fms

package
v5.43.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 21, 2023 License: Apache-2.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type AdminAccount 

type AdminAccount struct {
	pulumi.CustomResourceState

	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringOutput `pulumi:"accountId"`
}

Provides a resource to associate/disassociate an AWS Firewall Manager administrator account. This operation must be performed in the `us-east-1` region.

## Example Usage

```go package main

import ( 

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/fms"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := fms.NewAdminAccount(ctx, "example", nil)
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Firewall Manager administrator account association can be imported using the account ID, e.g.,

```sh 

$ pulumi import aws:fms/adminAccount:AdminAccount example 123456789012

```

func GetAdminAccount 

func GetAdminAccount(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *AdminAccountState, opts ...pulumi.ResourceOption) (*AdminAccount, error)

GetAdminAccount gets an existing AdminAccount resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewAdminAccount 

func NewAdminAccount(ctx *pulumi.Context,
	name string, args *AdminAccountArgs, opts ...pulumi.ResourceOption) (*AdminAccount, error)

NewAdminAccount registers a new resource with the given unique name, arguments, and options.

func (*AdminAccount) ElementType 

func (*AdminAccount) ElementType() reflect.Type

func (*AdminAccount) ToAdminAccountOutput 

func (i *AdminAccount) ToAdminAccountOutput() AdminAccountOutput

func (*AdminAccount) ToAdminAccountOutputWithContext 

func (i *AdminAccount) ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput

type AdminAccountArgs 

type AdminAccountArgs struct {
	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringPtrInput
}

The set of arguments for constructing a AdminAccount resource.

func (AdminAccountArgs) ElementType 

func (AdminAccountArgs) ElementType() reflect.Type

type AdminAccountArray 

type AdminAccountArray []AdminAccountInput

func (AdminAccountArray) ElementType 

func (AdminAccountArray) ElementType() reflect.Type

func (AdminAccountArray) ToAdminAccountArrayOutput 

func (i AdminAccountArray) ToAdminAccountArrayOutput() AdminAccountArrayOutput

func (AdminAccountArray) ToAdminAccountArrayOutputWithContext 

func (i AdminAccountArray) ToAdminAccountArrayOutputWithContext(ctx context.Context) AdminAccountArrayOutput

type AdminAccountArrayInput 

type AdminAccountArrayInput interface {
	pulumi.Input

	ToAdminAccountArrayOutput() AdminAccountArrayOutput
	ToAdminAccountArrayOutputWithContext(context.Context) AdminAccountArrayOutput
}

AdminAccountArrayInput is an input type that accepts AdminAccountArray and AdminAccountArrayOutput values. You can construct a concrete instance of `AdminAccountArrayInput` via: 

AdminAccountArray{ AdminAccountArgs{...} }

type AdminAccountArrayOutput 

type AdminAccountArrayOutput struct{ *pulumi.OutputState }

func (AdminAccountArrayOutput) ElementType 

func (AdminAccountArrayOutput) ElementType() reflect.Type

func (AdminAccountArrayOutput) Index 

func (o AdminAccountArrayOutput) Index(i pulumi.IntInput) AdminAccountOutput

func (AdminAccountArrayOutput) ToAdminAccountArrayOutput 

func (o AdminAccountArrayOutput) ToAdminAccountArrayOutput() AdminAccountArrayOutput

func (AdminAccountArrayOutput) ToAdminAccountArrayOutputWithContext 

func (o AdminAccountArrayOutput) ToAdminAccountArrayOutputWithContext(ctx context.Context) AdminAccountArrayOutput

type AdminAccountInput 

type AdminAccountInput interface {
	pulumi.Input

	ToAdminAccountOutput() AdminAccountOutput
	ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput
}

type AdminAccountMap 

type AdminAccountMap map[string]AdminAccountInput

func (AdminAccountMap) ElementType 

func (AdminAccountMap) ElementType() reflect.Type

func (AdminAccountMap) ToAdminAccountMapOutput 

func (i AdminAccountMap) ToAdminAccountMapOutput() AdminAccountMapOutput

func (AdminAccountMap) ToAdminAccountMapOutputWithContext 

