gfwleak/pxz-hos-client-cpp-module
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2025-09-14. You can view files and clone it, but cannot push or open issues or pull requests.
Files
10b370e4869dae87c293aa58bcbbed7001a5d1c1
pxz-hos-client-cpp-module/support/aws-sdk-cpp-master/aws-cpp-sdk-fms/include/aws/fms/model/Policy.h

1007 lines
58 KiB
C++
Raw Blame History

/**
* Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
* SPDX-License-Identifier: Apache-2.0.
*/
#pragma once
#include <aws/fms/FMS_EXPORTS.h>
#include <aws/core/utils/memory/stl/AWSString.h>
#include <aws/fms/model/SecurityServicePolicyData.h>
#include <aws/core/utils/memory/stl/AWSVector.h>
#include <aws/core/utils/memory/stl/AWSMap.h>
#include <aws/fms/model/ResourceTag.h>
#include <aws/fms/model/CustomerPolicyScopeIdType.h>
#include <utility>
namespace Aws
{
namespace Utils
{
namespace Json
{
class JsonValue;
class JsonView;
} // namespace Json
} // namespace Utils
namespace FMS
{
namespace Model
{
/**
* <p>An AWS Firewall Manager policy.</p><p><h3>See Also:</h3> <a
* href="http://docs.aws.amazon.com/goto/WebAPI/fms-2018-01-01/Policy">AWS API
* Reference</a></p>
*/
class AWS_FMS_API Policy
{
public:
Policy();
Policy(Aws::Utils::Json::JsonView jsonValue);
Policy& operator=(Aws::Utils::Json::JsonView jsonValue);
Aws::Utils::Json::JsonValue Jsonize() const;
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline const Aws::String& GetPolicyId() const{ return m_policyId; }
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline bool PolicyIdHasBeenSet() const { return m_policyIdHasBeenSet; }
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyId(const Aws::String& value) { m_policyIdHasBeenSet = true; m_policyId = value; }
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyId(Aws::String&& value) { m_policyIdHasBeenSet = true; m_policyId = std::move(value); }
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyId(const char* value) { m_policyIdHasBeenSet = true; m_policyId.assign(value); }
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyId(const Aws::String& value) { SetPolicyId(value); return *this;}
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyId(Aws::String&& value) { SetPolicyId(std::move(value)); return *this;}
/**
* <p>The ID of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyId(const char* value) { SetPolicyId(value); return *this;}
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline const Aws::String& GetPolicyName() const{ return m_policyName; }
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline bool PolicyNameHasBeenSet() const { return m_policyNameHasBeenSet; }
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyName(const Aws::String& value) { m_policyNameHasBeenSet = true; m_policyName = value; }
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyName(Aws::String&& value) { m_policyNameHasBeenSet = true; m_policyName = std::move(value); }
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline void SetPolicyName(const char* value) { m_policyNameHasBeenSet = true; m_policyName.assign(value); }
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyName(const Aws::String& value) { SetPolicyName(value); return *this;}
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyName(Aws::String&& value) { SetPolicyName(std::move(value)); return *this;}
/**
* <p>The name of the AWS Firewall Manager policy.</p>
*/
inline Policy& WithPolicyName(const char* value) { SetPolicyName(value); return *this;}
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline const Aws::String& GetPolicyUpdateToken() const{ return m_policyUpdateToken; }
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline bool PolicyUpdateTokenHasBeenSet() const { return m_policyUpdateTokenHasBeenSet; }
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline void SetPolicyUpdateToken(const Aws::String& value) { m_policyUpdateTokenHasBeenSet = true; m_policyUpdateToken = value; }
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline void SetPolicyUpdateToken(Aws::String&& value) { m_policyUpdateTokenHasBeenSet = true; m_policyUpdateToken = std::move(value); }
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline void SetPolicyUpdateToken(const char* value) { m_policyUpdateTokenHasBeenSet = true; m_policyUpdateToken.assign(value); }
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline Policy& WithPolicyUpdateToken(const Aws::String& value) { SetPolicyUpdateToken(value); return *this;}
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline Policy& WithPolicyUpdateToken(Aws::String&& value) { SetPolicyUpdateToken(std::move(value)); return *this;}
/**
* <p>A unique identifier for each update to the policy. When issuing a
* <code>PutPolicy</code> request, the <code>PolicyUpdateToken</code> in the
* request must match the <code>PolicyUpdateToken</code> of the current policy
* version. To get the <code>PolicyUpdateToken</code> of the current policy
* version, use a <code>GetPolicy</code> request.</p>
*/
inline Policy& WithPolicyUpdateToken(const char* value) { SetPolicyUpdateToken(value); return *this;}
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline const SecurityServicePolicyData& GetSecurityServicePolicyData() const{ return m_securityServicePolicyData; }
