Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.FMS.Types.ResourceViolation

Description

Synopsis

Documentation

data ResourceViolation Source #

Violation detail based on resource type.

See: newResourceViolation smart constructor.

Constructors

ResourceViolation'

Fields

possibleRemediationActions :: Maybe PossibleRemediationActions
A list of possible remediation action lists. Each individual possible remediation action is a list of individual remediation actions.
networkFirewallBlackHoleRouteDetectedViolation :: Maybe NetworkFirewallBlackHoleRouteDetectedViolation
dnsRuleGroupLimitExceededViolation :: Maybe DnsRuleGroupLimitExceededViolation
Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.
networkFirewallMissingExpectedRTViolation :: Maybe NetworkFirewallMissingExpectedRTViolation
Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.
networkFirewallInternetTrafficNotInspectedViolation :: Maybe NetworkFirewallInternetTrafficNotInspectedViolation
Violation detail for the subnet for which internet traffic hasn't been inspected.
networkFirewallMissingFirewallViolation :: Maybe NetworkFirewallMissingFirewallViolation
Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.
networkFirewallMissingSubnetViolation :: Maybe NetworkFirewallMissingSubnetViolation
Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.
awsEc2InstanceViolation :: Maybe AwsEc2InstanceViolation
Violation detail for an EC2 instance.
networkFirewallMissingExpectedRoutesViolation :: Maybe NetworkFirewallMissingExpectedRoutesViolation
Expected routes are missing from Network Firewall.
dnsRuleGroupPriorityConflictViolation :: Maybe DnsRuleGroupPriorityConflictViolation
Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that's already associated.
awsVPCSecurityGroupViolation :: Maybe AwsVPCSecurityGroupViolation
Violation detail for security groups.
networkFirewallPolicyModifiedViolation :: Maybe NetworkFirewallPolicyModifiedViolation
Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.
networkFirewallUnexpectedFirewallRoutesViolation :: Maybe NetworkFirewallUnexpectedFirewallRoutesViolation
There's an unexpected firewall route.
awsEc2NetworkInterfaceViolation :: Maybe AwsEc2NetworkInterfaceViolation
Violation detail for a network interface.
networkFirewallUnexpectedGatewayRoutesViolation :: Maybe NetworkFirewallUnexpectedGatewayRoutesViolation
There's an unexpected gateway route.
dnsDuplicateRuleGroupViolation :: Maybe DnsDuplicateRuleGroupViolation
Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can't be associated again.
networkFirewallInvalidRouteConfigurationViolation :: Maybe NetworkFirewallInvalidRouteConfigurationViolation
The route configuration is invalid.

Instances

Instances details

Eq ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods (==) :: ResourceViolation -> ResourceViolation -> Bool # (/=) :: ResourceViolation -> ResourceViolation -> Bool #
Read ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods readsPrec :: Int -> ReadS ResourceViolation # readList :: ReadS [ResourceViolation] # readPrec :: ReadPrec ResourceViolation # readListPrec :: ReadPrec [ResourceViolation] #
Show ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods showsPrec :: Int -> ResourceViolation -> ShowS # show :: ResourceViolation -> String # showList :: [ResourceViolation] -> ShowS #
Generic ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Associated Types type Rep ResourceViolation :: Type -> Type # Methods from :: ResourceViolation -> Rep ResourceViolation x # to :: Rep ResourceViolation x -> ResourceViolation #
NFData ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods rnf :: ResourceViolation -> () #
Hashable ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods hashWithSalt :: Int -> ResourceViolation -> Int # hash :: ResourceViolation -> Int #
FromJSON ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation Methods parseJSON :: Value -> Parser ResourceViolation # parseJSONList :: Value -> Parser [ResourceViolation] #
type Rep ResourceViolation Source #
Instance details Defined in Amazonka.FMS.Types.ResourceViolation type Rep ResourceViolation = D1 ('MetaData "ResourceViolation" "Amazonka.FMS.Types.ResourceViolation" "libZSservicesZSamazonka-fmsZSamazonka-fms" 'False) (C1 ('MetaCons "ResourceViolation'" 'PrefixI 'True) ((((S1 ('MetaSel ('Just "possibleRemediationActions") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe PossibleRemediationActions)) :: S1 ('MetaSel ('Just "networkFirewallBlackHoleRouteDetectedViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallBlackHoleRouteDetectedViolation))) :: (S1 ('MetaSel ('Just "dnsRuleGroupLimitExceededViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe DnsRuleGroupLimitExceededViolation)) :: S1 ('MetaSel ('Just "networkFirewallMissingExpectedRTViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallMissingExpectedRTViolation)))) :: ((S1 ('MetaSel ('Just "networkFirewallInternetTrafficNotInspectedViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallInternetTrafficNotInspectedViolation)) :: S1 ('MetaSel ('Just "networkFirewallMissingFirewallViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallMissingFirewallViolation))) :: (S1 ('MetaSel ('Just "networkFirewallMissingSubnetViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallMissingSubnetViolation)) :: S1 ('MetaSel ('Just "awsEc2InstanceViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe AwsEc2InstanceViolation))))) :: (((S1 ('MetaSel ('Just "networkFirewallMissingExpectedRoutesViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallMissingExpectedRoutesViolation)) :: S1 ('MetaSel ('Just "dnsRuleGroupPriorityConflictViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe DnsRuleGroupPriorityConflictViolation))) :: (S1 ('MetaSel ('Just "awsVPCSecurityGroupViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe AwsVPCSecurityGroupViolation)) :: S1 ('MetaSel ('Just "networkFirewallPolicyModifiedViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallPolicyModifiedViolation)))) :: ((S1 ('MetaSel ('Just "networkFirewallUnexpectedFirewallRoutesViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallUnexpectedFirewallRoutesViolation)) :: S1 ('MetaSel ('Just "awsEc2NetworkInterfaceViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe AwsEc2NetworkInterfaceViolation))) :: (S1 ('MetaSel ('Just "networkFirewallUnexpectedGatewayRoutesViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallUnexpectedGatewayRoutesViolation)) :: (S1 ('MetaSel ('Just "dnsDuplicateRuleGroupViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe DnsDuplicateRuleGroupViolation)) :: S1 ('MetaSel ('Just "networkFirewallInvalidRouteConfigurationViolation") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe NetworkFirewallInvalidRouteConfigurationViolation))))))))