func (i AdminAccountMap) ToAdminAccountMapOutputWithContext(ctx context.Context) AdminAccountMapOutput

type AdminAccountMapInput 

type AdminAccountMapInput interface {
	pulumi.Input

	ToAdminAccountMapOutput() AdminAccountMapOutput
	ToAdminAccountMapOutputWithContext(context.Context) AdminAccountMapOutput
}

AdminAccountMapInput is an input type that accepts AdminAccountMap and AdminAccountMapOutput values. You can construct a concrete instance of `AdminAccountMapInput` via: 

AdminAccountMap{ "key": AdminAccountArgs{...} }

type AdminAccountMapOutput 

type AdminAccountMapOutput struct{ *pulumi.OutputState }

func (AdminAccountMapOutput) ElementType 

func (AdminAccountMapOutput) ElementType() reflect.Type

func (AdminAccountMapOutput) MapIndex 

func (o AdminAccountMapOutput) MapIndex(k pulumi.StringInput) AdminAccountOutput

func (AdminAccountMapOutput) ToAdminAccountMapOutput 

func (o AdminAccountMapOutput) ToAdminAccountMapOutput() AdminAccountMapOutput

func (AdminAccountMapOutput) ToAdminAccountMapOutputWithContext 

func (o AdminAccountMapOutput) ToAdminAccountMapOutputWithContext(ctx context.Context) AdminAccountMapOutput

type AdminAccountOutput 

type AdminAccountOutput struct{ *pulumi.OutputState }

func (AdminAccountOutput) AccountId added in v5.4.0 

func (o AdminAccountOutput) AccountId() pulumi.StringOutput

The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.

func (AdminAccountOutput) ElementType 

func (AdminAccountOutput) ElementType() reflect.Type

func (AdminAccountOutput) ToAdminAccountOutput 

func (o AdminAccountOutput) ToAdminAccountOutput() AdminAccountOutput

func (AdminAccountOutput) ToAdminAccountOutputWithContext 

func (o AdminAccountOutput) ToAdminAccountOutputWithContext(ctx context.Context) AdminAccountOutput

type AdminAccountState 

type AdminAccountState struct {
	// The AWS account ID to associate with AWS Firewall Manager as the AWS Firewall Manager administrator account. This can be an AWS Organizations master account or a member account. Defaults to the current account. Must be configured to perform drift detection.
	AccountId pulumi.StringPtrInput
}

func (AdminAccountState) ElementType 

func (AdminAccountState) ElementType() reflect.Type

type Policy 

type Policy struct {
	pulumi.CustomResourceState

	Arn pulumi.StringOutput `pulumi:"arn"`
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrOutput `pulumi:"deleteAllPolicyResources"`
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrOutput `pulumi:"deleteUnusedFmManagedResources"`
	// The description of the AWS Network Firewall firewall policy.
	Description pulumi.StringPtrOutput `pulumi:"description"`
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrOutput `pulumi:"excludeMap"`
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolOutput `pulumi:"excludeResourceTags"`
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrOutput `pulumi:"includeMap"`
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringOutput `pulumi:"name"`
	// A unique identifier for each update to the policy.
	PolicyUpdateToken pulumi.StringOutput `pulumi:"policyUpdateToken"`
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrOutput `pulumi:"remediationEnabled"`
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapOutput `pulumi:"resourceTags"`
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringOutput `pulumi:"resourceType"`
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayOutput `pulumi:"resourceTypeLists"`
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataOutput `pulumi:"securityServicePolicyData"`
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapOutput `pulumi:"tags"`
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapOutput `pulumi:"tagsAll"`
}

Provides a resource to create an AWS Firewall Manager policy. You need to be using AWS organizations and have enabled the Firewall Manager administrator account.

## Example Usage

```go package main

import ( 

"encoding/json"

"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/fms"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/wafregional"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"

) 

