commonMain.aws.sdk.kotlin.services.fms.FmsClient.kt Maven / Gradle / Ivy
// Code generated by smithy-kotlin-codegen. DO NOT EDIT!
package aws.sdk.kotlin.services.fms
import aws.sdk.kotlin.runtime.auth.credentials.DefaultChainCredentialsProvider
import aws.sdk.kotlin.runtime.auth.credentials.internal.manage
import aws.sdk.kotlin.runtime.client.AwsSdkClientConfig
import aws.sdk.kotlin.runtime.config.AbstractAwsSdkClientFactory
import aws.sdk.kotlin.runtime.config.endpoints.resolveEndpointUrl
import aws.sdk.kotlin.runtime.config.profile.AwsSharedConfig
import aws.sdk.kotlin.runtime.http.retries.AwsDefaultRetryPolicy
import aws.sdk.kotlin.services.fms.auth.DefaultFmsAuthSchemeProvider
import aws.sdk.kotlin.services.fms.auth.FmsAuthSchemeProvider
import aws.sdk.kotlin.services.fms.endpoints.DefaultFmsEndpointProvider
import aws.sdk.kotlin.services.fms.endpoints.FmsEndpointParameters
import aws.sdk.kotlin.services.fms.endpoints.FmsEndpointProvider
import aws.sdk.kotlin.services.fms.model.AssociateAdminAccountRequest
import aws.sdk.kotlin.services.fms.model.AssociateAdminAccountResponse
import aws.sdk.kotlin.services.fms.model.AssociateThirdPartyFirewallRequest
import aws.sdk.kotlin.services.fms.model.AssociateThirdPartyFirewallResponse
import aws.sdk.kotlin.services.fms.model.BatchAssociateResourceRequest
import aws.sdk.kotlin.services.fms.model.BatchAssociateResourceResponse
import aws.sdk.kotlin.services.fms.model.BatchDisassociateResourceRequest
import aws.sdk.kotlin.services.fms.model.BatchDisassociateResourceResponse
import aws.sdk.kotlin.services.fms.model.DeleteAppsListRequest
import aws.sdk.kotlin.services.fms.model.DeleteAppsListResponse
import aws.sdk.kotlin.services.fms.model.DeleteNotificationChannelRequest
import aws.sdk.kotlin.services.fms.model.DeleteNotificationChannelResponse
import aws.sdk.kotlin.services.fms.model.DeletePolicyRequest
import aws.sdk.kotlin.services.fms.model.DeletePolicyResponse
import aws.sdk.kotlin.services.fms.model.DeleteProtocolsListRequest
import aws.sdk.kotlin.services.fms.model.DeleteProtocolsListResponse
import aws.sdk.kotlin.services.fms.model.DeleteResourceSetRequest
import aws.sdk.kotlin.services.fms.model.DeleteResourceSetResponse
import aws.sdk.kotlin.services.fms.model.DisassociateAdminAccountRequest
import aws.sdk.kotlin.services.fms.model.DisassociateAdminAccountResponse
import aws.sdk.kotlin.services.fms.model.DisassociateThirdPartyFirewallRequest
import aws.sdk.kotlin.services.fms.model.DisassociateThirdPartyFirewallResponse
import aws.sdk.kotlin.services.fms.model.GetAdminAccountRequest
import aws.sdk.kotlin.services.fms.model.GetAdminAccountResponse
import aws.sdk.kotlin.services.fms.model.GetAdminScopeRequest
import aws.sdk.kotlin.services.fms.model.GetAdminScopeResponse
import aws.sdk.kotlin.services.fms.model.GetAppsListRequest
import aws.sdk.kotlin.services.fms.model.GetAppsListResponse
import aws.sdk.kotlin.services.fms.model.GetComplianceDetailRequest
import aws.sdk.kotlin.services.fms.model.GetComplianceDetailResponse
import aws.sdk.kotlin.services.fms.model.GetNotificationChannelRequest
import aws.sdk.kotlin.services.fms.model.GetNotificationChannelResponse
import aws.sdk.kotlin.services.fms.model.GetPolicyRequest
import aws.sdk.kotlin.services.fms.model.GetPolicyResponse
import aws.sdk.kotlin.services.fms.model.GetProtectionStatusRequest
import aws.sdk.kotlin.services.fms.model.GetProtectionStatusResponse
import aws.sdk.kotlin.services.fms.model.GetProtocolsListRequest
import aws.sdk.kotlin.services.fms.model.GetProtocolsListResponse
import aws.sdk.kotlin.services.fms.model.GetResourceSetRequest
import aws.sdk.kotlin.services.fms.model.GetResourceSetResponse
import aws.sdk.kotlin.services.fms.model.GetThirdPartyFirewallAssociationStatusRequest
import aws.sdk.kotlin.services.fms.model.GetThirdPartyFirewallAssociationStatusResponse
import aws.sdk.kotlin.services.fms.model.GetViolationDetailsRequest
import aws.sdk.kotlin.services.fms.model.GetViolationDetailsResponse
import aws.sdk.kotlin.services.fms.model.ListAdminAccountsForOrganizationRequest
import aws.sdk.kotlin.services.fms.model.ListAdminAccountsForOrganizationResponse
import aws.sdk.kotlin.services.fms.model.ListAdminsManagingAccountRequest
import aws.sdk.kotlin.services.fms.model.ListAdminsManagingAccountResponse
import aws.sdk.kotlin.services.fms.model.ListAppsListsRequest
import aws.sdk.kotlin.services.fms.model.ListAppsListsResponse
import aws.sdk.kotlin.services.fms.model.ListComplianceStatusRequest
import aws.sdk.kotlin.services.fms.model.ListComplianceStatusResponse
import aws.sdk.kotlin.services.fms.model.ListDiscoveredResourcesRequest
import aws.sdk.kotlin.services.fms.model.ListDiscoveredResourcesResponse
import aws.sdk.kotlin.services.fms.model.ListMemberAccountsRequest
import aws.sdk.kotlin.services.fms.model.ListMemberAccountsResponse
import aws.sdk.kotlin.services.fms.model.ListPoliciesRequest
import aws.sdk.kotlin.services.fms.model.ListPoliciesResponse
import aws.sdk.kotlin.services.fms.model.ListProtocolsListsRequest
import aws.sdk.kotlin.services.fms.model.ListProtocolsListsResponse
import aws.sdk.kotlin.services.fms.model.ListResourceSetResourcesRequest
import aws.sdk.kotlin.services.fms.model.ListResourceSetResourcesResponse
import aws.sdk.kotlin.services.fms.model.ListResourceSetsRequest
import aws.sdk.kotlin.services.fms.model.ListResourceSetsResponse
import aws.sdk.kotlin.services.fms.model.ListTagsForResourceRequest
import aws.sdk.kotlin.services.fms.model.ListTagsForResourceResponse
import aws.sdk.kotlin.services.fms.model.ListThirdPartyFirewallFirewallPoliciesRequest
import aws.sdk.kotlin.services.fms.model.ListThirdPartyFirewallFirewallPoliciesResponse
import aws.sdk.kotlin.services.fms.model.PutAdminAccountRequest
import aws.sdk.kotlin.services.fms.model.PutAdminAccountResponse
import aws.sdk.kotlin.services.fms.model.PutAppsListRequest
import aws.sdk.kotlin.services.fms.model.PutAppsListResponse
import aws.sdk.kotlin.services.fms.model.PutNotificationChannelRequest
import aws.sdk.kotlin.services.fms.model.PutNotificationChannelResponse
import aws.sdk.kotlin.services.fms.model.PutPolicyRequest
import aws.sdk.kotlin.services.fms.model.PutPolicyResponse
import aws.sdk.kotlin.services.fms.model.PutProtocolsListRequest
import aws.sdk.kotlin.services.fms.model.PutProtocolsListResponse
import aws.sdk.kotlin.services.fms.model.PutResourceSetRequest
import aws.sdk.kotlin.services.fms.model.PutResourceSetResponse
import aws.sdk.kotlin.services.fms.model.TagResourceRequest
import aws.sdk.kotlin.services.fms.model.TagResourceResponse
import aws.sdk.kotlin.services.fms.model.UntagResourceRequest
import aws.sdk.kotlin.services.fms.model.UntagResourceResponse
import aws.smithy.kotlin.runtime.auth.awscredentials.CredentialsProvider
import aws.smithy.kotlin.runtime.auth.awscredentials.CredentialsProviderConfig
import aws.smithy.kotlin.runtime.client.AbstractSdkClientBuilder
import aws.smithy.kotlin.runtime.client.LogMode
import aws.smithy.kotlin.runtime.client.RetryClientConfig
import aws.smithy.kotlin.runtime.client.RetryStrategyClientConfig
import aws.smithy.kotlin.runtime.client.RetryStrategyClientConfigImpl
import aws.smithy.kotlin.runtime.client.SdkClient
import aws.smithy.kotlin.runtime.client.SdkClientConfig
import aws.smithy.kotlin.runtime.client.SdkClientFactory
import aws.smithy.kotlin.runtime.http.auth.AuthScheme
import aws.smithy.kotlin.runtime.http.auth.HttpAuthConfig
import aws.smithy.kotlin.runtime.http.config.HttpClientConfig
import aws.smithy.kotlin.runtime.http.config.HttpEngineConfig
import aws.smithy.kotlin.runtime.http.engine.HttpClientEngine
import aws.smithy.kotlin.runtime.http.engine.HttpEngineConfigImpl
import aws.smithy.kotlin.runtime.http.interceptors.HttpInterceptor
import aws.smithy.kotlin.runtime.net.Url
import aws.smithy.kotlin.runtime.retries.RetryStrategy
import aws.smithy.kotlin.runtime.retries.policy.RetryPolicy
import aws.smithy.kotlin.runtime.telemetry.Global
import aws.smithy.kotlin.runtime.telemetry.TelemetryConfig
import aws.smithy.kotlin.runtime.telemetry.TelemetryProvider
import aws.smithy.kotlin.runtime.util.LazyAsyncValue
import kotlin.collections.List
import kotlin.jvm.JvmStatic
public const val ServiceId: String = "FMS"
public const val SdkVersion: String = "0.32.1-beta"
/**
* This is the *Firewall Manager API Reference*. This guide is for developers who need detailed information about the Firewall Manager API actions, data types, and errors. For detailed information about Firewall Manager features, see the [Firewall Manager Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/fms-chapter.html).
*
* Some API actions require explicit resource permissions. For information, see the developer guide topic [Service roles for Firewall Manager](https://docs.aws.amazon.com/waf/latest/developerguide/fms-security_iam_service-with-iam.html#fms-security_iam_service-with-iam-roles-service).
