aws-sdk-securityhub 1.157.0 → 1.159.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +707 -32
- data/lib/aws-sdk-securityhub/client_api.rb +348 -2
- data/lib/aws-sdk-securityhub/types.rb +968 -23
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/sig/client.rbs +142 -10
- data/sig/params.rbs +53 -8
- data/sig/types.rbs +266 -17
- metadata +3 -3
|
@@ -199,7 +199,7 @@ module Aws::SecurityHub
|
|
|
199
199
|
# the required types.
|
|
200
200
|
#
|
|
201
201
|
# @option options [Boolean] :correct_clock_skew (true)
|
|
202
|
-
# Used only in `standard` and adaptive retry modes. Specifies whether to apply
|
|
202
|
+
# Used only in `standard` and `adaptive` retry modes. Specifies whether to apply
|
|
203
203
|
# a clock skew correction and retry requests with skewed client clocks.
|
|
204
204
|
#
|
|
205
205
|
# @option options [String] :defaults_mode ("legacy")
|
|
@@ -323,17 +323,15 @@ module Aws::SecurityHub
|
|
|
323
323
|
# @option options [String] :retry_mode ("legacy")
|
|
324
324
|
# Specifies which retry algorithm to use. Values are:
|
|
325
325
|
#
|
|
326
|
-
# * `legacy` - The pre-existing retry behavior.
|
|
327
|
-
# no retry mode is provided.
|
|
326
|
+
# * `legacy` - The pre-existing retry behavior. This is the default
|
|
327
|
+
# value if no retry mode is provided.
|
|
328
328
|
#
|
|
329
329
|
# * `standard` - A standardized set of retry rules across the AWS SDKs.
|
|
330
330
|
# This includes support for retry quotas, which limit the number of
|
|
331
331
|
# unsuccessful retries a client can make.
|
|
332
332
|
#
|
|
333
|
-
# * `adaptive` -
|
|
334
|
-
#
|
|
335
|
-
# throttling. This is a provisional mode that may change behavior
|
|
336
|
-
# in the future.
|
|
333
|
+
# * `adaptive` - A retry mode that includes all the functionality of
|
|
334
|
+
# `standard` mode along with automatic client side throttling.
|
|
337
335
|
#
|
|
338
336
|
# @option options [String] :sdk_ua_app_id
|
|
339
337
|
# A unique and opaque application ID that is appended to the
|
|
@@ -701,7 +699,8 @@ module Aws::SecurityHub
|
|
|
701
699
|
# resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
|
|
702
700
|
# resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
|
|
703
701
|
# resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
|
|
704
|
-
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
|
|
702
|
+
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
|
|
703
|
+
# resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
|
|
705
704
|
#
|
|
706
705
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDisableStandards AWS API Documentation
|
|
707
706
|
#
|
|
@@ -778,7 +777,8 @@ module Aws::SecurityHub
|
|
|
778
777
|
# resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
|
|
779
778
|
# resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
|
|
780
779
|
# resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
|
|
781
|
-
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
|
|
780
|
+
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
|
|
781
|
+
# resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
|
|
782
782
|
#
|
|
783
783
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchEnableStandards AWS API Documentation
|
|
784
784
|
#
|
|
@@ -1047,6 +1047,15 @@ module Aws::SecurityHub
|
|
|
1047
1047
|
# resp.rules[0].criteria.aws_account_name #=> Array
|
|
1048
1048
|
# resp.rules[0].criteria.aws_account_name[0].value #=> String
|
|
1049
1049
|
# resp.rules[0].criteria.aws_account_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
1050
|
+
# resp.rules[0].criteria.resource_provider #=> Array
|
|
1051
|
+
# resp.rules[0].criteria.resource_provider[0].value #=> String
|
|
1052
|
+
# resp.rules[0].criteria.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
1053
|
+
# resp.rules[0].criteria.resource_owner_account_id #=> Array
|
|
1054
|
+
# resp.rules[0].criteria.resource_owner_account_id[0].value #=> String
|
|
1055
|
+
# resp.rules[0].criteria.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
1056
|
+
# resp.rules[0].criteria.resource_owner_org_id #=> Array
|
|
1057
|
+
# resp.rules[0].criteria.resource_owner_org_id[0].value #=> String
|
|
1058
|
+
# resp.rules[0].criteria.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
1050
1059
|
# resp.rules[0].actions #=> Array
|
|
1051
1060
|
# resp.rules[0].actions[0].type #=> String, one of "FINDING_FIELDS_UPDATE"
|
|
1052
1061
|
# resp.rules[0].actions[0].finding_fields_update.note.text #=> String
|
|
@@ -1284,6 +1293,7 @@ module Aws::SecurityHub
|
|
|
1284
1293
|
# resp.security_controls[0].parameters["NonEmptyString"].value.enum_list #=> Array
|
|
1285
1294
|
# resp.security_controls[0].parameters["NonEmptyString"].value.enum_list[0] #=> String
|
|
1286
1295
|
# resp.security_controls[0].last_update_reason #=> String
|
|
1296
|
+
# resp.security_controls[0].provider #=> String, one of "AWS", "Azure"
|
|
1287
1297
|
# resp.unprocessed_ids #=> Array
|
|
1288
1298
|
# resp.unprocessed_ids[0].security_control_id #=> String
|
|
1289
1299
|
# resp.unprocessed_ids[0].error_code #=> String, one of "INVALID_INPUT", "ACCESS_DENIED", "NOT_FOUND", "RESOURCE_NOT_FOUND", "LIMIT_EXCEEDED"
|
|
@@ -1852,6 +1862,24 @@ module Aws::SecurityHub
|
|
|
1852
1862
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
1853
1863
|
# },
|
|
1854
1864
|
# ],
|
|
1865
|
+
# resource_provider: [
|
|
1866
|
+
# {
|
|
1867
|
+
# value: "NonEmptyString",
|
|
1868
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
1869
|
+
# },
|
|
1870
|
+
# ],
|
|
1871
|
+
# resource_owner_account_id: [
|
|
1872
|
+
# {
|
|
1873
|
+
# value: "NonEmptyString",
|
|
1874
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
1875
|
+
# },
|
|
1876
|
+
# ],
|
|
1877
|
+
# resource_owner_org_id: [
|
|
1878
|
+
# {
|
|
1879
|
+
# value: "NonEmptyString",
|
|
1880
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
1881
|
+
# },
|
|
1882
|
+
# ],
|
|
1855
1883
|
# },
|
|
1856
1884
|
# actions: [
|
|
1857
1885
|
# {
|
|
@@ -2822,6 +2850,24 @@ module Aws::SecurityHub
|
|
|
2822
2850
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
2823
2851
|
# },
|
|
2824
2852
|
# ],
|
|
2853
|
+
# resource_provider: [
|
|
2854
|
+
# {
|
|
2855
|
+
# value: "NonEmptyString",
|
|
2856
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
2857
|
+
# },
|
|
2858
|
+
# ],
|
|
2859
|
+
# resource_owner_account_id: [
|
|
2860
|
+
# {
|
|
2861
|
+
# value: "NonEmptyString",
|
|
2862
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
2863
|
+
# },
|
|
2864
|
+
# ],
|
|
2865
|
+
# resource_owner_org_id: [
|
|
2866
|
+
# {
|
|
2867
|
+
# value: "NonEmptyString",
|
|
2868
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
2869
|
+
# },
|
|
2870
|
+
# ],
|
|
2825
2871
|
# },
|
|
2826
2872
|
# actions: [ # required
|
|
2827
2873
|
# {
|
|
@@ -2917,7 +2963,7 @@ module Aws::SecurityHub
|
|
|
2917
2963
|
# {
|
|
2918
2964
|
# string_filters: [
|
|
2919
2965
|
# {
|
|
2920
|
-
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
2966
|
+
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
2921
2967
|
# filter: {
|
|
2922
2968
|
# value: "NonEmptyString",
|
|
2923
2969
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -3214,6 +3260,104 @@ module Aws::SecurityHub
|
|
|
3214
3260
|
req.send_request(options)
