aws-sdk-securityhub 1.36.0 → 1.41.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +218 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +2 -2
  6. data/lib/aws-sdk-securityhub/client.rb +251 -13
  7. data/lib/aws-sdk-securityhub/client_api.rb +147 -1
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +1590 -8
  11. metadata +8 -5
data/lib/aws-sdk-securityhub/errors.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/resource.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -85,6 +85,313 @@ module Aws::SecurityHub
85
85
  include Aws::Structure
86
86
  end
87
87
 
88
+ # Provides details about one of the following actions that affects or
89
+ # that was taken on a resource:
90
+ #
91
+ # * A remote IP address issued an AWS API call
92
+ #
93
+ # * A DNS request was received
94
+ #
95
+ # * A remote IP address attempted to connect to an EC2 instance
96
+ #
97
+ # * A remote IP address attempted a port probe on an EC2 instance
98
+ #
99
+ # @note When making an API call, you may pass Action
100
+ # data as a hash:
101
+ #
102
+ # {
103
+ # action_type: "NonEmptyString",
104
+ # network_connection_action: {
105
+ # connection_direction: "NonEmptyString",
106
+ # remote_ip_details: {
107
+ # ip_address_v4: "NonEmptyString",
108
+ # organization: {
109
+ # asn: 1,
110
+ # asn_org: "NonEmptyString",
111
+ # isp: "NonEmptyString",
112
+ # org: "NonEmptyString",
113
+ # },
114
+ # country: {
115
+ # country_code: "NonEmptyString",
116
+ # country_name: "NonEmptyString",
117
+ # },
118
+ # city: {
119
+ # city_name: "NonEmptyString",
120
+ # },
121
+ # geo_location: {
122
+ # lon: 1.0,
123
+ # lat: 1.0,
124
+ # },
125
+ # },
126
+ # remote_port_details: {
127
+ # port: 1,
128
+ # port_name: "NonEmptyString",
129
+ # },
130
+ # local_port_details: {
131
+ # port: 1,
132
+ # port_name: "NonEmptyString",
133
+ # },
134
+ # protocol: "NonEmptyString",
135
+ # blocked: false,
136
+ # },
137
+ # aws_api_call_action: {
138
+ # api: "NonEmptyString",
139
+ # service_name: "NonEmptyString",
140
+ # caller_type: "NonEmptyString",
141
+ # remote_ip_details: {
142
+ # ip_address_v4: "NonEmptyString",
143
+ # organization: {
144
+ # asn: 1,
145
+ # asn_org: "NonEmptyString",
146
+ # isp: "NonEmptyString",
147
+ # org: "NonEmptyString",
148
+ # },
149
+ # country: {
150
+ # country_code: "NonEmptyString",
151
+ # country_name: "NonEmptyString",
152
+ # },
153
+ # city: {
154
+ # city_name: "NonEmptyString",
155
+ # },
156
+ # geo_location: {
157
+ # lon: 1.0,
158
+ # lat: 1.0,
159
+ # },
160
+ # },
161
+ # domain_details: {
162
+ # domain: "NonEmptyString",
163
+ # },
164
+ # affected_resources: {
165
+ # "NonEmptyString" => "NonEmptyString",
166
+ # },
167
+ # first_seen: "NonEmptyString",
168
+ # last_seen: "NonEmptyString",
169
+ # },
170
+ # dns_request_action: {
171
+ # domain: "NonEmptyString",
172
+ # protocol: "NonEmptyString",
173
+ # blocked: false,
174
+ # },
175
+ # port_probe_action: {
176
+ # port_probe_details: [
177
+ # {
178
+ # local_port_details: {
179
+ # port: 1,
180
+ # port_name: "NonEmptyString",
181
+ # },
182
+ # local_ip_details: {
183
+ # ip_address_v4: "NonEmptyString",
184
+ # },
185
+ # remote_ip_details: {
186
+ # ip_address_v4: "NonEmptyString",
187
+ # organization: {
188
+ # asn: 1,
189
+ # asn_org: "NonEmptyString",
190
+ # isp: "NonEmptyString",
191
+ # org: "NonEmptyString",
192
+ # },
193
+ # country: {
194
+ # country_code: "NonEmptyString",
195
+ # country_name: "NonEmptyString",
196
+ # },
197
+ # city: {
198
+ # city_name: "NonEmptyString",
199
+ # },
200
+ # geo_location: {
201
+ # lon: 1.0,
202
+ # lat: 1.0,
203
+ # },
204
+ # },
205
+ # },
206
+ # ],
207
+ # blocked: false,
208
+ # },
209
+ # }
210
+ #
211
+ # @!attribute [rw] action_type
212
+ # The type of action that was detected. The possible action types are:
213
+ #
214
+ # * `NETWORK_CONNECTION`
215
+ #
216
+ # * `AWS_API_CALL`
217
+ #
218
+ # * `DNS_REQUEST`
219
+ #
220
+ # * `PORT_PROBE`
221
+ # @return [String]
222
+ #
223
+ # @!attribute [rw] network_connection_action
224
+ # Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
225
+ # about the network connection that was detected.