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		exampleRuleGroup, err := wafregional.NewRuleGroup(ctx, "exampleRuleGroup", &wafregional.RuleGroupArgs{
			MetricName: pulumi.String("WAFRuleGroupExample"),
		})
		if err != nil {
			return err
		}
		_, err = fms.NewPolicy(ctx, "examplePolicy", &fms.PolicyArgs{
			ExcludeResourceTags: pulumi.Bool(false),
			RemediationEnabled:  pulumi.Bool(false),
			ResourceType:        pulumi.String("AWS::ElasticLoadBalancingV2::LoadBalancer"),
			SecurityServicePolicyData: &fms.PolicySecurityServicePolicyDataArgs{
				Type: pulumi.String("WAF"),
				ManagedServiceData: exampleRuleGroup.ID().ApplyT(func(id string) (pulumi.String, error) {
					var _zero pulumi.String
					tmpJSON0, err := json.Marshal(map[string]interface{}{
						"type": "WAF",
						"ruleGroups": []map[string]interface{}{
							map[string]interface{}{
								"id": id,
								"overrideAction": map[string]interface{}{
									"type": "COUNT",
								},
							},
						},
						"defaultAction": map[string]interface{}{
							"type": "BLOCK",
						},
						"overrideCustomerWebACLAssociation": false,
					})
					if err != nil {
						return _zero, err
					}
					json0 := string(tmpJSON0)
					return pulumi.String(json0), nil
				}).(pulumi.StringOutput),
			},
			Tags: pulumi.StringMap{
				"Name": pulumi.String("example-fms-policy"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

```

## Import

Firewall Manager policies can be imported using the policy ID, e.g.,

```sh 

$ pulumi import aws:fms/policy:Policy example 5be49585-a7e3-4c49-dde1-a179fe4a619a

```

func GetPolicy 

func GetPolicy(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *PolicyState, opts ...pulumi.ResourceOption) (*Policy, error)

GetPolicy gets an existing Policy resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewPolicy 

func NewPolicy(ctx *pulumi.Context,
	name string, args *PolicyArgs, opts ...pulumi.ResourceOption) (*Policy, error)

NewPolicy registers a new resource with the given unique name, arguments, and options.

func (*Policy) ElementType 

func (*Policy) ElementType() reflect.Type

func (*Policy) ToPolicyOutput 

func (i *Policy) ToPolicyOutput() PolicyOutput

func (*Policy) ToPolicyOutputWithContext 

func (i *Policy) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicyArgs 

type PolicyArgs struct {
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrInput
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrInput
	// The description of the AWS Network Firewall firewall policy.
	Description pulumi.StringPtrInput
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrInput
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolInput
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrInput
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringPtrInput
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrInput
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapInput
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringPtrInput
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayInput
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataInput
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapInput
}

The set of arguments for constructing a Policy resource.

func (PolicyArgs) ElementType 

func (PolicyArgs) ElementType() reflect.Type

type PolicyArray 

type PolicyArray []PolicyInput

func (PolicyArray) ElementType 

func (PolicyArray) ElementType() reflect.Type

func (PolicyArray) ToPolicyArrayOutput 

func (i PolicyArray) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArray) ToPolicyArrayOutputWithContext 

func (i PolicyArray) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyArrayInput 

type PolicyArrayInput interface {
	pulumi.Input

	ToPolicyArrayOutput() PolicyArrayOutput
	ToPolicyArrayOutputWithContext(context.Context) PolicyArrayOutput
}

PolicyArrayInput is an input type that accepts PolicyArray and PolicyArrayOutput values. You can construct a concrete instance of `PolicyArrayInput` via: 

PolicyArray{ PolicyArgs{...} }

type PolicyArrayOutput 

type PolicyArrayOutput struct{ *pulumi.OutputState }

func (PolicyArrayOutput) ElementType 

func (PolicyArrayOutput) ElementType() reflect.Type

func (PolicyArrayOutput) Index 

func (o PolicyArrayOutput) Index(i pulumi.IntInput) PolicyOutput

func (PolicyArrayOutput) ToPolicyArrayOutput 

func (o PolicyArrayOutput) ToPolicyArrayOutput() PolicyArrayOutput

func (PolicyArrayOutput) ToPolicyArrayOutputWithContext 

func (o PolicyArrayOutput) ToPolicyArrayOutputWithContext(ctx context.Context) PolicyArrayOutput

type PolicyExcludeMap 

type PolicyExcludeMap struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts []string `pulumi:"accounts"`
	// A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	//
	// You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.
	Orgunits []string `pulumi:"orgunits"`
}

type PolicyExcludeMapArgs 

type PolicyExcludeMapArgs struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts pulumi.StringArrayInput `pulumi:"accounts"`
	// A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	//
	// You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.
	Orgunits pulumi.StringArrayInput `pulumi:"orgunits"`
}

func (PolicyExcludeMapArgs) ElementType 

func (PolicyExcludeMapArgs) ElementType() reflect.Type

func (PolicyExcludeMapArgs) ToPolicyExcludeMapOutput 

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapOutput() PolicyExcludeMapOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapOutputWithContext 

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapOutputWithContext(ctx context.Context) PolicyExcludeMapOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutput 

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutputWithContext 

func (i PolicyExcludeMapArgs) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyExcludeMapInput 

type PolicyExcludeMapInput interface {
	pulumi.Input

	ToPolicyExcludeMapOutput() PolicyExcludeMapOutput
	ToPolicyExcludeMapOutputWithContext(context.Context) PolicyExcludeMapOutput
}

PolicyExcludeMapInput is an input type that accepts PolicyExcludeMap and PolicyExcludeMapOutput values. You can construct a concrete instance of `PolicyExcludeMapInput` via: 

PolicyExcludeMap{ "key": PolicyExcludeArgs{...} }

type PolicyExcludeMapOutput 

type PolicyExcludeMapOutput struct{ *pulumi.OutputState }

func (PolicyExcludeMapOutput) Accounts 

func (o PolicyExcludeMapOutput) Accounts() pulumi.StringArrayOutput

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyExcludeMapOutput) ElementType 

func (PolicyExcludeMapOutput) ElementType() reflect.Type

func (PolicyExcludeMapOutput) Orgunits 

func (o PolicyExcludeMapOutput) Orgunits() pulumi.StringArrayOutput

A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.

func (PolicyExcludeMapOutput) ToPolicyExcludeMapOutput 

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapOutput() PolicyExcludeMapOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapOutputWithContext 

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapOutputWithContext(ctx context.Context) PolicyExcludeMapOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutput 

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutputWithContext 

func (o PolicyExcludeMapOutput) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyExcludeMapPtrInput 

type PolicyExcludeMapPtrInput interface {
	pulumi.Input

	ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput
	ToPolicyExcludeMapPtrOutputWithContext(context.Context) PolicyExcludeMapPtrOutput
}

PolicyExcludeMapPtrInput is an input type that accepts PolicyExcludeMapArgs, PolicyExcludeMapPtr and PolicyExcludeMapPtrOutput values. You can construct a concrete instance of `PolicyExcludeMapPtrInput` via: 

        PolicyExcludeMapArgs{...}

or:

        nil

func PolicyExcludeMapPtr 

func PolicyExcludeMapPtr(v *PolicyExcludeMapArgs) PolicyExcludeMapPtrInput

type PolicyExcludeMapPtrOutput 

type PolicyExcludeMapPtrOutput struct{ *pulumi.OutputState }

func (PolicyExcludeMapPtrOutput) Accounts 

func (o PolicyExcludeMapPtrOutput) Accounts() pulumi.StringArrayOutput

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyExcludeMapPtrOutput) Elem 

func (o PolicyExcludeMapPtrOutput) Elem() PolicyExcludeMapOutput

func (PolicyExcludeMapPtrOutput) ElementType 

func (PolicyExcludeMapPtrOutput) ElementType() reflect.Type

func (PolicyExcludeMapPtrOutput) Orgunits 

func (o PolicyExcludeMapPtrOutput) Orgunits() pulumi.StringArrayOutput

A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.

func (PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutput 

func (o PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutput() PolicyExcludeMapPtrOutput

func (PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutputWithContext 

func (o PolicyExcludeMapPtrOutput) ToPolicyExcludeMapPtrOutputWithContext(ctx context.Context) PolicyExcludeMapPtrOutput

type PolicyIncludeMap 

type PolicyIncludeMap struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts []string `pulumi:"accounts"`
	// A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	//
	// You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.
	Orgunits []string `pulumi:"orgunits"`
}

type PolicyIncludeMapArgs 

type PolicyIncludeMapArgs struct {
	// A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.
	Accounts pulumi.StringArrayInput `pulumi:"accounts"`
	// A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.
	//
	// You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.
	Orgunits pulumi.StringArrayInput `pulumi:"orgunits"`
}

func (PolicyIncludeMapArgs) ElementType 

func (PolicyIncludeMapArgs) ElementType() reflect.Type

func (PolicyIncludeMapArgs) ToPolicyIncludeMapOutput 

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapOutput() PolicyIncludeMapOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapOutputWithContext 

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapOutputWithContext(ctx context.Context) PolicyIncludeMapOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutput 

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutputWithContext 

func (i PolicyIncludeMapArgs) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyIncludeMapInput 

type PolicyIncludeMapInput interface {
	pulumi.Input

	ToPolicyIncludeMapOutput() PolicyIncludeMapOutput
	ToPolicyIncludeMapOutputWithContext(context.Context) PolicyIncludeMapOutput
}

PolicyIncludeMapInput is an input type that accepts PolicyIncludeMap and PolicyIncludeMapOutput values. You can construct a concrete instance of `PolicyIncludeMapInput` via: 

PolicyIncludeMap{ "key": PolicyIncludeArgs{...} }

type PolicyIncludeMapOutput 

type PolicyIncludeMapOutput struct{ *pulumi.OutputState }

func (PolicyIncludeMapOutput) Accounts 

func (o PolicyIncludeMapOutput) Accounts() pulumi.StringArrayOutput

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyIncludeMapOutput) ElementType 

func (PolicyIncludeMapOutput) ElementType() reflect.Type

func (PolicyIncludeMapOutput) Orgunits 

func (o PolicyIncludeMapOutput) Orgunits() pulumi.StringArrayOutput

A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.

func (PolicyIncludeMapOutput) ToPolicyIncludeMapOutput 

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapOutput() PolicyIncludeMapOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapOutputWithContext 

