Class: Aws::FMS::Types::ResourceViolation

Inherits:

Struct

• Object
• Struct
• Aws::FMS::Types::ResourceViolation

Includes:

Structure

Defined in:

lib/aws-sdk-fms/types.rb

Overview

Violation detail based on resource type.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #aws_ec2_instance_violation ⇒ Types::AwsEc2InstanceViolation

  Violation detail for an EC2 instance.

• #aws_ec2_network_interface_violation ⇒ Types::AwsEc2NetworkInterfaceViolation

  Violation detail for a network interface.

• #aws_vpc_security_group_violation ⇒ Types::AwsVPCSecurityGroupViolation

  Violation detail for security groups.

• #dns_duplicate_rule_group_violation ⇒ Types::DnsDuplicateRuleGroupViolation

  Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can’t be associated again.

• #dns_rule_group_limit_exceeded_violation ⇒ Types::DnsRuleGroupLimitExceededViolation

  Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups.

• #dns_rule_group_priority_conflict_violation ⇒ Types::DnsRuleGroupPriorityConflictViolation

  Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that’s already associated.

• #firewall_subnet_is_out_of_scope_violation ⇒ Types::FirewallSubnetIsOutOfScopeViolation

  Contains details about the firewall subnet that violates the policy scope.

• #firewall_subnet_missing_vpc_endpoint_violation ⇒ Types::FirewallSubnetMissingVPCEndpointViolation

  The violation details for a third-party firewall’s VPC endpoint subnet that was deleted.

• #invalid_network_acl_entries_violation ⇒ Types::InvalidNetworkAclEntriesViolation

  Violation detail for the entries in a network ACL resource.

• #network_firewall_black_hole_route_detected_violation ⇒ Types::NetworkFirewallBlackHoleRouteDetectedViolation

  Violation detail for an internet gateway route with an inactive state in the customer subnet route table or Network Firewall subnet route table.

• #network_firewall_internet_traffic_not_inspected_violation ⇒ Types::NetworkFirewallInternetTrafficNotInspectedViolation

  Violation detail for the subnet for which internet traffic hasn’t been inspected.

• #network_firewall_invalid_route_configuration_violation ⇒ Types::NetworkFirewallInvalidRouteConfigurationViolation

  The route configuration is invalid.

• #network_firewall_missing_expected_routes_violation ⇒ Types::NetworkFirewallMissingExpectedRoutesViolation

  Expected routes are missing from Network Firewall.

• #network_firewall_missing_expected_rt_violation ⇒ Types::NetworkFirewallMissingExpectedRTViolation

  Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

• #network_firewall_missing_firewall_violation ⇒ Types::NetworkFirewallMissingFirewallViolation

  Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

• #network_firewall_missing_subnet_violation ⇒ Types::NetworkFirewallMissingSubnetViolation

  Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

• #network_firewall_policy_modified_violation ⇒ Types::NetworkFirewallPolicyModifiedViolation

  Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant.

• #network_firewall_unexpected_firewall_routes_violation ⇒ Types::NetworkFirewallUnexpectedFirewallRoutesViolation

  There’s an unexpected firewall route.

• #network_firewall_unexpected_gateway_routes_violation ⇒ Types::NetworkFirewallUnexpectedGatewayRoutesViolation

  There’s an unexpected gateway route.

• #possible_remediation_actions ⇒ Types::PossibleRemediationActions

  A list of possible remediation action lists.

• #route_has_out_of_scope_endpoint_violation ⇒ Types::RouteHasOutOfScopeEndpointViolation

  Contains details about the route endpoint that violates the policy scope.

• #third_party_firewall_missing_expected_route_table_violation ⇒ Types::ThirdPartyFirewallMissingExpectedRouteTableViolation

  The violation details for a third-party firewall that has the Firewall Manager managed route table that was associated with the third-party firewall has been deleted.

• #third_party_firewall_missing_firewall_violation ⇒ Types::ThirdPartyFirewallMissingFirewallViolation

  The violation details for a third-party firewall that’s been deleted.

• #third_party_firewall_missing_subnet_violation ⇒ Types::ThirdPartyFirewallMissingSubnetViolation

  The violation details for a third-party firewall’s subnet that’s been deleted.

Instance Attribute Details

#aws_ec2_instance_violation ⇒ Types::AwsEc2InstanceViolation

Violation detail for an EC2 instance.

Returns:

• (Types::AwsEc2InstanceViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#aws_ec2_network_interface_violation ⇒ Types::AwsEc2NetworkInterfaceViolation

Violation detail for a network interface.

Returns:

• (Types::AwsEc2NetworkInterfaceViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#aws_vpc_security_group_violation ⇒ Types::AwsVPCSecurityGroupViolation

Violation detail for security groups.

Returns:

• (Types::AwsVPCSecurityGroupViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#dns_duplicate_rule_group_violation ⇒ Types::DnsDuplicateRuleGroupViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can’t be associated again.

