Skip to content

/AWS1/CL_FMSPOLICYCPLNCDETAIL

Describes the noncompliant resources in a member account for a specific Firewall Manager policy. A maximum of 100 entries are displayed. If more than 100 resources are noncompliant, EvaluationLimitExceeded is set to True.

CONSTRUCTOR

IMPORTING

Optional arguments:

iv_policyowner TYPE /AWS1/FMSAWSACCOUNTID /AWS1/FMSAWSACCOUNTID

The Amazon Web Services account that created the Firewall Manager policy.

iv_policyid TYPE /AWS1/FMSPOLICYID /AWS1/FMSPOLICYID

The ID of the Firewall Manager policy.

iv_memberaccount TYPE /AWS1/FMSAWSACCOUNTID /AWS1/FMSAWSACCOUNTID

The Amazon Web Services account ID.

it_violators TYPE /AWS1/CL_FMSCOMPLIANCEVIOLATOR=>TT_COMPLIANCEVIOLATORS TT_COMPLIANCEVIOLATORS

An array of resources that aren't protected by the WAF or Shield Advanced policy or that aren't in compliance with the security group policy.

iv_evaluationlimitexceeded TYPE /AWS1/FMSBOOLEAN /AWS1/FMSBOOLEAN

Indicates if over 100 resources are noncompliant with the Firewall Manager policy.

iv_expiredat TYPE /AWS1/FMSTIMESTAMP /AWS1/FMSTIMESTAMP

A timestamp that indicates when the returned information should be considered out of date.

it_issueinfomap TYPE /AWS1/CL_FMSISSUEINFOMAP_W=>TT_ISSUEINFOMAP TT_ISSUEINFOMAP

Details about problems with dependent services, such as WAF or Config, and the error message received that indicates the problem with the service.

Queryable Attributes

PolicyOwner

The Amazon Web Services account that created the Firewall Manager policy.

Accessible with the following methods

Method Description
GET_POLICYOWNER() Getter for POLICYOWNER, with configurable default
ASK_POLICYOWNER() Getter for POLICYOWNER w/ exceptions if field has no value
HAS_POLICYOWNER() Determine if POLICYOWNER has a value

PolicyId

The ID of the Firewall Manager policy.

Accessible with the following methods

Method Description
GET_POLICYID() Getter for POLICYID, with configurable default
ASK_POLICYID() Getter for POLICYID w/ exceptions if field has no value
HAS_POLICYID() Determine if POLICYID has a value

MemberAccount

The Amazon Web Services account ID.

Accessible with the following methods

Method Description
GET_MEMBERACCOUNT() Getter for MEMBERACCOUNT, with configurable default
ASK_MEMBERACCOUNT() Getter for MEMBERACCOUNT w/ exceptions if field has no value
HAS_MEMBERACCOUNT() Determine if MEMBERACCOUNT has a value

Violators

An array of resources that aren't protected by the WAF or Shield Advanced policy or that aren't in compliance with the security group policy.

Accessible with the following methods

Method Description
GET_VIOLATORS() Getter for VIOLATORS, with configurable default
ASK_VIOLATORS() Getter for VIOLATORS w/ exceptions if field has no value
HAS_VIOLATORS() Determine if VIOLATORS has a value

EvaluationLimitExceeded

Indicates if over 100 resources are noncompliant with the Firewall Manager policy.

Accessible with the following methods

Method Description
GET_EVALUATIONLIMITEXCEEDED() Getter for EVALUATIONLIMITEXCEEDED

ExpiredAt

A timestamp that indicates when the returned information should be considered out of date.

Accessible with the following methods

Method Description
GET_EXPIREDAT() Getter for EXPIREDAT, with configurable default
ASK_EXPIREDAT() Getter for EXPIREDAT w/ exceptions if field has no value
HAS_EXPIREDAT() Determine if EXPIREDAT has a value

IssueInfoMap

Details about problems with dependent services, such as WAF or Config, and the error message received that indicates the problem with the service.

Accessible with the following methods

Method Description
GET_ISSUEINFOMAP() Getter for ISSUEINFOMAP, with configurable default
ASK_ISSUEINFOMAP() Getter for ISSUEINFOMAP w/ exceptions if field has no value
HAS_ISSUEINFOMAP() Determine if ISSUEINFOMAP has a value