226
+ # @return [Types::NetworkConnectionAction]
227
+ #
228
+ # @!attribute [rw] aws_api_call_action
229
+ # Included if `ActionType` is `AWS_API_CALL`. Provides details about
230
+ # the API call that was detected.
231
+ # @return [Types::AwsApiCallAction]
232
+ #
233
+ # @!attribute [rw] dns_request_action
234
+ # Included if `ActionType` is `DNS_REQUEST`. Provides details about
235
+ # the DNS request that was detected.
236
+ # @return [Types::DnsRequestAction]
237
+ #
238
+ # @!attribute [rw] port_probe_action
239
+ # Included if `ActionType` is `PORT_PROBE`. Provides details about the
240
+ # port probe that was detected.
241
+ # @return [Types::PortProbeAction]
242
+ #
243
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
244
+ #
245
+ class Action < Struct.new(
246
+ :action_type,
247
+ :network_connection_action,
248
+ :aws_api_call_action,
249
+ :dns_request_action,
250
+ :port_probe_action)
251
+ SENSITIVE = []
252
+ include Aws::Structure
253
+ end
254
+
255
+ # Provides information about the IP address where the scanned port is
256
+ # located.
257
+ #
258
+ # @note When making an API call, you may pass ActionLocalIpDetails
259
+ # data as a hash:
260
+ #
261
+ # {
262
+ # ip_address_v4: "NonEmptyString",
263
+ # }
264
+ #
265
+ # @!attribute [rw] ip_address_v4
266
+ # The IP address.
267
+ # @return [String]
268
+ #
269
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalIpDetails AWS API Documentation
270
+ #
271
+ class ActionLocalIpDetails < Struct.new(
272
+ :ip_address_v4)
273
+ SENSITIVE = []
274
+ include Aws::Structure
275
+ end
276
+
277
+ # For `NetworkConnectionAction` and `PortProbeDetails`,
278
+ # `LocalPortDetails` provides information about the local port that was
279
+ # involved in the action.
280
+ #
281
+ # @note When making an API call, you may pass ActionLocalPortDetails
282
+ # data as a hash:
283
+ #
284
+ # {
285
+ # port: 1,
286
+ # port_name: "NonEmptyString",
287
+ # }
288
+ #
289
+ # @!attribute [rw] port
290
+ # The number of the port.
291
+ # @return [Integer]
292
+ #
293
+ # @!attribute [rw] port_name
294
+ # The port name of the local connection.
295
+ # @return [String]
296
+ #
297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalPortDetails AWS API Documentation
298
+ #
299
+ class ActionLocalPortDetails < Struct.new(
300
+ :port,
301
+ :port_name)
302
+ SENSITIVE = []
303
+ include Aws::Structure
304
+ end
305
+
306
+ # For `AwsApiAction`, `NetworkConnectionAction`, and `PortProbeAction`,
307
+ # `RemoteIpDetails` provides information about the remote IP address
308
+ # that was involved in the action.
309
+ #
310
+ # @note When making an API call, you may pass ActionRemoteIpDetails
311
+ # data as a hash:
312
+ #
313
+ # {
314
+ # ip_address_v4: "NonEmptyString",
315
+ # organization: {
316
+ # asn: 1,
317
+ # asn_org: "NonEmptyString",
318
+ # isp: "NonEmptyString",
319
+ # org: "NonEmptyString",
320
+ # },
321
+ # country: {
322
+ # country_code: "NonEmptyString",
323
+ # country_name: "NonEmptyString",
324
+ # },
325
+ # city: {
326
+ # city_name: "NonEmptyString",
327
+ # },
328
+ # geo_location: {
329
+ # lon: 1.0,
330
+ # lat: 1.0,
331
+ # },
332
+ # }
333
+ #
334
+ # @!attribute [rw] ip_address_v4
335
+ # The IP address.
336
+ # @return [String]
337
+ #
338
+ # @!attribute [rw] organization
339
+ # The internet service provider (ISP) organization associated with the
340
+ # remote IP address.
341
+ # @return [Types::IpOrganizationDetails]
342
+ #
343
+ # @!attribute [rw] country
344
+ # The country where the remote IP address is located.
345
+ # @return [Types::Country]
346
+ #
347
+ # @!attribute [rw] city
348
+ # The city where the remote IP address is located.
349
+ # @return [Types::City]
350
+ #
351
+ # @!attribute [rw] geo_location
352
+ # The coordinates of the location of the remote IP address.
353
+ # @return [Types::GeoLocation]
354
+ #
355
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemoteIpDetails AWS API Documentation
356
+ #
357
+ class ActionRemoteIpDetails < Struct.new(
358
+ :ip_address_v4,
359
+ :organization,
360
+ :country,
361
+ :city,
362
+ :geo_location)
363
+ SENSITIVE = []
364
+ include Aws::Structure
365
+ end
366
+
367
+ # Provides information about the remote port that was involved in an
368
+ # attempted network connection.
369
+ #
370
+ # @note When making an API call, you may pass ActionRemotePortDetails
371
+ # data as a hash:
372
+ #
373
+ # {
374
+ # port: 1,
375
+ # port_name: "NonEmptyString",
376
+ # }
377
+ #
378
+ # @!attribute [rw] port
379
+ # The number of the port.
