AWS Firewall Manager
Firewall Management (API Version 2018-01-01)

PolicyComplianceDetail

Describes the noncompliant resources in a member account for a specific AWS Firewall Manager policy. A maximum of 100 entries are displayed. If more than 100 resources are noncompliant, EvaluationLimitExceeded is set to True.

Contents

EvaluationLimitExceeded

Indicates if over 100 resources are noncompliant with the AWS Firewall Manager policy.

Type: Boolean

Required: No

ExpiredAt

A timestamp that indicates when the returned information should be considered out of date.

Type: Timestamp

Required: No

IssueInfoMap

Details about problems with dependent services, such as AWS WAF or AWS Config, that are causing a resource to be noncompliant. The details include the name of the dependent service and the error message received that indicates the problem with the service.

Type: String to string map

Valid Keys: AWSCONFIG | AWSWAF | AWSSHIELD_ADVANCED | AWSVPC

Value Length Constraints: Minimum length of 1. Maximum length of 1024.

Value Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$

Required: No

MemberAccount

The AWS account ID.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: ^[0-9]+$

Required: No

PolicyId

The ID of the AWS Firewall Manager policy.

Type: String

Length Constraints: Fixed length of 36.

Pattern: ^[a-z0-9A-Z-]{36}$

Required: No

PolicyOwner

The AWS account that created the AWS Firewall Manager policy.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Pattern: ^[0-9]+$

Required: No

Violators

An array of resources that aren't protected by the AWS WAF or Shield Advanced policy or that aren't in compliance with the security group policy.

Type: Array of ComplianceViolator objects

Required: No

See Also

For more information about using this API in one of the language-specific AWS SDKs, see the following:

On this page: