aws-sdk-inspector2 1.7.0 → 1.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -56,7 +56,7 @@ module Aws::Inspector2
56
56
  #
57
57
  # {
58
58
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
59
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
59
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
60
60
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
61
61
  # sort_order: "ASC", # accepts ASC, DESC
62
62
  # }
@@ -108,7 +108,7 @@ module Aws::Inspector2
108
108
  end
109
109
 
110
110
  # An object with details the status of an Amazon Web Services account
111
- # within your Amazon Inspector environment
111
+ # within your Amazon Inspector environment.
112
112
  #
113
113
  # @!attribute [rw] account_id
114
114
  # The Amazon Web Services account ID.
@@ -167,6 +167,14 @@ module Aws::Inspector2
167
167
  # on container image layers.
168
168
  # @return [Types::ImageLayerAggregation]
169
169
  #
170
+ # @!attribute [rw] lambda_function_aggregation
171
+ # Returns an object with findings aggregated by AWS Lambda function.
172
+ # @return [Types::LambdaFunctionAggregation]
173
+ #
174
+ # @!attribute [rw] lambda_layer_aggregation
175
+ # Returns an object with findings aggregated by AWS Lambda layer.
176
+ # @return [Types::LambdaLayerAggregation]
177
+ #
170
178
  # @!attribute [rw] package_aggregation
171
179
  # An object that contains details about an aggregation request based
172
180
  # on operating system package type.
@@ -191,6 +199,8 @@ module Aws::Inspector2
191
199
  :ec2_instance_aggregation,
192
200
  :finding_type_aggregation,
193
201
  :image_layer_aggregation,
202
+ :lambda_function_aggregation,
203
+ :lambda_layer_aggregation,
194
204
  :package_aggregation,
195
205
  :repository_aggregation,
196
206
  :title_aggregation,
@@ -205,6 +215,8 @@ module Aws::Inspector2
205
215
  class Ec2InstanceAggregation < AggregationRequest; end
206
216
  class FindingTypeAggregation < AggregationRequest; end
207
217
  class ImageLayerAggregation < AggregationRequest; end
218
+ class LambdaFunctionAggregation < AggregationRequest; end
219
+ class LambdaLayerAggregation < AggregationRequest; end
208
220
  class PackageAggregation < AggregationRequest; end
209
221
  class RepositoryAggregation < AggregationRequest; end
210
222
  class TitleAggregation < AggregationRequest; end
@@ -246,6 +258,14 @@ module Aws::Inspector2
246
258
  # on container image layers.
247
259
  # @return [Types::ImageLayerAggregationResponse]
248
260
  #
261
+ # @!attribute [rw] lambda_function_aggregation
262
+ # An aggregation of findings by AWS Lambda function.
263
+ # @return [Types::LambdaFunctionAggregationResponse]
264
+ #
265
+ # @!attribute [rw] lambda_layer_aggregation
266
+ # An aggregation of findings by AWS Lambda layer.
267
+ # @return [Types::LambdaLayerAggregationResponse]
268
+ #
249
269
  # @!attribute [rw] package_aggregation
250
270
  # An object that contains details about an aggregation response based
251
271
  # on operating system package type.
@@ -270,6 +290,8 @@ module Aws::Inspector2
270
290
  :ec2_instance_aggregation,
271
291
  :finding_type_aggregation,
272
292
  :image_layer_aggregation,
293
+ :lambda_function_aggregation,
294
+ :lambda_layer_aggregation,
273
295
  :package_aggregation,
274
296
  :repository_aggregation,
275
297
  :title_aggregation,
@@ -284,6 +306,8 @@ module Aws::Inspector2
284
306
  class Ec2InstanceAggregation < AggregationResponse; end
285
307
  class FindingTypeAggregation < AggregationResponse; end
286
308
  class ImageLayerAggregation < AggregationResponse; end
309
+ class LambdaFunctionAggregation < AggregationResponse; end
310
+ class LambdaLayerAggregation < AggregationResponse; end
287
311
  class PackageAggregation < AggregationResponse; end
288
312
  class RepositoryAggregation < AggregationResponse; end
289
313
  class TitleAggregation < AggregationResponse; end
@@ -332,7 +356,7 @@ module Aws::Inspector2
332
356
  # A response that contains the results of a finding aggregation by AMI.
333
357
  #
334
358
  # @!attribute [rw] account_id
335
- # The Amazon Web Services account ID that the AMI belongs.
359
+ # The Amazon Web Services account ID for the AMI.
336
360
  # @return [String]
337
361
  #
338
362
  # @!attribute [rw] affected_instances
@@ -400,6 +424,7 @@ module Aws::Inspector2
400
424
  # {
401
425
  # ec2: false, # required
402
426
  # ecr: false, # required
427
+ # lambda: false,
403
428
  # }
404
429
  #
405
430
  # @!attribute [rw] ec2
@@ -412,11 +437,17 @@ module Aws::Inspector2
412
437
  # new members of your Amazon Inspector organization.
413
438
  # @return [Boolean]
414
439
  #
440
+ # @!attribute [rw] lambda
441
+ # Represents whether AWS Lambda scans are automatically enabled for
442
+ # new members of your Amazon Inspector organization.
443
+ # @return [Boolean]
444
+ #
415
445
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/AutoEnable AWS API Documentation
416
446
  #
417
447
  class AutoEnable < Struct.new(
418
448
  :ec2,
419
- :ecr)
449
+ :ecr,
450
+ :lambda)
420
451
  SENSITIVE = []
421
452
  include Aws::Structure
422
453
  end
@@ -634,7 +665,7 @@ module Aws::Inspector2
634
665
  # @return [Time]
635
666
  #
636
667
  # @!attribute [rw] registry
637
- # The registry the Amazon ECR container image belongs to.
668
+ # The registry for the Amazon ECR container image.
638
669
  # @return [String]
639
670
  #
640
671
  # @!attribute [rw] repository_name
@@ -657,6 +688,78 @@ module Aws::Inspector2
657
688
  include Aws::Structure
658
689
  end
659
690
 
691
+ # A summary of information about the AWS Lambda function.
692
+ #
693
+ # @!attribute [rw] architectures
694
+ # The instruction set architecture that the AWS Lambda function
695
+ # supports. Architecture is a string array with one of the valid
696
+ # values. The default architecture value is `x86_64`.
697
+ # @return [Array<String>]
698
+ #
699
+ # @!attribute [rw] code_sha_256
700
+ # The SHA256 hash of the AWS Lambda function's deployment package.
701
+ # @return [String]
702
+ #
703
+ # @!attribute [rw] execution_role_arn
704
+ # The AWS Lambda function's execution role.