380
+ # @return [Integer]
381
+ #
382
+ # @!attribute [rw] port_name
383
+ # The port name of the remote connection.
384
+ # @return [String]
385
+ #
386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemotePortDetails AWS API Documentation
387
+ #
388
+ class ActionRemotePortDetails < Struct.new(
389
+ :port,
390
+ :port_name)
391
+ SENSITIVE = []
392
+ include Aws::Structure
393
+ end
394
+
88
395
  # An `ActionTarget` object.
89
396
  #
90
397
  # @!attribute [rw] action_target_arn
@@ -160,6 +467,120 @@ module Aws::SecurityHub
160
467
  include Aws::Structure
161
468
  end
162
469
 
470
+ # Provided if `ActionType` is `AWS_API_CALL`. It provides details about
471
+ # the API call that was detected.
472
+ #
473
+ # @note When making an API call, you may pass AwsApiCallAction
474
+ # data as a hash:
475
+ #
476
+ # {
477
+ # api: "NonEmptyString",
478
+ # service_name: "NonEmptyString",
479
+ # caller_type: "NonEmptyString",
480
+ # remote_ip_details: {
481
+ # ip_address_v4: "NonEmptyString",
482
+ # organization: {
483
+ # asn: 1,
484
+ # asn_org: "NonEmptyString",
485
+ # isp: "NonEmptyString",
486
+ # org: "NonEmptyString",
487
+ # },
488
+ # country: {
489
+ # country_code: "NonEmptyString",
490
+ # country_name: "NonEmptyString",
491
+ # },
492
+ # city: {
493
+ # city_name: "NonEmptyString",
494
+ # },
495
+ # geo_location: {
496
+ # lon: 1.0,
497
+ # lat: 1.0,
498
+ # },
499
+ # },
500
+ # domain_details: {
501
+ # domain: "NonEmptyString",
502
+ # },
503
+ # affected_resources: {
504
+ # "NonEmptyString" => "NonEmptyString",
505
+ # },
506
+ # first_seen: "NonEmptyString",
507
+ # last_seen: "NonEmptyString",
508
+ # }
509
+ #
510
+ # @!attribute [rw] api
511
+ # The name of the API method that was issued.
512
+ # @return [String]
513
+ #
514
+ # @!attribute [rw] service_name
515
+ # The name of the AWS service that the API method belongs to.
516
+ # @return [String]
517
+ #
518
+ # @!attribute [rw] caller_type
519
+ # Indicates whether the API call originated from a remote IP address
520
+ # (`remoteip`) or from a DNS domain (`domain`).
521
+ # @return [String]
522
+ #
523
+ # @!attribute [rw] remote_ip_details
524
+ # Provided if `CallerType` is `remoteIp`. Provides information about
525
+ # the remote IP address that the API call originated from.
526
+ # @return [Types::ActionRemoteIpDetails]
527
+ #
528
+ # @!attribute [rw] domain_details
529
+ # Provided if `CallerType` is `domain`. Provides information about the
530
+ # DNS domain that the API call originated from.
531
+ # @return [Types::AwsApiCallActionDomainDetails]
532
+ #
533
+ # @!attribute [rw] affected_resources
534
+ # Identifies the resources that were affected by the API call.
535
+ # @return [Hash<String,String>]
536
+ #
537
+ # @!attribute [rw] first_seen
538
+ # An ISO8601-formatted timestamp that indicates when the API call was
539
+ # first observed.
540
+ # @return [String]
541
+ #
542
+ # @!attribute [rw] last_seen
543
+ # An ISO8601-formatted timestamp that indicates when the API call was
544
+ # most recently observed.
545
+ # @return [String]
546
+ #
547
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallAction AWS API Documentation
548
+ #
549
+ class AwsApiCallAction < Struct.new(
550
+ :api,
551
+ :service_name,
552
+ :caller_type,
553
+ :remote_ip_details,
554
+ :domain_details,
555
+ :affected_resources,
556
+ :first_seen,
557
+ :last_seen)
558
+ SENSITIVE = []
559
+ include Aws::Structure
560
+ end
561
+
562
+ # Provided if `CallerType` is `domain`. It provides information about
563
+ # the DNS domain that issued the API call.
564
+ #
565
+ # @note When making an API call, you may pass AwsApiCallActionDomainDetails
566
+ # data as a hash:
567
+ #
568
+ # {
569
+ # domain: "NonEmptyString",
570
+ # }
571
+ #
572
+ # @!attribute [rw] domain
573
+ # The name of the DNS domain that issued the API call.
