aws-sdk-securityhub 1.35.0 → 1.40.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +480 -41
- data/lib/aws-sdk-securityhub/client_api.rb +269 -7
- data/lib/aws-sdk-securityhub/types.rb +1786 -26
- metadata +4 -4
@@ -64,7 +64,7 @@ module Aws::SecurityHub
|
|
64
64
|
# data as a hash:
|
65
65
|
#
|
66
66
|
# {
|
67
|
-
# account_id: "AccountId",
|
67
|
+
# account_id: "AccountId", # required
|
68
68
|
# email: "NonEmptyString",
|
69
69
|
# }
|
70
70
|
#
|
@@ -85,6 +85,313 @@ module Aws::SecurityHub
|
|
85
85
|
include Aws::Structure
|
86
86
|
end
|
87
87
|
|
88
|
+
# Provides details about one of the following actions that affects or
|
89
|
+
# that was taken on a resource:
|
90
|
+
#
|
91
|
+
# * A remote IP address issued an AWS API call
|
92
|
+
#
|
93
|
+
# * A DNS request was received
|
94
|
+
#
|
95
|
+
# * A remote IP address attempted to connect to an EC2 instance
|
96
|
+
#
|
97
|
+
# * A remote IP address attempted a port probe on an EC2 instance
|
98
|
+
#
|
99
|
+
# @note When making an API call, you may pass Action
|
100
|
+
# data as a hash:
|
101
|
+
#
|
102
|
+
# {
|
103
|
+
# action_type: "NonEmptyString",
|
104
|
+
# network_connection_action: {
|
105
|
+
# connection_direction: "NonEmptyString",
|
106
|
+
# remote_ip_details: {
|
107
|
+
# ip_address_v4: "NonEmptyString",
|
108
|
+
# organization: {
|
109
|
+
# asn: 1,
|
110
|
+
# asn_org: "NonEmptyString",
|
111
|
+
# isp: "NonEmptyString",
|
112
|
+
# org: "NonEmptyString",
|
113
|
+
# },
|
114
|
+
# country: {
|
115
|
+
# country_code: "NonEmptyString",
|
116
|
+
# country_name: "NonEmptyString",
|
117
|
+
# },
|
118
|
+
# city: {
|
119
|
+
# city_name: "NonEmptyString",
|
120
|
+
# },
|
121
|
+
# geo_location: {
|
122
|
+
# lon: 1.0,
|
123
|
+
# lat: 1.0,
|
124
|
+
# },
|
125
|
+
# },
|
126
|
+
# remote_port_details: {
|
127
|
+
# port: 1,
|
128
|
+
# port_name: "NonEmptyString",
|
129
|
+
# },
|
130
|
+
# local_port_details: {
|
131
|
+
# port: 1,
|
132
|
+
# port_name: "NonEmptyString",
|
133
|
+
# },
|
134
|
+
# protocol: "NonEmptyString",
|
135
|
+
# blocked: false,
|
136
|
+
# },
|
137
|
+
# aws_api_call_action: {
|
138
|
+
# api: "NonEmptyString",
|
139
|
+
# service_name: "NonEmptyString",
|
140
|
+
# caller_type: "NonEmptyString",
|
141
|
+
# remote_ip_details: {
|
142
|
+
# ip_address_v4: "NonEmptyString",
|
143
|
+
# organization: {
|
144
|
+
# asn: 1,
|
145
|
+
# asn_org: "NonEmptyString",
|
146
|
+
# isp: "NonEmptyString",
|
147
|
+
# org: "NonEmptyString",
|
148
|
+
# },
|
149
|
+
# country: {
|
150
|
+
# country_code: "NonEmptyString",
|
151
|
+
# country_name: "NonEmptyString",
|
152
|
+
# },
|
153
|
+
# city: {
|
154
|
+
# city_name: "NonEmptyString",
|
155
|
+
# },
|
156
|
+
# geo_location: {
|
157
|
+
# lon: 1.0,
|
158
|
+
# lat: 1.0,
|
159
|
+
# },
|
160
|
+
# },
|
161
|
+
# domain_details: {
|
162
|
+
# domain: "NonEmptyString",
|
163
|
+
# },
|
164
|
+
# affected_resources: {
|
165
|
+
# "NonEmptyString" => "NonEmptyString",
|
166
|
+
# },
|
167
|
+
# first_seen: "NonEmptyString",
|
168
|
+
# last_seen: "NonEmptyString",
|
169
|
+
# },
|
170
|
+
# dns_request_action: {
|
171
|
+
# domain: "NonEmptyString",
|
172
|
+
# protocol: "NonEmptyString",
|
173
|
+
# blocked: false,
|
174
|
+
# },
|
175
|
+
# port_probe_action: {
|
176
|
+
# port_probe_details: [
|
177
|
+
# {
|
178
|
+
# local_port_details: {
|
179
|
+
# port: 1,
|
180
|
+
# port_name: "NonEmptyString",
|
181
|
+
# },
|
182
|
+
# local_ip_details: {
|
183
|
+
# ip_address_v4: "NonEmptyString",
|
184
|
+
# },
|
185
|
+
# remote_ip_details: {
|
186
|
+
# ip_address_v4: "NonEmptyString",
|
187
|
+
# organization: {
|
188
|
+
# asn: 1,
|
189
|
+
# asn_org: "NonEmptyString",
|
190
|
+
# isp: "NonEmptyString",
|
191
|
+
# org: "NonEmptyString",
|
192
|
+
# },
|
193
|
+
# country: {
|
194
|
+
# country_code: "NonEmptyString",
|
195
|
+
# country_name: "NonEmptyString",
|
196
|
+
# },
|
197
|
+
# city: {
|
198
|
+
# city_name: "NonEmptyString",
|
199
|
+
# },
|
200
|
+
# geo_location: {
|
201
|
+
# lon: 1.0,
|
202
|
+
# lat: 1.0,
|
203
|
+
# },
|
204
|
+
# },
|
205
|
+
# },
|
206
|
+
# ],
|
207
|
+
# blocked: false,
|
208
|
+
# },
|
209
|
+
# }
|
210
|
+
#
|
211
|
+
# @!attribute [rw] action_type
|
212
|
+
# The type of action that was detected. The possible action types are:
|
213
|
+
#
|
214
|
+
# * `NETWORK_CONNECTION`
|
215
|
+
#
|
216
|
+
# * `AWS_API_CALL`
|
217
|
+
#
|
218
|
+
# * `DNS_REQUEST`
|
219
|
+
#
|
220
|
+
# * `PORT_PROBE`
|
221
|
+
# @return [String]
|
222
|
+
#
|
223
|
+
# @!attribute [rw] network_connection_action
|
224
|
+
# Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
|
225
|
+
# about the network connection that was detected.
|
226
|
+
# @return [Types::NetworkConnectionAction]
|
227
|
+
#
|
228
|
+
# @!attribute [rw] aws_api_call_action
|
229
|
+
# Included if `ActionType` is `AWS_API_CALL`. Provides details about
|
230
|
+
# the API call that was detected.
|
231
|
+
# @return [Types::AwsApiCallAction]
|
232
|
+
#
|
233
|
+
# @!attribute [rw] dns_request_action
|
234
|
+
# Included if `ActionType` is `DNS_REQUEST`. Provides details about
|
235
|
+
# the DNS request that was detected.
|
236
|
+
# @return [Types::DnsRequestAction]
|
237
|
+
#
|
238
|
+
# @!attribute [rw] port_probe_action
|
239
|
+
# Included if `ActionType` is `PORT_PROBE`. Provides details about the
|
240
|
+
# port probe that was detected.
|
241
|
+
# @return [Types::PortProbeAction]
|
242
|
+
#
|
243
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
|
244
|
+
#
|
245
|
+
class Action < Struct.new(
|
246
|
+
:action_type,
|
247
|
+
:network_connection_action,
|
248
|
+
:aws_api_call_action,
|
249
|
+
:dns_request_action,
|
250
|
+
:port_probe_action)
|
251
|
+
SENSITIVE = []
|
252
|
+
include Aws::Structure
|
253
|
+
end
|
254
|
+
|
255
|
+
# Provides information about the IP address where the scanned port is
|
256
|
+
# located.
|
257
|
+
#
|
258
|
+
# @note When making an API call, you may pass ActionLocalIpDetails
|
259
|
+
# data as a hash:
|
260
|
+
#
|
261
|
+
# {
|
262
|
+
# ip_address_v4: "NonEmptyString",
|
263
|
+
# }
|
264
|
+
#
|
265
|
+
# @!attribute [rw] ip_address_v4
|
266
|
+
# The IP address.
|
267
|
+
# @return [String]
|
268
|
+
#
|
269
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalIpDetails AWS API Documentation
|
270
|
+
#
|
271
|
+
class ActionLocalIpDetails < Struct.new(
|
272
|
+
:ip_address_v4)
|
273
|
+
SENSITIVE = []
|
274
|
+
include Aws::Structure
|
275
|
+
end
|
276
|
+
|
277
|
+
# For `NetworkConnectionAction` and `PortProbeDetails`,
|
278
|
+
# `LocalPortDetails` provides information about the local port that was
|
279
|
+
# involved in the action.
|
280
|
+
#
|
281
|
+
# @note When making an API call, you may pass ActionLocalPortDetails
|
282
|
+
# data as a hash:
|
283
|
+
#
|
284
|
+
# {
|
285
|
+
# port: 1,
|
286
|
+
# port_name: "NonEmptyString",
|
287
|
+
# }
|
288
|
+
#
|
289
|
+
# @!attribute [rw] port
|
290
|
+
# The number of the port.
|
291
|
+
# @return [Integer]
|
292
|
+
#
|
293
|
+
# @!attribute [rw] port_name
|
294
|
+
# The port name of the local connection.
|
295
|
+
# @return [String]
|
296
|
+
#
|
297
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalPortDetails AWS API Documentation
|
298
|
+
#
|
299
|
+
class ActionLocalPortDetails < Struct.new(
|
300
|
+
:port,
|
301
|
+
:port_name)
|
302
|
+
SENSITIVE = []
|
303
|
+
include Aws::Structure
|
304
|
+
end
|
305
|
+
|
306
|
+
# For `AwsApiAction`, `NetworkConnectionAction`, and `PortProbeAction`,
|
307
|
+
# `RemoteIpDetails` provides information about the remote IP address
|
308
|
+
# that was involved in the action.
|
309
|
+
#
|
310
|
+
# @note When making an API call, you may pass ActionRemoteIpDetails
|
311
|
+
# data as a hash:
|
312
|
+
#
|
313
|
+
# {
|
314
|
+
# ip_address_v4: "NonEmptyString",
|
315
|
+
# organization: {
|
316
|
+
# asn: 1,
|
317
|
+
# asn_org: "NonEmptyString",
|
318
|
+
# isp: "NonEmptyString",
|
319
|
+
# org: "NonEmptyString",
|
320
|
+
# },
|
321
|
+
# country: {
|
322
|
+
# country_code: "NonEmptyString",
|
323
|
+
# country_name: "NonEmptyString",
|
324
|
+
# },
|
325
|
+
# city: {
|
326
|
+
# city_name: "NonEmptyString",
|
327
|
+
# },
|
328
|
+
# geo_location: {
|
329
|
+
# lon: 1.0,
|
330
|
+
# lat: 1.0,
|
331
|
+
# },
|
332
|
+
# }
|
333
|
+
#
|
334
|
+
# @!attribute [rw] ip_address_v4
|
335
|
+
# The IP address.
|
336
|
+
# @return [String]
|
337
|
+
#
|
338
|
+
# @!attribute [rw] organization
|
339
|
+
# The internet service provider (ISP) organization associated with the
|
340
|
+
# remote IP address.
|
341
|
+
# @return [Types::IpOrganizationDetails]
|
342
|
+
#
|
343
|
+
# @!attribute [rw] country
|
344
|
+
# The country where the remote IP address is located.
|
345
|
+
# @return [Types::Country]
|
346
|
+
#
|
347
|
+
# @!attribute [rw] city
|
348
|
+
# The city where the remote IP address is located.
|
349
|
+
# @return [Types::City]
|
350
|
+
#
|
351
|
+
# @!attribute [rw] geo_location
|
352
|
+
# The coordinates of the location of the remote IP address.
|
353
|
+
# @return [Types::GeoLocation]
|
354
|
+
#
|
355
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemoteIpDetails AWS API Documentation
|
356
|
+
#
|
357
|
+
class ActionRemoteIpDetails < Struct.new(
|
358
|
+
:ip_address_v4,
|
359
|
+
:organization,
|
360
|
+
:country,
|
361
|
+
:city,
|
362
|
+
:geo_location)
|
363
|
+
SENSITIVE = []
|
364
|
+
include Aws::Structure
|
365
|
+
end
|
366
|
+
|
367
|
+
# Provides information about the remote port that was involved in an
|
368
|
+
# attempted network connection.
|
369
|
+
#
|
370
|
+
# @note When making an API call, you may pass ActionRemotePortDetails
|
371
|
+
# data as a hash:
|
372
|
+
#
|
373
|
+
# {
|
374
|
+
# port: 1,
|
375
|
+
# port_name: "NonEmptyString",
|
376
|
+
# }
|
377
|
+
#
|
378
|
+
# @!attribute [rw] port
|
379
|
+
# The number of the port.
|
380
|
+
# @return [Integer]
|
381
|
+
#
|
382
|
+
# @!attribute [rw] port_name
|
383
|
+
# The port name of the remote connection.
|
384
|
+
# @return [String]
|
385
|
+
#
|
386
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemotePortDetails AWS API Documentation
|
387
|
+
#
|
388
|
+
class ActionRemotePortDetails < Struct.new(
|
389
|
+
:port,
|
390
|
+
:port_name)
|
391
|
+
SENSITIVE = []
