Devolutions.CIEM

0.3.28

Checks/Aws/Test-FmsPolicyCompliant.ps1

                                function Test-FmsPolicyCompliant {

    <#

    .SYNOPSIS

        All AWS FMS policies in the admin account are compliant for all accounts

    .DESCRIPTION

        **Firewall Manager** policies in the administrator account are evaluated for organization-wide compliance. The assessment reviews each policy's account-level status and flags entries marked `NON_COMPLIANT` or unset. It also identifies when no effective policies exist within the administrator scope.

    .PARAMETER Check

        CIEMCheck object containing check metadata.

    #>

    [CmdletBinding()]

    [OutputType([PSCustomObject[]])]

    param(

        [Parameter(Mandatory)]

        [CIEMCheck]$Check

    )

    $ErrorActionPreference = 'Stop'

    # TODO: Implement check logic based on Prowler check: fms_policy_compliant

    [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check fms_policy_compliant for reference.', 'N/A', 'fms Resources')

}