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapOutputWithContext(ctx context.Context) PolicyIncludeMapOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutput 

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutputWithContext 

func (o PolicyIncludeMapOutput) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyIncludeMapPtrInput 

type PolicyIncludeMapPtrInput interface {
	pulumi.Input

	ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput
	ToPolicyIncludeMapPtrOutputWithContext(context.Context) PolicyIncludeMapPtrOutput
}

PolicyIncludeMapPtrInput is an input type that accepts PolicyIncludeMapArgs, PolicyIncludeMapPtr and PolicyIncludeMapPtrOutput values. You can construct a concrete instance of `PolicyIncludeMapPtrInput` via: 

        PolicyIncludeMapArgs{...}

or:

        nil

func PolicyIncludeMapPtr 

func PolicyIncludeMapPtr(v *PolicyIncludeMapArgs) PolicyIncludeMapPtrInput

type PolicyIncludeMapPtrOutput 

type PolicyIncludeMapPtrOutput struct{ *pulumi.OutputState }

func (PolicyIncludeMapPtrOutput) Accounts 

func (o PolicyIncludeMapPtrOutput) Accounts() pulumi.StringArrayOutput

A list of AWS Organization member Accounts that you want to include for this AWS FMS Policy.

func (PolicyIncludeMapPtrOutput) Elem 

func (o PolicyIncludeMapPtrOutput) Elem() PolicyIncludeMapOutput

func (PolicyIncludeMapPtrOutput) ElementType 

func (PolicyIncludeMapPtrOutput) ElementType() reflect.Type

func (PolicyIncludeMapPtrOutput) Orgunits 

func (o PolicyIncludeMapPtrOutput) Orgunits() pulumi.StringArrayOutput

A list of IDs of the AWS Organizational Units that you want to include for this AWS FMS Policy. Specifying an OU is the equivalent of specifying all accounts in the OU and in any of its child OUs, including any child OUs and accounts that are added at a later time.

You can specify inclusions or exclusions, but not both. If you specify an `includeMap`, AWS Firewall Manager applies the policy to all accounts specified by the `includeMap`, and does not evaluate any `excludeMap` specifications. If you do not specify an `includeMap`, then Firewall Manager applies the policy to all accounts except for those specified by the `excludeMap`.

func (PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutput 

func (o PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutput() PolicyIncludeMapPtrOutput

func (PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutputWithContext 

func (o PolicyIncludeMapPtrOutput) ToPolicyIncludeMapPtrOutputWithContext(ctx context.Context) PolicyIncludeMapPtrOutput

type PolicyInput 

type PolicyInput interface {
	pulumi.Input

	ToPolicyOutput() PolicyOutput
	ToPolicyOutputWithContext(ctx context.Context) PolicyOutput
}

type PolicyMap 

type PolicyMap map[string]PolicyInput

func (PolicyMap) ElementType 

func (PolicyMap) ElementType() reflect.Type

func (PolicyMap) ToPolicyMapOutput 

func (i PolicyMap) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMap) ToPolicyMapOutputWithContext 

func (i PolicyMap) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyMapInput 

type PolicyMapInput interface {
	pulumi.Input

	ToPolicyMapOutput() PolicyMapOutput
	ToPolicyMapOutputWithContext(context.Context) PolicyMapOutput
}

PolicyMapInput is an input type that accepts PolicyMap and PolicyMapOutput values. You can construct a concrete instance of `PolicyMapInput` via: 

PolicyMap{ "key": PolicyArgs{...} }

type PolicyMapOutput 

type PolicyMapOutput struct{ *pulumi.OutputState }

func (PolicyMapOutput) ElementType 

func (PolicyMapOutput) ElementType() reflect.Type

func (PolicyMapOutput) MapIndex 

func (o PolicyMapOutput) MapIndex(k pulumi.StringInput) PolicyOutput

func (PolicyMapOutput) ToPolicyMapOutput 

func (o PolicyMapOutput) ToPolicyMapOutput() PolicyMapOutput

func (PolicyMapOutput) ToPolicyMapOutputWithContext 

func (o PolicyMapOutput) ToPolicyMapOutputWithContext(ctx context.Context) PolicyMapOutput

type PolicyOutput 

type PolicyOutput struct{ *pulumi.OutputState }

func (PolicyOutput) Arn added in v5.4.0 

func (o PolicyOutput) Arn() pulumi.StringOutput

func (PolicyOutput) DeleteAllPolicyResources added in v5.4.0 

func (o PolicyOutput) DeleteAllPolicyResources() pulumi.BoolPtrOutput

If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)

func (PolicyOutput) DeleteUnusedFmManagedResources added in v5.4.0 

func (o PolicyOutput) DeleteUnusedFmManagedResources() pulumi.BoolPtrOutput

If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)

func (PolicyOutput) Description added in v5.33.0 

func (o PolicyOutput) Description() pulumi.StringPtrOutput

The description of the AWS Network Firewall firewall policy.

func (PolicyOutput) ElementType 

func (PolicyOutput) ElementType() reflect.Type

func (PolicyOutput) ExcludeMap added in v5.4.0 

func (o PolicyOutput) ExcludeMap() PolicyExcludeMapPtrOutput

A map of lists of accounts and OU's to exclude from the policy.

func (PolicyOutput) ExcludeResourceTags added in v5.4.0 

func (o PolicyOutput) ExcludeResourceTags() pulumi.BoolOutput