|
|
3215
3261
|
end
|
|
3216
3262
|
|
|
3263
|
+
# Creates a cloud service provider management (CSPM) connector in
|
|
3264
|
+
# Security Hub CSPM. A connector establishes a connection between
|
|
3265
|
+
# Security Hub CSPM and a third-party cloud provider, enabling Security
|
|
3266
|
+
# Hub CSPM to ingest security findings and resource data from the
|
|
3267
|
+
# connected environment.
|
|
3268
|
+
#
|
|
3269
|
+
# @option params [required, String] :name
|
|
3270
|
+
# The name of the connector. Must be unique within the account.
|
|
3271
|
+
#
|
|
3272
|
+
# @option params [String] :description
|
|
3273
|
+
# The description of the connector.
|
|
3274
|
+
#
|
|
3275
|
+
# @option params [required, Types::CspmProviderConfiguration] :provider
|
|
3276
|
+
# The configuration for the cloud provider to connect to. Currently
|
|
3277
|
+
# supports Azure.
|
|
3278
|
+
#
|
|
3279
|
+
# @option params [Hash<String,String>] :tags
|
|
3280
|
+
# The tags to add to the connector resource.
|
|
3281
|
+
#
|
|
3282
|
+
# @option params [String] :client_token
|
|
3283
|
+
# A unique identifier used to ensure idempotency of the request.
|
|
3284
|
+
#
|
|
3285
|
+
# **A suitable default value is auto-generated.** You should normally
|
|
3286
|
+
# not need to pass this option.**
|
|
3287
|
+
#
|
|
3288
|
+
# @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3289
|
+
#
|
|
3290
|
+
# * {Types::CreateConnectorResponse#connector_arn #connector_arn} => String
|
|
3291
|
+
# * {Types::CreateConnectorResponse#connector_id #connector_id} => String
|
|
3292
|
+
# * {Types::CreateConnectorResponse#connector_status #connector_status} => String
|
|
3293
|
+
# * {Types::CreateConnectorResponse#enablement_status #enablement_status} => String
|
|
3294
|
+
#
|
|
3295
|
+
#
|
|
3296
|
+
# @example Example: To create a CSPM connector
|
|
3297
|
+
#
|
|
3298
|
+
# # This operation creates a CSPM connector to connect Security Hub to an Azure environment.
|
|
3299
|
+
#
|
|
3300
|
+
# resp = client.create_connector({
|
|
3301
|
+
# description: "Connector for Azure tenant monitoring",
|
|
3302
|
+
# name: "MyAzureConnector",
|
|
3303
|
+
# provider: {
|
|
3304
|
+
# azure: {
|
|
3305
|
+
# aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
|
|
3306
|
+
# azure_regions: [
|
|
3307
|
+
# "eastus",
|
|
3308
|
+
# "westus2",
|
|
3309
|
+
# ],
|
|
3310
|
+
# scope_configuration: {
|
|
3311
|
+
# scope_type: "TENANT",
|
|
3312
|
+
# },
|
|
3313
|
+
# },
|
|
3314
|
+
# },
|
|
3315
|
+
# })
|
|
3316
|
+
#
|
|
3317
|
+
# resp.to_h outputs the following:
|
|
3318
|
+
# {
|
|
3319
|
+
# connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
3320
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
3321
|
+
# enablement_status: "PENDING_ENABLEMENT",
|
|
3322
|
+
# }
|
|
3323
|
+
#
|
|
3324
|
+
# @example Request syntax with placeholder values
|
|
3325
|
+
#
|
|
3326
|
+
# resp = client.create_connector({
|
|
3327
|
+
# name: "NonEmptyString", # required
|
|
3328
|
+
# description: "NonEmptyString",
|
|
3329
|
+
# provider: { # required
|
|
3330
|
+
# azure: {
|
|
3331
|
+
# aws_config_connector_arn: "NonEmptyString", # required
|
|
3332
|
+
# scope_configuration: { # required
|
|
3333
|
+
# scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
|
|
3334
|
+
# scope_values: ["NonEmptyString"],
|
|
3335
|
+
# },
|
|
3336
|
+
# azure_regions: ["NonEmptyString"], # required
|
|
3337
|
+
# },
|
|
3338
|
+
# },
|
|
3339
|
+
# tags: {
|
|
3340
|
+
# "TagKey" => "TagValue",
|
|
3341
|
+
# },
|
|
3342
|
+
# client_token: "ClientToken",
|
|
3343
|
+
# })
|
|
3344
|
+
#
|
|
3345
|
+
# @example Response structure
|
|
3346
|
+
#
|
|
3347
|
+
# resp.connector_arn #=> String
|
|
3348
|
+
# resp.connector_id #=> String
|
|
3349
|
+
# resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
|
|
3350
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
|
|
3351
|
+
#
|
|
3352
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnector AWS API Documentation
|
|
3353
|
+
#
|
|
3354
|
+
# @overload create_connector(params = {})
|
|
3355
|
+
# @param [Hash] params ({})
|
|
3356
|
+
def create_connector(params = {}, options = {})
|
|
3357
|
+
req = build_request(:create_connector, params)
|
|
3358
|
+
req.send_request(options)
|
|
3359
|
+
end
|
|
3360
|
+
|
|
3217
3361
|
# Grants permission to create a connectorV2 based on input parameters.
|
|
3218
3362
|
#
|
|
3219
3363
|
# @option params [required, String] :name
|
|
@@ -3244,6 +3388,7 @@ module Aws::SecurityHub
|
|
|
3244
3388
|
# * {Types::CreateConnectorV2Response#connector_id #connector_id} => String
|
|
3245
3389
|
# * {Types::CreateConnectorV2Response#auth_url #auth_url} => String
|
|
3246
3390
|
# * {Types::CreateConnectorV2Response#connector_status #connector_status} => String
|
|
3391
|
+
# * {Types::CreateConnectorV2Response#enablement_status #enablement_status} => String
|
|
3247
3392
|
#
|
|
3248
3393
|
# @example Request syntax with placeholder values
|
|
3249
3394
|
#
|
|
@@ -3258,6 +3403,14 @@ module Aws::SecurityHub
|
|
|
3258
3403
|
# instance_name: "NonEmptyString", # required
|
|
3259
3404
|
# secret_arn: "NonEmptyString", # required
|
|
3260
3405
|
# },
|
|
3406
|
+
# azure: {
|
|
3407
|
+
# aws_config_connector_arn: "NonEmptyString", # required
|
|
3408
|
+
# scope_configuration: { # required
|
|
3409
|
+
# scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
|
|
3410
|
+
# scope_values: ["NonEmptyString"],
|
|
3411
|
+
# },
|
|
3412
|
+
# azure_regions: ["NonEmptyString"], # required
|
|
3413
|
+
# },
|
|
3261
3414
|
# },
|
|
3262
3415
|
# kms_key_arn: "NonEmptyString",
|
|
3263
3416
|
# tags: {
|
|
@@ -3271,7 +3424,8 @@ module Aws::SecurityHub
|
|
|
3271
3424
|
# resp.connector_arn #=> String
|
|
3272
3425
|
# resp.connector_id #=> String
|
|
3273
3426
|
# resp.auth_url #=> String
|
|
3274
|
-
# resp.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "
|
|
3427
|
+
# resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
|
|
3428
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
|
|
3275
3429
|
#
|
|
3276
3430
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorV2 AWS API Documentation
|
|
3277
3431
|
#
|
|
@@ -4158,6 +4312,24 @@ module Aws::SecurityHub
|
|
|
4158
4312
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
4159
4313
|
# },
|
|
4160
4314
|
# ],
|
|
4315
|
+
# resource_owner_account_id: [
|
|
4316
|
+
# {
|
|
4317
|
+
# value: "NonEmptyString",
|
|
4318
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
4319
|
+
# },
|
|
4320
|
+
# ],
|
|
4321
|
+
# resource_owner_org_id: [
|
|
4322
|
+
# {
|
|
4323
|
+
# value: "NonEmptyString",
|
|
4324
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
4325
|
+
# },
|
|
4326
|
+
# ],
|
|
4327
|
+
# resource_provider: [
|
|
4328
|
+
# {
|
|
4329
|
+
# value: "NonEmptyString",
|
|
4330
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
4331
|
+
# },
|
|
4332
|
+
# ],
|
|
4161
4333
|
# },
|
|
4162
4334
|
# group_by_attribute: "NonEmptyString", # required
|
|
4163
4335
|
# })
|
|
@@ -4526,12 +4698,58 @@ module Aws::SecurityHub
|
|
|
4526
4698
|
req.send_request(options)
|
|
4527
4699
|
end
|
|
4528
4700
|
|
|
4701
|
+
# Deletes a CSPM connector. When you delete a connector, Security Hub
|
|
4702
|
+
# CSPM stops ingesting findings and resource data from the connected
|
|
4703
|
+
# cloud provider environment.
|
|
4704
|
+
#
|
|
4705
|
+
# @option params [required, String] :connector_id
|
|
4706
|
+
# The unique identifier of the connector to delete.
|
|
4707
|
+
#
|
|
4708
|
+
# @return [Types::DeleteConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
4709
|
+
#
|
|
4710
|
+
# * {Types::DeleteConnectorResponse#enablement_status #enablement_status} => String
|
|
4711
|
+
#
|
|
4712
|
+
#
|
|
4713
|
+
# @example Example: To delete a CSPM connector
|
|
4714
|
+
#
|
|
4715
|
+
# # This operation deletes a CSPM connector.
|
|
4716
|
+
#
|
|
4717
|
+
# resp = client.delete_connector({
|
|
4718
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
4719
|
+
# })
|
|
4720
|
+
#
|
|
4721
|
+
# resp.to_h outputs the following:
|
|
4722
|
+
# {
|
|
4723
|
+
# enablement_status: "PENDING_DELETION",
|
|
4724
|
+
# }
|
|
4725
|
+
#
|
|
4726
|
+
# @example Request syntax with placeholder values
|
|
4727
|
+
#
|
|
4728
|
+
# resp = client.delete_connector({
|
|
4729
|
+
# connector_id: "NonEmptyString", # required
|
|
4730
|
+
# })
|
|
4731
|
+
#
|
|
4732
|
+
# @example Response structure
|
|
4733
|
+
#
|
|
4734
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
|
|
4735
|
+
#
|
|
4736
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnector AWS API Documentation
|
|
4737
|
+
#
|
|
4738
|
+
# @overload delete_connector(params = {})
|
|
4739
|
+
# @param [Hash] params ({})
|
|
4740
|
+
def delete_connector(params = {}, options = {})
|
|
4741
|
+
req = build_request(:delete_connector, params)
|
|
4742
|
+
req.send_request(options)
|
|
4743
|
+
end
|
|
4744
|
+
|
|
4529
4745
|
# Grants permission to delete a connectorV2.
|
|
4530
4746
|
#
|
|
4531
4747
|
# @option params [required, String] :connector_id
|
|
4532
4748
|
# The UUID of the connectorV2 to identify connectorV2 resource.
|
|
4533
4749
|
#
|
|
4534
|
-
# @return [
|
|
4750
|
+
# @return [Types::DeleteConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
4751
|
+
#
|
|
4752
|
+
# * {Types::DeleteConnectorV2Response#enablement_status #enablement_status} => String
|
|
4535
4753
|
#
|
|
4536
4754
|
# @example Request syntax with placeholder values
|
|
4537
4755
|
#
|
|
@@ -4539,6 +4757,10 @@ module Aws::SecurityHub
|
|
|
4539
4757
|
# connector_id: "NonEmptyString", # required
|
|
4540
4758
|
# })
|
|
4541
4759
|
#
|
|
4760
|
+
# @example Response structure
|
|
4761
|
+
#
|
|
4762
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
|
|
4763
|
+
#
|
|
4542
4764
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorV2 AWS API Documentation
|
|
4543
4765
|
#
|
|
4544
4766
|
# @overload delete_connector_v2(params = {})
|
|
@@ -5087,11 +5309,15 @@ module Aws::SecurityHub
|
|
|
5087
5309
|
#
|
|
5088
5310
|
# * {Types::DescribeSecurityHubV2Response#hub_v2_arn #hub_v2_arn} => String
|
|
5089
5311
|
# * {Types::DescribeSecurityHubV2Response#subscribed_at #subscribed_at} => String
|
|
5312
|
+
# * {Types::DescribeSecurityHubV2Response#features #features} => Hash<String,Types::FeatureDetail>
|
|
5090
5313
|
#
|
|
5091
5314
|
# @example Response structure
|
|
5092
5315
|
#
|
|
5093
5316
|
# resp.hub_v2_arn #=> String
|
|
5094
5317
|
# resp.subscribed_at #=> String
|
|
5318
|
+
# resp.features #=> Hash
|
|
5319
|
+
# resp.features["FeatureNameKey"].feature_status #=> String, one of "ENABLED", "DISABLED"
|
|
5320
|
+
# resp.features["FeatureNameKey"].updated_at #=> Time
|
|
5095
5321
|
#
|
|
5096
5322
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeSecurityHubV2 AWS API Documentation
|
|
5097
5323
|
#
|
|
@@ -5119,6 +5345,11 @@ module Aws::SecurityHub
|
|
|
5119
5345
|
# @option params [Integer] :max_results
|
|
5120
5346
|
# The maximum number of standards to return.
|
|
5121
5347
|
#
|
|
5348
|
+
# @option params [Array<String>] :providers
|
|
5349
|
+
# A list of cloud providers to filter the standards by. For example,
|
|
5350
|
+
# specify `Azure` to return only standards that evaluate Azure
|
|
5351
|
+
# resources.
|
|
5352
|
+
#
|
|
5122
5353
|
# @return [Types::DescribeStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
5123
5354
|
#
|
|
5124
5355
|
# * {Types::DescribeStandardsResponse#standards #standards} => Array<Types::Standard>
|
|
@@ -5169,6 +5400,7 @@ module Aws::SecurityHub
|
|
|
5169
5400
|
# resp = client.describe_standards({
|
|
5170
5401
|
# next_token: "NextToken",
|
|
5171
5402
|
# max_results: 1,
|
|
5403
|
+
# providers: ["AWS"], # accepts AWS, Azure
|
|
5172
5404
|
# })
|
|
5173
5405
|
#
|
|
5174
5406
|
# @example Response structure
|
|
@@ -5178,6 +5410,7 @@ module Aws::SecurityHub
|
|
|
5178
5410
|
# resp.standards[0].name #=> String
|
|
5179
5411
|
# resp.standards[0].description #=> String
|
|
5180
5412
|
# resp.standards[0].enabled_by_default #=> Boolean
|
|
5413
|
+
# resp.standards[0].provider #=> String, one of "AWS", "Azure"
|
|
5181
5414
|
# resp.standards[0].standards_managed_by.company #=> String
|
|
5182
5415
|
# resp.standards[0].standards_managed_by.product #=> String
|
|
5183
5416
|
# resp.next_token #=> String
|
|
@@ -5411,8 +5644,35 @@ module Aws::SecurityHub
|
|
|
5411
5644
|
req.send_request(options)
