aws-sdk-securityhub 1.157.0 → 1.159.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -199,7 +199,7 @@ module Aws::SecurityHub
199
199
  # the required types.
200
200
  #
201
201
  # @option options [Boolean] :correct_clock_skew (true)
202
- # Used only in `standard` and adaptive retry modes. Specifies whether to apply
202
+ # Used only in `standard` and `adaptive` retry modes. Specifies whether to apply
203
203
  # a clock skew correction and retry requests with skewed client clocks.
204
204
  #
205
205
  # @option options [String] :defaults_mode ("legacy")
@@ -323,17 +323,15 @@ module Aws::SecurityHub
323
323
  # @option options [String] :retry_mode ("legacy")
324
324
  # Specifies which retry algorithm to use. Values are:
325
325
  #
326
- # * `legacy` - The pre-existing retry behavior. This is default value if
327
- # no retry mode is provided.
326
+ # * `legacy` - The pre-existing retry behavior. This is the default
327
+ # value if no retry mode is provided.
328
328
  #
329
329
  # * `standard` - A standardized set of retry rules across the AWS SDKs.
330
330
  # This includes support for retry quotas, which limit the number of
331
331
  # unsuccessful retries a client can make.
332
332
  #
333
- # * `adaptive` - An experimental retry mode that includes all the
334
- # functionality of `standard` mode along with automatic client side
335
- # throttling. This is a provisional mode that may change behavior
336
- # in the future.
333
+ # * `adaptive` - A retry mode that includes all the functionality of
334
+ # `standard` mode along with automatic client side throttling.
337
335
  #
338
336
  # @option options [String] :sdk_ua_app_id
339
337
  # A unique and opaque application ID that is appended to the
@@ -701,7 +699,8 @@ module Aws::SecurityHub
701
699
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
702
700
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
703
701
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
704
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
702
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
703
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
705
704
  #
706
705
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDisableStandards AWS API Documentation
707
706
  #
@@ -778,7 +777,8 @@ module Aws::SecurityHub
778
777
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
779
778
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
780
779
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
781
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
780
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
781
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
782
782
  #
783
783
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchEnableStandards AWS API Documentation
784
784
  #
@@ -1047,6 +1047,15 @@ module Aws::SecurityHub
1047
1047
  # resp.rules[0].criteria.aws_account_name #=> Array
1048
1048
  # resp.rules[0].criteria.aws_account_name[0].value #=> String
1049
1049
  # resp.rules[0].criteria.aws_account_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1050
+ # resp.rules[0].criteria.resource_provider #=> Array
1051
+ # resp.rules[0].criteria.resource_provider[0].value #=> String
1052
+ # resp.rules[0].criteria.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1053
+ # resp.rules[0].criteria.resource_owner_account_id #=> Array
1054
+ # resp.rules[0].criteria.resource_owner_account_id[0].value #=> String
1055
+ # resp.rules[0].criteria.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1056
+ # resp.rules[0].criteria.resource_owner_org_id #=> Array
1057
+ # resp.rules[0].criteria.resource_owner_org_id[0].value #=> String
1058
+ # resp.rules[0].criteria.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1050
1059
  # resp.rules[0].actions #=> Array
1051
1060
  # resp.rules[0].actions[0].type #=> String, one of "FINDING_FIELDS_UPDATE"
1052
1061
  # resp.rules[0].actions[0].finding_fields_update.note.text #=> String
@@ -1284,6 +1293,7 @@ module Aws::SecurityHub
1284
1293
  # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list #=> Array
1285
1294
  # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list[0] #=> String
1286
1295
  # resp.security_controls[0].last_update_reason #=> String
1296
+ # resp.security_controls[0].provider #=> String, one of "AWS", "Azure"
1287
1297
  # resp.unprocessed_ids #=> Array
1288
1298
  # resp.unprocessed_ids[0].security_control_id #=> String
1289
1299
  # resp.unprocessed_ids[0].error_code #=> String, one of "INVALID_INPUT", "ACCESS_DENIED", "NOT_FOUND", "RESOURCE_NOT_FOUND", "LIMIT_EXCEEDED"
@@ -1852,6 +1862,24 @@ module Aws::SecurityHub
1852
1862
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1853
1863
  # },
1854
1864
  # ],
1865
+ # resource_provider: [
1866
+ # {
1867
+ # value: "NonEmptyString",
1868
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1869
+ # },
1870
+ # ],
1871
+ # resource_owner_account_id: [
1872
+ # {
1873
+ # value: "NonEmptyString",
1874
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1875
+ # },
1876
+ # ],
1877
+ # resource_owner_org_id: [
1878
+ # {
1879
+ # value: "NonEmptyString",
1880
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1881
+ # },
1882
+ # ],
1855
1883
  # },
1856
1884
  # actions: [
1857
1885
  # {
@@ -2822,6 +2850,24 @@ module Aws::SecurityHub
2822
2850
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2823
2851
  # },
2824
2852
  # ],
2853
+ # resource_provider: [
2854
+ # {
2855
+ # value: "NonEmptyString",
2856
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2857
+ # },
2858
+ # ],
2859
+ # resource_owner_account_id: [
2860
+ # {
2861
+ # value: "NonEmptyString",
2862
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2863
+ # },
2864
+ # ],
2865
+ # resource_owner_org_id: [
2866
+ # {
2867
+ # value: "NonEmptyString",
2868
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2869
+ # },
2870
+ # ],
2825
2871
  # },
2826
2872
  # actions: [ # required
2827
2873
  # {
@@ -2917,7 +2963,7 @@ module Aws::SecurityHub
2917
2963
  # {
2918
2964
  # string_filters: [
2919
2965
  # {
2920
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
2966
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
2921
2967
  # filter: {
2922
2968
  # value: "NonEmptyString",
2923
2969
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -3214,6 +3260,104 @@ module Aws::SecurityHub
3214
3260
  req.send_request(options)
3215
3261
  end
3216
3262
 
3263
+ # Creates a cloud service provider management (CSPM) connector in
3264
+ # Security Hub CSPM. A connector establishes a connection between
3265
+ # Security Hub CSPM and a third-party cloud provider, enabling Security
3266
+ # Hub CSPM to ingest security findings and resource data from the
3267
+ # connected environment.
3268
+ #
3269
+ # @option params [required, String] :name
3270
+ # The name of the connector. Must be unique within the account.
3271
+ #
3272
+ # @option params [String] :description
3273
+ # The description of the connector.
3274
+ #
3275
+ # @option params [required, Types::CspmProviderConfiguration] :provider
3276
+ # The configuration for the cloud provider to connect to. Currently
3277
+ # supports Azure.
3278
+ #
3279
+ # @option params [Hash<String,String>] :tags
3280
+ # The tags to add to the connector resource.
3281
+ #
3282
+ # @option params [String] :client_token
3283
+ # A unique identifier used to ensure idempotency of the request.
3284
+ #
3285
+ # **A suitable default value is auto-generated.** You should normally
3286
+ # not need to pass this option.**
3287
+ #
3288
+ # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3289
+ #
3290
+ # * {Types::CreateConnectorResponse#connector_arn #connector_arn} => String
3291
+ # * {Types::CreateConnectorResponse#connector_id #connector_id} => String
3292
+ # * {Types::CreateConnectorResponse#connector_status #connector_status} => String
3293
+ # * {Types::CreateConnectorResponse#enablement_status #enablement_status} => String
3294
+ #
3295
+ #
3296
+ # @example Example: To create a CSPM connector
3297
+ #
3298
+ # # This operation creates a CSPM connector to connect Security Hub to an Azure environment.
3299
+ #
3300
+ # resp = client.create_connector({
3301
+ # description: "Connector for Azure tenant monitoring",
3302
+ # name: "MyAzureConnector",
3303
+ # provider: {
3304
+ # azure: {
3305
+ # aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
3306
+ # azure_regions: [
3307
+ # "eastus",
3308
+ # "westus2",
3309
+ # ],
3310
+ # scope_configuration: {
3311
+ # scope_type: "TENANT",
3312
+ # },
3313
+ # },
3314
+ # },
3315
+ # })
3316
+ #
3317
+ # resp.to_h outputs the following:
3318
+ # {
3319
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3320
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3321
+ # enablement_status: "PENDING_ENABLEMENT",
3322
+ # }
3323
+ #
3324
+ # @example Request syntax with placeholder values
3325
+ #
3326
+ # resp = client.create_connector({
3327
+ # name: "NonEmptyString", # required
3328
+ # description: "NonEmptyString",
3329
+ # provider: { # required
3330
+ # azure: {
3331
+ # aws_config_connector_arn: "NonEmptyString", # required
3332
+ # scope_configuration: { # required
3333
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
3334
+ # scope_values: ["NonEmptyString"],
3335
+ # },
3336
+ # azure_regions: ["NonEmptyString"], # required
3337
+ # },
3338
+ # },
3339
+ # tags: {
3340
+ # "TagKey" => "TagValue",
3341
+ # },
3342
+ # client_token: "ClientToken",
3343
+ # })
3344
+ #
3345
+ # @example Response structure
3346
+ #
3347
+ # resp.connector_arn #=> String
3348
+ # resp.connector_id #=> String
3349
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
3350
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
3351
+ #
3352
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnector AWS API Documentation
3353
+ #
3354
+ # @overload create_connector(params = {})
3355
+ # @param [Hash] params ({})
3356
+ def create_connector(params = {}, options = {})
3357
+ req = build_request(:create_connector, params)
3358
+ req.send_request(options)
3359
+ end
3360
+
3217
3361
  # Grants permission to create a connectorV2 based on input parameters.
3218
3362
  #
3219
3363
  # @option params [required, String] :name
@@ -3244,6 +3388,7 @@ module Aws::SecurityHub
3244
3388
  # * {Types::CreateConnectorV2Response#connector_id #connector_id} => String
3245
3389
  # * {Types::CreateConnectorV2Response#auth_url #auth_url} => String
3246
3390
  # * {Types::CreateConnectorV2Response#connector_status #connector_status} => String
3391
+ # * {Types::CreateConnectorV2Response#enablement_status #enablement_status} => String
3247
3392
  #
3248
3393
  # @example Request syntax with placeholder values
3249
3394
  #
@@ -3258,6 +3403,14 @@ module Aws::SecurityHub
3258
3403
  # instance_name: "NonEmptyString", # required
3259
3404
  # secret_arn: "NonEmptyString", # required
3260
3405
  # },
3406
+ # azure: {
3407
+ # aws_config_connector_arn: "NonEmptyString", # required
3408
+ # scope_configuration: { # required
3409
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
3410
+ # scope_values: ["NonEmptyString"],
3411
+ # },
3412
+ # azure_regions: ["NonEmptyString"], # required
3413
+ # },
3261
3414
  # },
3262
3415
  # kms_key_arn: "NonEmptyString",
3263
3416
  # tags: {
@@ -3271,7 +3424,8 @@ module Aws::SecurityHub
3271
3424
  # resp.connector_arn #=> String
3272
3425
  # resp.connector_id #=> String
3273
3426
  # resp.auth_url #=> String
3274
- # resp.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
3427
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
3428
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
3275
3429
  #
3276
3430
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorV2 AWS API Documentation
3277
3431
  #
@@ -4158,6 +4312,24 @@ module Aws::SecurityHub
4158
4312
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4159
4313
  # },
4160
4314
  # ],
4315
+ # resource_owner_account_id: [
4316
+ # {
4317
+ # value: "NonEmptyString",
4318
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4319
+ # },
4320
+ # ],
4321
+ # resource_owner_org_id: [
4322
+ # {
4323
+ # value: "NonEmptyString",
4324
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4325
+ # },
4326
+ # ],
4327
+ # resource_provider: [
4328
+ # {
4329
+ # value: "NonEmptyString",
4330
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4331
+ # },
4332
+ # ],
4161
4333
  # },
4162
4334
  # group_by_attribute: "NonEmptyString", # required
4163
4335
  # })
@@ -4526,12 +4698,58 @@ module Aws::SecurityHub
4526
4698
  req.send_request(options)
4527
4699
  end
4528
4700
 
4701
+ # Deletes a CSPM connector. When you delete a connector, Security Hub
4702
+ # CSPM stops ingesting findings and resource data from the connected
4703
+ # cloud provider environment.
