aws-sdk-securityhub 1.156.0 → 1.157.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +1 -1
  5. data/lib/aws-sdk-securityhub.rb +1 -1
  6. data/sig/client.rbs +252 -4623
  7. data/sig/params.rbs +1448 -0
  8. metadata +2 -1
data/sig/params.rbs ADDED
@@ -0,0 +1,1448 @@
1
+ # WARNING ABOUT GENERATED CODE
2
+ #
3
+ # This file is generated. See the contributing guide for more information:
4
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
5
+ #
6
+ # WARNING ABOUT GENERATED CODE
7
+
8
+ module Aws
9
+ module SecurityHub
10
+ module Params
11
+ type network_header = {
12
+ protocol: ::String?,
13
+ destination: {
14
+ address: Array[::String]?,
15
+ port_ranges: Array[
16
+ {
17
+ begin: ::Integer?,
18
+ end: ::Integer?
19
+ }
20
+ ]?
21
+ }?,
22
+ source: {
23
+ address: Array[::String]?,
24
+ port_ranges: Array[
25
+ {
26
+ begin: ::Integer?,
27
+ end: ::Integer?
28
+ }
29
+ ]?
30
+ }?
31
+ }
32
+
33
+ type occurrences = {
34
+ line_ranges: Array[
35
+ {
36
+ start: ::Integer?,
37
+ end: ::Integer?,
38
+ start_column: ::Integer?
39
+ }
40
+ ]?,
41
+ offset_ranges: Array[
42
+ {
43
+ start: ::Integer?,
44
+ end: ::Integer?,
45
+ start_column: ::Integer?
46
+ }
47
+ ]?,
48
+ pages: Array[
49
+ Params::page
50
+ ]?,
51
+ records: Array[
52
+ {
53
+ json_path: ::String?,
54
+ record_index: ::Integer?
55
+ }
56
+ ]?,
57
+ cells: Array[
58
+ {
59
+ column: ::Integer?,
60
+ row: ::Integer?,
61
+ column_name: ::String?,
62
+ cell_reference: ::String?
63
+ }
64
+ ]?
65
+ }
66
+
67
+ type page = {
68
+ page_number: ::Integer?,
69
+ line_range: {
70
+ start: ::Integer?,
71
+ end: ::Integer?,
72
+ start_column: ::Integer?
73
+ }?,
74
+ offset_range: {
75
+ start: ::Integer?,
76
+ end: ::Integer?,
77
+ start_column: ::Integer?
78
+ }?
79
+ }
80
+
81
+ type aws_code_build_project_artifacts_details = {
82
+ artifact_identifier: ::String?,
83
+ encryption_disabled: bool?,
84
+ location: ::String?,
85
+ name: ::String?,
86
+ namespace_type: ::String?,
87
+ override_artifact_name: bool?,
88
+ packaging: ::String?,
89
+ path: ::String?,
90
+ type: ::String?
91
+ }
92
+
93
+ type aws_ec2_security_group_ip_permission = {
94
+ ip_protocol: ::String?,
95
+ from_port: ::Integer?,
96
+ to_port: ::Integer?,
97
+ user_id_group_pairs: Array[
98
+ Params::aws_ec2_security_group_user_id_group_pair
99
+ ]?,
100
+ ip_ranges: Array[
101
+ {
102
+ cidr_ip: ::String?
103
+ }
104
+ ]?,
105
+ ipv_6_ranges: Array[
106
+ {
107
+ cidr_ipv_6: ::String?
108
+ }
109
+ ]?,
110
+ prefix_list_ids: Array[
111
+ {
112
+ prefix_list_id: ::String?
113
+ }
114
+ ]?
115
+ }
116
+
117
+ type aws_ec2_security_group_user_id_group_pair = {
118
+ group_id: ::String?,
119
+ group_name: ::String?,
120
+ peering_status: ::String?,
121
+ user_id: ::String?,
122
+ vpc_id: ::String?,
123
+ vpc_peering_connection_id: ::String?
124
+ }
125
+
126
+ type aws_certificate_manager_certificate_domain_validation_option = {
127
+ domain_name: ::String?,
128
+ resource_record: {
129
+ name: ::String?,
130
+ type: ::String?,
131
+ value: ::String?
132
+ }?,
133
+ validation_domain: ::String?,
134
+ validation_emails: Array[::String]?,
135
+ validation_method: ::String?,
136
+ validation_status: ::String?
137
+ }
138
+
139
+ type aws_ecs_container_details = {
140
+ name: ::String?,
141
+ image: ::String?,
142
+ mount_points: Array[
143
+ {
144
+ source_volume: ::String?,
145
+ container_path: ::String?
146
+ }
147
+ ]?,
148
+ privileged: bool?
149
+ }
150
+
151
+ type aws_ec2_vpc_peering_connection_vpc_info_details = {
152
+ cidr_block: ::String?,
153
+ cidr_block_set: Array[
154
+ {
155
+ cidr_block: ::String?
156
+ }
157
+ ]?,
158
+ ipv_6_cidr_block_set: Array[
159
+ {
160
+ ipv_6_cidr_block: ::String?
161
+ }
162
+ ]?,
163
+ owner_id: ::String?,
164
+ peering_options: {
165
+ allow_dns_resolution_from_remote_vpc: bool?,
166
+ allow_egress_from_local_classic_link_to_remote_vpc: bool?,
167
+ allow_egress_from_local_vpc_to_remote_classic_link: bool?
168
+ }?,
169
+ region: ::String?,
170
+ vpc_id: ::String?
171
+ }
172
+
173
+ type aws_wafv_2_action_allow_details = {
174
+ custom_request_handling: {
175
+ insert_headers: Array[
176
+ {
177
+ name: ::String?,
178
+ value: ::String?
179
+ }
180
+ ]?
181
+ }?