|
392
|
+
include Aws::Structure
|
393
|
+
end
|
394
|
+
|
88
395
|
# An `ActionTarget` object.
|
89
396
|
#
|
90
397
|
# @!attribute [rw] action_target_arn
|
@@ -109,6 +416,29 @@ module Aws::SecurityHub
|
|
109
416
|
include Aws::Structure
|
110
417
|
end
|
111
418
|
|
419
|
+
# Represents a Security Hub administrator account designated by an
|
420
|
+
# organization management account.
|
421
|
+
#
|
422
|
+
# @!attribute [rw] account_id
|
423
|
+
# The AWS account identifier of the Security Hub administrator
|
424
|
+
# account.
|
425
|
+
# @return [String]
|
426
|
+
#
|
427
|
+
# @!attribute [rw] status
|
428
|
+
# The current status of the Security Hub administrator account.
|
429
|
+
# Indicates whether the account is currently enabled as a Security Hub
|
430
|
+
# administrator.
|
431
|
+
# @return [String]
|
432
|
+
#
|
433
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AdminAccount AWS API Documentation
|
434
|
+
#
|
435
|
+
class AdminAccount < Struct.new(
|
436
|
+
:account_id,
|
437
|
+
:status)
|
438
|
+
SENSITIVE = []
|
439
|
+
include Aws::Structure
|
440
|
+
end
|
441
|
+
|
112
442
|
# Information about an Availability Zone.
|
113
443
|
#
|
114
444
|
# @note When making an API call, you may pass AvailabilityZone
|
@@ -137,6 +467,120 @@ module Aws::SecurityHub
|
|
137
467
|
include Aws::Structure
|
138
468
|
end
|
139
469
|
|
470
|
+
# Provided if `ActionType` is `AWS_API_CALL`. It provides details about
|
471
|
+
# the API call that was detected.
|
472
|
+
#
|
473
|
+
# @note When making an API call, you may pass AwsApiCallAction
|
474
|
+
# data as a hash:
|
475
|
+
#
|
476
|
+
# {
|
477
|
+
# api: "NonEmptyString",
|
478
|
+
# service_name: "NonEmptyString",
|
479
|
+
# caller_type: "NonEmptyString",
|
480
|
+
# remote_ip_details: {
|
481
|
+
# ip_address_v4: "NonEmptyString",
|
482
|
+
# organization: {
|
483
|
+
# asn: 1,
|
484
|
+
# asn_org: "NonEmptyString",
|
485
|
+
# isp: "NonEmptyString",
|
486
|
+
# org: "NonEmptyString",
|
487
|
+
# },
|
488
|
+
# country: {
|
489
|
+
# country_code: "NonEmptyString",
|
490
|
+
# country_name: "NonEmptyString",
|
491
|
+
# },
|
492
|
+
# city: {
|
493
|
+
# city_name: "NonEmptyString",
|
494
|
+
# },
|
495
|
+
# geo_location: {
|
496
|
+
# lon: 1.0,
|
497
|
+
# lat: 1.0,
|
498
|
+
# },
|
499
|
+
# },
|
500
|
+
# domain_details: {
|
501
|
+
# domain: "NonEmptyString",
|
502
|
+
# },
|
503
|
+
# affected_resources: {
|
504
|
+
# "NonEmptyString" => "NonEmptyString",
|
505
|
+
# },
|
506
|
+
# first_seen: "NonEmptyString",
|
507
|
+
# last_seen: "NonEmptyString",
|
508
|
+
# }
|
509
|
+
#
|
510
|
+
# @!attribute [rw] api
|
511
|
+
# The name of the API method that was issued.
|
512
|
+
# @return [String]
|
513
|
+
#
|
514
|
+
# @!attribute [rw] service_name
|
515
|
+
# The name of the AWS service that the API method belongs to.
|
516
|
+
# @return [String]
|
517
|
+
#
|
518
|
+
# @!attribute [rw] caller_type
|
519
|
+
# Indicates whether the API call originated from a remote IP address
|
520
|
+
# (`remoteip`) or from a DNS domain (`domain`).
|
521
|
+
# @return [String]
|
522
|
+
#
|
523
|
+
# @!attribute [rw] remote_ip_details
|
524
|
+
# Provided if `CallerType` is `remoteIp`. Provides information about
|
525
|
+
# the remote IP address that the API call originated from.
|
526
|
+
# @return [Types::ActionRemoteIpDetails]
|
527
|
+
#
|
528
|
+
# @!attribute [rw] domain_details
|
529
|
+
# Provided if `CallerType` is `domain`. Provides information about the
|
530
|
+
# DNS domain that the API call originated from.
|
531
|
+
# @return [Types::AwsApiCallActionDomainDetails]
|
532
|
+
#
|
533
|
+
# @!attribute [rw] affected_resources
|
534
|
+
# Identifies the resources that were affected by the API call.
|
535
|
+
# @return [Hash<String,String>]
|
536
|
+
#
|
537
|
+
# @!attribute [rw] first_seen
|
538
|
+
# An ISO8601-formatted timestamp that indicates when the API call was
|
539
|
+
# first observed.
|
540
|
+
# @return [String]
|
541
|
+
#
|
542
|
+
# @!attribute [rw] last_seen
|
543
|
+
# An ISO8601-formatted timestamp that indicates when the API call was
|
544
|
+
# most recently observed.
|
545
|
+
# @return [String]
|
546
|
+
#
|
547
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallAction AWS API Documentation
|
548
|
+
#
|
549
|
+
class AwsApiCallAction < Struct.new(
|
550
|
+
:api,
|
551
|
+
:service_name,
|
552
|
+
:caller_type,
|
553
|
+
:remote_ip_details,
|
554
|
+
:domain_details,
|
555
|
+
:affected_resources,
|
556
|
+
:first_seen,
|
557
|
+
:last_seen)
|
558
|
+
SENSITIVE = []
|
559
|
+
include Aws::Structure
|
560
|
+
end
|
561
|
+
|
562
|
+
# Provided if `CallerType` is `domain`. It provides information about
|
563
|
+
# the DNS domain that issued the API call.
|
564
|
+
#
|
565
|
+
# @note When making an API call, you may pass AwsApiCallActionDomainDetails
|
566
|
+
# data as a hash:
|
567
|
+
#
|
568
|
+
# {
|
569
|
+
# domain: "NonEmptyString",
|
570
|
+
# }
|
571
|
+
#
|
572
|
+
# @!attribute [rw] domain
|
573
|
+
# The name of the DNS domain that issued the API call.
|
574
|
+
# @return [String]
|
575
|
+
#
|
576
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallActionDomainDetails AWS API Documentation
|
577
|
+
#
|
578
|
+
class AwsApiCallActionDomainDetails < Struct.new(
|
579
|
+
:domain)
|
580
|
+
SENSITIVE = []
|
581
|
+
include Aws::Structure
|
582
|
+
end
|
583
|
+
|
140
584
|
# Contains information about settings for logging access for the stage.
|
141
585
|
#
|
142
586
|
# @note When making an API call, you may pass AwsApiGatewayAccessLogSettings
|
@@ -3465,6 +3909,19 @@ module Aws::SecurityHub
|
|
3465
3909
|
# },
|
3466
3910
|
# ],
|
3467
3911
|
# source_dest_check: false,
|
3912
|
+
# ip_v6_addresses: [
|
3913
|
+
# {
|
3914
|
+
# ip_v6_address: "NonEmptyString",
|
3915
|
+
# },
|
3916
|
+
# ],
|
3917
|
+
# private_ip_addresses: [
|
3918
|
+
# {
|
3919
|
+
# private_ip_address: "NonEmptyString",
|
3920
|
+
# private_dns_name: "NonEmptyString",
|
3921
|
+
# },
|
3922
|
+
# ],
|
3923
|
+
# public_dns_name: "NonEmptyString",
|
3924
|
+
# public_ip: "NonEmptyString",
|
3468
3925
|
# }
|
3469
3926
|
#
|
3470
3927
|
# @!attribute [rw] attachment
|
@@ -3483,13 +3940,84 @@ module Aws::SecurityHub
|
|
3483
3940
|
# Indicates whether traffic to or from the instance is validated.
|
3484
3941
|
# @return [Boolean]
|
3485
3942
|
#
|
3943
|
+
# @!attribute [rw] ip_v6_addresses
|
3944
|
+
# The IPv6 addresses associated with the network interface.
|
3945
|
+
# @return [Array<Types::AwsEc2NetworkInterfaceIpV6AddressDetail>]
|
3946
|
+
#
|
3947
|
+
# @!attribute [rw] private_ip_addresses
|
3948
|
+
# The private IPv4 addresses associated with the network interface.
|
3949
|
+
# @return [Array<Types::AwsEc2NetworkInterfacePrivateIpAddressDetail>]
|
3950
|
+
#
|
3951
|
+
# @!attribute [rw] public_dns_name
|
3952
|
+
# The public DNS name of the network interface.
|
3953
|
+
# @return [String]
|
3954
|
+
#
|
3955
|
+
# @!attribute [rw] public_ip
|
3956
|
+
# The address of the Elastic IP address bound to the network
|
3957
|
+
# interface.
|
3958
|
+
# @return [String]
|
3959
|
+
#
|
3486
3960
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceDetails AWS API Documentation
|
3487
3961
|
#
|
3488
3962
|
class AwsEc2NetworkInterfaceDetails < Struct.new(
|
3489
3963
|
:attachment,
|
3490
3964
|
:network_interface_id,
|
3491
3965
|
:security_groups,
|
3492
|
-
:source_dest_check
|
3966
|
+
:source_dest_check,
|
3967
|
+
:ip_v6_addresses,
|
3968
|
+
:private_ip_addresses,
|
3969
|
+
:public_dns_name,
|
3970
|
+
:public_ip)
|
3971
|
+
SENSITIVE = []
|
3972
|
+
include Aws::Structure
|
3973
|
+
end
|
3974
|
+
|
3975
|
+
# Provides information about an IPV6 address that is associated with the
|
3976
|
+
# network interface.
|
3977
|
+
#
|
3978
|
+
# @note When making an API call, you may pass AwsEc2NetworkInterfaceIpV6AddressDetail
|
3979
|
+
# data as a hash:
|
3980
|
+
#
|
3981
|
+
# {
|
3982
|
+
# ip_v6_address: "NonEmptyString",
|
3983
|
+
# }
|
3984
|
+
#
|
3985
|
+
# @!attribute [rw] ip_v6_address
|
3986
|
+
# The IPV6 address.
|
3987
|
+
# @return [String]
|
3988
|
+
#
|
3989
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceIpV6AddressDetail AWS API Documentation
|
3990
|
+
#
|
3991
|
+
class AwsEc2NetworkInterfaceIpV6AddressDetail < Struct.new(
|
3992
|
+
:ip_v6_address)
|
3993
|
+
SENSITIVE = []
|
3994
|
+
include Aws::Structure
|
3995
|
+
end
|
3996
|
+
|
3997
|
+
# Provides information about a private IPv4 address that is with the
|
3998
|
+
# network interface.
|
3999
|
+
#
|
4000
|
+
# @note When making an API call, you may pass AwsEc2NetworkInterfacePrivateIpAddressDetail
|
4001
|
+
# data as a hash:
|
4002
|
+
#
|
4003
|
+
# {
|
4004
|
+
# private_ip_address: "NonEmptyString",
|
4005
|
+
# private_dns_name: "NonEmptyString",
|
4006
|
+
# }
|
4007
|
+
#
|
4008
|
+
# @!attribute [rw] private_ip_address
|
4009
|
+
# The IP address.
|
4010
|
+
# @return [String]
|
4011
|
+
#
|
4012
|
+
# @!attribute [rw] private_dns_name
|
4013
|
+
# The private DNS name for the IP address.
|
4014
|
+
# @return [String]
|
4015
|
+
#
|
4016
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfacePrivateIpAddressDetail AWS API Documentation
|
4017
|
+
#
|
4018
|
+
class AwsEc2NetworkInterfacePrivateIpAddressDetail < Struct.new(
|
4019
|
+
:private_ip_address,
|
4020
|
+
:private_dns_name)
|
3493
4021
|
SENSITIVE = []
|
3494
4022
|
include Aws::Structure
|
3495
4023
|
end
|
@@ -6861,6 +7389,8 @@ module Aws::SecurityHub
|
|
6861
7389
|
# @return [String]
|
6862
7390
|
#
|
6863
7391
|
# @!attribute [rw] engine
|
7392
|
+
# The name of the database engine that you want to use for this DB
|
7393
|
+
# instance.
|
6864
7394
|
# @return [String]
|
6865
7395
|
#
|
6866
7396
|
# @!attribute [rw] allocated_storage
|
@@ -7644,6 +8174,8 @@ module Aws::SecurityHub
|
|
7644
8174
|
include Aws::Structure
|
7645
8175
|
end
|
7646
8176
|
|
8177
|
+
# An option group membership.
|
8178
|
+
#
|
7647
8179
|
# @note When making an API call, you may pass AwsRdsDbOptionGroupMembership
|
7648
8180
|
# data as a hash:
|
7649
8181
|
#
|
@@ -7653,9 +8185,11 @@ module Aws::SecurityHub
|
|
7653
8185
|
# }
|
7654
8186
|
#
|
7655
8187
|
# @!attribute [rw] option_group_name
|
8188
|
+
# The name of the option group.
|
7656
8189
|
# @return [String]
|
7657
8190
|
#
|
7658
8191
|
# @!attribute [rw] status
|
8192
|
+
# The status of the option group membership.
|
7659
8193
|
# @return [String]
|
7660
8194
|
#
|
7661
8195
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbOptionGroupMembership AWS API Documentation
|
@@ -7667,6 +8201,8 @@ module Aws::SecurityHub
|
|
7667
8201
|
include Aws::Structure
|
7668
8202
|
end
|
7669
8203
|
|
8204
|
+
# Provides information about a parameter group for a DB instance.
|
8205
|
+
#
|
7670
8206
|
# @note When making an API call, you may pass AwsRdsDbParameterGroup
|
7671
8207
|
# data as a hash:
|
7672
8208
|
#
|
@@ -7676,9 +8212,11 @@ module Aws::SecurityHub
|
|
7676
8212
|
# }
|
7677
8213
|
#
|
7678
8214
|
# @!attribute [rw] db_parameter_group_name
|
8215
|
+
# The name of the parameter group.
|
7679
8216
|
# @return [String]
|
7680
8217
|
#
|
7681
8218
|
# @!attribute [rw] parameter_apply_status
|
8219
|
+
# The status of parameter updates.
|
7682
8220
|
# @return [String]
|
7683
8221
|
#
|
7684
8222
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbParameterGroup AWS API Documentation
|
@@ -7690,6 +8228,8 @@ module Aws::SecurityHub
|
|
7690
8228
|
include Aws::Structure
|
7691
8229
|
end
|
7692
8230
|
|
8231
|
+
# Changes to a DB instance that are currently pending.
|
8232
|
+
#
|
7693
8233
|
# @note When making an API call, you may pass AwsRdsDbPendingModifiedValues
|
7694
8234
|
# data as a hash:
|
7695
8235
|
#
|
@@ -7720,48 +8260,64 @@ module Aws::SecurityHub
|
|
7720
8260
|
# }
|
7721
8261
|
#
|
7722
8262
|
# @!attribute [rw] db_instance_class
|
8263
|
+
# The new DB instance class for the DB instance.
|
7723
8264
|
# @return [String]
|
7724
8265
|
#
|
7725
8266
|
# @!attribute [rw] allocated_storage
|
8267
|
+
# The new value of the allocated storage for the DB instance.
|
7726
8268
|
# @return [Integer]
|
7727
8269
|
#
|
7728
8270
|
# @!attribute [rw] master_user_password
|
8271
|
+
# The new master user password for the DB instance.
|
7729
8272
|
# @return [String]
|
7730
8273
|
#
|
7731
8274
|
# @!attribute [rw] port
|
8275
|
+
# The new port for the DB instance.
|
7732
8276
|
# @return [Integer]
|
7733
8277
|
#
|
7734
8278
|
# @!attribute [rw] backup_retention_period
|
8279
|
+
# The new backup retention period for the DB instance.
|
7735
8280
|
# @return [Integer]
|
7736
8281
|
#
|
7737
8282
|
# @!attribute [rw] multi_az
|
8283
|
+
# Indicates that a single Availability Zone DB instance is changing to
|
8284
|
+
# a multiple Availability Zone deployment.
|
7738
8285
|
# @return [Boolean]
|
7739
8286
|
#
|
7740
8287
|
# @!attribute [rw] engine_version
|
8288
|
+
# The new engine version for the DB instance.
|
7741
8289
|
# @return [String]
|
7742
8290
|
#
|
7743
8291
|
# @!attribute [rw] license_model
|
8292
|
+
# The new license model value for the DB instance.
|
7744
8293
|
# @return [String]
|
7745
8294
|
#
|
7746
8295
|
# @!attribute [rw] iops
|
8296
|
+
# The new provisioned IOPS value for the DB instance.
|
7747
8297
|
# @return [Integer]
|
7748
8298
|
#
|
7749
8299
|
# @!attribute [rw] db_instance_identifier
|
8300
|
+
# The new DB instance identifier for the DB instance.
|
7750
8301
|
# @return [String]
|
7751
8302
|
#
|
7752
8303
|
# @!attribute [rw] storage_type
|
8304
|
+
# The new storage type for the DB instance.
|
7753
8305
|
# @return [String]
|
7754
8306
|
#
|
7755
8307
|
# @!attribute [rw] ca_certificate_identifier
|
8308
|
+
# The new CA certificate identifier for the DB instance.
|
7756
8309
|
# @return [String]
|
7757
8310
|
#
|
7758
8311
|
# @!attribute [rw] db_subnet_group_name
|
8312
|
+
# The name of the new subnet group for the DB instance.
|
7759
8313
|
# @return [String]
|
7760
8314
|
#
|
7761
8315
|
# @!attribute [rw] pending_cloud_watch_logs_exports
|
8316
|
+
# A list of log types that are being enabled or disabled.
|
7762
8317
|
# @return [Types::AwsRdsPendingCloudWatchLogsExports]
|
7763
8318
|
#
|
7764
8319
|
# @!attribute [rw] processor_features
|
8320
|
+
# Processor features that are being updated.
|
7765
8321
|
# @return [Array<Types::AwsRdsDbProcessorFeature>]
|
7766
8322
|
#
|
7767
8323
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbPendingModifiedValues AWS API Documentation
|
@@ -7786,6 +8342,8 @@ module Aws::SecurityHub
|
|
7786
8342
|
include Aws::Structure
|
7787
8343
|
end
|
7788
8344
|
|
8345
|
+
# A processor feature.
|
8346
|
+
#
|
7789
8347
|
# @note When making an API call, you may pass AwsRdsDbProcessorFeature
|
7790
8348
|
# data as a hash:
|
7791
8349
|
#
|
@@ -7795,9 +8353,11 @@ module Aws::SecurityHub
|
|
7795
8353
|
# }
|
7796
8354
|
#
|
7797
8355
|
# @!attribute [rw] name
|
8356
|
+
# The name of the processor feature.
|
7798
8357
|
# @return [String]
|
7799
8358
|
#
|
7800
8359
|
# @!attribute [rw] value
|
8360
|
+
# The value of the processor feature.
|
7801
8361
|
# @return [String]
|
7802
8362
|
#
|
7803
8363
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbProcessorFeature AWS API Documentation
|
@@ -7809,6 +8369,8 @@ module Aws::SecurityHub
|
|
7809
8369
|
include Aws::Structure
|
7810
8370
|
end
|
7811
8371
|
|
8372
|
+
# Provides details about an Amazon RDS DB cluster snapshot.
|
8373
|
+
#
|
7812
8374
|
# @note When making an API call, you may pass AwsRdsDbSnapshotDetails
|
7813
8375
|
# data as a hash:
|
7814
8376
|
#
|
@@ -7848,84 +8410,120 @@ module Aws::SecurityHub
|
|
7848
8410
|
# }
|
7849
8411
|
#
|
7850
8412
|
# @!attribute [rw] db_snapshot_identifier
|
8413
|
+
# The name or ARN of the DB snapshot that is used to restore the DB
|
8414
|
+
# instance.
|
7851
8415
|
# @return [String]
|
7852
8416
|
#
|
7853
8417
|
# @!attribute [rw] db_instance_identifier
|
8418
|
+
# A name for the DB instance.
|
7854
8419
|
# @return [String]
|
7855
8420
|
#
|
7856
8421
|
# @!attribute [rw] snapshot_create_time
|
8422
|
+
# When the snapshot was taken in Coordinated Universal Time (UTC).
|
7857
8423
|
# @return [String]
|
7858
8424
|
#
|
7859
8425
|
# @!attribute [rw] engine
|
8426
|
+
# The name of the database engine to use for this DB instance.
|
7860
8427
|
# @return [String]
|
7861
8428
|
#
|
7862
8429
|
# @!attribute [rw] allocated_storage
|
8430
|
+
# The amount of storage (in gigabytes) to be initially allocated for
|
8431
|
+
# the database instance.
|
7863
8432
|
# @return [Integer]
|
7864
8433
|
#
|
7865
8434
|
# @!attribute [rw] status
|
8435
|
+
# The status of this DB snapshot.
|
7866
8436
|
# @return [String]
|
7867
8437
|
#
|
7868
8438
|
# @!attribute [rw] port
|
8439
|
+
# The port that the database engine was listening on at the time of
|
8440
|
+
# the snapshot.
|
7869
8441
|
# @return [Integer]
|
7870
8442
|
#
|
7871
8443
|
# @!attribute [rw] availability_zone
|
8444
|
+
# Specifies the name of the Availability Zone in which the DB instance
|
8445
|
+
# was located at the time of the DB snapshot.
|
7872
8446
|
# @return [String]
|
7873
8447
|
#
|
7874
8448
|
# @!attribute [rw] vpc_id
|
8449
|
+
# The VPC ID associated with the DB snapshot.
|
7875
8450
|
# @return [String]
|
7876
8451
|
#
|
7877
8452
|
# @!attribute [rw] instance_create_time
|
8453
|
+
# Specifies the time in Coordinated Universal Time (UTC) when the DB
|
8454
|
+
# instance, from which the snapshot was taken, was created.
|
7878
8455
|
# @return [String]
|
7879
8456
|
#
|
7880
8457
|
# @!attribute [rw] master_username
|
8458
|
+
# The master user name for the DB snapshot.
|
7881
8459
|
# @return [String]
|
7882
8460
|
#
|
7883
8461
|
# @!attribute [rw] engine_version
|
8462
|
+
# The version of the database engine.
|
7884
8463
|
# @return [String]
|
7885
8464
|
#
|
7886
8465
|
# @!attribute [rw] license_model
|
8466
|
+
# License model information for the restored DB instance.
|
7887
8467
|
# @return [String]
|
7888
8468
|
#
|
7889
8469
|
# @!attribute [rw] snapshot_type
|
8470
|
+
# The type of the DB snapshot.
|
7890
8471
|
# @return [String]
|
7891
8472
|
#
|
7892
8473
|
# @!attribute [rw] iops
|
8474
|
+
# The provisioned IOPS (I/O operations per second) value of the DB
|
8475
|
+
# instance at the time of the snapshot.
|
7893
8476
|
# @return [Integer]
|
7894
8477
|
#
|
7895
8478
|
# @!attribute [rw] option_group_name
|
8479
|
+
# The option group name for the DB snapshot.
|
7896
8480
|
# @return [String]
|
7897
8481
|
#
|
7898
8482
|
# @!attribute [rw] percent_progress
|
8483
|
+
# The percentage of the estimated data that has been transferred.
|
7899
8484
|
# @return [Integer]
|
7900
8485
|
#
|
7901
8486
|
# @!attribute [rw] source_region
|
8487
|
+
# The AWS Region that the DB snapshot was created in or copied from.
|
7902
8488
|
# @return [String]
|
7903
8489
|
#
|
7904
8490
|
# @!attribute [rw] source_db_snapshot_identifier
|
8491
|
+
# The DB snapshot ARN that the DB snapshot was copied from.
|
7905
8492
|
# @return [String]
|
7906
8493
|
#
|
7907
8494
|
# @!attribute [rw] storage_type
|
8495
|
+
# The storage type associated with the DB snapshot.
|
7908
8496
|
# @return [String]
|
7909
8497
|
#
|
7910
8498
|
# @!attribute [rw] tde_credential_arn
|
8499
|
+
# The ARN from the key store with which to associate the instance for
|
8500
|
+
# TDE encryption.
|
7911
8501
|
# @return [String]
|
7912
8502
|
#
|
7913
8503
|
# @!attribute [rw] encrypted
|
8504
|
+
# Whether the DB snapshot is encrypted.
|
7914
8505
|
# @return [Boolean]
|
7915
8506
|
#
|
7916
8507
|
# @!attribute [rw] kms_key_id
|
8508
|
+
# If `Encrypted` is `true`, the AWS KMS key identifier for the
|
8509
|
+
# encrypted DB snapshot.
|
7917
8510
|
# @return [String]
|
7918
8511
|
#
|
7919
8512
|
# @!attribute [rw] timezone
|
8513
|
+
# The time zone of the DB snapshot.
|
7920
8514
|
# @return [String]
|
7921
8515
|
#
|
7922
8516
|
# @!attribute [rw] iam_database_authentication_enabled
|
8517
|
+
# Whether mapping of IAM accounts to database accounts is enabled.
|
7923
8518
|
# @return [Boolean]
|
7924
8519
|
#
|
7925
8520
|
# @!attribute [rw] processor_features
|
8521
|
+
# The number of CPU cores and the number of threads per core for the
|
8522
|
+
# DB instance class of the DB instance.
|
7926
8523
|
# @return [Array<Types::AwsRdsDbProcessorFeature>]
|
7927
8524
|
#
|
7928
8525
|
# @!attribute [rw] dbi_resource_id
|
8526
|
+
# The identifier for the source DB instance.
|
7929
8527
|
# @return [String]
|
7930
8528
|
#
|
7931
8529
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSnapshotDetails AWS API Documentation
|
@@ -9718,6 +10316,19 @@ module Aws::SecurityHub
|
|
9718
10316
|
# },
|
9719
10317
|
# ],
|
9720
10318
|
# source_dest_check: false,
|
10319
|
+
# ip_v6_addresses: [
|
10320
|
+
# {
|
10321
|
+
# ip_v6_address: "NonEmptyString",
|
10322
|
+
# },
|
10323
|
+
# ],
|
10324
|
+
# private_ip_addresses: [
|
10325
|
+
# {
|
10326
|
+
# private_ip_address: "NonEmptyString",
|
10327
|
+
# private_dns_name: "NonEmptyString",
|
10328
|
+
# },
|
10329
|
+
# ],
|
10330
|
+
# public_dns_name: "NonEmptyString",
|
10331
|
+
# public_ip: "NonEmptyString",
|
9721
10332
|
# },
|
9722
10333
|
# aws_ec2_security_group: {
|
9723
10334
|
# group_name: "NonEmptyString",
|
@@ -10218,6 +10829,30 @@ module Aws::SecurityHub
|
|
10218
10829
|
# sns_topic_name: "NonEmptyString",
|
10219
10830
|
# trail_arn: "NonEmptyString",
|
10220
10831
|
# },
|
10832
|
+
# aws_ssm_patch_compliance: {
|
10833
|
+
# patch: {
|
10834
|
+
# compliance_summary: {
|
10835
|
+
# status: "NonEmptyString",
|
10836
|
+
# compliant_critical_count: 1,
|
10837
|
+
# compliant_high_count: 1,
|
10838
|
+
# compliant_medium_count: 1,
|
10839
|
+
# execution_type: "NonEmptyString",
|
10840
|
+
# non_compliant_critical_count: 1,
|
10841
|
+
# compliant_informational_count: 1,
|
10842
|
+
# non_compliant_informational_count: 1,
|
10843
|
+
# compliant_unspecified_count: 1,
|
10844
|
+
# non_compliant_low_count: 1,
|
10845
|
+
# non_compliant_high_count: 1,
|
10846
|
+
# compliant_low_count: 1,
|
10847
|
+
# compliance_type: "NonEmptyString",
|
10848
|
+
# patch_baseline_id: "NonEmptyString",
|
10849
|
+
# overall_severity: "NonEmptyString",
|
10850
|
+
# non_compliant_medium_count: 1,
|
10851
|
+
# non_compliant_unspecified_count: 1,
|
10852
|
+
# patch_group: "NonEmptyString",
|
10853
|
+
# },
|
10854
|
+
# },
|
10855
|
+
# },
|
10221
10856
|
# aws_certificate_manager_certificate: {
|
10222
10857
|
# certificate_authority_arn: "NonEmptyString",
|
10223
10858
|
# created_at: "NonEmptyString",
|
@@ -10994,9 +11629,117 @@ module Aws::SecurityHub
|
|
10994
11629
|
# reboot_option: "NonEmptyString",
|
10995
11630
|
# operation: "NonEmptyString",
|
10996
11631
|
# },
|
10997
|
-
#
|
10998
|
-
#
|
10999
|
-
#
|
11632
|
+
# action: {
|
11633
|
+
# action_type: "NonEmptyString",
|
11634
|
+
# network_connection_action: {
|
11635
|
+
# connection_direction: "NonEmptyString",
|
11636
|
+
# remote_ip_details: {
|
11637
|
+
# ip_address_v4: "NonEmptyString",
|
11638
|
+
# organization: {
|
11639
|
+
# asn: 1,
|
11640
|
+
# asn_org: "NonEmptyString",
|
11641
|
+
# isp: "NonEmptyString",
|
11642
|
+
# org: "NonEmptyString",
|
11643
|
+
# },
|
11644
|
+
# country: {
|
11645
|
+
# country_code: "NonEmptyString",
|
11646
|
+
# country_name: "NonEmptyString",
|
11647
|
+
# },
|
11648
|
+
# city: {
|
11649
|
+
# city_name: "NonEmptyString",
|
11650
|
+
# },
|
11651
|
+
# geo_location: {
|
11652
|
+
# lon: 1.0,
|
11653
|
+
# lat: 1.0,
|
11654
|
+
# },
|
11655
|
+
# },
|
11656
|
+
# remote_port_details: {
|
11657
|
+
# port: 1,
|
11658
|
+
# port_name: "NonEmptyString",
|
11659
|
+
# },
|
11660
|
+
# local_port_details: {
|
11661
|
+
# port: 1,
|
11662
|
+
# port_name: "NonEmptyString",
|
11663
|
+
# },
|
11664
|
+
# protocol: "NonEmptyString",
|
11665
|
+
# blocked: false,
|
11666
|
+
# },
|
11667
|
+
# aws_api_call_action: {
|
11668
|
+
# api: "NonEmptyString",
|
11669
|
+
# service_name: "NonEmptyString",
|
11670
|
+
# caller_type: "NonEmptyString",
|
11671
|
+
# remote_ip_details: {
|
11672
|
+
# ip_address_v4: "NonEmptyString",
|
11673
|
+
# organization: {
|
11674
|
+
# asn: 1,
|
11675
|
+
# asn_org: "NonEmptyString",
|
11676
|
+
# isp: "NonEmptyString",
|
11677
|
+
# org: "NonEmptyString",
|
11678
|
+
# },
|
11679
|
+
# country: {
|
11680
|
+
# country_code: "NonEmptyString",
|
11681
|
+
# country_name: "NonEmptyString",
|
11682
|
+
# },
|
11683
|
+
# city: {
|
11684
|
+
# city_name: "NonEmptyString",
|
11685
|
+
# },
|
11686
|
+
# geo_location: {
|
11687
|
+
# lon: 1.0,
|
11688
|
+
# lat: 1.0,
|
11689
|
+
# },
|
11690
|
+
# },
|
11691
|
+
# domain_details: {
|
11692
|
+
# domain: "NonEmptyString",
|
11693
|
+
# },
|
11694
|
+
# affected_resources: {
|
11695
|
+
# "NonEmptyString" => "NonEmptyString",
|
11696
|
+
# },
|
11697
|
+
# first_seen: "NonEmptyString",
|
11698
|
+
# last_seen: "NonEmptyString",
|
11699
|
+
# },
|
11700
|
+
# dns_request_action: {
|
11701
|
+
# domain: "NonEmptyString",
|
11702
|
+
# protocol: "NonEmptyString",
|
11703
|
+
# blocked: false,
|
11704
|
+
# },
|
11705
|
+
# port_probe_action: {
|
11706
|
+
# port_probe_details: [
|
11707
|
+
# {
|
11708
|
+
# local_port_details: {
|
11709
|
+
# port: 1,
|
11710
|
+
# port_name: "NonEmptyString",
|
11711
|
+
# },
|
11712
|
+
# local_ip_details: {
|
11713
|
+
# ip_address_v4: "NonEmptyString",
|
11714
|
+
# },
|
11715
|
+
# remote_ip_details: {
|
11716
|
+
# ip_address_v4: "NonEmptyString",
|
11717
|
+
# organization: {
|
11718
|
+
# asn: 1,
|
11719
|
+
# asn_org: "NonEmptyString",
|
11720
|
+
# isp: "NonEmptyString",
|
11721
|
+
# org: "NonEmptyString",
|
11722
|
+
# },
|
11723
|
+
# country: {
|
11724
|
+
# country_code: "NonEmptyString",
|
11725
|
+
# country_name: "NonEmptyString",
|
11726
|
+
# },
|
11727
|
+
# city: {
|
11728
|
+
# city_name: "NonEmptyString",
|
11729
|
+
# },
|
11730
|
+
# geo_location: {
|
11731
|
+
# lon: 1.0,
|
11732
|
+
# lat: 1.0,
|
11733
|
+
# },
|
11734
|
+
# },
|
11735
|
+
# },
|
11736
|
+
# ],
|
11737
|
+
# blocked: false,
|
11738
|
+
# },
|
11739
|
+
# },
|
11740
|
+
# }
|
11741
|
+
#
|
11742
|
+
# @!attribute [rw] schema_version
|
11000
11743
|
# The schema version that a finding is formatted for.
|
11001
11744
|
# @return [String]
|
11002
11745
|
#
|
@@ -11209,6 +11952,11 @@ module Aws::SecurityHub
|
|
11209
11952
|
# against a selected compliance standard.
|
11210
11953
|
# @return [Types::PatchSummary]
|
11211
11954
|
#
|
11955
|
+
# @!attribute [rw] action
|
11956
|
+
# Provides details about an action that affects or that was taken on a
|
11957
|
+
# resource.
|
11958
|
+
# @return [Types::Action]
|
11959
|
+
#
|
11212
11960
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
|
11213
11961
|
#
|
11214
11962
|
class AwsSecurityFinding < Struct.new(
|
@@ -11245,7 +11993,8 @@ module Aws::SecurityHub
|
|
11245
11993
|
:related_findings,
|
11246
11994
|
:note,
|
11247
11995
|
:vulnerabilities,
|
11248
|
-
:patch_summary
|
11996
|
+
:patch_summary,
|
11997
|
+
:action)
|
11249
11998
|
SENSITIVE = []
|
11250
11999
|
include Aws::Structure
|
11251
12000
|
end
|
@@ -12173,6 +12922,14 @@ module Aws::SecurityHub
|
|
12173
12922
|
#
|
12174
12923
|
# * `NEW` - The initial state of a finding, before it is reviewed.
|
12175
12924
|
#
|
12925
|
+
# Security Hub also resets the workflow status from `NOTIFIED` or
|
12926
|
+
# `RESOLVED` to `NEW` in the following cases:
|
12927
|
+
#
|
12928
|
+
# * The record state changes from `ARCHIVED` to `ACTIVE`.
|
12929
|
+
#
|
12930
|
+
# * The compliance status changes from `PASSED` to either `WARNING`,
|
12931
|
+
# `FAILED`, or `NOT_AVAILABLE`.
|
12932
|
+
#
|
12176
12933
|
# * `NOTIFIED` - Indicates that the resource owner has been notified
|
12177
12934
|
# about the security issue. Used when the initial reviewer is not
|
12178
12935
|
# the resource owner, and needs intervention from the resource
|
@@ -12452,6 +13209,236 @@ module Aws::SecurityHub
|
|
12452
13209
|
include Aws::Structure
|
12453
13210
|
end
|
12454
13211
|
|
13212
|
+
# Provides the details about the compliance status for a patch.
|
13213
|
+
#
|
13214
|
+
# @note When making an API call, you may pass AwsSsmComplianceSummary
|
13215
|
+
# data as a hash:
|
13216
|
+
#
|
13217
|
+
# {
|
13218
|
+
# status: "NonEmptyString",
|
13219
|
+
# compliant_critical_count: 1,
|
13220
|
+
# compliant_high_count: 1,
|
13221
|
+
# compliant_medium_count: 1,
|
13222
|
+
# execution_type: "NonEmptyString",
|
13223
|
+
# non_compliant_critical_count: 1,
|
13224
|
+
# compliant_informational_count: 1,
|
13225
|
+
# non_compliant_informational_count: 1,
|
13226
|
+
# compliant_unspecified_count: 1,
|
13227
|
+
# non_compliant_low_count: 1,
|
13228
|
+
# non_compliant_high_count: 1,
|
13229
|
+
# compliant_low_count: 1,
|
13230
|
+
# compliance_type: "NonEmptyString",
|
13231
|
+
# patch_baseline_id: "NonEmptyString",
|
13232
|
+
# overall_severity: "NonEmptyString",
|
13233
|
+
# non_compliant_medium_count: 1,
|
13234
|
+
# non_compliant_unspecified_count: 1,
|
13235
|
+
# patch_group: "NonEmptyString",
|
13236
|
+
# }
|
13237
|
+
#
|
13238
|
+
# @!attribute [rw] status
|
13239
|
+
# The current patch compliance status.
|
13240
|
+
#
|
13241
|
+
# The possible status values are:
|
13242
|
+
#
|
13243
|
+
# * `COMPLIANT`
|
13244
|
+
#
|
13245
|
+
# * `NON_COMPLIANT`
|
13246
|
+
#
|
13247
|
+
# * `UNSPECIFIED_DATA`
|
13248
|
+
# @return [String]
|
13249
|
+
#
|
13250
|
+
# @!attribute [rw] compliant_critical_count
|
13251
|
+
# For the patches that are compliant, the number that have a severity
|
13252
|
+
# of `CRITICAL`.
|
13253
|
+
# @return [Integer]
|
13254
|
+
#
|
13255
|
+
# @!attribute [rw] compliant_high_count
|
13256
|
+
# For the patches that are compliant, the number that have a severity
|
13257
|
+
# of `HIGH`.
|
13258
|
+
# @return [Integer]
|
13259
|
+
#
|
13260
|
+
# @!attribute [rw] compliant_medium_count
|
13261
|
+
# For the patches that are compliant, the number that have a severity
|
13262
|
+
# of `MEDIUM`.
|
13263
|
+
# @return [Integer]
|
13264
|
+
#
|
13265
|
+
# @!attribute [rw] execution_type
|
13266
|
+
# The type of execution that was used determine compliance.
|
13267
|
+
# @return [String]
|
13268
|
+
#
|
13269
|
+
# @!attribute [rw] non_compliant_critical_count
|
13270
|
+
# For the patch items that are noncompliant, the number of items that
|
13271
|
+
# have a severity of `CRITICAL`.
|
13272
|
+
# @return [Integer]
|
13273
|
+
#
|
13274
|
+
# @!attribute [rw] compliant_informational_count
|
13275
|
+
# For the patches that are compliant, the number that have a severity
|
13276
|
+
# of `INFORMATIONAL`.
|
13277
|
+
# @return [Integer]
|
13278
|
+
#
|
13279
|
+
# @!attribute [rw] non_compliant_informational_count
|
13280
|
+
# For the patches that are noncompliant, the number that have a
|
13281
|
+
# severity of `INFORMATIONAL`.
|
13282
|
+
# @return [Integer]
|
13283
|
+
#
|
13284
|
+
# @!attribute [rw] compliant_unspecified_count
|
13285
|
+
# For the patches that are compliant, the number that have a severity
|
13286
|
+
# of `UNSPECIFIED`.
|
13287
|
+
# @return [Integer]
|
13288
|
+
#
|
13289
|
+
# @!attribute [rw] non_compliant_low_count
|
13290
|
+
# For the patches that are noncompliant, the number that have a
|
13291
|
+
# severity of `LOW`.
|
13292
|
+
# @return [Integer]
|
13293
|
+
#
|
13294
|
+
# @!attribute [rw] non_compliant_high_count
|
13295
|
+
# For the patches that are noncompliant, the number that have a
|
13296
|
+
# severity of `HIGH`.
|
13297
|
+
# @return [Integer]
|
13298
|
+
#
|
13299
|
+
# @!attribute [rw] compliant_low_count
|
13300
|
+
# For the patches that are compliant, the number that have a severity
|
13301
|
+
# of `LOW`.
|
13302
|
+
# @return [Integer]
|
13303
|
+
#
|
13304
|
+
# @!attribute [rw] compliance_type
|
13305
|
+
# The type of resource for which the compliance was determined. For
|
13306
|
+
# `AwsSsmPatchCompliance`, `ComplianceType` is `Patch`.
|
13307
|
+
# @return [String]
|
13308
|
+
#
|
13309
|
+
# @!attribute [rw] patch_baseline_id
|
13310
|
+
# The identifier of the patch baseline. The patch baseline lists the
|
13311
|
+
# patches that are approved for installation.
|
13312
|
+
# @return [String]
|
13313
|
+
#
|
13314
|
+
# @!attribute [rw] overall_severity
|
13315
|
+
# The highest severity for the patches.
|
13316
|
+
# @return [String]
|
13317
|
+
#
|
13318
|
+
# @!attribute [rw] non_compliant_medium_count
|
13319
|
+
# For the patches that are noncompliant, the number that have a
|
13320
|
+
# severity of `MEDIUM`.
|
13321
|
+
# @return [Integer]
|
13322
|
+
#
|
13323
|
+
# @!attribute [rw] non_compliant_unspecified_count
|
13324
|
+
# For the patches that are noncompliant, the number that have a
|
13325
|
+
# severity of `UNSPECIFIED`.
|
13326
|
+
# @return [Integer]
|
13327
|
+
#
|
13328
|
+
# @!attribute [rw] patch_group
|
13329
|
+
# The identifier of the patch group for which compliance was
|
13330
|
+
# determined. A patch group uses tags to group EC2 instances that
|
13331
|
+
# should have the same patch compliance.
|
13332
|
+
# @return [String]
|
13333
|
+
#
|
13334
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmComplianceSummary AWS API Documentation
|
13335
|
+
#
|
13336
|
+
class AwsSsmComplianceSummary < Struct.new(
|
13337
|
+
:status,
|
13338
|
+
:compliant_critical_count,
|
13339
|
+
:compliant_high_count,
|
13340
|
+
:compliant_medium_count,
|
13341
|
+
:execution_type,
|
13342
|
+
:non_compliant_critical_count,
|
13343
|
+
:compliant_informational_count,
|
13344
|
+
:non_compliant_informational_count,
|
13345
|
+
:compliant_unspecified_count,
|
13346
|
+
:non_compliant_low_count,
|
13347
|
+
:non_compliant_high_count,
|
13348
|
+
:compliant_low_count,
|
13349
|
+
:compliance_type,
|
13350
|
+
:patch_baseline_id,
|
13351
|
+
:overall_severity,
|
13352
|
+
:non_compliant_medium_count,
|
13353
|
+
:non_compliant_unspecified_count,
|
13354
|
+
:patch_group)
|
13355
|
+
SENSITIVE = []
|
13356
|
+
include Aws::Structure
|
13357
|
+
end
|
13358
|
+
|
13359
|
+
# Provides details about the compliance for a patch.
|
13360
|
+
#
|
13361
|
+
# @note When making an API call, you may pass AwsSsmPatch
|
13362
|
+
# data as a hash:
|
13363
|
+
#
|
13364
|
+
# {
|
13365
|
+
# compliance_summary: {
|
13366
|
+
# status: "NonEmptyString",
|
13367
|
+
# compliant_critical_count: 1,
|
13368
|
+
# compliant_high_count: 1,
|
13369
|
+
# compliant_medium_count: 1,
|
13370
|
+
# execution_type: "NonEmptyString",
|
13371
|
+
# non_compliant_critical_count: 1,
|
13372
|
+
# compliant_informational_count: 1,
|
13373
|
+
# non_compliant_informational_count: 1,
|
13374
|
+
# compliant_unspecified_count: 1,
|
13375
|
+
# non_compliant_low_count: 1,
|
13376
|
+
# non_compliant_high_count: 1,
|
13377
|
+
# compliant_low_count: 1,
|
13378
|
+
# compliance_type: "NonEmptyString",
|
13379
|
+
# patch_baseline_id: "NonEmptyString",
|
13380
|
+
# overall_severity: "NonEmptyString",
|
13381
|
+
# non_compliant_medium_count: 1,
|
13382
|
+
# non_compliant_unspecified_count: 1,
|
13383
|
+
# patch_group: "NonEmptyString",
|
13384
|
+
# },
|
13385
|
+
# }
|
13386
|
+
#
|
13387
|
+
# @!attribute [rw] compliance_summary
|
13388
|
+
# The compliance status details for the patch.
|
13389
|
+
# @return [Types::AwsSsmComplianceSummary]
|
13390
|
+
#
|
13391
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
|
13392
|
+
#
|
13393
|
+
class AwsSsmPatch < Struct.new(
|
13394
|
+
:compliance_summary)
|
13395
|
+
SENSITIVE = []
|
13396
|
+
include Aws::Structure
|
13397
|
+
end
|
13398
|
+
|
13399
|
+
# Provides information about the state of a patch on an instance based
|
13400
|
+
# on the patch baseline that was used to patch the instance.
|
13401
|
+
#
|
13402
|
+
# @note When making an API call, you may pass AwsSsmPatchComplianceDetails
|
13403
|
+
# data as a hash:
|
13404
|
+
#
|
13405
|
+
# {
|
13406
|
+
# patch: {
|
13407
|
+
# compliance_summary: {
|
13408
|
+
# status: "NonEmptyString",
|
13409
|
+
# compliant_critical_count: 1,
|
13410
|
+
# compliant_high_count: 1,
|
13411
|
+
# compliant_medium_count: 1,
|
13412
|
+
# execution_type: "NonEmptyString",
|
13413
|
+
# non_compliant_critical_count: 1,
|
13414
|
+
# compliant_informational_count: 1,
|
13415
|
+
# non_compliant_informational_count: 1,
|
13416
|
+
# compliant_unspecified_count: 1,
|
13417
|
+
# non_compliant_low_count: 1,
|
13418
|
+
# non_compliant_high_count: 1,
|
13419
|
+
# compliant_low_count: 1,
|
13420
|
+
# compliance_type: "NonEmptyString",
|
13421
|
+
# patch_baseline_id: "NonEmptyString",
|
13422
|
+
# overall_severity: "NonEmptyString",
|
13423
|
+
# non_compliant_medium_count: 1,
|
13424
|
+
# non_compliant_unspecified_count: 1,
|
13425
|
+
# patch_group: "NonEmptyString",
|
13426
|
+
# },
|
13427
|
+
# },
|
13428
|
+
# }
|
13429
|
+
#
|
13430
|
+
# @!attribute [rw] patch
|
13431
|
+
# Information about the status of a patch.
|
13432
|
+
# @return [Types::AwsSsmPatch]
|
13433
|
+
#
|
13434
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
|
13435
|
+
#
|
13436
|
+
class AwsSsmPatchComplianceDetails < Struct.new(
|
13437
|
+
:patch)
|
13438
|
+
SENSITIVE = []
|
13439
|
+
include Aws::Structure
|
13440
|
+
end
|
13441
|
+
|
12455
13442
|
# Details about a WAF WebACL.
|
12456
13443
|
#
|
12457
13444
|
# @note When making an API call, you may pass AwsWafWebAclDetails
|
@@ -12914,6 +13901,19 @@ module Aws::SecurityHub
|
|
12914
13901
|
# },
|
12915
13902
|
# ],
|
12916
13903
|
# source_dest_check: false,
|
13904
|
+
# ip_v6_addresses: [
|
13905
|
+
# {
|
13906
|
+
# ip_v6_address: "NonEmptyString",
|
13907
|
+
# },
|
13908
|
+
# ],
|
13909
|
+
# private_ip_addresses: [
|
13910
|
+
# {
|
13911
|
+
# private_ip_address: "NonEmptyString",
|
13912
|
+
# private_dns_name: "NonEmptyString",
|
13913
|
+
# },
|
13914
|
+
# ],
|
13915
|
+
# public_dns_name: "NonEmptyString",
|
13916
|
+
# public_ip: "NonEmptyString",
|
12917
13917
|
# },
|
12918
13918
|
# aws_ec2_security_group: {
|
12919
13919
|
# group_name: "NonEmptyString",
|
@@ -13414,6 +14414,30 @@ module Aws::SecurityHub
|
|
13414
14414
|
# sns_topic_name: "NonEmptyString",
|
13415
14415
|
# trail_arn: "NonEmptyString",
|
13416
14416
|
# },
|
14417
|
+
# aws_ssm_patch_compliance: {
|
14418
|
+
# patch: {
|
14419
|
+
# compliance_summary: {
|
14420
|
+
# status: "NonEmptyString",
|
14421
|
+
# compliant_critical_count: 1,
|
14422
|
+
# compliant_high_count: 1,
|
14423
|
+
# compliant_medium_count: 1,
|
14424
|
+
# execution_type: "NonEmptyString",
|
14425
|
+
# non_compliant_critical_count: 1,
|
14426
|
+
# compliant_informational_count: 1,
|
14427
|
+
# non_compliant_informational_count: 1,
|
14428
|
+
# compliant_unspecified_count: 1,
|
14429
|
+
# non_compliant_low_count: 1,
|
14430
|
+
# non_compliant_high_count: 1,
|
14431
|
+
# compliant_low_count: 1,
|
14432
|
+
# compliance_type: "NonEmptyString",
|
14433
|
+
# patch_baseline_id: "NonEmptyString",
|
14434
|
+
# overall_severity: "NonEmptyString",
|
14435
|
+
# non_compliant_medium_count: 1,
|
14436
|
+
# non_compliant_unspecified_count: 1,
|
14437
|
+
# patch_group: "NonEmptyString",
|
14438
|
+
# },
|
14439
|
+
# },
|
14440
|
+
# },
|
13417
14441
|
# aws_certificate_manager_certificate: {
|
13418
14442
|
# certificate_authority_arn: "NonEmptyString",
|
13419
14443
|
# created_at: "NonEmptyString",
|
@@ -14190,6 +15214,114 @@ module Aws::SecurityHub
|
|
14190
15214
|
# reboot_option: "NonEmptyString",
|
14191
15215
|
# operation: "NonEmptyString",
|
14192
15216
|
# },
|
15217
|
+
# action: {
|
15218
|
+
# action_type: "NonEmptyString",
|
15219
|
+
# network_connection_action: {
|
15220
|
+
# connection_direction: "NonEmptyString",
|
15221
|
+
# remote_ip_details: {
|
15222
|
+
# ip_address_v4: "NonEmptyString",
|
15223
|
+
# organization: {
|
15224
|
+
# asn: 1,
|
15225
|
+
# asn_org: "NonEmptyString",
|
15226
|
+
# isp: "NonEmptyString",
|
15227
|
+
# org: "NonEmptyString",
|
15228
|
+
# },
|
15229
|
+
# country: {
|
15230
|
+
# country_code: "NonEmptyString",
|
15231
|
+
# country_name: "NonEmptyString",
|
15232
|
+
# },
|
15233
|
+
# city: {
|
15234
|
+
# city_name: "NonEmptyString",
|
15235
|
+
# },
|
15236
|
+
# geo_location: {
|
15237
|
+
# lon: 1.0,
|
15238
|
+
# lat: 1.0,
|
15239
|
+
# },
|
15240
|
+
# },
|
15241
|
+
# remote_port_details: {
|
15242
|
+
# port: 1,
|
15243
|
+
# port_name: "NonEmptyString",
|
15244
|
+
# },
|
15245
|
+
# local_port_details: {
|
15246
|
+
# port: 1,
|
15247
|
+
# port_name: "NonEmptyString",
|
15248
|
+
# },
|
15249
|
+
# protocol: "NonEmptyString",
|
15250
|
+
# blocked: false,
|
15251
|
+
# },
|
15252
|
+
# aws_api_call_action: {
|
15253
|
+
# api: "NonEmptyString",
|
15254
|
+
# service_name: "NonEmptyString",
|
15255
|
+
# caller_type: "NonEmptyString",
|
15256
|
+
# remote_ip_details: {
|
15257
|
+
# ip_address_v4: "NonEmptyString",
|
15258
|
+
# organization: {
|
15259
|
+
# asn: 1,
|
15260
|
+
# asn_org: "NonEmptyString",
|
15261
|
+
# isp: "NonEmptyString",
|
15262
|
+
# org: "NonEmptyString",
|
15263
|
+
# },
|
15264
|
+
# country: {
|
15265
|
+
# country_code: "NonEmptyString",
|
15266
|
+
# country_name: "NonEmptyString",
|
15267
|
+
# },
|
15268
|
+
# city: {
|
15269
|
+
# city_name: "NonEmptyString",
|
15270
|
+
# },
|
15271
|
+
# geo_location: {
|
15272
|
+
# lon: 1.0,
|
15273
|
+
# lat: 1.0,
|
15274
|
+
# },
|
15275
|
+
# },
|
15276
|
+
# domain_details: {
|
15277
|
+
# domain: "NonEmptyString",
|
15278
|
+
# },
|
15279
|
+
# affected_resources: {
|
15280
|
+
# "NonEmptyString" => "NonEmptyString",
|
15281
|
+
# },
|
15282
|
+
# first_seen: "NonEmptyString",
|
15283
|
+
# last_seen: "NonEmptyString",
|
15284
|
+
# },
|
15285
|
+
# dns_request_action: {
|
15286
|
+
# domain: "NonEmptyString",
|
15287
|
+
# protocol: "NonEmptyString",
|
15288
|
+
# blocked: false,
|
15289
|
+
# },
|
15290
|
+
# port_probe_action: {
|
15291
|
+
# port_probe_details: [
|
15292
|
+
# {
|
15293
|
+
# local_port_details: {
|
15294
|
+
# port: 1,
|
15295
|
+
# port_name: "NonEmptyString",
|
15296
|
+
# },
|
15297
|
+
# local_ip_details: {
|
15298
|
+
# ip_address_v4: "NonEmptyString",
|
15299
|
+
# },
|
15300
|
+
# remote_ip_details: {
|
15301
|
+
# ip_address_v4: "NonEmptyString",
|
15302
|
+
# organization: {
|
15303
|
+
# asn: 1,
|
15304
|
+
# asn_org: "NonEmptyString",
|
15305
|
+
# isp: "NonEmptyString",
|
15306
|
+
# org: "NonEmptyString",
|
15307
|
+
# },
|
15308
|
+
# country: {
|
15309
|
+
# country_code: "NonEmptyString",
|
15310
|
+
# country_name: "NonEmptyString",
|
15311
|
+
# },
|
15312
|
+
# city: {
|
15313
|
+
# city_name: "NonEmptyString",
|
15314
|
+
# },
|
15315
|
+
# geo_location: {
|
15316
|
+
# lon: 1.0,
|
15317
|
+
# lat: 1.0,
|
15318
|
+
# },
|
15319
|
+
# },
|
15320
|
+
# },
|
15321
|
+
# ],
|
15322
|
+
# blocked: false,
|
15323
|
+
# },
|
15324
|
+
# },
|
14193
15325
|
# },
|
14194
15326
|
# ],
|
14195
15327
|
# }
|
@@ -14446,6 +15578,27 @@ module Aws::SecurityHub
|
|
14446
15578
|
include Aws::Structure
|
14447
15579
|
end
|
14448
15580
|
|
15581
|
+
# Information about a city.
|
15582
|
+
#
|
15583
|
+
# @note When making an API call, you may pass City
|
15584
|
+
# data as a hash:
|
15585
|
+
#
|
15586
|
+
# {
|
15587
|
+
# city_name: "NonEmptyString",
|
15588
|
+
# }
|
15589
|
+
#
|
15590
|
+
# @!attribute [rw] city_name
|
15591
|
+
# The name of the city.
|
15592
|
+
# @return [String]
|
15593
|
+
#
|
15594
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/City AWS API Documentation
|
15595
|
+
#
|
15596
|
+
class City < Struct.new(
|
15597
|
+
:city_name)
|
15598
|
+
SENSITIVE = []
|
15599
|
+
include Aws::Structure
|
15600
|
+
end
|
15601
|
+
|
14449
15602
|
# Contains finding details that are specific to control-based findings.
|
14450
15603
|
# Only returned for findings generated from controls.
|
14451
15604
|
#
|
@@ -14557,6 +15710,33 @@ module Aws::SecurityHub
|
|
14557
15710
|
include Aws::Structure
|
14558
15711
|
end
|
14559
15712
|
|
15713
|
+
# Information about a country.
|
15714
|
+
#
|
15715
|
+
# @note When making an API call, you may pass Country
|
15716
|
+
# data as a hash:
|
15717
|
+
#
|
15718
|
+
# {
|
15719
|
+
# country_code: "NonEmptyString",
|
15720
|
+
# country_name: "NonEmptyString",
|
15721
|
+
# }
|
15722
|
+
#
|
15723
|
+
# @!attribute [rw] country_code
|
15724
|
+
# The 2-letter ISO 3166 country code for the country.
|
15725
|
+
# @return [String]
|
15726
|
+
#
|
15727
|
+
# @!attribute [rw] country_name
|
15728
|
+
# The name of the country.
|
15729
|
+
# @return [String]
|
15730
|
+
#
|
15731
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Country AWS API Documentation
|
15732
|
+
#
|
15733
|
+
class Country < Struct.new(
|
15734
|
+
:country_code,
|
15735
|
+
:country_name)
|
15736
|
+
SENSITIVE = []
|
15737
|
+
include Aws::Structure
|
15738
|
+
end
|
15739
|
+
|
14560
15740
|
# @note When making an API call, you may pass CreateActionTargetRequest
|
14561
15741
|
# data as a hash:
|
14562
15742
|
#
|
@@ -15207,9 +16387,9 @@ module Aws::SecurityHub
|
|
15207
16387
|
# data as a hash:
|
15208
16388
|
#
|
15209
16389
|
# {
|
15210
|
-
# account_details: [
|
16390
|
+
# account_details: [ # required
|
15211
16391
|
# {
|
15212
|
-
# account_id: "AccountId",
|
16392
|
+
# account_id: "AccountId", # required
|
15213
16393
|
# email: "NonEmptyString",
|
15214
16394
|
# },
|
15215
16395
|
# ],
|
@@ -15217,8 +16397,8 @@ module Aws::SecurityHub
|
|
15217
16397
|
#
|
15218
16398
|
# @!attribute [rw] account_details
|
15219
16399
|
# The list of accounts to associate with the Security Hub master
|
15220
|
-
# account. For each account, the list includes the account ID and
|
15221
|
-
# email address.
|
16400
|
+
# account. For each account, the list includes the account ID and
|
16401
|
+
# optionally the email address.
|
15222
16402
|
# @return [Array<Types::AccountDetails>]
|
15223
16403
|
#
|
15224
16404
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
|
@@ -15470,7 +16650,7 @@ module Aws::SecurityHub
|
|
15470
16650
|
# data as a hash:
|
15471
16651
|
#
|
15472
16652
|
# {
|
15473
|
-
# account_ids: ["NonEmptyString"],
|
16653
|
+
# account_ids: ["NonEmptyString"], # required
|
15474
16654
|
# }
|
15475
16655
|
#
|
15476
16656
|
# @!attribute [rw] account_ids
|
@@ -15601,12 +16781,41 @@ module Aws::SecurityHub
|
|
15601
16781
|
include Aws::Structure
|
15602
16782
|
end
|
15603
16783
|
|
16784
|
+
# @api private
|
16785
|
+
#
|
16786
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationRequest AWS API Documentation
|
16787
|
+
#
|
16788
|
+
class DescribeOrganizationConfigurationRequest < Aws::EmptyStructure; end
|
16789
|
+
|
16790
|
+
# @!attribute [rw] auto_enable
|
16791
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
16792
|
+
# organization.
|
16793
|
+
#
|
16794
|
+
# If set to `true`, then Security Hub is enabled for new accounts. If
|
16795
|
+
# set to false, then new accounts are not added automatically.
|
16796
|
+
# @return [Boolean]
|
16797
|
+
#
|
16798
|
+
# @!attribute [rw] member_account_limit_reached
|
16799
|
+
# Whether the maximum number of allowed member accounts are already
|
16800
|
+
# associated with the Security Hub administrator account.
|
16801
|
+
# @return [Boolean]
|
16802
|
+
#
|
16803
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
|
16804
|
+
#
|
16805
|
+
class DescribeOrganizationConfigurationResponse < Struct.new(
|
16806
|
+
:auto_enable,
|
16807
|
+
:member_account_limit_reached)
|
16808
|
+
SENSITIVE = []
|
16809
|
+
include Aws::Structure
|
16810
|
+
end
|
16811
|
+
|
15604
16812
|
# @note When making an API call, you may pass DescribeProductsRequest
|
15605
16813
|
# data as a hash:
|
15606
16814
|
#
|
15607
16815
|
# {
|
15608
16816
|
# next_token: "NextToken",
|
15609
16817
|
# max_results: 1,
|
16818
|
+
# product_arn: "NonEmptyString",
|
15610
16819
|
# }
|
15611
16820
|
#
|
15612
16821
|
# @!attribute [rw] next_token
|
@@ -15623,11 +16832,16 @@ module Aws::SecurityHub
|
|
15623
16832
|
# The maximum number of results to return.
|
15624
16833
|
# @return [Integer]
|
15625
16834
|
#
|
16835
|
+
# @!attribute [rw] product_arn
|
16836
|
+
# The ARN of the integration to return.
|
16837
|
+
# @return [String]
|
16838
|
+
#
|
15626
16839
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
|
15627
16840
|
#
|
15628
16841
|
class DescribeProductsRequest < Struct.new(
|
15629
16842
|
:next_token,
|
15630
|
-
:max_results
|
16843
|
+
:max_results,
|
16844
|
+
:product_arn)
|
15631
16845
|
SENSITIVE = []
|
15632
16846
|
include Aws::Structure
|
15633
16847
|
end
|
@@ -15660,7 +16874,8 @@ module Aws::SecurityHub
|
|
15660
16874
|
#
|
15661
16875
|
# @!attribute [rw] standards_subscription_arn
|
15662
16876
|
# The ARN of a resource that represents your subscription to a
|
15663
|
-
# supported standard.
|
16877
|
+
# supported standard. To get the subscription ARNs of the standards
|
16878
|
+
# you have enabled, use the ` GetEnabledStandards ` operation.
|
15664
16879
|
# @return [String]
|
15665
16880
|
#
|
15666
16881
|
# @!attribute [rw] next_token
|
@@ -15775,6 +16990,30 @@ module Aws::SecurityHub
|
|
15775
16990
|
#
|
15776
16991
|
class DisableImportFindingsForProductResponse < Aws::EmptyStructure; end
|
15777
16992
|
|
16993
|
+
# @note When making an API call, you may pass DisableOrganizationAdminAccountRequest
|
16994
|
+
# data as a hash:
|
16995
|
+
#
|
16996
|
+
# {
|
16997
|
+
# admin_account_id: "NonEmptyString", # required
|
16998
|
+
# }
|
16999
|
+
#
|
17000
|
+
# @!attribute [rw] admin_account_id
|
17001
|
+
# The AWS account identifier of the Security Hub administrator
|
17002
|
+
# account.
|
17003
|
+
# @return [String]
|
17004
|
+
#
|
17005
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountRequest AWS API Documentation
|
17006
|
+
#
|
17007
|
+
class DisableOrganizationAdminAccountRequest < Struct.new(
|
17008
|
+
:admin_account_id)
|
17009
|
+
SENSITIVE = []
|
17010
|
+
include Aws::Structure
|
17011
|
+
end
|
17012
|
+
|
17013
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountResponse AWS API Documentation
|
17014
|
+
#
|
17015
|
+
class DisableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
17016
|
+
|
15778
17017
|
# @api private
|
15779
17018
|
#
|
15780
17019
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubRequest AWS API Documentation
|
@@ -15799,7 +17038,7 @@ module Aws::SecurityHub
|
|
15799
17038
|
# data as a hash:
|
15800
17039
|
#
|
15801
17040
|
# {
|
15802
|
-
# account_ids: ["NonEmptyString"],
|
17041
|
+
# account_ids: ["NonEmptyString"], # required
|
15803
17042
|
# }
|
15804
17043
|
#
|
15805
17044
|
# @!attribute [rw] account_ids
|
@@ -15819,6 +17058,40 @@ module Aws::SecurityHub
|
|
15819
17058
|
#
|
15820
17059
|
class DisassociateMembersResponse < Aws::EmptyStructure; end
|
15821
17060
|
|
17061
|
+
# Provided if `ActionType` is `DNS_REQUEST`. It provides details about
|
17062
|
+
# the DNS request that was detected.
|
17063
|
+
#
|
17064
|
+
# @note When making an API call, you may pass DnsRequestAction
|
17065
|
+
# data as a hash:
|
17066
|
+
#
|
17067
|
+
# {
|
17068
|
+
# domain: "NonEmptyString",
|
17069
|
+
# protocol: "NonEmptyString",
|
17070
|
+
# blocked: false,
|
17071
|
+
# }
|
17072
|
+
#
|
17073
|
+
# @!attribute [rw] domain
|
17074
|
+
# The DNS domain that is associated with the DNS request.
|
17075
|
+
# @return [String]
|
17076
|
+
#
|
17077
|
+
# @!attribute [rw] protocol
|
17078
|
+
# The protocol that was used for the DNS request.
|
17079
|
+
# @return [String]
|
17080
|
+
#
|
17081
|
+
# @!attribute [rw] blocked
|
17082
|
+
# Indicates whether the DNS request was blocked.
|
17083
|
+
# @return [Boolean]
|
17084
|
+
#
|
17085
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DnsRequestAction AWS API Documentation
|
17086
|
+
#
|
17087
|
+
class DnsRequestAction < Struct.new(
|
17088
|
+
:domain,
|
17089
|
+
:protocol,
|
17090
|
+
:blocked)
|
17091
|
+
SENSITIVE = []
|
17092
|
+
include Aws::Structure
|
17093
|
+
end
|
17094
|
+
|
15822
17095
|
# @note When making an API call, you may pass EnableImportFindingsForProductRequest
|
15823
17096
|
# data as a hash:
|
15824
17097
|
#
|
@@ -15851,6 +17124,30 @@ module Aws::SecurityHub
|
|
15851
17124
|
include Aws::Structure
|
15852
17125
|
end
|
15853
17126
|
|
17127
|
+
# @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
|
17128
|
+
# data as a hash:
|
17129
|
+
#
|
17130
|
+
# {
|
17131
|
+
# admin_account_id: "NonEmptyString", # required
|
17132
|
+
# }
|
17133
|
+
#
|
17134
|
+
# @!attribute [rw] admin_account_id
|
17135
|
+
# The AWS account identifier of the account to designate as the
|
17136
|
+
# Security Hub administrator account.
|
17137
|
+
# @return [String]
|
17138
|
+
#
|
17139
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountRequest AWS API Documentation
|
17140
|
+
#
|
17141
|
+
class EnableOrganizationAdminAccountRequest < Struct.new(
|
17142
|
+
:admin_account_id)
|
17143
|
+
SENSITIVE = []
|
17144
|
+
include Aws::Structure
|
17145
|
+
end
|
17146
|
+
|
17147
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountResponse AWS API Documentation
|
17148
|
+
#
|
17149
|
+
class EnableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
17150
|
+
|
15854
17151
|
# @note When making an API call, you may pass EnableSecurityHubRequest
|
15855
17152
|
# data as a hash:
|
15856
17153
|
#
|
@@ -15886,6 +17183,33 @@ module Aws::SecurityHub
|
|
15886
17183
|
#
|
15887
17184
|
class EnableSecurityHubResponse < Aws::EmptyStructure; end
|
15888
17185
|
|
17186
|
+
# Provides the latitude and longitude coordinates of a location.
|
17187
|
+
#
|
17188
|
+
# @note When making an API call, you may pass GeoLocation
|
17189
|
+
# data as a hash:
|
17190
|
+
#
|
17191
|
+
# {
|
17192
|
+
# lon: 1.0,
|
17193
|
+
# lat: 1.0,
|
17194
|
+
# }
|
17195
|
+
#
|
17196
|
+
# @!attribute [rw] lon
|
17197
|
+
# The longitude of the location.
|
17198
|
+
# @return [Float]
|
17199
|
+
#
|
17200
|
+
# @!attribute [rw] lat
|
17201
|
+
# The latitude of the location.
|
17202
|
+
# @return [Float]
|
17203
|
+
#
|
17204
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeoLocation AWS API Documentation
|
17205
|
+
#
|
17206
|
+
class GeoLocation < Struct.new(
|
17207
|
+
:lon,
|
17208
|
+
:lat)
|
17209
|
+
SENSITIVE = []
|
17210
|
+
include Aws::Structure
|
17211
|
+
end
|
17212
|
+
|
15889
17213
|
# @note When making an API call, you may pass GetEnabledStandardsRequest
|
15890
17214
|
# data as a hash:
|
15891
17215
|
#
|
@@ -16858,8 +18182,9 @@ module Aws::SecurityHub
|
|
16858
18182
|
include Aws::Structure
|
16859
18183
|
end
|
16860
18184
|
|
16861
|
-
#
|
16862
|
-
#
|
18185
|
+
# There is an issue with the account used to make the request. Either
|
18186
|
+
# Security Hub is not enabled for the account, or the account does not
|
18187
|
+
# have permission to perform this action.
|
16863
18188
|
#
|
16864
18189
|
# @!attribute [rw] message
|
16865
18190
|
# @return [String]
|
@@ -16929,7 +18254,7 @@ module Aws::SecurityHub
|
|
16929
18254
|
# data as a hash:
|
16930
18255
|
#
|
16931
18256
|
# {
|
16932
|
-
# account_ids: ["NonEmptyString"],
|
18257
|
+
# account_ids: ["NonEmptyString"], # required
|
16933
18258
|
# }
|
16934
18259
|
#
|
16935
18260
|
# @!attribute [rw] account_ids
|
@@ -16979,6 +18304,45 @@ module Aws::SecurityHub
|
|
16979
18304
|
include Aws::Structure
|
16980
18305
|
end
|
16981
18306
|
|
18307
|
+
# Provides information about an internet provider.
|
18308
|
+
#
|
18309
|
+
# @note When making an API call, you may pass IpOrganizationDetails
|
18310
|
+
# data as a hash:
|
18311
|
+
#
|
18312
|
+
# {
|
18313
|
+
# asn: 1,
|
18314
|
+
# asn_org: "NonEmptyString",
|
18315
|
+
# isp: "NonEmptyString",
|
18316
|
+
# org: "NonEmptyString",
|
18317
|
+
# }
|
18318
|
+
#
|
18319
|
+
# @!attribute [rw] asn
|
18320
|
+
# The Autonomous System Number (ASN) of the internet provider
|
18321
|
+
# @return [Integer]
|
18322
|
+
#
|
18323
|
+
# @!attribute [rw] asn_org
|
18324
|
+
# The name of the organization that registered the ASN.
|
18325
|
+
# @return [String]
|
18326
|
+
#
|
18327
|
+
# @!attribute [rw] isp
|
18328
|
+
# The ISP information for the internet provider.
|
18329
|
+
# @return [String]
|
18330
|
+
#
|
18331
|
+
# @!attribute [rw] org
|
18332
|
+
# The name of the internet provider.
|
18333
|
+
# @return [String]
|
18334
|
+
#
|
18335
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IpOrganizationDetails AWS API Documentation
|
18336
|
+
#
|
18337
|
+
class IpOrganizationDetails < Struct.new(
|
18338
|
+
:asn,
|
18339
|
+
:asn_org,
|
18340
|
+
:isp,
|
18341
|
+
:org)
|
18342
|
+
SENSITIVE = []
|
18343
|
+
include Aws::Structure
|
18344
|
+
end
|
18345
|
+
|
16982
18346
|
# An IPV6 CIDR block association.
|
16983
18347
|
#
|
16984
18348
|
# @note When making an API call, you may pass Ipv6CidrBlockAssociation
|
@@ -17034,8 +18398,8 @@ module Aws::SecurityHub
|
|
17034
18398
|
end
|
17035
18399
|
|
17036
18400
|
# The request was rejected because it attempted to create resources
|
17037
|
-
# beyond the current AWS account limits. The error code
|
17038
|
-
# limit exceeded.
|
18401
|
+
# beyond the current AWS account or throttling limits. The error code
|
18402
|
+
# describes the limit exceeded.
|
17039
18403
|
#
|
17040
18404
|
# @!attribute [rw] message
|
17041
18405
|
# @return [String]
|
@@ -17165,7 +18529,7 @@ module Aws::SecurityHub
|
|
17165
18529
|
#
|
17166
18530
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
17167
18531
|
# accounts whose relationship status with the master is set to
|
17168
|
-
# `ENABLED
|
18532
|
+
# `ENABLED`.
|
17169
18533
|
#
|
17170
18534
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
17171
18535
|
# existing member accounts.
|
@@ -17211,6 +18575,52 @@ module Aws::SecurityHub
|
|
17211
18575
|
include Aws::Structure
|
17212
18576
|
end
|
17213
18577
|
|
18578
|
+
# @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
|
18579
|
+
# data as a hash:
|
18580
|
+
#
|
18581
|
+
# {
|
18582
|
+
# max_results: 1,
|
18583
|
+
# next_token: "NextToken",
|
18584
|
+
# }
|
18585
|
+
#
|
18586
|
+
# @!attribute [rw] max_results
|
18587
|
+
# The maximum number of items to return in the response.
|
18588
|
+
# @return [Integer]
|
18589
|
+
#
|
18590
|
+
# @!attribute [rw] next_token
|
18591
|
+
# The token that is required for pagination. On your first call to the
|
18592
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
18593
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
18594
|
+
# continue listing data, set the value of this parameter to the value
|
18595
|
+
# returned from the previous response.
|
18596
|
+
# @return [String]
|
18597
|
+
#
|
18598
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsRequest AWS API Documentation
|
18599
|
+
#
|
18600
|
+
class ListOrganizationAdminAccountsRequest < Struct.new(
|
18601
|
+
:max_results,
|
18602
|
+
:next_token)
|
18603
|
+
SENSITIVE = []
|
18604
|
+
include Aws::Structure
|
18605
|
+
end
|
18606
|
+
|
18607
|
+
# @!attribute [rw] admin_accounts
|
18608
|
+
# The list of Security Hub administrator accounts.
|
18609
|
+
# @return [Array<Types::AdminAccount>]
|
18610
|
+
#
|
18611
|
+
# @!attribute [rw] next_token
|
18612
|
+
# The pagination token to use to request the next page of results.
|
18613
|
+
# @return [String]
|
18614
|
+
#
|
18615
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsResponse AWS API Documentation
|
18616
|
+
#
|
18617
|
+
class ListOrganizationAdminAccountsResponse < Struct.new(
|
18618
|
+
:admin_accounts,
|
18619
|
+
:next_token)
|
18620
|
+
SENSITIVE = []
|
18621
|
+
include Aws::Structure
|
18622
|
+
end
|
18623
|
+
|
17214
18624
|
# @note When making an API call, you may pass ListTagsForResourceRequest
|
17215
18625
|
# data as a hash:
|
17216
18626
|
#
|
@@ -17401,8 +18811,9 @@ module Aws::SecurityHub
|
|
17401
18811
|
# account. The member account has not yet responded to the
|
17402
18812
|
# invitation.
|
17403
18813
|
#
|
17404
|
-
# * `
|
17405
|
-
#
|
18814
|
+
# * `ENABLED` - Indicates that the member account is currently active.
|
18815
|
+
# For manually invited member accounts, indicates that the member
|
18816
|
+
# account accepted the invitation.
|
17406
18817
|
#
|
17407
18818
|
# * `REMOVED` - Indicates that the master account disassociated the
|
17408
18819
|
# member account.
|
@@ -17533,6 +18944,84 @@ module Aws::SecurityHub
|
|
17533
18944
|
include Aws::Structure
|
17534
18945
|
end
|
17535
18946
|
|
18947
|
+
# Provided if `ActionType` is `NETWORK_CONNECTION`. It provides details
|
18948
|
+
# about the attempted network connection that was detected.
|
18949
|
+
#
|
18950
|
+
# @note When making an API call, you may pass NetworkConnectionAction
|
18951
|
+
# data as a hash:
|
18952
|
+
#
|
18953
|
+
# {
|
18954
|
+
# connection_direction: "NonEmptyString",
|
18955
|
+
# remote_ip_details: {
|
18956
|
+
# ip_address_v4: "NonEmptyString",
|
18957
|
+
# organization: {
|
18958
|
+
# asn: 1,
|
18959
|
+
# asn_org: "NonEmptyString",
|
18960
|
+
# isp: "NonEmptyString",
|
18961
|
+
# org: "NonEmptyString",
|
18962
|
+
# },
|
18963
|
+
# country: {
|
18964
|
+
# country_code: "NonEmptyString",
|
18965
|
+
# country_name: "NonEmptyString",
|
18966
|
+
# },
|
18967
|
+
# city: {
|
18968
|
+
# city_name: "NonEmptyString",
|
18969
|
+
# },
|
18970
|
+
# geo_location: {
|
18971
|
+
# lon: 1.0,
|
18972
|
+
# lat: 1.0,
|
18973
|
+
# },
|
18974
|
+
# },
|
18975
|
+
# remote_port_details: {
|
18976
|
+
# port: 1,
|
18977
|
+
# port_name: "NonEmptyString",
|
18978
|
+
# },
|
18979
|
+
# local_port_details: {
|
18980
|
+
# port: 1,
|
18981
|
+
# port_name: "NonEmptyString",
|
18982
|
+
# },
|
18983
|
+
# protocol: "NonEmptyString",
|
18984
|
+
# blocked: false,
|
18985
|
+
# }
|
18986
|
+
#
|
18987
|
+
# @!attribute [rw] connection_direction
|
18988
|
+
# The direction of the network connection request (`IN` or `OUT`).
|
18989
|
+
# @return [String]
|
18990
|
+
#
|
18991
|
+
# @!attribute [rw] remote_ip_details
|
18992
|
+
# Information about the remote IP address that issued the network
|
18993
|
+
# connection request.
|
18994
|
+
# @return [Types::ActionRemoteIpDetails]
|
18995
|
+
#
|
18996
|
+
# @!attribute [rw] remote_port_details
|
18997
|
+
# Information about the port on the remote IP address.
|
18998
|
+
# @return [Types::ActionRemotePortDetails]
|
18999
|
+
#
|
19000
|
+
# @!attribute [rw] local_port_details
|
19001
|
+
# Information about the port on the EC2 instance.
|
19002
|
+
# @return [Types::ActionLocalPortDetails]
|
19003
|
+
#
|
19004
|
+
# @!attribute [rw] protocol
|
19005
|
+
# The protocol used to make the network connection request.
|
19006
|
+
# @return [String]
|
19007
|
+
#
|
19008
|
+
# @!attribute [rw] blocked
|
19009
|
+
# Indicates whether the network connection attempt was blocked.
|
19010
|
+
# @return [Boolean]
|
19011
|
+
#
|
19012
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkConnectionAction AWS API Documentation
|
19013
|
+
#
|
19014
|
+
class NetworkConnectionAction < Struct.new(
|
19015
|
+
:connection_direction,
|
19016
|
+
:remote_ip_details,
|
19017
|
+
:remote_port_details,
|
19018
|
+
:local_port_details,
|
19019
|
+
:protocol,
|
19020
|
+
:blocked)
|
19021
|
+
SENSITIVE = []
|
19022
|
+
include Aws::Structure
|
19023
|
+
end
|
19024
|
+
|
17536
19025
|
# Details about a network path component that occurs before or after the
|
17537
19026
|
# current component.
|
17538
19027
|
#
|
@@ -17908,6 +19397,126 @@ module Aws::SecurityHub
|
|
17908
19397
|
include Aws::Structure
|
17909
19398
|
end
|
17910
19399
|
|
19400
|
+
# Provided if `ActionType` is `PORT_PROBE`. It provides details about
|
19401
|
+
# the attempted port probe that was detected.
|
19402
|
+
#
|
19403
|
+
# @note When making an API call, you may pass PortProbeAction
|
19404
|
+
# data as a hash:
|
19405
|
+
#
|
19406
|
+
# {
|
19407
|
+
# port_probe_details: [
|
19408
|
+
# {
|
19409
|
+
# local_port_details: {
|
19410
|
+
# port: 1,
|
19411
|
+
# port_name: "NonEmptyString",
|
19412
|
+
# },
|
19413
|
+
# local_ip_details: {
|
19414
|
+
# ip_address_v4: "NonEmptyString",
|
19415
|
+
# },
|
19416
|
+
# remote_ip_details: {
|
19417
|
+
# ip_address_v4: "NonEmptyString",
|
19418
|
+
# organization: {
|
19419
|
+
# asn: 1,
|
19420
|
+
# asn_org: "NonEmptyString",
|
19421
|
+
# isp: "NonEmptyString",
|
19422
|
+
# org: "NonEmptyString",
|
19423
|
+
# },
|
19424
|
+
# country: {
|
19425
|
+
# country_code: "NonEmptyString",
|
19426
|
+
# country_name: "NonEmptyString",
|
19427
|
+
# },
|
19428
|
+
# city: {
|
19429
|
+
# city_name: "NonEmptyString",
|
19430
|
+
# },
|
19431
|
+
# geo_location: {
|
19432
|
+
# lon: 1.0,
|
19433
|
+
# lat: 1.0,
|
19434
|
+
# },
|
19435
|
+
# },
|
19436
|
+
# },
|
19437
|
+
# ],
|
19438
|
+
# blocked: false,
|
19439
|
+
# }
|
19440
|
+
#
|
19441
|
+
# @!attribute [rw] port_probe_details
|
19442
|
+
# Information about the ports affected by the port probe.
|
19443
|
+
# @return [Array<Types::PortProbeDetail>]
|
19444
|
+
#
|
19445
|
+
# @!attribute [rw] blocked
|
19446
|
+
# Indicates whether the port probe was blocked.
|
19447
|
+
# @return [Boolean]
|
19448
|
+
#
|
19449
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeAction AWS API Documentation
|
19450
|
+
#
|
19451
|
+
class PortProbeAction < Struct.new(
|
19452
|
+
:port_probe_details,
|
19453
|
+
:blocked)
|
19454
|
+
SENSITIVE = []
|
19455
|
+
include Aws::Structure
|
19456
|
+
end
|
19457
|
+
|
19458
|
+
# A port scan that was part of the port probe. For each scan,
|
19459
|
+
# PortProbeDetails provides information about the local IP address and
|
19460
|
+
# port that were scanned, and the remote IP address that the scan
|
19461
|
+
# originated from.
|
19462
|
+
#
|
19463
|
+
# @note When making an API call, you may pass PortProbeDetail
|
19464
|
+
# data as a hash:
|
19465
|
+
#
|
19466
|
+
# {
|
19467
|
+
# local_port_details: {
|
19468
|
+
# port: 1,
|
19469
|
+
# port_name: "NonEmptyString",
|
19470
|
+
# },
|
19471
|
+
# local_ip_details: {
|
19472
|
+
# ip_address_v4: "NonEmptyString",
|
19473
|
+
# },
|
19474
|
+
# remote_ip_details: {
|
19475
|
+
# ip_address_v4: "NonEmptyString",
|
19476
|
+
# organization: {
|
19477
|
+
# asn: 1,
|
19478
|
+
# asn_org: "NonEmptyString",
|
19479
|
+
# isp: "NonEmptyString",
|
19480
|
+
# org: "NonEmptyString",
|
19481
|
+
# },
|
19482
|
+
# country: {
|
19483
|
+
# country_code: "NonEmptyString",
|
19484
|
+
# country_name: "NonEmptyString",
|
19485
|
+
# },
|
19486
|
+
# city: {
|
19487
|
+
# city_name: "NonEmptyString",
|
19488
|
+
# },
|
19489
|
+
# geo_location: {
|
19490
|
+
# lon: 1.0,
|
19491
|
+
# lat: 1.0,
|
19492
|
+
# },
|
19493
|
+
# },
|
19494
|
+
# }
|
19495
|
+
#
|
19496
|
+
# @!attribute [rw] local_port_details
|
19497
|
+
# Provides information about the port that was scanned.
|
19498
|
+
# @return [Types::ActionLocalPortDetails]
|
19499
|
+
#
|
19500
|
+
# @!attribute [rw] local_ip_details
|
19501
|
+
# Provides information about the IP address where the scanned port is
|
19502
|
+
# located.
|
19503
|
+
# @return [Types::ActionLocalIpDetails]
|
19504
|
+
#
|
19505
|
+
# @!attribute [rw] remote_ip_details
|
19506
|
+
# Provides information about the remote IP address that performed the
|
19507
|
+
# scan.
|
19508
|
+
# @return [Types::ActionRemoteIpDetails]
|
19509
|
+
#
|
19510
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeDetail AWS API Documentation
|
19511
|
+
#
|
19512
|
+
class PortProbeDetail < Struct.new(
|
19513
|
+
:local_port_details,
|
19514
|
+
:local_ip_details,
|
19515
|
+
:remote_ip_details)
|
19516
|
+
SENSITIVE = []