705
+ # @return [String]
706
+ #
707
+ # @!attribute [rw] function_name
708
+ # The name of the AWS Lambda function.
709
+ # @return [String]
710
+ #
711
+ # @!attribute [rw] last_modified_at
712
+ # The date and time that a user last updated the configuration, in
713
+ # [ISO 8601 format][1]
714
+ #
715
+ #
716
+ #
717
+ # [1]: https://www.iso.org/iso-8601-date-and-time-format.html
718
+ # @return [Time]
719
+ #
720
+ # @!attribute [rw] layers
721
+ # The AWS Lambda function's [ layers][1]. A Lambda function can have
722
+ # up to five layers.
723
+ #
724
+ #
725
+ #
726
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
727
+ # @return [Array<String>]
728
+ #
729
+ # @!attribute [rw] package_type
730
+ # The type of deployment package. Set to `Image` for container image
731
+ # and set `Zip` for .zip file archive.
732
+ # @return [String]
733
+ #
734
+ # @!attribute [rw] runtime
735
+ # The runtime environment for the AWS Lambda function.
736
+ # @return [String]
737
+ #
738
+ # @!attribute [rw] version
739
+ # The version of the AWS Lambda function.
740
+ # @return [String]
741
+ #
742
+ # @!attribute [rw] vpc_config
743
+ # The AWS Lambda function's networking configuration.
744
+ # @return [Types::LambdaVpcConfig]
745
+ #
746
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/AwsLambdaFunctionDetails AWS API Documentation
747
+ #
748
+ class AwsLambdaFunctionDetails < Struct.new(
749
+ :architectures,
750
+ :code_sha_256,
751
+ :execution_role_arn,
752
+ :function_name,
753
+ :last_modified_at,
754
+ :layers,
755
+ :package_type,
756
+ :runtime,
757
+ :version,
758
+ :vpc_config)
759
+ SENSITIVE = []
760
+ include Aws::Structure
761
+ end
762
+
660
763
  # One or more tags submitted as part of the request is not valid.
661
764
  #
662
765
  # @!attribute [rw] message
@@ -853,6 +956,25 @@ module Aws::Inspector2
853
956
  # value: "CoverageStringInput", # required
854
957
  # },
855
958
  # ],
959
+ # lambda_function_name: [
960
+ # {
961
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
962
+ # value: "CoverageStringInput", # required
963
+ # },
964
+ # ],
965
+ # lambda_function_runtime: [
966
+ # {
967
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
968
+ # value: "CoverageStringInput", # required
969
+ # },
970
+ # ],
971
+ # lambda_function_tags: [
972
+ # {
973
+ # comparison: "EQUALS", # required, accepts EQUALS
974
+ # key: "NonEmptyString", # required
975
+ # value: "NonEmptyString",
976
+ # },
977
+ # ],
856
978
  # resource_id: [
857
979
  # {
858
980
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -902,6 +1024,21 @@ module Aws::Inspector2
902
1024
  # The Amazon ECR repository name to filter on.
903
1025
  # @return [Array<Types::CoverageStringFilter>]
904
1026
  #
1027
+ # @!attribute [rw] lambda_function_name
1028
+ # Returns coverage statistics for AWS Lambda functions filtered by
1029
+ # function names.
1030
+ # @return [Array<Types::CoverageStringFilter>]
1031
+ #
1032
+ # @!attribute [rw] lambda_function_runtime
1033
+ # Returns coverage statistics for AWS Lambda functions filtered by
1034
+ # runtime.
1035
+ # @return [Array<Types::CoverageStringFilter>]
1036
+ #
1037
+ # @!attribute [rw] lambda_function_tags
1038
+ # Returns coverage statistics for AWS Lambda functions filtered by
1039
+ # tag.
1040
+ # @return [Array<Types::CoverageMapFilter>]
1041
+ #
905
1042
  # @!attribute [rw] resource_id
906
1043
  # An array of Amazon Web Services resource IDs to return coverage
907
1044
  # statistics for.
@@ -933,6 +1070,9 @@ module Aws::Inspector2
933
1070
  :ec2_instance_tags,
934
1071
  :ecr_image_tags,
935
1072
  :ecr_repository_name,
1073
+ :lambda_function_name,
1074
+ :lambda_function_runtime,
1075
+ :lambda_function_tags,
936
1076
  :resource_id,
937
1077
  :resource_type,
938
1078
  :scan_status_code,
@@ -1121,6 +1261,12 @@ module Aws::Inspector2
1121
1261
  # value: "StringInput", # required
1122
1262
  # },
1123
1263
  # ],
1264
+ # exploit_available: [
1265
+ # {
1266
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1267
+ # value: "StringInput", # required
1268
+ # },
1269
+ # ],
1124
1270
  # finding_arn: [
1125
1271
  # {
1126
1272
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -1157,6 +1303,36 @@ module Aws::Inspector2
1157
1303
  # upper_inclusive: 1.0,
1158
1304
  # },
1159
1305
  # ],
1306
+ # lambda_function_execution_role_arn: [
1307
+ # {
1308
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1309
+ # value: "StringInput", # required
1310
+ # },
1311
+ # ],
1312
+ # lambda_function_last_modified_at: [
1313
+ # {
1314
+ # end_inclusive: Time.now,
1315
+ # start_inclusive: Time.now,
1316
+ # },
1317
+ # ],
1318
+ # lambda_function_layers: [
1319
+ # {
1320
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1321
+ # value: "StringInput", # required
1322
+ # },
1323
+ # ],
1324
+ # lambda_function_name: [
1325
+ # {
1326
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1327
+ # value: "StringInput", # required
1328
+ # },
1329
+ # ],
1330
+ # lambda_function_runtime: [
1331
+ # {
1332
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1333
+ # value: "StringInput", # required
1334
+ # },
1335
+ # ],
1160
1336
  # last_observed_at: [
1161
1337
  # {
1162
1338
  # end_inclusive: Time.now,
@@ -1254,6 +1430,10 @@ module Aws::Inspector2
1254
1430
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1255
1431
  # value: "StringInput", # required
1256
1432
  # },
1433
+ # source_lambda_layer_arn: {
1434
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1435
+ # value: "StringInput", # required
1436
+ # },
1257
1437
  # source_layer_hash: {
1258
1438
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1259
1439
  # value: "StringInput", # required
@@ -1401,6 +1581,12 @@ module Aws::Inspector2
1401
1581
  # value: "StringInput", # required
1402
1582
  # },
1403
1583
  # ],
1584
+ # exploit_available: [
1585
+ # {
1586
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1587
+ # value: "StringInput", # required
1588
+ # },
1589
+ # ],
1404
1590
  # finding_arn: [
1405
1591
  # {
1406
1592
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -1437,6 +1623,36 @@ module Aws::Inspector2
1437
1623
  # upper_inclusive: 1.0,
1438
1624
  # },
1439
1625
  # ],
1626
+ # lambda_function_execution_role_arn: [
1627
+ # {
1628
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1629
+ # value: "StringInput", # required
1630
+ # },
1631
+ # ],
1632
+ # lambda_function_last_modified_at: [
1633
+ # {
1634
+ # end_inclusive: Time.now,
1635
+ # start_inclusive: Time.now,
1636
+ # },
1637
+ # ],
1638
+ # lambda_function_layers: [
1639
+ # {
1640
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1641
+ # value: "StringInput", # required
1642
+ # },
1643
+ # ],
1644
+ # lambda_function_name: [
1645
+ # {
1646
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1647
+ # value: "StringInput", # required
1648
+ # },
1649
+ # ],
1650
+ # lambda_function_runtime: [
1651
+ # {
1652
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1653
+ # value: "StringInput", # required
1654
+ # },
1655
+ # ],
1440
1656
  # last_observed_at: [
1441
1657
  # {
1442
1658
  # end_inclusive: Time.now,
@@ -1534,6 +1750,10 @@ module Aws::Inspector2
1534
1750
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1535
1751
  # value: "StringInput", # required
1536
1752
  # },
1753
+ # source_lambda_layer_arn: {
1754
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1755
+ # value: "StringInput", # required
1756
+ # },
1537
1757
  # source_layer_hash: {
1538
1758
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1539
1759
  # value: "StringInput", # required
@@ -1874,7 +2094,7 @@ module Aws::Inspector2
1874
2094
  #
1875
2095
  # {
1876
2096
  # account_ids: ["AccountId"],
1877
- # resource_types: ["EC2"], # accepts EC2, ECR
2097
+ # resource_types: ["EC2"], # accepts EC2, ECR, LAMBDA
1878
2098
  # }
1879
2099
  #
1880
2100
  # @!attribute [rw] account_ids
@@ -2026,7 +2246,7 @@ module Aws::Inspector2
2026
2246
  # Amazon EC2 instance.
2027
2247
  #
2028
2248
  # @!attribute [rw] account_id
2029
- # The Amazon Web Services account the Amazon EC2 instance belongs to.
2249
+ # The Amazon Web Services account for the Amazon EC2 instance.
2030
2250
  # @return [String]
2031
2251
  #
2032
2252
  # @!attribute [rw] ami
@@ -2093,7 +2313,7 @@ module Aws::Inspector2
2093
2313
  end
2094
2314
 
2095
2315
  # Details about the ECR automated re-scan duration setting for your
2096
- # environment
2316
+ # environment.
2097
2317
  #
2098
2318
  # @note When making an API call, you may pass EcrConfiguration
2099
2319
  # data as a hash:
@@ -2246,7 +2466,7 @@ module Aws::Inspector2
2246
2466
  # {
2247
2467
  # account_ids: ["AccountId"],
2248
2468
  # client_token: "ClientToken",
2249
- # resource_types: ["EC2"], # required, accepts EC2, ECR
2469
+ # resource_types: ["EC2"], # required, accepts EC2, ECR, LAMBDA
2250
2470
  # }
2251
2471
  #
2252
2472
  # @!attribute [rw] account_ids
@@ -2293,6 +2513,22 @@ module Aws::Inspector2
2293
2513
  include Aws::Structure
2294
2514
  end
2295
2515
 
2516
+ # The details of an exploit available for a finding discovered in your
2517
+ # environment.
2518
+ #
2519
+ # @!attribute [rw] last_known_exploit_at
2520
+ # The date and time of the last exploit associated with a finding
2521
+ # discovered in your environment.
2522
+ # @return [Time]
2523
+ #
2524
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ExploitabilityDetails AWS API Documentation
2525
+ #
2526
+ class ExploitabilityDetails < Struct.new(
2527
+ :last_known_exploit_at)
2528
+ SENSITIVE = []
2529
+ include Aws::Structure
2530
+ end
2531
+
2296
2532
  # An object with details on why an account failed to enable Amazon
2297
2533
  # Inspector.
2298
2534
  #
@@ -2470,6 +2706,12 @@ module Aws::Inspector2
2470
2706
  # value: "StringInput", # required
2471
2707
  # },
2472
2708
  # ],
2709
+ # exploit_available: [
2710
+ # {
2711
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2712
+ # value: "StringInput", # required
2713
+ # },
2714
+ # ],
2473
2715
  # finding_arn: [
2474
2716
  # {
2475
2717
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -2506,6 +2748,36 @@ module Aws::Inspector2
2506
2748
  # upper_inclusive: 1.0,
2507
2749
  # },
2508
2750
  # ],
2751
+ # lambda_function_execution_role_arn: [
2752
+ # {
2753
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2754
+ # value: "StringInput", # required
2755
+ # },
2756
+ # ],
2757
+ # lambda_function_last_modified_at: [
2758
+ # {
2759
+ # end_inclusive: Time.now,
2760
+ # start_inclusive: Time.now,
2761
+ # },
2762
+ # ],
2763
+ # lambda_function_layers: [
2764
+ # {
2765
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2766
+ # value: "StringInput", # required
2767
+ # },
2768
+ # ],
2769
+ # lambda_function_name: [
2770
+ # {
2771
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2772
+ # value: "StringInput", # required
2773
+ # },
2774
+ # ],
2775
+ # lambda_function_runtime: [
2776
+ # {
2777
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2778
+ # value: "StringInput", # required
2779
+ # },
2780
+ # ],
2509
2781
  # last_observed_at: [
2510
2782
  # {
2511
2783
  # end_inclusive: Time.now,
@@ -2603,6 +2875,10 @@ module Aws::Inspector2
2603
2875
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2604
2876
  # value: "StringInput", # required
2605
2877
  # },
2878
+ # source_lambda_layer_arn: {
2879
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2880
+ # value: "StringInput", # required
2881
+ # },
2606
2882
  # source_layer_hash: {
2607
2883
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2608
2884
  # value: "StringInput", # required
@@ -2669,6 +2945,11 @@ module Aws::Inspector2
2669
2945
  # The tags attached to the Amazon ECR container image.
2670
2946
  # @return [Array<Types::StringFilter>]
2671
2947
  #
2948
+ # @!attribute [rw] exploit_available
2949
+ # Filters the list of AWS Lambda findings by the availability of
2950
+ # exploits.
2951
+ # @return [Array<Types::StringFilter>]
2952
+ #
2672
2953
  # @!attribute [rw] finding_arn
2673
2954
  # Details on the finding ARNs used to filter findings.
2674
2955
  # @return [Array<Types::StringFilter>]
@@ -2697,6 +2978,38 @@ module Aws::Inspector2
2697
2978
  # The Amazon Inspector score to filter on.
2698
2979
  # @return [Array<Types::NumberFilter>]
2699
2980
  #
2981
+ # @!attribute [rw] lambda_function_execution_role_arn
2982
+ # Filters the list of AWS Lambda functions by execution role.
2983
+ # @return [Array<Types::StringFilter>]
2984
+ #
2985
+ # @!attribute [rw] lambda_function_last_modified_at
2986
+ # Filters the list of AWS Lambda functions by the date and time that a
2987
+ # user last updated the configuration, in [ISO 8601 format][1]
2988
+ #
2989
+ #
2990
+ #
2991
+ # [1]: https://www.iso.org/iso-8601-date-and-time-format.html
2992
+ # @return [Array<Types::DateFilter>]
2993
+ #
2994
+ # @!attribute [rw] lambda_function_layers
2995
+ # Filters the list of AWS Lambda functions by the function's [
2996
+ # layers][1]. A Lambda function can have up to five layers.
2997
+ #
2998
+ #
2999
+ #
3000
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
3001
+ # @return [Array<Types::StringFilter>]
3002
+ #
3003
+ # @!attribute [rw] lambda_function_name
3004
+ # Filters the list of AWS Lambda functions by the name of the
3005
+ # function.
3006
+ # @return [Array<Types::StringFilter>]
3007
+ #
3008
+ # @!attribute [rw] lambda_function_runtime
3009
+ # Filters the list of AWS Lambda functions by the runtime environment
3010
+ # for the Lambda function.
3011
+ # @return [Array<Types::StringFilter>]
3012
+ #
2700
3013
  # @!attribute [rw] last_observed_at
2701
3014
  # Details on the date and time a finding was last seen used to filter
2702
3015
  # findings.
@@ -2770,12 +3083,18 @@ module Aws::Inspector2
2770
3083
  :ecr_image_registry,
2771
3084
  :ecr_image_repository_name,
2772
3085
  :ecr_image_tags,
3086
+ :exploit_available,
2773
3087
  :finding_arn,
2774
3088
  :finding_status,
2775
3089
  :finding_type,
2776
3090
  :first_observed_at,
2777
3091
  :fix_available,
2778
3092
  :inspector_score,
3093
+ :lambda_function_execution_role_arn,
3094
+ :lambda_function_last_modified_at,
3095
+ :lambda_function_layers,
3096
+ :lambda_function_name,
3097
+ :lambda_function_runtime,
2779
3098
  :last_observed_at,
2780
3099
  :network_protocol,
2781
3100
  :port_range,
@@ -2804,6 +3123,16 @@ module Aws::Inspector2
2804
3123
  # The description of the finding.
2805
3124
  # @return [String]
2806
3125
  #
3126
+ # @!attribute [rw] exploit_available
3127
+ # If a finding discovered in your environment has an exploit
3128
+ # available.
3129
+ # @return [String]
3130
+ #
3131
+ # @!attribute [rw] exploitability_details
3132
+ # The details of an exploit available for a finding discovered in your
3133
+ # environment.
3134
+ # @return [Types::ExploitabilityDetails]
3135
+ #
2807
3136
  # @!attribute [rw] finding_arn
2808
3137
  # The Amazon Resource Number (ARN) of the finding.
2809
3138
  # @return [String]
@@ -2875,6 +3204,8 @@ module Aws::Inspector2
2875
3204
  class Finding < Struct.new(
2876
3205
  :aws_account_id,
2877
3206
  :description,
3207
+ :exploit_available,
3208
+ :exploitability_details,
2878
3209
  :finding_arn,
2879
3210
  :first_observed_at,
2880
3211
  :fix_available,
@@ -2901,7 +3232,7 @@ module Aws::Inspector2
2901
3232
  #
2902
3233
  # {
2903
3234
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
2904
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
3235
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
2905
3236
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
2906
3237
  # sort_order: "ASC", # accepts ASC, DESC
2907
3238
  # }
@@ -3291,47 +3622,329 @@ module Aws::Inspector2
3291
3622
  include Aws::Structure
3292
3623
  end
3293
3624
 
3294
- # @note When making an API call, you may pass ListAccountPermissionsRequest
3625
+ # The details that define a findings aggregation based on AWS Lambda
3626
+ # functions.
3627
+ #
3628
+ # @note When making an API call, you may pass LambdaFunctionAggregation
3295
3629
  # data as a hash:
3296
3630
  #
3297
3631
  # {
3298
- # max_results: 1,
3299
- # next_token: "NextToken",
3300
- # service: "EC2", # accepts EC2, ECR
3632
+ # function_names: [
3633
+ # {
3634
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3635
+ # value: "StringInput", # required
3636
+ # },
3637
+ # ],
3638
+ # function_tags: [
3639
+ # {
3640
+ # comparison: "EQUALS", # required, accepts EQUALS
3641
+ # key: "MapKey", # required
3642
+ # value: "MapValue",
3643
+ # },
3644
+ # ],
3645
+ # resource_ids: [
3646
+ # {
3647
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3648
+ # value: "StringInput", # required
3649
+ # },
3650
+ # ],
3651
+ # runtimes: [
3652
+ # {
3653
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3654
+ # value: "StringInput", # required
3655
+ # },
3656
+ # ],
3657
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3658
+ # sort_order: "ASC", # accepts ASC, DESC
3301
3659
  # }
3302
3660
  #
3303
- # @!attribute [rw] max_results
3304
- # The maximum number of results to return in the response.
3305
- # @return [Integer]
3661
+ # @!attribute [rw] function_names
3662
+ # The AWS Lambda function names to include in the aggregation results.
3663
+ # @return [Array<Types::StringFilter>]
3306
3664
  #
3307
- # @!attribute [rw] next_token
3308
- # A token to use for paginating results that are returned in the
3309
- # response. Set the value of this parameter to null for the first
3310
- # request to a list action. For subsequent calls, use the `NextToken`
3311
- # value returned from the previous request to continue listing results
3312
- # after the first page.
3665
+ # @!attribute [rw] function_tags
3666
+ # The tags to include in the aggregation results.
3667
+ # @return [Array<Types::MapFilter>]
3668
+ #
3669
+ # @!attribute [rw] resource_ids
3670
+ # The resource IDs to include in the aggregation results.
3671
+ # @return [Array<Types::StringFilter>]
3672
+ #
3673
+ # @!attribute [rw] runtimes
3674
+ # Returns findings aggregated by AWS Lambda function runtime
3675
+ # environments.