182
+ }
183
+
184
+ type aws_wafv_2_custom_response_details = {
185
+ custom_response_body_key: ::String?,
186
+ response_code: ::Integer?,
187
+ response_headers: Array[
188
+ {
189
+ name: ::String?,
190
+ value: ::String?
191
+ }
192
+ ]?
193
+ }
194
+
195
+ type aws_wafv_2_action_block_details = {
196
+ custom_response: Params::aws_wafv_2_custom_response_details?
197
+ }
198
+
199
+ type aws_wafv_2_rules_action_captcha_details = {
200
+ custom_request_handling: {
201
+ insert_headers: Array[
202
+ {
203
+ name: ::String?,
204
+ value: ::String?
205
+ }
206
+ ]?
207
+ }?
208
+ }
209
+
210
+ type aws_wafv_2_rules_action_count_details = {
211
+ custom_request_handling: {
212
+ insert_headers: Array[
213
+ {
214
+ name: ::String?,
215
+ value: ::String?
216
+ }
217
+ ]?
218
+ }?
219
+ }
220
+
221
+ type aws_wafv_2_rules_action_details = {
222
+ allow: Params::aws_wafv_2_action_allow_details?,
223
+ block: Params::aws_wafv_2_action_block_details?,
224
+ captcha: Params::aws_wafv_2_rules_action_captcha_details?,
225
+ count: Params::aws_wafv_2_rules_action_count_details?
226
+ }
227
+
228
+ type aws_wafv_2_rules_details = {
229
+ action: Params::aws_wafv_2_rules_action_details?,
230
+ name: ::String?,
231
+ override_action: ::String?,
232
+ priority: ::Integer?,
233
+ visibility_config: {
234
+ cloud_watch_metrics_enabled: bool?,
235
+ metric_name: ::String?,
236
+ sampled_requests_enabled: bool?
237
+ }?
238
+ }
239
+
240
+ type action_remote_ip_details = {
241
+ ip_address_v4: ::String?,
242
+ organization: {
243
+ asn: ::Integer?,
244
+ asn_org: ::String?,
245
+ isp: ::String?,
246
+ org: ::String?
247
+ }?,
248
+ country: {
249
+ country_code: ::String?,
250
+ country_name: ::String?
251
+ }?,
252
+ city: {
253
+ city_name: ::String?
254
+ }?,
255
+ geo_location: {
256
+ lon: ::Float?,
257
+ lat: ::Float?
258
+ }?
259
+ }
260
+
261
+ type automation_rules_finding_filters = {
262
+ product_arn: Array[
263
+ {
264
+ value: ::String?,
265
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
266
+ }
267
+ ]?,
268
+ aws_account_id: Array[
269
+ {
270
+ value: ::String?,
271
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
272
+ }
273
+ ]?,
274
+ id: Array[
275
+ {
276
+ value: ::String?,
277
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
278
+ }
279
+ ]?,
280
+ generator_id: Array[
281
+ {
282
+ value: ::String?,
283
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
284
+ }
285
+ ]?,
286
+ type: Array[
287
+ {
288
+ value: ::String?,
289
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
290
+ }
291
+ ]?,
292
+ first_observed_at: Array[
293
+ Params::date_filter
294
+ ]?,
295
+ last_observed_at: Array[
296
+ Params::date_filter
297
+ ]?,
298
+ created_at: Array[
299
+ Params::date_filter
300
+ ]?,
301
+ updated_at: Array[
302
+ Params::date_filter
303
+ ]?,
304
+ confidence: Array[
305
+ {
306
+ gte: ::Float?,
307
+ lte: ::Float?,
308
+ eq: ::Float?,
309
+ gt: ::Float?,
310
+ lt: ::Float?
311
+ }
312
+ ]?,
313
+ criticality: Array[
314
+ {
315
+ gte: ::Float?,
316
+ lte: ::Float?,
317
+ eq: ::Float?,
318
+ gt: ::Float?,
319
+ lt: ::Float?
320
+ }
321
+ ]?,
322
+ title: Array[
323
+ {
324
+ value: ::String?,
325
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
326
+ }
327
+ ]?,
328
+ description: Array[
329
+ {
330
+ value: ::String?,
331
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
332
+ }
333
+ ]?,
334
+ source_url: Array[
335
+ {
336
+ value: ::String?,
337
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
338
+ }
339
+ ]?,
340
+ product_name: Array[
341
+ {
342
+ value: ::String?,
343
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
344
+ }
345
+ ]?,
346
+ company_name: Array[
347
+ {
348
+ value: ::String?,
349
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
350
+ }
351
+ ]?,
352
+ severity_label: Array[
353
+ {
354
+ value: ::String?,
355
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
356
+ }
357
+ ]?,
358
+ resource_type: Array[
359
+ {
360
+ value: ::String?,
361
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
362
+ }
363
+ ]?,
364
+ resource_id: Array[
365
+ {
366
+ value: ::String?,
367
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
368
+ }
369
+ ]?,
370
+ resource_partition: Array[
371
+ {
372
+ value: ::String?,
373
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
374
+ }
375
+ ]?,
376
+ resource_region: Array[
377
+ {
378
+ value: ::String?,
379
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
380
+ }
381
+ ]?,
382
+ resource_tags: Array[
383
+ {
384
+ key: ::String?,
385
+ value: ::String?,
386
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
387
+ }
388
+ ]?,
389
+ resource_details_other: Array[
390
+ {
391
+ key: ::String?,
392
+ value: ::String?,
393
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
394
+ }
395
+ ]?,
396
+ compliance_status: Array[
397
+ {
398
+ value: ::String?,
399
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
400
+ }
401
+ ]?,
402
+ compliance_security_control_id: Array[
403
+ {
404
+ value: ::String?,
405
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
406
+ }
407
+ ]?,
408
+ compliance_associated_standards_id: Array[
409
+ {
410
+ value: ::String?,
411
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
412
+ }
413
+ ]?,
414
+ verification_state: Array[
415
+ {
416
+ value: ::String?,
417
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
418
+ }
419
+ ]?,
420
+ workflow_status: Array[
421
+ {
422
+ value: ::String?,
423
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
424
+ }
425
+ ]?,
426
+ record_state: Array[
427
+ {
428
+ value: ::String?,
429
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
430
+ }
431
+ ]?,
432
+ related_findings_product_arn: Array[
433
+ {
434
+ value: ::String?,
435
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
436
+ }
437
+ ]?,
438
+ related_findings_id: Array[
439
+ {
440
+ value: ::String?,
441
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
442
+ }
443
+ ]?,
444
+ note_text: Array[
445
+ {
446
+ value: ::String?,
447
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
448
+ }
449
+ ]?,
450
+ note_updated_at: Array[
451
+ Params::date_filter
452
+ ]?,
453
+ note_updated_by: Array[
454
+ {
455
+ value: ::String?,
456
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
457
+ }
458
+ ]?,
459
+ user_defined_fields: Array[
460
+ {
461
+ key: ::String?,
462
+ value: ::String?,
463
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
464
+ }
465
+ ]?,
466
+ resource_application_arn: Array[
467
+ {
468
+ value: ::String?,
469
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
470
+ }
471
+ ]?,
472
+ resource_application_name: Array[
473
+ {
474
+ value: ::String?,
475
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
476
+ }
477
+ ]?,
478
+ aws_account_name: Array[
479
+ {
480
+ value: ::String?,
481
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
482
+ }
483
+ ]?
