{ "$schema": "https://json-schema.org/draft/2020-12/schema", "$id": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--aws-fms-policy.json", "title": "AWSFMSPolicyProperties", "description": "Creates an AWS Firewall Manager policy.. Source:- ", "x-lintel": { "source": "https://raw.githubusercontent.com/lalcebo/json-schema/master/serverless/resources/cloudformation-modified/aws-fms-policy.json", "sourceSha256": "1ae9a053b8dd431a5ecdd028843e8baf50ad6c639890914e261bd3d73f0cc8aa" }, "type": "object", "properties": { "ExcludeMap": { "$ref": "#/$defs/IEMap" }, "ExcludeResourceTags": { "type": "boolean" }, "IncludeMap": { "$ref": "#/$defs/IEMap" }, "PolicyName": { "oneOf": [ { "type": "string", "pattern": "^([a-zA-Z0-9_.:/=+\\-@\\s]+)$", "minLength": 1, "maxLength": 1024 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] }, "PolicyDescription": { "oneOf": [ { "type": "string", "pattern": "^([a-zA-Z0-9_.:/=+\\-@\\s]+)$", "maxLength": 256 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] }, "RemediationEnabled": { "type": "boolean" }, "ResourceTags": { "type": "array", "items": { "$ref": "#/$defs/ResourceTag" }, "maxItems": 8, "insertionOrder": true }, "ResourceType": { "$ref": "#/$defs/ResourceType" }, "ResourceTypeList": { "type": "array", "items": { "$ref": "#/$defs/ResourceType" }, "insertionOrder": true }, "ResourceSetIds": { "type": "array", "items": { "$ref": "#/$defs/Base62Id" }, "insertionOrder": true, "uniqueItems": true }, "SecurityServicePolicyData": { "$ref": "#/$defs/SecurityServicePolicyData" }, "DeleteAllPolicyResources": { "type": "boolean" }, "ResourcesCleanUp": { "type": "boolean" }, "Tags": { "type": "array", "items": { "$ref": "#/$defs/PolicyTag" }, "insertionOrder": true } }, "typeName": "AWS::FMS::Policy", "primaryIdentifier": [ "/properties/Id" ], "sourceUrl": "https://github.com/aws-cloudformation/aws-cloudformation-resource-providers-fms.git", "additionalProperties": false, "writeOnlyProperties": [ "/properties/DeleteAllPolicyResources" ], "$defs": { "AccountId": { "oneOf": [ { "type": "string", "pattern": "^([0-9]*)$", "minLength": 12, "maxLength": 12 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "An AWS account ID.", "title": "AWSFMSPolicyAccountIdDefinition" }, "Base62Id": { "oneOf": [ { "type": "string", "pattern": "^[a-z0-9A-Z]{22}$", "minLength": 22, "maxLength": 22 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "A Base62 ID", "title": "AWSFMSPolicyBase62IdDefinition" }, "OrganizationalUnitId": { "oneOf": [ { "type": "string", "pattern": "^(ou-[0-9a-z]{4,32}-[a-z0-9]{8,32})$", "minLength": 16, "maxLength": 68 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "An Organizational Unit ID.", "title": "AWSFMSPolicyOrganizationalUnitIdDefinition" }, "IEMap": { "description": "An FMS includeMap or excludeMap.", "type": "object", "properties": { "ACCOUNT": { "type": "array", "items": { "$ref": "#/$defs/AccountId" }, "insertionOrder": true }, "ORGUNIT": { "type": "array", "items": { "$ref": "#/$defs/OrganizationalUnitId" }, "insertionOrder": true } }, "title": "AWSFMSPolicyIEMapDefinition", "additionalProperties": false }, "PolicyTag": { "description": "A policy tag.", "type": "object", "properties": { "Key": { "oneOf": [ { "type": "string", "pattern": "^([^\\s]*)$", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] }, "Value": { "oneOf": [ { "type": "string", "pattern": "^([^\\s]*)$", "maxLength": 256 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] } }, "title": "AWSFMSPolicyPolicyTagDefinition", "required": [ "Key", "Value" ], "additionalProperties": false }, "ResourceTag": { "description": "A resource tag.", "type": "object", "properties": { "Key": { "oneOf": [ { "type": "string", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] }, "Value": { "oneOf": [ { "type": "string", "maxLength": 256 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ] } }, "title": "AWSFMSPolicyResourceTagDefinition", "required": [ "Key" ], "additionalProperties": false }, "ResourceType": { "oneOf": [ { "type": "string", "pattern": "^([^\\s]*)$", "minLength": 1, "maxLength": 128 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "An AWS resource type", "title": "AWSFMSPolicyResourceTypeDefinition" }, "ResourceArn": { "oneOf": [ { "type": "string", "pattern": "^([^\\s]*)$", "minLength": 1, "maxLength": 1024 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "A resource ARN.", "title": "AWSFMSPolicyResourceArnDefinition" }, "SecurityServicePolicyData": { "description": "Firewall security service policy data.", "type": "object", "properties": { "ManagedServiceData": { "$ref": "#/$defs/ManagedServiceData" }, "Type": { "$ref": "#/$defs/PolicyType" }, "PolicyOption": { "$ref": "#/$defs/PolicyOption" } }, "title": "AWSFMSPolicySecurityServicePolicyDataDefinition", "required": [ "Type" ], "additionalProperties": false }, "FirewallDeploymentModel": { "oneOf": [ { "type": "string", "enum": [ "DISTRIBUTED", "CENTRALIZED" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "Firewall deployment mode.", "title": "AWSFMSPolicyFirewallDeploymentModelDefinition" }, "ManagedServiceData": { "oneOf": [ { "type": "string", "minLength": 1, "maxLength": 8192 }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "Firewall managed service data.", "title": "AWSFMSPolicyManagedServiceDataDefinition" }, "PolicyType": { "oneOf": [ { "type": "string", "enum": [ "WAF", "WAFV2", "SHIELD_ADVANCED", "SECURITY_GROUPS_COMMON", "SECURITY_GROUPS_CONTENT_AUDIT", "SECURITY_GROUPS_USAGE_AUDIT", "NETWORK_FIREWALL", "THIRD_PARTY_FIREWALL", "DNS_FIREWALL", "IMPORT_NETWORK_FIREWALL" ] }, { "$ref": "https://catalog.lintel.tools/schemas/schemastore/serverless-framework-configuration/_shared/latest--cf.functions.json#/Aws_CF_FunctionString" } ], "description": "Firewall policy type.", "title": "AWSFMSPolicyPolicyTypeDefinition" }, "NetworkFirewallPolicy": { "description": "Network firewall policy.", "type": "object", "properties": { "FirewallDeploymentModel": { "$ref": "#/$defs/FirewallDeploymentModel" } }, "title": "AWSFMSPolicyNetworkFirewallPolicyDefinition", "required": [ "FirewallDeploymentModel" ], "additionalProperties": false }, "ThirdPartyFirewallPolicy": { "description": "Third party firewall policy.", "type": "object", "properties": { "FirewallDeploymentModel": { "$ref": "#/$defs/FirewallDeploymentModel" } }, "title": "AWSFMSPolicyThirdPartyFirewallPolicyDefinition", "required": [ "FirewallDeploymentModel" ], "additionalProperties": false }, "PolicyOption": { "description": "Firewall policy option.", "type": "object", "properties": { "NetworkFirewallPolicy": { "$ref": "#/$defs/NetworkFirewallPolicy" }, "ThirdPartyFirewallPolicy": { "$ref": "#/$defs/ThirdPartyFirewallPolicy" } }, "title": "AWSFMSPolicyPolicyOptionDefinition", "oneOf": [ { "required": [ "NetworkFirewallPolicy" ] }, { "required": [ "ThirdPartyFirewallPolicy" ] } ], "additionalProperties": false } }, "required": [ "ExcludeResourceTags", "PolicyName", "RemediationEnabled", "SecurityServicePolicyData" ], "readOnlyProperties": [ "/properties/Arn", "/properties/Id" ] }