Get Compliance Detail

fms_get_compliance_detail

R Documentation

Returns detailed compliance information about the specified member account¶

Description¶

Returns detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy.

The reasons for resources being considered compliant depend on the Firewall Manager policy type.

Usage¶

fms_get_compliance_detail(PolicyId, MemberAccount)

Arguments¶

PolicyId: [required] The ID of the policy that you want to get the details for. PolicyId is returned by put_policy and by list_policies.
MemberAccount: [required] The Amazon Web Services account that owns the resources that you want to get the details for.

Value¶

A list with the following syntax:

href="#__codelineno-1-1">list( PolicyComplianceDetail = list( PolicyOwner = "string", PolicyId = "string", MemberAccount = "string", Violators = list( list( ResourceId = "string", ViolationReason = "WEB_ACL_MISSING_RULE_GROUP"|"RESOURCE_MISSING_WEB_ACL"|"RESOURCE_INCORRECT_WEB_ACL"|"RESOURCE_MISSING_SHIELD_PROTECTION"|"RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION"|"RESOURCE_MISSING_SECURITY_GROUP"|"RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP"|"SECURITY_GROUP_UNUSED"|"SECURITY_GROUP_REDUNDANT"|"FMS_CREATED_SECURITY_GROUP_EDITED"|"MISSING_FIREWALL"|"MISSING_FIREWALL_SUBNET_IN_AZ"|"MISSING_EXPECTED_ROUTE_TABLE"|"NETWORK_FIREWALL_POLICY_MODIFIED"|"FIREWALL_SUBNET_IS_OUT_OF_SCOPE"|"INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE"|"FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE"|"UNEXPECTED_FIREWALL_ROUTES"|"UNEXPECTED_TARGET_GATEWAY_ROUTES"|"TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY"|"INVALID_ROUTE_CONFIGURATION"|"MISSING_TARGET_GATEWAY"|"INTERNET_TRAFFIC_NOT_INSPECTED"|"BLACK_HOLE_ROUTE_DETECTED"|"BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET"|"RESOURCE_MISSING_DNS_FIREWALL"|"ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT"|"FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT"|"INVALID_NETWORK_ACL_ENTRY", ResourceType = "string", Metadata = list( "string" ) ) ), EvaluationLimitExceeded = TRUE|FALSE, ExpiredAt = as.POSIXct( "2015-01-01" ), IssueInfoMap = list( "string" ) ) )

Request syntax¶

svc$get_compliance_detail(
  PolicyId = "string",
  MemberAccount = "string"
)