aws-sdk-securityhub 1.28.0 → 1.29.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-securityhub.rb +1 -1
  3. data/lib/aws-sdk-securityhub/client.rb +200 -2
  4. data/lib/aws-sdk-securityhub/client_api.rb +128 -0
  5. data/lib/aws-sdk-securityhub/types.rb +1026 -2
  6. metadata +2 -2
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -137,6 +137,53 @@ module Aws::SecurityHub
137
137
  include Aws::Structure
138
138
  end
139
139
 
140
+ # Provides details about an auto scaling group.
141
+ #
142
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupDetails
143
+ # data as a hash:
144
+ #
145
+ # {
146
+ # launch_configuration_name: "NonEmptyString",
147
+ # load_balancer_names: ["NonEmptyString"],
148
+ # health_check_type: "NonEmptyString",
149
+ # health_check_grace_period: 1,
150
+ # created_time: "NonEmptyString",
151
+ # }
152
+ #
153
+ # @!attribute [rw] launch_configuration_name
154
+ # The name of the launch configuration.
155
+ # @return [String]
156
+ #
157
+ # @!attribute [rw] load_balancer_names
158
+ # The list of load balancers associated with the group.
159
+ # @return [Array<String>]
160
+ #
161
+ # @!attribute [rw] health_check_type
162
+ # The service to use for the health checks.
163
+ # @return [String]
164
+ #
165
+ # @!attribute [rw] health_check_grace_period
166
+ # The amount of time, in seconds, that Amazon EC2 Auto Scaling waits
167
+ # before it checks the health status of an EC2 instance that has come
168
+ # into service.
169
+ # @return [Integer]
170
+ #
171
+ # @!attribute [rw] created_time
172
+ # The datetime when the auto scaling group was created.
173
+ # @return [String]
174
+ #
175
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupDetails AWS API Documentation
176
+ #
177
+ class AwsAutoScalingAutoScalingGroupDetails < Struct.new(
178
+ :launch_configuration_name,
179
+ :load_balancer_names,
180
+ :health_check_type,
181
+ :health_check_grace_period,
182
+ :created_time)
183
+ SENSITIVE = []
184
+ include Aws::Structure
185
+ end
186
+
140
187
  # A distribution configuration.
141
188
  #
142
189
  # @note When making an API call, you may pass AwsCloudFrontDistributionDetails
@@ -1172,6 +1219,165 @@ module Aws::SecurityHub
1172
1219
  include Aws::Structure
1173
1220
  end
1174
1221
 
1222
+ # An attachment to an AWS EC2 volume.
1223
+ #
1224
+ # @note When making an API call, you may pass AwsEc2VolumeAttachment
1225
+ # data as a hash:
1226
+ #
1227
+ # {
1228
+ # attach_time: "NonEmptyString",
1229
+ # delete_on_termination: false,
1230
+ # instance_id: "NonEmptyString",
1231
+ # status: "NonEmptyString",
1232
+ # }
1233
+ #
1234
+ # @!attribute [rw] attach_time
1235
+ # The datetime when the attachment initiated.
1236
+ # @return [String]
1237
+ #
1238
+ # @!attribute [rw] delete_on_termination
1239
+ # Whether the EBS volume is deleted when the EC2 instance is
1240
+ # terminated.
1241
+ # @return [Boolean]
1242
+ #
1243
+ # @!attribute [rw] instance_id
1244
+ # The identifier of the EC2 instance.
1245
+ # @return [String]
1246
+ #
1247
+ # @!attribute [rw] status
1248
+ # The attachment state of the volume.
1249
+ # @return [String]
1250
+ #
1251
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VolumeAttachment AWS API Documentation
1252
+ #
1253
+ class AwsEc2VolumeAttachment < Struct.new(
1254
+ :attach_time,
1255
+ :delete_on_termination,
1256
+ :instance_id,
1257
+ :status)
1258
+ SENSITIVE = []
1259
+ include Aws::Structure
1260
+ end
1261
+
1262
+ # Details about an EC2 volume.
1263
+ #
1264
+ # @note When making an API call, you may pass AwsEc2VolumeDetails
1265
+ # data as a hash:
1266
+ #
1267
+ # {
1268
+ # create_time: "NonEmptyString",
1269
+ # encrypted: false,
1270
+ # size: 1,
1271
+ # snapshot_id: "NonEmptyString",
1272
+ # status: "NonEmptyString",
1273
+ # kms_key_id: "NonEmptyString",
1274
+ # attachments: [
1275
+ # {
1276
+ # attach_time: "NonEmptyString",
1277
+ # delete_on_termination: false,
1278
+ # instance_id: "NonEmptyString",
1279
+ # status: "NonEmptyString",
1280
+ # },
1281
+ # ],
1282
+ # }
1283
+ #
1284
+ # @!attribute [rw] create_time
1285
+ # The datetime when the volume was created.
1286
+ # @return [String]
1287
+ #
1288
+ # @!attribute [rw] encrypted
1289
+ # Whether the volume is encrypted.
1290
+ # @return [Boolean]
1291
+ #
1292
+ # @!attribute [rw] size
1293
+ # The size of the volume, in GiBs.
1294
+ # @return [Integer]
1295
+ #
1296
+ # @!attribute [rw] snapshot_id
1297
+ # The snapshot from which the volume was created.
1298
+ # @return [String]
1299
+ #
1300
+ # @!attribute [rw] status
1301
+ # The volume state.
1302
+ # @return [String]
1303
+ #
1304
+ # @!attribute [rw] kms_key_id
1305
+ # The ARN of the AWS Key Management Service (AWS KMS) customer master
1306
+ # key (CMK) that was used to protect the volume encryption key for the
1307
+ # volume.
1308
+ # @return [String]
1309
+ #
1310
+ # @!attribute [rw] attachments
1311
+ # The volume attachments.
1312
+ # @return [Array<Types::AwsEc2VolumeAttachment>]
1313
+ #
1314
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VolumeDetails AWS API Documentation
1315
+ #
1316
+ class AwsEc2VolumeDetails < Struct.new(
1317
+ :create_time,
1318
+ :encrypted,
1319
+ :size,
1320
+ :snapshot_id,
1321
+ :status,
1322
+ :kms_key_id,
1323
+ :attachments)
1324
+ SENSITIVE = []
1325
+ include Aws::Structure
1326
+ end
1327
+
1328
+ # Details about an EC2 VPC.
