aws-sdk-securityhub 1.35.0 → 1.36.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +231 -30
- data/lib/aws-sdk-securityhub/client_api.rb +123 -7
- data/lib/aws-sdk-securityhub/types.rb +194 -16
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dfd2b4dd950ff3c25ffe4aa522baa557f0e9b09f17eb33f4d8b28390d478e8e9
|
4
|
+
data.tar.gz: 86aa091badb2a21ef8ff863b04aeb46648c99e0c682923f8d5380a655c4978ed
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3c8d78f445024a95159b48fb25c611bc089179fa9e76acba2cf14293b56f0eb354448ebf2586540b98f16420e9ba13150e6b4a9205adb574e43470e0362e77ae
|
7
|
+
data.tar.gz: 7be711077e56e1bdb730542a70eab2b5036eb5ad04ebcf707b3977608264365df7a27473a0543a21adeab03bc9a889bed5efd6705e2371d717c3d256aabe69af
|
data/lib/aws-sdk-securityhub.rb
CHANGED
@@ -330,6 +330,9 @@ module Aws::SecurityHub
|
|
330
330
|
# Accepts the invitation to be a member account and be monitored by the
|
331
331
|
# Security Hub master account that the invitation was sent from.
|
332
332
|
#
|
333
|
+
# This operation is only used by member accounts that are not added
|
334
|
+
# through Organizations.
|
335
|
+
#
|
333
336
|
# When the member account accepts the invitation, permission is granted
|
334
337
|
# to the master account to view findings generated in the member
|
335
338
|
# account.
|
@@ -2854,29 +2857,48 @@ module Aws::SecurityHub
|
|
2854
2857
|
|
2855
2858
|
# Creates a member association in Security Hub between the specified
|
2856
2859
|
# accounts and the account used to make the request, which is the master
|
2857
|
-
# account.
|
2858
|
-
#
|
2859
|
-
#
|
2860
|
+
# account. If you are integrated with Organizations, then the master
|
2861
|
+
# account is the Security Hub administrator account that is designated
|
2862
|
+
# by the organization management account.
|
2863
|
+
#
|
2864
|
+
# `CreateMembers` is always used to add accounts that are not
|
2865
|
+
# organization members.
|
2866
|
+
#
|
2867
|
+
# For accounts that are part of an organization, `CreateMembers` is only
|
2868
|
+
# used in the following cases:
|
2869
|
+
#
|
2870
|
+
# * Security Hub is not configured to automatically add new accounts in
|
2871
|
+
# an organization.
|
2872
|
+
#
|
2873
|
+
# * The account was disassociated or deleted in Security Hub.
|
2874
|
+
#
|
2875
|
+
# This action can only be used by an account that has Security Hub
|
2876
|
+
# enabled. To enable Security Hub, you can use the ` EnableSecurityHub `
|
2877
|
+
# operation.
|
2860
2878
|
#
|
2861
|
-
#
|
2862
|
-
#
|
2863
|
-
# the
|
2864
|
-
#
|
2879
|
+
# For accounts that are not organization members, you create the account
|
2880
|
+
# association and then send an invitation to the member account. To send
|
2881
|
+
# the invitation, you use the ` InviteMembers ` operation. If the
|
2882
|
+
# account owner accepts the invitation, the account becomes a member
|
2883
|
+
# account in Security Hub.
|
2865
2884
|
#
|
2866
|
-
#
|
2867
|
-
#
|
2868
|
-
#
|
2869
|
-
#
|
2870
|
-
#
|
2885
|
+
# Accounts that are part of an organization do not receive an
|
2886
|
+
# invitation. They automatically become a member account in Security
|
2887
|
+
# Hub.
|
2888
|
+
#
|
2889
|
+
# A permissions policy is added that permits the master account to view
|
2890
|
+
# the findings generated in the member account. When Security Hub is
|
2891
|
+
# enabled in a member account, findings are sent to both the member and
|
2892
|
+
# master accounts.
|
2871
2893
|
#
|
2872
2894
|
# To remove the association between the master and member accounts, use
|
2873
2895
|
# the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
|
2874
2896
|
# operation.
|
2875
2897
|
#
|
2876
|
-
# @option params [Array<Types::AccountDetails>] :account_details
|
2898
|
+
# @option params [required, Array<Types::AccountDetails>] :account_details
|
2877
2899
|
# The list of accounts to associate with the Security Hub master
|
2878
|
-
# account. For each account, the list includes the account ID and
|
2879
|
-
# email address.
|
2900
|
+
# account. For each account, the list includes the account ID and
|
2901
|
+
# optionally the email address.
|
2880
2902
|
#
|
2881
2903
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2882
2904
|
#
|
@@ -2885,9 +2907,9 @@ module Aws::SecurityHub
|
|
2885
2907
|
# @example Request syntax with placeholder values
|
2886
2908
|
#
|
2887
2909
|
# resp = client.create_members({
|
2888
|
-
# account_details: [
|
2910
|
+
# account_details: [ # required
|
2889
2911
|
# {
|
2890
|
-
# account_id: "AccountId",
|
2912
|
+
# account_id: "AccountId", # required
|
2891
2913
|
# email: "NonEmptyString",
|
2892
2914
|
# },
|
2893
2915
|
# ],
|
@@ -2910,6 +2932,9 @@ module Aws::SecurityHub
|
|
2910
2932
|
|
2911
2933
|
# Declines invitations to become a member account.
|
2912
2934
|
#
|
2935
|
+
# This operation is only used by accounts that are not part of an
|
2936
|
+
# organization. Organization accounts do not receive invitations.
|
2937
|
+
#
|
2913
2938
|
# @option params [required, Array<String>] :account_ids
|
2914
2939
|
# The list of account IDs for the accounts from which to decline the
|
2915
2940
|
# invitations to Security Hub.
|
@@ -3002,6 +3027,9 @@ module Aws::SecurityHub
|
|
3002
3027
|
# Deletes invitations received by the AWS account to become a member
|
3003
3028
|
# account.
|
3004
3029
|
#
|
3030
|
+
# This operation is only used by accounts that are not part of an
|
3031
|
+
# organization. Organization accounts do not receive invitations.
|
3032
|
+
#
|
3005
3033
|
# @option params [required, Array<String>] :account_ids
|
3006
3034
|
# The list of the account IDs that sent the invitations to delete.
|
3007
3035
|
#
|
@@ -3032,7 +3060,10 @@ module Aws::SecurityHub
|
|
3032
3060
|
|
3033
3061
|
# Deletes the specified member accounts from Security Hub.
|
3034
3062
|
#
|
3035
|
-
#
|
3063
|
+
# Can be used to delete member accounts that belong to an organization
|
3064
|
+
# as well as member accounts that were invited manually.
|
3065
|
+
#
|
3066
|
+
# @option params [required, Array<String>] :account_ids
|
3036
3067
|
# The list of account IDs for the member accounts to delete.
|
3037
3068
|
#
|
3038
3069
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
@@ -3042,7 +3073,7 @@ module Aws::SecurityHub
|
|
3042
3073
|
# @example Request syntax with placeholder values
|
3043
3074
|
#
|
3044
3075
|
# resp = client.delete_members({
|
3045
|
-
# account_ids: ["NonEmptyString"],
|
3076
|
+
# account_ids: ["NonEmptyString"], # required
|
3046
3077
|
# })
|
3047
3078
|
#
|
3048
3079
|
# @example Response structure
|
@@ -3144,6 +3175,28 @@ module Aws::SecurityHub
|
|
3144
3175
|
req.send_request(options)
