Learn R Programming
paws.security.identity (version 0.1.12)

fms_get_violation_details: Retrieves violations for a resource based on the specified AWS Firewall Manager policy and AWS account

Description

Retrieves violations for a resource based on the specified AWS Firewall Manager policy and AWS account.

Usage

fms_get_violation_details(PolicyId, MemberAccount, ResourceId,
  ResourceType)

Value

A list with the following syntax:

list(
  ViolationDetail = list(
    PolicyId = "string",
    MemberAccount = "string",
    ResourceId = "string",
    ResourceType = "string",
    ResourceViolations = list(
      list(
        AwsVPCSecurityGroupViolation = list(
          ViolationTarget = "string",
          ViolationTargetDescription = "string",
          PartialMatches = list(
            list(
              Reference = "string",
              TargetViolationReasons = list(
                "string"
              )
            )
          ),
          PossibleSecurityGroupRemediationActions = list(
            list(
              RemediationActionType = "REMOVE"|"MODIFY",
              Description = "string",
              RemediationResult = list(
                IPV4Range = "string",
                IPV6Range = "string",
                PrefixListId = "string",
                Protocol = "string",
                FromPort = 123,
                ToPort = 123
              ),
              IsDefaultAction = TRUE|FALSE
            )
          )
        ),
        AwsEc2NetworkInterfaceViolation = list(
          ViolationTarget = "string",
          ViolatingSecurityGroups = list(
            "string"
          )
        ),
        AwsEc2InstanceViolation = list(
          ViolationTarget = "string",
          AwsEc2NetworkInterfaceViolations = list(
            list(
              ViolationTarget = "string",
              ViolatingSecurityGroups = list(
                "string"
              )
            )
          )
        ),
        NetworkFirewallMissingFirewallViolation = list(
          ViolationTarget = "string",
          VPC = "string",
          AvailabilityZone = "string",
          TargetViolationReason = "string"
        ),
        NetworkFirewallMissingSubnetViolation = list(
          ViolationTarget = "string",
          VPC = "string",
          AvailabilityZone = "string",
          TargetViolationReason = "string"
        ),
        NetworkFirewallMissingExpectedRTViolation = list(
          ViolationTarget = "string",
          VPC = "string",
          AvailabilityZone = "string",
          CurrentRouteTable = "string",
          ExpectedRouteTable = "string"
        ),
        NetworkFirewallPolicyModifiedViolation = list(
          ViolationTarget = "string",
          CurrentPolicyDescription = list(
            StatelessRuleGroups = list(
              list(
                RuleGroupName = "string",
                ResourceId = "string",
                Priority = 123
              )
            ),
            StatelessDefaultActions = list(
              "string"
            ),
            StatelessFragmentDefaultActions = list(
              "string"
            ),
            StatelessCustomActions = list(
              "string"
            ),
            StatefulRuleGroups = list(
              list(
                RuleGroupName = "string",
                ResourceId = "string"
              )
            )
          ),
          ExpectedPolicyDescription = list(
            StatelessRuleGroups = list(
              list(
                RuleGroupName = "string",
                ResourceId = "string",
                Priority = 123
              )
            ),
            StatelessDefaultActions = list(
              "string"
            ),
            StatelessFragmentDefaultActions = list(
              "string"
            ),
            StatelessCustomActions = list(
              "string"
            ),
            StatefulRuleGroups = list(
              list(
                RuleGroupName = "string",
                ResourceId = "string"
              )
            )
          )
        )
      )
    ),
    ResourceTags = list(
      list(
        Key = "string",
        Value = "string"
      )
    ),
    ResourceDescription = "string"
  )
)

Arguments

PolicyId

[required] The ID of the AWS Firewall Manager policy that you want the details for. This currently only supports security group content audit policies.

MemberAccount

[required] The AWS account ID that you want the details for.

ResourceId

[required] The ID of the resource that has violations.

ResourceType

[required] The resource type. This is in the format shown in the AWS Resource Types Reference. Supported resource types are: AWS::EC2::Instance, AWS::EC2::NetworkInterface, AWS::EC2::SecurityGroup, AWS::NetworkFirewall::FirewallPolicy, and AWS::EC2::Subnet.

Request syntax

svc$get_violation_details(
  PolicyId = "string",
  MemberAccount = "string",
  ResourceId = "string",
  ResourceType = "string"
)