|
|
5412
5645
|
end
|
|
5413
5646
|
|
|
5647
|
+
# Disables an opt-in feature for the calling account in the current
|
|
5648
|
+
# Amazon Web Services Region. The operation is idempotent. If the
|
|
5649
|
+
# feature is already disabled, no changes are made. You cannot disable a
|
|
5650
|
+
# feature that is managed by an organization policy.
|
|
5651
|
+
#
|
|
5652
|
+
# @option params [required, String] :feature_name
|
|
5653
|
+
# The name of the feature to disable.
|
|
5654
|
+
#
|
|
5655
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
5656
|
+
#
|
|
5657
|
+
# @example Request syntax with placeholder values
|
|
5658
|
+
#
|
|
5659
|
+
# resp = client.disable_security_hub_feature_v2({
|
|
5660
|
+
# feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
|
|
5661
|
+
# })
|
|
5662
|
+
#
|
|
5663
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubFeatureV2 AWS API Documentation
|
|
5664
|
+
#
|
|
5665
|
+
# @overload disable_security_hub_feature_v2(params = {})
|
|
5666
|
+
# @param [Hash] params ({})
|
|
5667
|
+
def disable_security_hub_feature_v2(params = {}, options = {})
|
|
5668
|
+
req = build_request(:disable_security_hub_feature_v2, params)
|
|
5669
|
+
req.send_request(options)
|
|
5670
|
+
end
|
|
5671
|
+
|
|
5414
5672
|
# Disable the service for the current Amazon Web Services Region or
|
|
5415
|
-
# specified Amazon Web Services Region.
|
|
5673
|
+
# specified Amazon Web Services Region. Disabling the service also
|
|
5674
|
+
# disables all opt-in features that are currently enabled in that
|
|
5675
|
+
# Region.
|
|
5416
5676
|
#
|
|
5417
5677
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
5418
5678
|
#
|
|
@@ -5709,6 +5969,32 @@ module Aws::SecurityHub
|
|
|
5709
5969
|
req.send_request(options)
|
|
5710
5970
|
end
|
|
5711
5971
|
|
|
5972
|
+
# Enables an opt-in feature for the calling account in the current
|
|
5973
|
+
# Amazon Web Services Region. The service must be enabled before you can
|
|
5974
|
+
# enable a feature. The operation is idempotent. If the feature is
|
|
5975
|
+
# already enabled, no changes are made. You cannot enable a feature that
|
|
5976
|
+
# is managed by an organization policy.
|
|
5977
|
+
#
|
|
5978
|
+
# @option params [required, String] :feature_name
|
|
5979
|
+
# The name of the feature to enable.
|
|
5980
|
+
#
|
|
5981
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
5982
|
+
#
|
|
5983
|
+
# @example Request syntax with placeholder values
|
|
5984
|
+
#
|
|
5985
|
+
# resp = client.enable_security_hub_feature_v2({
|
|
5986
|
+
# feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
|
|
5987
|
+
# })
|
|
5988
|
+
#
|
|
5989
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubFeatureV2 AWS API Documentation
|
|
5990
|
+
#
|
|
5991
|
+
# @overload enable_security_hub_feature_v2(params = {})
|
|
5992
|
+
# @param [Hash] params ({})
|
|
5993
|
+
def enable_security_hub_feature_v2(params = {}, options = {})
|
|
5994
|
+
req = build_request(:enable_security_hub_feature_v2, params)
|
|
5995
|
+
req.send_request(options)
|
|
5996
|
+
end
|
|
5997
|
+
|
|
5712
5998
|
# Enables the service in account for the current Amazon Web Services
|
|
5713
5999
|
# Region or specified Amazon Web Services Region.
|
|
5714
6000
|
#
|
|
@@ -5878,7 +6164,7 @@ module Aws::SecurityHub
|
|
|
5878
6164
|
# resp.description #=> String
|
|
5879
6165
|
# resp.criteria.ocsf_finding_criteria.composite_filters #=> Array
|
|
5880
6166
|
# resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters #=> Array
|
|
5881
|
-
# resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
|
|
6167
|
+
# resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.name", "resources.owner.account.uid", "resources.owner.org.uid", "resources.owner.account.name", "resources.provider", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
|
|
5882
6168
|
# resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.value #=> String
|
|
5883
6169
|
# resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
5884
6170
|
# resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters #=> Array
|
|
@@ -6109,6 +6395,98 @@ module Aws::SecurityHub
|
|
|
6109
6395
|
req.send_request(options)
|
|
6110
6396
|
end
|
|
6111
6397
|
|
|
6398
|
+
# Retrieves details for a CSPM connector based on the connector ID.
|
|
6399
|
+
#
|
|
6400
|
+
# @option params [required, String] :connector_id
|
|
6401
|
+
# The unique identifier of the connector to retrieve.
|
|
6402
|
+
#
|
|
6403
|
+
# @return [Types::GetConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6404
|
+
#
|
|
6405
|
+
# * {Types::GetConnectorResponse#connector_arn #connector_arn} => String
|
|
6406
|
+
# * {Types::GetConnectorResponse#connector_id #connector_id} => String
|
|
6407
|
+
# * {Types::GetConnectorResponse#name #name} => String
|
|
6408
|
+
# * {Types::GetConnectorResponse#description #description} => String
|
|
6409
|
+
# * {Types::GetConnectorResponse#created_at #created_at} => Time
|
|
6410
|
+
# * {Types::GetConnectorResponse#last_updated_at #last_updated_at} => Time
|
|
6411
|
+
# * {Types::GetConnectorResponse#health #health} => Types::CspmHealthCheck
|
|
6412
|
+
# * {Types::GetConnectorResponse#provider_detail #provider_detail} => Types::CspmProviderDetail
|
|
6413
|
+
# * {Types::GetConnectorResponse#created_by #created_by} => String
|
|
6414
|
+
# * {Types::GetConnectorResponse#enablement_status #enablement_status} => String
|
|
6415
|
+
#
|
|
6416
|
+
#
|
|
6417
|
+
# @example Example: To get details of a CSPM connector
|
|
6418
|
+
#
|
|
6419
|
+
# # This operation retrieves details for a CSPM connector.
|
|
6420
|
+
#
|
|
6421
|
+
# resp = client.get_connector({
|
|
6422
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
6423
|
+
# })
|
|
6424
|
+
#
|
|
6425
|
+
# resp.to_h outputs the following:
|
|
6426
|
+
# {
|
|
6427
|
+
# connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
6428
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
6429
|
+
# created_at: Time.parse("2026-01-15T10:30:00.000Z"),
|
|
6430
|
+
# created_by: "securityhub.amazonaws.com",
|
|
6431
|
+
# description: "Connector for Azure tenant monitoring",
|
|
6432
|
+
# health: {
|
|
6433
|
+
# connector_status: "CONNECTED",
|
|
6434
|
+
# last_checked_at: Time.parse("2026-05-20T14:00:00.000Z"),
|
|
6435
|
+
# },
|
|
6436
|
+
# last_updated_at: Time.parse("2026-05-20T14:00:00.000Z"),
|
|
6437
|
+
# name: "MyAzureConnector",
|
|
6438
|
+
# provider_detail: {
|
|
6439
|
+
# azure: {
|
|
6440
|
+
# aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
|
|
6441
|
+
# azure_regions: [
|
|
6442
|
+
# "eastus",
|
|
6443
|
+
# "westus2",
|
|
6444
|
+
# ],
|
|
6445
|
+
# scope_configuration: {
|
|
6446
|
+
# scope_type: "TENANT",
|
|
6447
|
+
# },
|
|
6448
|
+
# },
|
|
6449
|
+
# },
|
|
6450
|
+
# }
|
|
6451
|
+
#
|
|
6452
|
+
# @example Request syntax with placeholder values
|
|
6453
|
+
#
|
|
6454
|
+
# resp = client.get_connector({
|
|
6455
|
+
# connector_id: "NonEmptyString", # required
|
|
6456
|
+
# })
|
|
6457
|
+
#
|
|
6458
|
+
# @example Response structure
|
|
6459
|
+
#
|
|
6460
|
+
# resp.connector_arn #=> String
|
|
6461
|
+
# resp.connector_id #=> String
|
|
6462
|
+
# resp.name #=> String
|
|
6463
|
+
# resp.description #=> String
|
|
6464
|
+
# resp.created_at #=> Time
|
|
6465
|
+
# resp.last_updated_at #=> Time
|
|
6466
|
+
# resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
|
|
6467
|
+
# resp.health.message #=> String
|
|
6468
|
+
# resp.health.last_checked_at #=> Time
|
|
6469
|
+
# resp.health.issues #=> Array
|
|
6470
|
+
# resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
|
|
6471
|
+
# resp.health.issues[0].message #=> String
|
|
6472
|
+
# resp.provider_detail.azure.aws_config_connector_arn #=> String
|
|
6473
|
+
# resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
|
|
6474
|
+
# resp.provider_detail.azure.scope_configuration.scope_values #=> Array
|
|
6475
|
+
# resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
|
|
6476
|
+
# resp.provider_detail.azure.azure_regions #=> Array
|
|
6477
|
+
# resp.provider_detail.azure.azure_regions[0] #=> String
|
|
6478
|
+
# resp.created_by #=> String
|
|
6479
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
|
|
6480
|
+
#
|
|
6481
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnector AWS API Documentation
|
|
6482
|
+
#
|
|
6483
|
+
# @overload get_connector(params = {})
|
|
6484
|
+
# @param [Hash] params ({})
|
|
6485
|
+
def get_connector(params = {}, options = {})
|
|
6486
|
+
req = build_request(:get_connector, params)
|
|
6487
|
+
req.send_request(options)
