) (*ListPoliciesOutput, error) { 1870 req, out := c.ListPoliciesRequest(input) 1871 return out, req.Send() 1872} 1873 1874// ListPoliciesWithContext is the same as ListPolicies with the addition of 1875// the ability to pass a context and additional request options. 1876// 1877// See ListPolicies for details on how to use this API operation. 1878// 1879// The context must be non-nil and will be used for request cancellation. If 1880// the context is nil a panic will occur. In the future the SDK may create 1881// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1882// for more information on using Contexts. 1883func (c *FMS) ListPoliciesWithContext(ctx aws.Context, input *ListPoliciesInput, opts ...request.Option) (*ListPoliciesOutput, error) { 1884 req, out := c.ListPoliciesRequest(input) 1885 req.SetContext(ctx) 1886 req.ApplyOptions(opts...) 1887 return out, req.Send() 1888} 1889 1890// ListPoliciesPages iterates over the pages of a ListPolicies operation, 1891// calling the "fn" function with the response data for each page. To stop 1892// iterating, return false from the fn function. 1893// 1894// See ListPolicies method for more information on how to use this operation. 1895// 1896// Note: This operation can generate multiple requests to a service. 1897// 1898// // Example iterating over at most 3 pages of a ListPolicies operation. 1899// pageNum := 0 1900// err := client.ListPoliciesPages(params, 1901// func(page *fms.ListPoliciesOutput, lastPage bool) bool { 1902// pageNum++ 1903// fmt.Println(page) 1904// return pageNum <= 3 1905// }) 1906// 1907func (c *FMS) ListPoliciesPages(input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool) error { 1908 return c.ListPoliciesPagesWithContext(aws.BackgroundContext(), input, fn) 1909} 1910 1911// ListPoliciesPagesWithContext same as ListPoliciesPages except 1912// it takes a Context and allows setting request options on the pages. 1913// 1914// The context must be non-nil and will be used for request cancellation. If 1915// the context is nil a panic will occur. In the future the SDK may create 1916// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 1917// for more information on using Contexts. 1918func (c *FMS) ListPoliciesPagesWithContext(ctx aws.Context, input *ListPoliciesInput, fn func(*ListPoliciesOutput, bool) bool, opts ...request.Option) error { 1919 p := request.Pagination{ 1920 NewRequest: func() (*request.Request, error) { 1921 var inCpy *ListPoliciesInput 1922 if input != nil { 1923 tmp := *input 1924 inCpy = &tmp 1925 } 1926 req, _ := c.ListPoliciesRequest(inCpy) 1927 req.SetContext(ctx) 1928 req.ApplyOptions(opts...) 1929 return req, nil 1930 }, 1931 } 1932 1933 for p.Next() { 1934 if !fn(p.Page().(*ListPoliciesOutput), !p.HasNextPage()) { 1935 break 1936 } 1937 } 1938 1939 return p.Err() 1940} 1941 1942const opListProtocolsLists = "ListProtocolsLists" 1943 1944// ListProtocolsListsRequest generates a "aws/request.Request" representing the 1945// client's request for the ListProtocolsLists operation. The "output" return 1946// value will be populated with the request's response once the request completes 1947// successfully. 1948// 1949// Use "Send" method on the returned Request to send the API call to the service. 1950// the "output" return value is not valid until after Send returns without error. 1951// 1952// See ListProtocolsLists for more information on using the ListProtocolsLists 1953// API call, and error handling. 1954// 1955// This method is useful when you want to inject custom logic or configuration 1956// into the SDK's request lifecycle. Such as custom headers, or retry logic. 1957// 1958// 1959// // Example sending a request using the ListProtocolsListsRequest method. 1960// req, resp := client.ListProtocolsListsRequest(params) 1961// 1962// err := req.Send() 1963// if err == nil { // resp is now filled 1964// fmt.Println(resp) 1965// } 1966// 1967// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsLists 1968func (c *FMS) ListProtocolsListsRequest(input *ListProtocolsListsInput) (req *request.Request, output *ListProtocolsListsOutput) { 1969 op := &request.Operation{ 1970 Name: opListProtocolsLists, 1971 HTTPMethod: "POST", 1972 HTTPPath: "/", 1973 Paginator: &request.Paginator{ 1974 InputTokens: []string{"NextToken"}, 1975 OutputTokens: []string{"NextToken"}, 1976 LimitToken: "MaxResults", 1977 TruncationToken: "", 1978 }, 1979 } 1980 1981 if input == nil { 1982 input = &ListProtocolsListsInput{} 1983 } 1984 1985 output = &ListProtocolsListsOutput{} 1986 req = c.newRequest(op, input, output) 1987 return 1988} 1989 1990// ListProtocolsLists API operation for Firewall Management Service. 1991// 1992// Returns an array of ProtocolsListDataSummary objects. 1993// 1994// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 1995// with awserr.Error's Code and Message methods to get detailed information about 1996// the error. 1997// 1998// See the AWS API reference guide for Firewall Management Service's 1999// API operation ListProtocolsLists for usage and error information. 2000// 2001// Returned Error Types: 2002// * ResourceNotFoundException 2003// The specified resource was not found. 2004// 2005// * InvalidOperationException 2006// The operation failed because there was nothing to do or the operation wasn't 2007// possible. For example, you might have submitted an AssociateAdminAccount 2008// request for an account ID that was already set as the Firewall Manager administrator. 2009// Or you might have tried to access a Region that's disabled by default, and 2010// that you need to enable for the Firewall Manager administrator account and 2011// for Organizations before you can access it. 2012// 2013// * InternalErrorException 2014// The operation failed because of a system problem, even though the request 2015// was valid. Retry your request. 2016// 2017// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListProtocolsLists 2018func (c *FMS) ListProtocolsLists(input *ListProtocolsListsInput) (*ListProtocolsListsOutput, error) { 2019 req, out := c.ListProtocolsListsRequest(input) 2020 return out, req.Send() 2021} 2022 2023// ListProtocolsListsWithContext is the same as ListProtocolsLists with the addition of 2024// the ability to pass a context and additional request options. 2025// 2026// See ListProtocolsLists for details on how to use this API operation. 2027// 2028// The context must be non-nil and will be used for request cancellation. If 2029// the context is nil a panic will occur. In the future the SDK may create 2030// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2031// for more information on using Contexts. 2032func (c *FMS) ListProtocolsListsWithContext(ctx aws.Context, input *ListProtocolsListsInput, opts ...request.Option) (*ListProtocolsListsOutput, error) { 2033 req, out := c.ListProtocolsListsRequest(input) 2034 req.SetContext(ctx) 2035 req.ApplyOptions(opts...) 2036 return out, req.Send() 2037} 2038 2039// ListProtocolsListsPages iterates over the pages of a ListProtocolsLists operation, 2040// calling the "fn" function with the response data for each page. To stop 2041// iterating, return false from the fn function. 2042// 2043// See ListProtocolsLists method for more information on how to use this operation. 2044// 2045// Note: This operation can generate multiple requests to a service. 2046// 2047// // Example iterating over at most 3 pages of a ListProtocolsLists operation. 2048// pageNum := 0 2049// err := client.ListProtocolsListsPages(params, 2050// func(page *fms.ListProtocolsListsOutput, lastPage bool) bool { 2051// pageNum++ 2052// fmt.Println(page) 2053// return pageNum <= 3 2054// }) 2055// 2056func (c *FMS) ListProtocolsListsPages(input *ListProtocolsListsInput, fn func(*ListProtocolsListsOutput, bool) bool) error { 2057 return c.ListProtocolsListsPagesWithContext(aws.BackgroundContext(), input, fn) 2058} 2059 2060// ListProtocolsListsPagesWithContext same as ListProtocolsListsPages except 2061// it takes a Context and allows setting request options on the pages. 2062// 2063// The context must be non-nil and will be used for request cancellation. If 2064// the context is nil a panic will occur. In the future the SDK may create 2065// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2066// for more information on using Contexts. 2067func (c *FMS) ListProtocolsListsPagesWithContext(ctx aws.Context, input *ListProtocolsListsInput, fn func(*ListProtocolsListsOutput, bool) bool, opts ...request.Option) error { 2068 p := request.Pagination{ 2069 NewRequest: func() (*request.Request, error) { 2070 var inCpy *ListProtocolsListsInput 2071 if input != nil { 2072 tmp := *input 2073 inCpy = &tmp 2074 } 2075 req, _ := c.ListProtocolsListsRequest(inCpy) 2076 req.SetContext(ctx) 2077 req.ApplyOptions(opts...) 2078 return req, nil 2079 }, 2080 } 2081 2082 for p.Next() { 2083 if !fn(p.Page().(*ListProtocolsListsOutput), !p.HasNextPage()) { 2084 break 2085 } 2086 } 2087 2088 return p.Err() 2089} 2090 2091const opListTagsForResource = "ListTagsForResource" 2092 2093// ListTagsForResourceRequest generates a "aws/request.Request" representing the 2094// client's request for the ListTagsForResource operation. The "output" return 2095// value will be populated with the request's response once the request completes 2096// successfully. 2097// 2098// Use "Send" method on the returned Request to send the API call to the service. 2099// the "output" return value is not valid until after Send returns without error. 2100// 2101// See ListTagsForResource for more information on using the ListTagsForResource 2102// API call, and error handling. 2103// 2104// This method is useful when you want to inject custom logic or configuration 2105// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2106// 2107// 2108// // Example sending a request using the ListTagsForResourceRequest method. 2109// req, resp := client.ListTagsForResourceRequest(params) 2110// 2111// err := req.Send() 2112// if err == nil { // resp is now filled 2113// fmt.Println(resp) 2114// } 2115// 2116// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResource 2117func (c *FMS) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { 2118 op := &request.Operation{ 2119 Name: opListTagsForResource, 2120 HTTPMethod: "POST", 2121 HTTPPath: "/", 2122 } 2123 2124 if input == nil { 2125 input = &ListTagsForResourceInput{} 2126 } 2127 2128 output = &ListTagsForResourceOutput{} 2129 req = c.newRequest(op, input, output) 2130 return 2131} 2132 2133// ListTagsForResource API operation for Firewall Management Service. 2134// 2135// Retrieves the list of tags for the specified Amazon Web Services resource. 2136// 2137// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2138// with awserr.Error's Code and Message methods to get detailed information about 2139// the error. 2140// 2141// See the AWS API reference guide for Firewall Management Service's 2142// API operation ListTagsForResource for usage and error information. 2143// 2144// Returned Error Types: 2145// * ResourceNotFoundException 2146// The specified resource was not found. 2147// 2148// * InvalidOperationException 2149// The operation failed because there was nothing to do or the operation wasn't 2150// possible. For example, you might have submitted an AssociateAdminAccount 2151// request for an account ID that was already set as the Firewall Manager administrator. 2152// Or you might have tried to access a Region that's disabled by default, and 2153// that you need to enable for the Firewall Manager administrator account and 2154// for Organizations before you can access it. 2155// 2156// * InternalErrorException 2157// The operation failed because of a system problem, even though the request 2158// was valid. Retry your request. 2159// 2160// * InvalidInputException 2161// The parameters of the request were invalid. 2162// 2163// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/ListTagsForResource 2164func (c *FMS) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { 2165 req, out := c.ListTagsForResourceRequest(input) 2166 return out, req.Send() 2167} 2168 2169// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of 2170// the ability to pass a context and additional request options. 2171// 2172// See ListTagsForResource for details on how to use this API operation. 2173// 2174// The context must be non-nil and will be used for request cancellation. If 2175// the context is nil a panic will occur. In the future the SDK may create 2176// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2177// for more information on using Contexts. 2178func (c *FMS) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { 2179 req, out := c.ListTagsForResourceRequest(input) 2180 req.SetContext(ctx) 2181 req.ApplyOptions(opts...) 2182 return out, req.Send() 2183} 2184 2185const opPutAppsList = "PutAppsList" 2186 2187// PutAppsListRequest generates a "aws/request.Request" representing the 2188// client's request for the PutAppsList operation. The "output" return 2189// value will be populated with the request's response once the request completes 2190// successfully. 2191// 2192// Use "Send" method on the returned Request to send the API call to the service. 2193// the "output" return value is not valid until after Send returns without error. 2194// 2195// See PutAppsList for more information on using the PutAppsList 2196// API call, and error handling. 2197// 2198// This method is useful when you want to inject custom logic or configuration 2199// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2200// 2201// 2202// // Example sending a request using the PutAppsListRequest method. 2203// req, resp := client.PutAppsListRequest(params) 2204// 2205// err := req.Send() 2206// if err == nil { // resp is now filled 2207// fmt.Println(resp) 2208// } 2209// 2210// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsList 2211func (c *FMS) PutAppsListRequest(input *PutAppsListInput) (req *request.Request, output *PutAppsListOutput) { 2212 op := &request.Operation{ 2213 Name: opPutAppsList, 2214 HTTPMethod: "POST", 2215 HTTPPath: "/", 2216 } 2217 2218 if input == nil { 2219 input = &PutAppsListInput{} 2220 } 2221 2222 output = &PutAppsListOutput{} 2223 req = c.newRequest(op, input, output) 2224 return 2225} 2226 2227// PutAppsList API operation for Firewall Management Service. 2228// 2229// Creates an Firewall Manager applications list. 2230// 2231// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2232// with awserr.Error's Code and Message methods to get detailed information about 2233// the error. 2234// 2235// See the AWS API reference guide for Firewall Management Service's 2236// API operation PutAppsList for usage and error information. 2237// 2238// Returned Error Types: 2239// * ResourceNotFoundException 2240// The specified resource was not found. 2241// 2242// * InvalidOperationException 2243// The operation failed because there was nothing to do or the operation wasn't 2244// possible. For example, you might have submitted an AssociateAdminAccount 2245// request for an account ID that was already set as the Firewall Manager administrator. 2246// Or you might have tried to access a Region that's disabled by default, and 2247// that you need to enable for the Firewall Manager administrator account and 2248// for Organizations before you can access it. 2249// 2250// * InvalidInputException 2251// The parameters of the request were invalid. 2252// 2253// * LimitExceededException 2254// The operation exceeds a resource limit, for example, the maximum number of 2255// policy objects that you can create for an Amazon Web Services account. For 2256// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 2257// in the WAF Developer Guide. 2258// 2259// * InternalErrorException 2260// The operation failed because of a system problem, even though the request 2261// was valid. Retry your request. 2262// 2263// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutAppsList 2264func (c *FMS) PutAppsList(input *PutAppsListInput) (*PutAppsListOutput, error) { 2265 req, out := c.PutAppsListRequest(input) 2266 return out, req.Send() 2267} 2268 2269// PutAppsListWithContext is the same as PutAppsList with the addition of 2270// the ability to pass a context and additional request options. 2271// 2272// See PutAppsList for details on how to use this API operation. 2273// 2274// The context must be non-nil and will be used for request cancellation. If 2275// the context is nil a panic will occur. In the future the SDK may create 2276// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2277// for more information on using Contexts. 2278func (c *FMS) PutAppsListWithContext(ctx aws.Context, input *PutAppsListInput, opts ...request.Option) (*PutAppsListOutput, error) { 2279 req, out := c.PutAppsListRequest(input) 2280 req.SetContext(ctx) 2281 req.ApplyOptions(opts...) 2282 return out, req.Send() 2283} 2284 2285const opPutNotificationChannel = "PutNotificationChannel" 2286 2287// PutNotificationChannelRequest generates a "aws/request.Request" representing the 2288// client's request for the PutNotificationChannel operation. The "output" return 2289// value will be populated with the request's response once the request completes 2290// successfully. 2291// 2292// Use "Send" method on the returned Request to send the API call to the service. 2293// the "output" return value is not valid until after Send returns without error. 2294// 2295// See PutNotificationChannel for more information on using the PutNotificationChannel 2296// API call, and error handling. 2297// 2298// This method is useful when you want to inject custom logic or configuration 2299// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2300// 2301// 2302// // Example sending a request using the PutNotificationChannelRequest method. 2303// req, resp := client.PutNotificationChannelRequest(params) 2304// 2305// err := req.Send() 2306// if err == nil { // resp is now filled 2307// fmt.Println(resp) 2308// } 2309// 2310// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel 2311func (c *FMS) PutNotificationChannelRequest(input *PutNotificationChannelInput) (req *request.Request, output *PutNotificationChannelOutput) { 2312 op := &request.Operation{ 2313 Name: opPutNotificationChannel, 2314 HTTPMethod: "POST", 2315 HTTPPath: "/", 2316 } 2317 2318 if input == nil { 2319 input = &PutNotificationChannelInput{} 2320 } 2321 2322 output = &PutNotificationChannelOutput{} 2323 req = c.newRequest(op, input, output) 2324 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 2325 return 2326} 2327 2328// PutNotificationChannel API operation for Firewall Management Service. 2329// 2330// Designates the IAM role and Amazon Simple Notification Service (SNS) topic 2331// that Firewall Manager uses to record SNS logs. 2332// 2333// To perform this action outside of the console, you must configure the SNS 2334// topic to allow the Firewall Manager role AWSServiceRoleForFMS to publish 2335// SNS logs. For more information, see Firewall Manager required permissions 2336// for API actions (https://docs.aws.amazon.com/waf/latest/developerguide/fms-api-permissions-ref.html) 2337// in the Firewall Manager Developer Guide. 2338// 2339// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2340// with awserr.Error's Code and Message methods to get detailed information about 2341// the error. 2342// 2343// See the AWS API reference guide for Firewall Management Service's 2344// API operation PutNotificationChannel for usage and error information. 2345// 2346// Returned Error Types: 2347// * ResourceNotFoundException 2348// The specified resource was not found. 2349// 2350// * InvalidOperationException 2351// The operation failed because there was nothing to do or the operation wasn't 2352// possible. For example, you might have submitted an AssociateAdminAccount 2353// request for an account ID that was already set as the Firewall Manager administrator. 2354// Or you might have tried to access a Region that's disabled by default, and 2355// that you need to enable for the Firewall Manager administrator account and 2356// for Organizations before you can access it. 2357// 2358// * InternalErrorException 2359// The operation failed because of a system problem, even though the request 2360// was valid. Retry your request. 2361// 2362// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutNotificationChannel 2363func (c *FMS) PutNotificationChannel(input *PutNotificationChannelInput) (*PutNotificationChannelOutput, error) { 2364 req, out := c.PutNotificationChannelRequest(input) 2365 return out, req.Send() 2366} 2367 2368// PutNotificationChannelWithContext is the same as PutNotificationChannel with the addition of 2369// the ability to pass a context and additional request options. 2370// 2371// See PutNotificationChannel for details on how to use this API operation. 2372// 2373// The context must be non-nil and will be used for request cancellation. If 2374// the context is nil a panic will occur. In the future the SDK may create 2375// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2376// for more information on using Contexts. 2377func (c *FMS) PutNotificationChannelWithContext(ctx aws.Context, input *PutNotificationChannelInput, opts ...request.Option) (*PutNotificationChannelOutput, error) { 2378 req, out := c.PutNotificationChannelRequest(input) 2379 req.SetContext(ctx) 2380 req.ApplyOptions(opts...) 2381 return out, req.Send() 2382} 2383 2384const opPutPolicy = "PutPolicy" 2385 2386// PutPolicyRequest generates a "aws/request.Request" representing the 2387// client's request for the PutPolicy operation. The "output" return 2388// value will be populated with the request's response once the request completes 2389// successfully. 2390// 2391// Use "Send" method on the returned Request to send the API call to the service. 2392// the "output" return value is not valid until after Send returns without error. 2393// 2394// See PutPolicy for more information on using the PutPolicy 2395// API call, and error handling. 2396// 2397// This method is useful when you want to inject custom logic or configuration 2398// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2399// 2400// 2401// // Example sending a request using the PutPolicyRequest method. 2402// req, resp := client.PutPolicyRequest(params) 2403// 2404// err := req.Send() 2405// if err == nil { // resp is now filled 2406// fmt.Println(resp) 2407// } 2408// 2409// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy 2410func (c *FMS) PutPolicyRequest(input *PutPolicyInput) (req *request.Request, output *PutPolicyOutput) { 2411 op := &request.Operation{ 2412 Name: opPutPolicy, 2413 HTTPMethod: "POST", 2414 HTTPPath: "/", 2415 } 2416 2417 if input == nil { 2418 input = &PutPolicyInput{} 2419 } 2420 2421 output = &PutPolicyOutput{} 2422 req = c.newRequest(op, input, output) 2423 return 2424} 2425 2426// PutPolicy API operation for Firewall Management Service. 2427// 2428// Creates an Firewall Manager policy. 2429// 2430// Firewall Manager provides the following types of policies: 2431// 2432// * An WAF policy (type WAFV2), which defines rule groups to run first in 2433// the corresponding WAF web ACL and rule groups to run last in the web ACL. 2434// 2435// * An WAF Classic policy (type WAF), which defines a rule group. 2436// 2437// * A Shield Advanced policy, which applies Shield Advanced protection to 2438// specified accounts and resources. 2439// 2440// * A security group policy, which manages VPC security groups across your 2441// Amazon Web Services organization. 2442// 2443// * An Network Firewall policy, which provides firewall rules to filter 2444// network traffic in specified Amazon VPCs. 2445// 2446// * A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall 2447// rules to filter DNS queries for specified VPCs. 2448// 2449// Each policy is specific to one of the types. If you want to enforce more 2450// than one policy type across accounts, create multiple policies. You can create 2451// multiple policies for each type. 2452// 2453// You must be subscribed to Shield Advanced to create a Shield Advanced policy. 2454// For more information about subscribing to Shield Advanced, see CreateSubscription 2455// (https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html). 2456// 2457// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2458// with awserr.Error's Code and Message methods to get detailed information about 2459// the error. 2460// 2461// See the AWS API reference guide for Firewall Management Service's 2462// API operation PutPolicy for usage and error information. 2463// 2464// Returned Error Types: 2465// * ResourceNotFoundException 2466// The specified resource was not found. 2467// 2468// * InvalidOperationException 2469// The operation failed because there was nothing to do or the operation wasn't 2470// possible. For example, you might have submitted an AssociateAdminAccount 2471// request for an account ID that was already set as the Firewall Manager administrator. 2472// Or you might have tried to access a Region that's disabled by default, and 2473// that you need to enable for the Firewall Manager administrator account and 2474// for Organizations before you can access it. 2475// 2476// * InvalidInputException 2477// The parameters of the request were invalid. 2478// 2479// * LimitExceededException 2480// The operation exceeds a resource limit, for example, the maximum number of 2481// policy objects that you can create for an Amazon Web Services account. For 2482// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 2483// in the WAF Developer Guide. 2484// 2485// * InternalErrorException 2486// The operation failed because of a system problem, even though the request 2487// was valid. Retry your request. 2488// 2489// * InvalidTypeException 2490// The value of the Type parameter is invalid. 2491// 2492// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutPolicy 2493func (c *FMS) PutPolicy(input *PutPolicyInput) (*PutPolicyOutput, error) { 2494 req, out := c.PutPolicyRequest(input) 2495 return out, req.Send() 2496} 2497 2498// PutPolicyWithContext is the same as PutPolicy with the addition of 2499// the ability to pass a context and additional request options. 2500// 2501// See PutPolicy for details on how to use this API operation. 2502// 2503// The context must be non-nil and will be used for request cancellation. If 2504// the context is nil a panic will occur. In the future the SDK may create 2505// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2506// for more information on using Contexts. 2507func (c *FMS) PutPolicyWithContext(ctx aws.Context, input *PutPolicyInput, opts ...request.Option) (*PutPolicyOutput, error) { 2508 req, out := c.PutPolicyRequest(input) 2509 req.SetContext(ctx) 2510 req.ApplyOptions(opts...) 2511 return out, req.Send() 2512} 2513 2514const opPutProtocolsList = "PutProtocolsList" 2515 2516// PutProtocolsListRequest generates a "aws/request.Request" representing the 2517// client's request for the PutProtocolsList operation. The "output" return 2518// value will be populated with the request's response once the request completes 2519// successfully. 2520// 2521// Use "Send" method on the returned Request to send the API call to the service. 2522// the "output" return value is not valid until after Send returns without error. 2523// 2524// See PutProtocolsList for more information on using the PutProtocolsList 2525// API call, and error handling. 2526// 2527// This method is useful when you want to inject custom logic or configuration 2528// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2529// 2530// 2531// // Example sending a request using the PutProtocolsListRequest method. 2532// req, resp := client.PutProtocolsListRequest(params) 2533// 2534// err := req.Send() 2535// if err == nil { // resp is now filled 2536// fmt.Println(resp) 2537// } 2538// 2539// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsList 2540func (c *FMS) PutProtocolsListRequest(input *PutProtocolsListInput) (req *request.Request, output *PutProtocolsListOutput) { 2541 op := &request.Operation{ 2542 Name: opPutProtocolsList, 2543 HTTPMethod: "POST", 2544 HTTPPath: "/", 2545 } 2546 2547 if input == nil { 2548 input = &PutProtocolsListInput{} 2549 } 2550 2551 output = &PutProtocolsListOutput{} 2552 req = c.newRequest(op, input, output) 2553 return 2554} 2555 2556// PutProtocolsList API operation for Firewall Management Service. 2557// 2558// Creates an Firewall Manager protocols list. 2559// 2560// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2561// with awserr.Error's Code and Message methods to get detailed information about 2562// the error. 2563// 2564// See the AWS API reference guide for Firewall Management Service's 2565// API operation PutProtocolsList for usage and error information. 2566// 2567// Returned Error Types: 2568// * ResourceNotFoundException 2569// The specified resource was not found. 2570// 2571// * InvalidOperationException 2572// The operation failed because there was nothing to do or the operation wasn't 2573// possible. For example, you might have submitted an AssociateAdminAccount 2574// request for an account ID that was already set as the Firewall Manager administrator. 2575// Or you might have tried to access a Region that's disabled by default, and 2576// that you need to enable for the Firewall Manager administrator account and 2577// for Organizations before you can access it. 2578// 2579// * InvalidInputException 2580// The parameters of the request were invalid. 2581// 2582// * LimitExceededException 2583// The operation exceeds a resource limit, for example, the maximum number of 2584// policy objects that you can create for an Amazon Web Services account. For 2585// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 2586// in the WAF Developer Guide. 2587// 2588// * InternalErrorException 2589// The operation failed because of a system problem, even though the request 2590// was valid. Retry your request. 2591// 2592// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/PutProtocolsList 2593func (c *FMS) PutProtocolsList(input *PutProtocolsListInput) (*PutProtocolsListOutput, error) { 2594 req, out := c.PutProtocolsListRequest(input) 2595 return out, req.Send() 2596} 2597 2598// PutProtocolsListWithContext is the same as PutProtocolsList with the addition of 2599// the ability to pass a context and additional request options. 2600// 2601// See PutProtocolsList for details on how to use this API operation. 2602// 2603// The context must be non-nil and will be used for request cancellation. If 2604// the context is nil a panic will occur. In the future the SDK may create 2605// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2606// for more information on using Contexts. 2607func (c *FMS) PutProtocolsListWithContext(ctx aws.Context, input *PutProtocolsListInput, opts ...request.Option) (*PutProtocolsListOutput, error) { 2608 req, out := c.PutProtocolsListRequest(input) 2609 req.SetContext(ctx) 2610 req.ApplyOptions(opts...) 2611 return out, req.Send() 2612} 2613 2614const opTagResource = "TagResource" 2615 2616// TagResourceRequest generates a "aws/request.Request" representing the 2617// client's request for the TagResource operation. The "output" return 2618// value will be populated with the request's response once the request completes 2619// successfully. 2620// 2621// Use "Send" method on the returned Request to send the API call to the service. 2622// the "output" return value is not valid until after Send returns without error. 2623// 2624// See TagResource for more information on using the TagResource 2625// API call, and error handling. 2626// 2627// This method is useful when you want to inject custom logic or configuration 2628// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2629// 2630// 2631// // Example sending a request using the TagResourceRequest method. 2632// req, resp := client.TagResourceRequest(params) 2633// 2634// err := req.Send() 2635// if err == nil { // resp is now filled 2636// fmt.Println(resp) 2637// } 2638// 2639// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/TagResource 2640func (c *FMS) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { 2641 op := &request.Operation{ 2642 Name: opTagResource, 2643 HTTPMethod: "POST", 2644 HTTPPath: "/", 2645 } 2646 2647 if input == nil { 2648 input = &TagResourceInput{} 2649 } 2650 2651 output = &TagResourceOutput{} 2652 req = c.newRequest(op, input, output) 2653 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 2654 return 2655} 2656 2657// TagResource API operation for Firewall Management Service. 2658// 2659// Adds one or more tags to an Amazon Web Services resource. 2660// 2661// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2662// with awserr.Error's Code and Message methods to get detailed information about 2663// the error. 2664// 2665// See the AWS API reference guide for Firewall Management Service's 2666// API operation TagResource for usage and error information. 2667// 2668// Returned Error Types: 2669// * ResourceNotFoundException 2670// The specified resource was not found. 2671// 2672// * InvalidOperationException 2673// The operation failed because there was nothing to do or the operation wasn't 2674// possible. For example, you might have submitted an AssociateAdminAccount 2675// request for an account ID that was already set as the Firewall Manager administrator. 2676// Or you might have tried to access a Region that's disabled by default, and 2677// that you need to enable for the Firewall Manager administrator account and 2678// for Organizations before you can access it. 2679// 2680// * InternalErrorException 2681// The operation failed because of a system problem, even though the request 2682// was valid. Retry your request. 2683// 2684// * InvalidInputException 2685// The parameters of the request were invalid. 2686// 2687// * LimitExceededException 2688// The operation exceeds a resource limit, for example, the maximum number of 2689// policy objects that you can create for an Amazon Web Services account. For 2690// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 2691// in the WAF Developer Guide. 2692// 2693// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/TagResource 2694func (c *FMS) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { 2695 req, out := c.TagResourceRequest(input) 2696 return out, req.Send() 2697} 2698 2699// TagResourceWithContext is the same as TagResource with the addition of 2700// the ability to pass a context and additional request options. 2701// 2702// See TagResource for details on how to use this API operation. 2703// 2704// The context must be non-nil and will be used for request cancellation. If 2705// the context is nil a panic will occur. In the future the SDK may create 2706// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2707// for more information on using Contexts. 2708func (c *FMS) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { 2709 req, out := c.TagResourceRequest(input) 2710 req.SetContext(ctx) 2711 req.ApplyOptions(opts...) 2712 return out, req.Send() 2713} 2714 2715const opUntagResource = "UntagResource" 2716 2717// UntagResourceRequest generates a "aws/request.Request" representing the 2718// client's request for the UntagResource operation. The "output" return 2719// value will be populated with the request's response once the request completes 2720// successfully. 2721// 2722// Use "Send" method on the returned Request to send the API call to the service. 2723// the "output" return value is not valid until after Send returns without error. 2724// 2725// See UntagResource for more information on using the UntagResource 2726// API call, and error handling. 2727// 2728// This method is useful when you want to inject custom logic or configuration 2729// into the SDK's request lifecycle. Such as custom headers, or retry logic. 2730// 2731// 2732// // Example sending a request using the UntagResourceRequest method. 2733// req, resp := client.UntagResourceRequest(params) 2734// 2735// err := req.Send() 2736// if err == nil { // resp is now filled 2737// fmt.Println(resp) 2738// } 2739// 2740// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/UntagResource 2741func (c *FMS) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { 2742 op := &request.Operation{ 2743 Name: opUntagResource, 2744 HTTPMethod: "POST", 2745 HTTPPath: "/", 2746 } 2747 2748 if input == nil { 2749 input = &UntagResourceInput{} 2750 } 2751 2752 output = &UntagResourceOutput{} 2753 req = c.newRequest(op, input, output) 2754 req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) 2755 return 2756} 2757 2758// UntagResource API operation for Firewall Management Service. 2759// 2760// Removes one or more tags from an Amazon Web Services resource. 2761// 2762// Returns awserr.Error for service API and SDK errors. Use runtime type assertions 2763// with awserr.Error's Code and Message methods to get detailed information about 2764// the error. 2765// 2766// See the AWS API reference guide for Firewall Management Service's 2767// API operation UntagResource for usage and error information. 2768// 2769// Returned Error Types: 2770// * ResourceNotFoundException 2771// The specified resource was not found. 2772// 2773// * InvalidOperationException 2774// The operation failed because there was nothing to do or the operation wasn't 2775// possible. For example, you might have submitted an AssociateAdminAccount 2776// request for an account ID that was already set as the Firewall Manager administrator. 2777// Or you might have tried to access a Region that's disabled by default, and 2778// that you need to enable for the Firewall Manager administrator account and 2779// for Organizations before you can access it. 2780// 2781// * InternalErrorException 2782// The operation failed because of a system problem, even though the request 2783// was valid. Retry your request. 2784// 2785// * InvalidInputException 2786// The parameters of the request were invalid. 2787// 2788// See also, https://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/UntagResource 2789func (c *FMS) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { 2790 req, out := c.UntagResourceRequest(input) 2791 return out, req.Send() 2792} 2793 2794// UntagResourceWithContext is the same as UntagResource with the addition of 2795// the ability to pass a context and additional request options. 2796// 2797// See UntagResource for details on how to use this API operation. 2798// 2799// The context must be non-nil and will be used for request cancellation. If 2800// the context is nil a panic will occur. In the future the SDK may create 2801// sub-contexts for http.Requests. See https://golang.org/pkg/context/ 2802// for more information on using Contexts. 2803func (c *FMS) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { 2804 req, out := c.UntagResourceRequest(input) 2805 req.SetContext(ctx) 2806 req.ApplyOptions(opts...) 2807 return out, req.Send() 2808} 2809 2810// Describes a remediation action target. 2811type ActionTarget struct { 2812 _ struct{} `type:"structure"` 2813 2814 // A description of the remediation action target. 2815 Description *string `type:"string"` 2816 2817 // The ID of the remediation target. 2818 ResourceId *string `min:"1" type:"string"` 2819} 2820 2821// String returns the string representation. 2822// 2823// API parameter values that are decorated as "sensitive" in the API will not 2824// be included in the string output. The member name will be present, but the 2825// value will be replaced with "sensitive". 2826func (s ActionTarget) String() string { 2827 return awsutil.Prettify(s) 2828} 2829 2830// GoString returns the string representation. 