*/
public interface FmsClient : SdkClient {
/**
* FmsClient's configuration
*/
public override val config: Config
public companion object : AbstractAwsSdkClientFactory() {
@JvmStatic
override fun builder(): Builder = Builder()
override suspend fun finalizeConfig(builder: Builder, sharedConfig: LazyAsyncValue) {
builder.config.endpointUrl = builder.config.endpointUrl ?: resolveEndpointUrl(
sharedConfig,
"Fms",
"FMS",
"fms",
)
}
}
public class Builder internal constructor(): AbstractSdkClientBuilder() {
override val config: Config.Builder = Config.Builder()
override fun newClient(config: Config): FmsClient = DefaultFmsClient(config)
}
public class Config private constructor(builder: Builder) : AwsSdkClientConfig, CredentialsProviderConfig, HttpAuthConfig, HttpClientConfig, HttpEngineConfig by builder.buildHttpEngineConfig(), RetryClientConfig, RetryStrategyClientConfig by builder.buildRetryStrategyClientConfig(), SdkClientConfig, TelemetryConfig {
override val clientName: String = builder.clientName
override val region: String? = builder.region
public val authSchemeProvider: FmsAuthSchemeProvider = builder.authSchemeProvider ?: DefaultFmsAuthSchemeProvider
override val authSchemes: kotlin.collections.List = builder.authSchemes
override val credentialsProvider: CredentialsProvider = builder.credentialsProvider ?: DefaultChainCredentialsProvider(httpClient = httpClient, region = region).manage()
public val endpointProvider: FmsEndpointProvider = builder.endpointProvider ?: DefaultFmsEndpointProvider()
public val endpointUrl: Url? = builder.endpointUrl
override val interceptors: kotlin.collections.List = builder.interceptors
override val logMode: LogMode = builder.logMode ?: LogMode.Default
override val retryPolicy: RetryPolicy = builder.retryPolicy ?: AwsDefaultRetryPolicy
override val telemetryProvider: TelemetryProvider = builder.telemetryProvider ?: TelemetryProvider.Global
override val useDualStack: Boolean = builder.useDualStack ?: false
override val useFips: Boolean = builder.useFips ?: false
public companion object {
public inline operator fun invoke(block: Builder.() -> kotlin.Unit): Config = Builder().apply(block).build()
}
public fun toBuilder(): Builder = Builder().apply {
clientName = [email protected]
region = [email protected]
authSchemeProvider = [email protected]
authSchemes = [email protected]
credentialsProvider = [email protected]
endpointProvider = [email protected]
endpointUrl = [email protected]
httpClient = [email protected]
interceptors = [email protected]()
logMode = [email protected]
retryPolicy = [email protected]
retryStrategy = [email protected]
telemetryProvider = [email protected]
useDualStack = [email protected]
useFips = [email protected]
}
public class Builder : AwsSdkClientConfig.Builder, CredentialsProviderConfig.Builder, HttpAuthConfig.Builder, HttpClientConfig.Builder, HttpEngineConfig.Builder by HttpEngineConfigImpl.BuilderImpl(), RetryClientConfig.Builder, RetryStrategyClientConfig.Builder by RetryStrategyClientConfigImpl.BuilderImpl(), SdkClientConfig.Builder, TelemetryConfig.Builder {
/**
* A reader-friendly name for the client.
*/
override var clientName: String = "FMS"
/**
* The AWS region (e.g. `us-west-2`) to make requests to. See about AWS
* [global infrastructure](https://aws.amazon.com/about-aws/global-infrastructure/regions_az/) for more
* information
*/
override var region: String? = null
/**
* Configure the provider used to resolve the authentication scheme to use for a particular operation.
*/
public var authSchemeProvider: FmsAuthSchemeProvider? = null
/**
* Register new or override default [AuthScheme]s configured for this client. By default, the set
* of auth schemes configured comes from the service model. An auth scheme configured explicitly takes
* precedence over the defaults and can be used to customize identity resolution and signing for specific
* authentication schemes.
*/
override var authSchemes: kotlin.collections.List = emptyList()
/**
* The AWS credentials provider to use for authenticating requests. If not provided a
* [aws.sdk.kotlin.runtime.auth.credentials.DefaultChainCredentialsProvider] instance will be used.
* NOTE: The caller is responsible for managing the lifetime of the provider when set. The SDK
* client will not close it when the client is closed.
*/
override var credentialsProvider: CredentialsProvider? = null
/**
* The endpoint provider used to determine where to make service requests. **This is an advanced config
* option.**
*
* Endpoint resolution occurs as part of the workflow for every request made via the service client.
*
* The inputs to endpoint resolution are defined on a per-service basis (see [EndpointParameters]).
*/
public var endpointProvider: FmsEndpointProvider? = null
/**
* A custom endpoint to route requests to. The endpoint set here is passed to the configured
* [endpointProvider], which may inspect and modify it as needed.
*
* Setting a custom endpointUrl should generally be preferred to overriding the [endpointProvider] and is
* the recommended way to route requests to development or preview instances of a service.
*
* **This is an advanced config option.**
*/
public var endpointUrl: Url? = null
/**
* Add an [aws.smithy.kotlin.runtime.client.Interceptor] that will have access to read and modify
* the request and response objects as they are processed by the SDK.
* Interceptors added using this method are executed in the order they are configured and are always
* later than any added automatically by the SDK.
*/
override var interceptors: kotlin.collections.MutableList = kotlin.collections.mutableListOf()
/**
* Configure events that will be logged. By default clients will not output
* raw requests or responses. Use this setting to opt-in to additional debug logging.
*
* This can be used to configure logging of requests, responses, retries, etc of SDK clients.
*
* **NOTE**: Logging of raw requests or responses may leak sensitive information! It may also have
* performance considerations when dumping the request/response body. This is primarily a tool for
* debug purposes.
*/
override var logMode: LogMode? = null
/**
* The policy to use for evaluating operation results and determining whether/how to retry.
*/
override var retryPolicy: RetryPolicy? = null
/**
* The telemetry provider used to instrument the SDK operations with. By default, the global telemetry
* provider will be used.
*/
override var telemetryProvider: TelemetryProvider? = null
/**
* Flag to toggle whether to use dual-stack endpoints when making requests.
* See [https://docs.aws.amazon.com/sdkref/latest/guide/feature-endpoints.html] for more information.
* ` Disabled by default.
*/
override var useDualStack: Boolean? = null
/**
* Flag to toggle whether to use [FIPS](https://aws.amazon.com/compliance/fips/) endpoints when making requests.
* ` Disabled by default.
*/
override var useFips: Boolean? = null
override fun build(): Config = Config(this)
}
}
/**
* Sets a Firewall Manager default administrator account. The Firewall Manager default administrator account can manage third-party firewalls and has full administrative scope that allows administration of all policy types, accounts, organizational units, and Regions. This account must be a member account of the organization in Organizations whose resources you want to protect.
*
* For information about working with Firewall Manager administrator accounts, see [Managing Firewall Manager administrators](https://docs.aws.amazon.com/organizations/latest/userguide/fms-administrators.html) in the *Firewall Manager Developer Guide*.
