aws-sdk-securityhub 1.158.0 → 1.159.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -699,7 +699,8 @@ module Aws::SecurityHub
699
699
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
700
700
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
701
701
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
702
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
702
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
703
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
703
704
  #
704
705
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDisableStandards AWS API Documentation
705
706
  #
@@ -776,7 +777,8 @@ module Aws::SecurityHub
776
777
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
777
778
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
778
779
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
779
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
780
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
781
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
780
782
  #
781
783
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchEnableStandards AWS API Documentation
782
784
  #
@@ -1045,6 +1047,15 @@ module Aws::SecurityHub
1045
1047
  # resp.rules[0].criteria.aws_account_name #=> Array
1046
1048
  # resp.rules[0].criteria.aws_account_name[0].value #=> String
1047
1049
  # resp.rules[0].criteria.aws_account_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1050
+ # resp.rules[0].criteria.resource_provider #=> Array
1051
+ # resp.rules[0].criteria.resource_provider[0].value #=> String
1052
+ # resp.rules[0].criteria.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1053
+ # resp.rules[0].criteria.resource_owner_account_id #=> Array
1054
+ # resp.rules[0].criteria.resource_owner_account_id[0].value #=> String
1055
+ # resp.rules[0].criteria.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1056
+ # resp.rules[0].criteria.resource_owner_org_id #=> Array
1057
+ # resp.rules[0].criteria.resource_owner_org_id[0].value #=> String
1058
+ # resp.rules[0].criteria.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
1048
1059
  # resp.rules[0].actions #=> Array
1049
1060
  # resp.rules[0].actions[0].type #=> String, one of "FINDING_FIELDS_UPDATE"
1050
1061
  # resp.rules[0].actions[0].finding_fields_update.note.text #=> String
@@ -1282,6 +1293,7 @@ module Aws::SecurityHub
1282
1293
  # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list #=> Array
1283
1294
  # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list[0] #=> String
1284
1295
  # resp.security_controls[0].last_update_reason #=> String
1296
+ # resp.security_controls[0].provider #=> String, one of "AWS", "Azure"
1285
1297
  # resp.unprocessed_ids #=> Array
1286
1298
  # resp.unprocessed_ids[0].security_control_id #=> String
1287
1299
  # resp.unprocessed_ids[0].error_code #=> String, one of "INVALID_INPUT", "ACCESS_DENIED", "NOT_FOUND", "RESOURCE_NOT_FOUND", "LIMIT_EXCEEDED"
@@ -1850,6 +1862,24 @@ module Aws::SecurityHub
1850
1862
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1851
1863
  # },
1852
1864
  # ],
1865
+ # resource_provider: [
1866
+ # {
1867
+ # value: "NonEmptyString",
1868
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1869
+ # },
1870
+ # ],
1871
+ # resource_owner_account_id: [
1872
+ # {
1873
+ # value: "NonEmptyString",
1874
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1875
+ # },
1876
+ # ],
1877
+ # resource_owner_org_id: [
1878
+ # {
1879
+ # value: "NonEmptyString",
1880
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
1881
+ # },
1882
+ # ],
1853
1883
  # },
1854
1884
  # actions: [
1855
1885
  # {
@@ -2820,6 +2850,24 @@ module Aws::SecurityHub
2820
2850
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2821
2851
  # },
2822
2852
  # ],
2853
+ # resource_provider: [
2854
+ # {
2855
+ # value: "NonEmptyString",
2856
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2857
+ # },
2858
+ # ],
2859
+ # resource_owner_account_id: [
2860
+ # {
2861
+ # value: "NonEmptyString",
2862
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2863
+ # },
2864
+ # ],
2865
+ # resource_owner_org_id: [
2866
+ # {
2867
+ # value: "NonEmptyString",
2868
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
2869
+ # },
2870
+ # ],
2823
2871
  # },
2824
2872
  # actions: [ # required
2825
2873
  # {
@@ -2915,7 +2963,7 @@ module Aws::SecurityHub
2915
2963
  # {
2916
2964
  # string_filters: [
2917
2965
  # {
2918
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
2966
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
2919
2967
  # filter: {
2920
2968
  # value: "NonEmptyString",
2921
2969
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -3212,6 +3260,104 @@ module Aws::SecurityHub
3212
3260
  req.send_request(options)
3213
3261
  end
3214
3262
 
3263
+ # Creates a cloud service provider management (CSPM) connector in
3264
+ # Security Hub CSPM. A connector establishes a connection between
3265
+ # Security Hub CSPM and a third-party cloud provider, enabling Security
3266
+ # Hub CSPM to ingest security findings and resource data from the
3267
+ # connected environment.
3268
+ #
3269
+ # @option params [required, String] :name
3270
+ # The name of the connector. Must be unique within the account.
3271
+ #
3272
+ # @option params [String] :description
3273
+ # The description of the connector.
3274
+ #
3275
+ # @option params [required, Types::CspmProviderConfiguration] :provider
3276
+ # The configuration for the cloud provider to connect to. Currently
3277
+ # supports Azure.
3278
+ #
3279
+ # @option params [Hash<String,String>] :tags
3280
+ # The tags to add to the connector resource.
3281
+ #
3282
+ # @option params [String] :client_token
3283
+ # A unique identifier used to ensure idempotency of the request.
3284
+ #
3285
+ # **A suitable default value is auto-generated.** You should normally
3286
+ # not need to pass this option.**
3287
+ #
3288
+ # @return [Types::CreateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3289
+ #
3290
+ # * {Types::CreateConnectorResponse#connector_arn #connector_arn} => String
3291
+ # * {Types::CreateConnectorResponse#connector_id #connector_id} => String
3292
+ # * {Types::CreateConnectorResponse#connector_status #connector_status} => String
3293
+ # * {Types::CreateConnectorResponse#enablement_status #enablement_status} => String
3294
+ #
3295
+ #
3296
+ # @example Example: To create a CSPM connector
3297
+ #
3298
+ # # This operation creates a CSPM connector to connect Security Hub to an Azure environment.
3299
+ #
3300
+ # resp = client.create_connector({
3301
+ # description: "Connector for Azure tenant monitoring",
3302
+ # name: "MyAzureConnector",
3303
+ # provider: {
3304
+ # azure: {
3305
+ # aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
3306
+ # azure_regions: [
3307
+ # "eastus",
3308
+ # "westus2",
3309
+ # ],
3310
+ # scope_configuration: {
3311
+ # scope_type: "TENANT",
3312
+ # },
3313
+ # },
3314
+ # },
3315
+ # })
3316
+ #
3317
+ # resp.to_h outputs the following:
3318
+ # {
3319
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3320
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3321
+ # enablement_status: "PENDING_ENABLEMENT",
3322
+ # }
3323
+ #
3324
+ # @example Request syntax with placeholder values
3325
+ #
3326
+ # resp = client.create_connector({
3327
+ # name: "NonEmptyString", # required
3328
+ # description: "NonEmptyString",
3329
+ # provider: { # required
3330
+ # azure: {
3331
+ # aws_config_connector_arn: "NonEmptyString", # required
3332
+ # scope_configuration: { # required
3333
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
3334
+ # scope_values: ["NonEmptyString"],
3335
+ # },
3336
+ # azure_regions: ["NonEmptyString"], # required
3337
+ # },
3338
+ # },
3339
+ # tags: {
3340
+ # "TagKey" => "TagValue",
3341
+ # },
3342
+ # client_token: "ClientToken",
3343
+ # })
3344
+ #
3345
+ # @example Response structure
3346
+ #
3347
+ # resp.connector_arn #=> String
3348
+ # resp.connector_id #=> String
3349
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
3350
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
3351
+ #
3352
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnector AWS API Documentation
3353
+ #
3354
+ # @overload create_connector(params = {})
3355
+ # @param [Hash] params ({})
3356
+ def create_connector(params = {}, options = {})
3357
+ req = build_request(:create_connector, params)
3358
+ req.send_request(options)
3359
+ end
3360
+
3215
3361
  # Grants permission to create a connectorV2 based on input parameters.
3216
3362
  #
3217
3363
  # @option params [required, String] :name
@@ -3242,6 +3388,7 @@ module Aws::SecurityHub
3242
3388
  # * {Types::CreateConnectorV2Response#connector_id #connector_id} => String
3243
3389
  # * {Types::CreateConnectorV2Response#auth_url #auth_url} => String
3244
3390
  # * {Types::CreateConnectorV2Response#connector_status #connector_status} => String
3391
+ # * {Types::CreateConnectorV2Response#enablement_status #enablement_status} => String
3245
3392
  #
3246
3393
  # @example Request syntax with placeholder values
3247
3394
  #
@@ -3256,6 +3403,14 @@ module Aws::SecurityHub
3256
3403
  # instance_name: "NonEmptyString", # required
3257
3404
  # secret_arn: "NonEmptyString", # required
3258
3405
  # },
3406
+ # azure: {
3407
+ # aws_config_connector_arn: "NonEmptyString", # required
3408
+ # scope_configuration: { # required
3409
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
3410
+ # scope_values: ["NonEmptyString"],
3411
+ # },
3412
+ # azure_regions: ["NonEmptyString"], # required
3413
+ # },
3259
3414
  # },
3260
3415
  # kms_key_arn: "NonEmptyString",
3261
3416
  # tags: {
@@ -3269,7 +3424,8 @@ module Aws::SecurityHub
3269
3424
  # resp.connector_arn #=> String
3270
3425
  # resp.connector_id #=> String
3271
3426
  # resp.auth_url #=> String
3272
- # resp.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
3427
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
3428
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
3273
3429
  #
3274
3430
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorV2 AWS API Documentation
3275
3431
  #
@@ -4156,6 +4312,24 @@ module Aws::SecurityHub
4156
4312
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4157
4313
  # },
4158
4314
  # ],
4315
+ # resource_owner_account_id: [
4316
+ # {
4317
+ # value: "NonEmptyString",
4318
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4319
+ # },
4320
+ # ],
4321
+ # resource_owner_org_id: [
4322
+ # {
4323
+ # value: "NonEmptyString",
4324
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4325
+ # },
4326
+ # ],
4327
+ # resource_provider: [
4328
+ # {
4329
+ # value: "NonEmptyString",
4330
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
4331
+ # },
4332
+ # ],
4159
4333
  # },
4160
4334
  # group_by_attribute: "NonEmptyString", # required
4161
4335
  # })
@@ -4524,12 +4698,58 @@ module Aws::SecurityHub
4524
4698
  req.send_request(options)
4525
4699
  end
4526
4700
 
4701
+ # Deletes a CSPM connector. When you delete a connector, Security Hub
4702
+ # CSPM stops ingesting findings and resource data from the connected
4703
+ # cloud provider environment.
4704
+ #
4705
+ # @option params [required, String] :connector_id
4706
+ # The unique identifier of the connector to delete.
4707
+ #
4708
+ # @return [Types::DeleteConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4709
+ #
4710
+ # * {Types::DeleteConnectorResponse#enablement_status #enablement_status} => String
4711
+ #
4712
+ #
4713
+ # @example Example: To delete a CSPM connector
4714
+ #
4715
+ # # This operation deletes a CSPM connector.
4716
+ #
4717
+ # resp = client.delete_connector({
4718
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4719
+ # })
4720
+ #
4721
+ # resp.to_h outputs the following:
4722
+ # {
4723
+ # enablement_status: "PENDING_DELETION",
4724
+ # }
4725
+ #
4726
+ # @example Request syntax with placeholder values
4727
+ #
4728
+ # resp = client.delete_connector({
4729
+ # connector_id: "NonEmptyString", # required
4730
+ # })
4731
+ #
4732
+ # @example Response structure
4733
+ #
4734
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
4735
+ #
4736
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnector AWS API Documentation
4737
+ #
4738
+ # @overload delete_connector(params = {})
4739
+ # @param [Hash] params ({})
4740
+ def delete_connector(params = {}, options = {})
4741
+ req = build_request(:delete_connector, params)
4742
+ req.send_request(options)
4743
+ end
4744
+
4527
4745
  # Grants permission to delete a connectorV2.
4528
4746
  #
4529
4747
  # @option params [required, String] :connector_id
4530
4748
  # The UUID of the connectorV2 to identify connectorV2 resource.
4531
4749
  #
4532
- # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4750
+ # @return [Types::DeleteConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4751
+ #
4752
+ # * {Types::DeleteConnectorV2Response#enablement_status #enablement_status} => String
4533
4753
  #
4534
4754
  # @example Request syntax with placeholder values
4535
4755
  #
@@ -4537,6 +4757,10 @@ module Aws::SecurityHub
4537
4757
  # connector_id: "NonEmptyString", # required
4538
4758
  # })
4539
4759
  #
4760
+ # @example Response structure
4761
+ #
4762
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
4763
+ #
4540
4764
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorV2 AWS API Documentation
4541
4765
  #
4542
4766
  # @overload delete_connector_v2(params = {})
@@ -5085,11 +5309,15 @@ module Aws::SecurityHub
5085
5309
  #
5086
5310
  # * {Types::DescribeSecurityHubV2Response#hub_v2_arn #hub_v2_arn} => String
5087
5311
  # * {Types::DescribeSecurityHubV2Response#subscribed_at #subscribed_at} => String
5312
+ # * {Types::DescribeSecurityHubV2Response#features #features} => Hash&lt;String,Types::FeatureDetail&gt;
5088
5313
  #
5089
5314
  # @example Response structure
5090
5315
  #
5091
5316
  # resp.hub_v2_arn #=> String
5092
5317
  # resp.subscribed_at #=> String
5318
+ # resp.features #=> Hash
5319
+ # resp.features["FeatureNameKey"].feature_status #=> String, one of "ENABLED", "DISABLED"
5320
+ # resp.features["FeatureNameKey"].updated_at #=> Time
5093
5321
  #
5094
5322
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeSecurityHubV2 AWS API Documentation
5095
5323
  #
@@ -5117,6 +5345,11 @@ module Aws::SecurityHub
5117
5345
  # @option params [Integer] :max_results
5118
5346
  # The maximum number of standards to return.
5119
5347
  #
5348
+ # @option params [Array<String>] :providers
5349
+ # A list of cloud providers to filter the standards by. For example,
5350
+ # specify `Azure` to return only standards that evaluate Azure
5351
+ # resources.
5352
+ #
5120
5353
  # @return [Types::DescribeStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5121
5354
  #
5122
5355
  # * {Types::DescribeStandardsResponse#standards #standards} => Array&lt;Types::Standard&gt;
@@ -5167,6 +5400,7 @@ module Aws::SecurityHub
5167
5400
  # resp = client.describe_standards({
5168
5401
  # next_token: "NextToken",
5169
5402
  # max_results: 1,
5403
+ # providers: ["AWS"], # accepts AWS, Azure
5170
5404
  # })
5171
5405
  #
5172
5406
  # @example Response structure
@@ -5176,6 +5410,7 @@ module Aws::SecurityHub
5176
5410
  # resp.standards[0].name #=> String
5177
5411
  # resp.standards[0].description #=> String
5178
5412
  # resp.standards[0].enabled_by_default #=> Boolean
5413
+ # resp.standards[0].provider #=> String, one of "AWS", "Azure"
5179
5414
  # resp.standards[0].standards_managed_by.company #=> String
5180
5415
  # resp.standards[0].standards_managed_by.product #=> String
5181
5416
  # resp.next_token #=> String
@@ -5409,8 +5644,35 @@ module Aws::SecurityHub
5409
5644
  req.send_request(options)
5410
5645
  end
5411
5646
 
5647
+ # Disables an opt-in feature for the calling account in the current
5648
+ # Amazon Web Services Region. The operation is idempotent. If the
5649
+ # feature is already disabled, no changes are made. You cannot disable a
5650
+ # feature that is managed by an organization policy.
5651
+ #
5652
+ # @option params [required, String] :feature_name
5653
+ # The name of the feature to disable.
5654
+ #
5655
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5656
+ #
5657
+ # @example Request syntax with placeholder values
5658
+ #
5659
+ # resp = client.disable_security_hub_feature_v2({
5660
+ # feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
5661
+ # })
5662
+ #
5663
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubFeatureV2 AWS API Documentation
5664
+ #
5665
+ # @overload disable_security_hub_feature_v2(params = {})
5666
+ # @param [Hash] params ({})
5667
+ def disable_security_hub_feature_v2(params = {}, options = {})
5668
+ req = build_request(:disable_security_hub_feature_v2, params)
5669
+ req.send_request(options)
5670
+ end
5671
+
5412
5672
  # Disable the service for the current Amazon Web Services Region or
5413
- # specified Amazon Web Services Region.
5673
+ # specified Amazon Web Services Region. Disabling the service also
5674
+ # disables all opt-in features that are currently enabled in that
5675
+ # Region.
5414
5676
  #
5415
5677
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5416
5678
  #
@@ -5707,6 +5969,32 @@ module Aws::SecurityHub
5707
5969
  req.send_request(options)
5708
5970
  end
5709
5971
 
5972
+ # Enables an opt-in feature for the calling account in the current
5973
+ # Amazon Web Services Region. The service must be enabled before you can
5974
+ # enable a feature. The operation is idempotent. If the feature is
5975
+ # already enabled, no changes are made. You cannot enable a feature that
5976
+ # is managed by an organization policy.
5977
+ #
5978
+ # @option params [required, String] :feature_name
5979
+ # The name of the feature to enable.
5980
+ #
5981
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5982
+ #
5983
+ # @example Request syntax with placeholder values
5984
+ #
5985
+ # resp = client.enable_security_hub_feature_v2({
5986
+ # feature_name: "NETWORK_SCANNING", # required, accepts NETWORK_SCANNING
5987
+ # })
5988
+ #
5989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubFeatureV2 AWS API Documentation
5990
+ #
5991
+ # @overload enable_security_hub_feature_v2(params = {})
5992
+ # @param [Hash] params ({})
5993
+ def enable_security_hub_feature_v2(params = {}, options = {})
5994
+ req = build_request(:enable_security_hub_feature_v2, params)
5995
+ req.send_request(options)
5996
+ end
5997
+
5710
5998
  # Enables the service in account for the current Amazon Web Services
5711
5999
  # Region or specified Amazon Web Services Region.
5712
6000
  #
@@ -5876,7 +6164,7 @@ module Aws::SecurityHub
5876
6164
  # resp.description #=> String
5877
6165
  # resp.criteria.ocsf_finding_criteria.composite_filters #=> Array
5878
6166
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters #=> Array
5879
- # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
6167
+ # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].field_name #=> String, one of "metadata.uid", "activity_name", "cloud.account.uid", "cloud.provider", "cloud.region", "compliance.assessments.category", "compliance.assessments.name", "compliance.control", "compliance.status", "compliance.standards", "finding_info.desc", "finding_info.src_url", "finding_info.title", "finding_info.types", "finding_info.uid", "finding_info.related_events.traits.category", "finding_info.related_events.uid", "finding_info.related_events.product.uid", "finding_info.related_events.title", "metadata.product.name", "metadata.product.uid", "metadata.product.vendor_name", "remediation.desc", "remediation.references", "resources.cloud_partition", "resources.name", "resources.owner.account.uid", "resources.owner.org.uid", "resources.owner.account.name", "resources.provider", "resources.region", "resources.type", "resources.uid", "severity", "status", "comment", "vulnerabilities.fix_coverage", "class_name", "databucket.encryption_details.algorithm", "databucket.encryption_details.key_uid", "databucket.file.data_classifications.classifier_details.type", "evidences.actor.user.account.uid", "evidences.api.operation", "evidences.api.response.error_message", "evidences.api.service.name", "evidences.connection_info.direction", "evidences.connection_info.protocol_name", "evidences.dst_endpoint.autonomous_system.name", "evidences.dst_endpoint.location.city", "evidences.dst_endpoint.location.country", "evidences.src_endpoint.autonomous_system.name", "evidences.src_endpoint.hostname", "evidences.src_endpoint.location.city", "evidences.src_endpoint.location.country", "finding_info.analytic.name", "malware.name", "malware_scan_info.uid", "malware.severity", "resources.cloud_function.layers.uid_alt", "resources.cloud_function.runtime", "resources.cloud_function.user.uid", "resources.device.encryption_details.key_uid", "resources.device.image.uid", "resources.image.architecture", "resources.image.registry_uid", "resources.image.repository_name", "resources.image.uid", "resources.subnet_info.uid", "resources.vpc_uid", "vulnerabilities.affected_code.file.path", "vulnerabilities.affected_packages.name", "vulnerabilities.cve.epss.score", "vulnerabilities.cve.uid", "vulnerabilities.related_vulnerabilities", "cloud.account.name", "vendor_attributes.severity"
5880
6168
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.value #=> String
5881
6169
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].string_filters[0].filter.comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
5882
6170
  # resp.criteria.ocsf_finding_criteria.composite_filters[0].date_filters #=> Array
@@ -6107,6 +6395,98 @@ module Aws::SecurityHub
6107
6395
  req.send_request(options)
6108
6396
  end
6109
6397
 
6398
+ # Retrieves details for a CSPM connector based on the connector ID.
6399
+ #
6400
+ # @option params [required, String] :connector_id
6401
+ # The unique identifier of the connector to retrieve.
6402
+ #
6403
+ # @return [Types::GetConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6404
+ #
6405
+ # * {Types::GetConnectorResponse#connector_arn #connector_arn} => String
6406
+ # * {Types::GetConnectorResponse#connector_id #connector_id} => String
6407
+ # * {Types::GetConnectorResponse#name #name} => String
6408
+ # * {Types::GetConnectorResponse#description #description} => String
6409
+ # * {Types::GetConnectorResponse#created_at #created_at} => Time
6410
+ # * {Types::GetConnectorResponse#last_updated_at #last_updated_at} => Time
6411
+ # * {Types::GetConnectorResponse#health #health} => Types::CspmHealthCheck
6412
+ # * {Types::GetConnectorResponse#provider_detail #provider_detail} => Types::CspmProviderDetail
6413
+ # * {Types::GetConnectorResponse#created_by #created_by} => String
6414
+ # * {Types::GetConnectorResponse#enablement_status #enablement_status} => String
6415
+ #
6416
+ #
6417
+ # @example Example: To get details of a CSPM connector
6418
+ #
6419
+ # # This operation retrieves details for a CSPM connector.
6420
+ #
6421
+ # resp = client.get_connector({
6422
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6423
+ # })
6424
+ #
6425
+ # resp.to_h outputs the following:
6426
+ # {
6427
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6428
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6429
+ # created_at: Time.parse("2026-01-15T10:30:00.000Z"),
6430
+ # created_by: "securityhub.amazonaws.com",
6431
+ # description: "Connector for Azure tenant monitoring",
6432
+ # health: {
6433
+ # connector_status: "CONNECTED",
6434
+ # last_checked_at: Time.parse("2026-05-20T14:00:00.000Z"),
6435
+ # },
6436
+ # last_updated_at: Time.parse("2026-05-20T14:00:00.000Z"),
6437
+ # name: "MyAzureConnector",
6438
+ # provider_detail: {
6439
+ # azure: {
6440
+ # aws_config_connector_arn: "arn:aws:config:us-east-1:123456789012:connector/azure-connector-1234",
6441
+ # azure_regions: [
6442
+ # "eastus",
6443
+ # "westus2",
6444
+ # ],
6445
+ # scope_configuration: {
6446
+ # scope_type: "TENANT",
6447
+ # },
6448
+ # },
6449
+ # },
6450
+ # }
6451
+ #
6452
+ # @example Request syntax with placeholder values
6453
+ #
6454
+ # resp = client.get_connector({
6455
+ # connector_id: "NonEmptyString", # required
6456
+ # })
6457
+ #
6458
+ # @example Response structure
6459
+ #
6460
+ # resp.connector_arn #=> String
6461
+ # resp.connector_id #=> String
6462
+ # resp.name #=> String
6463
+ # resp.description #=> String
6464
+ # resp.created_at #=> Time
6465
+ # resp.last_updated_at #=> Time
6466
+ # resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
6467
+ # resp.health.message #=> String
6468
+ # resp.health.last_checked_at #=> Time
6469
+ # resp.health.issues #=> Array
6470
+ # resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
6471
+ # resp.health.issues[0].message #=> String
6472
+ # resp.provider_detail.azure.aws_config_connector_arn #=> String
6473
+ # resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
6474
+ # resp.provider_detail.azure.scope_configuration.scope_values #=> Array
6475
+ # resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
6476
+ # resp.provider_detail.azure.azure_regions #=> Array
6477
+ # resp.provider_detail.azure.azure_regions[0] #=> String
6478
+ # resp.created_by #=> String
6479
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
6480
+ #
6481
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnector AWS API Documentation
6482
+ #
6483
+ # @overload get_connector(params = {})
6484
+ # @param [Hash] params ({})
6485
+ def get_connector(params = {}, options = {})
6486
+ req = build_request(:get_connector, params)
6487
+ req.send_request(options)
6488
+ end
6489
+
6110
6490
  # Grants permission to retrieve details for a connectorV2 based on
6111
6491
  # connector id.
6112
6492
  #
@@ -6124,6 +6504,8 @@ module Aws::SecurityHub
6124
6504
  # * {Types::GetConnectorV2Response#last_updated_at #last_updated_at} => Time
6125
6505
  # * {Types::GetConnectorV2Response#health #health} => Types::HealthCheck
6126
6506
  # * {Types::GetConnectorV2Response#provider_detail #provider_detail} => Types::ProviderDetail
6507
+ # * {Types::GetConnectorV2Response#enablement_status #enablement_status} => String
6508
+ # * {Types::GetConnectorV2Response#enablement_status_reason #enablement_status_reason} => String
6127
6509
  #
6128
6510
  # @example Request syntax with placeholder values
6129
6511
  #
@@ -6140,9 +6522,12 @@ module Aws::SecurityHub
6140
6522
  # resp.kms_key_arn #=> String
6141
6523
  # resp.created_at #=> Time
6142
6524
  # resp.last_updated_at #=> Time
6143
- # resp.health.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
6525
+ # resp.health.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
6144
6526
  # resp.health.message #=> String
6145
6527
  # resp.health.last_checked_at #=> Time
6528
+ # resp.health.issues #=> Array
6529
+ # resp.health.issues[0].code #=> String, one of "AUTHENTICATION_FAILURE", "STREAM_AUTHORIZATION_FAILURE", "DISCOVERY_FAILURE", "STREAM_LIMIT_EXCEEDED", "STREAM_DISCONNECTED", "RECORDING_FAILURE", "NO_HEALTH_DATA"
6530
+ # resp.health.issues[0].message #=> String
6146
6531
  # resp.provider_detail.jira_cloud.cloud_id #=> String
6147
6532
  # resp.provider_detail.jira_cloud.project_key #=> String
6148
6533
  # resp.provider_detail.jira_cloud.domain #=> String
@@ -6151,6 +6536,14 @@ module Aws::SecurityHub
6151
6536
  # resp.provider_detail.service_now.instance_name #=> String
6152
6537
  # resp.provider_detail.service_now.secret_arn #=> String
6153
6538
  # resp.provider_detail.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
6539
+ # resp.provider_detail.azure.aws_config_connector_arn #=> String
6540
+ # resp.provider_detail.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
6541
+ # resp.provider_detail.azure.scope_configuration.scope_values #=> Array
6542
+ # resp.provider_detail.azure.scope_configuration.scope_values[0] #=> String
6543
+ # resp.provider_detail.azure.azure_regions #=> Array
6544
+ # resp.provider_detail.azure.azure_regions[0] #=> String
6545
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
6546
+ # resp.enablement_status_reason #=> String
6154
6547
  #
6155
6548
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorV2 AWS API Documentation
6156
6549
  #
@@ -6179,6 +6572,11 @@ module Aws::SecurityHub
6179
6572
  # @option params [Integer] :max_results
6180
6573
  # The maximum number of results to return in the response.
6181
6574
  #
6575
+ # @option params [Array<String>] :providers
6576
+ # A list of cloud providers to filter the enabled standards by. For
6577
+ # example, specify `Azure` to return only enabled standards that
6578
+ # evaluate Azure resources.
6579
+ #
6182
6580
  # @return [Types::GetEnabledStandardsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6183
6581
  #
6184
6582
  # * {Types::GetEnabledStandardsResponse#standards_subscriptions #standards_subscriptions} => Array&lt;Types::StandardsSubscription&gt;
@@ -6216,6 +6614,7 @@ module Aws::SecurityHub
6216
6614
  # standards_subscription_arns: ["NonEmptyString"],
6217
6615
  # next_token: "NextToken",
6218
6616
  # max_results: 1,
6617
+ # providers: ["AWS"], # accepts AWS, Azure
6219
6618
  # })
6220
6619
  #
6221
6620
  # @example Response structure
@@ -6227,7 +6626,8 @@ module Aws::SecurityHub
6227
6626
  # resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
6228
6627
  # resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
6229
6628
  # resp.standards_subscriptions[0].standards_controls_updatable #=> String, one of "READY_FOR_UPDATES", "NOT_READY_FOR_UPDATES"
6230
- # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "INTERNAL_ERROR"
6629
+ # resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "MAXIMUM_NUMBER_OF_CONFIG_RULES_EXCEEDED", "NO_AVAILABLE_MULTICLOUD_CONNECTOR", "INTERNAL_ERROR"
6630
+ # resp.standards_subscriptions[0].provider #=> String, one of "AWS", "Azure"
6231
6631
  # resp.next_token #=> String
6232
6632
  #
6233
6633
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetEnabledStandards AWS API Documentation
@@ -6516,7 +6916,7 @@ module Aws::SecurityHub
6516
6916
  # {
6517
6917
  # string_filters: [
6518
6918
  # {
6519
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
6919
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
6520
6920
  # filter: {
6521
6921
  # value: "NonEmptyString",
6522
6922
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -6583,7 +6983,7 @@ module Aws::SecurityHub
6583
6983
  # ],
6584
6984
  # composite_operator: "AND", # accepts AND, OR
6585
6985
  # },
6586
- # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
6986
+ # group_by_field: "activity_name", # required, accepts activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.name, compliance.status, compliance.control, finding_info.title, finding_info.related_events.traits.category, finding_info.types, metadata.product.name, metadata.product.uid, resources.type, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.uid, severity, status, vulnerabilities.fix_coverage, class_name, vulnerabilities.affected_packages.name, finding_info.analytic.name, compliance.standards, cloud.account.name, vendor_attributes.severity, metadata.product.vendor_name
6587
6987
  # },
6588
6988
  # ],
6589
6989
  # scopes: {
@@ -7471,6 +7871,24 @@ module Aws::SecurityHub
7471
7871
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7472
7872
  # },
7473
7873
  # ],
7874
+ # resource_owner_account_id: [
7875
+ # {
7876
+ # value: "NonEmptyString",
7877
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7878
+ # },
7879
+ # ],
7880
+ # resource_owner_org_id: [
7881
+ # {
7882
+ # value: "NonEmptyString",
7883
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7884
+ # },
7885
+ # ],
7886
+ # resource_provider: [
7887
+ # {
7888
+ # value: "NonEmptyString",
7889
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
7890
+ # },
7891
+ # ],
7474
7892
  # },
7475
7893
  # sort_criteria: [
7476
7894
  # {
@@ -7530,7 +7948,7 @@ module Aws::SecurityHub
7530
7948
  # {
7531
7949
  # string_filters: [
7532
7950
  # {
7533
- # field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name
7951
+ # field_name: "account_id", # accepts account_id, region, finding_types, finding_status, finding_cve_ids, finding_compliance_status, finding_control_id, finding_class_name, finding_provider, finding_activity_name, resource_cloud_providers, resource_regions, resource_owner_ids, resource_owner_organization_ids
7534
7952
  # filter: {
7535
7953
  # value: "NonEmptyString",
7536
7954
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -7639,7 +8057,7 @@ module Aws::SecurityHub
7639
8057
  # {
7640
8058
  # string_filters: [
7641
8059
  # {
7642
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
8060
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
7643
8061
  # filter: {
7644
8062
  # value: "NonEmptyString",
7645
8063
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8243,6 +8661,15 @@ module Aws::SecurityHub
8243
8661
  # resp.insights[0].filters.resource_application_arn #=> Array
8244
8662
  # resp.insights[0].filters.resource_application_arn[0].value #=> String
8245
8663
  # resp.insights[0].filters.resource_application_arn[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8664
+ # resp.insights[0].filters.resource_owner_account_id #=> Array
8665
+ # resp.insights[0].filters.resource_owner_account_id[0].value #=> String
8666
+ # resp.insights[0].filters.resource_owner_account_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8667
+ # resp.insights[0].filters.resource_owner_org_id #=> Array
8668
+ # resp.insights[0].filters.resource_owner_org_id[0].value #=> String
8669
+ # resp.insights[0].filters.resource_owner_org_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8670
+ # resp.insights[0].filters.resource_provider #=> Array
8671
+ # resp.insights[0].filters.resource_provider[0].value #=> String
8672
+ # resp.insights[0].filters.resource_provider[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS", "CONTAINS_WORD"
8246
8673
  # resp.insights[0].group_by_attribute #=> String
8247
8674
  # resp.next_token #=> String
8248
8675
  #
@@ -8527,13 +8954,13 @@ module Aws::SecurityHub
8527
8954
  # resp = client.get_resources_statistics_v2({
8528
8955
  # group_by_rules: [ # required
8529
8956
  # {
8530