2831// 2832// API parameter values that are decorated as "sensitive" in the API will not 2833// be included in the string output. The member name will be present, but the 2834// value will be replaced with "sensitive". 2835func (s ActionTarget) GoString() string { 2836 return s.String() 2837} 2838 2839// SetDescription sets the Description field's value. 2840func (s *ActionTarget) SetDescription(v string) *ActionTarget { 2841 s.Description = &v 2842 return s 2843} 2844 2845// SetResourceId sets the ResourceId field's value. 2846func (s *ActionTarget) SetResourceId(v string) *ActionTarget { 2847 s.ResourceId = &v 2848 return s 2849} 2850 2851// An individual Firewall Manager application. 2852type App struct { 2853 _ struct{} `type:"structure"` 2854 2855 // The application's name. 2856 // 2857 // AppName is a required field 2858 AppName *string `min:"1" type:"string" required:"true"` 2859 2860 // The application's port number, for example 80. 2861 // 2862 // Port is a required field 2863 Port *int64 `type:"long" required:"true"` 2864 2865 // The IP protocol name or number. The name can be one of tcp, udp, or icmp. 2866 // For information on possible numbers, see Protocol Numbers (https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). 2867 // 2868 // Protocol is a required field 2869 Protocol *string `min:"1" type:"string" required:"true"` 2870} 2871 2872// String returns the string representation. 2873// 2874// API parameter values that are decorated as "sensitive" in the API will not 2875// be included in the string output. The member name will be present, but the 2876// value will be replaced with "sensitive". 2877func (s App) String() string { 2878 return awsutil.Prettify(s) 2879} 2880 2881// GoString returns the string representation. 2882// 2883// API parameter values that are decorated as "sensitive" in the API will not 2884// be included in the string output. The member name will be present, but the 2885// value will be replaced with "sensitive". 2886func (s App) GoString() string { 2887 return s.String() 2888} 2889 2890// Validate inspects the fields of the type to determine if they are valid. 2891func (s *App) Validate() error { 2892 invalidParams := request.ErrInvalidParams{Context: "App"} 2893 if s.AppName == nil { 2894 invalidParams.Add(request.NewErrParamRequired("AppName")) 2895 } 2896 if s.AppName != nil && len(*s.AppName) < 1 { 2897 invalidParams.Add(request.NewErrParamMinLen("AppName", 1)) 2898 } 2899 if s.Port == nil { 2900 invalidParams.Add(request.NewErrParamRequired("Port")) 2901 } 2902 if s.Protocol == nil { 2903 invalidParams.Add(request.NewErrParamRequired("Protocol")) 2904 } 2905 if s.Protocol != nil && len(*s.Protocol) < 1 { 2906 invalidParams.Add(request.NewErrParamMinLen("Protocol", 1)) 2907 } 2908 2909 if invalidParams.Len() > 0 { 2910 return invalidParams 2911 } 2912 return nil 2913} 2914 2915// SetAppName sets the AppName field's value. 2916func (s *App) SetAppName(v string) *App { 2917 s.AppName = &v 2918 return s 2919} 2920 2921// SetPort sets the Port field's value. 2922func (s *App) SetPort(v int64) *App { 2923 s.Port = &v 2924 return s 2925} 2926 2927// SetProtocol sets the Protocol field's value. 2928func (s *App) SetProtocol(v string) *App { 2929 s.Protocol = &v 2930 return s 2931} 2932 2933// An Firewall Manager applications list. 2934type AppsListData struct { 2935 _ struct{} `type:"structure"` 2936 2937 // An array of applications in the Firewall Manager applications list. 2938 // 2939 // AppsList is a required field 2940 AppsList []*App `type:"list" required:"true"` 2941 2942 // The time that the Firewall Manager applications list was created. 2943 CreateTime *time.Time `type:"timestamp"` 2944 2945 // The time that the Firewall Manager applications list was last updated. 2946 LastUpdateTime *time.Time `type:"timestamp"` 2947 2948 // The ID of the Firewall Manager applications list. 2949 ListId *string `min:"36" type:"string"` 2950 2951 // The name of the Firewall Manager applications list. 2952 // 2953 // ListName is a required field 2954 ListName *string `min:"1" type:"string" required:"true"` 2955 2956 // A unique identifier for each update to the list. When you update the list, 2957 // the update token must match the token of the current version of the application 2958 // list. You can retrieve the update token by getting the list. 2959 ListUpdateToken *string `min:"1" type:"string"` 2960 2961 // A map of previous version numbers to their corresponding App object arrays. 2962 PreviousAppsList map[string][]*App `type:"map"` 2963} 2964 2965// String returns the string representation. 2966// 2967// API parameter values that are decorated as "sensitive" in the API will not 2968// be included in the string output. The member name will be present, but the 2969// value will be replaced with "sensitive". 2970func (s AppsListData) String() string { 2971 return awsutil.Prettify(s) 2972} 2973 2974// GoString returns the string representation. 2975// 2976// API parameter values that are decorated as "sensitive" in the API will not 2977// be included in the string output. The member name will be present, but the 2978// value will be replaced with "sensitive". 2979func (s AppsListData) GoString() string { 2980 return s.String() 2981} 2982 2983// Validate inspects the fields of the type to determine if they are valid. 2984func (s *AppsListData) Validate() error { 2985 invalidParams := request.ErrInvalidParams{Context: "AppsListData"} 2986 if s.AppsList == nil { 2987 invalidParams.Add(request.NewErrParamRequired("AppsList")) 2988 } 2989 if s.ListId != nil && len(*s.ListId) < 36 { 2990 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 2991 } 2992 if s.ListName == nil { 2993 invalidParams.Add(request.NewErrParamRequired("ListName")) 2994 } 2995 if s.ListName != nil && len(*s.ListName) < 1 { 2996 invalidParams.Add(request.NewErrParamMinLen("ListName", 1)) 2997 } 2998 if s.ListUpdateToken != nil && len(*s.ListUpdateToken) < 1 { 2999 invalidParams.Add(request.NewErrParamMinLen("ListUpdateToken", 1)) 3000 } 3001 if s.AppsList != nil { 3002 for i, v := range s.AppsList { 3003 if v == nil { 3004 continue 3005 } 3006 if err := v.Validate(); err != nil { 3007 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "AppsList", i), err.(request.ErrInvalidParams)) 3008 } 3009 } 3010 } 3011 3012 if invalidParams.Len() > 0 { 3013 return invalidParams 3014 } 3015 return nil 3016} 3017 3018// SetAppsList sets the AppsList field's value. 3019func (s *AppsListData) SetAppsList(v []*App) *AppsListData { 3020 s.AppsList = v 3021 return s 3022} 3023 3024// SetCreateTime sets the CreateTime field's value. 3025func (s *AppsListData) SetCreateTime(v time.Time) *AppsListData { 3026 s.CreateTime = &v 3027 return s 3028} 3029 3030// SetLastUpdateTime sets the LastUpdateTime field's value. 3031func (s *AppsListData) SetLastUpdateTime(v time.Time) *AppsListData { 3032 s.LastUpdateTime = &v 3033 return s 3034} 3035 3036// SetListId sets the ListId field's value. 3037func (s *AppsListData) SetListId(v string) *AppsListData { 3038 s.ListId = &v 3039 return s 3040} 3041 3042// SetListName sets the ListName field's value. 3043func (s *AppsListData) SetListName(v string) *AppsListData { 3044 s.ListName = &v 3045 return s 3046} 3047 3048// SetListUpdateToken sets the ListUpdateToken field's value. 3049func (s *AppsListData) SetListUpdateToken(v string) *AppsListData { 3050 s.ListUpdateToken = &v 3051 return s 3052} 3053 3054// SetPreviousAppsList sets the PreviousAppsList field's value. 3055func (s *AppsListData) SetPreviousAppsList(v map[string][]*App) *AppsListData { 3056 s.PreviousAppsList = v 3057 return s 3058} 3059 3060// Details of the Firewall Manager applications list. 3061type AppsListDataSummary struct { 3062 _ struct{} `type:"structure"` 3063 3064 // An array of App objects in the Firewall Manager applications list. 3065 AppsList []*App `type:"list"` 3066 3067 // The Amazon Resource Name (ARN) of the applications list. 3068 ListArn *string `min:"1" type:"string"` 3069 3070 // The ID of the applications list. 3071 ListId *string `min:"36" type:"string"` 3072 3073 // The name of the applications list. 3074 ListName *string `min:"1" type:"string"` 3075} 3076 3077// String returns the string representation. 3078// 3079// API parameter values that are decorated as "sensitive" in the API will not 3080// be included in the string output. The member name will be present, but the 3081// value will be replaced with "sensitive". 3082func (s AppsListDataSummary) String() string { 3083 return awsutil.Prettify(s) 3084} 3085 3086// GoString returns the string representation. 3087// 3088// API parameter values that are decorated as "sensitive" in the API will not 3089// be included in the string output. The member name will be present, but the 3090// value will be replaced with "sensitive". 3091func (s AppsListDataSummary) GoString() string { 3092 return s.String() 3093} 3094 3095// SetAppsList sets the AppsList field's value. 3096func (s *AppsListDataSummary) SetAppsList(v []*App) *AppsListDataSummary { 3097 s.AppsList = v 3098 return s 3099} 3100 3101// SetListArn sets the ListArn field's value. 3102func (s *AppsListDataSummary) SetListArn(v string) *AppsListDataSummary { 3103 s.ListArn = &v 3104 return s 3105} 3106 3107// SetListId sets the ListId field's value. 3108func (s *AppsListDataSummary) SetListId(v string) *AppsListDataSummary { 3109 s.ListId = &v 3110 return s 3111} 3112 3113// SetListName sets the ListName field's value. 3114func (s *AppsListDataSummary) SetListName(v string) *AppsListDataSummary { 3115 s.ListName = &v 3116 return s 3117} 3118 3119type AssociateAdminAccountInput struct { 3120 _ struct{} `type:"structure"` 3121 3122 // The Amazon Web Services account ID to associate with Firewall Manager as 3123 // the Firewall Manager administrator account. This must be an Organizations 3124 // member account. For more information about Organizations, see Managing the 3125 // Amazon Web Services Accounts in Your Organization (https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html). 3126 // 3127 // AdminAccount is a required field 3128 AdminAccount *string `min:"1" type:"string" required:"true"` 3129} 3130 3131// String returns the string representation. 3132// 3133// API parameter values that are decorated as "sensitive" in the API will not 3134// be included in the string output. The member name will be present, but the 3135// value will be replaced with "sensitive". 3136func (s AssociateAdminAccountInput) String() string { 3137 return awsutil.Prettify(s) 3138} 3139 3140// GoString returns the string representation. 3141// 3142// API parameter values that are decorated as "sensitive" in the API will not 3143// be included in the string output. The member name will be present, but the 3144// value will be replaced with "sensitive". 3145func (s AssociateAdminAccountInput) GoString() string { 3146 return s.String() 3147} 3148 3149// Validate inspects the fields of the type to determine if they are valid. 3150func (s *AssociateAdminAccountInput) Validate() error { 3151 invalidParams := request.ErrInvalidParams{Context: "AssociateAdminAccountInput"} 3152 if s.AdminAccount == nil { 3153 invalidParams.Add(request.NewErrParamRequired("AdminAccount")) 3154 } 3155 if s.AdminAccount != nil && len(*s.AdminAccount) < 1 { 3156 invalidParams.Add(request.NewErrParamMinLen("AdminAccount", 1)) 3157 } 3158 3159 if invalidParams.Len() > 0 { 3160 return invalidParams 3161 } 3162 return nil 3163} 3164 3165// SetAdminAccount sets the AdminAccount field's value. 3166func (s *AssociateAdminAccountInput) SetAdminAccount(v string) *AssociateAdminAccountInput { 3167 s.AdminAccount = &v 3168 return s 3169} 3170 3171type AssociateAdminAccountOutput struct { 3172 _ struct{} `type:"structure"` 3173} 3174 3175// String returns the string representation. 3176// 3177// API parameter values that are decorated as "sensitive" in the API will not 3178// be included in the string output. The member name will be present, but the 3179// value will be replaced with "sensitive". 3180func (s AssociateAdminAccountOutput) String() string { 3181 return awsutil.Prettify(s) 3182} 3183 3184// GoString returns the string representation. 3185// 3186// API parameter values that are decorated as "sensitive" in the API will not 3187// be included in the string output. The member name will be present, but the 3188// value will be replaced with "sensitive". 3189func (s AssociateAdminAccountOutput) GoString() string { 3190 return s.String() 3191} 3192 3193// Violation detail for an EC2 instance resource. 3194type AwsEc2InstanceViolation struct { 3195 _ struct{} `type:"structure"` 3196 3197 // Violation detail for network interfaces associated with the EC2 instance. 3198 AwsEc2NetworkInterfaceViolations []*AwsEc2NetworkInterfaceViolation `type:"list"` 3199 3200 // The resource ID of the EC2 instance. 3201 ViolationTarget *string `type:"string"` 3202} 3203 3204// String returns the string representation. 3205// 3206// API parameter values that are decorated as "sensitive" in the API will not 3207// be included in the string output. The member name will be present, but the 3208// value will be replaced with "sensitive". 3209func (s AwsEc2InstanceViolation) String() string { 3210 return awsutil.Prettify(s) 3211} 3212 3213// GoString returns the string representation. 3214// 3215// API parameter values that are decorated as "sensitive" in the API will not 3216// be included in the string output. The member name will be present, but the 3217// value will be replaced with "sensitive". 3218func (s AwsEc2InstanceViolation) GoString() string { 3219 return s.String() 3220} 3221 3222// SetAwsEc2NetworkInterfaceViolations sets the AwsEc2NetworkInterfaceViolations field's value. 3223func (s *AwsEc2InstanceViolation) SetAwsEc2NetworkInterfaceViolations(v []*AwsEc2NetworkInterfaceViolation) *AwsEc2InstanceViolation { 3224 s.AwsEc2NetworkInterfaceViolations = v 3225 return s 3226} 3227 3228// SetViolationTarget sets the ViolationTarget field's value. 3229func (s *AwsEc2InstanceViolation) SetViolationTarget(v string) *AwsEc2InstanceViolation { 3230 s.ViolationTarget = &v 3231 return s 3232} 3233 3234// Violation detail for network interfaces associated with an EC2 instance. 3235type AwsEc2NetworkInterfaceViolation struct { 3236 _ struct{} `type:"structure"` 3237 3238 // List of security groups that violate the rules specified in the primary security 3239 // group of the Firewall Manager policy. 3240 ViolatingSecurityGroups []*string `type:"list"` 3241 3242 // The resource ID of the network interface. 3243 ViolationTarget *string `type:"string"` 3244} 3245 3246// String returns the string representation. 3247// 3248// API parameter values that are decorated as "sensitive" in the API will not 3249// be included in the string output. The member name will be present, but the 3250// value will be replaced with "sensitive". 3251func (s AwsEc2NetworkInterfaceViolation) String() string { 3252 return awsutil.Prettify(s) 3253} 3254 3255// GoString returns the string representation. 3256// 3257// API parameter values that are decorated as "sensitive" in the API will not 3258// be included in the string output. The member name will be present, but the 3259// value will be replaced with "sensitive". 3260func (s AwsEc2NetworkInterfaceViolation) GoString() string { 3261 return s.String() 3262} 3263 3264// SetViolatingSecurityGroups sets the ViolatingSecurityGroups field's value. 3265func (s *AwsEc2NetworkInterfaceViolation) SetViolatingSecurityGroups(v []*string) *AwsEc2NetworkInterfaceViolation { 3266 s.ViolatingSecurityGroups = v 3267 return s 3268} 3269 3270// SetViolationTarget sets the ViolationTarget field's value. 3271func (s *AwsEc2NetworkInterfaceViolation) SetViolationTarget(v string) *AwsEc2NetworkInterfaceViolation { 3272 s.ViolationTarget = &v 3273 return s 3274} 3275 3276// Violation detail for the rule violation in a security group when compared 3277// to the primary security group of the Firewall Manager policy. 3278type AwsVPCSecurityGroupViolation struct { 3279 _ struct{} `type:"structure"` 3280 3281 // List of rules specified in the security group of the Firewall Manager policy 3282 // that partially match the ViolationTarget rule. 3283 PartialMatches []*PartialMatch `type:"list"` 3284 3285 // Remediation options for the rule specified in the ViolationTarget. 3286 PossibleSecurityGroupRemediationActions []*SecurityGroupRemediationAction `type:"list"` 3287 3288 // The security group rule that is being evaluated. 3289 ViolationTarget *string `type:"string"` 3290 3291 // A description of the security group that violates the policy. 3292 ViolationTargetDescription *string `type:"string"` 3293} 3294 3295// String returns the string representation. 3296// 3297// API parameter values that are decorated as "sensitive" in the API will not 3298// be included in the string output. The member name will be present, but the 3299// value will be replaced with "sensitive". 3300func (s AwsVPCSecurityGroupViolation) String() string { 3301 return awsutil.Prettify(s) 3302} 3303 3304// GoString returns the string representation. 3305// 3306// API parameter values that are decorated as "sensitive" in the API will not 3307// be included in the string output. The member name will be present, but the 3308// value will be replaced with "sensitive". 3309func (s AwsVPCSecurityGroupViolation) GoString() string { 3310 return s.String() 3311} 3312 3313// SetPartialMatches sets the PartialMatches field's value. 3314func (s *AwsVPCSecurityGroupViolation) SetPartialMatches(v []*PartialMatch) *AwsVPCSecurityGroupViolation { 3315 s.PartialMatches = v 3316 return s 3317} 3318 3319// SetPossibleSecurityGroupRemediationActions sets the PossibleSecurityGroupRemediationActions field's value. 3320func (s *AwsVPCSecurityGroupViolation) SetPossibleSecurityGroupRemediationActions(v []*SecurityGroupRemediationAction) *AwsVPCSecurityGroupViolation { 3321 s.PossibleSecurityGroupRemediationActions = v 3322 return s 3323} 3324 3325// SetViolationTarget sets the ViolationTarget field's value. 3326func (s *AwsVPCSecurityGroupViolation) SetViolationTarget(v string) *AwsVPCSecurityGroupViolation { 3327 s.ViolationTarget = &v 3328 return s 3329} 3330 3331// SetViolationTargetDescription sets the ViolationTargetDescription field's value. 3332func (s *AwsVPCSecurityGroupViolation) SetViolationTargetDescription(v string) *AwsVPCSecurityGroupViolation { 3333 s.ViolationTargetDescription = &v 3334 return s 3335} 3336 3337// Details of the resource that is not protected by the policy. 3338type ComplianceViolator struct { 3339 _ struct{} `type:"structure"` 3340 3341 // The resource ID. 3342 ResourceId *string `min:"1" type:"string"` 3343 3344 // The resource type. This is in the format shown in the Amazon Web Services 3345 // Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 3346 // For example: AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::CloudFront::Distribution, 3347 // or AWS::NetworkFirewall::FirewallPolicy. 3348 ResourceType *string `min:"1" type:"string"` 3349 3350 // The reason that the resource is not protected by the policy. 3351 ViolationReason *string `type:"string" enum:"ViolationReason"` 3352} 3353 3354// String returns the string representation. 3355// 3356// API parameter values that are decorated as "sensitive" in the API will not 3357// be included in the string output. The member name will be present, but the 3358// value will be replaced with "sensitive". 3359func (s ComplianceViolator) String() string { 3360 return awsutil.Prettify(s) 3361} 3362 3363// GoString returns the string representation. 3364// 3365// API parameter values that are decorated as "sensitive" in the API will not 3366// be included in the string output. The member name will be present, but the 3367// value will be replaced with "sensitive". 3368func (s ComplianceViolator) GoString() string { 3369 return s.String() 3370} 3371 3372// SetResourceId sets the ResourceId field's value. 3373func (s *ComplianceViolator) SetResourceId(v string) *ComplianceViolator { 3374 s.ResourceId = &v 3375 return s 3376} 3377 3378// SetResourceType sets the ResourceType field's value. 3379func (s *ComplianceViolator) SetResourceType(v string) *ComplianceViolator { 3380 s.ResourceType = &v 3381 return s 3382} 3383 3384// SetViolationReason sets the ViolationReason field's value. 3385func (s *ComplianceViolator) SetViolationReason(v string) *ComplianceViolator { 3386 s.ViolationReason = &v 3387 return s 3388} 3389 3390type DeleteAppsListInput struct { 3391 _ struct{} `type:"structure"` 3392 3393 // The ID of the applications list that you want to delete. You can retrieve 3394 // this ID from PutAppsList, ListAppsLists, and GetAppsList. 3395 // 3396 // ListId is a required field 3397 ListId *string `min:"36" type:"string" required:"true"` 3398} 3399 3400// String returns the string representation. 3401// 3402// API parameter values that are decorated as "sensitive" in the API will not 3403// be included in the string output. The member name will be present, but the 3404// value will be replaced with "sensitive". 3405func (s DeleteAppsListInput) String() string { 3406 return awsutil.Prettify(s) 3407} 3408 3409// GoString returns the string representation. 3410// 3411// API parameter values that are decorated as "sensitive" in the API will not 3412// be included in the string output. The member name will be present, but the 3413// value will be replaced with "sensitive". 3414func (s DeleteAppsListInput) GoString() string { 3415 return s.String() 3416} 3417 3418// Validate inspects the fields of the type to determine if they are valid. 3419func (s *DeleteAppsListInput) Validate() error { 3420 invalidParams := request.ErrInvalidParams{Context: "DeleteAppsListInput"} 3421 if s.ListId == nil { 3422 invalidParams.Add(request.NewErrParamRequired("ListId")) 3423 } 3424 if s.ListId != nil && len(*s.ListId) < 36 { 3425 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 3426 } 3427 3428 if invalidParams.Len() > 0 { 3429 return invalidParams 3430 } 3431 return nil 3432} 3433 3434// SetListId sets the ListId field's value. 3435func (s *DeleteAppsListInput) SetListId(v string) *DeleteAppsListInput { 3436 s.ListId = &v 3437 return s 3438} 3439 3440type DeleteAppsListOutput struct { 3441 _ struct{} `type:"structure"` 3442} 3443 3444// String returns the string representation. 3445// 3446// API parameter values that are decorated as "sensitive" in the API will not 3447// be included in the string output. The member name will be present, but the 3448// value will be replaced with "sensitive". 3449func (s DeleteAppsListOutput) String() string { 3450 return awsutil.Prettify(s) 3451} 3452 3453// GoString returns the string representation. 3454// 3455// API parameter values that are decorated as "sensitive" in the API will not 3456// be included in the string output. The member name will be present, but the 3457// value will be replaced with "sensitive". 3458func (s DeleteAppsListOutput) GoString() string { 3459 return s.String() 3460} 3461 3462type DeleteNotificationChannelInput struct { 3463 _ struct{} `type:"structure"` 3464} 3465 3466// String returns the string representation. 3467// 3468// API parameter values that are decorated as "sensitive" in the API will not 3469// be included in the string output. The member name will be present, but the 3470// value will be replaced with "sensitive". 3471func (s DeleteNotificationChannelInput) String() string { 3472 return awsutil.Prettify(s) 3473} 3474 3475// GoString returns the string representation. 3476// 3477// API parameter values that are decorated as "sensitive" in the API will not 3478// be included in the string output. The member name will be present, but the 3479// value will be replaced with "sensitive". 3480func (s DeleteNotificationChannelInput) GoString() string { 3481 return s.String() 3482} 3483 3484type DeleteNotificationChannelOutput struct { 3485 _ struct{} `type:"structure"` 3486} 3487 3488// String returns the string representation. 3489// 3490// API parameter values that are decorated as "sensitive" in the API will not 3491// be included in the string output. The member name will be present, but the 3492// value will be replaced with "sensitive". 3493func (s DeleteNotificationChannelOutput) String() string { 3494 return awsutil.Prettify(s) 3495} 3496 3497// GoString returns the string representation. 3498// 3499// API parameter values that are decorated as "sensitive" in the API will not 3500// be included in the string output. The member name will be present, but the 3501// value will be replaced with "sensitive". 3502func (s DeleteNotificationChannelOutput) GoString() string { 3503 return s.String() 3504} 3505 3506type DeletePolicyInput struct { 3507 _ struct{} `type:"structure"` 3508 3509 // If True, the request performs cleanup according to the policy type. 3510 // 3511 // For WAF and Shield Advanced policies, the cleanup does the following: 3512 // 3513 // * Deletes rule groups created by Firewall Manager 3514 // 3515 // * Removes web ACLs from in-scope resources 3516 // 3517 // * Deletes web ACLs that contain no rules or rule groups 3518 // 3519 // For security group policies, the cleanup does the following for each security 3520 // group in the policy: 3521 // 3522 // * Disassociates the security group from in-scope resources 3523 // 3524 // * Deletes the security group if it was created through Firewall Manager 3525 // and if it's no longer associated with any resources through another policy 3526 // 3527 // After the cleanup, in-scope resources are no longer protected by web ACLs 3528 // in this policy. Protection of out-of-scope resources remains unchanged. Scope 3529 // is determined by tags that you create and accounts that you associate with 3530 // the policy. When creating the policy, if you specify that only resources 3531 // in specific accounts or with specific tags are in scope of the policy, those 3532 // accounts and resources are handled by the policy. All others are out of scope. 3533 // If you don't specify tags or accounts, all resources are in scope. 3534 DeleteAllPolicyResources *bool `type:"boolean"` 3535 3536 // The ID of the policy that you want to delete. You can retrieve this ID from 3537 // PutPolicy and ListPolicies. 3538 // 3539 // PolicyId is a required field 3540 PolicyId *string `min:"36" type:"string" required:"true"` 3541} 3542 3543// String returns the string representation. 3544// 3545// API parameter values that are decorated as "sensitive" in the API will not 3546// be included in the string output. The member name will be present, but the 3547// value will be replaced with "sensitive". 3548func (s DeletePolicyInput) String() string { 3549 return awsutil.Prettify(s) 3550} 3551 3552// GoString returns the string representation. 3553// 3554// API parameter values that are decorated as "sensitive" in the API will not 3555// be included in the string output. The member name will be present, but the 3556// value will be replaced with "sensitive". 3557func (s DeletePolicyInput) GoString() string { 3558 return s.String() 3559} 3560 3561// Validate inspects the fields of the type to determine if they are valid. 3562func (s *DeletePolicyInput) Validate() error { 3563 invalidParams := request.ErrInvalidParams{Context: "DeletePolicyInput"} 3564 if s.PolicyId == nil { 3565 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 3566 } 3567 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 3568 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 3569 } 3570 3571 if invalidParams.Len() > 0 { 3572 return invalidParams 3573 } 3574 return nil 3575} 3576 3577// SetDeleteAllPolicyResources sets the DeleteAllPolicyResources field's value. 3578func (s *DeletePolicyInput) SetDeleteAllPolicyResources(v bool) *DeletePolicyInput { 3579 s.DeleteAllPolicyResources = &v 3580 return s 3581} 3582 3583// SetPolicyId sets the PolicyId field's value. 3584func (s *DeletePolicyInput) SetPolicyId(v string) *DeletePolicyInput { 3585 s.PolicyId = &v 3586 return s 3587} 3588 3589type DeletePolicyOutput struct { 3590 _ struct{} `type:"structure"` 3591} 3592 3593// String returns the string representation. 3594// 3595// API parameter values that are decorated as "sensitive" in the API will not 3596// be included in the string output. The member name will be present, but the 3597// value will be replaced with "sensitive". 3598func (s DeletePolicyOutput) String() string { 3599 return awsutil.Prettify(s) 3600} 3601 3602// GoString returns the string representation. 3603// 3604// API parameter values that are decorated as "sensitive" in the API will not 3605// be included in the string output. The member name will be present, but the 3606// value will be replaced with "sensitive". 3607func (s DeletePolicyOutput) GoString() string { 3608 return s.String() 3609} 3610 3611type DeleteProtocolsListInput struct { 3612 _ struct{} `type:"structure"` 3613 3614 // The ID of the protocols list that you want to delete. You can retrieve this 3615 // ID from PutProtocolsList, ListProtocolsLists, and GetProtocolsLost. 3616 // 3617 // ListId is a required field 3618 ListId *string `min:"36" type:"string" required:"true"` 3619} 3620 3621// String returns the string representation. 3622// 3623// API parameter values that are decorated as "sensitive" in the API will not 3624// be included in the string output. The member name will be present, but the 3625// value will be replaced with "sensitive". 3626func (s DeleteProtocolsListInput) String() string { 3627 return awsutil.Prettify(s) 3628} 3629 3630// GoString returns the string representation. 3631// 3632// API parameter values that are decorated as "sensitive" in the API will not 3633// be included in the string output. The member name will be present, but the 3634// value will be replaced with "sensitive". 3635func (s DeleteProtocolsListInput) GoString() string { 3636 return s.String() 3637} 3638 3639// Validate inspects the fields of the type to determine if they are valid. 3640func (s *DeleteProtocolsListInput) Validate() error { 3641 invalidParams := request.ErrInvalidParams{Context: "DeleteProtocolsListInput"} 3642 if s.ListId == nil { 3643 invalidParams.Add(request.NewErrParamRequired("ListId")) 3644 } 3645 if s.ListId != nil && len(*s.ListId) < 36 { 3646 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 3647 } 3648 3649 if invalidParams.Len() > 0 { 3650 return invalidParams 3651 } 3652 return nil 3653} 3654 3655// SetListId sets the ListId field's value. 3656func (s *DeleteProtocolsListInput) SetListId(v string) *DeleteProtocolsListInput { 3657 s.ListId = &v 3658 return s 3659} 3660 3661type DeleteProtocolsListOutput struct { 3662 _ struct{} `type:"structure"` 3663} 3664 3665// String returns the string representation. 3666// 3667// API parameter values that are decorated as "sensitive" in the API will not 3668// be included in the string output. The member name will be present, but the 3669// value will be replaced with "sensitive". 3670func (s DeleteProtocolsListOutput) String() string { 3671 return awsutil.Prettify(s) 3672} 3673 3674// GoString returns the string representation. 3675// 3676// API parameter values that are decorated as "sensitive" in the API will not 3677// be included in the string output. The member name will be present, but the 3678// value will be replaced with "sensitive". 3679func (s DeleteProtocolsListOutput) GoString() string { 3680 return s.String() 3681} 3682 3683type DisassociateAdminAccountInput struct { 3684 _ struct{} `type:"structure"` 3685} 3686 3687// String returns the string representation. 3688// 3689// API parameter values that are decorated as "sensitive" in the API will not 3690// be included in the string output. The member name will be present, but the 3691// value will be replaced with "sensitive". 3692func (s DisassociateAdminAccountInput) String() string { 3693 return awsutil.Prettify(s) 3694} 3695 3696// GoString returns the string representation. 3697// 3698// API parameter values that are decorated as "sensitive" in the API will not 3699// be included in the string output. The member name will be present, but the 3700// value will be replaced with "sensitive". 3701func (s DisassociateAdminAccountInput) GoString() string { 3702 return s.String() 3703} 3704 3705type DisassociateAdminAccountOutput struct { 3706 _ struct{} `type:"structure"` 3707} 3708 3709// String returns the string representation. 3710// 3711// API parameter values that are decorated as "sensitive" in the API will not 3712// be included in the string output. The member name will be present, but the 3713// value will be replaced with "sensitive". 3714func (s DisassociateAdminAccountOutput) String() string { 3715 return awsutil.Prettify(s) 3716} 3717 3718// GoString returns the string representation. 3719// 3720// API parameter values that are decorated as "sensitive" in the API will not 3721// be included in the string output. The member name will be present, but the 3722// value will be replaced with "sensitive". 3723func (s DisassociateAdminAccountOutput) GoString() string { 3724 return s.String() 3725} 3726 3727// A DNS Firewall rule group that Firewall Manager tried to associate with a 3728// VPC is already associated with the VPC and can't be associated again. 3729type DnsDuplicateRuleGroupViolation struct { 3730 _ struct{} `type:"structure"` 3731 3732 // Information about the VPC ID. 3733 ViolationTarget *string `type:"string"` 3734 3735 // A description of the violation that specifies the rule group and VPC. 3736 ViolationTargetDescription *string `type:"string"` 3737} 3738 3739// String returns the string representation. 3740// 3741// API parameter values that are decorated as "sensitive" in the API will not 3742// be included in the string output. The member name will be present, but the 3743// value will be replaced with "sensitive". 3744func (s DnsDuplicateRuleGroupViolation) String() string { 3745 return awsutil.Prettify(s) 3746} 3747 3748// GoString returns the string representation. 3749// 3750// API parameter values that are decorated as "sensitive" in the API will not 3751// be included in the string output. The member name will be present, but the 3752// value will be replaced with "sensitive". 3753func (s DnsDuplicateRuleGroupViolation) GoString() string { 3754 return s.String() 3755} 3756 3757// SetViolationTarget sets the ViolationTarget field's value. 3758func (s *DnsDuplicateRuleGroupViolation) SetViolationTarget(v string) *DnsDuplicateRuleGroupViolation { 3759 s.ViolationTarget = &v 3760 return s 3761} 3762 3763// SetViolationTargetDescription sets the ViolationTargetDescription field's value. 3764func (s *DnsDuplicateRuleGroupViolation) SetViolationTargetDescription(v string) *DnsDuplicateRuleGroupViolation { 3765 s.ViolationTargetDescription = &v 3766 return s 3767} 3768 3769// The VPC that Firewall Manager was applying a DNS Fireall policy to reached 3770// the limit for associated DNS Firewall rule groups. Firewall Manager tried 3771// to associate another rule group with the VPC and failed due to the limit. 3772type DnsRuleGroupLimitExceededViolation struct { 3773 _ struct{} `type:"structure"` 3774 3775 // The number of rule groups currently associated with the VPC. 3776 NumberOfRuleGroupsAlreadyAssociated *int64 `type:"integer"` 3777 3778 // Information about the VPC ID. 3779 ViolationTarget *string `type:"string"` 3780 3781 // A description of the violation that specifies the rule group and VPC. 3782 ViolationTargetDescription *string `type:"string"` 3783} 3784 3785// String returns the string representation. 3786// 3787// API parameter values that are decorated as "sensitive" in the API will not 3788// be included in the string output. The member name will be present, but the 3789// value will be replaced with "sensitive". 3790func (s DnsRuleGroupLimitExceededViolation) String() string { 3791 return awsutil.Prettify(s) 3792} 3793 3794// GoString returns the string representation. 3795// 3796// API parameter values that are decorated as "sensitive" in the API will not 3797// be included in the string output. The member name will be present, but the 3798// value will be replaced with "sensitive". 3799func (s DnsRuleGroupLimitExceededViolation) GoString() string { 3800 return s.String() 3801} 3802 3803// SetNumberOfRuleGroupsAlreadyAssociated sets the NumberOfRuleGroupsAlreadyAssociated field's value. 3804func (s *DnsRuleGroupLimitExceededViolation) SetNumberOfRuleGroupsAlreadyAssociated(v int64) *DnsRuleGroupLimitExceededViolation { 3805 s.NumberOfRuleGroupsAlreadyAssociated = &v 3806 return s 3807} 3808 3809// SetViolationTarget sets the ViolationTarget field's value. 3810func (s *DnsRuleGroupLimitExceededViolation) SetViolationTarget(v string) *DnsRuleGroupLimitExceededViolation { 3811 s.ViolationTarget = &v 3812 return s 3813} 3814 3815// SetViolationTargetDescription sets the ViolationTargetDescription field's value. 3816func (s *DnsRuleGroupLimitExceededViolation) SetViolationTargetDescription(v string) *DnsRuleGroupLimitExceededViolation { 3817 s.ViolationTargetDescription = &v 3818 return s 3819} 3820 3821// A rule group that Firewall Manager tried to associate with a VPC has the 3822// same priority as a rule group that's already associated. 3823type DnsRuleGroupPriorityConflictViolation struct { 3824 _ struct{} `type:"structure"` 3825 3826 // The ID of the Firewall Manager DNS Firewall policy that was already applied 3827 // to the VPC. This policy contains the rule group that's already associated 3828 // with the VPC. 3829 ConflictingPolicyId *string `min:"36" type:"string"` 3830 3831 // The priority setting of the two conflicting rule groups. 3832 ConflictingPriority *int64 `type:"integer"` 3833 3834 // The priorities of rule groups that are already associated with the VPC. To 3835 // retry your operation, choose priority settings that aren't in this list for 3836 // the rule groups in your new DNS Firewall policy. 3837 UnavailablePriorities []*int64 `type:"list"` 3838 3839 // Information about the VPC ID. 3840 ViolationTarget *string `type:"string"` 3841 3842 // A description of the violation that specifies the VPC and the rule group 3843 // that's already associated with it. 3844 ViolationTargetDescription *string `type:"string"` 3845} 3846 3847// String returns the string representation. 3848// 3849// API parameter values that are decorated as "sensitive" in the API will not 3850// be included in the string output. The member name will be present, but the 3851// value will be replaced with "sensitive". 3852func (s DnsRuleGroupPriorityConflictViolation) String() string { 3853 return awsutil.Prettify(s) 3854} 3855 3856// GoString returns the string representation. 3857// 3858// API parameter values that are decorated as "sensitive" in the API will not 3859// be included in the string output. The member name will be present, but the 3860// value will be replaced with "sensitive". 3861func (s DnsRuleGroupPriorityConflictViolation) GoString() string { 3862 return s.String() 3863} 3864 3865// SetConflictingPolicyId sets the ConflictingPolicyId field's value. 3866func (s *DnsRuleGroupPriorityConflictViolation) SetConflictingPolicyId(v string) *DnsRuleGroupPriorityConflictViolation { 3867 s.ConflictingPolicyId = &v 3868 return s 3869} 3870 3871// SetConflictingPriority sets the ConflictingPriority field's value. 3872func (s *DnsRuleGroupPriorityConflictViolation) SetConflictingPriority(v int64) *DnsRuleGroupPriorityConflictViolation { 3873 s.ConflictingPriority = &v 3874 return s 3875} 3876 3877// SetUnavailablePriorities sets the UnavailablePriorities field's value. 3878func (s *DnsRuleGroupPriorityConflictViolation) SetUnavailablePriorities(v []*int64) *DnsRuleGroupPriorityConflictViolation { 3879 s.UnavailablePriorities = v 3880 return s 3881} 3882 3883// SetViolationTarget sets the ViolationTarget field's value. 3884func (s *DnsRuleGroupPriorityConflictViolation) SetViolationTarget(v string) *DnsRuleGroupPriorityConflictViolation { 3885 s.ViolationTarget = &v 3886 return s 3887} 3888 3889// SetViolationTargetDescription sets the ViolationTargetDescription field's value. 3890func (s *DnsRuleGroupPriorityConflictViolation) SetViolationTargetDescription(v string) *DnsRuleGroupPriorityConflictViolation { 3891 s.ViolationTargetDescription = &v 3892 return s 3893} 3894 3895// The action of associating an EC2 resource, such as a subnet or internet gateway, 3896// with a route table. 3897type EC2AssociateRouteTableAction struct { 3898 _ struct{} `type:"structure"` 3899 3900 // A description of the EC2 route table that is associated with the remediation 3901 // action. 3902 Description *string `type:"string"` 3903 3904 // The ID of the gateway to be used with the EC2 route table that is associated 3905 // with the remediation action. 3906 GatewayId *ActionTarget `type:"structure"` 3907 3908 // The ID of the EC2 route table that is associated with the remediation action. 3909 // 3910 // RouteTableId is a required field 3911 RouteTableId *ActionTarget `type:"structure" required:"true"` 3912 3913 // The ID of the subnet for the EC2 route table that is associated with the 3914 // remediation action. 3915 SubnetId *ActionTarget `type:"structure"` 3916} 3917 3918// String returns the string representation. 3919// 3920// API parameter values that are decorated as "sensitive" in the API will not 3921// be included in the string output. The member name will be present, but the 3922// value will be replaced with "sensitive". 3923func (s EC2AssociateRouteTableAction) String() string { 3924 return awsutil.Prettify(s) 3925} 3926 3927// GoString returns the string representation. 3928// 3929// API parameter values that are decorated as "sensitive" in the API will not 3930// be included in the string output. The member name will be present, but the 3931// value will be replaced with "sensitive". 3932func (s EC2AssociateRouteTableAction) GoString() string { 3933 return s.String() 3934} 3935 3936// SetDescription sets the Description field's value. 3937func (s *EC2AssociateRouteTableAction) SetDescription(v string) *EC2AssociateRouteTableAction { 3938 s.Description = &v 3939 return s 3940} 3941 3942// SetGatewayId sets the GatewayId field's value. 3943func (s *EC2AssociateRouteTableAction) SetGatewayId(v *ActionTarget) *EC2AssociateRouteTableAction { 3944 s.GatewayId = v 3945 return s 3946} 3947 3948// SetRouteTableId sets the RouteTableId field's value. 3949func (s *EC2AssociateRouteTableAction) SetRouteTableId(v *ActionTarget) *EC2AssociateRouteTableAction { 3950 s.RouteTableId = v 3951 return s 3952} 3953 3954// SetSubnetId sets the SubnetId field's value. 3955func (s *EC2AssociateRouteTableAction) SetSubnetId(v *ActionTarget) *EC2AssociateRouteTableAction { 3956 s.SubnetId = v 3957 return s 3958} 3959 3960// An action that copies the EC2 route table for use in remediation. 3961type EC2CopyRouteTableAction struct { 3962 _ struct{} `type:"structure"` 3963 3964 // A description of the copied EC2 route table that is associated with the remediation 3965 // action. 3966 Description *string `type:"string"` 3967 3968 // The ID of the copied EC2 route table that is associated with the remediation 3969 // action. 3970 // 3971 // RouteTableId is a required field 3972 RouteTableId *ActionTarget `type:"structure" required:"true"` 3973 3974 // The VPC ID of the copied EC2 route table that is associated with the remediation 3975 // action. 3976 // 3977 // VpcId is a required field 3978 VpcId *ActionTarget `type:"structure" required:"true"` 3979} 3980 3981// String returns the string representation. 3982// 3983// API parameter values that are decorated as "sensitive" in the API will not 3984// be included in the string output. The member name will be present, but the 3985// value will be replaced with "sensitive". 3986func (s EC2CopyRouteTableAction) String() string { 3987 return awsutil.Prettify(s) 3988} 3989 3990// GoString returns the string representation. 3991// 3992// API parameter values that are decorated as "sensitive" in the API will not 3993// be included in the string output. The member name will be present, but the 3994// value will be replaced with "sensitive". 3995func (s EC2CopyRouteTableAction) GoString() string { 3996 return s.String() 3997} 3998 3999// SetDescription sets the Description field's value. 4000func (s *EC2CopyRouteTableAction) SetDescription(v string) *EC2CopyRouteTableAction { 4001 s.Description = &v 4002 return s 4003} 4004 4005// SetRouteTableId sets the RouteTableId field's value. 4006func (s *EC2CopyRouteTableAction) SetRouteTableId(v *ActionTarget) *EC2CopyRouteTableAction { 4007 s.RouteTableId = v 4008 return s 4009} 4010 4011// SetVpcId sets the VpcId field's value. 4012func (s *EC2CopyRouteTableAction) SetVpcId(v *ActionTarget) *EC2CopyRouteTableAction { 4013 s.VpcId = v 4014 return s 4015} 4016 4017// Information about the CreateRoute action in Amazon EC2. 4018type EC2CreateRouteAction struct { 4019 _ struct{} `type:"structure"` 4020 4021 // A description of CreateRoute action in Amazon EC2. 4022 Description *string `type:"string"` 4023 4024 // Information about the IPv4 CIDR address block used for the destination match. 4025 DestinationCidrBlock *string `type:"string"` 4026 4027 // Information about the IPv6 CIDR block destination. 4028 DestinationIpv6CidrBlock *string `type:"string"` 4029 4030 // Information about the ID of a prefix list used for the destination match. 4031 DestinationPrefixListId *string `min:"1" type:"string"` 4032 4033 // Information about the ID of an internet gateway or virtual private gateway 4034 // attached to your VPC. 4035 GatewayId *ActionTarget `type:"structure"` 4036 4037 // Information about the ID of the route table for the route. 4038 // 4039 // RouteTableId is a required field 4040 RouteTableId *ActionTarget `type:"structure" required:"true"` 4041 4042 // Information about the ID of a VPC endpoint. Supported for Gateway Load Balancer 4043 // endpoints only. 4044 VpcEndpointId *ActionTarget `type:"structure"` 4045} 4046 4047// String returns the string representation. 4048// 4049// API parameter values that are decorated as "sensitive" in the API will not 4050// be included in the string output. The member name will be present, but the 4051// value will be replaced with "sensitive". 4052func (s EC2CreateRouteAction) String() string { 4053 return awsutil.Prettify(s) 4054} 4055 4056// GoString returns the string representation. 4057// 4058// API parameter values that are decorated as "sensitive" in the API will not 4059// be included in the string output. The member name will be present, but the 4060// value will be replaced with "sensitive". 4061func (s EC2CreateRouteAction) GoString() string { 4062 return s.String() 4063} 4064 4065// SetDescription sets the Description field's value. 4066func (s *EC2CreateRouteAction) SetDescription(v string) *EC2CreateRouteAction { 4067 s.Description = &v 4068 return s 4069} 4070 4071// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. 4072func (s *EC2CreateRouteAction) SetDestinationCidrBlock(v string) *EC2CreateRouteAction { 4073 s.DestinationCidrBlock = &v 4074 return s 4075} 4076 4077// SetDestinationIpv6CidrBlock sets the DestinationIpv6CidrBlock field's value. 4078func (s *EC2CreateRouteAction) SetDestinationIpv6CidrBlock(v string) *EC2CreateRouteAction { 4079 s.DestinationIpv6CidrBlock = &v 4080 return s 4081} 4082 4083// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. 4084func (s *EC2CreateRouteAction) SetDestinationPrefixListId(v string) *EC2CreateRouteAction { 4085 s.DestinationPrefixListId = &v 4086 return s 4087} 4088 4089// SetGatewayId sets the GatewayId field's value. 4090func (s *EC2CreateRouteAction) SetGatewayId(v *ActionTarget) *EC2CreateRouteAction { 4091 s.GatewayId = v 4092 return s 4093} 4094 4095// SetRouteTableId sets the RouteTableId field's value. 4096func (s *EC2CreateRouteAction) SetRouteTableId(v *ActionTarget) *EC2CreateRouteAction { 4097 s.RouteTableId = v 4098 return s 4099} 4100 4101// SetVpcEndpointId sets the VpcEndpointId field's value. 4102func (s *EC2CreateRouteAction) SetVpcEndpointId(v *ActionTarget) *EC2CreateRouteAction { 4103 s.VpcEndpointId = v 4104 return s 4105} 4106 4107// Information about the CreateRouteTable action in Amazon EC2. 4108type EC2CreateRouteTableAction struct { 4109 _ struct{} `type:"structure"` 4110 4111 // A description of the CreateRouteTable action. 4112 Description *string `type:"string"` 4113 4114 // Information about the ID of a VPC. 4115 // 4116 // VpcId is a required field 4117 VpcId *ActionTarget `type:"structure" required:"true"` 4118} 4119 4120// String returns the string representation. 4121// 4122// API parameter values that are decorated as "sensitive" in the API will not 4123// be included in the string output. The member name will be present, but the 4124// value will be replaced with "sensitive". 4125func (s EC2CreateRouteTableAction) String() string { 4126 return awsutil.Prettify(s) 4127} 4128 4129// GoString returns the string representation. 4130// 4131// API parameter values that are decorated as "sensitive" in the API will not 4132// be included in the string output. The member name will be present, but the 4133// value will be replaced with "sensitive". 4134func (s EC2CreateRouteTableAction) GoString() string { 4135 return s.String() 4136} 4137 4138// SetDescription sets the Description field's value. 4139func (s *EC2CreateRouteTableAction) SetDescription(v string) *EC2CreateRouteTableAction { 4140 s.Description = &v 4141 return s 4142} 4143 4144// SetVpcId sets the VpcId field's value. 4145func (s *EC2CreateRouteTableAction) SetVpcId(v *ActionTarget) *EC2CreateRouteTableAction { 4146 s.VpcId = v 4147 return s 4148} 4149 4150// Information about the DeleteRoute action in Amazon EC2. 4151type EC2DeleteRouteAction struct { 4152 _ struct{} `type:"structure"` 4153 4154 // A description of the DeleteRoute action. 4155 Description *string `type:"string"` 4156 4157 // Information about the IPv4 CIDR range for the route. The value you specify 4158 // must match the CIDR for the route exactly. 4159 DestinationCidrBlock *string `type:"string"` 4160 4161 // Information about the IPv6 CIDR range for the route. The value you specify 4162 // must match the CIDR for the route exactly. 4163 DestinationIpv6CidrBlock *string `type:"string"` 4164 4165 // Information about the ID of the prefix list for the route. 4166 DestinationPrefixListId *string `min:"1" type:"string"` 4167 4168 // Information about the ID of the route table. 4169 // 4170 // RouteTableId is a required field 4171 RouteTableId *ActionTarget `type:"structure" required:"true"` 4172} 4173 4174// String returns the string representation. 4175// 4176// API parameter values that are decorated as "sensitive" in the API will not 4177// be included in the string output. The member name will be present, but the 4178// value will be replaced with "sensitive". 4179func (s EC2DeleteRouteAction) String() string { 4180 return awsutil.Prettify(s) 4181} 4182 4183// GoString returns the string representation. 4184// 4185// API parameter values that are decorated as "sensitive" in the API will not 4186// be included in the string output. The member name will be present, but the 4187// value will be replaced with "sensitive". 4188func (s EC2DeleteRouteAction) GoString() string { 4189 return s.String() 4190} 4191 4192// SetDescription sets the Description field's value. 4193func (s *EC2DeleteRouteAction) SetDescription(v string) *EC2DeleteRouteAction { 4194 s.Description = &v 4195 return s 4196} 4197 4198// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. 4199func (s *EC2DeleteRouteAction) SetDestinationCidrBlock(v string) *EC2DeleteRouteAction { 4200 s.DestinationCidrBlock = &v 4201 return s 4202} 4203 4204// SetDestinationIpv6CidrBlock sets the DestinationIpv6CidrBlock field's value. 4205func (s *EC2DeleteRouteAction) SetDestinationIpv6CidrBlock(v string) *EC2DeleteRouteAction { 4206 s.DestinationIpv6CidrBlock = &v 4207 return s 4208} 4209 4210// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. 4211func (s *EC2DeleteRouteAction) SetDestinationPrefixListId(v string) *EC2DeleteRouteAction { 4212 s.DestinationPrefixListId = &v 4213 return s 4214} 4215 4216// SetRouteTableId sets the RouteTableId field's value. 4217func (s *EC2DeleteRouteAction) SetRouteTableId(v *ActionTarget) *EC2DeleteRouteAction { 4218 s.RouteTableId = v 4219 return s 4220} 4221 4222// Information about the ReplaceRoute action in Amazon EC2. 4223type EC2ReplaceRouteAction struct { 4224 _ struct{} `type:"structure"` 4225 4226 // A description of the ReplaceRoute action in Amazon EC2. 4227 Description *string `type:"string"` 4228 4229 // Information about the IPv4 CIDR address block used for the destination match. 4230 // The value that you provide must match the CIDR of an existing route in the 4231 // table. 4232 DestinationCidrBlock *string `type:"string"` 4233 4234 // Information about the IPv6 CIDR address block used for the destination match. 4235 // The value that you provide must match the CIDR of an existing route in the 4236 // table. 4237 DestinationIpv6CidrBlock *string `type:"string"` 4238 4239 // Information about the ID of the prefix list for the route. 4240 DestinationPrefixListId *string `min:"1" type:"string"` 4241 4242 // Information about the ID of an internet gateway or virtual private gateway. 4243 GatewayId *ActionTarget `type:"structure"` 4244 4245 // Information about the ID of the route table. 4246 // 4247 // RouteTableId is a required field 4248 RouteTableId *ActionTarget `type:"structure" required:"true"` 4249} 4250 4251// String returns the string representation. 4252// 4253// API parameter values that are decorated as "sensitive" in the API will not 4254// be included in the string output. The member name will be present, but the 4255// value will be replaced with "sensitive". 4256func (s EC2ReplaceRouteAction) String() string { 4257 return awsutil.Prettify(s) 4258} 4259 4260// GoString returns the string representation. 4261// 4262// API parameter values that are decorated as "sensitive" in the API will not 4263// be included in the string output. The member name will be present, but the 4264// value will be replaced with "sensitive". 4265func (s EC2ReplaceRouteAction) GoString() string { 4266 return s.String() 4267} 4268 4269// SetDescription sets the Description field's value. 4270func (s *EC2ReplaceRouteAction) SetDescription(v string) *EC2ReplaceRouteAction { 4271 s.Description = &v 4272 return s 4273} 4274 4275// SetDestinationCidrBlock sets the DestinationCidrBlock field's value. 4276func (s *EC2ReplaceRouteAction) SetDestinationCidrBlock(v string) *EC2ReplaceRouteAction { 4277 s.DestinationCidrBlock = &v 4278 return s 4279} 4280 4281// SetDestinationIpv6CidrBlock sets the DestinationIpv6CidrBlock field's value. 4282func (s *EC2ReplaceRouteAction) SetDestinationIpv6CidrBlock(v string) *EC2ReplaceRouteAction { 4283 s.DestinationIpv6CidrBlock = &v 4284 return s 4285} 4286 4287// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. 4288func (s *EC2ReplaceRouteAction) SetDestinationPrefixListId(v string) *EC2ReplaceRouteAction { 4289 s.DestinationPrefixListId = &v 4290 return s 4291} 4292 4293// SetGatewayId sets the GatewayId field's value. 4294func (s *EC2ReplaceRouteAction) SetGatewayId(v *ActionTarget) *EC2ReplaceRouteAction { 4295 s.GatewayId = v 4296 return s 4297} 4298 4299// SetRouteTableId sets the RouteTableId field's value. 4300func (s *EC2ReplaceRouteAction) SetRouteTableId(v *ActionTarget) *EC2ReplaceRouteAction { 4301 s.RouteTableId = v 4302 return s 4303} 4304 4305// Information about the ReplaceRouteTableAssociation action in Amazon EC2. 4306type EC2ReplaceRouteTableAssociationAction struct { 4307 _ struct{} `type:"structure"` 4308 4309 // Information about the association ID. 4310 // 4311 // AssociationId is a required field 4312 AssociationId *ActionTarget `type:"structure" required:"true"` 4313 4314 // A description of the ReplaceRouteTableAssociation action in Amazon EC2. 4315 Description *string `type:"string"` 4316 4317 // Information about the ID of the new route table to associate with the subnet. 4318 // 4319 // RouteTableId is a required field 4320 RouteTableId *ActionTarget `type:"structure" required:"true"` 4321} 4322 4323// String returns the string representation. 4324// 4325// API parameter values that are decorated as "sensitive" in the API will not 4326// be included in the string output. The member name will be present, but the 4327// value will be replaced with "sensitive". 4328func (s EC2ReplaceRouteTableAssociationAction) String() string { 4329 return awsutil.Prettify(s) 4330} 4331 4332// GoString returns the string representation. 4333// 4334// API parameter values that are decorated as "sensitive" in the API will not 4335// be included in the string output. The member name will be present, but the 4336// value will be replaced with "sensitive". 4337func (s EC2ReplaceRouteTableAssociationAction) GoString() string { 4338 return s.String() 4339} 4340 4341// SetAssociationId sets the AssociationId field's value. 4342func (s *EC2ReplaceRouteTableAssociationAction) SetAssociationId(v *ActionTarget) *EC2ReplaceRouteTableAssociationAction { 4343 s.AssociationId = v 4344 return s 4345} 4346 4347// SetDescription sets the Description field's value. 4348func (s *EC2ReplaceRouteTableAssociationAction) SetDescription(v string) *EC2ReplaceRouteTableAssociationAction { 4349 s.Description = &v 4350 return s 4351} 4352 4353// SetRouteTableId sets the RouteTableId field's value. 4354func (s *EC2ReplaceRouteTableAssociationAction) SetRouteTableId(v *ActionTarget) *EC2ReplaceRouteTableAssociationAction { 4355 s.RouteTableId = v 4356 return s 4357} 4358 4359// Describes the compliance status for the account. An account is considered 4360// noncompliant if it includes resources that are not protected by the specified 4361// policy or that don't comply with the policy. 4362type EvaluationResult struct { 4363 _ struct{} `type:"structure"` 4364 4365 // Describes an Amazon Web Services account's compliance with the Firewall Manager 4366 // policy. 4367 ComplianceStatus *string `type:"string" enum:"PolicyComplianceStatusType"` 4368 4369 // Indicates that over 100 resources are noncompliant with the Firewall Manager 4370 // policy. 4371 EvaluationLimitExceeded *bool `type:"boolean"` 4372 4373 // The number of resources that are noncompliant with the specified policy. 4374 // For WAF and Shield Advanced policies, a resource is considered noncompliant 4375 // if it is not associated with the policy. For security group policies, a resource 4376 // is considered noncompliant if it doesn't comply with the rules of the policy 4377 // and remediation is disabled or not possible. 4378 ViolatorCount *int64 `type:"long"` 4379} 4380 4381// String returns the string representation. 4382// 4383// API parameter values that are decorated as "sensitive" in the API will not 4384// be included in the string output. The member name will be present, but the 4385// value will be replaced with "sensitive". 4386func (s EvaluationResult) String() string { 4387 return awsutil.Prettify(s) 4388} 4389 4390// GoString returns the string representation. 4391// 4392// API parameter values that are decorated as "sensitive" in the API will not 4393// be included in the string output. The member name will be present, but the 4394// value will be replaced with "sensitive". 4395func (s EvaluationResult) GoString() string { 4396 return s.String() 4397} 4398 4399// SetComplianceStatus sets the ComplianceStatus field's value. 4400func (s *EvaluationResult) SetComplianceStatus(v string) *EvaluationResult { 4401 s.ComplianceStatus = &v 4402 return s 4403} 4404 4405// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value. 4406func (s *EvaluationResult) SetEvaluationLimitExceeded(v bool) *EvaluationResult { 4407 s.EvaluationLimitExceeded = &v 4408 return s 4409} 4410 4411// SetViolatorCount sets the ViolatorCount field's value. 4412func (s *EvaluationResult) SetViolatorCount(v int64) *EvaluationResult { 4413 s.ViolatorCount = &v 4414 return s 4415} 4416 4417// Information about the expected route in the route table. 4418type ExpectedRoute struct { 4419 _ struct{} `type:"structure"` 4420 4421 // Information about the allowed targets. 4422 AllowedTargets []*string `type:"list"` 4423 4424 // Information about the contributing subnets. 4425 ContributingSubnets []*string `type:"list"` 4426 4427 // Information about the IPv4 CIDR block. 4428 IpV4Cidr *string `type:"string"` 4429 4430 // Information about the IPv6 CIDR block. 4431 IpV6Cidr *string `type:"string"` 4432 4433 // Information about the ID of the prefix list for the route. 4434 PrefixListId *string `type:"string"` 4435 4436 // Information about the route table ID. 4437 RouteTableId *string `min:"1" type:"string"` 4438} 4439 4440// String returns the string representation. 4441// 4442// API parameter values that are decorated as "sensitive" in the API will not 4443// be included in the string output. The member name will be present, but the 4444// value will be replaced with "sensitive". 4445func (s ExpectedRoute) String() string { 4446 return awsutil.Prettify(s) 4447} 4448 4449// GoString returns the string representation. 4450// 4451// API parameter values that are decorated as "sensitive" in the API will not 4452// be included in the string output. The member name will be present, but the 4453// value will be replaced with "sensitive". 4454func (s ExpectedRoute) GoString() string { 4455 return s.String() 4456} 4457 4458// SetAllowedTargets sets the AllowedTargets field's value. 4459func (s *ExpectedRoute) SetAllowedTargets(v []*string) *ExpectedRoute { 4460 s.AllowedTargets = v 4461 return s 4462} 4463 4464// SetContributingSubnets sets the ContributingSubnets field's value. 4465func (s *ExpectedRoute) SetContributingSubnets(v []*string) *ExpectedRoute { 4466 s.ContributingSubnets = v 4467 return s 4468} 4469 4470// SetIpV4Cidr sets the IpV4Cidr field's value. 4471func (s *ExpectedRoute) SetIpV4Cidr(v string) *ExpectedRoute { 4472 s.IpV4Cidr = &v 4473 return s 4474} 4475 4476// SetIpV6Cidr sets the IpV6Cidr field's value. 4477func (s *ExpectedRoute) SetIpV6Cidr(v string) *ExpectedRoute { 4478 s.IpV6Cidr = &v 4479 return s 4480} 4481 4482// SetPrefixListId sets the PrefixListId field's value. 4483func (s *ExpectedRoute) SetPrefixListId(v string) *ExpectedRoute { 4484 s.PrefixListId = &v 4485 return s 4486} 4487 4488// SetRouteTableId sets the RouteTableId field's value. 4489func (s *ExpectedRoute) SetRouteTableId(v string) *ExpectedRoute { 4490 s.RouteTableId = &v 4491 return s 4492} 4493 4494type GetAdminAccountInput struct { 4495 _ struct{} `type:"structure"` 4496} 4497 4498// String returns the string representation. 4499// 4500// API parameter values that are decorated as "sensitive" in the API will not 4501// be included in the string output. The member name will be present, but the 4502// value will be replaced with "sensitive". 4503func (s GetAdminAccountInput) String() string { 4504 return awsutil.Prettify(s) 4505} 4506 4507// GoString returns the string representation. 4508// 4509// API parameter values that are decorated as "sensitive" in the API will not 4510// be included in the string output. The member name will be present, but the 4511// value will be replaced with "sensitive". 4512func (s GetAdminAccountInput) GoString() string { 4513 return s.String() 4514} 4515 4516type GetAdminAccountOutput struct { 4517 _ struct{} `type:"structure"` 4518 4519 // The Amazon Web Services account that is set as the Firewall Manager administrator. 4520 AdminAccount *string `min:"1" type:"string"` 4521 4522 // The status of the Amazon Web Services account that you set as the Firewall 4523 // Manager administrator. 4524 RoleStatus *string `type:"string" enum:"AccountRoleStatus"` 4525} 4526 4527// String returns the string representation. 4528// 4529// API parameter values that are decorated as "sensitive" in the API will not 4530// be included in the string output. The member name will be present, but the 4531// value will be replaced with "sensitive". 4532func (s GetAdminAccountOutput) String() string { 4533 return awsutil.Prettify(s) 4534} 4535 4536// GoString returns the string representation. 4537// 4538// API parameter values that are decorated as "sensitive" in the API will not 4539// be included in the string output. The member name will be present, but the 4540// value will be replaced with "sensitive". 4541func (s GetAdminAccountOutput) GoString() string { 4542 return s.String() 4543} 4544 4545// SetAdminAccount sets the AdminAccount field's value. 4546func (s *GetAdminAccountOutput) SetAdminAccount(v string) *GetAdminAccountOutput { 4547 s.AdminAccount = &v 4548 return s 4549} 4550 4551// SetRoleStatus sets the RoleStatus field's value. 4552func (s *GetAdminAccountOutput) SetRoleStatus(v string) *GetAdminAccountOutput { 4553 s.RoleStatus = &v 4554 return s 4555} 4556 4557type GetAppsListInput struct { 4558 _ struct{} `type:"structure"` 4559 4560 // Specifies whether the list to retrieve is a default list owned by Firewall 4561 // Manager. 4562 DefaultList *bool `type:"boolean"` 4563 4564 // The ID of the Firewall Manager applications list that you want the details 4565 // for. 4566 // 4567 // ListId is a required field 4568 ListId *string `min:"36" type:"string" required:"true"` 4569} 4570 4571// String returns the string representation. 4572// 4573// API parameter values that are decorated as "sensitive" in the API will not 4574// be included in the string output. The member name will be present, but the 4575// value will be replaced with "sensitive". 4576func (s GetAppsListInput) String() string { 4577 return awsutil.Prettify(s) 4578} 4579 4580// GoString returns the string representation. 4581// 4582// API parameter values that are decorated as "sensitive" in the API will not 4583// be included in the string output. The member name will be present, but the 4584// value will be replaced with "sensitive". 4585func (s GetAppsListInput) GoString() string { 4586 return s.String() 4587} 4588 4589// Validate inspects the fields of the type to determine if they are valid. 4590func (s *GetAppsListInput) Validate() error { 4591 invalidParams := request.ErrInvalidParams{Context: "GetAppsListInput"} 4592 if s.ListId == nil { 4593 invalidParams.Add(request.NewErrParamRequired("ListId")) 4594 } 4595 if s.ListId != nil && len(*s.ListId) < 36 { 4596 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 4597 } 4598 4599 if invalidParams.Len() > 0 { 4600 return invalidParams 4601 } 4602 return nil 4603} 4604 4605// SetDefaultList sets the DefaultList field's value. 4606func (s *GetAppsListInput) SetDefaultList(v bool) *GetAppsListInput { 4607 s.DefaultList = &v 4608 return s 4609} 4610 4611// SetListId sets the ListId field's value. 4612func (s *GetAppsListInput) SetListId(v string) *GetAppsListInput { 4613 s.ListId = &v 4614 return s 4615} 4616 4617type GetAppsListOutput struct { 4618 _ struct{} `type:"structure"` 4619 4620 // Information about the specified Firewall Manager applications list. 4621 AppsList *AppsListData `type:"structure"` 4622 4623 // The Amazon Resource Name (ARN) of the applications list. 4624 AppsListArn *string `min:"1" type:"string"` 4625} 4626 4627// String returns the string representation. 4628// 4629// API parameter values that are decorated as "sensitive" in the API will not 4630// be included in the string output. The member name will be present, but the 4631// value will be replaced with "sensitive". 4632func (s GetAppsListOutput) String() string { 4633 return awsutil.Prettify(s) 4634} 4635 4636// GoString returns the string representation. 4637// 4638// API parameter values that are decorated as "sensitive" in the API will not 4639// be included in the string output. The member name will be present, but the 4640// value will be replaced with "sensitive". 4641func (s GetAppsListOutput) GoString() string { 4642 return s.String() 4643} 4644 4645// SetAppsList sets the AppsList field's value. 4646func (s *GetAppsListOutput) SetAppsList(v *AppsListData) *GetAppsListOutput { 4647 s.AppsList = v 4648 return s 4649} 4650 4651// SetAppsListArn sets the AppsListArn field's value. 4652func (s *GetAppsListOutput) SetAppsListArn(v string) *GetAppsListOutput { 4653 s.AppsListArn = &v 4654 return s 4655} 4656 4657type GetComplianceDetailInput struct { 4658 _ struct{} `type:"structure"` 4659 4660 // The Amazon Web Services account that owns the resources that you want to 4661 // get the details for. 4662 // 4663 // MemberAccount is a required field 4664 MemberAccount *string `min:"1" type:"string" required:"true"` 4665 4666 // The ID of the policy that you want to get the details for. PolicyId is returned 4667 // by PutPolicy and by ListPolicies. 4668 // 4669 // PolicyId is a required field 4670 PolicyId *string `min:"36" type:"string" required:"true"` 4671} 4672 4673// String returns the string representation. 4674// 4675// API parameter values that are decorated as "sensitive" in the API will not 4676// be included in the string output. The member name will be present, but the 4677// value will be replaced with "sensitive". 4678func (s GetComplianceDetailInput) String() string { 4679 return awsutil.Prettify(s) 4680} 4681 4682// GoString returns the string representation. 4683// 4684// API parameter values that are decorated as "sensitive" in the API will not 4685// be included in the string output. The member name will be present, but the 4686// value will be replaced with "sensitive". 4687func (s GetComplianceDetailInput) GoString() string { 4688 return s.String() 4689} 4690 4691// Validate inspects the fields of the type to determine if they are valid. 4692func (s *GetComplianceDetailInput) Validate() error { 4693 invalidParams := request.ErrInvalidParams{Context: "GetComplianceDetailInput"} 4694 if s.MemberAccount == nil { 4695 invalidParams.Add(request.NewErrParamRequired("MemberAccount")) 4696 } 4697 if s.MemberAccount != nil && len(*s.MemberAccount) < 1 { 4698 invalidParams.Add(request.NewErrParamMinLen("MemberAccount", 1)) 4699 } 4700 if s.PolicyId == nil { 4701 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 4702 } 4703 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 4704 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 4705 } 4706 4707 if invalidParams.Len() > 0 { 4708 return invalidParams 4709 } 4710 return nil 4711} 4712 4713// SetMemberAccount sets the MemberAccount field's value. 4714func (s *GetComplianceDetailInput) SetMemberAccount(v string) *GetComplianceDetailInput { 4715 s.MemberAccount = &v 4716 return s 4717} 4718 4719// SetPolicyId sets the PolicyId field's value. 4720func (s *GetComplianceDetailInput) SetPolicyId(v string) *GetComplianceDetailInput { 4721 s.PolicyId = &v 4722 return s 4723} 4724 4725type GetComplianceDetailOutput struct { 4726 _ struct{} `type:"structure"` 4727 4728 // Information about the resources and the policy that you specified in the 4729 // GetComplianceDetail request. 4730 PolicyComplianceDetail *PolicyComplianceDetail `type:"structure"` 4731} 4732 4733// String returns the string representation. 4734// 4735// API parameter values that are decorated as "sensitive" in the API will not 4736// be included in the string output. The member name will be present, but the 4737// value will be replaced with "sensitive". 4738func (s GetComplianceDetailOutput) String() string { 4739 return awsutil.Prettify(s) 4740} 4741 4742// GoString returns the string representation. 4743// 4744// API parameter values that are decorated as "sensitive" in the API will not 4745// be included in the string output. The member name will be present, but the 4746// value will be replaced with "sensitive". 4747func (s GetComplianceDetailOutput) GoString() string { 4748 return s.String() 4749} 4750 4751// SetPolicyComplianceDetail sets the PolicyComplianceDetail field's value. 4752func (s *GetComplianceDetailOutput) SetPolicyComplianceDetail(v *PolicyComplianceDetail) *GetComplianceDetailOutput { 4753 s.PolicyComplianceDetail = v 4754 return s 4755} 4756 4757type GetNotificationChannelInput struct { 4758 _ struct{} `type:"structure"` 4759} 4760 4761// String returns the string representation. 4762// 4763// API parameter values that are decorated as "sensitive" in the API will not 4764// be included in the string output. The member name will be present, but the 4765// value will be replaced with "sensitive". 4766func (s GetNotificationChannelInput) String() string { 4767 return awsutil.Prettify(s) 4768} 4769 4770// GoString returns the string representation. 4771// 4772// API parameter values that are decorated as "sensitive" in the API will not 4773// be included in the string output. The member name will be present, but the 4774// value will be replaced with "sensitive". 4775func (s GetNotificationChannelInput) GoString() string { 4776 return s.String() 4777} 4778 4779type GetNotificationChannelOutput struct { 4780 _ struct{} `type:"structure"` 4781 4782 // The IAM role that is used by Firewall Manager to record activity to SNS. 4783 SnsRoleName *string `min:"1" type:"string"` 4784 4785 // The SNS topic that records Firewall Manager activity. 4786 SnsTopicArn *string `min:"1" type:"string"` 4787} 4788 4789// String returns the string representation. 4790// 4791// API parameter values that are decorated as "sensitive" in the API will not 4792// be included in the string output. The member name will be present, but the 4793// value will be replaced with "sensitive". 4794func (s GetNotificationChannelOutput) String() string { 4795 return awsutil.Prettify(s) 4796} 4797 4798// GoString returns the string representation. 4799// 4800// API parameter values that are decorated as "sensitive" in the API will not 4801// be included in the string output. The member name will be present, but the 4802// value will be replaced with "sensitive". 4803func (s GetNotificationChannelOutput) GoString() string { 4804 return s.String() 4805} 4806 4807// SetSnsRoleName sets the SnsRoleName field's value. 4808func (s *GetNotificationChannelOutput) SetSnsRoleName(v string) *GetNotificationChannelOutput { 4809 s.SnsRoleName = &v 4810 return s 4811} 4812 4813// SetSnsTopicArn sets the SnsTopicArn field's value. 4814func (s *GetNotificationChannelOutput) SetSnsTopicArn(v string) *GetNotificationChannelOutput { 4815 s.SnsTopicArn = &v 4816 return s 4817} 4818 4819type GetPolicyInput struct { 4820 _ struct{} `type:"structure"` 4821 4822 // The ID of the Firewall Manager policy that you want the details for. 4823 // 4824 // PolicyId is a required field 4825 PolicyId *string `min:"36" type:"string" required:"true"` 4826} 4827 4828// String returns the string representation. 4829// 4830// API parameter values that are decorated as "sensitive" in the API will not 4831// be included in the string output. The member name will be present, but the 4832// value will be replaced with "sensitive". 4833func (s GetPolicyInput) String() string { 4834 return awsutil.Prettify(s) 4835} 4836 4837// GoString returns the string representation. 4838// 4839// API parameter values that are decorated as "sensitive" in the API will not 4840// be included in the string output. The member name will be present, but the 4841// value will be replaced with "sensitive". 4842func (s GetPolicyInput) GoString() string { 4843 return s.String() 4844} 4845 4846// Validate inspects the fields of the type to determine if they are valid. 4847func (s *GetPolicyInput) Validate() error { 4848 invalidParams := request.ErrInvalidParams{Context: "GetPolicyInput"} 4849 if s.PolicyId == nil { 4850 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 4851 } 4852 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 4853 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 4854 } 4855 4856 if invalidParams.Len() > 0 { 4857 return invalidParams 4858 } 4859 return nil 4860} 4861 4862// SetPolicyId sets the PolicyId field's value. 4863func (s *GetPolicyInput) SetPolicyId(v string) *GetPolicyInput { 4864 s.PolicyId = &v 4865 return s 4866} 4867 4868type GetPolicyOutput struct { 4869 _ struct{} `type:"structure"` 4870 4871 // Information about the specified Firewall Manager policy. 4872 Policy *Policy `type:"structure"` 4873 4874 // The Amazon Resource Name (ARN) of the specified policy. 4875 PolicyArn *string `min:"1" type:"string"` 4876} 4877 4878// String returns the string representation. 4879// 4880// API parameter values that are decorated as "sensitive" in the API will not 4881// be included in the string output. The member name will be present, but the 4882// value will be replaced with "sensitive". 4883func (s GetPolicyOutput) String() string { 4884 return awsutil.Prettify(s) 4885} 4886 4887// GoString returns the string representation. 4888// 4889// API parameter values that are decorated as "sensitive" in the API will not 4890// be included in the string output. The member name will be present, but the 4891// value will be replaced with "sensitive". 4892func (s GetPolicyOutput) GoString() string { 4893 return s.String() 4894} 4895 4896// SetPolicy sets the Policy field's value. 4897func (s *GetPolicyOutput) SetPolicy(v *Policy) *GetPolicyOutput { 4898 s.Policy = v 4899 return s 4900} 4901 4902// SetPolicyArn sets the PolicyArn field's value. 4903func (s *GetPolicyOutput) SetPolicyArn(v string) *GetPolicyOutput { 4904 s.PolicyArn = &v 4905 return s 4906} 4907 4908type GetProtectionStatusInput struct { 4909 _ struct{} `type:"structure"` 4910 4911 // The end of the time period to query for the attacks. This is a timestamp 4912 // type. The request syntax listing indicates a number type because the default 4913 // used by Firewall Manager is Unix time in seconds. However, any valid timestamp 4914 // format is allowed. 4915 EndTime *time.Time `type:"timestamp"` 4916 4917 // Specifies the number of objects that you want Firewall Manager to return 4918 // for this request. If you have more objects than the number that you specify 4919 // for MaxResults, the response includes a NextToken value that you can use 4920 // to get another batch of objects. 4921 MaxResults *int64 `min:"1" type:"integer"` 4922 4923 // The Amazon Web Services account that is in scope of the policy that you want 4924 // to get the details for. 4925 MemberAccountId *string `min:"1" type:"string"` 4926 4927 // If you specify a value for MaxResults and you have more objects than the 4928 // number that you specify for MaxResults, Firewall Manager returns a NextToken 4929 // value in the response, which you can use to retrieve another group of objects. 4930 // For the second and subsequent GetProtectionStatus requests, specify the value 4931 // of NextToken from the previous response to get information about another 4932 // batch of objects. 4933 NextToken *string `min:"1" type:"string"` 4934 4935 // The ID of the policy for which you want to get the attack information. 4936 // 4937 // PolicyId is a required field 4938 PolicyId *string `min:"36" type:"string" required:"true"` 4939 4940 // The start of the time period to query for the attacks. This is a timestamp 4941 // type. The request syntax listing indicates a number type because the default 4942 // used by Firewall Manager is Unix time in seconds. However, any valid timestamp 4943 // format is allowed. 