Returns:

• (Types::DnsDuplicateRuleGroupViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_limit_exceeded_violation ⇒ Types::DnsRuleGroupLimitExceededViolation

Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.

Returns:

• (Types::DnsRuleGroupLimitExceededViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_priority_conflict_violation ⇒ Types::DnsRuleGroupPriorityConflictViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that’s already associated.

Returns:

• (Types::DnsRuleGroupPriorityConflictViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_subnet_is_out_of_scope_violation ⇒ Types::FirewallSubnetIsOutOfScopeViolation

Contains details about the firewall subnet that violates the policy scope.

Returns:

• (Types::FirewallSubnetIsOutOfScopeViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_subnet_missing_vpc_endpoint_violation ⇒ Types::FirewallSubnetMissingVPCEndpointViolation

The violation details for a third-party firewall’s VPC endpoint subnet that was deleted.

Returns:

• (Types::FirewallSubnetMissingVPCEndpointViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#invalid_network_acl_entries_violation ⇒ Types::InvalidNetworkAclEntriesViolation

Violation detail for the entries in a network ACL resource.

Returns:

• (Types::InvalidNetworkAclEntriesViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_black_hole_route_detected_violation ⇒ Types::NetworkFirewallBlackHoleRouteDetectedViolation

Violation detail for an internet gateway route with an inactive state in the customer subnet route table or Network Firewall subnet route table.

Returns:

• (Types::NetworkFirewallBlackHoleRouteDetectedViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_internet_traffic_not_inspected_violation ⇒ Types::NetworkFirewallInternetTrafficNotInspectedViolation

Violation detail for the subnet for which internet traffic hasn’t been inspected.

Returns:

• (Types::NetworkFirewallInternetTrafficNotInspectedViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_invalid_route_configuration_violation ⇒ Types::NetworkFirewallInvalidRouteConfigurationViolation

The route configuration is invalid.

Returns:

• (Types::NetworkFirewallInvalidRouteConfigurationViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_expected_routes_violation ⇒ Types::NetworkFirewallMissingExpectedRoutesViolation

Expected routes are missing from Network Firewall.

Returns:

• (Types::NetworkFirewallMissingExpectedRoutesViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_expected_rt_violation ⇒ Types::NetworkFirewallMissingExpectedRTViolation

Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

Returns:

• (Types::NetworkFirewallMissingExpectedRTViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_firewall_violation ⇒ Types::NetworkFirewallMissingFirewallViolation

Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

Returns:

• (Types::NetworkFirewallMissingFirewallViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_subnet_violation ⇒ Types::NetworkFirewallMissingSubnetViolation

Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

Returns:

• (Types::NetworkFirewallMissingSubnetViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_policy_modified_violation ⇒ Types::NetworkFirewallPolicyModifiedViolation

Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.

Returns:

• (Types::NetworkFirewallPolicyModifiedViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_unexpected_firewall_routes_violation ⇒ Types::NetworkFirewallUnexpectedFirewallRoutesViolation

There’s an unexpected firewall route.

Returns:

• (Types::NetworkFirewallUnexpectedFirewallRoutesViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_unexpected_gateway_routes_violation ⇒ Types::NetworkFirewallUnexpectedGatewayRoutesViolation

There’s an unexpected gateway route.

Returns:

• (Types::NetworkFirewallUnexpectedGatewayRoutesViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#possible_remediation_actions ⇒ Types::PossibleRemediationActions

A list of possible remediation action lists. Each individual possible remediation action is a list of individual remediation actions.

Returns:

• (Types::PossibleRemediationActions)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#route_has_out_of_scope_endpoint_violation ⇒ Types::RouteHasOutOfScopeEndpointViolation

Contains details about the route endpoint that violates the policy scope.

Returns:

• (Types::RouteHasOutOfScopeEndpointViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_expected_route_table_violation ⇒ Types::ThirdPartyFirewallMissingExpectedRouteTableViolation

The violation details for a third-party firewall that has the Firewall Manager managed route table that was associated with the third-party firewall has been deleted.

Returns:

• (Types::ThirdPartyFirewallMissingExpectedRouteTableViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_firewall_violation ⇒ Types::ThirdPartyFirewallMissingFirewallViolation

The violation details for a third-party firewall that’s been deleted.

Returns:

• (Types::ThirdPartyFirewallMissingFirewallViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_subnet_violation ⇒ Types::ThirdPartyFirewallMissingSubnetViolation

The violation details for a third-party firewall’s subnet that’s been deleted.

Returns:

• (Types::ThirdPartyFirewallMissingSubnetViolation)

# File 'lib/aws-sdk-fms/types.rb', line 4593

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions)
  SENSITIVE = []
  include Aws::Structure
end