1329
+ #
1330
+ # @note When making an API call, you may pass AwsEc2VpcDetails
1331
+ # data as a hash:
1332
+ #
1333
+ # {
1334
+ # cidr_block_association_set: [
1335
+ # {
1336
+ # association_id: "NonEmptyString",
1337
+ # cidr_block: "NonEmptyString",
1338
+ # cidr_block_state: "NonEmptyString",
1339
+ # },
1340
+ # ],
1341
+ # ipv_6_cidr_block_association_set: [
1342
+ # {
1343
+ # association_id: "NonEmptyString",
1344
+ # ipv_6_cidr_block: "NonEmptyString",
1345
+ # cidr_block_state: "NonEmptyString",
1346
+ # },
1347
+ # ],
1348
+ # dhcp_options_id: "NonEmptyString",
1349
+ # state: "NonEmptyString",
1350
+ # }
1351
+ #
1352
+ # @!attribute [rw] cidr_block_association_set
1353
+ # Information about the IPv4 CIDR blocks associated with the VPC.
1354
+ # @return [Array<Types::CidrBlockAssociation>]
1355
+ #
1356
+ # @!attribute [rw] ipv_6_cidr_block_association_set
1357
+ # Information about the IPv6 CIDR blocks associated with the VPC.
1358
+ # @return [Array<Types::Ipv6CidrBlockAssociation>]
1359
+ #
1360
+ # @!attribute [rw] dhcp_options_id
1361
+ # The identifier of the set of Dynamic Host Configuration Protocol
1362
+ # (DHCP) options that are associated with the VPC. If the default
1363
+ # options are associated with the VPC, then this is default.
1364
+ # @return [String]
1365
+ #
1366
+ # @!attribute [rw] state
1367
+ # The current state of the VPC.
1368
+ # @return [String]
1369
+ #
1370
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpcDetails AWS API Documentation
1371
+ #
1372
+ class AwsEc2VpcDetails < Struct.new(
1373
+ :cidr_block_association_set,
1374
+ :ipv_6_cidr_block_association_set,
1375
+ :dhcp_options_id,
1376
+ :state)
1377
+ SENSITIVE = []
1378
+ include Aws::Structure
1379
+ end
1380
+
1175
1381
  # Information about an Elasticsearch domain.
1176
1382
  #
1177
1383
  # @note When making an API call, you may pass AwsElasticsearchDomainDetails
@@ -2597,6 +2803,10 @@ module Aws::SecurityHub
2597
2803
  # network: {
2598
2804
  # direction: "IN", # accepts IN, OUT
2599
2805
  # protocol: "NonEmptyString",
2806
+ # open_port_range: {
2807
+ # begin: 1,
2808
+ # end: 1,
2809
+ # },
2600
2810
  # source_ip_v4: "NonEmptyString",
2601
2811
  # source_ip_v6: "NonEmptyString",
2602
2812
  # source_port: 1,
@@ -2607,6 +2817,54 @@ module Aws::SecurityHub
2607
2817
  # destination_port: 1,
2608
2818
  # destination_domain: "NonEmptyString",
2609
2819
  # },
2820
+ # network_path: [
2821
+ # {
2822
+ # component_id: "NonEmptyString",
2823
+ # component_type: "NonEmptyString",
2824
+ # egress: {
2825
+ # protocol: "NonEmptyString",
2826
+ # destination: {
2827
+ # address: ["NonEmptyString"],
2828
+ # port_ranges: [
2829
+ # {
2830
+ # begin: 1,
2831
+ # end: 1,
2832
+ # },
2833
+ # ],
2834
+ # },
2835
+ # source: {
2836
+ # address: ["NonEmptyString"],
2837
+ # port_ranges: [
2838
+ # {
2839
+ # begin: 1,
2840
+ # end: 1,
2841
+ # },
2842
+ # ],
2843
+ # },
2844
+ # },
2845
+ # ingress: {
2846
+ # protocol: "NonEmptyString",
2847
+ # destination: {
2848
+ # address: ["NonEmptyString"],
2849
+ # port_ranges: [
2850
+ # {
2851
+ # begin: 1,
2852
+ # end: 1,
2853
+ # },
2854
+ # ],
2855
+ # },
2856
+ # source: {
2857
+ # address: ["NonEmptyString"],
2858
+ # port_ranges: [
2859
+ # {
2860
+ # begin: 1,
2861
+ # end: 1,
2862
+ # },
2863
+ # ],
2864
+ # },
2865
+ # },
2866
+ # },
2867
+ # ],
2610
2868
  # process: {
2611
2869
  # name: "NonEmptyString",
2612
2870
  # path: "NonEmptyString",
@@ -2635,6 +2893,13 @@ module Aws::SecurityHub
2635
2893
  # "NonEmptyString" => "NonEmptyString",
2636
2894
  # },
2637
2895
  # details: {
2896
+ # aws_auto_scaling_auto_scaling_group: {
2897
+ # launch_configuration_name: "NonEmptyString",
2898
+ # load_balancer_names: ["NonEmptyString"],
2899
+ # health_check_type: "NonEmptyString",
2900
+ # health_check_grace_period: 1,
2901
+ # created_time: "NonEmptyString",
2902
+ # },
2638
2903
  # aws_code_build_project: {
2639
2904
  # encryption_key: "NonEmptyString",
2640
2905
  # environment: {
@@ -2782,6 +3047,40 @@ module Aws::SecurityHub
2782
3047
  # },
2783
3048
  # ],
2784
3049
  # },
3050
+ # aws_ec2_volume: {
3051
+ # create_time: "NonEmptyString",
3052
+ # encrypted: false,
3053
+ # size: 1,
3054
+ # snapshot_id: "NonEmptyString",
3055
+ # status: "NonEmptyString",
3056
+ # kms_key_id: "NonEmptyString",
3057
+ # attachments: [
3058
+ # {
3059
+ # attach_time: "NonEmptyString",
3060
+ # delete_on_termination: false,
3061
+ # instance_id: "NonEmptyString",
3062
+ # status: "NonEmptyString",
3063
