aws-sdk-securityhub 1.35.0 → 1.40.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +480 -41
- data/lib/aws-sdk-securityhub/client_api.rb +269 -7
- data/lib/aws-sdk-securityhub/types.rb +1786 -26
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 9e28f25a65dbe964824ca46f0cf01b8386869134afac55c944d47a7d1a30aaf7
|
|
4
|
+
data.tar.gz: b3ab2b6abd65e1f20aec854b7363e64f510cfae9b407c58563da2bc6aca5d8d4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 60bc5fa47df606b498d67d027b7bf9416633fcd35abc83e12426fbd06edbd648061af82742cea4acba4f84877ff7b6709e76d065d975094a0f60103eab5e6296
|
|
7
|
+
data.tar.gz: dfbce52331aaf49d1fba555c28c24c4d3b8f618da3f85698c47f260de8701aa34892da8502b897139843a0bfc8aa7765df18edf1d04ea8dadc6664f4d5073e50
|
data/lib/aws-sdk-securityhub.rb
CHANGED
|
@@ -330,6 +330,9 @@ module Aws::SecurityHub
|
|
|
330
330
|
# Accepts the invitation to be a member account and be monitored by the
|
|
331
331
|
# Security Hub master account that the invitation was sent from.
|
|
332
332
|
#
|
|
333
|
+
# This operation is only used by member accounts that are not added
|
|
334
|
+
# through Organizations.
|
|
335
|
+
#
|
|
333
336
|
# When the member account accepts the invitation, permission is granted
|
|
334
337
|
# to the master account to view findings generated in the member
|
|
335
338
|
# account.
|
|
@@ -460,24 +463,30 @@ module Aws::SecurityHub
|
|
|
460
463
|
# update the following finding fields and objects, which Security Hub
|
|
461
464
|
# customers use to manage their investigation workflow.
|
|
462
465
|
#
|
|
466
|
+
# * `Note`
|
|
467
|
+
#
|
|
468
|
+
# * `UserDefinedFields`
|
|
469
|
+
#
|
|
470
|
+
# * `VerificationState`
|
|
471
|
+
#
|
|
472
|
+
# * `Workflow`
|
|
473
|
+
#
|
|
474
|
+
# `BatchImportFindings` can be used to update the following finding
|
|
475
|
+
# fields and objects only if they have not been updated using
|
|
476
|
+
# `BatchUpdateFindings`. After they are updated using
|
|
477
|
+
# `BatchUpdateFindings`, these fields cannot be updated using
|
|
478
|
+
# `BatchImportFindings`.
|
|
479
|
+
#
|
|
463
480
|
# * `Confidence`
|
|
464
481
|
#
|
|
465
482
|
# * `Criticality`
|
|
466
483
|
#
|
|
467
|
-
# * `Note`
|
|
468
|
-
#
|
|
469
484
|
# * `RelatedFindings`
|
|
470
485
|
#
|
|
471
486
|
# * `Severity`
|
|
472
487
|
#
|
|
473
488
|
# * `Types`
|
|
474
489
|
#
|
|
475
|
-
# * `UserDefinedFields`
|
|
476
|
-
#
|
|
477
|
-
# * `VerificationState`
|
|
478
|
-
#
|
|
479
|
-
# * `Workflow`
|
|
480
|
-
#
|
|
481
490
|
# @option params [required, Array<Types::AwsSecurityFinding>] :findings
|
|
482
491
|
# A list of findings to import. To successfully import a finding, it
|
|
483
492
|
# must follow the [AWS Security Finding Format][1]. Maximum of 100
|
|
@@ -742,6 +751,19 @@ module Aws::SecurityHub
|
|
|
742
751
|
# },
|
|
743
752
|
# ],
|
|
744
753
|
# source_dest_check: false,
|
|
754
|
+
# ip_v6_addresses: [
|
|
755
|
+
# {
|
|
756
|
+
# ip_v6_address: "NonEmptyString",
|
|
757
|
+
# },
|
|
758
|
+
# ],
|
|
759
|
+
# private_ip_addresses: [
|
|
760
|
+
# {
|
|
761
|
+
# private_ip_address: "NonEmptyString",
|
|
762
|
+
# private_dns_name: "NonEmptyString",
|
|
763
|
+
# },
|
|
764
|
+
# ],
|
|
765
|
+
# public_dns_name: "NonEmptyString",
|
|
766
|
+
# public_ip: "NonEmptyString",
|
|
745
767
|
# },
|
|
746
768
|
# aws_ec2_security_group: {
|
|
747
769
|
# group_name: "NonEmptyString",
|
|
@@ -1242,6 +1264,30 @@ module Aws::SecurityHub
|
|
|
1242
1264
|
# sns_topic_name: "NonEmptyString",
|
|
1243
1265
|
# trail_arn: "NonEmptyString",
|
|
1244
1266
|
# },
|
|
1267
|
+
# aws_ssm_patch_compliance: {
|
|
1268
|
+
# patch: {
|
|
1269
|
+
# compliance_summary: {
|
|
1270
|
+
# status: "NonEmptyString",
|
|
1271
|
+
# compliant_critical_count: 1,
|
|
1272
|
+
# compliant_high_count: 1,
|