3676
+ # @return [Array<Types::StringFilter>]
3677
+ #
3678
+ # @!attribute [rw] sort_by
3679
+ # The finding severity to use for sorting the results.
3313
3680
  # @return [String]
3314
3681
  #
3315
- # @!attribute [rw] service
3316
- # The service scan type to check permissions for.
3682
+ # @!attribute [rw] sort_order
3683
+ # The order to use for sorting the results.
3317
3684
  # @return [String]
3318
3685
  #
3319
- # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ListAccountPermissionsRequest AWS API Documentation
3686
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionAggregation AWS API Documentation
3320
3687
  #
3321
- class ListAccountPermissionsRequest < Struct.new(
3322
- :max_results,
3323
- :next_token,
3324
- :service)
3688
+ class LambdaFunctionAggregation < Struct.new(
3689
+ :function_names,
3690
+ :function_tags,
3691
+ :resource_ids,
3692
+ :runtimes,
3693
+ :sort_by,
3694
+ :sort_order)
3325
3695
  SENSITIVE = []
3326
3696
  include Aws::Structure
3327
3697
  end
3328
3698
 
3329
- # @!attribute [rw] next_token
3330
- # A token to use for paginating results that are returned in the
3331
- # response. Set the value of this parameter to null for the first
3332
- # request to a list action. For subsequent calls, use the `NextToken`
3333
- # value returned from the previous request to continue listing results
3334
- # after the first page.
3699
+ # A response that contains the results of an AWS Lambda function finding
3700
+ # aggregation.
3701
+ #
3702
+ # @!attribute [rw] account_id
3703
+ # The ID of the AWS account that owns the AWS Lambda function.
3704
+ # @return [String]
3705
+ #
3706
+ # @!attribute [rw] function_name
3707
+ # The AWS Lambda function names included in the aggregation results.
3708
+ # @return [String]
3709
+ #
3710
+ # @!attribute [rw] lambda_tags
3711
+ # The tags included in the aggregation results.
3712
+ # @return [Hash<String,String>]
3713
+ #
3714
+ # @!attribute [rw] last_modified_at
3715
+ # The date that the AWS Lambda function included in the aggregation
3716
+ # results was last changed.
3717
+ # @return [Time]
3718
+ #
3719
+ # @!attribute [rw] resource_id
3720
+ # The resource IDs included in the aggregation results.
3721
+ # @return [String]
3722
+ #
3723
+ # @!attribute [rw] runtime
3724
+ # The runtimes included in the aggregation results.
3725
+ # @return [String]
3726
+ #
3727
+ # @!attribute [rw] severity_counts
3728
+ # An object that contains the counts of aggregated finding per
3729
+ # severity.
3730
+ # @return [Types::SeverityCounts]
3731
+ #
3732
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionAggregationResponse AWS API Documentation
3733
+ #
3734
+ class LambdaFunctionAggregationResponse < Struct.new(
3735
+ :account_id,
3736
+ :function_name,
3737
+ :lambda_tags,
3738
+ :last_modified_at,
3739
+ :resource_id,
3740
+ :runtime,
3741
+ :severity_counts)
3742
+ SENSITIVE = []
3743
+ include Aws::Structure
3744
+ end
3745
+
3746
+ # The AWS Lambda function metadata.
3747
+ #
3748
+ # @!attribute [rw] function_name
3749
+ # The name of a function.
3750
+ # @return [String]
3751
+ #
3752
+ # @!attribute [rw] function_tags
3753
+ # The resource tags on an AWS Lambda function.
3754
+ # @return [Hash<String,String>]
3755
+ #
3756
+ # @!attribute [rw] layers
3757
+ # The layers for an AWS Lambda function. A Lambda function can have up
3758
+ # to five layers.
3759
+ # @return [Array<String>]
3760
+ #
3761
+ # @!attribute [rw] runtime
3762
+ # An AWS Lambda function's runtime.
3763
+ # @return [String]
3764
+ #
3765
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionMetadata AWS API Documentation
3766
+ #
3767
+ class LambdaFunctionMetadata < Struct.new(
3768
+ :function_name,
3769
+ :function_tags,
3770
+ :layers,
3771
+ :runtime)
3772
+ SENSITIVE = []
3773
+ include Aws::Structure
3774
+ end
3775
+
3776
+ # The details that define a findings aggregation based on an AWS Lambda
3777
+ # function's layers.
3778
+ #
3779
+ # @note When making an API call, you may pass LambdaLayerAggregation
3780
+ # data as a hash:
3781
+ #
3782
+ # {
3783
+ # function_names: [
3784
+ # {
3785
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3786
+ # value: "StringInput", # required
3787
+ # },
3788
+ # ],
3789
+ # layer_arns: [
3790
+ # {
3791
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3792
+ # value: "StringInput", # required
3793
+ # },
3794
+ # ],
3795
+ # resource_ids: [
3796
+ # {
3797
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3798
+ # value: "StringInput", # required
3799
+ # },
3800
+ # ],
3801
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3802
+ # sort_order: "ASC", # accepts ASC, DESC
3803
+ # }
3804
+ #
3805
+ # @!attribute [rw] function_names
3806
+ # The names of the AWS Lambda functions associated with the layers.
3807
+ # @return [Array<Types::StringFilter>]
3808
+ #
3809
+ # @!attribute [rw] layer_arns
3810
+ # The Amazon Resource Name (ARN) of the AWS Lambda function layer.
3811
+ # @return [Array<Types::StringFilter>]
3812
+ #
3813
+ # @!attribute [rw] resource_ids
3814
+ # The resource IDs for the AWS Lambda function layers.
3815
+ # @return [Array<Types::StringFilter>]
3816
+ #
3817
+ # @!attribute [rw] sort_by
3818
+ # The finding severity to use for sorting the results.
3819
+ # @return [String]
3820
+ #
3821
+ # @!attribute [rw] sort_order
3822
+ # The order to use for sorting the results.
3823
+ # @return [String]
3824
+ #
3825
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaLayerAggregation AWS API Documentation
3826
+ #
3827
+ class LambdaLayerAggregation < Struct.new(
3828
+ :function_names,
3829
+ :layer_arns,
3830
+ :resource_ids,
3831
+ :sort_by,
3832
+ :sort_order)
3833
+ SENSITIVE = []
3834
+ include Aws::Structure
3835
+ end
3836
+
3837
+ # A response that contains the results of an AWS Lambda function layer
3838
+ # finding aggregation.
3839
+ #
3840
+ # @!attribute [rw] account_id
3841
+ # The account ID of the AWS Lambda function layer.
3842
+ # @return [String]
3843
+ #
3844
+ # @!attribute [rw] function_name
3845
+ # The names of the AWS Lambda functions associated with the layers.