+ # },
3064
+ # ],
3065
+ # },
3066
+ # aws_ec2_vpc: {
3067
+ # cidr_block_association_set: [
3068
+ # {
3069
+ # association_id: "NonEmptyString",
3070
+ # cidr_block: "NonEmptyString",
3071
+ # cidr_block_state: "NonEmptyString",
3072
+ # },
3073
+ # ],
3074
+ # ipv_6_cidr_block_association_set: [
3075
+ # {
3076
+ # association_id: "NonEmptyString",
3077
+ # ipv_6_cidr_block: "NonEmptyString",
3078
+ # cidr_block_state: "NonEmptyString",
3079
+ # },
3080
+ # ],
3081
+ # dhcp_options_id: "NonEmptyString",
3082
+ # state: "NonEmptyString",
3083
+ # },
2785
3084
  # aws_elbv_2_load_balancer: {
2786
3085
  # availability_zones: [
2787
3086
  # {
@@ -3042,6 +3341,36 @@ module Aws::SecurityHub
3042
3341
  # updated_by: "NonEmptyString", # required
3043
3342
  # updated_at: "NonEmptyString", # required
3044
3343
  # },
3344
+ # vulnerabilities: [
3345
+ # {
3346
+ # id: "NonEmptyString", # required
3347
+ # vulnerable_packages: [
3348
+ # {
3349
+ # name: "NonEmptyString",
3350
+ # version: "NonEmptyString",
3351
+ # epoch: "NonEmptyString",
3352
+ # release: "NonEmptyString",
3353
+ # architecture: "NonEmptyString",
3354
+ # },
3355
+ # ],
3356
+ # cvss: [
3357
+ # {
3358
+ # version: "NonEmptyString",
3359
+ # base_score: 1.0,
3360
+ # base_vector: "NonEmptyString",
3361
+ # },
3362
+ # ],
3363
+ # related_vulnerabilities: ["NonEmptyString"],
3364
+ # vendor: {
3365
+ # name: "NonEmptyString", # required
3366
+ # url: "NonEmptyString",
3367
+ # vendor_severity: "NonEmptyString",
3368
+ # vendor_created_at: "NonEmptyString",
3369
+ # vendor_updated_at: "NonEmptyString",
3370
+ # },
3371
+ # reference_urls: ["NonEmptyString"],
3372
+ # },
3373
+ # ],
3045
3374
  # }
3046
3375
  #
3047
3376
  # @!attribute [rw] schema_version
@@ -3168,6 +3497,12 @@ module Aws::SecurityHub
3168
3497
  # The details of network-related information about a finding.
3169
3498
  # @return [Types::Network]
3170
3499
  #
3500
+ # @!attribute [rw] network_path
3501
+ # Provides information about a network path that is relevant to a
3502
+ # finding. Each entry under `NetworkPath` represents a component of
3503
+ # that path.
3504
+ # @return [Array<Types::NetworkPathComponent>]
3505
+ #
3171
3506
  # @!attribute [rw] process
3172
3507
  # The details of process-related information about a finding.
3173
3508
  # @return [Types::ProcessDetails]
@@ -3213,6 +3548,10 @@ module Aws::SecurityHub
3213
3548
  # A user-defined note added to a finding.
3214
3549
  # @return [Types::Note]
3215
3550
  #
3551
+ # @!attribute [rw] vulnerabilities
3552
+ # Provides a list of vulnerabilities associated with the findings.
3553
+ # @return [Array<Types::Vulnerability>]
3554
+ #
3216
3555
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
3217
3556
  #
3218
3557
  class AwsSecurityFinding < Struct.new(
@@ -3237,6 +3576,7 @@ module Aws::SecurityHub
3237
3576
  :user_defined_fields,
3238
3577
  :malware,
3239
3578
  :network,
3579
+ :network_path,
3240
3580
  :process,
3241
3581
  :threat_intel_indicators,
3242
3582
  :resources,
@@ -3246,7 +3586,8 @@ module Aws::SecurityHub
3246
3586
  :workflow,
3247
3587
  :record_state,
3248
3588
  :related_findings,
3249
- :note)
3589
+ :note,
3590
+ :vulnerabilities)
3250
3591
  SENSITIVE = []
3251
3592
  include Aws::Structure
3252
3593
  end
@@ -4709,6 +5050,10 @@ module Aws::SecurityHub
4709
5050
  # network: {
4710
5051
  # direction: "IN", # accepts IN, OUT
4711
5052
  # protocol: "NonEmptyString",
5053
+ # open_port_range: {
5054
+ # begin: 1,
5055
+ # end: 1,
5056
+ # },
4712
5057
  # source_ip_v4: "NonEmptyString",
4713
5058
  # source_ip_v6: "NonEmptyString",
4714
5059
  # source_port: 1,
@@ -4719,6 +5064,54 @@ module Aws::SecurityHub
4719
5064
  # destination_port: 1,
4720
5065
  # destination_domain: "NonEmptyString",
4721
5066
  # },
5067
+ # network_path: [
5068
+ # {
5069
+ # component_id: "NonEmptyString",
5070
+ # component_type: "NonEmptyString",
5071
+ # egress: {
5072
+ # protocol: "NonEmptyString",
5073
+ # destination: {
5074
+ # address: ["NonEmptyString"],
5075
+ # port_ranges: [
5076
+ # {
5077
+ # begin: 1,
5078
+ # end: 1,
5079
+ # },
5080
+ # ],
5081
+ # },
5082
+ # source: {
5083
+ # address: ["NonEmptyString"],
5084
+ # port_ranges: [
5085
+ # {
5086
+ # begin: 1,
5087
+ # end: 1,
5088
+ # },
5089
+ # ],
5090
+ # },
5091
+ # },
5092
+ # ingress: {
5093
+ # protocol: "NonEmptyString",
5094
+ # destination: {
5095
+ # address: ["NonEmptyString"],
5096
+ # port_ranges: [
5097
+ # {
5098
+ # begin: 1,
5099
+ # end: 1,
5100
+ # },
5101
+ # ],