A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.

func (PolicyOutput) IncludeMap added in v5.4.0 

func (o PolicyOutput) IncludeMap() PolicyIncludeMapPtrOutput

A map of lists of accounts and OU's to include in the policy.

func (PolicyOutput) Name added in v5.4.0 

func (o PolicyOutput) Name() pulumi.StringOutput

The friendly name of the AWS Firewall Manager Policy.

func (PolicyOutput) PolicyUpdateToken added in v5.4.0 

func (o PolicyOutput) PolicyUpdateToken() pulumi.StringOutput

A unique identifier for each update to the policy.

func (PolicyOutput) RemediationEnabled added in v5.4.0 

func (o PolicyOutput) RemediationEnabled() pulumi.BoolPtrOutput

A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.

func (PolicyOutput) ResourceTags added in v5.4.0 

func (o PolicyOutput) ResourceTags() pulumi.StringMapOutput

A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.

func (PolicyOutput) ResourceType added in v5.4.0 

func (o PolicyOutput) ResourceType() pulumi.StringOutput

A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.

func (PolicyOutput) ResourceTypeLists added in v5.4.0 

func (o PolicyOutput) ResourceTypeLists() pulumi.StringArrayOutput

A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.

func (PolicyOutput) SecurityServicePolicyData added in v5.4.0 

func (o PolicyOutput) SecurityServicePolicyData() PolicySecurityServicePolicyDataOutput

The objects to include in Security Service Policy Data. Documented below.

func (PolicyOutput) Tags added in v5.4.0 

func (o PolicyOutput) Tags() pulumi.StringMapOutput

Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level

func (PolicyOutput) TagsAll added in v5.4.0 

func (o PolicyOutput) TagsAll() pulumi.StringMapOutput

A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.

func (PolicyOutput) ToPolicyOutput 

func (o PolicyOutput) ToPolicyOutput() PolicyOutput

func (PolicyOutput) ToPolicyOutputWithContext 

func (o PolicyOutput) ToPolicyOutputWithContext(ctx context.Context) PolicyOutput

type PolicySecurityServicePolicyData 

type PolicySecurityServicePolicyData struct {
	// Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).
	ManagedServiceData *string `pulumi:"managedServiceData"`
	// The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).
	Type string `pulumi:"type"`
}

type PolicySecurityServicePolicyDataArgs 

type PolicySecurityServicePolicyDataArgs struct {
	// Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).
	ManagedServiceData pulumi.StringPtrInput `pulumi:"managedServiceData"`
	// The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).
	Type pulumi.StringInput `pulumi:"type"`
}

func (PolicySecurityServicePolicyDataArgs) ElementType 

func (PolicySecurityServicePolicyDataArgs) ElementType() reflect.Type

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutput 

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutputWithContext 

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutput 

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutputWithContext 

func (i PolicySecurityServicePolicyDataArgs) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

type PolicySecurityServicePolicyDataInput 

type PolicySecurityServicePolicyDataInput interface {
	pulumi.Input

	ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput
	ToPolicySecurityServicePolicyDataOutputWithContext(context.Context) PolicySecurityServicePolicyDataOutput
}

PolicySecurityServicePolicyDataInput is an input type that accepts PolicySecurityServicePolicyDataArgs and PolicySecurityServicePolicyDataOutput values. You can construct a concrete instance of `PolicySecurityServicePolicyDataInput` via: 

PolicySecurityServicePolicyDataArgs{...}

type PolicySecurityServicePolicyDataOutput 

type PolicySecurityServicePolicyDataOutput struct{ *pulumi.OutputState }

func (PolicySecurityServicePolicyDataOutput) ElementType 

func (PolicySecurityServicePolicyDataOutput) ElementType() reflect.Type

func (PolicySecurityServicePolicyDataOutput) ManagedServiceData 

func (o PolicySecurityServicePolicyDataOutput) ManagedServiceData() pulumi.StringPtrOutput

Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutput 

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutput() PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutputWithContext 

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutput 

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext 

func (o PolicySecurityServicePolicyDataOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataOutput) Type 

func (o PolicySecurityServicePolicyDataOutput) Type() pulumi.StringOutput

The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).

type PolicySecurityServicePolicyDataPtrInput 

type PolicySecurityServicePolicyDataPtrInput interface {
	pulumi.Input

	ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput
	ToPolicySecurityServicePolicyDataPtrOutputWithContext(context.Context) PolicySecurityServicePolicyDataPtrOutput
}

