NetworkFirewall / Paginator / ListFlowOperationResults

ListFlowOperationResults#

class NetworkFirewall.Paginator.ListFlowOperationResults#
paginator = client.get_paginator('list_flow_operation_results')
paginate(**kwargs)#

Creates an iterator that will paginate through responses from NetworkFirewall.Client.list_flow_operation_results().

See also: AWS API Documentation

Request Syntax

response_iterator = paginator.paginate(
    FirewallArn='string',
    FlowOperationId='string',
    AvailabilityZone='string',
    PaginationConfig={
        'MaxItems': 123,
        'PageSize': 123,
        'StartingToken': 'string'
    }
)
Parameters:

  • FirewallArn (string) –

    [REQUIRED]

    The Amazon Resource Name (ARN) of the firewall.

  • FlowOperationId (string) –

    [REQUIRED]

    A unique identifier for the flow operation. This ID is returned in the responses to start and list commands. You provide to describe commands.

  • AvailabilityZone (string) –

    The ID of the Availability Zone where the firewall is located. For example, us-east-2a.

    Defines the scope a flow operation. You can use up to 20 filters to configure a single flow operation.

  • PaginationConfig (dict) –

    A dictionary that provides parameters to control pagination.

    • MaxItems (integer) –

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a NextToken will be provided in the output that you can use to resume pagination.

    • PageSize (integer) –

      The size of each page.

    • StartingToken (string) –

      A token to specify where to start paginating. This is the NextToken from a previous response.

Return type:

dict

Returns:

Response Syntax

{
    'FirewallArn': 'string',
    'AvailabilityZone': 'string',
    'FlowOperationId': 'string',
    'FlowOperationStatus': 'COMPLETED'|'IN_PROGRESS'|'FAILED'|'COMPLETED_WITH_ERRORS',
    'StatusMessage': 'string',
    'FlowRequestTimestamp': datetime(2015, 1, 1),
    'Flows': [
        {
            'SourceAddress': {
                'AddressDefinition': 'string'
            },
            'DestinationAddress': {
                'AddressDefinition': 'string'
            },
            'SourcePort': 'string',
            'DestinationPort': 'string',
            'Protocol': 'string',
            'Age': 123,
            'PacketCount': 123,
            'ByteCount': 123
        },
    ],

}

Response Structure

  • (dict) –

    • FirewallArn (string) –

      The Amazon Resource Name (ARN) of the firewall.

    • AvailabilityZone (string) –

      The ID of the Availability Zone where the firewall is located. For example, us-east-2a.

      Defines the scope a flow operation. You can use up to 20 filters to configure a single flow operation.

    • FlowOperationId (string) –

      A unique identifier for the flow operation. This ID is returned in the responses to start and list commands. You provide to describe commands.

    • FlowOperationStatus (string) –

      Returns the status of the flow operation. This string is returned in the responses to start, list, and describe commands.

      If the status is COMPLETED_WITH_ERRORS, results may be returned with any number of Flows missing from the response. If the status is FAILED, Flows returned will be empty.

    • StatusMessage (string) –

      If the asynchronous operation fails, Network Firewall populates this with the reason for the error or failure. Options include Flow operation error and Flow timeout.

    • FlowRequestTimestamp (datetime) –

      A timestamp indicating when the Suricata engine identified flows impacted by an operation.

    • Flows (list) –

      Any number of arrays, where each array is a single flow identified in the scope of the operation. If multiple flows were in the scope of the operation, multiple Flows arrays are returned.

      • (dict) –

        Any number of arrays, where each array is a single flow identified in the scope of the operation. If multiple flows were in the scope of the operation, multiple Flows arrays are returned.

        • SourceAddress (dict) –

          A single IP address specification. This is used in the MatchAttributes source and destination specifications.

          • AddressDefinition (string) –

            Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.

            Examples:

            • To configure Network Firewall to inspect for the IP address 192.0.2.44, specify 192.0.2.44/32.

            • To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.

            • To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128.

            • To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify 1111:0000:0000:0000:0000:0000:0000:0000/64.

            For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

        • DestinationAddress (dict) –

          A single IP address specification. This is used in the MatchAttributes source and destination specifications.

          • AddressDefinition (string) –

            Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6.

            Examples:

            • To configure Network Firewall to inspect for the IP address 192.0.2.44, specify 192.0.2.44/32.

            • To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify 192.0.2.0/24.

            • To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify 1111:0000:0000:0000:0000:0000:0000:0111/128.

            • To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify 1111:0000:0000:0000:0000:0000:0000:0000/64.

            For more information about CIDR notation, see the Wikipedia entry Classless Inter-Domain Routing.

        • SourcePort (string) –

          The source port to inspect for. You can specify an individual port, for example 1994 and you can specify a port range, for example 1990:1994. To match with any port, specify ANY.

        • DestinationPort (string) –

          The destination port to inspect for. You can specify an individual port, for example 1994 and you can specify a port range, for example 1990:1994. To match with any port, specify ANY.

        • Protocol (string) –

          The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol.

        • Age (integer) –

          Returned as info about age of the flows identified by the flow operation.

        • PacketCount (integer) –

          Returns the total number of data packets received or transmitted in a flow.

        • ByteCount (integer) –

          Returns the number of bytes received or transmitted in a specific flow.