ComplianceViolator - AWS Firewall Manager

ComplianceViolator

Details of the resource that is not protected by the policy.

Contents

ResourceId

The resource ID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$

Required: No

ResourceType

The resource type. This is in the format shown in the AWS Resource Types Reference. For example: AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::CloudFront::Distribution, or AWS::NetworkFirewall::FirewallPolicy.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$

Required: No

ViolationReason

The reason that the resource is not protected by the policy.

Type: String

Valid Values: WEB_ACL_MISSING_RULE_GROUP | RESOURCE_MISSING_WEB_ACL | RESOURCE_INCORRECT_WEB_ACL | RESOURCE_MISSING_SHIELD_PROTECTION | RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION | RESOURCE_MISSING_SECURITY_GROUP | RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP | SECURITY_GROUP_UNUSED | SECURITY_GROUP_REDUNDANT | FMS_CREATED_SECURITY_GROUP_EDITED | MISSING_FIREWALL | MISSING_FIREWALL_SUBNET_IN_AZ | MISSING_EXPECTED_ROUTE_TABLE | NETWORK_FIREWALL_POLICY_MODIFIED | INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE | FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE | UNEXPECTED_FIREWALL_ROUTES | UNEXPECTED_TARGET_GATEWAY_ROUTES | TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY | INVALID_ROUTE_CONFIGURATION | MISSING_TARGET_GATEWAY | INTERNET_TRAFFIC_NOT_INSPECTED | BLACK_HOLE_ROUTE_DETECTED | BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET | RESOURCE_MISSING_DNS_FIREWALL

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: