AWS Native is in preview. AWS Classic is fully supported.
aws-native.fms.Policy
Explore with Pulumi AI
AWS Native is in preview. AWS Classic is fully supported.
Creates an AWS Firewall Manager policy.
Create Policy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Policy(name: string, args: PolicyArgs, opts?: CustomResourceOptions);
@overload
def Policy(resource_name: str,
args: PolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Policy(resource_name: str,
opts: Optional[ResourceOptions] = None,
remediation_enabled: Optional[bool] = None,
security_service_policy_data: Optional[PolicySecurityServicePolicyDataArgs] = None,
exclude_resource_tags: Optional[bool] = None,
include_map: Optional[PolicyIeMapArgs] = None,
policy_description: Optional[str] = None,
policy_name: Optional[str] = None,
delete_all_policy_resources: Optional[bool] = None,
resource_set_ids: Optional[Sequence[str]] = None,
resource_tags: Optional[Sequence[PolicyResourceTagArgs]] = None,
resource_type: Optional[str] = None,
resource_type_list: Optional[Sequence[str]] = None,
resources_clean_up: Optional[bool] = None,
exclude_map: Optional[PolicyIeMapArgs] = None,
tags: Optional[Sequence[_root_inputs.TagArgs]] = None)
func NewPolicy(ctx *Context, name string, args PolicyArgs, opts ...ResourceOption) (*Policy, error)
public Policy(string name, PolicyArgs args, CustomResourceOptions? opts = null)
public Policy(String name, PolicyArgs args)
public Policy(String name, PolicyArgs args, CustomResourceOptions options)
type: aws-native:fms:Policy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args PolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
Coming soon!
Coming soon!
Coming soon!
Coming soon!
const policyResource = new aws_native.fms.Policy("policyResource", {
remediationEnabled: false,
securityServicePolicyData: {
type: aws_native.fms.PolicyType.Waf,
managedServiceData: "string",
policyOption: {
networkFirewallPolicy: {
firewallDeploymentModel: aws_native.fms.PolicyFirewallDeploymentModel.Distributed,
},
thirdPartyFirewallPolicy: {
firewallDeploymentModel: aws_native.fms.PolicyFirewallDeploymentModel.Distributed,
},
},
},
excludeResourceTags: false,
includeMap: {
account: ["string"],
orgunit: ["string"],
},
policyDescription: "string",
policyName: "string",
deleteAllPolicyResources: false,
resourceSetIds: ["string"],
resourceTags: [{
key: "string",
value: "string",
}],
resourceType: "string",
resourceTypeList: ["string"],
resourcesCleanUp: false,
excludeMap: {
account: ["string"],
orgunit: ["string"],
},
tags: [{
key: "string",
value: "string",
}],
});
Coming soon!
Policy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Policy resource accepts the following input properties:
- bool
- Remediation
Enabled bool - Security
Service Pulumi.Policy Data Aws Native. Fms. Inputs. Policy Security Service Policy Data - Delete
All boolPolicy Resources - Exclude
Map Pulumi.Aws Native. Fms. Inputs. Policy Ie Map - Include
Map Pulumi.Aws Native. Fms. Inputs. Policy Ie Map - Policy
Description string - Policy
Name string - Resource
Set List<string>Ids - List<Pulumi.
Aws Native. Fms. Inputs. Policy Resource Tag> - Resource
Type string - Resource
Type List<string>List - Resources
Clean boolUp - List<Pulumi.
Aws Native. Inputs. Tag>
- bool
- Remediation
Enabled bool - Security
Service PolicyPolicy Data Security Service Policy Data Args - Delete
All boolPolicy Resources - Exclude
Map PolicyIe Map Args - Include
Map PolicyIe Map Args - Policy
Description string - Policy
Name string - Resource
Set []stringIds - []Policy
Resource Tag Args - Resource
Type string - Resource
Type []stringList - Resources
Clean boolUp - Tag
Args
- Boolean
- remediation
Enabled Boolean - security
Service PolicyPolicy Data Security Service Policy Data - delete
All BooleanPolicy Resources - exclude
Map PolicyIe Map - include
Map PolicyIe Map - policy
Description String - policy
Name String - resource
Set List<String>Ids - List<Policy
Resource Tag> - resource
Type String - resource
Type List<String>List - resources
Clean BooleanUp - List<Tag>
- boolean
- remediation
Enabled boolean - security
Service PolicyPolicy Data Security Service Policy Data - delete
All booleanPolicy Resources - exclude
Map PolicyIe Map - include
Map PolicyIe Map - policy
Description string - policy
Name string - resource
Set string[]Ids - Policy
Resource Tag[] - resource
Type string - resource
Type string[]List - resources
Clean booleanUp - Tag[]
- bool
- remediation_
enabled bool - security_
service_ Policypolicy_ data Security Service Policy Data Args - delete_
all_ boolpolicy_ resources - exclude_
map PolicyIe Map Args - include_
map PolicyIe Map Args - policy_
description str - policy_
name str - resource_
set_ Sequence[str]ids - Sequence[Policy
Resource Tag Args] - resource_
type str - resource_
type_ Sequence[str]list - resources_
clean_ boolup - Sequence[Tag
Args]
- Boolean
- remediation
Enabled Boolean - security
Service Property MapPolicy Data - delete
All BooleanPolicy Resources - exclude
Map Property Map - include
Map Property Map - policy
Description String - policy
Name String - resource
Set List<String>Ids - List<Property Map>
- resource
Type String - resource
Type List<String>List - resources
Clean BooleanUp - List<Property Map>
Outputs
All input properties are implicitly available as output properties. Additionally, the Policy resource produces the following output properties:
Supporting Types
PolicyFirewallDeploymentModel, PolicyFirewallDeploymentModelArgs
- Distributed
- DISTRIBUTED
- Centralized
- CENTRALIZED
- Policy
Firewall Deployment Model Distributed - DISTRIBUTED
- Policy
Firewall Deployment Model Centralized - CENTRALIZED
- Distributed
- DISTRIBUTED
- Centralized
- CENTRALIZED
- Distributed
- DISTRIBUTED
- Centralized
- CENTRALIZED
- DISTRIBUTED
- DISTRIBUTED
- CENTRALIZED
- CENTRALIZED
- "DISTRIBUTED"
- DISTRIBUTED
- "CENTRALIZED"
- CENTRALIZED
PolicyIeMap, PolicyIeMapArgs
PolicyNetworkFirewallPolicy, PolicyNetworkFirewallPolicyArgs
PolicyOption, PolicyOptionArgs
PolicyResourceTag, PolicyResourceTagArgs
PolicySecurityServicePolicyData, PolicySecurityServicePolicyDataArgs
PolicyThirdPartyFirewallPolicy, PolicyThirdPartyFirewallPolicyArgs
PolicyType, PolicyTypeArgs
- Waf
- WAF
- Wafv2
- WAFV2
- Shield
Advanced - SHIELD_ADVANCED
- Security
Groups Common - SECURITY_GROUPS_COMMON
- Security
Groups Content Audit - SECURITY_GROUPS_CONTENT_AUDIT
- Security
Groups Usage Audit - SECURITY_GROUPS_USAGE_AUDIT
- Network
Firewall - NETWORK_FIREWALL
- Third
Party Firewall - THIRD_PARTY_FIREWALL
- Dns
Firewall - DNS_FIREWALL
- Import
Network Firewall - IMPORT_NETWORK_FIREWALL
- Policy
Type Waf - WAF
- Policy
Type Wafv2 - WAFV2
- Policy
Type Shield Advanced - SHIELD_ADVANCED
- Policy
Type Security Groups Common - SECURITY_GROUPS_COMMON
- Policy
Type Security Groups Content Audit - SECURITY_GROUPS_CONTENT_AUDIT
- Policy
Type Security Groups Usage Audit - SECURITY_GROUPS_USAGE_AUDIT
- Policy
Type Network Firewall - NETWORK_FIREWALL
- Policy
Type Third Party Firewall - THIRD_PARTY_FIREWALL
- Policy
Type Dns Firewall - DNS_FIREWALL
- Policy
Type Import Network Firewall - IMPORT_NETWORK_FIREWALL
- Waf
- WAF
- Wafv2
- WAFV2
- Shield
Advanced - SHIELD_ADVANCED
- Security
Groups Common - SECURITY_GROUPS_COMMON
- Security
Groups Content Audit - SECURITY_GROUPS_CONTENT_AUDIT
- Security
Groups Usage Audit - SECURITY_GROUPS_USAGE_AUDIT
- Network
Firewall - NETWORK_FIREWALL
- Third
Party Firewall - THIRD_PARTY_FIREWALL
- Dns
Firewall - DNS_FIREWALL
- Import
Network Firewall - IMPORT_NETWORK_FIREWALL
- Waf
- WAF
- Wafv2
- WAFV2
- Shield
Advanced - SHIELD_ADVANCED
- Security
Groups Common - SECURITY_GROUPS_COMMON
- Security
Groups Content Audit - SECURITY_GROUPS_CONTENT_AUDIT
- Security
Groups Usage Audit - SECURITY_GROUPS_USAGE_AUDIT
- Network
Firewall - NETWORK_FIREWALL
- Third
Party Firewall - THIRD_PARTY_FIREWALL
- Dns
Firewall - DNS_FIREWALL
- Import
Network Firewall - IMPORT_NETWORK_FIREWALL
- WAF
- WAF
- WAFV2
- WAFV2
- SHIELD_ADVANCED
- SHIELD_ADVANCED
- SECURITY_GROUPS_COMMON
- SECURITY_GROUPS_COMMON
- SECURITY_GROUPS_CONTENT_AUDIT
- SECURITY_GROUPS_CONTENT_AUDIT
- SECURITY_GROUPS_USAGE_AUDIT
- SECURITY_GROUPS_USAGE_AUDIT
- NETWORK_FIREWALL
- NETWORK_FIREWALL
- THIRD_PARTY_FIREWALL
- THIRD_PARTY_FIREWALL
- DNS_FIREWALL
- DNS_FIREWALL
- IMPORT_NETWORK_FIREWALL
- IMPORT_NETWORK_FIREWALL
- "WAF"
- WAF
- "WAFV2"
- WAFV2
- "SHIELD_ADVANCED"
- SHIELD_ADVANCED
- "SECURITY_GROUPS_COMMON"
- SECURITY_GROUPS_COMMON
- "SECURITY_GROUPS_CONTENT_AUDIT"
- SECURITY_GROUPS_CONTENT_AUDIT
- "SECURITY_GROUPS_USAGE_AUDIT"
- SECURITY_GROUPS_USAGE_AUDIT
- "NETWORK_FIREWALL"
- NETWORK_FIREWALL
- "THIRD_PARTY_FIREWALL"
- THIRD_PARTY_FIREWALL
- "DNS_FIREWALL"
- DNS_FIREWALL
- "IMPORT_NETWORK_FIREWALL"
- IMPORT_NETWORK_FIREWALL
Tag, TagArgs
Package Details
- Repository
- AWS Native pulumi/pulumi-aws-native
- License
- Apache-2.0
AWS Native is in preview. AWS Classic is fully supported.