aws-sdk-securityhub 1.158.0 → 1.159.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -1142,6 +1142,22 @@ module Aws::SecurityHub
1142
1142
  # Array Members: Minimum number of 1 item. Maximum number of 20 items.
1143
1143
  # @return [Array<Types::StringFilter>]
1144
1144
  #
1145
+ # @!attribute [rw] resource_provider
1146
+ # The cloud provider that the resource belongs to. Valid values are
1147
+ # `AWS` and `Azure`.
1148
+ # @return [Array<Types::StringFilter>]
1149
+ #
1150
+ # @!attribute [rw] resource_owner_account_id
1151
+ # The unique identifier of the account that owns the resource that the
1152
+ # finding applies to, for example, Azure Subscription Id or Amazon Web
1153
+ # Services Account Id
1154
+ # @return [Array<Types::StringFilter>]
1155
+ #
1156
+ # @!attribute [rw] resource_owner_org_id
1157
+ # The unique identifier of the organization that owns the resource
1158
+ # that the finding applies to, for example, Azure Tenant Id
1159
+ # @return [Array<Types::StringFilter>]
1160
+ #
1145
1161
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AutomationRulesFindingFilters AWS API Documentation
1146
1162
  #
1147
1163
  class AutomationRulesFindingFilters < Struct.new(
@@ -1182,7 +1198,10 @@ module Aws::SecurityHub
1182
1198
  :user_defined_fields,
1183
1199
  :resource_application_arn,
1184
1200
  :resource_application_name,
1185
- :aws_account_name)
1201
+ :aws_account_name,
1202
+ :resource_provider,
1203
+ :resource_owner_account_id,
1204
+ :resource_owner_org_id)
1186
1205
  SENSITIVE = []
1187
1206
  include Aws::Structure
1188
1207
  end
@@ -19964,6 +19983,22 @@ module Aws::SecurityHub
19964
19983
  # The ARN of the application that is related to a finding.
19965
19984
  # @return [Array<Types::StringFilter>]
19966
19985
  #
19986
+ # @!attribute [rw] resource_owner_account_id
19987
+ # The unique identifier of the account that owns the resource that the
19988
+ # finding applies to, for example, Azure Subscription Id or Amazon Web
19989
+ # Services Account Id
19990
+ # @return [Array<Types::StringFilter>]
19991
+ #
19992
+ # @!attribute [rw] resource_owner_org_id
19993
+ # The unique identifier of the organization that owns the resource
19994
+ # that the finding applies to, for example, Azure Tenant Id
19995
+ # @return [Array<Types::StringFilter>]
19996
+ #
19997
+ # @!attribute [rw] resource_provider
19998
+ # The cloud provider that the resource belongs to. Valid values are
19999
+ # `AWS` and `Azure`.
20000
+ # @return [Array<Types::StringFilter>]
20001
+ #
19967
20002
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
19968
20003
  #
19969
20004
  class AwsSecurityFindingFilters < Struct.new(
@@ -20070,7 +20105,10 @@ module Aws::SecurityHub
20070
20105
  :compliance_security_control_parameters_value,
20071
20106
  :aws_account_name,
20072
20107
  :resource_application_name,
20073
- :resource_application_arn)
20108
+ :resource_application_arn,
20109
+ :resource_owner_account_id,
20110
+ :resource_owner_org_id,
20111
+ :resource_provider)
20074
20112
  SENSITIVE = []
20075
20113
  include Aws::Structure
20076
20114
  end
@@ -21663,6 +21701,99 @@ module Aws::SecurityHub
21663
21701
  include Aws::Structure
21664
21702
  end
21665
21703
 
21704
+ # The detailed Azure configuration for a connector.
21705
+ #
21706
+ # @!attribute [rw] aws_config_connector_arn
21707
+ # The ARN of the AWS Config connector used to establish the connection
21708
+ # to Azure.
21709
+ # @return [String]
21710
+ #
21711
+ # @!attribute [rw] scope_configuration
21712
+ # The scope configuration that defines which Azure resources are
21713
+ # monitored.
21714
+ # @return [Types::AzureScopeConfiguration]
21715
+ #
21716
+ # @!attribute [rw] azure_regions
21717
+ # The list of Azure regions being monitored.
21718
+ # @return [Array<String>]
21719
+ #
21720
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AzureDetail AWS API Documentation
21721
+ #
21722
+ class AzureDetail < Struct.new(
21723
+ :aws_config_connector_arn,
21724
+ :scope_configuration,
21725
+ :azure_regions)
21726
+ SENSITIVE = []
21727
+ include Aws::Structure
21728
+ end
21729
+
21730
+ # The configuration for connecting to an Azure environment.
21731
+ #
21732
+ # @!attribute [rw] aws_config_connector_arn
21733
+ # The ARN of the AWS Config connector used to establish the connection
21734
+ # to Azure.
21735
+ # @return [String]
21736
+ #
21737
+ # @!attribute [rw] scope_configuration
21738
+ # The scope configuration that defines which Azure resources are
21739
+ # monitored.
21740
+ # @return [Types::AzureScopeConfiguration]
21741
+ #
21742
+ # @!attribute [rw] azure_regions
21743
+ # The list of Azure regions to monitor.
21744
+ # @return [Array<String>]
21745
+ #
21746
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AzureProviderConfiguration AWS API Documentation
21747
+ #
21748
+ class AzureProviderConfiguration < Struct.new(
21749
+ :aws_config_connector_arn,
21750
+ :scope_configuration,
21751
+ :azure_regions)
21752
+ SENSITIVE = []
21753
+ include Aws::Structure
21754
+ end
21755
+
21756
+ # The scope configuration for an Azure connector, defining the tenant or
21757
+ # subscription scope.
21758
+ #
21759
+ # @!attribute [rw] scope_type
21760
+ # The type of scope. Valid values are `tenant` and `subscription`.
21761
+ # @return [String]
21762
+ #
21763
+ # @!attribute [rw] scope_values
21764
+ # The list of scope values, such as subscription IDs, when the scope
21765
+ # type is `subscription`.
21766
+ # @return [Array<String>]
21767
+ #
21768
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AzureScopeConfiguration AWS API Documentation
21769
+ #
21770
+ class AzureScopeConfiguration < Struct.new(
21771
+ :scope_type,
21772
+ :scope_values)
21773
+ SENSITIVE = []
21774
+ include Aws::Structure
21775
+ end
21776
+
21777
+ # The configuration for updating an Azure connector's scope and
21778
+ # regions.
21779
+ #
21780
+ # @!attribute [rw] scope_configuration
21781
+ # The updated scope configuration.
21782
+ # @return [Types::AzureScopeConfiguration]
21783
+ #
21784
+ # @!attribute [rw] azure_regions
21785
+ # The updated list of Azure regions to monitor.
21786
+ # @return [Array<String>]
21787
+ #
21788
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AzureUpdateConfiguration AWS API Documentation
21789
+ #
21790
+ class AzureUpdateConfiguration < Struct.new(
21791
+ :scope_configuration,
21792
+ :azure_regions)
21793
+ SENSITIVE = []
21794
+ include Aws::Structure
21795
+ end
21796
+
21666
21797
  # @!attribute [rw] automation_rules_arns
21667
21798
  # A list of Amazon Resource Names (ARNs) for the rules that are to be
21668
21799
  # deleted.
@@ -22887,6 +23018,15 @@ module Aws::SecurityHub
22887
23018
  # ISO 8601 UTC timestamp for the time create the connectorV2.
22888
23019
  # @return [Time]
22889
23020
  #
23021
+ # @!attribute [rw] enablement_status
23022
+ # The enablement status of the connector.
23023
+ # @return [String]
23024
+ #
23025
+ # @!attribute [rw] enablement_status_reason
23026
+ # The reason for the current enablement status. Provides additional
23027
+ # context when the connector is in a failed state.
23028
+ # @return [String]
23029
+ #
22890
23030
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ConnectorSummary AWS API Documentation
22891
23031
  #
22892
23032
  class ConnectorSummary < Struct.new(
@@ -22895,7 +23035,9 @@ module Aws::SecurityHub
22895
23035
  :name,
22896
23036
  :description,
22897
23037
  :provider_summary,
22898
- :created_at)
23038
+ :created_at,
23039
+ :enablement_status,
23040
+ :enablement_status_reason)
22899
23041
  SENSITIVE = []
22900
23042
  include Aws::Structure
22901
23043
  end
@@ -23309,6 +23451,69 @@ module Aws::SecurityHub
23309
23451
  include Aws::Structure
23310
23452
  end
23311
23453
 
23454
+ # @!attribute [rw] name
23455
+ # The name of the connector. Must be unique within the account.
23456
+ # @return [String]
23457
+ #
23458
+ # @!attribute [rw] description
23459
+ # The description of the connector.
23460
+ # @return [String]
23461
+ #
23462
+ # @!attribute [rw] provider
23463
+ # The configuration for the cloud provider to connect to. Currently
23464
+ # supports Azure.
23465
+ # @return [Types::CspmProviderConfiguration]
23466
+ #
23467
+ # @!attribute [rw] tags
23468
+ # The tags to add to the connector resource.
23469
+ # @return [Hash<String,String>]
23470
+ #
23471
+ # @!attribute [rw] client_token
23472
+ # A unique identifier used to ensure idempotency of the request.
23473
+ #
23474
+ # **A suitable default value is auto-generated.** You should normally
23475
+ # not need to pass this option.
23476
+ # @return [String]
23477
+ #
23478
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorRequest AWS API Documentation
23479
+ #
23480
+ class CreateConnectorRequest < Struct.new(
23481
+ :name,
23482
+ :description,
23483
+ :provider,
23484
+ :tags,
23485
+ :client_token)
23486
+ SENSITIVE = []
23487
+ include Aws::Structure
23488
+ end
23489
+
23490
+ # @!attribute [rw] connector_arn
23491
+ # The Amazon Resource Name (ARN) of the connector.
23492
+ # @return [String]
23493
+ #
23494
+ # @!attribute [rw] connector_id
23495
+ # The unique identifier of the connector.
23496
+ # @return [String]
23497
+ #
23498
+ # @!attribute [rw] connector_status
23499
+ # The connectivity status of the connector.
23500
+ # @return [String]
23501
+ #
23502
+ # @!attribute [rw] enablement_status
23503
+ # The enablement status of the connector.
23504
+ # @return [String]
23505
+ #
23506
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorResponse AWS API Documentation
23507
+ #
23508
+ class CreateConnectorResponse < Struct.new(
23509
+ :connector_arn,
23510
+ :connector_id,
23511
+ :connector_status,
23512
+ :enablement_status)
23513
+ SENSITIVE = []
23514
+ include Aws::Structure
23515
+ end
23516
+
23312
23517
  # @!attribute [rw] name
23313
23518
  # The unique name of the connectorV2.
23314
23519
  # @return [String]
@@ -23366,13 +23571,18 @@ module Aws::SecurityHub
23366
23571
  # The current status of the connectorV2.
23367
23572
  # @return [String]
23368
23573
  #
23574
+ # @!attribute [rw] enablement_status
23575
+ # The enablement status of the connector after creation.
23576
+ # @return [String]
23577
+ #
23369
23578
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateConnectorV2Response AWS API Documentation
23370
23579
  #
23371
23580
  class CreateConnectorV2Response < Struct.new(
23372
23581
  :connector_arn,
23373
23582
  :connector_id,
23374
23583
  :auth_url,
23375
- :connector_status)
23584
+ :connector_status,
23585
+ :enablement_status)
23376
23586
  SENSITIVE = []
23377
23587
  include Aws::Structure
23378
23588
  end
@@ -23602,6 +23812,177 @@ module Aws::SecurityHub
23602
23812
  class Unknown < Criteria; end
23603
23813
  end
23604
23814
 
