com.amazonaws.services.fms.AWSFMS Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of aws-java-sdk-fms Show documentation
Show all versions of aws-java-sdk-fms Show documentation
The AWS Java SDK for Firewall Management module holds the client classes that are used for communicating with Firewall Management Service
/*
* Copyright 2019-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License"). You may not use this file except in compliance with
* the License. A copy of the License is located at
*
* http://aws.amazon.com/apache2.0
*
* or in the "license" file accompanying this file. This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
* CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions
* and limitations under the License.
*/
package com.amazonaws.services.fms;
import javax.annotation.Generated;
import com.amazonaws.*;
import com.amazonaws.regions.*;
import com.amazonaws.services.fms.model.*;
/**
* Interface for accessing FMS.
*
* Note: Do not directly implement this interface, new methods are added to it regularly. Extend from
* {@link com.amazonaws.services.fms.AbstractAWSFMS} instead.
*
*
*
* This is the Firewall Manager API Reference. This guide is for developers who need detailed information about
* the Firewall Manager API actions, data types, and errors. For detailed information about Firewall Manager features,
* see the Firewall Manager Developer
* Guide.
*
*
* Some API actions require explicit resource permissions. For information, see the developer guide topic Service roles for Firewall Manager.
*
*/
@Generated("com.amazonaws:aws-java-sdk-code-generator")
public interface AWSFMS {
/**
* The region metadata service name for computing region endpoints. You can use this value to retrieve metadata
* (such as supported regions) of the service.
*
* @see RegionUtils#getRegionsForService(String)
*/
String ENDPOINT_PREFIX = "fms";
/**
*
* Sets a Firewall Manager default administrator account. The Firewall Manager default administrator account can
* manage third-party firewalls and has full administrative scope that allows administration of all policy types,
* accounts, organizational units, and Regions. This account must be a member account of the organization in
* Organizations whose resources you want to protect.
*
*
* For information about working with Firewall Manager administrator accounts, see Managing Firewall
* Manager administrators in the Firewall Manager Developer Guide.
*
*
* @param associateAdminAccountRequest
* @return Result of the AssociateAdminAccount operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.AssociateAdminAccount
* @see AWS API
* Documentation
*/
AssociateAdminAccountResult associateAdminAccount(AssociateAdminAccountRequest associateAdminAccountRequest);
/**
*
* Sets the Firewall Manager policy administrator as a tenant administrator of a third-party firewall service. A
* tenant is an instance of the third-party firewall service that's associated with your Amazon Web Services
* customer account.
*
*
* @param associateThirdPartyFirewallRequest
* @return Result of the AssociateThirdPartyFirewall operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.AssociateThirdPartyFirewall
* @see AWS API Documentation
*/
AssociateThirdPartyFirewallResult associateThirdPartyFirewall(AssociateThirdPartyFirewallRequest associateThirdPartyFirewallRequest);
/**
*
* Associate resources to a Firewall Manager resource set.
*
*
* @param batchAssociateResourceRequest
* @return Result of the BatchAssociateResource operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @sample AWSFMS.BatchAssociateResource
* @see AWS API
* Documentation
*/
BatchAssociateResourceResult batchAssociateResource(BatchAssociateResourceRequest batchAssociateResourceRequest);
/**
*
* Disassociates resources from a Firewall Manager resource set.
*
*
* @param batchDisassociateResourceRequest
* @return Result of the BatchDisassociateResource operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @sample AWSFMS.BatchDisassociateResource
* @see AWS
* API Documentation
*/
BatchDisassociateResourceResult batchDisassociateResource(BatchDisassociateResourceRequest batchDisassociateResourceRequest);
/**
*
* Permanently deletes an Firewall Manager applications list.
*
*
* @param deleteAppsListRequest
* @return Result of the DeleteAppsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.DeleteAppsList
* @see AWS API
* Documentation
*/
DeleteAppsListResult deleteAppsList(DeleteAppsListRequest deleteAppsListRequest);
/**
*
* Deletes an Firewall Manager association with the IAM role and the Amazon Simple Notification Service (SNS) topic
* that is used to record Firewall Manager SNS logs.
*
*
* @param deleteNotificationChannelRequest
* @return Result of the DeleteNotificationChannel operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.DeleteNotificationChannel
* @see AWS
* API Documentation
*/
DeleteNotificationChannelResult deleteNotificationChannel(DeleteNotificationChannelRequest deleteNotificationChannelRequest);
/**
*
* Permanently deletes an Firewall Manager policy.
*
*
* @param deletePolicyRequest
* @return Result of the DeletePolicy operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.DeletePolicy
* @see AWS API
* Documentation
*/
DeletePolicyResult deletePolicy(DeletePolicyRequest deletePolicyRequest);
/**
*
* Permanently deletes an Firewall Manager protocols list.
*
*
* @param deleteProtocolsListRequest
* @return Result of the DeleteProtocolsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.DeleteProtocolsList
* @see AWS API
* Documentation
*/
DeleteProtocolsListResult deleteProtocolsList(DeleteProtocolsListRequest deleteProtocolsListRequest);
/**
*
* Deletes the specified ResourceSet.
*
*
* @param deleteResourceSetRequest
* @return Result of the DeleteResourceSet operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @sample AWSFMS.DeleteResourceSet
* @see AWS API
* Documentation
*/
DeleteResourceSetResult deleteResourceSet(DeleteResourceSetRequest deleteResourceSetRequest);
/**
*
* Disassociates an Firewall Manager administrator account. To set a different account as an Firewall Manager
* administrator, submit a PutAdminAccount request. To set an account as a default administrator account, you
* must submit an AssociateAdminAccount request.
*
*
* Disassociation of the default administrator account follows the first in, last out principle. If you are the
* default administrator, all Firewall Manager administrators within the organization must first disassociate their
* accounts before you can disassociate your account.
*
*
* @param disassociateAdminAccountRequest
* @return Result of the DisassociateAdminAccount operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.DisassociateAdminAccount
* @see AWS
* API Documentation
*/
DisassociateAdminAccountResult disassociateAdminAccount(DisassociateAdminAccountRequest disassociateAdminAccountRequest);
/**
*
* Disassociates a Firewall Manager policy administrator from a third-party firewall tenant. When you call
* DisassociateThirdPartyFirewall, the third-party firewall vendor deletes all of the firewalls that
* are associated with the account.
*
*
* @param disassociateThirdPartyFirewallRequest
* @return Result of the DisassociateThirdPartyFirewall operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.DisassociateThirdPartyFirewall
* @see AWS API Documentation
*/
DisassociateThirdPartyFirewallResult disassociateThirdPartyFirewall(DisassociateThirdPartyFirewallRequest disassociateThirdPartyFirewallRequest);
/**
*
* Returns the Organizations account that is associated with Firewall Manager as the Firewall Manager default
* administrator.
*
*
* @param getAdminAccountRequest
* @return Result of the GetAdminAccount operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetAdminAccount
* @see AWS API
* Documentation
*/
GetAdminAccountResult getAdminAccount(GetAdminAccountRequest getAdminAccountRequest);
/**
*
* Returns information about the specified account's administrative scope. The administrative scope defines the
* resources that an Firewall Manager administrator can manage.
*
*
* @param getAdminScopeRequest
* @return Result of the GetAdminScope operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.GetAdminScope
* @see AWS API
* Documentation
*/
GetAdminScopeResult getAdminScope(GetAdminScopeRequest getAdminScopeRequest);
/**
*
* Returns information about the specified Firewall Manager applications list.
*
*
* @param getAppsListRequest
* @return Result of the GetAppsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetAppsList
* @see AWS API
* Documentation
*/
GetAppsListResult getAppsList(GetAppsListRequest getAppsListRequest);
/**
*
* Returns detailed compliance information about the specified member account. Details include resources that are in
* and out of compliance with the specified policy.
*
*
* The reasons for resources being considered compliant depend on the Firewall Manager policy type.
*
*
* @param getComplianceDetailRequest
* @return Result of the GetComplianceDetail operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @sample AWSFMS.GetComplianceDetail
* @see AWS API
* Documentation
*/
GetComplianceDetailResult getComplianceDetail(GetComplianceDetailRequest getComplianceDetailRequest);
/**
*
* Information about the Amazon Simple Notification Service (SNS) topic that is used to record Firewall Manager SNS
* logs.
*
*
* @param getNotificationChannelRequest
* @return Result of the GetNotificationChannel operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetNotificationChannel
* @see AWS API
* Documentation
*/
GetNotificationChannelResult getNotificationChannel(GetNotificationChannelRequest getNotificationChannelRequest);
/**
*
* Returns information about the specified Firewall Manager policy.
*
*
* @param getPolicyRequest
* @return Result of the GetPolicy operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidTypeException
* The value of the Type parameter is invalid.
* @sample AWSFMS.GetPolicy
* @see AWS API
* Documentation
*/
GetPolicyResult getPolicy(GetPolicyRequest getPolicyRequest);
/**
*
* If you created a Shield Advanced policy, returns policy-level attack summary information in the event of a
* potential DDoS attack. Other policy types are currently unsupported.
*
*
* @param getProtectionStatusRequest
* @return Result of the GetProtectionStatus operation returned by the service.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetProtectionStatus
* @see AWS API
* Documentation
*/
GetProtectionStatusResult getProtectionStatus(GetProtectionStatusRequest getProtectionStatusRequest);
/**
*
* Returns information about the specified Firewall Manager protocols list.
*
*
* @param getProtocolsListRequest
* @return Result of the GetProtocolsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetProtocolsList
* @see AWS API
* Documentation
*/
GetProtocolsListResult getProtocolsList(GetProtocolsListRequest getProtocolsListRequest);
/**
*
* Gets information about a specific resource set.
*
*
* @param getResourceSetRequest
* @return Result of the GetResourceSet operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetResourceSet
* @see AWS API
* Documentation
*/
GetResourceSetResult getResourceSet(GetResourceSetRequest getResourceSetRequest);
/**
*
* The onboarding status of a Firewall Manager admin account to third-party firewall vendor tenant.
*
*
* @param getThirdPartyFirewallAssociationStatusRequest
* @return Result of the GetThirdPartyFirewallAssociationStatus operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetThirdPartyFirewallAssociationStatus
* @see AWS API Documentation
*/
GetThirdPartyFirewallAssociationStatusResult getThirdPartyFirewallAssociationStatus(
GetThirdPartyFirewallAssociationStatusRequest getThirdPartyFirewallAssociationStatusRequest);
/**
*
* Retrieves violations for a resource based on the specified Firewall Manager policy and Amazon Web Services
* account.
*
*
* @param getViolationDetailsRequest
* @return Result of the GetViolationDetails operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.GetViolationDetails
* @see AWS API
* Documentation
*/
GetViolationDetailsResult getViolationDetails(GetViolationDetailsRequest getViolationDetailsRequest);
/**
*
* Returns a AdminAccounts object that lists the Firewall Manager administrators within the
* organization that are onboarded to Firewall Manager by AssociateAdminAccount.
*
*
* This operation can be called only from the organization's management account.
*
*
* @param listAdminAccountsForOrganizationRequest
* @return Result of the ListAdminAccountsForOrganization operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.ListAdminAccountsForOrganization
* @see AWS API Documentation
*/
ListAdminAccountsForOrganizationResult listAdminAccountsForOrganization(ListAdminAccountsForOrganizationRequest listAdminAccountsForOrganizationRequest);
/**
*
* Lists the accounts that are managing the specified Organizations member account. This is useful for any member
* account so that they can view the accounts who are managing their account. This operation only returns the
* managing administrators that have the requested account within their AdminScope.
*
*
* @param listAdminsManagingAccountRequest
* @return Result of the ListAdminsManagingAccount operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListAdminsManagingAccount
* @see AWS
* API Documentation
*/
ListAdminsManagingAccountResult listAdminsManagingAccount(ListAdminsManagingAccountRequest listAdminsManagingAccountRequest);
/**
*
* Returns an array of AppsListDataSummary objects.
*
*
* @param listAppsListsRequest
* @return Result of the ListAppsLists operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListAppsLists
* @see AWS API
* Documentation
*/
ListAppsListsResult listAppsLists(ListAppsListsRequest listAppsListsRequest);
/**
*
* Returns an array of PolicyComplianceStatus objects. Use PolicyComplianceStatus to get a
* summary of which member accounts are protected by the specified policy.
*
*
* @param listComplianceStatusRequest
* @return Result of the ListComplianceStatus operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListComplianceStatus
* @see AWS API
* Documentation
*/
ListComplianceStatusResult listComplianceStatus(ListComplianceStatusRequest listComplianceStatusRequest);
/**
*
* Returns an array of resources in the organization's accounts that are available to be associated with a resource
* set.
*
*
* @param listDiscoveredResourcesRequest
* @return Result of the ListDiscoveredResources operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListDiscoveredResources
* @see AWS
* API Documentation
*/
ListDiscoveredResourcesResult listDiscoveredResources(ListDiscoveredResourcesRequest listDiscoveredResourcesRequest);
/**
*
* Returns a MemberAccounts object that lists the member accounts in the administrator's Amazon Web
* Services organization.
*
*
* Either an Firewall Manager administrator or the organization's management account can make this request.
*
*
* @param listMemberAccountsRequest
* @return Result of the ListMemberAccounts operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListMemberAccounts
* @see AWS API
* Documentation
*/
ListMemberAccountsResult listMemberAccounts(ListMemberAccountsRequest listMemberAccountsRequest);
/**
*
* Returns an array of PolicySummary objects.
*
*
* @param listPoliciesRequest
* @return Result of the ListPolicies operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListPolicies
* @see AWS API
* Documentation
*/
ListPoliciesResult listPolicies(ListPoliciesRequest listPoliciesRequest);
/**
*
* Returns an array of ProtocolsListDataSummary objects.
*
*
* @param listProtocolsListsRequest
* @return Result of the ListProtocolsLists operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListProtocolsLists
* @see AWS API
* Documentation
*/
ListProtocolsListsResult listProtocolsLists(ListProtocolsListsRequest listProtocolsListsRequest);
/**
*
* Returns an array of resources that are currently associated to a resource set.
*
*
* @param listResourceSetResourcesRequest
* @return Result of the ListResourceSetResources operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @sample AWSFMS.ListResourceSetResources
* @see AWS
* API Documentation
*/
ListResourceSetResourcesResult listResourceSetResources(ListResourceSetResourcesRequest listResourceSetResourcesRequest);
/**
*
* Returns an array of ResourceSetSummary objects.
*
*
* @param listResourceSetsRequest
* @return Result of the ListResourceSets operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListResourceSets
* @see AWS API
* Documentation
*/
ListResourceSetsResult listResourceSets(ListResourceSetsRequest listResourceSetsRequest);
/**
*
* Retrieves the list of tags for the specified Amazon Web Services resource.
*
*
* @param listTagsForResourceRequest
* @return Result of the ListTagsForResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @sample AWSFMS.ListTagsForResource
* @see AWS API
* Documentation
*/
ListTagsForResourceResult listTagsForResource(ListTagsForResourceRequest listTagsForResourceRequest);
/**
*
* Retrieves a list of all of the third-party firewall policies that are associated with the third-party firewall
* administrator's account.