574
+ # @return [String]
575
+ #
576
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallActionDomainDetails AWS API Documentation
577
+ #
578
+ class AwsApiCallActionDomainDetails < Struct.new(
579
+ :domain)
580
+ SENSITIVE = []
581
+ include Aws::Structure
582
+ end
583
+
163
584
  # Contains information about settings for logging access for the stage.
164
585
  #
165
586
  # @note When making an API call, you may pass AwsApiGatewayAccessLogSettings
@@ -3488,6 +3909,19 @@ module Aws::SecurityHub
3488
3909
  # },
3489
3910
  # ],
3490
3911
  # source_dest_check: false,
3912
+ # ip_v6_addresses: [
3913
+ # {
3914
+ # ip_v6_address: "NonEmptyString",
3915
+ # },
3916
+ # ],
3917
+ # private_ip_addresses: [
3918
+ # {
3919
+ # private_ip_address: "NonEmptyString",
3920
+ # private_dns_name: "NonEmptyString",
3921
+ # },
3922
+ # ],
3923
+ # public_dns_name: "NonEmptyString",
3924
+ # public_ip: "NonEmptyString",
3491
3925
  # }
3492
3926
  #
3493
3927
  # @!attribute [rw] attachment
@@ -3506,13 +3940,84 @@ module Aws::SecurityHub
3506
3940
  # Indicates whether traffic to or from the instance is validated.
3507
3941
  # @return [Boolean]
3508
3942
  #
3943
+ # @!attribute [rw] ip_v6_addresses
3944
+ # The IPv6 addresses associated with the network interface.
3945
+ # @return [Array<Types::AwsEc2NetworkInterfaceIpV6AddressDetail>]
3946
+ #
3947
+ # @!attribute [rw] private_ip_addresses
3948
+ # The private IPv4 addresses associated with the network interface.
3949
+ # @return [Array<Types::AwsEc2NetworkInterfacePrivateIpAddressDetail>]
3950
+ #
3951
+ # @!attribute [rw] public_dns_name
3952
+ # The public DNS name of the network interface.
3953
+ # @return [String]
3954
+ #
3955
+ # @!attribute [rw] public_ip
3956
+ # The address of the Elastic IP address bound to the network
3957
+ # interface.
3958
+ # @return [String]
3959
+ #
3509
3960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceDetails AWS API Documentation
3510
3961
  #
3511
3962
  class AwsEc2NetworkInterfaceDetails < Struct.new(
3512
3963
  :attachment,
3513
3964
  :network_interface_id,
3514
3965
  :security_groups,
3515
- :source_dest_check)
3966
+ :source_dest_check,
3967
+ :ip_v6_addresses,
3968
+ :private_ip_addresses,
3969
+ :public_dns_name,
3970
+ :public_ip)
3971
+ SENSITIVE = []
3972
+ include Aws::Structure
3973
+ end
3974
+
3975
+ # Provides information about an IPV6 address that is associated with the
3976
+ # network interface.
3977
+ #
3978
+ # @note When making an API call, you may pass AwsEc2NetworkInterfaceIpV6AddressDetail
3979
+ # data as a hash:
3980
+ #
3981
+ # {
3982
+ # ip_v6_address: "NonEmptyString",
3983
+ # }
3984
+ #
3985
+ # @!attribute [rw] ip_v6_address
3986
+ # The IPV6 address.
3987
+ # @return [String]
3988
+ #
3989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceIpV6AddressDetail AWS API Documentation
3990
+ #
3991
+ class AwsEc2NetworkInterfaceIpV6AddressDetail < Struct.new(
3992
+ :ip_v6_address)
3993
+ SENSITIVE = []
3994
+ include Aws::Structure
3995
+ end
3996
+
3997
+ # Provides information about a private IPv4 address that is with the
3998
+ # network interface.
3999
+ #
4000
+ # @note When making an API call, you may pass AwsEc2NetworkInterfacePrivateIpAddressDetail
4001
+ # data as a hash:
4002
+ #
4003
+ # {
4004
+ # private_ip_address: "NonEmptyString",
4005
+ # private_dns_name: "NonEmptyString",
4006
+ # }
4007
+ #
4008
+ # @!attribute [rw] private_ip_address
4009
+ # The IP address.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] private_dns_name
4013
+ # The private DNS name for the IP address.
4014
+ # @return [String]
4015
+ #
4016
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfacePrivateIpAddressDetail AWS API Documentation
4017
+ #
4018
+ class AwsEc2NetworkInterfacePrivateIpAddressDetail < Struct.new(
4019
+ :private_ip_address,
4020
+ :private_dns_name)
3516
4021
  SENSITIVE = []
3517
4022
  include Aws::Structure
3518
4023
  end
@@ -6884,6 +7389,8 @@ module Aws::SecurityHub
6884
7389
  # @return [String]
6885
7390
  #
6886
7391
  # @!attribute [rw] engine
7392
+ # The name of the database engine that you want to use for this DB
7393
+ # instance.
6887
7394
  # @return [String]
6888
7395
  #
6889
7396
  # @!attribute [rw] allocated_storage
@@ -7667,6 +8174,8 @@ module Aws::SecurityHub
7667
8174
  include Aws::Structure
7668
8175
  end
7669
8176
 
8177
+ # An option group membership.
8178
+ #
7670
8179
  # @note When making an API call, you may pass AwsRdsDbOptionGroupMembership
7671
8180
  # data as a hash:
7672
8181
  #
@@ -7676,9 +8185,11 @@ module Aws::SecurityHub
7676
8185
  # }
7677
8186
  #
7678
8187
  # @!attribute [rw] option_group_name
8188
+ # The name of the option group.
7679
8189
  # @return [String]
7680
8190
  #
7681
8191
  # @!attribute [rw] status
8192
+ # The status of the option group membership.
7682
8193
  # @return [String]
7683
8194
  #
7684
8195
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbOptionGroupMembership AWS API Documentation
@@ -7690,6 +8201,8 @@ module Aws::SecurityHub
7690
8201
  include Aws::Structure
7691
8202
  end
7692
8203
 
8204
+ # Provides information about a parameter group for a DB instance.
8205
+ #
7693
8206
  # @note When making an API call, you may pass AwsRdsDbParameterGroup
7694
8207
  # data as a hash:
7695
8208
  #
@@ -7699,9 +8212,11 @@ module Aws::SecurityHub
7699
8212
  # }
7700
8213
  #
7701
8214
  # @!attribute [rw] db_parameter_group_name
8215
+ # The name of the parameter group.
7702
8216
  # @return [String]
7703
8217
  #
7704
8218
  # @!attribute [rw] parameter_apply_status
8219
+ # The status of parameter updates.
7705
8220
  # @return [String]
7706
8221
  #
7707
8222
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbParameterGroup AWS API Documentation
@@ -7713,6 +8228,8 @@ module Aws::SecurityHub
7713
8228
  include Aws::Structure
7714
8229
  end
7715
8230
 
8231
+ # Changes to a DB instance that are currently pending.
8232
+ #
7716
8233
  # @note When making an API call, you may pass AwsRdsDbPendingModifiedValues
7717
8234
  # data as a hash:
7718
8235
  #
@@ -7743,48 +8260,64 @@ module Aws::SecurityHub
7743
8260
  # }
7744
8261
  #
7745
8262
  # @!attribute [rw] db_instance_class
8263
+ # The new DB instance class for the DB instance.
7746
8264
  # @return [String]
7747
8265
  #
7748
8266
  # @!attribute [rw] allocated_storage
8267
+ # The new value of the allocated storage for the DB instance.
7749
8268
  # @return [Integer]
7750
8269
  #
7751
8270
  # @!attribute [rw] master_user_password
8271
+ # The new master user password for the DB instance.
7752
8272
  # @return [String]
7753
8273
  #
7754
8274
  # @!attribute [rw] port
8275
+ # The new port for the DB instance.
7755
8276
  # @return [Integer]
7756
8277
  #
7757
8278
  # @!attribute [rw] backup_retention_period
8279
+ # The new backup retention period for the DB instance.
7758
8280
  # @return [Integer]
7759
8281
  #
7760
8282
  # @!attribute [rw] multi_az
8283
+ # Indicates that a single Availability Zone DB instance is changing to
8284
+ # a multiple Availability Zone deployment.
7761
8285
  # @return [Boolean]
7762
8286
  #
7763
8287
  # @!attribute [rw] engine_version
8288
+ # The new engine version for the DB instance.
7764
8289
  # @return [String]
7765
8290
  #
7766
8291
  # @!attribute [rw] license_model
8292
+ # The new license model value for the DB instance.
7767
8293
  # @return [String]
7768
8294
  #
7769
8295
  # @!attribute [rw] iops
8296
+ # The new provisioned IOPS value for the DB instance.
7770
8297
  # @return [Integer]
7771
8298
  #
7772
8299
  # @!attribute [rw] db_instance_identifier
8300
+ # The new DB instance identifier for the DB instance.
7773
8301
  # @return [String]
7774
8302
  #
7775
8303
  # @!attribute [rw] storage_type
8304
+ # The new storage type for the DB instance.
7776
8305
  # @return [String]
7777
8306
  #
7778
8307
  # @!attribute [rw] ca_certificate_identifier
8308
+ # The new CA certificate identifier for the DB instance.
7779
8309
  # @return [String]
7780
8310
  #
7781
8311
  # @!attribute [rw] db_subnet_group_name
8312
+ # The name of the new subnet group for the DB instance.
7782
8313
  # @return [String]
7783
8314
  #
7784
8315
  # @!attribute [rw] pending_cloud_watch_logs_exports
8316
+ # A list of log types that are being enabled or disabled.
7785
8317
  # @return [Types::AwsRdsPendingCloudWatchLogsExports]
7786
8318
  #
7787
8319
  # @!attribute [rw] processor_features
8320
+ # Processor features that are being updated.
7788
8321
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7789
8322
  #
7790
8323
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbPendingModifiedValues AWS API Documentation
@@ -7809,6 +8342,8 @@ module Aws::SecurityHub
7809
8342
  include Aws::Structure
7810
8343
  end
7811
8344
 
8345
+ # A processor feature.
8346
+ #
7812
8347
  # @note When making an API call, you may pass AwsRdsDbProcessorFeature
7813
8348
  # data as a hash:
7814
8349
  #
@@ -7818,9 +8353,11 @@ module Aws::SecurityHub
7818
8353
  # }
7819
8354
  #
7820
8355
  # @!attribute [rw] name
8356
+ # The name of the processor feature.