23815
+ # A summary of a CSPM connector.
23816
+ #
23817
+ # @!attribute [rw] connector_arn
23818
+ # The Amazon Resource Name (ARN) of the connector.
23819
+ # @return [String]
23820
+ #
23821
+ # @!attribute [rw] connector_id
23822
+ # The unique identifier of the connector.
23823
+ # @return [String]
23824
+ #
23825
+ # @!attribute [rw] name
23826
+ # The name of the connector.
23827
+ # @return [String]
23828
+ #
23829
+ # @!attribute [rw] description
23830
+ # The description of the connector.
23831
+ # @return [String]
23832
+ #
23833
+ # @!attribute [rw] provider_summary
23834
+ # A summary of the cloud provider configuration for the connector.
23835
+ # @return [Types::CspmProviderSummary]
23836
+ #
23837
+ # @!attribute [rw] created_at
23838
+ # The ISO 8601 UTC timestamp indicating when the connector was
23839
+ # created.
23840
+ # @return [Time]
23841
+ #
23842
+ # @!attribute [rw] created_by
23843
+ # The service principal that created the connector.
23844
+ # @return [String]
23845
+ #
23846
+ # @!attribute [rw] enablement_status
23847
+ # The enablement status of the connector.
23848
+ # @return [String]
23849
+ #
23850
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmConnectorSummary AWS API Documentation
23851
+ #
23852
+ class CspmConnectorSummary < Struct.new(
23853
+ :connector_arn,
23854
+ :connector_id,
23855
+ :name,
23856
+ :description,
23857
+ :provider_summary,
23858
+ :created_at,
23859
+ :created_by,
23860
+ :enablement_status)
23861
+ SENSITIVE = []
23862
+ include Aws::Structure
23863
+ end
23864
+
23865
+ # Information about the operational status and health of a CSPM
23866
+ # connector.
23867
+ #
23868
+ # @!attribute [rw] connector_status
23869
+ # The connectivity status of the connector.
23870
+ # @return [String]
23871
+ #
23872
+ # @!attribute [rw] message
23873
+ # A message describing the reason for the current connector status.
23874
+ # @return [String]
23875
+ #
23876
+ # @!attribute [rw] last_checked_at
23877
+ # The ISO 8601 UTC timestamp indicating when the health status was
23878
+ # last checked.
23879
+ # @return [Time]
23880
+ #
23881
+ # @!attribute [rw] issues
23882
+ # A list of health issues associated with the connector.
23883
+ # @return [Array<Types::HealthIssue>]
23884
+ #
23885
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmHealthCheck AWS API Documentation
23886
+ #
23887
+ class CspmHealthCheck < Struct.new(
23888
+ :connector_status,
23889
+ :message,
23890
+ :last_checked_at,
23891
+ :issues)
23892
+ SENSITIVE = []
23893
+ include Aws::Structure
23894
+ end
23895
+
23896
+ # The cloud provider configuration for creating a connector. This is a
23897
+ # union type that currently supports Azure.
23898
+ #
23899
+ # @note CspmProviderConfiguration is a union - when making an API calls you must set exactly one of the members.
23900
+ #
23901
+ # @!attribute [rw] azure
23902
+ # The Azure provider configuration.
23903
+ # @return [Types::AzureProviderConfiguration]
23904
+ #
23905
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmProviderConfiguration AWS API Documentation
23906
+ #
23907
+ class CspmProviderConfiguration < Struct.new(
23908
+ :azure,
23909
+ :unknown)
23910
+ SENSITIVE = []
23911
+ include Aws::Structure
23912
+ include Aws::Structure::Union
23913
+
23914
+ class Azure < CspmProviderConfiguration; end
23915
+ class Unknown < CspmProviderConfiguration; end
23916
+ end
23917
+
23918
+ # The detailed cloud provider configuration for a connector. This is a
23919
+ # union type that currently supports Azure.
23920
+ #
23921
+ # @note CspmProviderDetail is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of CspmProviderDetail corresponding to the set member.
23922
+ #
23923
+ # @!attribute [rw] azure
23924
+ # The Azure provider detail.
23925
+ # @return [Types::AzureDetail]
23926
+ #
23927
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmProviderDetail AWS API Documentation
23928
+ #
23929
+ class CspmProviderDetail < Struct.new(
23930
+ :azure,
23931
+ :unknown)
23932
+ SENSITIVE = []
23933
+ include Aws::Structure
23934
+ include Aws::Structure::Union
23935
+
23936
+ class Azure < CspmProviderDetail; end
23937
+ class Unknown < CspmProviderDetail; end
23938
+ end
23939
+
23940
+ # A summary of the cloud provider configuration for a connector.
23941
+ #
23942
+ # @!attribute [rw] provider_name
23943
+ # The name of the cloud provider.
23944
+ # @return [String]
23945
+ #
23946
+ # @!attribute [rw] connector_status
23947
+ # The connectivity status of the connector.
23948
+ # @return [String]
23949
+ #
23950
+ # @!attribute [rw] provider_configuration
23951
+ # The provider configuration details.
23952
+ # @return [Types::CspmProviderDetail]
23953
+ #
23954
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmProviderSummary AWS API Documentation
23955
+ #
23956
+ class CspmProviderSummary < Struct.new(
23957
+ :provider_name,
23958
+ :connector_status,
23959
+ :provider_configuration)
23960
+ SENSITIVE = []
23961
+ include Aws::Structure
23962
+ end
23963
+
23964
+ # The cloud provider configuration for updating a connector. This is a
23965
+ # union type that currently supports Azure.
23966
+ #
23967
+ # @note CspmProviderUpdateConfiguration is a union - when making an API calls you must set exactly one of the members.
23968
+ #
23969
+ # @!attribute [rw] azure
23970
+ # The Azure update configuration.
23971
+ # @return [Types::AzureUpdateConfiguration]
23972
+ #
23973
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CspmProviderUpdateConfiguration AWS API Documentation
23974
+ #
23975
+ class CspmProviderUpdateConfiguration < Struct.new(
23976
+ :azure,
23977
+ :unknown)
23978
+ SENSITIVE = []
23979
+ include Aws::Structure
23980
+ include Aws::Structure::Union
23981
+
23982
+ class Azure < CspmProviderUpdateConfiguration; end
23983
+ class Unknown < CspmProviderUpdateConfiguration; end
23984
+ end
23985
+
23605
23986
  # The list of detected instances of sensitive data.
23606
23987
  #
23607
23988
  # @!attribute [rw] count
@@ -23874,6 +24255,30 @@ module Aws::SecurityHub
23874
24255
  #
23875
24256
  class DeleteConfigurationPolicyResponse < Aws::EmptyStructure; end
23876
24257
 
24258
+ # @!attribute [rw] connector_id
24259
+ # The unique identifier of the connector to delete.
24260
+ # @return [String]
24261
+ #
24262
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorRequest AWS API Documentation
24263
+ #
24264
+ class DeleteConnectorRequest < Struct.new(
24265
+ :connector_id)
24266
+ SENSITIVE = []
24267
+ include Aws::Structure
24268
+ end
24269
+
24270
+ # @!attribute [rw] enablement_status
24271
+ # The enablement status of the connector after the delete request.
24272
+ # @return [String]
24273
+ #
24274
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorResponse AWS API Documentation
24275
+ #
24276
+ class DeleteConnectorResponse < Struct.new(
24277
+ :enablement_status)
24278
+ SENSITIVE = []
24279
+ include Aws::Structure
24280
+ end
24281
+
23877
24282
  # @!attribute [rw] connector_id
23878
24283
  # The UUID of the connectorV2 to identify connectorV2 resource.
23879
24284
  # @return [String]
@@ -23886,9 +24291,17 @@ module Aws::SecurityHub
23886
24291
  include Aws::Structure
23887
24292
  end
23888
24293
 
24294
+ # @!attribute [rw] enablement_status
24295
+ # The enablement status of the connector after deletion.
24296
+ # @return [String]
24297
+ #
23889
24298
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteConnectorV2Response AWS API Documentation
23890
24299
  #
23891
- class DeleteConnectorV2Response < Aws::EmptyStructure; end
24300
+ class DeleteConnectorV2Response < Struct.new(
24301
+ :enablement_status)
24302
+ SENSITIVE = []
24303
+ include Aws::Structure
24304
+ end
23892
24305
 
23893
24306
  # @!attribute [rw] finding_aggregator_arn
23894
24307
  # The ARN of the finding aggregator to delete. To obtain the ARN, use
@@ -24261,11 +24674,17 @@ module Aws::SecurityHub
24261
24674
  # The date and time when the service was enabled in the account.
24262
24675
  # @return [String]
24263
24676
  #
24677
+ # @!attribute [rw] features
24678
+ # A map of opt-in features and their current status and metadata for
24679
+ # the account in the current Region.
24680
+ # @return [Hash<String,Types::FeatureDetail>]
24681
+ #
24264
24682
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeSecurityHubV2Response AWS API Documentation
24265
24683
  #
24266
24684
  class DescribeSecurityHubV2Response < Struct.new(
24267
24685
  :hub_v2_arn,
24268
- :subscribed_at)
24686
+ :subscribed_at,
24687
+ :features)
24269
24688
  SENSITIVE = []
24270
24689
  include Aws::Structure
24271
24690
  end
@@ -24331,11 +24750,18 @@ module Aws::SecurityHub
24331
24750
  # The maximum number of standards to return.
24332
24751
  # @return [Integer]
24333
24752
  #
24753
+ # @!attribute [rw] providers
24754
+ # A list of cloud providers to filter the standards by. For example,
24755
+ # specify `Azure` to return only standards that evaluate Azure
24756
+ # resources.
24757
+ # @return [Array<String>]
24758
+ #
24334
24759
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeStandardsRequest AWS API Documentation
24335
24760
  #
24336
24761
  class DescribeStandardsRequest < Struct.new(
24337
24762
  :next_token,
24338
- :max_results)
24763
+ :max_results,
24764
+ :providers)
24339
24765
  SENSITIVE = []
24340
24766
  include Aws::Structure
24341
24767
  end
@@ -24420,6 +24846,22 @@ module Aws::SecurityHub
24420
24846
  #
24421
24847
  class DisableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
24422
24848
 
24849
+ # @!attribute [rw] feature_name
24850
+ # The name of the feature to disable.
24851
+ # @return [String]
24852
+ #
24853
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubFeatureV2Request AWS API Documentation
24854
+ #
24855
+ class DisableSecurityHubFeatureV2Request < Struct.new(
24856
+ :feature_name)
24857
+ SENSITIVE = []
24858
+ include Aws::Structure
24859
+ end
24860
+
24861
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubFeatureV2Response AWS API Documentation
24862
+ #
24863
+ class DisableSecurityHubFeatureV2Response < Aws::EmptyStructure; end
24864
+
24423
24865
  # @api private
24424
24866
  #
24425
24867
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubRequest AWS API Documentation
@@ -24596,6 +25038,22 @@ module Aws::SecurityHub
24596
25038
  include Aws::Structure
24597
25039
  end
24598
25040
 
25041
+ # @!attribute [rw] feature_name
25042
+ # The name of the feature to enable.
25043
+ # @return [String]
25044
+ #
25045
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubFeatureV2Request AWS API Documentation
25046
+ #
25047
+ class EnableSecurityHubFeatureV2Request < Struct.new(
25048
+ :feature_name)
25049
+ SENSITIVE = []
25050
+ include Aws::Structure
25051
+ end
25052
+
25053
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubFeatureV2Response AWS API Documentation
25054
+ #
25055
+ class EnableSecurityHubFeatureV2Response < Aws::EmptyStructure; end
25056
+
24599
25057
  # @!attribute [rw] tags
24600
25058
  # The tags to add to the hub resource when you enable Security Hub
24601
25059
  # CSPM.
@@ -24727,6 +25185,26 @@ module Aws::SecurityHub
24727
25185
  include Aws::Structure
24728
25186
  end
24729
25187
 
25188
+ # Contains the status and metadata for an opt-in feature.
25189
+ #
25190
+ # @!attribute [rw] feature_status
25191
+ # The current enablement status of the feature. Valid values:
25192
+ # `ENABLED` \| `DISABLED`.
25193
+ # @return [String]
25194
+ #
25195
+ # @!attribute [rw] updated_at
25196
+ # The date and time when the feature status was last updated.
25197
+ # @return [Time]
25198
+ #
25199
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FeatureDetail AWS API Documentation
25200
+ #
25201
+ class FeatureDetail < Struct.new(
25202
+ :feature_status,
25203
+ :updated_at)
25204
+ SENSITIVE = []
25205
+ include Aws::Structure
25206
+ end
25207
+
24730
25208
  # Provides information about the file paths that were affected by the
24731
25209
  # threat.
24732
25210
  #
@@ -25126,7 +25604,55 @@ module Aws::SecurityHub
25126
25604
  # A filter for string-based fields in findings trend data.
25127
25605
  #
25128
25606
  # @!attribute [rw] field_name
25129
- # The name of the findings field to filter on.
25607
+ # The name of the findings field to filter on. You can specify one of
25608
+ # the following fields.
25609
+ #
25610
+ # * `account_id` – The Amazon Web Services account ID associated with
25611
+ # the finding.
25612
+ #
25613
+ # * `region` – The Amazon Web Services Region associated with the
25614
+ # finding.
25615
+ #
25616
+ # * `finding_types` – The finding types associated with the finding.
25617
+ #
25618
+ # * `finding_status` – The status of the finding.
25619
+ #
25620
+ # * `finding_cve_ids` – The Common Vulnerabilities and Exposures (CVE)
25621
+ # identifiers associated with the finding.
25622
+ #
25623
+ # * `finding_compliance_status` – The compliance status of the
25624
+ # finding.
25625
+ #
25626
+ # * `finding_control_id` – The identifier of the security control
25627
+ # associated with the finding.
25628
+ #
25629
+ # * `finding_class_name` – The finding class, such as `Compliance
25630
+ # Finding`.
25631
+ #
25632
+ # * `finding_provider` – The name of the product that generated the
25633
+ # finding.
25634
+ #
25635
+ # * `finding_activity_name` – The activity name associated with the
25636
+ # finding.
25637
+ #
25638
+ # * `resource_cloud_providers` – The cloud providers of the resources
25639
+ # that the finding is associated with. Valid values are `AWS` and
25640
+ # `Azure`.
25641
+ #
25642
+ # * `resource_regions` – The Regions of the associated resources. For
25643
+ # an Amazon Web Services resource, this is the Amazon Web Services
25644
+ # Region. For an Azure resource, this is the Azure Region, such as
25645
+ # `eastus`.
25646
+ #
25647
+ # * `resource_owner_ids` – The identifiers of the accounts that own
25648
+ # the associated resources. For an Amazon Web Services resource,
25649
+ # this is the Amazon Web Services account ID. For an Azure resource,
25650
+ # this is the Azure subscription ID.
25651
+ #
25652
+ # * `resource_owner_organization_ids` – The identifiers of the
25653
+ # organizations that own the associated resources. For an Amazon Web
25654
+ # Services resource, this is the Amazon Web Services organization
25655
+ # ID. For an Azure resource, this is the Azure tenant ID.
25130
25656
  # @return [String]
25131
25657
  #
25132
25658
  # @!attribute [rw] filter
@@ -25562,6 +26088,78 @@ module Aws::SecurityHub
25562
26088
  include Aws::Structure
25563
26089
  end
25564
26090
 
