Copyright	(c) 2013-2023 Brendan Hay
License	Mozilla Public License, v. 2.0.
Maintainer	Brendan Hay
Stability	auto-generated
Portability	non-portable (GHC extensions)
Safe Haskell	Safe-Inferred
Language	Haskell2010

Amazonka.NetworkFirewall.PutResourcePolicy

Contents

Creating a Request
Request Lenses
Destructuring the Response
Response Lenses

Description

Creates or updates an IAM policy for your rule group or firewall policy. Use this to share rule groups and firewall policies between accounts. This operation works in conjunction with the Amazon Web Services Resource Access Manager (RAM) service to manage resource sharing for Network Firewall.

Use this operation to create or update a resource policy for your rule group or firewall policy. In the policy, you specify the accounts that you want to share the resource with and the operations that you want the accounts to be able to perform.

When you add an account in the resource policy, you then run the following Resource Access Manager (RAM) operations to access and accept the shared rule group or firewall policy.

GetResourceShareInvitations
Returns the Amazon Resource Names (ARNs) of the resource share invitations.
AcceptResourceShareInvitation
Accepts the share invitation for a specified resource share.

For additional information about resource sharing using RAM, see Resource Access Manager User Guide.

Creating a Request

data PutResourcePolicy Source #

See: newPutResourcePolicy smart constructor.

Constructors

PutResourcePolicy'

Fields

resourceArn :: Text
The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.
policy :: Text
The IAM policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.
For a rule group resource, you can specify the following operations in the Actions section of the statement:
- network-firewall:CreateFirewallPolicy
- network-firewall:UpdateFirewallPolicy
- network-firewall:ListRuleGroups
For a firewall policy resource, you can specify the following operations in the Actions section of the statement:
- network-firewall:CreateFirewall
- network-firewall:UpdateFirewall
- network-firewall:AssociateFirewallPolicy
- network-firewall:ListFirewallPolicies
In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Instances

Instances details

ToJSON PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toJSON :: PutResourcePolicy -> Value # toEncoding :: PutResourcePolicy -> Encoding # toJSONList :: [PutResourcePolicy] -> Value # toEncodingList :: [PutResourcePolicy] -> Encoding #
ToHeaders PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toHeaders :: PutResourcePolicy -> [Header] #
ToPath PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toPath :: PutResourcePolicy -> ByteString #
ToQuery PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods toQuery :: PutResourcePolicy -> QueryString #
AWSRequest PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type AWSResponse PutResourcePolicy # Methods request :: (Service -> Service) -> PutResourcePolicy -> Request PutResourcePolicy # response :: MonadResource m => (ByteStringLazy -> IO ByteStringLazy) -> Service -> Proxy PutResourcePolicy -> ClientResponse ClientBody -> m (Either Error (ClientResponse (AWSResponse PutResourcePolicy))) #
Generic PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type Rep PutResourcePolicy :: Type -> Type # Methods from :: PutResourcePolicy -> Rep PutResourcePolicy x # to :: Rep PutResourcePolicy x -> PutResourcePolicy #
Read PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods readsPrec :: Int -> ReadS PutResourcePolicy # readList :: ReadS [PutResourcePolicy] # readPrec :: ReadPrec PutResourcePolicy # readListPrec :: ReadPrec [PutResourcePolicy] #
Show PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods showsPrec :: Int -> PutResourcePolicy -> ShowS # show :: PutResourcePolicy -> String # showList :: [PutResourcePolicy] -> ShowS #
NFData PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods rnf :: PutResourcePolicy -> () #
Eq PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods (==) :: PutResourcePolicy -> PutResourcePolicy -> Bool # (/=) :: PutResourcePolicy -> PutResourcePolicy -> Bool #
Hashable PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods hashWithSalt :: Int -> PutResourcePolicy -> Int # hash :: PutResourcePolicy -> Int #
type AWSResponse PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type AWSResponse PutResourcePolicy = PutResourcePolicyResponse
type Rep PutResourcePolicy Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type Rep PutResourcePolicy = D1 ('MetaData "PutResourcePolicy" "Amazonka.NetworkFirewall.PutResourcePolicy" "amazonka-network-firewall-2.0-4y6HybZBSNcEwGPO5AYVfm" 'False) (C1 ('MetaCons "PutResourcePolicy'" 'PrefixI 'True) (S1 ('MetaSel ('Just "resourceArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "policy") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text)))

newPutResourcePolicy Source #

Arguments

:: Text	`PutResourcePolicy`
-> Text	`$sel:policy:PutResourcePolicy'`
-> PutResourcePolicy

Create a value of PutResourcePolicy with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

PutResourcePolicy, putResourcePolicy_resourceArn - The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.

$sel:policy:PutResourcePolicy', putResourcePolicy_policy - The IAM policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.

For a rule group resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewallPolicy
network-firewall:UpdateFirewallPolicy
network-firewall:ListRuleGroups

For a firewall policy resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewall
network-firewall:UpdateFirewall
network-firewall:AssociateFirewallPolicy
network-firewall:ListFirewallPolicies

In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Request Lenses

putResourcePolicy_resourceArn :: Lens' PutResourcePolicy Text Source #

The Amazon Resource Name (ARN) of the account that you want to share rule groups and firewall policies with.

putResourcePolicy_policy :: Lens' PutResourcePolicy Text Source #

The IAM policy statement that lists the accounts that you want to share your rule group or firewall policy with and the operations that you want the accounts to be able to perform.

For a rule group resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewallPolicy
network-firewall:UpdateFirewallPolicy
network-firewall:ListRuleGroups

For a firewall policy resource, you can specify the following operations in the Actions section of the statement:

network-firewall:CreateFirewall
network-firewall:UpdateFirewall
network-firewall:AssociateFirewallPolicy
network-firewall:ListFirewallPolicies

In the Resource section of the statement, you specify the ARNs for the rule groups and firewall policies that you want to share with the account that you specified in Arn.

Destructuring the Response

data PutResourcePolicyResponse Source #

See: newPutResourcePolicyResponse smart constructor.

Constructors

PutResourcePolicyResponse'
Fields httpStatus :: Int The response's http status code.

Instances

Instances details

Generic PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Associated Types type Rep PutResourcePolicyResponse :: Type -> Type # Methods from :: PutResourcePolicyResponse -> Rep PutResourcePolicyResponse x # to :: Rep PutResourcePolicyResponse x -> PutResourcePolicyResponse #
Read PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods readsPrec :: Int -> ReadS PutResourcePolicyResponse # readList :: ReadS [PutResourcePolicyResponse] # readPrec :: ReadPrec PutResourcePolicyResponse # readListPrec :: ReadPrec [PutResourcePolicyResponse] #
Show PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods showsPrec :: Int -> PutResourcePolicyResponse -> ShowS # show :: PutResourcePolicyResponse -> String # showList :: [PutResourcePolicyResponse] -> ShowS #
NFData PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods rnf :: PutResourcePolicyResponse -> () #
Eq PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy Methods (==) :: PutResourcePolicyResponse -> PutResourcePolicyResponse -> Bool # (/=) :: PutResourcePolicyResponse -> PutResourcePolicyResponse -> Bool #
type Rep PutResourcePolicyResponse Source #
Instance details Defined in Amazonka.NetworkFirewall.PutResourcePolicy type Rep PutResourcePolicyResponse = D1 ('MetaData "PutResourcePolicyResponse" "Amazonka.NetworkFirewall.PutResourcePolicy" "amazonka-network-firewall-2.0-4y6HybZBSNcEwGPO5AYVfm" 'False) (C1 ('MetaCons "PutResourcePolicyResponse'" 'PrefixI 'True) (S1 ('MetaSel ('Just "httpStatus") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Int)))

newPutResourcePolicyResponse Source #

Arguments

:: Int	`$sel:httpStatus:PutResourcePolicyResponse'`
-> PutResourcePolicyResponse

Create a value of PutResourcePolicyResponse with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:httpStatus:PutResourcePolicyResponse', putResourcePolicyResponse_httpStatus - The response's http status code.

Response Lenses

putResourcePolicyResponse_httpStatus :: Lens' PutResourcePolicyResponse Int Source #

The response's http status code.