Struct aws_sdk_fms::client::fluent_builders::DeletePolicy

source · [−]

pub struct DeletePolicy { /* private fields */ }

Expand description

Fluent builder constructing a request to DeletePolicy.

Permanently deletes an Firewall Manager policy.

Implementations

source

impl DeletePolicy

source

pub async fn send(
self
) -> Result<DeletePolicyOutput, SdkError<DeletePolicyError>>

Sends the request and returns the response.

If an error occurs, an SdkError will be returned with additional details that can be matched against.

By default, any retryable failures will be retried twice. Retry behavior is configurable with the RetryConfig, which can be set when configuring the client.

source

pub fn policy_id(self, input: impl Into<String>) -> Self

The ID of the policy that you want to delete. You can retrieve this ID from PutPolicy and ListPolicies.

source

pub fn set_policy_id(self, input: Option<String>) -> Self

The ID of the policy that you want to delete. You can retrieve this ID from PutPolicy and ListPolicies.

source

pub fn delete_all_policy_resources(self, input: bool) -> Self

If True, the request performs cleanup according to the policy type.

For WAF and Shield Advanced policies, the cleanup does the following:

Deletes rule groups created by Firewall Manager
Removes web ACLs from in-scope resources
Deletes web ACLs that contain no rules or rule groups

For security group policies, the cleanup does the following for each security group in the policy:

Disassociates the security group from in-scope resources
Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy

After the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.

source

pub fn set_delete_all_policy_resources(self, input: Option<bool>) -> Self

If True, the request performs cleanup according to the policy type.

For WAF and Shield Advanced policies, the cleanup does the following:

Deletes rule groups created by Firewall Manager
Removes web ACLs from in-scope resources
Deletes web ACLs that contain no rules or rule groups

For security group policies, the cleanup does the following for each security group in the policy:

Disassociates the security group from in-scope resources
Deletes the security group if it was created through Firewall Manager and if it's no longer associated with any resources through another policy

After the cleanup, in-scope resources are no longer protected by web ACLs in this policy. Protection of out-of-scope resources remains unchanged. Scope is determined by tags that you create and accounts that you associate with the policy. When creating the policy, if you specify that only resources in specific accounts or with specific tags are in scope of the policy, those accounts and resources are handled by the policy. All others are out of scope. If you don't specify tags or accounts, all resources are in scope.