1// Code generated by smithy-go-codegen DO NOT EDIT. 2 3package networkfirewall 4 5import ( 6 "context" 7 awsmiddleware "github.com/aws/aws-sdk-go-v2/aws/middleware" 8 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" 9 "github.com/aws/smithy-go/middleware" 10 smithyhttp "github.com/aws/smithy-go/transport/http" 11) 12 13// Creates or updates an AWS Identity and Access Management policy for your rule 14// group or firewall policy. Use this to share rule groups and firewall policies 15// between accounts. This operation works in conjunction with the AWS Resource 16// Access Manager (RAM) service to manage resource sharing for Network Firewall. 17// Use this operation to create or update a resource policy for your rule group or 18// firewall policy. In the policy, you specify the accounts that you want to share 19// the resource with and the operations that you want the accounts to be able to 20// perform. When you add an account in the resource policy, you then run the 21// following Resource Access Manager (RAM) operations to access and accept the 22// shared rule group or firewall policy. 23// 24// * GetResourceShareInvitations 25// (https://docs.aws.amazon.com/ram/latest/APIReference/API_GetResourceShareInvitations.html) 26// - Returns the Amazon Resource Names (ARNs) of the resource share invitations. 27// 28// * 29// AcceptResourceShareInvitation 30// (https://docs.aws.amazon.com/ram/latest/APIReference/API_AcceptResourceShareInvitation.html) 31// - Accepts the share invitation for a specified resource share. 32// 33// For additional 34// information about resource sharing using RAM, see AWS Resource Access Manager 35// User Guide (https://docs.aws.amazon.com/ram/latest/userguide/what-is.html). 36func (c *Client) PutResourcePolicy(ctx context.Context, params *PutResourcePolicyInput, optFns ...func(*Options)) (*PutResourcePolicyOutput, error) { 37 if params == nil { 38 params = &PutResourcePolicyInput{} 39 } 40 41 result, metadata, err := c.invokeOperation(ctx, "PutResourcePolicy", params, optFns, addOperationPutResourcePolicyMiddlewares) 42 if err != nil { 43 return nil, err 44 } 45 46 out := result.(*PutResourcePolicyOutput) 47 out.ResultMetadata = metadata 48 return out, nil 49} 50 51type PutResourcePolicyInput struct { 52 53 // The AWS Identity and Access Management policy statement that lists the accounts 54 // that you want to share your rule group or firewall policy with and the 55 // operations that you want the accounts to be able to perform. For a rule group 56 // resource, you can specify the following operations in the Actions section of the 57 // statement: 58 // 59 // * network-firewall:CreateFirewallPolicy 60 // 61 // * 62 // network-firewall:UpdateFirewallPolicy 63 // 64 // * network-firewall:ListRuleGroups 65 // 66 // For a 67 // firewall policy resource, you can specify the following operations in the 68 // Actions section of the statement: 69 // 70 // * network-firewall:CreateFirewall 71 // 72 // * 73 // network-firewall:UpdateFirewall 74 // 75 // * network-firewall:AssociateFirewallPolicy 76 // 77 // * 78 // network-firewall:ListFirewallPolicies 79 // 80 // In the Resource section of the statement, 81 // you specify the ARNs for the rule groups and firewall policies that you want to 82 // share with the account that you specified in Arn. 83 // 84 // This member is required. 85 Policy *string 86 87 // The Amazon Resource Name (ARN) of the account that you want to share rule groups 88 // and firewall policies with. 89 // 90 // This member is required. 91 ResourceArn *string 92} 93 94type PutResourcePolicyOutput struct { 95 // Metadata pertaining to the operation's result. 96 ResultMetadata middleware.Metadata 97} 98 99func addOperationPutResourcePolicyMiddlewares(stack *middleware.Stack, options Options) (err error) { 100 err = stack.Serialize.Add(&awsAwsjson10_serializeOpPutResourcePolicy{}, middleware.After) 101 if err != nil { 102 return err 103 } 104 err = stack.Deserialize.Add(&awsAwsjson10_deserializeOpPutResourcePolicy{}, middleware.After) 105 if err != nil { 106 return err 107 } 108 if err = addSetLoggerMiddleware(stack, options); err != nil { 109 return err 110 } 111 if err = awsmiddleware.AddClientRequestIDMiddleware(stack); err != nil { 112 return err 113 } 114 if err = smithyhttp.AddComputeContentLengthMiddleware(stack); err != nil { 115 return err 116 } 117 if err = addResolveEndpointMiddleware(stack, options); err != nil { 118 return err 119 } 120 if err = v4.AddComputePayloadSHA256Middleware(stack); err != nil { 121 return err 122 } 123 if err = addRetryMiddlewares(stack, options); err != nil { 124 return err 125 } 126 if err = addHTTPSignerV4Middleware(stack, options); err != nil { 127 return err 128 } 129 if err = awsmiddleware.AddRawResponseToMetadata(stack); err != nil { 130 return err 131 } 132 if err = awsmiddleware.AddRecordResponseTiming(stack); err != nil { 133 return err 134 } 135 if err = addClientUserAgent(stack); err != nil { 136 return err 137 } 138 if err = smithyhttp.AddErrorCloseResponseBodyMiddleware(stack); err != nil { 139 return err 140 } 141 if err = smithyhttp.AddCloseResponseBodyMiddleware(stack); err != nil { 142 return err 143 } 144 if err = addOpPutResourcePolicyValidationMiddleware(stack); err != nil { 145 return err 146 } 147 if err = stack.Initialize.Add(newServiceMetadataMiddleware_opPutResourcePolicy(options.Region), middleware.Before); err != nil { 148 return err 149 } 150 if err = addRequestIDRetrieverMiddleware(stack); err != nil { 151 return err 152 } 153 if err = addResponseErrorMiddleware(stack); err != nil { 154 return err 155 } 156 if err = addRequestResponseLogging(stack, options); err != nil { 157 return err 158 } 159 return nil 160} 161 162func newServiceMetadataMiddleware_opPutResourcePolicy(region string) *awsmiddleware.RegisterServiceMetadata { 163 return &awsmiddleware.RegisterServiceMetadata{ 164 Region: region, 165 ServiceID: ServiceID, 166 SigningName: "network-firewall", 167 OperationName: "PutResourcePolicy", 168 } 169} 170