4944 StartTime *time.Time `type:"timestamp"` 4945} 4946 4947// String returns the string representation. 4948// 4949// API parameter values that are decorated as "sensitive" in the API will not 4950// be included in the string output. The member name will be present, but the 4951// value will be replaced with "sensitive". 4952func (s GetProtectionStatusInput) String() string { 4953 return awsutil.Prettify(s) 4954} 4955 4956// GoString returns the string representation. 4957// 4958// API parameter values that are decorated as "sensitive" in the API will not 4959// be included in the string output. The member name will be present, but the 4960// value will be replaced with "sensitive". 4961func (s GetProtectionStatusInput) GoString() string { 4962 return s.String() 4963} 4964 4965// Validate inspects the fields of the type to determine if they are valid. 4966func (s *GetProtectionStatusInput) Validate() error { 4967 invalidParams := request.ErrInvalidParams{Context: "GetProtectionStatusInput"} 4968 if s.MaxResults != nil && *s.MaxResults < 1 { 4969 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 4970 } 4971 if s.MemberAccountId != nil && len(*s.MemberAccountId) < 1 { 4972 invalidParams.Add(request.NewErrParamMinLen("MemberAccountId", 1)) 4973 } 4974 if s.NextToken != nil && len(*s.NextToken) < 1 { 4975 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 4976 } 4977 if s.PolicyId == nil { 4978 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 4979 } 4980 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 4981 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 4982 } 4983 4984 if invalidParams.Len() > 0 { 4985 return invalidParams 4986 } 4987 return nil 4988} 4989 4990// SetEndTime sets the EndTime field's value. 4991func (s *GetProtectionStatusInput) SetEndTime(v time.Time) *GetProtectionStatusInput { 4992 s.EndTime = &v 4993 return s 4994} 4995 4996// SetMaxResults sets the MaxResults field's value. 4997func (s *GetProtectionStatusInput) SetMaxResults(v int64) *GetProtectionStatusInput { 4998 s.MaxResults = &v 4999 return s 5000} 5001 5002// SetMemberAccountId sets the MemberAccountId field's value. 5003func (s *GetProtectionStatusInput) SetMemberAccountId(v string) *GetProtectionStatusInput { 5004 s.MemberAccountId = &v 5005 return s 5006} 5007 5008// SetNextToken sets the NextToken field's value. 5009func (s *GetProtectionStatusInput) SetNextToken(v string) *GetProtectionStatusInput { 5010 s.NextToken = &v 5011 return s 5012} 5013 5014// SetPolicyId sets the PolicyId field's value. 5015func (s *GetProtectionStatusInput) SetPolicyId(v string) *GetProtectionStatusInput { 5016 s.PolicyId = &v 5017 return s 5018} 5019 5020// SetStartTime sets the StartTime field's value. 5021func (s *GetProtectionStatusInput) SetStartTime(v time.Time) *GetProtectionStatusInput { 5022 s.StartTime = &v 5023 return s 5024} 5025 5026type GetProtectionStatusOutput struct { 5027 _ struct{} `type:"structure"` 5028 5029 // The ID of the Firewall Manager administrator account for this policy. 5030 AdminAccountId *string `min:"1" type:"string"` 5031 5032 // Details about the attack, including the following: 5033 // 5034 // * Attack type 5035 // 5036 // * Account ID 5037 // 5038 // * ARN of the resource attacked 5039 // 5040 // * Start time of the attack 5041 // 5042 // * End time of the attack (ongoing attacks will not have an end time) 5043 // 5044 // The details are in JSON format. 5045 Data *string `type:"string"` 5046 5047 // If you have more objects than the number that you specified for MaxResults 5048 // in the request, the response includes a NextToken value. To list more objects, 5049 // submit another GetProtectionStatus request, and specify the NextToken value 5050 // from the response in the NextToken value in the next request. 5051 // 5052 // Amazon Web Services SDKs provide auto-pagination that identify NextToken 5053 // in a response and make subsequent request calls automatically on your behalf. 5054 // However, this feature is not supported by GetProtectionStatus. You must submit 5055 // subsequent requests with NextToken using your own processes. 5056 NextToken *string `min:"1" type:"string"` 5057 5058 // The service type that is protected by the policy. Currently, this is always 5059 // SHIELD_ADVANCED. 5060 ServiceType *string `type:"string" enum:"SecurityServiceType"` 5061} 5062 5063// String returns the string representation. 5064// 5065// API parameter values that are decorated as "sensitive" in the API will not 5066// be included in the string output. The member name will be present, but the 5067// value will be replaced with "sensitive". 5068func (s GetProtectionStatusOutput) String() string { 5069 return awsutil.Prettify(s) 5070} 5071 5072// GoString returns the string representation. 5073// 5074// API parameter values that are decorated as "sensitive" in the API will not 5075// be included in the string output. The member name will be present, but the 5076// value will be replaced with "sensitive". 5077func (s GetProtectionStatusOutput) GoString() string { 5078 return s.String() 5079} 5080 5081// SetAdminAccountId sets the AdminAccountId field's value. 5082func (s *GetProtectionStatusOutput) SetAdminAccountId(v string) *GetProtectionStatusOutput { 5083 s.AdminAccountId = &v 5084 return s 5085} 5086 5087// SetData sets the Data field's value. 5088func (s *GetProtectionStatusOutput) SetData(v string) *GetProtectionStatusOutput { 5089 s.Data = &v 5090 return s 5091} 5092 5093// SetNextToken sets the NextToken field's value. 5094func (s *GetProtectionStatusOutput) SetNextToken(v string) *GetProtectionStatusOutput { 5095 s.NextToken = &v 5096 return s 5097} 5098 5099// SetServiceType sets the ServiceType field's value. 5100func (s *GetProtectionStatusOutput) SetServiceType(v string) *GetProtectionStatusOutput { 5101 s.ServiceType = &v 5102 return s 5103} 5104 5105type GetProtocolsListInput struct { 5106 _ struct{} `type:"structure"` 5107 5108 // Specifies whether the list to retrieve is a default list owned by Firewall 5109 // Manager. 5110 DefaultList *bool `type:"boolean"` 5111 5112 // The ID of the Firewall Manager protocols list that you want the details for. 5113 // 5114 // ListId is a required field 5115 ListId *string `min:"36" type:"string" required:"true"` 5116} 5117 5118// String returns the string representation. 5119// 5120// API parameter values that are decorated as "sensitive" in the API will not 5121// be included in the string output. The member name will be present, but the 5122// value will be replaced with "sensitive". 5123func (s GetProtocolsListInput) String() string { 5124 return awsutil.Prettify(s) 5125} 5126 5127// GoString returns the string representation. 5128// 5129// API parameter values that are decorated as "sensitive" in the API will not 5130// be included in the string output. The member name will be present, but the 5131// value will be replaced with "sensitive". 5132func (s GetProtocolsListInput) GoString() string { 5133 return s.String() 5134} 5135 5136// Validate inspects the fields of the type to determine if they are valid. 5137func (s *GetProtocolsListInput) Validate() error { 5138 invalidParams := request.ErrInvalidParams{Context: "GetProtocolsListInput"} 5139 if s.ListId == nil { 5140 invalidParams.Add(request.NewErrParamRequired("ListId")) 5141 } 5142 if s.ListId != nil && len(*s.ListId) < 36 { 5143 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 5144 } 5145 5146 if invalidParams.Len() > 0 { 5147 return invalidParams 5148 } 5149 return nil 5150} 5151 5152// SetDefaultList sets the DefaultList field's value. 5153func (s *GetProtocolsListInput) SetDefaultList(v bool) *GetProtocolsListInput { 5154 s.DefaultList = &v 5155 return s 5156} 5157 5158// SetListId sets the ListId field's value. 5159func (s *GetProtocolsListInput) SetListId(v string) *GetProtocolsListInput { 5160 s.ListId = &v 5161 return s 5162} 5163 5164type GetProtocolsListOutput struct { 5165 _ struct{} `type:"structure"` 5166 5167 // Information about the specified Firewall Manager protocols list. 5168 ProtocolsList *ProtocolsListData `type:"structure"` 5169 5170 // The Amazon Resource Name (ARN) of the specified protocols list. 5171 ProtocolsListArn *string `min:"1" type:"string"` 5172} 5173 5174// String returns the string representation. 5175// 5176// API parameter values that are decorated as "sensitive" in the API will not 5177// be included in the string output. The member name will be present, but the 5178// value will be replaced with "sensitive". 5179func (s GetProtocolsListOutput) String() string { 5180 return awsutil.Prettify(s) 5181} 5182 5183// GoString returns the string representation. 5184// 5185// API parameter values that are decorated as "sensitive" in the API will not 5186// be included in the string output. The member name will be present, but the 5187// value will be replaced with "sensitive". 5188func (s GetProtocolsListOutput) GoString() string { 5189 return s.String() 5190} 5191 5192// SetProtocolsList sets the ProtocolsList field's value. 5193func (s *GetProtocolsListOutput) SetProtocolsList(v *ProtocolsListData) *GetProtocolsListOutput { 5194 s.ProtocolsList = v 5195 return s 5196} 5197 5198// SetProtocolsListArn sets the ProtocolsListArn field's value. 5199func (s *GetProtocolsListOutput) SetProtocolsListArn(v string) *GetProtocolsListOutput { 5200 s.ProtocolsListArn = &v 5201 return s 5202} 5203 5204type GetViolationDetailsInput struct { 5205 _ struct{} `type:"structure"` 5206 5207 // The Amazon Web Services account ID that you want the details for. 5208 // 5209 // MemberAccount is a required field 5210 MemberAccount *string `min:"1" type:"string" required:"true"` 5211 5212 // The ID of the Firewall Manager policy that you want the details for. This 5213 // currently only supports security group content audit policies. 5214 // 5215 // PolicyId is a required field 5216 PolicyId *string `min:"36" type:"string" required:"true"` 5217 5218 // The ID of the resource that has violations. 5219 // 5220 // ResourceId is a required field 5221 ResourceId *string `min:"1" type:"string" required:"true"` 5222 5223 // The resource type. This is in the format shown in the Amazon Web Services 5224 // Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 5225 // Supported resource types are: AWS::EC2::Instance, AWS::EC2::NetworkInterface, 5226 // AWS::EC2::SecurityGroup, AWS::NetworkFirewall::FirewallPolicy, and AWS::EC2::Subnet. 5227 // 5228 // ResourceType is a required field 5229 ResourceType *string `min:"1" type:"string" required:"true"` 5230} 5231 5232// String returns the string representation. 5233// 5234// API parameter values that are decorated as "sensitive" in the API will not 5235// be included in the string output. The member name will be present, but the 5236// value will be replaced with "sensitive". 5237func (s GetViolationDetailsInput) String() string { 5238 return awsutil.Prettify(s) 5239} 5240 5241// GoString returns the string representation. 5242// 5243// API parameter values that are decorated as "sensitive" in the API will not 5244// be included in the string output. The member name will be present, but the 5245// value will be replaced with "sensitive". 5246func (s GetViolationDetailsInput) GoString() string { 5247 return s.String() 5248} 5249 5250// Validate inspects the fields of the type to determine if they are valid. 5251func (s *GetViolationDetailsInput) Validate() error { 5252 invalidParams := request.ErrInvalidParams{Context: "GetViolationDetailsInput"} 5253 if s.MemberAccount == nil { 5254 invalidParams.Add(request.NewErrParamRequired("MemberAccount")) 5255 } 5256 if s.MemberAccount != nil && len(*s.MemberAccount) < 1 { 5257 invalidParams.Add(request.NewErrParamMinLen("MemberAccount", 1)) 5258 } 5259 if s.PolicyId == nil { 5260 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 5261 } 5262 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 5263 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 5264 } 5265 if s.ResourceId == nil { 5266 invalidParams.Add(request.NewErrParamRequired("ResourceId")) 5267 } 5268 if s.ResourceId != nil && len(*s.ResourceId) < 1 { 5269 invalidParams.Add(request.NewErrParamMinLen("ResourceId", 1)) 5270 } 5271 if s.ResourceType == nil { 5272 invalidParams.Add(request.NewErrParamRequired("ResourceType")) 5273 } 5274 if s.ResourceType != nil && len(*s.ResourceType) < 1 { 5275 invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) 5276 } 5277 5278 if invalidParams.Len() > 0 { 5279 return invalidParams 5280 } 5281 return nil 5282} 5283 5284// SetMemberAccount sets the MemberAccount field's value. 5285func (s *GetViolationDetailsInput) SetMemberAccount(v string) *GetViolationDetailsInput { 5286 s.MemberAccount = &v 5287 return s 5288} 5289 5290// SetPolicyId sets the PolicyId field's value. 5291func (s *GetViolationDetailsInput) SetPolicyId(v string) *GetViolationDetailsInput { 5292 s.PolicyId = &v 5293 return s 5294} 5295 5296// SetResourceId sets the ResourceId field's value. 5297func (s *GetViolationDetailsInput) SetResourceId(v string) *GetViolationDetailsInput { 5298 s.ResourceId = &v 5299 return s 5300} 5301 5302// SetResourceType sets the ResourceType field's value. 5303func (s *GetViolationDetailsInput) SetResourceType(v string) *GetViolationDetailsInput { 5304 s.ResourceType = &v 5305 return s 5306} 5307 5308type GetViolationDetailsOutput struct { 5309 _ struct{} `type:"structure"` 5310 5311 // Violation detail for a resource. 5312 ViolationDetail *ViolationDetail `type:"structure"` 5313} 5314 5315// String returns the string representation. 5316// 5317// API parameter values that are decorated as "sensitive" in the API will not 5318// be included in the string output. The member name will be present, but the 5319// value will be replaced with "sensitive". 5320func (s GetViolationDetailsOutput) String() string { 5321 return awsutil.Prettify(s) 5322} 5323 5324// GoString returns the string representation. 5325// 5326// API parameter values that are decorated as "sensitive" in the API will not 5327// be included in the string output. The member name will be present, but the 5328// value will be replaced with "sensitive". 5329func (s GetViolationDetailsOutput) GoString() string { 5330 return s.String() 5331} 5332 5333// SetViolationDetail sets the ViolationDetail field's value. 5334func (s *GetViolationDetailsOutput) SetViolationDetail(v *ViolationDetail) *GetViolationDetailsOutput { 5335 s.ViolationDetail = v 5336 return s 5337} 5338 5339// The operation failed because of a system problem, even though the request 5340// was valid. Retry your request. 5341type InternalErrorException struct { 5342 _ struct{} `type:"structure"` 5343 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 5344 5345 Message_ *string `locationName:"Message" type:"string"` 5346} 5347 5348// String returns the string representation. 5349// 5350// API parameter values that are decorated as "sensitive" in the API will not 5351// be included in the string output. The member name will be present, but the 5352// value will be replaced with "sensitive". 5353func (s InternalErrorException) String() string { 5354 return awsutil.Prettify(s) 5355} 5356 5357// GoString returns the string representation. 5358// 5359// API parameter values that are decorated as "sensitive" in the API will not 5360// be included in the string output. The member name will be present, but the 5361// value will be replaced with "sensitive". 5362func (s InternalErrorException) GoString() string { 5363 return s.String() 5364} 5365 5366func newErrorInternalErrorException(v protocol.ResponseMetadata) error { 5367 return &InternalErrorException{ 5368 RespMetadata: v, 5369 } 5370} 5371 5372// Code returns the exception type name. 5373func (s *InternalErrorException) Code() string { 5374 return "InternalErrorException" 5375} 5376 5377// Message returns the exception's message. 5378func (s *InternalErrorException) Message() string { 5379 if s.Message_ != nil { 5380 return *s.Message_ 5381 } 5382 return "" 5383} 5384 5385// OrigErr always returns nil, satisfies awserr.Error interface. 5386func (s *InternalErrorException) OrigErr() error { 5387 return nil 5388} 5389 5390func (s *InternalErrorException) Error() string { 5391 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 5392} 5393 5394// Status code returns the HTTP status code for the request's response error. 5395func (s *InternalErrorException) StatusCode() int { 5396 return s.RespMetadata.StatusCode 5397} 5398 5399// RequestID returns the service's response RequestID for request. 5400func (s *InternalErrorException) RequestID() string { 5401 return s.RespMetadata.RequestID 5402} 5403 5404// The parameters of the request were invalid. 5405type InvalidInputException struct { 5406 _ struct{} `type:"structure"` 5407 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 5408 5409 Message_ *string `locationName:"Message" type:"string"` 5410} 5411 5412// String returns the string representation. 5413// 5414// API parameter values that are decorated as "sensitive" in the API will not 5415// be included in the string output. The member name will be present, but the 5416// value will be replaced with "sensitive". 5417func (s InvalidInputException) String() string { 5418 return awsutil.Prettify(s) 5419} 5420 5421// GoString returns the string representation. 5422// 5423// API parameter values that are decorated as "sensitive" in the API will not 5424// be included in the string output. The member name will be present, but the 5425// value will be replaced with "sensitive". 5426func (s InvalidInputException) GoString() string { 5427 return s.String() 5428} 5429 5430func newErrorInvalidInputException(v protocol.ResponseMetadata) error { 5431 return &InvalidInputException{ 5432 RespMetadata: v, 5433 } 5434} 5435 5436// Code returns the exception type name. 5437func (s *InvalidInputException) Code() string { 5438 return "InvalidInputException" 5439} 5440 5441// Message returns the exception's message. 5442func (s *InvalidInputException) Message() string { 5443 if s.Message_ != nil { 5444 return *s.Message_ 5445 } 5446 return "" 5447} 5448 5449// OrigErr always returns nil, satisfies awserr.Error interface. 5450func (s *InvalidInputException) OrigErr() error { 5451 return nil 5452} 5453 5454func (s *InvalidInputException) Error() string { 5455 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 5456} 5457 5458// Status code returns the HTTP status code for the request's response error. 5459func (s *InvalidInputException) StatusCode() int { 5460 return s.RespMetadata.StatusCode 5461} 5462 5463// RequestID returns the service's response RequestID for request. 5464func (s *InvalidInputException) RequestID() string { 5465 return s.RespMetadata.RequestID 5466} 5467 5468// The operation failed because there was nothing to do or the operation wasn't 5469// possible. For example, you might have submitted an AssociateAdminAccount 5470// request for an account ID that was already set as the Firewall Manager administrator. 5471// Or you might have tried to access a Region that's disabled by default, and 5472// that you need to enable for the Firewall Manager administrator account and 5473// for Organizations before you can access it. 5474type InvalidOperationException struct { 5475 _ struct{} `type:"structure"` 5476 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 5477 5478 Message_ *string `locationName:"Message" type:"string"` 5479} 5480 5481// String returns the string representation. 5482// 5483// API parameter values that are decorated as "sensitive" in the API will not 5484// be included in the string output. The member name will be present, but the 5485// value will be replaced with "sensitive". 5486func (s InvalidOperationException) String() string { 5487 return awsutil.Prettify(s) 5488} 5489 5490// GoString returns the string representation. 5491// 5492// API parameter values that are decorated as "sensitive" in the API will not 5493// be included in the string output. The member name will be present, but the 5494// value will be replaced with "sensitive". 5495func (s InvalidOperationException) GoString() string { 5496 return s.String() 5497} 5498 5499func newErrorInvalidOperationException(v protocol.ResponseMetadata) error { 5500 return &InvalidOperationException{ 5501 RespMetadata: v, 5502 } 5503} 5504 5505// Code returns the exception type name. 5506func (s *InvalidOperationException) Code() string { 5507 return "InvalidOperationException" 5508} 5509 5510// Message returns the exception's message. 5511func (s *InvalidOperationException) Message() string { 5512 if s.Message_ != nil { 5513 return *s.Message_ 5514 } 5515 return "" 5516} 5517 5518// OrigErr always returns nil, satisfies awserr.Error interface. 5519func (s *InvalidOperationException) OrigErr() error { 5520 return nil 5521} 5522 5523func (s *InvalidOperationException) Error() string { 5524 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 5525} 5526 5527// Status code returns the HTTP status code for the request's response error. 5528func (s *InvalidOperationException) StatusCode() int { 5529 return s.RespMetadata.StatusCode 5530} 5531 5532// RequestID returns the service's response RequestID for request. 5533func (s *InvalidOperationException) RequestID() string { 5534 return s.RespMetadata.RequestID 5535} 5536 5537// The value of the Type parameter is invalid. 5538type InvalidTypeException struct { 5539 _ struct{} `type:"structure"` 5540 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 5541 5542 Message_ *string `locationName:"Message" type:"string"` 5543} 5544 5545// String returns the string representation. 5546// 5547// API parameter values that are decorated as "sensitive" in the API will not 5548// be included in the string output. The member name will be present, but the 5549// value will be replaced with "sensitive". 5550func (s InvalidTypeException) String() string { 5551 return awsutil.Prettify(s) 5552} 5553 5554// GoString returns the string representation. 5555// 5556// API parameter values that are decorated as "sensitive" in the API will not 5557// be included in the string output. The member name will be present, but the 5558// value will be replaced with "sensitive". 5559func (s InvalidTypeException) GoString() string { 5560 return s.String() 5561} 5562 5563func newErrorInvalidTypeException(v protocol.ResponseMetadata) error { 5564 return &InvalidTypeException{ 5565 RespMetadata: v, 5566 } 5567} 5568 5569// Code returns the exception type name. 5570func (s *InvalidTypeException) Code() string { 5571 return "InvalidTypeException" 5572} 5573 5574// Message returns the exception's message. 5575func (s *InvalidTypeException) Message() string { 5576 if s.Message_ != nil { 5577 return *s.Message_ 5578 } 5579 return "" 5580} 5581 5582// OrigErr always returns nil, satisfies awserr.Error interface. 5583func (s *InvalidTypeException) OrigErr() error { 5584 return nil 5585} 5586 5587func (s *InvalidTypeException) Error() string { 5588 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 5589} 5590 5591// Status code returns the HTTP status code for the request's response error. 5592func (s *InvalidTypeException) StatusCode() int { 5593 return s.RespMetadata.StatusCode 5594} 5595 5596// RequestID returns the service's response RequestID for request. 5597func (s *InvalidTypeException) RequestID() string { 5598 return s.RespMetadata.RequestID 5599} 5600 5601// The operation exceeds a resource limit, for example, the maximum number of 5602// policy objects that you can create for an Amazon Web Services account. For 5603// more information, see Firewall Manager Limits (https://docs.aws.amazon.com/waf/latest/developerguide/fms-limits.html) 5604// in the WAF Developer Guide. 5605type LimitExceededException struct { 5606 _ struct{} `type:"structure"` 5607 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 5608 5609 Message_ *string `locationName:"Message" type:"string"` 5610} 5611 5612// String returns the string representation. 5613// 5614// API parameter values that are decorated as "sensitive" in the API will not 5615// be included in the string output. The member name will be present, but the 5616// value will be replaced with "sensitive". 5617func (s LimitExceededException) String() string { 5618 return awsutil.Prettify(s) 5619} 5620 5621// GoString returns the string representation. 5622// 5623// API parameter values that are decorated as "sensitive" in the API will not 5624// be included in the string output. The member name will be present, but the 5625// value will be replaced with "sensitive". 5626func (s LimitExceededException) GoString() string { 5627 return s.String() 5628} 5629 5630func newErrorLimitExceededException(v protocol.ResponseMetadata) error { 5631 return &LimitExceededException{ 5632 RespMetadata: v, 5633 } 5634} 5635 5636// Code returns the exception type name. 5637func (s *LimitExceededException) Code() string { 5638 return "LimitExceededException" 5639} 5640 5641// Message returns the exception's message. 5642func (s *LimitExceededException) Message() string { 5643 if s.Message_ != nil { 5644 return *s.Message_ 5645 } 5646 return "" 5647} 5648 5649// OrigErr always returns nil, satisfies awserr.Error interface. 5650func (s *LimitExceededException) OrigErr() error { 5651 return nil 5652} 5653 5654func (s *LimitExceededException) Error() string { 5655 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 5656} 5657 5658// Status code returns the HTTP status code for the request's response error. 5659func (s *LimitExceededException) StatusCode() int { 5660 return s.RespMetadata.StatusCode 5661} 5662 5663// RequestID returns the service's response RequestID for request. 5664func (s *LimitExceededException) RequestID() string { 5665 return s.RespMetadata.RequestID 5666} 5667 5668type ListAppsListsInput struct { 5669 _ struct{} `type:"structure"` 5670 5671 // Specifies whether the lists to retrieve are default lists owned by Firewall 5672 // Manager. 5673 DefaultLists *bool `type:"boolean"` 5674 5675 // The maximum number of objects that you want Firewall Manager to return for 5676 // this request. If more objects are available, in the response, Firewall Manager 5677 // provides a NextToken value that you can use in a subsequent call to get the 5678 // next batch of objects. 5679 // 5680 // If you don't specify this, Firewall Manager returns all available objects. 5681 // 5682 // MaxResults is a required field 5683 MaxResults *int64 `min:"1" type:"integer" required:"true"` 5684 5685 // If you specify a value for MaxResults in your list request, and you have 5686 // more objects than the maximum, Firewall Manager returns this token in the 5687 // response. For all but the first request, you provide the token returned by 5688 // the prior request in the request parameters, to retrieve the next batch of 5689 // objects. 5690 NextToken *string `min:"1" type:"string"` 5691} 5692 5693// String returns the string representation. 5694// 5695// API parameter values that are decorated as "sensitive" in the API will not 5696// be included in the string output. The member name will be present, but the 5697// value will be replaced with "sensitive". 5698func (s ListAppsListsInput) String() string { 5699 return awsutil.Prettify(s) 5700} 5701 5702// GoString returns the string representation. 5703// 5704// API parameter values that are decorated as "sensitive" in the API will not 5705// be included in the string output. The member name will be present, but the 5706// value will be replaced with "sensitive". 5707func (s ListAppsListsInput) GoString() string { 5708 return s.String() 5709} 5710 5711// Validate inspects the fields of the type to determine if they are valid. 5712func (s *ListAppsListsInput) Validate() error { 5713 invalidParams := request.ErrInvalidParams{Context: "ListAppsListsInput"} 5714 if s.MaxResults == nil { 5715 invalidParams.Add(request.NewErrParamRequired("MaxResults")) 5716 } 5717 if s.MaxResults != nil && *s.MaxResults < 1 { 5718 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 5719 } 5720 if s.NextToken != nil && len(*s.NextToken) < 1 { 5721 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 5722 } 5723 5724 if invalidParams.Len() > 0 { 5725 return invalidParams 5726 } 5727 return nil 5728} 5729 5730// SetDefaultLists sets the DefaultLists field's value. 5731func (s *ListAppsListsInput) SetDefaultLists(v bool) *ListAppsListsInput { 5732 s.DefaultLists = &v 5733 return s 5734} 5735 5736// SetMaxResults sets the MaxResults field's value. 5737func (s *ListAppsListsInput) SetMaxResults(v int64) *ListAppsListsInput { 5738 s.MaxResults = &v 5739 return s 5740} 5741 5742// SetNextToken sets the NextToken field's value. 5743func (s *ListAppsListsInput) SetNextToken(v string) *ListAppsListsInput { 5744 s.NextToken = &v 5745 return s 5746} 5747 5748type ListAppsListsOutput struct { 5749 _ struct{} `type:"structure"` 5750 5751 // An array of AppsListDataSummary objects. 5752 AppsLists []*AppsListDataSummary `type:"list"` 5753 5754 // If you specify a value for MaxResults in your list request, and you have 5755 // more objects than the maximum, Firewall Manager returns this token in the 5756 // response. You can use this token in subsequent requests to retrieve the next 5757 // batch of objects. 5758 NextToken *string `min:"1" type:"string"` 5759} 5760 5761// String returns the string representation. 5762// 5763// API parameter values that are decorated as "sensitive" in the API will not 5764// be included in the string output. The member name will be present, but the 5765// value will be replaced with "sensitive". 5766func (s ListAppsListsOutput) String() string { 5767 return awsutil.Prettify(s) 5768} 5769 5770// GoString returns the string representation. 5771// 5772// API parameter values that are decorated as "sensitive" in the API will not 5773// be included in the string output. The member name will be present, but the 5774// value will be replaced with "sensitive". 5775func (s ListAppsListsOutput) GoString() string { 5776 return s.String() 5777} 5778 5779// SetAppsLists sets the AppsLists field's value. 5780func (s *ListAppsListsOutput) SetAppsLists(v []*AppsListDataSummary) *ListAppsListsOutput { 5781 s.AppsLists = v 5782 return s 5783} 5784 5785// SetNextToken sets the NextToken field's value. 5786func (s *ListAppsListsOutput) SetNextToken(v string) *ListAppsListsOutput { 5787 s.NextToken = &v 5788 return s 5789} 5790 5791type ListComplianceStatusInput struct { 5792 _ struct{} `type:"structure"` 5793 5794 // Specifies the number of PolicyComplianceStatus objects that you want Firewall 5795 // Manager to return for this request. If you have more PolicyComplianceStatus 5796 // objects than the number that you specify for MaxResults, the response includes 5797 // a NextToken value that you can use to get another batch of PolicyComplianceStatus 5798 // objects. 5799 MaxResults *int64 `min:"1" type:"integer"` 5800 5801 // If you specify a value for MaxResults and you have more PolicyComplianceStatus 5802 // objects than the number that you specify for MaxResults, Firewall Manager 5803 // returns a NextToken value in the response that allows you to list another 5804 // group of PolicyComplianceStatus objects. For the second and subsequent ListComplianceStatus 5805 // requests, specify the value of NextToken from the previous response to get 5806 // information about another batch of PolicyComplianceStatus objects. 5807 NextToken *string `min:"1" type:"string"` 5808 5809 // The ID of the Firewall Manager policy that you want the details for. 5810 // 5811 // PolicyId is a required field 5812 PolicyId *string `min:"36" type:"string" required:"true"` 5813} 5814 5815// String returns the string representation. 5816// 5817// API parameter values that are decorated as "sensitive" in the API will not 5818// be included in the string output. The member name will be present, but the 5819// value will be replaced with "sensitive". 5820func (s ListComplianceStatusInput) String() string { 5821 return awsutil.Prettify(s) 5822} 5823 5824// GoString returns the string representation. 5825// 5826// API parameter values that are decorated as "sensitive" in the API will not 5827// be included in the string output. The member name will be present, but the 5828// value will be replaced with "sensitive". 5829func (s ListComplianceStatusInput) GoString() string { 5830 return s.String() 5831} 5832 5833// Validate inspects the fields of the type to determine if they are valid. 5834func (s *ListComplianceStatusInput) Validate() error { 5835 invalidParams := request.ErrInvalidParams{Context: "ListComplianceStatusInput"} 5836 if s.MaxResults != nil && *s.MaxResults < 1 { 5837 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 5838 } 5839 if s.NextToken != nil && len(*s.NextToken) < 1 { 5840 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 5841 } 5842 if s.PolicyId == nil { 5843 invalidParams.Add(request.NewErrParamRequired("PolicyId")) 5844 } 5845 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 5846 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 5847 } 5848 5849 if invalidParams.Len() > 0 { 5850 return invalidParams 5851 } 5852 return nil 5853} 5854 5855// SetMaxResults sets the MaxResults field's value. 5856func (s *ListComplianceStatusInput) SetMaxResults(v int64) *ListComplianceStatusInput { 5857 s.MaxResults = &v 5858 return s 5859} 5860 5861// SetNextToken sets the NextToken field's value. 5862func (s *ListComplianceStatusInput) SetNextToken(v string) *ListComplianceStatusInput { 5863 s.NextToken = &v 5864 return s 5865} 5866 5867// SetPolicyId sets the PolicyId field's value. 5868func (s *ListComplianceStatusInput) SetPolicyId(v string) *ListComplianceStatusInput { 5869 s.PolicyId = &v 5870 return s 5871} 5872 5873type ListComplianceStatusOutput struct { 5874 _ struct{} `type:"structure"` 5875 5876 // If you have more PolicyComplianceStatus objects than the number that you 5877 // specified for MaxResults in the request, the response includes a NextToken 5878 // value. To list more PolicyComplianceStatus objects, submit another ListComplianceStatus 5879 // request, and specify the NextToken value from the response in the NextToken 5880 // value in the next request. 5881 NextToken *string `min:"1" type:"string"` 5882 5883 // An array of PolicyComplianceStatus objects. 5884 PolicyComplianceStatusList []*PolicyComplianceStatus `type:"list"` 5885} 5886 5887// String returns the string representation. 5888// 5889// API parameter values that are decorated as "sensitive" in the API will not 5890// be included in the string output. The member name will be present, but the 5891// value will be replaced with "sensitive". 5892func (s ListComplianceStatusOutput) String() string { 5893 return awsutil.Prettify(s) 5894} 5895 5896// GoString returns the string representation. 5897// 5898// API parameter values that are decorated as "sensitive" in the API will not 5899// be included in the string output. The member name will be present, but the 5900// value will be replaced with "sensitive". 5901func (s ListComplianceStatusOutput) GoString() string { 5902 return s.String() 5903} 5904 5905// SetNextToken sets the NextToken field's value. 5906func (s *ListComplianceStatusOutput) SetNextToken(v string) *ListComplianceStatusOutput { 5907 s.NextToken = &v 5908 return s 5909} 5910 5911// SetPolicyComplianceStatusList sets the PolicyComplianceStatusList field's value. 5912func (s *ListComplianceStatusOutput) SetPolicyComplianceStatusList(v []*PolicyComplianceStatus) *ListComplianceStatusOutput { 5913 s.PolicyComplianceStatusList = v 5914 return s 5915} 5916 5917type ListMemberAccountsInput struct { 5918 _ struct{} `type:"structure"` 5919 5920 // Specifies the number of member account IDs that you want Firewall Manager 5921 // to return for this request. If you have more IDs than the number that you 5922 // specify for MaxResults, the response includes a NextToken value that you 5923 // can use to get another batch of member account IDs. 5924 MaxResults *int64 `min:"1" type:"integer"` 5925 5926 // If you specify a value for MaxResults and you have more account IDs than 5927 // the number that you specify for MaxResults, Firewall Manager returns a NextToken 5928 // value in the response that allows you to list another group of IDs. For the 5929 // second and subsequent ListMemberAccountsRequest requests, specify the value 5930 // of NextToken from the previous response to get information about another 5931 // batch of member account IDs. 5932 NextToken *string `min:"1" type:"string"` 5933} 5934 5935// String returns the string representation. 5936// 5937// API parameter values that are decorated as "sensitive" in the API will not 5938// be included in the string output. The member name will be present, but the 5939// value will be replaced with "sensitive". 5940func (s ListMemberAccountsInput) String() string { 5941 return awsutil.Prettify(s) 5942} 5943 5944// GoString returns the string representation. 5945// 5946// API parameter values that are decorated as "sensitive" in the API will not 5947// be included in the string output. The member name will be present, but the 5948// value will be replaced with "sensitive". 5949func (s ListMemberAccountsInput) GoString() string { 5950 return s.String() 5951} 5952 5953// Validate inspects the fields of the type to determine if they are valid. 5954func (s *ListMemberAccountsInput) Validate() error { 5955 invalidParams := request.ErrInvalidParams{Context: "ListMemberAccountsInput"} 5956 if s.MaxResults != nil && *s.MaxResults < 1 { 5957 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 5958 } 5959 if s.NextToken != nil && len(*s.NextToken) < 1 { 5960 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 5961 } 5962 5963 if invalidParams.Len() > 0 { 5964 return invalidParams 5965 } 5966 return nil 5967} 5968 5969// SetMaxResults sets the MaxResults field's value. 5970func (s *ListMemberAccountsInput) SetMaxResults(v int64) *ListMemberAccountsInput { 5971 s.MaxResults = &v 5972 return s 5973} 5974 5975// SetNextToken sets the NextToken field's value. 5976func (s *ListMemberAccountsInput) SetNextToken(v string) *ListMemberAccountsInput { 5977 s.NextToken = &v 5978 return s 5979} 5980 5981type ListMemberAccountsOutput struct { 5982 _ struct{} `type:"structure"` 5983 5984 // An array of account IDs. 5985 MemberAccounts []*string `type:"list"` 5986 5987 // If you have more member account IDs than the number that you specified for 5988 // MaxResults in the request, the response includes a NextToken value. To list 5989 // more IDs, submit another ListMemberAccounts request, and specify the NextToken 5990 // value from the response in the NextToken value in the next request. 5991 NextToken *string `min:"1" type:"string"` 5992} 5993 5994// String returns the string representation. 5995// 5996// API parameter values that are decorated as "sensitive" in the API will not 5997// be included in the string output. The member name will be present, but the 5998// value will be replaced with "sensitive". 5999func (s ListMemberAccountsOutput) String() string { 6000 return awsutil.Prettify(s) 6001} 6002 6003// GoString returns the string representation. 6004// 6005// API parameter values that are decorated as "sensitive" in the API will not 6006// be included in the string output. The member name will be present, but the 6007// value will be replaced with "sensitive". 6008func (s ListMemberAccountsOutput) GoString() string { 6009 return s.String() 6010} 6011 6012// SetMemberAccounts sets the MemberAccounts field's value. 6013func (s *ListMemberAccountsOutput) SetMemberAccounts(v []*string) *ListMemberAccountsOutput { 6014 s.MemberAccounts = v 6015 return s 6016} 6017 6018// SetNextToken sets the NextToken field's value. 6019func (s *ListMemberAccountsOutput) SetNextToken(v string) *ListMemberAccountsOutput { 6020 s.NextToken = &v 6021 return s 6022} 6023 6024type ListPoliciesInput struct { 6025 _ struct{} `type:"structure"` 6026 6027 // Specifies the number of PolicySummary objects that you want Firewall Manager 6028 // to return for this request. If you have more PolicySummary objects than the 6029 // number that you specify for MaxResults, the response includes a NextToken 6030 // value that you can use to get another batch of PolicySummary objects. 6031 MaxResults *int64 `min:"1" type:"integer"` 6032 6033 // If you specify a value for MaxResults and you have more PolicySummary objects 6034 // than the number that you specify for MaxResults, Firewall Manager returns 6035 // a NextToken value in the response that allows you to list another group of 6036 // PolicySummary objects. For the second and subsequent ListPolicies requests, 6037 // specify the value of NextToken from the previous response to get information 6038 // about another batch of PolicySummary objects. 6039 NextToken *string `min:"1" type:"string"` 6040} 6041 6042// String returns the string representation. 6043// 6044// API parameter values that are decorated as "sensitive" in the API will not 6045// be included in the string output. The member name will be present, but the 6046// value will be replaced with "sensitive". 6047func (s ListPoliciesInput) String() string { 6048 return awsutil.Prettify(s) 6049} 6050 6051// GoString returns the string representation. 6052// 6053// API parameter values that are decorated as "sensitive" in the API will not 6054// be included in the string output. The member name will be present, but the 6055// value will be replaced with "sensitive". 6056func (s ListPoliciesInput) GoString() string { 6057 return s.String() 6058} 6059 6060// Validate inspects the fields of the type to determine if they are valid. 6061func (s *ListPoliciesInput) Validate() error { 6062 invalidParams := request.ErrInvalidParams{Context: "ListPoliciesInput"} 6063 if s.MaxResults != nil && *s.MaxResults < 1 { 6064 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 6065 } 6066 if s.NextToken != nil && len(*s.NextToken) < 1 { 6067 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 6068 } 6069 6070 if invalidParams.Len() > 0 { 6071 return invalidParams 6072 } 6073 return nil 6074} 6075 6076// SetMaxResults sets the MaxResults field's value. 6077func (s *ListPoliciesInput) SetMaxResults(v int64) *ListPoliciesInput { 6078 s.MaxResults = &v 6079 return s 6080} 6081 6082// SetNextToken sets the NextToken field's value. 6083func (s *ListPoliciesInput) SetNextToken(v string) *ListPoliciesInput { 6084 s.NextToken = &v 6085 return s 6086} 6087 6088type ListPoliciesOutput struct { 6089 _ struct{} `type:"structure"` 6090 6091 // If you have more PolicySummary objects than the number that you specified 6092 // for MaxResults in the request, the response includes a NextToken value. To 6093 // list more PolicySummary objects, submit another ListPolicies request, and 6094 // specify the NextToken value from the response in the NextToken value in the 6095 // next request. 6096 NextToken *string `min:"1" type:"string"` 6097 6098 // An array of PolicySummary objects. 6099 PolicyList []*PolicySummary `type:"list"` 6100} 6101 6102// String returns the string representation. 6103// 6104// API parameter values that are decorated as "sensitive" in the API will not 6105// be included in the string output. The member name will be present, but the 6106// value will be replaced with "sensitive". 6107func (s ListPoliciesOutput) String() string { 6108 return awsutil.Prettify(s) 6109} 6110 6111// GoString returns the string representation. 6112// 6113// API parameter values that are decorated as "sensitive" in the API will not 6114// be included in the string output. The member name will be present, but the 6115// value will be replaced with "sensitive". 6116func (s ListPoliciesOutput) GoString() string { 6117 return s.String() 6118} 6119 6120// SetNextToken sets the NextToken field's value. 6121func (s *ListPoliciesOutput) SetNextToken(v string) *ListPoliciesOutput { 6122 s.NextToken = &v 6123 return s 6124} 6125 6126// SetPolicyList sets the PolicyList field's value. 6127func (s *ListPoliciesOutput) SetPolicyList(v []*PolicySummary) *ListPoliciesOutput { 6128 s.PolicyList = v 6129 return s 6130} 6131 6132type ListProtocolsListsInput struct { 6133 _ struct{} `type:"structure"` 6134 6135 // Specifies whether the lists to retrieve are default lists owned by Firewall 6136 // Manager. 6137 DefaultLists *bool `type:"boolean"` 6138 6139 // The maximum number of objects that you want Firewall Manager to return for 6140 // this request. If more objects are available, in the response, Firewall Manager 6141 // provides a NextToken value that you can use in a subsequent call to get the 6142 // next batch of objects. 6143 // 6144 // If you don't specify this, Firewall Manager returns all available objects. 6145 // 6146 // MaxResults is a required field 6147 MaxResults *int64 `min:"1" type:"integer" required:"true"` 6148 6149 // If you specify a value for MaxResults in your list request, and you have 6150 // more objects than the maximum, Firewall Manager returns this token in the 6151 // response. For all but the first request, you provide the token returned by 6152 // the prior request in the request parameters, to retrieve the next batch of 6153 // objects. 6154 NextToken *string `min:"1" type:"string"` 6155} 6156 6157// String returns the string representation. 6158// 6159// API parameter values that are decorated as "sensitive" in the API will not 6160// be included in the string output. The member name will be present, but the 6161// value will be replaced with "sensitive". 6162func (s ListProtocolsListsInput) String() string { 6163 return awsutil.Prettify(s) 6164} 6165 6166// GoString returns the string representation. 6167// 6168// API parameter values that are decorated as "sensitive" in the API will not 6169// be included in the string output. The member name will be present, but the 6170// value will be replaced with "sensitive". 6171func (s ListProtocolsListsInput) GoString() string { 6172 return s.String() 6173} 6174 6175// Validate inspects the fields of the type to determine if they are valid. 6176func (s *ListProtocolsListsInput) Validate() error { 6177 invalidParams := request.ErrInvalidParams{Context: "ListProtocolsListsInput"} 6178 if s.MaxResults == nil { 6179 invalidParams.Add(request.NewErrParamRequired("MaxResults")) 6180 } 6181 if s.MaxResults != nil && *s.MaxResults < 1 { 6182 invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) 6183 } 6184 if s.NextToken != nil && len(*s.NextToken) < 1 { 6185 invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) 6186 } 6187 6188 if invalidParams.Len() > 0 { 6189 return invalidParams 6190 } 6191 return nil 6192} 6193 6194// SetDefaultLists sets the DefaultLists field's value. 6195func (s *ListProtocolsListsInput) SetDefaultLists(v bool) *ListProtocolsListsInput { 6196 s.DefaultLists = &v 6197 return s 6198} 6199 6200// SetMaxResults sets the MaxResults field's value. 6201func (s *ListProtocolsListsInput) SetMaxResults(v int64) *ListProtocolsListsInput { 6202 s.MaxResults = &v 6203 return s 6204} 6205 6206// SetNextToken sets the NextToken field's value. 6207func (s *ListProtocolsListsInput) SetNextToken(v string) *ListProtocolsListsInput { 6208 s.NextToken = &v 6209 return s 6210} 6211 6212type ListProtocolsListsOutput struct { 6213 _ struct{} `type:"structure"` 6214 6215 // If you specify a value for MaxResults in your list request, and you have 6216 // more objects than the maximum, Firewall Manager returns this token in the 6217 // response. You can use this token in subsequent requests to retrieve the next 6218 // batch of objects. 6219 NextToken *string `min:"1" type:"string"` 6220 6221 // An array of ProtocolsListDataSummary objects. 6222 ProtocolsLists []*ProtocolsListDataSummary `type:"list"` 6223} 6224 6225// String returns the string representation. 6226// 6227// API parameter values that are decorated as "sensitive" in the API will not 6228// be included in the string output. The member name will be present, but the 6229// value will be replaced with "sensitive". 6230func (s ListProtocolsListsOutput) String() string { 6231 return awsutil.Prettify(s) 6232} 6233 6234// GoString returns the string representation. 6235// 6236// API parameter values that are decorated as "sensitive" in the API will not 6237// be included in the string output. The member name will be present, but the 6238// value will be replaced with "sensitive". 6239func (s ListProtocolsListsOutput) GoString() string { 6240 return s.String() 6241} 6242 6243// SetNextToken sets the NextToken field's value. 6244func (s *ListProtocolsListsOutput) SetNextToken(v string) *ListProtocolsListsOutput { 6245 s.NextToken = &v 6246 return s 6247} 6248 6249// SetProtocolsLists sets the ProtocolsLists field's value. 6250func (s *ListProtocolsListsOutput) SetProtocolsLists(v []*ProtocolsListDataSummary) *ListProtocolsListsOutput { 6251 s.ProtocolsLists = v 6252 return s 6253} 6254 6255type ListTagsForResourceInput struct { 6256 _ struct{} `type:"structure"` 6257 6258 // The Amazon Resource Name (ARN) of the resource to return tags for. The Firewall 6259 // Manager resources that support tagging are policies, applications lists, 6260 // and protocols lists. 6261 // 6262 // ResourceArn is a required field 6263 ResourceArn *string `min:"1" type:"string" required:"true"` 6264} 6265 6266// String returns the string representation. 6267// 6268// API parameter values that are decorated as "sensitive" in the API will not 6269// be included in the string output. The member name will be present, but the 6270// value will be replaced with "sensitive". 6271func (s ListTagsForResourceInput) String() string { 6272 return awsutil.Prettify(s) 6273} 6274 6275// GoString returns the string representation. 6276// 6277// API parameter values that are decorated as "sensitive" in the API will not 6278// be included in the string output. The member name will be present, but the 6279// value will be replaced with "sensitive". 6280func (s ListTagsForResourceInput) GoString() string { 6281 return s.String() 6282} 6283 6284// Validate inspects the fields of the type to determine if they are valid. 6285func (s *ListTagsForResourceInput) Validate() error { 6286 invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} 6287 if s.ResourceArn == nil { 6288 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 6289 } 6290 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 6291 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 6292 } 6293 6294 if invalidParams.Len() > 0 { 6295 return invalidParams 6296 } 6297 return nil 6298} 6299 6300// SetResourceArn sets the ResourceArn field's value. 6301func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { 6302 s.ResourceArn = &v 6303 return s 6304} 6305 6306type ListTagsForResourceOutput struct { 6307 _ struct{} `type:"structure"` 6308 6309 // The tags associated with the resource. 6310 TagList []*Tag `type:"list"` 6311} 6312 6313// String returns the string representation. 6314// 6315// API parameter values that are decorated as "sensitive" in the API will not 6316// be included in the string output. The member name will be present, but the 6317// value will be replaced with "sensitive". 6318func (s ListTagsForResourceOutput) String() string { 6319 return awsutil.Prettify(s) 6320} 6321 6322// GoString returns the string representation. 6323// 6324// API parameter values that are decorated as "sensitive" in the API will not 6325// be included in the string output. The member name will be present, but the 6326// value will be replaced with "sensitive". 6327func (s ListTagsForResourceOutput) GoString() string { 6328 return s.String() 6329} 6330 6331// SetTagList sets the TagList field's value. 6332func (s *ListTagsForResourceOutput) SetTagList(v []*Tag) *ListTagsForResourceOutput { 6333 s.TagList = v 6334 return s 6335} 6336 6337// Violation detail for an internet gateway route with an inactive state in 6338// the customer subnet route table or Network Firewall subnet route table. 6339type NetworkFirewallBlackHoleRouteDetectedViolation struct { 6340 _ struct{} `type:"structure"` 6341 6342 // Information about the route table ID. 6343 RouteTableId *string `min:"1" type:"string"` 6344 6345 // Information about the route or routes that are in violation. 6346 ViolatingRoutes []*Route `type:"list"` 6347 6348 // The subnet that has an inactive state. 6349 ViolationTarget *string `type:"string"` 6350 6351 // Information about the VPC ID. 6352 VpcId *string `min:"1" type:"string"` 6353} 6354 6355// String returns the string representation. 6356// 6357// API parameter values that are decorated as "sensitive" in the API will not 6358// be included in the string output. The member name will be present, but the 6359// value will be replaced with "sensitive". 6360func (s NetworkFirewallBlackHoleRouteDetectedViolation) String() string { 6361 return awsutil.Prettify(s) 6362} 6363 6364// GoString returns the string representation. 6365// 6366// API parameter values that are decorated as "sensitive" in the API will not 6367// be included in the string output. The member name will be present, but the 6368// value will be replaced with "sensitive". 6369func (s NetworkFirewallBlackHoleRouteDetectedViolation) GoString() string { 6370 return s.String() 6371} 6372 6373// SetRouteTableId sets the RouteTableId field's value. 6374func (s *NetworkFirewallBlackHoleRouteDetectedViolation) SetRouteTableId(v string) *NetworkFirewallBlackHoleRouteDetectedViolation { 6375 s.RouteTableId = &v 6376 return s 6377} 6378 6379// SetViolatingRoutes sets the ViolatingRoutes field's value. 6380func (s *NetworkFirewallBlackHoleRouteDetectedViolation) SetViolatingRoutes(v []*Route) *NetworkFirewallBlackHoleRouteDetectedViolation { 6381 s.ViolatingRoutes = v 6382 return s 6383} 6384 6385// SetViolationTarget sets the ViolationTarget field's value. 6386func (s *NetworkFirewallBlackHoleRouteDetectedViolation) SetViolationTarget(v string) *NetworkFirewallBlackHoleRouteDetectedViolation { 6387 s.ViolationTarget = &v 6388 return s 6389} 6390 6391// SetVpcId sets the VpcId field's value. 6392func (s *NetworkFirewallBlackHoleRouteDetectedViolation) SetVpcId(v string) *NetworkFirewallBlackHoleRouteDetectedViolation { 6393 s.VpcId = &v 6394 return s 6395} 6396 6397// Violation detail for the subnet for which internet traffic that hasn't been 6398// inspected. 6399type NetworkFirewallInternetTrafficNotInspectedViolation struct { 6400 _ struct{} `type:"structure"` 6401 6402 // The actual firewall subnet routes. 6403 ActualFirewallSubnetRoutes []*Route `type:"list"` 6404 6405 // The actual internet gateway routes. 6406 ActualInternetGatewayRoutes []*Route `type:"list"` 6407 6408 // Information about the subnet route table for the current firewall. 6409 CurrentFirewallSubnetRouteTable *string `min:"1" type:"string"` 6410 6411 // The current route table for the internet gateway. 6412 CurrentInternetGatewayRouteTable *string `min:"1" type:"string"` 6413 6414 // The expected endpoint for the current firewall. 6415 ExpectedFirewallEndpoint *string `min:"1" type:"string"` 6416 6417 // The firewall subnet routes that are expected. 6418 ExpectedFirewallSubnetRoutes []*ExpectedRoute `type:"list"` 6419 6420 // The internet gateway routes that are expected. 6421 ExpectedInternetGatewayRoutes []*ExpectedRoute `type:"list"` 6422 6423 // The firewall subnet ID. 6424 FirewallSubnetId *string `min:"1" type:"string"` 6425 6426 // The internet gateway ID. 6427 InternetGatewayId *string `min:"1" type:"string"` 6428 6429 // Information about whether the route table is used in another Availability 6430 // Zone. 6431 IsRouteTableUsedInDifferentAZ *bool `type:"boolean"` 6432 6433 // Information about the route table ID. 6434 RouteTableId *string `min:"1" type:"string"` 6435 6436 // The subnet Availability Zone. 6437 SubnetAvailabilityZone *string `type:"string"` 6438 6439 // The subnet ID. 6440 SubnetId *string `min:"1" type:"string"` 6441 6442 // The route or routes that are in violation. 6443 ViolatingRoutes []*Route `type:"list"` 6444 6445 // Information about the VPC ID. 6446 VpcId *string `min:"1" type:"string"` 6447} 6448 6449// String returns the string representation. 6450// 6451// API parameter values that are decorated as "sensitive" in the API will not 6452// be included in the string output. The member name will be present, but the 6453// value will be replaced with "sensitive". 6454func (s NetworkFirewallInternetTrafficNotInspectedViolation) String() string { 6455 return awsutil.Prettify(s) 6456} 6457 6458// GoString returns the string representation. 6459// 6460// API parameter values that are decorated as "sensitive" in the API will not 6461// be included in the string output. The member name will be present, but the 6462// value will be replaced with "sensitive". 6463func (s NetworkFirewallInternetTrafficNotInspectedViolation) GoString() string { 6464 return s.String() 6465} 6466 6467// SetActualFirewallSubnetRoutes sets the ActualFirewallSubnetRoutes field's value. 6468func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetActualFirewallSubnetRoutes(v []*Route) *NetworkFirewallInternetTrafficNotInspectedViolation { 6469 s.ActualFirewallSubnetRoutes = v 6470 return s 6471} 6472 6473// SetActualInternetGatewayRoutes sets the ActualInternetGatewayRoutes field's value. 6474func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetActualInternetGatewayRoutes(v []*Route) *NetworkFirewallInternetTrafficNotInspectedViolation { 6475 s.ActualInternetGatewayRoutes = v 6476 return s 6477} 6478 6479// SetCurrentFirewallSubnetRouteTable sets the CurrentFirewallSubnetRouteTable field's value. 6480func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetCurrentFirewallSubnetRouteTable(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6481 s.CurrentFirewallSubnetRouteTable = &v 6482 return s 6483} 6484 6485// SetCurrentInternetGatewayRouteTable sets the CurrentInternetGatewayRouteTable field's value. 6486func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetCurrentInternetGatewayRouteTable(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6487 s.CurrentInternetGatewayRouteTable = &v 6488 return s 6489} 6490 6491// SetExpectedFirewallEndpoint sets the ExpectedFirewallEndpoint field's value. 6492func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetExpectedFirewallEndpoint(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6493 s.ExpectedFirewallEndpoint = &v 6494 return s 6495} 6496 6497// SetExpectedFirewallSubnetRoutes sets the ExpectedFirewallSubnetRoutes field's value. 6498func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetExpectedFirewallSubnetRoutes(v []*ExpectedRoute) *NetworkFirewallInternetTrafficNotInspectedViolation { 6499 s.ExpectedFirewallSubnetRoutes = v 6500 return s 6501} 6502 6503// SetExpectedInternetGatewayRoutes sets the ExpectedInternetGatewayRoutes field's value. 6504func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetExpectedInternetGatewayRoutes(v []*ExpectedRoute) *NetworkFirewallInternetTrafficNotInspectedViolation { 6505 s.ExpectedInternetGatewayRoutes = v 6506 return s 6507} 6508 6509// SetFirewallSubnetId sets the FirewallSubnetId field's value. 6510func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetFirewallSubnetId(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6511 s.FirewallSubnetId = &v 6512 return s 6513} 6514 6515// SetInternetGatewayId sets the InternetGatewayId field's value. 6516func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetInternetGatewayId(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6517 s.InternetGatewayId = &v 6518 return s 6519} 6520 6521// SetIsRouteTableUsedInDifferentAZ sets the IsRouteTableUsedInDifferentAZ field's value. 6522func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetIsRouteTableUsedInDifferentAZ(v bool) *NetworkFirewallInternetTrafficNotInspectedViolation { 6523 s.IsRouteTableUsedInDifferentAZ = &v 6524 return s 6525} 6526 6527// SetRouteTableId sets the RouteTableId field's value. 6528func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetRouteTableId(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6529 s.RouteTableId = &v 6530 return s 6531} 6532 6533// SetSubnetAvailabilityZone sets the SubnetAvailabilityZone field's value. 6534func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetSubnetAvailabilityZone(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6535 s.SubnetAvailabilityZone = &v 6536 return s 6537} 6538 6539// SetSubnetId sets the SubnetId field's value. 6540func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetSubnetId(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6541 s.SubnetId = &v 6542 return s 6543} 6544 6545// SetViolatingRoutes sets the ViolatingRoutes field's value. 6546func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetViolatingRoutes(v []*Route) *NetworkFirewallInternetTrafficNotInspectedViolation { 6547 s.ViolatingRoutes = v 6548 return s 6549} 6550 6551// SetVpcId sets the VpcId field's value. 6552func (s *NetworkFirewallInternetTrafficNotInspectedViolation) SetVpcId(v string) *NetworkFirewallInternetTrafficNotInspectedViolation { 6553 s.VpcId = &v 6554 return s 6555} 6556 6557// Violation detail for the improperly configured subnet route. It's possible 6558// there is a missing route table route, or a configuration that causes traffic 6559// to cross an Availability Zone boundary. 6560type NetworkFirewallInvalidRouteConfigurationViolation struct { 6561 _ struct{} `type:"structure"` 6562 6563 // The actual firewall endpoint. 6564 ActualFirewallEndpoint *string `min:"1" type:"string"` 6565 6566 // The actual subnet ID for the firewall. 6567 ActualFirewallSubnetId *string `min:"1" type:"string"` 6568 6569 // The actual firewall subnet routes that are expected. 6570 ActualFirewallSubnetRoutes []*Route `type:"list"` 6571 6572 // The actual internet gateway routes. 6573 ActualInternetGatewayRoutes []*Route `type:"list"` 6574 6575 // The subnets that are affected. 6576 AffectedSubnets []*string `type:"list"` 6577 6578 // The subnet route table for the current firewall. 6579 CurrentFirewallSubnetRouteTable *string `min:"1" type:"string"` 6580 6581 // The route table for the current internet gateway. 6582 CurrentInternetGatewayRouteTable *string `min:"1" type:"string"` 6583 6584 // The firewall endpoint that's expected. 6585 ExpectedFirewallEndpoint *string `min:"1" type:"string"` 6586 6587 // The expected subnet ID for the firewall. 6588 ExpectedFirewallSubnetId *string `min:"1" type:"string"` 6589 6590 // The firewall subnet routes that are expected. 6591 ExpectedFirewallSubnetRoutes []*ExpectedRoute `type:"list"` 6592 6593 // The expected routes for the internet gateway. 6594 ExpectedInternetGatewayRoutes []*ExpectedRoute `type:"list"` 6595 6596 // The internet gateway ID. 6597 InternetGatewayId *string `min:"1" type:"string"` 6598 6599 // Information about whether the route table is used in another Availability 6600 // Zone. 6601 IsRouteTableUsedInDifferentAZ *bool `type:"boolean"` 6602 6603 // The route table ID. 6604 RouteTableId *string `min:"1" type:"string"` 6605 6606 // The route that's in violation. 6607 ViolatingRoute *Route `type:"structure"` 6608 6609 // Information about the VPC ID. 6610 VpcId *string `min:"1" type:"string"` 6611} 6612 6613// String returns the string representation. 6614// 6615// API parameter values that are decorated as "sensitive" in the API will not 6616// be included in the string output. The member name will be present, but the 6617// value will be replaced with "sensitive". 6618func (s NetworkFirewallInvalidRouteConfigurationViolation) String() string { 6619 return awsutil.Prettify(s) 6620} 6621 6622// GoString returns the string representation. 6623// 6624// API parameter values that are decorated as "sensitive" in the API will not 6625// be included in the string output. The member name will be present, but the 6626// value will be replaced with "sensitive". 6627func (s NetworkFirewallInvalidRouteConfigurationViolation) GoString() string { 6628 return s.String() 6629} 6630 6631// SetActualFirewallEndpoint sets the ActualFirewallEndpoint field's value. 6632func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetActualFirewallEndpoint(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6633 s.ActualFirewallEndpoint = &v 6634 return s 6635} 6636 6637// SetActualFirewallSubnetId sets the ActualFirewallSubnetId field's value. 6638func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetActualFirewallSubnetId(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6639 s.ActualFirewallSubnetId = &v 6640 return s 6641} 6642 6643// SetActualFirewallSubnetRoutes sets the ActualFirewallSubnetRoutes field's value. 6644func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetActualFirewallSubnetRoutes(v []*Route) *NetworkFirewallInvalidRouteConfigurationViolation { 6645 s.ActualFirewallSubnetRoutes = v 6646 return s 6647} 6648 6649// SetActualInternetGatewayRoutes sets the ActualInternetGatewayRoutes field's value. 6650func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetActualInternetGatewayRoutes(v []*Route) *NetworkFirewallInvalidRouteConfigurationViolation { 6651 s.ActualInternetGatewayRoutes = v 6652 return s 6653} 6654 6655// SetAffectedSubnets sets the AffectedSubnets field's value. 6656func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetAffectedSubnets(v []*string) *NetworkFirewallInvalidRouteConfigurationViolation { 6657 s.AffectedSubnets = v 6658 return s 6659} 6660 6661// SetCurrentFirewallSubnetRouteTable sets the CurrentFirewallSubnetRouteTable field's value. 6662func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetCurrentFirewallSubnetRouteTable(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6663 s.CurrentFirewallSubnetRouteTable = &v 6664 return s 6665} 6666 6667// SetCurrentInternetGatewayRouteTable sets the CurrentInternetGatewayRouteTable field's value. 6668func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetCurrentInternetGatewayRouteTable(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6669 s.CurrentInternetGatewayRouteTable = &v 6670 return s 6671} 6672 6673// SetExpectedFirewallEndpoint sets the ExpectedFirewallEndpoint field's value. 6674func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetExpectedFirewallEndpoint(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6675 s.ExpectedFirewallEndpoint = &v 6676 return s 6677} 6678 6679// SetExpectedFirewallSubnetId sets the ExpectedFirewallSubnetId field's value. 6680func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetExpectedFirewallSubnetId(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6681 s.ExpectedFirewallSubnetId = &v 6682 return s 6683} 6684 6685// SetExpectedFirewallSubnetRoutes sets the ExpectedFirewallSubnetRoutes field's value. 6686func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetExpectedFirewallSubnetRoutes(v []*ExpectedRoute) *NetworkFirewallInvalidRouteConfigurationViolation { 6687 s.ExpectedFirewallSubnetRoutes = v 6688 return s 6689} 6690 6691// SetExpectedInternetGatewayRoutes sets the ExpectedInternetGatewayRoutes field's value. 6692func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetExpectedInternetGatewayRoutes(v []*ExpectedRoute) *NetworkFirewallInvalidRouteConfigurationViolation { 6693 s.ExpectedInternetGatewayRoutes = v 6694 return s 6695} 6696 6697// SetInternetGatewayId sets the InternetGatewayId field's value. 6698func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetInternetGatewayId(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6699 s.InternetGatewayId = &v 6700 return s 6701} 6702 6703// SetIsRouteTableUsedInDifferentAZ sets the IsRouteTableUsedInDifferentAZ field's value. 6704func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetIsRouteTableUsedInDifferentAZ(v bool) *NetworkFirewallInvalidRouteConfigurationViolation { 6705 s.IsRouteTableUsedInDifferentAZ = &v 6706 return s 6707} 6708 6709// SetRouteTableId sets the RouteTableId field's value. 6710func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetRouteTableId(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6711 s.RouteTableId = &v 6712 return s 6713} 6714 6715// SetViolatingRoute sets the ViolatingRoute field's value. 6716func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetViolatingRoute(v *Route) *NetworkFirewallInvalidRouteConfigurationViolation { 6717 s.ViolatingRoute = v 6718 return s 6719} 6720 6721// SetVpcId sets the VpcId field's value. 6722func (s *NetworkFirewallInvalidRouteConfigurationViolation) SetVpcId(v string) *NetworkFirewallInvalidRouteConfigurationViolation { 6723 s.VpcId = &v 6724 return s 6725} 6726 6727// Violation detail for Network Firewall for a subnet that's not associated 6728// to the expected Firewall Manager managed route table. 6729type NetworkFirewallMissingExpectedRTViolation struct { 6730 _ struct{} `type:"structure"` 6731 6732 // The Availability Zone of a violating subnet. 6733 AvailabilityZone *string `type:"string"` 6734 6735 // The resource ID of the current route table that's associated with the subnet, 6736 // if one is available. 6737 CurrentRouteTable *string `min:"1" type:"string"` 6738 6739 // The resource ID of the route table that should be associated with the subnet. 6740 ExpectedRouteTable *string `min:"1" type:"string"` 6741 6742 // The resource ID of the VPC associated with a violating subnet. 6743 VPC *string `min:"1" type:"string"` 6744 6745 // The ID of the Network Firewall or VPC resource that's in violation. 6746 ViolationTarget *string `type:"string"` 6747} 6748 6749// String returns the string representation. 6750// 6751// API parameter values that are decorated as "sensitive" in the API will not 6752// be included in the string output. The member name will be present, but the 6753// value will be replaced with "sensitive". 6754func (s NetworkFirewallMissingExpectedRTViolation) String() string { 6755 return awsutil.Prettify(s) 6756} 6757 6758// GoString returns the string representation. 6759// 6760// API parameter values that are decorated as "sensitive" in the API will not 6761// be included in the string output. The member name will be present, but the 6762// value will be replaced with "sensitive". 6763func (s NetworkFirewallMissingExpectedRTViolation) GoString() string { 6764 return s.String() 6765} 6766 6767// SetAvailabilityZone sets the AvailabilityZone field's value. 6768func (s *NetworkFirewallMissingExpectedRTViolation) SetAvailabilityZone(v string) *NetworkFirewallMissingExpectedRTViolation { 6769 s.AvailabilityZone = &v 6770 return s 6771} 6772 6773// SetCurrentRouteTable sets the CurrentRouteTable field's value. 6774func (s *NetworkFirewallMissingExpectedRTViolation) SetCurrentRouteTable(v string) *NetworkFirewallMissingExpectedRTViolation { 6775 s.CurrentRouteTable = &v 6776 return s 6777} 6778 6779// SetExpectedRouteTable sets the ExpectedRouteTable field's value. 6780func (s *NetworkFirewallMissingExpectedRTViolation) SetExpectedRouteTable(v string) *NetworkFirewallMissingExpectedRTViolation { 6781 s.ExpectedRouteTable = &v 6782 return s 6783} 6784 6785// SetVPC sets the VPC field's value. 6786func (s *NetworkFirewallMissingExpectedRTViolation) SetVPC(v string) *NetworkFirewallMissingExpectedRTViolation { 6787 s.VPC = &v 6788 return s 6789} 6790 6791// SetViolationTarget sets the ViolationTarget field's value. 6792func (s *NetworkFirewallMissingExpectedRTViolation) SetViolationTarget(v string) *NetworkFirewallMissingExpectedRTViolation { 6793 s.ViolationTarget = &v 6794 return s 6795} 6796 6797// Violation detail for an expected route missing in Network Firewall. 6798type NetworkFirewallMissingExpectedRoutesViolation struct { 6799 _ struct{} `type:"structure"` 6800 6801 // The expected routes. 6802 ExpectedRoutes []*ExpectedRoute `type:"list"` 6803 6804 // The target of the violation. 6805 ViolationTarget *string `type:"string"` 6806 6807 // Information about the VPC ID. 6808 VpcId *string `min:"1" type:"string"` 6809} 6810 6811// String returns the string representation. 6812// 6813// API parameter values that are decorated as "sensitive" in the API will not 6814// be included in the string output. The member name will be present, but the 6815// value will be replaced with "sensitive". 6816func (s NetworkFirewallMissingExpectedRoutesViolation) String() string { 6817 return awsutil.Prettify(s) 6818} 6819 6820// GoString returns the string representation. 6821// 6822// API parameter values that are decorated as "sensitive" in the API will not 6823// be included in the string output. The member name will be present, but the 6824// value will be replaced with "sensitive". 6825func (s NetworkFirewallMissingExpectedRoutesViolation) GoString() string { 6826 return s.String() 6827} 6828 6829// SetExpectedRoutes sets the ExpectedRoutes field's value. 6830func (s *NetworkFirewallMissingExpectedRoutesViolation) SetExpectedRoutes(v []*ExpectedRoute) *NetworkFirewallMissingExpectedRoutesViolation { 6831 s.ExpectedRoutes = v 6832 return s 6833} 6834 6835// SetViolationTarget sets the ViolationTarget field's value. 6836func (s *NetworkFirewallMissingExpectedRoutesViolation) SetViolationTarget(v string) *NetworkFirewallMissingExpectedRoutesViolation { 6837 s.ViolationTarget = &v 6838 return s 6839} 6840 6841// SetVpcId sets the VpcId field's value. 6842func (s *NetworkFirewallMissingExpectedRoutesViolation) SetVpcId(v string) *NetworkFirewallMissingExpectedRoutesViolation { 6843 s.VpcId = &v 6844 return s 6845} 6846 6847// Violation detail for Network Firewall for a subnet that doesn't have a Firewall 6848// Manager managed firewall in its VPC. 6849type NetworkFirewallMissingFirewallViolation struct { 6850 _ struct{} `type:"structure"` 6851 6852 // The Availability Zone of a violating subnet. 6853 AvailabilityZone *string `type:"string"` 6854 6855 // The reason the resource has this violation, if one is available. 6856 TargetViolationReason *string `type:"string"` 6857 6858 // The resource ID of the VPC associated with a violating subnet. 6859 VPC *string `min:"1" type:"string"` 6860 6861 // The ID of the Network Firewall or VPC resource that's in violation. 6862 ViolationTarget *string `type:"string"` 6863} 6864 6865// String returns the string representation. 6866// 6867// API parameter values that are decorated as "sensitive" in the API will not 6868// be included in the string output. The member name will be present, but the 6869// value will be replaced with "sensitive". 6870func (s NetworkFirewallMissingFirewallViolation) String() string { 6871 return awsutil.Prettify(s) 6872} 6873 6874// GoString returns the string representation. 6875// 6876// API parameter values that are decorated as "sensitive" in the API will not 6877// be included in the string output. The member name will be present, but the 6878// value will be replaced with "sensitive". 6879func (s NetworkFirewallMissingFirewallViolation) GoString() string { 6880 return s.String() 6881} 6882 6883// SetAvailabilityZone sets the AvailabilityZone field's value. 6884func (s *NetworkFirewallMissingFirewallViolation) SetAvailabilityZone(v string) *NetworkFirewallMissingFirewallViolation { 6885 s.AvailabilityZone = &v 6886 return s 6887} 6888 6889// SetTargetViolationReason sets the TargetViolationReason field's value. 6890func (s *NetworkFirewallMissingFirewallViolation) SetTargetViolationReason(v string) *NetworkFirewallMissingFirewallViolation { 6891 s.TargetViolationReason = &v 6892 return s 6893} 6894 6895// SetVPC sets the VPC field's value. 6896func (s *NetworkFirewallMissingFirewallViolation) SetVPC(v string) *NetworkFirewallMissingFirewallViolation { 6897 s.VPC = &v 6898 return s 6899} 6900 6901// SetViolationTarget sets the ViolationTarget field's value. 6902func (s *NetworkFirewallMissingFirewallViolation) SetViolationTarget(v string) *NetworkFirewallMissingFirewallViolation { 6903 s.ViolationTarget = &v 6904 return s 6905} 6906 6907// Violation detail for Network Firewall for an Availability Zone that's missing 6908// the expected Firewall Manager managed subnet. 6909type NetworkFirewallMissingSubnetViolation struct { 6910 _ struct{} `type:"structure"` 6911 6912 // The Availability Zone of a violating subnet. 6913 AvailabilityZone *string `type:"string"` 6914 6915 // The reason the resource has this violation, if one is available. 6916 TargetViolationReason *string `type:"string"` 6917 6918 // The resource ID of the VPC associated with a violating subnet. 6919 VPC *string `min:"1" type:"string"` 6920 6921 // The ID of the Network Firewall or VPC resource that's in violation. 6922 ViolationTarget *string `type:"string"` 6923} 6924 6925// String returns the string representation. 6926// 6927// API parameter values that are decorated as "sensitive" in the API will not 6928// be included in the string output. The member name will be present, but the 6929// value will be replaced with "sensitive". 6930func (s NetworkFirewallMissingSubnetViolation) String() string { 6931 return awsutil.Prettify(s) 6932} 6933 6934// GoString returns the string representation. 6935// 6936// API parameter values that are decorated as "sensitive" in the API will not 6937// be included in the string output. The member name will be present, but the 6938// value will be replaced with "sensitive". 6939func (s NetworkFirewallMissingSubnetViolation) GoString() string { 6940 return s.String() 6941} 6942 6943// SetAvailabilityZone sets the AvailabilityZone field's value. 6944func (s *NetworkFirewallMissingSubnetViolation) SetAvailabilityZone(v string) *NetworkFirewallMissingSubnetViolation { 6945 s.AvailabilityZone = &v 6946 return s 6947} 6948 6949// SetTargetViolationReason sets the TargetViolationReason field's value. 6950func (s *NetworkFirewallMissingSubnetViolation) SetTargetViolationReason(v string) *NetworkFirewallMissingSubnetViolation { 6951 s.TargetViolationReason = &v 6952 return s 6953} 6954 6955// SetVPC sets the VPC field's value. 6956func (s *NetworkFirewallMissingSubnetViolation) SetVPC(v string) *NetworkFirewallMissingSubnetViolation { 6957 s.VPC = &v 6958 return s 6959} 6960 6961// SetViolationTarget sets the ViolationTarget field's value. 6962func (s *NetworkFirewallMissingSubnetViolation) SetViolationTarget(v string) *NetworkFirewallMissingSubnetViolation { 6963 s.ViolationTarget = &v 6964 return s 6965} 6966 6967// The definition of the Network Firewall firewall policy. 6968type NetworkFirewallPolicyDescription struct { 6969 _ struct{} `type:"structure"` 6970 6971 // The stateful rule groups that are used in the Network Firewall firewall policy. 6972 StatefulRuleGroups []*StatefulRuleGroup `type:"list"` 6973 6974 // Names of custom actions that are available for use in the stateless default 6975 // actions settings. 6976 StatelessCustomActions []*string `type:"list"` 6977 6978 // The actions to take on packets that don't match any of the stateless rule 6979 // groups. 6980 StatelessDefaultActions []*string `type:"list"` 6981 6982 // The actions to take on packet fragments that don't match any of the stateless 6983 // rule groups. 6984 StatelessFragmentDefaultActions []*string `type:"list"` 6985 6986 // The stateless rule groups that are used in the Network Firewall firewall 6987 // policy. 6988 StatelessRuleGroups []*StatelessRuleGroup `type:"list"` 6989} 6990 6991// String returns the string representation. 