fms

package
v5.16.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Oct 4, 2022 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AdminAccount

type AdminAccount struct {
	pulumi.CustomResourceState

	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringOutput `pulumi:"accountId"`
}

Provides a resource to associate/disassociate an AWS Firewall Manager administrator account. This operation must be performed in the `us-east-1` region.

## Example Usage

```go package main

import (

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/fms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fms.NewAdminAccount(ctx, "example", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Firewall Manager administrator account association can be imported using the account ID, e.g.,

```sh

$ pulumi import aws:fms/adminAccount:AdminAccount example 123456789012

```

func GetAdminAccount

func GetAdminAccount(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AdminAccountState, opts ...pulumi.ResourceOption) (*AdminAccount, error)

GetAdminAccount gets an existing AdminAccount resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAdminAccount

func NewAdminAccount(ctx *pulumi.Context,
	name string, args *AdminAccountArgs, opts ...pulumi.ResourceOption) (*AdminAccount, error)

NewAdminAccount registers a new resource with the given unique name, arguments, and options.

func (*AdminAccount) ElementType

func (*AdminAccount) ElementType() reflect.Type

func (*AdminAccount) ToAdminAccountOutput

func (i *AdminAccount) ToAdminAccountOutput() AdminAccountOutput

func (*AdminAccount) ToAdminAccountOutputWithContext

func (i *AdminAccount) ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput

type AdminAccountArgs

type AdminAccountArgs struct {
	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringPtrInput
}

The set of arguments for constructing a AdminAccount resource.

func (AdminAccountArgs) ElementType

func (AdminAccountArgs) ElementType() reflect.Type

type AdminAccountArray

type AdminAccountArray []AdminAccountInput

func (AdminAccountArray) ElementType

func (AdminAccountArray) ElementType() reflect.Type

func (AdminAccountArray) ToAdminAccountArrayOutput

func (i AdminAccountArray) ToAdminAccountArrayOutput() AdminAccountArrayOutput

func (AdminAccountArray) ToAdminAccountArrayOutputWithContext

func (i AdminAccountArray) ToAdminAccountArrayOutputWithContext(ctx context.Context) AdminAccountArrayOutput

type AdminAccountArrayInput

type AdminAccountArrayInput interface {
	pulumi.Input

	ToAdminAccountArrayOutput() AdminAccountArrayOutput
	ToAdminAccountArrayOutputWithContext(context.Context) AdminAccountArrayOutput
}

AdminAccountArrayInput is an input type that accepts AdminAccountArray and AdminAccountArrayOutput values. You can construct a concrete instance of `AdminAccountArrayInput` via:

AdminAccountArray{ AdminAccountArgs{...} }

type AdminAccountArrayOutput

type AdminAccountArrayOutput struct{ *pulumi.OutputState }

func (AdminAccountArrayOutput) ElementType

func (AdminAccountArrayOutput) ElementType() reflect.Type

func (AdminAccountArrayOutput) Index

func (AdminAccountArrayOutput) ToAdminAccountArrayOutput

func (o AdminAccountArrayOutput) ToAdminAccountArrayOutput() AdminAccountArrayOutput

func (AdminAccountArrayOutput) ToAdminAccountArrayOutputWithContext

func (o AdminAccountArrayOutput) ToAdminAccountArrayOutputWithContext(ctx context.Context) AdminAccountArrayOutput

type AdminAccountInput

type AdminAccountInput interface {
	pulumi.Input

	ToAdminAccountOutput() AdminAccountOutput
	ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput
}

type AdminAccountMap

type AdminAccountMap map[string]AdminAccountInput

func (AdminAccountMap) ElementType

func (AdminAccountMap) ElementType() reflect.Type

func (AdminAccountMap) ToAdminAccountMapOutput

func (i AdminAccountMap) ToAdminAccountMapOutput() AdminAccountMapOutput

func (AdminAccountMap) ToAdminAccountMapOutputWithContext

func (i AdminAccountMap) ToAdminAccountMapOutputWithContext(ctx context.Context) AdminAccountMapOutput

type AdminAccountMapInput

type AdminAccountMapInput interface {
	pulumi.Input

	ToAdminAccountMapOutput() AdminAccountMapOutput
	ToAdminAccountMapOutputWithContext(context.Context) AdminAccountMapOutput
}

AdminAccountMapInput is an input type that accepts AdminAccountMap and AdminAccountMapOutput values. You can construct a concrete instance of `AdminAccountMapInput` via:

AdminAccountMap{ "key": AdminAccountArgs{...} }

type AdminAccountMapOutput

type AdminAccountMapOutput struct{ *pulumi.OutputState }

func (AdminAccountMapOutput) ElementType

func (AdminAccountMapOutput) ElementType() reflect.Type

func (AdminAccountMapOutput) MapIndex

func (AdminAccountMapOutput) ToAdminAccountMapOutput

func (o AdminAccountMapOutput) ToAdminAccountMapOutput() AdminAccountMapOutput

func (AdminAccountMapOutput) ToAdminAccountMapOutputWithContext

func (o AdminAccountMapOutput) ToAdminAccountMapOutputWithContext(ctx context.Context) AdminAccountMapOutput

type AdminAccountOutput

type AdminAccountOutput struct{ *pulumi.OutputState }

func (AdminAccountOutput) AccountId added in v5.4.0

func (o AdminAccountOutput) AccountId() pulumi.StringOutput

The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.

func (AdminAccountOutput) ElementType

func (AdminAccountOutput) ElementType() reflect.Type

func (AdminAccountOutput) ToAdminAccountOutput

func (o AdminAccountOutput) ToAdminAccountOutput() AdminAccountOutput

func (AdminAccountOutput) ToAdminAccountOutputWithContext

func (o AdminAccountOutput) ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput

type AdminAccountState

type AdminAccountState struct {
	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringPtrInput
}

func (AdminAccountState) ElementType

func (AdminAccountState) ElementType() reflect.Type

type Policy

type Policy struct {
	pulumi.CustomResourceState

	Arn pulumi.StringOutput `pulumi:"arn"`
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrOutput `pulumi:"deleteAllPolicyResources"`
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrOutput `pulumi:"deleteUnusedFmManagedResources"`
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrOutput `pulumi:"excludeMap"`
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolOutput `pulumi:"excludeResourceTags"`
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrOutput `pulumi:"includeMap"`
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringOutput `pulumi:"name"`
	// A unique identifier for each update to the policy.
	PolicyUpdateToken pulumi.StringOutput `pulumi:"policyUpdateToken"`
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrOutput `pulumi:"remediationEnabled"`
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapOutput `pulumi:"resourceTags"`
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringOutput `pulumi:"resourceType"`
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayOutput `pulumi:"resourceTypeLists"`
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataOutput `pulumi:"securityServicePolicyData"`
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
}

Provides a resource to create an AWS Firewall Manager policy. You need to be using AWS organizations and have enabled the Firewall Manager administrator account.

## Example Usage

```go package main

import (

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/fms"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/wafregional"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleRuleGroup, err := wafregional.NewRuleGroup(ctx, "exampleRuleGroup", &wafregional.RuleGroupArgs{
			MetricName: pulumi.String("WAFRuleGroupExample"),
		})
		if err != nil {
			return err
		}
		_, err = fms.NewPolicy(ctx, "examplePolicy", &fms.PolicyArgs{
			ExcludeResourceTags: pulumi.Bool(false),
			RemediationEnabled:  pulumi.Bool(false),
			ResourceType:        pulumi.String("AWS::ElasticLoadBalancingV2::LoadBalancer"),
			SecurityServicePolicyData: &fms.PolicySecurityServicePolicyDataArgs{
				Type: pulumi.String("WAF"),
				ManagedServiceData: exampleRuleGroup.ID().ApplyT(func(id string) (pulumi.String, error) {
					var _zero pulumi.String
					tmpJSON0, err := json.Marshal(map[string]interface{}{
						"type": "WAF",
						"ruleGroups": []map[string]interface{}{
							map[string]interface{}{
								"id": id,
								"overrideAction": map[string]interface{}{
									"type": "COUNT",
								},
							},
						},
						"defaultAction": map[string]interface{}{
							"type": "BLOCK",
						},
						"overrideCustomerWebACLAssociation": false,
					})
					if err != nil {
						return _zero, err
					}
					json0 := string(tmpJSON0)
					return json0, nil
				}).(pulumi.StringOutput),
			},
			Tags: pulumi.StringMap{
				"Name": pulumi.String("example-fms-policy"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Firewall Manager policies can be imported using the policy ID, e.g.,

```sh

$ pulumi import aws:fms/policy:Policy example 5be49585-a7e3-4c49-dde1-a179fe4a619a

```

func GetPolicy

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs

type PolicyArgs struct {
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrInput
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrInput
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrInput
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolInput
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrInput
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringPtrInput
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrInput
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapInput
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringPtrInput
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayInput
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataInput
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray

type PolicyArray []PolicyInput

func (PolicyArray) ElementType

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via:

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index

func (PolicyArrayOutput) ToPolicyArrayOutput

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyExcludeMap

type PolicyExcludeMap struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts []string `pulumi:"accounts"`
	// A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	Orgunits []string `pulumi:"orgunits"`
}

type PolicyExcludeMapArgs

type PolicyExcludeMapArgs struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts pulumi.StringArrayInput `pulumi:"accounts"`
	// A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	Orgunits pulumi.StringArrayInput `pulumi:"orgunits"`
}

func (PolicyExcludeMapArgs) ElementType

func (PolicyExcludeMapArgs) ElementType() reflect.Type

func (PolicyExcludeMapArgs) ToPolicyExcludeMapOutput

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapOutput() PolicyExcludeMapOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapOutputWithContext

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapOutputWithContext(ctx context.Context) PolicyExcludeMapOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutput

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutputWithContext

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyExcludeMapInput

type PolicyExcludeMapInput interface {
	pulumi.Input

	ToPolicyExcludeMapOutput() PolicyExcludeMapOutput
	ToPolicyExcludeMapOutputWithContext(context.Context) PolicyExcludeMapOutput
}

PolicyExcludeMapInput is an input type that accepts PolicyExcludeMap and PolicyExcludeMapOutput values. You can construct a concrete instance of `PolicyExcludeMapInput` via:

PolicyExcludeMap{ "key": PolicyExcludeArgs{...} }

type PolicyExcludeMapOutput

type PolicyExcludeMapOutput struct{ *pulumi.OutputState }

func (PolicyExcludeMapOutput) Accounts

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyExcludeMapOutput) ElementType

func (PolicyExcludeMapOutput) ElementType() reflect.Type

func (PolicyExcludeMapOutput) Orgunits

A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

func (PolicyExcludeMapOutput) ToPolicyExcludeMapOutput

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapOutput() PolicyExcludeMapOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapOutputWithContext

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapOutputWithContext(ctx context.Context) PolicyExcludeMapOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutput

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutputWithContext

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyExcludeMapPtrInput

type PolicyExcludeMapPtrInput interface {
	pulumi.Input

	ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput
	ToPolicyExcludeMapPtrOutputWithContext(context.Context) PolicyExcludeMapPtrOutput
}

PolicyExcludeMapPtrInput is an input type that accepts PolicyExcludeMapArgs, PolicyExcludeMapPtr and PolicyExcludeMapPtrOutput values. You can construct a concrete instance of `PolicyExcludeMapPtrInput` via:

        PolicyExcludeMapArgs{...}

or:

        nil

type PolicyExcludeMapPtrOutput

type PolicyExcludeMapPtrOutput struct{ *pulumi.OutputState }

func (PolicyExcludeMapPtrOutput) Accounts

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyExcludeMapPtrOutput) Elem

func (PolicyExcludeMapPtrOutput) ElementType

func (PolicyExcludeMapPtrOutput) ElementType() reflect.Type

func (PolicyExcludeMapPtrOutput) Orgunits

A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

func (PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutput

func (o PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutputWithContext

func (o PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyIncludeMap

type PolicyIncludeMap struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts []string `pulumi:"accounts"`
	// A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	Orgunits []string `pulumi:"orgunits"`
}

type PolicyIncludeMapArgs

type PolicyIncludeMapArgs struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts pulumi.StringArrayInput `pulumi:"accounts"`
	// A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	Orgunits pulumi.StringArrayInput `pulumi:"orgunits"`
}

func (PolicyIncludeMapArgs) ElementType

func (PolicyIncludeMapArgs) ElementType() reflect.Type

func (PolicyIncludeMapArgs) ToPolicyIncludeMapOutput

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapOutput() PolicyIncludeMapOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapOutputWithContext

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapOutputWithContext(ctx context.Context) PolicyIncludeMapOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutput

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutputWithContext

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyIncludeMapInput

type PolicyIncludeMapInput interface {
	pulumi.Input

	ToPolicyIncludeMapOutput() PolicyIncludeMapOutput
	ToPolicyIncludeMapOutputWithContext(context.Context) PolicyIncludeMapOutput
}

PolicyIncludeMapInput is an input type that accepts PolicyIncludeMap and PolicyIncludeMapOutput values. You can construct a concrete instance of `PolicyIncludeMapInput` via:

PolicyIncludeMap{ "key": PolicyIncludeArgs{...} }

type PolicyIncludeMapOutput

type PolicyIncludeMapOutput struct{ *pulumi.OutputState }

func (PolicyIncludeMapOutput) Accounts

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyIncludeMapOutput) ElementType

func (PolicyIncludeMapOutput) ElementType() reflect.Type

func (PolicyIncludeMapOutput) Orgunits

A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

func (PolicyIncludeMapOutput) ToPolicyIncludeMapOutput

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapOutput() PolicyIncludeMapOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapOutputWithContext

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapOutputWithContext(ctx context.Context) PolicyIncludeMapOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutput

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutputWithContext

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyIncludeMapPtrInput

type PolicyIncludeMapPtrInput interface {
	pulumi.Input

	ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput
	ToPolicyIncludeMapPtrOutputWithContext(context.Context) PolicyIncludeMapPtrOutput
}

PolicyIncludeMapPtrInput is an input type that accepts PolicyIncludeMapArgs, PolicyIncludeMapPtr and PolicyIncludeMapPtrOutput values. You can construct a concrete instance of `PolicyIncludeMapPtrInput` via:

        PolicyIncludeMapArgs{...}

or:

        nil

type PolicyIncludeMapPtrOutput

type PolicyIncludeMapPtrOutput struct{ *pulumi.OutputState }

func (PolicyIncludeMapPtrOutput) Accounts

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyIncludeMapPtrOutput) Elem

func (PolicyIncludeMapPtrOutput) ElementType

func (PolicyIncludeMapPtrOutput) ElementType() reflect.Type

func (PolicyIncludeMapPtrOutput) Orgunits

A list of AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

func (PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutput

func (o PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutputWithContext

func (o PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyInput

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via:

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex

func (PolicyMapOutput) ToPolicyMapOutput

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) Arn added in v5.4.0

func (PolicyOutput) DeleteAllPolicyResources added in v5.4.0

func (o PolicyOutput) DeleteAllPolicyResources() pulumi.BoolPtrOutput

If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)

func (PolicyOutput) DeleteUnusedFmManagedResources added in v5.4.0

func (o PolicyOutput) DeleteUnusedFmManagedResources() pulumi.BoolPtrOutput

If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)

func (PolicyOutput) ElementType

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) ExcludeMap added in v5.4.0

func (o PolicyOutput) ExcludeMap() PolicyExcludeMapPtrOutput

A map of lists of accounts and OU's to exclude from the policy.

func (PolicyOutput) ExcludeResourceTags added in v5.4.0

func (o PolicyOutput) ExcludeResourceTags() pulumi.BoolOutput

A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.

func (PolicyOutput) IncludeMap added in v5.4.0

func (o PolicyOutput) IncludeMap() PolicyIncludeMapPtrOutput

A map of lists of accounts and OU's to include in the policy.

func (PolicyOutput) Name added in v5.4.0

func (o PolicyOutput) Name() pulumi.StringOutput

The friendly name of the AWS Firewall Manager Policy.

func (PolicyOutput) PolicyUpdateToken added in v5.4.0

func (o PolicyOutput) PolicyUpdateToken() pulumi.StringOutput

A unique identifier for each update to the policy.