484
+ }
485
+
486
+ type date_filter = {
487
+ start: ::String?,
488
+ end: ::String?,
489
+ date_range: {
490
+ value: ::Integer?,
491
+ unit: ("DAYS")?,
492
+ comparison: ("WITHIN" | "OLDER_THAN")?
493
+ }?
494
+ }
495
+
496
+ type automation_rules_finding_fields_update = {
497
+ note: {
498
+ text: ::String,
499
+ updated_by: ::String
500
+ }?,
501
+ severity: {
502
+ normalized: ::Integer?,
503
+ product: ::Float?,
504
+ label: ("INFORMATIONAL" | "LOW" | "MEDIUM" | "HIGH" | "CRITICAL")?
505
+ }?,
506
+ verification_state: ("UNKNOWN" | "TRUE_POSITIVE" | "FALSE_POSITIVE" | "BENIGN_POSITIVE")?,
507
+ confidence: ::Integer?,
508
+ criticality: ::Integer?,
509
+ types: Array[::String]?,
510
+ user_defined_fields: Hash[::String, ::String]?,
511
+ workflow: {
512
+ status: ("NEW" | "NOTIFIED" | "RESOLVED" | "SUPPRESSED")?
513
+ }?,
514
+ related_findings: Array[
515
+ {
516
+ product_arn: ::String,
517
+ id: ::String
518
+ }
519
+ ]?
520
+ }
521
+
522
+ type automation_rules_action = {
523
+ type: ("FINDING_FIELDS_UPDATE")?,
524
+ finding_fields_update: Params::automation_rules_finding_fields_update?
525
+ }
526
+
527
+ type ocsf_finding_filters = {
528
+ composite_filters: Array[
529
+ Params::composite_filter
530
+ ]?,
531
+ composite_operator: ("AND" | "OR")?
532
+ }
533
+
534
+ type criteria = {
535
+ ocsf_finding_criteria: Params::ocsf_finding_filters?
536
+ }
537
+
538
+ type composite_filter = {
539
+ string_filters: Array[
540
+ {
541
+ field_name: ("metadata.uid" | "activity_name" | "cloud.account.uid" | "cloud.provider" | "cloud.region" | "compliance.assessments.category" | "compliance.assessments.name" | "compliance.control" | "compliance.status" | "compliance.standards" | "finding_info.desc" | "finding_info.src_url" | "finding_info.title" | "finding_info.types" | "finding_info.uid" | "finding_info.related_events.traits.category" | "finding_info.related_events.uid" | "finding_info.related_events.product.uid" | "finding_info.related_events.title" | "metadata.product.name" | "metadata.product.uid" | "metadata.product.vendor_name" | "remediation.desc" | "remediation.references" | "resources.cloud_partition" | "resources.region" | "resources.type" | "resources.uid" | "severity" | "status" | "comment" | "vulnerabilities.fix_coverage" | "class_name" | "databucket.encryption_details.algorithm" | "databucket.encryption_details.key_uid" | "databucket.file.data_classifications.classifier_details.type" | "evidences.actor.user.account.uid" | "evidences.api.operation" | "evidences.api.response.error_message" | "evidences.api.service.name" | "evidences.connection_info.direction" | "evidences.connection_info.protocol_name" | "evidences.dst_endpoint.autonomous_system.name" | "evidences.dst_endpoint.location.city" | "evidences.dst_endpoint.location.country" | "evidences.src_endpoint.autonomous_system.name" | "evidences.src_endpoint.hostname" | "evidences.src_endpoint.location.city" | "evidences.src_endpoint.location.country" | "finding_info.analytic.name" | "malware.name" | "malware_scan_info.uid" | "malware.severity" | "resources.cloud_function.layers.uid_alt" | "resources.cloud_function.runtime" | "resources.cloud_function.user.uid" | "resources.device.encryption_details.key_uid" | "resources.device.image.uid" | "resources.image.architecture" | "resources.image.registry_uid" | "resources.image.repository_name" | "resources.image.uid" | "resources.subnet_info.uid" | "resources.vpc_uid" | "vulnerabilities.affected_code.file.path" | "vulnerabilities.affected_packages.name" | "vulnerabilities.cve.epss.score" | "vulnerabilities.cve.uid" | "vulnerabilities.related_vulnerabilities" | "cloud.account.name" | "vendor_attributes.severity")?,
542
+ filter: {
543
+ value: ::String?,
544
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
545
+ }?
546
+ }
547
+ ]?,
548
+ date_filters: Array[
549
+ Params::ocsf_date_filter
550
+ ]?,
551
+ boolean_filters: Array[
552
+ {
553
+ field_name: ("compliance.assessments.meets_criteria" | "vulnerabilities.is_exploit_available" | "vulnerabilities.is_fix_available")?,
554
+ filter: {
555
+ value: bool?
556
+ }?
557
+ }
558
+ ]?,
559
+ number_filters: Array[
560
+ Params::ocsf_number_filter
561
+ ]?,
562
+ map_filters: Array[
563
+ Params::ocsf_map_filter
564
+ ]?,
565
+ ip_filters: Array[
566
+ {
567
+ field_name: ("evidences.dst_endpoint.ip" | "evidences.src_endpoint.ip")?,
568
+ filter: {
569
+ cidr: ::String?
570
+ }?
571
+ }
572
+ ]?,
573
+ nested_composite_filters: Array[
574
+ {
575
+ string_filters: Array[
576
+ {
577
+ field_name: ("metadata.uid" | "activity_name" | "cloud.account.uid" | "cloud.provider" | "cloud.region" | "compliance.assessments.category" | "compliance.assessments.name" | "compliance.control" | "compliance.status" | "compliance.standards" | "finding_info.desc" | "finding_info.src_url" | "finding_info.title" | "finding_info.types" | "finding_info.uid" | "finding_info.related_events.traits.category" | "finding_info.related_events.uid" | "finding_info.related_events.product.uid" | "finding_info.related_events.title" | "metadata.product.name" | "metadata.product.uid" | "metadata.product.vendor_name" | "remediation.desc" | "remediation.references" | "resources.cloud_partition" | "resources.region" | "resources.type" | "resources.uid" | "severity" | "status" | "comment" | "vulnerabilities.fix_coverage" | "class_name" | "databucket.encryption_details.algorithm" | "databucket.encryption_details.key_uid" | "databucket.file.data_classifications.classifier_details.type" | "evidences.actor.user.account.uid" | "evidences.api.operation" | "evidences.api.response.error_message" | "evidences.api.service.name" | "evidences.connection_info.direction" | "evidences.connection_info.protocol_name" | "evidences.dst_endpoint.autonomous_system.name" | "evidences.dst_endpoint.location.city" | "evidences.dst_endpoint.location.country" | "evidences.src_endpoint.autonomous_system.name" | "evidences.src_endpoint.hostname" | "evidences.src_endpoint.location.city" | "evidences.src_endpoint.location.country" | "finding_info.analytic.name" | "malware.name" | "malware_scan_info.uid" | "malware.severity" | "resources.cloud_function.layers.uid_alt" | "resources.cloud_function.runtime" | "resources.cloud_function.user.uid" | "resources.device.encryption_details.key_uid" | "resources.device.image.uid" | "resources.image.architecture" | "resources.image.registry_uid" | "resources.image.repository_name" | "resources.image.uid" | "resources.subnet_info.uid" | "resources.vpc_uid" | "vulnerabilities.affected_code.file.path" | "vulnerabilities.affected_packages.name" | "vulnerabilities.cve.epss.score" | "vulnerabilities.cve.uid" | "vulnerabilities.related_vulnerabilities" | "cloud.account.name" | "vendor_attributes.severity")?,
578
+ filter: {
579
+ value: ::String?,
580
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
581
+ }?
582
+ }
583
+ ]?,
584
+ date_filters: Array[
585
+ Params::ocsf_date_filter
586
+ ]?,
587
+ boolean_filters: Array[
588
+ {
589
+ field_name: ("compliance.assessments.meets_criteria" | "vulnerabilities.is_exploit_available" | "vulnerabilities.is_fix_available")?,
590
+ filter: {
591
+ value: bool?
592
+ }?
593
+ }
594
+ ]?,
595
+ number_filters: Array[
596
+ Params::ocsf_number_filter
597
+ ]?,
598
+ map_filters: Array[
599
+ Params::ocsf_map_filter
600
+ ]?,
601
+ ip_filters: Array[
602
+ {
603
+ field_name: ("evidences.dst_endpoint.ip" | "evidences.src_endpoint.ip")?,
604
+ filter: {
605
+ cidr: ::String?
606
+ }?
607
+ }
608
+ ]?,
609
+ nested_composite_filters: untyped?,
610
+ operator: ("AND" | "OR")?
611
+ }
612
+ ]?,
613
+ operator: ("AND" | "OR")?
614
+ }
615
+
616
+ type ocsf_date_filter = {
617
+ field_name: ("finding_info.created_time_dt" | "finding_info.first_seen_time_dt" | "finding_info.last_seen_time_dt" | "finding_info.modified_time_dt" | "resources.image.created_time_dt" | "resources.image.last_used_time_dt" | "resources.modified_time_dt")?,
618
+ filter: Params::date_filter?
619
+ }
620
+
621
+ type ocsf_number_filter = {
622
+ field_name: ("activity_id" | "compliance.status_id" | "confidence_score" | "severity_id" | "status_id" | "finding_info.related_events_count" | "evidences.api.response.code" | "evidences.dst_endpoint.autonomous_system.number" | "evidences.dst_endpoint.port" | "evidences.src_endpoint.autonomous_system.number" | "evidences.src_endpoint.port" | "resources.image.in_use_count" | "vulnerabilities.cve.cvss.base_score" | "vendor_attributes.severity_id")?,
623
+ filter: {
624
+ gte: ::Float?,
625
+ lte: ::Float?,
626
+ eq: ::Float?,
627
+ gt: ::Float?,
628
+ lt: ::Float?
629
+ }?
