Firewall Management Service

2022/12/02 - Firewall Management Service - 4 updated api methods

Changes  AWS Firewall Manager now supports Fortigate Cloud Native Firewall as a Service as a third-party policy type.

AssociateThirdPartyFirewall (updated) Link ¶
Changes (request) 
{'ThirdPartyFirewall': {'FORTIGATE_CLOUD_NATIVE_FIREWALL'}}

Sets the Firewall Manager policy administrator as a tenant administrator of a third-party firewall service. A tenant is an instance of the third-party firewall service that's associated with your Amazon Web Services customer account.

See also: AWS API Documentation

Request Syntax

client.associate_third_party_firewall(
    ThirdPartyFirewall='PALO_ALTO_NETWORKS_CLOUD_NGFW'|'FORTIGATE_CLOUD_NATIVE_FIREWALL'
)
type ThirdPartyFirewall:

string

param ThirdPartyFirewall:

[REQUIRED]

The name of the third-party firewall vendor.

rtype:

dict

returns:

Response Syntax

{
    'ThirdPartyFirewallStatus': 'ONBOARDING'|'ONBOARD_COMPLETE'|'OFFBOARDING'|'OFFBOARD_COMPLETE'|'NOT_EXIST'
}

Response Structure

  • (dict) --

    • ThirdPartyFirewallStatus (string) --

      The current status for setting a Firewall Manager policy administrator's account as an administrator of the third-party firewall tenant.

      • ONBOARDING - The Firewall Manager policy administrator is being designated as a tenant administrator.

      • ONBOARD_COMPLETE - The Firewall Manager policy administrator is designated as a tenant administrator.

      • OFFBOARDING - The Firewall Manager policy administrator is being removed as a tenant administrator.

      • OFFBOARD_COMPLETE - The Firewall Manager policy administrator has been removed as a tenant administrator.

      • NOT_EXIST - The Firewall Manager policy administrator doesn't exist as a tenant administrator.

DisassociateThirdPartyFirewall (updated) Link ¶
Changes (request) 
{'ThirdPartyFirewall': {'FORTIGATE_CLOUD_NATIVE_FIREWALL'}}

Disassociates a Firewall Manager policy administrator from a third-party firewall tenant. When you call DisassociateThirdPartyFirewall, the third-party firewall vendor deletes all of the firewalls that are associated with the account.

See also: AWS API Documentation

Request Syntax

client.disassociate_third_party_firewall(
    ThirdPartyFirewall='PALO_ALTO_NETWORKS_CLOUD_NGFW'|'FORTIGATE_CLOUD_NATIVE_FIREWALL'
)
type ThirdPartyFirewall:

string

param ThirdPartyFirewall:

[REQUIRED]

The name of the third-party firewall vendor.

rtype:

dict

returns:

Response Syntax

{
    'ThirdPartyFirewallStatus': 'ONBOARDING'|'ONBOARD_COMPLETE'|'OFFBOARDING'|'OFFBOARD_COMPLETE'|'NOT_EXIST'
}

Response Structure

  • (dict) --

    • ThirdPartyFirewallStatus (string) --

      The current status for the disassociation of a Firewall Manager administrators account with a third-party firewall.

GetThirdPartyFirewallAssociationStatus (updated) Link ¶
Changes (request) 
{'ThirdPartyFirewall': {'FORTIGATE_CLOUD_NATIVE_FIREWALL'}}

The onboarding status of a Firewall Manager admin account to third-party firewall vendor tenant.

See also: AWS API Documentation

Request Syntax

client.get_third_party_firewall_association_status(
    ThirdPartyFirewall='PALO_ALTO_NETWORKS_CLOUD_NGFW'|'FORTIGATE_CLOUD_NATIVE_FIREWALL'
)
type ThirdPartyFirewall:

string

param ThirdPartyFirewall:

[REQUIRED]

The name of the third-party firewall vendor.

rtype:

dict

returns:

Response Syntax

{
    'ThirdPartyFirewallStatus': 'ONBOARDING'|'ONBOARD_COMPLETE'|'OFFBOARDING'|'OFFBOARD_COMPLETE'|'NOT_EXIST',
    'MarketplaceOnboardingStatus': 'NO_SUBSCRIPTION'|'NOT_COMPLETE'|'COMPLETE'
}

Response Structure

  • (dict) --

    • ThirdPartyFirewallStatus (string) --

      The current status for setting a Firewall Manager policy administrators account as an administrator of the third-party firewall tenant.

      • ONBOARDING - The Firewall Manager policy administrator is being designated as a tenant administrator.

      • ONBOARD_COMPLETE - The Firewall Manager policy administrator is designated as a tenant administrator.

      • OFFBOARDING - The Firewall Manager policy administrator is being removed as a tenant administrator.

      • OFFBOARD_COMPLETE - The Firewall Manager policy administrator has been removed as a tenant administrator.

      • NOT_EXIST - The Firewall Manager policy administrator doesn't exist as a tenant administrator.

    • MarketplaceOnboardingStatus (string) --

      The status for subscribing to the third-party firewall vendor in the Amazon Web Services Marketplace.

      • NO_SUBSCRIPTION - The Firewall Manager policy administrator isn't subscribed to the third-party firewall service in the Amazon Web Services Marketplace.

      • NOT_COMPLETE - The Firewall Manager policy administrator is in the process of subscribing to the third-party firewall service in the Amazon Web Services Marketplace, but doesn't yet have an active subscription.

      • COMPLETE - The Firewall Manager policy administrator has an active subscription to the third-party firewall service in the Amazon Web Services Marketplace.

ListThirdPartyFirewallFirewallPolicies (updated) Link ¶
Changes (request) 
{'ThirdPartyFirewall': {'FORTIGATE_CLOUD_NATIVE_FIREWALL'}}

Retrieves a list of all of the third-party firewall policies that are associated with the third-party firewall administrator's account.

See also: AWS API Documentation

Request Syntax

client.list_third_party_firewall_firewall_policies(
    ThirdPartyFirewall='PALO_ALTO_NETWORKS_CLOUD_NGFW'|'FORTIGATE_CLOUD_NATIVE_FIREWALL',
    NextToken='string',
    MaxResults=123
)
type ThirdPartyFirewall:

string

param ThirdPartyFirewall:

[REQUIRED]

The name of the third-party firewall vendor.

type NextToken:

string

param NextToken:

If the previous response included a NextToken element, the specified third-party firewall vendor is associated with more third-party firewall policies. To get more third-party firewall policies, submit another ListThirdPartyFirewallFirewallPoliciesRequest request.

For the value of NextToken, specify the value of NextToken from the previous response. If the previous response didn't include a NextToken element, there are no more third-party firewall policies to get.

type MaxResults:

integer

param MaxResults:

[REQUIRED]

The maximum number of third-party firewall policies that you want Firewall Manager to return. If the specified third-party firewall vendor is associated with more than MaxResults firewall policies, the response includes a NextToken element. NextToken contains an encrypted token that identifies the first third-party firewall policies that Firewall Manager will return if you submit another request.

rtype:

dict

returns:

Response Syntax

{
    'ThirdPartyFirewallFirewallPolicies': [
        {
            'FirewallPolicyId': 'string',
            'FirewallPolicyName': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • ThirdPartyFirewallFirewallPolicies (list) --

      A list that contains one ThirdPartyFirewallFirewallPolicies element for each third-party firewall policies that the specified third-party firewall vendor is associated with. Each ThirdPartyFirewallFirewallPolicies element contains the firewall policy name and ID.

      • (dict) --

        Configures the third-party firewall's firewall policy.

        • FirewallPolicyId (string) --

          The ID of the specified firewall policy.

        • FirewallPolicyName (string) --

          The name of the specified firewall policy.

    • NextToken (string) --

      The value that you will use for NextToken in the next ListThirdPartyFirewallFirewallPolicies request.