aws-sdk-securityhub 1.144.0 → 1.145.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +107 -53
  5. data/lib/aws-sdk-securityhub/client_api.rb +13 -1
  6. data/lib/aws-sdk-securityhub/endpoint_parameters.rb +4 -4
  7. data/lib/aws-sdk-securityhub/types.rb +57 -5
  8. data/lib/aws-sdk-securityhub.rb +1 -1
  9. data/sig/client.rbs +64 -26
  10. data/sig/types.rbs +20 -11
  11. metadata +1 -1
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 86e1fb1d53dc29f507dcca68f5642a6715c8c370d8efbf8e553ffba1ba30213c
4
- data.tar.gz: 982b2e997a55c3c628c04121476f7e02006fa74ca94165a5338f40c429964393
3
+ metadata.gz: a58b84e22aeb3cff9a012b7a3907a80a631f5067a6598d308bd88b85b89b77aa
4
+ data.tar.gz: e3797eab5a0cda36334a37606a83a271c89c9eda5227dfd4323e45f8d3cebe4a
5
5
  SHA512:
6
- metadata.gz: c4535aee90d429b04b61c7867fe4fad3a9c61eaf96e4a8ae8be83bbfd35c7b7d96ef09fdc4a52990055402f1f06c3cec6e8ef005ac1dc4a0d022585ec8fdde9f
7
- data.tar.gz: 9cffca56e00346f421527b9829db75d3cebc151477457cddf674ae7f9c8d5257fc7c1ac2adf605222b75b5912b0d28269ae6f1214177130fb35df7942ee7eb2e
6
+ metadata.gz: 027fcadc28d0324e120fd07c13fa157f582d2d4bf13736f2557f8213b234085eda7f9e8cf847801e0b9e26a0a4c5b208efb5d013c13b98e71c8849d7f20b8dd0
7
+ data.tar.gz: c652cfcbb6e3d7d7a35a75f14d61d3d5ea60fffe7f9d4c788150240e36d07c5001069c8dc4d678019e83cf9ff1680195f729169603f519413822b5ff14d31b01
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.145.0 (2025-10-24)
5
+ ------------------
6
+
7
+ * Feature - Release 3 layer filter support in GetFindingsV2, GetFindingStatisticsV2, GetResourcesV2,GetResourcesStatisticsV2, AutomationRule V2 APIs. Update filter casing in GetResourcesV2, GetResourcesStatisticsV2 APIs. Add new filters in GetFindingsV2, GetFindingStatisticsV2, AutomationRule V2 APIs.
8
+
4
9
  1.144.0 (2025-10-21)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.144.0
1
+ 1.145.0
data/lib/aws-sdk-securityhub/client.rb CHANGED
@@ -2139,7 +2139,7 @@ module Aws::SecurityHub
2139
2139
  # permission to perform the `securityhub:BatchUpdateFindings` action.
2140
2140
  # Updates from `BatchUpdateFindingsV2` don't affect the value of
2141
2141
  # f`inding_info.modified_time`, `finding_info.modified_time_dt`, `time`,
2142
- # `time_dt for a finding`. This API is in private preview and subject to
2142
+ # `time_dt for a finding`. This API is in public preview and subject to
2143
2143
  # change.
2144
2144
  #
2145
2145
  # @option params [Array<String>] :metadata_uids
@@ -2393,7 +2393,7 @@ module Aws::SecurityHub
2393
2393
  end
2394
2394
 
2395
2395
  # Enables aggregation across Amazon Web Services Regions. This API is in
2396
- # private preview and subject to change.
2396
+ # public preview and subject to change.
2397
2397
  #
2398
2398
  # @option params [required, String] :region_linking_mode
2399
2399
  # Determines how Regions are linked to an Aggregator V2.
@@ -2878,7 +2878,7 @@ module Aws::SecurityHub
2878
2878
  req.send_request(options)
2879
2879
  end
2880
2880
 
