Skip to content

Get Compliance Detail

fms_get_compliance_detail R Documentation

Returns detailed compliance information about the specified member account

Description

Returns detailed compliance information about the specified member account. Details include resources that are in and out of compliance with the specified policy.

The reasons for resources being considered compliant depend on the Firewall Manager policy type.

Usage

fms_get_compliance_detail(PolicyId, MemberAccount)

Arguments

PolicyId

[required] The ID of the policy that you want to get the details for. PolicyId is returned by put_policy and by list_policies.

MemberAccount

[required] The Amazon Web Services account that owns the resources that you want to get the details for.

Value

A list with the following syntax:

list(
  PolicyComplianceDetail = list(
    PolicyOwner = "string",
    PolicyId = "string",
    MemberAccount = "string",
    Violators = list(
      list(
        ResourceId = "string",
        ViolationReason = "WEB_ACL_MISSING_RULE_GROUP"|"RESOURCE_MISSING_WEB_ACL"|"RESOURCE_INCORRECT_WEB_ACL"|"RESOURCE_MISSING_SHIELD_PROTECTION"|"RESOURCE_MISSING_WEB_ACL_OR_SHIELD_PROTECTION"|"RESOURCE_MISSING_SECURITY_GROUP"|"RESOURCE_VIOLATES_AUDIT_SECURITY_GROUP"|"SECURITY_GROUP_UNUSED"|"SECURITY_GROUP_REDUNDANT"|"FMS_CREATED_SECURITY_GROUP_EDITED"|"MISSING_FIREWALL"|"MISSING_FIREWALL_SUBNET_IN_AZ"|"MISSING_EXPECTED_ROUTE_TABLE"|"NETWORK_FIREWALL_POLICY_MODIFIED"|"FIREWALL_SUBNET_IS_OUT_OF_SCOPE"|"INTERNET_GATEWAY_MISSING_EXPECTED_ROUTE"|"FIREWALL_SUBNET_MISSING_EXPECTED_ROUTE"|"UNEXPECTED_FIREWALL_ROUTES"|"UNEXPECTED_TARGET_GATEWAY_ROUTES"|"TRAFFIC_INSPECTION_CROSSES_AZ_BOUNDARY"|"INVALID_ROUTE_CONFIGURATION"|"MISSING_TARGET_GATEWAY"|"INTERNET_TRAFFIC_NOT_INSPECTED"|"BLACK_HOLE_ROUTE_DETECTED"|"BLACK_HOLE_ROUTE_DETECTED_IN_FIREWALL_SUBNET"|"RESOURCE_MISSING_DNS_FIREWALL"|"ROUTE_HAS_OUT_OF_SCOPE_ENDPOINT"|"FIREWALL_SUBNET_MISSING_VPCE_ENDPOINT"|"INVALID_NETWORK_ACL_ENTRY",
        ResourceType = "string",
        Metadata = list(
          "string"
        )
      )
    ),
    EvaluationLimitExceeded = TRUE|FALSE,
    ExpiredAt = as.POSIXct(
      "2015-01-01"
    ),
    IssueInfoMap = list(
      "string"
    )
  )
)

Request syntax

svc$get_compliance_detail(
  PolicyId = "string",
  MemberAccount = "string"
)