|
3145
3176
|
end
|
3146
3177
|
|
3178
|
+
# Returns information about the Organizations configuration for Security
|
3179
|
+
# Hub. Can only be called from a Security Hub administrator account.
|
3180
|
+
#
|
3181
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3182
|
+
#
|
3183
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
3184
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
3185
|
+
#
|
3186
|
+
# @example Response structure
|
3187
|
+
#
|
3188
|
+
# resp.auto_enable #=> Boolean
|
3189
|
+
# resp.member_account_limit_reached #=> Boolean
|
3190
|
+
#
|
3191
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
3192
|
+
#
|
3193
|
+
# @overload describe_organization_configuration(params = {})
|
3194
|
+
# @param [Hash] params ({})
|
3195
|
+
def describe_organization_configuration(params = {}, options = {})
|
3196
|
+
req = build_request(:describe_organization_configuration, params)
|
3197
|
+
req.send_request(options)
|
3198
|
+
end
|
3199
|
+
|
3147
3200
|
# Returns information about the available products that you can
|
3148
3201
|
# subscribe to and integrate with Security Hub in order to consolidate
|
3149
3202
|
# findings.
|
@@ -3256,7 +3309,8 @@ module Aws::SecurityHub
|
|
3256
3309
|
#
|
3257
3310
|
# @option params [required, String] :standards_subscription_arn
|
3258
3311
|
# The ARN of a resource that represents your subscription to a supported
|
3259
|
-
# standard.
|
3312
|
+
# standard. To get the subscription ARNs of the standards you have
|
3313
|
+
# enabled, use the ` GetEnabledStandards ` operation.
|
3260
3314
|
#
|
3261
3315
|
# @option params [String] :next_token
|
3262
3316
|
# The token that is required for pagination. On your first call to the
|
@@ -3334,6 +3388,29 @@ module Aws::SecurityHub
|
|
3334
3388
|
req.send_request(options)
|
3335
3389
|
end
|
3336
3390
|
|
3391
|
+
# Disables a Security Hub administrator account. Can only be called by
|
3392
|
+
# the organization management account.
|
3393
|
+
#
|
3394
|
+
# @option params [required, String] :admin_account_id
|
3395
|
+
# The AWS account identifier of the Security Hub administrator account.
|
3396
|
+
#
|
3397
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3398
|
+
#
|
3399
|
+
# @example Request syntax with placeholder values
|
3400
|
+
#
|
3401
|
+
# resp = client.disable_organization_admin_account({
|
3402
|
+
# admin_account_id: "NonEmptyString", # required
|
3403
|
+
# })
|
3404
|
+
#
|
3405
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
3406
|
+
#
|
3407
|
+
# @overload disable_organization_admin_account(params = {})
|
3408
|
+
# @param [Hash] params ({})
|
3409
|
+
def disable_organization_admin_account(params = {}, options = {})
|
3410
|
+
req = build_request(:disable_organization_admin_account, params)
|
3411
|
+
req.send_request(options)
|
3412
|
+
end
|
3413
|
+
|
3337
3414
|
# Disables Security Hub in your account only in the current Region. To
|
3338
3415
|
# disable Security Hub in all Regions, you must submit one request per
|
3339
3416
|
# Region where you have enabled Security Hub.
|
@@ -3363,6 +3440,11 @@ module Aws::SecurityHub
|
|
3363
3440
|
# Disassociates the current Security Hub member account from the
|
3364
3441
|
# associated master account.
|
3365
3442
|
#
|
3443
|
+
# This operation is only used by accounts that are not part of an
|
3444
|
+
# organization. For organization accounts, only the master account (the
|
3445
|
+
# designated Security Hub administrator) can disassociate a member
|
3446
|
+
# account.
|
3447
|
+
#
|
3366
3448
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3367
3449
|
#
|
3368
3450
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccount AWS API Documentation
|
@@ -3377,7 +3459,10 @@ module Aws::SecurityHub
|
|
3377
3459
|
# Disassociates the specified member accounts from the associated master
|
3378
3460
|
# account.
|
3379
3461
|
#
|
3380
|
-
#
|
3462
|
+
# Can be used to disassociate both accounts that are in an organization
|
3463
|
+
# and accounts that were invited manually.
|
3464
|
+
#
|
3465
|
+
# @option params [required, Array<String>] :account_ids
|
3381
3466
|
# The account IDs of the member accounts to disassociate from the master
|
3382
3467
|
# account.
|
3383
3468
|
#
|
@@ -3386,7 +3471,7 @@ module Aws::SecurityHub
|
|
3386
3471
|
# @example Request syntax with placeholder values
|
3387
3472
|
#
|
3388
3473
|
# resp = client.disassociate_members({
|
3389
|
-
# account_ids: ["NonEmptyString"],
|
3474
|
+
# account_ids: ["NonEmptyString"], # required
|
3390
3475
|
# })
|
3391
3476
|
#
|
3392
3477
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembers AWS API Documentation
|
@@ -3431,6 +3516,30 @@ module Aws::SecurityHub
|
|
3431
3516
|
req.send_request(options)
|
3432
3517
|
end
|
3433
3518
|
|
3519
|
+
# Designates the Security Hub administrator account for an organization.
|
3520
|
+
# Can only be called by the organization management account.
|
3521
|
+
#
|
3522
|
+
# @option params [required, String] :admin_account_id
|
3523
|
+
# The AWS account identifier of the account to designate as the Security
|
3524
|
+
# Hub administrator account.
|
3525
|
+
#
|
3526
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3527
|
+
#
|
3528
|
+
# @example Request syntax with placeholder values
|
3529
|
+
#
|
3530
|
+
# resp = client.enable_organization_admin_account({
|
3531
|
+
# admin_account_id: "NonEmptyString", # required
|
3532
|
+
# })
|
3533
|
+
#
|
3534
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
3535
|
+
#
|
3536
|
+
# @overload enable_organization_admin_account(params = {})
|
3537
|
+
# @param [Hash] params ({})
|
3538
|
+
def enable_organization_admin_account(params = {}, options = {})
|
3539
|
+
req = build_request(:enable_organization_admin_account, params)
|
3540
|
+
req.send_request(options)
|
3541
|
+
end
|
3542
|
+
|
3434
3543
|
# Enables Security Hub for your account in the current Region or the
|
3435
3544
|
# Region you specify in the request.
|
3436
3545
|
#
|
@@ -5586,6 +5695,9 @@ module Aws::SecurityHub
|
|
5586
5695
|
# Provides the details for the Security Hub master account for the
|
5587
5696
|
# current member account.
|
5588
5697
|
#
|
5698
|
+
# Can be used by both member accounts that are in an organization and
|
5699
|
+
# accounts that were invited manually.
|
5700
|
+
#
|
5589
5701
|
# @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5590
5702
|
#
|
5591
5703
|
# * {Types::GetMasterAccountResponse#master #master} => Types::Invitation
|
@@ -5609,6 +5721,13 @@ module Aws::SecurityHub
|
|
5609
5721
|
# Returns the details for the Security Hub member accounts for the
|
5610
5722
|
# specified account IDs.
|
5611
5723
|
#
|
5724
|
+
# A master account can be either a delegated Security Hub administrator
|
5725
|
+
# account for an organization or a master account that enabled Security
|
5726
|
+
# Hub manually.
|
5727
|
+
#
|
5728
|
+
# The results include both member accounts that are in an organization
|
5729
|
+
# and accounts that were invited manually.
|
5730
|
+
#
|
5612
5731
|
# @option params [required, Array<String>] :account_ids
|
5613
5732
|
# The list of account IDs for the Security Hub member accounts to return
|
5614
5733
|
# the details for.
|
@@ -5649,15 +5768,18 @@ module Aws::SecurityHub
|
|
5649
5768
|
# Invites other AWS accounts to become member accounts for the Security
|
5650
5769
|
# Hub master account that the invitation is sent from.
|
5651
5770
|
#
|
5771
|
+
# This operation is only used to invite accounts that do not belong to
|
5772
|
+
# an organization. Organization accounts do not receive invitations.
|
5773
|
+
#
|
5652
5774
|
# Before you can use this action to invite a member, you must first use
|
5653
5775
|
# the ` CreateMembers ` action to create the member account in Security
|
5654
5776
|
# Hub.
|
5655
5777
|
#
|
5656
|
-
# When the account owner
|
5657
|
-
#
|
5658
|
-
#
|
5778
|
+
# When the account owner enables Security Hub and accepts the invitation
|
5779
|
+
# to become a member account, the master account can view the findings
|
5780
|
+
# generated from the member account.
|
5659
5781
|
#
|
5660
|
-
# @option params [Array<String>] :account_ids
|
5782
|
+
# @option params [required, Array<String>] :account_ids
|
5661
5783
|
# The list of account IDs of the AWS accounts to invite to Security Hub
|
5662
5784
|
# as members.
|
5663
5785
|
#
|
@@ -5668,7 +5790,7 @@ module Aws::SecurityHub
|
|
5668
5790
|
# @example Request syntax with placeholder values
|
5669
5791
|
#
|
5670
5792
|
# resp = client.invite_members({
|
5671
|
-
# account_ids: ["NonEmptyString"],
|
5793
|
+
# account_ids: ["NonEmptyString"], # required
|
5672
5794
|
# })
|
5673
5795
|
#
|
5674
5796
|
# @example Response structure
|
@@ -5733,6 +5855,9 @@ module Aws::SecurityHub
|
|
5733
5855
|
# Lists all Security Hub membership invitations that were sent to the
|
5734
5856
|
# current AWS account.
|
5735
5857
|
#
|
5858
|
+
# This operation is only used by accounts that do not belong to an
|
5859
|
+
# organization. Organization accounts do not receive invitations.
|
5860
|
+
#
|
5736
5861
|
# @option params [Integer] :max_results
|
5737
5862
|
# The maximum number of items to return in the response.
|
5738
5863
|
#
|
@@ -5780,14 +5905,17 @@ module Aws::SecurityHub
|
|
5780
5905
|
# Lists details about all member accounts for the current Security Hub
|
5781
5906
|
# master account.
|
5782
5907
|
#
|
5908
|
+
# The results include both member accounts that belong to an
|
5909
|
+
# organization and member accounts that were invited manually.
|
5910
|
+
#
|
5783
5911
|
# @option params [Boolean] :only_associated
|
5784
5912
|
# Specifies which member accounts to include in the response based on
|
5785
5913
|
# their relationship status with the master account. The default value
|
5786
5914
|
# is `TRUE`.
|
5787
5915
|
#
|
5788
5916
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
5789
|
-
# accounts whose relationship status with the master is set to
|
5790
|
-
#
|
5917
|
+
# accounts whose relationship status with the master is set to
|
5918
|
+
# `ENABLED`.
|
5791
5919
|
#
|
5792
5920
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
5793
5921
|
# existing member accounts.
|
@@ -5838,6 +5966,49 @@ module Aws::SecurityHub
|
|
5838
5966
|
req.send_request(options)
|
5839
5967
|
end
|
5840
5968
|
|
5969
|
+
# Lists the Security Hub administrator accounts. Can only be called by
|
5970
|
+
# the organization management account.
|
5971
|
+
#
|
5972
|
+
# @option params [Integer] :max_results
|
5973
|
+
# The maximum number of items to return in the response.
|
5974
|
+
#
|
5975
|
+
# @option params [String] :next_token
|
5976
|
+
# The token that is required for pagination. On your first call to the
|
5977
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
5978
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
5979
|
+
# continue listing data, set the value of this parameter to the value
|
5980
|
+
# returned from the previous response.
|
5981
|
+
#
|
5982
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5983
|
+
#
|
5984
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
5985
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
5986
|
+
#
|
5987
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
5988
|
+
#
|
5989
|
+
# @example Request syntax with placeholder values
|
5990
|
+
#
|
5991
|
+
# resp = client.list_organization_admin_accounts({
|
5992
|
+
# max_results: 1,
|
5993
|
+
# next_token: "NextToken",
|
5994
|
+
# })
|
5995
|
+
#
|
5996
|
+
# @example Response structure
|
5997
|
+
#
|
5998
|
+
# resp.admin_accounts #=> Array
|
5999
|
+
# resp.admin_accounts[0].account_id #=> String
|
6000
|
+
# resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
6001
|
+
# resp.next_token #=> String
|
6002
|
+
#
|
6003
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
6004
|
+
#
|
6005
|
+
# @overload list_organization_admin_accounts(params = {})
|
6006
|
+
# @param [Hash] params ({})
|
6007
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
6008
|
+
req = build_request(:list_organization_admin_accounts, params)
|
6009
|
+
req.send_request(options)
|
6010
|
+
end
|
6011
|
+
|
5841
6012
|
# Returns a list of tags associated with a resource.
|
5842
6013
|
#
|
5843
6014
|
# @option params [required, String] :resource_arn
|
@@ -7134,6 +7305,36 @@ module Aws::SecurityHub
|
|
7134
7305
|
req.send_request(options)
|
7135
7306
|
end
|
7136
7307
|
|
7308
|
+
# Used to update the configuration related to Organizations. Can only be
|
7309
|
+
# called from a Security Hub administrator account.
|
7310
|
+
#
|
7311
|
+
# @option params [required, Boolean] :auto_enable
|
7312
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
7313
|
+
# organization.
|
7314
|
+
#
|
7315
|
+
# By default, this is `false`, and new accounts are not added
|
7316
|
+
# automatically.
|
7317
|
+
#
|
7318
|
+
# To automatically enable Security Hub for new accounts, set this to
|
7319
|
+
# `true`.
|
7320
|
+
#
|
7321
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
7322
|
+
#
|
7323
|
+
# @example Request syntax with placeholder values
|
7324
|
+
#
|
7325
|
+
# resp = client.update_organization_configuration({
|
7326
|
+
# auto_enable: false, # required
|
7327
|
+
# })
|
7328
|
+
#
|
7329
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
7330
|
+
#
|
7331
|
+
# @overload update_organization_configuration(params = {})
|
7332
|
+
# @param [Hash] params ({})
|
7333
|
+
def update_organization_configuration(params = {}, options = {})
|
7334
|
+
req = build_request(:update_organization_configuration, params)
|
7335
|
+
req.send_request(options)
|
7336
|
+
end
|
7337
|
+
|
7137
7338
|
# Updates configuration options for Security Hub.
|
7138
7339
|
#
|
7139
7340
|
# @option params [Boolean] :auto_enable_controls
|
@@ -7206,7 +7407,7 @@ module Aws::SecurityHub
|
|
7206
7407
|
params: params,
|
7207
7408
|
config: config)
|
7208
7409
|
context[:gem_name] = 'aws-sdk-securityhub'
|
7209
|
-
context[:gem_version] = '1.
|
7410
|
+
context[:gem_version] = '1.36.0'
|
7210
7411
|
Seahorse::Client::Request.new(handlers, context)
|
7211
7412
|
end
|
7212
7413
|
|
@@ -22,6 +22,10 @@ module Aws::SecurityHub
|
|
22
22
|
AccountIdList = Shapes::ListShape.new(name: 'AccountIdList')
|
23
23
|
ActionTarget = Shapes::StructureShape.new(name: 'ActionTarget')
|
24
24
|
ActionTargetList = Shapes::ListShape.new(name: 'ActionTargetList')
|
25
|
+
AdminAccount = Shapes::StructureShape.new(name: 'AdminAccount')
|
26
|
+
AdminAccounts = Shapes::ListShape.new(name: 'AdminAccounts')
|
27
|
+
AdminStatus = Shapes::StringShape.new(name: 'AdminStatus')
|
28
|
+
AdminsMaxResults = Shapes::IntegerShape.new(name: 'AdminsMaxResults')
|
25
29
|
ArnList = Shapes::ListShape.new(name: 'ArnList')
|
26
30
|
AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
|
27
31
|
AvailabilityZones = Shapes::ListShape.new(name: 'AvailabilityZones')
|
@@ -270,6 +274,7 @@ module Aws::SecurityHub
|
|
270
274
|
CreateInsightResponse = Shapes::StructureShape.new(name: 'CreateInsightResponse')
|
271
275
|
CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
|
272
276
|
CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
|
277
|
+
CrossAccountMaxResults = Shapes::IntegerShape.new(name: 'CrossAccountMaxResults')
|
273
278
|
Cvss = Shapes::StructureShape.new(name: 'Cvss')
|
274
279
|
CvssList = Shapes::ListShape.new(name: 'CvssList')
|
275
280
|
DateFilter = Shapes::StructureShape.new(name: 'DateFilter')
|
@@ -290,6 +295,8 @@ module Aws::SecurityHub
|
|
290
295
|
DescribeActionTargetsResponse = Shapes::StructureShape.new(name: 'DescribeActionTargetsResponse')
|
291
296
|
DescribeHubRequest = Shapes::StructureShape.new(name: 'DescribeHubRequest')
|
292
297
|
DescribeHubResponse = Shapes::StructureShape.new(name: 'DescribeHubResponse')
|
298
|
+
DescribeOrganizationConfigurationRequest = Shapes::StructureShape.new(name: 'DescribeOrganizationConfigurationRequest')
|
299
|
+
DescribeOrganizationConfigurationResponse = Shapes::StructureShape.new(name: 'DescribeOrganizationConfigurationResponse')
|
293
300
|
DescribeProductsRequest = Shapes::StructureShape.new(name: 'DescribeProductsRequest')
|
294
301
|
DescribeProductsResponse = Shapes::StructureShape.new(name: 'DescribeProductsResponse')
|
295
302
|
DescribeStandardsControlsRequest = Shapes::StructureShape.new(name: 'DescribeStandardsControlsRequest')
|
@@ -298,6 +305,8 @@ module Aws::SecurityHub
|
|
298
305
|
DescribeStandardsResponse = Shapes::StructureShape.new(name: 'DescribeStandardsResponse')
|
299
306
|
DisableImportFindingsForProductRequest = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductRequest')
|
300
307
|
DisableImportFindingsForProductResponse = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductResponse')
|
308
|
+
DisableOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'DisableOrganizationAdminAccountRequest')
|
309
|
+
DisableOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'DisableOrganizationAdminAccountResponse')
|
301
310
|
DisableSecurityHubRequest = Shapes::StructureShape.new(name: 'DisableSecurityHubRequest')
|
302
311
|
DisableSecurityHubResponse = Shapes::StructureShape.new(name: 'DisableSecurityHubResponse')
|
303
312
|
DisassociateFromMasterAccountRequest = Shapes::StructureShape.new(name: 'DisassociateFromMasterAccountRequest')
|
@@ -307,6 +316,8 @@ module Aws::SecurityHub
|
|
307
316
|
Double = Shapes::FloatShape.new(name: 'Double')
|
308
317
|
EnableImportFindingsForProductRequest = Shapes::StructureShape.new(name: 'EnableImportFindingsForProductRequest')
|
309
318
|
EnableImportFindingsForProductResponse = Shapes::StructureShape.new(name: 'EnableImportFindingsForProductResponse')
|
319
|
+
EnableOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountRequest')
|
320
|
+
EnableOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountResponse')
|
310
321
|
EnableSecurityHubRequest = Shapes::StructureShape.new(name: 'EnableSecurityHubRequest')
|
311
322
|
EnableSecurityHubResponse = Shapes::StructureShape.new(name: 'EnableSecurityHubResponse')
|
312
323
|
FieldMap = Shapes::MapShape.new(name: 'FieldMap')
|
@@ -354,6 +365,8 @@ module Aws::SecurityHub
|
|
354
365
|
ListInvitationsResponse = Shapes::StructureShape.new(name: 'ListInvitationsResponse')
|
355
366
|
ListMembersRequest = Shapes::StructureShape.new(name: 'ListMembersRequest')
|
356
367
|
ListMembersResponse = Shapes::StructureShape.new(name: 'ListMembersResponse')
|
368
|
+
ListOrganizationAdminAccountsRequest = Shapes::StructureShape.new(name: 'ListOrganizationAdminAccountsRequest')
|
369
|
+
ListOrganizationAdminAccountsResponse = Shapes::StructureShape.new(name: 'ListOrganizationAdminAccountsResponse')
|
357
370
|
ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
|
358
371
|
ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
|
359
372
|
LoadBalancerState = Shapes::StructureShape.new(name: 'LoadBalancerState')
|
@@ -452,6 +465,8 @@ module Aws::SecurityHub
|
|
452
465
|
UpdateFindingsResponse = Shapes::StructureShape.new(name: 'UpdateFindingsResponse')
|
453
466
|
UpdateInsightRequest = Shapes::StructureShape.new(name: 'UpdateInsightRequest')
|
454
467
|
UpdateInsightResponse = Shapes::StructureShape.new(name: 'UpdateInsightResponse')
|
468
|
+
UpdateOrganizationConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateOrganizationConfigurationRequest')
|
469
|
+
UpdateOrganizationConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateOrganizationConfigurationResponse')
|
455
470
|
UpdateSecurityHubConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationRequest')
|
456
471
|
UpdateSecurityHubConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationResponse')
|
457
472
|
UpdateStandardsControlRequest = Shapes::StructureShape.new(name: 'UpdateStandardsControlRequest')
|
@@ -479,7 +494,7 @@ module Aws::SecurityHub
|
|
479
494
|
AccessDeniedException.add_member(:code, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Code"))
|
480
495
|
AccessDeniedException.struct_class = Types::AccessDeniedException
|
481
496
|
|
482
|
-
AccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "AccountId"))
|
497
|
+
AccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
|
483
498
|
AccountDetails.add_member(:email, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Email"))
|
484
499
|
AccountDetails.struct_class = Types::AccountDetails
|
485
500
|
|
@@ -494,6 +509,12 @@ module Aws::SecurityHub
|
|
494
509
|
|
495
510
|
ActionTargetList.member = Shapes::ShapeRef.new(shape: ActionTarget)
|
496
511
|
|
512
|
+
AdminAccount.add_member(:account_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "AccountId"))
|
513
|
+
AdminAccount.add_member(:status, Shapes::ShapeRef.new(shape: AdminStatus, location_name: "Status"))
|
514
|
+
AdminAccount.struct_class = Types::AdminAccount
|
515
|
+
|
516
|
+
AdminAccounts.member = Shapes::ShapeRef.new(shape: AdminAccount)
|
517
|
+
|
497
518
|
ArnList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
|
498
519
|
|
499
520
|
AvailabilityZone.add_member(:zone_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ZoneName"))
|
@@ -1985,7 +2006,7 @@ module Aws::SecurityHub
|
|
1985
2006
|
CreateInsightResponse.add_member(:insight_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "InsightArn"))
|
1986
2007
|
CreateInsightResponse.struct_class = Types::CreateInsightResponse
|
1987
2008
|
|
1988
|
-
CreateMembersRequest.add_member(:account_details, Shapes::ShapeRef.new(shape: AccountDetailsList, location_name: "AccountDetails"))
|
2009
|
+
CreateMembersRequest.add_member(:account_details, Shapes::ShapeRef.new(shape: AccountDetailsList, required: true, location_name: "AccountDetails"))
|
1989
2010
|
CreateMembersRequest.struct_class = Types::CreateMembersRequest
|
1990
2011
|
|
1991
2012
|
CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2033,7 +2054,7 @@ module Aws::SecurityHub
|
|
2033
2054
|
DeleteInvitationsResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
2034
2055
|
DeleteInvitationsResponse.struct_class = Types::DeleteInvitationsResponse
|
2035
2056
|
|
2036
|
-
DeleteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2057
|
+
DeleteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2037
2058
|
DeleteMembersRequest.struct_class = Types::DeleteMembersRequest
|
2038
2059
|
|
2039
2060
|
DeleteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2056,6 +2077,12 @@ module Aws::SecurityHub
|
|
2056
2077
|
DescribeHubResponse.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
|
2057
2078
|
DescribeHubResponse.struct_class = Types::DescribeHubResponse
|
2058
2079
|
|
2080
|
+
DescribeOrganizationConfigurationRequest.struct_class = Types::DescribeOrganizationConfigurationRequest
|
2081
|
+
|
2082
|
+
DescribeOrganizationConfigurationResponse.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnable"))
|
2083
|
+
DescribeOrganizationConfigurationResponse.add_member(:member_account_limit_reached, Shapes::ShapeRef.new(shape: Boolean, location_name: "MemberAccountLimitReached"))
|
2084
|
+
DescribeOrganizationConfigurationResponse.struct_class = Types::DescribeOrganizationConfigurationResponse
|
2085
|
+
|
2059
2086
|
DescribeProductsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2060
2087
|
DescribeProductsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "MaxResults"))
|
2061
2088
|
DescribeProductsRequest.struct_class = Types::DescribeProductsRequest
|
@@ -2086,6 +2113,11 @@ module Aws::SecurityHub
|
|
2086
2113
|
|
2087
2114
|
DisableImportFindingsForProductResponse.struct_class = Types::DisableImportFindingsForProductResponse
|
2088
2115
|
|
2116
|
+
DisableOrganizationAdminAccountRequest.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AdminAccountId"))
|
2117
|
+
DisableOrganizationAdminAccountRequest.struct_class = Types::DisableOrganizationAdminAccountRequest
|
2118
|
+
|
2119
|
+
DisableOrganizationAdminAccountResponse.struct_class = Types::DisableOrganizationAdminAccountResponse
|
2120
|
+
|
2089
2121
|
DisableSecurityHubRequest.struct_class = Types::DisableSecurityHubRequest
|
2090
2122
|
|
2091
2123
|
DisableSecurityHubResponse.struct_class = Types::DisableSecurityHubResponse
|
@@ -2094,7 +2126,7 @@ module Aws::SecurityHub
|
|
2094
2126
|
|
2095
2127
|
DisassociateFromMasterAccountResponse.struct_class = Types::DisassociateFromMasterAccountResponse
|
2096
2128
|
|
2097
|
-
DisassociateMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2129
|
+
DisassociateMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2098
2130
|
DisassociateMembersRequest.struct_class = Types::DisassociateMembersRequest
|
2099
2131
|
|
2100
2132
|
DisassociateMembersResponse.struct_class = Types::DisassociateMembersResponse
|
@@ -2105,6 +2137,11 @@ module Aws::SecurityHub
|
|
2105
2137
|
EnableImportFindingsForProductResponse.add_member(:product_subscription_arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ProductSubscriptionArn"))
|
2106
2138
|
EnableImportFindingsForProductResponse.struct_class = Types::EnableImportFindingsForProductResponse
|
2107
2139
|
|
2140
|
+
EnableOrganizationAdminAccountRequest.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AdminAccountId"))
|
2141
|
+
EnableOrganizationAdminAccountRequest.struct_class = Types::EnableOrganizationAdminAccountRequest
|
2142
|
+
|
2143
|
+
EnableOrganizationAdminAccountResponse.struct_class = Types::EnableOrganizationAdminAccountResponse
|
2144
|
+
|
2108
2145
|
EnableSecurityHubRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "Tags"))
|
2109
2146
|
EnableSecurityHubRequest.add_member(:enable_default_standards, Shapes::ShapeRef.new(shape: Boolean, location_name: "EnableDefaultStandards"))
|
2110
2147
|
EnableSecurityHubRequest.struct_class = Types::EnableSecurityHubRequest
|
@@ -2213,7 +2250,7 @@ module Aws::SecurityHub
|
|
2213
2250
|
|
2214
2251
|
InvitationList.member = Shapes::ShapeRef.new(shape: Invitation)
|
2215
2252
|
|
2216
|
-
InviteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2253
|
+
InviteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2217
2254
|
InviteMembersRequest.struct_class = Types::InviteMembersRequest
|
2218
2255
|
|
2219
2256
|
InviteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2248,7 +2285,7 @@ module Aws::SecurityHub
|
|
2248
2285
|
ListEnabledProductsForImportResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
2249
2286
|
ListEnabledProductsForImportResponse.struct_class = Types::ListEnabledProductsForImportResponse
|
2250
2287
|
|
2251
|
-
ListInvitationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape:
|
2288
|
+
ListInvitationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: CrossAccountMaxResults, location: "querystring", location_name: "MaxResults"))
|
2252
2289
|
ListInvitationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2253
2290
|
ListInvitationsRequest.struct_class = Types::ListInvitationsRequest
|
2254
2291
|
|
@@ -2257,7 +2294,7 @@ module Aws::SecurityHub
|
|
2257
2294
|
ListInvitationsResponse.struct_class = Types::ListInvitationsResponse
|
2258
2295
|
|
2259
2296
|
ListMembersRequest.add_member(:only_associated, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "OnlyAssociated"))
|
2260
|
-
ListMembersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape:
|
2297
|
+
ListMembersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: CrossAccountMaxResults, location: "querystring", location_name: "MaxResults"))
|
2261
2298
|
ListMembersRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2262
2299
|
ListMembersRequest.struct_class = Types::ListMembersRequest
|
2263
2300
|
|
@@ -2265,6 +2302,14 @@ module Aws::SecurityHub
|
|
2265
2302
|
ListMembersResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NextToken"))
|
2266
2303
|