2881
- # Creates a V2 automation rule. This API is in private preview and
2881
+ # Creates a V2 automation rule. This API is in public preview and
2882
2882
  # subject to change.
2883
2883
  #
2884
2884
  # @option params [required, String] :rule_name
@@ -2926,7 +2926,7 @@ module Aws::SecurityHub
2926
2926
  # {
2927
2927
  # string_filters: [
2928
2928
  # {
2929
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name
2929
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name
2930
2930
  # filter: {
2931
2931
  # value: "NonEmptyString",
2932
2932
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -2935,7 +2935,7 @@ module Aws::SecurityHub
2935
2935
  # ],
2936
2936
  # date_filters: [
2937
2937
  # {
2938
- # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt
2938
+ # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt, resources.image.created_time_dt, resources.image.last_used_time_dt, resources.modified_time_dt
2939
2939
  # filter: {
2940
2940
  # start: "NonEmptyString",
2941
2941
  # end: "NonEmptyString",
@@ -2956,7 +2956,7 @@ module Aws::SecurityHub
2956
2956
  # ],
2957
2957
  # number_filters: [
2958
2958
  # {
2959
- # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count
2959
+ # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count, evidences.api.response.code, evidences.dst_endpoint.autonomous_system.number, evidences.dst_endpoint.port, evidences.src_endpoint.autonomous_system.number, evidences.src_endpoint.port, resources.image.in_use_count
2960
2960
  # filter: {
2961
2961
  # gte: 1.0,
2962
2962
  # lte: 1.0,
@@ -2968,7 +2968,7 @@ module Aws::SecurityHub
2968
2968
  # ],
2969
2969
  # map_filters: [
2970
2970
  # {
2971
- # field_name: "resources.tags", # accepts resources.tags
2971
+ # field_name: "resources.tags", # accepts resources.tags, compliance.control_parameters, databucket.tags, finding_info.tags
2972
2972
  # filter: {
2973
2973
  # key: "NonEmptyString",
2974
2974
  # value: "NonEmptyString",
@@ -2976,6 +2976,17 @@ module Aws::SecurityHub
2976
2976
  # },
2977
2977
  # },
2978
2978
  # ],
2979
+ # ip_filters: [
2980
+ # {
2981
+ # field_name: "evidences.dst_endpoint.ip", # accepts evidences.dst_endpoint.ip, evidences.src_endpoint.ip
2982
+ # filter: {
2983
+ # cidr: "NonEmptyString",
2984
+ # },
2985
+ # },
2986
+ # ],
2987
+ # nested_composite_filters: {
2988
+ # # recursive CompositeFilterList
2989
+ # },
2979
2990
  # operator: "AND", # accepts AND, OR
2980
2991
  # },
2981
2992
  # ],
@@ -4426,7 +4437,7 @@ module Aws::SecurityHub
4426
4437
  req.send_request(options)
4427
4438
  end
4428
4439
 
4429
- # Deletes the Aggregator V2. This API is in private preview and subject
4440
+ # Deletes the Aggregator V2. This API is in public preview and subject
4430
4441
  # to change.
4431
4442
  #
4432
4443
  # @option params [required, String] :aggregator_v2_arn
@@ -4449,7 +4460,7 @@ module Aws::SecurityHub
4449
4460
  req.send_request(options)
4450
4461
  end
4451
4462
 
4452
- # Deletes a V2 automation rule. This API is in private preview and
4463
+ # Deletes a V2 automation rule. This API is in public preview and
4453
4464
  # subject to change.
4454
4465
  #
4455
4466
  # @option params [required, String] :identifier
@@ -5015,7 +5026,7 @@ module Aws::SecurityHub
5015
5026
  req.send_request(options)
5016
5027
  end
5017
5028
 
5018
- # Gets information about the product integration. This API is in private
5029
+ # Gets information about the product integration. This API is in public
5019
5030
  # preview and subject to change.
5020
5031
  #
5021
5032
  # @option params [String] :next_token
@@ -5065,7 +5076,7 @@ module Aws::SecurityHub
5065
5076
  end
5066
5077
 
5067
5078
  # Returns details about the service resource in your account. This API
5068
- # is in private preview and subject to change.
5079
+ # is in public preview and subject to change.
5069
5080
  #
5070
5081
  # @return [Types::DescribeSecurityHubV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5071
5082
  #
@@ -5394,7 +5405,7 @@ module Aws::SecurityHub
5394
5405
  end
5395
5406
 
5396
5407
  # Disable the service for the current Amazon Web Services Region or
5397
- # specified Amazon Web Services Region. This API is in private preview
5408
+ # specified Amazon Web Services Region. This API is in public preview
5398
5409
  # and subject to change.
5399
5410
  #
5400
5411
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
@@ -5692,7 +5703,7 @@ module Aws::SecurityHub
5692
5703
  end
5693
5704
 
5694
5705
  # Enables the service in account for the current Amazon Web Services
5695
- # Region or specified Amazon Web Services Region. This API is in private
5706
+ # Region or specified Amazon Web Services Region. This API is in public
5696
5707
  # preview and subject to change.
5697
5708
  #
5698
5709
  # @option params [Hash<String,String>] :tags
@@ -5768,7 +5779,7 @@ module Aws::SecurityHub
5768
5779
  end
5769
5780
 
5770
5781
  # Returns the configuration of the specified Aggregator V2. This API is
5771
- # in private preview and subject to change.
5782
+ # in public preview and subject to change.
5772
5783
  #
5773
5784
  # @option params [required, String] :aggregator_v2_arn
5774
5785
  # The ARN of the Aggregator V2.
@@ -5803,7 +5814,7 @@ module Aws::SecurityHub
5803
5814
  req.send_request(options)
5804
5815
  end
5805
5816
 