func (PolicyOutput) RemediationEnabled added in v5.4.0

func (o PolicyOutput) RemediationEnabled() pulumi.BoolPtrOutput

A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.

func (PolicyOutput) ResourceTags added in v5.4.0

func (o PolicyOutput) ResourceTags() pulumi.StringMapOutput

A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.

func (PolicyOutput) ResourceType added in v5.4.0

func (o PolicyOutput) ResourceType() pulumi.StringOutput

A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.

func (PolicyOutput) ResourceTypeLists added in v5.4.0

func (o PolicyOutput) ResourceTypeLists() pulumi.StringArrayOutput

A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.

func (PolicyOutput) SecurityServicePolicyData added in v5.4.0

func (o PolicyOutput) SecurityServicePolicyData() PolicySecurityServicePolicyDataOutput

The objects to include in Security Service Policy Data. Documented below.

func (PolicyOutput) Tags added in v5.4.0

Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level

func (PolicyOutput) TagsAll added in v5.4.0

func (o PolicyOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (PolicyOutput) ToPolicyOutput

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicySecurityServicePolicyData

type PolicySecurityServicePolicyData struct {
	// Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).
	ManagedServiceData *string `pulumi:"managedServiceData"`
	// The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).
	Type string `pulumi:"type"`
}

type PolicySecurityServicePolicyDataArgs

type PolicySecurityServicePolicyDataArgs struct {
	// Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).
	ManagedServiceData pulumi.StringPtrInput `pulumi:"managedServiceData"`
	// The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).
	Type pulumi.StringInput `pulumi:"type"`
}

func (PolicySecurityServicePolicyDataArgs) ElementType

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutput

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutputWithContext

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutput

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutputWithContext

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

type PolicySecurityServicePolicyDataInput

type PolicySecurityServicePolicyDataInput interface {
	pulumi.Input

	ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput
	ToPolicySecurityServicePolicyDataOutputWithContext(context.Context) PolicySecurityServicePolicyDataOutput
}

PolicySecurityServicePolicyDataInput is an input type that accepts PolicySecurityServicePolicyDataArgs and PolicySecurityServicePolicyDataOutput values. You can construct a concrete instance of `PolicySecurityServicePolicyDataInput` via:

PolicySecurityServicePolicyDataArgs{...}

type PolicySecurityServicePolicyDataOutput

type PolicySecurityServicePolicyDataOutput struct{ *pulumi.OutputState }

func (PolicySecurityServicePolicyDataOutput) ElementType

func (PolicySecurityServicePolicyDataOutput) ManagedServiceData

Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutput

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutputWithContext

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutput

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataOutput) Type

The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).

type PolicySecurityServicePolicyDataPtrInput

type PolicySecurityServicePolicyDataPtrInput interface {
	pulumi.Input

	ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput
	ToPolicySecurityServicePolicyDataPtrOutputWithContext(context.Context) PolicySecurityServicePolicyDataPtrOutput
}

PolicySecurityServicePolicyDataPtrInput is an input type that accepts PolicySecurityServicePolicyDataArgs, PolicySecurityServicePolicyDataPtr and PolicySecurityServicePolicyDataPtrOutput values. You can construct a concrete instance of `PolicySecurityServicePolicyDataPtrInput` via:

        PolicySecurityServicePolicyDataArgs{...}

or:

        nil

type PolicySecurityServicePolicyDataPtrOutput

type PolicySecurityServicePolicyDataPtrOutput struct{ *pulumi.OutputState }

func (PolicySecurityServicePolicyDataPtrOutput) Elem

func (PolicySecurityServicePolicyDataPtrOutput) ElementType

func (PolicySecurityServicePolicyDataPtrOutput) ManagedServiceData

Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).

func (PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutput

func (o PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext

func (o PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataPtrOutput) Type

The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).

type PolicyState

type PolicyState struct {
	Arn pulumi.StringPtrInput
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrInput
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrInput
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrInput
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolPtrInput
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrInput
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringPtrInput
	// A unique identifier for each update to the policy.
	PolicyUpdateToken pulumi.StringPtrInput
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrInput
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapInput
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringPtrInput
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayInput
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataPtrInput
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
}

func (PolicyState) ElementType

func (PolicyState) ElementType() reflect.Type

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL