aws-sdk-securityhub 1.33.0 → 1.38.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +2 -1
- data/lib/aws-sdk-securityhub/client.rb +1301 -42
- data/lib/aws-sdk-securityhub/client_api.rb +866 -7
- data/lib/aws-sdk-securityhub/types.rb +11255 -3582
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 2a25801071750e7b9144af545e3207c7ff2fda676a29693a393401cb0cec23fa
|
|
4
|
+
data.tar.gz: 290dba34f8a8b392a1407d100ae92369b0b3600c82cb6cc5d01d72ecc1cc5435
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: d21e75fe30053a1102509025f23dc91323de8084631dd63281be21b3eaf703775b4ff2c158be90a41d42fa7dab28ede886be5c77cc1e09372dcc4a62e62b11fb
|
|
7
|
+
data.tar.gz: 0cbe885647cfe3af171b9d069eecd278483be5e7824f55f7a6c93d196bbcd8b47a4e6cbfb5dc29e42b160f21b96646d7f58399a1b672d8a1e0cfc5527107981d
|
data/lib/aws-sdk-securityhub.rb
CHANGED
|
@@ -7,6 +7,7 @@
|
|
|
7
7
|
#
|
|
8
8
|
# WARNING ABOUT GENERATED CODE
|
|
9
9
|
|
|
10
|
+
|
|
10
11
|
require 'aws-sdk-core'
|
|
11
12
|
require 'aws-sigv4'
|
|
12
13
|
|
|
@@ -47,6 +48,6 @@ require_relative 'aws-sdk-securityhub/customizations'
|
|
|
47
48
|
# @!group service
|
|
48
49
|
module Aws::SecurityHub
|
|
49
50
|
|
|
50
|
-
GEM_VERSION = '1.
|
|
51
|
+
GEM_VERSION = '1.38.0'
|
|
51
52
|
|
|
52
53
|
end
|
|
@@ -330,6 +330,9 @@ module Aws::SecurityHub
|
|
|
330
330
|
# Accepts the invitation to be a member account and be monitored by the
|
|
331
331
|
# Security Hub master account that the invitation was sent from.
|
|
332
332
|
#
|
|
333
|
+
# This operation is only used by member accounts that are not added
|
|
334
|
+
# through Organizations.
|
|
335
|
+
#
|
|
333
336
|
# When the member account accepts the invitation, permission is granted
|
|
334
337
|
# to the master account to view findings generated in the member
|
|
335
338
|
# account.
|
|
@@ -460,24 +463,30 @@ module Aws::SecurityHub
|
|
|
460
463
|
# update the following finding fields and objects, which Security Hub
|
|
461
464
|
# customers use to manage their investigation workflow.
|
|
462
465
|
#
|
|
466
|
+
# * `Note`
|
|
467
|
+
#
|
|
468
|
+
# * `UserDefinedFields`
|
|
469
|
+
#
|
|
470
|
+
# * `VerificationState`
|
|
471
|
+
#
|
|
472
|
+
# * `Workflow`
|
|
473
|
+
#
|
|
474
|
+
# `BatchImportFindings` can be used to update the following finding
|
|
475
|
+
# fields and objects only if they have not been updated using
|
|
476
|
+
# `BatchUpdateFindings`. After they are updated using
|
|
477
|
+
# `BatchUpdateFindings`, these fields cannot be updated using
|
|
478
|
+
# `BatchImportFindings`.
|
|
479
|
+
#
|
|
463
480
|
# * `Confidence`
|
|
464
481
|
#
|
|
465
482
|
# * `Criticality`
|
|
466
483
|
#
|
|
467
|
-
# * `Note`
|
|
468
|
-
#
|
|
469
484
|
# * `RelatedFindings`
|
|
470
485
|
#
|
|
471
486
|
# * `Severity`
|
|
472
487
|
#
|
|
473
488
|
# * `Types`
|
|
474
489
|
#
|
|
475
|
-
# * `UserDefinedFields`
|
|
476
|
-
#
|
|
477
|
-
# * `VerificationState`
|
|
478
|
-
#
|
|
479
|
-
# * `Workflow`
|
|
480
|
-
#
|
|
481
490
|
# @option params [required, Array<Types::AwsSecurityFinding>] :findings
|
|
482
491
|
# A list of findings to import. To successfully import a finding, it
|
|
483
492
|
# must follow the [AWS Security Finding Format][1]. Maximum of 100
|
|
@@ -628,6 +637,7 @@ module Aws::SecurityHub
|
|
|
628
637
|
# id: "NonEmptyString", # required
|
|
629
638
|
# partition: "aws", # accepts aws, aws-cn, aws-us-gov
|
|
630
639
|
# region: "NonEmptyString",
|
|
640
|
+
# resource_role: "NonEmptyString",
|
|
631
641
|
# tags: {
|
|
632
642
|
# "NonEmptyString" => "NonEmptyString",
|
|
633
643
|
# },
|
|
@@ -665,6 +675,17 @@ module Aws::SecurityHub
|
|
|
665
675
|
# },
|
|
666
676
|
# },
|
|
667
677
|
# aws_cloud_front_distribution: {
|
|
678
|
+
# cache_behaviors: {
|
|
679
|
+
# items: [
|
|
680
|
+
# {
|
|
681
|
+
# viewer_protocol_policy: "NonEmptyString",
|
|
682
|
+
# },
|
|
683
|
+
# ],
|
|
684
|
+
# },
|
|
685
|
+
# default_cache_behavior: {
|
|
686
|
+
# viewer_protocol_policy: "NonEmptyString",
|
|
687
|
+
# },
|
|
688
|
+
# default_root_object: "NonEmptyString",
|
|
668
689
|
# domain_name: "NonEmptyString",
|
|
669
690
|
# etag: "NonEmptyString",
|
|
670
691
|
# last_modified_time: "NonEmptyString",
|
|
@@ -680,6 +701,21 @@ module Aws::SecurityHub
|
|
|
680
701
|
# domain_name: "NonEmptyString",
|
|
681
702
|
# id: "NonEmptyString",
|
|
682
703
|
# origin_path: "NonEmptyString",
|
|
704
|
+
# s3_origin_config: {
|
|
705
|
+
# origin_access_identity: "NonEmptyString",
|
|
706
|
+
# },
|
|
707
|
+
# },
|
|
708
|
+
# ],
|
|
709
|
+
# },
|
|
710
|
+
# origin_groups: {
|
|
711
|
+
# items: [
|
|
712
|
+
# {
|
|
713
|
+
# failover_criteria: {
|
|
714
|
+
# status_codes: {
|
|
715
|
+
# items: [1],
|
|
716
|
+
# quantity: 1,
|
|
717
|
+
# },
|
|
718
|
+
# },
|
|
683
719
|
# },
|
|
684
720
|
# ],
|
|
685
721
|
# },
|
|
@@ -715,6 +751,19 @@ module Aws::SecurityHub
|
|
|
715
751
|
# },
|
|
716
752
|
# ],
|
|
717
753
|
# source_dest_check: false,
|
|
754
|
+
# ip_v6_addresses: [
|
|
755
|
+
# {
|
|
756
|
+
# ip_v6_address: "NonEmptyString",
|
|
757
|
+
# },
|
|
758
|
+
# ],
|
|
759
|
+
# private_ip_addresses: [
|
|
760
|
+
# {
|
|
761
|
+
# private_ip_address: "NonEmptyString",
|
|
762
|
+
# private_dns_name: "NonEmptyString",
|
|
763
|
+
# },
|
|
764
|
+
# ],
|
|
765
|
+
# public_dns_name: "NonEmptyString",
|
|
766
|
+
# public_ip: "NonEmptyString",
|
|
718
767
|
# },
|
|
719
768
|
# aws_ec2_security_group: {
|
|
720
769
|
# group_name: "NonEmptyString",
|
|
@@ -921,6 +970,21 @@ module Aws::SecurityHub
|
|
|
921
970
|
# principal_id: "NonEmptyString",
|
|
922
971
|
# principal_type: "NonEmptyString",
|
|
923
972
|
# principal_name: "NonEmptyString",
|
|
973
|
+
# account_id: "NonEmptyString",
|
|
974
|
+
# access_key_id: "NonEmptyString",
|
|
975
|
+
# session_context: {
|
|
976
|
+
# attributes: {
|
|
977
|
+
# mfa_authenticated: false,
|
|
978
|
+
# creation_date: "NonEmptyString",
|
|
979
|
+
# },
|
|
980
|
+
# session_issuer: {
|
|
981
|
+
# type: "NonEmptyString",
|
|
982
|
+
# principal_id: "NonEmptyString",
|
|
983
|
+
# arn: "NonEmptyString",
|
|
984
|
+
# account_id: "NonEmptyString",
|
|
985
|
+
# user_name: "NonEmptyString",
|
|
986
|
+
# },
|
|
987
|
+
# },
|
|
924
988
|
# },
|
|
925
989
|
# aws_iam_user: {
|
|
926
990
|
# attached_managed_policies: [
|
|
@@ -963,6 +1027,56 @@ module Aws::SecurityHub
|
|
|
963
1027
|
# ],
|
|
964
1028
|
# update_date: "NonEmptyString",
|
|
965
1029
|
# },
|
|
1030
|
+
# aws_api_gateway_v2_stage: {
|
|
1031
|
+
# created_date: "NonEmptyString",
|
|
1032
|
+
# description: "NonEmptyString",
|
|
1033
|
+
# default_route_settings: {
|
|
1034
|
+
# detailed_metrics_enabled: false,
|
|
1035
|
+
# logging_level: "NonEmptyString",
|
|
1036
|
+
# data_trace_enabled: false,
|
|
1037
|
+
# throttling_burst_limit: 1,
|
|
1038
|
+
# throttling_rate_limit: 1.0,
|
|
1039
|
+
# },
|
|
1040
|
+
# deployment_id: "NonEmptyString",
|
|
1041
|
+
# last_updated_date: "NonEmptyString",
|
|
1042
|
+
# route_settings: {
|
|
1043
|
+
# detailed_metrics_enabled: false,
|
|
1044
|
+
# logging_level: "NonEmptyString",
|
|
1045
|
+
# data_trace_enabled: false,
|
|
1046
|
+
# throttling_burst_limit: 1,
|
|
1047
|
+
# throttling_rate_limit: 1.0,
|
|
1048
|
+
# },
|
|
1049
|
+
# stage_name: "NonEmptyString",
|
|
1050
|
+
# stage_variables: {
|
|
1051
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
1052
|
+
# },
|
|
1053
|
+
# access_log_settings: {
|
|
1054
|
+
# format: "NonEmptyString",
|
|
1055
|
+
# destination_arn: "NonEmptyString",
|
|
1056
|
+
# },
|
|
1057
|
+
# auto_deploy: false,
|