newResourceViolation :: ResourceViolation Source #

Create a value of ResourceViolation with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:possibleRemediationActions:ResourceViolation', resourceViolation_possibleRemediationActions - A list of possible remediation action lists. Each individual possible remediation action is a list of individual remediation actions.

$sel:networkFirewallBlackHoleRouteDetectedViolation:ResourceViolation', resourceViolation_networkFirewallBlackHoleRouteDetectedViolation - Undocumented member.

$sel:dnsRuleGroupLimitExceededViolation:ResourceViolation', resourceViolation_dnsRuleGroupLimitExceededViolation - Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.

$sel:networkFirewallMissingExpectedRTViolation:ResourceViolation', resourceViolation_networkFirewallMissingExpectedRTViolation - Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

$sel:networkFirewallInternetTrafficNotInspectedViolation:ResourceViolation', resourceViolation_networkFirewallInternetTrafficNotInspectedViolation - Violation detail for the subnet for which internet traffic hasn't been inspected.

$sel:networkFirewallMissingFirewallViolation:ResourceViolation', resourceViolation_networkFirewallMissingFirewallViolation - Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

$sel:networkFirewallMissingSubnetViolation:ResourceViolation', resourceViolation_networkFirewallMissingSubnetViolation - Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

$sel:awsEc2InstanceViolation:ResourceViolation', resourceViolation_awsEc2InstanceViolation - Violation detail for an EC2 instance.

$sel:networkFirewallMissingExpectedRoutesViolation:ResourceViolation', resourceViolation_networkFirewallMissingExpectedRoutesViolation - Expected routes are missing from Network Firewall.

$sel:dnsRuleGroupPriorityConflictViolation:ResourceViolation', resourceViolation_dnsRuleGroupPriorityConflictViolation - Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that's already associated.

$sel:awsVPCSecurityGroupViolation:ResourceViolation', resourceViolation_awsVPCSecurityGroupViolation - Violation detail for security groups.

$sel:networkFirewallPolicyModifiedViolation:ResourceViolation', resourceViolation_networkFirewallPolicyModifiedViolation - Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.

$sel:networkFirewallUnexpectedFirewallRoutesViolation:ResourceViolation', resourceViolation_networkFirewallUnexpectedFirewallRoutesViolation - There's an unexpected firewall route.

$sel:awsEc2NetworkInterfaceViolation:ResourceViolation', resourceViolation_awsEc2NetworkInterfaceViolation - Violation detail for a network interface.

$sel:networkFirewallUnexpectedGatewayRoutesViolation:ResourceViolation', resourceViolation_networkFirewallUnexpectedGatewayRoutesViolation - There's an unexpected gateway route.

