aws-sdk-inspector2 1.7.0 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-inspector2/client.rb +360 -16
  5. data/lib/aws-sdk-inspector2/client_api.rb +154 -34
  6. data/lib/aws-sdk-inspector2/errors.rb +13 -0
  7. data/lib/aws-sdk-inspector2/types.rb +873 -47
  8. data/lib/aws-sdk-inspector2.rb +1 -1
  9. metadata +2 -2
data/lib/aws-sdk-inspector2/types.rb CHANGED
@@ -56,7 +56,7 @@ module Aws::Inspector2
56
56
  #
57
57
  # {
58
58
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
59
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
59
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
60
60
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
61
61
  # sort_order: "ASC", # accepts ASC, DESC
62
62
  # }
@@ -108,7 +108,7 @@ module Aws::Inspector2
108
108
  end
109
109
 
110
110
  # An object with details the status of an Amazon Web Services account
111
- # within your Amazon Inspector environment
111
+ # within your Amazon Inspector environment.
112
112
  #
113
113
  # @!attribute [rw] account_id
114
114
  # The Amazon Web Services account ID.
@@ -167,6 +167,14 @@ module Aws::Inspector2
167
167
  # on container image layers.
168
168
  # @return [Types::ImageLayerAggregation]
169
169
  #
170
+ # @!attribute [rw] lambda_function_aggregation
171
+ # Returns an object with findings aggregated by AWS Lambda function.
172
+ # @return [Types::LambdaFunctionAggregation]
173
+ #
174
+ # @!attribute [rw] lambda_layer_aggregation
175
+ # Returns an object with findings aggregated by AWS Lambda layer.
176
+ # @return [Types::LambdaLayerAggregation]
177
+ #
170
178
  # @!attribute [rw] package_aggregation
171
179
  # An object that contains details about an aggregation request based
172
180
  # on operating system package type.
@@ -191,6 +199,8 @@ module Aws::Inspector2
191
199
  :ec2_instance_aggregation,
192
200
  :finding_type_aggregation,
193
201
  :image_layer_aggregation,
202
+ :lambda_function_aggregation,
203
+ :lambda_layer_aggregation,
194
204
  :package_aggregation,
195
205
  :repository_aggregation,
196
206
  :title_aggregation,
@@ -205,6 +215,8 @@ module Aws::Inspector2
205
215
  class Ec2InstanceAggregation < AggregationRequest; end
206
216
  class FindingTypeAggregation < AggregationRequest; end
207
217
  class ImageLayerAggregation < AggregationRequest; end
218
+ class LambdaFunctionAggregation < AggregationRequest; end
219
+ class LambdaLayerAggregation < AggregationRequest; end
208
220
  class PackageAggregation < AggregationRequest; end
209
221
  class RepositoryAggregation < AggregationRequest; end
210
222
  class TitleAggregation < AggregationRequest; end
@@ -246,6 +258,14 @@ module Aws::Inspector2
246
258
  # on container image layers.
247
259
  # @return [Types::ImageLayerAggregationResponse]
248
260
  #
261
+ # @!attribute [rw] lambda_function_aggregation
262
+ # An aggregation of findings by AWS Lambda function.
263
+ # @return [Types::LambdaFunctionAggregationResponse]
264
+ #
265
+ # @!attribute [rw] lambda_layer_aggregation
266
+ # An aggregation of findings by AWS Lambda layer.
267
+ # @return [Types::LambdaLayerAggregationResponse]
268
+ #
249
269
  # @!attribute [rw] package_aggregation
250
270
  # An object that contains details about an aggregation response based
251
271
  # on operating system package type.
@@ -270,6 +290,8 @@ module Aws::Inspector2
270
290
  :ec2_instance_aggregation,
271
291
  :finding_type_aggregation,
272
292
  :image_layer_aggregation,
293
+ :lambda_function_aggregation,
294
+ :lambda_layer_aggregation,
273
295
  :package_aggregation,
274
296
  :repository_aggregation,
275
297
  :title_aggregation,
@@ -284,6 +306,8 @@ module Aws::Inspector2
284
306
  class Ec2InstanceAggregation < AggregationResponse; end
285
307
  class FindingTypeAggregation < AggregationResponse; end
286
308
  class ImageLayerAggregation < AggregationResponse; end
309
+ class LambdaFunctionAggregation < AggregationResponse; end
310
+ class LambdaLayerAggregation < AggregationResponse; end
287
311
  class PackageAggregation < AggregationResponse; end
288
312
  class RepositoryAggregation < AggregationResponse; end
289
313
  class TitleAggregation < AggregationResponse; end
@@ -332,7 +356,7 @@ module Aws::Inspector2
332
356
  # A response that contains the results of a finding aggregation by AMI.
333
357
  #
334
358
  # @!attribute [rw] account_id
335
- # The Amazon Web Services account ID that the AMI belongs.
359
+ # The Amazon Web Services account ID for the AMI.
336
360
  # @return [String]
337
361
  #
338
362
  # @!attribute [rw] affected_instances
@@ -400,6 +424,7 @@ module Aws::Inspector2
400
424
  # {
401
425
  # ec2: false, # required
402
426
  # ecr: false, # required
427
+ # lambda: false,
403
428
  # }
404
429
  #
405
430
  # @!attribute [rw] ec2
@@ -412,11 +437,17 @@ module Aws::Inspector2
412
437
  # new members of your Amazon Inspector organization.
413
438
  # @return [Boolean]
414
439
  #
440
+ # @!attribute [rw] lambda
441
+ # Represents whether AWS Lambda scans are automatically enabled for
442
+ # new members of your Amazon Inspector organization.
443
+ # @return [Boolean]
444
+ #
415
445
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/AutoEnable AWS API Documentation
416
446
  #
417
447
  class AutoEnable < Struct.new(
418
448
  :ec2,
419
- :ecr)
449
+ :ecr,
450
+ :lambda)
420
451
  SENSITIVE = []
421
452
  include Aws::Structure
422
453
  end
@@ -634,7 +665,7 @@ module Aws::Inspector2
634
665
  # @return [Time]
635
666
  #
636
667
  # @!attribute [rw] registry
637
- # The registry the Amazon ECR container image belongs to.
668
+ # The registry for the Amazon ECR container image.
638
669
  # @return [String]
639
670
  #
640
671
  # @!attribute [rw] repository_name
@@ -657,6 +688,78 @@ module Aws::Inspector2
657
688
  include Aws::Structure
658
689
  end
659
690
 
691
+ # A summary of information about the AWS Lambda function.
692
+ #
693
+ # @!attribute [rw] architectures
694
+ # The instruction set architecture that the AWS Lambda function
695
+ # supports. Architecture is a string array with one of the valid
696
+ # values. The default architecture value is `x86_64`.
697
+ # @return [Array<String>]
698
+ #
699
+ # @!attribute [rw] code_sha_256
700
+ # The SHA256 hash of the AWS Lambda function's deployment package.
701
+ # @return [String]
702
+ #
703
+ # @!attribute [rw] execution_role_arn
704
+ # The AWS Lambda function's execution role.
705
+ # @return [String]
706
+ #
707
+ # @!attribute [rw] function_name
708
+ # The name of the AWS Lambda function.
709
+ # @return [String]
710
+ #
711
+ # @!attribute [rw] last_modified_at
712
+ # The date and time that a user last updated the configuration, in
713
+ # [ISO 8601 format][1]
714
+ #
715
+ #
716
+ #
717
+ # [1]: https://www.iso.org/iso-8601-date-and-time-format.html
718
+ # @return [Time]
719
+ #
720
+ # @!attribute [rw] layers
721
+ # The AWS Lambda function's [ layers][1]. A Lambda function can have
722
+ # up to five layers.
723
+ #
724
+ #
725
+ #
726
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
727
+ # @return [Array<String>]
728
+ #
729
+ # @!attribute [rw] package_type
730
+ # The type of deployment package. Set to `Image` for container image
731
+ # and set `Zip` for .zip file archive.
732
+ # @return [String]
733
+ #
734
+ # @!attribute [rw] runtime
735
+ # The runtime environment for the AWS Lambda function.
736
+ # @return [String]
737
+ #
738
+ # @!attribute [rw] version
739
+ # The version of the AWS Lambda function.
740
+ # @return [String]
741
+ #
742
+ # @!attribute [rw] vpc_config
743
+ # The AWS Lambda function's networking configuration.
744
+ # @return [Types::LambdaVpcConfig]
745
+ #
746
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/AwsLambdaFunctionDetails AWS API Documentation
747
+ #
748
+ class AwsLambdaFunctionDetails < Struct.new(
749
+ :architectures,
750
+ :code_sha_256,
751
+ :execution_role_arn,
752
+ :function_name,
753
+ :last_modified_at,
754
+ :layers,
755
+ :package_type,
756
+ :runtime,
757
+ :version,
758
+ :vpc_config)
759
+ SENSITIVE = []
760
+ include Aws::Structure
761
+ end
762
+
660
763
  # One or more tags submitted as part of the request is not valid.
661
764
  #
662
765
  # @!attribute [rw] message
@@ -853,6 +956,25 @@ module Aws::Inspector2
853
956
  # value: "CoverageStringInput", # required
854
957
  # },
855
958
  # ],
959
+ # lambda_function_name: [
960
+ # {
961
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
962
+ # value: "CoverageStringInput", # required
963
+ # },
964
+ # ],
965
+ # lambda_function_runtime: [
966
+ # {
967
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
968
+ # value: "CoverageStringInput", # required
969
+ # },
970
+ # ],
971
+ # lambda_function_tags: [
972
+ # {
973
+ # comparison: "EQUALS", # required, accepts EQUALS
974
+ # key: "NonEmptyString", # required
975
+ # value: "NonEmptyString",
976
+ # },
977
+ # ],
856
978
  # resource_id: [
857
979
  # {
858
980
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -902,6 +1024,21 @@ module Aws::Inspector2
902
1024
  # The Amazon ECR repository name to filter on.
903
1025
  # @return [Array<Types::CoverageStringFilter>]
904
1026
  #
1027
+ # @!attribute [rw] lambda_function_name
1028
+ # Returns coverage statistics for AWS Lambda functions filtered by
1029
+ # function names.
1030
+ # @return [Array<Types::CoverageStringFilter>]
1031
+ #
1032
+ # @!attribute [rw] lambda_function_runtime
1033
+ # Returns coverage statistics for AWS Lambda functions filtered by
1034
+ # runtime.
1035
+ # @return [Array<Types::CoverageStringFilter>]
1036
+ #
1037
+ # @!attribute [rw] lambda_function_tags
1038
+ # Returns coverage statistics for AWS Lambda functions filtered by
1039
+ # tag.
1040
+ # @return [Array<Types::CoverageMapFilter>]
1041
+ #
905
1042
  # @!attribute [rw] resource_id
906
1043
  # An array of Amazon Web Services resource IDs to return coverage
907
1044
  # statistics for.
@@ -933,6 +1070,9 @@ module Aws::Inspector2
933
1070
  :ec2_instance_tags,
934
1071
  :ecr_image_tags,
935
1072
  :ecr_repository_name,
1073
+ :lambda_function_name,
1074
+ :lambda_function_runtime,
1075
+ :lambda_function_tags,
936
1076
  :resource_id,
937
1077
  :resource_type,
938
1078
  :scan_status_code,
@@ -1121,6 +1261,12 @@ module Aws::Inspector2
1121
1261
  # value: "StringInput", # required
1122
1262
  # },
1123
1263
  # ],
1264
+ # exploit_available: [
1265
+ # {
1266
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1267
+ # value: "StringInput", # required
1268
+ # },
1269
+ # ],
1124
1270
  # finding_arn: [
1125
1271
  # {
1126
1272
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -1157,6 +1303,36 @@ module Aws::Inspector2
1157
1303
  # upper_inclusive: 1.0,
1158
1304
  # },
1159
1305
  # ],
1306
+ # lambda_function_execution_role_arn: [
1307
+ # {
1308
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1309
+ # value: "StringInput", # required
1310
+ # },
1311
+ # ],
1312
+ # lambda_function_last_modified_at: [
1313
+ # {
1314
+ # end_inclusive: Time.now,
1315
+ # start_inclusive: Time.now,
1316
+ # },
1317
+ # ],
1318
+ # lambda_function_layers: [
1319
+ # {
1320
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1321
+ # value: "StringInput", # required
1322
+ # },
1323
+ # ],
1324
+ # lambda_function_name: [
1325
+ # {
1326
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1327
+ # value: "StringInput", # required
1328
+ # },
1329
+ # ],
1330
+ # lambda_function_runtime: [
1331
+ # {
1332
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1333
+ # value: "StringInput", # required
1334
+ # },
1335
+ # ],
1160
1336
  # last_observed_at: [
1161
1337
  # {
1162
1338
  # end_inclusive: Time.now,
@@ -1254,6 +1430,10 @@ module Aws::Inspector2
1254
1430
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1255
1431
  # value: "StringInput", # required
1256
1432
  # },
1433
+ # source_lambda_layer_arn: {
1434
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1435
+ # value: "StringInput", # required
1436
+ # },
1257
1437
  # source_layer_hash: {
1258
1438
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1259
1439
  # value: "StringInput", # required
@@ -1401,6 +1581,12 @@ module Aws::Inspector2
1401
1581
  # value: "StringInput", # required
1402
1582
  # },
1403
1583
  # ],
1584