|
1273
|
+
# compliant_medium_count: 1,
|
|
1274
|
+
# execution_type: "NonEmptyString",
|
|
1275
|
+
# non_compliant_critical_count: 1,
|
|
1276
|
+
# compliant_informational_count: 1,
|
|
1277
|
+
# non_compliant_informational_count: 1,
|
|
1278
|
+
# compliant_unspecified_count: 1,
|
|
1279
|
+
# non_compliant_low_count: 1,
|
|
1280
|
+
# non_compliant_high_count: 1,
|
|
1281
|
+
# compliant_low_count: 1,
|
|
1282
|
+
# compliance_type: "NonEmptyString",
|
|
1283
|
+
# patch_baseline_id: "NonEmptyString",
|
|
1284
|
+
# overall_severity: "NonEmptyString",
|
|
1285
|
+
# non_compliant_medium_count: 1,
|
|
1286
|
+
# non_compliant_unspecified_count: 1,
|
|
1287
|
+
# patch_group: "NonEmptyString",
|
|
1288
|
+
# },
|
|
1289
|
+
# },
|
|
1290
|
+
# },
|
|
1245
1291
|
# aws_certificate_manager_certificate: {
|
|
1246
1292
|
# certificate_authority_arn: "NonEmptyString",
|
|
1247
1293
|
# created_at: "NonEmptyString",
|
|
@@ -2018,6 +2064,114 @@ module Aws::SecurityHub
|
|
|
2018
2064
|
# reboot_option: "NonEmptyString",
|
|
2019
2065
|
# operation: "NonEmptyString",
|
|
2020
2066
|
# },
|
|
2067
|
+
# action: {
|
|
2068
|
+
# action_type: "NonEmptyString",
|
|
2069
|
+
# network_connection_action: {
|
|
2070
|
+
# connection_direction: "NonEmptyString",
|
|
2071
|
+
# remote_ip_details: {
|
|
2072
|
+
# ip_address_v4: "NonEmptyString",
|
|
2073
|
+
# organization: {
|
|
2074
|
+
# asn: 1,
|
|
2075
|
+
# asn_org: "NonEmptyString",
|
|
2076
|
+
# isp: "NonEmptyString",
|
|
2077
|
+
# org: "NonEmptyString",
|
|
2078
|
+
# },
|
|
2079
|
+
# country: {
|
|
2080
|
+
# country_code: "NonEmptyString",
|
|
2081
|
+
# country_name: "NonEmptyString",
|
|
2082
|
+
# },
|
|
2083
|
+
# city: {
|
|
2084
|
+
# city_name: "NonEmptyString",
|
|
2085
|
+
# },
|
|
2086
|
+
# geo_location: {
|
|
2087
|
+
# lon: 1.0,
|
|
2088
|
+
# lat: 1.0,
|
|
2089
|
+
# },
|
|
2090
|
+
# },
|
|
2091
|
+
# remote_port_details: {
|
|
2092
|
+
# port: 1,
|
|
2093
|
+
# port_name: "NonEmptyString",
|
|
2094
|
+
# },
|
|
2095
|
+
# local_port_details: {
|
|
2096
|
+
# port: 1,
|
|
2097
|
+
# port_name: "NonEmptyString",
|
|
2098
|
+
# },
|
|
2099
|
+
# protocol: "NonEmptyString",
|
|
2100
|
+
# blocked: false,
|
|
2101
|
+
# },
|
|
2102
|
+
# aws_api_call_action: {
|
|
2103
|
+
# api: "NonEmptyString",
|
|
2104
|
+
# service_name: "NonEmptyString",
|
|
2105
|
+
# caller_type: "NonEmptyString",
|
|
2106
|
+
# remote_ip_details: {
|
|
2107
|
+
# ip_address_v4: "NonEmptyString",
|
|
2108
|
+
# organization: {
|
|
2109
|
+
# asn: 1,
|
|
2110
|
+
# asn_org: "NonEmptyString",
|
|
2111
|
+
# isp: "NonEmptyString",
|
|
2112
|
+
# org: "NonEmptyString",
|
|
2113
|
+
# },
|
|
2114
|
+
# country: {
|
|
2115
|
+
# country_code: "NonEmptyString",
|
|
2116
|
+
# country_name: "NonEmptyString",
|
|
2117
|
+
# },
|
|
2118
|
+
# city: {
|
|
2119
|
+
# city_name: "NonEmptyString",
|
|
2120
|
+
# },
|
|
2121
|
+
# geo_location: {
|
|
2122
|
+
# lon: 1.0,
|
|
2123
|
+
# lat: 1.0,
|
|
2124
|
+
# },
|
|
2125
|
+
# },
|
|
2126
|
+
# domain_details: {
|
|
2127
|
+
# domain: "NonEmptyString",
|
|
2128
|
+
# },
|
|
2129
|
+
# affected_resources: {
|
|
2130
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
2131
|
+
# },
|
|
2132
|
+
# first_seen: "NonEmptyString",
|
|
2133
|
+
# last_seen: "NonEmptyString",
|
|
2134
|
+
# },
|
|
2135
|
+
# dns_request_action: {
|
|
2136
|
+
# domain: "NonEmptyString",
|
|
2137
|
+
# protocol: "NonEmptyString",
|
|
2138
|
+
# blocked: false,
|
|
2139
|
+
# },
|
|
2140
|
+
# port_probe_action: {
|
|
2141
|
+
# port_probe_details: [
|
|
2142
|
+
# {
|
|
2143
|
+
# local_port_details: {
|
|
2144
|
+
# port: 1,
|
|
2145
|
+
# port_name: "NonEmptyString",
|
|
2146
|
+
# },
|
|
2147
|
+
# local_ip_details: {
|
|
2148
|
+
# ip_address_v4: "NonEmptyString",
|
