Class: Aws::FMS::Types::ResourceViolation

Inherits:

Struct

• Object
• Struct
• Aws::FMS::Types::ResourceViolation

Includes:

Structure

Defined in:

lib/aws-sdk-fms/types.rb

Overview

Violation detail based on resource type.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #aws_ec2_instance_violation ⇒ Types::AwsEc2InstanceViolation

  Violation details for an EC2 instance.

• #aws_ec2_network_interface_violation ⇒ Types::AwsEc2NetworkInterfaceViolation

  Violation details for network interface.

• #aws_vpc_security_group_violation ⇒ Types::AwsVPCSecurityGroupViolation

  Violation details for security groups.

• #dns_duplicate_rule_group_violation ⇒ Types::DnsDuplicateRuleGroupViolation

  Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can’t be associated again.

• #dns_rule_group_limit_exceeded_violation ⇒ Types::DnsRuleGroupLimitExceededViolation

  Violation details for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups.

• #dns_rule_group_priority_conflict_violation ⇒ Types::DnsRuleGroupPriorityConflictViolation

  Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that’s already associated.

• #network_firewall_missing_expected_rt_violation ⇒ Types::NetworkFirewallMissingExpectedRTViolation

  Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

• #network_firewall_missing_firewall_violation ⇒ Types::NetworkFirewallMissingFirewallViolation

  Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

• #network_firewall_missing_subnet_violation ⇒ Types::NetworkFirewallMissingSubnetViolation

  Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

• #network_firewall_policy_modified_violation ⇒ Types::NetworkFirewallPolicyModifiedViolation

  Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant.

Instance Attribute Details

#aws_ec2_instance_violation ⇒ Types::AwsEc2InstanceViolation

Violation details for an EC2 instance.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#aws_ec2_network_interface_violation ⇒ Types::AwsEc2NetworkInterfaceViolation

Violation details for network interface.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#aws_vpc_security_group_violation ⇒ Types::AwsVPCSecurityGroupViolation

Violation details for security groups.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_duplicate_rule_group_violation ⇒ Types::DnsDuplicateRuleGroupViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can’t be associated again.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_limit_exceeded_violation ⇒ Types::DnsRuleGroupLimitExceededViolation

Violation details for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_priority_conflict_violation ⇒ Types::DnsRuleGroupPriorityConflictViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that’s already associated.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_expected_rt_violation ⇒ Types::NetworkFirewallMissingExpectedRTViolation

Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_firewall_violation ⇒ Types::NetworkFirewallMissingFirewallViolation

Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_subnet_violation ⇒ Types::NetworkFirewallMissingSubnetViolation

Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_policy_modified_violation ⇒ Types::NetworkFirewallPolicyModifiedViolation

Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.

# File 'lib/aws-sdk-fms/types.rb', line 2276

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation)
  SENSITIVE = []
  include Aws::Structure
end