+ # exploit_available: [
1585
+ # {
1586
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1587
+ # value: "StringInput", # required
1588
+ # },
1589
+ # ],
1404
1590
  # finding_arn: [
1405
1591
  # {
1406
1592
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -1437,6 +1623,36 @@ module Aws::Inspector2
1437
1623
  # upper_inclusive: 1.0,
1438
1624
  # },
1439
1625
  # ],
1626
+ # lambda_function_execution_role_arn: [
1627
+ # {
1628
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1629
+ # value: "StringInput", # required
1630
+ # },
1631
+ # ],
1632
+ # lambda_function_last_modified_at: [
1633
+ # {
1634
+ # end_inclusive: Time.now,
1635
+ # start_inclusive: Time.now,
1636
+ # },
1637
+ # ],
1638
+ # lambda_function_layers: [
1639
+ # {
1640
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1641
+ # value: "StringInput", # required
1642
+ # },
1643
+ # ],
1644
+ # lambda_function_name: [
1645
+ # {
1646
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1647
+ # value: "StringInput", # required
1648
+ # },
1649
+ # ],
1650
+ # lambda_function_runtime: [
1651
+ # {
1652
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1653
+ # value: "StringInput", # required
1654
+ # },
1655
+ # ],
1440
1656
  # last_observed_at: [
1441
1657
  # {
1442
1658
  # end_inclusive: Time.now,
@@ -1534,6 +1750,10 @@ module Aws::Inspector2
1534
1750
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1535
1751
  # value: "StringInput", # required
1536
1752
  # },
1753
+ # source_lambda_layer_arn: {
1754
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1755
+ # value: "StringInput", # required
1756
+ # },
1537
1757
  # source_layer_hash: {
1538
1758
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
1539
1759
  # value: "StringInput", # required
@@ -1874,7 +2094,7 @@ module Aws::Inspector2
1874
2094
  #
1875
2095
  # {
1876
2096
  # account_ids: ["AccountId"],
1877
- # resource_types: ["EC2"], # accepts EC2, ECR
2097
+ # resource_types: ["EC2"], # accepts EC2, ECR, LAMBDA
1878
2098
  # }
1879
2099
  #
1880
2100
  # @!attribute [rw] account_ids
@@ -2026,7 +2246,7 @@ module Aws::Inspector2
2026
2246
  # Amazon EC2 instance.
2027
2247
  #
2028
2248
  # @!attribute [rw] account_id
2029
- # The Amazon Web Services account the Amazon EC2 instance belongs to.
2249
+ # The Amazon Web Services account for the Amazon EC2 instance.
2030
2250
  # @return [String]
2031
2251
  #
2032
2252
  # @!attribute [rw] ami
@@ -2093,7 +2313,7 @@ module Aws::Inspector2
2093
2313
  end
2094
2314
 
2095
2315
  # Details about the ECR automated re-scan duration setting for your
2096
- # environment
2316
+ # environment.
2097
2317
  #
2098
2318
  # @note When making an API call, you may pass EcrConfiguration
2099
2319
  # data as a hash:
@@ -2246,7 +2466,7 @@ module Aws::Inspector2
2246
2466
  # {
2247
2467
  # account_ids: ["AccountId"],
2248
2468
  # client_token: "ClientToken",
2249
- # resource_types: ["EC2"], # required, accepts EC2, ECR
2469
+ # resource_types: ["EC2"], # required, accepts EC2, ECR, LAMBDA
2250
2470
  # }
2251
2471
  #
2252
2472
  # @!attribute [rw] account_ids
@@ -2293,6 +2513,22 @@ module Aws::Inspector2
2293
2513
  include Aws::Structure
2294
2514
  end
2295
2515
 
2516
+ # The details of an exploit available for a finding discovered in your
2517
+ # environment.
2518
+ #
2519
+ # @!attribute [rw] last_known_exploit_at
2520
+ # The date and time of the last exploit associated with a finding
2521
+ # discovered in your environment.
2522
+ # @return [Time]
2523
+ #
2524
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ExploitabilityDetails AWS API Documentation
2525
+ #
2526
+ class ExploitabilityDetails < Struct.new(
2527
+ :last_known_exploit_at)
2528
+ SENSITIVE = []
2529
+ include Aws::Structure
2530
+ end
2531
+
2296
2532
  # An object with details on why an account failed to enable Amazon
2297
2533
  # Inspector.
2298
2534
  #
@@ -2470,6 +2706,12 @@ module Aws::Inspector2
2470
2706
  # value: "StringInput", # required
2471
2707
  # },
2472
2708
  # ],
2709
+ # exploit_available: [
2710
+ # {
2711
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2712
+ # value: "StringInput", # required
2713
+ # },
2714
+ # ],
2473
2715
  # finding_arn: [
2474
2716
  # {
2475
2717
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -2506,6 +2748,36 @@ module Aws::Inspector2
2506
2748
  # upper_inclusive: 1.0,
2507
2749
  # },
2508
2750
  # ],
2751
+ # lambda_function_execution_role_arn: [
2752
+ # {
2753
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2754
+ # value: "StringInput", # required
2755
+ # },
2756
+ # ],
2757
+ # lambda_function_last_modified_at: [
2758
+ # {
2759
+ # end_inclusive: Time.now,
2760
+ # start_inclusive: Time.now,
2761
+ # },
2762
+ # ],
2763
+ # lambda_function_layers: [
2764
+ # {
2765
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2766
+ # value: "StringInput", # required
2767
+ # },
2768
+ # ],
2769
+ # lambda_function_name: [
2770
+ # {
2771
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2772
+ # value: "StringInput", # required
2773
+ # },
2774
+ # ],
2775
+ # lambda_function_runtime: [
2776
+ # {
2777
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2778
+ # value: "StringInput", # required
2779
+ # },
2780
+ # ],
2509
2781
  # last_observed_at: [
2510
2782
  # {
2511
2783
  # end_inclusive: Time.now,
@@ -2603,6 +2875,10 @@ module Aws::Inspector2
2603
2875
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2604
2876
  # value: "StringInput", # required
2605
2877
  # },
2878
+ # source_lambda_layer_arn: {
2879
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2880
+ # value: "StringInput", # required
2881
+ # },
2606
2882
  # source_layer_hash: {
2607
2883
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
2608
2884
  # value: "StringInput", # required
@@ -2669,6 +2945,11 @@ module Aws::Inspector2
2669
2945
  # The tags attached to the Amazon ECR container image.
2670
2946
  # @return [Array<Types::StringFilter>]
2671
2947
  #
2948
+ # @!attribute [rw] exploit_available
2949
+ # Filters the list of AWS Lambda findings by the availability of
2950
+ # exploits.
2951
+ # @return [Array<Types::StringFilter>]
2952
+ #
2672
2953
  # @!attribute [rw] finding_arn
2673
2954
  # Details on the finding ARNs used to filter findings.
2674
2955
  # @return [Array<Types::StringFilter>]
@@ -2697,6 +2978,38 @@ module Aws::Inspector2
2697
2978
  # The Amazon Inspector score to filter on.
2698
2979
  # @return [Array<Types::NumberFilter>]
2699
2980
  #
2981
+ # @!attribute [rw] lambda_function_execution_role_arn
2982
+ # Filters the list of AWS Lambda functions by execution role.
2983
+ # @return [Array<Types::StringFilter>]
2984
+ #
2985
+ # @!attribute [rw] lambda_function_last_modified_at
2986
+ # Filters the list of AWS Lambda functions by the date and time that a
2987
+ # user last updated the configuration, in [ISO 8601 format][1]
2988
+ #
2989
+ #
2990
+ #
2991
+ # [1]: https://www.iso.org/iso-8601-date-and-time-format.html
2992
+ # @return [Array<Types::DateFilter>]
2993
+ #
2994
+ # @!attribute [rw] lambda_function_layers
2995
+ # Filters the list of AWS Lambda functions by the function's [
2996
+ # layers][1]. A Lambda function can have up to five layers.
2997
+ #
2998
+ #
2999
+ #
3000
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html
3001
+ # @return [Array<Types::StringFilter>]
3002
+ #
3003
+ # @!attribute [rw] lambda_function_name
3004
+ # Filters the list of AWS Lambda functions by the name of the
3005
+ # function.
3006
+ # @return [Array<Types::StringFilter>]
3007
+ #
3008
+ # @!attribute [rw] lambda_function_runtime
3009
+ # Filters the list of AWS Lambda functions by the runtime environment
3010
+ # for the Lambda function.
3011
+ # @return [Array<Types::StringFilter>]
3012
+ #
2700
3013
  # @!attribute [rw] last_observed_at
2701
3014
  # Details on the date and time a finding was last seen used to filter
2702
3015
  # findings.
@@ -2770,12 +3083,18 @@ module Aws::Inspector2
2770
3083
  :ecr_image_registry,
2771
3084
  :ecr_image_repository_name,
2772
3085
  :ecr_image_tags,
3086
+ :exploit_available,
2773
3087
  :finding_arn,
2774
3088
  :finding_status,
2775
3089
  :finding_type,
2776
3090
  :first_observed_at,
2777
3091
  :fix_available,
2778
3092
  :inspector_score,
3093
+ :lambda_function_execution_role_arn,
3094
+ :lambda_function_last_modified_at,
3095
+ :lambda_function_layers,
3096
+ :lambda_function_name,
3097
+ :lambda_function_runtime,
2779
3098
  :last_observed_at,
2780
3099
  :network_protocol,
2781
3100
  :port_range,
@@ -2804,6 +3123,16 @@ module Aws::Inspector2
2804
3123
  # The description of the finding.
2805
3124
  # @return [String]
2806
3125
  #
3126
+ # @!attribute [rw] exploit_available
3127
+ # If a finding discovered in your environment has an exploit
3128
+ # available.
3129
+ # @return [String]
3130
+ #
3131
+ # @!attribute [rw] exploitability_details
3132
+ # The details of an exploit available for a finding discovered in your
3133
+ # environment.
3134
+ # @return [Types::ExploitabilityDetails]
3135
+ #
2807
3136
  # @!attribute [rw] finding_arn
2808
3137
  # The Amazon Resource Number (ARN) of the finding.
2809
3138
  # @return [String]
@@ -2875,6 +3204,8 @@ module Aws::Inspector2
2875
3204
  class Finding < Struct.new(
2876
3205
  :aws_account_id,
2877
3206
  :description,
3207
+ :exploit_available,
3208
+ :exploitability_details,
2878
3209
  :finding_arn,
2879
3210
  :first_observed_at,
2880
3211
  :fix_available,
@@ -2901,7 +3232,7 @@ module Aws::Inspector2
2901
3232
  #
2902
3233
  # {
2903
3234
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
2904
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
3235
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
2905
3236
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
2906
3237
  # sort_order: "ASC", # accepts ASC, DESC
2907
3238
  # }
@@ -3291,47 +3622,329 @@ module Aws::Inspector2
3291
3622
  include Aws::Structure
3292
3623
  end
3293
3624
 
3294
- # @note When making an API call, you may pass ListAccountPermissionsRequest
3625
+ # The details that define a findings aggregation based on AWS Lambda
3626
+ # functions.
3627
+ #
3628
+ # @note When making an API call, you may pass LambdaFunctionAggregation
3295
3629
  # data as a hash:
3296
3630
  #
3297
3631
  # {
3298
- # max_results: 1,
3299
- # next_token: "NextToken",
3300
- # service: "EC2", # accepts EC2, ECR
3632
+ # function_names: [
3633
+ # {
3634
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3635
+ # value: "StringInput", # required
3636
+ # },
3637
+ # ],
3638
+ # function_tags: [
3639
+ # {
3640
+ # comparison: "EQUALS", # required, accepts EQUALS
3641
+ # key: "MapKey", # required
3642
+ # value: "MapValue",
3643
+ # },
3644
+ # ],
3645
+ # resource_ids: [
3646
+ # {
3647
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3648
+ # value: "StringInput", # required
3649
+ # },
3650
+ # ],
3651
+ # runtimes: [
3652
+ # {
3653
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3654
+ # value: "StringInput", # required
3655
+ # },
3656
+ # ],
3657
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3658
+ # sort_order: "ASC", # accepts ASC, DESC
3301
3659
  # }
3302
3660
  #
3303
- # @!attribute [rw] max_results
3304
- # The maximum number of results to return in the response.
3305
- # @return [Integer]
3661
+ # @!attribute [rw] function_names
3662
+ # The AWS Lambda function names to include in the aggregation results.
3663
+ # @return [Array<Types::StringFilter>]
3306
3664
  #
3307
- # @!attribute [rw] next_token
3308
- # A token to use for paginating results that are returned in the
3309
- # response. Set the value of this parameter to null for the first
3310
- # request to a list action. For subsequent calls, use the `NextToken`
3311
- # value returned from the previous request to continue listing results
3312
- # after the first page.
3665
+ # @!attribute [rw] function_tags
3666
+ # The tags to include in the aggregation results.
3667
+ # @return [Array<Types::MapFilter>]
3668
+ #
3669
+ # @!attribute [rw] resource_ids
3670
+ # The resource IDs to include in the aggregation results.
3671
+ # @return [Array<Types::StringFilter>]
3672
+ #
3673
+ # @!attribute [rw] runtimes
3674
+ # Returns findings aggregated by AWS Lambda function runtime
3675
+ # environments.
3676
+ # @return [Array<Types::StringFilter>]
3677
+ #
3678
+ # @!attribute [rw] sort_by
3679
+ # The finding severity to use for sorting the results.
3313
3680
  # @return [String]
3314
3681
  #
3315
- # @!attribute [rw] service
3316
- # The service scan type to check permissions for.
3682
+ # @!attribute [rw] sort_order
3683
+ # The order to use for sorting the results.
3317
3684
  # @return [String]
3318
3685
  #
3319
- # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ListAccountPermissionsRequest AWS API Documentation
3686
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionAggregation AWS API Documentation
3320
3687
  #
3321
- class ListAccountPermissionsRequest < Struct.new(
3322
- :max_results,
3323
- :next_token,
3324
- :service)
3688
+ class LambdaFunctionAggregation < Struct.new(
3689
+ :function_names,
3690
+ :function_tags,
3691
+ :resource_ids,
3692
+ :runtimes,
3693
+ :sort_by,
3694
+ :sort_order)
3325
3695
  SENSITIVE = []
3326
3696
  include Aws::Structure
3327
3697
  end
3328
3698
 
3329
- # @!attribute [rw] next_token
3330
- # A token to use for paginating results that are returned in the
3331
- # response. Set the value of this parameter to null for the first
3332
- # request to a list action. For subsequent calls, use the `NextToken`
3333
- # value returned from the previous request to continue listing results
3334
- # after the first page.
3699
+ # A response that contains the results of an AWS Lambda function finding
3700
+ # aggregation.
3701
+ #
3702
+ # @!attribute [rw] account_id
3703
+ # The ID of the AWS account that owns the AWS Lambda function.
3704
+ # @return [String]
3705
+ #
3706
+ # @!attribute [rw] function_name
3707
+ # The AWS Lambda function names included in the aggregation results.
3708
+ # @return [String]
3709
+ #
3710
+ # @!attribute [rw] lambda_tags
3711
+ # The tags included in the aggregation results.
3712
+ # @return [Hash<String,String>]
3713
+ #
3714
+ # @!attribute [rw] last_modified_at
3715
+ # The date that the AWS Lambda function included in the aggregation
3716
+ # results was last changed.
3717
+ # @return [Time]
3718
+ #
3719
+ # @!attribute [rw] resource_id
3720
+ # The resource IDs included in the aggregation results.
3721
+ # @return [String]
3722
+ #
3723
+ # @!attribute [rw] runtime
3724
+ # The runtimes included in the aggregation results.
3725
+ # @return [String]
3726
+ #
3727
+ # @!attribute [rw] severity_counts
3728
+ # An object that contains the counts of aggregated finding per
3729
+ # severity.
3730
+ # @return [Types::SeverityCounts]
3731
+ #
3732
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionAggregationResponse AWS API Documentation
3733
+ #
3734
+ class LambdaFunctionAggregationResponse < Struct.new(
3735
+ :account_id,
3736
+ :function_name,
3737
+ :lambda_tags,
3738
+ :last_modified_at,
3739
+ :resource_id,
3740
+ :runtime,
3741
+ :severity_counts)
3742
+ SENSITIVE = []
3743
+ include Aws::Structure
3744
+ end
3745
+
3746
+ # The AWS Lambda function metadata.
3747
+ #
3748
+ # @!attribute [rw] function_name
3749
+ # The name of a function.
3750
+ # @return [String]
3751
+ #
3752
+ # @!attribute [rw] function_tags
3753
+ # The resource tags on an AWS Lambda function.
3754
+ # @return [Hash<String,String>]
3755
+ #
3756
+ # @!attribute [rw] layers
3757
+ # The layers for an AWS Lambda function. A Lambda function can have up
3758
+ # to five layers.
3759
+ # @return [Array<String>]
3760
+ #
3761
+ # @!attribute [rw] runtime
3762
+ # An AWS Lambda function's runtime.
3763
+ # @return [String]
3764
+ #
3765
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaFunctionMetadata AWS API Documentation
3766
+ #
3767
+ class LambdaFunctionMetadata < Struct.new(
3768
+ :function_name,
3769
+ :function_tags,
3770
+ :layers,
3771
+ :runtime)
3772
+ SENSITIVE = []
3773
+ include Aws::Structure
3774
+ end
3775
+
3776
+ # The details that define a findings aggregation based on an AWS Lambda
3777
+ # function's layers.
3778
+ #
3779
+ # @note When making an API call, you may pass LambdaLayerAggregation
3780
+ # data as a hash:
3781
+ #
3782
+ # {
3783
+ # function_names: [
3784
+ # {
3785
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3786
+ # value: "StringInput", # required
3787
+ # },
3788
+ # ],
3789
+ # layer_arns: [
3790
+ # {
3791
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3792
+ # value: "StringInput", # required
3793
+ # },
3794
+ # ],
3795
+ # resource_ids: [
3796
+ # {
3797
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
3798
+ # value: "StringInput", # required
3799
+ # },
3800
+ # ],
3801
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3802
+ # sort_order: "ASC", # accepts ASC, DESC
3803
+ # }
3804
+ #
3805
+ # @!attribute [rw] function_names
3806
+ # The names of the AWS Lambda functions associated with the layers.
3807
+ # @return [Array<Types::StringFilter>]
3808
+ #
3809
+ # @!attribute [rw] layer_arns
3810
+ # The Amazon Resource Name (ARN) of the AWS Lambda function layer.
3811
+ # @return [Array<Types::StringFilter>]
3812
+ #
3813
+ # @!attribute [rw] resource_ids
3814
+ # The resource IDs for the AWS Lambda function layers.
3815
+ # @return [Array<Types::StringFilter>]
3816
+ #
3817
+ # @!attribute [rw] sort_by
3818
+ # The finding severity to use for sorting the results.
3819
+ # @return [String]
3820
+ #
3821
+ # @!attribute [rw] sort_order
3822
+ # The order to use for sorting the results.
3823
+ # @return [String]
3824
+ #
3825
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaLayerAggregation AWS API Documentation
3826
+ #
3827
+ class LambdaLayerAggregation < Struct.new(
3828
+ :function_names,
3829
+ :layer_arns,
3830
+ :resource_ids,
3831
+ :sort_by,
3832
+ :sort_order)
3833
+ SENSITIVE = []
3834
+ include Aws::Structure
3835
+ end
3836
+
3837
+ # A response that contains the results of an AWS Lambda function layer
3838
+ # finding aggregation.
3839
+ #
3840
+ # @!attribute [rw] account_id
3841
+ # The account ID of the AWS Lambda function layer.
3842
+ # @return [String]
3843
+ #
3844
+ # @!attribute [rw] function_name
3845
+ # The names of the AWS Lambda functions associated with the layers.
3846
+ # @return [String]
3847
+ #
3848
+ # @!attribute [rw] layer_arn
3849
+ # The Amazon Resource Name (ARN) of the AWS Lambda function layer.
3850
+ # @return [String]
3851
+ #
3852
+ # @!attribute [rw] resource_id
3853
+ # The Resource ID of the AWS Lambda function layer.