630
+ }
631
+
632
+ type ocsf_map_filter = {
633
+ field_name: ("resources.tags" | "compliance.control_parameters" | "databucket.tags" | "finding_info.tags")?,
634
+ filter: {
635
+ key: ::String?,
636
+ value: ::String?,
637
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
638
+ }?
639
+ }
640
+
641
+ type automation_rules_action_v2 = {
642
+ type: ("FINDING_FIELDS_UPDATE" | "EXTERNAL_INTEGRATION"),
643
+ finding_fields_update: {
644
+ severity_id: ::Integer?,
645
+ comment: ::String?,
646
+ status_id: ::Integer?
647
+ }?,
648
+ external_integration_configuration: {
649
+ connector_arn: ::String?
650
+ }?
651
+ }
652
+
653
+ type security_controls_configuration = {
654
+ enabled_security_control_identifiers: Array[::String]?,
655
+ disabled_security_control_identifiers: Array[::String]?,
656
+ security_control_custom_parameters: Array[
657
+ Params::security_control_custom_parameter
658
+ ]?
659
+ }
660
+
661
+ type security_hub_policy = {
662
+ service_enabled: bool?,
663
+ enabled_standard_identifiers: Array[::String]?,
664
+ security_controls_configuration: Params::security_controls_configuration?
665
+ }
666
+
667
+ type policy = {
668
+ security_hub: Params::security_hub_policy?
669
+ }
670
+
671
+ type security_control_custom_parameter = {
672
+ security_control_id: ::String?,
673
+ parameters: Hash[::String, Params::parameter_configuration]?
674
+ }
675
+
676
+ type parameter_value = {
677
+ integer: ::Integer?,
678
+ integer_list: Array[::Integer]?,
679
+ double: ::Float?,
680
+ string: ::String?,
681
+ string_list: Array[::String]?,
682
+ boolean: bool?,
683
+ enum: ::String?,
684
+ enum_list: Array[::String]?
685
+ }
686
+
687
+ type parameter_configuration = {
688
+ value_type: ("DEFAULT" | "CUSTOM"),
689
+ value: Params::parameter_value?
690
+ }
691
+
692
+ type aws_security_finding_filters = {
693
+ product_arn: Array[
694
+ {
695
+ value: ::String?,
696
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
697
+ }
698
+ ]?,
699
+ aws_account_id: Array[
700
+ {
701
+ value: ::String?,
702
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
703
+ }
704
+ ]?,
705
+ id: Array[
706
+ {
707
+ value: ::String?,
708
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
709
+ }
710
+ ]?,
711
+ generator_id: Array[
712
+ {
713
+ value: ::String?,
714
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
715
+ }
716
+ ]?,
717
+ region: Array[
718
+ {
719
+ value: ::String?,
720
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
721
+ }
722
+ ]?,
723
+ type: Array[
724
+ {
725
+ value: ::String?,
726
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
727
+ }
728
+ ]?,
729
+ first_observed_at: Array[
730
+ Params::date_filter
731
+ ]?,
732
+ last_observed_at: Array[
733
+ Params::date_filter
734
+ ]?,
735
+ created_at: Array[
736
+ Params::date_filter
737
+ ]?,
738
+ updated_at: Array[
739
+ Params::date_filter
740
+ ]?,
741
+ severity_product: Array[
742
+ {
743
+ gte: ::Float?,
744
+ lte: ::Float?,
745
+ eq: ::Float?,
746
+ gt: ::Float?,
747
+ lt: ::Float?
748
+ }
749
+ ]?,
750
+ severity_normalized: Array[
751
+ {
752
+ gte: ::Float?,
753
+ lte: ::Float?,
754
+ eq: ::Float?,
755
+ gt: ::Float?,
756
+ lt: ::Float?
757
+ }
758
+ ]?,
759
+ severity_label: Array[
760
+ {
761
+ value: ::String?,
762
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
763
+ }
764
+ ]?,
765
+ confidence: Array[
766
+ {
767
+ gte: ::Float?,
768
+ lte: ::Float?,
769
+ eq: ::Float?,
770
+ gt: ::Float?,
771
+ lt: ::Float?
772
+ }
773
+ ]?,
774
+ criticality: Array[
775
+ {
776
+ gte: ::Float?,
777
+ lte: ::Float?,
778
+ eq: ::Float?,
779
+ gt: ::Float?,
780
+ lt: ::Float?
781
+ }
782
+ ]?,
783
+ title: Array[
784
+ {
785
+ value: ::String?,
786
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
787
+ }
788
+ ]?,
789
+ description: Array[
790
+ {
791
+ value: ::String?,
792
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
793
+ }
794
+ ]?,
795
+ recommendation_text: Array[
796
+ {
797
+ value: ::String?,
798
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
799
+ }
800
+ ]?,
801
+ source_url: Array[
802
+ {
803
+ value: ::String?,
804
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
805
+ }
806
+ ]?,
807
+ product_fields: Array[
808
+ {
809
+ key: ::String?,
810
+ value: ::String?,
811
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
812
+ }
813
+ ]?,
814
+ product_name: Array[
815
+ {
816
+ value: ::String?,
817
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
818
+ }
819
+ ]?,
820
+ company_name: Array[
821
+ {
822
+ value: ::String?,
823
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
824
+ }
825
+ ]?,
826
+ user_defined_fields: Array[
827
+ {
828
+ key: ::String?,
829
+ value: ::String?,
830
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
831
+ }
832
+ ]?,
833
+ malware_name: Array[
834
+ {
835
+ value: ::String?,
836
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
837
+ }
838
+ ]?,
839
+ malware_type: Array[
840
+ {
841
+ value: ::String?,
842
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
843
+ }
844
+ ]?,
845
+ malware_path: Array[
846
+ {
847
+ value: ::String?,
848
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
849
+ }
850
+ ]?,
851
+ malware_state: Array[
852
+ {
853
+ value: ::String?,
854
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
855
+ }
856
+ ]?,
857
+ network_direction: Array[
858
+ {
859
+ value: ::String?,
860
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
861
+ }
862
+ ]?,
863
+ network_protocol: Array[
864
+ {
865
+ value: ::String?,
866
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
867
+ }
868
+ ]?,
869
+ network_source_ip_v4: Array[
870
+ {
871
+ cidr: ::String?
872
+ }
873
+ ]?,
874
+ network_source_ip_v6: Array[
875
+ {
876
+ cidr: ::String?
877
+ }
878
+ ]?,
879
+ network_source_port: Array[
880
+ {
881
+ gte: ::Float?,
882
+ lte: ::Float?,
883
+ eq: ::Float?,
884
+ gt: ::Float?,
885
+ lt: ::Float?
886
+ }
887
+ ]?,
888
+ network_source_domain: Array[
889
+ {
890
+ value: ::String?,
891
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
892
+ }
893
+ ]?,
894
+ network_source_mac: Array[
895
+ {
896
+ value: ::String?,
897
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
898
+ }
899
+ ]?,
900
+ network_destination_ip_v4: Array[
901
+ {
902
+ cidr: ::String?
903
+ }
904
+ ]?,
905
+ network_destination_ip_v6: Array[
906
+ {
907
+ cidr: ::String?
908
+ }
909
+ ]?,
910
+ network_destination_port: Array[
911
+ {
912
+ gte: ::Float?,
913
+ lte: ::Float?,
914
+ eq: ::Float?,
915
+ gt: ::Float?,
916
+ lt: ::Float?
917
+ }
918
+ ]?,
919
+ network_destination_domain: Array[
920
+ {
921
+ value: ::String?,
922
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
923
+ }
924
+ ]?,
925
+ process_name: Array[
926
+ {
927
+ value: ::String?,
928
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
929
+ }
930
+ ]?,
931
+ process_path: Array[
932
+ {
933
+ value: ::String?,
934
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
935
+ }
936
+ ]?,
937
+ process_pid: Array[
938
+ {
939
+ gte: ::Float?,
940
+ lte: ::Float?,
941
+ eq: ::Float?,
942
+ gt: ::Float?,
943
+ lt: ::Float?
944
+ }
945
+ ]?,
946
+ process_parent_pid: Array[
947
+ {
948
+ gte: ::Float?,
949
+ lte: ::Float?,
950
+ eq: ::Float?,
951
+ gt: ::Float?,
952
+ lt: ::Float?
953
+ }
954
+ ]?,
955
+ process_launched_at: Array[
956
+ Params::date_filter
957
+ ]?,
958
+ process_terminated_at: Array[
959
+ Params::date_filter
960
+ ]?,
961
+ threat_intel_indicator_type: Array[
962
+ {
963
+ value: ::String?,
964
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
965
+ }
966
+ ]?,
967
+ threat_intel_indicator_value: Array[
968
+ {
969
+ value: ::String?,
970
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
971
+ }
972
+ ]?,
973
+ threat_intel_indicator_category: Array[
974
+ {
975
+ value: ::String?,
976
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
977
+ }
978
+ ]?,
979
+ threat_intel_indicator_last_observed_at: Array[
980
+ Params::date_filter
981
+ ]?,
982
+ threat_intel_indicator_source: Array[
983
+ {
984
+ value: ::String?,
985
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
986
+ }
987
+ ]?,
988
+ threat_intel_indicator_source_url: Array[
989
+ {
990
+ value: ::String?,
991
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
992
+ }
993
+ ]?,
994
+ resource_type: Array[
995
+ {
996
+ value: ::String?,
997
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
998
+ }
999
+ ]?,
1000
+ resource_id: Array[
1001
+ {
1002
+ value: ::String?,
1003
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1004
+ }
1005
+ ]?,
1006
+ resource_partition: Array[
1007
+ {
1008
+ value: ::String?,
1009
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1010
+ }
1011
+ ]?,
1012
+ resource_region: Array[
1013
+ {
1014
+ value: ::String?,
1015
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1016
+ }
1017
+ ]?,
1018
+ resource_tags: Array[
1019
+ {
1020
+ key: ::String?,
1021
+ value: ::String?,
1022
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
1023
+ }
1024
+ ]?,
1025
+ resource_aws_ec2_instance_type: Array[
1026
+ {
1027
+ value: ::String?,
1028
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1029
+ }
1030
+ ]?,
1031
+ resource_aws_ec2_instance_image_id: Array[
1032
+ {
1033
+ value: ::String?,
1034
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1035
+ }
1036
+ ]?,
1037
+ resource_aws_ec2_instance_ip_v4_addresses: Array[
1038
+ {
1039
+ cidr: ::String?
1040
+ }
1041
+ ]?,
1042
+ resource_aws_ec2_instance_ip_v6_addresses: Array[
1043
+ {
1044
+ cidr: ::String?