- # group_by_field: "AccountId", # required, accepts AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
8957
+ # group_by_field: "AccountId", # required, accepts AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType
8531
8958
  # filters: {
8532
8959
  # composite_filters: [
8533
8960
  # {
8534
8961
  # string_filters: [
8535
8962
  # {
8536
- # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8963
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8537
8964
  # filter: {
8538
8965
  # value: "NonEmptyString",
8539
8966
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8654,7 +9081,7 @@ module Aws::SecurityHub
8654
9081
  # {
8655
9082
  # string_filters: [
8656
9083
  # {
8657
- # field_name: "account_id", # accepts account_id, region, resource_type, resource_category
9084
+ # field_name: "account_id", # accepts account_id, region, resource_type, resource_category, resource_cloud_provider, resource_region, resource_owner_id, resource_owner_organization_id
8658
9085
  # filter: {
8659
9086
  # value: "NonEmptyString",
8660
9087
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8749,7 +9176,7 @@ module Aws::SecurityHub
8749
9176
  # {
8750
9177
  # string_filters: [
8751
9178
  # {
8752
- # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, Region, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
9179
+ # field_name: "ResourceGuid", # accepts ResourceGuid, ResourceId, AccountId, AccountName, Region, ResourceProvider, ResourceOwnerAccountId, ResourceOwnerOrgId, ResourceCloudPartition, ResourceRegion, ResourceCategory, ResourceType, ResourceName, FindingsSummary.FindingType, FindingsSummary.ProductName
8753
9180
  # filter: {
8754
9181
  # value: "NonEmptyString",
8755
9182
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -8824,8 +9251,14 @@ module Aws::SecurityHub
8824
9251
  # resp.resources[0].resource_guid #=> String
8825
9252
  # resp.resources[0].resource_id #=> String
8826
9253
  # resp.resources[0].account_id #=> String
9254
+ # resp.resources[0].account_name #=> String
8827
9255
  # resp.resources[0].region #=> String
8828
- # resp.resources[0].resource_category #=> String, one of "Compute", "Database", "Storage", "Code", "AI/ML", "Identity", "Network", "Other"
9256
+ # resp.resources[0].resource_provider #=> String
9257
+ # resp.resources[0].resource_owner_account_id #=> String
9258
+ # resp.resources[0].resource_owner_org_id #=> String
9259
+ # resp.resources[0].resource_cloud_partition #=> String
9260
+ # resp.resources[0].resource_region #=> String
9261
+ # resp.resources[0].resource_category #=> String, one of "Compute", "Database", "Storage", "Code", "AI/ML", "Identity", "Network", "Messaging", "Other"
8829
9262
  # resp.resources[0].resource_type #=> String
8830
9263
  # resp.resources[0].resource_name #=> String
8831
9264
  # resp.resources[0].resource_creation_time_dt #=> String
@@ -8947,6 +9380,7 @@ module Aws::SecurityHub
8947
9380
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
8948
9381
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
8949
9382
  # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
9383
+ # resp.security_control_definition.provider #=> String, one of "AWS", "Azure"
8950
9384
  #
8951
9385
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinition AWS API Documentation
8952
9386
  #
@@ -9385,6 +9819,92 @@ module Aws::SecurityHub
9385
9819
  req.send_request(options)
9386
9820
  end
9387
9821
 
9822
+ # Lists the CSPM connectors and their metadata for the calling account.
9823
+ #
9824
+ # @option params [String] :next_token
9825
+ # The pagination token to request the next page of results.
9826
+ #
9827
+ # @option params [Integer] :max_results
9828
+ # The maximum number of results to return.
9829
+ #
9830
+ # @option params [String] :provider_name
9831
+ # The name of the cloud provider to filter connectors by.
9832
+ #
9833
+ # @option params [String] :connector_status
9834
+ # The connectivity status to filter connectors by.
9835
+ #
9836
+ # @option params [String] :enablement_status
9837
+ # The enablement status to filter connectors by.
9838
+ #
9839
+ # @return [Types::ListConnectorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9840
+ #
9841
+ # * {Types::ListConnectorsResponse#next_token #next_token} => String
9842
+ # * {Types::ListConnectorsResponse#connectors #connectors} => Array&lt;Types::CspmConnectorSummary&gt;
9843
+ #
9844
+ #
9845
+ # @example Example: To list CSPM connectors
9846
+ #
9847
+ # # This operation lists the CSPM connectors for the calling account.
9848
+ #
9849
+ # resp = client.list_connectors({
9850
+ # max_results: 10,
9851
+ # })
9852
+ #
9853
+ # resp.to_h outputs the following:
9854
+ # {
9855
+ # connectors: [
9856
+ # {
9857
+ # connector_arn: "arn:aws:securityhub:us-east-1:123456789012:connector/cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
9858
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
9859
+ # created_at: Time.parse("2026-01-15T10:30:00.000Z"),
9860
+ # name: "MyAzureConnector",
9861
+ # provider_summary: {
9862
+ # connector_status: "CONNECTED",
9863
+ # provider_name: "AZURE",
9864
+ # },
9865
+ # },
9866
+ # ],
9867
+ # }
9868
+ #
9869
+ # @example Request syntax with placeholder values
9870
+ #
9871
+ # resp = client.list_connectors({
9872
+ # next_token: "NextToken",
9873
+ # max_results: 1,
9874
+ # provider_name: "AZURE", # accepts AZURE
9875
+ # connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, UNKNOWN
9876
+ # enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, PENDING_UPDATE, PENDING_DELETION
9877
+ # })
9878
+ #
9879
+ # @example Response structure
9880
+ #
9881
+ # resp.next_token #=> String
9882
+ # resp.connectors #=> Array
9883
+ # resp.connectors[0].connector_arn #=> String
9884
+ # resp.connectors[0].connector_id #=> String
9885
+ # resp.connectors[0].name #=> String
9886
+ # resp.connectors[0].description #=> String
9887
+ # resp.connectors[0].provider_summary.provider_name #=> String, one of "AZURE"
9888
+ # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
9889
+ # resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
9890
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
9891
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
9892
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
9893
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
9894
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
9895
+ # resp.connectors[0].created_at #=> Time
9896
+ # resp.connectors[0].created_by #=> String
9897
+ # resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
9898
+ #
9899
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectors AWS API Documentation
9900
+ #
9901
+ # @overload list_connectors(params = {})
9902
+ # @param [Hash] params ({})
9903
+ def list_connectors(params = {}, options = {})
9904
+ req = build_request(:list_connectors, params)
9905
+ req.send_request(options)
9906
+ end
9907
+
9388
9908
  # Grants permission to retrieve a list of connectorsV2 and their
9389
9909
  # metadata for the calling account.
9390
9910
  #
@@ -9400,6 +9920,9 @@ module Aws::SecurityHub
9400
9920
  # @option params [String] :connector_status
9401
9921
  # The status for the connectorV2.
9402
9922
  #
9923
+ # @option params [String] :enablement_status
9924
+ # The enablement status to filter connectors by.