4704
+ #
4705
+ # @option params [required, String] :connector_id
4706
+ # The unique identifier of the connector to delete.
4707
+ #
4708
+ # @return [Types::DeleteConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4709
+ #
4710
+ # * {Types::DeleteConnectorResponse#enablement_status #enablement_status} => String
4711
+ #
4712
+ #
4713
+ # @example Example: To delete a CSPM connector
4714
+ #
4715
+ # # This operation deletes a CSPM connector.
4716
+ #
4717
+ # resp = client.delete_connector({
4718
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4719
+ # })
4720
+ #
4721
+ # resp.to_h outputs the following:
4722
+ # {
4723
+ # enablement_status: "PENDING_DELETION",
4724
+ # }
4725
+ #
4726
+ # @example Request syntax with placeholder values
4727
+ #
4728
+ # resp = client.delete_connector({
4729
+ # connector_id: "NonEmptyString", # required
4730
+ # })
4731
+ #
4732
+ # @example Response structure
4733
+ #
4734
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
4735
+ #
4736
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnector AWS API Documentation
4737
+ #
4738
+ # @overload delete_connector(params = {})
4739
+ # @param [Hash] params ({})
4740
+ def delete_connector(params = {}, options = {})
4741
+ req = build_request(:delete_connector, params)
4742
+ req.send_request(options)
4743
+ end
4744
+
4529
4745
  # Grants permission to delete a connectorV2.
4530
4746
  #
4531
4747
  # @option params [required, String] :connector_id
4532
4748
  # The UUID of the connectorV2 to identify connectorV2 resource.
4533
4749
  #
4534
- # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4750
+ # @return [Types::DeleteConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4751
+ #
4752
+ # * {Types::DeleteConnectorV2Response#enablement_status #enablement_status} => String
4535
4753
  #
4536
4754
  # @example Request syntax with placeholder values
4537
4755
  #
@@ -4539,6 +4757,10 @@ module Aws::SecurityHub
4539
4757
  # connector_id: "NonEmptyString", # required
4540
4758
  # })
4541
4759
  #
4760
+ # @example Response structure
4761
+ #
4762
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
4763
+ #
4542
4764
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorV2 AWS API Documentation
4543
4765
  #
4544
4766
  # @overload delete_connector_v2(params = {})
@@ -5087,11 +5309,15 @@ module Aws::SecurityHub
5087
5309
  #
5088
5310
  # * {Types::DescribeSecurityHubV2Response#hub_v2_arn #hub_v2_arn} => String
5089
5311
  # * {Types::DescribeSecurityHubV2Response#subscribed_at #subscribed_at} => String
5312
+ # * {Types::DescribeSecurityHubV2Response#features #features} => Hash&lt;String,Types::FeatureDetail&gt;
5090
5313
  #
5091
5314
  # @example Response structure
5092
5315
  #
5093
5316
  # resp.hub_v2_arn #=> String
5094
5317
  # resp.subscribed_at #=> String
5318
+ # resp.features #=> Hash
5319
+ # resp.features["FeatureNameKey"].feature_status #=> String, one of "ENABLED", "DISABLED"
5320
+ # resp.features["FeatureNameKey"].updated_at #=> Time
5095
5321
  #
5096
5322
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeSecurityHubV2 AWS API Documentation
5097
5323
  #
@@ -5119,6 +5345,11 @@ module Aws::SecurityHub
5119
5345
  # @option params [Integer] :max_results
5120
5346
  # The maximum number of standards to return.
5121
5347
  #
5348
+ # @option params [Array<String>] :providers
5349
+ # A list of cloud providers to filter the standards by. For example,
5350
+ # specify `Azure` to return only standards that evaluate Azure
5351
+ # resources.
5352
+ #
5122
5353
  # @return [Types::DescribeStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5123
5354
  #
5124
5355
  # * {Types::DescribeStandardsResponse#standards #standards} => Array&lt;Types::Standard&gt;
@@ -5169,6 +5400,7 @@ module Aws::SecurityHub
5169
5400
  # resp = client.describe_standards({
5170
5401
  # next_token: "NextToken",
5171
5402
  # max_results: 1,
5403
+ # providers: ["AWS"], # accepts AWS, Azure
5172
5404
  # })
5173
5405
  #
5174
5406
  # @example Response structure
@@ -5178,6 +5410,7 @@ module Aws::SecurityHub
5178
5410
  # resp.standards[0].name #=> String
5179
5411
  # resp.standards[0].description #=> String
5180
5412
  # resp.standards[0].enabled_by_default #=> Boolean
5413
+ # resp.standards[0].provider #=> String, one of "AWS", "Azure"
5181
5414
  # resp.standards[0].standards_managed_by.company #=> String
5182
5415
  # resp.standards[0].standards_managed_by.product #=> String
5183
5416
  # resp.next_token #=> String
@@ -5411,8 +5644,35 @@ module Aws::SecurityHub
5411
5644
  req.send_request(options)
5412
5645
  end
5413
5646
 
5647
+ # Disables an opt-in feature for the calling account in the current
5648
+ # Amazon Web Services Region. The operation is idempotent. If the
5649
+ # feature is already disabled, no changes are made. You cannot disable a
5650
+ # feature that is managed by an organization policy.
5651
+ #
5652
+ # @option params [required, String] :feature_name
5653
+ # The name of the feature to disable.
5654
+ #
5655
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5656
+ #
5657
+ # @example Request syntax with placeholder values
5658
+ #
5659
+ # resp = client.disable_security_hub_feature_v2({
5660
+ # feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
5661
+ # })
5662
+ #
5663
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubFeatureV2 AWS API Documentation
5664
+ #
5665
+ # @overload disable_security_hub_feature_v2(params = {})
5666
+ # @param [Hash] params ({})
5667
+ def disable_security_hub_feature_v2(params = {}, options = {})
5668
+ req = build_request(:disable_security_hub_feature_v2, params)
5669
+ req.send_request(options)
5670
+ end
5671
+
5414
5672
  # Disable the service for the current Amazon Web Services Region or
5415
- # specified Amazon Web Services Region.
5673
+ # specified Amazon Web Services Region. Disabling the service also
5674
+ # disables all opt-in features that are currently enabled in that
5675
+ # Region.
5416
5676
  #
5417
5677
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5418
5678
  #
@@ -5709,6 +5969,32 @@ module Aws::SecurityHub
5709
5969
  req.send_request(options)
5710
5970
  end
5711
5971
 
5972
+ # Enables an opt-in feature for the calling account in the current
5973
+ # Amazon Web Services Region. The service must be enabled before you can
5974
+ # enable a feature. The operation is idempotent. If the feature is
5975
+ # already enabled, no changes are made. You cannot enable a feature that
5976
+ # is managed by an organization policy.
5977
+ #
5978
+ # @option params [required, String] :feature_name
5979
+ # The name of the feature to enable.
5980
+ #
5981
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5982
+ #
5983
+ # @example Request syntax with placeholder values
5984
+ #
5985
+ # resp = client.enable_security_hub_feature_v2({
5986
+ # feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
5987
+ # })
5988
+ #
5989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubFeatureV2 AWS API Documentation
5990
+ #
5991
+ # @overload enable_security_hub_feature_v2(params = {})
5992
+ # @param [Hash] params ({})
5993
+ def enable_security_hub_feature_v2(params = {}, options = {})
5994
+ req = build_request(:enable_security_hub_feature_v2, params)
5995
+ req.send_request(options)
5996
+ end
5997
+
5712
5998
  # Enables the service in account for the current Amazon Web Services
5713
5999
  # Region or specified Amazon Web Services Region.
5714
6000
  #
@@ -5878,7 +6164,7 @@ module Aws::SecurityHub
5878
6164
  # resp.description #=> String
5879
6165
  # resp.criteria.ocsf_finding_criteria.composite_filters #=> Array
5880
6166
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters #=> Array
5881
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
6167
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.name", "resources.owner.account.uid", "resources.owner.org.uid", "resources.owner.account.name", "resources.provider", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
5882
6168
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.value #=> String
5883
6169
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
5884
6170
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters #=> Array
@@ -6109,6 +6395,98 @@ module Aws::SecurityHub
6109
6395
  req.send_request(options)
6110
6396
  end
6111
6397
 
6398
+ # Retrieves details for a CSPM connector based on the connector ID.
6399
+ #
6400
+ # @option params [required, String] :connector_id
6401
+ # The unique identifier of the connector to retrieve.
6402
+ #
6403
+ # @return [Types::GetConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6404
+ #
6405
+ # * {Types::GetConnectorResponse#connector_arn #connector_arn} => String
6406
+ # * {Types::GetConnectorResponse#connector_id #connector_id} => String
6407
+ # * {Types::GetConnectorResponse#name #name} => String
6408
+ # * {Types::GetConnectorResponse#description #description} => String
6409
+ # * {Types::GetConnectorResponse#created_at #created_at} => Time
6410
+ # * {Types::GetConnectorResponse#last_updated_at #last_updated_at} => Time
6411
+ # * {Types::GetConnectorResponse#health #health} => Types::CspmHealthCheck
6412
+ # * {Types::GetConnectorResponse#provider_detail #provider_detail} => Types::CspmProviderDetail
6413
+ # * {Types::GetConnectorResponse#created_by #created_by} => String
6414
+ # * {Types::GetConnectorResponse#enablement_status #enablement_status} => String
6415
+ #
6416
+ #
6417
+ # @example Example: To get details of a CSPM connector
6418
+ #
6419
+ # # This operation retrieves details for a CSPM connector.
6420
+ #
6421
+ # resp = client.get_connector({
6422
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6423
+ # })
6424
+ #
6425
+ # resp.to_h outputs the following:
6426
+ # {
6427
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6428
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6429
+ # created_at: Time.parse("2026-01-15T10:30:00.000Z"),
6430
+ # created_by: "securityhub.amazonaws.com",
6431
+ # description: "Connector for Azure tenant monitoring",
6432
+ # health: {
6433
+ # connector_status: "CONNECTED",
6434
+ # last_checked_at: Time.parse("2026-05-20T14:00:00.000Z"),
6435
+ # },
6436
+ # last_updated_at: Time.parse("2026-05-20T14:00:00.000Z"),
6437
+ # name: "MyAzureConnector",
6438
+ # provider_detail: {
6439
+ # azure: {
6440
+ # aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
6441
+ # azure_regions: [
6442
+ # "eastus",
6443
+ # "westus2",
6444
+ # ],
6445
+ # scope_configuration: {
6446
+ # scope_type: "TENANT",
6447
+ # },
6448
+ # },
6449
+ # },
6450
+ # }
6451
+ #
6452
+ # @example Request syntax with placeholder values
6453
+ #
6454
+ # resp = client.get_connector({
6455
+ # connector_id: "NonEmptyString", # required
6456
+ # })
6457
+ #
6458
+ # @example Response structure
6459
+ #
6460
+ # resp.connector_arn #=> String
6461
+ # resp.connector_id #=> String
6462
+ # resp.name #=> String
6463
+ # resp.description #=> String
6464
+ # resp.created_at #=> Time
6465
+ # resp.last_updated_at #=> Time
6466
+ # resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
6467
+ # resp.health.message #=> String
6468
+ # resp.health.last_checked_at #=> Time
6469
+ # resp.health.issues #=> Array
6470
+ # resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
6471
+ # resp.health.issues[0].message #=> String
6472
+ # resp.provider_detail.azure.aws_config_connector_arn #=> String
6473
+ # resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
6474
+ # resp.provider_detail.azure.scope_configuration.scope_values #=> Array
6475
+ # resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
6476
+ # resp.provider_detail.azure.azure_regions #=> Array
6477
+ # resp.provider_detail.azure.azure_regions[0] #=> String
6478
+ # resp.created_by #=> String
6479
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
6480
+ #
6481
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnector AWS API Documentation
6482
+ #
6483
+ # @overload get_connector(params = {})
6484
+ # @param [Hash] params ({})
6485
+ def get_connector(params = {}, options = {})
6486
+ req = build_request(:get_connector, params)
6487
+ req.send_request(options)
6488
+ end
6489
+
6112
6490
  # Grants permission to retrieve details for a connectorV2 based on
6113
6491
  # connector id.
6114
6492
  #
@@ -6126,6 +6504,8 @@ module Aws::SecurityHub
6126
6504
  # * {Types::GetConnectorV2Response#last_updated_at #last_updated_at} => Time
6127
6505
  # * {Types::GetConnectorV2Response#health #health} => Types::HealthCheck
6128
6506
  # * {Types::GetConnectorV2Response#provider_detail #provider_detail} => Types::ProviderDetail
6507
+ # * {Types::GetConnectorV2Response#enablement_status #enablement_status} => String
6508
+ # * {Types::GetConnectorV2Response#enablement_status_reason #enablement_status_reason} => String
6129
6509
  #
6130
6510
  # @example Request syntax with placeholder values
6131
6511
  #
@@ -6142,9 +6522,12 @@ module Aws::SecurityHub
6142
6522
  # resp.kms_key_arn #=> String
6143
6523
  # resp.created_at #=> Time
6144
6524
  # resp.last_updated_at #=> Time
6145
- # resp.health.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
6525
+ # resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
6146
6526
  # resp.health.message #=> String
6147
6527
  # resp.health.last_checked_at #=> Time
6528
+ # resp.health.issues #=> Array
6529
+ # resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
6530
+ # resp.health.issues[0].message #=> String
6148
6531
  # resp.provider_detail.jira_cloud.cloud_id #=> String
6149
6532
  # resp.provider_detail.jira_cloud.project_key #=> String
6150
6533
  # resp.provider_detail.jira_cloud.domain #=> String
@@ -6153,6 +6536,14 @@ module Aws::SecurityHub
6153
6536
  # resp.provider_detail.service_now.instance_name #=> String
6154
6537
  # resp.provider_detail.service_now.secret_arn #=> String
6155
6538
  # resp.provider_detail.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
6539
+ # resp.provider_detail.azure.aws_config_connector_arn #=> String
6540
+ # resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
6541
+ # resp.provider_detail.azure.scope_configuration.scope_values #=> Array
6542
+ # resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
6543
+ # resp.provider_detail.azure.azure_regions #=> Array
6544
+ # resp.provider_detail.azure.azure_regions[0] #=> String
6545
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
6546
+ # resp.enablement_status_reason #=> String
6156
6547
  #
6157
6548
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorV2 AWS API Documentation
6158
6549
  #
@@ -6181,6 +6572,11 @@ module Aws::SecurityHub
6181
6572
  # @option params [Integer] :max_results
6182
6573
  # The maximum number of results to return in the response.
6183
6574
  #
6575
+ # @option params [Array<String>] :providers
6576
+ # A list of cloud providers to filter the enabled standards by. For
6577
+ # example, specify `Azure` to return only enabled standards that
6578
+ # evaluate Azure resources.
6579
+ #
6184
6580
  # @return [Types::GetEnabledStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6185
6581
  #
6186
6582
  # * {Types::GetEnabledStandardsResponse#standards_subscriptions #standards_subscriptions} => Array&lt;Types::StandardsSubscription&gt;
@@ -6218,6 +6614,7 @@ module Aws::SecurityHub
6218
6614
  # standards_subscription_arns: ["NonEmptyString"],
6219
6615
  # next_token: "NextToken",
6220
6616
  # max_results: 1,
6617
+ # providers: ["AWS"], # accepts AWS, Azure
6221
6618
  # })
6222
6619
  #
6223
6620
  # @example Response structure
@@ -6229,7 +6626,8 @@ module Aws::SecurityHub
6229
6626
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
6230
6627
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
6231
6628
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
6232
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
6629
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
6630
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
6233
6631
  # resp.next_token #=> String
6234
6632
  #
6235
6633
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetEnabledStandards AWS API Documentation
@@ -6518,7 +6916,7 @@ module Aws::SecurityHub
6518
6916
  # {
6519
6917
  # string_filters: [
6520
6918
  # {
6521
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
6919
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
6522
6920
  # filter: {
6523
6921
  # value: "NonEmptyString",
6524
6922
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -6585,7 +6983,7 @@ module Aws::SecurityHub
6585
6983
  # ],
6586
6984
  # composite_operator: "AND", # accepts AND, OR
6587
6985
  # },
6588
- # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
6986
+ # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
6589
6987
  # },
6590
6988
  # ],
6591
6989
  # scopes: {
@@ -7473,6 +7871,24 @@ module Aws::SecurityHub
7473
7871
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7474
7872
  # },
7475
7873
  # ],
7874
+ # resource_owner_account_id: [
7875
+ # {
7876
+ # value: "NonEmptyString",
7877
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7878
+ # },
7879
+ # ],
7880
+ # resource_owner_org_id: [
7881
+ # {
7882
+ # value: "NonEmptyString",
7883
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7884
+ # },
7885
+ # ],
7886
+ # resource_provider: [
7887
+ # {
7888
+ # value: "NonEmptyString",
7889
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7890
+ # },
7891
+ # ],
7476
7892
  # },
7477
7893
  # sort_criteria: [
7478
7894
  # {
@@ -7532,7 +7948,7 @@ module Aws::SecurityHub
7532
7948
  # {
7533
7949
  # string_filters: [
7534
7950
  # {
7535
- # field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name
7951
+ # field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name, resource_cloud_providers, resource_regions, resource_owner_ids, resource_owner_organization_ids
7536
7952
  # filter: {
7537
7953
  # value: "NonEmptyString",
7538
7954
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -7641,7 +8057,7 @@ module Aws::SecurityHub