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline bool SecurityServicePolicyDataHasBeenSet() const { return m_securityServicePolicyDataHasBeenSet; }
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline void SetSecurityServicePolicyData(const SecurityServicePolicyData& value) { m_securityServicePolicyDataHasBeenSet = true; m_securityServicePolicyData = value; }
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline void SetSecurityServicePolicyData(SecurityServicePolicyData&& value) { m_securityServicePolicyDataHasBeenSet = true; m_securityServicePolicyData = std::move(value); }
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline Policy& WithSecurityServicePolicyData(const SecurityServicePolicyData& value) { SetSecurityServicePolicyData(value); return *this;}
/**
* <p>Details about the security service that is being used to protect the
* resources.</p>
*/
inline Policy& WithSecurityServicePolicyData(SecurityServicePolicyData&& value) { SetSecurityServicePolicyData(std::move(value)); return *this;}
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline const Aws::String& GetResourceType() const{ return m_resourceType; }
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline bool ResourceTypeHasBeenSet() const { return m_resourceTypeHasBeenSet; }
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline void SetResourceType(const Aws::String& value) { m_resourceTypeHasBeenSet = true; m_resourceType = value; }
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline void SetResourceType(Aws::String&& value) { m_resourceTypeHasBeenSet = true; m_resourceType = std::move(value); }
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline void SetResourceType(const char* value) { m_resourceTypeHasBeenSet = true; m_resourceType.assign(value); }
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline Policy& WithResourceType(const Aws::String& value) { SetResourceType(value); return *this;}
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline Policy& WithResourceType(Aws::String&& value) { SetResourceType(std::move(value)); return *this;}
/**
* <p>The type of resource protected by or in scope of the policy. This is in the
* format shown in the <a
* href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-template-resource-type-ref.html">AWS
* Resource Types Reference</a>. For AWS WAF and Shield Advanced, examples include
* <code>AWS::ElasticLoadBalancingV2::LoadBalancer</code> and
* <code>AWS::CloudFront::Distribution</code>. For a security group common policy,
* valid values are <code>AWS::EC2::NetworkInterface</code> and
* <code>AWS::EC2::Instance</code>. For a security group content audit policy,
* valid values are <code>AWS::EC2::SecurityGroup</code>,
* <code>AWS::EC2::NetworkInterface</code>, and <code>AWS::EC2::Instance</code>.
* For a security group usage audit policy, the value is
* <code>AWS::EC2::SecurityGroup</code>. </p>
*/
inline Policy& WithResourceType(const char* value) { SetResourceType(value); return *this;}
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline const Aws::Vector<Aws::String>& GetResourceTypeList() const{ return m_resourceTypeList; }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline bool ResourceTypeListHasBeenSet() const { return m_resourceTypeListHasBeenSet; }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline void SetResourceTypeList(const Aws::Vector<Aws::String>& value) { m_resourceTypeListHasBeenSet = true; m_resourceTypeList = value; }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline void SetResourceTypeList(Aws::Vector<Aws::String>&& value) { m_resourceTypeListHasBeenSet = true; m_resourceTypeList = std::move(value); }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline Policy& WithResourceTypeList(const Aws::Vector<Aws::String>& value) { SetResourceTypeList(value); return *this;}
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline Policy& WithResourceTypeList(Aws::Vector<Aws::String>&& value) { SetResourceTypeList(std::move(value)); return *this;}
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline Policy& AddResourceTypeList(const Aws::String& value) { m_resourceTypeListHasBeenSet = true; m_resourceTypeList.push_back(value); return *this; }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline Policy& AddResourceTypeList(Aws::String&& value) { m_resourceTypeListHasBeenSet = true; m_resourceTypeList.push_back(std::move(value)); return *this; }
/**
* <p>An array of <code>ResourceType</code>.</p>
*/
inline Policy& AddResourceTypeList(const char* value) { m_resourceTypeListHasBeenSet = true; m_resourceTypeList.push_back(value); return *this; }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline const Aws::Vector<ResourceTag>& GetResourceTags() const{ return m_resourceTags; }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline bool ResourceTagsHasBeenSet() const { return m_resourceTagsHasBeenSet; }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline void SetResourceTags(const Aws::Vector<ResourceTag>& value) { m_resourceTagsHasBeenSet = true; m_resourceTags = value; }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline void SetResourceTags(Aws::Vector<ResourceTag>&& value) { m_resourceTagsHasBeenSet = true; m_resourceTags = std::move(value); }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline Policy& WithResourceTags(const Aws::Vector<ResourceTag>& value) { SetResourceTags(value); return *this;}
