aws-sdk-securityhub 1.35.0 → 1.40.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +480 -41
- data/lib/aws-sdk-securityhub/client_api.rb +269 -7
- data/lib/aws-sdk-securityhub/types.rb +1786 -26
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9e28f25a65dbe964824ca46f0cf01b8386869134afac55c944d47a7d1a30aaf7
|
|
4
|
+
data.tar.gz: b3ab2b6abd65e1f20aec854b7363e64f510cfae9b407c58563da2bc6aca5d8d4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 60bc5fa47df606b498d67d027b7bf9416633fcd35abc83e12426fbd06edbd648061af82742cea4acba4f84877ff7b6709e76d065d975094a0f60103eab5e6296
|
|
7
|
+
data.tar.gz: dfbce52331aaf49d1fba555c28c24c4d3b8f618da3f85698c47f260de8701aa34892da8502b897139843a0bfc8aa7765df18edf1d04ea8dadc6664f4d5073e50
|
data/lib/aws-sdk-securityhub.rb
CHANGED
|
@@ -330,6 +330,9 @@ module Aws::SecurityHub
|
|
|
330
330
|
# Accepts the invitation to be a member account and be monitored by the
|
|
331
331
|
# Security Hub master account that the invitation was sent from.
|
|
332
332
|
#
|
|
333
|
+
# This operation is only used by member accounts that are not added
|
|
334
|
+
# through Organizations.
|
|
335
|
+
#
|
|
333
336
|
# When the member account accepts the invitation, permission is granted
|
|
334
337
|
# to the master account to view findings generated in the member
|
|
335
338
|
# account.
|
|
@@ -460,24 +463,30 @@ module Aws::SecurityHub
|
|
|
460
463
|
# update the following finding fields and objects, which Security Hub
|
|
461
464
|
# customers use to manage their investigation workflow.
|
|
462
465
|
#
|
|
466
|
+
# * `Note`
|
|
467
|
+
#
|
|
468
|
+
# * `UserDefinedFields`
|
|
469
|
+
#
|
|
470
|
+
# * `VerificationState`
|
|
471
|
+
#
|
|
472
|
+
# * `Workflow`
|
|
473
|
+
#
|
|
474
|
+
# `BatchImportFindings` can be used to update the following finding
|
|
475
|
+
# fields and objects only if they have not been updated using
|
|
476
|
+
# `BatchUpdateFindings`. After they are updated using
|
|
477
|
+
# `BatchUpdateFindings`, these fields cannot be updated using
|
|
478
|
+
# `BatchImportFindings`.
|
|
479
|
+
#
|
|
463
480
|
# * `Confidence`
|
|
464
481
|
#
|
|
465
482
|
# * `Criticality`
|
|
466
483
|
#
|
|
467
|
-
# * `Note`
|
|
468
|
-
#
|
|
469
484
|
# * `RelatedFindings`
|
|
470
485
|
#
|
|
471
486
|
# * `Severity`
|
|
472
487
|
#
|
|
473
488
|
# * `Types`
|
|
474
489
|
#
|
|
475
|
-
# * `UserDefinedFields`
|
|
476
|
-
#
|
|
477
|
-
# * `VerificationState`
|
|
478
|
-
#
|
|
479
|
-
# * `Workflow`
|
|
480
|
-
#
|
|
481
490
|
# @option params [required, Array<Types::AwsSecurityFinding>] :findings
|
|
482
491
|
# A list of findings to import. To successfully import a finding, it
|
|
483
492
|
# must follow the [AWS Security Finding Format][1]. Maximum of 100
|
|
@@ -742,6 +751,19 @@ module Aws::SecurityHub
|
|
|
742
751
|
# },
|
|
743
752
|
# ],
|
|
744
753
|
# source_dest_check: false,
|
|
754
|
+
# ip_v6_addresses: [
|
|
755
|
+
# {
|
|
756
|
+
# ip_v6_address: "NonEmptyString",
|
|
757
|
+
# },
|
|
758
|
+
# ],
|
|
759
|
+
# private_ip_addresses: [
|
|
760
|
+
# {
|
|
761
|
+
# private_ip_address: "NonEmptyString",
|
|
762
|
+
# private_dns_name: "NonEmptyString",
|
|
763
|
+
# },
|
|
764
|
+
# ],
|
|
765
|
+
# public_dns_name: "NonEmptyString",
|
|
766
|
+
# public_ip: "NonEmptyString",
|
|
745
767
|
# },
|
|
746
768
|
# aws_ec2_security_group: {
|
|
747
769
|
# group_name: "NonEmptyString",
|
|
@@ -1242,6 +1264,30 @@ module Aws::SecurityHub
|
|
|
1242
1264
|
# sns_topic_name: "NonEmptyString",
|
|
1243
1265
|
# trail_arn: "NonEmptyString",
|
|
1244
1266
|
# },
|
|
1267
|
+
# aws_ssm_patch_compliance: {
|
|
1268
|
+
# patch: {
|
|
1269
|
+
# compliance_summary: {
|
|
1270
|
+
# status: "NonEmptyString",
|
|
1271
|
+
# compliant_critical_count: 1,
|
|
1272
|
+
# compliant_high_count: 1,
|
|
1273
|
+
# compliant_medium_count: 1,
|
|
1274
|
+
# execution_type: "NonEmptyString",
|
|
1275
|
+
# non_compliant_critical_count: 1,
|
|
1276
|
+
# compliant_informational_count: 1,
|
|
1277
|
+
# non_compliant_informational_count: 1,
|
|
1278
|
+
# compliant_unspecified_count: 1,
|
|
1279
|
+
# non_compliant_low_count: 1,
|
|
1280
|
+
# non_compliant_high_count: 1,
|
|
1281
|
+
# compliant_low_count: 1,
|
|
1282
|
+
# compliance_type: "NonEmptyString",
|
|
1283
|
+
# patch_baseline_id: "NonEmptyString",
|
|
1284
|
+
# overall_severity: "NonEmptyString",
|
|
1285
|
+
# non_compliant_medium_count: 1,
|
|
1286
|
+
# non_compliant_unspecified_count: 1,
|
|
1287
|
+
# patch_group: "NonEmptyString",
|
|
1288
|
+
# },
|
|
1289
|
+
# },
|
|
1290
|
+
# },
|
|
1245
1291
|
# aws_certificate_manager_certificate: {
|
|
1246
1292
|
# certificate_authority_arn: "NonEmptyString",
|
|
1247
1293
|
# created_at: "NonEmptyString",
|
|
@@ -2018,6 +2064,114 @@ module Aws::SecurityHub
|
|
|
2018
2064
|
# reboot_option: "NonEmptyString",
|
|
2019
2065
|
# operation: "NonEmptyString",
|
|
2020
2066
|
# },
|
|
2067
|
+
# action: {
|
|
2068
|
+
# action_type: "NonEmptyString",
|
|
2069
|
+
# network_connection_action: {
|
|
2070
|
+
# connection_direction: "NonEmptyString",
|
|
2071
|
+
# remote_ip_details: {
|
|
2072
|
+
# ip_address_v4: "NonEmptyString",
|
|
2073
|
+
# organization: {
|
|
2074
|
+
# asn: 1,
|
|
2075
|
+
# asn_org: "NonEmptyString",
|
|
2076
|
+
# isp: "NonEmptyString",
|
|
2077
|
+
# org: "NonEmptyString",
|
|
2078
|
+
# },
|
|
2079
|
+
# country: {
|
|
2080
|
+
# country_code: "NonEmptyString",
|
|
2081
|
+
# country_name: "NonEmptyString",
|
|
2082
|
+
# },
|
|
2083
|
+
# city: {
|
|
2084
|
+
# city_name: "NonEmptyString",
|
|
2085
|
+
# },
|
|
2086
|
+
# geo_location: {
|
|
2087
|
+
# lon: 1.0,
|
|
2088
|
+
# lat: 1.0,
|
|
2089
|
+
# },
|
|
2090
|
+
# },
|
|
2091
|
+
# remote_port_details: {
|
|
2092
|
+
# port: 1,
|
|
2093
|
+
# port_name: "NonEmptyString",
|
|
2094
|
+
# },
|
|
2095
|
+
# local_port_details: {
|
|
2096
|
+
# port: 1,
|
|
2097
|
+
# port_name: "NonEmptyString",
|
|
2098
|
+
# },
|
|
2099
|
+
# protocol: "NonEmptyString",
|
|
2100
|
+
# blocked: false,
|
|
2101
|
+
# },
|
|
2102
|
+
# aws_api_call_action: {
|
|
2103
|
+
# api: "NonEmptyString",
|
|
2104
|
+
# service_name: "NonEmptyString",
|
|
2105
|
+
# caller_type: "NonEmptyString",
|
|
2106
|
+
# remote_ip_details: {
|
|
2107
|
+
# ip_address_v4: "NonEmptyString",
|
|
2108
|
+
# organization: {
|
|
2109
|
+
# asn: 1,
|
|
2110
|
+
# asn_org: "NonEmptyString",
|
|
2111
|
+
# isp: "NonEmptyString",
|
|
2112
|
+
# org: "NonEmptyString",
|
|
2113
|
+
# },
|
|
2114
|
+
# country: {
|
|
2115
|
+
# country_code: "NonEmptyString",
|
|
2116
|
+
# country_name: "NonEmptyString",
|
|
2117
|
+
# },
|
|
2118
|
+
# city: {
|
|
2119
|
+
# city_name: "NonEmptyString",
|
|
2120
|
+
# },
|
|
2121
|
+
# geo_location: {
|
|
2122
|
+
# lon: 1.0,
|
|
2123
|
+
# lat: 1.0,
|
|
2124
|
+
# },
|
|
2125
|
+
# },
|
|
2126
|
+
# domain_details: {
|
|
2127
|
+
# domain: "NonEmptyString",
|
|
2128
|
+
# },
|
|
2129
|
+
# affected_resources: {
|
|
2130
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
2131
|
+
# },
|
|
2132
|
+
# first_seen: "NonEmptyString",
|
|
2133
|
+
# last_seen: "NonEmptyString",
|
|
2134
|
+
# },
|
|
2135
|
+
# dns_request_action: {
|
|
2136
|
+
# domain: "NonEmptyString",
|
|
2137
|
+
# protocol: "NonEmptyString",
|
|
2138
|
+
# blocked: false,
|
|
2139
|
+
# },
|
|
2140
|
+
# port_probe_action: {
|
|
2141
|
+
# port_probe_details: [
|
|
2142
|
+
# {
|
|
2143
|
+
# local_port_details: {
|
|
2144
|
+
# port: 1,
|
|
2145
|
+
# port_name: "NonEmptyString",
|
|
2146
|
+
# },
|
|
2147
|
+
# local_ip_details: {
|
|
2148
|
+
# ip_address_v4: "NonEmptyString",
|