7641
8057
  # {
7642
8058
  # string_filters: [
7643
8059
  # {
7644
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
8060
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
7645
8061
  # filter: {
7646
8062
  # value: "NonEmptyString",
7647
8063
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8245,6 +8661,15 @@ module Aws::SecurityHub
8245
8661
  # resp.insights[0].filters.resource_application_arn #=> Array
8246
8662
  # resp.insights[0].filters.resource_application_arn[0].value #=> String
8247
8663
  # resp.insights[0].filters.resource_application_arn[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8664
+ # resp.insights[0].filters.resource_owner_account_id #=> Array
8665
+ # resp.insights[0].filters.resource_owner_account_id[0].value #=> String
8666
+ # resp.insights[0].filters.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8667
+ # resp.insights[0].filters.resource_owner_org_id #=> Array
8668
+ # resp.insights[0].filters.resource_owner_org_id[0].value #=> String
8669
+ # resp.insights[0].filters.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8670
+ # resp.insights[0].filters.resource_provider #=> Array
8671
+ # resp.insights[0].filters.resource_provider[0].value #=> String
8672
+ # resp.insights[0].filters.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8248
8673
  # resp.insights[0].group_by_attribute #=> String
8249
8674
  # resp.next_token #=> String
8250
8675
  #
@@ -8529,13 +8954,13 @@ module Aws::SecurityHub
8529
8954
  # resp = client.get_resources_statistics_v2({
8530
8955
  # group_by_rules: [ # required
8531
8956
  # {
8532
- # group_by_field: "AccountId", # required, accepts AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
8957
+ # group_by_field: "AccountId", # required, accepts AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
8533
8958
  # filters: {
8534
8959
  # composite_filters: [
8535
8960
  # {
8536
8961
  # string_filters: [
8537
8962
  # {
8538
- # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8963
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8539
8964
  # filter: {
8540
8965
  # value: "NonEmptyString",
8541
8966
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8656,7 +9081,7 @@ module Aws::SecurityHub
8656
9081
  # {
8657
9082
  # string_filters: [
8658
9083
  # {
8659
- # field_name: "account_id", # accepts account_id, region, resource_type, resource_category
9084
+ # field_name: "account_id", # accepts account_id, region, resource_type, resource_category, resource_cloud_provider, resource_region, resource_owner_id, resource_owner_organization_id
8660
9085
  # filter: {
8661
9086
  # value: "NonEmptyString",
8662
9087
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8751,7 +9176,7 @@ module Aws::SecurityHub
8751
9176
  # {
8752
9177
  # string_filters: [
8753
9178
  # {
8754
- # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
9179
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8755
9180
  # filter: {
8756
9181
  # value: "NonEmptyString",
8757
9182
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8826,8 +9251,14 @@ module Aws::SecurityHub
8826
9251
  # resp.resources[0].resource_guid #=> String
8827
9252
  # resp.resources[0].resource_id #=> String
8828
9253
  # resp.resources[0].account_id #=> String
9254
+ # resp.resources[0].account_name #=> String
8829
9255
  # resp.resources[0].region #=> String
8830
- # resp.resources[0].resource_category #=> String, one of "Compute", "Database", "Storage", "Code", "AI/ML", "Identity", "Network", "Other"
9256
+ # resp.resources[0].resource_provider #=> String
9257
+ # resp.resources[0].resource_owner_account_id #=> String
9258
+ # resp.resources[0].resource_owner_org_id #=> String
9259
+ # resp.resources[0].resource_cloud_partition #=> String
9260
+ # resp.resources[0].resource_region #=> String
9261
+ # resp.resources[0].resource_category #=> String, one of "Compute", "Database", "Storage", "Code", "AI/ML", "Identity", "Network", "Messaging", "Other"
8831
9262
  # resp.resources[0].resource_type #=> String
8832
9263
  # resp.resources[0].resource_name #=> String
8833
9264
  # resp.resources[0].resource_creation_time_dt #=> String
@@ -8949,6 +9380,7 @@ module Aws::SecurityHub
8949
9380
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
8950
9381
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
8951
9382
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
9383
+ # resp.security_control_definition.provider #=> String, one of "AWS", "Azure"
8952
9384
  #
8953
9385
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinition AWS API Documentation
8954
9386
  #
@@ -9387,6 +9819,92 @@ module Aws::SecurityHub
9387
9819
  req.send_request(options)
9388
9820
  end
9389
9821
 
9822
+ # Lists the CSPM connectors and their metadata for the calling account.
9823
+ #
9824
+ # @option params [String] :next_token
9825
+ # The pagination token to request the next page of results.
9826
+ #
9827
+ # @option params [Integer] :max_results
9828
+ # The maximum number of results to return.
9829
+ #
9830
+ # @option params [String] :provider_name
9831
+ # The name of the cloud provider to filter connectors by.
9832
+ #
9833
+ # @option params [String] :connector_status
9834
+ # The connectivity status to filter connectors by.
9835
+ #
9836
+ # @option params [String] :enablement_status
9837
+ # The enablement status to filter connectors by.
9838
+ #
9839
+ # @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9840
+ #
9841
+ # * {Types::ListConnectorsResponse#next_token #next_token} => String
9842
+ # * {Types::ListConnectorsResponse#connectors #connectors} => Array&lt;Types::CspmConnectorSummary&gt;
9843
+ #
9844
+ #
9845
+ # @example Example: To list CSPM connectors
9846
+ #
9847
+ # # This operation lists the CSPM connectors for the calling account.
