FMS / Client / list_policies
list_policies¶
- FMS.Client.list_policies(**kwargs)¶
- Returns an array of - PolicySummaryobjects.- See also: AWS API Documentation - Request Syntax- response = client.list_policies( NextToken='string', MaxResults=123 ) - Parameters:
- NextToken (string) – If you specify a value for - MaxResultsand you have more- PolicySummaryobjects than the number that you specify for- MaxResults, Firewall Manager returns a- NextTokenvalue in the response that allows you to list another group of- PolicySummaryobjects. For the second and subsequent- ListPoliciesrequests, specify the value of- NextTokenfrom the previous response to get information about another batch of- PolicySummaryobjects.
- MaxResults (integer) – Specifies the number of - PolicySummaryobjects that you want Firewall Manager to return for this request. If you have more- PolicySummaryobjects than the number that you specify for- MaxResults, the response includes a- NextTokenvalue that you can use to get another batch of- PolicySummaryobjects.
 
- Return type:
- dict 
- Returns:
- Response Syntax- { 'PolicyList': [ { 'PolicyArn': 'string', 'PolicyId': 'string', 'PolicyName': 'string', 'ResourceType': 'string', 'SecurityServiceType': 'WAF'|'WAFV2'|'SHIELD_ADVANCED'|'SECURITY_GROUPS_COMMON'|'SECURITY_GROUPS_CONTENT_AUDIT'|'SECURITY_GROUPS_USAGE_AUDIT'|'NETWORK_FIREWALL'|'DNS_FIREWALL'|'THIRD_PARTY_FIREWALL'|'IMPORT_NETWORK_FIREWALL'|'NETWORK_ACL_COMMON', 'RemediationEnabled': True|False, 'DeleteUnusedFMManagedResources': True|False, 'PolicyStatus': 'ACTIVE'|'OUT_OF_ADMIN_SCOPE' }, ], 'NextToken': 'string' } - Response Structure- (dict) – - PolicyList (list) – - An array of - PolicySummaryobjects.- (dict) – - Details of the Firewall Manager policy. - PolicyArn (string) – - The Amazon Resource Name (ARN) of the specified policy. 
- PolicyId (string) – - The ID of the specified policy. 
- PolicyName (string) – - The name of the specified policy. 
- ResourceType (string) – - The type of resource protected by or in scope of the policy. This is in the format shown in the Amazon Web Services Resource Types Reference. 
- SecurityServiceType (string) – - The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an WAF policy, a Shield Advanced policy, or a security group policy. 
- RemediationEnabled (boolean) – - Indicates if the policy should be automatically applied to new resources. 
- DeleteUnusedFMManagedResources (boolean) – - Indicates whether Firewall Manager should automatically remove protections from resources that leave the policy scope and clean up resources that Firewall Manager is managing for accounts when those accounts leave policy scope. For example, Firewall Manager will disassociate a Firewall Manager managed web ACL from a protected customer resource when the customer resource leaves policy scope. - By default, Firewall Manager doesn’t remove protections or delete Firewall Manager managed resources. - This option is not available for Shield Advanced or WAF Classic policies. 
- PolicyStatus (string) – - Indicates whether the policy is in or out of an admin’s policy or Region scope. - ACTIVE- The administrator can manage and delete the policy.
- OUT_OF_ADMIN_SCOPE- The administrator can view the policy, but they can’t edit or delete the policy. Existing policy protections stay in place. Any new resources that come into scope of the policy won’t be protected.
 
 
 
- NextToken (string) – - If you have more - PolicySummaryobjects than the number that you specified for- MaxResultsin the request, the response includes a- NextTokenvalue. To list more- PolicySummaryobjects, submit another- ListPoliciesrequest, and specify the- NextTokenvalue from the response in the- NextTokenvalue in the next request.
 
 
 - Exceptions