1045
+ }
1046
+ ]?,
1047
+ resource_aws_ec2_instance_key_name: Array[
1048
+ {
1049
+ value: ::String?,
1050
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1051
+ }
1052
+ ]?,
1053
+ resource_aws_ec2_instance_iam_instance_profile_arn: Array[
1054
+ {
1055
+ value: ::String?,
1056
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1057
+ }
1058
+ ]?,
1059
+ resource_aws_ec2_instance_vpc_id: Array[
1060
+ {
1061
+ value: ::String?,
1062
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1063
+ }
1064
+ ]?,
1065
+ resource_aws_ec2_instance_subnet_id: Array[
1066
+ {
1067
+ value: ::String?,
1068
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1069
+ }
1070
+ ]?,
1071
+ resource_aws_ec2_instance_launched_at: Array[
1072
+ Params::date_filter
1073
+ ]?,
1074
+ resource_aws_s3_bucket_owner_id: Array[
1075
+ {
1076
+ value: ::String?,
1077
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1078
+ }
1079
+ ]?,
1080
+ resource_aws_s3_bucket_owner_name: Array[
1081
+ {
1082
+ value: ::String?,
1083
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1084
+ }
1085
+ ]?,
1086
+ resource_aws_iam_access_key_user_name: Array[
1087
+ {
1088
+ value: ::String?,
1089
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1090
+ }
1091
+ ]?,
1092
+ resource_aws_iam_access_key_principal_name: Array[
1093
+ {
1094
+ value: ::String?,
1095
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1096
+ }
1097
+ ]?,
1098
+ resource_aws_iam_access_key_status: Array[
1099
+ {
1100
+ value: ::String?,
1101
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1102
+ }
1103
+ ]?,
1104
+ resource_aws_iam_access_key_created_at: Array[
1105
+ Params::date_filter
1106
+ ]?,
1107
+ resource_aws_iam_user_user_name: Array[
1108
+ {
1109
+ value: ::String?,
1110
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1111
+ }
1112
+ ]?,
1113
+ resource_container_name: Array[
1114
+ {
1115
+ value: ::String?,
1116
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1117
+ }
1118
+ ]?,
1119
+ resource_container_image_id: Array[
1120
+ {
1121
+ value: ::String?,
1122
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1123
+ }
1124
+ ]?,
1125
+ resource_container_image_name: Array[
1126
+ {
1127
+ value: ::String?,
1128
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1129
+ }
1130
+ ]?,
1131
+ resource_container_launched_at: Array[
1132
+ Params::date_filter
1133
+ ]?,
1134
+ resource_details_other: Array[
1135
+ {
1136
+ key: ::String?,
1137
+ value: ::String?,
1138
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
1139
+ }
1140
+ ]?,
1141
+ compliance_status: Array[
1142
+ {
1143
+ value: ::String?,
1144
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1145
+ }
1146
+ ]?,
1147
+ verification_state: Array[
1148
+ {
1149
+ value: ::String?,
1150
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1151
+ }
1152
+ ]?,
1153
+ workflow_state: Array[
1154
+ {
1155
+ value: ::String?,
1156
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1157
+ }
1158
+ ]?,
1159
+ workflow_status: Array[
1160
+ {
1161
+ value: ::String?,
1162
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1163
+ }
1164
+ ]?,
1165
+ record_state: Array[
1166
+ {
1167
+ value: ::String?,
1168
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1169
+ }
1170
+ ]?,
1171
+ related_findings_product_arn: Array[
1172
+ {
1173
+ value: ::String?,
1174
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1175
+ }
1176
+ ]?,
1177
+ related_findings_id: Array[
1178
+ {
1179
+ value: ::String?,
1180
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1181
+ }
1182
+ ]?,
1183
+ note_text: Array[
1184
+ {
1185
+ value: ::String?,
1186
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1187
+ }
1188
+ ]?,
1189
+ note_updated_at: Array[
1190
+ Params::date_filter
1191
+ ]?,
1192
+ note_updated_by: Array[
1193
+ {
1194
+ value: ::String?,
1195
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1196
+ }
1197
+ ]?,
1198
+ keyword: Array[
1199
+ {
1200
+ value: ::String?
1201
+ }
1202
+ ]?,
1203
+ finding_provider_fields_confidence: Array[
1204
+ {
1205
+ gte: ::Float?,
1206
+ lte: ::Float?,
1207
+ eq: ::Float?,
1208
+ gt: ::Float?,
1209
+ lt: ::Float?
1210
+ }
1211
+ ]?,
1212
+ finding_provider_fields_criticality: Array[
1213
+ {
1214
+ gte: ::Float?,
1215
+ lte: ::Float?,
1216
+ eq: ::Float?,
1217
+ gt: ::Float?,
1218
+ lt: ::Float?
1219
+ }
1220
+ ]?,
1221
+ finding_provider_fields_related_findings_id: Array[
1222
+ {
1223
+ value: ::String?,
1224
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1225
+ }
1226
+ ]?,
1227
+ finding_provider_fields_related_findings_product_arn: Array[
1228
+ {
1229
+ value: ::String?,
1230
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1231
+ }
1232
+ ]?,
1233
+ finding_provider_fields_severity_label: Array[
1234
+ {
1235
+ value: ::String?,
1236
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1237
+ }
1238
+ ]?,
1239
+ finding_provider_fields_severity_original: Array[
1240
+ {
1241
+ value: ::String?,
1242
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1243
+ }
1244
+ ]?,
1245
+ finding_provider_fields_types: Array[
1246
+ {
1247
+ value: ::String?,
1248
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1249
+ }
1250
+ ]?,
1251
+ sample: Array[
1252
+ {
1253
+ value: bool?
1254
+ }
1255
+ ]?,
1256
+ compliance_security_control_id: Array[
1257
+ {
1258
+ value: ::String?,
1259
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1260
+ }
1261
+ ]?,
1262
+ compliance_associated_standards_id: Array[
1263
+ {
1264
+ value: ::String?,
1265
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1266
+ }
1267
+ ]?,
1268
+ vulnerabilities_exploit_available: Array[
1269
+ {
1270
+ value: ::String?,
1271
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1272
+ }
1273
+ ]?,
1274
+ vulnerabilities_fix_available: Array[
1275
+ {
1276
+ value: ::String?,
1277
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1278
+ }
1279
+ ]?,
1280
+ compliance_security_control_parameters_name: Array[
1281
+ {
1282
+ value: ::String?,
1283
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1284
+ }
1285
+ ]?,
1286
+ compliance_security_control_parameters_value: Array[
1287
+ {
1288
+ value: ::String?,
1289
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1290
+ }
1291
+ ]?,
1292
+ aws_account_name: Array[
1293
+ {
1294
+ value: ::String?,
1295
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1296
+ }
1297
+ ]?,
1298
+ resource_application_name: Array[
1299
+ {
1300
+ value: ::String?,
1301
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1302
+ }
1303
+ ]?,
1304
+ resource_application_arn: Array[
1305
+ {
1306
+ value: ::String?,
1307
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1308
+ }
1309
+ ]?
1310
+ }
1311
+
1312
+ type findings_trends_composite_filter = {
1313
+ string_filters: Array[
1314
+ {
1315
+ field_name: ("account_id" | "region" | "finding_types" | "finding_status" | "finding_cve_ids" | "finding_compliance_status" | "finding_control_id" | "finding_class_name" | "finding_provider" | "finding_activity_name")?,
1316
+ filter: {
1317
+ value: ::String?,
1318
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1319
+ }?
1320
+ }
1321
+ ]?,
1322
+ nested_composite_filters: Array[
1323
+ {
1324
+ string_filters: Array[
1325
+ {
1326
+ field_name: ("account_id" | "region" | "finding_types" | "finding_status" | "finding_cve_ids" | "finding_compliance_status" | "finding_control_id" | "finding_class_name" | "finding_provider" | "finding_activity_name")?,
1327
+ filter: {
1328
+ value: ::String?,
1329
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1330
+ }?
1331
+ }
1332
+ ]?,
1333
+ nested_composite_filters: untyped?,
1334
+ operator: ("AND" | "OR")?
1335
+ }
1336
+ ]?,
1337
+ operator: ("AND" | "OR")?
1338
+ }
1339
+
1340
+ type resources_filters = {
1341
+ composite_filters: Array[
1342
+ Params::resources_composite_filter
1343
+ ]?,
1344
+ composite_operator: ("AND" | "OR")?
1345
+ }
1346
+
1347
+ type resources_composite_filter = {
1348
+ string_filters: Array[
1349
+ {
1350
+ field_name: ("ResourceGuid" | "ResourceId" | "AccountId" | "Region" | "ResourceCategory" | "ResourceType" | "ResourceName" | "FindingsSummary.FindingType" | "FindingsSummary.ProductName")?,
1351
+ filter: {
1352
+ value: ::String?,
1353
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1354
+ }?
1355
+ }
1356
+ ]?,
1357
+ date_filters: Array[
1358
+ Params::resources_date_filter
1359
+ ]?,
1360
+ number_filters: Array[
1361
+ Params::resources_number_filter
1362
+ ]?,
1363
+ map_filters: Array[
1364
+ Params::resources_map_filter
1365
+ ]?,
1366
+ nested_composite_filters: Array[
1367
+ {
1368
+ string_filters: Array[
1369
+ {
1370
+ field_name: ("ResourceGuid" | "ResourceId" | "AccountId" | "Region" | "ResourceCategory" | "ResourceType" | "ResourceName" | "FindingsSummary.FindingType" | "FindingsSummary.ProductName")?,
1371
+ filter: {
1372
+ value: ::String?,
1373
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1374
+ }?
1375
+ }
1376
+ ]?,
1377
+ date_filters: Array[
1378
+ Params::resources_date_filter
1379
+ ]?,
1380
+ number_filters: Array[
1381
+ Params::resources_number_filter
1382
+ ]?,
1383
+ map_filters: Array[
1384
+ Params::resources_map_filter
1385
+ ]?,
1386
+ nested_composite_filters: untyped?,
1387
+ operator: ("AND" | "OR")?
1388
+ }
1389
+ ]?,
1390
+ operator: ("AND" | "OR")?
1391
+ }
1392
+
1393
+ type resources_date_filter = {
1394
+ field_name: ("ResourceDetailCaptureTime" | "ResourceCreationTime")?,
1395
+ filter: Params::date_filter?
1396
+ }
1397
+
1398
+ type resources_number_filter = {
1399
+ field_name: ("FindingsSummary.TotalFindings" | "FindingsSummary.Severities.Other" | "FindingsSummary.Severities.Fatal" | "FindingsSummary.Severities.Critical" | "FindingsSummary.Severities.High" | "FindingsSummary.Severities.Medium" | "FindingsSummary.Severities.Low" | "FindingsSummary.Severities.Informational" | "FindingsSummary.Severities.Unknown")?,
1400
+ filter: {
1401
+ gte: ::Float?,
1402
+ lte: ::Float?,
1403
+ eq: ::Float?,
1404
+ gt: ::Float?,
1405
+ lt: ::Float?
1406
+ }?
1407
+ }
1408
+
1409
+ type resources_map_filter = {
1410
+ field_name: ("ResourceTags")?,
1411
+ filter: {
1412
+ key: ::String?,
1413
+ value: ::String?,
1414
+ comparison: ("EQUALS" | "NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS")?
1415
+ }?
1416
+ }
1417
+
1418
+ type resources_trends_composite_filter = {
1419
+ string_filters: Array[
1420
+ {
1421
+ field_name: ("account_id" | "region" | "resource_type" | "resource_category")?,
1422
+ filter: {
1423
+ value: ::String?,
1424
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1425
+ }?
1426
+ }
1427
+ ]?,
1428
+ nested_composite_filters: Array[
1429
+ {
1430
+ string_filters: Array[
1431
+ {
1432
+ field_name: ("account_id" | "region" | "resource_type" | "resource_category")?,
1433
+ filter: {
1434
+ value: ::String?,
1435
+ comparison: ("EQUALS" | "PREFIX" | "NOT_EQUALS" | "PREFIX_NOT_EQUALS" | "CONTAINS" | "NOT_CONTAINS" | "CONTAINS_WORD")?
1436
+ }?
1437
+ }
1438
+ ]?,
1439
+ nested_composite_filters: untyped?,
1440
+ operator: ("AND" | "OR")?
1441
+ }
1442
+ ]?,
1443
+ operator: ("AND" | "OR")?
1444
+ }
1445
+
1446
+ end
1447
+ end
1448
+ end