9848
+ #
9849
+ # resp = client.list_connectors({
9850
+ # max_results: 10,
9851
+ # })
9852
+ #
9853
+ # resp.to_h outputs the following:
9854
+ # {
9855
+ # connectors: [
9856
+ # {
9857
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
9858
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
9859
+ # created_at: Time.parse("2026-01-15T10:30:00.000Z"),
9860
+ # name: "MyAzureConnector",
9861
+ # provider_summary: {
9862
+ # connector_status: "CONNECTED",
9863
+ # provider_name: "AZURE",
9864
+ # },
9865
+ # },
9866
+ # ],
9867
+ # }
9868
+ #
9869
+ # @example Request syntax with placeholder values
9870
+ #
9871
+ # resp = client.list_connectors({
9872
+ # next_token: "NextToken",
9873
+ # max_results: 1,
9874
+ # provider_name: "AZURE", # accepts AZURE
9875
+ # connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, UNKNOWN
9876
+ # enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, PENDING_UPDATE, PENDING_DELETION
9877
+ # })
9878
+ #
9879
+ # @example Response structure
9880
+ #
9881
+ # resp.next_token #=> String
9882
+ # resp.connectors #=> Array
9883
+ # resp.connectors[0].connector_arn #=> String
9884
+ # resp.connectors[0].connector_id #=> String
9885
+ # resp.connectors[0].name #=> String
9886
+ # resp.connectors[0].description #=> String
9887
+ # resp.connectors[0].provider_summary.provider_name #=> String, one of "AZURE"
9888
+ # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
9889
+ # resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
9890
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
9891
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
9892
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
9893
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
9894
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
9895
+ # resp.connectors[0].created_at #=> Time
9896
+ # resp.connectors[0].created_by #=> String
9897
+ # resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
9898
+ #
9899
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectors AWS API Documentation
9900
+ #
9901
+ # @overload list_connectors(params = {})
9902
+ # @param [Hash] params ({})
9903
+ def list_connectors(params = {}, options = {})
9904
+ req = build_request(:list_connectors, params)
9905
+ req.send_request(options)
9906
+ end
9907
+
9390
9908
  # Grants permission to retrieve a list of connectorsV2 and their
9391
9909
  # metadata for the calling account.
9392
9910
  #
@@ -9402,6 +9920,9 @@ module Aws::SecurityHub
9402
9920
  # @option params [String] :connector_status
9403
9921
  # The status for the connectorV2.
9404
9922
  #
9923
+ # @option params [String] :enablement_status
9924
+ # The enablement status to filter connectors by.
9925
+ #
9405
9926
  # @return [Types::ListConnectorsV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9406
9927
  #
9407
9928
  # * {Types::ListConnectorsV2Response#next_token #next_token} => String
@@ -9412,8 +9933,9 @@ module Aws::SecurityHub
9412
9933
  # resp = client.list_connectors_v2({
9413
9934
  # next_token: "NextToken",
9414
9935
  # max_results: 1,
9415
- # provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW
9416
- # connector_status: "CONNECTED", # accepts CONNECTED, FAILED_TO_CONNECT, PENDING_CONFIGURATION, PENDING_AUTHORIZATION
9936
+ # provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW, AZURE
9937
+ # connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, PENDING_AUTHORIZATION, PENDING_CONFIGURATION, UNKNOWN
9938
+ # enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, FAILED_TO_ENABLE, PENDING_UPDATE, FAILED_TO_UPDATE, PENDING_DELETION, FAILED_TO_DELETE
9417
9939
  # })
9418
9940
  #
9419
9941
  # @example Response structure
@@ -9424,9 +9946,25 @@ module Aws::SecurityHub
9424
9946
  # resp.connectors[0].connector_id #=> String
9425
9947
  # resp.connectors[0].name #=> String
9426
9948
  # resp.connectors[0].description #=> String
9427
- # resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW"
9428
- # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
9949
+ # resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW", "AZURE"
9950
+ # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
9951
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.cloud_id #=> String
9952
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.project_key #=> String
9953
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.domain #=> String
9954
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_url #=> String
9955
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_status #=> String, one of "ACTIVE", "FAILED"
9956
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.instance_name #=> String
9957
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.secret_arn #=> String
9958
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
9959
+ # resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
9960
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
9961
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
9962
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
9963
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
9964
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
9429
9965
  # resp.connectors[0].created_at #=> Time
9966
+ # resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
9967
+ # resp.connectors[0].enablement_status_reason #=> String
9430
9968
  #
9431
9969
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsV2 AWS API Documentation
9432
9970
  #
@@ -9824,6 +10362,11 @@ module Aws::SecurityHub
9824
10362
  # the next 25 controls. This repeats until all controls for the standard
9825
10363
  # are returned.
9826
10364
  #
10365
+ # @option params [Array<String>] :providers
10366
+ # A list of cloud providers to filter the security control definitions
10367
+ # by. For example, specify `Azure` to return only controls that evaluate
10368
+ # Azure resources.
10369
+ #
9827
10370
  # @return [Types::ListSecurityControlDefinitionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9828
10371
  #
9829
10372
  # * {Types::ListSecurityControlDefinitionsResponse#security_control_definitions #security_control_definitions} => Array&lt;Types::SecurityControlDefinition&gt;
@@ -9885,6 +10428,7 @@ module Aws::SecurityHub
9885
10428
  # standards_arn: "NonEmptyString",
9886
10429
  # next_token: "NextToken",
9887
10430
  # max_results: 1,
10431
+ # providers: ["AWS"], # accepts AWS, Azure
9888
10432
  # })
9889
10433
  #
9890
10434
  # @example Response structure
@@ -9928,6 +10472,7 @@ module Aws::SecurityHub
9928
10472
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
9929
10473
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
9930
10474
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
10475
+ # resp.security_control_definitions[0].provider #=> String, one of "AWS", "Azure"
9931
10476
  # resp.next_token #=> String
9932
10477
  #
9933
10478
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListSecurityControlDefinitions AWS API Documentation
@@ -10471,7 +11016,7 @@ module Aws::SecurityHub
10471
11016
  # {
10472
11017
  # string_filters: [
10473
11018
  # {
10474
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
11019
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
10475
11020
  # filter: {
10476
11021
  # value: "NonEmptyString",
10477
11022
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -10764,6 +11309,85 @@ module Aws::SecurityHub
10764
11309
  req.send_request(options)
10765
11310
  end
10766
11311
 
11312
+ # Updates a CSPM connector's configuration, such as the scope or
11313
+ # regions for the connected cloud provider.