$sel:dnsDuplicateRuleGroupViolation:ResourceViolation', resourceViolation_dnsDuplicateRuleGroupViolation - Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can't be associated again.

$sel:networkFirewallInvalidRouteConfigurationViolation:ResourceViolation', resourceViolation_networkFirewallInvalidRouteConfigurationViolation - The route configuration is invalid.

resourceViolation_possibleRemediationActions :: Lens' ResourceViolation (Maybe PossibleRemediationActions) Source #

A list of possible remediation action lists. Each individual possible remediation action is a list of individual remediation actions.

resourceViolation_networkFirewallBlackHoleRouteDetectedViolation :: Lens' ResourceViolation (Maybe NetworkFirewallBlackHoleRouteDetectedViolation) Source #

Undocumented member.

resourceViolation_dnsRuleGroupLimitExceededViolation :: Lens' ResourceViolation (Maybe DnsRuleGroupLimitExceededViolation) Source #

Violation detail for a DNS Firewall policy that indicates that the VPC reached the limit for associated DNS Firewall rule groups. Firewall Manager tried to associate another rule group with the VPC and failed.

resourceViolation_networkFirewallMissingExpectedRTViolation :: Lens' ResourceViolation (Maybe NetworkFirewallMissingExpectedRTViolation) Source #

Violation detail for an Network Firewall policy that indicates that a subnet is not associated with the expected Firewall Manager managed route table.

resourceViolation_networkFirewallInternetTrafficNotInspectedViolation :: Lens' ResourceViolation (Maybe NetworkFirewallInternetTrafficNotInspectedViolation) Source #

Violation detail for the subnet for which internet traffic hasn't been inspected.

resourceViolation_networkFirewallMissingFirewallViolation :: Lens' ResourceViolation (Maybe NetworkFirewallMissingFirewallViolation) Source #

Violation detail for an Network Firewall policy that indicates that a subnet has no Firewall Manager managed firewall in its VPC.

resourceViolation_networkFirewallMissingSubnetViolation :: Lens' ResourceViolation (Maybe NetworkFirewallMissingSubnetViolation) Source #

Violation detail for an Network Firewall policy that indicates that an Availability Zone is missing the expected Firewall Manager managed subnet.

resourceViolation_awsEc2InstanceViolation :: Lens' ResourceViolation (Maybe AwsEc2InstanceViolation) Source #

Violation detail for an EC2 instance.

resourceViolation_networkFirewallMissingExpectedRoutesViolation :: Lens' ResourceViolation (Maybe NetworkFirewallMissingExpectedRoutesViolation) Source #

Expected routes are missing from Network Firewall.

resourceViolation_dnsRuleGroupPriorityConflictViolation :: Lens' ResourceViolation (Maybe DnsRuleGroupPriorityConflictViolation) Source #

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC has the same priority as a rule group that's already associated.

resourceViolation_awsVPCSecurityGroupViolation :: Lens' ResourceViolation (Maybe AwsVPCSecurityGroupViolation) Source #

Violation detail for security groups.

resourceViolation_networkFirewallPolicyModifiedViolation :: Lens' ResourceViolation (Maybe NetworkFirewallPolicyModifiedViolation) Source #

Violation detail for an Network Firewall policy that indicates that a firewall policy in an individual account has been modified in a way that makes it noncompliant. For example, the individual account owner might have deleted a rule group, changed the priority of a stateless rule group, or changed a policy default action.

resourceViolation_networkFirewallUnexpectedFirewallRoutesViolation :: Lens' ResourceViolation (Maybe NetworkFirewallUnexpectedFirewallRoutesViolation) Source #

There's an unexpected firewall route.

resourceViolation_awsEc2NetworkInterfaceViolation :: Lens' ResourceViolation (Maybe AwsEc2NetworkInterfaceViolation) Source #

Violation detail for a network interface.

resourceViolation_networkFirewallUnexpectedGatewayRoutesViolation :: Lens' ResourceViolation (Maybe NetworkFirewallUnexpectedGatewayRoutesViolation) Source #

There's an unexpected gateway route.

resourceViolation_dnsDuplicateRuleGroupViolation :: Lens' ResourceViolation (Maybe DnsDuplicateRuleGroupViolation) Source #

Violation detail for a DNS Firewall policy that indicates that a rule group that Firewall Manager tried to associate with a VPC is already associated with the VPC and can't be associated again.

resourceViolation_networkFirewallInvalidRouteConfigurationViolation :: Lens' ResourceViolation (Maybe NetworkFirewallInvalidRouteConfigurationViolation) Source #

The route configuration is invalid.