|
2149
|
+
# },
|
|
2150
|
+
# remote_ip_details: {
|
|
2151
|
+
# ip_address_v4: "NonEmptyString",
|
|
2152
|
+
# organization: {
|
|
2153
|
+
# asn: 1,
|
|
2154
|
+
# asn_org: "NonEmptyString",
|
|
2155
|
+
# isp: "NonEmptyString",
|
|
2156
|
+
# org: "NonEmptyString",
|
|
2157
|
+
# },
|
|
2158
|
+
# country: {
|
|
2159
|
+
# country_code: "NonEmptyString",
|
|
2160
|
+
# country_name: "NonEmptyString",
|
|
2161
|
+
# },
|
|
2162
|
+
# city: {
|
|
2163
|
+
# city_name: "NonEmptyString",
|
|
2164
|
+
# },
|
|
2165
|
+
# geo_location: {
|
|
2166
|
+
# lon: 1.0,
|
|
2167
|
+
# lat: 1.0,
|
|
2168
|
+
# },
|
|
2169
|
+
# },
|
|
2170
|
+
# },
|
|
2171
|
+
# ],
|
|
2172
|
+
# blocked: false,
|
|
2173
|
+
# },
|
|
2174
|
+
# },
|
|
2021
2175
|
# },
|
|
2022
2176
|
# ],
|
|
2023
2177
|
# })
|
|
@@ -2854,29 +3008,48 @@ module Aws::SecurityHub
|
|
|
2854
3008
|
|
|
2855
3009
|
# Creates a member association in Security Hub between the specified
|
|
2856
3010
|
# accounts and the account used to make the request, which is the master
|
|
2857
|
-
# account.
|
|
2858
|
-
#
|
|
2859
|
-
#
|
|
3011
|
+
# account. If you are integrated with Organizations, then the master
|
|
3012
|
+
# account is the Security Hub administrator account that is designated
|
|
3013
|
+
# by the organization management account.
|
|
3014
|
+
#
|
|
3015
|
+
# `CreateMembers` is always used to add accounts that are not
|
|
3016
|
+
# organization members.
|
|
3017
|
+
#
|
|
3018
|
+
# For accounts that are part of an organization, `CreateMembers` is only
|
|
3019
|
+
# used in the following cases:
|
|
2860
3020
|
#
|
|
2861
|
-
#
|
|
2862
|
-
#
|
|
2863
|
-
# the accounts to enable Security Hub and become member accounts in
|
|
2864
|
-
# Security Hub.
|
|
3021
|
+
# * Security Hub is not configured to automatically add new accounts in
|
|
3022
|
+
# an organization.
|
|
2865
3023
|
#
|
|
2866
|
-
#
|
|
2867
|
-
#
|
|
2868
|
-
#
|
|
2869
|
-
#
|
|
2870
|
-
#
|
|
3024
|
+
# * The account was disassociated or deleted in Security Hub.
|
|
3025
|
+
#
|
|
3026
|
+
# This action can only be used by an account that has Security Hub
|
|
3027
|
+
# enabled. To enable Security Hub, you can use the ` EnableSecurityHub `
|
|
3028
|
+
# operation.
|
|
3029
|
+
#
|
|
3030
|
+
# For accounts that are not organization members, you create the account
|
|
3031
|
+
# association and then send an invitation to the member account. To send
|
|
3032
|
+
# the invitation, you use the ` InviteMembers ` operation. If the
|
|
3033
|
+
# account owner accepts the invitation, the account becomes a member
|
|
3034
|
+
# account in Security Hub.
|
|
3035
|
+
#
|
|
3036
|
+
# Accounts that are part of an organization do not receive an
|
|
3037
|
+
# invitation. They automatically become a member account in Security
|
|
3038
|
+
# Hub.
|
|
3039
|
+
#
|
|
3040
|
+
# A permissions policy is added that permits the master account to view
|
|
3041
|
+
# the findings generated in the member account. When Security Hub is
|
|
3042
|
+
# enabled in a member account, findings are sent to both the member and
|
|
3043
|
+
# master accounts.
|
|
2871
3044
|
#
|
|
2872
3045
|
# To remove the association between the master and member accounts, use
|
|
2873
3046
|
# the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
|
|
2874
3047
|
# operation.
|
|
2875
3048
|
#
|
|
2876
|
-
# @option params [Array<Types::AccountDetails>] :account_details
|
|
3049
|
+
# @option params [required, Array<Types::AccountDetails>] :account_details
|
|
2877
3050
|
# The list of accounts to associate with the Security Hub master
|
|
2878
|
-
# account. For each account, the list includes the account ID and
|
|
2879
|
-
# email address.
|
|
3051
|
+
# account. For each account, the list includes the account ID and
|
