Copyright	(c) 2013-2021 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay <brendan.g.hay+amazonka@gmail.com>
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	None

Amazonka.NetworkFirewall.PutResourcePolicy

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Creates or updates an AWS Identity and Access Management policy for your rule group or firewall policy. Use this to share rule groups and firewall policies between accounts. This operation works in conjunction with the AWS Resource Access Manager (RAM) service to manage resource sharing for Network Firewall.

Use this operation to create or update a resource policy for your rule group or firewall policy. In the policy, you specify the accounts that you want to share the resource with and the operations that you want the accounts to be able to perform.

When you add an account in the resource policy, you then run the following Resource Access Manager (RAM) operations to access and accept the shared rule group or firewall policy.

GetResourceShareInvitations
Returns the Amazon Resource Names (ARNs) of the resource share invitations.
AcceptResourceShareInvitation
Accepts the share invitation for a specified resource share.

For additional information about resource sharing using RAM, see AWS Resource Access Manager User Guide.

Creating a Request

data PutResourcePolicy Source #

See: newPutResourcePolicy smart constructor.

Constructors

PutResourcePolicy'

Fields

resourceArn :: Text
The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.
policy :: Text
The AWS Identity and Access Management policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.
For a rule group resource, you can specify the following operations in the Actions section of the statement:
- network-firewall:CreateFirewallPolicy
- network-firewall:UpdateFirewallPolicy
- network-firewall:ListRuleGroups
For a firewall policy resource, you can specify the following operations in the Actions section of the statement:
- network-firewall:CreateFirewall
- network-firewall:UpdateFirewall
- network-firewall:AssociateFirewallPolicy
- network-firewall:ListFirewallPolicies
In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Instances

Instances details

Eq PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods (==) :: PutResourcePolicy -> PutResourcePolicy -> Bool # (/=) :: PutResourcePolicy -> PutResourcePolicy -> Bool #
Read PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods readsPrec :: Int -> ReadS PutResourcePolicy # readList :: ReadS [PutResourcePolicy] # readPrec :: ReadPrec PutResourcePolicy # readListPrec :: ReadPrec [PutResourcePolicy] #
Show PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods showsPrec :: Int -> PutResourcePolicy -> ShowS # show :: PutResourcePolicy -> String # showList :: [PutResourcePolicy] -> ShowS #
Generic PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type Rep PutResourcePolicy :: Type -> Type # Methods from :: PutResourcePolicy -> Rep PutResourcePolicy x # to :: Rep PutResourcePolicy x -> PutResourcePolicy #
NFData PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods rnf :: PutResourcePolicy -> () #
Hashable PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods hashWithSalt :: Int -> PutResourcePolicy -> Int # hash :: PutResourcePolicy -> Int #
ToJSON PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toJSON :: PutResourcePolicy -> Value # toEncoding :: PutResourcePolicy -> Encoding # toJSONList :: [PutResourcePolicy] -> Value # toEncodingList :: [PutResourcePolicy] -> Encoding #
AWSRequest PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type AWSResponse PutResourcePolicy # Methods request :: PutResourcePolicy -> Request PutResourcePolicy # response :: MonadResource m => Logger -> Service -> Proxy PutResourcePolicy -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse PutResourcePolicy))) #
ToHeaders PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toHeaders :: PutResourcePolicy -> [Header] #
ToPath PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toPath :: PutResourcePolicy -> ByteString #
ToQuery PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toQuery :: PutResourcePolicy -> QueryString #
type Rep PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type Rep PutResourcePolicy = D1 ('MetaData "PutResourcePolicy" "Amazonka.NetworkFirewall.PutResourcePolicy" "libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall" 'False) (C1 ('MetaCons "PutResourcePolicy'" 'PrefixI 'True) (S1 ('MetaSel ('Just "resourceArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "policy") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))
type AWSResponse PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type AWSResponse PutResourcePolicy = PutResourcePolicyResponse

newPutResourcePolicy Source #

Arguments

:: Text	`$sel:resourceArn:PutResourcePolicy'`
-> Text	`$sel:policy:PutResourcePolicy'`
-> PutResourcePolicy

Create a value of PutResourcePolicy with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:resourceArn:PutResourcePolicy', putResourcePolicy_resourceArn - The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.

$sel:policy:PutResourcePolicy', putResourcePolicy_policy - The AWS Identity and Access Management policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.

For a rule group resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewallPolicy
network-firewall:UpdateFirewallPolicy
network-firewall:ListRuleGroups

For a firewall policy resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewall
network-firewall:UpdateFirewall
network-firewall:AssociateFirewallPolicy
network-firewall:ListFirewallPolicies

In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Request Lenses

putResourcePolicy_resourceArn :: Lens' PutResourcePolicy Text Source #

The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.

putResourcePolicy_policy :: Lens' PutResourcePolicy Text Source #

The AWS Identity and Access Management policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.

For a rule group resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewallPolicy
network-firewall:UpdateFirewallPolicy
network-firewall:ListRuleGroups

For a firewall policy resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewall
network-firewall:UpdateFirewall
network-firewall:AssociateFirewallPolicy
network-firewall:ListFirewallPolicies

In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Destructuring the Response

data PutResourcePolicyResponse Source #

See: newPutResourcePolicyResponse smart constructor.

Constructors

PutResourcePolicyResponse'
Fields httpStatus :: Int The response's http status code.

Instances

Instances details

Eq PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods (==) :: PutResourcePolicyResponse -> PutResourcePolicyResponse -> Bool # (/=) :: PutResourcePolicyResponse -> PutResourcePolicyResponse -> Bool #
Read PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods readsPrec :: Int -> ReadS PutResourcePolicyResponse # readList :: ReadS [PutResourcePolicyResponse] # readPrec :: ReadPrec PutResourcePolicyResponse # readListPrec :: ReadPrec [PutResourcePolicyResponse] #
Show PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods showsPrec :: Int -> PutResourcePolicyResponse -> ShowS # show :: PutResourcePolicyResponse -> String # showList :: [PutResourcePolicyResponse] -> ShowS #
Generic PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type Rep PutResourcePolicyResponse :: Type -> Type # Methods from :: PutResourcePolicyResponse -> Rep PutResourcePolicyResponse x # to :: Rep PutResourcePolicyResponse x -> PutResourcePolicyResponse #
NFData PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods rnf :: PutResourcePolicyResponse -> () #
type Rep PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type Rep PutResourcePolicyResponse = D1 ('MetaData "PutResourcePolicyResponse" "Amazonka.NetworkFirewall.PutResourcePolicy" "libZSservicesZSamazonka-network-firewallZSamazonka-network-firewall" 'False) (C1 ('MetaCons "PutResourcePolicyResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)))

newPutResourcePolicyResponse Source #

Arguments

:: Int	`$sel:httpStatus:PutResourcePolicyResponse'`
-> PutResourcePolicyResponse

Create a value of PutResourcePolicyResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:httpStatus:PutResourcePolicyResponse', putResourcePolicyResponse_httpStatus - The response's http status code.

Response Lenses

putResourcePolicyResponse_httpStatus :: Lens' PutResourcePolicyResponse Int Source #

The response's http status code.