|
1058
|
+
# last_deployment_status_message: "NonEmptyString",
|
|
1059
|
+
# api_gateway_managed: false,
|
|
1060
|
+
# },
|
|
1061
|
+
# aws_api_gateway_v2_api: {
|
|
1062
|
+
# api_endpoint: "NonEmptyString",
|
|
1063
|
+
# api_id: "NonEmptyString",
|
|
1064
|
+
# api_key_selection_expression: "NonEmptyString",
|
|
1065
|
+
# created_date: "NonEmptyString",
|
|
1066
|
+
# description: "NonEmptyString",
|
|
1067
|
+
# version: "NonEmptyString",
|
|
1068
|
+
# name: "NonEmptyString",
|
|
1069
|
+
# protocol_type: "NonEmptyString",
|
|
1070
|
+
# route_selection_expression: "NonEmptyString",
|
|
1071
|
+
# cors_configuration: {
|
|
1072
|
+
# allow_origins: ["NonEmptyString"],
|
|
1073
|
+
# allow_credentials: false,
|
|
1074
|
+
# expose_headers: ["NonEmptyString"],
|
|
1075
|
+
# max_age: 1,
|
|
1076
|
+
# allow_methods: ["NonEmptyString"],
|
|
1077
|
+
# allow_headers: ["NonEmptyString"],
|
|
1078
|
+
# },
|
|
1079
|
+
# },
|
|
966
1080
|
# aws_dynamo_db_table: {
|
|
967
1081
|
# attribute_definitions: [
|
|
968
1082
|
# {
|
|
@@ -1075,11 +1189,428 @@ module Aws::SecurityHub
|
|
|
1075
1189
|
# table_size_bytes: 1,
|
|
1076
1190
|
# table_status: "NonEmptyString",
|
|
1077
1191
|
# },
|
|
1192
|
+
# aws_api_gateway_stage: {
|
|
1193
|
+
# deployment_id: "NonEmptyString",
|
|
1194
|
+
# client_certificate_id: "NonEmptyString",
|
|
1195
|
+
# stage_name: "NonEmptyString",
|
|
1196
|
+
# description: "NonEmptyString",
|
|
1197
|
+
# cache_cluster_enabled: false,
|
|
1198
|
+
# cache_cluster_size: "NonEmptyString",
|
|
1199
|
+
# cache_cluster_status: "NonEmptyString",
|
|
1200
|
+
# method_settings: [
|
|
1201
|
+
# {
|
|
1202
|
+
# metrics_enabled: false,
|
|
1203
|
+
# logging_level: "NonEmptyString",
|
|
1204
|
+
# data_trace_enabled: false,
|
|
1205
|
+
# throttling_burst_limit: 1,
|
|
1206
|
+
# throttling_rate_limit: 1.0,
|
|
1207
|
+
# caching_enabled: false,
|
|
1208
|
+
# cache_ttl_in_seconds: 1,
|
|
1209
|
+
# cache_data_encrypted: false,
|
|
1210
|
+
# require_authorization_for_cache_control: false,
|
|
1211
|
+
# unauthorized_cache_control_header_strategy: "NonEmptyString",
|
|
1212
|
+
# http_method: "NonEmptyString",
|
|
1213
|
+
# resource_path: "NonEmptyString",
|
|
1214
|
+
# },
|
|
1215
|
+
# ],
|
|
1216
|
+
# variables: {
|
|
1217
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
1218
|
+
# },
|
|
1219
|
+
# documentation_version: "NonEmptyString",
|
|
1220
|
+
# access_log_settings: {
|
|
1221
|
+
# format: "NonEmptyString",
|
|
1222
|
+
# destination_arn: "NonEmptyString",
|
|
1223
|
+
# },
|
|
1224
|
+
# canary_settings: {
|
|
1225
|
+
# percent_traffic: 1.0,
|
|
1226
|
+
# deployment_id: "NonEmptyString",
|
|
1227
|
+
# stage_variable_overrides: {
|
|
1228
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
1229
|
+
# },
|
|
1230
|
+
# use_stage_cache: false,
|
|
1231
|
+
# },
|
|
1232
|
+
# tracing_enabled: false,
|
|
1233
|
+
# created_date: "NonEmptyString",
|
|
1234
|
+
# last_updated_date: "NonEmptyString",
|
|
1235
|
+
# web_acl_arn: "NonEmptyString",
|
|
1236
|
+
# },
|
|
1237
|
+
# aws_api_gateway_rest_api: {
|
|
1238
|
+
# id: "NonEmptyString",
|
|
1239
|
+
# name: "NonEmptyString",
|
|
1240
|
+
# description: "NonEmptyString",
|
|
1241
|
+
# created_date: "NonEmptyString",
|
|
1242
|
+
# version: "NonEmptyString",
|
|
1243
|
+
# binary_media_types: ["NonEmptyString"],
|
|
1244
|
+
# minimum_compression_size: 1,
|
|
1245
|
+
# api_key_source: "NonEmptyString",
|
|
1246
|
+
# endpoint_configuration: {
|
|
1247
|
+
# types: ["NonEmptyString"],
|
|
1248
|
+
# },
|
|
1249
|
+
# },
|
|
1250
|
+
# aws_cloud_trail_trail: {
|
|
1251
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
1252
|
+
# cloud_watch_logs_role_arn: "NonEmptyString",
|
|
1253
|
+
# has_custom_event_selectors: false,
|
|
1254
|
+
# home_region: "NonEmptyString",
|
|
1255
|
+
# include_global_service_events: false,
|
|
1256
|
+
# is_multi_region_trail: false,
|
|
1257
|
+
# is_organization_trail: false,
|
|
1258
|
+
# kms_key_id: "NonEmptyString",
|
|
1259
|
+
# log_file_validation_enabled: false,
|
|
1260
|
+
# name: "NonEmptyString",
|
|
1261
|
+
# s3_bucket_name: "NonEmptyString",
|
|
1262
|
+
# s3_key_prefix: "NonEmptyString",
|
|
1263
|
+
# sns_topic_arn: "NonEmptyString",
|
|
1264
|
+
# sns_topic_name: "NonEmptyString",
|
|
1265
|
+
# trail_arn: "NonEmptyString",
|
|
1266
|
+
# },
|
|
1267
|
+
# aws_ssm_patch_compliance: {
|
|
1268
|
+
# patch: {
|
|
1269
|
+
# compliance_summary: {
|
|
1270
|
+
# status: "NonEmptyString",
|
|
1271
|
+
# compliant_critical_count: 1,
|
|
1272
|
+
# compliant_high_count: 1,
|
|
1273
|
+
# compliant_medium_count: 1,
|
|
1274
|
+
# execution_type: "NonEmptyString",
|
|
1275
|
+
# non_compliant_critical_count: 1,
|
|
1276
|
+
# compliant_informational_count: 1,
|
|
1277
|
+
# non_compliant_informational_count: 1,
|
|
1278
|
+
# compliant_unspecified_count: 1,
|
|
1279
|
+
# non_compliant_low_count: 1,
|
|
1280
|
+
# non_compliant_high_count: 1,
|
|
1281
|
+
# compliant_low_count: 1,
|
|
1282
|
+
# compliance_type: "NonEmptyString",
|
|
1283
|
+
# patch_baseline_id: "NonEmptyString",
|
|
1284
|
+
# overall_severity: "NonEmptyString",
|
|
1285
|
+
# non_compliant_medium_count: 1,
|
|
1286
|
+
# non_compliant_unspecified_count: 1,
|
|
1287
|
+
# patch_group: "NonEmptyString",
|
|
1288
|
+
# },
|
|
1289
|
+
# },
|
|
1290
|
+
# },
|
|
1291
|
+
# aws_certificate_manager_certificate: {
|
|
1292
|
+
# certificate_authority_arn: "NonEmptyString",
|
|
1293
|
+
# created_at: "NonEmptyString",
|
|
1294
|
+
# domain_name: "NonEmptyString",
|
|
1295
|
+
# domain_validation_options: [
|
|
1296
|
+
# {
|
|
1297
|
+
# domain_name: "NonEmptyString",
|
|
1298
|
+
# resource_record: {
|
|
1299
|
+
# name: "NonEmptyString",
|
|
1300
|
+
# type: "NonEmptyString",
|
|
1301
|
+
# value: "NonEmptyString",
|
|
1302
|
+
# },
|
|
1303
|
+
# validation_domain: "NonEmptyString",
|
|
1304
|
+
# validation_emails: ["NonEmptyString"],
|
|
1305
|
+
# validation_method: "NonEmptyString",
|
|
1306
|
+
# validation_status: "NonEmptyString",
|
|
1307
|
+
# },
|
|
1308
|
+
# ],
|
|
1309
|
+
# extended_key_usages: [
|
|
1310
|
+
# {
|
|
1311
|
+
# name: "NonEmptyString",
|
|
1312
|
+
# o_id: "NonEmptyString",
|
|
1313
|
+
# },
|
|
1314
|
+
# ],
|
|
1315
|
+
# failure_reason: "NonEmptyString",
|
|
1316
|
+
# imported_at: "NonEmptyString",
|
|
1317
|
+
# in_use_by: ["NonEmptyString"],
|
|
1318
|
+
# issued_at: "NonEmptyString",
|
|
1319
|
+
# issuer: "NonEmptyString",
|
|
1320
|
+
# key_algorithm: "NonEmptyString",
|
|
1321
|
+
# key_usages: [
|
|
1322
|
+
# {
|
|
1323
|
+
# name: "NonEmptyString",
|
|
1324
|
+
# },
|
|
1325
|
+
# ],
|
|
1326
|
+
# not_after: "NonEmptyString",
|
|
1327
|
+
# not_before: "NonEmptyString",
|
|
1328
|
+
# options: {
|
|
1329
|
+
# certificate_transparency_logging_preference: "NonEmptyString",
|
|
1330
|
+
# },
|
|
1331
|
+
# renewal_eligibility: "NonEmptyString",
|
|
1332
|
+
# renewal_summary: {
|
|
1333
|
+
# domain_validation_options: [
|
|
1334
|
+
# {
|
|
1335
|
+
# domain_name: "NonEmptyString",
|
|
1336
|
+
# resource_record: {
|
|
1337
|
+
# name: "NonEmptyString",
|
|
1338
|
+
# type: "NonEmptyString",
|
|
1339
|
+
# value: "NonEmptyString",
|
|
1340
|
+
# },
|
|
1341
|
+
# validation_domain: "NonEmptyString",
|
|
1342
|
+
# validation_emails: ["NonEmptyString"],
|
|
1343
|
+
# validation_method: "NonEmptyString",
|
|
1344
|
+
# validation_status: "NonEmptyString",
|
|
1345
|
+
# },
|
|
1346
|
+
# ],
|
|
1347
|
+
# renewal_status: "NonEmptyString",
|
|
1348
|
+
# renewal_status_reason: "NonEmptyString",
|
|
1349
|
+
# updated_at: "NonEmptyString",
|
|
1350
|
+
# },
|
|
1351
|
+
# serial: "NonEmptyString",
|
|
1352
|
+
# signature_algorithm: "NonEmptyString",
|
|
1353
|
+
# status: "NonEmptyString",
|
|
1354
|
+
# subject: "NonEmptyString",
|
|
1355
|
+
# subject_alternative_names: ["NonEmptyString"],
|
|
1356
|
+
# type: "NonEmptyString",
|
|
1357
|
+
# },
|
|
1358
|
+
# aws_redshift_cluster: {
|
|
1359
|
+
# allow_version_upgrade: false,
|
|
1360
|
+
# automated_snapshot_retention_period: 1,
|
|
1361
|
+
# availability_zone: "NonEmptyString",
|
|
1362
|
+
# cluster_availability_status: "NonEmptyString",
|
|
1363
|
+
# cluster_create_time: "NonEmptyString",
|
|
1364
|
+
# cluster_identifier: "NonEmptyString",
|
|
1365
|
+
# cluster_nodes: [
|
|
1366
|
+
# {
|
|
1367
|
+
# node_role: "NonEmptyString",
|
|
1368
|
+
# private_ip_address: "NonEmptyString",
|
|
1369
|
+
# public_ip_address: "NonEmptyString",
|
|
1370
|
+
# },
|
|
1371
|
+
# ],
|
|
1372
|
+
# cluster_parameter_groups: [
|
|
1373
|
+
# {
|
|
1374
|
+
# cluster_parameter_status_list: [
|
|
1375
|
+
# {
|
|
1376
|
+
# parameter_name: "NonEmptyString",
|
|
1377
|
+
# parameter_apply_status: "NonEmptyString",
|
|
1378
|
+
# parameter_apply_error_description: "NonEmptyString",
|
|
1379
|
+
# },
|
|
1380
|
+
# ],
|
|
1381
|
+
# parameter_apply_status: "NonEmptyString",
|
|
1382
|
+
# parameter_group_name: "NonEmptyString",
|
|
1383
|
+
# },
|
|
1384
|
+
# ],
|
|
1385
|
+
# cluster_public_key: "NonEmptyString",
|
|
1386
|
+
# cluster_revision_number: "NonEmptyString",
|
|
1387
|
+
# cluster_security_groups: [
|
|
1388
|
+
# {
|
|
1389
|
+
# cluster_security_group_name: "NonEmptyString",
|
|
1390
|
+
# status: "NonEmptyString",
|
|
1391
|
+
# },
|
|
1392
|
+
# ],
|
|
1393
|
+
# cluster_snapshot_copy_status: {
|
|
1394
|
+
# destination_region: "NonEmptyString",
|
|
1395
|
+
# manual_snapshot_retention_period: 1,
|
|
1396
|
+
# retention_period: 1,
|
|
1397
|
+
# snapshot_copy_grant_name: "NonEmptyString",
|
|
1398
|
+
# },
|
|
1399
|
+
# cluster_status: "NonEmptyString",
|
|
1400
|
+
# cluster_subnet_group_name: "NonEmptyString",
|
|
1401
|
+
# cluster_version: "NonEmptyString",
|
|
1402
|
+
# db_name: "NonEmptyString",
|
|
1403
|
+
# deferred_maintenance_windows: [
|
|
1404
|
+
# {
|
|
1405
|
+
# defer_maintenance_end_time: "NonEmptyString",
|
|
1406
|
+
# defer_maintenance_identifier: "NonEmptyString",
|
|
1407
|
+
# defer_maintenance_start_time: "NonEmptyString",
|
|
1408
|
+
# },
|
|
1409
|
+
# ],
|
|
1410
|
+
# elastic_ip_status: {
|
|
1411
|
+
# elastic_ip: "NonEmptyString",
|
|
1412
|
+
# status: "NonEmptyString",
|
|
1413
|
+
# },
|
|
1414
|
+
# elastic_resize_number_of_node_options: "NonEmptyString",
|
|
1415
|
+
# encrypted: false,
|
|
1416
|
+
# endpoint: {
|
|
1417
|
+
# address: "NonEmptyString",
|
|
1418
|
+
# port: 1,
|
|
1419
|
+
# },
|
|
1420
|
+
# enhanced_vpc_routing: false,
|
|
1421
|
+
# expected_next_snapshot_schedule_time: "NonEmptyString",
|
|
1422
|
+
# expected_next_snapshot_schedule_time_status: "NonEmptyString",
|
|
1423
|
+
# hsm_status: {
|
|
1424
|
+
# hsm_client_certificate_identifier: "NonEmptyString",
|
|
1425
|
+
# hsm_configuration_identifier: "NonEmptyString",
|
|
1426
|
+
# status: "NonEmptyString",
|
|
1427
|
+
# },
|
|
1428
|
+
# iam_roles: [
|
|
1429
|
+
# {
|
|
1430
|
+
# apply_status: "NonEmptyString",
|
|
1431
|
+
# iam_role_arn: "NonEmptyString",
|
|
1432
|
+
# },
|
|
1433
|
+
# ],
|
|
1434
|
+
# kms_key_id: "NonEmptyString",
|
|
1435
|
+
# maintenance_track_name: "NonEmptyString",
|
|
1436
|
+
# manual_snapshot_retention_period: 1,
|
|
1437
|
+
# master_username: "NonEmptyString",
|
|
1438
|
+
# next_maintenance_window_start_time: "NonEmptyString",
|
|
1439
|
+
# node_type: "NonEmptyString",
|
|
1440
|
+
# number_of_nodes: 1,
|
|
1441
|
+
# pending_actions: ["NonEmptyString"],
|
|
1442
|
+
# pending_modified_values: {
|
|
1443
|
+
# automated_snapshot_retention_period: 1,
|
|
1444
|
+
# cluster_identifier: "NonEmptyString",
|
|
1445
|
+
# cluster_type: "NonEmptyString",
|
|
1446
|
+
# cluster_version: "NonEmptyString",
|
|
1447
|
+
# encryption_type: "NonEmptyString",
|
|
1448
|
+
# enhanced_vpc_routing: false,
|
|
1449
|
+
# maintenance_track_name: "NonEmptyString",
|
|
1450
|
+
# master_user_password: "NonEmptyString",
|
|
1451
|
+
# node_type: "NonEmptyString",
|
|
1452
|
+
# number_of_nodes: 1,
|
|
1453
|
+
# publicly_accessible: false,
|
|
1454
|
+
# },
|
|
1455
|
+
# preferred_maintenance_window: "NonEmptyString",
|
|
1456
|
+
# publicly_accessible: false,
|
|
1457
|
+
# resize_info: {
|
|
1458
|
+
# allow_cancel_resize: false,
|
|
1459
|
+
# resize_type: "NonEmptyString",
|
|
1460
|
+
# },
|
|
1461
|
+
# restore_status: {
|
|
1462
|
+
# current_restore_rate_in_mega_bytes_per_second: 1.0,
|
|
1463
|
+
# elapsed_time_in_seconds: 1,
|
|
1464
|
+
# estimated_time_to_completion_in_seconds: 1,
|
|
1465
|
+
# progress_in_mega_bytes: 1,
|
|
1466
|
+
# snapshot_size_in_mega_bytes: 1,
|
|
1467
|
+
# status: "NonEmptyString",
|
|
1468
|
+
# },
|
|
1469
|
+
# snapshot_schedule_identifier: "NonEmptyString",
|
|
1470
|
+
# snapshot_schedule_state: "NonEmptyString",
|
|
1471
|
+
# vpc_id: "NonEmptyString",
|
|
1472
|
+
# vpc_security_groups: [
|
|
1473
|
+
# {
|
|
1474
|
+
# status: "NonEmptyString",
|
|
1475
|
+
# vpc_security_group_id: "NonEmptyString",
|
|
1476
|
+
# },
|
|
1477
|
+
# ],
|
|
1478
|
+
# },
|
|
1479
|
+
# aws_elb_load_balancer: {
|
|
1480
|
+
# availability_zones: ["NonEmptyString"],
|
|
1481
|
+
# backend_server_descriptions: [
|
|
1482
|
+
# {
|
|
1483
|
+
# instance_port: 1,
|
|
1484
|
+
# policy_names: ["NonEmptyString"],
|
|
1485
|
+
# },
|
|
1486
|
+
# ],
|
|
1487
|
+
# canonical_hosted_zone_name: "NonEmptyString",
|
|
1488
|
+
# canonical_hosted_zone_name_id: "NonEmptyString",
|
|
1489
|
+
# created_time: "NonEmptyString",
|
|
1490
|
+
# dns_name: "NonEmptyString",
|
|
1491
|
+
# health_check: {
|
|
1492
|
+
# healthy_threshold: 1,
|
|
1493
|
+
# interval: 1,
|
|
1494
|
+
# target: "NonEmptyString",
|
|
1495
|
+
# timeout: 1,
|
|
1496
|
+
# unhealthy_threshold: 1,
|
|
1497
|
+
# },
|
|
1498
|
+
# instances: [
|
|
1499
|
+
# {
|
|
1500
|
+
# instance_id: "NonEmptyString",
|
|
1501
|
+
# },
|
|
1502
|
+
# ],
|
|
1503
|
+
# listener_descriptions: [
|
|
1504
|
+
# {
|
|
1505
|
+
# listener: {
|
|
1506
|
+
# instance_port: 1,
|
|
1507
|
+
# instance_protocol: "NonEmptyString",
|
|
1508
|
+
# load_balancer_port: 1,
|
|
1509
|
+
# protocol: "NonEmptyString",
|
|
1510
|
+
# ssl_certificate_id: "NonEmptyString",
|
|
1511
|
+
# },
|
|
1512
|
+
# policy_names: ["NonEmptyString"],
|
|
1513
|
+
# },
|
|
1514
|
+
# ],
|
|
1515
|
+
# load_balancer_attributes: {
|
|
1516
|
+
# access_log: {
|
|
1517
|
+
# emit_interval: 1,
|
|
1518
|
+
# enabled: false,
|
|
1519
|
+
# s3_bucket_name: "NonEmptyString",
|
|
1520
|
+
# s3_bucket_prefix: "NonEmptyString",
|
|
1521
|
+
# },
|
|
1522
|
+
# connection_draining: {
|
|
1523
|
+
# enabled: false,
|
|
1524
|
+
# timeout: 1,
|
|
1525
|
+
# },
|
|
1526
|
+
# connection_settings: {
|
|
1527
|
+
# idle_timeout: 1,
|
|
1528
|
+
# },
|
|
1529
|
+
# cross_zone_load_balancing: {
|
|
1530
|
+
# enabled: false,
|
|
1531
|
+
# },
|
|
1532
|
+
# },
|
|
1533
|
+
# load_balancer_name: "NonEmptyString",
|
|
1534
|
+
# policies: {
|
|
1535
|
+
# app_cookie_stickiness_policies: [
|
|
1536
|
+
# {
|
|
1537
|
+
# cookie_name: "NonEmptyString",
|
|
1538
|
+
# policy_name: "NonEmptyString",
|
|
1539
|
+
# },
|
|
1540
|
+
# ],
|
|
1541
|
+
# lb_cookie_stickiness_policies: [
|
|
1542
|
+
# {
|
|
1543
|
+
# cookie_expiration_period: 1,
|
|
1544
|
+
# policy_name: "NonEmptyString",
|
|
1545
|
+
# },
|
|
1546
|
+
# ],
|
|
1547
|
+
# other_policies: ["NonEmptyString"],
|
|
1548
|
+
# },
|
|
1549
|
+
# scheme: "NonEmptyString",
|
|
1550
|
+
# security_groups: ["NonEmptyString"],
|
|
1551
|
+
# source_security_group: {
|
|
1552
|
+
# group_name: "NonEmptyString",
|
|
1553
|
+
# owner_alias: "NonEmptyString",
|
|
1554
|
+
# },
|
|
1555
|
+
# subnets: ["NonEmptyString"],
|
|
1556
|
+
# vpc_id: "NonEmptyString",
|
|
1557
|
+
# },
|
|
1558
|
+
# aws_iam_group: {
|
|
1559
|
+
# attached_managed_policies: [
|
|
1560
|
+
# {
|
|
1561
|
+
# policy_name: "NonEmptyString",
|
|
1562
|
+
# policy_arn: "NonEmptyString",
|
|
1563
|
+
# },
|
|
1564
|
+
# ],
|
|
1565
|
+
# create_date: "NonEmptyString",
|
|
1566
|
+
# group_id: "NonEmptyString",
|
|
1567
|
+
# group_name: "NonEmptyString",
|
|
1568
|
+
# group_policy_list: [
|
|
1569
|
+
# {
|
|
1570
|
+
# policy_name: "NonEmptyString",
|
|
1571
|
+
# },
|
|
1572
|
+
# ],
|
|
1573
|
+
# path: "NonEmptyString",
|
|
1574
|
+
# },
|
|
1078
1575
|
# aws_iam_role: {
|
|
1079
1576
|
# assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument",
|
|
1577
|
+
# attached_managed_policies: [
|
|
1578
|
+
# {
|
|
1579
|
+
# policy_name: "NonEmptyString",
|
|
1580
|
+
# policy_arn: "NonEmptyString",
|
|
1581
|
+
# },
|
|
1582
|
+
# ],
|
|
1080
1583
|
# create_date: "NonEmptyString",
|
|
1584
|
+
# instance_profile_list: [
|
|
1585
|
+
# {
|
|
1586
|
+
# arn: "NonEmptyString",
|
|
1587
|
+
# create_date: "NonEmptyString",
|
|
1588
|
+
# instance_profile_id: "NonEmptyString",
|
|
1589
|
+
# instance_profile_name: "NonEmptyString",
|
|
1590
|
+
# path: "NonEmptyString",
|
|
1591
|
+
# roles: [
|
|
1592
|
+
# {
|
|
1593
|
+
# arn: "NonEmptyString",
|
|
1594
|
+
# assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument",
|
|
1595
|
+
# create_date: "NonEmptyString",
|
|
1596
|
+
# path: "NonEmptyString",
|
|
1597
|
+
# role_id: "NonEmptyString",
|
|
1598
|
+
# role_name: "NonEmptyString",
|
|
1599
|
+
# },
|
|
1600
|
+
# ],
|
|
1601
|
+
# },
|
|
1602
|
+
# ],
|
|
1603
|
+
# permissions_boundary: {
|
|
1604
|
+
# permissions_boundary_arn: "NonEmptyString",
|
|
1605
|
+
# permissions_boundary_type: "NonEmptyString",
|
|
1606
|
+
# },
|
|
1081
1607
|
# role_id: "NonEmptyString",
|
|
1082
1608
|
# role_name: "NonEmptyString",
|
|
1609
|
+
# role_policy_list: [
|
|
1610
|
+
# {
|
|
1611
|
+
# policy_name: "NonEmptyString",
|
|
1612
|
+
# },
|
|
1613
|
+
# ],
|
|
1083
1614
|
# max_session_duration: 1,
|
|
1084
1615
|
# path: "NonEmptyString",
|
|
1085
1616
|
# },
|
|
@@ -1533,6 +2064,114 @@ module Aws::SecurityHub
|
|
|
1533
2064
|
# reboot_option: "NonEmptyString",
|
|
1534
2065
|
# operation: "NonEmptyString",
|
|
1535
2066
|
# },
|
|
2067
|
+
# action: {
|
|
2068
|
+
# action_type: "NonEmptyString",
|
|
2069
|
+
# network_connection_action: {
|
|
2070
|
+
# connection_direction: "NonEmptyString",
|
|
2071
|
+
# remote_ip_details: {
|
|
2072
|
+
# ip_address_v4: "NonEmptyString",
|
|
2073
|
+
# organization: {
|
|
2074
|
+
# asn: 1,
|
|
2075
|
+
# asn_org: "NonEmptyString",
|
|
2076
|
+
# isp: "NonEmptyString",
|
|
2077
|
+
# org: "NonEmptyString",
|
|
2078
|
+
# },
|
|
2079
|
+
# country: {
|
|
2080
|
+
# country_code: "NonEmptyString",
|
|
2081
|
+
# country_name: "NonEmptyString",
|
|
2082
|
+
# },
|
|
2083
|
+
# city: {
|
|
2084
|
+
# city_name: "NonEmptyString",
|
|
2085
|
+
# },
|
|
2086
|
+
# geo_location: {
|
|
2087
|
+
# lon: 1.0,
|
|
2088
|
+
# lat: 1.0,
|
|
2089
|
+
# },
|
|
2090
|
+
# },
|
|
2091
|
+
# remote_port_details: {
|
|
2092
|
+
# port: 1,
|
|
2093
|
+
# port_name: "NonEmptyString",
|
|
2094
|
+
# },
|
|
2095
|
+
# local_port_details: {
|
|
2096
|
+
# port: 1,
|
|
2097
|
+
# port_name: "NonEmptyString",
|
|
2098
|
+
# },
|
|
2099
|
+
# protocol: "NonEmptyString",
|
|
2100
|
+
# blocked: false,
|
|
2101
|
+
# },
|
|
2102
|
+
# aws_api_call_action: {
|
|
2103
|
+
# api: "NonEmptyString",
|
|
2104
|
+
# service_name: "NonEmptyString",
|
|
2105
|
+
# caller_type: "NonEmptyString",
|
|
2106
|
+
# remote_ip_details: {
|
|
2107
|
+
# ip_address_v4: "NonEmptyString",
|
|
2108
|
+
# organization: {
|
|
2109
|
+
# asn: 1,
|
|
2110
|
+
# asn_org: "NonEmptyString",
|
|
2111
|
+
# isp: "NonEmptyString",
|
|
2112
|
+
# org: "NonEmptyString",
|
|
2113
|
+
# },
|
|
2114
|
+
# country: {
|
|
2115
|
+
# country_code: "NonEmptyString",
|
|
2116
|
+
# country_name: "NonEmptyString",
|
|
2117
|
+
# },
|
|
2118
|
+
# city: {
|
|
2119
|
+
# city_name: "NonEmptyString",
|
|
2120
|
+
# },
|
|
2121
|
+
# geo_location: {
|
|
2122
|
+
# lon: 1.0,
|
|
2123
|
+
# lat: 1.0,
|
|
2124
|
+
# },
|
|
2125
|
+
# },
|
|
2126
|
+
# domain_details: {
|
|
2127
|
+
# domain: "NonEmptyString",
|
|
2128
|
+
# },
|
|
2129
|
+
# affected_resources: {
|
|
2130
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
2131
|
+
# },
|
|
2132
|
+
# first_seen: "NonEmptyString",
|
|
2133
|
+
# last_seen: "NonEmptyString",
|
|
2134
|
+
# },
|
|
2135
|
+
# dns_request_action: {
|
|
2136
|
+
# domain: "NonEmptyString",
|
|
2137
|
+
# protocol: "NonEmptyString",
|
|
2138
|
+
# blocked: false,
|
|
2139
|
+
# },
|
|
2140
|
+
# port_probe_action: {
|
|
2141
|
+
# port_probe_details: [
|
|
2142
|
+
# {
|
|
2143
|
+
# local_port_details: {
|
|
2144
|
+
# port: 1,
|
|
2145
|
+
# port_name: "NonEmptyString",
|
|
2146
|
+
# },
|
|
2147
|
+
# local_ip_details: {
|
|
2148
|
+
# ip_address_v4: "NonEmptyString",
|
|
2149
|
+
# },
|
|
2150
|
+
# remote_ip_details: {
|
|
2151
|
+
# ip_address_v4: "NonEmptyString",
|
|
2152
|
+
# organization: {
|
|
2153
|
+
# asn: 1,
|
|
2154
|
+
# asn_org: "NonEmptyString",
|
|
2155
|
+
# isp: "NonEmptyString",
|
|
2156
|
+
# org: "NonEmptyString",
|
|
2157
|
+
# },
|
|
2158
|
+
# country: {
|
|
2159
|
+
# country_code: "NonEmptyString",
|
|
2160
|
+
# country_name: "NonEmptyString",
|
|
2161
|
+
# },
|
|
2162
|
+
# city: {
|
|
2163
|
+
# city_name: "NonEmptyString",
|
|
2164
|
+
# },
|
|
2165
|
+
# geo_location: {
|
|
2166
|
+
# lon: 1.0,
|
|
2167
|
+
# lat: 1.0,
|
|
2168
|
+
# },
|
|
2169
|
+
# },
|
|
2170
|
+
# },
|
|
2171
|
+
# ],
|
|
2172
|
+
# blocked: false,
|
|
2173
|
+
# },
|
|
2174
|
+
# },
|
|
1536
2175
|
# },
|
|
1537
2176
|
# ],
|
|
1538
2177
|
# })
|
|
@@ -1564,8 +2203,8 @@ module Aws::SecurityHub
|
|
|
1564
2203
|
# Updates from `BatchUpdateFindings` do not affect the value of
|
|
1565
2204
|
# `UpdatedAt` for a finding.
|
|
1566
2205
|
#
|
|
1567
|
-
# Master accounts can use `BatchUpdateFindings` to update the
|
|
1568
|
-
# finding fields and objects.
|
|
2206
|
+
# Master and member accounts can use `BatchUpdateFindings` to update the
|
|
2207
|
+
# following finding fields and objects.
|
|
1569
2208
|
#
|
|
1570
2209
|
# * `Confidence`
|
|
1571
2210
|
#
|
|
@@ -1585,8 +2224,15 @@ module Aws::SecurityHub
|
|
|
1585
2224
|
#
|
|
1586
2225
|
# * `Workflow`
|
|
1587
2226
|
#
|
|
1588
|
-
#
|
|
1589
|
-
#
|
|
2227
|
+
# You can configure IAM policies to restrict access to fields and field
|
|
2228
|
+
# values. For example, you might not want member accounts to be able to
|
|
2229
|
+
# suppress findings or change the finding severity. See [Configuring
|
|
2230
|
+
# access to BatchUpdateFindings][1] in the *AWS Security Hub User
|
|
2231
|
+
# Guide*.
|
|
2232
|
+
#
|
|
2233
|
+
#
|
|
2234
|
+
#
|
|
2235
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/finding-update-batchupdatefindings.html#batchupdatefindings-configure-access
|
|
1590
2236
|
#
|
|
1591
2237
|
# @option params [required, Array<Types::AwsSecurityFindingIdentifier>] :finding_identifiers
|
|
1592
2238
|
# The list of findings to update. `BatchUpdateFindings` can be used to
|
|
@@ -2362,29 +3008,48 @@ module Aws::SecurityHub
|
|
|
2362
3008
|
|
|
2363
3009
|
# Creates a member association in Security Hub between the specified
|
|
2364
3010
|
# accounts and the account used to make the request, which is the master
|
|
2365
|
-
# account.
|
|
2366
|
-
#
|
|
2367
|
-
#
|
|
3011
|
+
# account. If you are integrated with Organizations, then the master
|
|
3012
|
+
# account is the Security Hub administrator account that is designated
|
|
3013
|
+
# by the organization management account.
|
|
3014
|
+
#
|
|
3015
|
+
# `CreateMembers` is always used to add accounts that are not
|
|
3016
|
+
# organization members.
|
|
3017
|
+
#
|
|
3018
|
+
# For accounts that are part of an organization, `CreateMembers` is only
|
|
3019
|
+
# used in the following cases:
|
|
2368
3020
|
#
|
|
2369
|
-
#
|
|
2370
|
-
#
|
|
2371
|
-
# the accounts to enable Security Hub and become member accounts in
|
|
2372
|
-
# Security Hub.
|
|
3021
|
+
# * Security Hub is not configured to automatically add new accounts in
|
|
3022
|
+
# an organization.
|
|
2373
3023
|
#
|
|
2374
|
-
#
|
|
2375
|
-
#
|
|
2376
|
-
#
|
|
2377
|
-
#
|
|
2378
|
-
#
|
|
3024
|
+
# * The account was disassociated or deleted in Security Hub.
|
|
3025
|
+
#
|
|
3026
|
+
# This action can only be used by an account that has Security Hub
|
|
3027
|
+
# enabled. To enable Security Hub, you can use the ` EnableSecurityHub `
|
|
3028
|
+
# operation.
|
|
3029
|
+
#
|
|
3030
|
+
# For accounts that are not organization members, you create the account
|
|
3031
|
+
# association and then send an invitation to the member account. To send
|
|
3032
|
+
# the invitation, you use the ` InviteMembers ` operation. If the
|
|
3033
|
+
# account owner accepts the invitation, the account becomes a member
|
|
3034
|
+
# account in Security Hub.
|
|
3035
|
+
#
|
|
3036
|
+
# Accounts that are part of an organization do not receive an
|
|
3037
|
+
# invitation. They automatically become a member account in Security
|
|
3038
|
+
# Hub.
|
|
3039
|
+
#
|
|
3040
|
+
# A permissions policy is added that permits the master account to view
|
|
3041
|
+
# the findings generated in the member account. When Security Hub is
|
|
3042
|
+
# enabled in a member account, findings are sent to both the member and
|
|
3043
|
+
# master accounts.
|
|
2379
3044
|
#
|
|
2380
3045
|
# To remove the association between the master and member accounts, use
|
|
2381
3046
|
# the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
|
|
2382
3047
|
# operation.
|
|
2383
3048
|
#
|
|
2384
|
-
# @option params [Array<Types::AccountDetails>] :account_details
|
|
3049
|
+
# @option params [required, Array<Types::AccountDetails>] :account_details
|
|
2385
3050
|
# The list of accounts to associate with the Security Hub master
|
|
2386
|
-
# account. For each account, the list includes the account ID and
|
|
2387
|
-
# email address.
|
|
3051
|
+
# account. For each account, the list includes the account ID and
|
|
3052
|
+
# optionally the email address.
|
|
2388
3053
|
#
|
|
2389
3054
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2390
3055
|
#
|
|
@@ -2393,9 +3058,9 @@ module Aws::SecurityHub
|
|
|
2393
3058
|
# @example Request syntax with placeholder values
|
|
2394
3059
|
#
|
|
2395
3060
|
# resp = client.create_members({
|
|
2396
|
-
# account_details: [
|
|
3061
|
+
# account_details: [ # required
|
|
2397
3062
|
# {
|
|
2398
|
-
# account_id: "AccountId",
|
|
3063
|
+
# account_id: "AccountId", # required
|
|
2399
3064
|
# email: "NonEmptyString",
|
|
2400
3065
|
# },
|
|
2401
3066
|
# ],
|
|
@@ -2418,6 +3083,9 @@ module Aws::SecurityHub
|
|
|
2418
3083
|
|
|
2419
3084
|
# Declines invitations to become a member account.
|
|
2420
3085
|
#
|
|
3086
|
+
# This operation is only used by accounts that are not part of an
|
|
3087
|
+
# organization. Organization accounts do not receive invitations.
|
|
3088
|
+
#
|
|
2421
3089
|
# @option params [required, Array<String>] :account_ids
|
|
2422
3090
|
# The list of account IDs for the accounts from which to decline the
|
|
2423
3091
|
# invitations to Security Hub.
|
|
@@ -2510,6 +3178,9 @@ module Aws::SecurityHub
|
|
|
2510
3178
|
# Deletes invitations received by the AWS account to become a member
|
|
2511
3179
|
# account.
|
|
2512
3180
|
#
|
|
3181
|
+
# This operation is only used by accounts that are not part of an
|
|
3182
|
+
# organization. Organization accounts do not receive invitations.
|
|
3183
|
+
#
|
|
2513
3184
|
# @option params [required, Array<String>] :account_ids
|
|
2514
3185
|
# The list of the account IDs that sent the invitations to delete.
|
|
2515
3186
|
#
|
|
@@ -2540,7 +3211,10 @@ module Aws::SecurityHub
|
|
|
2540
3211
|
|
|
2541
3212
|
# Deletes the specified member accounts from Security Hub.
|
|
2542
3213
|
#
|
|
2543
|
-
#
|
|
3214
|
+
# Can be used to delete member accounts that belong to an organization
|
|
3215
|
+
# as well as member accounts that were invited manually.
|
|
3216
|
+
#
|
|
3217
|
+
# @option params [required, Array<String>] :account_ids
|
|
2544
3218
|
# The list of account IDs for the member accounts to delete.
|
|
2545
3219
|
#
|
|
2546
3220
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
@@ -2550,7 +3224,7 @@ module Aws::SecurityHub
|
|
|
2550
3224
|
# @example Request syntax with placeholder values
|
|
2551
3225
|
#
|
|
2552
3226
|
# resp = client.delete_members({
|
|
2553
|
-
# account_ids: ["NonEmptyString"],
|
|
3227
|
+
# account_ids: ["NonEmptyString"], # required
|
|
2554
3228
|
# })
|
|
2555
3229
|
#
|
|
2556
3230
|
# @example Response structure
|
|
@@ -2652,6 +3326,28 @@ module Aws::SecurityHub
|
|
|
2652
3326
|
req.send_request(options)
|
|
2653
3327
|
end
|
|
2654
3328
|
|
|
3329
|
+
# Returns information about the Organizations configuration for Security
|
|
3330
|
+
# Hub. Can only be called from a Security Hub administrator account.
|
|
3331
|
+
#
|
|
3332
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3333
|
+
#
|
|
3334
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
3335
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
3336
|
+
#
|
|
3337
|
+
# @example Response structure
|
|
3338
|
+
#
|
|
3339
|
+
# resp.auto_enable #=> Boolean
|
|
3340
|
+
# resp.member_account_limit_reached #=> Boolean
|
|
3341
|
+
#
|
|
3342
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
|
3343
|
+
#
|
|
3344
|
+
# @overload describe_organization_configuration(params = {})
|
|
3345
|
+
# @param [Hash] params ({})
|
|
3346
|
+
def describe_organization_configuration(params = {}, options = {})
|
|
3347
|
+
req = build_request(:describe_organization_configuration, params)
|
|
3348
|
+
req.send_request(options)
|
|
3349
|
+
end
|
|
3350
|
+
|
|
2655
3351
|
# Returns information about the available products that you can
|
|
2656
3352
|
# subscribe to and integrate with Security Hub in order to consolidate
|
|
2657
3353
|
# findings.
|
|
@@ -2764,7 +3460,8 @@ module Aws::SecurityHub
|
|
|
2764
3460
|
#
|
|
2765
3461
|
# @option params [required, String] :standards_subscription_arn
|
|
2766
3462
|
# The ARN of a resource that represents your subscription to a supported
|
|
2767
|
-
# standard.
|
|
3463
|
+
# standard. To get the subscription ARNs of the standards you have
|
|
3464
|
+
# enabled, use the ` GetEnabledStandards ` operation.
|
|
2768
3465
|
#
|
|
2769
3466
|
# @option params [String] :next_token
|
|
2770
3467
|
# The token that is required for pagination. On your first call to the
|
|
@@ -2842,6 +3539,29 @@ module Aws::SecurityHub
|
|
|
2842
3539
|
req.send_request(options)
|
|
2843
3540
|
end
|
|
2844
3541
|
|
|
3542
|
+
# Disables a Security Hub administrator account. Can only be called by
|
|
3543
|
+
# the organization management account.
|
|
3544
|
+
#
|
|
3545
|
+
# @option params [required, String] :admin_account_id
|
|
3546
|
+
# The AWS account identifier of the Security Hub administrator account.
|
|
3547
|
+
#
|
|
3548
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3549
|
+
#
|
|
3550
|
+
# @example Request syntax with placeholder values
|
|
3551
|
+
#
|
|
3552
|
+
# resp = client.disable_organization_admin_account({
|
|
3553
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3554
|
+
# })
|
|
3555
|
+
#
|
|
3556
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
|
3557
|
+
#
|
|
3558
|
+
# @overload disable_organization_admin_account(params = {})
|
|
3559
|
+
# @param [Hash] params ({})
|
|
3560
|
+
def disable_organization_admin_account(params = {}, options = {})
|
|
3561
|
+
req = build_request(:disable_organization_admin_account, params)
|
|
3562
|
+
req.send_request(options)
|
|
3563
|
+
end
|
|
3564
|
+
|
|
2845
3565
|
# Disables Security Hub in your account only in the current Region. To
|
|
2846
3566
|
# disable Security Hub in all Regions, you must submit one request per
|
|
2847
3567
|
# Region where you have enabled Security Hub.
|
|
@@ -2871,6 +3591,11 @@ module Aws::SecurityHub
|
|
|
2871
3591
|
# Disassociates the current Security Hub member account from the
|
|
2872
3592
|
# associated master account.
|
|
2873
3593
|
#
|
|
3594
|
+
# This operation is only used by accounts that are not part of an
|
|
3595
|
+
# organization. For organization accounts, only the master account (the
|
|
3596
|
+
# designated Security Hub administrator) can disassociate a member
|
|
3597
|
+
# account.
|
|
3598
|
+
#
|
|
2874
3599
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
2875
3600
|
#
|
|
2876
3601
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccount AWS API Documentation
|
|
@@ -2885,7 +3610,10 @@ module Aws::SecurityHub
|
|
|
2885
3610
|
# Disassociates the specified member accounts from the associated master
|
|
2886
3611
|
# account.
|
|
2887
3612
|
#
|
|
2888
|
-
#
|
|
3613
|
+
# Can be used to disassociate both accounts that are in an organization
|
|
3614
|
+
# and accounts that were invited manually.
|
|
3615
|
+
#
|
|
3616
|
+
# @option params [required, Array<String>] :account_ids
|
|
2889
3617
|
# The account IDs of the member accounts to disassociate from the master
|
|
2890
3618
|
# account.
|
|
2891
3619
|
#
|
|
@@ -2894,7 +3622,7 @@ module Aws::SecurityHub
|
|
|
2894
3622
|
# @example Request syntax with placeholder values
|
|
2895
3623
|
#
|
|
2896
3624
|
# resp = client.disassociate_members({
|
|
2897
|
-
# account_ids: ["NonEmptyString"],
|
|
3625
|
+
# account_ids: ["NonEmptyString"], # required
|
|
2898
3626
|
# })
|
|
2899
3627
|
#
|
|
2900
3628
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembers AWS API Documentation
|
|
@@ -2939,6 +3667,30 @@ module Aws::SecurityHub
|
|
|
2939
3667
|
req.send_request(options)
|
|
2940
3668
|
end
|
|
2941
3669
|
|
|
3670
|
+
# Designates the Security Hub administrator account for an organization.
|
|
3671
|
+
# Can only be called by the organization management account.
|
|
3672
|
+
#
|
|
3673
|
+
# @option params [required, String] :admin_account_id
|
|
3674
|
+
# The AWS account identifier of the account to designate as the Security
|
|
3675
|
+
# Hub administrator account.
|
|
3676
|
+
#
|
|
3677
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3678
|
+
#
|
|
3679
|
+
# @example Request syntax with placeholder values
|
|
3680
|
+
#
|
|
3681
|
+
# resp = client.enable_organization_admin_account({
|
|
3682
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3683
|
+
# })
|
|
3684
|
+
#
|
|
3685
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
|
3686
|
+
#
|
|
3687
|
+
# @overload enable_organization_admin_account(params = {})
|
|
3688
|
+
# @param [Hash] params ({})
|
|
3689
|
+
def enable_organization_admin_account(params = {}, options = {})
|
|
3690
|
+
req = build_request(:enable_organization_admin_account, params)
|
|
3691
|
+
req.send_request(options)
|
|
3692
|
+
end
|
|
3693
|
+
|
|
2942
3694
|
# Enables Security Hub for your account in the current Region or the
|
|
2943
3695
|
# Region you specify in the request.
|
|
2944
3696
|
#
|
|
@@ -3058,6 +3810,9 @@ module Aws::SecurityHub
|
|
|
3058
3810
|
# The finding attributes used to define a condition to filter the
|
|
3059
3811
|
# returned findings.
|
|
3060
3812
|
#
|
|
3813
|
+
# You can filter by up to 10 finding attributes. For each attribute, you
|
|
3814
|
+
# can provide up to 20 filter values.
|
|
3815
|
+
#
|
|
3061
3816
|
# Note that in the available filter fields, `WorkflowState` is
|
|
3062
3817
|
# deprecated. To search for a finding based on its workflow status, use
|
|
3063
3818
|
# `WorkflowStatus`.
|
|
@@ -3741,6 +4496,7 @@ module Aws::SecurityHub
|
|
|
3741
4496
|
# resp.findings[0].resources[0].id #=> String
|
|
3742
4497
|
# resp.findings[0].resources[0].partition #=> String, one of "aws", "aws-cn", "aws-us-gov"
|
|
3743
4498
|
# resp.findings[0].resources[0].region #=> String
|
|
4499
|
+
# resp.findings[0].resources[0].resource_role #=> String
|
|
3744
4500
|
# resp.findings[0].resources[0].tags #=> Hash
|
|
3745
4501
|
# resp.findings[0].resources[0].tags["NonEmptyString"] #=> String
|
|
3746
4502
|
# resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.launch_configuration_name #=> String
|
|
@@ -3766,6 +4522,10 @@ module Aws::SecurityHub
|
|
|
3766
4522
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.subnets[0] #=> String
|
|
3767
4523
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.security_group_ids #=> Array
|
|
3768
4524
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.security_group_ids[0] #=> String
|
|
4525
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.cache_behaviors.items #=> Array
|
|
4526
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.cache_behaviors.items[0].viewer_protocol_policy #=> String
|
|
4527
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.default_cache_behavior.viewer_protocol_policy #=> String
|
|
4528
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.default_root_object #=> String
|
|
3769
4529
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.domain_name #=> String
|
|
3770
4530
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.etag #=> String
|
|
3771
4531
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.last_modified_time #=> String
|
|
@@ -3777,6 +4537,11 @@ module Aws::SecurityHub
|
|
|
3777
4537
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origins.items[0].domain_name #=> String
|
|
3778
4538
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origins.items[0].id #=> String
|
|
3779
4539
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origins.items[0].origin_path #=> String
|
|
4540
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origins.items[0].s3_origin_config.origin_access_identity #=> String
|
|
4541
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items #=> Array
|
|
4542
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.items #=> Array
|
|
4543
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.items[0] #=> Integer
|
|
4544
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.quantity #=> Integer
|
|
3780
4545
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.status #=> String
|
|
3781
4546
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.web_acl_id #=> String
|
|
3782
4547
|
# resp.findings[0].resources[0].details.aws_ec2_instance.type #=> String
|
|
@@ -3802,6 +4567,13 @@ module Aws::SecurityHub
|
|
|
3802
4567
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_name #=> String
|
|
3803
4568
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_id #=> String
|
|
3804
4569
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.source_dest_check #=> Boolean
|
|
4570
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses #=> Array
|
|
4571
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses[0].ip_v6_address #=> String
|
|
4572
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses #=> Array
|
|
4573
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_ip_address #=> String
|
|
4574
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_dns_name #=> String
|
|
4575
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_dns_name #=> String
|
|
4576
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_ip #=> String
|
|
3805
4577
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_name #=> String
|
|
3806
4578
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_id #=> String
|
|
3807
4579
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.owner_id #=> String
|
|
@@ -3930,6 +4702,15 @@ module Aws::SecurityHub
|
|
|
3930
4702
|
# resp.findings[0].resources[0].details.aws_iam_access_key.principal_id #=> String
|
|
3931
4703
|
# resp.findings[0].resources[0].details.aws_iam_access_key.principal_type #=> String
|
|
3932
4704
|
# resp.findings[0].resources[0].details.aws_iam_access_key.principal_name #=> String
|
|
4705
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.account_id #=> String
|
|
4706
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.access_key_id #=> String
|
|
4707
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.attributes.mfa_authenticated #=> Boolean
|
|
4708
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.attributes.creation_date #=> String
|
|
4709
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.session_issuer.type #=> String
|
|
4710
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.session_issuer.principal_id #=> String
|
|
4711
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.session_issuer.arn #=> String
|
|
4712
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.session_issuer.account_id #=> String
|
|
4713
|
+
# resp.findings[0].resources[0].details.aws_iam_access_key.session_context.session_issuer.user_name #=> String
|
|
3933
4714
|
# resp.findings[0].resources[0].details.aws_iam_user.attached_managed_policies #=> Array
|
|
3934
4715
|
# resp.findings[0].resources[0].details.aws_iam_user.attached_managed_policies[0].policy_name #=> String
|
|
3935
4716
|
# resp.findings[0].resources[0].details.aws_iam_user.attached_managed_policies[0].policy_arn #=> String
|
|
@@ -3957,6 +4738,47 @@ module Aws::SecurityHub
|
|
|
3957
4738
|
# resp.findings[0].resources[0].details.aws_iam_policy.policy_version_list[0].is_default_version #=> Boolean
|
|
3958
4739
|
# resp.findings[0].resources[0].details.aws_iam_policy.policy_version_list[0].create_date #=> String
|
|
3959
4740
|
# resp.findings[0].resources[0].details.aws_iam_policy.update_date #=> String
|
|
4741
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.created_date #=> String
|
|
4742
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.description #=> String
|
|
4743
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.default_route_settings.detailed_metrics_enabled #=> Boolean
|
|
4744
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.default_route_settings.logging_level #=> String
|
|
4745
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.default_route_settings.data_trace_enabled #=> Boolean
|
|
4746
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.default_route_settings.throttling_burst_limit #=> Integer
|
|
4747
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.default_route_settings.throttling_rate_limit #=> Float
|
|
4748
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.deployment_id #=> String
|
|
4749
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.last_updated_date #=> String
|
|
4750
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.route_settings.detailed_metrics_enabled #=> Boolean
|
|
4751
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.route_settings.logging_level #=> String
|
|
4752
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.route_settings.data_trace_enabled #=> Boolean
|
|
4753
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.route_settings.throttling_burst_limit #=> Integer
|
|
4754
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.route_settings.throttling_rate_limit #=> Float
|
|
4755
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.stage_name #=> String
|
|
4756
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.stage_variables #=> Hash
|
|
4757
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.stage_variables["NonEmptyString"] #=> String
|
|
4758
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.access_log_settings.format #=> String
|
|
4759
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.access_log_settings.destination_arn #=> String
|
|
4760
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.auto_deploy #=> Boolean
|
|
4761
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.last_deployment_status_message #=> String
|
|
4762
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_stage.api_gateway_managed #=> Boolean
|
|
4763
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.api_endpoint #=> String
|
|
4764
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.api_id #=> String
|
|
4765
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.api_key_selection_expression #=> String
|
|
4766
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.created_date #=> String
|
|
4767
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.description #=> String
|
|
4768
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.version #=> String
|
|
4769
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.name #=> String
|
|
4770
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.protocol_type #=> String
|
|
4771
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.route_selection_expression #=> String
|
|
4772
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_origins #=> Array
|
|
4773
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_origins[0] #=> String
|
|
4774
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_credentials #=> Boolean
|
|
4775
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.expose_headers #=> Array
|
|
4776
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.expose_headers[0] #=> String
|
|
4777
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.max_age #=> Integer
|
|
4778
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_methods #=> Array
|
|
4779
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_methods[0] #=> String
|
|
4780
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_headers #=> Array
|
|
4781
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_v2_api.cors_configuration.allow_headers[0] #=> String
|
|
3960
4782
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.attribute_definitions #=> Array
|
|
3961
4783
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.attribute_definitions[0].attribute_name #=> String
|
|
3962
4784
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.attribute_definitions[0].attribute_type #=> String
|
|
@@ -4025,10 +4847,301 @@ module Aws::SecurityHub
|
|
|
4025
4847
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.table_name #=> String
|
|
4026
4848
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.table_size_bytes #=> Integer
|
|
4027
4849
|
# resp.findings[0].resources[0].details.aws_dynamo_db_table.table_status #=> String
|
|
4850
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.deployment_id #=> String
|
|
4851
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.client_certificate_id #=> String
|
|
4852
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.stage_name #=> String
|
|
4853
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.description #=> String
|
|
4854
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.cache_cluster_enabled #=> Boolean
|
|
4855
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.cache_cluster_size #=> String
|
|
4856
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.cache_cluster_status #=> String
|
|
4857
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings #=> Array
|
|
4858
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].metrics_enabled #=> Boolean
|
|
4859
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].logging_level #=> String
|
|
4860
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].data_trace_enabled #=> Boolean
|
|
4861
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].throttling_burst_limit #=> Integer
|
|
4862
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].throttling_rate_limit #=> Float
|
|
4863
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].caching_enabled #=> Boolean
|
|
4864
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].cache_ttl_in_seconds #=> Integer
|
|
4865
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].cache_data_encrypted #=> Boolean
|
|
4866
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].require_authorization_for_cache_control #=> Boolean
|
|
4867
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].unauthorized_cache_control_header_strategy #=> String
|
|
4868
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].http_method #=> String
|
|
4869
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.method_settings[0].resource_path #=> String
|
|
4870
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.variables #=> Hash
|
|
4871
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.variables["NonEmptyString"] #=> String
|
|
4872
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.documentation_version #=> String
|
|
4873
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.access_log_settings.format #=> String
|
|
4874
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.access_log_settings.destination_arn #=> String
|
|
4875
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.canary_settings.percent_traffic #=> Float
|
|
4876
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.canary_settings.deployment_id #=> String
|
|
4877
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.canary_settings.stage_variable_overrides #=> Hash
|
|
4878
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.canary_settings.stage_variable_overrides["NonEmptyString"] #=> String
|
|
4879
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.canary_settings.use_stage_cache #=> Boolean
|
|
4880
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.tracing_enabled #=> Boolean
|
|
4881
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.created_date #=> String
|
|
4882
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.last_updated_date #=> String
|
|
4883
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_stage.web_acl_arn #=> String
|
|
4884
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.id #=> String
|
|
4885
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.name #=> String
|
|
4886
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.description #=> String
|
|
4887
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.created_date #=> String
|
|
4888
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.version #=> String
|
|
4889
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.binary_media_types #=> Array
|
|
4890
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.binary_media_types[0] #=> String
|
|
4891
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.minimum_compression_size #=> Integer
|
|
4892
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.api_key_source #=> String
|
|
4893
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.endpoint_configuration.types #=> Array
|
|
4894
|
+
# resp.findings[0].resources[0].details.aws_api_gateway_rest_api.endpoint_configuration.types[0] #=> String
|
|
4895
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.cloud_watch_logs_log_group_arn #=> String
|
|
4896
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.cloud_watch_logs_role_arn #=> String
|
|
4897
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.has_custom_event_selectors #=> Boolean
|
|
4898
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.home_region #=> String
|
|
4899
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.include_global_service_events #=> Boolean
|
|
4900
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.is_multi_region_trail #=> Boolean
|
|
4901
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.is_organization_trail #=> Boolean
|
|
4902
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.kms_key_id #=> String
|
|
4903
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.log_file_validation_enabled #=> Boolean
|
|
4904
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.name #=> String
|
|
4905
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.s3_bucket_name #=> String
|
|
4906
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.s3_key_prefix #=> String
|
|
4907
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_arn #=> String
|
|
4908
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_name #=> String
|
|
4909
|
+
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.trail_arn #=> String
|
|
4910
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.status #=> String
|
|
4911
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_critical_count #=> Integer
|
|
4912
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_high_count #=> Integer
|
|
4913
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_medium_count #=> Integer
|
|
4914
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.execution_type #=> String
|
|
4915
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_critical_count #=> Integer
|
|
4916
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_informational_count #=> Integer
|
|
4917
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_informational_count #=> Integer
|
|
4918
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_unspecified_count #=> Integer
|
|
4919
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_low_count #=> Integer
|
|
4920
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_high_count #=> Integer
|
|
4921
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_low_count #=> Integer
|
|
4922
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliance_type #=> String
|
|
4923
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_baseline_id #=> String
|
|
4924
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.overall_severity #=> String
|
|
4925
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_medium_count #=> Integer
|
|
4926
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_unspecified_count #=> Integer
|
|
4927
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_group #=> String
|
|
4928
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.certificate_authority_arn #=> String
|
|
4929
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.created_at #=> String
|
|
4930
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_name #=> String
|
|
4931
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options #=> Array
|
|
4932
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].domain_name #=> String
|
|
4933
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].resource_record.name #=> String
|
|
4934
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].resource_record.type #=> String
|
|
4935
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].resource_record.value #=> String
|
|
4936
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].validation_domain #=> String
|
|
4937
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].validation_emails #=> Array
|
|
4938
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].validation_emails[0] #=> String
|
|
4939
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].validation_method #=> String
|
|
4940
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_validation_options[0].validation_status #=> String
|
|
4941
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.extended_key_usages #=> Array
|
|
4942
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.extended_key_usages[0].name #=> String
|
|
4943
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.extended_key_usages[0].o_id #=> String
|
|
4944
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.failure_reason #=> String
|
|
4945
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.imported_at #=> String
|
|
4946
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.in_use_by #=> Array
|
|
4947
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.in_use_by[0] #=> String
|
|
4948
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.issued_at #=> String
|
|
4949
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.issuer #=> String
|
|
4950
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.key_algorithm #=> String
|
|
4951
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.key_usages #=> Array
|
|
4952
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.key_usages[0].name #=> String
|
|
4953
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.not_after #=> String
|
|
4954
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.not_before #=> String
|
|
4955
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.options.certificate_transparency_logging_preference #=> String
|
|
4956
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_eligibility #=> String
|
|
4957
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options #=> Array
|
|
4958
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].domain_name #=> String
|
|
4959
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].resource_record.name #=> String
|
|
4960
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].resource_record.type #=> String
|
|
4961
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].resource_record.value #=> String
|
|
4962
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].validation_domain #=> String
|
|
4963
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].validation_emails #=> Array
|
|
4964
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].validation_emails[0] #=> String
|
|
4965
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].validation_method #=> String
|
|
4966
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.domain_validation_options[0].validation_status #=> String
|
|
4967
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.renewal_status #=> String
|
|
4968
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.renewal_status_reason #=> String
|
|
4969
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.renewal_summary.updated_at #=> String
|
|
4970
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.serial #=> String
|
|
4971
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.signature_algorithm #=> String
|
|
4972
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.status #=> String
|
|
4973
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.subject #=> String
|
|
4974
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.subject_alternative_names #=> Array
|
|
4975
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.subject_alternative_names[0] #=> String
|
|
4976
|
+
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.type #=> String
|
|
4977
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.allow_version_upgrade #=> Boolean
|
|
4978
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.automated_snapshot_retention_period #=> Integer
|
|
4979
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.availability_zone #=> String
|
|
4980
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_availability_status #=> String
|
|
4981
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_create_time #=> String
|
|
4982
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_identifier #=> String
|
|
4983
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_nodes #=> Array
|
|
4984
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_nodes[0].node_role #=> String
|
|
4985
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_nodes[0].private_ip_address #=> String
|
|
4986
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_nodes[0].public_ip_address #=> String
|
|
4987
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups #=> Array
|
|
4988
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].cluster_parameter_status_list #=> Array
|
|
4989
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].cluster_parameter_status_list[0].parameter_name #=> String
|
|
4990
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].cluster_parameter_status_list[0].parameter_apply_status #=> String
|
|
4991
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].cluster_parameter_status_list[0].parameter_apply_error_description #=> String
|
|
4992
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].parameter_apply_status #=> String
|
|
4993
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_parameter_groups[0].parameter_group_name #=> String
|
|
4994
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_public_key #=> String
|
|
4995
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_revision_number #=> String
|
|
4996
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_security_groups #=> Array
|
|
4997
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_security_groups[0].cluster_security_group_name #=> String
|
|
4998
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_security_groups[0].status #=> String
|
|
4999
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_snapshot_copy_status.destination_region #=> String
|
|
5000
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_snapshot_copy_status.manual_snapshot_retention_period #=> Integer
|
|
5001
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_snapshot_copy_status.retention_period #=> Integer
|
|
5002
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_snapshot_copy_status.snapshot_copy_grant_name #=> String
|
|
5003
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_status #=> String
|
|
5004
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_subnet_group_name #=> String
|
|
5005
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.cluster_version #=> String
|
|
5006
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.db_name #=> String
|
|
5007
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.deferred_maintenance_windows #=> Array
|
|
5008
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.deferred_maintenance_windows[0].defer_maintenance_end_time #=> String
|
|
5009
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.deferred_maintenance_windows[0].defer_maintenance_identifier #=> String
|
|
5010
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.deferred_maintenance_windows[0].defer_maintenance_start_time #=> String
|
|
5011
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.elastic_ip_status.elastic_ip #=> String
|
|
5012
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.elastic_ip_status.status #=> String
|
|
5013
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.elastic_resize_number_of_node_options #=> String
|
|
5014
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.encrypted #=> Boolean
|
|
5015
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.endpoint.address #=> String
|
|
5016
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.endpoint.port #=> Integer
|
|
5017
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.enhanced_vpc_routing #=> Boolean
|
|
5018
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.expected_next_snapshot_schedule_time #=> String
|
|
5019
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.expected_next_snapshot_schedule_time_status #=> String
|
|
5020
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.hsm_status.hsm_client_certificate_identifier #=> String
|
|
5021
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.hsm_status.hsm_configuration_identifier #=> String
|
|
5022
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.hsm_status.status #=> String
|
|
5023
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.iam_roles #=> Array
|
|
5024
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.iam_roles[0].apply_status #=> String
|
|
5025
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.iam_roles[0].iam_role_arn #=> String
|
|
5026
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.kms_key_id #=> String
|
|
5027
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.maintenance_track_name #=> String
|
|
5028
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.manual_snapshot_retention_period #=> Integer
|
|
5029
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.master_username #=> String
|
|
5030
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.next_maintenance_window_start_time #=> String
|
|
5031
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.node_type #=> String
|
|
5032
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.number_of_nodes #=> Integer
|
|
5033
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_actions #=> Array
|
|
5034
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_actions[0] #=> String
|
|
5035
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.automated_snapshot_retention_period #=> Integer
|
|
5036
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.cluster_identifier #=> String
|
|
5037
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.cluster_type #=> String
|
|
5038
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.cluster_version #=> String
|
|
5039
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.encryption_type #=> String
|
|
5040
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.enhanced_vpc_routing #=> Boolean
|
|
5041
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.maintenance_track_name #=> String
|
|
5042
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.master_user_password #=> String
|
|
5043
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.node_type #=> String
|
|
5044
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.number_of_nodes #=> Integer
|
|
5045
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.pending_modified_values.publicly_accessible #=> Boolean
|
|
5046
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.preferred_maintenance_window #=> String
|
|
5047
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.publicly_accessible #=> Boolean
|
|
5048
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.resize_info.allow_cancel_resize #=> Boolean
|
|
5049
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.resize_info.resize_type #=> String
|
|
5050
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.current_restore_rate_in_mega_bytes_per_second #=> Float
|
|
5051
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.elapsed_time_in_seconds #=> Integer
|
|
5052
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.estimated_time_to_completion_in_seconds #=> Integer
|
|
5053
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.progress_in_mega_bytes #=> Integer
|
|
5054
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.snapshot_size_in_mega_bytes #=> Integer
|
|
5055
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.restore_status.status #=> String
|
|
5056
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.snapshot_schedule_identifier #=> String
|
|
5057
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.snapshot_schedule_state #=> String
|
|
5058
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.vpc_id #=> String
|
|
5059
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.vpc_security_groups #=> Array
|
|
5060
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.vpc_security_groups[0].status #=> String
|
|
5061
|
+
# resp.findings[0].resources[0].details.aws_redshift_cluster.vpc_security_groups[0].vpc_security_group_id #=> String
|
|
5062
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.availability_zones #=> Array
|
|
5063
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.availability_zones[0] #=> String
|
|
5064
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.backend_server_descriptions #=> Array
|
|
5065
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.backend_server_descriptions[0].instance_port #=> Integer
|
|
5066
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.backend_server_descriptions[0].policy_names #=> Array
|
|
5067
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.backend_server_descriptions[0].policy_names[0] #=> String
|
|
5068
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.canonical_hosted_zone_name #=> String
|
|
5069
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.canonical_hosted_zone_name_id #=> String
|
|
5070
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.created_time #=> String
|
|
5071
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.dns_name #=> String
|
|
5072
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.health_check.healthy_threshold #=> Integer
|
|
5073
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.health_check.interval #=> Integer
|
|
5074
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.health_check.target #=> String
|
|
5075
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.health_check.timeout #=> Integer
|
|
5076
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.health_check.unhealthy_threshold #=> Integer
|
|
5077
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.instances #=> Array
|
|
5078
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.instances[0].instance_id #=> String
|
|
5079
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions #=> Array
|
|
5080
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].listener.instance_port #=> Integer
|
|
5081
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].listener.instance_protocol #=> String
|
|
5082
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].listener.load_balancer_port #=> Integer
|
|
5083
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].listener.protocol #=> String
|
|
5084
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].listener.ssl_certificate_id #=> String
|
|
5085
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].policy_names #=> Array
|
|
5086
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.listener_descriptions[0].policy_names[0] #=> String
|
|
5087
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.access_log.emit_interval #=> Integer
|
|
5088
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.access_log.enabled #=> Boolean
|
|
5089
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.access_log.s3_bucket_name #=> String
|
|
5090
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.access_log.s3_bucket_prefix #=> String
|
|
5091
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.connection_draining.enabled #=> Boolean
|
|
5092
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.connection_draining.timeout #=> Integer
|
|
5093
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.connection_settings.idle_timeout #=> Integer
|
|
5094
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_attributes.cross_zone_load_balancing.enabled #=> Boolean
|
|
5095
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.load_balancer_name #=> String
|
|
5096
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.app_cookie_stickiness_policies #=> Array
|
|
5097
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.app_cookie_stickiness_policies[0].cookie_name #=> String
|
|
5098
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.app_cookie_stickiness_policies[0].policy_name #=> String
|
|
5099
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.lb_cookie_stickiness_policies #=> Array
|
|
5100
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.lb_cookie_stickiness_policies[0].cookie_expiration_period #=> Integer
|
|
5101
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.lb_cookie_stickiness_policies[0].policy_name #=> String
|
|
5102
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.other_policies #=> Array
|
|
5103
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.policies.other_policies[0] #=> String
|
|
5104
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.scheme #=> String
|
|
5105
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.security_groups #=> Array
|
|
5106
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.security_groups[0] #=> String
|
|
5107
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.source_security_group.group_name #=> String
|
|
5108
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.source_security_group.owner_alias #=> String
|
|
5109
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.subnets #=> Array
|
|
5110
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.subnets[0] #=> String
|
|
5111
|
+
# resp.findings[0].resources[0].details.aws_elb_load_balancer.vpc_id #=> String
|
|
5112
|
+
# resp.findings[0].resources[0].details.aws_iam_group.attached_managed_policies #=> Array
|
|
5113
|
+
# resp.findings[0].resources[0].details.aws_iam_group.attached_managed_policies[0].policy_name #=> String
|
|
5114
|
+
# resp.findings[0].resources[0].details.aws_iam_group.attached_managed_policies[0].policy_arn #=> String
|
|
5115
|
+
# resp.findings[0].resources[0].details.aws_iam_group.create_date #=> String
|
|
5116
|
+
# resp.findings[0].resources[0].details.aws_iam_group.group_id #=> String
|
|
5117
|
+
# resp.findings[0].resources[0].details.aws_iam_group.group_name #=> String
|
|
5118
|
+
# resp.findings[0].resources[0].details.aws_iam_group.group_policy_list #=> Array
|
|
5119
|
+
# resp.findings[0].resources[0].details.aws_iam_group.group_policy_list[0].policy_name #=> String
|
|
5120
|
+
# resp.findings[0].resources[0].details.aws_iam_group.path #=> String
|
|
4028
5121
|
# resp.findings[0].resources[0].details.aws_iam_role.assume_role_policy_document #=> String
|
|
5122
|
+
# resp.findings[0].resources[0].details.aws_iam_role.attached_managed_policies #=> Array
|
|
5123
|
+
# resp.findings[0].resources[0].details.aws_iam_role.attached_managed_policies[0].policy_name #=> String
|
|
5124
|
+
# resp.findings[0].resources[0].details.aws_iam_role.attached_managed_policies[0].policy_arn #=> String
|
|
4029
5125
|
# resp.findings[0].resources[0].details.aws_iam_role.create_date #=> String
|
|
5126
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list #=> Array
|
|
5127
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].arn #=> String
|
|
5128
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].create_date #=> String
|
|
5129
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].instance_profile_id #=> String
|
|
5130
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].instance_profile_name #=> String
|
|
5131
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].path #=> String
|
|
5132
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles #=> Array
|
|
5133
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].arn #=> String
|
|
5134
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].assume_role_policy_document #=> String
|
|
5135
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].create_date #=> String
|
|
5136
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].path #=> String
|
|
5137
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].role_id #=> String
|
|
5138
|
+
# resp.findings[0].resources[0].details.aws_iam_role.instance_profile_list[0].roles[0].role_name #=> String
|
|
5139
|
+
# resp.findings[0].resources[0].details.aws_iam_role.permissions_boundary.permissions_boundary_arn #=> String
|
|
5140
|
+
# resp.findings[0].resources[0].details.aws_iam_role.permissions_boundary.permissions_boundary_type #=> String
|
|
4030
5141
|
# resp.findings[0].resources[0].details.aws_iam_role.role_id #=> String
|
|
4031
5142
|
# resp.findings[0].resources[0].details.aws_iam_role.role_name #=> String
|
|
5143
|
+
# resp.findings[0].resources[0].details.aws_iam_role.role_policy_list #=> Array
|
|
5144
|
+
# resp.findings[0].resources[0].details.aws_iam_role.role_policy_list[0].policy_name #=> String
|
|
4032
5145
|
# resp.findings[0].resources[0].details.aws_iam_role.max_session_duration #=> Integer
|
|
4033
5146
|
# resp.findings[0].resources[0].details.aws_iam_role.path #=> String
|
|
4034
5147
|
# resp.findings[0].resources[0].details.aws_kms_key.aws_account_id #=> String
|
|
@@ -4361,6 +5474,60 @@ module Aws::SecurityHub
|
|
|
4361
5474
|
# resp.findings[0].patch_summary.operation_end_time #=> String
|
|
4362
5475
|
# resp.findings[0].patch_summary.reboot_option #=> String
|
|
4363
5476
|
# resp.findings[0].patch_summary.operation #=> String
|
|
5477
|
+
# resp.findings[0].action.action_type #=> String
|
|
5478
|
+
# resp.findings[0].action.network_connection_action.connection_direction #=> String
|
|
5479
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.ip_address_v4 #=> String
|
|
5480
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn #=> Integer
|
|
5481
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn_org #=> String
|
|
5482
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.isp #=> String
|
|
5483
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.org #=> String
|
|
5484
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_code #=> String
|
|
5485
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_name #=> String
|
|
5486
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.city.city_name #=> String
|
|
5487
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lon #=> Float
|
|
5488
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lat #=> Float
|
|
5489
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port #=> Integer
|
|
5490
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port_name #=> String
|
|
5491
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port #=> Integer
|
|
5492
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port_name #=> String
|
|
5493
|
+
# resp.findings[0].action.network_connection_action.protocol #=> String
|
|
5494
|
+
# resp.findings[0].action.network_connection_action.blocked #=> Boolean
|
|
5495
|
+
# resp.findings[0].action.aws_api_call_action.api #=> String
|
|
5496
|
+
# resp.findings[0].action.aws_api_call_action.service_name #=> String
|
|
5497
|
+
# resp.findings[0].action.aws_api_call_action.caller_type #=> String
|
|
5498
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.ip_address_v4 #=> String
|
|
5499
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn #=> Integer
|
|
5500
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn_org #=> String
|
|
5501
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.isp #=> String
|
|
5502
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.org #=> String
|
|
5503
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_code #=> String
|
|
5504
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_name #=> String
|
|
5505
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.city.city_name #=> String
|
|
5506
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lon #=> Float
|
|
5507
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lat #=> Float
|
|
5508
|
+
# resp.findings[0].action.aws_api_call_action.domain_details.domain #=> String
|
|
5509
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources #=> Hash
|
|
5510
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources["NonEmptyString"] #=> String
|
|
5511
|
+
# resp.findings[0].action.aws_api_call_action.first_seen #=> String
|
|
5512
|
+
# resp.findings[0].action.aws_api_call_action.last_seen #=> String
|
|
5513
|
+
# resp.findings[0].action.dns_request_action.domain #=> String
|
|
5514
|
+
# resp.findings[0].action.dns_request_action.protocol #=> String
|
|
5515
|
+
# resp.findings[0].action.dns_request_action.blocked #=> Boolean
|
|
5516
|
+
# resp.findings[0].action.port_probe_action.port_probe_details #=> Array
|
|
5517
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port #=> Integer
|
|
5518
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port_name #=> String
|
|
5519
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_ip_details.ip_address_v4 #=> String
|
|
5520
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.ip_address_v4 #=> String
|
|
5521
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn #=> Integer
|
|
5522
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
|
|
5523
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
|
|
5524
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
|
|
5525
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_code #=> String
|
|
5526
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_name #=> String
|
|
5527
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.city.city_name #=> String
|
|
5528
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
|
|
5529
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
|
|
5530
|
+
# resp.findings[0].action.port_probe_action.blocked #=> Boolean
|
|
4364
5531
|
# resp.next_token #=> String
|
|
4365
5532
|
#
|
|
4366
5533
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings AWS API Documentation
|
|
@@ -4758,6 +5925,9 @@ module Aws::SecurityHub
|
|
|
4758
5925
|
# Provides the details for the Security Hub master account for the
|
|
4759
5926
|
# current member account.
|
|
4760
5927
|
#
|
|
5928
|
+
# Can be used by both member accounts that are in an organization and
|
|
5929
|
+
# accounts that were invited manually.
|
|
5930
|
+
#
|
|
4761
5931
|
# @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
4762
5932
|
#
|
|
4763
5933
|
# * {Types::GetMasterAccountResponse#master #master} => Types::Invitation
|
|
@@ -4781,6 +5951,13 @@ module Aws::SecurityHub
|
|
|
4781
5951
|
# Returns the details for the Security Hub member accounts for the
|
|
4782
5952
|
# specified account IDs.
|
|
4783
5953
|
#
|
|
5954
|
+
# A master account can be either a delegated Security Hub administrator
|
|
5955
|
+
# account for an organization or a master account that enabled Security
|
|
5956
|
+
# Hub manually.
|
|
5957
|
+
#
|
|
5958
|
+
# The results include both member accounts that are in an organization
|
|
5959
|
+
# and accounts that were invited manually.
|
|
5960
|
+
#
|
|
4784
5961
|
# @option params [required, Array<String>] :account_ids
|
|
4785
5962
|
# The list of account IDs for the Security Hub member accounts to return
|
|
4786
5963
|
# the details for.
|
|
@@ -4821,15 +5998,18 @@ module Aws::SecurityHub
|
|
|
4821
5998
|
# Invites other AWS accounts to become member accounts for the Security
|
|
4822
5999
|
# Hub master account that the invitation is sent from.
|
|
4823
6000
|
#
|
|
6001
|
+
# This operation is only used to invite accounts that do not belong to
|
|
6002
|
+
# an organization. Organization accounts do not receive invitations.
|
|
6003
|
+
#
|
|
4824
6004
|
# Before you can use this action to invite a member, you must first use
|
|
4825
6005
|
# the ` CreateMembers ` action to create the member account in Security
|
|
4826
6006
|
# Hub.
|
|
4827
6007
|
#
|
|
4828
|
-
# When the account owner
|
|
4829
|
-
#
|
|
4830
|
-
#
|
|
6008
|
+
# When the account owner enables Security Hub and accepts the invitation
|
|
6009
|
+
# to become a member account, the master account can view the findings
|
|
6010
|
+
# generated from the member account.
|
|
4831
6011
|
#
|
|
4832
|
-
# @option params [Array<String>] :account_ids
|
|
6012
|
+
# @option params [required, Array<String>] :account_ids
|
|
4833
6013
|
# The list of account IDs of the AWS accounts to invite to Security Hub
|
|
4834
6014
|
# as members.
|
|
4835
6015
|
#
|
|
@@ -4840,7 +6020,7 @@ module Aws::SecurityHub
|
|
|
4840
6020
|
# @example Request syntax with placeholder values
|
|
4841
6021
|
#
|
|
4842
6022
|
# resp = client.invite_members({
|
|
4843
|
-
# account_ids: ["NonEmptyString"],
|
|
6023
|
+
# account_ids: ["NonEmptyString"], # required
|
|
4844
6024
|
# })
|
|
4845
6025
|
#
|
|
4846
6026
|
# @example Response structure
|
|
@@ -4905,6 +6085,9 @@ module Aws::SecurityHub
|
|
|
4905
6085
|
# Lists all Security Hub membership invitations that were sent to the
|
|
4906
6086
|
# current AWS account.
|
|
4907
6087
|
#
|
|
6088
|
+
# This operation is only used by accounts that do not belong to an
|
|
6089
|
+
# organization. Organization accounts do not receive invitations.
|
|
6090
|
+
#
|
|
4908
6091
|
# @option params [Integer] :max_results
|
|
4909
6092
|
# The maximum number of items to return in the response.
|
|
4910
6093
|
#
|
|
@@ -4952,14 +6135,17 @@ module Aws::SecurityHub
|
|
|
4952
6135
|
# Lists details about all member accounts for the current Security Hub
|
|
4953
6136
|
# master account.
|
|
4954
6137
|
#
|
|
6138
|
+
# The results include both member accounts that belong to an
|
|
6139
|
+
# organization and member accounts that were invited manually.
|
|
6140
|
+
#
|
|
4955
6141
|
# @option params [Boolean] :only_associated
|
|
4956
6142
|
# Specifies which member accounts to include in the response based on
|
|
4957
6143
|
# their relationship status with the master account. The default value
|
|
4958
6144
|
# is `TRUE`.
|
|
4959
6145
|
#
|
|
4960
6146
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
|
4961
|
-
# accounts whose relationship status with the master is set to
|
|
4962
|
-
#
|
|
6147
|
+
# accounts whose relationship status with the master is set to
|
|
6148
|
+
# `ENABLED`.
|
|
4963
6149
|
#
|
|
4964
6150
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
|
4965
6151
|
# existing member accounts.
|
|
@@ -5010,6 +6196,49 @@ module Aws::SecurityHub
|
|
|
5010
6196
|
req.send_request(options)
|
|
5011
6197
|
end
|
|
5012
6198
|
|
|
6199
|
+
# Lists the Security Hub administrator accounts. Can only be called by
|
|
6200
|
+
# the organization management account.
|
|
6201
|
+
#
|
|
6202
|
+
# @option params [Integer] :max_results
|
|
6203
|
+
# The maximum number of items to return in the response.
|
|
6204
|
+
#
|
|
6205
|
+
# @option params [String] :next_token
|
|
6206
|
+
# The token that is required for pagination. On your first call to the
|
|
6207
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
|
6208
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
|
6209
|
+
# continue listing data, set the value of this parameter to the value
|
|
6210
|
+
# returned from the previous response.
|
|
6211
|
+
#
|
|
6212
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6213
|
+
#
|
|
6214
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
|
6215
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
|
6216
|
+
#
|
|
6217
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
6218
|
+
#
|
|
6219
|
+
# @example Request syntax with placeholder values
|
|
6220
|
+
#
|
|
6221
|
+
# resp = client.list_organization_admin_accounts({
|
|
6222
|
+
# max_results: 1,
|
|
6223
|
+
# next_token: "NextToken",
|
|
6224
|
+
# })
|
|
6225
|
+
#
|
|
6226
|
+
# @example Response structure
|
|
6227
|
+
#
|
|
6228
|
+
# resp.admin_accounts #=> Array
|
|
6229
|
+
# resp.admin_accounts[0].account_id #=> String
|
|
6230
|
+
# resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
|
6231
|
+
# resp.next_token #=> String
|
|
6232
|
+
#
|
|
6233
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
|
6234
|
+
#
|
|
6235
|
+
# @overload list_organization_admin_accounts(params = {})
|
|
6236
|
+
# @param [Hash] params ({})
|
|
6237
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
|
6238
|
+
req = build_request(:list_organization_admin_accounts, params)
|
|
6239
|
+
req.send_request(options)
|
|
6240
|
+
end
|
|
6241
|
+
|
|
5013
6242
|
# Returns a list of tags associated with a resource.
|
|
5014
6243
|
#
|
|
5015
6244
|
# @option params [required, String] :resource_arn
|
|
@@ -6306,6 +7535,36 @@ module Aws::SecurityHub
|
|
|
6306
7535
|
req.send_request(options)
|
|
6307
7536
|
end
|
|
6308
7537
|
|
|
7538
|
+
# Used to update the configuration related to Organizations. Can only be
|
|
7539
|
+
# called from a Security Hub administrator account.
|
|
7540
|
+
#
|
|
7541
|
+
# @option params [required, Boolean] :auto_enable
|
|
7542
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
|
7543
|
+
# organization.
|
|
7544
|
+
#
|
|
7545
|
+
# By default, this is `false`, and new accounts are not added
|
|
7546
|
+
# automatically.
|
|
7547
|
+
#
|
|
7548
|
+
# To automatically enable Security Hub for new accounts, set this to
|
|
7549
|
+
# `true`.
|
|
7550
|
+
#
|
|
7551
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
7552
|
+
#
|
|
7553
|
+
# @example Request syntax with placeholder values
|
|
7554
|
+
#
|
|
7555
|
+
# resp = client.update_organization_configuration({
|
|
7556
|
+
# auto_enable: false, # required
|
|
7557
|
+
# })
|
|
7558
|
+
#
|
|
7559
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
|
7560
|
+
#
|
|
7561
|
+
# @overload update_organization_configuration(params = {})
|
|
7562
|
+
# @param [Hash] params ({})
|
|
7563
|
+
def update_organization_configuration(params = {}, options = {})
|
|
7564
|
+
req = build_request(:update_organization_configuration, params)
|
|
7565
|
+
req.send_request(options)
|
|
7566
|
+
end
|
|
7567
|
+
|
|
6309
7568
|
# Updates configuration options for Security Hub.
|
|
6310
7569
|
#
|
|
6311
7570
|
# @option params [Boolean] :auto_enable_controls
|
|
@@ -6378,7 +7637,7 @@ module Aws::SecurityHub
|
|
|
6378
7637
|
params: params,
|
|
6379
7638
|
config: config)
|
|
6380
7639
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
6381
|
-
context[:gem_version] = '1.
|
|
7640
|
+
context[:gem_version] = '1.38.0'
|
|
6382
7641
|
Seahorse::Client::Request.new(handlers, context)
|
|
6383
7642
|
end
|
|
6384
7643
|
|