3846
+ # @return [String]
3847
+ #
3848
+ # @!attribute [rw] layer_arn
3849
+ # The Amazon Resource Name (ARN) of the AWS Lambda function layer.
3850
+ # @return [String]
3851
+ #
3852
+ # @!attribute [rw] resource_id
3853
+ # The Resource ID of the AWS Lambda function layer.
3854
+ # @return [String]
3855
+ #
3856
+ # @!attribute [rw] severity_counts
3857
+ # An object that contains the counts of aggregated finding per
3858
+ # severity.
3859
+ # @return [Types::SeverityCounts]
3860
+ #
3861
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaLayerAggregationResponse AWS API Documentation
3862
+ #
3863
+ class LambdaLayerAggregationResponse < Struct.new(
3864
+ :account_id,
3865
+ :function_name,
3866
+ :layer_arn,
3867
+ :resource_id,
3868
+ :severity_counts)
3869
+ SENSITIVE = []
3870
+ include Aws::Structure
3871
+ end
3872
+
3873
+ # The VPC security groups and subnets that are attached to an AWS Lambda
3874
+ # function. For more information, see [VPC Settings][1].
3875
+ #
3876
+ #
3877
+ #
3878
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
3879
+ #
3880
+ # @!attribute [rw] security_group_ids
3881
+ # The VPC security groups and subnets that are attached to an AWS
3882
+ # Lambda function. For more information, see [VPC Settings][1].
3883
+ #
3884
+ #
3885
+ #
3886
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
3887
+ # @return [Array<String>]
3888
+ #
3889
+ # @!attribute [rw] subnet_ids
3890
+ # A list of VPC subnet IDs.
3891
+ # @return [Array<String>]
3892
+ #
3893
+ # @!attribute [rw] vpc_id
3894
+ # The ID of the VPC.
3895
+ # @return [String]
3896
+ #
3897
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaVpcConfig AWS API Documentation
3898
+ #
3899
+ class LambdaVpcConfig < Struct.new(
3900
+ :security_group_ids,
3901
+ :subnet_ids,
3902
+ :vpc_id)
3903
+ SENSITIVE = []
3904
+ include Aws::Structure
3905
+ end
3906
+
3907
+ # @note When making an API call, you may pass ListAccountPermissionsRequest
3908
+ # data as a hash:
3909
+ #
3910
+ # {
3911
+ # max_results: 1,
3912
+ # next_token: "NextToken",
3913
+ # service: "EC2", # accepts EC2, ECR, LAMBDA
3914
+ # }
3915
+ #
3916
+ # @!attribute [rw] max_results
3917
+ # The maximum number of results to return in the response.
3918
+ # @return [Integer]
3919
+ #
3920
+ # @!attribute [rw] next_token
3921
+ # A token to use for paginating results that are returned in the
3922
+ # response. Set the value of this parameter to null for the first
3923
+ # request to a list action. For subsequent calls, use the `NextToken`
3924
+ # value returned from the previous request to continue listing results
3925
+ # after the first page.
3926
+ # @return [String]
3927
+ #
3928
+ # @!attribute [rw] service
3929
+ # The service scan type to check permissions for.
3930
+ # @return [String]
3931
+ #
3932
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ListAccountPermissionsRequest AWS API Documentation
3933
+ #
3934
+ class ListAccountPermissionsRequest < Struct.new(
3935
+ :max_results,
3936
+ :next_token,
3937
+ :service)
3938
+ SENSITIVE = []
3939
+ include Aws::Structure
3940
+ end
3941
+
3942
+ # @!attribute [rw] next_token
3943
+ # A token to use for paginating results that are returned in the
3944
+ # response. Set the value of this parameter to null for the first
3945
+ # request to a list action. For subsequent calls, use the `NextToken`
3946
+ # value returned from the previous request to continue listing results
3947
+ # after the first page.
3335
3948
  # @return [String]
3336
3949
  #
3337
3950
  # @!attribute [rw] permissions
@@ -3378,6 +3991,25 @@ module Aws::Inspector2
3378
3991
  # value: "CoverageStringInput", # required
3379
3992
  # },
3380
3993
  # ],
3994
+ # lambda_function_name: [
3995
+ # {
3996
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
3997
+ # value: "CoverageStringInput", # required
3998
+ # },
3999
+ # ],
4000
+ # lambda_function_runtime: [
4001
+ # {
4002
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4003
+ # value: "CoverageStringInput", # required
4004
+ # },
4005
+ # ],
4006
+ # lambda_function_tags: [
4007
+ # {
4008
+ # comparison: "EQUALS", # required, accepts EQUALS
4009
+ # key: "NonEmptyString", # required
4010
+ # value: "NonEmptyString",
4011
+ # },
4012
+ # ],
3381
4013
  # resource_id: [
3382
4014
  # {
3383
4015
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -3492,6 +4124,25 @@ module Aws::Inspector2
3492
4124
  # value: "CoverageStringInput", # required
3493
4125
  # },
3494
4126
  # ],
4127
+ # lambda_function_name: [
4128
+ # {
4129
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4130
+ # value: "CoverageStringInput", # required
4131
+ # },
4132
+ # ],
4133
+ # lambda_function_runtime: [
4134
+ # {
4135
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4136
+ # value: "CoverageStringInput", # required
4137
+ # },
4138
+ # ],
4139
+ # lambda_function_tags: [
4140
+ # {
4141
+ # comparison: "EQUALS", # required, accepts EQUALS
4142
+ # key: "NonEmptyString", # required
4143
+ # value: "NonEmptyString",
4144
+ # },
4145
+ # ],
3495
4146
  # resource_id: [
3496
4147
  # {
3497
4148
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -3706,7 +4357,7 @@ module Aws::Inspector2
3706
4357
  # aggregation_request: {
3707
4358
  # account_aggregation: {
3708
4359
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
3709
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4360
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3710
4361
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3711
4362
  # sort_order: "ASC", # accepts ASC, DESC
3712
4363
  # },
@@ -3785,7 +4436,7 @@ module Aws::Inspector2
3785
4436
  # },
3786
4437
  # finding_type_aggregation: {
3787
4438
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
3788
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4439
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3789
4440
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3790
4441
  # sort_order: "ASC", # accepts ASC, DESC
3791
4442
  # },
@@ -3811,6 +4462,57 @@ module Aws::Inspector2
3811
4462
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3812
4463
  # sort_order: "ASC", # accepts ASC, DESC
3813
4464
  # },
4465
+ # lambda_function_aggregation: {
4466
+ # function_names: [
4467
+ # {
4468
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4469
+ # value: "StringInput", # required
4470
+ # },