11314
+ #
11315
+ # @option params [required, String] :connector_id
11316
+ # The unique identifier of the connector to update.
11317
+ #
11318
+ # @option params [String] :description
11319
+ # The updated description of the connector.
11320
+ #
11321
+ # @option params [Types::CspmProviderUpdateConfiguration] :provider
11322
+ # The updated cloud provider configuration for the connector.
11323
+ #
11324
+ # @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
11325
+ #
11326
+ # * {Types::UpdateConnectorResponse#connector_status #connector_status} => String
11327
+ # * {Types::UpdateConnectorResponse#enablement_status #enablement_status} => String
11328
+ #
11329
+ #
11330
+ # @example Example: To update a CSPM connector
11331
+ #
11332
+ # # This operation updates the configuration of a CSPM connector.
11333
+ #
11334
+ # resp = client.update_connector({
11335
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
11336
+ # description: "Updated connector description",
11337
+ # provider: {
11338
+ # azure: {
11339
+ # azure_regions: [
11340
+ # "eastus",
11341
+ # "westus2",
11342
+ # "northeurope",
11343
+ # ],
11344
+ # scope_configuration: {
11345
+ # scope_type: "SUBSCRIPTION",
11346
+ # scope_values: [
11347
+ # "sub-1234-5678-abcd",
11348
+ # "sub-9012-3456-efgh",
11349
+ # ],
11350
+ # },
11351
+ # },
11352
+ # },
11353
+ # })
11354
+ #
11355
+ # resp.to_h outputs the following:
11356
+ # {
11357
+ # connector_status: "CONNECTED",
11358
+ # enablement_status: "PENDING_UPDATE",
11359
+ # }
11360
+ #
11361
+ # @example Request syntax with placeholder values
11362
+ #
11363
+ # resp = client.update_connector({
11364
+ # connector_id: "NonEmptyString", # required
11365
+ # description: "NonEmptyString",
11366
+ # provider: {
11367
+ # azure: {
11368
+ # scope_configuration: { # required
11369
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
11370
+ # scope_values: ["NonEmptyString"],
11371
+ # },
11372
+ # azure_regions: ["NonEmptyString"], # required
11373
+ # },
11374
+ # },
11375
+ # })
11376
+ #
11377
+ # @example Response structure
11378
+ #
11379
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
11380
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
11381
+ #
11382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnector AWS API Documentation
11383
+ #
11384
+ # @overload update_connector(params = {})
11385
+ # @param [Hash] params ({})
11386
+ def update_connector(params = {}, options = {})
11387
+ req = build_request(:update_connector, params)
11388
+ req.send_request(options)
11389
+ end
11390
+
10767
11391
  # Grants permission to update a connectorV2 based on its id and input
10768
11392
  # parameters.
10769
11393
  #
@@ -10776,7 +11400,10 @@ module Aws::SecurityHub
10776
11400
  # @option params [Types::ProviderUpdateConfiguration] :provider
10777
11401
  # The third-party provider’s service configuration.
10778
11402
  #
10779
- # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
11403
+ # @return [Types::UpdateConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
11404
+ #
11405
+ # * {Types::UpdateConnectorV2Response#connector_status #connector_status} => String
11406
+ # * {Types::UpdateConnectorV2Response#enablement_status #enablement_status} => String
10780
11407
  #
10781
11408
  # @example Request syntax with placeholder values
10782
11409
  #
@@ -10790,9 +11417,21 @@ module Aws::SecurityHub
10790
11417
  # service_now: {
10791
11418
  # secret_arn: "NonEmptyString",
10792
11419
  # },
11420
+ # azure: {
11421
+ # scope_configuration: { # required
11422
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
11423
+ # scope_values: ["NonEmptyString"],
11424
+ # },
11425
+ # azure_regions: ["NonEmptyString"], # required
11426
+ # },
10793
11427
  # },
10794
11428
  # })
10795
11429
  #
11430
+ # @example Response structure
11431
+ #
11432
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
11433
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
11434
+ #
10796
11435
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorV2 AWS API Documentation
10797
11436
  #
10798
11437
  # @overload update_connector_v2(params = {})
@@ -11652,6 +12291,24 @@ module Aws::SecurityHub
11652
12291
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
11653
12292
  # },
11654
12293
  # ],
12294
+ # resource_owner_account_id: [
12295
+ # {
12296
+ # value: "NonEmptyString",
12297
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12298
+ # },
12299
+ # ],
12300
+ # resource_owner_org_id: [
12301
+ # {
12302
+ # value: "NonEmptyString",
12303
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12304
+ # },
12305
+ # ],
12306
+ # resource_provider: [
12307
+ # {
12308
+ # value: "NonEmptyString",
12309
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12310
+ # },
12311
+ # ],
11655
12312
  # },
11656
12313
  # note: {
11657
12314
  # text: "NonEmptyString", # required
@@ -12421,6 +13078,24 @@ module Aws::SecurityHub
12421
13078
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12422
13079
  # },
12423
13080
  # ],
13081
+ # resource_owner_account_id: [
13082
+ # {
13083
+ # value: "NonEmptyString",
13084
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13085
+ # },
13086
+ # ],
13087
+ # resource_owner_org_id: [
13088
+ # {
13089
+ # value: "NonEmptyString",
13090
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13091
+ # },
13092
+ # ],
13093
+ # resource_provider: [
13094
+ # {
13095
+ # value: "NonEmptyString",
13096
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13097
+ # },
13098
+ # ],
12424
13099
  # },
12425
13100
  # group_by_attribute: "NonEmptyString",
12426
13101
  # })
@@ -12711,7 +13386,7 @@ module Aws::SecurityHub
12711
13386
  tracer: tracer
12712
13387
  )
12713
13388
  context[:gem_name] = 'aws-sdk-securityhub'
12714
- context[:gem_version] = '1.157.0'
13389
+ context[:gem_version] = '1.159.0'
12715
13390
  Seahorse::Client::Request.new(handlers, context)
12716
13391
  end
12717
13392