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline Policy& WithResourceTags(Aws::Vector<ResourceTag>&& value) { SetResourceTags(std::move(value)); return *this;}
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline Policy& AddResourceTags(const ResourceTag& value) { m_resourceTagsHasBeenSet = true; m_resourceTags.push_back(value); return *this; }
/**
* <p>An array of <code>ResourceTag</code> objects.</p>
*/
inline Policy& AddResourceTags(ResourceTag&& value) { m_resourceTagsHasBeenSet = true; m_resourceTags.push_back(std::move(value)); return *this; }
/**
* <p>If set to <code>True</code>, resources with the tags that are specified in
* the <code>ResourceTag</code> array are not in scope of the policy. If set to
* <code>False</code>, and the <code>ResourceTag</code> array is not null, only
* resources with the specified tags are in scope of the policy.</p>
*/
inline bool GetExcludeResourceTags() const{ return m_excludeResourceTags; }
/**
* <p>If set to <code>True</code>, resources with the tags that are specified in
* the <code>ResourceTag</code> array are not in scope of the policy. If set to
* <code>False</code>, and the <code>ResourceTag</code> array is not null, only
* resources with the specified tags are in scope of the policy.</p>
*/
inline bool ExcludeResourceTagsHasBeenSet() const { return m_excludeResourceTagsHasBeenSet; }
/**
* <p>If set to <code>True</code>, resources with the tags that are specified in
* the <code>ResourceTag</code> array are not in scope of the policy. If set to
* <code>False</code>, and the <code>ResourceTag</code> array is not null, only
* resources with the specified tags are in scope of the policy.</p>
*/
inline void SetExcludeResourceTags(bool value) { m_excludeResourceTagsHasBeenSet = true; m_excludeResourceTags = value; }
/**
* <p>If set to <code>True</code>, resources with the tags that are specified in
* the <code>ResourceTag</code> array are not in scope of the policy. If set to
* <code>False</code>, and the <code>ResourceTag</code> array is not null, only
* resources with the specified tags are in scope of the policy.</p>
*/
inline Policy& WithExcludeResourceTags(bool value) { SetExcludeResourceTags(value); return *this;}
/**
* <p>Indicates if the policy should be automatically applied to new resources.</p>
*/
inline bool GetRemediationEnabled() const{ return m_remediationEnabled; }
/**
* <p>Indicates if the policy should be automatically applied to new resources.</p>
*/
inline bool RemediationEnabledHasBeenSet() const { return m_remediationEnabledHasBeenSet; }
/**
* <p>Indicates if the policy should be automatically applied to new resources.</p>
*/
inline void SetRemediationEnabled(bool value) { m_remediationEnabledHasBeenSet = true; m_remediationEnabled = value; }
/**
* <p>Indicates if the policy should be automatically applied to new resources.</p>
*/
inline Policy& WithRemediationEnabled(bool value) { SetRemediationEnabled(value); return *this;}
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& GetIncludeMap() const{ return m_includeMap; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline bool IncludeMapHasBeenSet() const { return m_includeMapHasBeenSet; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline void SetIncludeMap(const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& value) { m_includeMapHasBeenSet = true; m_includeMap = value; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline void SetIncludeMap(Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>&& value) { m_includeMapHasBeenSet = true; m_includeMap = std::move(value); }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& WithIncludeMap(const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& value) { SetIncludeMap(value); return *this;}
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& WithIncludeMap(Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>&& value) { SetIncludeMap(std::move(value)); return *this;}
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddIncludeMap(const CustomerPolicyScopeIdType& key, const Aws::Vector<Aws::String>& value) { m_includeMapHasBeenSet = true; m_includeMap.emplace(key, value); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddIncludeMap(CustomerPolicyScopeIdType&& key, const Aws::Vector<Aws::String>& value) { m_includeMapHasBeenSet = true; m_includeMap.emplace(std::move(key), value); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddIncludeMap(const CustomerPolicyScopeIdType& key, Aws::Vector<Aws::String>&& value) { m_includeMapHasBeenSet = true; m_includeMap.emplace(key, std::move(value)); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to include in the policy. Specifying an OU is the equivalent of specifying
* all accounts in the OU and in any of its child OUs, including any child OUs and
* accounts that are added at a later time.</p> <p>You can specify inclusions or
* exclusions, but not both. If you specify an <code>IncludeMap</code>, AWS
* Firewall Manager applies the policy to all accounts specified by the
* <code>IncludeMap</code>, and does not evaluate any <code>ExcludeMap</code>
* specifications. If you do not specify an <code>IncludeMap</code>, then Firewall
* Manager applies the policy to all accounts except for those specified by the
* <code>ExcludeMap</code>.</p> <p>You can specify account IDs, OUs, or a
* combination: </p> <ul> <li> <p>Specify account IDs by setting the key to
* <code>ACCOUNT</code>. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”]}</code>.</p> </li> <li>
* <p>Specify OUs by setting the key to <code>ORG_UNIT</code>. For example, the
* following is a valid map: <code>{“ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> <li> <p>Specify accounts and OUs together in a
* single map, separated with a comma. For example, the following is a valid map:
* <code>{“ACCOUNT” : [“accountID1”, “accountID2”], “ORG_UNIT” : [“ouid111”,
* “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddIncludeMap(CustomerPolicyScopeIdType&& key, Aws::Vector<Aws::String>&& value) { m_includeMapHasBeenSet = true; m_includeMap.emplace(std::move(key), std::move(value)); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& GetExcludeMap() const{ return m_excludeMap; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline bool ExcludeMapHasBeenSet() const { return m_excludeMapHasBeenSet; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline void SetExcludeMap(const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& value) { m_excludeMapHasBeenSet = true; m_excludeMap = value; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline void SetExcludeMap(Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>&& value) { m_excludeMapHasBeenSet = true; m_excludeMap = std::move(value); }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& WithExcludeMap(const Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>& value) { SetExcludeMap(value); return *this;}
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& WithExcludeMap(Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>>&& value) { SetExcludeMap(std::move(value)); return *this;}
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddExcludeMap(const CustomerPolicyScopeIdType& key, const Aws::Vector<Aws::String>& value) { m_excludeMapHasBeenSet = true; m_excludeMap.emplace(key, value); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddExcludeMap(CustomerPolicyScopeIdType&& key, const Aws::Vector<Aws::String>& value) { m_excludeMapHasBeenSet = true; m_excludeMap.emplace(std::move(key), value); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddExcludeMap(const CustomerPolicyScopeIdType& key, Aws::Vector<Aws::String>&& value) { m_excludeMapHasBeenSet = true; m_excludeMap.emplace(key, std::move(value)); return *this; }
/**
* <p>Specifies the AWS account IDs and AWS Organizations organizational units
* (OUs) to exclude from the policy. Specifying an OU is the equivalent of
* specifying all accounts in the OU and in any of its child OUs, including any
* child OUs and accounts that are added at a later time.</p> <p>You can specify
* inclusions or exclusions, but not both. If you specify an
* <code>IncludeMap</code>, AWS Firewall Manager applies the policy to all accounts
* specified by the <code>IncludeMap</code>, and does not evaluate any
* <code>ExcludeMap</code> specifications. If you do not specify an
* <code>IncludeMap</code>, then Firewall Manager applies the policy to all
* accounts except for those specified by the <code>ExcludeMap</code>.</p> <p>You
* can specify account IDs, OUs, or a combination: </p> <ul> <li> <p>Specify
* account IDs by setting the key to <code>ACCOUNT</code>. For example, the
* following is a valid map: <code>{“ACCOUNT” : [“accountID1”,
* “accountID2”]}</code>.</p> </li> <li> <p>Specify OUs by setting the key to
* <code>ORG_UNIT</code>. For example, the following is a valid map:
* <code>{“ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> <li> <p>Specify
* accounts and OUs together in a single map, separated with a comma. For example,
* the following is a valid map: <code>{“ACCOUNT” : [“accountID1”, “accountID2”],
* “ORG_UNIT” : [“ouid111”, “ouid112”]}</code>.</p> </li> </ul>
*/
inline Policy& AddExcludeMap(CustomerPolicyScopeIdType&& key, Aws::Vector<Aws::String>&& value) { m_excludeMapHasBeenSet = true; m_excludeMap.emplace(std::move(key), std::move(value)); return *this; }
private:
Aws::String m_policyId;
bool m_policyIdHasBeenSet;
Aws::String m_policyName;
bool m_policyNameHasBeenSet;
Aws::String m_policyUpdateToken;
bool m_policyUpdateTokenHasBeenSet;
SecurityServicePolicyData m_securityServicePolicyData;
bool m_securityServicePolicyDataHasBeenSet;
Aws::String m_resourceType;
bool m_resourceTypeHasBeenSet;
Aws::Vector<Aws::String> m_resourceTypeList;
bool m_resourceTypeListHasBeenSet;
Aws::Vector<ResourceTag> m_resourceTags;
bool m_resourceTagsHasBeenSet;
bool m_excludeResourceTags;
bool m_excludeResourceTagsHasBeenSet;
bool m_remediationEnabled;
bool m_remediationEnabledHasBeenSet;
Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>> m_includeMap;
bool m_includeMapHasBeenSet;
Aws::Map<CustomerPolicyScopeIdType, Aws::Vector<Aws::String>> m_excludeMap;
bool m_excludeMapHasBeenSet;
};
} // namespace Model
} // namespace FMS
} // namespace Aws
Reference in New Issue View Git Blame Copy Permalink