|
2149
|
+
# },
|
|
2150
|
+
# remote_ip_details: {
|
|
2151
|
+
# ip_address_v4: "NonEmptyString",
|
|
2152
|
+
# organization: {
|
|
2153
|
+
# asn: 1,
|
|
2154
|
+
# asn_org: "NonEmptyString",
|
|
2155
|
+
# isp: "NonEmptyString",
|
|
2156
|
+
# org: "NonEmptyString",
|
|
2157
|
+
# },
|
|
2158
|
+
# country: {
|
|
2159
|
+
# country_code: "NonEmptyString",
|
|
2160
|
+
# country_name: "NonEmptyString",
|
|
2161
|
+
# },
|
|
2162
|
+
# city: {
|
|
2163
|
+
# city_name: "NonEmptyString",
|
|
2164
|
+
# },
|
|
2165
|
+
# geo_location: {
|
|
2166
|
+
# lon: 1.0,
|
|
2167
|
+
# lat: 1.0,
|
|
2168
|
+
# },
|
|
2169
|
+
# },
|
|
2170
|
+
# },
|
|
2171
|
+
# ],
|
|
2172
|
+
# blocked: false,
|
|
2173
|
+
# },
|
|
2174
|
+
# },
|
|
2021
2175
|
# },
|
|
2022
2176
|
# ],
|
|
2023
2177
|
# })
|
|
@@ -2854,29 +3008,48 @@ module Aws::SecurityHub
|
|
|
2854
3008
|
|
|
2855
3009
|
# Creates a member association in Security Hub between the specified
|
|
2856
3010
|
# accounts and the account used to make the request, which is the master
|
|
2857
|
-
# account.
|
|
2858
|
-
#
|
|
2859
|
-
#
|
|
3011
|
+
# account. If you are integrated with Organizations, then the master
|
|
3012
|
+
# account is the Security Hub administrator account that is designated
|
|
3013
|
+
# by the organization management account.
|
|
3014
|
+
#
|
|
3015
|
+
# `CreateMembers` is always used to add accounts that are not
|
|
3016
|
+
# organization members.
|
|
3017
|
+
#
|
|
3018
|
+
# For accounts that are part of an organization, `CreateMembers` is only
|
|
3019
|
+
# used in the following cases:
|
|
2860
3020
|
#
|
|
2861
|
-
#
|
|
2862
|
-
#
|
|
2863
|
-
# the accounts to enable Security Hub and become member accounts in
|
|
2864
|
-
# Security Hub.
|
|
3021
|
+
# * Security Hub is not configured to automatically add new accounts in
|
|
3022
|
+
# an organization.
|
|
2865
3023
|
#
|
|
2866
|
-
#
|
|
2867
|
-
#
|
|
2868
|
-
#
|
|
2869
|
-
#
|
|
2870
|
-
#
|
|
3024
|
+
# * The account was disassociated or deleted in Security Hub.
|
|
3025
|
+
#
|
|
3026
|
+
# This action can only be used by an account that has Security Hub
|
|
3027
|
+
# enabled. To enable Security Hub, you can use the ` EnableSecurityHub `
|
|
3028
|
+
# operation.
|
|
3029
|
+
#
|
|
3030
|
+
# For accounts that are not organization members, you create the account
|
|
3031
|
+
# association and then send an invitation to the member account. To send
|
|
3032
|
+
# the invitation, you use the ` InviteMembers ` operation. If the
|
|
3033
|
+
# account owner accepts the invitation, the account becomes a member
|
|
3034
|
+
# account in Security Hub.
|
|
3035
|
+
#
|
|
3036
|
+
# Accounts that are part of an organization do not receive an
|
|
3037
|
+
# invitation. They automatically become a member account in Security
|
|
3038
|
+
# Hub.
|
|
3039
|
+
#
|
|
3040
|
+
# A permissions policy is added that permits the master account to view
|
|
3041
|
+
# the findings generated in the member account. When Security Hub is
|
|
3042
|
+
# enabled in a member account, findings are sent to both the member and
|
|
3043
|
+
# master accounts.
|
|
2871
3044
|
#
|
|
2872
3045
|
# To remove the association between the master and member accounts, use
|
|
2873
3046
|
# the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
|
|
2874
3047
|
# operation.
|
|
2875
3048
|
#
|
|
2876
|
-
# @option params [Array<Types::AccountDetails>] :account_details
|
|
3049
|
+
# @option params [required, Array<Types::AccountDetails>] :account_details
|
|
2877
3050
|
# The list of accounts to associate with the Security Hub master
|
|
2878
|
-
# account. For each account, the list includes the account ID and
|
|
2879
|
-
# email address.
|
|
3051
|
+
# account. For each account, the list includes the account ID and
|
|
3052
|
+
# optionally the email address.
|
|
2880
3053
|
#
|
|
2881
3054
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
2882
3055
|
#
|
|
@@ -2885,9 +3058,9 @@ module Aws::SecurityHub
|
|
|
2885
3058
|
# @example Request syntax with placeholder values
|
|
2886
3059
|
#
|
|
2887
3060
|
# resp = client.create_members({
|
|
2888
|
-
# account_details: [
|
|
3061
|
+
# account_details: [ # required
|
|
2889
3062
|
# {
|
|
2890
|
-
# account_id: "AccountId",
|
|
3063
|
+
# account_id: "AccountId", # required
|
|
2891
3064
|
# email: "NonEmptyString",
|
|
2892
3065
|
# },
|
|
2893
3066
|
# ],
|
|
@@ -2910,6 +3083,9 @@ module Aws::SecurityHub
|
|
|
2910
3083
|
|
|
2911
3084
|
# Declines invitations to become a member account.
|
|
2912
3085
|
#
|
|
3086
|
+
# This operation is only used by accounts that are not part of an
|
|
3087
|
+
# organization. Organization accounts do not receive invitations.
|
|
3088
|
+
#
|
|
2913
3089
|
# @option params [required, Array<String>] :account_ids
|
|
2914
3090
|
# The list of account IDs for the accounts from which to decline the
|
|
2915
3091
|
# invitations to Security Hub.
|
|
@@ -3002,6 +3178,9 @@ module Aws::SecurityHub
|
|
|
3002
3178
|
# Deletes invitations received by the AWS account to become a member
|
|
3003
3179
|
# account.
|
|
3004
3180
|
#
|
|
3181
|
+
# This operation is only used by accounts that are not part of an
|
|
3182
|
+
# organization. Organization accounts do not receive invitations.
|
|
3183
|
+
#
|
|
3005
3184
|
# @option params [required, Array<String>] :account_ids
|
|
3006
3185
|
# The list of the account IDs that sent the invitations to delete.
|
|
3007
3186
|
#
|
|
@@ -3032,7 +3211,10 @@ module Aws::SecurityHub
|
|
|
3032
3211
|
|
|
3033
3212
|
# Deletes the specified member accounts from Security Hub.
|
|
3034
3213
|
#
|
|
3035
|
-
#
|
|
3214
|
+
# Can be used to delete member accounts that belong to an organization
|
|
3215
|
+
# as well as member accounts that were invited manually.
|
|
3216
|
+
#
|
|
3217
|
+
# @option params [required, Array<String>] :account_ids
|
|
3036
3218
|
# The list of account IDs for the member accounts to delete.
|
|
3037
3219
|
#
|
|
3038
3220
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
@@ -3042,7 +3224,7 @@ module Aws::SecurityHub
|
|
|
3042
3224
|
# @example Request syntax with placeholder values
|
|
3043
3225
|
#
|
|
3044
3226
|
# resp = client.delete_members({
|
|
3045
|
-
# account_ids: ["NonEmptyString"],
|
|
3227
|
+
# account_ids: ["NonEmptyString"], # required
|
|
3046
3228
|
# })
|
|
3047
3229
|
#
|
|
3048
3230
|
# @example Response structure
|
|
@@ -3144,9 +3326,35 @@ module Aws::SecurityHub
|
|
|
3144
3326
|
req.send_request(options)
|
|
3145
3327
|
end
|
|
3146
3328
|
|
|
3147
|
-
# Returns information about the
|
|
3148
|
-
#
|
|
3149
|
-
#
|
|
3329
|
+
# Returns information about the Organizations configuration for Security
|
|
3330
|
+
# Hub. Can only be called from a Security Hub administrator account.
|
|
3331
|
+
#
|
|
3332
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3333
|
+
#
|
|
3334
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
|
3335
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
|
3336
|
+
#
|
|
3337
|
+
# @example Response structure
|
|
3338
|
+
#
|
|
3339
|
+
# resp.auto_enable #=> Boolean
|
|
3340
|
+
# resp.member_account_limit_reached #=> Boolean
|
|
3341
|
+
#
|
|
3342
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
|
3343
|
+
#
|
|
3344
|
+
# @overload describe_organization_configuration(params = {})
|
|
3345
|
+
# @param [Hash] params ({})
|
|
3346
|
+
def describe_organization_configuration(params = {}, options = {})
|
|
3347
|
+
req = build_request(:describe_organization_configuration, params)
|
|
3348
|
+
req.send_request(options)
|
|
3349
|
+
end
|
|
3350
|
+
|
|
3351
|
+
# Returns information about product integrations in Security Hub.
|
|
3352
|
+
#
|
|
3353
|
+
# You can optionally provide an integration ARN. If you provide an
|
|
3354
|
+
# integration ARN, then the results only include that integration.
|
|
3355
|
+
#
|
|
3356
|
+
# If you do not provide an integration ARN, then the results include all
|
|
3357
|
+
# of the available product integrations.
|
|
3150
3358
|
#
|
|
3151
3359
|
# @option params [String] :next_token
|
|
3152
3360
|
# The token that is required for pagination. On your first call to the
|
|
@@ -3160,6 +3368,9 @@ module Aws::SecurityHub
|
|
|
3160
3368
|
# @option params [Integer] :max_results
|
|
3161
3369
|
# The maximum number of results to return.
|
|
3162
3370
|
#
|
|
3371
|
+
# @option params [String] :product_arn
|
|
3372
|
+
# The ARN of the integration to return.
|
|
3373
|
+
#
|
|
3163
3374
|
# @return [Types::DescribeProductsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3164
3375
|
#
|
|
3165
3376
|
# * {Types::DescribeProductsResponse#products #products} => Array<Types::Product>
|
|
@@ -3172,6 +3383,7 @@ module Aws::SecurityHub
|
|
|
3172
3383
|
# resp = client.describe_products({
|
|
3173
3384
|
# next_token: "NextToken",
|
|
3174
3385
|
# max_results: 1,
|
|
3386
|
+
# product_arn: "NonEmptyString",
|
|
3175
3387
|
# })
|
|
3176
3388
|
#
|
|
3177
3389
|
# @example Response structure
|
|
@@ -3256,7 +3468,8 @@ module Aws::SecurityHub
|
|
|
3256
3468
|
#
|
|
3257
3469
|
# @option params [required, String] :standards_subscription_arn
|
|
3258
3470
|
# The ARN of a resource that represents your subscription to a supported
|
|
3259
|
-
# standard.
|
|
3471
|
+
# standard. To get the subscription ARNs of the standards you have
|
|
3472
|
+
# enabled, use the ` GetEnabledStandards ` operation.
|
|
3260
3473
|
#
|
|
3261
3474
|
# @option params [String] :next_token
|
|
3262
3475
|
# The token that is required for pagination. On your first call to the
|
|
@@ -3334,6 +3547,29 @@ module Aws::SecurityHub
|
|
|
3334
3547
|
req.send_request(options)
|
|
3335
3548
|
end
|
|
3336
3549
|
|
|
3550
|
+
# Disables a Security Hub administrator account. Can only be called by
|
|
3551
|
+
# the organization management account.
|
|
3552
|
+
#
|
|
3553
|
+
# @option params [required, String] :admin_account_id
|
|
3554
|
+
# The AWS account identifier of the Security Hub administrator account.
|
|
3555
|
+
#
|
|
3556
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3557
|
+
#
|
|
3558
|
+
# @example Request syntax with placeholder values
|
|
3559
|
+
#
|
|
3560
|
+
# resp = client.disable_organization_admin_account({
|
|
3561
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3562
|
+
# })
|
|
3563
|
+
#
|
|
3564
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
|
3565
|
+
#
|
|
3566
|
+
# @overload disable_organization_admin_account(params = {})
|
|
3567
|
+
# @param [Hash] params ({})
|
|
3568
|
+
def disable_organization_admin_account(params = {}, options = {})
|
|
3569
|
+
req = build_request(:disable_organization_admin_account, params)
|
|
3570
|
+
req.send_request(options)
|
|
3571
|
+
end
|
|
3572
|
+
|
|
3337
3573
|
# Disables Security Hub in your account only in the current Region. To
|
|
3338
3574
|
# disable Security Hub in all Regions, you must submit one request per
|
|
3339
3575
|
# Region where you have enabled Security Hub.
|
|
@@ -3363,6 +3599,11 @@ module Aws::SecurityHub
|
|
|
3363
3599
|
# Disassociates the current Security Hub member account from the
|
|
3364
3600
|
# associated master account.
|
|
3365
3601
|
#
|
|
3602
|
+
# This operation is only used by accounts that are not part of an
|
|
3603
|
+
# organization. For organization accounts, only the master account (the
|
|
3604
|
+
# designated Security Hub administrator) can disassociate a member
|
|
3605
|
+
# account.
|
|
3606
|
+
#
|
|
3366
3607
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3367
3608
|
#
|
|
3368
3609
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccount AWS API Documentation
|
|
@@ -3377,7 +3618,10 @@ module Aws::SecurityHub
|
|
|
3377
3618
|
# Disassociates the specified member accounts from the associated master
|
|
3378
3619
|
# account.
|
|
3379
3620
|
#
|
|
3380
|
-
#
|
|
3621
|
+
# Can be used to disassociate both accounts that are in an organization
|
|
3622
|
+
# and accounts that were invited manually.
|
|
3623
|
+
#
|
|
3624
|
+
# @option params [required, Array<String>] :account_ids
|
|
3381
3625
|
# The account IDs of the member accounts to disassociate from the master
|
|
3382
3626
|
# account.
|
|
3383
3627
|
#
|
|
@@ -3386,7 +3630,7 @@ module Aws::SecurityHub
|
|
|
3386
3630
|
# @example Request syntax with placeholder values
|
|
3387
3631
|
#
|
|
3388
3632
|
# resp = client.disassociate_members({
|
|
3389
|
-
# account_ids: ["NonEmptyString"],
|
|
3633
|
+
# account_ids: ["NonEmptyString"], # required
|
|
3390
3634
|
# })
|
|
3391
3635
|
#
|
|
3392
3636
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembers AWS API Documentation
|
|
@@ -3431,6 +3675,30 @@ module Aws::SecurityHub
|
|
|
3431
3675
|
req.send_request(options)
|
|
3432
3676
|
end
|
|
3433
3677
|
|
|
3678
|
+
# Designates the Security Hub administrator account for an organization.
|
|
3679
|
+
# Can only be called by the organization management account.
|
|
3680
|
+
#
|
|
3681
|
+
# @option params [required, String] :admin_account_id
|
|
3682
|
+
# The AWS account identifier of the account to designate as the Security
|
|
3683
|
+
# Hub administrator account.
|
|
3684
|
+
#
|
|
3685
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
3686
|
+
#
|
|
3687
|
+
# @example Request syntax with placeholder values
|
|
3688
|
+
#
|
|
3689
|
+
# resp = client.enable_organization_admin_account({
|
|
3690
|
+
# admin_account_id: "NonEmptyString", # required
|
|
3691
|
+
# })
|
|
3692
|
+
#
|
|
3693
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
|
3694
|
+
#
|
|
3695
|
+
# @overload enable_organization_admin_account(params = {})
|
|
3696
|
+
# @param [Hash] params ({})
|
|
3697
|
+
def enable_organization_admin_account(params = {}, options = {})
|
|
3698
|
+
req = build_request(:enable_organization_admin_account, params)
|
|
3699
|
+
req.send_request(options)
|
|
3700
|
+
end
|
|
3701
|
+
|
|
3434
3702
|
# Enables Security Hub for your account in the current Region or the
|
|
3435
3703
|
# Region you specify in the request.
|
|
3436
3704
|
#
|
|
@@ -4307,6 +4575,13 @@ module Aws::SecurityHub
|
|
|
4307
4575
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_name #=> String
|
|
4308
4576
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.security_groups[0].group_id #=> String
|
|
4309
4577
|
# resp.findings[0].resources[0].details.aws_ec2_network_interface.source_dest_check #=> Boolean
|
|
4578
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses #=> Array
|
|
4579
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.ip_v6_addresses[0].ip_v6_address #=> String
|
|
4580
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses #=> Array
|
|
4581
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_ip_address #=> String
|
|
4582
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.private_ip_addresses[0].private_dns_name #=> String
|
|
4583
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_dns_name #=> String
|
|
4584
|
+
# resp.findings[0].resources[0].details.aws_ec2_network_interface.public_ip #=> String
|
|
4310
4585
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_name #=> String
|
|
4311
4586
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.group_id #=> String
|
|
4312
4587
|
# resp.findings[0].resources[0].details.aws_ec2_security_group.owner_id #=> String
|
|
@@ -4640,6 +4915,24 @@ module Aws::SecurityHub
|
|
|
4640
4915
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_arn #=> String
|
|
4641
4916
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.sns_topic_name #=> String
|
|
4642
4917
|
# resp.findings[0].resources[0].details.aws_cloud_trail_trail.trail_arn #=> String
|
|
4918
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.status #=> String
|
|
4919
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_critical_count #=> Integer
|
|
4920
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_high_count #=> Integer
|
|
4921
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_medium_count #=> Integer
|
|
4922
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.execution_type #=> String
|
|
4923
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_critical_count #=> Integer
|
|
4924
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_informational_count #=> Integer
|
|
4925
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_informational_count #=> Integer
|
|
4926
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_unspecified_count #=> Integer
|
|
4927
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_low_count #=> Integer
|
|
4928
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_high_count #=> Integer
|
|
4929
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliant_low_count #=> Integer
|
|
4930
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.compliance_type #=> String
|
|
4931
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_baseline_id #=> String
|
|
4932
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.overall_severity #=> String
|
|
4933
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_medium_count #=> Integer
|
|
4934
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.non_compliant_unspecified_count #=> Integer
|
|
4935
|
+
# resp.findings[0].resources[0].details.aws_ssm_patch_compliance.patch.compliance_summary.patch_group #=> String
|
|
4643
4936
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.certificate_authority_arn #=> String
|
|
4644
4937
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.created_at #=> String
|
|
4645
4938
|
# resp.findings[0].resources[0].details.aws_certificate_manager_certificate.domain_name #=> String
|
|
@@ -5189,6 +5482,60 @@ module Aws::SecurityHub
|
|
|
5189
5482
|
# resp.findings[0].patch_summary.operation_end_time #=> String
|
|
5190
5483
|
# resp.findings[0].patch_summary.reboot_option #=> String
|
|
5191
5484
|
# resp.findings[0].patch_summary.operation #=> String
|
|
5485
|
+
# resp.findings[0].action.action_type #=> String
|
|
5486
|
+
# resp.findings[0].action.network_connection_action.connection_direction #=> String
|
|
5487
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.ip_address_v4 #=> String
|
|
5488
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn #=> Integer
|
|
5489
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.asn_org #=> String
|
|
5490
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.isp #=> String
|
|
5491
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.organization.org #=> String
|
|
5492
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_code #=> String
|
|
5493
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.country.country_name #=> String
|
|
5494
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.city.city_name #=> String
|
|
5495
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lon #=> Float
|
|
5496
|
+
# resp.findings[0].action.network_connection_action.remote_ip_details.geo_location.lat #=> Float
|
|
5497
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port #=> Integer
|
|
5498
|
+
# resp.findings[0].action.network_connection_action.remote_port_details.port_name #=> String
|
|
5499
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port #=> Integer
|
|
5500
|
+
# resp.findings[0].action.network_connection_action.local_port_details.port_name #=> String
|
|
5501
|
+
# resp.findings[0].action.network_connection_action.protocol #=> String
|
|
5502
|
+
# resp.findings[0].action.network_connection_action.blocked #=> Boolean
|
|
5503
|
+
# resp.findings[0].action.aws_api_call_action.api #=> String
|
|
5504
|
+
# resp.findings[0].action.aws_api_call_action.service_name #=> String
|
|
5505
|
+
# resp.findings[0].action.aws_api_call_action.caller_type #=> String
|
|
5506
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.ip_address_v4 #=> String
|
|
5507
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn #=> Integer
|
|
5508
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.asn_org #=> String
|
|
5509
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.isp #=> String
|
|
5510
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.organization.org #=> String
|
|
5511
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_code #=> String
|
|
5512
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.country.country_name #=> String
|
|
5513
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.city.city_name #=> String
|
|
5514
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lon #=> Float
|
|
5515
|
+
# resp.findings[0].action.aws_api_call_action.remote_ip_details.geo_location.lat #=> Float
|
|
5516
|
+
# resp.findings[0].action.aws_api_call_action.domain_details.domain #=> String
|
|
5517
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources #=> Hash
|
|
5518
|
+
# resp.findings[0].action.aws_api_call_action.affected_resources["NonEmptyString"] #=> String
|
|
5519
|
+
# resp.findings[0].action.aws_api_call_action.first_seen #=> String
|
|
5520
|
+
# resp.findings[0].action.aws_api_call_action.last_seen #=> String
|
|
5521
|
+
# resp.findings[0].action.dns_request_action.domain #=> String
|
|
5522
|
+
# resp.findings[0].action.dns_request_action.protocol #=> String
|
|
5523
|
+
# resp.findings[0].action.dns_request_action.blocked #=> Boolean
|
|
5524
|
+
# resp.findings[0].action.port_probe_action.port_probe_details #=> Array
|
|
5525
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port #=> Integer
|
|
5526
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_port_details.port_name #=> String
|
|
5527
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].local_ip_details.ip_address_v4 #=> String
|
|
5528
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.ip_address_v4 #=> String
|
|
5529
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn #=> Integer
|
|
5530
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.asn_org #=> String
|
|
5531
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.isp #=> String
|
|
5532
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.organization.org #=> String
|
|
5533
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_code #=> String
|
|
5534
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.country.country_name #=> String
|
|
5535
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.city.city_name #=> String
|
|
5536
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
|
|
5537
|
+
# resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
|
|
5538
|
+
# resp.findings[0].action.port_probe_action.blocked #=> Boolean
|
|
5192
5539
|
# resp.next_token #=> String
|
|
5193
5540
|
#
|
|
5194
5541
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings AWS API Documentation
|
|
@@ -5586,6 +5933,9 @@ module Aws::SecurityHub
|
|
|
5586
5933
|
# Provides the details for the Security Hub master account for the
|
|
5587
5934
|
# current member account.
|
|
5588
5935
|
#
|
|
5936
|
+
# Can be used by both member accounts that are in an organization and
|
|
5937
|
+
# accounts that were invited manually.
|
|
5938
|
+
#
|
|
5589
5939
|
# @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
5590
5940
|
#
|
|
5591
5941
|
# * {Types::GetMasterAccountResponse#master #master} => Types::Invitation
|
|
@@ -5609,6 +5959,13 @@ module Aws::SecurityHub
|
|
|
5609
5959
|
# Returns the details for the Security Hub member accounts for the
|
|
5610
5960
|
# specified account IDs.
|
|
5611
5961
|
#
|
|
5962
|
+
# A master account can be either a delegated Security Hub administrator
|
|
5963
|
+
# account for an organization or a master account that enabled Security
|
|
5964
|
+
# Hub manually.
|
|
5965
|
+
#
|
|
5966
|
+
# The results include both member accounts that are in an organization
|
|
5967
|
+
# and accounts that were invited manually.
|
|
5968
|
+
#
|
|
5612
5969
|
# @option params [required, Array<String>] :account_ids
|
|
5613
5970
|
# The list of account IDs for the Security Hub member accounts to return
|
|
5614
5971
|
# the details for.
|
|
@@ -5649,15 +6006,18 @@ module Aws::SecurityHub
|
|
|
5649
6006
|
# Invites other AWS accounts to become member accounts for the Security
|
|
5650
6007
|
# Hub master account that the invitation is sent from.
|
|
5651
6008
|
#
|
|
6009
|
+
# This operation is only used to invite accounts that do not belong to
|
|
6010
|
+
# an organization. Organization accounts do not receive invitations.
|
|
6011
|
+
#
|
|
5652
6012
|
# Before you can use this action to invite a member, you must first use
|
|
5653
6013
|
# the ` CreateMembers ` action to create the member account in Security
|
|
5654
6014
|
# Hub.
|
|
5655
6015
|
#
|
|
5656
|
-
# When the account owner
|
|
5657
|
-
#
|
|
5658
|
-
#
|
|
6016
|
+
# When the account owner enables Security Hub and accepts the invitation
|
|
6017
|
+
# to become a member account, the master account can view the findings
|
|
6018
|
+
# generated from the member account.
|
|
5659
6019
|
#
|
|
5660
|
-
# @option params [Array<String>] :account_ids
|
|
6020
|
+
# @option params [required, Array<String>] :account_ids
|
|
5661
6021
|
# The list of account IDs of the AWS accounts to invite to Security Hub
|
|
5662
6022
|
# as members.
|
|
5663
6023
|
#
|
|
@@ -5668,7 +6028,7 @@ module Aws::SecurityHub
|
|
|
5668
6028
|
# @example Request syntax with placeholder values
|
|
5669
6029
|
#
|
|
5670
6030
|
# resp = client.invite_members({
|
|
5671
|
-
# account_ids: ["NonEmptyString"],
|
|
6031
|
+
# account_ids: ["NonEmptyString"], # required
|
|
5672
6032
|
# })
|
|
5673
6033
|
#
|
|
5674
6034
|
# @example Response structure
|
|
@@ -5733,6 +6093,9 @@ module Aws::SecurityHub
|
|
|
5733
6093
|
# Lists all Security Hub membership invitations that were sent to the
|
|
5734
6094
|
# current AWS account.
|
|
5735
6095
|
#
|
|
6096
|
+
# This operation is only used by accounts that do not belong to an
|
|
6097
|
+
# organization. Organization accounts do not receive invitations.
|
|
6098
|
+
#
|
|
5736
6099
|
# @option params [Integer] :max_results
|
|
5737
6100
|
# The maximum number of items to return in the response.
|
|
5738
6101
|
#
|
|
@@ -5780,14 +6143,17 @@ module Aws::SecurityHub
|
|
|
5780
6143
|
# Lists details about all member accounts for the current Security Hub
|
|
5781
6144
|
# master account.
|
|
5782
6145
|
#
|
|
6146
|
+
# The results include both member accounts that belong to an
|
|
6147
|
+
# organization and member accounts that were invited manually.
|
|
6148
|
+
#
|
|
5783
6149
|
# @option params [Boolean] :only_associated
|
|
5784
6150
|
# Specifies which member accounts to include in the response based on
|
|
5785
6151
|
# their relationship status with the master account. The default value
|
|
5786
6152
|
# is `TRUE`.
|
|
5787
6153
|
#
|
|
5788
6154