ListMembersResponse.struct_class = Types::ListMembersResponse
|
2267
2304
|
|
2305
|
+
ListOrganizationAdminAccountsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: AdminsMaxResults, location: "querystring", location_name: "MaxResults"))
|
2306
|
+
ListOrganizationAdminAccountsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2307
|
+
ListOrganizationAdminAccountsRequest.struct_class = Types::ListOrganizationAdminAccountsRequest
|
2308
|
+
|
2309
|
+
ListOrganizationAdminAccountsResponse.add_member(:admin_accounts, Shapes::ShapeRef.new(shape: AdminAccounts, location_name: "AdminAccounts"))
|
2310
|
+
ListOrganizationAdminAccountsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
2311
|
+
ListOrganizationAdminAccountsResponse.struct_class = Types::ListOrganizationAdminAccountsResponse
|
2312
|
+
|
2268
2313
|
ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
|
2269
2314
|
ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
|
2270
2315
|
|
@@ -2607,6 +2652,11 @@ module Aws::SecurityHub
|
|
2607
2652
|
|
2608
2653
|
UpdateInsightResponse.struct_class = Types::UpdateInsightResponse
|
2609
2654
|
|
2655
|
+
UpdateOrganizationConfigurationRequest.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "AutoEnable"))
|
2656
|
+
UpdateOrganizationConfigurationRequest.struct_class = Types::UpdateOrganizationConfigurationRequest
|
2657
|
+
|
2658
|
+
UpdateOrganizationConfigurationResponse.struct_class = Types::UpdateOrganizationConfigurationResponse
|
2659
|
+
|
2610
2660
|
UpdateSecurityHubConfigurationRequest.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
|
2611
2661
|
UpdateSecurityHubConfigurationRequest.struct_class = Types::UpdateSecurityHubConfigurationRequest
|
2612
2662
|
|
@@ -2865,6 +2915,18 @@ module Aws::SecurityHub
|
|
2865
2915
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
2866
2916
|
end)
|
2867
2917
|
|
2918
|
+
api.add_operation(:describe_organization_configuration, Seahorse::Model::Operation.new.tap do |o|
|
2919
|
+
o.name = "DescribeOrganizationConfiguration"
|
2920
|
+
o.http_method = "GET"
|
2921
|
+
o.http_request_uri = "/organization/configuration"
|
2922
|
+
o.input = Shapes::ShapeRef.new(shape: DescribeOrganizationConfigurationRequest)
|
2923
|
+
o.output = Shapes::ShapeRef.new(shape: DescribeOrganizationConfigurationResponse)
|
2924
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
2925
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
2926
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
2927
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2928
|
+
end)
|
2929
|
+
|
2868
2930
|
api.add_operation(:describe_products, Seahorse::Model::Operation.new.tap do |o|
|
2869
2931
|
o.name = "DescribeProducts"
|
2870
2932
|
o.http_method = "GET"
|
@@ -2931,6 +2993,18 @@ module Aws::SecurityHub
|
|
2931
2993
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2932
2994
|
end)
|
2933
2995
|
|
2996
|
+
api.add_operation(:disable_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
2997
|
+
o.name = "DisableOrganizationAdminAccount"
|
2998
|
+
o.http_method = "POST"
|
2999
|
+
o.http_request_uri = "/organization/admin/disable"
|
3000
|
+
o.input = Shapes::ShapeRef.new(shape: DisableOrganizationAdminAccountRequest)
|
3001
|
+
o.output = Shapes::ShapeRef.new(shape: DisableOrganizationAdminAccountResponse)
|
3002
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3003
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3004
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3005
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3006
|
+
end)
|
3007
|
+
|
2934
3008
|
api.add_operation(:disable_security_hub, Seahorse::Model::Operation.new.tap do |o|
|
2935
3009
|
o.name = "DisableSecurityHub"
|
2936
3010
|
o.http_method = "DELETE"
|
@@ -2982,6 +3056,18 @@ module Aws::SecurityHub
|
|
2982
3056
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2983
3057
|
end)
|
2984
3058
|
|
3059
|
+
api.add_operation(:enable_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
3060
|
+
o.name = "EnableOrganizationAdminAccount"
|
3061
|
+
o.http_method = "POST"
|
3062
|
+
o.http_request_uri = "/organization/admin/enable"
|
3063
|
+
o.input = Shapes::ShapeRef.new(shape: EnableOrganizationAdminAccountRequest)
|
3064
|
+
o.output = Shapes::ShapeRef.new(shape: EnableOrganizationAdminAccountResponse)
|
3065
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3066
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3067
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3068
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3069
|
+
end)
|
3070
|
+
|
2985
3071
|
api.add_operation(:enable_security_hub, Seahorse::Model::Operation.new.tap do |o|
|
2986
3072
|
o.name = "EnableSecurityHub"
|
2987
3073
|
o.http_method = "POST"
|
@@ -3167,6 +3253,24 @@ module Aws::SecurityHub
|
|
3167
3253
|
)
|
3168
3254
|
end)
|
3169
3255
|
|
3256
|
+
api.add_operation(:list_organization_admin_accounts, Seahorse::Model::Operation.new.tap do |o|
|
3257
|
+
o.name = "ListOrganizationAdminAccounts"
|
3258
|
+
o.http_method = "GET"
|
3259
|
+
o.http_request_uri = "/organization/admin"
|
3260
|
+
o.input = Shapes::ShapeRef.new(shape: ListOrganizationAdminAccountsRequest)
|
3261
|
+
o.output = Shapes::ShapeRef.new(shape: ListOrganizationAdminAccountsResponse)
|
3262
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3263
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3264
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3265
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3266
|
+
o[:pager] = Aws::Pager.new(
|
3267
|
+
limit_key: "max_results",
|
3268
|
+
tokens: {
|
3269
|
+
"next_token" => "next_token"
|
3270
|
+
}
|
3271
|
+
)
|
3272
|
+
end)
|
3273
|
+
|
3170
3274
|
api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
|
3171
3275
|
o.name = "ListTagsForResource"
|
3172
3276
|
o.http_method = "GET"
|
@@ -3239,6 +3343,18 @@ module Aws::SecurityHub
|
|
3239
3343
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
3240
3344
|
end)
|
3241
3345
|
|
3346
|
+
api.add_operation(:update_organization_configuration, Seahorse::Model::Operation.new.tap do |o|
|
3347
|
+
o.name = "UpdateOrganizationConfiguration"
|
3348
|
+
o.http_method = "POST"
|
3349
|
+
o.http_request_uri = "/organization/configuration"
|
3350
|
+
o.input = Shapes::ShapeRef.new(shape: UpdateOrganizationConfigurationRequest)
|
3351
|
+
o.output = Shapes::ShapeRef.new(shape: UpdateOrganizationConfigurationResponse)
|
3352
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3353
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3354
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3355
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3356
|
+
end)
|
3357
|
+
|
3242
3358
|
api.add_operation(:update_security_hub_configuration, Seahorse::Model::Operation.new.tap do |o|
|
3243
3359
|
o.name = "UpdateSecurityHubConfiguration"
|
3244
3360
|
o.http_method = "PATCH"
|
@@ -64,7 +64,7 @@ module Aws::SecurityHub
|
|
64
64
|
# data as a hash:
|
65
65
|
#
|
66
66
|
# {
|
67
|
-
# account_id: "AccountId",
|
67
|
+
# account_id: "AccountId", # required
|
68
68
|
# email: "NonEmptyString",
|
69
69
|
# }
|
70
70
|
#
|
@@ -109,6 +109,29 @@ module Aws::SecurityHub
|
|
109
109
|
include Aws::Structure
|
110
110
|
end
|
111
111
|
|
112
|
+
# Represents a Security Hub administrator account designated by an
|
113
|
+
# organization management account.
|
114
|
+
#
|
115
|
+
# @!attribute [rw] account_id
|
116
|
+
# The AWS account identifier of the Security Hub administrator
|
117
|
+
# account.
|
118
|
+
# @return [String]
|
119
|
+
#
|
120
|
+
# @!attribute [rw] status
|
121
|
+
# The current status of the Security Hub administrator account.
|
122
|
+
# Indicates whether the account is currently enabled as a Security Hub
|
123
|
+
# administrator.
|
124
|
+
# @return [String]
|
125
|
+
#
|
126
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AdminAccount AWS API Documentation
|
127
|
+
#
|
128
|
+
class AdminAccount < Struct.new(
|
129
|
+
:account_id,
|
130
|
+
:status)
|
131
|
+
SENSITIVE = []
|
132
|
+
include Aws::Structure
|
133
|
+
end
|
134
|
+
|
112
135
|
# Information about an Availability Zone.
|
113
136
|
#
|
114
137
|
# @note When making an API call, you may pass AvailabilityZone
|
@@ -15207,9 +15230,9 @@ module Aws::SecurityHub
|
|
15207
15230
|
# data as a hash:
|
15208
15231
|
#
|
15209
15232
|
# {
|
15210
|
-
# account_details: [
|
15233
|
+
# account_details: [ # required
|
15211
15234
|
# {
|
15212
|
-
# account_id: "AccountId",
|
15235
|
+
# account_id: "AccountId", # required
|
15213
15236
|
# email: "NonEmptyString",
|
15214
15237
|
# },
|
15215
15238
|
# ],
|
@@ -15217,8 +15240,8 @@ module Aws::SecurityHub
|
|
15217
15240
|
#
|
15218
15241
|
# @!attribute [rw] account_details
|
15219
15242
|
# The list of accounts to associate with the Security Hub master
|
15220
|
-
# account. For each account, the list includes the account ID and
|
15221
|
-
# email address.
|
15243
|
+
# account. For each account, the list includes the account ID and
|
15244
|
+
# optionally the email address.
|
15222
15245
|
# @return [Array<Types::AccountDetails>]
|
15223
15246
|
#
|
15224
15247
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
|
@@ -15470,7 +15493,7 @@ module Aws::SecurityHub
|
|
15470
15493
|
# data as a hash:
|
15471
15494
|
#
|
15472
15495
|
# {
|
15473
|
-
# account_ids: ["NonEmptyString"],
|
15496
|
+
# account_ids: ["NonEmptyString"], # required
|
15474
15497
|
# }
|
15475
15498
|
#
|
15476
15499
|
# @!attribute [rw] account_ids
|
@@ -15601,6 +15624,34 @@ module Aws::SecurityHub
|
|
15601
15624
|
include Aws::Structure
|
15602
15625
|
end
|
15603
15626
|
|
15627
|
+
# @api private
|
15628
|
+
#
|
15629
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationRequest AWS API Documentation
|
15630
|
+
#
|
15631
|
+
class DescribeOrganizationConfigurationRequest < Aws::EmptyStructure; end
|
15632
|
+
|
15633
|
+
# @!attribute [rw] auto_enable
|
15634
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
15635
|
+
# organization.
|
15636
|
+
#
|
15637
|
+
# If set to `true`, then Security Hub is enabled for new accounts. If
|
15638
|
+
# set to false, then new accounts are not added automatically.
|
15639
|
+
# @return [Boolean]
|
15640
|
+
#
|
15641
|
+
# @!attribute [rw] member_account_limit_reached
|
15642
|
+
# Whether the maximum number of allowed member accounts are already
|
15643
|
+
# associated with the Security Hub administrator account.
|
15644
|
+
# @return [Boolean]
|
15645
|
+
#
|
15646
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
|
15647
|
+
#
|
15648
|
+
class DescribeOrganizationConfigurationResponse < Struct.new(
|
15649
|
+
:auto_enable,
|
15650
|
+
:member_account_limit_reached)
|
15651
|
+
SENSITIVE = []
|
15652
|
+
include Aws::Structure
|
15653
|
+
end
|
15654
|
+
|
15604
15655
|
# @note When making an API call, you may pass DescribeProductsRequest
|
15605
15656
|
# data as a hash:
|
15606
15657
|
#
|
@@ -15660,7 +15711,8 @@ module Aws::SecurityHub
|
|
15660
15711
|
#
|
15661
15712
|
# @!attribute [rw] standards_subscription_arn
|
15662
15713
|
# The ARN of a resource that represents your subscription to a
|
15663
|
-
# supported standard.
|
15714
|
+
# supported standard. To get the subscription ARNs of the standards
|
15715
|
+
# you have enabled, use the ` GetEnabledStandards ` operation.
|
15664
15716
|
# @return [String]
|
15665
15717
|
#
|
15666
15718
|
# @!attribute [rw] next_token
|
@@ -15775,6 +15827,30 @@ module Aws::SecurityHub
|
|
15775
15827
|
#
|
15776
15828
|
class DisableImportFindingsForProductResponse < Aws::EmptyStructure; end
|
15777
15829
|
|
15830
|
+
# @note When making an API call, you may pass DisableOrganizationAdminAccountRequest
|
15831
|
+
# data as a hash:
|
15832
|
+
#
|
15833
|
+
# {
|
15834
|
+
# admin_account_id: "NonEmptyString", # required
|
15835
|
+
# }
|
15836
|
+
#
|
15837
|
+
# @!attribute [rw] admin_account_id
|
15838
|
+
# The AWS account identifier of the Security Hub administrator
|
15839
|
+
# account.
|
15840
|
+
# @return [String]
|
15841
|
+
#
|
15842
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountRequest AWS API Documentation
|
15843
|
+
#
|
15844
|
+
class DisableOrganizationAdminAccountRequest < Struct.new(
|
15845
|
+
:admin_account_id)
|
15846
|
+
SENSITIVE = []
|
15847
|
+
include Aws::Structure
|
15848
|
+
end
|
15849
|
+
|
15850
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountResponse AWS API Documentation
|
15851
|
+
#
|
15852
|
+
class DisableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
15853
|
+
|
15778
15854
|
# @api private
|
15779
15855
|
#
|
15780
15856
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubRequest AWS API Documentation
|
@@ -15799,7 +15875,7 @@ module Aws::SecurityHub
|
|
15799
15875
|
# data as a hash:
|
15800
15876
|
#
|
15801
15877
|
# {
|
15802
|
-
# account_ids: ["NonEmptyString"],
|
15878
|
+
# account_ids: ["NonEmptyString"], # required
|
15803
15879
|
# }
|
15804
15880
|
#
|
15805
15881
|
# @!attribute [rw] account_ids
|
@@ -15851,6 +15927,30 @@ module Aws::SecurityHub
|
|
15851
15927
|
include Aws::Structure
|
15852
15928
|
end
|
15853
15929
|
|
15930
|
+
# @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
|
15931
|
+
# data as a hash:
|
15932
|
+
#
|
15933
|
+
# {
|
15934
|
+
# admin_account_id: "NonEmptyString", # required
|
15935
|
+
# }
|
15936
|
+
#
|
15937
|
+
# @!attribute [rw] admin_account_id
|
15938
|
+
# The AWS account identifier of the account to designate as the
|
15939
|
+
# Security Hub administrator account.
|
15940
|
+
# @return [String]
|
15941
|
+
#
|
15942
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountRequest AWS API Documentation
|
15943
|
+
#
|
15944
|
+
class EnableOrganizationAdminAccountRequest < Struct.new(
|
15945
|
+
:admin_account_id)
|
15946
|
+
SENSITIVE = []
|
15947
|
+
include Aws::Structure
|
15948
|
+
end
|
15949
|
+
|
15950
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountResponse AWS API Documentation
|
15951
|
+
#
|
15952
|
+
class EnableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
15953
|
+
|
15854
15954
|
# @note When making an API call, you may pass EnableSecurityHubRequest
|
15855
15955
|
# data as a hash:
|
15856
15956
|
#
|
@@ -16858,8 +16958,9 @@ module Aws::SecurityHub
|
|
16858
16958
|
include Aws::Structure
|
16859
16959
|
end
|
16860
16960
|
|
16861
|
-
#
|
16862
|
-
#
|
16961
|
+
# There is an issue with the account used to make the request. Either
|
16962
|
+
# Security Hub is not enabled for the account, or the account does not
|
16963
|
+
# have permission to perform this action.
|
16863
16964
|
#
|
16864
16965
|
# @!attribute [rw] message
|
16865
16966
|
# @return [String]
|
@@ -16929,7 +17030,7 @@ module Aws::SecurityHub
|
|
16929
17030
|
# data as a hash:
|
16930
17031
|
#
|
16931
17032
|
# {
|
16932
|
-
# account_ids: ["NonEmptyString"],
|
17033
|
+
# account_ids: ["NonEmptyString"], # required
|
16933
17034
|
# }
|
16934
17035
|
#
|
16935
17036
|
# @!attribute [rw] account_ids
|
@@ -17034,8 +17135,8 @@ module Aws::SecurityHub
|
|
17034
17135
|
end
|
17035
17136
|
|
17036
17137
|
# The request was rejected because it attempted to create resources
|
17037
|
-
# beyond the current AWS account limits. The error code
|
17038
|
-
# limit exceeded.
|
17138
|
+
# beyond the current AWS account or throttling limits. The error code
|
17139
|
+
# describes the limit exceeded.
|
17039
17140
|
#
|
17040
17141
|
# @!attribute [rw] message
|
17041
17142
|
# @return [String]
|
@@ -17165,7 +17266,7 @@ module Aws::SecurityHub
|
|
17165
17266
|
#
|
17166
17267
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
17167
17268
|
# accounts whose relationship status with the master is set to
|
17168
|
-
# `ENABLED
|
17269
|
+
# `ENABLED`.
|
17169
17270
|
#
|
17170
17271
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
17171
17272
|
# existing member accounts.
|
@@ -17211,6 +17312,52 @@ module Aws::SecurityHub
|
|
17211
17312
|
include Aws::Structure
|
17212
17313
|
end
|
17213
17314
|
|
17315
|
+
# @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
|
17316
|
+
# data as a hash:
|
17317
|
+
#
|
17318
|
+
# {
|
17319
|
+
# max_results: 1,
|
17320
|
+
# next_token: "NextToken",
|
17321
|
+
# }
|
17322
|
+
#
|
17323
|
+
# @!attribute [rw] max_results
|
17324
|
+
# The maximum number of items to return in the response.
|
17325
|
+
# @return [Integer]
|
17326
|
+
#
|
17327
|
+
# @!attribute [rw] next_token
|
17328
|
+
# The token that is required for pagination. On your first call to the
|
17329
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
17330
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
17331
|
+
# continue listing data, set the value of this parameter to the value
|
17332
|
+
# returned from the previous response.
|
17333
|
+
# @return [String]
|
17334
|
+
#
|
17335
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsRequest AWS API Documentation
|
17336
|
+
#
|
17337
|
+
class ListOrganizationAdminAccountsRequest < Struct.new(
|
17338
|
+
:max_results,
|
17339
|
+
:next_token)
|
17340
|
+
SENSITIVE = []
|
17341
|
+
include Aws::Structure
|
17342
|
+
end
|
17343
|
+
|
17344
|
+
# @!attribute [rw] admin_accounts
|
17345
|
+
# The list of Security Hub administrator accounts.
|
17346
|
+
# @return [Array<Types::AdminAccount>]
|
17347
|
+
#
|
17348
|
+
# @!attribute [rw] next_token
|
17349
|
+
# The pagination token to use to request the next page of results.
|
17350
|
+
# @return [String]
|
17351
|
+
#
|
17352
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsResponse AWS API Documentation
|
17353
|
+
#
|
17354
|
+
class ListOrganizationAdminAccountsResponse < Struct.new(
|
17355
|
+
:admin_accounts,
|
17356
|
+
:next_token)
|
17357
|
+
SENSITIVE = []
|
17358
|
+
include Aws::Structure
|
17359
|
+
end
|
17360
|
+
|
17214
17361
|
# @note When making an API call, you may pass ListTagsForResourceRequest
|
17215
17362
|
# data as a hash:
|
17216
17363
|
#
|
@@ -17401,8 +17548,9 @@ module Aws::SecurityHub
|
|
17401
17548
|
# account. The member account has not yet responded to the
|
17402
17549
|
# invitation.
|
17403
17550
|
#
|
17404
|
-
# * `
|
17405
|
-
#
|
17551
|
+
# * `ENABLED` - Indicates that the member account is currently active.
|
17552
|
+
# For manually invited member accounts, indicates that the member
|
17553
|
+
# account accepted the invitation.
|
17406
17554
|
#
|
17407
17555
|
# * `REMOVED` - Indicates that the master account disassociated the
|
17408
17556
|
# member account.
|
@@ -22984,6 +23132,36 @@ module Aws::SecurityHub
|
|
22984
23132
|
#
|
22985
23133
|
class UpdateInsightResponse < Aws::EmptyStructure; end
|
22986
23134
|
|
23135
|
+
# @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
|
23136
|
+
# data as a hash:
|
23137
|
+
#
|
23138
|
+
# {
|
23139
|
+
# auto_enable: false, # required
|
23140
|
+
# }
|
23141
|
+
#
|
23142
|
+
# @!attribute [rw] auto_enable
|
23143
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
23144
|
+
# organization.
|
23145
|
+
#
|
23146
|
+
# By default, this is `false`, and new accounts are not added
|
23147
|
+
# automatically.
|
23148
|
+
#
|
23149
|
+
# To automatically enable Security Hub for new accounts, set this to
|
23150
|
+
# `true`.
|
23151
|
+
# @return [Boolean]
|
23152
|
+
#
|
23153
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
|
23154
|
+
#
|
23155
|
+
class UpdateOrganizationConfigurationRequest < Struct.new(
|
23156
|
+
:auto_enable)
|
23157
|
+
SENSITIVE = []
|
23158
|
+
include Aws::Structure
|
23159
|
+
end
|
23160
|
+
|
23161
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationResponse AWS API Documentation
|
23162
|
+
#
|
23163
|
+
class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
|
23164
|
+
|
22987
23165
|
# @note When making an API call, you may pass UpdateSecurityHubConfigurationRequest
|
22988
23166
|
# data as a hash:
|
22989
23167
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-securityhub
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.36.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-11-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|