26091
+ # @!attribute [rw] connector_id
26092
+ # The unique identifier of the connector to retrieve.
26093
+ # @return [String]
26094
+ #
26095
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorRequest AWS API Documentation
26096
+ #
26097
+ class GetConnectorRequest < Struct.new(
26098
+ :connector_id)
26099
+ SENSITIVE = []
26100
+ include Aws::Structure
26101
+ end
26102
+
26103
+ # @!attribute [rw] connector_arn
26104
+ # The Amazon Resource Name (ARN) of the connector.
26105
+ # @return [String]
26106
+ #
26107
+ # @!attribute [rw] connector_id
26108
+ # The unique identifier of the connector.
26109
+ # @return [String]
26110
+ #
26111
+ # @!attribute [rw] name
26112
+ # The name of the connector.
26113
+ # @return [String]
26114
+ #
26115
+ # @!attribute [rw] description
26116
+ # The description of the connector.
26117
+ # @return [String]
26118
+ #
26119
+ # @!attribute [rw] created_at
26120
+ # The ISO 8601 UTC timestamp indicating when the connector was
26121
+ # created.
26122
+ # @return [Time]
26123
+ #
26124
+ # @!attribute [rw] last_updated_at
26125
+ # The ISO 8601 UTC timestamp indicating when the connector was last
26126
+ # updated.
26127
+ # @return [Time]
26128
+ #
26129
+ # @!attribute [rw] health
26130
+ # The health status of the connector, including connectivity status
26131
+ # and last check time.
26132
+ # @return [Types::CspmHealthCheck]
26133
+ #
26134
+ # @!attribute [rw] provider_detail
26135
+ # The cloud provider configuration details for the connector.
26136
+ # @return [Types::CspmProviderDetail]
26137
+ #
26138
+ # @!attribute [rw] created_by
26139
+ # The service principal that created the connector.
26140
+ # @return [String]
26141
+ #
26142
+ # @!attribute [rw] enablement_status
26143
+ # The enablement status of the connector.
26144
+ # @return [String]
26145
+ #
26146
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorResponse AWS API Documentation
26147
+ #
26148
+ class GetConnectorResponse < Struct.new(
26149
+ :connector_arn,
26150
+ :connector_id,
26151
+ :name,
26152
+ :description,
26153
+ :created_at,
26154
+ :last_updated_at,
26155
+ :health,
26156
+ :provider_detail,
26157
+ :created_by,
26158
+ :enablement_status)
26159
+ SENSITIVE = []
26160
+ include Aws::Structure
26161
+ end
26162
+
25565
26163
  # @!attribute [rw] connector_id
25566
26164
  # The UUID of the connectorV2 to identify connectorV2 resource.
25567
26165
  # @return [String]
@@ -25611,6 +26209,15 @@ module Aws::SecurityHub
25611
26209
  # The third-party provider detail for a service configuration.
25612
26210
  # @return [Types::ProviderDetail]
25613
26211
  #
26212
+ # @!attribute [rw] enablement_status
26213
+ # The enablement status of the connector.
26214
+ # @return [String]
26215
+ #
26216
+ # @!attribute [rw] enablement_status_reason
26217
+ # The reason for the current enablement status. Provides additional
26218
+ # context when the connector is in a failed state.
26219
+ # @return [String]
26220
+ #
25614
26221
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetConnectorV2Response AWS API Documentation
25615
26222
  #
25616
26223
  class GetConnectorV2Response < Struct.new(
@@ -25622,7 +26229,9 @@ module Aws::SecurityHub
25622
26229
  :created_at,
25623
26230
  :last_updated_at,
25624
26231
  :health,
25625
- :provider_detail)
26232
+ :provider_detail,
26233
+ :enablement_status,
26234
+ :enablement_status_reason)
25626
26235
  SENSITIVE = []
25627
26236
  include Aws::Structure
25628
26237
  end
@@ -25646,12 +26255,19 @@ module Aws::SecurityHub
25646
26255
  # The maximum number of results to return in the response.
25647
26256
  # @return [Integer]
25648
26257
  #
26258
+ # @!attribute [rw] providers
26259
+ # A list of cloud providers to filter the enabled standards by. For
26260
+ # example, specify `Azure` to return only enabled standards that
26261
+ # evaluate Azure resources.
26262
+ # @return [Array<String>]
26263
+ #
25649
26264
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetEnabledStandardsRequest AWS API Documentation
25650
26265
  #
25651
26266
  class GetEnabledStandardsRequest < Struct.new(
25652
26267
  :standards_subscription_arns,
25653
26268
  :next_token,
25654
- :max_results)
26269
+ :max_results,
26270
+ :providers)
25655
26271
  SENSITIVE = []
25656
26272
  include Aws::Structure
25657
26273
  end
@@ -26542,12 +27158,37 @@ module Aws::SecurityHub
26542
27158
  # connectorV2.
26543
27159
  # @return [Time]
26544
27160
  #
27161
+ # @!attribute [rw] issues
27162
+ # A list of health issues associated with the connector, including
27163
+ # error codes and messages.
27164
+ # @return [Array<Types::HealthIssue>]
27165
+ #
26545
27166
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/HealthCheck AWS API Documentation
26546
27167
  #
26547
27168
  class HealthCheck < Struct.new(
26548
27169
  :connector_status,
26549
27170
  :message,
26550
- :last_checked_at)
27171
+ :last_checked_at,
27172
+ :issues)
27173
+ SENSITIVE = []
27174
+ include Aws::Structure
27175
+ end
27176
+
27177
+ # Represents a specific health issue detected for a connector.
27178
+ #
27179
+ # @!attribute [rw] code
27180
+ # The error code that identifies the type of health issue.
27181
+ # @return [String]
27182
+ #
27183
+ # @!attribute [rw] message
27184
+ # A human-readable message that describes the health issue.
27185
+ # @return [String]
27186
+ #
27187
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/HealthIssue AWS API Documentation
27188
+ #
27189
+ class HealthIssue < Struct.new(
27190
+ :code,
27191
+ :message)
26551
27192
  SENSITIVE = []
26552
27193
  include Aws::Structure
26553
27194
  end
@@ -27320,6 +27961,56 @@ module Aws::SecurityHub
27320
27961
  include Aws::Structure
27321
27962
  end
27322
27963
 
