GetViolationDetails - AWS Firewall Manager

GetViolationDetails

Retrieves violations for a resource based on the specified AWS Firewall Manager policy and AWS account.

Request Syntax

{ "MemberAccount": "string", "PolicyId": "string", "ResourceId": "string", "ResourceType": "string" }

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

MemberAccount

The AWS account ID that you want the details for.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: ^[0-9]+$

Required: Yes

PolicyId

The ID of the AWS Firewall Manager policy that you want the details for. This currently only supports security group content audit policies.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[a-z0-9A-Z-]{36}$

Required: Yes

ResourceId

The ID of the resource that has violations.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$

Required: Yes

ResourceType

The resource type. This is in the format shown in the AWS Resource Types Reference. Supported resource types are: AWS::EC2::Instance, AWS::EC2::NetworkInterface, AWS::EC2::SecurityGroup, AWS::NetworkFirewall::FirewallPolicy, and AWS::EC2::Subnet.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 128.

Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$

Required: Yes

Response Syntax

{ "ViolationDetail": { "MemberAccount": "string", "PolicyId": "string", "ResourceDescription": "string", "ResourceId": "string", "ResourceTags": [ { "Key": "string", "Value": "string" } ], "ResourceType": "string", "ResourceViolations": [ { "AwsEc2InstanceViolation": { "AwsEc2NetworkInterfaceViolations": [ { "ViolatingSecurityGroups": [ "string" ], "ViolationTarget": "string" } ], "ViolationTarget": "string" }, "AwsEc2NetworkInterfaceViolation": { "ViolatingSecurityGroups": [ "string" ], "ViolationTarget": "string" }, "AwsVPCSecurityGroupViolation": { "PartialMatches": [ { "Reference": "string", "TargetViolationReasons": [ "string" ] } ], "PossibleSecurityGroupRemediationActions": [ { "Description": "string", "IsDefaultAction": boolean, "RemediationActionType": "string", "RemediationResult": { "FromPort": number, "IPV4Range": "string", "IPV6Range": "string", "PrefixListId": "string", "Protocol": "string", "ToPort": number } } ], "ViolationTarget": "string", "ViolationTargetDescription": "string" }, "NetworkFirewallMissingExpectedRTViolation": { "AvailabilityZone": "string", "CurrentRouteTable": "string", "ExpectedRouteTable": "string", "ViolationTarget": "string", "VPC": "string" }, "NetworkFirewallMissingFirewallViolation": { "AvailabilityZone": "string", "TargetViolationReason": "string", "ViolationTarget": "string", "VPC": "string" }, "NetworkFirewallMissingSubnetViolation": { "AvailabilityZone": "string", "TargetViolationReason": "string", "ViolationTarget": "string", "VPC": "string" }, "NetworkFirewallPolicyModifiedViolation": { "CurrentPolicyDescription": { "StatefulRuleGroups": [ { "ResourceId": "string", "RuleGroupName": "string" } ], "StatelessCustomActions": [ "string" ], "StatelessDefaultActions": [ "string" ], "StatelessFragmentDefaultActions": [ "string" ], "StatelessRuleGroups": [ { "Priority": number, "ResourceId": "string", "RuleGroupName": "string" } ] }, "ExpectedPolicyDescription": { "StatefulRuleGroups": [ { "ResourceId": "string", "RuleGroupName": "string" } ], "StatelessCustomActions": [ "string" ], "StatelessDefaultActions": [ "string" ], "StatelessFragmentDefaultActions": [ "string" ], "StatelessRuleGroups": [ { "Priority": number, "ResourceId": "string", "RuleGroupName": "string" } ] }, "ViolationTarget": "string" } } ] } }

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

ViolationDetail

Violation detail for a resource.

Type: ViolationDetail object

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalErrorException

The operation failed because of a system problem, even though the request was valid. Retry your request.

HTTP Status Code: 400

InvalidInputException

The parameters of the request were invalid.

HTTP Status Code: 400

ResourceNotFoundException

The specified resource was not found.

HTTP Status Code: 400

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following: