aws-sdk-securityhub 1.36.0 → 1.41.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +218 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +2 -2
  6. data/lib/aws-sdk-securityhub/client.rb +251 -13
  7. data/lib/aws-sdk-securityhub/client_api.rb +147 -1
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +1590 -8
  11. metadata +8 -5
data/lib/aws-sdk-securityhub/errors.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/resource.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -85,6 +85,313 @@ module Aws::SecurityHub
85
85
  include Aws::Structure
86
86
  end
87
87
 
88
+ # Provides details about one of the following actions that affects or
89
+ # that was taken on a resource:
90
+ #
91
+ # * A remote IP address issued an AWS API call
92
+ #
93
+ # * A DNS request was received
94
+ #
95
+ # * A remote IP address attempted to connect to an EC2 instance
96
+ #
97
+ # * A remote IP address attempted a port probe on an EC2 instance
98
+ #
99
+ # @note When making an API call, you may pass Action
100
+ # data as a hash:
101
+ #
102
+ # {
103
+ # action_type: "NonEmptyString",
104
+ # network_connection_action: {
105
+ # connection_direction: "NonEmptyString",
106
+ # remote_ip_details: {
107
+ # ip_address_v4: "NonEmptyString",
108
+ # organization: {
109
+ # asn: 1,
110
+ # asn_org: "NonEmptyString",
111
+ # isp: "NonEmptyString",
112
+ # org: "NonEmptyString",
113
+ # },
114
+ # country: {
115
+ # country_code: "NonEmptyString",
116
+ # country_name: "NonEmptyString",
117
+ # },
118
+ # city: {
119
+ # city_name: "NonEmptyString",
120
+ # },
121
+ # geo_location: {
122
+ # lon: 1.0,
123
+ # lat: 1.0,
124
+ # },
125
+ # },
126
+ # remote_port_details: {
127
+ # port: 1,
128
+ # port_name: "NonEmptyString",
129
+ # },
130
+ # local_port_details: {
131
+ # port: 1,
132
+ # port_name: "NonEmptyString",
133
+ # },
134
+ # protocol: "NonEmptyString",
135
+ # blocked: false,
136
+ # },
137
+ # aws_api_call_action: {
138
+ # api: "NonEmptyString",
139
+ # service_name: "NonEmptyString",
140
+ # caller_type: "NonEmptyString",
141
+ # remote_ip_details: {
142
+ # ip_address_v4: "NonEmptyString",
143
+ # organization: {
144
+ # asn: 1,
145
+ # asn_org: "NonEmptyString",
146
+ # isp: "NonEmptyString",
147
+ # org: "NonEmptyString",
148
+ # },
149
+ # country: {
150
+ # country_code: "NonEmptyString",
151
+ # country_name: "NonEmptyString",
152
+ # },
153
+ # city: {
154
+ # city_name: "NonEmptyString",
155
+ # },
156
+ # geo_location: {
157
+ # lon: 1.0,
158
+ # lat: 1.0,
159
+ # },
160
+ # },
161
+ # domain_details: {
162
+ # domain: "NonEmptyString",
163
+ # },
164
+ # affected_resources: {
165
+ # "NonEmptyString" => "NonEmptyString",
166
+ # },
167
+ # first_seen: "NonEmptyString",
168
+ # last_seen: "NonEmptyString",
169
+ # },
170
+ # dns_request_action: {
171
+ # domain: "NonEmptyString",
172
+ # protocol: "NonEmptyString",
173
+ # blocked: false,
174
+ # },
175
+ # port_probe_action: {
176
+ # port_probe_details: [
177
+ # {
178
+ # local_port_details: {
179
+ # port: 1,
180
+ # port_name: "NonEmptyString",
181
+ # },
182
+ # local_ip_details: {
183
+ # ip_address_v4: "NonEmptyString",
184
+ # },
185
+ # remote_ip_details: {
186
+ # ip_address_v4: "NonEmptyString",
187
+ # organization: {
188
+ # asn: 1,
189
+ # asn_org: "NonEmptyString",
190
+ # isp: "NonEmptyString",
191
+ # org: "NonEmptyString",
192
+ # },
193
+ # country: {
194
+ # country_code: "NonEmptyString",
195
+ # country_name: "NonEmptyString",
196
+ # },
197
+ # city: {
198
+ # city_name: "NonEmptyString",
199
+ # },
200
+ # geo_location: {
201
+ # lon: 1.0,
202
+ # lat: 1.0,
203
+ # },
204
+ # },
205
+ # },
206
+ # ],
207
+ # blocked: false,
208
+ # },
209
+ # }
210
+ #
211
+ # @!attribute [rw] action_type
212
+ # The type of action that was detected. The possible action types are:
213
+ #
214
+ # * `NETWORK_CONNECTION`
215
+ #
216
+ # * `AWS_API_CALL`
217
+ #
218
+ # * `DNS_REQUEST`
219
+ #
220
+ # * `PORT_PROBE`
221
+ # @return [String]
222
+ #
223
+ # @!attribute [rw] network_connection_action
224
+ # Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
225
+ # about the network connection that was detected.
226
+ # @return [Types::NetworkConnectionAction]
227
+ #
228
+ # @!attribute [rw] aws_api_call_action
229
+ # Included if `ActionType` is `AWS_API_CALL`. Provides details about
230
+ # the API call that was detected.
231
+ # @return [Types::AwsApiCallAction]
232
+ #
233
+ # @!attribute [rw] dns_request_action
234
+ # Included if `ActionType` is `DNS_REQUEST`. Provides details about
235
+ # the DNS request that was detected.
236
+ # @return [Types::DnsRequestAction]
237
+ #
238
+ # @!attribute [rw] port_probe_action
239
+ # Included if `ActionType` is `PORT_PROBE`. Provides details about the
240
+ # port probe that was detected.
241
+ # @return [Types::PortProbeAction]
242
+ #
243
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
244
+ #
245
+ class Action < Struct.new(
246
+ :action_type,
247
+ :network_connection_action,
248
+ :aws_api_call_action,
249
+ :dns_request_action,
250
+ :port_probe_action)
251
+ SENSITIVE = []
252
+ include Aws::Structure
253
+ end
254
+
255
+ # Provides information about the IP address where the scanned port is
256
+ # located.
257
+ #
258
+ # @note When making an API call, you may pass ActionLocalIpDetails
259
+ # data as a hash:
260
+ #
261
+ # {
262
+ # ip_address_v4: "NonEmptyString",
263
+ # }
264
+ #
265
+ # @!attribute [rw] ip_address_v4
266
+ # The IP address.
267
+ # @return [String]
268
+ #
269
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalIpDetails AWS API Documentation
270
+ #
271
+ class ActionLocalIpDetails < Struct.new(
272
+ :ip_address_v4)
273
+ SENSITIVE = []
274
+ include Aws::Structure
275
+ end
276
+
277
+ # For `NetworkConnectionAction` and `PortProbeDetails`,
278
+ # `LocalPortDetails` provides information about the local port that was
279
+ # involved in the action.
280
+ #
281
+ # @note When making an API call, you may pass ActionLocalPortDetails
282
+ # data as a hash:
283
+ #
284
+ # {
285
+ # port: 1,
286
+ # port_name: "NonEmptyString",
287
+ # }
288
+ #
289
+ # @!attribute [rw] port
290
+ # The number of the port.
291
+ # @return [Integer]
292
+ #
293
+ # @!attribute [rw] port_name
294
+ # The port name of the local connection.
295
+ # @return [String]
296
+ #
297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalPortDetails AWS API Documentation
298
+ #
299
+ class ActionLocalPortDetails < Struct.new(
300
+ :port,
301
+ :port_name)
302
+ SENSITIVE = []
303
+ include Aws::Structure
304
+ end
305
+
306
+ # For `AwsApiAction`, `NetworkConnectionAction`, and `PortProbeAction`,
307
+ # `RemoteIpDetails` provides information about the remote IP address
308
+ # that was involved in the action.
309
+ #
310
+ # @note When making an API call, you may pass ActionRemoteIpDetails
311
+ # data as a hash:
312
+ #
313
+ # {
314
+ # ip_address_v4: "NonEmptyString",
315
+ # organization: {
316
+ # asn: 1,
317
+ # asn_org: "NonEmptyString",
318
+ # isp: "NonEmptyString",
319
+ # org: "NonEmptyString",
320
+ # },
321
+ # country: {
322
+ # country_code: "NonEmptyString",
323
+ # country_name: "NonEmptyString",
324
+ # },
325
+ # city: {
326
+ # city_name: "NonEmptyString",
327
+ # },
328
+ # geo_location: {
329
+ # lon: 1.0,
330
+ # lat: 1.0,
331
+ # },
332
+ # }
333
+ #
334
+ # @!attribute [rw] ip_address_v4
335
+ # The IP address.
336
+ # @return [String]
337
+ #
338
+ # @!attribute [rw] organization
339
+ # The internet service provider (ISP) organization associated with the
340
+ # remote IP address.
341
+ # @return [Types::IpOrganizationDetails]
342
+ #
343
+ # @!attribute [rw] country
344
+ # The country where the remote IP address is located.
345
+ # @return [Types::Country]
346
+ #
347
+ # @!attribute [rw] city
348
+ # The city where the remote IP address is located.
349
+ # @return [Types::City]
350
+ #
351
+ # @!attribute [rw] geo_location
352
+ # The coordinates of the location of the remote IP address.
353
+ # @return [Types::GeoLocation]
354
+ #
355
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemoteIpDetails AWS API Documentation
356
+ #
357
+ class ActionRemoteIpDetails < Struct.new(
358
+ :ip_address_v4,
359
+ :organization,
360
+ :country,
361
+ :city,
362
+ :geo_location)
363
+ SENSITIVE = []
364
+ include Aws::Structure
365
+ end
366
+
367
+ # Provides information about the remote port that was involved in an
368
+ # attempted network connection.
369
+ #
370
+ # @note When making an API call, you may pass ActionRemotePortDetails
371
+ # data as a hash:
372
+ #
373
+ # {
374
+ # port: 1,
375
+ # port_name: "NonEmptyString",
376
+ # }
377
+ #
378
+ # @!attribute [rw] port
379
+ # The number of the port.
380
+ # @return [Integer]
381
+ #
382
+ # @!attribute [rw] port_name
383
+ # The port name of the remote connection.
384
+ # @return [String]
385
+ #
386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemotePortDetails AWS API Documentation
387
+ #
388
+ class ActionRemotePortDetails < Struct.new(
389
+ :port,
390
+ :port_name)
391
+ SENSITIVE = []
392
+ include Aws::Structure
393
+ end
394
+
88
395
  # An `ActionTarget` object.
89
396
  #
90
397
  # @!attribute [rw] action_target_arn
@@ -160,6 +467,120 @@ module Aws::SecurityHub
160
467
  include Aws::Structure
161
468
  end
162
469
 
470
+ # Provided if `ActionType` is `AWS_API_CALL`. It provides details about
471
+ # the API call that was detected.
472
+ #
473
+ # @note When making an API call, you may pass AwsApiCallAction
474
+ # data as a hash:
475
+ #
476
+ # {
477
+ # api: "NonEmptyString",
478
+ # service_name: "NonEmptyString",
479
+ # caller_type: "NonEmptyString",
480
+ # remote_ip_details: {
481
+ # ip_address_v4: "NonEmptyString",
482
+ # organization: {
483
+ # asn: 1,
484
+ # asn_org: "NonEmptyString",
485
+ # isp: "NonEmptyString",
486
+ # org: "NonEmptyString",
487
+ # },
488
+ # country: {
489
+ # country_code: "NonEmptyString",
490
+ # country_name: "NonEmptyString",
491
+ # },
492
+ # city: {
493
+ # city_name: "NonEmptyString",
494
+ # },
495
+ # geo_location: {
496
+ # lon: 1.0,
497
+ # lat: 1.0,
498
+ # },
499
+ # },
500
+ # domain_details: {
501
+ # domain: "NonEmptyString",
502
+ # },
503
+ # affected_resources: {
504
+ # "NonEmptyString" => "NonEmptyString",
505
+ # },
506
+ # first_seen: "NonEmptyString",
507
+ # last_seen: "NonEmptyString",
508
+ # }
509
+ #
510
+ # @!attribute [rw] api
511
+ # The name of the API method that was issued.
512
+ # @return [String]
513
+ #
514
+ # @!attribute [rw] service_name
515
+ # The name of the AWS service that the API method belongs to.
516
+ # @return [String]
517
+ #
518
+ # @!attribute [rw] caller_type
519
+ # Indicates whether the API call originated from a remote IP address
520
+ # (`remoteip`) or from a DNS domain (`domain`).
521
+ # @return [String]
522
+ #
523
+ # @!attribute [rw] remote_ip_details
524
+ # Provided if `CallerType` is `remoteIp`. Provides information about
525
+ # the remote IP address that the API call originated from.
526
+ # @return [Types::ActionRemoteIpDetails]
527
+ #
528
+ # @!attribute [rw] domain_details
529
+ # Provided if `CallerType` is `domain`. Provides information about the
530
+ # DNS domain that the API call originated from.
531
+ # @return [Types::AwsApiCallActionDomainDetails]
532
+ #
533
+ # @!attribute [rw] affected_resources
534
+ # Identifies the resources that were affected by the API call.
535
+ # @return [Hash<String,String>]
536
+ #
537
+ # @!attribute [rw] first_seen
538
+ # An ISO8601-formatted timestamp that indicates when the API call was
539
+ # first observed.
540
+ # @return [String]
541
+ #
542
+ # @!attribute [rw] last_seen
543
+ # An ISO8601-formatted timestamp that indicates when the API call was
544
+ # most recently observed.
545
+ # @return [String]
546
+ #
547
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallAction AWS API Documentation
548
+ #
549
+ class AwsApiCallAction < Struct.new(
550
+ :api,
551
+ :service_name,
552
+ :caller_type,
553
+ :remote_ip_details,
554
+ :domain_details,
555
+ :affected_resources,
556
+ :first_seen,
557
+ :last_seen)
558
+ SENSITIVE = []
559
+ include Aws::Structure
560
+ end
561
+
562
+ # Provided if `CallerType` is `domain`. It provides information about
563
+ # the DNS domain that issued the API call.
564
+ #
565
+ # @note When making an API call, you may pass AwsApiCallActionDomainDetails
566
+ # data as a hash:
567
+ #
568
+ # {
569
+ # domain: "NonEmptyString",
570
+ # }
571
+ #
572
+ # @!attribute [rw] domain
573
+ # The name of the DNS domain that issued the API call.
574
+ # @return [String]
575
+ #
576
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallActionDomainDetails AWS API Documentation
577
+ #
578
+ class AwsApiCallActionDomainDetails < Struct.new(
579
+ :domain)
580
+ SENSITIVE = []
581
+ include Aws::Structure
582
+ end
583
+
163
584
  # Contains information about settings for logging access for the stage.
164
585
  #
165
586
  # @note When making an API call, you may pass AwsApiGatewayAccessLogSettings
@@ -3488,6 +3909,19 @@ module Aws::SecurityHub
3488
3909
  # },
3489
3910
  # ],
3490
3911
  # source_dest_check: false,
3912
+ # ip_v6_addresses: [
3913
+ # {
3914
+ # ip_v6_address: "NonEmptyString",
3915
+ # },
3916
+ # ],
3917
+ # private_ip_addresses: [
3918
+ # {
3919
+ # private_ip_address: "NonEmptyString",
3920
+ # private_dns_name: "NonEmptyString",
3921
+ # },
3922
+ # ],
3923
+ # public_dns_name: "NonEmptyString",
3924
+ # public_ip: "NonEmptyString",
3491
3925
  # }
3492
3926
  #
3493
3927
  # @!attribute [rw] attachment
@@ -3506,13 +3940,84 @@ module Aws::SecurityHub
3506
3940
  # Indicates whether traffic to or from the instance is validated.
3507
3941
  # @return [Boolean]
3508
3942
  #
3943
+ # @!attribute [rw] ip_v6_addresses
3944
+ # The IPv6 addresses associated with the network interface.
3945
+ # @return [Array<Types::AwsEc2NetworkInterfaceIpV6AddressDetail>]
3946
+ #
3947
+ # @!attribute [rw] private_ip_addresses
3948
+ # The private IPv4 addresses associated with the network interface.
3949
+ # @return [Array<Types::AwsEc2NetworkInterfacePrivateIpAddressDetail>]
3950
+ #
3951
+ # @!attribute [rw] public_dns_name
3952
+ # The public DNS name of the network interface.
3953
+ # @return [String]
3954
+ #
3955
+ # @!attribute [rw] public_ip
3956
+ # The address of the Elastic IP address bound to the network
3957
+ # interface.
3958
+ # @return [String]
3959
+ #
3509
3960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceDetails AWS API Documentation
3510
3961
  #
3511
3962
  class AwsEc2NetworkInterfaceDetails < Struct.new(
3512
3963
  :attachment,
3513
3964
  :network_interface_id,
3514
3965
  :security_groups,
3515
- :source_dest_check)
3966
+ :source_dest_check,
3967
+ :ip_v6_addresses,
3968
+ :private_ip_addresses,
3969
+ :public_dns_name,
3970
+ :public_ip)
3971
+ SENSITIVE = []
3972
+ include Aws::Structure
3973
+ end
3974
+
3975
+ # Provides information about an IPV6 address that is associated with the
3976
+ # network interface.
3977
+ #
3978
+ # @note When making an API call, you may pass AwsEc2NetworkInterfaceIpV6AddressDetail
3979
+ # data as a hash:
3980
+ #
3981
+ # {
3982
+ # ip_v6_address: "NonEmptyString",
3983
+ # }
3984
+ #
3985
+ # @!attribute [rw] ip_v6_address
3986
+ # The IPV6 address.
3987
+ # @return [String]
3988
+ #
3989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceIpV6AddressDetail AWS API Documentation
3990
+ #
3991
+ class AwsEc2NetworkInterfaceIpV6AddressDetail < Struct.new(
3992
+ :ip_v6_address)
3993
+ SENSITIVE = []
3994
+ include Aws::Structure
3995
+ end
3996
+
3997
+ # Provides information about a private IPv4 address that is with the
3998
+ # network interface.
3999
+ #
4000
+ # @note When making an API call, you may pass AwsEc2NetworkInterfacePrivateIpAddressDetail
4001
+ # data as a hash:
4002
+ #
4003
+ # {
4004
+ # private_ip_address: "NonEmptyString",
4005
+ # private_dns_name: "NonEmptyString",
4006
+ # }
4007
+ #
4008
+ # @!attribute [rw] private_ip_address
4009
+ # The IP address.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] private_dns_name
4013
+ # The private DNS name for the IP address.
4014
+ # @return [String]
4015
+ #
4016
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfacePrivateIpAddressDetail AWS API Documentation
4017
+ #
4018
+ class AwsEc2NetworkInterfacePrivateIpAddressDetail < Struct.new(
4019
+ :private_ip_address,
4020
+ :private_dns_name)
3516
4021
  SENSITIVE = []
3517
4022
  include Aws::Structure
3518
4023
  end
@@ -6884,6 +7389,8 @@ module Aws::SecurityHub
6884
7389
  # @return [String]
6885
7390
  #
6886
7391
  # @!attribute [rw] engine
7392
+ # The name of the database engine that you want to use for this DB
7393
+ # instance.
6887
7394
  # @return [String]
6888
7395
  #
6889
7396
  # @!attribute [rw] allocated_storage
@@ -7667,6 +8174,8 @@ module Aws::SecurityHub
7667
8174
  include Aws::Structure
7668
8175
  end
7669
8176
 
8177
+ # An option group membership.
8178
+ #
7670
8179
  # @note When making an API call, you may pass AwsRdsDbOptionGroupMembership
7671
8180
  # data as a hash:
7672
8181
  #
@@ -7676,9 +8185,11 @@ module Aws::SecurityHub
7676
8185
  # }
7677
8186
  #
7678
8187
  # @!attribute [rw] option_group_name
8188
+ # The name of the option group.
7679
8189
  # @return [String]
7680
8190
  #
7681
8191
  # @!attribute [rw] status
8192
+ # The status of the option group membership.
7682
8193
  # @return [String]
7683
8194
  #
7684
8195
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbOptionGroupMembership AWS API Documentation
@@ -7690,6 +8201,8 @@ module Aws::SecurityHub
7690
8201
  include Aws::Structure
7691
8202
  end
7692
8203
 
8204
+ # Provides information about a parameter group for a DB instance.
8205
+ #
7693
8206
  # @note When making an API call, you may pass AwsRdsDbParameterGroup
7694
8207
  # data as a hash:
7695
8208
  #
@@ -7699,9 +8212,11 @@ module Aws::SecurityHub
7699
8212
  # }
7700
8213
  #
7701
8214
  # @!attribute [rw] db_parameter_group_name
8215
+ # The name of the parameter group.
7702
8216
  # @return [String]
7703
8217
  #
7704
8218
  # @!attribute [rw] parameter_apply_status
8219
+ # The status of parameter updates.
7705
8220
  # @return [String]
7706
8221
  #
7707
8222
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbParameterGroup AWS API Documentation
@@ -7713,6 +8228,8 @@ module Aws::SecurityHub
7713
8228
  include Aws::Structure
7714
8229
  end
7715
8230
 
8231
+ # Changes to a DB instance that are currently pending.
8232
+ #
7716
8233
  # @note When making an API call, you may pass AwsRdsDbPendingModifiedValues
7717
8234
  # data as a hash:
7718
8235
  #
@@ -7743,48 +8260,64 @@ module Aws::SecurityHub
7743
8260
  # }
7744
8261
  #
7745
8262
  # @!attribute [rw] db_instance_class
8263
+ # The new DB instance class for the DB instance.
7746
8264
  # @return [String]
7747
8265
  #
7748
8266
  # @!attribute [rw] allocated_storage
8267
+ # The new value of the allocated storage for the DB instance.
7749
8268
  # @return [Integer]
7750
8269
  #
7751
8270
  # @!attribute [rw] master_user_password
8271
+ # The new master user password for the DB instance.
7752
8272
  # @return [String]
7753
8273
  #
7754
8274
  # @!attribute [rw] port
8275
+ # The new port for the DB instance.
7755
8276
  # @return [Integer]
7756
8277
  #
7757
8278
  # @!attribute [rw] backup_retention_period
8279
+ # The new backup retention period for the DB instance.
7758
8280
  # @return [Integer]
7759
8281
  #
7760
8282
  # @!attribute [rw] multi_az
8283
+ # Indicates that a single Availability Zone DB instance is changing to
8284
+ # a multiple Availability Zone deployment.
7761
8285
  # @return [Boolean]
7762
8286
  #
7763
8287
  # @!attribute [rw] engine_version
8288
+ # The new engine version for the DB instance.
7764
8289
  # @return [String]
7765
8290
  #
7766
8291
  # @!attribute [rw] license_model
8292
+ # The new license model value for the DB instance.
7767
8293
  # @return [String]
7768
8294
  #
7769
8295
  # @!attribute [rw] iops
8296
+ # The new provisioned IOPS value for the DB instance.
7770
8297
  # @return [Integer]
7771
8298
  #
7772
8299
  # @!attribute [rw] db_instance_identifier
8300
+ # The new DB instance identifier for the DB instance.
7773
8301
  # @return [String]
7774
8302
  #
7775
8303
  # @!attribute [rw] storage_type
8304
+ # The new storage type for the DB instance.
7776
8305
  # @return [String]
7777
8306
  #
7778
8307
  # @!attribute [rw] ca_certificate_identifier
8308
+ # The new CA certificate identifier for the DB instance.
7779
8309
  # @return [String]
7780
8310
  #
7781
8311
  # @!attribute [rw] db_subnet_group_name
8312
+ # The name of the new subnet group for the DB instance.
7782
8313
  # @return [String]
7783
8314
  #
7784
8315
  # @!attribute [rw] pending_cloud_watch_logs_exports
8316
+ # A list of log types that are being enabled or disabled.
7785
8317
  # @return [Types::AwsRdsPendingCloudWatchLogsExports]
7786
8318
  #
7787
8319
  # @!attribute [rw] processor_features
8320
+ # Processor features that are being updated.
7788
8321
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7789
8322
  #
7790
8323
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbPendingModifiedValues AWS API Documentation
@@ -7809,6 +8342,8 @@ module Aws::SecurityHub
7809
8342
  include Aws::Structure
7810
8343
  end
7811
8344
 
8345
+ # A processor feature.
8346
+ #
7812
8347
  # @note When making an API call, you may pass AwsRdsDbProcessorFeature
7813
8348
  # data as a hash:
7814
8349
  #
@@ -7818,9 +8353,11 @@ module Aws::SecurityHub
7818
8353
  # }
7819
8354
  #
7820
8355
  # @!attribute [rw] name
8356
+ # The name of the processor feature.
7821
8357
  # @return [String]
7822
8358
  #
7823
8359
  # @!attribute [rw] value
8360
+ # The value of the processor feature.
7824
8361
  # @return [String]
7825
8362
  #
7826
8363
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbProcessorFeature AWS API Documentation
@@ -7832,6 +8369,8 @@ module Aws::SecurityHub
7832
8369
  include Aws::Structure
7833
8370
  end
7834
8371
 
8372
+ # Provides details about an Amazon RDS DB cluster snapshot.
8373
+ #
7835
8374
  # @note When making an API call, you may pass AwsRdsDbSnapshotDetails
7836
8375
  # data as a hash:
7837
8376
  #
@@ -7871,84 +8410,120 @@ module Aws::SecurityHub
7871
8410
  # }
7872
8411
  #
7873
8412
  # @!attribute [rw] db_snapshot_identifier
8413
+ # The name or ARN of the DB snapshot that is used to restore the DB
8414
+ # instance.
7874
8415
  # @return [String]
7875
8416
  #
7876
8417
  # @!attribute [rw] db_instance_identifier
8418
+ # A name for the DB instance.
7877
8419
  # @return [String]
7878
8420
  #
7879
8421
  # @!attribute [rw] snapshot_create_time
8422
+ # When the snapshot was taken in Coordinated Universal Time (UTC).
7880
8423
  # @return [String]
7881
8424
  #
7882
8425
  # @!attribute [rw] engine
8426
+ # The name of the database engine to use for this DB instance.
7883
8427
  # @return [String]
7884
8428
  #
7885
8429
  # @!attribute [rw] allocated_storage
8430
+ # The amount of storage (in gigabytes) to be initially allocated for
8431
+ # the database instance.
7886
8432
  # @return [Integer]
7887
8433
  #
7888
8434
  # @!attribute [rw] status
8435
+ # The status of this DB snapshot.
7889
8436
  # @return [String]
7890
8437
  #
7891
8438
  # @!attribute [rw] port
8439
+ # The port that the database engine was listening on at the time of
8440
+ # the snapshot.
7892
8441
  # @return [Integer]
7893
8442
  #
7894
8443
  # @!attribute [rw] availability_zone
8444
+ # Specifies the name of the Availability Zone in which the DB instance
8445
+ # was located at the time of the DB snapshot.
7895
8446
  # @return [String]
7896
8447
  #
7897
8448
  # @!attribute [rw] vpc_id
8449
+ # The VPC ID associated with the DB snapshot.
7898
8450
  # @return [String]
7899
8451
  #
7900
8452
  # @!attribute [rw] instance_create_time
8453
+ # Specifies the time in Coordinated Universal Time (UTC) when the DB
8454
+ # instance, from which the snapshot was taken, was created.
7901
8455
  # @return [String]
7902
8456
  #
7903
8457
  # @!attribute [rw] master_username
8458
+ # The master user name for the DB snapshot.
7904
8459
  # @return [String]
7905
8460
  #
7906
8461
  # @!attribute [rw] engine_version
8462
+ # The version of the database engine.
7907
8463
  # @return [String]
7908
8464
  #
7909
8465
  # @!attribute [rw] license_model
8466
+ # License model information for the restored DB instance.
7910
8467
  # @return [String]
7911
8468
  #
7912
8469
  # @!attribute [rw] snapshot_type
8470
+ # The type of the DB snapshot.
7913
8471
  # @return [String]
7914
8472
  #
7915
8473
  # @!attribute [rw] iops
8474
+ # The provisioned IOPS (I/O operations per second) value of the DB
8475
+ # instance at the time of the snapshot.
7916
8476
  # @return [Integer]
7917
8477
  #
7918
8478
  # @!attribute [rw] option_group_name
8479
+ # The option group name for the DB snapshot.
7919
8480
  # @return [String]
7920
8481
  #
7921
8482
  # @!attribute [rw] percent_progress
8483
+ # The percentage of the estimated data that has been transferred.
7922
8484
  # @return [Integer]
7923
8485
  #
7924
8486
  # @!attribute [rw] source_region
8487
+ # The AWS Region that the DB snapshot was created in or copied from.
7925
8488
  # @return [String]
7926
8489
  #
7927
8490
  # @!attribute [rw] source_db_snapshot_identifier
8491
+ # The DB snapshot ARN that the DB snapshot was copied from.
7928
8492
  # @return [String]
7929
8493
  #
7930
8494
  # @!attribute [rw] storage_type
8495
+ # The storage type associated with the DB snapshot.
7931
8496
  # @return [String]
7932
8497
  #
7933
8498
  # @!attribute [rw] tde_credential_arn
8499
+ # The ARN from the key store with which to associate the instance for
8500
+ # TDE encryption.
7934
8501
  # @return [String]
7935
8502
  #
7936
8503
  # @!attribute [rw] encrypted
8504
+ # Whether the DB snapshot is encrypted.
7937
8505
  # @return [Boolean]
7938
8506
  #
7939
8507
  # @!attribute [rw] kms_key_id
8508
+ # If `Encrypted` is `true`, the AWS KMS key identifier for the
8509
+ # encrypted DB snapshot.
7940
8510
  # @return [String]
7941
8511
  #
7942
8512
  # @!attribute [rw] timezone
8513
+ # The time zone of the DB snapshot.
7943
8514
  # @return [String]
7944
8515
  #
7945
8516
  # @!attribute [rw] iam_database_authentication_enabled
8517
+ # Whether mapping of IAM accounts to database accounts is enabled.
7946
8518
  # @return [Boolean]
7947
8519
  #
7948
8520
  # @!attribute [rw] processor_features
8521
+ # The number of CPU cores and the number of threads per core for the
8522
+ # DB instance class of the DB instance.
7949
8523
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7950
8524
  #
7951
8525
  # @!attribute [rw] dbi_resource_id
8526
+ # The identifier for the source DB instance.
7952
8527
  # @return [String]
7953
8528
  #
7954
8529
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSnapshotDetails AWS API Documentation
@@ -9741,6 +10316,19 @@ module Aws::SecurityHub
9741
10316
  # },
9742
10317
  # ],
9743
10318
  # source_dest_check: false,
10319
+ # ip_v6_addresses: [
10320
+ # {
10321
+ # ip_v6_address: "NonEmptyString",
10322
+ # },
10323
+ # ],
10324
+ # private_ip_addresses: [
10325
+ # {
10326
+ # private_ip_address: "NonEmptyString",
10327
+ # private_dns_name: "NonEmptyString",
10328
+ # },
10329
+ # ],
10330
+ # public_dns_name: "NonEmptyString",
10331
+ # public_ip: "NonEmptyString",
9744
10332
  # },
9745
10333
  # aws_ec2_security_group: {
9746
10334
  # group_name: "NonEmptyString",
@@ -10241,6 +10829,30 @@ module Aws::SecurityHub
10241
10829
  # sns_topic_name: "NonEmptyString",
10242
10830
  # trail_arn: "NonEmptyString",
10243
10831
  # },
10832
+ # aws_ssm_patch_compliance: {
10833
+ # patch: {
10834
+ # compliance_summary: {
10835
+ # status: "NonEmptyString",
10836
+ # compliant_critical_count: 1,
10837
+ # compliant_high_count: 1,
10838
+ # compliant_medium_count: 1,
10839
+ # execution_type: "NonEmptyString",
10840
+ # non_compliant_critical_count: 1,
10841
+ # compliant_informational_count: 1,
10842
+ # non_compliant_informational_count: 1,
10843
+ # compliant_unspecified_count: 1,
10844
+ # non_compliant_low_count: 1,
10845
+ # non_compliant_high_count: 1,
10846
+ # compliant_low_count: 1,
10847
+ # compliance_type: "NonEmptyString",
10848
+ # patch_baseline_id: "NonEmptyString",
10849
+ # overall_severity: "NonEmptyString",
10850
+ # non_compliant_medium_count: 1,
10851
+ # non_compliant_unspecified_count: 1,
10852
+ # patch_group: "NonEmptyString",
10853
+ # },
10854
+ # },
10855
+ # },
10244
10856
  # aws_certificate_manager_certificate: {
10245
10857
  # certificate_authority_arn: "NonEmptyString",
10246
10858
  # created_at: "NonEmptyString",
@@ -11017,6 +11629,114 @@ module Aws::SecurityHub
11017
11629
  # reboot_option: "NonEmptyString",
11018
11630
  # operation: "NonEmptyString",
11019
11631
  # },
11632
+ # action: {
11633
+ # action_type: "NonEmptyString",
11634
+ # network_connection_action: {
11635
+ # connection_direction: "NonEmptyString",
11636
+ # remote_ip_details: {
11637
+ # ip_address_v4: "NonEmptyString",
11638
+ # organization: {
11639
+ # asn: 1,
11640
+ # asn_org: "NonEmptyString",
11641
+ # isp: "NonEmptyString",
11642
+ # org: "NonEmptyString",
11643
+ # },
11644
+ # country: {
11645
+ # country_code: "NonEmptyString",
11646
+ # country_name: "NonEmptyString",
11647
+ # },
11648
+ # city: {
11649
+ # city_name: "NonEmptyString",
11650
+ # },
11651
+ # geo_location: {
11652
+ # lon: 1.0,
11653
+ # lat: 1.0,
11654
+ # },
11655
+ # },
11656
+ # remote_port_details: {
11657
+ # port: 1,
11658
+ # port_name: "NonEmptyString",
11659
+ # },
11660
+ # local_port_details: {
11661
+ # port: 1,
11662
+ # port_name: "NonEmptyString",
11663
+ # },
11664
+ # protocol: "NonEmptyString",
11665
+ # blocked: false,
11666
+ # },
11667
+ # aws_api_call_action: {
11668
+ # api: "NonEmptyString",
11669
+ # service_name: "NonEmptyString",
11670
+ # caller_type: "NonEmptyString",
11671
+ # remote_ip_details: {
11672
+ # ip_address_v4: "NonEmptyString",
11673
+ # organization: {
11674
+ # asn: 1,
11675
+ # asn_org: "NonEmptyString",
11676
+ # isp: "NonEmptyString",
11677
+ # org: "NonEmptyString",
11678
+ # },
11679
+ # country: {
11680
+ # country_code: "NonEmptyString",
11681
+ # country_name: "NonEmptyString",
11682
+ # },
11683
+ # city: {
11684
+ # city_name: "NonEmptyString",
11685
+ # },
11686
+ # geo_location: {
11687
+ # lon: 1.0,
11688
+ # lat: 1.0,
11689
+ # },
11690
+ # },
11691
+ # domain_details: {
11692
+ # domain: "NonEmptyString",
11693
+ # },
11694
+ # affected_resources: {
11695
+ # "NonEmptyString" => "NonEmptyString",
11696
+ # },
11697
+ # first_seen: "NonEmptyString",
11698
+ # last_seen: "NonEmptyString",
11699
+ # },
11700
+ # dns_request_action: {
11701
+ # domain: "NonEmptyString",
11702
+ # protocol: "NonEmptyString",
11703
+ # blocked: false,
11704
+ # },
11705
+ # port_probe_action: {
11706
+ # port_probe_details: [
11707
+ # {
11708
+ # local_port_details: {
11709
+ # port: 1,
11710
+ # port_name: "NonEmptyString",
11711
+ # },
11712
+ # local_ip_details: {
11713
+ # ip_address_v4: "NonEmptyString",
11714
+ # },
11715
+ # remote_ip_details: {
11716
+ # ip_address_v4: "NonEmptyString",
11717
+ # organization: {
11718
+ # asn: 1,
11719
+ # asn_org: "NonEmptyString",
11720
+ # isp: "NonEmptyString",
11721
+ # org: "NonEmptyString",
11722
+ # },
11723
+ # country: {
11724
+ # country_code: "NonEmptyString",
11725
+ # country_name: "NonEmptyString",
11726
+ # },
11727
+ # city: {
11728
+ # city_name: "NonEmptyString",
11729
+ # },
11730
+ # geo_location: {
11731
+ # lon: 1.0,
11732
+ # lat: 1.0,
11733
+ # },
11734
+ # },
11735
+ # },
11736
+ # ],
11737
+ # blocked: false,
11738
+ # },
11739
+ # },
11020
11740
  # }
11021
11741
  #
11022
11742
  # @!attribute [rw] schema_version
@@ -11232,6 +11952,11 @@ module Aws::SecurityHub
11232
11952
  # against a selected compliance standard.
11233
11953
  # @return [Types::PatchSummary]
11234
11954
  #
11955
+ # @!attribute [rw] action
11956
+ # Provides details about an action that affects or that was taken on a
11957
+ # resource.
11958
+ # @return [Types::Action]
11959
+ #
11235
11960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11236
11961
  #
11237
11962
  class AwsSecurityFinding < Struct.new(
@@ -11268,7 +11993,8 @@ module Aws::SecurityHub
11268
11993
  :related_findings,
11269
11994
  :note,
11270
11995
  :vulnerabilities,
11271
- :patch_summary)
11996
+ :patch_summary,
11997
+ :action)
11272
11998
  SENSITIVE = []
11273
11999
  include Aws::Structure
11274
12000
  end
@@ -12196,6 +12922,14 @@ module Aws::SecurityHub
12196
12922
  #
12197
12923
  # * `NEW` - The initial state of a finding, before it is reviewed.
12198
12924
  #
12925
+ # Security Hub also resets the workflow status from `NOTIFIED` or
12926
+ # `RESOLVED` to `NEW` in the following cases:
12927
+ #
12928
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
12929
+ #
12930
+ # * The compliance status changes from `PASSED` to either `WARNING`,
12931
+ # `FAILED`, or `NOT_AVAILABLE`.
12932
+ #
12199
12933
  # * `NOTIFIED` - Indicates that the resource owner has been notified
12200
12934
  # about the security issue. Used when the initial reviewer is not
12201
12935
  # the resource owner, and needs intervention from the resource
@@ -12475,6 +13209,236 @@ module Aws::SecurityHub
12475
13209
  include Aws::Structure
12476
13210
  end
12477
13211
 
13212
+ # Provides the details about the compliance status for a patch.
13213
+ #
13214
+ # @note When making an API call, you may pass AwsSsmComplianceSummary
13215
+ # data as a hash:
13216
+ #
13217
+ # {
13218
+ # status: "NonEmptyString",
13219
+ # compliant_critical_count: 1,
13220
+ # compliant_high_count: 1,
13221
+ # compliant_medium_count: 1,
13222
+ # execution_type: "NonEmptyString",
13223
+ # non_compliant_critical_count: 1,
13224
+ # compliant_informational_count: 1,
13225
+ # non_compliant_informational_count: 1,
13226
+ # compliant_unspecified_count: 1,
13227
+ # non_compliant_low_count: 1,
13228
+ # non_compliant_high_count: 1,
13229
+ # compliant_low_count: 1,
13230
+ # compliance_type: "NonEmptyString",
13231
+ # patch_baseline_id: "NonEmptyString",
13232
+ # overall_severity: "NonEmptyString",
13233
+ # non_compliant_medium_count: 1,
13234
+ # non_compliant_unspecified_count: 1,
13235
+ # patch_group: "NonEmptyString",
13236
+ # }
13237
+ #
13238
+ # @!attribute [rw] status
13239
+ # The current patch compliance status.
13240
+ #
13241
+ # The possible status values are:
13242
+ #
13243
+ # * `COMPLIANT`
13244
+ #
13245
+ # * `NON_COMPLIANT`
13246
+ #
13247
+ # * `UNSPECIFIED_DATA`
13248
+ # @return [String]
13249
+ #
13250
+ # @!attribute [rw] compliant_critical_count
13251
+ # For the patches that are compliant, the number that have a severity
13252
+ # of `CRITICAL`.
13253
+ # @return [Integer]
13254
+ #
13255
+ # @!attribute [rw] compliant_high_count
13256
+ # For the patches that are compliant, the number that have a severity
13257
+ # of `HIGH`.
13258
+ # @return [Integer]
13259
+ #
13260
+ # @!attribute [rw] compliant_medium_count
13261
+ # For the patches that are compliant, the number that have a severity
13262
+ # of `MEDIUM`.
13263
+ # @return [Integer]
13264
+ #
13265
+ # @!attribute [rw] execution_type
13266
+ # The type of execution that was used determine compliance.
13267
+ # @return [String]
13268
+ #
13269
+ # @!attribute [rw] non_compliant_critical_count
13270
+ # For the patch items that are noncompliant, the number of items that
13271
+ # have a severity of `CRITICAL`.
13272
+ # @return [Integer]
13273
+ #
13274
+ # @!attribute [rw] compliant_informational_count
13275
+ # For the patches that are compliant, the number that have a severity
13276
+ # of `INFORMATIONAL`.
13277
+ # @return [Integer]
13278
+ #
13279
+ # @!attribute [rw] non_compliant_informational_count
13280
+ # For the patches that are noncompliant, the number that have a
13281
+ # severity of `INFORMATIONAL`.
13282
+ # @return [Integer]
13283
+ #
13284
+ # @!attribute [rw] compliant_unspecified_count
13285
+ # For the patches that are compliant, the number that have a severity
13286
+ # of `UNSPECIFIED`.
13287
+ # @return [Integer]
13288
+ #
13289
+ # @!attribute [rw] non_compliant_low_count
13290
+ # For the patches that are noncompliant, the number that have a
13291
+ # severity of `LOW`.
13292
+ # @return [Integer]
13293
+ #
13294
+ # @!attribute [rw] non_compliant_high_count
13295
+ # For the patches that are noncompliant, the number that have a
13296
+ # severity of `HIGH`.
13297
+ # @return [Integer]
13298
+ #
13299
+ # @!attribute [rw] compliant_low_count
13300
+ # For the patches that are compliant, the number that have a severity
13301
+ # of `LOW`.
13302
+ # @return [Integer]
13303
+ #
13304
+ # @!attribute [rw] compliance_type
13305
+ # The type of resource for which the compliance was determined. For
13306
+ # `AwsSsmPatchCompliance`, `ComplianceType` is `Patch`.
13307
+ # @return [String]
13308
+ #
13309
+ # @!attribute [rw] patch_baseline_id
13310
+ # The identifier of the patch baseline. The patch baseline lists the
13311
+ # patches that are approved for installation.
13312
+ # @return [String]
13313
+ #
13314
+ # @!attribute [rw] overall_severity
13315
+ # The highest severity for the patches.
13316
+ # @return [String]
13317
+ #
13318
+ # @!attribute [rw] non_compliant_medium_count
13319
+ # For the patches that are noncompliant, the number that have a
13320
+ # severity of `MEDIUM`.
13321
+ # @return [Integer]
13322
+ #
13323
+ # @!attribute [rw] non_compliant_unspecified_count
13324
+ # For the patches that are noncompliant, the number that have a
13325
+ # severity of `UNSPECIFIED`.
13326
+ # @return [Integer]
13327
+ #
13328
+ # @!attribute [rw] patch_group
13329
+ # The identifier of the patch group for which compliance was
13330
+ # determined. A patch group uses tags to group EC2 instances that
13331
+ # should have the same patch compliance.
13332
+ # @return [String]
13333
+ #
13334
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmComplianceSummary AWS API Documentation
13335
+ #
13336
+ class AwsSsmComplianceSummary < Struct.new(
13337
+ :status,
13338
+ :compliant_critical_count,
13339
+ :compliant_high_count,
13340
+ :compliant_medium_count,
13341
+ :execution_type,
13342
+ :non_compliant_critical_count,
13343
+ :compliant_informational_count,
13344
+ :non_compliant_informational_count,
13345
+ :compliant_unspecified_count,
13346
+ :non_compliant_low_count,
13347
+ :non_compliant_high_count,
13348
+ :compliant_low_count,
13349
+ :compliance_type,
13350
+ :patch_baseline_id,
13351
+ :overall_severity,
13352
+ :non_compliant_medium_count,
13353
+ :non_compliant_unspecified_count,
13354
+ :patch_group)
13355
+ SENSITIVE = []
13356
+ include Aws::Structure
13357
+ end
13358
+
13359
+ # Provides details about the compliance for a patch.
13360
+ #
13361
+ # @note When making an API call, you may pass AwsSsmPatch
13362
+ # data as a hash:
13363
+ #
13364
+ # {
13365
+ # compliance_summary: {
13366
+ # status: "NonEmptyString",
13367
+ # compliant_critical_count: 1,
13368
+ # compliant_high_count: 1,
13369
+ # compliant_medium_count: 1,
13370
+ # execution_type: "NonEmptyString",
13371
+ # non_compliant_critical_count: 1,
13372
+ # compliant_informational_count: 1,
13373
+ # non_compliant_informational_count: 1,
13374
+ # compliant_unspecified_count: 1,
13375
+ # non_compliant_low_count: 1,
13376
+ # non_compliant_high_count: 1,
13377
+ # compliant_low_count: 1,
13378
+ # compliance_type: "NonEmptyString",
13379
+ # patch_baseline_id: "NonEmptyString",
13380
+ # overall_severity: "NonEmptyString",
13381
+ # non_compliant_medium_count: 1,
13382
+ # non_compliant_unspecified_count: 1,
13383
+ # patch_group: "NonEmptyString",
13384
+ # },
13385
+ # }
13386
+ #
13387
+ # @!attribute [rw] compliance_summary
13388
+ # The compliance status details for the patch.
13389
+ # @return [Types::AwsSsmComplianceSummary]
13390
+ #
13391
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
13392
+ #
13393
+ class AwsSsmPatch < Struct.new(
13394
+ :compliance_summary)
13395
+ SENSITIVE = []
13396
+ include Aws::Structure
13397
+ end
13398
+
13399
+ # Provides information about the state of a patch on an instance based
13400
+ # on the patch baseline that was used to patch the instance.
13401
+ #
13402
+ # @note When making an API call, you may pass AwsSsmPatchComplianceDetails
13403
+ # data as a hash:
13404
+ #
13405
+ # {
13406
+ # patch: {
13407
+ # compliance_summary: {
13408
+ # status: "NonEmptyString",
13409
+ # compliant_critical_count: 1,
13410
+ # compliant_high_count: 1,
13411
+ # compliant_medium_count: 1,
13412
+ # execution_type: "NonEmptyString",
13413
+ # non_compliant_critical_count: 1,
13414
+ # compliant_informational_count: 1,
13415
+ # non_compliant_informational_count: 1,
13416
+ # compliant_unspecified_count: 1,
13417
+ # non_compliant_low_count: 1,
13418
+ # non_compliant_high_count: 1,
13419
+ # compliant_low_count: 1,
13420
+ # compliance_type: "NonEmptyString",
13421
+ # patch_baseline_id: "NonEmptyString",
13422
+ # overall_severity: "NonEmptyString",
13423
+ # non_compliant_medium_count: 1,
13424
+ # non_compliant_unspecified_count: 1,
13425
+ # patch_group: "NonEmptyString",
13426
+ # },
13427
+ # },
13428
+ # }
13429
+ #
13430
+ # @!attribute [rw] patch
13431
+ # Information about the status of a patch.
13432
+ # @return [Types::AwsSsmPatch]
13433
+ #
13434
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
13435
+ #
13436
+ class AwsSsmPatchComplianceDetails < Struct.new(
13437
+ :patch)
13438
+ SENSITIVE = []
13439
+ include Aws::Structure
13440
+ end
13441
+
12478
13442
  # Details about a WAF WebACL.
12479
13443
  #
12480
13444
  # @note When making an API call, you may pass AwsWafWebAclDetails
@@ -12937,6 +13901,19 @@ module Aws::SecurityHub
12937
13901
  # },
12938
13902
  # ],
12939
13903
  # source_dest_check: false,
13904
+ # ip_v6_addresses: [
13905
+ # {
13906
+ # ip_v6_address: "NonEmptyString",
13907
+ # },
13908
+ # ],
13909
+ # private_ip_addresses: [
13910
+ # {
13911
+ # private_ip_address: "NonEmptyString",
13912
+ # private_dns_name: "NonEmptyString",
13913
+ # },
13914
+ # ],
13915
+ # public_dns_name: "NonEmptyString",
13916
+ # public_ip: "NonEmptyString",
12940
13917
  # },
12941
13918
  # aws_ec2_security_group: {
12942
13919
  # group_name: "NonEmptyString",
@@ -13437,6 +14414,30 @@ module Aws::SecurityHub
13437
14414
  # sns_topic_name: "NonEmptyString",
13438
14415
  # trail_arn: "NonEmptyString",
13439
14416
  # },
14417
+ # aws_ssm_patch_compliance: {
14418
+ # patch: {
14419
+ # compliance_summary: {
14420
+ # status: "NonEmptyString",
14421
+ # compliant_critical_count: 1,
14422
+ # compliant_high_count: 1,
14423
+ # compliant_medium_count: 1,
14424
+ # execution_type: "NonEmptyString",
14425
+ # non_compliant_critical_count: 1,
14426
+ # compliant_informational_count: 1,
14427
+ # non_compliant_informational_count: 1,
14428
+ # compliant_unspecified_count: 1,
14429
+ # non_compliant_low_count: 1,
14430
+ # non_compliant_high_count: 1,
14431
+ # compliant_low_count: 1,
14432
+ # compliance_type: "NonEmptyString",
14433
+ # patch_baseline_id: "NonEmptyString",
14434
+ # overall_severity: "NonEmptyString",
14435
+ # non_compliant_medium_count: 1,
14436
+ # non_compliant_unspecified_count: 1,
14437
+ # patch_group: "NonEmptyString",
14438
+ # },
14439
+ # },
14440
+ # },
13440
14441
  # aws_certificate_manager_certificate: {
13441
14442
  # certificate_authority_arn: "NonEmptyString",
13442
14443
  # created_at: "NonEmptyString",
@@ -14213,6 +15214,114 @@ module Aws::SecurityHub
14213
15214
  # reboot_option: "NonEmptyString",
14214
15215
  # operation: "NonEmptyString",
14215
15216
  # },
15217
+ # action: {
15218
+ # action_type: "NonEmptyString",
15219
+ # network_connection_action: {
15220
+ # connection_direction: "NonEmptyString",
15221
+ # remote_ip_details: {
15222
+ # ip_address_v4: "NonEmptyString",
15223
+ # organization: {
15224
+ # asn: 1,
15225
+ # asn_org: "NonEmptyString",
15226
+ # isp: "NonEmptyString",
15227
+ # org: "NonEmptyString",
15228
+ # },
15229
+ # country: {
15230
+ # country_code: "NonEmptyString",
15231
+ # country_name: "NonEmptyString",
15232
+ # },
15233
+ # city: {
15234
+ # city_name: "NonEmptyString",
15235
+ # },
15236
+ # geo_location: {
15237
+ # lon: 1.0,
15238
+ # lat: 1.0,
15239
+ # },
15240
+ # },
15241
+ # remote_port_details: {
15242
+ # port: 1,
15243
+ # port_name: "NonEmptyString",
15244
+ # },
15245
+ # local_port_details: {
15246
+ # port: 1,
15247
+ # port_name: "NonEmptyString",
15248
+ # },
15249
+ # protocol: "NonEmptyString",
15250
+ # blocked: false,
15251
+ # },
15252
+ # aws_api_call_action: {
15253
+ # api: "NonEmptyString",
15254
+ # service_name: "NonEmptyString",
15255
+ # caller_type: "NonEmptyString",
15256
+ # remote_ip_details: {
15257
+ # ip_address_v4: "NonEmptyString",
15258
+ # organization: {
15259
+ # asn: 1,
15260
+ # asn_org: "NonEmptyString",
15261
+ # isp: "NonEmptyString",
15262
+ # org: "NonEmptyString",
15263
+ # },
15264
+ # country: {
15265
+ # country_code: "NonEmptyString",
15266
+ # country_name: "NonEmptyString",
15267
+ # },
15268
+ # city: {
15269
+ # city_name: "NonEmptyString",
15270
+ # },
15271
+ # geo_location: {
15272
+ # lon: 1.0,
15273
+ # lat: 1.0,
15274
+ # },
15275
+ # },
15276
+ # domain_details: {
15277
+ # domain: "NonEmptyString",
15278
+ # },
15279
+ # affected_resources: {
15280
+ # "NonEmptyString" => "NonEmptyString",
15281
+ # },
15282
+ # first_seen: "NonEmptyString",
15283
+ # last_seen: "NonEmptyString",
15284
+ # },
15285
+ # dns_request_action: {
15286
+ # domain: "NonEmptyString",
15287
+ # protocol: "NonEmptyString",
15288
+ # blocked: false,
15289
+ # },
15290
+ # port_probe_action: {
15291
+ # port_probe_details: [
15292
+ # {
15293
+ # local_port_details: {
15294
+ # port: 1,
15295
+ # port_name: "NonEmptyString",
15296
+ # },
15297
+ # local_ip_details: {
15298
+ # ip_address_v4: "NonEmptyString",
15299
+ # },
15300
+ # remote_ip_details: {
15301
+ # ip_address_v4: "NonEmptyString",
15302
+ # organization: {
15303
+ # asn: 1,
15304
+ # asn_org: "NonEmptyString",
15305
+ # isp: "NonEmptyString",
15306
+ # org: "NonEmptyString",
15307
+ # },
15308
+ # country: {
15309
+ # country_code: "NonEmptyString",
15310
+ # country_name: "NonEmptyString",
15311
+ # },
15312
+ # city: {
15313
+ # city_name: "NonEmptyString",
15314
+ # },
15315
+ # geo_location: {
15316
+ # lon: 1.0,
15317
+ # lat: 1.0,
15318
+ # },
15319
+ # },
15320
+ # },
15321
+ # ],
15322
+ # blocked: false,
15323
+ # },
15324
+ # },
14216
15325
  # },
14217
15326
  # ],
14218
15327
  # }
@@ -14469,6 +15578,27 @@ module Aws::SecurityHub
14469
15578
  include Aws::Structure
14470
15579
  end
14471
15580
 
15581
+ # Information about a city.
15582
+ #
15583
+ # @note When making an API call, you may pass City
15584
+ # data as a hash:
15585
+ #
15586
+ # {
15587
+ # city_name: "NonEmptyString",
15588
+ # }
15589
+ #
15590
+ # @!attribute [rw] city_name
15591
+ # The name of the city.
15592
+ # @return [String]
15593
+ #
15594
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/City AWS API Documentation
15595
+ #
15596
+ class City < Struct.new(
15597
+ :city_name)
15598
+ SENSITIVE = []
15599
+ include Aws::Structure
15600
+ end
15601
+
14472
15602
  # Contains finding details that are specific to control-based findings.
14473
15603
  # Only returned for findings generated from controls.
14474
15604
  #
@@ -14580,6 +15710,33 @@ module Aws::SecurityHub
14580
15710
  include Aws::Structure
14581
15711
  end
14582
15712
 
15713
+ # Information about a country.
15714
+ #
15715
+ # @note When making an API call, you may pass Country
15716
+ # data as a hash:
15717
+ #
15718
+ # {
15719
+ # country_code: "NonEmptyString",
15720
+ # country_name: "NonEmptyString",
15721
+ # }
15722
+ #
15723
+ # @!attribute [rw] country_code
15724
+ # The 2-letter ISO 3166 country code for the country.
15725
+ # @return [String]
15726
+ #
15727
+ # @!attribute [rw] country_name
15728
+ # The name of the country.
15729
+ # @return [String]
15730
+ #
15731
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Country AWS API Documentation
15732
+ #
15733
+ class Country < Struct.new(
15734
+ :country_code,
15735
+ :country_name)
15736
+ SENSITIVE = []
15737
+ include Aws::Structure
15738
+ end
15739
+
14583
15740
  # @note When making an API call, you may pass CreateActionTargetRequest
14584
15741
  # data as a hash:
14585
15742
  #
@@ -15658,6 +16815,7 @@ module Aws::SecurityHub
15658
16815
  # {
15659
16816
  # next_token: "NextToken",
15660
16817
  # max_results: 1,
16818
+ # product_arn: "NonEmptyString",
15661
16819
  # }
15662
16820
  #
15663
16821
  # @!attribute [rw] next_token
@@ -15674,11 +16832,16 @@ module Aws::SecurityHub
15674
16832
  # The maximum number of results to return.
15675
16833
  # @return [Integer]
15676
16834
  #
16835
+ # @!attribute [rw] product_arn
16836
+ # The ARN of the integration to return.
16837
+ # @return [String]
16838
+ #
15677
16839
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
15678
16840
  #
15679
16841
  class DescribeProductsRequest < Struct.new(
15680
16842
  :next_token,
15681
- :max_results)
16843
+ :max_results,
16844
+ :product_arn)
15682
16845
  SENSITIVE = []
15683
16846
  include Aws::Structure
15684
16847
  end
@@ -15895,6 +17058,40 @@ module Aws::SecurityHub
15895
17058
  #
15896
17059
  class DisassociateMembersResponse < Aws::EmptyStructure; end
15897
17060
 
17061
+ # Provided if `ActionType` is `DNS_REQUEST`. It provides details about
17062
+ # the DNS request that was detected.
17063
+ #
17064
+ # @note When making an API call, you may pass DnsRequestAction
17065
+ # data as a hash:
17066
+ #
17067
+ # {
17068
+ # domain: "NonEmptyString",
17069
+ # protocol: "NonEmptyString",
17070
+ # blocked: false,
17071
+ # }
17072
+ #
17073
+ # @!attribute [rw] domain
17074
+ # The DNS domain that is associated with the DNS request.
17075
+ # @return [String]
17076
+ #
17077
+ # @!attribute [rw] protocol
17078
+ # The protocol that was used for the DNS request.
17079
+ # @return [String]
17080
+ #
17081
+ # @!attribute [rw] blocked
17082
+ # Indicates whether the DNS request was blocked.
17083
+ # @return [Boolean]
17084
+ #
17085
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DnsRequestAction AWS API Documentation
17086
+ #
17087
+ class DnsRequestAction < Struct.new(
17088
+ :domain,
17089
+ :protocol,
17090
+ :blocked)
17091
+ SENSITIVE = []
17092
+ include Aws::Structure
17093
+ end
17094
+
15898
17095
  # @note When making an API call, you may pass EnableImportFindingsForProductRequest
15899
17096
  # data as a hash:
15900
17097
  #
@@ -15986,6 +17183,33 @@ module Aws::SecurityHub
15986
17183
  #
15987
17184
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
15988
17185
 
17186
+ # Provides the latitude and longitude coordinates of a location.
17187
+ #
17188
+ # @note When making an API call, you may pass GeoLocation
17189
+ # data as a hash:
17190
+ #
17191
+ # {
17192
+ # lon: 1.0,
17193
+ # lat: 1.0,
17194
+ # }
17195
+ #
17196
+ # @!attribute [rw] lon
17197
+ # The longitude of the location.
17198
+ # @return [Float]
17199
+ #
17200
+ # @!attribute [rw] lat
17201
+ # The latitude of the location.
17202
+ # @return [Float]
17203
+ #
17204
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeoLocation AWS API Documentation
17205
+ #
17206
+ class GeoLocation < Struct.new(
17207
+ :lon,
17208
+ :lat)
17209
+ SENSITIVE = []
17210
+ include Aws::Structure
17211
+ end
17212
+
15989
17213
  # @note When making an API call, you may pass GetEnabledStandardsRequest
15990
17214
  # data as a hash:
15991
17215
  #
@@ -17080,6 +18304,45 @@ module Aws::SecurityHub
17080
18304
  include Aws::Structure
17081
18305
  end
17082
18306
 
18307
+ # Provides information about an internet provider.
18308
+ #
18309
+ # @note When making an API call, you may pass IpOrganizationDetails
18310
+ # data as a hash:
18311
+ #
18312
+ # {
18313
+ # asn: 1,
18314
+ # asn_org: "NonEmptyString",
18315
+ # isp: "NonEmptyString",
18316
+ # org: "NonEmptyString",
18317
+ # }
18318
+ #
18319
+ # @!attribute [rw] asn
18320
+ # The Autonomous System Number (ASN) of the internet provider
18321
+ # @return [Integer]
18322
+ #
18323
+ # @!attribute [rw] asn_org
18324
+ # The name of the organization that registered the ASN.
18325
+ # @return [String]
18326
+ #
18327
+ # @!attribute [rw] isp
18328
+ # The ISP information for the internet provider.
18329
+ # @return [String]
18330
+ #
18331
+ # @!attribute [rw] org
18332
+ # The name of the internet provider.
18333
+ # @return [String]
18334
+ #
18335
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IpOrganizationDetails AWS API Documentation
18336
+ #
18337
+ class IpOrganizationDetails < Struct.new(
18338
+ :asn,
18339
+ :asn_org,
18340
+ :isp,
18341
+ :org)
18342
+ SENSITIVE = []
18343
+ include Aws::Structure
18344
+ end
18345
+
17083
18346
  # An IPV6 CIDR block association.
17084
18347
  #
17085
18348
  # @note When making an API call, you may pass Ipv6CidrBlockAssociation
@@ -17681,6 +18944,84 @@ module Aws::SecurityHub
17681
18944
  include Aws::Structure
17682
18945
  end
17683
18946
 
18947
+ # Provided if `ActionType` is `NETWORK_CONNECTION`. It provides details
18948
+ # about the attempted network connection that was detected.
18949
+ #
18950
+ # @note When making an API call, you may pass NetworkConnectionAction
18951
+ # data as a hash:
18952
+ #
18953
+ # {
18954
+ # connection_direction: "NonEmptyString",
18955
+ # remote_ip_details: {
18956
+ # ip_address_v4: "NonEmptyString",
18957
+ # organization: {
18958
+ # asn: 1,
18959
+ # asn_org: "NonEmptyString",
18960
+ # isp: "NonEmptyString",
18961
+ # org: "NonEmptyString",
18962
+ # },
18963
+ # country: {
18964
+ # country_code: "NonEmptyString",
18965
+ # country_name: "NonEmptyString",
18966
+ # },
18967
+ # city: {
18968
+ # city_name: "NonEmptyString",
18969
+ # },
18970
+ # geo_location: {
18971
+ # lon: 1.0,
18972
+ # lat: 1.0,
18973
+ # },
18974
+ # },
18975
+ # remote_port_details: {
18976
+ # port: 1,
18977
+ # port_name: "NonEmptyString",
18978
+ # },
18979
+ # local_port_details: {
18980
+ # port: 1,
18981
+ # port_name: "NonEmptyString",
18982
+ # },
18983
+ # protocol: "NonEmptyString",
18984
+ # blocked: false,
18985
+ # }
18986
+ #
18987
+ # @!attribute [rw] connection_direction
18988
+ # The direction of the network connection request (`IN` or `OUT`).
18989
+ # @return [String]
18990
+ #
18991
+ # @!attribute [rw] remote_ip_details
18992
+ # Information about the remote IP address that issued the network
18993
+ # connection request.
18994
+ # @return [Types::ActionRemoteIpDetails]
18995
+ #
18996
+ # @!attribute [rw] remote_port_details
18997
+ # Information about the port on the remote IP address.
18998
+ # @return [Types::ActionRemotePortDetails]
18999
+ #
19000
+ # @!attribute [rw] local_port_details
19001
+ # Information about the port on the EC2 instance.
19002
+ # @return [Types::ActionLocalPortDetails]
19003
+ #
19004
+ # @!attribute [rw] protocol
19005
+ # The protocol used to make the network connection request.
19006
+ # @return [String]
19007
+ #
19008
+ # @!attribute [rw] blocked
19009
+ # Indicates whether the network connection attempt was blocked.
19010
+ # @return [Boolean]
19011
+ #
19012
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkConnectionAction AWS API Documentation
19013
+ #
19014
+ class NetworkConnectionAction < Struct.new(
19015
+ :connection_direction,
19016
+ :remote_ip_details,
19017
+ :remote_port_details,
19018
+ :local_port_details,
19019
+ :protocol,
19020
+ :blocked)
19021
+ SENSITIVE = []
19022
+ include Aws::Structure
19023
+ end
19024
+
17684
19025
  # Details about a network path component that occurs before or after the
17685
19026
  # current component.
17686
19027
  #
@@ -18056,6 +19397,126 @@ module Aws::SecurityHub
18056
19397
  include Aws::Structure
18057
19398
  end
18058
19399
 
19400
+ # Provided if `ActionType` is `PORT_PROBE`. It provides details about
19401
+ # the attempted port probe that was detected.
19402
+ #
19403
+ # @note When making an API call, you may pass PortProbeAction
19404
+ # data as a hash:
19405
+ #
19406
+ # {
19407
+ # port_probe_details: [
19408
+ # {
19409
+ # local_port_details: {
19410
+ # port: 1,
19411
+ # port_name: "NonEmptyString",
19412
+ # },
19413
+ # local_ip_details: {
19414
+ # ip_address_v4: "NonEmptyString",
19415
+ # },
19416
+ # remote_ip_details: {
19417
+ # ip_address_v4: "NonEmptyString",
19418
+ # organization: {
19419
+ # asn: 1,
19420
+ # asn_org: "NonEmptyString",
19421
+ # isp: "NonEmptyString",
19422
+ # org: "NonEmptyString",
19423
+ # },
19424
+ # country: {
19425
+ # country_code: "NonEmptyString",
19426
+ # country_name: "NonEmptyString",
19427
+ # },
19428
+ # city: {
19429
+ # city_name: "NonEmptyString",
19430
+ # },
19431
+ # geo_location: {
19432
+ # lon: 1.0,
19433
+ # lat: 1.0,
19434
+ # },
19435
+ # },
19436
+ # },
19437
+ # ],
19438
+ # blocked: false,
19439
+ # }
19440
+ #
19441
+ # @!attribute [rw] port_probe_details
19442
+ # Information about the ports affected by the port probe.
19443
+ # @return [Array<Types::PortProbeDetail>]
19444
+ #
19445
+ # @!attribute [rw] blocked
19446
+ # Indicates whether the port probe was blocked.
19447
+ # @return [Boolean]
19448
+ #
19449
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeAction AWS API Documentation
19450
+ #
19451
+ class PortProbeAction < Struct.new(
19452
+ :port_probe_details,
19453
+ :blocked)
19454
+ SENSITIVE = []
19455
+ include Aws::Structure
19456
+ end
19457
+
19458
+ # A port scan that was part of the port probe. For each scan,
19459
+ # PortProbeDetails provides information about the local IP address and
19460
+ # port that were scanned, and the remote IP address that the scan
19461
+ # originated from.
19462
+ #
19463
+ # @note When making an API call, you may pass PortProbeDetail
19464
+ # data as a hash:
19465
+ #
19466
+ # {
19467
+ # local_port_details: {
19468
+ # port: 1,
19469
+ # port_name: "NonEmptyString",
19470
+ # },
19471
+ # local_ip_details: {
19472
+ # ip_address_v4: "NonEmptyString",
19473
+ # },
19474
+ # remote_ip_details: {
19475
+ # ip_address_v4: "NonEmptyString",
19476
+ # organization: {
19477
+ # asn: 1,
19478
+ # asn_org: "NonEmptyString",
19479
+ # isp: "NonEmptyString",
19480
+ # org: "NonEmptyString",
19481
+ # },
19482
+ # country: {
19483
+ # country_code: "NonEmptyString",
19484
+ # country_name: "NonEmptyString",
19485
+ # },
19486
+ # city: {
19487
+ # city_name: "NonEmptyString",
19488
+ # },
19489
+ # geo_location: {
19490
+ # lon: 1.0,
19491
+ # lat: 1.0,
19492
+ # },
19493
+ # },
19494
+ # }
19495
+ #
19496
+ # @!attribute [rw] local_port_details
19497
+ # Provides information about the port that was scanned.
19498
+ # @return [Types::ActionLocalPortDetails]
19499
+ #
19500
+ # @!attribute [rw] local_ip_details
19501
+ # Provides information about the IP address where the scanned port is
19502
+ # located.
19503
+ # @return [Types::ActionLocalIpDetails]
19504
+ #
19505
+ # @!attribute [rw] remote_ip_details
19506
+ # Provides information about the remote IP address that performed the
19507
+ # scan.
19508
+ # @return [Types::ActionRemoteIpDetails]
19509
+ #
19510
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeDetail AWS API Documentation
19511
+ #
19512
+ class PortProbeDetail < Struct.new(
19513
+ :local_port_details,
19514
+ :local_ip_details,
19515
+ :remote_ip_details)
19516
+ SENSITIVE = []
19517
+ include Aws::Structure
19518
+ end
19519
+
18059
19520
  # A range of ports.
18060
19521
  #
18061
19522
  # @note When making an API call, you may pass PortRange
@@ -18418,6 +19879,19 @@ module Aws::SecurityHub
18418
19879
  # },
18419
19880
  # ],
18420
19881
  # source_dest_check: false,
19882
+ # ip_v6_addresses: [
19883
+ # {
19884
+ # ip_v6_address: "NonEmptyString",
19885
+ # },
19886
+ # ],
19887
+ # private_ip_addresses: [
19888
+ # {
19889
+ # private_ip_address: "NonEmptyString",
19890
+ # private_dns_name: "NonEmptyString",
19891
+ # },
19892
+ # ],
19893
+ # public_dns_name: "NonEmptyString",
19894
+ # public_ip: "NonEmptyString",
18421
19895
  # },
18422
19896
  # aws_ec2_security_group: {
18423
19897
  # group_name: "NonEmptyString",
@@ -18918,6 +20392,30 @@ module Aws::SecurityHub
18918
20392
  # sns_topic_name: "NonEmptyString",
18919
20393
  # trail_arn: "NonEmptyString",
18920
20394
  # },
20395
+ # aws_ssm_patch_compliance: {
20396
+ # patch: {
20397
+ # compliance_summary: {
20398
+ # status: "NonEmptyString",
20399
+ # compliant_critical_count: 1,
20400
+ # compliant_high_count: 1,
20401
+ # compliant_medium_count: 1,
20402
+ # execution_type: "NonEmptyString",
20403
+ # non_compliant_critical_count: 1,
20404
+ # compliant_informational_count: 1,
20405
+ # non_compliant_informational_count: 1,
20406
+ # compliant_unspecified_count: 1,
20407
+ # non_compliant_low_count: 1,
20408
+ # non_compliant_high_count: 1,
20409
+ # compliant_low_count: 1,
20410
+ # compliance_type: "NonEmptyString",
20411
+ # patch_baseline_id: "NonEmptyString",
20412
+ # overall_severity: "NonEmptyString",
20413
+ # non_compliant_medium_count: 1,
20414
+ # non_compliant_unspecified_count: 1,
20415
+ # patch_group: "NonEmptyString",
20416
+ # },
20417
+ # },
20418
+ # },
18921
20419
  # aws_certificate_manager_certificate: {
18922
20420
  # certificate_authority_arn: "NonEmptyString",
18923
20421
  # created_at: "NonEmptyString",
@@ -19648,6 +21146,8 @@ module Aws::SecurityHub
19648
21146
  # @return [String]
19649
21147
  #
19650
21148
  # @!attribute [rw] resource_role
21149
+ # Identifies the role of the resource in the finding. A resource is
21150
+ # either the actor or target of the finding activity,
19651
21151
  # @return [String]
19652
21152
  #
19653
21153
  # @!attribute [rw] tags
@@ -19817,6 +21317,19 @@ module Aws::SecurityHub
19817
21317
  # },
19818
21318
  # ],
19819
21319
  # source_dest_check: false,
21320
+ # ip_v6_addresses: [
21321
+ # {
21322
+ # ip_v6_address: "NonEmptyString",
21323
+ # },
21324
+ # ],
21325
+ # private_ip_addresses: [
21326
+ # {
21327
+ # private_ip_address: "NonEmptyString",
21328
+ # private_dns_name: "NonEmptyString",
21329
+ # },
21330
+ # ],
21331
+ # public_dns_name: "NonEmptyString",
21332
+ # public_ip: "NonEmptyString",
19820
21333
  # },
19821
21334
  # aws_ec2_security_group: {
19822
21335
  # group_name: "NonEmptyString",
@@ -20317,6 +21830,30 @@ module Aws::SecurityHub
20317
21830
  # sns_topic_name: "NonEmptyString",
20318
21831
  # trail_arn: "NonEmptyString",
20319
21832
  # },
21833
+ # aws_ssm_patch_compliance: {
21834
+ # patch: {
21835
+ # compliance_summary: {
21836
+ # status: "NonEmptyString",
21837
+ # compliant_critical_count: 1,
21838
+ # compliant_high_count: 1,
21839
+ # compliant_medium_count: 1,
21840
+ # execution_type: "NonEmptyString",
21841
+ # non_compliant_critical_count: 1,
21842
+ # compliant_informational_count: 1,
21843
+ # non_compliant_informational_count: 1,
21844
+ # compliant_unspecified_count: 1,
21845
+ # non_compliant_low_count: 1,
21846
+ # non_compliant_high_count: 1,
21847
+ # compliant_low_count: 1,
21848
+ # compliance_type: "NonEmptyString",
21849
+ # patch_baseline_id: "NonEmptyString",
21850
+ # overall_severity: "NonEmptyString",
21851
+ # non_compliant_medium_count: 1,
21852
+ # non_compliant_unspecified_count: 1,
21853
+ # patch_group: "NonEmptyString",
21854
+ # },
21855
+ # },
21856
+ # },
20320
21857
  # aws_certificate_manager_certificate: {
20321
21858
  # certificate_authority_arn: "NonEmptyString",
20322
21859
  # created_at: "NonEmptyString",
@@ -21091,9 +22628,11 @@ module Aws::SecurityHub
21091
22628
  # @return [Types::AwsIamPolicyDetails]
21092
22629
  #
21093
22630
  # @!attribute [rw] aws_api_gateway_v2_stage
22631
+ # Provides information about a version 2 stage for Amazon API Gateway.
21094
22632
  # @return [Types::AwsApiGatewayV2StageDetails]
21095
22633
  #
21096
22634
  # @!attribute [rw] aws_api_gateway_v2_api
22635
+ # Provides information about a version 2 API in Amazon API Gateway.
21097
22636
  # @return [Types::AwsApiGatewayV2ApiDetails]
21098
22637
  #
21099
22638
  # @!attribute [rw] aws_dynamo_db_table
@@ -21101,24 +22640,37 @@ module Aws::SecurityHub
21101
22640
  # @return [Types::AwsDynamoDbTableDetails]
21102
22641
  #
21103
22642
  # @!attribute [rw] aws_api_gateway_stage
22643
+ # Provides information about a version 1 Amazon API Gateway stage.
21104
22644
  # @return [Types::AwsApiGatewayStageDetails]
21105
22645
  #
21106
22646
  # @!attribute [rw] aws_api_gateway_rest_api
22647
+ # Provides information about a REST API in version 1 of Amazon API
22648
+ # Gateway.
21107
22649
  # @return [Types::AwsApiGatewayRestApiDetails]
21108
22650
  #
21109
22651
  # @!attribute [rw] aws_cloud_trail_trail
22652
+ # Provides details about a CloudTrail trail.
21110
22653
  # @return [Types::AwsCloudTrailTrailDetails]
21111
22654
  #
22655
+ # @!attribute [rw] aws_ssm_patch_compliance
22656
+ # Provides information about the state of a patch on an instance based
22657
+ # on the patch baseline that was used to patch the instance.
22658
+ # @return [Types::AwsSsmPatchComplianceDetails]
22659
+ #
21112
22660
  # @!attribute [rw] aws_certificate_manager_certificate
22661
+ # Provides details about an AWS Certificate Manager (ACM) certificate.
21113
22662
  # @return [Types::AwsCertificateManagerCertificateDetails]
21114
22663
  #
21115
22664
  # @!attribute [rw] aws_redshift_cluster
22665
+ # Contains details about an Amazon Redshift cluster.
21116
22666
  # @return [Types::AwsRedshiftClusterDetails]
21117
22667
  #
21118
22668
  # @!attribute [rw] aws_elb_load_balancer
22669
+ # contains details about a Classic Load Balancer.
21119
22670
  # @return [Types::AwsElbLoadBalancerDetails]
21120
22671
  #
21121
22672
  # @!attribute [rw] aws_iam_group
22673
+ # Contains details about an IAM group.
21122
22674
  # @return [Types::AwsIamGroupDetails]
21123
22675
  #
21124
22676
  # @!attribute [rw] aws_iam_role
@@ -21209,6 +22761,7 @@ module Aws::SecurityHub
21209
22761
  :aws_api_gateway_stage,
21210
22762
  :aws_api_gateway_rest_api,
21211
22763
  :aws_cloud_trail_trail,
22764
+ :aws_ssm_patch_compliance,
21212
22765
  :aws_certificate_manager_certificate,
21213
22766
  :aws_redshift_cluster,
21214
22767
  :aws_elb_load_balancer,
@@ -21269,9 +22822,9 @@ module Aws::SecurityHub
21269
22822
 
21270
22823
  # The severity of the finding.
21271
22824
  #
21272
- # The finding provider can provide the initial severity, but cannot
21273
- # update it after that. The severity can only be updated by a master
21274
- # account. It cannot be updated by a member account.
22825
+ # The finding provider can provide the initial severity. The finding
22826
+ # provider can only update the severity if it has not been updated using
22827
+ # `BatchUpdateFindings`.
21275
22828
  #
21276
22829
  # The finding must have either `Label` or `Normalized` populated. If
21277
22830
  # only one of these attributes is populated, then Security Hub
@@ -21613,7 +23166,20 @@ module Aws::SecurityHub
21613
23166
  # @return [Hash<String,String>]
21614
23167
  #
21615
23168
  # @!attribute [rw] standards_status
21616
- # The status of the standards subscription.
23169
+ # The status of the standard subscription.
23170
+ #
23171
+ # The status values are as follows:
23172
+ #
23173
+ # * `PENDING` - Standard is in the process of being enabled.
23174
+ #
23175
+ # * `READY` - Standard is enabled.
23176
+ #
23177
+ # * `INCOMPLETE` - Standard could not be enabled completely. Some
23178
+ # controls may not be available.
23179
+ #
23180
+ # * `DELETING` - Standard is in the process of being disabled.
23181
+ #
23182
+ # * `FAILED` - Standard could not be disabled.
21617
23183
  # @return [String]
21618
23184
  #
21619
23185
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
@@ -23457,6 +25023,14 @@ module Aws::SecurityHub
23457
25023
  #
23458
25024
  # * `NEW` - The initial state of a finding, before it is reviewed.
23459
25025
  #
25026
+ # Security Hub also resets the workflow status from `NOTIFIED` or
25027
+ # `RESOLVED` to `NEW` in the following cases:
25028
+ #
25029
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
25030
+ #
25031
+ # * `ComplianceStatus` changes from `PASSED` to either `WARNING`,
25032
+ # `FAILED`, or `NOT_AVAILABLE`.
25033
+ #
23460
25034
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23461
25035
  # the security issue. Used when the initial reviewer is not the
23462
25036
  # resource owner, and needs intervention from the resource owner.
@@ -23491,6 +25065,14 @@ module Aws::SecurityHub
23491
25065
  #
23492
25066
  # * `NEW` - The initial state of a finding, before it is reviewed.
23493
25067
  #
25068
+ # Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or
25069
+ # `RESOLVED` to `NEW` in the following cases:
25070
+ #
25071
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
25072
+ #
25073
+ # * The compliance status changes from `PASSED` to either `WARNING`,
25074
+ # `FAILED`, or `NOT_AVAILABLE`.
25075
+ #
23494
25076
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23495
25077
  # the security issue. Used when the initial reviewer is not the
23496
25078
  # resource owner, and needs intervention from the resource owner.