7821
8357
  # @return [String]
7822
8358
  #
7823
8359
  # @!attribute [rw] value
8360
+ # The value of the processor feature.
7824
8361
  # @return [String]
7825
8362
  #
7826
8363
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbProcessorFeature AWS API Documentation
@@ -7832,6 +8369,8 @@ module Aws::SecurityHub
7832
8369
  include Aws::Structure
7833
8370
  end
7834
8371
 
8372
+ # Provides details about an Amazon RDS DB cluster snapshot.
8373
+ #
7835
8374
  # @note When making an API call, you may pass AwsRdsDbSnapshotDetails
7836
8375
  # data as a hash:
7837
8376
  #
@@ -7871,84 +8410,120 @@ module Aws::SecurityHub
7871
8410
  # }
7872
8411
  #
7873
8412
  # @!attribute [rw] db_snapshot_identifier
8413
+ # The name or ARN of the DB snapshot that is used to restore the DB
8414
+ # instance.
7874
8415
  # @return [String]
7875
8416
  #
7876
8417
  # @!attribute [rw] db_instance_identifier
8418
+ # A name for the DB instance.
7877
8419
  # @return [String]
7878
8420
  #
7879
8421
  # @!attribute [rw] snapshot_create_time
8422
+ # When the snapshot was taken in Coordinated Universal Time (UTC).
7880
8423
  # @return [String]
7881
8424
  #
7882
8425
  # @!attribute [rw] engine
8426
+ # The name of the database engine to use for this DB instance.
7883
8427
  # @return [String]
7884
8428
  #
7885
8429
  # @!attribute [rw] allocated_storage
8430
+ # The amount of storage (in gigabytes) to be initially allocated for
8431
+ # the database instance.
7886
8432
  # @return [Integer]
7887
8433
  #
7888
8434
  # @!attribute [rw] status
8435
+ # The status of this DB snapshot.
7889
8436
  # @return [String]
7890
8437
  #
7891
8438
  # @!attribute [rw] port
8439
+ # The port that the database engine was listening on at the time of
8440
+ # the snapshot.
7892
8441
  # @return [Integer]
7893
8442
  #
7894
8443
  # @!attribute [rw] availability_zone
8444
+ # Specifies the name of the Availability Zone in which the DB instance
8445
+ # was located at the time of the DB snapshot.
7895
8446
  # @return [String]
7896
8447
  #
7897
8448
  # @!attribute [rw] vpc_id
8449
+ # The VPC ID associated with the DB snapshot.
7898
8450
  # @return [String]
7899
8451
  #
7900
8452
  # @!attribute [rw] instance_create_time
8453
+ # Specifies the time in Coordinated Universal Time (UTC) when the DB
8454
+ # instance, from which the snapshot was taken, was created.
7901
8455
  # @return [String]
7902
8456
  #
7903
8457
  # @!attribute [rw] master_username
8458
+ # The master user name for the DB snapshot.
7904
8459
  # @return [String]
7905
8460
  #
7906
8461
  # @!attribute [rw] engine_version
8462
+ # The version of the database engine.
7907
8463
  # @return [String]
7908
8464
  #
7909
8465
  # @!attribute [rw] license_model
8466
+ # License model information for the restored DB instance.
7910
8467
  # @return [String]
7911
8468
  #
7912
8469
  # @!attribute [rw] snapshot_type
8470
+ # The type of the DB snapshot.
7913
8471
  # @return [String]
7914
8472
  #
7915
8473
  # @!attribute [rw] iops
8474
+ # The provisioned IOPS (I/O operations per second) value of the DB
8475
+ # instance at the time of the snapshot.
7916
8476
  # @return [Integer]
7917
8477
  #
7918
8478
  # @!attribute [rw] option_group_name
8479
+ # The option group name for the DB snapshot.
7919
8480
  # @return [String]
7920
8481
  #
7921
8482
  # @!attribute [rw] percent_progress
8483
+ # The percentage of the estimated data that has been transferred.
7922
8484
  # @return [Integer]
7923
8485
  #
7924
8486
  # @!attribute [rw] source_region
8487
+ # The AWS Region that the DB snapshot was created in or copied from.
7925
8488
  # @return [String]
7926
8489
  #
7927
8490
  # @!attribute [rw] source_db_snapshot_identifier
8491
+ # The DB snapshot ARN that the DB snapshot was copied from.
7928
8492
  # @return [String]
7929
8493
  #
7930
8494
  # @!attribute [rw] storage_type
8495
+ # The storage type associated with the DB snapshot.
7931
8496
  # @return [String]
7932
8497
  #
7933
8498
  # @!attribute [rw] tde_credential_arn
8499
+ # The ARN from the key store with which to associate the instance for
8500
+ # TDE encryption.
7934
8501
  # @return [String]
7935
8502
  #
7936
8503
  # @!attribute [rw] encrypted
8504
+ # Whether the DB snapshot is encrypted.
7937
8505
  # @return [Boolean]
7938
8506
  #
7939
8507
  # @!attribute [rw] kms_key_id
8508
+ # If `Encrypted` is `true`, the AWS KMS key identifier for the
8509
+ # encrypted DB snapshot.
7940
8510
  # @return [String]
7941
8511
  #
7942
8512
  # @!attribute [rw] timezone
8513
+ # The time zone of the DB snapshot.
7943
8514
  # @return [String]
7944
8515
  #
7945
8516
  # @!attribute [rw] iam_database_authentication_enabled
8517
+ # Whether mapping of IAM accounts to database accounts is enabled.
7946
8518
  # @return [Boolean]
7947
8519
  #
7948
8520
  # @!attribute [rw] processor_features
8521
+ # The number of CPU cores and the number of threads per core for the
8522
+ # DB instance class of the DB instance.
7949
8523
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7950
8524
  #
7951
8525
  # @!attribute [rw] dbi_resource_id
8526
+ # The identifier for the source DB instance.
7952
8527
  # @return [String]
7953
8528
  #
7954
8529
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSnapshotDetails AWS API Documentation
@@ -9741,6 +10316,19 @@ module Aws::SecurityHub
9741
10316
  # },
9742
10317
  # ],
9743
10318
  # source_dest_check: false,
10319
+ # ip_v6_addresses: [
10320
+ # {
10321
+ # ip_v6_address: "NonEmptyString",
10322
+ # },
10323
+ # ],
10324
+ # private_ip_addresses: [
10325
+ # {
10326
+ # private_ip_address: "NonEmptyString",
10327
+ # private_dns_name: "NonEmptyString",
10328
+ # },
10329
+ # ],
10330
+ # public_dns_name: "NonEmptyString",
10331
+ # public_ip: "NonEmptyString",
9744
10332
  # },
9745
10333
  # aws_ec2_security_group: {
9746
10334
  # group_name: "NonEmptyString",
@@ -10241,6 +10829,30 @@ module Aws::SecurityHub
10241
10829
  # sns_topic_name: "NonEmptyString",
10242
10830
  # trail_arn: "NonEmptyString",
10243
10831
  # },
10832
+ # aws_ssm_patch_compliance: {
10833
+ # patch: {
10834
+ # compliance_summary: {
10835
+ # status: "NonEmptyString",
10836
+ # compliant_critical_count: 1,
10837
+ # compliant_high_count: 1,
10838
+ # compliant_medium_count: 1,
10839
+ # execution_type: "NonEmptyString",
10840
+ # non_compliant_critical_count: 1,
10841
+ # compliant_informational_count: 1,
10842
+ # non_compliant_informational_count: 1,
10843
+ # compliant_unspecified_count: 1,
10844
+ # non_compliant_low_count: 1,
10845
+ # non_compliant_high_count: 1,
10846
+ # compliant_low_count: 1,
10847
+ # compliance_type: "NonEmptyString",
10848
+ # patch_baseline_id: "NonEmptyString",
10849
+ # overall_severity: "NonEmptyString",
10850
+ # non_compliant_medium_count: 1,
10851
+ # non_compliant_unspecified_count: 1,
10852
+ # patch_group: "NonEmptyString",
10853
+ # },
10854
+ # },
10855
+ # },
10244
10856
  # aws_certificate_manager_certificate: {
10245
10857
  # certificate_authority_arn: "NonEmptyString",
10246
10858
  # created_at: "NonEmptyString",
@@ -11017,6 +11629,114 @@ module Aws::SecurityHub
11017
11629
  # reboot_option: "NonEmptyString",
11018
11630
  # operation: "NonEmptyString",
11019
11631
  # },
11632
+ # action: {
11633
+ # action_type: "NonEmptyString",
11634
+ # network_connection_action: {
11635
+ # connection_direction: "NonEmptyString",
11636
+ # remote_ip_details: {
11637
+ # ip_address_v4: "NonEmptyString",
11638
+ # organization: {
11639
+ # asn: 1,
11640
+ # asn_org: "NonEmptyString",
11641
+ # isp: "NonEmptyString",
11642
+ # org: "NonEmptyString",
11643
+ # },
11644
+ # country: {
11645
+ # country_code: "NonEmptyString",
11646
+ # country_name: "NonEmptyString",
11647
+ # },
11648
+ # city: {
11649
+ # city_name: "NonEmptyString",
11650
+ # },
11651
+ # geo_location: {
11652
+ # lon: 1.0,
11653
+ # lat: 1.0,
11654
+ # },
11655
+ # },
11656
+ # remote_port_details: {
11657
+ # port: 1,
11658
+ # port_name: "NonEmptyString",
11659
+ # },
11660
+ # local_port_details: {
11661
+ # port: 1,
11662
+ # port_name: "NonEmptyString",
11663
+ # },
11664
+ # protocol: "NonEmptyString",
11665
+ # blocked: false,
11666
+ # },
11667
+ # aws_api_call_action: {
11668
+ # api: "NonEmptyString",
11669
+ # service_name: "NonEmptyString",
11670
+ # caller_type: "NonEmptyString",
11671
+ # remote_ip_details: {
11672
+ # ip_address_v4: "NonEmptyString",
11673
+ # organization: {
11674
+ # asn: 1,
11675
+ # asn_org: "NonEmptyString",
11676
+ # isp: "NonEmptyString",
11677
