Creates an AWS Firewall Manager policy.
exclude_resource_tags
(Boolean)policy_name
(String)remediation_enabled
(Boolean)security_service_policy_data
(Attributes) Firewall security service policy data. (see below for nested schema)delete_all_policy_resources
(Boolean)exclude_map
(Attributes) An FMS includeMap or excludeMap. (see below for nested schema)include_map
(Attributes) An FMS includeMap or excludeMap. (see below for nested schema)policy_description
(String)resource_set_ids
(List of String)resource_tags
(Attributes List) (see below for nested schema)resource_type
(String) An AWS resource typeresource_type_list
(List of String)resources_clean_up
(Boolean)tags
(Attributes List) (see below for nested schema)arn
(String) A resource ARN.id
(String) Uniquely identifies the resource.policy_id
(String)security_service_policy_data
Required:
type
(String) Firewall policy type.Optional:
managed_service_data
(String) Firewall managed service data.policy_option
(Attributes) Firewall policy option. (see below for nested schema)security_service_policy_data.policy_option
Optional:
network_acl_common_policy
(Attributes) Network ACL common policy. (see below for nested schema)network_firewall_policy
(Attributes) Network firewall policy. (see below for nested schema)third_party_firewall_policy
(Attributes) Third party firewall policy. (see below for nested schema)security_service_policy_data.policy_option.network_acl_common_policy
Required:
network_acl_entry_set
(Attributes) Network ACL entry set. (see below for nested schema)security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set
Required:
force_remediate_for_first_entries
(Boolean)force_remediate_for_last_entries
(Boolean)Optional:
first_entries
(Attributes List) NetworkAcl entry list. (see below for nested schema)last_entries
(Attributes List) NetworkAcl entry list. (see below for nested schema)security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries
Required:
egress
(Boolean) Whether the entry is an egress entry.protocol
(String) Protocol.rule_action
(String) Rule Action.Optional:
cidr_block
(String) CIDR block.icmp_type_code
(Attributes) ICMP type and code. (see below for nested schema)ipv_6_cidr_block
(String) IPv6 CIDR block.port_range
(Attributes) Port range. (see below for nested schema)security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries.icmp_type_code
Required:
code
(Number) Code.type
(Number) Type.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.first_entries.port_range
Required:
from
(Number) From Port.to
(Number) To Port.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries
Required:
egress
(Boolean) Whether the entry is an egress entry.protocol
(String) Protocol.rule_action
(String) Rule Action.Optional:
cidr_block
(String) CIDR block.icmp_type_code
(Attributes) ICMP type and code. (see below for nested schema)ipv_6_cidr_block
(String) IPv6 CIDR block.port_range
(Attributes) Port range. (see below for nested schema)security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries.icmp_type_code
Required:
code
(Number) Code.type
(Number) Type.security_service_policy_data.policy_option.network_acl_common_policy.network_acl_entry_set.last_entries.port_range
Required:
from
(Number) From Port.to
(Number) To Port.security_service_policy_data.policy_option.network_firewall_policy
Required:
firewall_deployment_model
(String) Firewall deployment mode.security_service_policy_data.policy_option.third_party_firewall_policy
Required:
firewall_deployment_model
(String) Firewall deployment mode.exclude_map
Optional:
account
(List of String)orgunit
(List of String)include_map
Optional:
account
(List of String)orgunit
(List of String)resource_tags
Required:
key
(String)Optional:
value
(String)tags
Required:
key
(String)value
(String)Import is supported using the following syntax:
$ terraform import awscc_fms_policy.example <resource ID>