Class: Aws::FMS::Types::ResourceViolation

Inherits:
Struct
  • Object
show all
Includes:
Structure
Defined in:
lib/aws-sdk-fms/types.rb

Overview

Violation detail based on resource type.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#aws_ec2_instance_violationTypes::AwsEc2InstanceViolation

Violation detail for an EC2 instance.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#aws_ec2_network_interface_violationTypes::AwsEc2NetworkInterfaceViolation

Violation detail for a network interface.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#aws_vpc_security_group_violationTypes::AwsVPCSecurityGroupViolation

Violation detail for security groups.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_duplicate_rule_group_violationTypes::DnsDuplicateRuleGroupViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can’t be associated again.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_limit_exceeded_violationTypes::DnsRuleGroupLimitExceededViolation

Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#dns_rule_group_priority_conflict_violationTypes::DnsRuleGroupPriorityConflictViolation

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that’s already associated.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_subnet_is_out_of_scope_violationTypes::FirewallSubnetIsOutOfScopeViolation

Contains details about the firewall subnet that violates the policy scope.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#firewall_subnet_missing_vpc_endpoint_violationTypes::FirewallSubnetMissingVPCEndpointViolation

The violation details for a third-party firewall’s VPC endpoint subnet that was deleted.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#invalid_network_acl_entries_violationTypes::InvalidNetworkAclEntriesViolation

Violation detail for the entries in a network ACL resource.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_black_hole_route_detected_violationTypes::NetworkFirewallBlackHoleRouteDetectedViolation

Violation detail for an internet gateway route with an inactive state in the customer subnet route table or Network Firewall subnet route table.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_internet_traffic_not_inspected_violationTypes::NetworkFirewallInternetTrafficNotInspectedViolation

Violation detail for the subnet for which internet traffic hasn’t been inspected.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_invalid_route_configuration_violationTypes::NetworkFirewallInvalidRouteConfigurationViolation

The route configuration is invalid.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_expected_routes_violationTypes::NetworkFirewallMissingExpectedRoutesViolation

Expected routes are missing from Network Firewall.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_expected_rt_violationTypes::NetworkFirewallMissingExpectedRTViolation

Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_firewall_violationTypes::NetworkFirewallMissingFirewallViolation

Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_missing_subnet_violationTypes::NetworkFirewallMissingSubnetViolation

Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_policy_modified_violationTypes::NetworkFirewallPolicyModifiedViolation

Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_unexpected_firewall_routes_violationTypes::NetworkFirewallUnexpectedFirewallRoutesViolation

There’s an unexpected firewall route.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#network_firewall_unexpected_gateway_routes_violationTypes::NetworkFirewallUnexpectedGatewayRoutesViolation

There’s an unexpected gateway route.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#possible_remediation_actionsTypes::PossibleRemediationActions

A list of possible remediation action lists. Each individual possible remediation action is a list of individual remediation actions.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#route_has_out_of_scope_endpoint_violationTypes::RouteHasOutOfScopeEndpointViolation

Contains details about the route endpoint that violates the policy scope.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_expected_route_table_violationTypes::ThirdPartyFirewallMissingExpectedRouteTableViolation

The violation details for a third-party firewall that has the Firewall Manager managed route table that was associated with the third-party firewall has been deleted.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_firewall_violationTypes::ThirdPartyFirewallMissingFirewallViolation

The violation details for a third-party firewall that’s been deleted.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#third_party_firewall_missing_subnet_violationTypes::ThirdPartyFirewallMissingSubnetViolation

The violation details for a third-party firewall’s subnet that’s been deleted.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#web_acl_has_incompatible_configuration_violationTypes::WebACLHasIncompatibleConfigurationViolation

The violation details for a web ACL whose configuration is incompatible with the Firewall Manager policy.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end

#web_acl_has_out_of_scope_resources_violationTypes::WebACLHasOutOfScopeResourcesViolation

The violation details for a web ACL that’s associated with at least one resource that’s out of scope of the Firewall Manager policy.



4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
# File 'lib/aws-sdk-fms/types.rb', line 4603

class ResourceViolation < Struct.new(
  :aws_vpc_security_group_violation,
  :aws_ec2_network_interface_violation,
  :aws_ec2_instance_violation,
  :network_firewall_missing_firewall_violation,
  :network_firewall_missing_subnet_violation,
  :network_firewall_missing_expected_rt_violation,
  :network_firewall_policy_modified_violation,
  :network_firewall_internet_traffic_not_inspected_violation,
  :network_firewall_invalid_route_configuration_violation,
  :network_firewall_black_hole_route_detected_violation,
  :network_firewall_unexpected_firewall_routes_violation,
  :network_firewall_unexpected_gateway_routes_violation,
  :network_firewall_missing_expected_routes_violation,
  :dns_rule_group_priority_conflict_violation,
  :dns_duplicate_rule_group_violation,
  :dns_rule_group_limit_exceeded_violation,
  :firewall_subnet_is_out_of_scope_violation,
  :route_has_out_of_scope_endpoint_violation,
  :third_party_firewall_missing_firewall_violation,
  :third_party_firewall_missing_subnet_violation,
  :third_party_firewall_missing_expected_route_table_violation,
  :firewall_subnet_missing_vpc_endpoint_violation,
  :invalid_network_acl_entries_violation,
  :possible_remediation_actions,
  :web_acl_has_incompatible_configuration_violation,
  :web_acl_has_out_of_scope_resources_violation)
  SENSITIVE = []
  include Aws::Structure
end