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
|
5789
|
-
# accounts whose relationship status with the master is set to
|
|
5790
|
-
#
|
|
6155
|
+
# accounts whose relationship status with the master is set to
|
|
6156
|
+
# `ENABLED`.
|
|
5791
6157
|
#
|
|
5792
6158
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
|
5793
6159
|
# existing member accounts.
|
|
@@ -5838,6 +6204,49 @@ module Aws::SecurityHub
|
|
|
5838
6204
|
req.send_request(options)
|
|
5839
6205
|
end
|
|
5840
6206
|
|
|
6207
|
+
# Lists the Security Hub administrator accounts. Can only be called by
|
|
6208
|
+
# the organization management account.
|
|
6209
|
+
#
|
|
6210
|
+
# @option params [Integer] :max_results
|
|
6211
|
+
# The maximum number of items to return in the response.
|
|
6212
|
+
#
|
|
6213
|
+
# @option params [String] :next_token
|
|
6214
|
+
# The token that is required for pagination. On your first call to the
|
|
6215
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
|
6216
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
|
6217
|
+
# continue listing data, set the value of this parameter to the value
|
|
6218
|
+
# returned from the previous response.
|
|
6219
|
+
#
|
|
6220
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
6221
|
+
#
|
|
6222
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
|
6223
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
|
6224
|
+
#
|
|
6225
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
6226
|
+
#
|
|
6227
|
+
# @example Request syntax with placeholder values
|
|
6228
|
+
#
|
|
6229
|
+
# resp = client.list_organization_admin_accounts({
|
|
6230
|
+
# max_results: 1,
|
|
6231
|
+
# next_token: "NextToken",
|
|
6232
|
+
# })
|
|
6233
|
+
#
|
|
6234
|
+
# @example Response structure
|
|
6235
|
+
#
|
|
6236
|
+
# resp.admin_accounts #=> Array
|
|
6237
|
+
# resp.admin_accounts[0].account_id #=> String
|
|
6238
|
+
# resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
|
6239
|
+
# resp.next_token #=> String
|
|
6240
|
+
#
|
|
6241
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
|
6242
|
+
#
|
|
6243
|
+
# @overload list_organization_admin_accounts(params = {})
|
|
6244
|
+
# @param [Hash] params ({})
|
|
6245
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
|
6246
|
+
req = build_request(:list_organization_admin_accounts, params)
|
|
6247
|
+
req.send_request(options)
|
|
6248
|
+
end
|
|
6249
|
+
|
|
5841
6250
|
# Returns a list of tags associated with a resource.
|
|
5842
6251
|
#
|
|
5843
6252
|
# @option params [required, String] :resource_arn
|
|
@@ -7134,6 +7543,36 @@ module Aws::SecurityHub
|
|
|
7134
7543
|
req.send_request(options)
|
|
7135
7544
|
end
|
|
7136
7545
|
|
|
7546
|
+
# Used to update the configuration related to Organizations. Can only be
|
|
7547
|
+
# called from a Security Hub administrator account.
|
|
7548
|
+
#
|
|
7549
|
+
# @option params [required, Boolean] :auto_enable
|
|
7550
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
|
7551
|
+
# organization.
|
|
7552
|
+
#
|
|
7553
|
+
# By default, this is `false`, and new accounts are not added
|
|
7554
|
+
# automatically.
|
|
7555
|
+
#
|
|
7556
|
+
# To automatically enable Security Hub for new accounts, set this to
|
|
7557
|
+
# `true`.
|
|
7558
|
+
#
|
|
7559
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
7560
|
+
#
|
|
7561
|
+
# @example Request syntax with placeholder values
|
|
7562
|
+
#
|
|
7563
|
+
# resp = client.update_organization_configuration({
|
|
7564
|
+
# auto_enable: false, # required
|
|
7565
|
+
# })
|
|
7566
|
+
#
|
|
7567
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
|
7568
|
+
#
|
|
7569
|
+
# @overload update_organization_configuration(params = {})
|
|
7570
|
+
# @param [Hash] params ({})
|
|
7571
|
+
def update_organization_configuration(params = {}, options = {})
|
|
7572
|
+
req = build_request(:update_organization_configuration, params)
|
|
7573
|
+
req.send_request(options)
|
|
7574
|
+
end
|
|
7575
|
+
|
|
7137
7576
|
# Updates configuration options for Security Hub.
|
|
7138
7577
|
#
|
|
7139
7578
|
# @option params [Boolean] :auto_enable_controls
|
|
@@ -7206,7 +7645,7 @@ module Aws::SecurityHub
|
|
|
7206
7645
|
params: params,
|
|
7207
7646
|
config: config)
|
|
7208
7647
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
7209
|
-
context[:gem_version] = '1.
|
|
7648
|
+
context[:gem_version] = '1.40.0'
|
|
7210
7649
|
Seahorse::Client::Request.new(handlers, context)
|
|
7211
7650
|
end
|
|
7212
7651
|
|