|
3052
|
+
# optionally the email address.
|
|
2880
3053
|
#
|
|
2881
3054
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2882
3055
|
#
|
|
@@ -2885,9 +3058,9 @@ module Aws::SecurityHub
|
|
|
2885
3058
|
# @example Request syntax with placeholder values
|
|
2886
3059
|
#
|
|
2887
3060
|
# resp = client.create_members({
|
|
2888
|
-
# account_details: [
|
|
3061
|
+
# account_details: [ # required
|
|
2889
3062
|
# {
|
|
2890
|
-
# account_id: "AccountId",
|
|
3063
|
+
# account_id: "AccountId", # required
|
|
2891
3064
|
# email: "NonEmptyString",
|
|
2892
3065
|
# },
|
|
2893
3066
|
# ],
|
|
@@ -2910,6 +3083,9 @@ module Aws::SecurityHub
|
|
|
2910
3083
|
|
|
2911
3084
|
# Declines invitations to become a member account.
|
|
2912
3085
|
#
|
|
3086
|
+
# This operation is only used by accounts that are not part of an
|
|
3087
|
+
# organization. Organization accounts do not receive invitations.
|
|
3088
|
+
#
|
|
2913
3089
|
# @option params [required, Array<String>] :account_ids
|
|
2914
3090
|
# The list of account IDs for the accounts from which to decline the
|
|
2915
3091
|
# invitations to Security Hub.
|
|
@@ -3002,6 +3178,9 @@ module Aws::SecurityHub
|
|
|
3002
3178
|
# Deletes invitations received by the AWS account to become a member
|
|
3003
3179
|
# account.
|
|
3004
3180
|
#
|
|
3181
|
+
# This operation is only used by accounts that are not part of an
|
|
3182
|
+
# organization. Organization accounts do not receive invitations.
|
|
3183
|
+
#
|
|
3005
3184
|
# @option params [required, Array<String>] :account_ids
|
|
3006
3185
|
# The list of the account IDs that sent the invitations to delete.
|
|
3007
3186
|
#
|
|
@@ -3032,7 +3211,10 @@ module Aws::SecurityHub
|
|
|
3032
3211
|
|
|
3033
3212
|
# Deletes the specified member accounts from Security Hub.
|
|
3034
3213
|
#
|
|
3035
|
-
#
|
|
3214
|
+
# Can be used to delete member accounts that belong to an organization
|
|
3215
|
+
# as well as member accounts that were invited manually.
|
|
3216
|
+
#
|
|
3217
|
+
# @option params [required, Array<String>] :account_ids
|
|
3036
3218
|
# The list of account IDs for the member accounts to delete.
|
|
3037
3219
|
#
|
|
3038
3220
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
@@ -3042,7 +3224,7 @@ module Aws::SecurityHub
|
|
|
3042
3224
|
# @example Request syntax with placeholder values
|
|
3043
3225
|
#
|
|
3044
3226
|
# resp = client.delete_members({
|
|
3045
|
-
# account_ids: ["NonEmptyString"],
|
|
3227
|
+
# account_ids: ["NonEmptyString"], # required
|
|
3046
3228
|
# })
|
|
3047
3229
|
#
|
|
3048
3230
|
# @example Response structure
|
|
@@ -3144,9 +3326,35 @@ module Aws::SecurityHub
|
|
|
3144
3326
|
req.send_request(options)
|
|
3145
3327
|
end
|
|
3146
3328
|
|
|
3147
|
-
# Returns information about the
|
|
3148
|
-
#
|
|
3149
|
-
#
|
|
3329
|
+
# Returns information about the Organizations configuration for Security
|
|
3330
|
+
# Hub. Can only be called from a Security Hub administrator account.
|
|
3331
|
+
#
|
|
3332
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3333
|
+
#
|
|
3334
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
3335
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
3336
|
+
#
|
|
3337
|
+
# @example Response structure
|
|
3338
|
+
#
|
|
3339
|
+
# resp.auto_enable #=> Boolean
|
|
3340
|
+
# resp.member_account_limit_reached #=> Boolean
|
|
3341
|
+
#
|
|
3342
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
|
3343
|
+
#
|
|
3344
|
+
# @overload describe_organization_configuration(params = {})
|
|
3345
|
+
# @param [Hash] params ({})
|
|
3346
|
+
def describe_organization_configuration(params = {}, options = {})
|
|
3347
|
+
req = build_request(:describe_organization_configuration, params)
|
|
3348
|
+
req.send_request(options)