3854
+ # @return [String]
3855
+ #
3856
+ # @!attribute [rw] severity_counts
3857
+ # An object that contains the counts of aggregated finding per
3858
+ # severity.
3859
+ # @return [Types::SeverityCounts]
3860
+ #
3861
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaLayerAggregationResponse AWS API Documentation
3862
+ #
3863
+ class LambdaLayerAggregationResponse < Struct.new(
3864
+ :account_id,
3865
+ :function_name,
3866
+ :layer_arn,
3867
+ :resource_id,
3868
+ :severity_counts)
3869
+ SENSITIVE = []
3870
+ include Aws::Structure
3871
+ end
3872
+
3873
+ # The VPC security groups and subnets that are attached to an AWS Lambda
3874
+ # function. For more information, see [VPC Settings][1].
3875
+ #
3876
+ #
3877
+ #
3878
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
3879
+ #
3880
+ # @!attribute [rw] security_group_ids
3881
+ # The VPC security groups and subnets that are attached to an AWS
3882
+ # Lambda function. For more information, see [VPC Settings][1].
3883
+ #
3884
+ #
3885
+ #
3886
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html
3887
+ # @return [Array<String>]
3888
+ #
3889
+ # @!attribute [rw] subnet_ids
3890
+ # A list of VPC subnet IDs.
3891
+ # @return [Array<String>]
3892
+ #
3893
+ # @!attribute [rw] vpc_id
3894
+ # The ID of the VPC.
3895
+ # @return [String]
3896
+ #
3897
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/LambdaVpcConfig AWS API Documentation
3898
+ #
3899
+ class LambdaVpcConfig < Struct.new(
3900
+ :security_group_ids,
3901
+ :subnet_ids,
3902
+ :vpc_id)
3903
+ SENSITIVE = []
3904
+ include Aws::Structure
3905
+ end
3906
+
3907
+ # @note When making an API call, you may pass ListAccountPermissionsRequest
3908
+ # data as a hash:
3909
+ #
3910
+ # {
3911
+ # max_results: 1,
3912
+ # next_token: "NextToken",
3913
+ # service: "EC2", # accepts EC2, ECR, LAMBDA
3914
+ # }
3915
+ #
3916
+ # @!attribute [rw] max_results
3917
+ # The maximum number of results to return in the response.
3918
+ # @return [Integer]
3919
+ #
3920
+ # @!attribute [rw] next_token
3921
+ # A token to use for paginating results that are returned in the
3922
+ # response. Set the value of this parameter to null for the first
3923
+ # request to a list action. For subsequent calls, use the `NextToken`
3924
+ # value returned from the previous request to continue listing results
3925
+ # after the first page.
3926
+ # @return [String]
3927
+ #
3928
+ # @!attribute [rw] service
3929
+ # The service scan type to check permissions for.
3930
+ # @return [String]
3931
+ #
3932
+ # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ListAccountPermissionsRequest AWS API Documentation
3933
+ #
3934
+ class ListAccountPermissionsRequest < Struct.new(
3935
+ :max_results,
3936
+ :next_token,
3937
+ :service)
3938
+ SENSITIVE = []
3939
+ include Aws::Structure
3940
+ end
3941
+
3942
+ # @!attribute [rw] next_token
3943
+ # A token to use for paginating results that are returned in the
3944
+ # response. Set the value of this parameter to null for the first
3945
+ # request to a list action. For subsequent calls, use the `NextToken`
3946
+ # value returned from the previous request to continue listing results
3947
+ # after the first page.
3335
3948
  # @return [String]
3336
3949
  #
3337
3950
  # @!attribute [rw] permissions
@@ -3378,6 +3991,25 @@ module Aws::Inspector2
3378
3991
  # value: "CoverageStringInput", # required
3379
3992
  # },
3380
3993
  # ],
3994
+ # lambda_function_name: [
3995
+ # {
3996
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
3997
+ # value: "CoverageStringInput", # required
3998
+ # },
3999
+ # ],
4000
+ # lambda_function_runtime: [
4001
+ # {
4002
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4003
+ # value: "CoverageStringInput", # required
4004
+ # },
4005
+ # ],
4006
+ # lambda_function_tags: [
4007
+ # {
4008
+ # comparison: "EQUALS", # required, accepts EQUALS
4009
+ # key: "NonEmptyString", # required
4010
+ # value: "NonEmptyString",
4011
+ # },
4012
+ # ],
3381
4013
  # resource_id: [
3382
4014
  # {
3383
4015
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -3492,6 +4124,25 @@ module Aws::Inspector2
3492
4124
  # value: "CoverageStringInput", # required
3493
4125
  # },
3494
4126
  # ],
4127
+ # lambda_function_name: [
4128
+ # {
4129
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4130
+ # value: "CoverageStringInput", # required
4131
+ # },
4132
+ # ],
4133
+ # lambda_function_runtime: [
4134
+ # {
4135
+ # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
4136
+ # value: "CoverageStringInput", # required
4137
+ # },
4138
+ # ],
4139
+ # lambda_function_tags: [
4140
+ # {
4141
+ # comparison: "EQUALS", # required, accepts EQUALS
4142
+ # key: "NonEmptyString", # required
4143
+ # value: "NonEmptyString",
4144
+ # },
4145
+ # ],
3495
4146
  # resource_id: [
3496
4147
  # {
3497
4148
  # comparison: "EQUALS", # required, accepts EQUALS, NOT_EQUALS
@@ -3706,7 +4357,7 @@ module Aws::Inspector2
3706
4357
  # aggregation_request: {
3707
4358
  # account_aggregation: {
3708
4359
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
3709
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4360
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3710
4361
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3711
4362
  # sort_order: "ASC", # accepts ASC, DESC
3712
4363
  # },
@@ -3785,7 +4436,7 @@ module Aws::Inspector2
3785
4436
  # },
3786
4437
  # finding_type_aggregation: {
3787
4438
  # finding_type: "NETWORK_REACHABILITY", # accepts NETWORK_REACHABILITY, PACKAGE_VULNERABILITY
3788
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4439
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3789
4440
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3790
4441
  # sort_order: "ASC", # accepts ASC, DESC
3791
4442
  # },
@@ -3811,6 +4462,57 @@ module Aws::Inspector2
3811
4462
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3812
4463
  # sort_order: "ASC", # accepts ASC, DESC
3813
4464
  # },
4465
+ # lambda_function_aggregation: {
4466
+ # function_names: [
4467
+ # {
4468
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4469
+ # value: "StringInput", # required
4470
+ # },
4471
+ # ],
4472
+ # function_tags: [
4473
+ # {
4474
+ # comparison: "EQUALS", # required, accepts EQUALS