5806
- # Returns an automation rule for the V2 service. This API is in private
5817
+ # Returns an automation rule for the V2 service. This API is in public
5807
5818
  # preview and subject to change.
5808
5819
  #
5809
5820
  # @option params [required, String] :identifier
@@ -5838,11 +5849,11 @@ module Aws::SecurityHub
5838
5849
  # resp.description #=> String
5839
5850
  # resp.criteria.ocsf_finding_criteria.composite_filters #=> Array
5840
5851
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters #=> Array
5841
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name"
5852
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name"
5842
5853
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.value #=> String
5843
5854
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
5844
5855
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters #=> Array
5845
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters[0].field_name #=> String, one of "finding_info.created_time_dt", "finding_info.first_seen_time_dt", "finding_info.last_seen_time_dt", "finding_info.modified_time_dt"
5856
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters[0].field_name #=> String, one of "finding_info.created_time_dt", "finding_info.first_seen_time_dt", "finding_info.last_seen_time_dt", "finding_info.modified_time_dt", "resources.image.created_time_dt", "resources.image.last_used_time_dt", "resources.modified_time_dt"
5846
5857
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters[0].filter.start #=> String
5847
5858
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters[0].filter.end #=> String
5848
5859
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters[0].filter.date_range.value #=> Integer
@@ -5851,17 +5862,21 @@ module Aws::SecurityHub
5851
5862
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].boolean_filters[0].field_name #=> String, one of "compliance.assessments.meets_criteria", "vulnerabilities.is_exploit_available", "vulnerabilities.is_fix_available"
5852
5863
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].boolean_filters[0].filter.value #=> Boolean
5853
5864
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters #=> Array
5854
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].field_name #=> String, one of "activity_id", "compliance.status_id", "confidence_score", "severity_id", "status_id", "finding_info.related_events_count"
5865
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].field_name #=> String, one of "activity_id", "compliance.status_id", "confidence_score", "severity_id", "status_id", "finding_info.related_events_count", "evidences.api.response.code", "evidences.dst_endpoint.autonomous_system.number", "evidences.dst_endpoint.port", "evidences.src_endpoint.autonomous_system.number", "evidences.src_endpoint.port", "resources.image.in_use_count"
5855
5866
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].filter.gte #=> Float
5856
5867
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].filter.lte #=> Float
5857
5868
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].filter.eq #=> Float
5858
5869
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].filter.gt #=> Float
5859
5870
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].number_filters[0].filter.lt #=> Float
5860
5871
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters #=> Array
5861
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters[0].field_name #=> String, one of "resources.tags"
5872
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters[0].field_name #=> String, one of "resources.tags", "compliance.control_parameters", "databucket.tags", "finding_info.tags"
5862
5873
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters[0].filter.key #=> String
5863
5874
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters[0].filter.value #=> String
5864
5875
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].map_filters[0].filter.comparison #=> String, one of "EQUALS", "NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
5876
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].ip_filters #=> Array
5877
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].ip_filters[0].field_name #=> String, one of "evidences.dst_endpoint.ip", "evidences.src_endpoint.ip"
5878
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].ip_filters[0].filter.cidr #=> String
5879
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].nested_composite_filters #=> Types::CompositeFilterList
5865
5880
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].operator #=> String, one of "AND", "OR"
5866
5881
  # resp.criteria.ocsf_finding_criteria.composite_operator #=> String, one of "AND", "OR"
5867
5882
  # resp.actions #=> Array
@@ -6423,7 +6438,7 @@ module Aws::SecurityHub
6423
6438
  # Returns aggregated statistical data about findings.
6424
6439
  # `GetFindingStatisticsV2` use `securityhub:GetAdhocInsightResults` in
6425
6440
  # the `Action` element of an IAM policy statement. You must have
6426
- # permission to perform the `s` action. This API is in private preview
6441
+ # permission to perform the `s` action. This API is in public preview
6427
6442
  # and subject to change.
6428
6443
  #
6429
6444
  # @option params [required, Array<Types::GroupByRule>] :group_by_rules
@@ -6452,7 +6467,7 @@ module Aws::SecurityHub
6452
6467
  # {
6453
6468
  # string_filters: [
6454
6469
  # {
6455
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name
6470
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name
6456
6471
  # filter: {
6457
6472
  # value: "NonEmptyString",
6458
6473
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -6461,7 +6476,7 @@ module Aws::SecurityHub
6461
6476
  # ],
6462
6477
  # date_filters: [
6463
6478
  # {
6464
- # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt
6479
+ # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt, resources.image.created_time_dt, resources.image.last_used_time_dt, resources.modified_time_dt
6465
6480
  # filter: {
6466
6481
  # start: "NonEmptyString",
6467
6482
  # end: "NonEmptyString",
@@ -6482,7 +6497,7 @@ module Aws::SecurityHub
6482
6497
  # ],
6483
6498
  # number_filters: [
6484
6499
  # {
6485
- # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count
6500
+ # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count, evidences.api.response.code, evidences.dst_endpoint.autonomous_system.number, evidences.dst_endpoint.port, evidences.src_endpoint.autonomous_system.number, evidences.src_endpoint.port, resources.image.in_use_count
6486
6501
  # filter: {
6487
6502
  # gte: 1.0,
6488
6503
  # lte: 1.0,
@@ -6494,7 +6509,7 @@ module Aws::SecurityHub
6494
6509
  # ],
6495
6510
  # map_filters: [
6496
6511
  # {
6497
- # field_name: "resources.tags", # accepts resources.tags
6512
+ # field_name: "resources.tags", # accepts resources.tags, compliance.control_parameters, databucket.tags, finding_info.tags
6498
6513
  # filter: {
6499
6514
  # key: "NonEmptyString",
6500
6515
  # value: "NonEmptyString",
@@ -6502,12 +6517,23 @@ module Aws::SecurityHub
6502
6517
  # },
6503
6518
  # },
6504
6519
  # ],
6520
+ # ip_filters: [
6521
+ # {
6522
+ # field_name: "evidences.dst_endpoint.ip", # accepts evidences.dst_endpoint.ip, evidences.src_endpoint.ip
6523
+ # filter: {
6524
+ # cidr: "NonEmptyString",
6525
+ # },
6526
+ # },
6527
+ # ],
6528
+ # nested_composite_filters: {
6529
+ # # recursive CompositeFilterList
6530
+ # },
6505
6531
  # operator: "AND", # accepts AND, OR
6506
6532
  # },
6507
6533
  # ],
6508
6534
  # composite_operator: "AND", # accepts AND, OR
6509
6535
  # },
6510
- # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name
6536
+ # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name
6511
6537
  # },
6512
6538
  # ],
6513
6539
  # sort_order: "asc", # accepts asc, desc
@@ -7400,7 +7426,7 @@ module Aws::SecurityHub
7400
7426
  # `GetFindings` and `GetFindingsV2` both use `securityhub:GetFindings`
7401
7427
  # in the `Action` element of an IAM policy statement. You must have
7402
7428
  # permission to perform the `securityhub:GetFindings` action. This API
7403
- # is in private preview and subject to change.
7429
+ # is in public preview and subject to change.
7404
7430
  #
7405
7431
  # @option params [Types::OcsfFindingFilters] :filters
7406
7432
  # The finding attributes used to define a condition to filter the
@@ -7435,7 +7461,7 @@ module Aws::SecurityHub
7435
7461
  # {
7436
7462
  # string_filters: [
7437
7463
  # {
7438
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name
7464
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name
7439
7465
  # filter: {
7440
7466
  # value: "NonEmptyString",
7441
7467
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -7444,7 +7470,7 @@ module Aws::SecurityHub
7444
7470
  # ],
7445
7471
  # date_filters: [
7446
7472
  # {
7447
- # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt
7473
+ # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt, resources.image.created_time_dt, resources.image.last_used_time_dt, resources.modified_time_dt
7448
7474
  # filter: {
7449
7475
  # start: "NonEmptyString",
7450
7476
  # end: "NonEmptyString",
@@ -7465,7 +7491,7 @@ module Aws::SecurityHub
7465
7491
  # ],
7466
7492
  # number_filters: [
7467
7493
  # {
7468
- # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count
7494
+ # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count, evidences.api.response.code, evidences.dst_endpoint.autonomous_system.number, evidences.dst_endpoint.port, evidences.src_endpoint.autonomous_system.number, evidences.src_endpoint.port, resources.image.in_use_count
7469
7495
  # filter: {
7470
7496
  # gte: 1.0,
7471
7497
  # lte: 1.0,
@@ -7477,7 +7503,7 @@ module Aws::SecurityHub
7477
7503
  # ],
7478
7504
  # map_filters: [
7479
7505
  # {
7480
- # field_name: "resources.tags", # accepts resources.tags
7506
+ # field_name: "resources.tags", # accepts resources.tags, compliance.control_parameters, databucket.tags, finding_info.tags
7481
7507
  # filter: {
7482
7508
  # key: "NonEmptyString",
7483
7509
  # value: "NonEmptyString",
@@ -7485,6 +7511,17 @@ module Aws::SecurityHub
7485
7511
  # },
7486
7512
  # },
7487
7513
  # ],
7514
+ # ip_filters: [
7515
+ # {
7516
+ # field_name: "evidences.dst_endpoint.ip", # accepts evidences.dst_endpoint.ip, evidences.src_endpoint.ip
7517
+ # filter: {
7518
+ # cidr: "NonEmptyString",
7519
+ # },
7520
+ # },
7521
+ # ],
7522
+ # nested_composite_filters: {
7523
+ # # recursive CompositeFilterList
7524
+ # },
7488
7525
  # operator: "AND", # accepts AND, OR
7489
7526
  # },
7490
7527
  # ],
@@ -8188,7 +8225,7 @@ module Aws::SecurityHub
8188
8225
  end
8189
8226
 
8190
8227
  # Retrieves statistical information about Amazon Web Services resources
8191
- # and their associated security findings. This API is in private preview
8228
+ # and their associated security findings. This API is in public preview
8192
8229
  # and subject to change.
8193
8230
  #
8194
8231
  # @option params [required, Array<Types::ResourceGroupByRule>] :group_by_rules
@@ -8210,13 +8247,13 @@ module Aws::SecurityHub
8210
8247
  # resp = client.get_resources_statistics_v2({
8211
8248
  # group_by_rules: [ # required
8212
8249
  # {
8213
- # group_by_field: "account_id", # required, accepts account_id, region, resource_category, resource_type, resource_name, findings_summary.finding_type
8250
+ # group_by_field: "AccountId", # required, accepts AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
8214
8251
  # filters: {
8215
8252
  # composite_filters: [
8216
8253
  # {
8217
8254
  # string_filters: [
8218
8255
  # {
8219
- # field_name: "resource_arn", # accepts resource_arn, resource_id, account_id, region, resource_category, resource_type, resource_name, findings_summary.finding_type, findings_summary.product_name
8256
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8220
8257
  # filter: {
8221
8258
  # value: "NonEmptyString",
8222
8259
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8225,7 +8262,7 @@ module Aws::SecurityHub
8225
8262
  # ],
8226
8263
  # date_filters: [
8227
8264
  # {
8228
- # field_name: "resource_detail_capture_time_dt", # accepts resource_detail_capture_time_dt, resource_creation_time_dt
8265
+ # field_name: "ResourceDetailCaptureTime", # accepts ResourceDetailCaptureTime, ResourceCreationTime
8229
8266
  # filter: {
8230
8267
  # start: "NonEmptyString",
8231
8268
  # end: "NonEmptyString",
@@ -8238,7 +8275,7 @@ module Aws::SecurityHub
8238
8275
  # ],
8239
8276
  # number_filters: [
8240
8277
  # {
8241
- # field_name: "findings_summary.total_findings", # accepts findings_summary.total_findings, findings_summary.severities.other, findings_summary.severities.fatal, findings_summary.severities.critical, findings_summary.severities.high, findings_summary.severities.medium, findings_summary.severities.low, findings_summary.severities.informational, findings_summary.severities.unknown
8278
+ # field_name: "FindingsSummary.TotalFindings", # accepts FindingsSummary.TotalFindings, FindingsSummary.Severities.Other, FindingsSummary.Severities.Fatal, FindingsSummary.Severities.Critical, FindingsSummary.Severities.High, FindingsSummary.Severities.Medium, FindingsSummary.Severities.Low, FindingsSummary.Severities.Informational, FindingsSummary.Severities.Unknown
8242
8279
  # filter: {
8243
8280
  # gte: 1.0,
8244
8281
  # lte: 1.0,
@@ -8250,7 +8287,7 @@ module Aws::SecurityHub
8250
8287
  # ],
8251
8288
  # map_filters: [
8252
8289
  # {
8253
- # field_name: "tags", # accepts tags
8290
+ # field_name: "ResourceTags", # accepts ResourceTags
8254
8291
  # filter: {
8255
8292
  # key: "NonEmptyString",
8256
8293
  # value: "NonEmptyString",
@@ -8258,6 +8295,9 @@ module Aws::SecurityHub
8258
8295
  # },
8259
8296
  # },
8260
8297
  # ],
8298
+ # nested_composite_filters: {
8299
+ # # recursive ResourcesCompositeFilterList
8300
+ # },
8261
8301
  # operator: "AND", # accepts AND, OR
8262
8302
  # },
8263
8303
  # ],
@@ -8286,8 +8326,8 @@ module Aws::SecurityHub
8286
8326
  req.send_request(options)
8287
8327
  end
8288
8328
 
8289
- # Returns a list of resources. This API is in private preview and
8290
- # subject to change.
8329
+ # Returns a list of resources. This API is in public preview and subject
8330
+ # to change.
8291
8331
  #
8292
8332
  # @option params [Types::ResourcesFilters] :filters
8293
8333
  # Filters resources based on a set of criteria.
@@ -8319,7 +8359,7 @@ module Aws::SecurityHub
8319
8359
  # {
8320
8360
  # string_filters: [
8321
8361
  # {
8322
- # field_name: "resource_arn", # accepts resource_arn, resource_id, account_id, region, resource_category, resource_type, resource_name, findings_summary.finding_type, findings_summary.product_name
8362
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8323
8363
  # filter: {
8324
8364
  # value: "NonEmptyString",
8325
8365
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8328,7 +8368,7 @@ module Aws::SecurityHub
8328
8368
  # ],
8329
8369
  # date_filters: [
8330
8370
  # {
8331
- # field_name: "resource_detail_capture_time_dt", # accepts resource_detail_capture_time_dt, resource_creation_time_dt
8371
+ # field_name: "ResourceDetailCaptureTime", # accepts ResourceDetailCaptureTime, ResourceCreationTime
8332
8372
  # filter: {
8333
8373
  # start: "NonEmptyString",
8334
8374
  # end: "NonEmptyString",
@@ -8341,7 +8381,7 @@ module Aws::SecurityHub
8341
8381
  # ],
8342
8382
  # number_filters: [
8343
8383
  # {
8344
- # field_name: "findings_summary.total_findings", # accepts findings_summary.total_findings, findings_summary.severities.other, findings_summary.severities.fatal, findings_summary.severities.critical, findings_summary.severities.high, findings_summary.severities.medium, findings_summary.severities.low, findings_summary.severities.informational, findings_summary.severities.unknown
8384
+ # field_name: "FindingsSummary.TotalFindings", # accepts FindingsSummary.TotalFindings, FindingsSummary.Severities.Other, FindingsSummary.Severities.Fatal, FindingsSummary.Severities.Critical, FindingsSummary.Severities.High, FindingsSummary.Severities.Medium, FindingsSummary.Severities.Low, FindingsSummary.Severities.Informational, FindingsSummary.Severities.Unknown
8345
8385
  # filter: {
8346
8386
  # gte: 1.0,
8347
8387
  # lte: 1.0,
@@ -8353,7 +8393,7 @@ module Aws::SecurityHub
8353
8393
  # ],
8354
8394
  # map_filters: [
8355
8395
  # {
8356
- # field_name: "tags", # accepts tags
8396
+ # field_name: "ResourceTags", # accepts ResourceTags
8357
8397
  # filter: {
8358
8398
  # key: "NonEmptyString",
8359
8399
  # value: "NonEmptyString",
@@ -8361,6 +8401,9 @@ module Aws::SecurityHub
8361
8401
  # },
8362
8402
  # },
8363
8403
  # ],
8404
+ # nested_composite_filters: {
8405
+ # # recursive ResourcesCompositeFilterList
8406
+ # },
8364
8407
  # operator: "AND", # accepts AND, OR
8365
8408
  # },
8366
8409
  # ],
@@ -8379,7 +8422,7 @@ module Aws::SecurityHub
8379
8422
  # @example Response structure
8380
8423
  #
8381
8424
  # resp.resources #=> Array
8382
- # resp.resources[0].resource_arn #=> String
8425
+ # resp.resources[0].resource_guid #=> String
8383
8426
  # resp.resources[0].resource_id #=> String
8384
8427
  # resp.resources[0].account_id #=> String
8385
8428
  # resp.resources[0].region #=> String
@@ -8591,7 +8634,7 @@ module Aws::SecurityHub
8591
8634
  req.send_request(options)
8592
8635
  end
8593
8636
 