5102
+ # },
5103
+ # source: {
5104
+ # address: ["NonEmptyString"],
5105
+ # port_ranges: [
5106
+ # {
5107
+ # begin: 1,
5108
+ # end: 1,
5109
+ # },
5110
+ # ],
5111
+ # },
5112
+ # },
5113
+ # },
5114
+ # ],
4722
5115
  # process: {
4723
5116
  # name: "NonEmptyString",
4724
5117
  # path: "NonEmptyString",
@@ -4747,6 +5140,13 @@ module Aws::SecurityHub
4747
5140
  # "NonEmptyString" => "NonEmptyString",
4748
5141
  # },
4749
5142
  # details: {
5143
+ # aws_auto_scaling_auto_scaling_group: {
5144
+ # launch_configuration_name: "NonEmptyString",
5145
+ # load_balancer_names: ["NonEmptyString"],
5146
+ # health_check_type: "NonEmptyString",
5147
+ # health_check_grace_period: 1,
5148
+ # created_time: "NonEmptyString",
5149
+ # },
4750
5150
  # aws_code_build_project: {
4751
5151
  # encryption_key: "NonEmptyString",
4752
5152
  # environment: {
@@ -4894,6 +5294,40 @@ module Aws::SecurityHub
4894
5294
  # },
4895
5295
  # ],
4896
5296
  # },
5297
+ # aws_ec2_volume: {
5298
+ # create_time: "NonEmptyString",
5299
+ # encrypted: false,
5300
+ # size: 1,
5301
+ # snapshot_id: "NonEmptyString",
5302
+ # status: "NonEmptyString",
5303
+ # kms_key_id: "NonEmptyString",
5304
+ # attachments: [
5305
+ # {
5306
+ # attach_time: "NonEmptyString",
5307
+ # delete_on_termination: false,
5308
+ # instance_id: "NonEmptyString",
5309
+ # status: "NonEmptyString",
5310
+ # },
5311
+ # ],
5312
+ # },
5313
+ # aws_ec2_vpc: {
5314
+ # cidr_block_association_set: [
5315
+ # {
5316
+ # association_id: "NonEmptyString",
5317
+ # cidr_block: "NonEmptyString",
5318
+ # cidr_block_state: "NonEmptyString",
5319
+ # },
5320
+ # ],
5321
+ # ipv_6_cidr_block_association_set: [
5322
+ # {
5323
+ # association_id: "NonEmptyString",
5324
+ # ipv_6_cidr_block: "NonEmptyString",
5325
+ # cidr_block_state: "NonEmptyString",
5326
+ # },
5327
+ # ],
5328
+ # dhcp_options_id: "NonEmptyString",
5329
+ # state: "NonEmptyString",
5330
+ # },
4897
5331
  # aws_elbv_2_load_balancer: {
4898
5332
  # availability_zones: [
4899
5333
  # {
@@ -5154,6 +5588,36 @@ module Aws::SecurityHub
5154
5588
  # updated_by: "NonEmptyString", # required
5155
5589
  # updated_at: "NonEmptyString", # required
5156
5590
  # },
5591
+ # vulnerabilities: [
5592
+ # {
5593
+ # id: "NonEmptyString", # required
5594
+ # vulnerable_packages: [
5595
+ # {
5596
+ # name: "NonEmptyString",
5597
+ # version: "NonEmptyString",
5598
+ # epoch: "NonEmptyString",
5599
+ # release: "NonEmptyString",
5600
+ # architecture: "NonEmptyString",
5601
+ # },
5602
+ # ],
5603
+ # cvss: [
5604
+ # {
5605
+ # version: "NonEmptyString",
5606
+ # base_score: 1.0,
5607
+ # base_vector: "NonEmptyString",
5608
+ # },
5609
+ # ],
5610
+ # related_vulnerabilities: ["NonEmptyString"],
5611
+ # vendor: {
5612
+ # name: "NonEmptyString", # required
5613
+ # url: "NonEmptyString",
5614
+ # vendor_severity: "NonEmptyString",
5615
+ # vendor_created_at: "NonEmptyString",
5616
+ # vendor_updated_at: "NonEmptyString",
5617
+ # },
5618
+ # reference_urls: ["NonEmptyString"],
5619
+ # },
5620
+ # ],
5157
5621
  # },
5158
5622
  # ],
5159
5623
  # }
@@ -5377,6 +5841,39 @@ module Aws::SecurityHub
5377
5841
  include Aws::Structure
5378
5842
  end
5379
5843
 
5844
+ # An IPv4 CIDR block association.
5845
+ #
5846
+ # @note When making an API call, you may pass CidrBlockAssociation
5847
+ # data as a hash:
5848
+ #
5849
+ # {
5850
+ # association_id: "NonEmptyString",
5851
+ # cidr_block: "NonEmptyString",
5852
+ # cidr_block_state: "NonEmptyString",
5853
+ # }
5854
+ #
5855
+ # @!attribute [rw] association_id
5856
+ # The association ID for the IPv4 CIDR block.
5857
+ # @return [String]
5858
+ #
5859
+ # @!attribute [rw] cidr_block
5860
+ # The IPv4 CIDR block.
5861
+ # @return [String]
5862
+ #
5863
+ # @!attribute [rw] cidr_block_state
5864
+ # Information about the state of the IPv4 CIDR block.
5865
+ # @return [String]
5866
+ #
5867
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CidrBlockAssociation AWS API Documentation
5868
+ #
5869
+ class CidrBlockAssociation < Struct.new(
5870
+ :association_id,
5871
+ :cidr_block,
5872
+ :cidr_block_state)
5873
+ SENSITIVE = []
5874
+ include Aws::Structure
5875
+ end
5876
+
5380
5877
  # Contains finding details that are specific to control-based findings.
5381
5878
  # Only returned for findings generated from controls.
5382
5879
  #
@@ -6165,6 +6662,39 @@ module Aws::SecurityHub
6165
6662
  include Aws::Structure
6166
6663
  end
6167
6664
 
6665
+ # CVSS scores from the advisory related to the vulnerability.
6666
+ #
6667
+ # @note When making an API call, you may pass Cvss
6668
+ # data as a hash:
6669
+ #
6670
+ # {
6671
+ # version: "NonEmptyString",
6672
+ # base_score: 1.0,
6673
+ # base_vector: "NonEmptyString",
6674
+ # }
6675
+ #
6676
+ # @!attribute [rw] version
6677
+ # The version of CVSS for the CVSS score.
6678
+ # @return [String]
6679
+ #
6680
+ # @!attribute [rw] base_score
6681
+ # The base CVSS score.
6682
+ # @return [Float]
6683
+ #
6684
+ # @!attribute [rw] base_vector
6685
+ # The base scoring vector for the CVSS score.
6686
+ # @return [String]
6687
+ #
6688
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
6689
+ #
6690
+ class Cvss < Struct.new(
6691
+ :version,
6692
+ :base_score,
6693
+ :base_vector)
6694
+ SENSITIVE = []
6695
+ include Aws::Structure
6696
+ end
6697
+
6168
6698
  # A date filter for querying findings.
6169
6699
  #
6170
6700
  # @note When making an API call, you may pass DateFilter
@@ -7852,6 +8382,39 @@ module Aws::SecurityHub
7852
8382
  include Aws::Structure
7853
8383
  end
7854
8384
 
8385
+ # An IPV6 CIDR block association.
8386
+ #
8387
+ # @note When making an API call, you may pass Ipv6CidrBlockAssociation
8388
+ # data as a hash:
8389
+ #
8390
+ # {
8391
+ # association_id: "NonEmptyString",
8392
+ # ipv_6_cidr_block: "NonEmptyString",
8393
+ # cidr_block_state: "NonEmptyString",
8394
+ # }
8395
+ #
8396
+ # @!attribute [rw] association_id
8397
+ # The association ID for the IPv6 CIDR block.
8398
+ # @return [String]
8399
+ #
8400
+ # @!attribute [rw] ipv_6_cidr_block
8401
+ # The IPv6 CIDR block.
8402
+ # @return [String]
8403
+ #
8404
+ # @!attribute [rw] cidr_block_state
8405
+ # Information about the state of the CIDR block.
8406
+ # @return [String]
8407
+ #
8408
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Ipv6CidrBlockAssociation AWS API Documentation
8409
+ #
8410
+ class Ipv6CidrBlockAssociation < Struct.new(
8411
+ :association_id,
8412
+ :ipv_6_cidr_block,
8413
+ :cidr_block_state)
8414
+ SENSITIVE = []
8415
+ include Aws::Structure
8416
+ end
8417
+
7855
8418
  # A keyword filter for querying findings.
7856
8419
  #
7857
8420
  # @note When making an API call, you may pass KeywordFilter
@@ -8239,6 +8802,10 @@ module Aws::SecurityHub
8239
8802
  # {
8240
8803
  # direction: "IN", # accepts IN, OUT
8241
8804
  # protocol: "NonEmptyString",
8805
+ # open_port_range: {
8806
+ # begin: 1,
8807
+ # end: 1,
8808
+ # },
8242
8809
  # source_ip_v4: "NonEmptyString",
8243
8810
  # source_ip_v6: "NonEmptyString",
8244
8811
  # source_port: 1,
@@ -8258,6 +8825,10 @@ module Aws::SecurityHub
8258
8825
  # The protocol of network-related information about a finding.
8259
8826
  # @return [String]
8260
8827
  #
8828
+ # @!attribute [rw] open_port_range
8829
+ # The range of open ports that is present on the network.
8830
+ # @return [Types::PortRange]
8831
+ #
8261
8832
  # @!attribute [rw] source_ip_v4
8262
8833
  # The source IPv4 address of network-related information about a
8263
8834
  # finding.
@@ -8305,6 +8876,7 @@ module Aws::SecurityHub
8305
8876
  class Network < Struct.new(
8306
8877
  :direction,
8307
8878
  :protocol,
8879
+ :open_port_range,
8308
8880
  :source_ip_v4,
8309
8881
  :source_ip_v6,
8310
8882
  :source_port,
@@ -8318,6 +8890,170 @@ module Aws::SecurityHub
8318
8890
  include Aws::Structure
8319
8891
  end
8320
8892
 
8893
+ # Details about a network path component that occurs before or after the
8894
+ # current component.
8895
+ #
8896
+ # @note When making an API call, you may pass NetworkHeader
8897
+ # data as a hash:
8898
+ #
8899
+ # {
8900
+ # protocol: "NonEmptyString",
8901
+ # destination: {
8902
+ # address: ["NonEmptyString"],
8903
+ # port_ranges: [
8904
+ # {
8905
+ # begin: 1,
8906
+ # end: 1,
8907
+ # },
8908
+ # ],
8909
+ # },
8910
+ # source: {
8911
+ # address: ["NonEmptyString"],
8912
+ # port_ranges: [
8913
+ # {
8914
+ # begin: 1,
8915
+ # end: 1,
8916
+ # },
8917
+ # ],
8918
+ # },
8919
+ # }
8920
+ #
8921
+ # @!attribute [rw] protocol
8922
+ # The protocol used for the component.
8923
+ # @return [String]
8924
+ #
8925
+ # @!attribute [rw] destination
8926
+ # Information about the destination of the component.
8927
+ # @return [Types::NetworkPathComponentDetails]
8928
+ #
8929
+ # @!attribute [rw] source
8930
+ # Information about the origin of the component.
8931
+ # @return [Types::NetworkPathComponentDetails]
8932
+ #
8933
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkHeader AWS API Documentation
8934
+ #
8935
+ class NetworkHeader < Struct.new(
8936
+ :protocol,
8937
+ :destination,
8938
+ :source)
8939
+ SENSITIVE = []
8940
+ include Aws::Structure
8941
+ end
8942
+
8943
+ # Information about a network path component.
8944
+ #
8945
+ # @note When making an API call, you may pass NetworkPathComponent
8946
+ # data as a hash:
8947
+ #
8948
+ # {
8949
+ # component_id: "NonEmptyString",
8950
+ # component_type: "NonEmptyString",
8951
+ # egress: {
8952
+ # protocol: "NonEmptyString",
8953
+ # destination: {
8954
+ # address: ["NonEmptyString"],
8955
+ # port_ranges: [
8956
+ # {
8957
+ # begin: 1,
8958
+ # end: 1,
8959
+ # },
8960
+ # ],
8961
+ # },
8962
+ # source: {
8963
+ # address: ["NonEmptyString"],
8964
+ # port_ranges: [
8965
+ # {
8966
+ # begin: 1,
8967
+ # end: 1,
8968
+ # },
8969
+ # ],
8970
+ # },
8971
+ # },
8972
+ # ingress: {
8973
+ # protocol: "NonEmptyString",
8974
+ # destination: {
8975
+ # address: ["NonEmptyString"],
8976
+ # port_ranges: [
8977
+ # {
8978
+ # begin: 1,
8979
+ # end: 1,
8980
+ # },
8981
+ # ],
8982
+ # },
8983
+ # source: {
8984
+ # address: ["NonEmptyString"],
8985
+ # port_ranges: [
8986
+ # {
8987
+ # begin: 1,
8988
+ # end: 1,
8989
+ # },
8990
+ # ],
8991
+ # },
8992
+ # },
8993
+ # }
8994
+ #
8995
+ # @!attribute [rw] component_id
8996
+ # The identifier of a component in the network path.
8997
+ # @return [String]
8998
+ #
8999
+ # @!attribute [rw] component_type
9000
+ # The type of component.
9001
+ # @return [String]
9002
+ #
9003
+ # @!attribute [rw] egress
9004
+ # Information about the component that comes after the current
9005
+ # component in the network path.
9006
+ # @return [Types::NetworkHeader]
9007
+ #
9008
+ # @!attribute [rw] ingress
9009
+ # Information about the component that comes before the current node
9010
+ # in the network path.
9011
+ # @return [Types::NetworkHeader]
9012
+ #
9013
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkPathComponent AWS API Documentation
9014
+ #
9015
+ class NetworkPathComponent < Struct.new(
9016
+ :component_id,
9017
+ :component_type,
9018
+ :egress,
9019
+ :ingress)
9020
+ SENSITIVE = []
9021
+ include Aws::Structure
9022
+ end
9023
+
9024
+ # Information about the destination of the next component in the network
9025
+ # path.
9026
+ #
9027
+ # @note When making an API call, you may pass NetworkPathComponentDetails
9028
+ # data as a hash:
9029
+ #
9030
+ # {
9031
+ # address: ["NonEmptyString"],
9032
+ # port_ranges: [
9033
+ # {
9034
+ # begin: 1,
9035
+ # end: 1,
9036
+ # },
9037
+ # ],
9038
+ # }
9039
+ #
9040
+ # @!attribute [rw] address
9041
+ # The IP addresses of the destination.
9042
+ # @return [Array<String>]
9043
+ #
9044
+ # @!attribute [rw] port_ranges
9045
+ # A list of port ranges for the destination.
9046
+ # @return [Array<Types::PortRange>]
9047
+ #
9048
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkPathComponentDetails AWS API Documentation
9049
+ #
9050
+ class NetworkPathComponentDetails < Struct.new(
9051
+ :address,
9052
+ :port_ranges)
9053
+ SENSITIVE = []
9054
+ include Aws::Structure
9055
+ end
9056
+
8321
9057
  # A user-defined note added to a finding.
8322
9058
  #
8323
9059
  # @note When making an API call, you may pass Note
@@ -8414,6 +9150,33 @@ module Aws::SecurityHub
8414
9150
  include Aws::Structure
8415
9151
  end
8416
9152
 
9153
+ # A range of ports.
9154
+ #
9155
+ # @note When making an API call, you may pass PortRange
9156
+ # data as a hash:
9157
+ #
9158
+ # {
9159
+ # begin: 1,
9160
+ # end: 1,
9161
+ # }
9162
+ #
9163
+ # @!attribute [rw] begin
9164
+ # The first port in the port range.
9165
+ # @return [Integer]
9166
+ #
9167
+ # @!attribute [rw] end
9168
+ # The last port in the port range.
9169
+ # @return [Integer]
9170
+ #
9171
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortRange AWS API Documentation
9172
+ #
9173
+ class PortRange < Struct.new(
9174
+ :begin,
9175
+ :end)
9176
+ SENSITIVE = []
9177
+ include Aws::Structure
9178
+ end
9179
+
8417
9180
  # The details of process-related information about a finding.
8418
9181
  #
8419
9182
  # @note When making an API call, you may pass ProcessDetails
@@ -8623,6 +9386,13 @@ module Aws::SecurityHub
8623
9386
  # "NonEmptyString" => "NonEmptyString",
8624
9387
  # },
8625
9388
  # details: {
9389
+ # aws_auto_scaling_auto_scaling_group: {
9390
+ # launch_configuration_name: "NonEmptyString",
9391
+ # load_balancer_names: ["NonEmptyString"],
9392
+ # health_check_type: "NonEmptyString",
9393
+ # health_check_grace_period: 1,
9394
+ # created_time: "NonEmptyString",
9395
+ # },
8626
9396
  # aws_code_build_project: {
8627
9397
  # encryption_key: "NonEmptyString",
8628
9398
  # environment: {
@@ -8770,6 +9540,40 @@ module Aws::SecurityHub
8770
9540
  # },
8771
9541
  # ],
8772
9542
  # },
9543
+ # aws_ec2_volume: {
9544
+ # create_time: "NonEmptyString",
9545
+ # encrypted: false,
9546
+ # size: 1,
9547
+ # snapshot_id: "NonEmptyString",
9548
+ # status: "NonEmptyString",
9549
+ # kms_key_id: "NonEmptyString",
9550
+ # attachments: [
9551
+ # {
9552
+ # attach_time: "NonEmptyString",
9553
+ # delete_on_termination: false,
9554
+ # instance_id: "NonEmptyString",
9555
+ # status: "NonEmptyString",
9556
+ # },
9557
+ # ],
9558
+ # },
9559
+ # aws_ec2_vpc: {
9560
+ # cidr_block_association_set: [
9561
+ # {
9562
+ # association_id: "NonEmptyString",
9563
+ # cidr_block: "NonEmptyString",
9564
+ # cidr_block_state: "NonEmptyString",
9565
+ # },
9566
+ # ],
9567
+ # ipv_6_cidr_block_association_set: [
9568
+ # {
9569
+ # association_id: "NonEmptyString",
9570
+ # ipv_6_cidr_block: "NonEmptyString",
9571
+ # cidr_block_state: "NonEmptyString",
9572
+ # },
9573
+ # ],
9574
+ # dhcp_options_id: "NonEmptyString",
9575
+ # state: "NonEmptyString",
9576
+ # },
8773
9577
  # aws_elbv_2_load_balancer: {
8774
9578
  # availability_zones: [
8775
9579
  # {
@@ -9083,6 +9887,13 @@ module Aws::SecurityHub
9083
9887
  # data as a hash:
9084
9888
  #
9085
9889
  # {
9890
+ # aws_auto_scaling_auto_scaling_group: {
9891
+ # launch_configuration_name: "NonEmptyString",
9892
+ # load_balancer_names: ["NonEmptyString"],
9893
+ # health_check_type: "NonEmptyString",
9894
+ # health_check_grace_period: 1,
9895
+ # created_time: "NonEmptyString",
9896
+ # },
9086
9897
  # aws_code_build_project: {
9087
9898
  # encryption_key: "NonEmptyString",
9088
9899
  # environment: {
@@ -9230,6 +10041,40 @@ module Aws::SecurityHub
9230
10041
  # },
9231
10042
  # ],
9232
10043
  # },
10044
+ # aws_ec2_volume: {
10045
+ # create_time: "NonEmptyString",
10046
+ # encrypted: false,
10047
+ # size: 1,
10048
+ # snapshot_id: "NonEmptyString",
10049
+ # status: "NonEmptyString",
10050
+ # kms_key_id: "NonEmptyString",
10051
+ # attachments: [
10052
+ # {
10053
+ # attach_time: "NonEmptyString",
10054
+ # delete_on_termination: false,
10055
+ # instance_id: "NonEmptyString",
10056
+ # status: "NonEmptyString",
10057
+ # },
10058
+ # ],
10059
+ # },
10060
+ # aws_ec2_vpc: {
10061
+ # cidr_block_association_set: [
10062
+ # {
10063
+ # association_id: "NonEmptyString",
10064
+ # cidr_block: "NonEmptyString",
10065
+ # cidr_block_state: "NonEmptyString",
10066
+ # },
10067
+ # ],
10068
+ # ipv_6_cidr_block_association_set: [
10069
+ # {
10070
+ # association_id: "NonEmptyString",
10071
+ # ipv_6_cidr_block: "NonEmptyString",
10072
+ # cidr_block_state: "NonEmptyString",
10073
+ # },
10074
+ # ],
10075
+ # dhcp_options_id: "NonEmptyString",
10076
+ # state: "NonEmptyString",
10077
+ # },
9233
10078
  # aws_elbv_2_load_balancer: {
9234
10079
  # availability_zones: [
9235
10080
  # {
@@ -9462,6 +10307,10 @@ module Aws::SecurityHub
9462
10307
  # },
9463
10308
  # }
9464
10309
  #
10310
+ # @!attribute [rw] aws_auto_scaling_auto_scaling_group
10311
+ # Details for an autoscaling group.
10312
+ # @return [Types::AwsAutoScalingAutoScalingGroupDetails]
10313
+ #
9465
10314
  # @!attribute [rw] aws_code_build_project
9466
10315
  # Details for an AWS CodeBuild project.
9467
10316
  # @return [Types::AwsCodeBuildProjectDetails]
@@ -9482,6 +10331,14 @@ module Aws::SecurityHub
9482
10331
  # Details for an EC2 security group.
9483
10332
  # @return [Types::AwsEc2SecurityGroupDetails]
9484
10333
  #
10334
+ # @!attribute [rw] aws_ec2_volume
10335
+ # Details for an EC2 volume.
10336
+ # @return [Types::AwsEc2VolumeDetails]
10337
+ #
10338
+ # @!attribute [rw] aws_ec2_vpc
10339
+ # Details for an EC2 VPC.
10340
+ # @return [Types::AwsEc2VpcDetails]
10341
+ #
9485
10342
  # @!attribute [rw] aws_elbv_2_load_balancer
9486
10343
  # Details about a load balancer.
9487
10344
  # @return [Types::AwsElbv2LoadBalancerDetails]
@@ -9555,11 +10412,14 @@ module Aws::SecurityHub
9555
10412
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
9556
10413
  #
9557
10414
  class ResourceDetails < Struct.new(
10415
+ :aws_auto_scaling_auto_scaling_group,
9558
10416
  :aws_code_build_project,
9559
10417
  :aws_cloud_front_distribution,
9560
10418
  :aws_ec2_instance,
9561
10419
  :aws_ec2_network_interface,
9562
10420
  :aws_ec2_security_group,
10421
+ :aws_ec2_volume,
10422
+ :aws_ec2_vpc,
9563
10423
  :aws_elbv_2_load_balancer,
9564
10424
  :aws_elasticsearch_domain,
9565
10425
  :aws_s3_bucket,
@@ -9746,6 +10606,51 @@ module Aws::SecurityHub
9746
10606
  include Aws::Structure
9747
10607
  end
9748
10608
 
10609
+ # Information about a software package.
10610
+ #
10611
+ # @note When making an API call, you may pass SoftwarePackage
10612
+ # data as a hash:
10613
+ #
10614
+ # {
10615
+ # name: "NonEmptyString",
10616
+ # version: "NonEmptyString",
10617
+ # epoch: "NonEmptyString",
10618
+ # release: "NonEmptyString",
10619
+ # architecture: "NonEmptyString",
10620
+ # }
10621
+ #
10622
+ # @!attribute [rw] name
10623
+ # The name of the software package.
10624
+ # @return [String]
10625
+ #
10626
+ # @!attribute [rw] version
10627
+ # The version of the software package.
10628
+ # @return [String]
10629
+ #
10630
+ # @!attribute [rw] epoch
10631
+ # The epoch of the software package.
10632
+ # @return [String]
10633
+ #
10634
+ # @!attribute [rw] release
10635
+ # The release of the software package.
10636
+ # @return [String]
10637
+ #
10638
+ # @!attribute [rw] architecture
10639
+ # The architecture used for the software package.
10640
+ # @return [String]
10641
+ #
10642
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SoftwarePackage AWS API Documentation
10643
+ #
10644
+ class SoftwarePackage < Struct.new(
10645
+ :name,
10646
+ :version,
10647
+ :epoch,
10648
+ :release,
10649
+ :architecture)
10650
+ SENSITIVE = []
10651
+ include Aws::Structure
10652
+ end
10653
+
9749
10654
  # A collection of finding attributes used to sort findings.
9750
10655
  #
9751
10656
  # @note When making an API call, you may pass SortCriterion
@@ -11354,7 +12259,8 @@ module Aws::SecurityHub
11354
12259
  #
11355
12260
  # @!attribute [rw] disabled_reason
11356
12261
  # A description of the reason why you are disabling a security
11357
- # standard control.
12262
+ # standard control. If you are disabling a control, then this is
12263
+ # required.
11358
12264
  # @return [String]
11359
12265
  #
11360
12266
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateStandardsControlRequest AWS API Documentation
@@ -11371,6 +12277,124 @@ module Aws::SecurityHub
11371
12277
  #
11372
12278
  class UpdateStandardsControlResponse < Aws::EmptyStructure; end
11373
12279
 
12280
+ # A vulnerability associated with a finding.
12281
+ #
12282
+ # @note When making an API call, you may pass Vulnerability
12283
+ # data as a hash:
12284
+ #
12285
+ # {
12286
+ # id: "NonEmptyString", # required
12287
+ # vulnerable_packages: [
12288
+ # {
12289
+ # name: "NonEmptyString",
12290
+ # version: "NonEmptyString",
12291
+ # epoch: "NonEmptyString",
12292
+ # release: "NonEmptyString",
12293
+ # architecture: "NonEmptyString",
12294
+ # },
12295
+ # ],
12296
+ # cvss: [
12297
+ # {
12298
+ # version: "NonEmptyString",
12299
+ # base_score: 1.0,
12300
+ # base_vector: "NonEmptyString",
12301
+ # },
12302
+ # ],
12303
+ # related_vulnerabilities: ["NonEmptyString"],
12304
+ # vendor: {
12305
+ # name: "NonEmptyString", # required
12306
+ # url: "NonEmptyString",
12307
+ # vendor_severity: "NonEmptyString",
12308
+ # vendor_created_at: "NonEmptyString",
12309
+ # vendor_updated_at: "NonEmptyString",
12310
+ # },
12311
+ # reference_urls: ["NonEmptyString"],
12312
+ # }
12313
+ #
12314
+ # @!attribute [rw] id
12315
+ # The identifier of the vulnerability.
12316
+ # @return [String]
12317
+ #
12318
+ # @!attribute [rw] vulnerable_packages
12319
+ # List of software packages that have the vulnerability.
12320
+ # @return [Array<Types::SoftwarePackage>]
12321
+ #
12322
+ # @!attribute [rw] cvss
12323
+ # CVSS scores from the advisory related to the vulnerability.
12324
+ # @return [Array<Types::Cvss>]
12325
+ #
12326
+ # @!attribute [rw] related_vulnerabilities
12327
+ # List of vulnerabilities that are related to this vulnerability.
12328
+ # @return [Array<String>]
12329
+ #
12330
+ # @!attribute [rw] vendor
12331
+ # Information about the vendor that generates the vulnerability
12332
+ # report.
12333
+ # @return [Types::VulnerabilityVendor]
12334
+ #
12335
+ # @!attribute [rw] reference_urls
12336
+ # A list of URLs that provide additional information about the
12337
+ # vulnerability.
12338
+ # @return [Array<String>]
12339
+ #
12340
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Vulnerability AWS API Documentation
12341
+ #
12342
+ class Vulnerability < Struct.new(
12343
+ :id,
12344
+ :vulnerable_packages,
12345
+ :cvss,
12346
+ :related_vulnerabilities,
12347
+ :vendor,
12348
+ :reference_urls)
12349
+ SENSITIVE = []
12350
+ include Aws::Structure
12351
+ end
12352
+
12353
+ # A vendor that generates a vulnerability report.
12354
+ #
12355
+ # @note When making an API call, you may pass VulnerabilityVendor
12356
+ # data as a hash:
12357
+ #
12358
+ # {
12359
+ # name: "NonEmptyString", # required
12360
+ # url: "NonEmptyString",
12361
+ # vendor_severity: "NonEmptyString",
12362
+ # vendor_created_at: "NonEmptyString",
12363
+ # vendor_updated_at: "NonEmptyString",
12364
+ # }
12365
+ #
12366
+ # @!attribute [rw] name
12367
+ # The name of the vendor.
12368
+ # @return [String]
12369
+ #
12370
+ # @!attribute [rw] url
12371
+ # The URL of the vulnerability advisory.
12372
+ # @return [String]
12373
+ #
12374
+ # @!attribute [rw] vendor_severity
12375
+ # The severity that the vendor assigned to the vulnerability.
12376
+ # @return [String]
12377
+ #
12378
+ # @!attribute [rw] vendor_created_at
12379
+ # The datetime when the vulnerability advisory was created.
12380
+ # @return [String]
12381
+ #
12382
+ # @!attribute [rw] vendor_updated_at
12383
+ # The datetime when the vulnerability advisory was last updated.
12384
+ # @return [String]
12385
+ #
12386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/VulnerabilityVendor AWS API Documentation
12387
+ #
12388
+ class VulnerabilityVendor < Struct.new(
12389
+ :name,
12390
+ :url,
12391
+ :vendor_severity,
12392
+ :vendor_created_at,
12393
+ :vendor_updated_at)
12394
+ SENSITIVE = []
12395
+ include Aws::Structure
12396
+ end
12397
+
11374
12398
  # Details about the action that CloudFront or AWS WAF takes when a web
11375
12399
  # request matches the conditions in the rule.
11376
12400
  #