|
19517
|
+
include Aws::Structure
|
19518
|
+
end
|
19519
|
+
|
17911
19520
|
# A range of ports.
|
17912
19521
|
#
|
17913
19522
|
# @note When making an API call, you may pass PortRange
|
@@ -18270,6 +19879,19 @@ module Aws::SecurityHub
|
|
18270
19879
|
# },
|
18271
19880
|
# ],
|
18272
19881
|
# source_dest_check: false,
|
19882
|
+
# ip_v6_addresses: [
|
19883
|
+
# {
|
19884
|
+
# ip_v6_address: "NonEmptyString",
|
19885
|
+
# },
|
19886
|
+
# ],
|
19887
|
+
# private_ip_addresses: [
|
19888
|
+
# {
|
19889
|
+
# private_ip_address: "NonEmptyString",
|
19890
|
+
# private_dns_name: "NonEmptyString",
|
19891
|
+
# },
|
19892
|
+
# ],
|
19893
|
+
# public_dns_name: "NonEmptyString",
|
19894
|
+
# public_ip: "NonEmptyString",
|
18273
19895
|
# },
|
18274
19896
|
# aws_ec2_security_group: {
|
18275
19897
|
# group_name: "NonEmptyString",
|
@@ -18770,6 +20392,30 @@ module Aws::SecurityHub
|
|
18770
20392
|
# sns_topic_name: "NonEmptyString",
|
18771
20393
|
# trail_arn: "NonEmptyString",
|
18772
20394
|
# },
|
20395
|
+
# aws_ssm_patch_compliance: {
|
20396
|
+
# patch: {
|
20397
|
+
# compliance_summary: {
|
20398
|
+
# status: "NonEmptyString",
|
20399
|
+
# compliant_critical_count: 1,
|
20400
|
+
# compliant_high_count: 1,
|
20401
|
+
# compliant_medium_count: 1,
|
20402
|
+
# execution_type: "NonEmptyString",
|
20403
|
+
# non_compliant_critical_count: 1,
|
20404
|
+
# compliant_informational_count: 1,
|
20405
|
+
# non_compliant_informational_count: 1,
|
20406
|
+
# compliant_unspecified_count: 1,
|
20407
|
+
# non_compliant_low_count: 1,
|
20408
|
+
# non_compliant_high_count: 1,
|
20409
|
+
# compliant_low_count: 1,
|
20410
|
+
# compliance_type: "NonEmptyString",
|
20411
|
+
# patch_baseline_id: "NonEmptyString",
|
20412
|
+
# overall_severity: "NonEmptyString",
|
20413
|
+
# non_compliant_medium_count: 1,
|
20414
|
+
# non_compliant_unspecified_count: 1,
|
20415
|
+
# patch_group: "NonEmptyString",
|
20416
|
+
# },
|
20417
|
+
# },
|
20418
|
+
# },
|
18773
20419
|
# aws_certificate_manager_certificate: {
|
18774
20420
|
# certificate_authority_arn: "NonEmptyString",
|
18775
20421
|
# created_at: "NonEmptyString",
|
@@ -19500,6 +21146,8 @@ module Aws::SecurityHub
|
|
19500
21146
|
# @return [String]
|
19501
21147
|
#
|
19502
21148
|
# @!attribute [rw] resource_role
|
21149
|
+
# Identifies the role of the resource in the finding. A resource is
|
21150
|
+
# either the actor or target of the finding activity,
|
19503
21151
|
# @return [String]
|
19504
21152
|
#
|
19505
21153
|
# @!attribute [rw] tags
|
@@ -19669,6 +21317,19 @@ module Aws::SecurityHub
|
|
19669
21317
|
# },
|
19670
21318
|
# ],
|
19671
21319
|
# source_dest_check: false,
|
21320
|
+
# ip_v6_addresses: [
|
21321
|
+
# {
|
21322
|
+
# ip_v6_address: "NonEmptyString",
|
21323
|
+
# },
|
21324
|
+
# ],
|
21325
|
+
# private_ip_addresses: [
|
21326
|
+
# {
|
21327
|
+
# private_ip_address: "NonEmptyString",
|
21328
|
+
# private_dns_name: "NonEmptyString",
|
21329
|
+
# },
|
21330
|
+
# ],
|
21331
|
+
# public_dns_name: "NonEmptyString",
|
21332
|
+
# public_ip: "NonEmptyString",
|
19672
21333
|
# },
|
19673
21334
|
# aws_ec2_security_group: {
|
19674
21335
|
# group_name: "NonEmptyString",
|
@@ -20169,6 +21830,30 @@ module Aws::SecurityHub
|
|
20169
21830
|
# sns_topic_name: "NonEmptyString",
|
20170
21831
|
# trail_arn: "NonEmptyString",
|
20171
21832
|
# },
|
21833
|
+
# aws_ssm_patch_compliance: {
|
21834
|
+
# patch: {
|
21835
|
+
# compliance_summary: {
|
21836
|
+
# status: "NonEmptyString",
|
21837
|
+
# compliant_critical_count: 1,
|
21838
|
+
# compliant_high_count: 1,
|
21839
|
+
# compliant_medium_count: 1,
|
21840
|
+
# execution_type: "NonEmptyString",
|
21841
|
+
# non_compliant_critical_count: 1,
|
21842
|
+
# compliant_informational_count: 1,
|
21843
|
+
# non_compliant_informational_count: 1,
|
21844
|
+
# compliant_unspecified_count: 1,
|
21845
|
+
# non_compliant_low_count: 1,
|
21846
|
+
# non_compliant_high_count: 1,
|
21847
|
+
# compliant_low_count: 1,
|
21848
|
+
# compliance_type: "NonEmptyString",
|
21849
|
+
# patch_baseline_id: "NonEmptyString",
|
21850
|
+
# overall_severity: "NonEmptyString",
|
21851
|
+
# non_compliant_medium_count: 1,
|
21852
|
+
# non_compliant_unspecified_count: 1,
|
21853
|
+
# patch_group: "NonEmptyString",
|
21854
|
+
# },
|
21855
|
+
# },
|
21856
|
+
# },
|
20172
21857
|
# aws_certificate_manager_certificate: {
|
20173
21858
|
# certificate_authority_arn: "NonEmptyString",
|
20174
21859
|
# created_at: "NonEmptyString",
|
@@ -20943,9 +22628,11 @@ module Aws::SecurityHub
|
|
20943
22628
|
# @return [Types::AwsIamPolicyDetails]
|
20944
22629
|
#
|
20945
22630
|
# @!attribute [rw] aws_api_gateway_v2_stage
|
22631
|
+
# Provides information about a version 2 stage for Amazon API Gateway.
|
20946
22632
|
# @return [Types::AwsApiGatewayV2StageDetails]
|
20947
22633
|
#
|
20948
22634
|
# @!attribute [rw] aws_api_gateway_v2_api
|
22635
|
+
# Provides information about a version 2 API in Amazon API Gateway.
|
20949
22636
|
# @return [Types::AwsApiGatewayV2ApiDetails]
|
20950
22637
|
#
|
20951
22638
|
# @!attribute [rw] aws_dynamo_db_table
|
@@ -20953,24 +22640,37 @@ module Aws::SecurityHub
|
|
20953
22640
|
# @return [Types::AwsDynamoDbTableDetails]
|
20954
22641
|
#
|
20955
22642
|
# @!attribute [rw] aws_api_gateway_stage
|
22643
|
+
# Provides information about a version 1 Amazon API Gateway stage.
|
20956
22644
|
# @return [Types::AwsApiGatewayStageDetails]
|
20957
22645
|
#
|
20958
22646
|
# @!attribute [rw] aws_api_gateway_rest_api
|
22647
|
+
# Provides information about a REST API in version 1 of Amazon API
|
22648
|
+
# Gateway.
|
20959
22649
|
# @return [Types::AwsApiGatewayRestApiDetails]
|
20960
22650
|
#
|
20961
22651
|
# @!attribute [rw] aws_cloud_trail_trail
|
22652
|
+
# Provides details about a CloudTrail trail.
|
20962
22653
|
# @return [Types::AwsCloudTrailTrailDetails]
|
20963
22654
|
#
|
22655
|
+
# @!attribute [rw] aws_ssm_patch_compliance
|
22656
|
+
# Provides information about the state of a patch on an instance based
|
22657
|
+
# on the patch baseline that was used to patch the instance.
|
22658
|
+
# @return [Types::AwsSsmPatchComplianceDetails]
|
22659
|
+
#
|
20964
22660
|
# @!attribute [rw] aws_certificate_manager_certificate
|
22661
|
+
# Provides details about an AWS Certificate Manager (ACM) certificate.
|
20965
22662
|
# @return [Types::AwsCertificateManagerCertificateDetails]
|
20966
22663
|
#
|
20967
22664
|
# @!attribute [rw] aws_redshift_cluster
|
22665
|
+
# Contains details about an Amazon Redshift cluster.
|
20968
22666
|
# @return [Types::AwsRedshiftClusterDetails]
|
20969
22667
|
#
|
20970
22668
|
# @!attribute [rw] aws_elb_load_balancer
|
22669
|
+
# contains details about a Classic Load Balancer.
|
20971
22670
|
# @return [Types::AwsElbLoadBalancerDetails]
|
20972
22671
|
#
|
20973
22672
|
# @!attribute [rw] aws_iam_group
|
22673
|
+
# Contains details about an IAM group.
|
20974
22674
|
# @return [Types::AwsIamGroupDetails]
|
20975
22675
|
#
|
20976
22676
|
# @!attribute [rw] aws_iam_role
|
@@ -21061,6 +22761,7 @@ module Aws::SecurityHub
|
|
21061
22761
|
:aws_api_gateway_stage,
|
21062
22762
|
:aws_api_gateway_rest_api,
|
21063
22763
|
:aws_cloud_trail_trail,
|
22764
|
+
:aws_ssm_patch_compliance,
|
21064
22765
|
:aws_certificate_manager_certificate,
|
21065
22766
|
:aws_redshift_cluster,
|
21066
22767
|
:aws_elb_load_balancer,
|
@@ -21121,9 +22822,9 @@ module Aws::SecurityHub
|
|
21121
22822
|
|
21122
22823
|
# The severity of the finding.
|
21123
22824
|
#
|
21124
|
-
# The finding provider can provide the initial severity
|
21125
|
-
#
|
21126
|
-
#
|
22825
|
+
# The finding provider can provide the initial severity. The finding
|
22826
|
+
# provider can only update the severity if it has not been updated using
|
22827
|
+
# `BatchUpdateFindings`.
|
21127
22828
|
#
|
21128
22829
|
# The finding must have either `Label` or `Normalized` populated. If
|
21129
22830
|
# only one of these attributes is populated, then Security Hub
|
@@ -21465,7 +23166,20 @@ module Aws::SecurityHub
|
|
21465
23166
|
# @return [Hash<String,String>]
|
21466
23167
|
#
|
21467
23168
|
# @!attribute [rw] standards_status
|
21468
|
-
# The status of the
|
23169
|
+
# The status of the standard subscription.
|
23170
|
+
#
|
23171
|
+
# The status values are as follows:
|
23172
|
+
#
|
23173
|
+
# * `PENDING` - Standard is in the process of being enabled.
|
23174
|
+
#
|
23175
|
+
# * `READY` - Standard is enabled.
|
23176
|
+
#
|
23177
|
+
# * `INCOMPLETE` - Standard could not be enabled completely. Some
|
23178
|
+
# controls may not be available.
|
23179
|
+
#
|
23180
|
+
# * `DELETING` - Standard is in the process of being disabled.
|
23181
|
+
#
|
23182
|
+
# * `FAILED` - Standard could not be disabled.
|
21469
23183
|
# @return [String]
|
21470
23184
|
#
|
21471
23185
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
|
@@ -22984,6 +24698,36 @@ module Aws::SecurityHub
|
|
22984
24698
|
#
|
22985
24699
|
class UpdateInsightResponse < Aws::EmptyStructure; end
|
22986
24700
|
|
24701
|
+
# @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
|
24702
|
+
# data as a hash:
|
24703
|
+
#
|
24704
|
+
# {
|
24705
|
+
# auto_enable: false, # required
|
24706
|
+
# }
|
24707
|
+
#
|
24708
|
+
# @!attribute [rw] auto_enable
|
24709
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
24710
|
+
# organization.
|
24711
|
+
#
|
24712
|
+
# By default, this is `false`, and new accounts are not added
|
24713
|
+
# automatically.
|
24714
|
+
#
|
24715
|
+
# To automatically enable Security Hub for new accounts, set this to
|
24716
|
+
# `true`.
|
24717
|
+
# @return [Boolean]
|
24718
|
+
#
|
24719
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
|
24720
|
+
#
|
24721
|
+
class UpdateOrganizationConfigurationRequest < Struct.new(
|
24722
|
+
:auto_enable)
|
24723
|
+
SENSITIVE = []
|
24724
|
+
include Aws::Structure
|
24725
|
+
end
|
24726
|
+
|
24727
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationResponse AWS API Documentation
|
24728
|
+
#
|
24729
|
+
class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
|
24730
|
+
|
22987
24731
|
# @note When making an API call, you may pass UpdateSecurityHubConfigurationRequest
|
22988
24732
|
# data as a hash:
|
22989
24733
|
#
|
@@ -23279,6 +25023,14 @@ module Aws::SecurityHub
|
|
23279
25023
|
#
|
23280
25024
|
# * `NEW` - The initial state of a finding, before it is reviewed.
|
23281
25025
|
#
|
25026
|
+
# Security Hub also resets the workflow status from `NOTIFIED` or
|
25027
|
+
# `RESOLVED` to `NEW` in the following cases:
|
25028
|
+
#
|
25029
|
+
# * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
|
25030
|
+
#
|
25031
|
+
# * `ComplianceStatus` changes from `PASSED` to either `WARNING`,
|
25032
|
+
# `FAILED`, or `NOT_AVAILABLE`.
|
25033
|
+
#
|
23282
25034
|
# * `NOTIFIED` - Indicates that you notified the resource owner about
|
23283
25035
|
# the security issue. Used when the initial reviewer is not the
|
23284
25036
|
# resource owner, and needs intervention from the resource owner.
|
@@ -23313,6 +25065,14 @@ module Aws::SecurityHub
|
|
23313
25065
|
#
|
23314
25066
|
# * `NEW` - The initial state of a finding, before it is reviewed.
|
23315
25067
|
#
|
25068
|
+
# Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or
|
25069
|
+
# `RESOLVED` to `NEW` in the following cases:
|
25070
|
+
#
|
25071
|
+
# * The record state changes from `ARCHIVED` to `ACTIVE`.
|
25072
|
+
#
|
25073
|
+
# * The compliance status changes from `PASSED` to either `WARNING`,
|
25074
|
+
# `FAILED`, or `NOT_AVAILABLE`.
|
25075
|
+
#
|
23316
25076
|
# * `NOTIFIED` - Indicates that you notified the resource owner about
|
23317
25077
|
# the security issue. Used when the initial reviewer is not the
|
23318
25078
|
# resource owner, and needs intervention from the resource owner.
|