# fms-shield-resource-policy-check
**Note**
This rule is currently in the deprecation process. We do not recommend that you use them directly.
Checks if resources that AWS Shield Advanced can protect are protected by Shield Advanced. The rule is NON\$1COMPLIANT if a specified resource is not protected.
**Identifier:** FMS\$1SHIELD\$1RESOURCE\$1POLICY\$1CHECK
**Resource Types:** AWS::CloudFront::Distribution, AWS::ElasticLoadBalancingV2::LoadBalancer, AWS::WAFRegional::WebACL, AWS::EC2::EIP, AWS::ElasticLoadBalancing::LoadBalancer, AWS::ShieldRegional::Protection, AWS::Shield::Protection
**Trigger type:** Configuration changes
**AWS Region:** All supported AWS regions except China (Beijing), Asia Pacific (Thailand), Asia Pacific (Jakarta), Asia Pacific (Malaysia), Mexico (Central), Asia Pacific (Taipei), Canada West (Calgary), China (Ningxia) Region
**Parameters:**
webACLIdType: String
A unique identifier for a Web ACL.
resourceTypesType: String
The resource types you specify for the rule to check.
resourceTags (Optional)Type: String
The resource tags you specify for the rule to check. For example, \$1 "tagKey1" : ["tagValue1"], "tagKey2" : ["tagValue2", "tagValue3"] \$1.
excludeResourceTags (Optional)Type: boolean
If true, the rule excludes the resources specified in resourceTags. If false, the rule includes all the resources specified in resourceTags.
fmsManagedToken (Optional)Type: String
A token generated by AWS Firewall Manager when creating the rule in your account. AWS Config ignores this parameter when you create this rule.
fmsRemediationEnabled (Optional)Type: boolean
If true, AWS Firewall Manager will update NON\$1COMPLIANT resources according to FMS policy. AWS Config ignores this parameter when you create this rule.
## AWS CloudFormation template
To create AWS Config managed rules with AWS CloudFormation templates, see [Creating AWS Config Managed Rules With AWS CloudFormation Templates](aws-config-managed-rules-cloudformation-templates.md).