*/
public suspend fun associateAdminAccount(input: AssociateAdminAccountRequest): AssociateAdminAccountResponse
/**
* Sets the Firewall Manager policy administrator as a tenant administrator of a third-party firewall service. A tenant is an instance of the third-party firewall service that's associated with your Amazon Web Services customer account.
*/
public suspend fun associateThirdPartyFirewall(input: AssociateThirdPartyFirewallRequest): AssociateThirdPartyFirewallResponse
/**
* Associate resources to a Firewall Manager resource set.
*/
public suspend fun batchAssociateResource(input: BatchAssociateResourceRequest): BatchAssociateResourceResponse
/**
* Disassociates resources from a Firewall Manager resource set.
*/
public suspend fun batchDisassociateResource(input: BatchDisassociateResourceRequest): BatchDisassociateResourceResponse
/**
* Permanently deletes an Firewall Manager applications list.
*/
public suspend fun deleteAppsList(input: DeleteAppsListRequest): DeleteAppsListResponse
/**
* Deletes an Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs.
*/
public suspend fun deleteNotificationChannel(input: DeleteNotificationChannelRequest = DeleteNotificationChannelRequest {}): DeleteNotificationChannelResponse
/**
* Permanently deletes an Firewall Manager policy.
*/
public suspend fun deletePolicy(input: DeletePolicyRequest): DeletePolicyResponse
/**
* Permanently deletes an Firewall Manager protocols list.
*/
public suspend fun deleteProtocolsList(input: DeleteProtocolsListRequest): DeleteProtocolsListResponse
/**
* Deletes the specified ResourceSet.
*/
public suspend fun deleteResourceSet(input: DeleteResourceSetRequest): DeleteResourceSetResponse
/**
* Disassociates an Firewall Manager administrator account. To set a different account as an Firewall Manager administrator, submit a PutAdminAccount request. To set an account as a default administrator account, you must submit an AssociateAdminAccount request.
*
* Disassociation of the default administrator account follows the first in, last out principle. If you are the default administrator, all Firewall Manager administrators within the organization must first disassociate their accounts before you can disassociate your account.
*/
public suspend fun disassociateAdminAccount(input: DisassociateAdminAccountRequest = DisassociateAdminAccountRequest {}): DisassociateAdminAccountResponse
/**
* Disassociates a Firewall Manager policy administrator from a third-party firewall tenant. When you call `DisassociateThirdPartyFirewall`, the third-party firewall vendor deletes all of the firewalls that are associated with the account.
*/
public suspend fun disassociateThirdPartyFirewall(input: DisassociateThirdPartyFirewallRequest): DisassociateThirdPartyFirewallResponse
/**
* Returns the Organizations account that is associated with Firewall Manager as the Firewall Manager default administrator.
*/
public suspend fun getAdminAccount(input: GetAdminAccountRequest = GetAdminAccountRequest {}): GetAdminAccountResponse
/**
* Returns information about the specified account's administrative scope. The admistrative scope defines the resources that an Firewall Manager administrator can manage.
*/
public suspend fun getAdminScope(input: GetAdminScopeRequest): GetAdminScopeResponse
/**
* Returns information about the specified Firewall Manager applications list.
*/
public suspend fun getAppsList(input: GetAppsListRequest): GetAppsListResponse
/**
* Returns detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy.
* + Resources are considered noncompliant for WAF and Shield Advanced policies if the specified policy has not been applied to them.
* + Resources are considered noncompliant for security group policies if they are in scope of the policy, they violate one or more of the policy rules, and remediation is disabled or not possible.
* + Resources are considered noncompliant for Network Firewall policies if a firewall is missing in the VPC, if the firewall endpoint isn't set up in an expected Availability Zone and subnet, if a subnet created by the Firewall Manager doesn't have the expected route table, and for modifications to a firewall policy that violate the Firewall Manager policy's rules.
* + Resources are considered noncompliant for DNS Firewall policies if a DNS Firewall rule group is missing from the rule group associations for the VPC.
*/
public suspend fun getComplianceDetail(input: GetComplianceDetailRequest): GetComplianceDetailResponse
/**
* Information about the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs.
*/
public suspend fun getNotificationChannel(input: GetNotificationChannelRequest = GetNotificationChannelRequest {}): GetNotificationChannelResponse
/**
* Returns information about the specified Firewall Manager policy.
*/
public suspend fun getPolicy(input: GetPolicyRequest): GetPolicyResponse
/**
* If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a potential DDoS attack. Other policy types are currently unsupported.
*/
public suspend fun getProtectionStatus(input: GetProtectionStatusRequest): GetProtectionStatusResponse
/**
* Returns information about the specified Firewall Manager protocols list.
*/
public suspend fun getProtocolsList(input: GetProtocolsListRequest): GetProtocolsListResponse
/**
* Gets information about a specific resource set.
*/
public suspend fun getResourceSet(input: GetResourceSetRequest): GetResourceSetResponse
/**
* The onboarding status of a Firewall Manager admin account to third-party firewall vendor tenant.
*/
public suspend fun getThirdPartyFirewallAssociationStatus(input: GetThirdPartyFirewallAssociationStatusRequest): GetThirdPartyFirewallAssociationStatusResponse
/**
* Retrieves violations for a resource based on the specified Firewall Manager policy and Amazon Web Services account.
*/
public suspend fun getViolationDetails(input: GetViolationDetailsRequest): GetViolationDetailsResponse
/**
* Returns a `AdminAccounts` object that lists the Firewall Manager administrators within the organization that are onboarded to Firewall Manager by AssociateAdminAccount.
*
* This operation can be called only from the organization's management account.
*/
public suspend fun listAdminAccountsForOrganization(input: ListAdminAccountsForOrganizationRequest = ListAdminAccountsForOrganizationRequest {}): ListAdminAccountsForOrganizationResponse
/**
* Lists the accounts that are managing the specified Organizations member account. This is useful for any member account so that they can view the accounts who are managing their account. This operation only returns the managing administrators that have the requested account within their AdminScope.
*/
public suspend fun listAdminsManagingAccount(input: ListAdminsManagingAccountRequest = ListAdminsManagingAccountRequest {}): ListAdminsManagingAccountResponse
/**
* Returns an array of `AppsListDataSummary` objects.
*/
public suspend fun listAppsLists(input: ListAppsListsRequest): ListAppsListsResponse
/**
* Returns an array of `PolicyComplianceStatus` objects. Use `PolicyComplianceStatus` to get a summary of which member accounts are protected by the specified policy.
*/
public suspend fun listComplianceStatus(input: ListComplianceStatusRequest): ListComplianceStatusResponse
/**
* Returns an array of resources in the organization's accounts that are available to be associated with a resource set.
*/
public suspend fun listDiscoveredResources(input: ListDiscoveredResourcesRequest): ListDiscoveredResourcesResponse
/**
* Returns a `MemberAccounts` object that lists the member accounts in the administrator's Amazon Web Services organization.
*
* Either an Firewall Manager administrator or the organization's management account can make this request.
*/
public suspend fun listMemberAccounts(input: ListMemberAccountsRequest = ListMemberAccountsRequest {}): ListMemberAccountsResponse
/**
* Returns an array of `PolicySummary` objects.
*/
public suspend fun listPolicies(input: ListPoliciesRequest = ListPoliciesRequest {}): ListPoliciesResponse
/**
* Returns an array of `ProtocolsListDataSummary` objects.
*/
public suspend fun listProtocolsLists(input: ListProtocolsListsRequest): ListProtocolsListsResponse
/**
* Returns an array of resources that are currently associated to a resource set.
*/
public suspend fun listResourceSetResources(input: ListResourceSetResourcesRequest): ListResourceSetResourcesResponse
/**
* Returns an array of `ResourceSetSummary` objects.
*/
public suspend fun listResourceSets(input: ListResourceSetsRequest = ListResourceSetsRequest {}): ListResourceSetsResponse
/**
* Retrieves the list of tags for the specified Amazon Web Services resource.
*/
public suspend fun listTagsForResource(input: ListTagsForResourceRequest): ListTagsForResourceResponse
/**
* Retrieves a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account.
*/
public suspend fun listThirdPartyFirewallFirewallPolicies(input: ListThirdPartyFirewallFirewallPoliciesRequest): ListThirdPartyFirewallFirewallPoliciesResponse
/**
* Creates or updates an Firewall Manager administrator account. The account must be a member of the organization that was onboarded to Firewall Manager by AssociateAdminAccount. Only the organization's management account can create an Firewall Manager administrator account. When you create an Firewall Manager administrator account, the service checks to see if the account is already a delegated administrator within Organizations. If the account isn't a delegated administrator, Firewall Manager calls Organizations to delegate the account within Organizations. For more information about administrator accounts within Organizations, see [Managing the Amazon Web Services Accounts in Your Organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html).
*/
public suspend fun putAdminAccount(input: PutAdminAccountRequest): PutAdminAccountResponse
/**
* Creates an Firewall Manager applications list.
*/
public suspend fun putAppsList(input: PutAppsListRequest): PutAppsListResponse
/**
* Designates the IAM role and Amazon Simple Notification Service (SNS) topic that Firewall Manager uses to record SNS logs.
*
* To perform this action outside of the console, you must first configure the SNS topic's access policy to allow the `SnsRoleName` to publish SNS logs. If the `SnsRoleName` provided is a role other than the `AWSServiceRoleForFMS` service-linked role, this role must have a trust relationship configured to allow the Firewall Manager service principal `fms.amazonaws.com` to assume this role. For information about configuring an SNS access policy, see [Service roles for Firewall Manager](https://docs.aws.amazon.com/waf/latest/developerguide/fms-security_iam_service-with-iam.html#fms-security_iam_service-with-iam-roles-service) in the *Firewall Manager Developer Guide*.
*/
public suspend fun putNotificationChannel(input: PutNotificationChannelRequest): PutNotificationChannelResponse
/**
* Creates an Firewall Manager policy.
*
* Firewall Manager provides the following types of policies:
* + An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.
* + An WAF Classic policy (type WAF), which defines a rule group.
* + A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.
* + A security group policy, which manages VPC security groups across your Amazon Web Services organization.
* + An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.
* + A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.
*
* Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type.
*
* You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see [CreateSubscription](https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html).
*/
public suspend fun putPolicy(input: PutPolicyRequest): PutPolicyResponse
/**
* Creates an Firewall Manager protocols list.
*/
public suspend fun putProtocolsList(input: PutProtocolsListRequest): PutProtocolsListResponse
/**
* Creates the resource set.
*
* An Firewall Manager resource set defines the resources to import into an Firewall Manager policy from another Amazon Web Services service.
*/
public suspend fun putResourceSet(input: PutResourceSetRequest): PutResourceSetResponse
/**
* Adds one or more tags to an Amazon Web Services resource.
*/
public suspend fun tagResource(input: TagResourceRequest): TagResourceResponse
/**
* Removes one or more tags from an Amazon Web Services resource.
*/
public suspend fun untagResource(input: UntagResourceRequest): UntagResourceResponse
}
/**
* Create a copy of the client with one or more configuration values overridden.
* This method allows the caller to perform scoped config overrides for one or more client operations.
*
* Any resources created on your behalf will be shared between clients, and will only be closed when ALL clients using them are closed.
* If you provide a resource (e.g. [HttpClientEngine]) to the SDK, you are responsible for managing the lifetime of that resource.
*/
public fun FmsClient.withConfig(block: FmsClient.Config.Builder.() -> Unit): FmsClient {
val newConfig = config.toBuilder().apply(block).build()
return DefaultFmsClient(newConfig)
}
/**
* Sets a Firewall Manager default administrator account. The Firewall Manager default administrator account can manage third-party firewalls and has full administrative scope that allows administration of all policy types, accounts, organizational units, and Regions. This account must be a member account of the organization in Organizations whose resources you want to protect.
*
* For information about working with Firewall Manager administrator accounts, see [Managing Firewall Manager administrators](https://docs.aws.amazon.com/organizations/latest/userguide/fms-administrators.html) in the *Firewall Manager Developer Guide*.
*/
public suspend inline fun FmsClient.associateAdminAccount(crossinline block: AssociateAdminAccountRequest.Builder.() -> Unit): AssociateAdminAccountResponse = associateAdminAccount(AssociateAdminAccountRequest.Builder().apply(block).build())
/**
* Sets the Firewall Manager policy administrator as a tenant administrator of a third-party firewall service. A tenant is an instance of the third-party firewall service that's associated with your Amazon Web Services customer account.
*/
public suspend inline fun FmsClient.associateThirdPartyFirewall(crossinline block: AssociateThirdPartyFirewallRequest.Builder.() -> Unit): AssociateThirdPartyFirewallResponse = associateThirdPartyFirewall(AssociateThirdPartyFirewallRequest.Builder().apply(block).build())
/**
* Associate resources to a Firewall Manager resource set.
*/
public suspend inline fun FmsClient.batchAssociateResource(crossinline block: BatchAssociateResourceRequest.Builder.() -> Unit): BatchAssociateResourceResponse = batchAssociateResource(BatchAssociateResourceRequest.Builder().apply(block).build())
/**
* Disassociates resources from a Firewall Manager resource set.
*/
public suspend inline fun FmsClient.batchDisassociateResource(crossinline block: BatchDisassociateResourceRequest.Builder.() -> Unit): BatchDisassociateResourceResponse = batchDisassociateResource(BatchDisassociateResourceRequest.Builder().apply(block).build())
/**
* Permanently deletes an Firewall Manager applications list.
*/
public suspend inline fun FmsClient.deleteAppsList(crossinline block: DeleteAppsListRequest.Builder.() -> Unit): DeleteAppsListResponse = deleteAppsList(DeleteAppsListRequest.Builder().apply(block).build())
/**
* Deletes an Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs.
*/
public suspend inline fun FmsClient.deleteNotificationChannel(crossinline block: DeleteNotificationChannelRequest.Builder.() -> Unit): DeleteNotificationChannelResponse = deleteNotificationChannel(DeleteNotificationChannelRequest.Builder().apply(block).build())
/**
* Permanently deletes an Firewall Manager policy.
*/
public suspend inline fun FmsClient.deletePolicy(crossinline block: DeletePolicyRequest.Builder.() -> Unit): DeletePolicyResponse = deletePolicy(DeletePolicyRequest.Builder().apply(block).build())
/**
* Permanently deletes an Firewall Manager protocols list.
*/
public suspend inline fun FmsClient.deleteProtocolsList(crossinline block: DeleteProtocolsListRequest.Builder.() -> Unit): DeleteProtocolsListResponse = deleteProtocolsList(DeleteProtocolsListRequest.Builder().apply(block).build())
/**
* Deletes the specified ResourceSet.
*/
public suspend inline fun FmsClient.deleteResourceSet(crossinline block: DeleteResourceSetRequest.Builder.() -> Unit): DeleteResourceSetResponse = deleteResourceSet(DeleteResourceSetRequest.Builder().apply(block).build())
/**
* Disassociates an Firewall Manager administrator account. To set a different account as an Firewall Manager administrator, submit a PutAdminAccount request. To set an account as a default administrator account, you must submit an AssociateAdminAccount request.
*
* Disassociation of the default administrator account follows the first in, last out principle. If you are the default administrator, all Firewall Manager administrators within the organization must first disassociate their accounts before you can disassociate your account.
*/
public suspend inline fun FmsClient.disassociateAdminAccount(crossinline block: DisassociateAdminAccountRequest.Builder.() -> Unit): DisassociateAdminAccountResponse = disassociateAdminAccount(DisassociateAdminAccountRequest.Builder().apply(block).build())
/**
* Disassociates a Firewall Manager policy administrator from a third-party firewall tenant. When you call `DisassociateThirdPartyFirewall`, the third-party firewall vendor deletes all of the firewalls that are associated with the account.
*/
public suspend inline fun FmsClient.disassociateThirdPartyFirewall(crossinline block: DisassociateThirdPartyFirewallRequest.Builder.() -> Unit): DisassociateThirdPartyFirewallResponse = disassociateThirdPartyFirewall(DisassociateThirdPartyFirewallRequest.Builder().apply(block).build())
/**
* Returns the Organizations account that is associated with Firewall Manager as the Firewall Manager default administrator.
*/
public suspend inline fun FmsClient.getAdminAccount(crossinline block: GetAdminAccountRequest.Builder.() -> Unit): GetAdminAccountResponse = getAdminAccount(GetAdminAccountRequest.Builder().apply(block).build())
/**
* Returns information about the specified account's administrative scope. The admistrative scope defines the resources that an Firewall Manager administrator can manage.
*/
public suspend inline fun FmsClient.getAdminScope(crossinline block: GetAdminScopeRequest.Builder.() -> Unit): GetAdminScopeResponse = getAdminScope(GetAdminScopeRequest.Builder().apply(block).build())
/**
* Returns information about the specified Firewall Manager applications list.
*/
public suspend inline fun FmsClient.getAppsList(crossinline block: GetAppsListRequest.Builder.() -> Unit): GetAppsListResponse = getAppsList(GetAppsListRequest.Builder().apply(block).build())
/**
* Returns detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy.
* + Resources are considered noncompliant for WAF and Shield Advanced policies if the specified policy has not been applied to them.
* + Resources are considered noncompliant for security group policies if they are in scope of the policy, they violate one or more of the policy rules, and remediation is disabled or not possible.
* + Resources are considered noncompliant for Network Firewall policies if a firewall is missing in the VPC, if the firewall endpoint isn't set up in an expected Availability Zone and subnet, if a subnet created by the Firewall Manager doesn't have the expected route table, and for modifications to a firewall policy that violate the Firewall Manager policy's rules.
* + Resources are considered noncompliant for DNS Firewall policies if a DNS Firewall rule group is missing from the rule group associations for the VPC.
*/
public suspend inline fun FmsClient.getComplianceDetail(crossinline block: GetComplianceDetailRequest.Builder.() -> Unit): GetComplianceDetailResponse = getComplianceDetail(GetComplianceDetailRequest.Builder().apply(block).build())
/**
* Information about the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS logs.
*/
public suspend inline fun FmsClient.getNotificationChannel(crossinline block: GetNotificationChannelRequest.Builder.() -> Unit): GetNotificationChannelResponse = getNotificationChannel(GetNotificationChannelRequest.Builder().apply(block).build())
/**
* Returns information about the specified Firewall Manager policy.
*/
public suspend inline fun FmsClient.getPolicy(crossinline block: GetPolicyRequest.Builder.() -> Unit): GetPolicyResponse = getPolicy(GetPolicyRequest.Builder().apply(block).build())
/**
* If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a potential DDoS attack. Other policy types are currently unsupported.
*/
public suspend inline fun FmsClient.getProtectionStatus(crossinline block: GetProtectionStatusRequest.Builder.() -> Unit): GetProtectionStatusResponse = getProtectionStatus(GetProtectionStatusRequest.Builder().apply(block).build())
/**
* Returns information about the specified Firewall Manager protocols list.
*/
public suspend inline fun FmsClient.getProtocolsList(crossinline block: GetProtocolsListRequest.Builder.() -> Unit): GetProtocolsListResponse = getProtocolsList(GetProtocolsListRequest.Builder().apply(block).build())
/**
* Gets information about a specific resource set.
*/
public suspend inline fun FmsClient.getResourceSet(crossinline block: GetResourceSetRequest.Builder.() -> Unit): GetResourceSetResponse = getResourceSet(GetResourceSetRequest.Builder().apply(block).build())
/**
* The onboarding status of a Firewall Manager admin account to third-party firewall vendor tenant.
*/
public suspend inline fun FmsClient.getThirdPartyFirewallAssociationStatus(crossinline block: GetThirdPartyFirewallAssociationStatusRequest.Builder.() -> Unit): GetThirdPartyFirewallAssociationStatusResponse = getThirdPartyFirewallAssociationStatus(GetThirdPartyFirewallAssociationStatusRequest.Builder().apply(block).build())
/**
* Retrieves violations for a resource based on the specified Firewall Manager policy and Amazon Web Services account.
*/
public suspend inline fun FmsClient.getViolationDetails(crossinline block: GetViolationDetailsRequest.Builder.() -> Unit): GetViolationDetailsResponse = getViolationDetails(GetViolationDetailsRequest.Builder().apply(block).build())
/**
* Returns a `AdminAccounts` object that lists the Firewall Manager administrators within the organization that are onboarded to Firewall Manager by AssociateAdminAccount.
*
* This operation can be called only from the organization's management account.
*/
public suspend inline fun FmsClient.listAdminAccountsForOrganization(crossinline block: ListAdminAccountsForOrganizationRequest.Builder.() -> Unit): ListAdminAccountsForOrganizationResponse = listAdminAccountsForOrganization(ListAdminAccountsForOrganizationRequest.Builder().apply(block).build())
/**
* Lists the accounts that are managing the specified Organizations member account. This is useful for any member account so that they can view the accounts who are managing their account. This operation only returns the managing administrators that have the requested account within their AdminScope.
*/
public suspend inline fun FmsClient.listAdminsManagingAccount(crossinline block: ListAdminsManagingAccountRequest.Builder.() -> Unit): ListAdminsManagingAccountResponse = listAdminsManagingAccount(ListAdminsManagingAccountRequest.Builder().apply(block).build())
/**
* Returns an array of `AppsListDataSummary` objects.
*/
public suspend inline fun FmsClient.listAppsLists(crossinline block: ListAppsListsRequest.Builder.() -> Unit): ListAppsListsResponse = listAppsLists(ListAppsListsRequest.Builder().apply(block).build())
/**
* Returns an array of `PolicyComplianceStatus` objects. Use `PolicyComplianceStatus` to get a summary of which member accounts are protected by the specified policy.
*/
public suspend inline fun FmsClient.listComplianceStatus(crossinline block: ListComplianceStatusRequest.Builder.() -> Unit): ListComplianceStatusResponse = listComplianceStatus(ListComplianceStatusRequest.Builder().apply(block).build())
/**
* Returns an array of resources in the organization's accounts that are available to be associated with a resource set.
*/
public suspend inline fun FmsClient.listDiscoveredResources(crossinline block: ListDiscoveredResourcesRequest.Builder.() -> Unit): ListDiscoveredResourcesResponse = listDiscoveredResources(ListDiscoveredResourcesRequest.Builder().apply(block).build())
/**
* Returns a `MemberAccounts` object that lists the member accounts in the administrator's Amazon Web Services organization.
*
* Either an Firewall Manager administrator or the organization's management account can make this request.
*/
public suspend inline fun FmsClient.listMemberAccounts(crossinline block: ListMemberAccountsRequest.Builder.() -> Unit): ListMemberAccountsResponse = listMemberAccounts(ListMemberAccountsRequest.Builder().apply(block).build())
/**
* Returns an array of `PolicySummary` objects.
*/
public suspend inline fun FmsClient.listPolicies(crossinline block: ListPoliciesRequest.Builder.() -> Unit): ListPoliciesResponse = listPolicies(ListPoliciesRequest.Builder().apply(block).build())
/**
* Returns an array of `ProtocolsListDataSummary` objects.
*/
public suspend inline fun FmsClient.listProtocolsLists(crossinline block: ListProtocolsListsRequest.Builder.() -> Unit): ListProtocolsListsResponse = listProtocolsLists(ListProtocolsListsRequest.Builder().apply(block).build())
/**
* Returns an array of resources that are currently associated to a resource set.
