AWS Native v0.49.0, Jan 26 23

AWS Native v0.49.0, Jan 26 23

aws-native.fms.Policy

Creates an AWS Firewall Manager policy.

Create Policy Resource

new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);

@overload
def Policy(resource_name: str,
           opts: Optional[ResourceOptions] = None,
           delete_all_policy_resources: Optional[bool] = None,
           exclude_map: Optional[PolicyIEMapArgs] = None,
           exclude_resource_tags: Optional[bool] = None,
           include_map: Optional[PolicyIEMapArgs] = None,
           policy_description: Optional[str] = None,
           policy_name: Optional[str] = None,
           remediation_enabled: Optional[bool] = None,
           resource_set_ids: Optional[Sequence[str]] = None,
           resource_tags: Optional[Sequence[PolicyResourceTagArgs]] = None,
           resource_type: Optional[str] = None,
           resource_type_list: Optional[Sequence[str]] = None,
           resources_clean_up: Optional[bool] = None,
           security_service_policy_data: Optional[PolicySecurityServicePolicyDataArgs] = None,
           tags: Optional[Sequence[PolicyTagArgs]] = None)
@overload
def Policy(resource_name: str,
           args: PolicyArgs,
           opts: Optional[ResourceOptions] = None)

func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)

public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)

public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)

type: aws-native:fms:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Policy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Policy resource accepts the following input properties:

ExcludeResourceTags bool
RemediationEnabled bool
SecurityServicePolicyData Pulumi.AwsNative.FMS.Inputs.PolicySecurityServicePolicyDataArgs
DeleteAllPolicyResources bool
ExcludeMap Pulumi.AwsNative.FMS.Inputs.PolicyIEMapArgs
IncludeMap Pulumi.AwsNative.FMS.Inputs.PolicyIEMapArgs
PolicyDescription string
PolicyName string
ResourceSetIds List<string>
ResourceTags List<Pulumi.AwsNative.FMS.Inputs.PolicyResourceTagArgs>
ResourceType string
ResourceTypeList List<string>
ResourcesCleanUp bool
Tags List<Pulumi.AwsNative.FMS.Inputs.PolicyTagArgs>

ExcludeResourceTags bool
RemediationEnabled bool
SecurityServicePolicyData PolicySecurityServicePolicyDataArgs
DeleteAllPolicyResources bool
ExcludeMap PolicyIEMapArgs
IncludeMap PolicyIEMapArgs
PolicyDescription string
PolicyName string
ResourceSetIds []string
ResourceTags []PolicyResourceTagArgs
ResourceType string
ResourceTypeList []string
ResourcesCleanUp bool
Tags []PolicyTagArgs

excludeResourceTags Boolean
remediationEnabled Boolean
securityServicePolicyData PolicySecurityServicePolicyDataArgs
deleteAllPolicyResources Boolean
excludeMap PolicyIEMapArgs
includeMap PolicyIEMapArgs
policyDescription String
policyName String
resourceSetIds List<String>
resourceTags List<PolicyResourceTagArgs>
resourceType String
resourceTypeList List<String>
resourcesCleanUp Boolean
tags List<PolicyTagArgs>

excludeResourceTags boolean
remediationEnabled boolean
securityServicePolicyData PolicySecurityServicePolicyDataArgs
deleteAllPolicyResources boolean
excludeMap PolicyIEMapArgs
includeMap PolicyIEMapArgs
policyDescription string
policyName string
resourceSetIds string[]
resourceTags PolicyResourceTagArgs[]
resourceType string
resourceTypeList string[]
resourcesCleanUp boolean
tags PolicyTagArgs[]

exclude_resource_tags bool
remediation_enabled bool
security_service_policy_data PolicySecurityServicePolicyDataArgs
delete_all_policy_resources bool
exclude_map PolicyIEMapArgs
include_map PolicyIEMapArgs
policy_description str
policy_name str
resource_set_ids Sequence[str]
resource_tags Sequence[PolicyResourceTagArgs]
resource_type str
resource_type_list Sequence[str]
resources_clean_up bool
tags Sequence[PolicyTagArgs]

excludeResourceTags Boolean
remediationEnabled Boolean
securityServicePolicyData Property Map
deleteAllPolicyResources Boolean
excludeMap Property Map
includeMap Property Map
policyDescription String
policyName String
resourceSetIds List<String>
resourceTags List<Property Map>
resourceType String
resourceTypeList List<String>
resourcesCleanUp Boolean
tags List<Property Map>

Outputs

All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:

Arn string
Id string: The provider-assigned unique ID for this managed resource.

Arn string
Id string: The provider-assigned unique ID for this managed resource.

arn String
id String: The provider-assigned unique ID for this managed resource.

arn string
id string: The provider-assigned unique ID for this managed resource.

arn str
id str: The provider-assigned unique ID for this managed resource.

arn String
id String: The provider-assigned unique ID for this managed resource.

Supporting Types

PolicyFirewallDeploymentModel

Distributed: DISTRIBUTED
Centralized: CENTRALIZED

PolicyFirewallDeploymentModelDistributed: DISTRIBUTED
PolicyFirewallDeploymentModelCentralized: CENTRALIZED

Distributed: DISTRIBUTED
Centralized: CENTRALIZED

Distributed: DISTRIBUTED
Centralized: CENTRALIZED

DISTRIBUTED: DISTRIBUTED
CENTRALIZED: CENTRALIZED

"DISTRIBUTED": DISTRIBUTED
"CENTRALIZED": CENTRALIZED

PolicyIEMap

ACCOUNT List<string>
ORGUNIT List<string>

ACCOUNT []string
ORGUNIT []string

aCCOUNT List<String>
oRGUNIT List<String>

aCCOUNT string[]
oRGUNIT string[]

a_ccount Sequence[str]
o_rgunit Sequence[str]

aCCOUNT List<String>
oRGUNIT List<String>

PolicyNetworkFirewallPolicy

FirewallDeploymentModel Pulumi.AwsNative.FMS.PolicyFirewallDeploymentModel

FirewallDeploymentModel PolicyFirewallDeploymentModel

firewallDeploymentModel PolicyFirewallDeploymentModel

firewallDeploymentModel PolicyFirewallDeploymentModel

firewall_deployment_model PolicyFirewallDeploymentModel

firewallDeploymentModel "DISTRIBUTED" | "CENTRALIZED"

PolicyOption

NetworkFirewallPolicy Pulumi.AwsNative.FMS.Inputs.PolicyNetworkFirewallPolicy
ThirdPartyFirewallPolicy Pulumi.AwsNative.FMS.Inputs.PolicyThirdPartyFirewallPolicy

NetworkFirewallPolicy PolicyNetworkFirewallPolicy
ThirdPartyFirewallPolicy PolicyThirdPartyFirewallPolicy

networkFirewallPolicy PolicyNetworkFirewallPolicy
thirdPartyFirewallPolicy PolicyThirdPartyFirewallPolicy

networkFirewallPolicy PolicyNetworkFirewallPolicy
thirdPartyFirewallPolicy PolicyThirdPartyFirewallPolicy

network_firewall_policy PolicyNetworkFirewallPolicy
third_party_firewall_policy PolicyThirdPartyFirewallPolicy

networkFirewallPolicy Property Map
thirdPartyFirewallPolicy Property Map

PolicyResourceTag

Key string
Value string

Key string
Value string

key String
value String

key string
value string

key str
value str

key String
value String

PolicySecurityServicePolicyData

Type Pulumi.AwsNative.FMS.PolicyType
ManagedServiceData string
PolicyOption Pulumi.AwsNative.FMS.Inputs.PolicyOption

Type PolicyType
ManagedServiceData string
PolicyOption PolicyOption

type PolicyType
managedServiceData String
policyOption PolicyOption

type PolicyType
managedServiceData string
policyOption PolicyOption

type PolicyType
managed_service_data str
policy_option PolicyOption

type "WAF" | "WAFV2" | "SHIELD_ADVANCED" | "SECURITY_GROUPS_COMMON" | "SECURITY_GROUPS_CONTENT_AUDIT" | "SECURITY_GROUPS_USAGE_AUDIT" | "NETWORK_FIREWALL" | "THIRD_PARTY_FIREWALL" | "DNS_FIREWALL" | "IMPORT_NETWORK_FIREWALL"
managedServiceData String
policyOption Property Map

PolicyTag

Key string
Value string

Key string
Value string

key String
value String

key string
value string

key str
value str

key String
value String

PolicyThirdPartyFirewallPolicy

FirewallDeploymentModel Pulumi.AwsNative.FMS.PolicyFirewallDeploymentModel

FirewallDeploymentModel PolicyFirewallDeploymentModel

firewallDeploymentModel PolicyFirewallDeploymentModel

firewallDeploymentModel PolicyFirewallDeploymentModel

firewall_deployment_model PolicyFirewallDeploymentModel

firewallDeploymentModel "DISTRIBUTED" | "CENTRALIZED"

PolicyType

Waf: WAF
Wafv2: WAFV2
ShieldAdvanced: SHIELD_ADVANCED
SecurityGroupsCommon: SECURITY_GROUPS_COMMON
SecurityGroupsContentAudit: SECURITY_GROUPS_CONTENT_AUDIT
SecurityGroupsUsageAudit: SECURITY_GROUPS_USAGE_AUDIT
NetworkFirewall: NETWORK_FIREWALL
ThirdPartyFirewall: THIRD_PARTY_FIREWALL
DnsFirewall: DNS_FIREWALL
ImportNetworkFirewall: IMPORT_NETWORK_FIREWALL

PolicyTypeWaf: WAF
PolicyTypeWafv2: WAFV2
PolicyTypeShieldAdvanced: SHIELD_ADVANCED
PolicyTypeSecurityGroupsCommon: SECURITY_GROUPS_COMMON
PolicyTypeSecurityGroupsContentAudit: SECURITY_GROUPS_CONTENT_AUDIT
PolicyTypeSecurityGroupsUsageAudit: SECURITY_GROUPS_USAGE_AUDIT
PolicyTypeNetworkFirewall: NETWORK_FIREWALL
PolicyTypeThirdPartyFirewall: THIRD_PARTY_FIREWALL
PolicyTypeDnsFirewall: DNS_FIREWALL
PolicyTypeImportNetworkFirewall: IMPORT_NETWORK_FIREWALL

Waf: WAF
Wafv2: WAFV2
ShieldAdvanced: SHIELD_ADVANCED
SecurityGroupsCommon: SECURITY_GROUPS_COMMON
SecurityGroupsContentAudit: SECURITY_GROUPS_CONTENT_AUDIT
SecurityGroupsUsageAudit: SECURITY_GROUPS_USAGE_AUDIT
NetworkFirewall: NETWORK_FIREWALL
ThirdPartyFirewall: THIRD_PARTY_FIREWALL
DnsFirewall: DNS_FIREWALL
ImportNetworkFirewall: IMPORT_NETWORK_FIREWALL

Waf: WAF
Wafv2: WAFV2
ShieldAdvanced: SHIELD_ADVANCED
SecurityGroupsCommon: SECURITY_GROUPS_COMMON
SecurityGroupsContentAudit: SECURITY_GROUPS_CONTENT_AUDIT
SecurityGroupsUsageAudit: SECURITY_GROUPS_USAGE_AUDIT
NetworkFirewall: NETWORK_FIREWALL
ThirdPartyFirewall: THIRD_PARTY_FIREWALL
DnsFirewall: DNS_FIREWALL
ImportNetworkFirewall: IMPORT_NETWORK_FIREWALL

WAF: WAF
WAFV2: WAFV2
SHIELD_ADVANCED: SHIELD_ADVANCED
SECURITY_GROUPS_COMMON: SECURITY_GROUPS_COMMON
SECURITY_GROUPS_CONTENT_AUDIT: SECURITY_GROUPS_CONTENT_AUDIT
SECURITY_GROUPS_USAGE_AUDIT: SECURITY_GROUPS_USAGE_AUDIT
NETWORK_FIREWALL: NETWORK_FIREWALL
THIRD_PARTY_FIREWALL: THIRD_PARTY_FIREWALL
DNS_FIREWALL: DNS_FIREWALL
IMPORT_NETWORK_FIREWALL: IMPORT_NETWORK_FIREWALL

"WAF": WAF
"WAFV2": WAFV2
"SHIELD_ADVANCED": SHIELD_ADVANCED
"SECURITY_GROUPS_COMMON": SECURITY_GROUPS_COMMON
"SECURITY_GROUPS_CONTENT_AUDIT": SECURITY_GROUPS_CONTENT_AUDIT
"SECURITY_GROUPS_USAGE_AUDIT": SECURITY_GROUPS_USAGE_AUDIT
"NETWORK_FIREWALL": NETWORK_FIREWALL
"THIRD_PARTY_FIREWALL": THIRD_PARTY_FIREWALL
"DNS_FIREWALL": DNS_FIREWALL
"IMPORT_NETWORK_FIREWALL": IMPORT_NETWORK_FIREWALL

Package Details

Repository: AWS Native pulumi/pulumi-aws-native
License: Apache-2.0