4471
+ # ],
4472
+ # function_tags: [
4473
+ # {
4474
+ # comparison: "EQUALS", # required, accepts EQUALS
4475
+ # key: "MapKey", # required
4476
+ # value: "MapValue",
4477
+ # },
4478
+ # ],
4479
+ # resource_ids: [
4480
+ # {
4481
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4482
+ # value: "StringInput", # required
4483
+ # },
4484
+ # ],
4485
+ # runtimes: [
4486
+ # {
4487
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4488
+ # value: "StringInput", # required
4489
+ # },
4490
+ # ],
4491
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
4492
+ # sort_order: "ASC", # accepts ASC, DESC
4493
+ # },
4494
+ # lambda_layer_aggregation: {
4495
+ # function_names: [
4496
+ # {
4497
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4498
+ # value: "StringInput", # required
4499
+ # },
4500
+ # ],
4501
+ # layer_arns: [
4502
+ # {
4503
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4504
+ # value: "StringInput", # required
4505
+ # },
4506
+ # ],
4507
+ # resource_ids: [
4508
+ # {
4509
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4510
+ # value: "StringInput", # required
4511
+ # },
4512
+ # ],
4513
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
4514
+ # sort_order: "ASC", # accepts ASC, DESC
4515
+ # },
3814
4516
  # package_aggregation: {
3815
4517
  # package_names: [
3816
4518
  # {
@@ -3832,7 +4534,7 @@ module Aws::Inspector2
3832
4534
  # sort_order: "ASC", # accepts ASC, DESC
3833
4535
  # },
3834
4536
  # title_aggregation: {
3835
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4537
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3836
4538
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3837
4539
  # sort_order: "ASC", # accepts ASC, DESC
3838
4540
  # titles: [
@@ -3849,7 +4551,7 @@ module Aws::Inspector2
3849
4551
  # ],
3850
4552
  # },
3851
4553
  # },
3852
- # aggregation_type: "FINDING_TYPE", # required, accepts FINDING_TYPE, PACKAGE, TITLE, REPOSITORY, AMI, AWS_EC2_INSTANCE, AWS_ECR_CONTAINER, IMAGE_LAYER, ACCOUNT
4554
+ # aggregation_type: "FINDING_TYPE", # required, accepts FINDING_TYPE, PACKAGE, TITLE, REPOSITORY, AMI, AWS_EC2_INSTANCE, AWS_ECR_CONTAINER, IMAGE_LAYER, ACCOUNT, AWS_LAMBDA_FUNCTION, LAMBDA_LAYER
3853
4555
  # max_results: 1,
3854
4556
  # next_token: "NextToken",
3855
4557
  # }
@@ -3995,6 +4697,12 @@ module Aws::Inspector2
3995
4697
  # value: "StringInput", # required
3996
4698
  # },
3997
4699
  # ],
4700
+ # exploit_available: [
4701
+ # {
4702
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4703
+ # value: "StringInput", # required
4704
+ # },
4705
+ # ],
3998
4706
  # finding_arn: [
3999
4707
  # {
4000
4708
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -4031,6 +4739,36 @@ module Aws::Inspector2
4031
4739
  # upper_inclusive: 1.0,
4032
4740
  # },
4033
4741
  # ],
4742
+ # lambda_function_execution_role_arn: [
4743
+ # {
4744
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4745
+ # value: "StringInput", # required
4746
+ # },
4747
+ # ],
4748
+ # lambda_function_last_modified_at: [
4749
+ # {
4750
+ # end_inclusive: Time.now,
4751
+ # start_inclusive: Time.now,
4752
+ # },
4753
+ # ],
4754
+ # lambda_function_layers: [
4755
+ # {
4756
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4757
+ # value: "StringInput", # required
4758
+ # },
4759
+ # ],
4760
+ # lambda_function_name: [
4761
+ # {
4762
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4763
+ # value: "StringInput", # required
4764
+ # },
4765
+ # ],
4766
+ # lambda_function_runtime: [
4767
+ # {
4768
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4769
+ # value: "StringInput", # required
4770
+ # },
4771
+ # ],
4034
4772
  # last_observed_at: [
4035
4773
  # {
4036
4774
  # end_inclusive: Time.now,
@@ -4128,6 +4866,10 @@ module Aws::Inspector2
4128
4866
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4129
4867
  # value: "StringInput", # required
4130
4868
  # },
4869
+ # source_lambda_layer_arn: {
4870
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4871
+ # value: "StringInput", # required
4872
+ # },
4131
4873
  # source_layer_hash: {
4132
4874
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4133
4875
  # value: "StringInput", # required
@@ -4554,6 +5296,10 @@ module Aws::Inspector2
4554
5296
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4555
5297
  # value: "StringInput", # required
4556
5298
  # },
5299
+ # source_lambda_layer_arn: {
5300
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5301
+ # value: "StringInput", # required
5302
+ # },
4557
5303
  # source_layer_hash: {
4558
5304
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4559
5305
  # value: "StringInput", # required
@@ -4582,6 +5328,10 @@ module Aws::Inspector2
4582
5328
  # An object that contains details on the package release to filter on.
4583
5329
  # @return [Types::StringFilter]
4584
5330
  #
5331
+ # @!attribute [rw] source_lambda_layer_arn
5332
+ # An object that describes the details of a string filter.
5333
+ # @return [Types::StringFilter]
5334
+ #
4585
5335
  # @!attribute [rw] source_layer_hash
4586
5336
  # An object that contains details on the source layer hash to filter
4587
5337
  # on.
@@ -4598,6 +5348,7 @@ module Aws::Inspector2
4598
5348
  :epoch,
4599
5349
  :name,
4600
5350
  :release,
5351
+ :source_lambda_layer_arn,
4601
5352
  :source_layer_hash,
4602
5353
  :version)
4603
5354
  SENSITIVE = []
@@ -4889,11 +5640,17 @@ module Aws::Inspector2
4889
5640
  # involved in the finding.
4890
5641
  # @return [Types::AwsEcrContainerImageDetails]
4891
5642
  #
5643
+ # @!attribute [rw] aws_lambda_function
5644
+ # A summary of the information about an AWS Lambda function affected
5645
+ # by a finding.
5646
+ # @return [Types::AwsLambdaFunctionDetails]
5647
+ #
4892
5648
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceDetails AWS API Documentation
4893
5649
  #
4894
5650
  class ResourceDetails < Struct.new(
4895
5651
  :aws_ec2_instance,
4896
- :aws_ecr_container_image)
5652
+ :aws_ecr_container_image,
5653
+ :aws_lambda_function)
4897
5654
  SENSITIVE = []
4898
5655
  include Aws::Structure
4899
5656
  end
@@ -4929,12 +5686,17 @@ module Aws::Inspector2
4929
5686
  # image resides in.
4930
5687
  # @return [Types::EcrRepositoryMetadata]
4931
5688
  #
5689
+ # @!attribute [rw] lambda_function
5690
+ # An object that contains metadata details for an AWS Lambda function.
5691
+ # @return [Types::LambdaFunctionMetadata]
5692
+ #
4932
5693
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceScanMetadata AWS API Documentation
4933
5694
  #
4934
5695
  class ResourceScanMetadata < Struct.new(
4935
5696
  :ec2,
4936
5697
  :ecr_image,
4937
- :ecr_repository)
5698
+ :ecr_repository,
5699
+ :lambda_function)
4938
5700
  SENSITIVE = []
4939
5701
  include Aws::Structure
4940
5702
  end
@@ -4952,11 +5714,17 @@ module Aws::Inspector2
4952
5714
  # Amazon ECR resources.
4953
5715
  # @return [Types::State]
4954
5716
  #
5717
+ # @!attribute [rw] lambda
5718
+ # An object that described the state of Amazon Inspector scans for an
5719
+ # account.
5720
+ # @return [Types::State]
5721
+ #
4955
5722
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceState AWS API Documentation
4956
5723
  #
4957
5724
  class ResourceState < Struct.new(
4958
5725
  :ec2,
4959
- :ecr)
5726
+ :ecr,
5727
+ :lambda)
4960
5728
  SENSITIVE = []
4961
5729
  include Aws::Structure
4962
5730
  end
@@ -4972,11 +5740,17 @@ module Aws::Inspector2
4972
5740
  # The status of Amazon Inspector scanning for Amazon ECR resources.
4973
5741
  # @return [String]
4974
5742
  #
5743
+ # @!attribute [rw] lambda
5744
+ # The status of Amazon Inspector scanning for AWS Lambda function
5745
+ # resources.
5746
+ # @return [String]
5747
+ #
4975
5748
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceStatus AWS API Documentation
4976
5749
  #
4977
5750
  class ResourceStatus < Struct.new(
4978
5751
  :ec2,
4979
- :ecr)
5752
+ :ecr,
5753
+ :lambda)
4980
5754
  SENSITIVE = []
4981
5755
  include Aws::Structure
4982
5756
  end
@@ -5133,7 +5907,7 @@ module Aws::Inspector2
5133
5907
  # }
5134
5908
  #
5135
5909
  # @!attribute [rw] comparison
5136
- # The operator to use when comparing values in the filter
5910
+ # The operator to use when comparing values in the filter.
5137
5911
  # @return [String]
5138
5912
  #
5139
5913
  # @!attribute [rw] value
@@ -5185,10 +5959,15 @@ module Aws::Inspector2
5185
5959
  # @!attribute [rw] message
5186
5960
  # @return [String]
5187
5961
  #
5962
+ # @!attribute [rw] retry_after_seconds
5963
+ # The number of seconds to wait before retrying the request.
5964
+ # @return [Integer]
5965
+ #
5188
5966
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ThrottlingException AWS API Documentation
5189
5967
  #
5190
5968
  class ThrottlingException < Struct.new(
5191
- :message)
5969
+ :message,
5970
+ :retry_after_seconds)
5192
5971
  SENSITIVE = []
5193
5972
  include Aws::Structure
5194
5973
  end
@@ -5199,7 +5978,7 @@ module Aws::Inspector2
5199
5978
  # data as a hash:
5200
5979
  #
5201
5980
  # {
5202
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
5981
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
5203
5982
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
5204
5983
  # sort_order: "ASC", # accepts ASC, DESC
5205
5984
  # titles: [
@@ -5414,6 +6193,12 @@ module Aws::Inspector2
5414
6193
  # value: "StringInput", # required
5415
6194
  # },
5416
6195
  # ],
6196
+ # exploit_available: [
6197
+ # {
6198
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6199
+ # value: "StringInput", # required
6200
+ # },
6201
+ # ],
5417
6202
  # finding_arn: [
5418
6203
  # {
5419
6204
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -5450,6 +6235,36 @@ module Aws::Inspector2
5450
6235
  # upper_inclusive: 1.0,
5451
6236
  # },
5452
6237
  # ],
6238
+ # lambda_function_execution_role_arn: [
6239
+ # {
6240
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6241
+ # value: "StringInput", # required
6242
+ # },
6243
+ # ],
6244
+ # lambda_function_last_modified_at: [
6245
+ # {
6246
+ # end_inclusive: Time.now,
6247
+ # start_inclusive: Time.now,
6248
+ # },
6249
+ # ],
6250
+ # lambda_function_layers: [
6251
+ # {
6252
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6253
+ # value: "StringInput", # required
6254
+ # },
6255
+ # ],
6256
+ # lambda_function_name: [
6257
+ # {
6258
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6259
+ # value: "StringInput", # required
6260
+ # },
6261
+ # ],
6262
+ # lambda_function_runtime: [
6263
+ # {
6264
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6265
+ # value: "StringInput", # required
6266
+ # },
6267
+ # ],
5453
6268
  # last_observed_at: [
5454
6269
  # {
5455
6270
  # end_inclusive: Time.now,
@@ -5547,6 +6362,10 @@ module Aws::Inspector2
5547
6362
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5548
6363
  # value: "StringInput", # required
5549
6364
  # },
6365
+ # source_lambda_layer_arn: {
6366
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6367
+ # value: "StringInput", # required
6368
+ # },
5550
6369
  # source_layer_hash: {
5551
6370
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5552
6371
  # value: "StringInput", # required
@@ -5619,6 +6438,7 @@ module Aws::Inspector2
5619
6438
  # auto_enable: { # required
5620
6439
  # ec2: false, # required
5621
6440
  # ecr: false, # required
6441
+ # lambda: false,
5622
6442
  # },
5623
6443
  # }
5624
6444
  #
@@ -5775,6 +6595,11 @@ module Aws::Inspector2
5775
6595
  # available.
5776
6596
  # @return [String]
5777
6597
  #
6598
+ # @!attribute [rw] source_lambda_layer_arn
6599
+ # The Amazon Resource Number (ARN) of the AWS Lambda function affected
6600
+ # by a finding.
6601
+ # @return [String]
6602
+ #
5778
6603
  # @!attribute [rw] source_layer_hash
5779
6604
  # The source layer hash of the vulnerable package.
5780
6605
  # @return [String]
@@ -5794,6 +6619,7 @@ module Aws::Inspector2
5794
6619
  :package_manager,
5795
6620
  :release,
5796
6621
  :remediation,
6622
+ :source_lambda_layer_arn,
5797
6623
  :source_layer_hash,
5798
6624
  :version)
5799
6625
  SENSITIVE = []