8594
- # Retrieves a list of V2 aggregators. This API is in private preview and
8637
+ # Retrieves a list of V2 aggregators. This API is in public preview and
8595
8638
  # subject to change.
8596
8639
  #
8597
8640
  # @option params [String] :next_token
@@ -8717,7 +8760,7 @@ module Aws::SecurityHub
8717
8760
  end
8718
8761
 
8719
8762
  # Returns a list of automation rules and metadata for the calling
8720
- # account. This API is in private preview and subject to change.
8763
+ # account. This API is in public preview and subject to change.
8721
8764
  #
8722
8765
  # @option params [String] :next_token
8723
8766
  # The token required for pagination. On your first call, set the value
@@ -9907,8 +9950,8 @@ module Aws::SecurityHub
9907
9950
  req.send_request(options)
9908
9951
  end
9909
9952
 
9910
- # Udpates the configuration for the Aggregator V2. This API is in
9911
- # private preview and subject to change.
9953
+ # Udpates the configuration for the Aggregator V2. This API is in public
9954
+ # preview and subject to change.
9912
9955
  #
9913
9956
  # @option params [required, String] :aggregator_v2_arn
9914
9957
  # The ARN of the Aggregator V2.
@@ -9952,7 +9995,7 @@ module Aws::SecurityHub
9952
9995
  req.send_request(options)
9953
9996
  end
9954
9997
 
9955
- # Updates a V2 automation rule. This API is in private preview and
9998
+ # Updates a V2 automation rule. This API is in public preview and
9956
9999
  # subject to change.
9957
10000
  #
9958
10001
  # @option params [required, String] :identifier
@@ -9992,7 +10035,7 @@ module Aws::SecurityHub
9992
10035
  # {
9993
10036
  # string_filters: [
9994
10037
  # {
9995
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name
10038
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name
9996
10039
  # filter: {
9997
10040
  # value: "NonEmptyString",
9998
10041
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -10001,7 +10044,7 @@ module Aws::SecurityHub
10001
10044
  # ],
10002
10045
  # date_filters: [
10003
10046
  # {
10004
- # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt
10047
+ # field_name: "finding_info.created_time_dt", # accepts finding_info.created_time_dt, finding_info.first_seen_time_dt, finding_info.last_seen_time_dt, finding_info.modified_time_dt, resources.image.created_time_dt, resources.image.last_used_time_dt, resources.modified_time_dt
10005
10048
  # filter: {
10006
10049
  # start: "NonEmptyString",
10007
10050
  # end: "NonEmptyString",
@@ -10022,7 +10065,7 @@ module Aws::SecurityHub
10022
10065
  # ],
10023
10066
  # number_filters: [
10024
10067
  # {
10025
- # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count
10068
+ # field_name: "activity_id", # accepts activity_id, compliance.status_id, confidence_score, severity_id, status_id, finding_info.related_events_count, evidences.api.response.code, evidences.dst_endpoint.autonomous_system.number, evidences.dst_endpoint.port, evidences.src_endpoint.autonomous_system.number, evidences.src_endpoint.port, resources.image.in_use_count
10026
10069
  # filter: {
10027
10070
  # gte: 1.0,
10028
10071
  # lte: 1.0,
@@ -10034,7 +10077,7 @@ module Aws::SecurityHub
10034
10077
  # ],
10035
10078
  # map_filters: [
10036
10079
  # {
10037
- # field_name: "resources.tags", # accepts resources.tags
10080
+ # field_name: "resources.tags", # accepts resources.tags, compliance.control_parameters, databucket.tags, finding_info.tags
10038
10081
  # filter: {
10039
10082
  # key: "NonEmptyString",
10040
10083
  # value: "NonEmptyString",
@@ -10042,6 +10085,17 @@ module Aws::SecurityHub
10042
10085
  # },
10043
10086
  # },
10044
10087
  # ],
10088
+ # ip_filters: [
10089
+ # {
10090
+ # field_name: "evidences.dst_endpoint.ip", # accepts evidences.dst_endpoint.ip, evidences.src_endpoint.ip
10091
+ # filter: {
10092
+ # cidr: "NonEmptyString",
10093
+ # },
10094
+ # },
10095
+ # ],
10096
+ # nested_composite_filters: {
10097
+ # # recursive CompositeFilterList
10098
+ # },
10045
10099
  # operator: "AND", # accepts AND, OR
10046
10100
  # },
10047
10101
  # ],
@@ -12195,7 +12249,7 @@ module Aws::SecurityHub
12195
12249
  tracer: tracer
12196
12250
  )
12197
12251
  context[:gem_name] = 'aws-sdk-securityhub'
12198
- context[:gem_version] = '1.144.0'
12252
+ context[:gem_version] = '1.145.0'
12199
12253
  Seahorse::Client::Request.new(handlers, context)
12200
12254
  end
12201
12255