9925
+ #
9403
9926
  # @return [Types::ListConnectorsV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9404
9927
  #
9405
9928
  # * {Types::ListConnectorsV2Response#next_token #next_token} => String
@@ -9410,8 +9933,9 @@ module Aws::SecurityHub
9410
9933
  # resp = client.list_connectors_v2({
9411
9934
  # next_token: "NextToken",
9412
9935
  # max_results: 1,
9413
- # provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW
9414
- # connector_status: "CONNECTED", # accepts CONNECTED, FAILED_TO_CONNECT, PENDING_CONFIGURATION, PENDING_AUTHORIZATION
9936
+ # provider_name: "JIRA_CLOUD", # accepts JIRA_CLOUD, SERVICENOW, AZURE
9937
+ # connector_status: "CONNECTED", # accepts CONNECTED, DEGRADED, FAILED_TO_CONNECT, PENDING_AUTHORIZATION, PENDING_CONFIGURATION, UNKNOWN
9938
+ # enablement_status: "ENABLED", # accepts ENABLED, PENDING_ENABLEMENT, FAILED_TO_ENABLE, PENDING_UPDATE, FAILED_TO_UPDATE, PENDING_DELETION, FAILED_TO_DELETE
9415
9939
  # })
9416
9940
  #
9417
9941
  # @example Response structure
@@ -9422,9 +9946,25 @@ module Aws::SecurityHub
9422
9946
  # resp.connectors[0].connector_id #=> String
9423
9947
  # resp.connectors[0].name #=> String
9424
9948
  # resp.connectors[0].description #=> String
9425
- # resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW"
9426
- # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "FAILED_TO_CONNECT", "PENDING_CONFIGURATION", "PENDING_AUTHORIZATION"
9949
+ # resp.connectors[0].provider_summary.provider_name #=> String, one of "JIRA_CLOUD", "SERVICENOW", "AZURE"
9950
+ # resp.connectors[0].provider_summary.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
9951
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.cloud_id #=> String
9952
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.project_key #=> String
9953
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.domain #=> String
9954
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_url #=> String
9955
+ # resp.connectors[0].provider_summary.provider_configuration.jira_cloud.auth_status #=> String, one of "ACTIVE", "FAILED"
9956
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.instance_name #=> String
9957
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.secret_arn #=> String
9958
+ # resp.connectors[0].provider_summary.provider_configuration.service_now.auth_status #=> String, one of "ACTIVE", "FAILED"
9959
+ # resp.connectors[0].provider_summary.provider_configuration.azure.aws_config_connector_arn #=> String
9960
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_type #=> String, one of "TENANT", "SUBSCRIPTION"
9961
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values #=> Array
9962
+ # resp.connectors[0].provider_summary.provider_configuration.azure.scope_configuration.scope_values[0] #=> String
9963
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions #=> Array
9964
+ # resp.connectors[0].provider_summary.provider_configuration.azure.azure_regions[0] #=> String
9427
9965
  # resp.connectors[0].created_at #=> Time
9966
+ # resp.connectors[0].enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
9967
+ # resp.connectors[0].enablement_status_reason #=> String
9428
9968
  #
9429
9969
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsV2 AWS API Documentation
9430
9970
  #
@@ -9822,6 +10362,11 @@ module Aws::SecurityHub
9822
10362
  # the next 25 controls. This repeats until all controls for the standard
9823
10363
  # are returned.
9824
10364
  #
10365
+ # @option params [Array<String>] :providers
10366
+ # A list of cloud providers to filter the security control definitions
10367
+ # by. For example, specify `Azure` to return only controls that evaluate
10368
+ # Azure resources.
10369
+ #
9825
10370
  # @return [Types::ListSecurityControlDefinitionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
9826
10371
  #
9827
10372
  # * {Types::ListSecurityControlDefinitionsResponse#security_control_definitions #security_control_definitions} => Array&lt;Types::SecurityControlDefinition&gt;
@@ -9883,6 +10428,7 @@ module Aws::SecurityHub
9883
10428
  # standards_arn: "NonEmptyString",
9884
10429
  # next_token: "NextToken",
9885
10430
  # max_results: 1,
10431
+ # providers: ["AWS"], # accepts AWS, Azure
9886
10432
  # })
9887
10433
  #
9888
10434
  # @example Response structure
@@ -9926,6 +10472,7 @@ module Aws::SecurityHub
9926
10472
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
9927
10473
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
9928
10474
  # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
10475
+ # resp.security_control_definitions[0].provider #=> String, one of "AWS", "Azure"
9929
10476
  # resp.next_token #=> String
9930
10477
  #
9931
10478
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListSecurityControlDefinitions AWS API Documentation
@@ -10469,7 +11016,7 @@ module Aws::SecurityHub
10469
11016
  # {
10470
11017
  # string_filters: [
10471
11018
  # {
10472
- # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
11019
+ # field_name: "metadata.uid", # accepts metadata.uid, activity_name, cloud.account.uid, cloud.provider, cloud.region, compliance.assessments.category, compliance.assessments.name, compliance.control, compliance.status, compliance.standards, finding_info.desc, finding_info.src_url, finding_info.title, finding_info.types, finding_info.uid, finding_info.related_events.traits.category, finding_info.related_events.uid, finding_info.related_events.product.uid, finding_info.related_events.title, metadata.product.name, metadata.product.uid, metadata.product.vendor_name, remediation.desc, remediation.references, resources.cloud_partition, resources.name, resources.owner.account.uid, resources.owner.org.uid, resources.owner.account.name, resources.provider, resources.region, resources.type, resources.uid, severity, status, comment, vulnerabilities.fix_coverage, class_name, databucket.encryption_details.algorithm, databucket.encryption_details.key_uid, databucket.file.data_classifications.classifier_details.type, evidences.actor.user.account.uid, evidences.api.operation, evidences.api.response.error_message, evidences.api.service.name, evidences.connection_info.direction, evidences.connection_info.protocol_name, evidences.dst_endpoint.autonomous_system.name, evidences.dst_endpoint.location.city, evidences.dst_endpoint.location.country, evidences.src_endpoint.autonomous_system.name, evidences.src_endpoint.hostname, evidences.src_endpoint.location.city, evidences.src_endpoint.location.country, finding_info.analytic.name, malware.name, malware_scan_info.uid, malware.severity, resources.cloud_function.layers.uid_alt, resources.cloud_function.runtime, resources.cloud_function.user.uid, resources.device.encryption_details.key_uid, resources.device.image.uid, resources.image.architecture, resources.image.registry_uid, resources.image.repository_name, resources.image.uid, resources.subnet_info.uid, resources.vpc_uid, vulnerabilities.affected_code.file.path, vulnerabilities.affected_packages.name, vulnerabilities.cve.epss.score, vulnerabilities.cve.uid, vulnerabilities.related_vulnerabilities, cloud.account.name, vendor_attributes.severity
10473
11020
  # filter: {
10474
11021
  # value: "NonEmptyString",
10475
11022
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
@@ -10762,6 +11309,85 @@ module Aws::SecurityHub
10762
11309
  req.send_request(options)
10763
11310
  end
10764
11311
 
11312
+ # Updates a CSPM connector's configuration, such as the scope or
11313
+ # regions for the connected cloud provider.