*
*
* @param listThirdPartyFirewallFirewallPoliciesRequest
* @return Result of the ListThirdPartyFirewallFirewallPolicies operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.ListThirdPartyFirewallFirewallPolicies
* @see AWS API Documentation
*/
ListThirdPartyFirewallFirewallPoliciesResult listThirdPartyFirewallFirewallPolicies(
ListThirdPartyFirewallFirewallPoliciesRequest listThirdPartyFirewallFirewallPoliciesRequest);
/**
*
* Creates or updates an Firewall Manager administrator account. The account must be a member of the organization
* that was onboarded to Firewall Manager by AssociateAdminAccount. Only the organization's management
* account can create an Firewall Manager administrator account. When you create an Firewall Manager administrator
* account, the service checks to see if the account is already a delegated administrator within Organizations. If
* the account isn't a delegated administrator, Firewall Manager calls Organizations to delegate the account within
* Organizations. For more information about administrator accounts within Organizations, see Managing the Amazon
* Web Services Accounts in Your Organization.
*
*
* @param putAdminAccountRequest
* @return Result of the PutAdminAccount operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.PutAdminAccount
* @see AWS API
* Documentation
*/
PutAdminAccountResult putAdminAccount(PutAdminAccountRequest putAdminAccountRequest);
/**
*
* Creates an Firewall Manager applications list.
*
*
* @param putAppsListRequest
* @return Result of the PutAppsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.PutAppsList
* @see AWS API
* Documentation
*/
PutAppsListResult putAppsList(PutAppsListRequest putAppsListRequest);
/**
*
* Designates the IAM role and Amazon Simple Notification Service (SNS) topic that Firewall Manager uses to record
* SNS logs.
*
*
* To perform this action outside of the console, you must first configure the SNS topic's access policy to allow
* the SnsRoleName to publish SNS logs. If the SnsRoleName provided is a role other than
* the AWSServiceRoleForFMS service-linked role, this role must have a trust relationship configured to
* allow the Firewall Manager service principal fms.amazonaws.com to assume this role. For information
* about configuring an SNS access policy, see Service roles for Firewall Manager in the Firewall Manager Developer Guide.
*
*
* @param putNotificationChannelRequest
* @return Result of the PutNotificationChannel operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.PutNotificationChannel
* @see AWS API
* Documentation
*/
PutNotificationChannelResult putNotificationChannel(PutNotificationChannelRequest putNotificationChannelRequest);
/**
*
* Creates an Firewall Manager policy.
*
*
* A Firewall Manager policy is specific to the individual policy type. If you want to enforce multiple policy types
* across accounts, you can create multiple policies. You can create more than one policy for each type.
*
*
* If you add a new account to an organization that you created with Organizations, Firewall Manager automatically
* applies the policy to the resources in that account that are within scope of the policy.
*
*
* Firewall Manager provides the following types of policies:
*
*
* -
*
* WAF policy - This policy applies WAF web ACL protections to specified accounts and resources.
*
*
* -
*
* Shield Advanced policy - This policy applies Shield Advanced protection to specified accounts and
* resources.
*
*
* -
*
* Security Groups policy - This type of policy gives you control over security groups that are in use
* throughout your organization in Organizations and lets you enforce a baseline set of rules across your
* organization.
*
*
* -
*
* Network ACL policy - This type of policy gives you control over the network ACLs that are in use
* throughout your organization in Organizations and lets you enforce a baseline set of first and last network ACL
* rules across your organization.
*
*
* -
*
* Network Firewall policy - This policy applies Network Firewall protection to your organization's VPCs.
*
*
* -
*
* DNS Firewall policy - This policy applies Amazon Route 53 Resolver DNS Firewall protections to your
* organization's VPCs.
*
*
* -
*
* Third-party firewall policy - This policy applies third-party firewall protections. Third-party firewalls
* are available by subscription through the Amazon Web Services Marketplace console at Amazon Web Services Marketplace.
*
*
* -
*
* Palo Alto Networks Cloud NGFW policy - This policy applies Palo Alto Networks Cloud Next Generation
* Firewall (NGFW) protections and Palo Alto Networks Cloud NGFW rulestacks to your organization's VPCs.
*
*
* -
*
* Fortigate CNF policy - This policy applies Fortigate Cloud Native Firewall (CNF) protections. Fortigate
* CNF is a cloud-centered solution that blocks Zero-Day threats and secures cloud infrastructures with
* industry-leading advanced threat prevention, smart web application firewalls (WAF), and API protection.
*
*
*
*
*
*
* @param putPolicyRequest
* @return Result of the PutPolicy operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidTypeException
* The value of the Type parameter is invalid.
* @sample AWSFMS.PutPolicy
* @see AWS API
* Documentation
*/
PutPolicyResult putPolicy(PutPolicyRequest putPolicyRequest);
/**
*
* Creates an Firewall Manager protocols list.
*
*
* @param putProtocolsListRequest
* @return Result of the PutProtocolsList operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.PutProtocolsList
* @see AWS API
* Documentation
*/
PutProtocolsListResult putProtocolsList(PutProtocolsListRequest putProtocolsListRequest);
/**
*
* Creates the resource set.
*
*
* An Firewall Manager resource set defines the resources to import into an Firewall Manager policy from another
* Amazon Web Services service.
*
*
* @param putResourceSetRequest
* @return Result of the PutResourceSet operation returned by the service.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @sample AWSFMS.PutResourceSet
* @see AWS API
* Documentation
*/
PutResourceSetResult putResourceSet(PutResourceSetRequest putResourceSetRequest);
/**
*
* Adds one or more tags to an Amazon Web Services resource.
*
*
* @param tagResourceRequest
* @return Result of the TagResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @throws LimitExceededException
* The operation exceeds a resource limit, for example, the maximum number of policy objects
* that you can create for an Amazon Web Services account. For more information, see Firewall Manager Limits
* in the WAF Developer Guide.
* @sample AWSFMS.TagResource
* @see AWS API
* Documentation
*/
TagResourceResult tagResource(TagResourceRequest tagResourceRequest);
/**
*
* Removes one or more tags from an Amazon Web Services resource.
*
*
* @param untagResourceRequest
* @return Result of the UntagResource operation returned by the service.
* @throws ResourceNotFoundException
* The specified resource was not found.
* @throws InvalidOperationException
* The operation failed because there was nothing to do or the operation wasn't possible. For example, you
* might have submitted an AssociateAdminAccount request for an account ID that was already set
* as the Firewall Manager administrator. Or you might have tried to access a Region that's disabled by
* default, and that you need to enable for the Firewall Manager administrator account and for Organizations
* before you can access it.
* @throws InternalErrorException
* The operation failed because of a system problem, even though the request was valid. Retry your request.
* @throws InvalidInputException
* The parameters of the request were invalid.
* @sample AWSFMS.UntagResource
* @see AWS API
* Documentation
*/
UntagResourceResult untagResource(UntagResourceRequest untagResourceRequest);
/**
* Shuts down this client object, releasing any resources that might be held open. This is an optional method, and
* callers are not expected to call it, but can if they want to explicitly release any open resources. Once a client
* has been shutdown, it should not be used to make any more requests.
*/
void shutdown();
/**
* Returns additional metadata for a previously executed successful request, typically used for debugging issues
* where a service isn't acting as expected. This data isn't considered part of the result data returned by an
* operation, so it's available through this separate, diagnostic interface.
*
* Response metadata is only cached for a limited period of time, so if you need to access this extra diagnostic
* information for an executed request, you should use this method to retrieve it as soon as possible after
* executing a request.
*
* @param request
* The originally executed request.
*
* @return The response metadata for the specified request, or null if none is available.
*/
ResponseMetadata getCachedResponseMetadata(AmazonWebServiceRequest request);
}
© 2015 - 2024 Weber Informatics LLC | Privacy Policy