get-violation-details¶
Description¶
Retrieves violations for a resource based on the specified AWS Firewall Manager policy and AWS account.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
Synopsis¶
get-violation-details
--policy-id <value>
--member-account <value>
--resource-id <value>
--resource-type <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]
Options¶
--policy-id (string)
The ID of the AWS Firewall Manager policy that you want the details for. This currently only supports security group content audit policies.
--member-account (string)
The AWS account ID that you want the details for.
--resource-id (string)
The ID of the resource that has violations.
--resource-type (string)
The resource type. This is in the format shown in the AWS Resource Types Reference . Supported resource types are:
AWS::EC2::Instance,AWS::EC2::NetworkInterface, orAWS::EC2::SecurityGroup.
--cli-input-json | --cli-input-yaml (string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml.
--generate-cli-skeleton (string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. Similarly, if provided yaml-input it will print a sample input YAML that can be used with --cli-input-yaml. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.
--cli-auto-prompt (boolean)
Automatically prompt for CLI input parameters.
See ‘aws help’ for descriptions of global parameters.
Output¶
ViolationDetail -> (structure)
Violation detail for a resource.
PolicyId -> (string)
The ID of the AWS Firewall Manager policy that the violation details were requested for.
MemberAccount -> (string)
The AWS account that the violation details were requested for.
ResourceId -> (string)
The resource ID that the violation details were requested for.
ResourceType -> (string)
The resource type that the violation details were requested for.
ResourceViolations -> (list)
List of violations for the requested resource.
(structure)
Violation detail based on resource type.
AwsVPCSecurityGroupViolation -> (structure)
Violation details for security groups.
ViolationTarget -> (string)
The security group rule that is being evaluated.
ViolationTargetDescription -> (string)
A description of the security group that violates the policy.
PartialMatches -> (list)
List of rules specified in the security group of the AWS Firewall Manager policy that partially match the
ViolationTargetrule.(structure)
The reference rule that partially matches the
ViolationTargetrule and violation reason.Reference -> (string)
The reference rule from the master security group of the AWS Firewall Manager policy.
TargetViolationReasons -> (list)
The violation reason.
(string)
PossibleSecurityGroupRemediationActions -> (list)
Remediation options for the rule specified in the
ViolationTarget.(structure)
Remediation option for the rule specified in the
ViolationTarget.RemediationActionType -> (string)
The remediation action that will be performed.
Description -> (string)
Brief description of the action that will be performed.
RemediationResult -> (structure)
The final state of the rule specified in the
ViolationTargetafter it is remediated.IPV4Range -> (string)
The IPv4 ranges for the security group rule.
IPV6Range -> (string)
The IPv6 ranges for the security group rule.
PrefixListId -> (string)
The ID of the prefix list for the security group rule.
Protocol -> (string)
The IP protocol name (
tcp,udp,icmp,icmpv6) or number.FromPort -> (long)
The start of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of
-1indicates all ICMP/ICMPv6 types.ToPort -> (long)
The end of the port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of
-1indicates all ICMP/ICMPv6 codes.IsDefaultAction -> (boolean)
Indicates if the current action is the default action.
AwsEc2NetworkInterfaceViolation -> (structure)
Violation details for network interface.
ViolationTarget -> (string)
The resource ID of the network interface.
ViolatingSecurityGroups -> (list)
List of security groups that violate the rules specified in the master security group of the AWS Firewall Manager policy.
(string)
AwsEc2InstanceViolation -> (structure)
Violation details for an EC2 instance.
ViolationTarget -> (string)
The resource ID of the EC2 instance.
AwsEc2NetworkInterfaceViolations -> (list)
Violations for network interfaces associated with the EC2 instance.
(structure)
Violations for network interfaces associated with an EC2 instance.
ViolationTarget -> (string)
The resource ID of the network interface.
ViolatingSecurityGroups -> (list)
List of security groups that violate the rules specified in the master security group of the AWS Firewall Manager policy.
(string)
ResourceTags -> (list)
The
ResourceTagobjects associated with the resource.(structure)
A collection of key:value pairs associated with an AWS resource. The key:value pair can be anything you define. Typically, the tag key represents a category (such as “environment”) and the tag value represents a specific value within that category (such as “test,” “development,” or “production”). You can add up to 50 tags to each AWS resource.
Key -> (string)
Part of the key:value pair that defines a tag. You can use a tag key to describe a category of information, such as “customer.” Tag keys are case-sensitive.
Value -> (string)
Part of the key:value pair that defines a tag. You can use a tag value to describe a specific value within a category, such as “companyA” or “companyB.” Tag values are case-sensitive.
ResourceDescription -> (string)
Brief description for the requested resource.