11314
+ #
11315
+ # @option params [required, String] :connector_id
11316
+ # The unique identifier of the connector to update.
11317
+ #
11318
+ # @option params [String] :description
11319
+ # The updated description of the connector.
11320
+ #
11321
+ # @option params [Types::CspmProviderUpdateConfiguration] :provider
11322
+ # The updated cloud provider configuration for the connector.
11323
+ #
11324
+ # @return [Types::UpdateConnectorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
11325
+ #
11326
+ # * {Types::UpdateConnectorResponse#connector_status #connector_status} => String
11327
+ # * {Types::UpdateConnectorResponse#enablement_status #enablement_status} => String
11328
+ #
11329
+ #
11330
+ # @example Example: To update a CSPM connector
11331
+ #
11332
+ # # This operation updates the configuration of a CSPM connector.
11333
+ #
11334
+ # resp = client.update_connector({
11335
+ # connector_id: "cspm-a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
11336
+ # description: "Updated connector description",
11337
+ # provider: {
11338
+ # azure: {
11339
+ # azure_regions: [
11340
+ # "eastus",
11341
+ # "westus2",
11342
+ # "northeurope",
11343
+ # ],
11344
+ # scope_configuration: {
11345
+ # scope_type: "SUBSCRIPTION",
11346
+ # scope_values: [
11347
+ # "sub-1234-5678-abcd",
11348
+ # "sub-9012-3456-efgh",
11349
+ # ],
11350
+ # },
11351
+ # },
11352
+ # },
11353
+ # })
11354
+ #
11355
+ # resp.to_h outputs the following:
11356
+ # {
11357
+ # connector_status: "CONNECTED",
11358
+ # enablement_status: "PENDING_UPDATE",
11359
+ # }
11360
+ #
11361
+ # @example Request syntax with placeholder values
11362
+ #
11363
+ # resp = client.update_connector({
11364
+ # connector_id: "NonEmptyString", # required
11365
+ # description: "NonEmptyString",
11366
+ # provider: {
11367
+ # azure: {
11368
+ # scope_configuration: { # required
11369
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
11370
+ # scope_values: ["NonEmptyString"],
11371
+ # },
11372
+ # azure_regions: ["NonEmptyString"], # required
11373
+ # },
11374
+ # },
11375
+ # })
11376
+ #
11377
+ # @example Response structure
11378
+ #
11379
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "UNKNOWN"
11380
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "PENDING_UPDATE", "PENDING_DELETION"
11381
+ #
11382
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnector AWS API Documentation
11383
+ #
11384
+ # @overload update_connector(params = {})
11385
+ # @param [Hash] params ({})
11386
+ def update_connector(params = {}, options = {})
11387
+ req = build_request(:update_connector, params)
11388
+ req.send_request(options)
11389
+ end
11390
+
10765
11391
  # Grants permission to update a connectorV2 based on its id and input
10766
11392
  # parameters.
10767
11393
  #
@@ -10774,7 +11400,10 @@ module Aws::SecurityHub
10774
11400
  # @option params [Types::ProviderUpdateConfiguration] :provider
10775
11401
  # The third-party provider’s service configuration.
10776
11402
  #
10777
- # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
11403
+ # @return [Types::UpdateConnectorV2Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
11404
+ #
11405
+ # * {Types::UpdateConnectorV2Response#connector_status #connector_status} => String
11406
+ # * {Types::UpdateConnectorV2Response#enablement_status #enablement_status} => String
10778
11407
  #
10779
11408
  # @example Request syntax with placeholder values
10780
11409
  #
@@ -10788,9 +11417,21 @@ module Aws::SecurityHub
10788
11417
  # service_now: {
10789
11418
  # secret_arn: "NonEmptyString",
10790
11419
  # },
11420
+ # azure: {
11421
+ # scope_configuration: { # required
11422
+ # scope_type: "TENANT", # required, accepts TENANT, SUBSCRIPTION
11423
+ # scope_values: ["NonEmptyString"],
11424
+ # },
11425
+ # azure_regions: ["NonEmptyString"], # required
11426
+ # },
10791
11427
  # },
10792
11428
  # })
10793
11429
  #
11430
+ # @example Response structure
11431
+ #
11432
+ # resp.connector_status #=> String, one of "CONNECTED", "DEGRADED", "FAILED_TO_CONNECT", "PENDING_AUTHORIZATION", "PENDING_CONFIGURATION", "UNKNOWN"
11433
+ # resp.enablement_status #=> String, one of "ENABLED", "PENDING_ENABLEMENT", "FAILED_TO_ENABLE", "PENDING_UPDATE", "FAILED_TO_UPDATE", "PENDING_DELETION", "FAILED_TO_DELETE"
11434
+ #
10794
11435
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorV2 AWS API Documentation
10795
11436
  #
10796
11437
  # @overload update_connector_v2(params = {})
@@ -11650,6 +12291,24 @@ module Aws::SecurityHub
11650
12291
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
11651
12292
  # },
11652
12293
  # ],
12294
+ # resource_owner_account_id: [
12295
+ # {
12296
+ # value: "NonEmptyString",
12297
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12298
+ # },
12299
+ # ],
12300
+ # resource_owner_org_id: [
12301
+ # {
12302
+ # value: "NonEmptyString",
12303
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12304
+ # },
12305
+ # ],
12306
+ # resource_provider: [
12307
+ # {
12308
+ # value: "NonEmptyString",
12309
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12310
+ # },
12311
+ # ],
11653
12312
  # },
11654
12313
  # note: {
11655
12314
  # text: "NonEmptyString", # required
@@ -12419,6 +13078,24 @@ module Aws::SecurityHub
12419
13078
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
12420
13079
  # },
12421
13080
  # ],
13081
+ # resource_owner_account_id: [
13082
+ # {
13083
+ # value: "NonEmptyString",
13084
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13085
+ # },
13086
+ # ],
13087
+ # resource_owner_org_id: [
13088
+ # {
13089
+ # value: "NonEmptyString",
13090
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13091
+ # },
13092
+ # ],
13093
+ # resource_provider: [
13094
+ # {
13095
+ # value: "NonEmptyString",
13096
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS, CONTAINS_WORD
13097
+ # },
13098
+ # ],
12422
13099
  # },
12423
13100
  # group_by_attribute: "NonEmptyString",
12424
13101
  # })
@@ -12709,7 +13386,7 @@ module Aws::SecurityHub
12709
13386
  tracer: tracer
12710
13387
  )
12711
13388
  context[:gem_name] = 'aws-sdk-securityhub'
12712
- context[:gem_version] = '1.158.0'
13389
+ context[:gem_version] = '1.159.0'
12713
13390
  Seahorse::Client::Request.new(handlers, context)
12714
13391
  end
12715
13392