PolicySecurityServicePolicyDataPtrInput is an input type that accepts PolicySecurityServicePolicyDataArgs, PolicySecurityServicePolicyDataPtr and PolicySecurityServicePolicyDataPtrOutput values. You can construct a concrete instance of `PolicySecurityServicePolicyDataPtrInput` via: 

        PolicySecurityServicePolicyDataArgs{...}

or:

        nil

func PolicySecurityServicePolicyDataPtr 

func PolicySecurityServicePolicyDataPtr(v *PolicySecurityServicePolicyDataArgs) PolicySecurityServicePolicyDataPtrInput

type PolicySecurityServicePolicyDataPtrOutput 

type PolicySecurityServicePolicyDataPtrOutput struct{ *pulumi.OutputState }

func (PolicySecurityServicePolicyDataPtrOutput) Elem 

func (o PolicySecurityServicePolicyDataPtrOutput) Elem() PolicySecurityServicePolicyDataOutput

func (PolicySecurityServicePolicyDataPtrOutput) ElementType 

func (PolicySecurityServicePolicyDataPtrOutput) ElementType() reflect.Type

func (PolicySecurityServicePolicyDataPtrOutput) ManagedServiceData 

func (o PolicySecurityServicePolicyDataPtrOutput) ManagedServiceData() pulumi.StringPtrOutput

Details about the service that are specific to the service type, in JSON format. For service type `SHIELD_ADVANCED`, this is an empty string. Examples depending on `type` can be found in the [AWS Firewall Manager SecurityServicePolicyData API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html).

func (PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutput 

func (o PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutput() PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext 

func (o PolicySecurityServicePolicyDataPtrOutput) ToPolicySecurityServicePolicyDataPtrOutputWithContext(ctx context.Context) PolicySecurityServicePolicyDataPtrOutput

func (PolicySecurityServicePolicyDataPtrOutput) Type 

func (o PolicySecurityServicePolicyDataPtrOutput) Type() pulumi.StringPtrOutput

The service that the policy is using to protect the resources. For the current list of supported types, please refer to the [AWS Firewall Manager SecurityServicePolicyData API Type Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_SecurityServicePolicyData.html#fms-Type-SecurityServicePolicyData-Type).

type PolicyState 

type PolicyState struct {
	Arn pulumi.StringPtrInput
	// If true, the request will also perform a clean-up process. Defaults to `true`. More information can be found here [AWS Firewall Manager delete policy](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_DeletePolicy.html)
	DeleteAllPolicyResources pulumi.BoolPtrInput
	// If true, Firewall Manager will automatically remove protections from resources that leave the policy scope. Defaults to `false`. More information can be found here [AWS Firewall Manager policy contents](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html)
	DeleteUnusedFmManagedResources pulumi.BoolPtrInput
	// The description of the AWS Network Firewall firewall policy.
	Description pulumi.StringPtrInput
	// A map of lists of accounts and OU's to exclude from the policy.
	ExcludeMap PolicyExcludeMapPtrInput
	// A boolean value, if true the tags that are specified in the `resourceTags` are not protected by this policy. If set to false and resourceTags are populated, resources that contain tags will be protected by this policy.
	ExcludeResourceTags pulumi.BoolPtrInput
	// A map of lists of accounts and OU's to include in the policy.
	IncludeMap PolicyIncludeMapPtrInput
	// The friendly name of the AWS Firewall Manager Policy.
	Name pulumi.StringPtrInput
	// A unique identifier for each update to the policy.
	PolicyUpdateToken pulumi.StringPtrInput
	// A boolean value, indicates if the policy should automatically applied to resources that already exist in the account.
	RemediationEnabled pulumi.BoolPtrInput
	// A map of resource tags, that if present will filter protections on resources based on the exclude_resource_tags.
	ResourceTags pulumi.StringMapInput
	// A resource type to protect. Conflicts with `resourceTypeList`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values.
	ResourceType pulumi.StringPtrInput
	// A list of resource types to protect. Conflicts with `resourceType`. See the [FMS API Reference](https://docs.aws.amazon.com/fms/2018-01-01/APIReference/API_Policy.html#fms-Type-Policy-ResourceType) for more information about supported values. Lists with only one element are not supported, instead use `resourceType`.
	ResourceTypeLists pulumi.StringArrayInput
	// The objects to include in Security Service Policy Data. Documented below.
	SecurityServicePolicyData PolicySecurityServicePolicyDataPtrInput
	// Key-value mapping of resource tags. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level
	Tags pulumi.StringMapInput
	// A map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block.
	TagsAll pulumi.StringMapInput
}

func (PolicyState) ElementType 

func (PolicyState) ElementType() reflect.Type

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.