27964
+ # @!attribute [rw] next_token
27965
+ # The pagination token to request the next page of results.
27966
+ # @return [String]
27967
+ #
27968
+ # @!attribute [rw] max_results
27969
+ # The maximum number of results to return.
27970
+ # @return [Integer]
27971
+ #
27972
+ # @!attribute [rw] provider_name
27973
+ # The name of the cloud provider to filter connectors by.
27974
+ # @return [String]
27975
+ #
27976
+ # @!attribute [rw] connector_status
27977
+ # The connectivity status to filter connectors by.
27978
+ # @return [String]
27979
+ #
27980
+ # @!attribute [rw] enablement_status
27981
+ # The enablement status to filter connectors by.
27982
+ # @return [String]
27983
+ #
27984
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsRequest AWS API Documentation
27985
+ #
27986
+ class ListConnectorsRequest < Struct.new(
27987
+ :next_token,
27988
+ :max_results,
27989
+ :provider_name,
27990
+ :connector_status,
27991
+ :enablement_status)
27992
+ SENSITIVE = []
27993
+ include Aws::Structure
27994
+ end
27995
+
27996
+ # @!attribute [rw] next_token
27997
+ # The pagination token to use to request the next page of results. If
27998
+ # there are no additional results, this value is null.
27999
+ # @return [String]
28000
+ #
28001
+ # @!attribute [rw] connectors
28002
+ # An array of connector summaries.
28003
+ # @return [Array<Types::CspmConnectorSummary>]
28004
+ #
28005
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsResponse AWS API Documentation
28006
+ #
28007
+ class ListConnectorsResponse < Struct.new(
28008
+ :next_token,
28009
+ :connectors)
28010
+ SENSITIVE = []
28011
+ include Aws::Structure
28012
+ end
28013
+
27323
28014
  # @!attribute [rw] next_token
27324
28015
  # The pagination token per the Amazon Web Services Pagination standard
27325
28016
  # @return [String]
@@ -27336,13 +28027,18 @@ module Aws::SecurityHub
27336
28027
  # The status for the connectorV2.
27337
28028
  # @return [String]
27338
28029
  #
28030
+ # @!attribute [rw] enablement_status
28031
+ # The enablement status to filter connectors by.
28032
+ # @return [String]
28033
+ #
27339
28034
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListConnectorsV2Request AWS API Documentation
27340
28035
  #
27341
28036
  class ListConnectorsV2Request < Struct.new(
27342
28037
  :next_token,
27343
28038
  :max_results,
27344
28039
  :provider_name,
27345
- :connector_status)
28040
+ :connector_status,
28041
+ :enablement_status)
27346
28042
  SENSITIVE = []
27347
28043
  include Aws::Structure
27348
28044
  end
@@ -27608,12 +28304,19 @@ module Aws::SecurityHub
27608
28304
  # standard are returned.
27609
28305
  # @return [Integer]
27610
28306
  #
28307
+ # @!attribute [rw] providers
28308
+ # A list of cloud providers to filter the security control definitions
28309
+ # by. For example, specify `Azure` to return only controls that
28310
+ # evaluate Azure resources.
28311
+ # @return [Array<String>]
28312
+ #
27611
28313
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListSecurityControlDefinitionsRequest AWS API Documentation
27612
28314
  #
27613
28315
  class ListSecurityControlDefinitionsRequest < Struct.new(
27614
28316
  :standards_arn,
27615
28317
  :next_token,
27616
- :max_results)
28318
+ :max_results,
28319
+ :providers)
27617
28320
  SENSITIVE = []
27618
28321
  include Aws::Structure
27619
28322
  end
@@ -29255,11 +29958,17 @@ module Aws::SecurityHub
29255
29958
  # ServiceNow ITSM.
29256
29959
  # @return [Types::ServiceNowProviderConfiguration]
29257
29960
  #
29961
+ # @!attribute [rw] azure
29962
+ # The configuration settings required to establish a CSPM integration
29963
+ # with Microsoft Azure.
29964
+ # @return [Types::AzureProviderConfiguration]
29965
+ #
29258
29966
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ProviderConfiguration AWS API Documentation
29259
29967
  #
29260
29968
  class ProviderConfiguration < Struct.new(
29261
29969
  :jira_cloud,
29262
29970
  :service_now,
29971
+ :azure,
29263
29972
  :unknown)
29264
29973
  SENSITIVE = []
29265
29974
  include Aws::Structure
@@ -29267,6 +29976,7 @@ module Aws::SecurityHub
29267
29976
 
29268
29977
  class JiraCloud < ProviderConfiguration; end
29269
29978
  class ServiceNow < ProviderConfiguration; end
29979
+ class Azure < ProviderConfiguration; end
29270
29980
  class Unknown < ProviderConfiguration; end
29271
29981
  end
29272
29982
 
@@ -29282,11 +29992,16 @@ module Aws::SecurityHub
29282
29992
  # Details about a ServiceNow ITSM integration.
29283
29993
  # @return [Types::ServiceNowDetail]
29284
29994
  #
29995
+ # @!attribute [rw] azure
29996
+ # Details about a Microsoft Azure CSPM integration.
29997
+ # @return [Types::AzureDetail]
29998
+ #
29285
29999
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ProviderDetail AWS API Documentation
29286
30000
  #
29287
30001
  class ProviderDetail < Struct.new(
29288
30002
  :jira_cloud,
29289
30003
  :service_now,
30004
+ :azure,
29290
30005
  :unknown)
29291
30006
  SENSITIVE = []
29292
30007
  include Aws::Structure
@@ -29294,6 +30009,7 @@ module Aws::SecurityHub
29294
30009
 
29295
30010
  class JiraCloud < ProviderDetail; end
29296
30011
  class ServiceNow < ProviderDetail; end
30012
+ class Azure < ProviderDetail; end
29297
30013
  class Unknown < ProviderDetail; end
29298
30014
  end
29299
30015
 
@@ -29307,11 +30023,16 @@ module Aws::SecurityHub
29307
30023
  # The status for the connectorV2.
29308
30024
  # @return [String]
29309
30025
  #
30026
+ # @!attribute [rw] provider_configuration
30027
+ # The third-party provider detail for a service configuration.
30028
+ # @return [Types::ProviderDetail]
30029
+ #
29310
30030
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ProviderSummary AWS API Documentation
29311
30031
  #
29312
30032
  class ProviderSummary < Struct.new(
29313
30033
  :provider_name,
29314
- :connector_status)
30034
+ :connector_status,
30035
+ :provider_configuration)
29315
30036
  SENSITIVE = []
29316
30037
  include Aws::Structure
29317
30038
  end
@@ -29331,11 +30052,17 @@ module Aws::SecurityHub
29331
30052
  # integration.
29332
30053
  # @return [Types::ServiceNowUpdateConfiguration]
29333
30054
  #
30055
+ # @!attribute [rw] azure
30056
+ # The parameters required to update the configuration for a Microsoft
30057
+ # Azure CSPM integration.
30058
+ # @return [Types::AzureUpdateConfiguration]
30059
+ #
29334
30060
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ProviderUpdateConfiguration AWS API Documentation
29335
30061
  #
29336
30062
  class ProviderUpdateConfiguration < Struct.new(
29337
30063
  :jira_cloud,
29338
30064
  :service_now,
30065
+ :azure,
29339
30066
  :unknown)
29340
30067
  SENSITIVE = []
29341
30068
  include Aws::Structure
@@ -29343,6 +30070,7 @@ module Aws::SecurityHub
29343
30070
 
29344
30071
  class JiraCloud < ProviderUpdateConfiguration; end
29345
30072
  class ServiceNow < ProviderUpdateConfiguration; end
30073
+ class Azure < ProviderUpdateConfiguration; end
29346
30074
  class Unknown < ProviderUpdateConfiguration; end
29347
30075
  end
29348
30076
 
@@ -29567,6 +30295,16 @@ module Aws::SecurityHub
29567
30295
  # Length Constraints: Minimum length of 1. Maximum length of 16.
29568
30296
  # @return [String]
29569
30297
  #
30298
+ # @!attribute [rw] provider
30299
+ # The cloud provider that the resource belongs to. Valid values are
30300
+ # `AWS` and `Azure`.
30301
+ # @return [String]
30302
+ #
30303
+ # @!attribute [rw] owner
30304
+ # Information about the account and organization that own the
30305
+ # resource.
30306
+ # @return [Types::ResourceOwner]
30307
+ #
29570
30308
  # @!attribute [rw] resource_role
29571
30309
  # Identifies the role of the resource in the finding. A resource is
29572
30310
  # either the actor or target of the finding activity,
@@ -29607,6 +30345,8 @@ module Aws::SecurityHub
29607
30345
  :id,
29608
30346
  :partition,
29609
30347
  :region,
30348
+ :provider,
30349
+ :owner,
29610
30350
  :resource_role,
29611
30351
  :tags,
29612
30352
  :data_classification,
@@ -30112,6 +30852,10 @@ module Aws::SecurityHub
30112
30852
  # through Amazon Inspector.
30113
30853
  # @return [Types::CodeRepositoryDetails]
30114
30854
  #
30855
+ # @!attribute [rw] azure_resource
30856
+ # Details about an Azure resource that is related to a finding.
30857
+ # @return [Hash,Array,String,Numeric,Boolean]
30858
+ #
30115
30859
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
30116
30860
  #
30117
30861
  class ResourceDetails < Struct.new(
@@ -30214,7 +30958,8 @@ module Aws::SecurityHub
30214
30958
  :aws_msk_cluster,
30215
30959
  :aws_s3_access_point,
30216
30960
  :aws_ec2_client_vpn_endpoint,
30217
- :code_repository)
30961
+ :code_repository,
30962
+ :azure_resource)
30218
30963
  SENSITIVE = []
30219
30964
  include Aws::Structure
30220
30965
  end
@@ -30306,6 +31051,60 @@ module Aws::SecurityHub
30306
31051
  include Aws::Structure
30307
31052
  end
30308
31053
 