6992// 6993// API parameter values that are decorated as "sensitive" in the API will not 6994// be included in the string output. The member name will be present, but the 6995// value will be replaced with "sensitive". 6996func (s NetworkFirewallPolicyDescription) String() string { 6997 return awsutil.Prettify(s) 6998} 6999 7000// GoString returns the string representation. 7001// 7002// API parameter values that are decorated as "sensitive" in the API will not 7003// be included in the string output. The member name will be present, but the 7004// value will be replaced with "sensitive". 7005func (s NetworkFirewallPolicyDescription) GoString() string { 7006 return s.String() 7007} 7008 7009// SetStatefulRuleGroups sets the StatefulRuleGroups field's value. 7010func (s *NetworkFirewallPolicyDescription) SetStatefulRuleGroups(v []*StatefulRuleGroup) *NetworkFirewallPolicyDescription { 7011 s.StatefulRuleGroups = v 7012 return s 7013} 7014 7015// SetStatelessCustomActions sets the StatelessCustomActions field's value. 7016func (s *NetworkFirewallPolicyDescription) SetStatelessCustomActions(v []*string) *NetworkFirewallPolicyDescription { 7017 s.StatelessCustomActions = v 7018 return s 7019} 7020 7021// SetStatelessDefaultActions sets the StatelessDefaultActions field's value. 7022func (s *NetworkFirewallPolicyDescription) SetStatelessDefaultActions(v []*string) *NetworkFirewallPolicyDescription { 7023 s.StatelessDefaultActions = v 7024 return s 7025} 7026 7027// SetStatelessFragmentDefaultActions sets the StatelessFragmentDefaultActions field's value. 7028func (s *NetworkFirewallPolicyDescription) SetStatelessFragmentDefaultActions(v []*string) *NetworkFirewallPolicyDescription { 7029 s.StatelessFragmentDefaultActions = v 7030 return s 7031} 7032 7033// SetStatelessRuleGroups sets the StatelessRuleGroups field's value. 7034func (s *NetworkFirewallPolicyDescription) SetStatelessRuleGroups(v []*StatelessRuleGroup) *NetworkFirewallPolicyDescription { 7035 s.StatelessRuleGroups = v 7036 return s 7037} 7038 7039// Violation detail for Network Firewall for a firewall policy that has a different 7040// NetworkFirewallPolicyDescription than is required by the Firewall Manager 7041// policy. 7042type NetworkFirewallPolicyModifiedViolation struct { 7043 _ struct{} `type:"structure"` 7044 7045 // The policy that's currently in use in the individual account. 7046 CurrentPolicyDescription *NetworkFirewallPolicyDescription `type:"structure"` 7047 7048 // The policy that should be in use in the individual account in order to be 7049 // compliant. 7050 ExpectedPolicyDescription *NetworkFirewallPolicyDescription `type:"structure"` 7051 7052 // The ID of the Network Firewall or VPC resource that's in violation. 7053 ViolationTarget *string `type:"string"` 7054} 7055 7056// String returns the string representation. 7057// 7058// API parameter values that are decorated as "sensitive" in the API will not 7059// be included in the string output. The member name will be present, but the 7060// value will be replaced with "sensitive". 7061func (s NetworkFirewallPolicyModifiedViolation) String() string { 7062 return awsutil.Prettify(s) 7063} 7064 7065// GoString returns the string representation. 7066// 7067// API parameter values that are decorated as "sensitive" in the API will not 7068// be included in the string output. The member name will be present, but the 7069// value will be replaced with "sensitive". 7070func (s NetworkFirewallPolicyModifiedViolation) GoString() string { 7071 return s.String() 7072} 7073 7074// SetCurrentPolicyDescription sets the CurrentPolicyDescription field's value. 7075func (s *NetworkFirewallPolicyModifiedViolation) SetCurrentPolicyDescription(v *NetworkFirewallPolicyDescription) *NetworkFirewallPolicyModifiedViolation { 7076 s.CurrentPolicyDescription = v 7077 return s 7078} 7079 7080// SetExpectedPolicyDescription sets the ExpectedPolicyDescription field's value. 7081func (s *NetworkFirewallPolicyModifiedViolation) SetExpectedPolicyDescription(v *NetworkFirewallPolicyDescription) *NetworkFirewallPolicyModifiedViolation { 7082 s.ExpectedPolicyDescription = v 7083 return s 7084} 7085 7086// SetViolationTarget sets the ViolationTarget field's value. 7087func (s *NetworkFirewallPolicyModifiedViolation) SetViolationTarget(v string) *NetworkFirewallPolicyModifiedViolation { 7088 s.ViolationTarget = &v 7089 return s 7090} 7091 7092// Violation detail for an unexpected route that's present in a route table. 7093type NetworkFirewallUnexpectedFirewallRoutesViolation struct { 7094 _ struct{} `type:"structure"` 7095 7096 // The endpoint of the firewall. 7097 FirewallEndpoint *string `min:"1" type:"string"` 7098 7099 // The subnet ID for the firewall. 7100 FirewallSubnetId *string `min:"1" type:"string"` 7101 7102 // The ID of the route table. 7103 RouteTableId *string `min:"1" type:"string"` 7104 7105 // The routes that are in violation. 7106 ViolatingRoutes []*Route `type:"list"` 7107 7108 // Information about the VPC ID. 7109 VpcId *string `min:"1" type:"string"` 7110} 7111 7112// String returns the string representation. 7113// 7114// API parameter values that are decorated as "sensitive" in the API will not 7115// be included in the string output. The member name will be present, but the 7116// value will be replaced with "sensitive". 7117func (s NetworkFirewallUnexpectedFirewallRoutesViolation) String() string { 7118 return awsutil.Prettify(s) 7119} 7120 7121// GoString returns the string representation. 7122// 7123// API parameter values that are decorated as "sensitive" in the API will not 7124// be included in the string output. The member name will be present, but the 7125// value will be replaced with "sensitive". 7126func (s NetworkFirewallUnexpectedFirewallRoutesViolation) GoString() string { 7127 return s.String() 7128} 7129 7130// SetFirewallEndpoint sets the FirewallEndpoint field's value. 7131func (s *NetworkFirewallUnexpectedFirewallRoutesViolation) SetFirewallEndpoint(v string) *NetworkFirewallUnexpectedFirewallRoutesViolation { 7132 s.FirewallEndpoint = &v 7133 return s 7134} 7135 7136// SetFirewallSubnetId sets the FirewallSubnetId field's value. 7137func (s *NetworkFirewallUnexpectedFirewallRoutesViolation) SetFirewallSubnetId(v string) *NetworkFirewallUnexpectedFirewallRoutesViolation { 7138 s.FirewallSubnetId = &v 7139 return s 7140} 7141 7142// SetRouteTableId sets the RouteTableId field's value. 7143func (s *NetworkFirewallUnexpectedFirewallRoutesViolation) SetRouteTableId(v string) *NetworkFirewallUnexpectedFirewallRoutesViolation { 7144 s.RouteTableId = &v 7145 return s 7146} 7147 7148// SetViolatingRoutes sets the ViolatingRoutes field's value. 7149func (s *NetworkFirewallUnexpectedFirewallRoutesViolation) SetViolatingRoutes(v []*Route) *NetworkFirewallUnexpectedFirewallRoutesViolation { 7150 s.ViolatingRoutes = v 7151 return s 7152} 7153 7154// SetVpcId sets the VpcId field's value. 7155func (s *NetworkFirewallUnexpectedFirewallRoutesViolation) SetVpcId(v string) *NetworkFirewallUnexpectedFirewallRoutesViolation { 7156 s.VpcId = &v 7157 return s 7158} 7159 7160// Violation detail for an unexpected gateway route that’s present in a route 7161// table. 7162type NetworkFirewallUnexpectedGatewayRoutesViolation struct { 7163 _ struct{} `type:"structure"` 7164 7165 // Information about the gateway ID. 7166 GatewayId *string `min:"1" type:"string"` 7167 7168 // Information about the route table. 7169 RouteTableId *string `min:"1" type:"string"` 7170 7171 // The routes that are in violation. 7172 ViolatingRoutes []*Route `type:"list"` 7173 7174 // Information about the VPC ID. 7175 VpcId *string `min:"1" type:"string"` 7176} 7177 7178// String returns the string representation. 7179// 7180// API parameter values that are decorated as "sensitive" in the API will not 7181// be included in the string output. The member name will be present, but the 7182// value will be replaced with "sensitive". 7183func (s NetworkFirewallUnexpectedGatewayRoutesViolation) String() string { 7184 return awsutil.Prettify(s) 7185} 7186 7187// GoString returns the string representation. 7188// 7189// API parameter values that are decorated as "sensitive" in the API will not 7190// be included in the string output. The member name will be present, but the 7191// value will be replaced with "sensitive". 7192func (s NetworkFirewallUnexpectedGatewayRoutesViolation) GoString() string { 7193 return s.String() 7194} 7195 7196// SetGatewayId sets the GatewayId field's value. 7197func (s *NetworkFirewallUnexpectedGatewayRoutesViolation) SetGatewayId(v string) *NetworkFirewallUnexpectedGatewayRoutesViolation { 7198 s.GatewayId = &v 7199 return s 7200} 7201 7202// SetRouteTableId sets the RouteTableId field's value. 7203func (s *NetworkFirewallUnexpectedGatewayRoutesViolation) SetRouteTableId(v string) *NetworkFirewallUnexpectedGatewayRoutesViolation { 7204 s.RouteTableId = &v 7205 return s 7206} 7207 7208// SetViolatingRoutes sets the ViolatingRoutes field's value. 7209func (s *NetworkFirewallUnexpectedGatewayRoutesViolation) SetViolatingRoutes(v []*Route) *NetworkFirewallUnexpectedGatewayRoutesViolation { 7210 s.ViolatingRoutes = v 7211 return s 7212} 7213 7214// SetVpcId sets the VpcId field's value. 7215func (s *NetworkFirewallUnexpectedGatewayRoutesViolation) SetVpcId(v string) *NetworkFirewallUnexpectedGatewayRoutesViolation { 7216 s.VpcId = &v 7217 return s 7218} 7219 7220// The reference rule that partially matches the ViolationTarget rule and violation 7221// reason. 7222type PartialMatch struct { 7223 _ struct{} `type:"structure"` 7224 7225 // The reference rule from the primary security group of the Firewall Manager 7226 // policy. 7227 Reference *string `type:"string"` 7228 7229 // The violation reason. 7230 TargetViolationReasons []*string `type:"list"` 7231} 7232 7233// String returns the string representation. 7234// 7235// API parameter values that are decorated as "sensitive" in the API will not 7236// be included in the string output. The member name will be present, but the 7237// value will be replaced with "sensitive". 7238func (s PartialMatch) String() string { 7239 return awsutil.Prettify(s) 7240} 7241 7242// GoString returns the string representation. 7243// 7244// API parameter values that are decorated as "sensitive" in the API will not 7245// be included in the string output. The member name will be present, but the 7246// value will be replaced with "sensitive". 7247func (s PartialMatch) GoString() string { 7248 return s.String() 7249} 7250 7251// SetReference sets the Reference field's value. 7252func (s *PartialMatch) SetReference(v string) *PartialMatch { 7253 s.Reference = &v 7254 return s 7255} 7256 7257// SetTargetViolationReasons sets the TargetViolationReasons field's value. 7258func (s *PartialMatch) SetTargetViolationReasons(v []*string) *PartialMatch { 7259 s.TargetViolationReasons = v 7260 return s 7261} 7262 7263// An Firewall Manager policy. 7264type Policy struct { 7265 _ struct{} `type:"structure"` 7266 7267 // Indicates whether Firewall Manager should delete Firewall Manager managed 7268 // resources, such as web ACLs and security groups, when they are not in use 7269 // by the Firewall Manager policy. By default, Firewall Manager doesn't delete 7270 // unused Firewall Manager managed resources. This option is not available for 7271 // Shield Advanced or WAF Classic policies. 7272 DeleteUnusedFMManagedResources *bool `type:"boolean"` 7273 7274 // Specifies the Amazon Web Services account IDs and Organizations organizational 7275 // units (OUs) to exclude from the policy. Specifying an OU is the equivalent 7276 // of specifying all accounts in the OU and in any of its child OUs, including 7277 // any child OUs and accounts that are added at a later time. 7278 // 7279 // You can specify inclusions or exclusions, but not both. If you specify an 7280 // IncludeMap, Firewall Manager applies the policy to all accounts specified 7281 // by the IncludeMap, and does not evaluate any ExcludeMap specifications. If 7282 // you do not specify an IncludeMap, then Firewall Manager applies the policy 7283 // to all accounts except for those specified by the ExcludeMap. 7284 // 7285 // You can specify account IDs, OUs, or a combination: 7286 // 7287 // * Specify account IDs by setting the key to ACCOUNT. For example, the 7288 // following is a valid map: {“ACCOUNT” : [“accountID1”, “accountID2”]}. 7289 // 7290 // * Specify OUs by setting the key to ORG_UNIT. For example, the following 7291 // is a valid map: {“ORG_UNIT” : [“ouid111”, “ouid112”]}. 7292 // 7293 // * Specify accounts and OUs together in a single map, separated with a 7294 // comma. For example, the following is a valid map: {“ACCOUNT” : [“accountID1”, 7295 // “accountID2”], “ORG_UNIT” : [“ouid111”, “ouid112”]}. 7296 ExcludeMap map[string][]*string `type:"map"` 7297 7298 // If set to True, resources with the tags that are specified in the ResourceTag 7299 // array are not in scope of the policy. If set to False, and the ResourceTag 7300 // array is not null, only resources with the specified tags are in scope of 7301 // the policy. 7302 // 7303 // ExcludeResourceTags is a required field 7304 ExcludeResourceTags *bool `type:"boolean" required:"true"` 7305 7306 // Specifies the Amazon Web Services account IDs and Organizations organizational 7307 // units (OUs) to include in the policy. Specifying an OU is the equivalent 7308 // of specifying all accounts in the OU and in any of its child OUs, including 7309 // any child OUs and accounts that are added at a later time. 7310 // 7311 // You can specify inclusions or exclusions, but not both. If you specify an 7312 // IncludeMap, Firewall Manager applies the policy to all accounts specified 7313 // by the IncludeMap, and does not evaluate any ExcludeMap specifications. If 7314 // you do not specify an IncludeMap, then Firewall Manager applies the policy 7315 // to all accounts except for those specified by the ExcludeMap. 7316 // 7317 // You can specify account IDs, OUs, or a combination: 7318 // 7319 // * Specify account IDs by setting the key to ACCOUNT. For example, the 7320 // following is a valid map: {“ACCOUNT” : [“accountID1”, “accountID2”]}. 7321 // 7322 // * Specify OUs by setting the key to ORG_UNIT. For example, the following 7323 // is a valid map: {“ORG_UNIT” : [“ouid111”, “ouid112”]}. 7324 // 7325 // * Specify accounts and OUs together in a single map, separated with a 7326 // comma. For example, the following is a valid map: {“ACCOUNT” : [“accountID1”, 7327 // “accountID2”], “ORG_UNIT” : [“ouid111”, “ouid112”]}. 7328 IncludeMap map[string][]*string `type:"map"` 7329 7330 // The ID of the Firewall Manager policy. 7331 PolicyId *string `min:"36" type:"string"` 7332 7333 // The name of the Firewall Manager policy. 7334 // 7335 // PolicyName is a required field 7336 PolicyName *string `min:"1" type:"string" required:"true"` 7337 7338 // A unique identifier for each update to the policy. When issuing a PutPolicy 7339 // request, the PolicyUpdateToken in the request must match the PolicyUpdateToken 7340 // of the current policy version. To get the PolicyUpdateToken of the current 7341 // policy version, use a GetPolicy request. 7342 PolicyUpdateToken *string `min:"1" type:"string"` 7343 7344 // Indicates if the policy should be automatically applied to new resources. 7345 // 7346 // RemediationEnabled is a required field 7347 RemediationEnabled *bool `type:"boolean" required:"true"` 7348 7349 // An array of ResourceTag objects. 7350 ResourceTags []*ResourceTag `type:"list"` 7351 7352 // The type of resource protected by or in scope of the policy. This is in the 7353 // format shown in the Amazon Web Services Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 7354 // To apply this policy to multiple resource types, specify a resource type 7355 // of ResourceTypeList and then specify the resource types in a ResourceTypeList. 7356 // 7357 // For WAF and Shield Advanced, example resource types include AWS::ElasticLoadBalancingV2::LoadBalancer 7358 // and AWS::CloudFront::Distribution. For a security group common policy, valid 7359 // values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security 7360 // group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, 7361 // and AWS::EC2::Instance. For a security group usage audit policy, the value 7362 // is AWS::EC2::SecurityGroup. For an Network Firewall policy or DNS Firewall 7363 // policy, the value is AWS::EC2::VPC. 7364 // 7365 // ResourceType is a required field 7366 ResourceType *string `min:"1" type:"string" required:"true"` 7367 7368 // An array of ResourceType objects. Use this only to specify multiple resource 7369 // types. To specify a single resource type, use ResourceType. 7370 ResourceTypeList []*string `type:"list"` 7371 7372 // Details about the security service that is being used to protect the resources. 7373 // 7374 // SecurityServicePolicyData is a required field 7375 SecurityServicePolicyData *SecurityServicePolicyData `type:"structure" required:"true"` 7376} 7377 7378// String returns the string representation. 7379// 7380// API parameter values that are decorated as "sensitive" in the API will not 7381// be included in the string output. The member name will be present, but the 7382// value will be replaced with "sensitive". 7383func (s Policy) String() string { 7384 return awsutil.Prettify(s) 7385} 7386 7387// GoString returns the string representation. 7388// 7389// API parameter values that are decorated as "sensitive" in the API will not 7390// be included in the string output. The member name will be present, but the 7391// value will be replaced with "sensitive". 7392func (s Policy) GoString() string { 7393 return s.String() 7394} 7395 7396// Validate inspects the fields of the type to determine if they are valid. 7397func (s *Policy) Validate() error { 7398 invalidParams := request.ErrInvalidParams{Context: "Policy"} 7399 if s.ExcludeResourceTags == nil { 7400 invalidParams.Add(request.NewErrParamRequired("ExcludeResourceTags")) 7401 } 7402 if s.PolicyId != nil && len(*s.PolicyId) < 36 { 7403 invalidParams.Add(request.NewErrParamMinLen("PolicyId", 36)) 7404 } 7405 if s.PolicyName == nil { 7406 invalidParams.Add(request.NewErrParamRequired("PolicyName")) 7407 } 7408 if s.PolicyName != nil && len(*s.PolicyName) < 1 { 7409 invalidParams.Add(request.NewErrParamMinLen("PolicyName", 1)) 7410 } 7411 if s.PolicyUpdateToken != nil && len(*s.PolicyUpdateToken) < 1 { 7412 invalidParams.Add(request.NewErrParamMinLen("PolicyUpdateToken", 1)) 7413 } 7414 if s.RemediationEnabled == nil { 7415 invalidParams.Add(request.NewErrParamRequired("RemediationEnabled")) 7416 } 7417 if s.ResourceType == nil { 7418 invalidParams.Add(request.NewErrParamRequired("ResourceType")) 7419 } 7420 if s.ResourceType != nil && len(*s.ResourceType) < 1 { 7421 invalidParams.Add(request.NewErrParamMinLen("ResourceType", 1)) 7422 } 7423 if s.SecurityServicePolicyData == nil { 7424 invalidParams.Add(request.NewErrParamRequired("SecurityServicePolicyData")) 7425 } 7426 if s.ResourceTags != nil { 7427 for i, v := range s.ResourceTags { 7428 if v == nil { 7429 continue 7430 } 7431 if err := v.Validate(); err != nil { 7432 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ResourceTags", i), err.(request.ErrInvalidParams)) 7433 } 7434 } 7435 } 7436 if s.SecurityServicePolicyData != nil { 7437 if err := s.SecurityServicePolicyData.Validate(); err != nil { 7438 invalidParams.AddNested("SecurityServicePolicyData", err.(request.ErrInvalidParams)) 7439 } 7440 } 7441 7442 if invalidParams.Len() > 0 { 7443 return invalidParams 7444 } 7445 return nil 7446} 7447 7448// SetDeleteUnusedFMManagedResources sets the DeleteUnusedFMManagedResources field's value. 7449func (s *Policy) SetDeleteUnusedFMManagedResources(v bool) *Policy { 7450 s.DeleteUnusedFMManagedResources = &v 7451 return s 7452} 7453 7454// SetExcludeMap sets the ExcludeMap field's value. 7455func (s *Policy) SetExcludeMap(v map[string][]*string) *Policy { 7456 s.ExcludeMap = v 7457 return s 7458} 7459 7460// SetExcludeResourceTags sets the ExcludeResourceTags field's value. 7461func (s *Policy) SetExcludeResourceTags(v bool) *Policy { 7462 s.ExcludeResourceTags = &v 7463 return s 7464} 7465 7466// SetIncludeMap sets the IncludeMap field's value. 7467func (s *Policy) SetIncludeMap(v map[string][]*string) *Policy { 7468 s.IncludeMap = v 7469 return s 7470} 7471 7472// SetPolicyId sets the PolicyId field's value. 7473func (s *Policy) SetPolicyId(v string) *Policy { 7474 s.PolicyId = &v 7475 return s 7476} 7477 7478// SetPolicyName sets the PolicyName field's value. 7479func (s *Policy) SetPolicyName(v string) *Policy { 7480 s.PolicyName = &v 7481 return s 7482} 7483 7484// SetPolicyUpdateToken sets the PolicyUpdateToken field's value. 7485func (s *Policy) SetPolicyUpdateToken(v string) *Policy { 7486 s.PolicyUpdateToken = &v 7487 return s 7488} 7489 7490// SetRemediationEnabled sets the RemediationEnabled field's value. 7491func (s *Policy) SetRemediationEnabled(v bool) *Policy { 7492 s.RemediationEnabled = &v 7493 return s 7494} 7495 7496// SetResourceTags sets the ResourceTags field's value. 7497func (s *Policy) SetResourceTags(v []*ResourceTag) *Policy { 7498 s.ResourceTags = v 7499 return s 7500} 7501 7502// SetResourceType sets the ResourceType field's value. 7503func (s *Policy) SetResourceType(v string) *Policy { 7504 s.ResourceType = &v 7505 return s 7506} 7507 7508// SetResourceTypeList sets the ResourceTypeList field's value. 7509func (s *Policy) SetResourceTypeList(v []*string) *Policy { 7510 s.ResourceTypeList = v 7511 return s 7512} 7513 7514// SetSecurityServicePolicyData sets the SecurityServicePolicyData field's value. 7515func (s *Policy) SetSecurityServicePolicyData(v *SecurityServicePolicyData) *Policy { 7516 s.SecurityServicePolicyData = v 7517 return s 7518} 7519 7520// Describes the noncompliant resources in a member account for a specific Firewall 7521// Manager policy. A maximum of 100 entries are displayed. If more than 100 7522// resources are noncompliant, EvaluationLimitExceeded is set to True. 7523type PolicyComplianceDetail struct { 7524 _ struct{} `type:"structure"` 7525 7526 // Indicates if over 100 resources are noncompliant with the Firewall Manager 7527 // policy. 7528 EvaluationLimitExceeded *bool `type:"boolean"` 7529 7530 // A timestamp that indicates when the returned information should be considered 7531 // out of date. 7532 ExpiredAt *time.Time `type:"timestamp"` 7533 7534 // Details about problems with dependent services, such as WAF or Config, and 7535 // the error message received that indicates the problem with the service. 7536 IssueInfoMap map[string]*string `type:"map"` 7537 7538 // The Amazon Web Services account ID. 7539 MemberAccount *string `min:"1" type:"string"` 7540 7541 // The ID of the Firewall Manager policy. 7542 PolicyId *string `min:"36" type:"string"` 7543 7544 // The Amazon Web Services account that created the Firewall Manager policy. 7545 PolicyOwner *string `min:"1" type:"string"` 7546 7547 // An array of resources that aren't protected by the WAF or Shield Advanced 7548 // policy or that aren't in compliance with the security group policy. 7549 Violators []*ComplianceViolator `type:"list"` 7550} 7551 7552// String returns the string representation. 7553// 7554// API parameter values that are decorated as "sensitive" in the API will not 7555// be included in the string output. The member name will be present, but the 7556// value will be replaced with "sensitive". 7557func (s PolicyComplianceDetail) String() string { 7558 return awsutil.Prettify(s) 7559} 7560 7561// GoString returns the string representation. 7562// 7563// API parameter values that are decorated as "sensitive" in the API will not 7564// be included in the string output. The member name will be present, but the 7565// value will be replaced with "sensitive". 7566func (s PolicyComplianceDetail) GoString() string { 7567 return s.String() 7568} 7569 7570// SetEvaluationLimitExceeded sets the EvaluationLimitExceeded field's value. 7571func (s *PolicyComplianceDetail) SetEvaluationLimitExceeded(v bool) *PolicyComplianceDetail { 7572 s.EvaluationLimitExceeded = &v 7573 return s 7574} 7575 7576// SetExpiredAt sets the ExpiredAt field's value. 7577func (s *PolicyComplianceDetail) SetExpiredAt(v time.Time) *PolicyComplianceDetail { 7578 s.ExpiredAt = &v 7579 return s 7580} 7581 7582// SetIssueInfoMap sets the IssueInfoMap field's value. 7583func (s *PolicyComplianceDetail) SetIssueInfoMap(v map[string]*string) *PolicyComplianceDetail { 7584 s.IssueInfoMap = v 7585 return s 7586} 7587 7588// SetMemberAccount sets the MemberAccount field's value. 7589func (s *PolicyComplianceDetail) SetMemberAccount(v string) *PolicyComplianceDetail { 7590 s.MemberAccount = &v 7591 return s 7592} 7593 7594// SetPolicyId sets the PolicyId field's value. 7595func (s *PolicyComplianceDetail) SetPolicyId(v string) *PolicyComplianceDetail { 7596 s.PolicyId = &v 7597 return s 7598} 7599 7600// SetPolicyOwner sets the PolicyOwner field's value. 7601func (s *PolicyComplianceDetail) SetPolicyOwner(v string) *PolicyComplianceDetail { 7602 s.PolicyOwner = &v 7603 return s 7604} 7605 7606// SetViolators sets the Violators field's value. 7607func (s *PolicyComplianceDetail) SetViolators(v []*ComplianceViolator) *PolicyComplianceDetail { 7608 s.Violators = v 7609 return s 7610} 7611 7612// Indicates whether the account is compliant with the specified policy. An 7613// account is considered noncompliant if it includes resources that are not 7614// protected by the policy, for WAF and Shield Advanced policies, or that are 7615// noncompliant with the policy, for security group policies. 7616type PolicyComplianceStatus struct { 7617 _ struct{} `type:"structure"` 7618 7619 // An array of EvaluationResult objects. 7620 EvaluationResults []*EvaluationResult `type:"list"` 7621 7622 // Details about problems with dependent services, such as WAF or Config, and 7623 // the error message received that indicates the problem with the service. 7624 IssueInfoMap map[string]*string `type:"map"` 7625 7626 // Timestamp of the last update to the EvaluationResult objects. 7627 LastUpdated *time.Time `type:"timestamp"` 7628 7629 // The member account ID. 7630 MemberAccount *string `min:"1" type:"string"` 7631 7632 // The ID of the Firewall Manager policy. 7633 PolicyId *string `min:"36" type:"string"` 7634 7635 // The name of the Firewall Manager policy. 7636 PolicyName *string `min:"1" type:"string"` 7637 7638 // The Amazon Web Services account that created the Firewall Manager policy. 7639 PolicyOwner *string `min:"1" type:"string"` 7640} 7641 7642// String returns the string representation. 7643// 7644// API parameter values that are decorated as "sensitive" in the API will not 7645// be included in the string output. The member name will be present, but the 7646// value will be replaced with "sensitive". 7647func (s PolicyComplianceStatus) String() string { 7648 return awsutil.Prettify(s) 7649} 7650 7651// GoString returns the string representation. 7652// 7653// API parameter values that are decorated as "sensitive" in the API will not 7654// be included in the string output. The member name will be present, but the 7655// value will be replaced with "sensitive". 7656func (s PolicyComplianceStatus) GoString() string { 7657 return s.String() 7658} 7659 7660// SetEvaluationResults sets the EvaluationResults field's value. 7661func (s *PolicyComplianceStatus) SetEvaluationResults(v []*EvaluationResult) *PolicyComplianceStatus { 7662 s.EvaluationResults = v 7663 return s 7664} 7665 7666// SetIssueInfoMap sets the IssueInfoMap field's value. 7667func (s *PolicyComplianceStatus) SetIssueInfoMap(v map[string]*string) *PolicyComplianceStatus { 7668 s.IssueInfoMap = v 7669 return s 7670} 7671 7672// SetLastUpdated sets the LastUpdated field's value. 7673func (s *PolicyComplianceStatus) SetLastUpdated(v time.Time) *PolicyComplianceStatus { 7674 s.LastUpdated = &v 7675 return s 7676} 7677 7678// SetMemberAccount sets the MemberAccount field's value. 7679func (s *PolicyComplianceStatus) SetMemberAccount(v string) *PolicyComplianceStatus { 7680 s.MemberAccount = &v 7681 return s 7682} 7683 7684// SetPolicyId sets the PolicyId field's value. 7685func (s *PolicyComplianceStatus) SetPolicyId(v string) *PolicyComplianceStatus { 7686 s.PolicyId = &v 7687 return s 7688} 7689 7690// SetPolicyName sets the PolicyName field's value. 7691func (s *PolicyComplianceStatus) SetPolicyName(v string) *PolicyComplianceStatus { 7692 s.PolicyName = &v 7693 return s 7694} 7695 7696// SetPolicyOwner sets the PolicyOwner field's value. 7697func (s *PolicyComplianceStatus) SetPolicyOwner(v string) *PolicyComplianceStatus { 7698 s.PolicyOwner = &v 7699 return s 7700} 7701 7702// Details of the Firewall Manager policy. 7703type PolicySummary struct { 7704 _ struct{} `type:"structure"` 7705 7706 // Indicates whether Firewall Manager should delete Firewall Manager managed 7707 // resources, such as web ACLs and security groups, when they are not in use 7708 // by the Firewall Manager policy. By default, Firewall Manager doesn't delete 7709 // unused Firewall Manager managed resources. This option is not available for 7710 // Shield Advanced or WAF Classic policies. 7711 DeleteUnusedFMManagedResources *bool `type:"boolean"` 7712 7713 // The Amazon Resource Name (ARN) of the specified policy. 7714 PolicyArn *string `min:"1" type:"string"` 7715 7716 // The ID of the specified policy. 7717 PolicyId *string `min:"36" type:"string"` 7718 7719 // The name of the specified policy. 7720 PolicyName *string `min:"1" type:"string"` 7721 7722 // Indicates if the policy should be automatically applied to new resources. 7723 RemediationEnabled *bool `type:"boolean"` 7724 7725 // The type of resource protected by or in scope of the policy. This is in the 7726 // format shown in the Amazon Web Services Resource Types Reference (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html). 7727 // For WAF and Shield Advanced, examples include AWS::ElasticLoadBalancingV2::LoadBalancer 7728 // and AWS::CloudFront::Distribution. For a security group common policy, valid 7729 // values are AWS::EC2::NetworkInterface and AWS::EC2::Instance. For a security 7730 // group content audit policy, valid values are AWS::EC2::SecurityGroup, AWS::EC2::NetworkInterface, 7731 // and AWS::EC2::Instance. For a security group usage audit policy, the value 7732 // is AWS::EC2::SecurityGroup. For an Network Firewall policy or DNS Firewall 7733 // policy, the value is AWS::EC2::VPC. 7734 ResourceType *string `min:"1" type:"string"` 7735 7736 // The service that the policy is using to protect the resources. This specifies 7737 // the type of policy that is created, either an WAF policy, a Shield Advanced 7738 // policy, or a security group policy. 7739 SecurityServiceType *string `type:"string" enum:"SecurityServiceType"` 7740} 7741 7742// String returns the string representation. 7743// 7744// API parameter values that are decorated as "sensitive" in the API will not 7745// be included in the string output. The member name will be present, but the 7746// value will be replaced with "sensitive". 7747func (s PolicySummary) String() string { 7748 return awsutil.Prettify(s) 7749} 7750 7751// GoString returns the string representation. 7752// 7753// API parameter values that are decorated as "sensitive" in the API will not 7754// be included in the string output. The member name will be present, but the 7755// value will be replaced with "sensitive". 7756func (s PolicySummary) GoString() string { 7757 return s.String() 7758} 7759 7760// SetDeleteUnusedFMManagedResources sets the DeleteUnusedFMManagedResources field's value. 7761func (s *PolicySummary) SetDeleteUnusedFMManagedResources(v bool) *PolicySummary { 7762 s.DeleteUnusedFMManagedResources = &v 7763 return s 7764} 7765 7766// SetPolicyArn sets the PolicyArn field's value. 7767func (s *PolicySummary) SetPolicyArn(v string) *PolicySummary { 7768 s.PolicyArn = &v 7769 return s 7770} 7771 7772// SetPolicyId sets the PolicyId field's value. 7773func (s *PolicySummary) SetPolicyId(v string) *PolicySummary { 7774 s.PolicyId = &v 7775 return s 7776} 7777 7778// SetPolicyName sets the PolicyName field's value. 7779func (s *PolicySummary) SetPolicyName(v string) *PolicySummary { 7780 s.PolicyName = &v 7781 return s 7782} 7783 7784// SetRemediationEnabled sets the RemediationEnabled field's value. 7785func (s *PolicySummary) SetRemediationEnabled(v bool) *PolicySummary { 7786 s.RemediationEnabled = &v 7787 return s 7788} 7789 7790// SetResourceType sets the ResourceType field's value. 7791func (s *PolicySummary) SetResourceType(v string) *PolicySummary { 7792 s.ResourceType = &v 7793 return s 7794} 7795 7796// SetSecurityServiceType sets the SecurityServiceType field's value. 7797func (s *PolicySummary) SetSecurityServiceType(v string) *PolicySummary { 7798 s.SecurityServiceType = &v 7799 return s 7800} 7801 7802// A list of remediation actions. 7803type PossibleRemediationAction struct { 7804 _ struct{} `type:"structure"` 7805 7806 // A description of the list of remediation actions. 7807 Description *string `type:"string"` 7808 7809 // Information about whether an action is taken by default. 7810 IsDefaultAction *bool `type:"boolean"` 7811 7812 // The ordered list of remediation actions. 7813 // 7814 // OrderedRemediationActions is a required field 7815 OrderedRemediationActions []*RemediationActionWithOrder `type:"list" required:"true"` 7816} 7817 7818// String returns the string representation. 7819// 7820// API parameter values that are decorated as "sensitive" in the API will not 7821// be included in the string output. The member name will be present, but the 7822// value will be replaced with "sensitive". 7823func (s PossibleRemediationAction) String() string { 7824 return awsutil.Prettify(s) 7825} 7826 7827// GoString returns the string representation. 7828// 7829// API parameter values that are decorated as "sensitive" in the API will not 7830// be included in the string output. The member name will be present, but the 7831// value will be replaced with "sensitive". 7832func (s PossibleRemediationAction) GoString() string { 7833 return s.String() 7834} 7835 7836// SetDescription sets the Description field's value. 7837func (s *PossibleRemediationAction) SetDescription(v string) *PossibleRemediationAction { 7838 s.Description = &v 7839 return s 7840} 7841 7842// SetIsDefaultAction sets the IsDefaultAction field's value. 7843func (s *PossibleRemediationAction) SetIsDefaultAction(v bool) *PossibleRemediationAction { 7844 s.IsDefaultAction = &v 7845 return s 7846} 7847 7848// SetOrderedRemediationActions sets the OrderedRemediationActions field's value. 7849func (s *PossibleRemediationAction) SetOrderedRemediationActions(v []*RemediationActionWithOrder) *PossibleRemediationAction { 7850 s.OrderedRemediationActions = v 7851 return s 7852} 7853 7854// A list of possible remediation action lists. Each individual possible remediation 7855// action is a list of individual remediation actions. 7856type PossibleRemediationActions struct { 7857 _ struct{} `type:"structure"` 7858 7859 // Information about the actions. 7860 Actions []*PossibleRemediationAction `type:"list"` 7861 7862 // A description of the possible remediation actions list. 7863 Description *string `type:"string"` 7864} 7865 7866// String returns the string representation. 7867// 7868// API parameter values that are decorated as "sensitive" in the API will not 7869// be included in the string output. The member name will be present, but the 7870// value will be replaced with "sensitive". 7871func (s PossibleRemediationActions) String() string { 7872 return awsutil.Prettify(s) 7873} 7874 7875// GoString returns the string representation. 7876// 7877// API parameter values that are decorated as "sensitive" in the API will not 7878// be included in the string output. The member name will be present, but the 7879// value will be replaced with "sensitive". 7880func (s PossibleRemediationActions) GoString() string { 7881 return s.String() 7882} 7883 7884// SetActions sets the Actions field's value. 7885func (s *PossibleRemediationActions) SetActions(v []*PossibleRemediationAction) *PossibleRemediationActions { 7886 s.Actions = v 7887 return s 7888} 7889 7890// SetDescription sets the Description field's value. 7891func (s *PossibleRemediationActions) SetDescription(v string) *PossibleRemediationActions { 7892 s.Description = &v 7893 return s 7894} 7895 7896// An Firewall Manager protocols list. 7897type ProtocolsListData struct { 7898 _ struct{} `type:"structure"` 7899 7900 // The time that the Firewall Manager protocols list was created. 7901 CreateTime *time.Time `type:"timestamp"` 7902 7903 // The time that the Firewall Manager protocols list was last updated. 7904 LastUpdateTime *time.Time `type:"timestamp"` 7905 7906 // The ID of the Firewall Manager protocols list. 7907 ListId *string `min:"36" type:"string"` 7908 7909 // The name of the Firewall Manager protocols list. 7910 // 7911 // ListName is a required field 7912 ListName *string `min:"1" type:"string" required:"true"` 7913 7914 // A unique identifier for each update to the list. When you update the list, 7915 // the update token must match the token of the current version of the application 7916 // list. You can retrieve the update token by getting the list. 7917 ListUpdateToken *string `min:"1" type:"string"` 7918 7919 // A map of previous version numbers to their corresponding protocol arrays. 7920 PreviousProtocolsList map[string][]*string `type:"map"` 7921 7922 // An array of protocols in the Firewall Manager protocols list. 7923 // 7924 // ProtocolsList is a required field 7925 ProtocolsList []*string `type:"list" required:"true"` 7926} 7927 7928// String returns the string representation. 7929// 7930// API parameter values that are decorated as "sensitive" in the API will not 7931// be included in the string output. The member name will be present, but the 7932// value will be replaced with "sensitive". 7933func (s ProtocolsListData) String() string { 7934 return awsutil.Prettify(s) 7935} 7936 7937// GoString returns the string representation. 7938// 7939// API parameter values that are decorated as "sensitive" in the API will not 7940// be included in the string output. The member name will be present, but the 7941// value will be replaced with "sensitive". 7942func (s ProtocolsListData) GoString() string { 7943 return s.String() 7944} 7945 7946// Validate inspects the fields of the type to determine if they are valid. 7947func (s *ProtocolsListData) Validate() error { 7948 invalidParams := request.ErrInvalidParams{Context: "ProtocolsListData"} 7949 if s.ListId != nil && len(*s.ListId) < 36 { 7950 invalidParams.Add(request.NewErrParamMinLen("ListId", 36)) 7951 } 7952 if s.ListName == nil { 7953 invalidParams.Add(request.NewErrParamRequired("ListName")) 7954 } 7955 if s.ListName != nil && len(*s.ListName) < 1 { 7956 invalidParams.Add(request.NewErrParamMinLen("ListName", 1)) 7957 } 7958 if s.ListUpdateToken != nil && len(*s.ListUpdateToken) < 1 { 7959 invalidParams.Add(request.NewErrParamMinLen("ListUpdateToken", 1)) 7960 } 7961 if s.ProtocolsList == nil { 7962 invalidParams.Add(request.NewErrParamRequired("ProtocolsList")) 7963 } 7964 7965 if invalidParams.Len() > 0 { 7966 return invalidParams 7967 } 7968 return nil 7969} 7970 7971// SetCreateTime sets the CreateTime field's value. 7972func (s *ProtocolsListData) SetCreateTime(v time.Time) *ProtocolsListData { 7973 s.CreateTime = &v 7974 return s 7975} 7976 7977// SetLastUpdateTime sets the LastUpdateTime field's value. 7978func (s *ProtocolsListData) SetLastUpdateTime(v time.Time) *ProtocolsListData { 7979 s.LastUpdateTime = &v 7980 return s 7981} 7982 7983// SetListId sets the ListId field's value. 7984func (s *ProtocolsListData) SetListId(v string) *ProtocolsListData { 7985 s.ListId = &v 7986 return s 7987} 7988 7989// SetListName sets the ListName field's value. 7990func (s *ProtocolsListData) SetListName(v string) *ProtocolsListData { 7991 s.ListName = &v 7992 return s 7993} 7994 7995// SetListUpdateToken sets the ListUpdateToken field's value. 7996func (s *ProtocolsListData) SetListUpdateToken(v string) *ProtocolsListData { 7997 s.ListUpdateToken = &v 7998 return s 7999} 8000 8001// SetPreviousProtocolsList sets the PreviousProtocolsList field's value. 8002func (s *ProtocolsListData) SetPreviousProtocolsList(v map[string][]*string) *ProtocolsListData { 8003 s.PreviousProtocolsList = v 8004 return s 8005} 8006 8007// SetProtocolsList sets the ProtocolsList field's value. 8008func (s *ProtocolsListData) SetProtocolsList(v []*string) *ProtocolsListData { 8009 s.ProtocolsList = v 8010 return s 8011} 8012 8013// Details of the Firewall Manager protocols list. 8014type ProtocolsListDataSummary struct { 8015 _ struct{} `type:"structure"` 8016 8017 // The Amazon Resource Name (ARN) of the specified protocols list. 8018 ListArn *string `min:"1" type:"string"` 8019 8020 // The ID of the specified protocols list. 8021 ListId *string `min:"36" type:"string"` 8022 8023 // The name of the specified protocols list. 8024 ListName *string `min:"1" type:"string"` 8025 8026 // An array of protocols in the Firewall Manager protocols list. 8027 ProtocolsList []*string `type:"list"` 8028} 8029 8030// String returns the string representation. 8031// 8032// API parameter values that are decorated as "sensitive" in the API will not 8033// be included in the string output. The member name will be present, but the 8034// value will be replaced with "sensitive". 8035func (s ProtocolsListDataSummary) String() string { 8036 return awsutil.Prettify(s) 8037} 8038 8039// GoString returns the string representation. 8040// 8041// API parameter values that are decorated as "sensitive" in the API will not 8042// be included in the string output. The member name will be present, but the 8043// value will be replaced with "sensitive". 8044func (s ProtocolsListDataSummary) GoString() string { 8045 return s.String() 8046} 8047 8048// SetListArn sets the ListArn field's value. 8049func (s *ProtocolsListDataSummary) SetListArn(v string) *ProtocolsListDataSummary { 8050 s.ListArn = &v 8051 return s 8052} 8053 8054// SetListId sets the ListId field's value. 8055func (s *ProtocolsListDataSummary) SetListId(v string) *ProtocolsListDataSummary { 8056 s.ListId = &v 8057 return s 8058} 8059 8060// SetListName sets the ListName field's value. 8061func (s *ProtocolsListDataSummary) SetListName(v string) *ProtocolsListDataSummary { 8062 s.ListName = &v 8063 return s 8064} 8065 8066// SetProtocolsList sets the ProtocolsList field's value. 8067func (s *ProtocolsListDataSummary) SetProtocolsList(v []*string) *ProtocolsListDataSummary { 8068 s.ProtocolsList = v 8069 return s 8070} 8071 8072type PutAppsListInput struct { 8073 _ struct{} `type:"structure"` 8074 8075 // The details of the Firewall Manager applications list to be created. 8076 // 8077 // AppsList is a required field 8078 AppsList *AppsListData `type:"structure" required:"true"` 8079 8080 // The tags associated with the resource. 8081 TagList []*Tag `type:"list"` 8082} 8083 8084// String returns the string representation. 8085// 8086// API parameter values that are decorated as "sensitive" in the API will not 8087// be included in the string output. The member name will be present, but the 8088// value will be replaced with "sensitive". 8089func (s PutAppsListInput) String() string { 8090 return awsutil.Prettify(s) 8091} 8092 8093// GoString returns the string representation. 8094// 8095// API parameter values that are decorated as "sensitive" in the API will not 8096// be included in the string output. The member name will be present, but the 8097// value will be replaced with "sensitive". 8098func (s PutAppsListInput) GoString() string { 8099 return s.String() 8100} 8101 8102// Validate inspects the fields of the type to determine if they are valid. 8103func (s *PutAppsListInput) Validate() error { 8104 invalidParams := request.ErrInvalidParams{Context: "PutAppsListInput"} 8105 if s.AppsList == nil { 8106 invalidParams.Add(request.NewErrParamRequired("AppsList")) 8107 } 8108 if s.AppsList != nil { 8109 if err := s.AppsList.Validate(); err != nil { 8110 invalidParams.AddNested("AppsList", err.(request.ErrInvalidParams)) 8111 } 8112 } 8113 if s.TagList != nil { 8114 for i, v := range s.TagList { 8115 if v == nil { 8116 continue 8117 } 8118 if err := v.Validate(); err != nil { 8119 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 8120 } 8121 } 8122 } 8123 8124 if invalidParams.Len() > 0 { 8125 return invalidParams 8126 } 8127 return nil 8128} 8129 8130// SetAppsList sets the AppsList field's value. 8131func (s *PutAppsListInput) SetAppsList(v *AppsListData) *PutAppsListInput { 8132 s.AppsList = v 8133 return s 8134} 8135 8136// SetTagList sets the TagList field's value. 8137func (s *PutAppsListInput) SetTagList(v []*Tag) *PutAppsListInput { 8138 s.TagList = v 8139 return s 8140} 8141 8142type PutAppsListOutput struct { 8143 _ struct{} `type:"structure"` 8144 8145 // The details of the Firewall Manager applications list. 8146 AppsList *AppsListData `type:"structure"` 8147 8148 // The Amazon Resource Name (ARN) of the applications list. 8149 AppsListArn *string `min:"1" type:"string"` 8150} 8151 8152// String returns the string representation. 8153// 8154// API parameter values that are decorated as "sensitive" in the API will not 8155// be included in the string output. The member name will be present, but the 8156// value will be replaced with "sensitive". 8157func (s PutAppsListOutput) String() string { 8158 return awsutil.Prettify(s) 8159} 8160 8161// GoString returns the string representation. 8162// 8163// API parameter values that are decorated as "sensitive" in the API will not 8164// be included in the string output. The member name will be present, but the 8165// value will be replaced with "sensitive". 8166func (s PutAppsListOutput) GoString() string { 8167 return s.String() 8168} 8169 8170// SetAppsList sets the AppsList field's value. 8171func (s *PutAppsListOutput) SetAppsList(v *AppsListData) *PutAppsListOutput { 8172 s.AppsList = v 8173 return s 8174} 8175 8176// SetAppsListArn sets the AppsListArn field's value. 8177func (s *PutAppsListOutput) SetAppsListArn(v string) *PutAppsListOutput { 8178 s.AppsListArn = &v 8179 return s 8180} 8181 8182type PutNotificationChannelInput struct { 8183 _ struct{} `type:"structure"` 8184 8185 // The Amazon Resource Name (ARN) of the IAM role that allows Amazon SNS to 8186 // record Firewall Manager activity. 8187 // 8188 // SnsRoleName is a required field 8189 SnsRoleName *string `min:"1" type:"string" required:"true"` 8190 8191 // The Amazon Resource Name (ARN) of the SNS topic that collects notifications 8192 // from Firewall Manager. 8193 // 8194 // SnsTopicArn is a required field 8195 SnsTopicArn *string `min:"1" type:"string" required:"true"` 8196} 8197 8198// String returns the string representation. 8199// 8200// API parameter values that are decorated as "sensitive" in the API will not 8201// be included in the string output. The member name will be present, but the 8202// value will be replaced with "sensitive". 8203func (s PutNotificationChannelInput) String() string { 8204 return awsutil.Prettify(s) 8205} 8206 8207// GoString returns the string representation. 8208// 8209// API parameter values that are decorated as "sensitive" in the API will not 8210// be included in the string output. The member name will be present, but the 8211// value will be replaced with "sensitive". 8212func (s PutNotificationChannelInput) GoString() string { 8213 return s.String() 8214} 8215 8216// Validate inspects the fields of the type to determine if they are valid. 8217func (s *PutNotificationChannelInput) Validate() error { 8218 invalidParams := request.ErrInvalidParams{Context: "PutNotificationChannelInput"} 8219 if s.SnsRoleName == nil { 8220 invalidParams.Add(request.NewErrParamRequired("SnsRoleName")) 8221 } 8222 if s.SnsRoleName != nil && len(*s.SnsRoleName) < 1 { 8223 invalidParams.Add(request.NewErrParamMinLen("SnsRoleName", 1)) 8224 } 8225 if s.SnsTopicArn == nil { 8226 invalidParams.Add(request.NewErrParamRequired("SnsTopicArn")) 8227 } 8228 if s.SnsTopicArn != nil && len(*s.SnsTopicArn) < 1 { 8229 invalidParams.Add(request.NewErrParamMinLen("SnsTopicArn", 1)) 8230 } 8231 8232 if invalidParams.Len() > 0 { 8233 return invalidParams 8234 } 8235 return nil 8236} 8237 8238// SetSnsRoleName sets the SnsRoleName field's value. 8239func (s *PutNotificationChannelInput) SetSnsRoleName(v string) *PutNotificationChannelInput { 8240 s.SnsRoleName = &v 8241 return s 8242} 8243 8244// SetSnsTopicArn sets the SnsTopicArn field's value. 8245func (s *PutNotificationChannelInput) SetSnsTopicArn(v string) *PutNotificationChannelInput { 8246 s.SnsTopicArn = &v 8247 return s 8248} 8249 8250type PutNotificationChannelOutput struct { 8251 _ struct{} `type:"structure"` 8252} 8253 8254// String returns the string representation. 8255// 8256// API parameter values that are decorated as "sensitive" in the API will not 8257// be included in the string output. The member name will be present, but the 8258// value will be replaced with "sensitive". 8259func (s PutNotificationChannelOutput) String() string { 8260 return awsutil.Prettify(s) 8261} 8262 8263// GoString returns the string representation. 8264// 8265// API parameter values that are decorated as "sensitive" in the API will not 8266// be included in the string output. The member name will be present, but the 8267// value will be replaced with "sensitive". 8268func (s PutNotificationChannelOutput) GoString() string { 8269 return s.String() 8270} 8271 8272type PutPolicyInput struct { 8273 _ struct{} `type:"structure"` 8274 8275 // The details of the Firewall Manager policy to be created. 8276 // 8277 // Policy is a required field 8278 Policy *Policy `type:"structure" required:"true"` 8279 8280 // The tags to add to the Amazon Web Services resource. 8281 TagList []*Tag `type:"list"` 8282} 8283 8284// String returns the string representation. 8285// 8286// API parameter values that are decorated as "sensitive" in the API will not 8287// be included in the string output. The member name will be present, but the 8288// value will be replaced with "sensitive". 8289func (s PutPolicyInput) String() string { 8290 return awsutil.Prettify(s) 8291} 8292 8293// GoString returns the string representation. 8294// 8295// API parameter values that are decorated as "sensitive" in the API will not 8296// be included in the string output. The member name will be present, but the 8297// value will be replaced with "sensitive". 8298func (s PutPolicyInput) GoString() string { 8299 return s.String() 8300} 8301 8302// Validate inspects the fields of the type to determine if they are valid. 8303func (s *PutPolicyInput) Validate() error { 8304 invalidParams := request.ErrInvalidParams{Context: "PutPolicyInput"} 8305 if s.Policy == nil { 8306 invalidParams.Add(request.NewErrParamRequired("Policy")) 8307 } 8308 if s.Policy != nil { 8309 if err := s.Policy.Validate(); err != nil { 8310 invalidParams.AddNested("Policy", err.(request.ErrInvalidParams)) 8311 } 8312 } 8313 if s.TagList != nil { 8314 for i, v := range s.TagList { 8315 if v == nil { 8316 continue 8317 } 8318 if err := v.Validate(); err != nil { 8319 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 8320 } 8321 } 8322 } 8323 8324 if invalidParams.Len() > 0 { 8325 return invalidParams 8326 } 8327 return nil 8328} 8329 8330// SetPolicy sets the Policy field's value. 8331func (s *PutPolicyInput) SetPolicy(v *Policy) *PutPolicyInput { 8332 s.Policy = v 8333 return s 8334} 8335 8336// SetTagList sets the TagList field's value. 8337func (s *PutPolicyInput) SetTagList(v []*Tag) *PutPolicyInput { 8338 s.TagList = v 8339 return s 8340} 8341 8342type PutPolicyOutput struct { 8343 _ struct{} `type:"structure"` 8344 8345 // The details of the Firewall Manager policy. 8346 Policy *Policy `type:"structure"` 8347 8348 // The Amazon Resource Name (ARN) of the policy. 8349 PolicyArn *string `min:"1" type:"string"` 8350} 8351 8352// String returns the string representation. 8353// 8354// API parameter values that are decorated as "sensitive" in the API will not 8355// be included in the string output. The member name will be present, but the 8356// value will be replaced with "sensitive". 8357func (s PutPolicyOutput) String() string { 8358 return awsutil.Prettify(s) 8359} 8360 8361// GoString returns the string representation. 8362// 8363// API parameter values that are decorated as "sensitive" in the API will not 8364// be included in the string output. The member name will be present, but the 8365// value will be replaced with "sensitive". 8366func (s PutPolicyOutput) GoString() string { 8367 return s.String() 8368} 8369 8370// SetPolicy sets the Policy field's value. 8371func (s *PutPolicyOutput) SetPolicy(v *Policy) *PutPolicyOutput { 8372 s.Policy = v 8373 return s 8374} 8375 8376// SetPolicyArn sets the PolicyArn field's value. 8377func (s *PutPolicyOutput) SetPolicyArn(v string) *PutPolicyOutput { 8378 s.PolicyArn = &v 8379 return s 8380} 8381 8382type PutProtocolsListInput struct { 8383 _ struct{} `type:"structure"` 8384 8385 // The details of the Firewall Manager protocols list to be created. 8386 // 8387 // ProtocolsList is a required field 8388 ProtocolsList *ProtocolsListData `type:"structure" required:"true"` 8389 8390 // The tags associated with the resource. 8391 TagList []*Tag `type:"list"` 8392} 8393 8394// String returns the string representation. 8395// 8396// API parameter values that are decorated as "sensitive" in the API will not 8397// be included in the string output. The member name will be present, but the 8398// value will be replaced with "sensitive". 8399func (s PutProtocolsListInput) String() string { 8400 return awsutil.Prettify(s) 8401} 8402 8403// GoString returns the string representation. 8404// 8405// API parameter values that are decorated as "sensitive" in the API will not 8406// be included in the string output. The member name will be present, but the 8407// value will be replaced with "sensitive". 8408func (s PutProtocolsListInput) GoString() string { 8409 return s.String() 8410} 8411 8412// Validate inspects the fields of the type to determine if they are valid. 8413func (s *PutProtocolsListInput) Validate() error { 8414 invalidParams := request.ErrInvalidParams{Context: "PutProtocolsListInput"} 8415 if s.ProtocolsList == nil { 8416 invalidParams.Add(request.NewErrParamRequired("ProtocolsList")) 8417 } 8418 if s.ProtocolsList != nil { 8419 if err := s.ProtocolsList.Validate(); err != nil { 8420 invalidParams.AddNested("ProtocolsList", err.(request.ErrInvalidParams)) 8421 } 8422 } 8423 if s.TagList != nil { 8424 for i, v := range s.TagList { 8425 if v == nil { 8426 continue 8427 } 8428 if err := v.Validate(); err != nil { 8429 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 8430 } 8431 } 8432 } 8433 8434 if invalidParams.Len() > 0 { 8435 return invalidParams 8436 } 8437 return nil 8438} 8439 8440// SetProtocolsList sets the ProtocolsList field's value. 8441func (s *PutProtocolsListInput) SetProtocolsList(v *ProtocolsListData) *PutProtocolsListInput { 8442 s.ProtocolsList = v 8443 return s 8444} 8445 8446// SetTagList sets the TagList field's value. 8447func (s *PutProtocolsListInput) SetTagList(v []*Tag) *PutProtocolsListInput { 8448 s.TagList = v 8449 return s 8450} 8451 8452type PutProtocolsListOutput struct { 8453 _ struct{} `type:"structure"` 8454 8455 // The details of the Firewall Manager protocols list. 8456 ProtocolsList *ProtocolsListData `type:"structure"` 8457 8458 // The Amazon Resource Name (ARN) of the protocols list. 8459 ProtocolsListArn *string `min:"1" type:"string"` 8460} 8461 8462// String returns the string representation. 8463// 8464// API parameter values that are decorated as "sensitive" in the API will not 8465// be included in the string output. The member name will be present, but the 8466// value will be replaced with "sensitive". 8467func (s PutProtocolsListOutput) String() string { 8468 return awsutil.Prettify(s) 8469} 8470 8471// GoString returns the string representation. 8472// 8473// API parameter values that are decorated as "sensitive" in the API will not 8474// be included in the string output. The member name will be present, but the 8475// value will be replaced with "sensitive". 8476func (s PutProtocolsListOutput) GoString() string { 8477 return s.String() 8478} 8479 8480// SetProtocolsList sets the ProtocolsList field's value. 8481func (s *PutProtocolsListOutput) SetProtocolsList(v *ProtocolsListData) *PutProtocolsListOutput { 8482 s.ProtocolsList = v 8483 return s 8484} 8485 8486// SetProtocolsListArn sets the ProtocolsListArn field's value. 8487func (s *PutProtocolsListOutput) SetProtocolsListArn(v string) *PutProtocolsListOutput { 8488 s.ProtocolsListArn = &v 8489 return s 8490} 8491 8492// Information about an individual action you can take to remediate a violation. 8493type RemediationAction struct { 8494 _ struct{} `type:"structure"` 8495 8496 // A description of a remediation action. 8497 Description *string `type:"string"` 8498 8499 // Information about the AssociateRouteTable action in the Amazon EC2 API. 8500 EC2AssociateRouteTableAction *EC2AssociateRouteTableAction `type:"structure"` 8501 8502 // Information about the CopyRouteTable action in the Amazon EC2 API. 8503 EC2CopyRouteTableAction *EC2CopyRouteTableAction `type:"structure"` 8504 8505 // Information about the CreateRoute action in the Amazon EC2 API. 8506 EC2CreateRouteAction *EC2CreateRouteAction `type:"structure"` 8507 8508 // Information about the CreateRouteTable action in the Amazon EC2 API. 8509 EC2CreateRouteTableAction *EC2CreateRouteTableAction `type:"structure"` 8510 8511 // Information about the DeleteRoute action in the Amazon EC2 API. 8512 EC2DeleteRouteAction *EC2DeleteRouteAction `type:"structure"` 8513 8514 // Information about the ReplaceRoute action in the Amazon EC2 API. 8515 EC2ReplaceRouteAction *EC2ReplaceRouteAction `type:"structure"` 8516 8517 // Information about the ReplaceRouteTableAssociation action in the Amazon EC2 8518 // API. 8519 EC2ReplaceRouteTableAssociationAction *EC2ReplaceRouteTableAssociationAction `type:"structure"` 8520} 8521 8522// String returns the string representation. 8523// 8524// API parameter values that are decorated as "sensitive" in the API will not 8525// be included in the string output. The member name will be present, but the 8526// value will be replaced with "sensitive". 8527func (s RemediationAction) String() string { 8528 return awsutil.Prettify(s) 8529} 8530 8531// GoString returns the string representation. 8532// 8533// API parameter values that are decorated as "sensitive" in the API will not 8534// be included in the string output. The member name will be present, but the 8535// value will be replaced with "sensitive". 8536func (s RemediationAction) GoString() string { 8537 return s.String() 8538} 8539 8540// SetDescription sets the Description field's value. 8541func (s *RemediationAction) SetDescription(v string) *RemediationAction { 8542 s.Description = &v 8543 return s 8544} 8545 8546// SetEC2AssociateRouteTableAction sets the EC2AssociateRouteTableAction field's value. 8547func (s *RemediationAction) SetEC2AssociateRouteTableAction(v *EC2AssociateRouteTableAction) *RemediationAction { 8548 s.EC2AssociateRouteTableAction = v 8549 return s 8550} 8551 8552// SetEC2CopyRouteTableAction sets the EC2CopyRouteTableAction field's value. 8553func (s *RemediationAction) SetEC2CopyRouteTableAction(v *EC2CopyRouteTableAction) *RemediationAction { 8554 s.EC2CopyRouteTableAction = v 8555 return s 8556} 8557 8558// SetEC2CreateRouteAction sets the EC2CreateRouteAction field's value. 8559func (s *RemediationAction) SetEC2CreateRouteAction(v *EC2CreateRouteAction) *RemediationAction { 8560 s.EC2CreateRouteAction = v 8561 return s 8562} 8563 8564// SetEC2CreateRouteTableAction sets the EC2CreateRouteTableAction field's value. 8565func (s *RemediationAction) SetEC2CreateRouteTableAction(v *EC2CreateRouteTableAction) *RemediationAction { 8566 s.EC2CreateRouteTableAction = v 8567 return s 8568} 8569 8570// SetEC2DeleteRouteAction sets the EC2DeleteRouteAction field's value. 8571func (s *RemediationAction) SetEC2DeleteRouteAction(v *EC2DeleteRouteAction) *RemediationAction { 8572 s.EC2DeleteRouteAction = v 8573 return s 8574} 8575 8576// SetEC2ReplaceRouteAction sets the EC2ReplaceRouteAction field's value. 8577func (s *RemediationAction) SetEC2ReplaceRouteAction(v *EC2ReplaceRouteAction) *RemediationAction { 8578 s.EC2ReplaceRouteAction = v 8579 return s 8580} 8581 8582// SetEC2ReplaceRouteTableAssociationAction sets the EC2ReplaceRouteTableAssociationAction field's value. 8583func (s *RemediationAction) SetEC2ReplaceRouteTableAssociationAction(v *EC2ReplaceRouteTableAssociationAction) *RemediationAction { 8584 s.EC2ReplaceRouteTableAssociationAction = v 8585 return s 8586} 8587 8588// An ordered list of actions you can take to remediate a violation. 8589type RemediationActionWithOrder struct { 8590 _ struct{} `type:"structure"` 8591 8592 // The order of the remediation actions in the list. 8593 Order *int64 `type:"integer"` 8594 8595 // Information about an action you can take to remediate a violation. 8596 RemediationAction *RemediationAction `type:"structure"` 8597} 8598 8599// String returns the string representation. 8600// 8601// API parameter values that are decorated as "sensitive" in the API will not 8602// be included in the string output. The member name will be present, but the 8603// value will be replaced with "sensitive". 8604func (s RemediationActionWithOrder) String() string { 8605 return awsutil.Prettify(s) 8606} 8607 8608// GoString returns the string representation. 8609// 8610// API parameter values that are decorated as "sensitive" in the API will not 8611// be included in the string output. The member name will be present, but the 8612// value will be replaced with "sensitive". 8613func (s RemediationActionWithOrder) GoString() string { 8614 return s.String() 8615} 8616 8617// SetOrder sets the Order field's value. 8618func (s *RemediationActionWithOrder) SetOrder(v int64) *RemediationActionWithOrder { 8619 s.Order = &v 8620 return s 8621} 8622 8623// SetRemediationAction sets the RemediationAction field's value. 8624func (s *RemediationActionWithOrder) SetRemediationAction(v *RemediationAction) *RemediationActionWithOrder { 8625 s.RemediationAction = v 8626 return s 8627} 8628 8629// The specified resource was not found. 8630type ResourceNotFoundException struct { 8631 _ struct{} `type:"structure"` 8632 RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` 8633 8634 Message_ *string `locationName:"Message" type:"string"` 8635} 8636 8637// String returns the string representation. 8638// 8639// API parameter values that are decorated as "sensitive" in the API will not 8640// be included in the string output. The member name will be present, but the 8641// value will be replaced with "sensitive". 8642func (s ResourceNotFoundException) String() string { 8643 return awsutil.Prettify(s) 8644} 8645 8646// GoString returns the string representation. 8647// 8648// API parameter values that are decorated as "sensitive" in the API will not 8649// be included in the string output. The member name will be present, but the 8650// value will be replaced with "sensitive". 8651func (s ResourceNotFoundException) GoString() string { 8652 return s.String() 8653} 8654 8655func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { 8656 return &ResourceNotFoundException{ 8657 RespMetadata: v, 8658 } 8659} 8660 8661// Code returns the exception type name. 8662func (s *ResourceNotFoundException) Code() string { 8663 return "ResourceNotFoundException" 8664} 8665 8666// Message returns the exception's message. 8667func (s *ResourceNotFoundException) Message() string { 8668 if s.Message_ != nil { 8669 return *s.Message_ 8670 } 8671 return "" 8672} 8673 8674// OrigErr always returns nil, satisfies awserr.Error interface. 8675func (s *ResourceNotFoundException) OrigErr() error { 8676 return nil 8677} 8678 8679func (s *ResourceNotFoundException) Error() string { 8680 return fmt.Sprintf("%s: %s", s.Code(), s.Message()) 8681} 8682 8683// Status code returns the HTTP status code for the request's response error. 8684func (s *ResourceNotFoundException) StatusCode() int { 8685 return s.RespMetadata.StatusCode 8686} 8687 8688// RequestID returns the service's response RequestID for request. 8689func (s *ResourceNotFoundException) RequestID() string { 8690 return s.RespMetadata.RequestID 8691} 8692 8693// The resource tags that Firewall Manager uses to determine if a particular 8694// resource should be included or excluded from the Firewall Manager policy. 8695// Tags enable you to categorize your Amazon Web Services resources in different 8696// ways, for example, by purpose, owner, or environment. Each tag consists of 8697// a key and an optional value. Firewall Manager combines the tags with "AND" 8698// so that, if you add more than one tag to a policy scope, a resource must 8699// have all the specified tags to be included or excluded. For more information, 8700// see Working with Tag Editor (https://docs.aws.amazon.com/awsconsolehelpdocs/latest/gsg/tag-editor.html). 8701type ResourceTag struct { 8702 _ struct{} `type:"structure"` 8703 8704 // The resource tag key. 8705 // 8706 // Key is a required field 8707 Key *string `min:"1" type:"string" required:"true"` 8708 8709 // The resource tag value. 8710 Value *string `type:"string"` 8711} 8712 8713// String returns the string representation. 8714// 8715// API parameter values that are decorated as "sensitive" in the API will not 8716// be included in the string output. The member name will be present, but the 8717// value will be replaced with "sensitive". 8718func (s ResourceTag) String() string { 8719 return awsutil.Prettify(s) 8720} 8721 8722// GoString returns the string representation. 8723// 8724// API parameter values that are decorated as "sensitive" in the API will not 8725// be included in the string output. The member name will be present, but the 8726// value will be replaced with "sensitive". 8727func (s ResourceTag) GoString() string { 8728 return s.String() 8729} 8730 8731// Validate inspects the fields of the type to determine if they are valid. 8732func (s *ResourceTag) Validate() error { 8733 invalidParams := request.ErrInvalidParams{Context: "ResourceTag"} 8734 if s.Key == nil { 8735 invalidParams.Add(request.NewErrParamRequired("Key")) 8736 } 8737 if s.Key != nil && len(*s.Key) < 1 { 8738 invalidParams.Add(request.NewErrParamMinLen("Key", 1)) 8739 } 8740 8741 if invalidParams.Len() > 0 { 8742 return invalidParams 8743 } 8744 return nil 8745} 8746 8747// SetKey sets the Key field's value. 8748func (s *ResourceTag) SetKey(v string) *ResourceTag { 8749 s.Key = &v 8750 return s 8751} 8752 8753// SetValue sets the Value field's value. 8754func (s *ResourceTag) SetValue(v string) *ResourceTag { 8755 s.Value = &v 8756 return s 8757} 8758 8759// Violation detail based on resource type. 8760type ResourceViolation struct { 8761 _ struct{} `type:"structure"` 8762 8763 // Violation detail for an EC2 instance. 8764 AwsEc2InstanceViolation *AwsEc2InstanceViolation `type:"structure"` 8765 8766 // Violation detail for a network interface. 8767 AwsEc2NetworkInterfaceViolation *AwsEc2NetworkInterfaceViolation `type:"structure"` 8768 8769 // Violation detail for security groups. 8770 AwsVPCSecurityGroupViolation *AwsVPCSecurityGroupViolation `type:"structure"` 8771 8772 // Violation detail for a DNS Firewall policy that indicates that a rule group 8773 // that Firewall Manager tried to associate with a VPC is already associated 8774 // with the VPC and can't be associated again. 8775 DnsDuplicateRuleGroupViolation *DnsDuplicateRuleGroupViolation `type:"structure"` 8776 8777 // Violation detail for a DNS Firewall policy that indicates that the VPC reached 8778 // the limit for associated DNS Firewall rule groups. Firewall Manager tried 8779 // to associate another rule group with the VPC and failed. 8780 DnsRuleGroupLimitExceededViolation *DnsRuleGroupLimitExceededViolation `type:"structure"` 8781 8782 // Violation detail for a DNS Firewall policy that indicates that a rule group 8783 // that Firewall Manager tried to associate with a VPC has the same priority 8784 // as a rule group that's already associated. 8785 DnsRuleGroupPriorityConflictViolation *DnsRuleGroupPriorityConflictViolation `type:"structure"` 8786 8787 // Violation detail for an internet gateway route with an inactive state in 8788 // the customer subnet route table or Network Firewall subnet route table. 8789 NetworkFirewallBlackHoleRouteDetectedViolation *NetworkFirewallBlackHoleRouteDetectedViolation `type:"structure"` 8790 8791 // Violation detail for the subnet for which internet traffic hasn't been inspected. 8792 NetworkFirewallInternetTrafficNotInspectedViolation *NetworkFirewallInternetTrafficNotInspectedViolation `type:"structure"` 8793 8794 // The route configuration is invalid. 8795 NetworkFirewallInvalidRouteConfigurationViolation *NetworkFirewallInvalidRouteConfigurationViolation `type:"structure"` 8796 8797 // Violation detail for an Network Firewall policy that indicates that a subnet 8798 // is not associated with the expected Firewall Manager managed route table. 8799 NetworkFirewallMissingExpectedRTViolation *NetworkFirewallMissingExpectedRTViolation `type:"structure"` 8800 8801 // Expected routes are missing from Network Firewall. 8802 NetworkFirewallMissingExpectedRoutesViolation *NetworkFirewallMissingExpectedRoutesViolation `type:"structure"` 8803 8804 // Violation detail for an Network Firewall policy that indicates that a subnet 8805 // has no Firewall Manager managed firewall in its VPC. 8806 NetworkFirewallMissingFirewallViolation *NetworkFirewallMissingFirewallViolation `type:"structure"` 8807 8808 // Violation detail for an Network Firewall policy that indicates that an Availability 8809 // Zone is missing the expected Firewall Manager managed subnet. 8810 NetworkFirewallMissingSubnetViolation *NetworkFirewallMissingSubnetViolation `type:"structure"` 8811 8812 // Violation detail for an Network Firewall policy that indicates that a firewall 8813 // policy in an individual account has been modified in a way that makes it 8814 // noncompliant. For example, the individual account owner might have deleted 8815 // a rule group, changed the priority of a stateless rule group, or changed 8816 // a policy default action. 8817 NetworkFirewallPolicyModifiedViolation *NetworkFirewallPolicyModifiedViolation `type:"structure"` 8818 8819 // There's an unexpected firewall route. 8820 NetworkFirewallUnexpectedFirewallRoutesViolation *NetworkFirewallUnexpectedFirewallRoutesViolation `type:"structure"` 8821 8822 // There's an unexpected gateway route. 8823 NetworkFirewallUnexpectedGatewayRoutesViolation *NetworkFirewallUnexpectedGatewayRoutesViolation `type:"structure"` 8824 8825 // A list of possible remediation action lists. Each individual possible remediation 8826 // action is a list of individual remediation actions. 8827 PossibleRemediationActions *PossibleRemediationActions `type:"structure"` 8828} 8829 8830// String returns the string representation. 8831// 8832// API parameter values that are decorated as "sensitive" in the API will not 8833// be included in the string output. The member name will be present, but the 8834// value will be replaced with "sensitive". 8835func (s ResourceViolation) String() string { 8836 return awsutil.Prettify(s) 8837} 8838 8839// GoString returns the string representation. 8840// 8841// API parameter values that are decorated as "sensitive" in the API will not 8842// be included in the string output. The member name will be present, but the 8843// value will be replaced with "sensitive". 8844func (s ResourceViolation) GoString() string { 8845 return s.String() 8846} 8847 8848// SetAwsEc2InstanceViolation sets the AwsEc2InstanceViolation field's value. 8849func (s *ResourceViolation) SetAwsEc2InstanceViolation(v *AwsEc2InstanceViolation) *ResourceViolation { 8850 s.AwsEc2InstanceViolation = v 8851 return s 8852} 8853 8854// SetAwsEc2NetworkInterfaceViolation sets the AwsEc2NetworkInterfaceViolation field's value. 8855func (s *ResourceViolation) SetAwsEc2NetworkInterfaceViolation(v *AwsEc2NetworkInterfaceViolation) *ResourceViolation { 8856 s.AwsEc2NetworkInterfaceViolation = v 8857 return s 8858} 8859 8860// SetAwsVPCSecurityGroupViolation sets the AwsVPCSecurityGroupViolation field's value. 8861func (s *ResourceViolation) SetAwsVPCSecurityGroupViolation(v *AwsVPCSecurityGroupViolation) *ResourceViolation { 8862 s.AwsVPCSecurityGroupViolation = v 8863 return s 8864} 8865 8866// SetDnsDuplicateRuleGroupViolation sets the DnsDuplicateRuleGroupViolation field's value. 8867func (s *ResourceViolation) SetDnsDuplicateRuleGroupViolation(v *DnsDuplicateRuleGroupViolation) *ResourceViolation { 8868 s.DnsDuplicateRuleGroupViolation = v 8869 return s 8870} 8871 8872// SetDnsRuleGroupLimitExceededViolation sets the DnsRuleGroupLimitExceededViolation field's value. 8873func (s *ResourceViolation) SetDnsRuleGroupLimitExceededViolation(v *DnsRuleGroupLimitExceededViolation) *ResourceViolation { 8874 s.DnsRuleGroupLimitExceededViolation = v 8875 return s 8876} 8877 8878// SetDnsRuleGroupPriorityConflictViolation sets the DnsRuleGroupPriorityConflictViolation field's value. 8879func (s *ResourceViolation) SetDnsRuleGroupPriorityConflictViolation(v *DnsRuleGroupPriorityConflictViolation) *ResourceViolation { 8880 s.DnsRuleGroupPriorityConflictViolation = v 8881 return s 8882} 8883 8884// SetNetworkFirewallBlackHoleRouteDetectedViolation sets the NetworkFirewallBlackHoleRouteDetectedViolation field's value. 8885func (s *ResourceViolation) SetNetworkFirewallBlackHoleRouteDetectedViolation(v *NetworkFirewallBlackHoleRouteDetectedViolation) *ResourceViolation { 8886 s.NetworkFirewallBlackHoleRouteDetectedViolation = v 8887 return s 8888} 8889 8890// SetNetworkFirewallInternetTrafficNotInspectedViolation sets the NetworkFirewallInternetTrafficNotInspectedViolation field's value. 8891func (s *ResourceViolation) SetNetworkFirewallInternetTrafficNotInspectedViolation(v *NetworkFirewallInternetTrafficNotInspectedViolation) *ResourceViolation { 8892 s.NetworkFirewallInternetTrafficNotInspectedViolation = v 8893 return s 8894} 8895 8896// SetNetworkFirewallInvalidRouteConfigurationViolation sets the NetworkFirewallInvalidRouteConfigurationViolation field's value. 8897func (s *ResourceViolation) SetNetworkFirewallInvalidRouteConfigurationViolation(v *NetworkFirewallInvalidRouteConfigurationViolation) *ResourceViolation { 8898 s.NetworkFirewallInvalidRouteConfigurationViolation = v 8899 return s 8900} 8901 8902// SetNetworkFirewallMissingExpectedRTViolation sets the NetworkFirewallMissingExpectedRTViolation field's value. 8903func (s *ResourceViolation) SetNetworkFirewallMissingExpectedRTViolation(v *NetworkFirewallMissingExpectedRTViolation) *ResourceViolation { 8904 s.NetworkFirewallMissingExpectedRTViolation = v 8905 return s 8906} 8907 8908// SetNetworkFirewallMissingExpectedRoutesViolation sets the NetworkFirewallMissingExpectedRoutesViolation field's value. 8909func (s *ResourceViolation) SetNetworkFirewallMissingExpectedRoutesViolation(v *NetworkFirewallMissingExpectedRoutesViolation) *ResourceViolation { 8910 s.NetworkFirewallMissingExpectedRoutesViolation = v 8911 return s 8912} 8913 8914// SetNetworkFirewallMissingFirewallViolation sets the NetworkFirewallMissingFirewallViolation field's value. 8915func (s *ResourceViolation) SetNetworkFirewallMissingFirewallViolation(v *NetworkFirewallMissingFirewallViolation) *ResourceViolation { 8916 s.NetworkFirewallMissingFirewallViolation = v 8917 return s 8918} 8919 8920// SetNetworkFirewallMissingSubnetViolation sets the NetworkFirewallMissingSubnetViolation field's value. 8921func (s *ResourceViolation) SetNetworkFirewallMissingSubnetViolation(v *NetworkFirewallMissingSubnetViolation) *ResourceViolation { 8922 s.NetworkFirewallMissingSubnetViolation = v 8923 return s 8924} 8925 8926// SetNetworkFirewallPolicyModifiedViolation sets the NetworkFirewallPolicyModifiedViolation field's value. 8927func (s *ResourceViolation) SetNetworkFirewallPolicyModifiedViolation(v *NetworkFirewallPolicyModifiedViolation) *ResourceViolation { 8928 s.NetworkFirewallPolicyModifiedViolation = v 8929 return s 8930} 8931 8932// SetNetworkFirewallUnexpectedFirewallRoutesViolation sets the NetworkFirewallUnexpectedFirewallRoutesViolation field's value. 8933func (s *ResourceViolation) SetNetworkFirewallUnexpectedFirewallRoutesViolation(v *NetworkFirewallUnexpectedFirewallRoutesViolation) *ResourceViolation { 8934 s.NetworkFirewallUnexpectedFirewallRoutesViolation = v 8935 return s 8936} 8937 8938// SetNetworkFirewallUnexpectedGatewayRoutesViolation sets the NetworkFirewallUnexpectedGatewayRoutesViolation field's value. 8939func (s *ResourceViolation) SetNetworkFirewallUnexpectedGatewayRoutesViolation(v *NetworkFirewallUnexpectedGatewayRoutesViolation) *ResourceViolation { 8940 s.NetworkFirewallUnexpectedGatewayRoutesViolation = v 8941 return s 8942} 8943 8944// SetPossibleRemediationActions sets the PossibleRemediationActions field's value. 8945func (s *ResourceViolation) SetPossibleRemediationActions(v *PossibleRemediationActions) *ResourceViolation { 8946 s.PossibleRemediationActions = v 8947 return s 8948} 8949 8950// Describes a route in a route table. 8951type Route struct { 8952 _ struct{} `type:"structure"` 8953 8954 // The destination of the route. 8955 Destination *string `type:"string"` 8956 8957 // The type of destination for the route. 8958 DestinationType *string `type:"string" enum:"DestinationType"` 8959 8960 // The route's target. 8961 Target *string `type:"string"` 8962 8963 // The type of target for the route. 8964 TargetType *string `type:"string" enum:"TargetType"` 8965} 8966 8967// String returns the string representation. 8968// 8969// API parameter values that are decorated as "sensitive" in the API will not 8970// be included in the string output. The member name will be present, but the 8971// value will be replaced with "sensitive". 8972func (s Route) String() string { 8973 return awsutil.Prettify(s) 8974} 8975 8976// GoString returns the string representation. 8977// 8978// API parameter values that are decorated as "sensitive" in the API will not 8979// be included in the string output. The member name will be present, but the 8980// value will be replaced with "sensitive". 8981func (s Route) GoString() string { 8982 return s.String() 8983} 8984 8985// SetDestination sets the Destination field's value. 8986func (s *Route) SetDestination(v string) *Route { 8987 s.Destination = &v 8988 return s 8989} 8990 8991// SetDestinationType sets the DestinationType field's value. 8992func (s *Route) SetDestinationType(v string) *Route { 8993 s.DestinationType = &v 8994 return s 8995} 8996 8997// SetTarget sets the Target field's value. 8998func (s *Route) SetTarget(v string) *Route { 8999 s.Target = &v 9000 return s 9001} 9002 9003// SetTargetType sets the TargetType field's value. 9004func (s *Route) SetTargetType(v string) *Route { 9005 s.TargetType = &v 9006 return s 9007} 9008 9009// Remediation option for the rule specified in the ViolationTarget. 9010type SecurityGroupRemediationAction struct { 9011 _ struct{} `type:"structure"` 9012 9013 // Brief description of the action that will be performed. 9014 Description *string `type:"string"` 9015 9016 // Indicates if the current action is the default action. 9017 IsDefaultAction *bool `type:"boolean"` 9018 9019 // The remediation action that will be performed. 9020 RemediationActionType *string `type:"string" enum:"RemediationActionType"` 9021 9022 // The final state of the rule specified in the ViolationTarget after it is 9023 // remediated. 9024 RemediationResult *SecurityGroupRuleDescription `type:"structure"` 9025} 9026 9027// String returns the string representation. 9028// 9029// API parameter values that are decorated as "sensitive" in the API will not 9030// be included in the string output. The member name will be present, but the 9031// value will be replaced with "sensitive". 9032func (s SecurityGroupRemediationAction) String() string { 9033 return awsutil.Prettify(s) 9034} 9035 9036// GoString returns the string representation. 9037// 9038// API parameter values that are decorated as "sensitive" in the API will not 9039// be included in the string output. The member name will be present, but the 9040// value will be replaced with "sensitive". 9041func (s SecurityGroupRemediationAction) GoString() string { 9042 return s.String() 9043} 9044 9045// SetDescription sets the Description field's value. 9046func (s *SecurityGroupRemediationAction) SetDescription(v string) *SecurityGroupRemediationAction { 9047 s.Description = &v 9048 return s 9049} 9050 9051// SetIsDefaultAction sets the IsDefaultAction field's value. 9052func (s *SecurityGroupRemediationAction) SetIsDefaultAction(v bool) *SecurityGroupRemediationAction { 9053 s.IsDefaultAction = &v 9054 return s 9055} 9056 9057// SetRemediationActionType sets the RemediationActionType field's value. 9058func (s *SecurityGroupRemediationAction) SetRemediationActionType(v string) *SecurityGroupRemediationAction { 9059 s.RemediationActionType = &v 9060 return s 9061} 9062 9063// SetRemediationResult sets the RemediationResult field's value. 9064func (s *SecurityGroupRemediationAction) SetRemediationResult(v *SecurityGroupRuleDescription) *SecurityGroupRemediationAction { 9065 s.RemediationResult = v 9066 return s 9067} 9068 9069// Describes a set of permissions for a security group rule. 9070type SecurityGroupRuleDescription struct { 9071 _ struct{} `type:"structure"` 9072 9073 // The start of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 9074 // type number. A value of -1 indicates all ICMP/ICMPv6 types. 9075 FromPort *int64 `type:"long"` 9076 9077 // The IPv4 ranges for the security group rule. 9078 IPV4Range *string `type:"string"` 9079 9080 // The IPv6 ranges for the security group rule. 9081 IPV6Range *string `type:"string"` 9082 9083 // The ID of the prefix list for the security group rule. 9084 PrefixListId *string `min:"1" type:"string"` 9085 9086 // The IP protocol name (tcp, udp, icmp, icmpv6) or number. 9087 Protocol *string `type:"string"` 9088 9089 // The end of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 9090 // code. A value of -1 indicates all ICMP/ICMPv6 codes. 9091 ToPort *int64 `type:"long"` 9092} 9093 9094// String returns the string representation. 9095// 9096// API parameter values that are decorated as "sensitive" in the API will not 9097// be included in the string output. The member name will be present, but the 9098// value will be replaced with "sensitive". 9099func (s SecurityGroupRuleDescription) String() string { 9100 return awsutil.Prettify(s) 9101} 9102 9103// GoString returns the string representation. 9104// 9105// API parameter values that are decorated as "sensitive" in the API will not 9106// be included in the string output. The member name will be present, but the 9107// value will be replaced with "sensitive". 9108func (s SecurityGroupRuleDescription) GoString() string { 9109 return s.String() 9110} 9111 9112// SetFromPort sets the FromPort field's value. 9113func (s *SecurityGroupRuleDescription) SetFromPort(v int64) *SecurityGroupRuleDescription { 9114 s.FromPort = &v 9115 return s 9116} 9117 9118// SetIPV4Range sets the IPV4Range field's value. 9119func (s *SecurityGroupRuleDescription) SetIPV4Range(v string) *SecurityGroupRuleDescription { 9120 s.IPV4Range = &v 9121 return s 9122} 9123 9124// SetIPV6Range sets the IPV6Range field's value. 9125func (s *SecurityGroupRuleDescription) SetIPV6Range(v string) *SecurityGroupRuleDescription { 9126 s.IPV6Range = &v 9127 return s 9128} 9129 9130// SetPrefixListId sets the PrefixListId field's value. 9131func (s *SecurityGroupRuleDescription) SetPrefixListId(v string) *SecurityGroupRuleDescription { 9132 s.PrefixListId = &v 9133 return s 9134} 9135 9136// SetProtocol sets the Protocol field's value. 9137func (s *SecurityGroupRuleDescription) SetProtocol(v string) *SecurityGroupRuleDescription { 9138 s.Protocol = &v 9139 return s 9140} 9141 9142// SetToPort sets the ToPort field's value. 9143func (s *SecurityGroupRuleDescription) SetToPort(v int64) *SecurityGroupRuleDescription { 9144 s.ToPort = &v 9145 return s 9146} 9147 9148// Details about the security service that is being used to protect the resources. 9149type SecurityServicePolicyData struct { 9150 _ struct{} `type:"structure"` 9151 9152 // Details about the service that are specific to the service type, in JSON 9153 // format. For service type SHIELD_ADVANCED, this is an empty string. 9154 // 9155 // * Example: DNS_FIREWALL "{\"type\":\"DNS_FIREWALL\",\"preProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-1\",\"priority\":10}],\"postProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-2\",\"priority\":9911}]}" 9156 // Valid values for preProcessRuleGroups are between 1 and 99. Valid values 9157 // for postProcessRuleGroups are between 9901 and 10000. 9158 // 9159 // * Example: NETWORK_FIREWALL "{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateless-rulegroup/rulegroup2\",\"priority\":10}],\"networkFirewallStatelessDefaultActions\":[\"aws:pass\",\"custom1\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"custom2\",\"aws:pass\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"custom1\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension1\"}]}}},{\"actionName\":\"custom2\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"dimension2\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-west-1:1234567891011:stateful-rulegroup/rulegroup1\"}],\"networkFirewallOrchestrationConfig\":{\"singleFirewallEndpointPerVPC\":true,\"allowedIPV4CidrList\":[\"10.24.34.0/28\"]} 9160 // }" 9161 // 9162 // * Example: WAFV2 "{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}" 9163 // In the loggingConfiguration, you can specify one logDestinationConfigs, 9164 // you can optionally provide up to 20 redactedFields, and the RedactedFieldType 9165 // must be one of URI, QUERY_STRING, HEADER, or METHOD. 9166 // 9167 // * Example: WAF Classic "{\"type\": \"WAF\", \"ruleGroups\": [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", 9168 // \"overrideAction\" : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\": 9169 // \"BLOCK\"}}" 9170 // 9171 // * Example: SECURITY_GROUPS_COMMON "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, 9172 // \"applyToAllEC2InstanceENIs\":false,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}" 9173 // 9174 // * Example: Shared VPCs. Apply the preceding policy to resources in shared 9175 // VPCs as well as to those in VPCs that the account owns "{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, 9176 // \"applyToAllEC2InstanceENIs\":false,\"includeSharedVPC\":true,\"securityGroups\":[{\"id\":\" 9177 // sg-000e55995d61a06bd\"}]}" 9178 // 9179 // * Example: SECURITY_GROUPS_CONTENT_AUDIT "{\"type\":\"SECURITY_GROUPS_CONTENT_AUDIT\",\"securityGroups\":[{\"id\":\"sg-000e55995d61a06bd\"}],\"securityGroupAction\":{\"type\":\"ALLOW\"}}" 9180 // The security group action for content audit can be ALLOW or DENY. For 9181 // ALLOW, all in-scope security group rules must be within the allowed range 9182 // of the policy's security group rules. For DENY, all in-scope security 9183 // group rules must not contain a value or a range that matches a rule value 9184 // or range in the policy security group. 9185 // 9186 // * Example: SECURITY_GROUPS_USAGE_AUDIT "{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}" 9187 ManagedServiceData *string `min:"1" type:"string"` 9188 9189 // The service that the policy is using to protect the resources. This specifies 9190 // the type of policy that is created, either an WAF policy, a Shield Advanced 9191 // policy, or a security group policy. For security group policies, Firewall 9192 // Manager supports one security group for each common policy and for each content 9193 // audit policy. This is an adjustable limit that you can increase by contacting 9194 // Amazon Web Services Support. 9195 // 9196 // Type is a required field 9197 Type *string `type:"string" required:"true" enum:"SecurityServiceType"` 9198} 9199 9200// String returns the string representation. 9201// 9202// API parameter values that are decorated as "sensitive" in the API will not 9203// be included in the string output. The member name will be present, but the 9204// value will be replaced with "sensitive". 9205func (s SecurityServicePolicyData) String() string { 9206 return awsutil.Prettify(s) 9207} 9208 9209// GoString returns the string representation. 9210// 9211// API parameter values that are decorated as "sensitive" in the API will not 9212// be included in the string output. The member name will be present, but the 9213// value will be replaced with "sensitive". 9214func (s SecurityServicePolicyData) GoString() string { 9215 return s.String() 9216} 9217 9218// Validate inspects the fields of the type to determine if they are valid. 9219func (s *SecurityServicePolicyData) Validate() error { 9220 invalidParams := request.ErrInvalidParams{Context: "SecurityServicePolicyData"} 9221 if s.ManagedServiceData != nil && len(*s.ManagedServiceData) < 1 { 9222 invalidParams.Add(request.NewErrParamMinLen("ManagedServiceData", 1)) 9223 } 9224 if s.Type == nil { 9225 invalidParams.Add(request.NewErrParamRequired("Type")) 9226 } 9227 9228 if invalidParams.Len() > 0 { 9229 return invalidParams 9230 } 9231 return nil 9232} 9233 9234// SetManagedServiceData sets the ManagedServiceData field's value. 9235func (s *SecurityServicePolicyData) SetManagedServiceData(v string) *SecurityServicePolicyData { 9236 s.ManagedServiceData = &v 9237 return s 9238} 9239 9240// SetType sets the Type field's value. 9241func (s *SecurityServicePolicyData) SetType(v string) *SecurityServicePolicyData { 9242 s.Type = &v 9243 return s 9244} 9245 9246// Network Firewall stateful rule group, used in a NetworkFirewallPolicyDescription. 9247type StatefulRuleGroup struct { 9248 _ struct{} `type:"structure"` 9249 9250 // The resource ID of the rule group. 9251 ResourceId *string `min:"1" type:"string"` 9252 9253 // The name of the rule group. 9254 RuleGroupName *string `min:"1" type:"string"` 9255} 9256 9257// String returns the string representation. 9258// 9259// API parameter values that are decorated as "sensitive" in the API will not 9260// be included in the string output. The member name will be present, but the 9261// value will be replaced with "sensitive". 9262func (s StatefulRuleGroup) String() string { 9263 return awsutil.Prettify(s) 9264} 9265 9266// GoString returns the string representation. 9267// 9268// API parameter values that are decorated as "sensitive" in the API will not 9269// be included in the string output. The member name will be present, but the 9270// value will be replaced with "sensitive". 9271func (s StatefulRuleGroup) GoString() string { 9272 return s.String() 9273} 9274 9275// SetResourceId sets the ResourceId field's value. 9276func (s *StatefulRuleGroup) SetResourceId(v string) *StatefulRuleGroup { 9277 s.ResourceId = &v 9278 return s 9279} 9280 9281// SetRuleGroupName sets the RuleGroupName field's value. 9282func (s *StatefulRuleGroup) SetRuleGroupName(v string) *StatefulRuleGroup { 9283 s.RuleGroupName = &v 9284 return s 9285} 9286 9287// Network Firewall stateless rule group, used in a NetworkFirewallPolicyDescription. 9288type StatelessRuleGroup struct { 9289 _ struct{} `type:"structure"` 9290 9291 // The priority of the rule group. Network Firewall evaluates the stateless 9292 // rule groups in a firewall policy starting from the lowest priority setting. 9293 Priority *int64 `min:"1" type:"integer"` 9294 9295 // The resource ID of the rule group. 9296 ResourceId *string `min:"1" type:"string"` 9297 9298 // The name of the rule group. 9299 RuleGroupName *string `min:"1" type:"string"` 9300} 9301 9302// String returns the string representation. 9303// 9304// API parameter values that are decorated as "sensitive" in the API will not 9305// be included in the string output. The member name will be present, but the 9306// value will be replaced with "sensitive". 9307func (s StatelessRuleGroup) String() string { 9308 return awsutil.Prettify(s) 9309} 9310 9311// GoString returns the string representation. 9312// 9313// API parameter values that are decorated as "sensitive" in the API will not 9314// be included in the string output. The member name will be present, but the 9315// value will be replaced with "sensitive". 9316func (s StatelessRuleGroup) GoString() string { 9317 return s.String() 9318} 9319 9320// SetPriority sets the Priority field's value. 9321func (s *StatelessRuleGroup) SetPriority(v int64) *StatelessRuleGroup { 9322 s.Priority = &v 9323 return s 9324} 9325 9326// SetResourceId sets the ResourceId field's value. 9327func (s *StatelessRuleGroup) SetResourceId(v string) *StatelessRuleGroup { 9328 s.ResourceId = &v 9329 return s 9330} 9331 9332// SetRuleGroupName sets the RuleGroupName field's value. 9333func (s *StatelessRuleGroup) SetRuleGroupName(v string) *StatelessRuleGroup { 9334 s.RuleGroupName = &v 9335 return s 9336} 9337 9338// A collection of key:value pairs associated with an Amazon Web Services resource. 9339// The key:value pair can be anything you define. Typically, the tag key represents 9340// a category (such as "environment") and the tag value represents a specific 9341// value within that category (such as "test," "development," or "production"). 9342// You can add up to 50 tags to each Amazon Web Services resource. 9343type Tag struct { 9344 _ struct{} `type:"structure"` 9345 9346 // Part of the key:value pair that defines a tag. You can use a tag key to describe 9347 // a category of information, such as "customer." Tag keys are case-sensitive. 9348 // 9349 // Key is a required field 9350 Key *string `min:"1" type:"string" required:"true"` 9351 9352 // Part of the key:value pair that defines a tag. You can use a tag value to 9353 // describe a specific value within a category, such as "companyA" or "companyB." 9354 // Tag values are case-sensitive. 9355 // 9356 // Value is a required field 9357 Value *string `type:"string" required:"true"` 9358} 9359 9360// String returns the string representation. 9361// 9362// API parameter values that are decorated as "sensitive" in the API will not 9363// be included in the string output. The member name will be present, but the 9364// value will be replaced with "sensitive". 9365func (s Tag) String() string { 9366 return awsutil.Prettify(s) 9367} 9368 9369// GoString returns the string representation. 9370// 9371// API parameter values that are decorated as "sensitive" in the API will not 9372// be included in the string output. The member name will be present, but the 9373// value will be replaced with "sensitive". 9374func (s Tag) GoString() string { 9375 return s.String() 9376} 9377 9378// Validate inspects the fields of the type to determine if they are valid. 9379func (s *Tag) Validate() error { 9380 invalidParams := request.ErrInvalidParams{Context: "Tag"} 9381 if s.Key == nil { 9382 invalidParams.Add(request.NewErrParamRequired("Key")) 9383 } 9384 if s.Key != nil && len(*s.Key) < 1 { 9385 invalidParams.Add(request.NewErrParamMinLen("Key", 1)) 9386 } 9387 if s.Value == nil { 9388 invalidParams.Add(request.NewErrParamRequired("Value")) 9389 } 9390 9391 if invalidParams.Len() > 0 { 9392 return invalidParams 9393 } 9394 return nil 9395} 9396 9397// SetKey sets the Key field's value. 9398func (s *Tag) SetKey(v string) *Tag { 9399 s.Key = &v 9400 return s 9401} 9402 9403// SetValue sets the Value field's value. 9404func (s *Tag) SetValue(v string) *Tag { 9405 s.Value = &v 9406 return s 9407} 9408 9409type TagResourceInput struct { 9410 _ struct{} `type:"structure"` 9411 9412 // The Amazon Resource Name (ARN) of the resource to return tags for. The Firewall 9413 // Manager resources that support tagging are policies, applications lists, 9414 // and protocols lists. 9415 // 9416 // ResourceArn is a required field 9417 ResourceArn *string `min:"1" type:"string" required:"true"` 9418 9419 // The tags to add to the resource. 9420 // 9421 // TagList is a required field 9422 TagList []*Tag `type:"list" required:"true"` 9423} 9424 9425// String returns the string representation. 9426// 9427// API parameter values that are decorated as "sensitive" in the API will not 9428// be included in the string output. The member name will be present, but the 9429// value will be replaced with "sensitive". 9430func (s TagResourceInput) String() string { 9431 return awsutil.Prettify(s) 9432} 9433 9434// GoString returns the string representation. 9435// 9436// API parameter values that are decorated as "sensitive" in the API will not 9437// be included in the string output. The member name will be present, but the 9438// value will be replaced with "sensitive". 9439func (s TagResourceInput) GoString() string { 9440 return s.String() 9441} 9442 9443// Validate inspects the fields of the type to determine if they are valid. 9444func (s *TagResourceInput) Validate() error { 9445 invalidParams := request.ErrInvalidParams{Context: "TagResourceInput"} 9446 if s.ResourceArn == nil { 9447 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 9448 } 9449 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 9450 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 9451 } 9452 if s.TagList == nil { 9453 invalidParams.Add(request.NewErrParamRequired("TagList")) 9454 } 9455 if s.TagList != nil { 9456 for i, v := range s.TagList { 9457 if v == nil { 9458 continue 9459 } 9460 if err := v.Validate(); err != nil { 9461 invalidParams.AddNested(fmt.Sprintf("%s[%v]", "TagList", i), err.(request.ErrInvalidParams)) 9462 } 9463 } 9464 } 9465 9466 if invalidParams.Len() > 0 { 9467 return invalidParams 9468 } 9469 return nil 9470} 9471 9472// SetResourceArn sets the ResourceArn field's value. 9473func (s *TagResourceInput) SetResourceArn(v string) *TagResourceInput { 9474 s.ResourceArn = &v 9475 return s 9476} 9477 9478// SetTagList sets the TagList field's value. 9479func (s *TagResourceInput) SetTagList(v []*Tag) *TagResourceInput { 9480 s.TagList = v 9481 return s 9482} 9483 9484type TagResourceOutput struct { 9485 _ struct{} `type:"structure"` 9486} 9487 9488// String returns the string representation. 9489// 9490// API parameter values that are decorated as "sensitive" in the API will not 9491// be included in the string output. The member name will be present, but the 9492// value will be replaced with "sensitive". 9493func (s TagResourceOutput) String() string { 9494 return awsutil.Prettify(s) 9495} 9496 9497// GoString returns the string representation. 9498// 9499// API parameter values that are decorated as "sensitive" in the API will not 9500// be included in the string output. The member name will be present, but the 9501// value will be replaced with "sensitive". 9502func (s TagResourceOutput) GoString() string { 9503 return s.String() 9504} 9505 9506type UntagResourceInput struct { 9507 _ struct{} `type:"structure"` 9508 9509 // The Amazon Resource Name (ARN) of the resource to return tags for. The Firewall 9510 // Manager resources that support tagging are policies, applications lists, 9511 // and protocols lists. 9512 // 9513 // ResourceArn is a required field 9514 ResourceArn *string `min:"1" type:"string" required:"true"` 9515 9516 // The keys of the tags to remove from the resource. 9517 // 9518 // TagKeys is a required field 9519 TagKeys []*string `type:"list" required:"true"` 9520} 9521 9522// String returns the string representation. 9523// 9524// API parameter values that are decorated as "sensitive" in the API will not 9525// be included in the string output. The member name will be present, but the 9526// value will be replaced with "sensitive". 9527func (s UntagResourceInput) String() string { 9528 return awsutil.Prettify(s) 9529} 9530 9531// GoString returns the string representation. 9532// 9533// API parameter values that are decorated as "sensitive" in the API will not 9534// be included in the string output. The member name will be present, but the 9535// value will be replaced with "sensitive". 9536func (s UntagResourceInput) GoString() string { 9537 return s.String() 9538} 9539 9540// Validate inspects the fields of the type to determine if they are valid. 9541func (s *UntagResourceInput) Validate() error { 9542 invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} 9543 if s.ResourceArn == nil { 9544 invalidParams.Add(request.NewErrParamRequired("ResourceArn")) 9545 } 9546 if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { 9547 invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) 9548 } 9549 if s.TagKeys == nil { 9550 invalidParams.Add(request.NewErrParamRequired("TagKeys")) 9551 } 9552 9553 if invalidParams.Len() > 0 { 9554 return invalidParams 9555 } 9556 return nil 9557} 9558 9559// SetResourceArn sets the ResourceArn field's value. 9560func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { 9561 s.ResourceArn = &v 9562 return s 9563} 9564 9565// SetTagKeys sets the TagKeys field's value. 9566func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { 9567 s.TagKeys = v 9568 return s 9569} 9570 9571type UntagResourceOutput struct { 9572 _ struct{} `type:"structure"` 9573} 9574 9575// String returns the string representation. 9576// 9577// API parameter values that are decorated as "sensitive" in the API will not 9578// be included in the string output. The member name will be present, but the 9579// value will be replaced with "sensitive". 9580func (s UntagResourceOutput) String() string { 9581 return awsutil.Prettify(s) 9582} 9583 9584// GoString returns the string representation. 9585// 9586// API parameter values that are decorated as "sensitive" in the API will not 9587// be included in the string output. The member name will be present, but the 9588// value will be replaced with "sensitive". 9589func (s UntagResourceOutput) GoString() string { 9590 return s.String() 9591} 9592 9593// Violations for a resource based on the specified Firewall Manager policy 9594// and Amazon Web Services account. 9595type ViolationDetail struct { 9596 _ struct{} `type:"structure"` 9597 9598 // The Amazon Web Services account that the violation details were requested 9599 // for. 9600 // 9601 // MemberAccount is a required field 9602 MemberAccount *string `min:"1" type:"string" required:"true"` 9603 9604 // The ID of the Firewall Manager policy that the violation details were requested 9605 // for. 9606 // 9607 // PolicyId is a required field 9608 PolicyId *string `min:"36" type:"string" required:"true"` 9609 9610 // Brief description for the requested resource. 9611 ResourceDescription *string `type:"string"` 9612 9613 // The resource ID that the violation details were requested for. 9614 // 9615 // ResourceId is a required field 9616 ResourceId *string `min:"1" type:"string" required:"true"` 9617 9618 // The ResourceTag objects associated with the resource. 9619 ResourceTags []*Tag `type:"list"` 9620 9621 // The resource type that the violation details were requested for. 9622 // 9623 // ResourceType is a required field 9624 ResourceType *string `min:"1" type:"string" required:"true"` 9625 9626 // List of violations for the requested resource. 9627 // 9628 // ResourceViolations is a required field 9629 ResourceViolations []*ResourceViolation `type:"list" required:"true"` 9630} 9631 9632// String returns the string representation. 9633// 9634// API parameter values that are decorated as "sensitive" in the API will not 9635// be included in the string output. The member name will be present, but the 9636// value will be replaced with "sensitive". 9637func (s ViolationDetail) String() string { 9638 return awsutil.Prettify(s) 9639} 9640 9641// GoString returns the string representation. 9642// 9643// API parameter values that are decorated as "sensitive" in the API will not 9644// be included in the string output. The member name will be present, but the 9645// value will be replaced with "sensitive". 9646func (s ViolationDetail) GoString() string { 9647 return s.String() 9648} 9649 9650// SetMemberAccount sets the MemberAccount field's value. 9651func (s *ViolationDetail) SetMemberAccount(v string) *ViolationDetail { 9652 s.MemberAccount = &v 9653 return s 9654} 9655 9656// SetPolicyId sets the PolicyId field's value. 9657func (s *ViolationDetail) SetPolicyId(v string) *ViolationDetail { 9658 s.PolicyId = &v 9659 return s 9660} 9661 9662// SetResourceDescription sets the ResourceDescription field's value. 9663func (s *ViolationDetail) SetResourceDescription(v string) *ViolationDetail { 9664 s.ResourceDescription = &v 9665 return s 9666} 9667 9668// SetResourceId sets the ResourceId field's value. 9669func (s *ViolationDetail) SetResourceId(v string) *ViolationDetail { 9670 s.ResourceId = &v 9671 return s 9672} 9673 9674// SetResourceTags sets the ResourceTags field's value. 9675func (s *ViolationDetail) SetResourceTags(v []*Tag) *ViolationDetail { 9676 s.ResourceTags = v 9677 return s 9678} 9679 9680// SetResourceType sets the ResourceType field's value. 9681func (s *ViolationDetail) SetResourceType(v string) *ViolationDetail { 9682 s.ResourceType = &v 9683 return s 9684} 9685 9686// SetResourceViolations sets the ResourceViolations field's value. 9687func (s *ViolationDetail) SetResourceViolations(v []*ResourceViolation) *ViolationDetail { 9688 s.ResourceViolations = v 9689 return s 9690} 9691 9692const ( 9693 // AccountRoleStatusReady is a AccountRoleStatus enum value 9694 AccountRoleStatusReady = "READY" 9695 9696 // AccountRoleStatusCreating is a AccountRoleStatus enum value 9697 AccountRoleStatusCreating = "CREATING" 9698 9699 // AccountRoleStatusPendingDeletion is a AccountRoleStatus enum value 9700 AccountRoleStatusPendingDeletion = "PENDING_DELETION" 9701 9702 // AccountRoleStatusDeleting is a AccountRoleStatus enum value 9703 AccountRoleStatusDeleting = "DELETING" 9704 9705 // AccountRoleStatusDeleted is a AccountRoleStatus enum value 9706 AccountRoleStatusDeleted = "DELETED" 9707) 9708 9709// AccountRoleStatus_Values returns all elements of the AccountRoleStatus enum 9710func AccountRoleStatus_Values() []string { 9711 return []string{ 9712 AccountRoleStatusReady, 9713 AccountRoleStatusCreating, 9714 AccountRoleStatusPendingDeletion, 9715 AccountRoleStatusDeleting, 9716 AccountRoleStatusDeleted, 9717 } 9718} 9719 9720const ( 9721 // CustomerPolicyScopeIdTypeAccount is a CustomerPolicyScopeIdType enum value 9722 CustomerPolicyScopeIdTypeAccount = "ACCOUNT" 9723 9724 // CustomerPolicyScopeIdTypeOrgUnit is a CustomerPolicyScopeIdType enum value 9725 CustomerPolicyScopeIdTypeOrgUnit = "ORG_UNIT" 9726) 9727 9728// CustomerPolicyScopeIdType_Values returns all elements of the CustomerPolicyScopeIdType enum 9729func CustomerPolicyScopeIdType_Values() []string { 9730 return []string{ 9731 CustomerPolicyScopeIdTypeAccount, 9732 CustomerPolicyScopeIdTypeOrgUnit, 9733 } 9734} 9735 9736const ( 9737 // DependentServiceNameAwsconfig is a DependentServiceName enum value 9738 DependentServiceNameAwsconfig = "AWSCONFIG" 9739 9740 // DependentServiceNameAwswaf is a DependentServiceName enum value 9741 DependentServiceNameAwswaf = "AWSWAF" 9742 9743 // DependentServiceNameAwsshieldAdvanced is a DependentServiceName enum value 9744 DependentServiceNameAwsshieldAdvanced = "AWSSHIELD_ADVANCED" 9745 9746 // DependentServiceNameAwsvpc is a DependentServiceName enum value 9747 DependentServiceNameAwsvpc = "AWSVPC" 9748) 9749 9750// DependentServiceName_Values returns all elements of the DependentServiceName enum 9751func DependentServiceName_Values() []string { 9752 return []string{ 9753 DependentServiceNameAwsconfig, 9754 DependentServiceNameAwswaf, 9755 DependentServiceNameAwsshieldAdvanced, 9756 DependentServiceNameAwsvpc, 9757 } 9758} 9759 9760const ( 9761 // DestinationTypeIpv4 is a DestinationType enum value 9762 DestinationTypeIpv4 = "IPV4" 9763 9764 // DestinationTypeIpv6 is a DestinationType enum value 9765 DestinationTypeIpv6 = "IPV6" 9766 9767 // DestinationTypePrefixList is a DestinationType enum value 9768 DestinationTypePrefixList = "PREFIX_LIST" 9769) 9770 9771// DestinationType_Values returns all elements of the DestinationType enum 9772func DestinationType_Values() []string { 9773 return []string{ 9774 DestinationTypeIpv4, 9775 DestinationTypeIpv6, 9776 DestinationTypePrefixList, 9777 } 9778} 9779 9780const ( 9781 // PolicyComplianceStatusTypeCompliant is a PolicyComplianceStatusType enum value 9782 PolicyComplianceStatusTypeCompliant = "COMPLIANT" 9783 9784 // PolicyComplianceStatusTypeNonCompliant is a PolicyComplianceStatusType enum value 9785 PolicyComplianceStatusTypeNonCompliant = "NON_COMPLIANT" 9786) 9787 9788// PolicyComplianceStatusType_Values returns all elements of the PolicyComplianceStatusType enum 9789func PolicyComplianceStatusType_Values() []string { 9790 return []string{ 9791 PolicyComplianceStatusTypeCompliant, 9792 PolicyComplianceStatusTypeNonCompliant, 9793 } 9794} 9795 9796const ( 9797 // RemediationActionTypeRemove is a RemediationActionType enum value 9798 RemediationActionTypeRemove = "REMOVE" 9799 9800 // RemediationActionTypeModify is a RemediationActionType enum value 9801 RemediationActionTypeModify = "MODIFY" 9802) 9803 9804// RemediationActionType_Values returns all elements of the RemediationActionType enum 9805func RemediationActionType_Values() []string { 9806 return []string{ 9807 RemediationActionTypeRemove, 9808 RemediationActionTypeModify, 9809 } 9810} 9811 9812const ( 9813 // SecurityServiceTypeWaf is a SecurityServiceType enum value 9814 SecurityServiceTypeWaf = "WAF" 9815 9816 // SecurityServiceTypeWafv2 is a SecurityServiceType enum value 9817 SecurityServiceTypeWafv2 = "WAFV2" 9818 9819 // SecurityServiceTypeShieldAdvanced is a SecurityServiceType enum value 9820 SecurityServiceTypeShieldAdvanced = "SHIELD_ADVANCED" 9821 9822 // SecurityServiceTypeSecurityGroupsCommon is a SecurityServiceType enum value 9823 SecurityServiceTypeSecurityGroupsCommon = "SECURITY_GROUPS_COMMON" 9824 9825 // SecurityServiceTypeSecurityGroupsContentAudit is a SecurityServiceType enum value 9826 SecurityServiceTypeSecurityGroupsContentAudit = "SECURITY_GROUPS_CONTENT_AUDIT" 9827 9828 // SecurityServiceTypeSecurityGroupsUsageAudit is a SecurityServiceType enum value 9829 SecurityServiceTypeSecurityGroupsUsageAudit = "SECURITY_GROUPS_USAGE_AUDIT" 9830 9831 // SecurityServiceTypeNetworkFirewall is a SecurityServiceType enum value 9832 SecurityServiceTypeNetworkFirewall = "NETWORK_FIREWALL" 9833 9834 // SecurityServiceTypeDnsFirewall is a SecurityServiceType enum value 9835 SecurityServiceTypeDnsFirewall = "DNS_FIREWALL" 9836) 9837 9838// SecurityServiceType_Values returns all elements of the SecurityServiceType enum 9839func SecurityServiceType_Values() []string { 9840 return []string{ 9841 SecurityServiceTypeWaf, 9842 SecurityServiceTypeWafv2, 9843 SecurityServiceTypeShieldAdvanced, 9844 SecurityServiceTypeSecurityGroupsCommon, 9845 SecurityServiceTypeSecurityGroupsContentAudit, 9846 SecurityServiceTypeSecurityGroupsUsageAudit, 9847 SecurityServiceTypeNetworkFirewall, 9848 SecurityServiceTypeDnsFirewall, 9849 } 9850} 9851 9852const ( 9853 // TargetTypeGateway is a TargetType enum value 9854 TargetTypeGateway = "GATEWAY" 9855 9856 // TargetTypeCarrierGateway is a TargetType enum value 9857 TargetTypeCarrierGateway = "CARRIER_GATEWAY" 9858 9859 // TargetTypeInstance is a TargetType enum value 9860 TargetTypeInstance = "INSTANCE" 9861 9862 // TargetTypeLocalGateway is a TargetType enum value 9863 TargetTypeLocalGateway = "LOCAL_GATEWAY" 9864 9865 // TargetTypeNatGateway is a TargetType enum value 9866 TargetTypeNatGateway = "NAT_GATEWAY" 9867 9868 // TargetTypeNetworkInterface is a TargetType enum value 9869 TargetTypeNetworkInterface = "NETWORK_INTERFACE" 9870 9871 // TargetTypeVpcEndpoint is a TargetType enum value 9872 TargetTypeVpcEndpoint = "VPC_ENDPOINT" 9873 9874 // TargetTypeVpcPeeringConnection is a TargetType enum value 9875 TargetTypeVpcPeeringConnection = "VPC_PEERING_CONNECTION" 9876 9877 // TargetTypeEgressOnlyInternetGateway is a TargetType enum value 9878 TargetTypeEgressOnlyInternetGateway = "EGRESS_ONLY_INTERNET_GATEWAY" 9879 9880 // TargetTypeTransitGateway is a TargetType enum value 9881 TargetTypeTransitGateway = "TRANSIT_GATEWAY" 9882) 9883 9884// TargetType_Values returns all elements of the TargetType enum 9885func TargetType_Values() []string { 9886 return []string{ 9887 TargetTypeGateway, 9888 TargetTypeCarrierGateway, 9889 TargetTypeInstance, 9890 TargetTypeLocalGateway, 9891 TargetTypeNatGateway, 9892 TargetTypeNetworkInterface, 9893 TargetTypeVpcEndpoint, 9894 TargetTypeVpcPeeringConnection, 9895 TargetTypeEgressOnlyInternetGateway, 9896 TargetTypeTransitGateway, 9897 } 9898} 9899 9900const ( 9901 // ViolationReasonWebAclMissingRuleGroup is a ViolationReason enum value 9902 ViolationReasonWebAclMissingRuleGroup = "WEB_ACL_MISSING_RULE_GROUP" 9903 9904 // ViolationReasonResourceMissingWebAcl is a ViolationReason enum value 9905 ViolationReasonResourceMissingWebAcl = "RESOURCE_MISSING_WEB_ACL" 9906 9907 // ViolationReasonResourceIncorrectWebAcl is a ViolationReason enum value 9908 ViolationReasonResourceIncorrectWebAcl = "RESOURCE_INCORRECT_WEB_ACL" 9909 9910 // ViolationReasonResourceMissingShieldProtection is a ViolationReason enum value 9911 ViolationReasonResourceMissingShieldProtection = "RESOURCE_MISSING_SHIELD_PROTECTION" 9912 9913 // ViolationReasonResourceMissingWebAclOrShieldProtection is a ViolationReason enum value 9914 ViolationReasonResourceMissingWebAclOrShieldProtection = "RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION" 9915 9916 // ViolationReasonResourceMissingSecurityGroup is a ViolationReason enum value 9917 ViolationReasonResourceMissingSecurityGroup = "RESOURCE_MISSING_SECURITY_GROUP" 9918 9919 // ViolationReasonResourceViolatesAuditSecurityGroup is a ViolationReason enum value 9920 ViolationReasonResourceViolatesAuditSecurityGroup = "RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP" 9921 9922 // ViolationReasonSecurityGroupUnused is a ViolationReason enum value 9923 ViolationReasonSecurityGroupUnused = "SECURITY_GROUP_UNUSED" 9924 9925 // ViolationReasonSecurityGroupRedundant is a ViolationReason enum value 9926 ViolationReasonSecurityGroupRedundant = "SECURITY_GROUP_REDUNDANT" 9927 9928 // ViolationReasonFmsCreatedSecurityGroupEdited is a ViolationReason enum value 9929 ViolationReasonFmsCreatedSecurityGroupEdited = "FMS_CREATED_SECURITY_GROUP_EDITED" 9930 9931 // ViolationReasonMissingFirewall is a ViolationReason enum value 9932 ViolationReasonMissingFirewall = "MISSING_FIREWALL" 9933 9934 // ViolationReasonMissingFirewallSubnetInAz is a ViolationReason enum value 9935 ViolationReasonMissingFirewallSubnetInAz = "MISSING_FIREWALL_SUBNET_IN_AZ" 9936 9937 // ViolationReasonMissingExpectedRouteTable is a ViolationReason enum value 9938 ViolationReasonMissingExpectedRouteTable = "MISSING_EXPECTED_ROUTE_TABLE" 9939 9940 // ViolationReasonNetworkFirewallPolicyModified is a ViolationReason enum value 9941 ViolationReasonNetworkFirewallPolicyModified = "NETWORK_FIREWALL_POLICY_MODIFIED" 9942 9943 // ViolationReasonInternetGatewayMissingExpectedRoute is a ViolationReason enum value 9944 ViolationReasonInternetGatewayMissingExpectedRoute = "INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE" 9945 9946 // ViolationReasonFirewallSubnetMissingExpectedRoute is a ViolationReason enum value 9947 ViolationReasonFirewallSubnetMissingExpectedRoute = "FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE" 9948 9949 // ViolationReasonUnexpectedFirewallRoutes is a ViolationReason enum value 9950 ViolationReasonUnexpectedFirewallRoutes = "UNEXPECTED_FIREWALL_ROUTES" 9951 9952 // ViolationReasonUnexpectedTargetGatewayRoutes is a ViolationReason enum value 9953 ViolationReasonUnexpectedTargetGatewayRoutes = "UNEXPECTED_TARGET_GATEWAY_ROUTES" 9954 9955 // ViolationReasonTrafficInspectionCrossesAzBoundary is a ViolationReason enum value 9956 ViolationReasonTrafficInspectionCrossesAzBoundary = "TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY" 9957 9958 // ViolationReasonInvalidRouteConfiguration is a ViolationReason enum value 9959 ViolationReasonInvalidRouteConfiguration = "INVALID_ROUTE_CONFIGURATION" 9960 9961 // ViolationReasonMissingTargetGateway is a ViolationReason enum value 9962 ViolationReasonMissingTargetGateway = "MISSING_TARGET_GATEWAY" 9963 9964 // ViolationReasonInternetTrafficNotInspected is a ViolationReason enum value 9965 ViolationReasonInternetTrafficNotInspected = "INTERNET_TRAFFIC_NOT_INSPECTED" 9966 9967 // ViolationReasonBlackHoleRouteDetected is a ViolationReason enum value 9968 ViolationReasonBlackHoleRouteDetected = "BLACK_HOLE_ROUTE_DETECTED" 9969 9970 // ViolationReasonBlackHoleRouteDetectedInFirewallSubnet is a ViolationReason enum value 9971 ViolationReasonBlackHoleRouteDetectedInFirewallSubnet = "BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET" 9972 9973 // ViolationReasonResourceMissingDnsFirewall is a ViolationReason enum value 9974 ViolationReasonResourceMissingDnsFirewall = "RESOURCE_MISSING_DNS_FIREWALL" 9975) 9976 9977// ViolationReason_Values returns all elements of the ViolationReason enum 9978func ViolationReason_Values() []string { 9979 return []string{ 9980 ViolationReasonWebAclMissingRuleGroup, 9981 ViolationReasonResourceMissingWebAcl, 9982 ViolationReasonResourceIncorrectWebAcl, 9983 ViolationReasonResourceMissingShieldProtection, 9984 ViolationReasonResourceMissingWebAclOrShieldProtection, 9985 ViolationReasonResourceMissingSecurityGroup, 9986 ViolationReasonResourceViolatesAuditSecurityGroup, 9987 ViolationReasonSecurityGroupUnused, 9988 ViolationReasonSecurityGroupRedundant, 9989 ViolationReasonFmsCreatedSecurityGroupEdited, 9990 ViolationReasonMissingFirewall, 9991 ViolationReasonMissingFirewallSubnetInAz, 9992 ViolationReasonMissingExpectedRouteTable, 9993 ViolationReasonNetworkFirewallPolicyModified, 9994 ViolationReasonInternetGatewayMissingExpectedRoute, 9995 ViolationReasonFirewallSubnetMissingExpectedRoute, 9996 ViolationReasonUnexpectedFirewallRoutes, 9997 ViolationReasonUnexpectedTargetGatewayRoutes, 9998 ViolationReasonTrafficInspectionCrossesAzBoundary, 9999 ViolationReasonInvalidRouteConfiguration, 10000 ViolationReasonMissingTargetGateway, 10001 ViolationReasonInternetTrafficNotInspected, 10002 ViolationReasonBlackHoleRouteDetected, 10003 ViolationReasonBlackHoleRouteDetectedInFirewallSubnet, 10004 ViolationReasonResourceMissingDnsFirewall, 10005 } 10006} 10007