|
|
3349
|
+
end
|
|
3350
|
+
|
|
3351
|
+
# Returns information about product integrations in Security Hub.
|
|
3352
|
+
#
|
|
3353
|
+
# You can optionally provide an integration ARN. If you provide an
|
|
3354
|
+
# integration ARN, then the results only include that integration.
|
|
3355
|
+
#
|
|
3356
|
+
# If you do not provide an integration ARN, then the results include all
|
|
3357
|
+
# of the available product integrations.
|
|
3150
3358
|
#
|
|
3151
3359
|
# @option params [String] :next_token
|
|
3152
3360
|
# The token that is required for pagination. On your first call to the
|
|
@@ -3160,6 +3368,9 @@ module Aws::SecurityHub
|
|
|
3160
3368
|
# @option params [Integer] :max_results
|
|
3161
3369
|
# The maximum number of results to return.
|
|
3162
3370
|
#
|
|
3371
|
+
# @option params [String] :product_arn
|
|
3372
|
+
# The ARN of the integration to return.
|
|
3373
|
+
#
|
|
3163
3374
|
# @return [Types::DescribeProductsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3164
3375
|
#
|
|
3165
3376
|
# * {Types::DescribeProductsResponse#products #products} => Array<Types::Product>
|
|
@@ -3172,6 +3383,7 @@ module Aws::SecurityHub
|
|
|
3172
3383
|
# resp = client.describe_products({
|
|
3173
3384
|
# next_token: "NextToken",
|
|
3174
3385
|
# max_results: 1,
|
|
3386
|
+
# product_arn: "NonEmptyString",
|
|
3175
3387
|
# })
|
|
3176
3388
|
#
|
|
3177
3389
|
# @example Response structure
|
|
@@ -3256,7 +3468,8 @@ module Aws::SecurityHub
|
|
|
3256
3468
|
#
|
|
3257
3469
|
# @option params [required, String] :standards_subscription_arn
|
|
3258
3470
|
# The ARN of a resource that represents your subscription to a supported
|
|
3259
|
-
# standard.
|
|
3471
|
+
# standard. To get the subscription ARNs of the standards you have
|
|
3472
|
+
# enabled, use the ` GetEnabledStandards ` operation.
|
|
3260
3473
|
#
|
|
3261
3474
|
# @option params [String] :next_token
|
|
3262
3475
|
# The token that is required for pagination. On your first call to the
|
|
@@ -3334,6 +3547,29 @@ module Aws::SecurityHub
|
|
|
3334
3547
|
req.send_request(options)
|
|
3335
3548
|
end
|
|
3336
3549
|
|
|
3550
|
+
# Disables a Security Hub administrator account. Can only be called by
|
|
3551
|
+
# the organization management account.
|
|
3552
|
+
#
|
|
3553
|
+
# @option params [required, String] :admin_account_id
|
|
3554
|
+
# The AWS account identifier of the Security Hub administrator account.
|
|
3555
|
+
#
|
|
3556
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3557
|
+
#
|
|
3558
|
+
# @example Request syntax with placeholder values
|
|
3559
|
+
#
|
|
3560
|
+
# resp = client.disable_organization_admin_account({
|
|
3561
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3562
|
+
# })
|
|
3563
|
+
#
|
|
3564
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
|
3565
|
+
#
|
|
3566
|
+
# @overload disable_organization_admin_account(params = {})
|
|
3567
|
+
# @param [Hash] params ({})
|
|
3568
|
+
def disable_organization_admin_account(params = {}, options = {})
|
|
3569
|
+
req = build_request(:disable_organization_admin_account, params)
|
|
3570
|
+
req.send_request(options)
|
|
3571
|
+
end
|
|
3572
|
+
|
|
3337
3573
|
# Disables Security Hub in your account only in the current Region. To
|
|
3338
3574
|
# disable Security Hub in all Regions, you must submit one request per
|
|
3339
3575
|
# Region where you have enabled Security Hub.
|
|
@@ -3363,6 +3599,11 @@ module Aws::SecurityHub
|
|
|
3363
3599
|
# Disassociates the current Security Hub member account from the
|
|
3364
3600
|
# associated master account.
|
|
3365
3601
|
#
|
|
3602
|
+
# This operation is only used by accounts that are not part of an
|
|
3603
|
+
# organization. For organization accounts, only the master account (the
|
|
3604
|
+
# designated Security Hub administrator) can disassociate a member
|
|
3605
|
+
# account.
|
|
3606
|
+
#
|
|
3366
3607
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3367
3608
|
#
|
|
3368
3609
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccount AWS API Documentation
|
|
@@ -3377,7 +3618,10 @@ module Aws::SecurityHub
|
|
|
3377
3618
|
# Disassociates the specified member accounts from the associated master
|
|
3378
3619
|
# account.
|
|
3379
3620
|
#
|
|
3380
|
-
#
|
|
3621
|
+
# Can be used to disassociate both accounts that are in an organization
|
|
3622
|
+
# and accounts that were invited manually.
|
|
3623
|
+
#
|
|
3624
|
+
# @option params [required, Array<String>] :account_ids
|
|
3381
3625
|
# The account IDs of the member accounts to disassociate from the master
|
|
3382
3626
|
# account.
|
|
3383
3627
|
#
|
|
@@ -3386,7 +3630,7 @@ module Aws::SecurityHub
|
|
|
3386
3630
|
# @example Request syntax with placeholder values
|
|
3387
3631
|
#
|
|
3388
3632
|
# resp = client.disassociate_members({
|
|
3389
|
-
# account_ids: ["NonEmptyString"],
|
|
3633
|
+
# account_ids: ["NonEmptyString"], # required
|
|
3390
3634
|
# })
|
|
3391
3635
|
#
|
|
3392
3636
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembers AWS API Documentation
|
|
@@ -3431,6 +3675,30 @@ module Aws::SecurityHub
|
|
|
3431
3675
|
req.send_request(options)