31054
+ # Information about the owner of a resource, including the account and
31055
+ # organization that the resource belongs to.
31056
+ #
31057
+ # @!attribute [rw] account
31058
+ # Information about the account that owns the resource, for example,
31059
+ # an Azure Subscription or Amazon Web Services Account.
31060
+ # @return [Types::ResourceOwnerAccount]
31061
+ #
31062
+ # @!attribute [rw] org
31063
+ # Information about the organization that owns the resource, for
31064
+ # example, an Azure Tenant.
31065
+ # @return [Types::ResourceOwnerOrg]
31066
+ #
31067
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceOwner AWS API Documentation
31068
+ #
31069
+ class ResourceOwner < Struct.new(
31070
+ :account,
31071
+ :org)
31072
+ SENSITIVE = []
31073
+ include Aws::Structure
31074
+ end
31075
+
31076
+ # Information about the account that owns a resource, for example, an
31077
+ # Azure Subscription or Amazon Web Services Account.
31078
+ #
31079
+ # @!attribute [rw] id
31080
+ # The unique identifier of the account that owns the resource, for
31081
+ # example, Azure Subscription Id or Amazon Web Services Account Id.
31082
+ # @return [String]
31083
+ #
31084
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceOwnerAccount AWS API Documentation
31085
+ #
31086
+ class ResourceOwnerAccount < Struct.new(
31087
+ :id)
31088
+ SENSITIVE = []
31089
+ include Aws::Structure
31090
+ end
31091
+
31092
+ # Information about the organization that owns a resource, for example,
31093
+ # an Azure Tenant.
31094
+ #
31095
+ # @!attribute [rw] id
31096
+ # The unique identifier of the organization that owns the resource,
31097
+ # for example, Azure Tenant Id.
31098
+ # @return [String]
31099
+ #
31100
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceOwnerOrg AWS API Documentation
31101
+ #
31102
+ class ResourceOwnerOrg < Struct.new(
31103
+ :id)
31104
+ SENSITIVE = []
31105
+ include Aws::Structure
31106
+ end
31107
+
30309
31108
  # Provides comprehensive details about an Amazon Web Services resource
30310
31109
  # and its associated security findings.
30311
31110
  #
@@ -30318,11 +31117,49 @@ module Aws::SecurityHub
30318
31117
  # @return [String]
30319
31118
  #
30320
31119
  # @!attribute [rw] account_id
30321
- # The Amazon Web Services account that owns the resource.
31120
+ # The Amazon Web Services account that recorded the resource data in
31121
+ # Security Hub.
31122
+ # @return [String]
31123
+ #
31124
+ # @!attribute [rw] account_name
31125
+ # The name of the Amazon Web Services account that's associated with
31126
+ # the resource.
30322
31127
  # @return [String]
30323
31128
  #
30324
31129
  # @!attribute [rw] region
30325
- # The Amazon Web Services Region where the resource is located.
31130
+ # The Amazon Web Services Region that recorded the resource data in
31131
+ # Security Hub.
31132
+ # @return [String]
31133
+ #
31134
+ # @!attribute [rw] resource_provider
31135
+ # The cloud provider where the resource exists. Valid values are `AWS`
31136
+ # and `Azure`. This field is always included.
31137
+ # @return [String]
31138
+ #
31139
+ # @!attribute [rw] resource_owner_account_id
31140
+ # The identifier of the cloud account that owns the resource. For
31141
+ # Amazon Web Services resources, this is the Amazon Web Services
31142
+ # account ID. For Azure resources, this is the Azure subscription ID.
31143
+ # @return [String]
31144
+ #
31145
+ # @!attribute [rw] resource_owner_org_id
31146
+ # The identifier of the cloud organization that owns the resource. For
31147
+ # Amazon Web Services resources, this is the Organizations ID. For
31148
+ # Azure resources, this is the Azure tenant ID.
31149
+ # @return [String]
31150
+ #
31151
+ # @!attribute [rw] resource_cloud_partition
31152
+ # The cloud partition where the resource exists. For Amazon Web
31153
+ # Services, valid values include `aws`, `aws-cn`, and `aws-us-gov`.
31154
+ # This field isn't returned for cloud providers that don't use
31155
+ # partitions.
31156
+ # @return [String]
31157
+ #
31158
+ # @!attribute [rw] resource_region
31159
+ # The native cloud region where the resource is located. For Amazon
31160
+ # Web Services, this is an Amazon Web Services Region (for example,
31161
+ # `us-east-1`). For Azure resources, this is the Azure region (for
31162
+ # example, `westus2`). This field is always included.
30326
31163
  # @return [String]
30327
31164
  #
30328
31165
  # @!attribute [rw] resource_category
@@ -30363,7 +31200,13 @@ module Aws::SecurityHub
30363
31200
  :resource_guid,
30364
31201
  :resource_id,
30365
31202
  :account_id,
31203
+ :account_name,
30366
31204
  :region,
31205
+ :resource_provider,
31206
+ :resource_owner_account_id,
31207
+ :resource_owner_org_id,
31208
+ :resource_cloud_partition,
31209
+ :resource_region,
30367
31210
  :resource_category,
30368
31211
  :resource_type,
30369
31212
  :resource_name,
@@ -30700,8 +31543,34 @@ module Aws::SecurityHub
30700
31543
  # resource type or account ID.
30701
31544
  #
30702
31545
  # @!attribute [rw] field_name
30703
- # The name of the resources field to filter on, such as resourceType,
30704
- # accountId, or region.
31546
+ # The name of the resources field to filter on. You can specify one of
31547
+ # the following fields.
31548
+ #
31549
+ # * `account_id` – The Amazon Web Services account ID that owns the
31550
+ # resource.
31551
+ #
31552
+ # * `region` – The Amazon Web Services Region of the resource.
31553
+ #
31554
+ # * `resource_type` – The type of the resource.
31555
+ #
31556
+ # * `resource_category` – The category of the resource.
31557
+ #
31558
+ # * `resource_cloud_provider` – The cloud provider of the resource.
31559
+ # Valid values are `AWS` and `Azure`.
31560
+ #
31561
+ # * `resource_region` – The Region of the resource. For an Amazon Web
31562
+ # Services resource, this is the Amazon Web Services Region. For an
31563
+ # Azure resource, this is the Azure Region, such as `eastus`.
31564
+ #
31565
+ # * `resource_owner_id` – The identifier of the account that owns the
31566
+ # resource. For an Amazon Web Services resource, this is the Amazon
31567
+ # Web Services account ID. For an Azure resource, this is the Azure
31568
+ # subscription ID.
31569
+ #
31570
+ # * `resource_owner_organization_id` – The identifier of the
31571
+ # organization that owns the resource. For an Amazon Web Services
31572
+ # resource, this is the Amazon Web Services organization ID. For an
31573
+ # Azure resource, this is the Azure tenant ID.
30705
31574
  # @return [String]
30706
31575
  #
30707
31576
  # @!attribute [rw] filter
@@ -31356,6 +32225,11 @@ module Aws::SecurityHub
31356
32225
  # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html
31357
32226
  # @return [String]
31358
32227
  #
32228
+ # @!attribute [rw] provider
32229
+ # The cloud provider whose resources the security control evaluates.
32230
+ # For example, `AWS` or `Azure`.
32231
+ # @return [String]
32232
+ #
31359
32233
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControl AWS API Documentation
31360
32234
  #
31361
32235
  class SecurityControl < Struct.new(
@@ -31368,7 +32242,8 @@ module Aws::SecurityHub
31368
32242
  :security_control_status,
31369
32243
  :update_status,
31370
32244
  :parameters,
31371
- :last_update_reason)
32245
+ :last_update_reason,
32246
+ :provider)
31372
32247
  SENSITIVE = []
31373
32248
  include Aws::Structure
31374
32249
  end
@@ -31453,6 +32328,11 @@ module Aws::SecurityHub
31453
32328
  # excluded for a control that doesn't support custom parameters.
31454
32329
  # @return [Hash<String,Types::ParameterDefinition>]
31455
32330
  #
32331
+ # @!attribute [rw] provider
32332
+ # The cloud provider whose resources the security control evaluates.
32333
+ # For example, `AWS` or `Azure`.
32334
+ # @return [String]
32335
+ #
31456
32336
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControlDefinition AWS API Documentation
31457
32337
  #
31458
32338
  class SecurityControlDefinition < Struct.new(
@@ -31463,7 +32343,8 @@ module Aws::SecurityHub
31463
32343
  :severity_rating,
31464
32344
  :current_region_availability,
31465
32345
  :customizable_properties,
31466
- :parameter_definitions)
32346
+ :parameter_definitions,
32347
+ :provider)
31467
32348
  SENSITIVE = []
31468
32349
  include Aws::Structure
31469
32350
  end
@@ -32182,6 +33063,11 @@ module Aws::SecurityHub
32182
33063
  # `EnableDefaultStandards` is set to `false`.
32183
33064
  # @return [Boolean]
32184
33065
  #
33066
+ # @!attribute [rw] provider
33067
+ # The cloud provider whose resources the standard evaluates. For
33068
+ # example, `AWS` or `Azure`.
33069
+ # @return [String]
33070
+ #
32185
33071
  # @!attribute [rw] standards_managed_by
32186
33072
  # Provides details about the management of a standard.
32187
33073
  # @return [Types::StandardsManagedBy]
@@ -32193,6 +33079,7 @@ module Aws::SecurityHub
32193
33079
  :name,
32194
33080
  :description,
32195
33081
  :enabled_by_default,
33082
+ :provider,
32196
33083
  :standards_managed_by)
32197
33084
  SENSITIVE = []
32198
33085
  include Aws::Structure
@@ -32562,6 +33449,11 @@ module Aws::SecurityHub
32562
33449
  # The reason for the current status.
32563
33450
  # @return [Types::StandardsStatusReason]
32564
33451
  #
33452
+ # @!attribute [rw] provider
33453
+ # The cloud provider whose resources the standard evaluates. For
33454
+ # example, `AWS` or `Azure`.
33455
+ # @return [String]
33456
+ #
32565
33457
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
32566
33458
  #
32567
33459
  class StandardsSubscription < Struct.new(
@@ -32570,7 +33462,8 @@ module Aws::SecurityHub
32570
33462
  :standards_input,
32571
33463
  :standards_status,
32572
33464
  :standards_controls_updatable,
32573
- :standards_status_reason)
33465
+ :standards_status_reason,
33466
+ :provider)
32574
33467
  SENSITIVE = []
32575
33468
  include Aws::Structure
32576
33469
  end
@@ -33656,6 +34549,45 @@ module Aws::SecurityHub
33656
34549
  include Aws::Structure
33657
34550
  end
33658
34551
 
34552
+ # @!attribute [rw] connector_id
34553
+ # The unique identifier of the connector to update.
34554
+ # @return [String]
34555
+ #
34556
+ # @!attribute [rw] description
34557
+ # The updated description of the connector.
34558
+ # @return [String]
34559
+ #
34560
+ # @!attribute [rw] provider
34561
+ # The updated cloud provider configuration for the connector.
34562
+ # @return [Types::CspmProviderUpdateConfiguration]
34563
+ #
34564
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorRequest AWS API Documentation
34565
+ #
34566
+ class UpdateConnectorRequest < Struct.new(
34567
+ :connector_id,
34568
+ :description,
34569
+ :provider)
34570
+ SENSITIVE = []
34571
+ include Aws::Structure
34572
+ end
34573
+
34574
+ # @!attribute [rw] connector_status
34575
+ # The connectivity status of the connector after the update.
34576
+ # @return [String]
34577
+ #
34578
+ # @!attribute [rw] enablement_status
34579
+ # The enablement status of the connector after the update.
34580
+ # @return [String]
34581
+ #
34582
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorResponse AWS API Documentation
34583
+ #
34584
+ class UpdateConnectorResponse < Struct.new(
34585
+ :connector_status,
34586
+ :enablement_status)
34587
+ SENSITIVE = []
34588
+ include Aws::Structure
34589
+ end
34590
+
33659
34591
  # @!attribute [rw] connector_id
33660
34592
  # The UUID of the connectorV2 to identify connectorV2 resource.
33661
34593
  # @return [String]
@@ -33678,9 +34610,22 @@ module Aws::SecurityHub
33678
34610
  include Aws::Structure
33679
34611
  end
33680
34612
 
34613
+ # @!attribute [rw] connector_status
34614
+ # The status of the connector after the update.
34615
+ # @return [String]
34616
+ #
34617
+ # @!attribute [rw] enablement_status
34618
+ # The enablement status of the connector after the update.
34619
+ # @return [String]
34620
+ #
33681
34621
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateConnectorV2Response AWS API Documentation
33682
34622
  #
33683
- class UpdateConnectorV2Response < Aws::EmptyStructure; end
34623
+ class UpdateConnectorV2Response < Struct.new(
34624
+ :connector_status,
34625
+ :enablement_status)
34626
+ SENSITIVE = []
34627
+ include Aws::Structure
34628
+ end
33684
34629
 
33685
34630
  # @!attribute [rw] finding_aggregator_arn
33686
34631
  # The ARN of the finding aggregator. To obtain the ARN, use