*/
public suspend inline fun FmsClient.listResourceSetResources(crossinline block: ListResourceSetResourcesRequest.Builder.() -> Unit): ListResourceSetResourcesResponse = listResourceSetResources(ListResourceSetResourcesRequest.Builder().apply(block).build())
/**
* Returns an array of `ResourceSetSummary` objects.
*/
public suspend inline fun FmsClient.listResourceSets(crossinline block: ListResourceSetsRequest.Builder.() -> Unit): ListResourceSetsResponse = listResourceSets(ListResourceSetsRequest.Builder().apply(block).build())
/**
* Retrieves the list of tags for the specified Amazon Web Services resource.
*/
public suspend inline fun FmsClient.listTagsForResource(crossinline block: ListTagsForResourceRequest.Builder.() -> Unit): ListTagsForResourceResponse = listTagsForResource(ListTagsForResourceRequest.Builder().apply(block).build())
/**
* Retrieves a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account.
*/
public suspend inline fun FmsClient.listThirdPartyFirewallFirewallPolicies(crossinline block: ListThirdPartyFirewallFirewallPoliciesRequest.Builder.() -> Unit): ListThirdPartyFirewallFirewallPoliciesResponse = listThirdPartyFirewallFirewallPolicies(ListThirdPartyFirewallFirewallPoliciesRequest.Builder().apply(block).build())
/**
* Creates or updates an Firewall Manager administrator account. The account must be a member of the organization that was onboarded to Firewall Manager by AssociateAdminAccount. Only the organization's management account can create an Firewall Manager administrator account. When you create an Firewall Manager administrator account, the service checks to see if the account is already a delegated administrator within Organizations. If the account isn't a delegated administrator, Firewall Manager calls Organizations to delegate the account within Organizations. For more information about administrator accounts within Organizations, see [Managing the Amazon Web Services Accounts in Your Organization](https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_accounts.html).
*/
public suspend inline fun FmsClient.putAdminAccount(crossinline block: PutAdminAccountRequest.Builder.() -> Unit): PutAdminAccountResponse = putAdminAccount(PutAdminAccountRequest.Builder().apply(block).build())
/**
* Creates an Firewall Manager applications list.
*/
public suspend inline fun FmsClient.putAppsList(crossinline block: PutAppsListRequest.Builder.() -> Unit): PutAppsListResponse = putAppsList(PutAppsListRequest.Builder().apply(block).build())
/**
* Designates the IAM role and Amazon Simple Notification Service (SNS) topic that Firewall Manager uses to record SNS logs.
*
* To perform this action outside of the console, you must first configure the SNS topic's access policy to allow the `SnsRoleName` to publish SNS logs. If the `SnsRoleName` provided is a role other than the `AWSServiceRoleForFMS` service-linked role, this role must have a trust relationship configured to allow the Firewall Manager service principal `fms.amazonaws.com` to assume this role. For information about configuring an SNS access policy, see [Service roles for Firewall Manager](https://docs.aws.amazon.com/waf/latest/developerguide/fms-security_iam_service-with-iam.html#fms-security_iam_service-with-iam-roles-service) in the *Firewall Manager Developer Guide*.
*/
public suspend inline fun FmsClient.putNotificationChannel(crossinline block: PutNotificationChannelRequest.Builder.() -> Unit): PutNotificationChannelResponse = putNotificationChannel(PutNotificationChannelRequest.Builder().apply(block).build())
/**
* Creates an Firewall Manager policy.
*
* Firewall Manager provides the following types of policies:
* + An WAF policy (type WAFV2), which defines rule groups to run first in the corresponding WAF web ACL and rule groups to run last in the web ACL.
* + An WAF Classic policy (type WAF), which defines a rule group.
* + A Shield Advanced policy, which applies Shield Advanced protection to specified accounts and resources.
* + A security group policy, which manages VPC security groups across your Amazon Web Services organization.
* + An Network Firewall policy, which provides firewall rules to filter network traffic in specified Amazon VPCs.
* + A DNS Firewall policy, which provides Route 53 Resolver DNS Firewall rules to filter DNS queries for specified VPCs.
*
* Each policy is specific to one of the types. If you want to enforce more than one policy type across accounts, create multiple policies. You can create multiple policies for each type.
*
* You must be subscribed to Shield Advanced to create a Shield Advanced policy. For more information about subscribing to Shield Advanced, see [CreateSubscription](https://docs.aws.amazon.com/waf/latest/DDOSAPIReference/API_CreateSubscription.html).
*/
public suspend inline fun FmsClient.putPolicy(crossinline block: PutPolicyRequest.Builder.() -> Unit): PutPolicyResponse = putPolicy(PutPolicyRequest.Builder().apply(block).build())
/**
* Creates an Firewall Manager protocols list.
*/
public suspend inline fun FmsClient.putProtocolsList(crossinline block: PutProtocolsListRequest.Builder.() -> Unit): PutProtocolsListResponse = putProtocolsList(PutProtocolsListRequest.Builder().apply(block).build())
/**
* Creates the resource set.
*
* An Firewall Manager resource set defines the resources to import into an Firewall Manager policy from another Amazon Web Services service.
*/
public suspend inline fun FmsClient.putResourceSet(crossinline block: PutResourceSetRequest.Builder.() -> Unit): PutResourceSetResponse = putResourceSet(PutResourceSetRequest.Builder().apply(block).build())
/**
* Adds one or more tags to an Amazon Web Services resource.
*/
public suspend inline fun FmsClient.tagResource(crossinline block: TagResourceRequest.Builder.() -> Unit): TagResourceResponse = tagResource(TagResourceRequest.Builder().apply(block).build())
/**
* Removes one or more tags from an Amazon Web Services resource.
*/
public suspend inline fun FmsClient.untagResource(crossinline block: UntagResourceRequest.Builder.() -> Unit): UntagResourceResponse = untagResource(UntagResourceRequest.Builder().apply(block).build())
© 2015 - 2025 Weber Informatics LLC | Privacy Policy