NetworkFirewall / Client / list_flow_operations
list_flow_operations¶
- NetworkFirewall.Client.list_flow_operations(**kwargs)¶
Returns a list of all flow operations ran in a specific firewall. You can optionally narrow the request scope by specifying the operation type or Availability Zone associated with a firewall’s flow operations.
Flow operations let you manage the flows tracked in the flow table, also known as the firewall table.
A flow is network traffic that is monitored by a firewall, either by stateful or stateless rules. For traffic to be considered part of a flow, it must share Destination, DestinationPort, Direction, Protocol, Source, and SourcePort.
See also: AWS API Documentation
Request Syntax
response = client.list_flow_operations( FirewallArn='string', AvailabilityZone='string', VpcEndpointAssociationArn='string', VpcEndpointId='string', FlowOperationType='FLOW_FLUSH'|'FLOW_CAPTURE', NextToken='string', MaxResults=123 )
- Parameters:
FirewallArn (string) –
[REQUIRED]
The Amazon Resource Name (ARN) of the firewall.
AvailabilityZone (string) –
The ID of the Availability Zone where the firewall is located. For example,
us-east-2a.Defines the scope a flow operation. You can use up to 20 filters to configure a single flow operation.
VpcEndpointAssociationArn (string) – The Amazon Resource Name (ARN) of a VPC endpoint association.
VpcEndpointId (string) – A unique identifier for the primary endpoint associated with a firewall.
FlowOperationType (string) – An optional string that defines whether any or all operation types are returned.
NextToken (string) – When you request a list of objects with a
MaxResultssetting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Network Firewall returns aNextTokenvalue in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.MaxResults (integer) – The maximum number of objects that you want Network Firewall to return for this request. If more objects are available, in the response, Network Firewall provides a
NextTokenvalue that you can use in a subsequent call to get the next batch of objects.
- Return type:
dict
- Returns:
Response Syntax
{ 'FlowOperations': [ { 'FlowOperationId': 'string', 'FlowOperationType': 'FLOW_FLUSH'|'FLOW_CAPTURE', 'FlowRequestTimestamp': datetime(2015, 1, 1), 'FlowOperationStatus': 'COMPLETED'|'IN_PROGRESS'|'FAILED'|'COMPLETED_WITH_ERRORS' }, ], 'NextToken': 'string' }
Response Structure
(dict) –
FlowOperations (list) –
Flow operations let you manage the flows tracked in the flow table, also known as the firewall table.
A flow is network traffic that is monitored by a firewall, either by stateful or stateless rules. For traffic to be considered part of a flow, it must share Destination, DestinationPort, Direction, Protocol, Source, and SourcePort.
(dict) –
An array of objects with metadata about the requested
FlowOperation.FlowOperationId (string) –
A unique identifier for the flow operation. This ID is returned in the responses to start and list commands. You provide to describe commands.
FlowOperationType (string) –
Defines the type of
FlowOperation.FlowRequestTimestamp (datetime) –
A timestamp indicating when the Suricata engine identified flows impacted by an operation.
FlowOperationStatus (string) –
Returns the status of the flow operation. This string is returned in the responses to start, list, and describe commands.
If the status is
COMPLETED_WITH_ERRORS, results may be returned with any number ofFlowsmissing from the response. If the status isFAILED,Flowsreturned will be empty.
NextToken (string) –
When you request a list of objects with a
MaxResultssetting, if the number of objects that are still available for retrieval exceeds the maximum you requested, Network Firewall returns aNextTokenvalue in the response. To retrieve the next batch of objects, use the token returned from the prior request in your next request.
Exceptions