4475
+ # key: "MapKey", # required
4476
+ # value: "MapValue",
4477
+ # },
4478
+ # ],
4479
+ # resource_ids: [
4480
+ # {
4481
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4482
+ # value: "StringInput", # required
4483
+ # },
4484
+ # ],
4485
+ # runtimes: [
4486
+ # {
4487
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4488
+ # value: "StringInput", # required
4489
+ # },
4490
+ # ],
4491
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
4492
+ # sort_order: "ASC", # accepts ASC, DESC
4493
+ # },
4494
+ # lambda_layer_aggregation: {
4495
+ # function_names: [
4496
+ # {
4497
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4498
+ # value: "StringInput", # required
4499
+ # },
4500
+ # ],
4501
+ # layer_arns: [
4502
+ # {
4503
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4504
+ # value: "StringInput", # required
4505
+ # },
4506
+ # ],
4507
+ # resource_ids: [
4508
+ # {
4509
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4510
+ # value: "StringInput", # required
4511
+ # },
4512
+ # ],
4513
+ # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
4514
+ # sort_order: "ASC", # accepts ASC, DESC
4515
+ # },
3814
4516
  # package_aggregation: {
3815
4517
  # package_names: [
3816
4518
  # {
@@ -3832,7 +4534,7 @@ module Aws::Inspector2
3832
4534
  # sort_order: "ASC", # accepts ASC, DESC
3833
4535
  # },
3834
4536
  # title_aggregation: {
3835
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
4537
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
3836
4538
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
3837
4539
  # sort_order: "ASC", # accepts ASC, DESC
3838
4540
  # titles: [
@@ -3849,7 +4551,7 @@ module Aws::Inspector2
3849
4551
  # ],
3850
4552
  # },
3851
4553
  # },
3852
- # aggregation_type: "FINDING_TYPE", # required, accepts FINDING_TYPE, PACKAGE, TITLE, REPOSITORY, AMI, AWS_EC2_INSTANCE, AWS_ECR_CONTAINER, IMAGE_LAYER, ACCOUNT
4554
+ # aggregation_type: "FINDING_TYPE", # required, accepts FINDING_TYPE, PACKAGE, TITLE, REPOSITORY, AMI, AWS_EC2_INSTANCE, AWS_ECR_CONTAINER, IMAGE_LAYER, ACCOUNT, AWS_LAMBDA_FUNCTION, LAMBDA_LAYER
3853
4555
  # max_results: 1,
3854
4556
  # next_token: "NextToken",
3855
4557
  # }
@@ -3995,6 +4697,12 @@ module Aws::Inspector2
3995
4697
  # value: "StringInput", # required
3996
4698
  # },
3997
4699
  # ],
4700
+ # exploit_available: [
4701
+ # {
4702
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4703
+ # value: "StringInput", # required
4704
+ # },
4705
+ # ],
3998
4706
  # finding_arn: [
3999
4707
  # {
4000
4708
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -4031,6 +4739,36 @@ module Aws::Inspector2
4031
4739
  # upper_inclusive: 1.0,
4032
4740
  # },
4033
4741
  # ],
4742
+ # lambda_function_execution_role_arn: [
4743
+ # {
4744
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4745
+ # value: "StringInput", # required
4746
+ # },
4747
+ # ],
4748
+ # lambda_function_last_modified_at: [
4749
+ # {
4750
+ # end_inclusive: Time.now,
4751
+ # start_inclusive: Time.now,
4752
+ # },
4753
+ # ],
4754
+ # lambda_function_layers: [
4755
+ # {
4756
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4757
+ # value: "StringInput", # required
4758
+ # },
4759
+ # ],
4760
+ # lambda_function_name: [
4761
+ # {
4762
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4763
+ # value: "StringInput", # required
4764
+ # },
4765
+ # ],
4766
+ # lambda_function_runtime: [
4767
+ # {
4768
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4769
+ # value: "StringInput", # required
4770
+ # },
4771
+ # ],
4034
4772
  # last_observed_at: [
4035
4773
  # {
4036
4774
  # end_inclusive: Time.now,
@@ -4128,6 +4866,10 @@ module Aws::Inspector2
4128
4866
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4129
4867
  # value: "StringInput", # required
4130
4868
  # },
4869
+ # source_lambda_layer_arn: {
4870
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4871
+ # value: "StringInput", # required
4872
+ # },
4131
4873
  # source_layer_hash: {
4132
4874
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4133
4875
  # value: "StringInput", # required
@@ -4554,6 +5296,10 @@ module Aws::Inspector2
4554
5296
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4555
5297
  # value: "StringInput", # required
4556
5298
  # },
5299
+ # source_lambda_layer_arn: {
5300
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5301
+ # value: "StringInput", # required
5302
+ # },
4557
5303
  # source_layer_hash: {
4558
5304
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
4559
5305
  # value: "StringInput", # required
@@ -4582,6 +5328,10 @@ module Aws::Inspector2
4582
5328
  # An object that contains details on the package release to filter on.
4583
5329
  # @return [Types::StringFilter]
4584
5330
  #
5331
+ # @!attribute [rw] source_lambda_layer_arn
5332
+ # An object that describes the details of a string filter.
5333
+ # @return [Types::StringFilter]
5334
+ #
4585
5335
  # @!attribute [rw] source_layer_hash
4586
5336
  # An object that contains details on the source layer hash to filter
4587
5337
  # on.
@@ -4598,6 +5348,7 @@ module Aws::Inspector2
4598
5348
  :epoch,
4599
5349
  :name,
4600
5350
  :release,
5351
+ :source_lambda_layer_arn,
4601
5352
  :source_layer_hash,
4602
5353
  :version)
4603
5354
  SENSITIVE = []
@@ -4889,11 +5640,17 @@ module Aws::Inspector2
4889
5640
  # involved in the finding.
4890
5641
  # @return [Types::AwsEcrContainerImageDetails]
4891
5642
  #
5643
+ # @!attribute [rw] aws_lambda_function
5644
+ # A summary of the information about an AWS Lambda function affected
5645
+ # by a finding.
5646
+ # @return [Types::AwsLambdaFunctionDetails]
5647
+ #
4892
5648
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceDetails AWS API Documentation
4893
5649
  #
4894
5650
  class ResourceDetails < Struct.new(
4895
5651
  :aws_ec2_instance,
4896
- :aws_ecr_container_image)
5652
+ :aws_ecr_container_image,
5653
+ :aws_lambda_function)
4897
5654
  SENSITIVE = []
4898
5655
  include Aws::Structure
4899
5656
  end
@@ -4929,12 +5686,17 @@ module Aws::Inspector2
4929
5686
  # image resides in.
4930
5687
  # @return [Types::EcrRepositoryMetadata]
4931
5688
  #
5689
+ # @!attribute [rw] lambda_function
5690
+ # An object that contains metadata details for an AWS Lambda function.
5691
+ # @return [Types::LambdaFunctionMetadata]
5692
+ #
4932
5693
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceScanMetadata AWS API Documentation
4933
5694
  #
4934
5695
  class ResourceScanMetadata < Struct.new(
4935
5696
  :ec2,
4936
5697
  :ecr_image,
4937
- :ecr_repository)
5698
+ :ecr_repository,
5699
+ :lambda_function)
4938
5700
  SENSITIVE = []
4939
5701
  include Aws::Structure
4940
5702
  end
@@ -4952,11 +5714,17 @@ module Aws::Inspector2
4952
5714
  # Amazon ECR resources.
4953
5715
  # @return [Types::State]
4954
5716
  #
5717
+ # @!attribute [rw] lambda
5718
+ # An object that described the state of Amazon Inspector scans for an
5719
+ # account.
5720
+ # @return [Types::State]
5721
+ #
4955
5722
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceState AWS API Documentation
4956
5723
  #
4957
5724
  class ResourceState < Struct.new(
4958
5725
  :ec2,
4959
- :ecr)
5726
+ :ecr,
5727
+ :lambda)
4960
5728
  SENSITIVE = []
4961
5729
  include Aws::Structure
4962
5730
  end
@@ -4972,11 +5740,17 @@ module Aws::Inspector2
4972
5740
  # The status of Amazon Inspector scanning for Amazon ECR resources.
4973
5741
  # @return [String]
4974
5742
  #
5743
+ # @!attribute [rw] lambda
5744
+ # The status of Amazon Inspector scanning for AWS Lambda function
5745
+ # resources.
5746
+ # @return [String]
5747
+ #
4975
5748
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ResourceStatus AWS API Documentation
4976
5749
  #
4977
5750
  class ResourceStatus < Struct.new(
4978
5751
  :ec2,
4979
- :ecr)
5752
+ :ecr,
5753
+ :lambda)
4980
5754
  SENSITIVE = []
4981
5755
  include Aws::Structure
4982
5756
  end
@@ -5133,7 +5907,7 @@ module Aws::Inspector2
5133
5907
  # }
5134
5908
  #
5135
5909
  # @!attribute [rw] comparison
5136
- # The operator to use when comparing values in the filter
5910
+ # The operator to use when comparing values in the filter.
5137
5911
  # @return [String]
5138
5912
  #
5139
5913
  # @!attribute [rw] value
@@ -5185,10 +5959,15 @@ module Aws::Inspector2
5185
5959
  # @!attribute [rw] message
5186
5960
  # @return [String]
5187
5961
  #
5962
+ # @!attribute [rw] retry_after_seconds
5963
+ # The number of seconds to wait before retrying the request.
5964
+ # @return [Integer]
5965
+ #
5188
5966
  # @see http://docs.aws.amazon.com/goto/WebAPI/inspector2-2020-06-08/ThrottlingException AWS API Documentation
5189
5967
  #
5190
5968
  class ThrottlingException < Struct.new(
5191
- :message)
5969
+ :message,
5970
+ :retry_after_seconds)
5192
5971
  SENSITIVE = []
5193
5972
  include Aws::Structure
5194
5973
  end
@@ -5199,7 +5978,7 @@ module Aws::Inspector2
5199
5978
  # data as a hash:
5200
5979
  #
5201
5980
  # {
5202
- # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE
5981
+ # resource_type: "AWS_EC2_INSTANCE", # accepts AWS_EC2_INSTANCE, AWS_ECR_CONTAINER_IMAGE, AWS_LAMBDA_FUNCTION
5203
5982
  # sort_by: "CRITICAL", # accepts CRITICAL, HIGH, ALL
5204
5983
  # sort_order: "ASC", # accepts ASC, DESC
5205
5984
  # titles: [
@@ -5414,6 +6193,12 @@ module Aws::Inspector2
5414
6193
  # value: "StringInput", # required
5415
6194
  # },
5416
6195
  # ],
6196
+ # exploit_available: [
6197
+ # {
6198
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6199
+ # value: "StringInput", # required
6200
+ # },
6201
+ # ],
5417
6202
  # finding_arn: [
5418
6203
  # {
5419
6204
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
@@ -5450,6 +6235,36 @@ module Aws::Inspector2
5450
6235
  # upper_inclusive: 1.0,
5451
6236
  # },
5452
6237
  # ],
6238
+ # lambda_function_execution_role_arn: [
6239
+ # {
6240
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6241
+ # value: "StringInput", # required
6242
+ # },
6243
+ # ],
6244
+ # lambda_function_last_modified_at: [
6245
+ # {
6246
+ # end_inclusive: Time.now,
6247
+ # start_inclusive: Time.now,
6248
+ # },
6249
+ # ],
6250
+ # lambda_function_layers: [
6251
+ # {
6252
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6253
+ # value: "StringInput", # required
6254
+ # },
6255
+ # ],
6256
+ # lambda_function_name: [
6257
+ # {
6258
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6259
+ # value: "StringInput", # required
6260
+ # },
6261
+ # ],
6262
+ # lambda_function_runtime: [
6263
+ # {
6264
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6265
+ # value: "StringInput", # required
6266
+ # },
6267
+ # ],
5453
6268
  # last_observed_at: [
5454
6269
  # {
5455
6270
  # end_inclusive: Time.now,
@@ -5547,6 +6362,10 @@ module Aws::Inspector2
5547
6362
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5548
6363
  # value: "StringInput", # required
5549
6364
  # },
6365
+ # source_lambda_layer_arn: {
6366
+ # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
6367
+ # value: "StringInput", # required
6368
+ # },
5550
6369
  # source_layer_hash: {
5551
6370
  # comparison: "EQUALS", # required, accepts EQUALS, PREFIX, NOT_EQUALS
5552
6371
  # value: "StringInput", # required
@@ -5619,6 +6438,7 @@ module Aws::Inspector2
5619
6438
  # auto_enable: { # required
5620
6439
  # ec2: false, # required
5621
6440
  # ecr: false, # required
6441
+ # lambda: false,
5622
6442
  # },
5623
6443
  # }
5624
6444
  #
@@ -5775,6 +6595,11 @@ module Aws::Inspector2
5775
6595
  # available.
5776
6596
  # @return [String]
5777
6597
  #
6598
+ # @!attribute [rw] source_lambda_layer_arn
6599
+ # The Amazon Resource Number (ARN) of the AWS Lambda function affected
6600
+ # by a finding.
6601
+ # @return [String]
6602
+ #
5778
6603
  # @!attribute [rw] source_layer_hash
5779
6604
  # The source layer hash of the vulnerable package.
5780
6605
  # @return [String]
@@ -5794,6 +6619,7 @@ module Aws::Inspector2
5794
6619
  :package_manager,
5795
6620
  :release,
5796
6621
  :remediation,
6622
+ :source_lambda_layer_arn,
5797
6623
  :source_layer_hash,
5798
6624
  :version)
5799
6625
  SENSITIVE = []