|
|
6488
|
+
end
|
|
6489
|
+
|
|
6112
6490
|
# Grants permission to retrieve details for a connectorV2 based on
|
|
6113
6491
|
# connector id.
|
|
6114
6492
|
#
|
|
@@ -6126,6 +6504,8 @@ module Aws::SecurityHub
|
|
|
6126
6504
|
# * {Types::GetConnectorV2Response#last_updated_at #last_updated_at} => Time
|
|
6127
6505
|
# * {Types::GetConnectorV2Response#health #health} => Types::HealthCheck
|
|
6128
6506
|
# * {Types::GetConnectorV2Response#provider_detail #provider_detail} => Types::ProviderDetail
|
|
6507
|
+
# * {Types::GetConnectorV2Response#enablement_status #enablement_status} => String
|
|
6508
|
+
# * {Types::GetConnectorV2Response#enablement_status_reason #enablement_status_reason} => String
|
|
6129
6509
|
#
|
|
6130
6510
|
# @example Request syntax with placeholder values
|
|
6131
6511
|
#
|
|
@@ -6142,9 +6522,12 @@ module Aws::SecurityHub
|
|
|
6142
6522
|
# resp.kms_key_arn #=> String
|
|
6143
6523
|
# resp.created_at #=> Time
|
|
6144
6524
|
# resp.last_updated_at #=> Time
|
|
6145
|
-
# resp.health.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "
|
|
6525
|
+
# resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
|
|
6146
6526
|
# resp.health.message #=> String
|
|
6147
6527
|
# resp.health.last_checked_at #=> Time
|
|
6528
|
+
# resp.health.issues #=> Array
|
|
6529
|
+
# resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
|
|
6530
|
+
# resp.health.issues[0].message #=> String
|
|
6148
6531
|
# resp.provider_detail.jira_cloud.cloud_id #=> String
|
|
6149
6532
|
# resp.provider_detail.jira_cloud.project_key #=> String
|
|
6150
6533
|
# resp.provider_detail.jira_cloud.domain #=> String
|
|
@@ -6153,6 +6536,14 @@ module Aws::SecurityHub
|
|
|
6153
6536
|
# resp.provider_detail.service_now.instance_name #=> String
|
|
6154
6537
|
# resp.provider_detail.service_now.secret_arn #=> String
|
|
6155
6538
|
# resp.provider_detail.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
|
|
6539
|
+
# resp.provider_detail.azure.aws_config_connector_arn #=> String
|
|
6540
|
+
# resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
|
|
6541
|
+
# resp.provider_detail.azure.scope_configuration.scope_values #=> Array
|
|
6542
|
+
# resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
|
|
6543
|
+
# resp.provider_detail.azure.azure_regions #=> Array
|
|
6544
|
+
# resp.provider_detail.azure.azure_regions[0] #=> String
|
|
6545
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
|
|
6546
|
+
# resp.enablement_status_reason #=> String
|
|
6156
6547
|
#
|
|
6157
6548
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorV2 AWS API Documentation
|
|
6158
6549
|
#
|
|
@@ -6181,6 +6572,11 @@ module Aws::SecurityHub
|
|
|
6181
6572
|
# @option params [Integer] :max_results
|
|
6182
6573
|
# The maximum number of results to return in the response.
|
|
6183
6574
|
#
|
|
6575
|
+
# @option params [Array<String>] :providers
|
|
6576
|
+
# A list of cloud providers to filter the enabled standards by. For
|
|
6577
|
+
# example, specify `Azure` to return only enabled standards that
|
|
6578
|
+
# evaluate Azure resources.
|
|
6579
|
+
#
|
|
6184
6580
|
# @return [Types::GetEnabledStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6185
6581
|
#
|
|
6186
6582
|
# * {Types::GetEnabledStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
|
|
@@ -6218,6 +6614,7 @@ module Aws::SecurityHub
|
|
|
6218
6614
|
# standards_subscription_arns: ["NonEmptyString"],
|
|
6219
6615
|
# next_token: "NextToken",
|
|
6220
6616
|
# max_results: 1,
|
|
6617
|
+
# providers: ["AWS"], # accepts AWS, Azure
|
|
6221
6618
|
# })
|
|
6222
6619
|
#
|
|
6223
6620
|
# @example Response structure
|
|
@@ -6229,7 +6626,8 @@ module Aws::SecurityHub
|
|
|
6229
6626
|
# resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
|
|
6230
6627
|
# resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
|
|
6231
6628
|
# resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
|
|
6232
|
-
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
|
|
6629
|
+
# resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
|
|
6630
|
+
# resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
|
|
6233
6631
|
# resp.next_token #=> String
|
|
6234
6632
|
#
|
|
6235
6633
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetEnabledStandards AWS API Documentation
|
|
@@ -6518,7 +6916,7 @@ module Aws::SecurityHub
|
|
|
6518
6916
|
# {
|
|
6519
6917
|
# string_filters: [
|
|
6520
6918
|
# {
|
|
6521
|
-
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
6919
|
+
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
6522
6920
|
# filter: {
|
|
6523
6921
|
# value: "NonEmptyString",
|
|
6524
6922
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -6585,7 +6983,7 @@ module Aws::SecurityHub
|
|
|
6585
6983
|
# ],
|
|
6586
6984
|
# composite_operator: "AND", # accepts AND, OR
|
|
6587
6985
|
# },
|
|
6588
|
-
# group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
|
|
6986
|
+
# group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
|
|
6589
6987
|
# },
|
|
6590
6988
|
# ],
|
|
6591
6989
|
# scopes: {
|
|
@@ -7473,6 +7871,24 @@ module Aws::SecurityHub
|
|
|
7473
7871
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
7474
7872
|
# },
|
|
7475
7873
|
# ],
|
|
7874
|
+
# resource_owner_account_id: [
|
|
7875
|
+
# {
|
|
7876
|
+
# value: "NonEmptyString",
|
|
7877
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
7878
|
+
# },
|
|
7879
|
+
# ],
|
|
7880
|
+
# resource_owner_org_id: [
|
|
7881
|
+
# {
|
|
7882
|
+
# value: "NonEmptyString",
|
|
7883
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
7884
|
+
# },
|
|
7885
|
+
# ],
|
|
7886
|
+
# resource_provider: [
|
|
7887
|
+
# {
|
|
7888
|
+
# value: "NonEmptyString",
|
|
7889
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
7890
|
+
# },
|
|
7891
|
+
# ],
|
|
7476
7892
|
# },
|
|
7477
7893
|
# sort_criteria: [
|
|
7478
7894
|
# {
|
|
@@ -7532,7 +7948,7 @@ module Aws::SecurityHub
|
|
|
7532
7948
|
# {
|
|
7533
7949
|
# string_filters: [
|
|
7534
7950
|
# {
|
|
7535
|
-
# field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name
|
|
7951
|
+
# field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name, resource_cloud_providers, resource_regions, resource_owner_ids, resource_owner_organization_ids
|
|
7536
7952
|
# filter: {
|
|
7537
7953
|
# value: "NonEmptyString",
|
|
7538
7954
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -7641,7 +8057,7 @@ module Aws::SecurityHub
|
|
|
7641
8057
|
# {
|
|
7642
8058
|
# string_filters: [
|
|
7643
8059
|
# {
|
|
7644
|
-
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
8060
|
+
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
7645
8061
|
# filter: {
|
|
7646
8062
|
# value: "NonEmptyString",
|
|
7647
8063
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -8245,6 +8661,15 @@ module Aws::SecurityHub
|
|
|
8245
8661
|
# resp.insights[0].filters.resource_application_arn #=> Array
|
|
8246
8662
|
# resp.insights[0].filters.resource_application_arn[0].value #=> String
|
|
8247
8663
|
# resp.insights[0].filters.resource_application_arn[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
8664
|
+
# resp.insights[0].filters.resource_owner_account_id #=> Array
|
|
8665
|
+
# resp.insights[0].filters.resource_owner_account_id[0].value #=> String
|
|
8666
|
+
# resp.insights[0].filters.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
8667
|
+
# resp.insights[0].filters.resource_owner_org_id #=> Array
|
|
8668
|
+
# resp.insights[0].filters.resource_owner_org_id[0].value #=> String
|
|
8669
|
+
# resp.insights[0].filters.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
8670
|
+
# resp.insights[0].filters.resource_provider #=> Array
|
|
8671
|
+
# resp.insights[0].filters.resource_provider[0].value #=> String
|
|
8672
|
+
# resp.insights[0].filters.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
|
|
8248
8673
|
# resp.insights[0].group_by_attribute #=> String
|
|
8249
8674
|
# resp.next_token #=> String
|
|
8250
8675
|
#
|
|
@@ -8529,13 +8954,13 @@ module Aws::SecurityHub
|
|
|
8529
8954
|
# resp = client.get_resources_statistics_v2({
|
|
8530
8955
|
# group_by_rules: [ # required
|
|
8531
8956
|
# {
|
|
8532
|
-
# group_by_field: "AccountId", # required, accepts AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
|
|
8957
|
+
# group_by_field: "AccountId", # required, accepts AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
|
|
8533
8958
|
# filters: {
|
|
8534
8959
|
# composite_filters: [
|
|
8535
8960
|
# {
|
|
8536
8961
|
# string_filters: [
|
|
8537
8962
|
# {
|
|
8538
|
-
# field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
|
|
8963
|
+
# field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
|
|
8539
8964
|
# filter: {
|
|
8540
8965
|
# value: "NonEmptyString",
|
|
8541
8966
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -8656,7 +9081,7 @@ module Aws::SecurityHub
|
|
|
8656
9081
|
# {
|
|
8657
9082
|
# string_filters: [
|
|
8658
9083
|
# {
|
|
8659
|
-
# field_name: "account_id", # accepts account_id, region, resource_type, resource_category
|
|
9084
|
+
# field_name: "account_id", # accepts account_id, region, resource_type, resource_category, resource_cloud_provider, resource_region, resource_owner_id, resource_owner_organization_id
|
|
8660
9085
|
# filter: {
|
|
8661
9086
|
# value: "NonEmptyString",
|
|
8662
9087
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -8751,7 +9176,7 @@ module Aws::SecurityHub
|
|
|
8751
9176
|
# {
|
|
8752
9177
|
# string_filters: [
|
|
8753
9178
|
# {
|
|
8754
|
-
# field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
|
|
9179
|
+
# field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
|
|
8755
9180
|
# filter: {
|
|
8756
9181
|
# value: "NonEmptyString",
|
|
8757
9182
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -8826,8 +9251,14 @@ module Aws::SecurityHub
|
|
|
8826
9251
|
# resp.resources[0].resource_guid #=> String
|
|
8827
9252
|
# resp.resources[0].resource_id #=> String
|
|
8828
9253
|
# resp.resources[0].account_id #=> String
|
|
9254
|
+
# resp.resources[0].account_name #=> String
|
|
8829
9255
|
# resp.resources[0].region #=> String
|
|
8830
|
-
# resp.resources[0].
|
|
9256
|
+
# resp.resources[0].resource_provider #=> String
|
|
9257
|
+
# resp.resources[0].resource_owner_account_id #=> String
|
|
9258
|
+
# resp.resources[0].resource_owner_org_id #=> String
|
|
9259
|
+
# resp.resources[0].resource_cloud_partition #=> String
|
|
9260
|
+
# resp.resources[0].resource_region #=> String
|
|
9261
|
+
# resp.resources[0].resource_category #=> String, one of "Compute", "Database", "Storage", "Code", "AI/ML", "Identity", "Network", "Messaging", "Other"
|
|
8831
9262
|
# resp.resources[0].resource_type #=> String
|
|
8832
9263
|
# resp.resources[0].resource_name #=> String
|
|
8833
9264
|
# resp.resources[0].resource_creation_time_dt #=> String
|
|
@@ -8949,6 +9380,7 @@ module Aws::SecurityHub
|
|
|
8949
9380
|
# resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
|
|
8950
9381
|
# resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
|
|
8951
9382
|
# resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
|
|
9383
|
+
# resp.security_control_definition.provider #=> String, one of "AWS", "Azure"
|
|
8952
9384
|
#
|
|
8953
9385
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinition AWS API Documentation
|
|
8954
9386
|
#
|
|
@@ -9387,6 +9819,92 @@ module Aws::SecurityHub
|
|
|
9387
9819
|
req.send_request(options)
|
|
9388
9820
|
end
|
|
9389
9821
|
|
|
9822
|
+
# Lists the CSPM connectors and their metadata for the calling account.
|
|
9823
|
+
#
|
|
9824
|
+
# @option params [String] :next_token
|
|
9825
|
+
# The pagination token to request the next page of results.
|
|
9826
|
+
#
|
|
9827
|
+
# @option params [Integer] :max_results
|
|
9828
|
+
# The maximum number of results to return.
|
|
9829
|
+
#
|
|
9830
|
+
# @option params [String] :provider_name
|
|
9831
|
+
# The name of the cloud provider to filter connectors by.
|
|
9832
|
+
#
|
|
9833
|
+
# @option params [String] :connector_status
|
|
9834
|
+
# The connectivity status to filter connectors by.
|
|
9835
|
+
#
|
|
9836
|
+
# @option params [String] :enablement_status
|
|
9837
|
+
# The enablement status to filter connectors by.
|
|
9838
|
+
#
|
|
9839
|
+
# @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
9840
|
+
#
|
|
9841
|
+
# * {Types::ListConnectorsResponse#next_token #next_token} => String
|
|
9842
|
+
# * {Types::ListConnectorsResponse#connectors #connectors} => Array<Types::CspmConnectorSummary>
|
|
9843
|
+
#
|
|
9844
|
+
#
|
|
9845
|
+
# @example Example: To list CSPM connectors
|
|
9846
|
+
#
|
|
9847
|
+
# # This operation lists the CSPM connectors for the calling account.
|
|
9848
|
+
#
|
|
9849
|
+
# resp = client.list_connectors({
|
|
9850
|
+
# max_results: 10,
|
|
9851
|
+
# })
|
|
9852
|
+
#
|
|
9853
|
+
# resp.to_h outputs the following:
|
|
9854
|
+
# {
|
|
9855
|
+
# connectors: [
|
|
9856
|
+
# {
|
|
9857
|
+
# connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
9858
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
9859
|
+
# created_at: Time.parse("2026-01-15T10:30:00.000Z"),
|
|
9860
|
+
# name: "MyAzureConnector",
|
|
9861
|
+
# provider_summary: {
|
|
9862
|
+
# connector_status: "CONNECTED",
|
|
9863
|
+
# provider_name: "AZURE",
|
|
9864
|
+
# },
|
|
9865
|
+
# },
|
|
9866
|
+
# ],
|
|
9867
|
+
# }
|
|
9868
|
+
#
|
|
9869
|
+
# @example Request syntax with placeholder values
|
|
9870
|
+
#
|
|
9871
|
+
# resp = client.list_connectors({
|
|
9872
|
+
# next_token: "NextToken",
|
|
9873
|
+
# max_results: 1,
|
|
9874
|
+
# provider_name: "AZURE", # accepts AZURE
|
|
9875
|
+
# connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, UNKNOWN
|
|
9876
|
+
# enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, PENDING_UPDATE, PENDING_DELETION
|
|
9877
|
+
# })
|
|
9878
|
+
#
|
|
9879
|
+
# @example Response structure
|
|
9880
|
+
#
|
|
9881
|
+
# resp.next_token #=> String
|
|
9882
|
+
# resp.connectors #=> Array
|
|
9883
|
+
# resp.connectors[0].connector_arn #=> String
|
|
9884
|
+
# resp.connectors[0].connector_id #=> String
|
|
9885
|
+
# resp.connectors[0].name #=> String
|
|
9886
|
+
# resp.connectors[0].description #=> String
|
|
9887
|
+
# resp.connectors[0].provider_summary.provider_name #=> String, one of "AZURE"
|
|
9888
|
+
# resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
|
|
9889
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
|
|
9890
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
|
|
9891
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
|
|
9892
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
|
|
9893
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
|
|
9894
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
|
|
9895
|
+
# resp.connectors[0].created_at #=> Time
|
|
9896
|
+
# resp.connectors[0].created_by #=> String
|
|
9897
|
+
# resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
|
|
9898
|
+
#
|
|
9899
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectors AWS API Documentation
|
|
9900
|
+
#
|
|
9901
|
+
# @overload list_connectors(params = {})
|
|
9902
|
+
# @param [Hash] params ({})
|
|
9903
|
+
def list_connectors(params = {}, options = {})
|
|
9904
|
+
req = build_request(:list_connectors, params)
|
|
9905
|
+
req.send_request(options)
|
|
9906
|
+
end
|
|
9907
|
+
|
|
9390
9908
|
# Grants permission to retrieve a list of connectorsV2 and their
|
|
9391
9909
|
# metadata for the calling account.
|
|
9392
9910
|
#
|
|
@@ -9402,6 +9920,9 @@ module Aws::SecurityHub
|
|
|
9402
9920
|
# @option params [String] :connector_status
|
|
9403
9921
|
# The status for the connectorV2.
|
|
9404
9922
|
#
|
|
9923
|
+
# @option params [String] :enablement_status
|
|
9924
|
+
# The enablement status to filter connectors by.
|
|
9925
|
+
#
|
|
9405
9926
|
# @return [Types::ListConnectorsV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
9406
9927
|
#
|
|
9407
9928
|
# * {Types::ListConnectorsV2Response#next_token #next_token} => String
|
|
@@ -9412,8 +9933,9 @@ module Aws::SecurityHub
|
|
|
9412
9933
|
# resp = client.list_connectors_v2({
|
|
9413
9934
|
# next_token: "NextToken",
|
|
9414
9935
|
# max_results: 1,
|
|
9415
|
-
# provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW
|
|
9416
|
-
# connector_status: "CONNECTED", # accepts CONNECTED, FAILED_TO_CONNECT, PENDING_CONFIGURATION,
|
|
9936
|
+
# provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW, AZURE
|
|
9937
|
+
# connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, PENDING_AUTHORIZATION, PENDING_CONFIGURATION, UNKNOWN
|
|
9938
|
+
# enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, FAILED_TO_ENABLE, PENDING_UPDATE, FAILED_TO_UPDATE, PENDING_DELETION, FAILED_TO_DELETE
|
|
9417
9939
|
# })
|
|
9418
9940
|
#
|
|
9419
9941
|
# @example Response structure
|
|
@@ -9424,9 +9946,25 @@ module Aws::SecurityHub
|
|
|
9424
9946
|
# resp.connectors[0].connector_id #=> String
|
|
9425
9947
|
# resp.connectors[0].name #=> String
|
|
9426
9948
|
# resp.connectors[0].description #=> String
|
|
9427
|
-
# resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW"
|
|
9428
|
-
# resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "
|
|
9949
|
+
# resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW", "AZURE"
|
|
9950
|
+
# resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
|
|
9951
|
+
# resp.connectors[0].provider_summary.provider_configuration.jira_cloud.cloud_id #=> String
|
|
9952
|
+
# resp.connectors[0].provider_summary.provider_configuration.jira_cloud.project_key #=> String
|
|
9953
|
+
# resp.connectors[0].provider_summary.provider_configuration.jira_cloud.domain #=> String
|
|
9954
|
+
# resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_url #=> String
|
|
9955
|
+
# resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_status #=> String, one of "ACTIVE", "FAILED"
|
|
9956
|
+
# resp.connectors[0].provider_summary.provider_configuration.service_now.instance_name #=> String
|
|
9957
|
+
# resp.connectors[0].provider_summary.provider_configuration.service_now.secret_arn #=> String
|
|
9958
|
+
# resp.connectors[0].provider_summary.provider_configuration.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
|
|
9959
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
|
|
9960
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
|
|
9961
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
|
|
9962
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
|
|
9963
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
|
|
9964
|
+
# resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
|
|
9429
9965
|
# resp.connectors[0].created_at #=> Time
|
|
9966
|
+
# resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
|
|
9967
|
+
# resp.connectors[0].enablement_status_reason #=> String
|
|
9430
9968
|
#
|
|
9431
9969
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsV2 AWS API Documentation
|
|
9432
9970
|
#
|
|
@@ -9824,6 +10362,11 @@ module Aws::SecurityHub
|
|
|
9824
10362
|
# the next 25 controls. This repeats until all controls for the standard
|
|
9825
10363
|
# are returned.
|
|
9826
10364
|
#
|
|
10365
|
+
# @option params [Array<String>] :providers
|
|
10366
|
+
# A list of cloud providers to filter the security control definitions
|
|
10367
|
+
# by. For example, specify `Azure` to return only controls that evaluate
|
|
10368
|
+
# Azure resources.
|
|
10369
|
+
#
|
|
9827
10370
|
# @return [Types::ListSecurityControlDefinitionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
9828
10371
|
#
|
|
9829
10372
|
# * {Types::ListSecurityControlDefinitionsResponse#security_control_definitions #security_control_definitions} => Array<Types::SecurityControlDefinition>
|
|
@@ -9885,6 +10428,7 @@ module Aws::SecurityHub
|
|
|
9885
10428
|
# standards_arn: "NonEmptyString",
|
|
9886
10429
|
# next_token: "NextToken",
|
|
9887
10430
|
# max_results: 1,
|
|
10431
|
+
# providers: ["AWS"], # accepts AWS, Azure
|
|
9888
10432
|
# })
|
|
9889
10433
|
#
|
|
9890
10434
|
# @example Response structure
|
|
@@ -9928,6 +10472,7 @@ module Aws::SecurityHub
|
|
|
9928
10472
|
# resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
|
|
9929
10473
|
# resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
|
|
9930
10474
|
# resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
|
|
10475
|
+
# resp.security_control_definitions[0].provider #=> String, one of "AWS", "Azure"
|
|
9931
10476
|
# resp.next_token #=> String
|
|
9932
10477
|
#
|
|
9933
10478
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListSecurityControlDefinitions AWS API Documentation
|
|
@@ -10471,7 +11016,7 @@ module Aws::SecurityHub
|
|
|
10471
11016
|
# {
|
|
10472
11017
|
# string_filters: [
|
|
10473
11018
|
# {
|
|
10474
|
-
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
11019
|
+
# field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
|
|
10475
11020
|
# filter: {
|
|
10476
11021
|
# value: "NonEmptyString",
|
|
10477
11022
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
@@ -10764,6 +11309,85 @@ module Aws::SecurityHub
|
|
|
10764
11309
|
req.send_request(options)
|
|
10765
11310
|
end
|
|
10766
11311
|
|
|
11312
|
+
# Updates a CSPM connector's configuration, such as the scope or
|
|
11313
|
+
# regions for the connected cloud provider.
|
|
11314
|
+
#
|
|
11315
|
+
# @option params [required, String] :connector_id
|
|
11316
|
+
# The unique identifier of the connector to update.
|
|
11317
|
+
#
|
|
11318
|
+
# @option params [String] :description
|
|
11319
|
+
# The updated description of the connector.
|
|
11320
|
+
#
|
|
11321
|
+
# @option params [Types::CspmProviderUpdateConfiguration] :provider
|
|
11322
|
+
# The updated cloud provider configuration for the connector.
|
|
11323
|
+
#
|
|
11324
|
+
# @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
11325
|
+
#
|
|
11326
|
+
# * {Types::UpdateConnectorResponse#connector_status #connector_status} => String
|
|
11327
|
+
# * {Types::UpdateConnectorResponse#enablement_status #enablement_status} => String
|
|
11328
|
+
#
|
|
11329
|
+
#
|
|
11330
|
+
# @example Example: To update a CSPM connector
|
|
11331
|
+
#
|
|
11332
|
+
# # This operation updates the configuration of a CSPM connector.
|
|
11333
|
+
#
|
|
11334
|
+
# resp = client.update_connector({
|
|
11335
|
+
# connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
|
11336
|
+
# description: "Updated connector description",
|
|
11337
|
+
# provider: {
|
|
11338
|
+
# azure: {
|
|
11339
|
+
# azure_regions: [
|
|
11340
|
+
# "eastus",
|
|
11341
|
+
# "westus2",
|
|
11342
|
+
# "northeurope",
|
|
11343
|
+
# ],
|
|
11344
|
+
# scope_configuration: {
|
|
11345
|
+
# scope_type: "SUBSCRIPTION",
|
|
11346
|
+
# scope_values: [
|
|
11347
|
+
# "sub-1234-5678-abcd",
|
|
11348
|
+
# "sub-9012-3456-efgh",
|
|
11349
|
+
# ],
|
|
11350
|
+
# },
|
|
11351
|
+
# },
|
|
11352
|
+
# },
|
|
11353
|
+
# })
|
|
11354
|
+
#
|
|
11355
|
+
# resp.to_h outputs the following:
|
|
11356
|
+
# {
|
|
11357
|
+
# connector_status: "CONNECTED",
|
|
11358
|
+
# enablement_status: "PENDING_UPDATE",
|
|
11359
|
+
# }
|
|
11360
|
+
#
|
|
11361
|
+
# @example Request syntax with placeholder values
|
|
11362
|
+
#
|
|
11363
|
+
# resp = client.update_connector({
|
|
11364
|
+
# connector_id: "NonEmptyString", # required
|
|
11365
|
+
# description: "NonEmptyString",
|
|
11366
|
+
# provider: {
|
|
11367
|
+
# azure: {
|
|
11368
|
+
# scope_configuration: { # required
|
|
11369
|
+
# scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
|
|
11370
|
+
# scope_values: ["NonEmptyString"],
|
|
11371
|
+
# },
|
|
11372
|
+
# azure_regions: ["NonEmptyString"], # required
|
|
11373
|
+
# },
|
|
11374
|
+
# },
|
|
11375
|
+
# })
|
|
11376
|
+
#
|
|
11377
|
+
# @example Response structure
|
|
11378
|
+
#
|
|
11379
|
+
# resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
|
|
11380
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
|
|
11381
|
+
#
|
|
11382
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnector AWS API Documentation
|
|
11383
|
+
#
|
|
11384
|
+
# @overload update_connector(params = {})
|
|
11385
|
+
# @param [Hash] params ({})
|
|
11386
|
+
def update_connector(params = {}, options = {})
|
|
11387
|
+
req = build_request(:update_connector, params)
|
|
11388
|
+
req.send_request(options)
|
|
11389
|
+
end
|
|
11390
|
+
|
|
10767
11391
|
# Grants permission to update a connectorV2 based on its id and input
|
|
10768
11392
|
# parameters.
|
|
10769
11393
|
#
|
|
@@ -10776,7 +11400,10 @@ module Aws::SecurityHub
|
|
|
10776
11400
|
# @option params [Types::ProviderUpdateConfiguration] :provider
|
|
10777
11401
|
# The third-party provider’s service configuration.
|
|
10778
11402
|
#
|
|
10779
|
-
# @return [
|
|
11403
|
+
# @return [Types::UpdateConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
11404
|
+
#
|
|
11405
|
+
# * {Types::UpdateConnectorV2Response#connector_status #connector_status} => String
|
|
11406
|
+
# * {Types::UpdateConnectorV2Response#enablement_status #enablement_status} => String
|
|
10780
11407
|
#
|
|
10781
11408
|
# @example Request syntax with placeholder values
|
|
10782
11409
|
#
|
|
@@ -10790,9 +11417,21 @@ module Aws::SecurityHub
|
|
|
10790
11417
|
# service_now: {
|
|
10791
11418
|
# secret_arn: "NonEmptyString",
|
|
10792
11419
|
# },
|
|
11420
|
+
# azure: {
|
|
11421
|
+
# scope_configuration: { # required
|
|
11422
|
+
# scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
|
|
11423
|
+
# scope_values: ["NonEmptyString"],
|
|
11424
|
+
# },
|
|
11425
|
+
# azure_regions: ["NonEmptyString"], # required
|
|
11426
|
+
# },
|
|
10793
11427
|
# },
|
|
10794
11428
|
# })
|
|
10795
11429
|
#
|
|
11430
|
+
# @example Response structure
|
|
11431
|
+
#
|
|
11432
|
+
# resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
|
|
11433
|
+
# resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
|
|
11434
|
+
#
|
|
10796
11435
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorV2 AWS API Documentation
|
|
10797
11436
|
#
|
|
10798
11437
|
# @overload update_connector_v2(params = {})
|
|
@@ -11652,6 +12291,24 @@ module Aws::SecurityHub
|
|
|
11652
12291
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
11653
12292
|
# },
|
|
11654
12293
|
# ],
|
|
12294
|
+
# resource_owner_account_id: [
|
|
12295
|
+
# {
|
|
12296
|
+
# value: "NonEmptyString",
|
|
12297
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
12298
|
+
# },
|
|
12299
|
+
# ],
|
|
12300
|
+
# resource_owner_org_id: [
|
|
12301
|
+
# {
|
|
12302
|
+
# value: "NonEmptyString",
|
|
12303
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
12304
|
+
# },
|
|
12305
|
+
# ],
|
|
12306
|
+
# resource_provider: [
|
|
12307
|
+
# {
|
|
12308
|
+
# value: "NonEmptyString",
|
|
12309
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
12310
|
+
# },
|
|
12311
|
+
# ],
|
|
11655
12312
|
# },
|
|
11656
12313
|
# note: {
|
|
11657
12314
|
# text: "NonEmptyString", # required
|
|
@@ -12421,6 +13078,24 @@ module Aws::SecurityHub
|
|
|
12421
13078
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
12422
13079
|
# },
|
|
12423
13080
|
# ],
|
|
13081
|
+
# resource_owner_account_id: [
|
|
13082
|
+
# {
|
|
13083
|
+
# value: "NonEmptyString",
|
|
13084
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
13085
|
+
# },
|
|
13086
|
+
# ],
|
|
13087
|
+
# resource_owner_org_id: [
|
|
13088
|
+
# {
|
|
13089
|
+
# value: "NonEmptyString",
|
|
13090
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
13091
|
+
# },
|
|
13092
|
+
# ],
|
|
13093
|
+
# resource_provider: [
|
|
13094
|
+
# {
|
|
13095
|
+
# value: "NonEmptyString",
|
|
13096
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
|
|
13097
|
+
# },
|
|
13098
|
+
# ],
|
|
12424
13099
|
# },
|
|
12425
13100
|
# group_by_attribute: "NonEmptyString",
|
|
12426
13101
|
# })
|
|
@@ -12711,7 +13386,7 @@ module Aws::SecurityHub
|
|
|
12711
13386
|
tracer: tracer
|
|
12712
13387
|
)
|
|
12713
13388
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
12714
|
-
context[:gem_version] = '1.
|
|
13389
|
+
context[:gem_version] = '1.159.0'
|
|
12715
13390
|
Seahorse::Client::Request.new(handlers, context)
|
|
12716
13391
|
end
|
|
12717
13392
|
|