|
|
3432
3676
|
end
|
|
3433
3677
|
|
|
3678
|
+
# Designates the Security Hub administrator account for an organization.
|
|
3679
|
+
# Can only be called by the organization management account.
|
|
3680
|
+
#
|
|
3681
|
+
# @option params [required, String] :admin_account_id
|
|
3682
|
+
# The AWS account identifier of the account to designate as the Security
|
|
3683
|
+
# Hub administrator account.
|
|
3684
|
+
#
|
|
3685
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3686
|
+
#
|
|
3687
|
+
# @example Request syntax with placeholder values
|
|
3688
|
+
#
|
|
3689
|
+
# resp = client.enable_organization_admin_account({
|
|
3690
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3691
|
+
# })
|
|
3692
|
+
#
|
|
3693
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
|
3694
|
+
#
|
|
3695
|
+
# @overload enable_organization_admin_account(params = {})
|
|
3696
|
+
# @param [Hash] params ({})
|
|
3697
|
+
def enable_organization_admin_account(params = {}, options = {})
|
|
3698
|
+
req = build_request(:enable_organization_admin_account, params)
|
|
3699
|
+
req.send_request(options)
|
|
3700
|
+
end
|
|
3701
|
+
|
|
3434
3702
|
# Enables Security Hub for your account in the current Region or the
|
|
3435
3703
|
# Region you specify in the request.
|
|
3436
3704
|
#
|
|
@@ -4307,6 +4575,13 @@ module Aws::SecurityHub
|
|
|
4307
4575
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_name #=> String
|
|
4308
4576
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_id #=> String
|
|
4309
4577
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.source_dest_check #=> Boolean
|
|
4578
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses #=> Array
|
|
4579
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses[0].ip_v6_address #=> String
|
|
4580
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses #=> Array
|
|
4581
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_ip_address #=> String
|
|
4582
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_dns_name #=> String
|
|
4583
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_dns_name #=> String
|
|
4584
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_ip #=> String
|
|
4310
4585
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_name #=> String
|
|
4311
4586
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_id #=> String
|
|
4312
4587
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.owner_id #=> String
|
|
@@ -4640,6 +4915,24 @@ module Aws::SecurityHub
|
|
|
4640
4915
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_arn #=> String
|
|
4641
4916
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_name #=> String
|
|
4642
4917
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.trail_arn #=> String
|
|
4918
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.status #=> String
|
|
4919
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_critical_count #=> Integer
|
|
4920
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_high_count #=> Integer
|
|
4921
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_medium_count #=> Integer
|
|
4922
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.execution_type #=> String
|
|
4923
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_critical_count #=> Integer
|
|
4924
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_informational_count #=> Integer
|
|
4925
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_informational_count #=> Integer
|
|
4926
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_unspecified_count #=> Integer
|
|
4927
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_low_count #=> Integer
|
|
4928
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_high_count #=> Integer
|
|
4929
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_low_count #=> Integer
|
|
4930
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliance_type #=> String
|
|
4931
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_baseline_id #=> String
|
|
4932
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.overall_severity #=> String
|
|
4933
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_medium_count #=> Integer
|
|
4934
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_unspecified_count #=> Integer
|
|
4935
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_group #=> String
|
|
4643
4936
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.certificate_authority_arn #=> String
|
|
4644
4937
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.created_at #=> String
|
|
4645
4938
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_name #=> String
|
|
@@ -5189,6 +5482,60 @@ module Aws::SecurityHub
|
|
|
5189
5482
|
# resp.findings[0].patch_summary.operation_end_time #=> String
|
|
5190
5483
|
# resp.findings[0].patch_summary.reboot_option #=> String
|
|
5191
5484
|
# resp.findings[0].patch_summary.operation #=> String
|
|
5485
|
+
# resp.findings[0].action.action_type #=> String
|
|
5486
|
+
# resp.findings[0].action.network_connection_action.connection_direction #=> String
|
|
5487
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.ip_address_v4 #=> String
|
|
5488
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn #=> Integer
|
|
5489
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn_org #=> String
|
|
5490
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.isp #=> String
|
|
5491
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.org #=> String
|
|
5492
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_code #=> String
|
|
5493
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_name #=> String
|
|
5494
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.city.city_name #=> String
|
|
5495
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lon #=> Float
|
|
5496
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lat #=> Float
|
|
5497
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port #=> Integer
|
|
5498
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port_name #=> String
|
|
5499
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port #=> Integer
|
|
5500
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port_name #=> String
|
|
5501
|
+
# resp.findings[0].action.network_connection_action.protocol #=> String
|
|
5502
|
+
# resp.findings[0].action.network_connection_action.blocked #=> Boolean
|
|
5503
|
+
# resp.findings[0].action.aws_api_call_action.api #=> String
|
|
5504
|
+
# resp.findings[0].action.aws_api_call_action.service_name #=> String
|
|
5505
|
+
# resp.findings[0].action.aws_api_call_action.caller_type #=> String
|
|
5506
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.ip_address_v4 #=> String
|
|
5507
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn #=> Integer
|
|
5508
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn_org #=> String
|
|
5509
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.isp #=> String
|
|
5510
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.org #=> String
|
|
5511
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_code #=> String
|
|
5512
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_name #=> String
|
|
5513
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.city.city_name #=> String
|
|
5514
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lon #=> Float
|
|
5515
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lat #=> Float
|
|
5516
|
+
# resp.findings[0].action.aws_api_call_action.domain_details.domain #=> String
|
|
5517
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources #=> Hash
|
|
5518
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources["NonEmptyString"] #=> String
|
|
5519
|
+
# resp.findings[0].action.aws_api_call_action.first_seen #=> String
|
|
5520
|
+
# resp.findings[0].action.aws_api_call_action.last_seen #=> String
|
|
5521
|
+
# resp.findings[0].action.dns_request_action.domain #=> String
|
|
5522
|
+
# resp.findings[0].action.dns_request_action.protocol #=> String
|
|
5523
|
+
# resp.findings[0].action.dns_request_action.blocked #=> Boolean
|
|
5524
|
+
# resp.findings[0].action.port_probe_action.port_probe_details #=> Array
|
|
5525
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port #=> Integer
|
|
5526
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port_name #=> String
|
|
5527
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_ip_details.ip_address_v4 #=> String
|
|
5528
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.ip_address_v4 #=> String
|
|
5529
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn #=> Integer
|
|
5530
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
|
|
5531
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
|
|
5532
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
|
|
5533
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_code #=> String
|
|
5534
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_name #=> String
|
|
5535
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.city.city_name #=> String
|
|
5536
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
|
|
5537
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
|
|
5538
|
+
# resp.findings[0].action.port_probe_action.blocked #=> Boolean
|
|
5192
5539
|
# resp.next_token #=> String
|
|
5193
5540
|
#
|
|
5194
5541
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings AWS API Documentation
|
|
@@ -5586,6 +5933,9 @@ module Aws::SecurityHub
|
|
|
5586
5933
|
# Provides the details for the Security Hub master account for the
|
|
5587
5934
|
# current member account.
|
|
5588
5935
|
#
|
|
5936
|
+
# Can be used by both member accounts that are in an organization and
|
|
5937
|
+
# accounts that were invited manually.
|
|
5938
|
+
#
|
|
5589
5939
|
# @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
5590
5940
|
#
|
|
5591
5941
|
# * {Types::GetMasterAccountResponse#master #master} => Types::Invitation
|
|
@@ -5609,6 +5959,13 @@ module Aws::SecurityHub
|
|
|
5609
5959
|
# Returns the details for the Security Hub member accounts for the
|
|
5610
5960
|
# specified account IDs.
|
|
5611
5961
|
#
|
|
5962
|
+
# A master account can be either a delegated Security Hub administrator
|
|
5963
|
+
# account for an organization or a master account that enabled Security
|
|
5964
|
+
# Hub manually.
|
|
5965
|
+
#
|
|
5966
|
+
# The results include both member accounts that are in an organization
|
|
5967
|
+
# and accounts that were invited manually.
|
|
5968
|
+
#
|
|
5612
5969
|
# @option params [required, Array<String>] :account_ids
|
|
5613
5970
|
# The list of account IDs for the Security Hub member accounts to return
|
|
5614
5971
|
# the details for.
|
|
@@ -5649,15 +6006,18 @@ module Aws::SecurityHub
|
|
|
5649
6006
|
# Invites other AWS accounts to become member accounts for the Security
|
|
5650
6007
|
# Hub master account that the invitation is sent from.
|
|
5651
6008
|
#
|
|
6009
|
+
# This operation is only used to invite accounts that do not belong to
|
|
6010
|
+
# an organization. Organization accounts do not receive invitations.
|
|
6011
|
+
#
|
|
5652
6012
|
# Before you can use this action to invite a member, you must first use
|
|
5653
6013
|
# the ` CreateMembers ` action to create the member account in Security
|
|
5654
6014
|
# Hub.
|
|
5655
6015
|
#
|
|
5656
|
-
# When the account owner
|
|
5657
|
-
#
|
|
5658
|
-
#
|
|
6016
|
+
# When the account owner enables Security Hub and accepts the invitation
|
|
6017
|
+
# to become a member account, the master account can view the findings
|
|
6018
|
+
# generated from the member account.
|
|
5659
6019
|
#
|
|
5660
|
-
# @option params [Array<String>] :account_ids
|
|
6020
|
+
# @option params [required, Array<String>] :account_ids
|
|
5661
6021
|
# The list of account IDs of the AWS accounts to invite to Security Hub
|
|
5662
6022
|
# as members.
|
|
5663
6023
|
#
|
|
@@ -5668,7 +6028,7 @@ module Aws::SecurityHub
|
|
|
5668
6028
|
# @example Request syntax with placeholder values
|
|
5669
6029
|
#
|
|
5670
6030
|
# resp = client.invite_members({
|
|
5671
|
-
# account_ids: ["NonEmptyString"],
|
|
6031
|
+
# account_ids: ["NonEmptyString"], # required
|
|
5672
6032
|
# })
|
|
5673
6033
|
#
|
|
5674
6034
|
# @example Response structure
|
|
@@ -5733,6 +6093,9 @@ module Aws::SecurityHub
|
|
|
5733
6093
|
# Lists all Security Hub membership invitations that were sent to the
|
|
5734
6094
|
# current AWS account.
|
|
5735
6095
|
#
|
|
6096
|
+
# This operation is only used by accounts that do not belong to an
|
|
6097
|
+
# organization. Organization accounts do not receive invitations.
|
|
6098
|
+
#
|
|
5736
6099
|
# @option params [Integer] :max_results
|
|
5737
6100
|
# The maximum number of items to return in the response.
|
|
5738
6101
|
#
|
|
@@ -5780,14 +6143,17 @@ module Aws::SecurityHub
|
|
|
5780
6143
|
# Lists details about all member accounts for the current Security Hub
|
|
5781
6144
|
# master account.
|
|
5782
6145
|
#
|
|
6146
|
+
# The results include both member accounts that belong to an
|
|
6147
|
+
# organization and member accounts that were invited manually.
|
|
6148
|
+
#
|
|
5783
6149
|
# @option params [Boolean] :only_associated
|
|
5784
6150
|
# Specifies which member accounts to include in the response based on
|
|
5785
6151
|
# their relationship status with the master account. The default value
|
|
5786
6152
|
# is `TRUE`.
|
|
5787
6153
|
#
|
|
5788
6154
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
|
5789
|
-
# accounts whose relationship status with the master is set to
|
|
5790
|
-
#
|
|
6155
|
+
# accounts whose relationship status with the master is set to
|
|
6156
|
+
# `ENABLED`.
|
|
5791
6157
|
#
|
|
5792
6158
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
|
5793
6159
|
# existing member accounts.
|
|
@@ -5838,6 +6204,49 @@ module Aws::SecurityHub
|
|
|
5838
6204
|
req.send_request(options)
|
|
5839
6205
|
end
|
|
5840
6206
|
|
|
6207
|
+
# Lists the Security Hub administrator accounts. Can only be called by
|
|
6208
|
+
# the organization management account.
|
|
6209
|
+
#
|
|
6210
|
+
# @option params [Integer] :max_results
|
|
6211
|
+
# The maximum number of items to return in the response.
|
|
6212
|
+
#
|
|
6213
|
+
# @option params [String] :next_token
|
|
6214
|
+
# The token that is required for pagination. On your first call to the
|
|
6215
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
|
6216
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
|
6217
|
+
# continue listing data, set the value of this parameter to the value
|
|
6218
|
+
# returned from the previous response.
|
|
6219
|
+
#
|
|
6220
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6221
|
+
#
|
|
6222
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
|
6223
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
|
6224
|
+
#
|
|
6225
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
6226
|
+
#
|
|
6227
|
+
# @example Request syntax with placeholder values
|
|
6228
|
+
#
|
|
6229
|
+
# resp = client.list_organization_admin_accounts({
|
|
6230
|
+
# max_results: 1,
|
|
6231
|
+
# next_token: "NextToken",
|
|
6232
|
+
# })
|
|
6233
|
+
#
|
|
6234
|
+
# @example Response structure
|
|
6235
|
+
#
|
|
6236
|
+
# resp.admin_accounts #=> Array
|
|
6237
|
+
# resp.admin_accounts[0].account_id #=> String
|
|
6238
|
+
# resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
|
6239
|
+
# resp.next_token #=> String
|
|
6240
|
+
#
|
|
6241
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
|
6242
|
+
#
|
|
6243
|
+
# @overload list_organization_admin_accounts(params = {})
|
|
6244
|
+
# @param [Hash] params ({})
|
|
6245
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
|
6246
|
+
req = build_request(:list_organization_admin_accounts, params)
|
|
6247
|
+
req.send_request(options)
|
|
6248
|
+
end
|
|
6249
|
+
|
|
5841
6250
|
# Returns a list of tags associated with a resource.
|
|
5842
6251
|
#
|
|
5843
6252
|
# @option params [required, String] :resource_arn
|
|
@@ -7134,6 +7543,36 @@ module Aws::SecurityHub
|
|
|
7134
7543
|
req.send_request(options)
|
|
7135
7544
|
end
|
|
7136
7545
|
|
|
7546
|
+
# Used to update the configuration related to Organizations. Can only be
|
|
7547
|
+
# called from a Security Hub administrator account.
|
|
7548
|
+
#
|
|
7549
|
+
# @option params [required, Boolean] :auto_enable
|
|
7550
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
|
7551
|
+
# organization.
|
|
7552
|
+
#
|
|
7553
|
+
# By default, this is `false`, and new accounts are not added
|
|
7554
|
+
# automatically.
|
|
7555
|
+
#
|
|
7556
|
+
# To automatically enable Security Hub for new accounts, set this to
|
|
7557
|
+
# `true`.
|
|
7558
|
+
#
|
|
7559
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
7560
|
+
#
|
|
7561
|
+
# @example Request syntax with placeholder values
|
|
7562
|
+
#
|
|
7563
|
+
# resp = client.update_organization_configuration({
|
|
7564
|
+
# auto_enable: false, # required
|
|
7565
|
+
# })
|
|
7566
|
+
#
|
|
7567
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
|
7568
|
+
#
|
|
7569
|
+
# @overload update_organization_configuration(params = {})
|
|
7570
|
+
# @param [Hash] params ({})
|
|
7571
|
+
def update_organization_configuration(params = {}, options = {})
|
|
7572
|
+
req = build_request(:update_organization_configuration, params)
|
|
7573
|
+
req.send_request(options)
|
|
7574
|
+
end
|
|
7575
|
+
|
|
7137
7576
|
# Updates configuration options for Security Hub.
|
|
7138
7577
|
#
|
|
7139
7578
|
# @option params [Boolean] :auto_enable_controls
|
|
@@ -7206,7 +7645,7 @@ module Aws::SecurityHub
|
|
|
7206
7645
|
params: params,
|
|
7207
7646
|
config: config)
|
|
7208
7647
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
7209
|
-
context[:gem_version] = '1.
|
|
7648
|
+
context[:gem_version] = '1.40.0'
|
|
7210
7649
|
Seahorse::Client::Request.new(handlers, context)
|
|
7211
7650
|
end
|
|
7212
7651
|
|