+ # org: "NonEmptyString",
11678
+ # },
11679
+ # country: {
11680
+ # country_code: "NonEmptyString",
11681
+ # country_name: "NonEmptyString",
11682
+ # },
11683
+ # city: {
11684
+ # city_name: "NonEmptyString",
11685
+ # },
11686
+ # geo_location: {
11687
+ # lon: 1.0,
11688
+ # lat: 1.0,
11689
+ # },
11690
+ # },
11691
+ # domain_details: {
11692
+ # domain: "NonEmptyString",
11693
+ # },
11694
+ # affected_resources: {
11695
+ # "NonEmptyString" => "NonEmptyString",
11696
+ # },
11697
+ # first_seen: "NonEmptyString",
11698
+ # last_seen: "NonEmptyString",
11699
+ # },
11700
+ # dns_request_action: {
11701
+ # domain: "NonEmptyString",
11702
+ # protocol: "NonEmptyString",
11703
+ # blocked: false,
11704
+ # },
11705
+ # port_probe_action: {
11706
+ # port_probe_details: [
11707
+ # {
11708
+ # local_port_details: {
11709
+ # port: 1,
11710
+ # port_name: "NonEmptyString",
11711
+ # },
11712
+ # local_ip_details: {
11713
+ # ip_address_v4: "NonEmptyString",
11714
+ # },
11715
+ # remote_ip_details: {
11716
+ # ip_address_v4: "NonEmptyString",
11717
+ # organization: {
11718
+ # asn: 1,
11719
+ # asn_org: "NonEmptyString",
11720
+ # isp: "NonEmptyString",
11721
+ # org: "NonEmptyString",
11722
+ # },
11723
+ # country: {
11724
+ # country_code: "NonEmptyString",
11725
+ # country_name: "NonEmptyString",
11726
+ # },
11727
+ # city: {
11728
+ # city_name: "NonEmptyString",
11729
+ # },
11730
+ # geo_location: {
11731
+ # lon: 1.0,
11732
+ # lat: 1.0,
11733
+ # },
11734
+ # },
11735
+ # },
11736
+ # ],
11737
+ # blocked: false,
11738
+ # },
11739
+ # },
11020
11740
  # }
11021
11741
  #
11022
11742
  # @!attribute [rw] schema_version
@@ -11232,6 +11952,11 @@ module Aws::SecurityHub
11232
11952
  # against a selected compliance standard.
11233
11953
  # @return [Types::PatchSummary]
11234
11954
  #
11955
+ # @!attribute [rw] action
11956
+ # Provides details about an action that affects or that was taken on a
11957
+ # resource.
11958
+ # @return [Types::Action]
11959
+ #
11235
11960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11236
11961
  #
11237
11962
  class AwsSecurityFinding < Struct.new(
@@ -11268,7 +11993,8 @@ module Aws::SecurityHub
11268
11993
  :related_findings,
11269
11994
  :note,
11270
11995
  :vulnerabilities,
11271
- :patch_summary)
11996
+ :patch_summary,
11997
+ :action)
11272
11998
  SENSITIVE = []
11273
11999
  include Aws::Structure
11274
12000
  end
@@ -12196,6 +12922,14 @@ module Aws::SecurityHub
12196
12922
  #
12197
12923
  # * `NEW` - The initial state of a finding, before it is reviewed.
12198
12924
  #
12925
+ # Security Hub also resets the workflow status from `NOTIFIED` or
12926
+ # `RESOLVED` to `NEW` in the following cases:
12927
+ #
12928
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
12929
+ #
12930
+ # * The compliance status changes from `PASSED` to either `WARNING`,
12931
+ # `FAILED`, or `NOT_AVAILABLE`.
12932
+ #
12199
12933
  # * `NOTIFIED` - Indicates that the resource owner has been notified
12200
12934
  # about the security issue. Used when the initial reviewer is not
12201
12935
  # the resource owner, and needs intervention from the resource
@@ -12475,6 +13209,236 @@ module Aws::SecurityHub
12475
13209
  include Aws::Structure
12476
13210
  end
12477
13211
 
13212
+ # Provides the details about the compliance status for a patch.
13213
+ #
13214
+ # @note When making an API call, you may pass AwsSsmComplianceSummary
13215
+ # data as a hash:
13216
+ #
13217
+ # {
13218
+ # status: "NonEmptyString",
13219
+ # compliant_critical_count: 1,
13220
+ # compliant_high_count: 1,
13221
+ # compliant_medium_count: 1,
13222
+ # execution_type: "NonEmptyString",
13223
+ # non_compliant_critical_count: 1,
13224
+ # compliant_informational_count: 1,
13225
+ # non_compliant_informational_count: 1,
13226
+ # compliant_unspecified_count: 1,
13227
+ # non_compliant_low_count: 1,
13228
+ # non_compliant_high_count: 1,
13229
+ # compliant_low_count: 1,
13230
+ # compliance_type: "NonEmptyString",
13231
+ # patch_baseline_id: "NonEmptyString",
13232
+ # overall_severity: "NonEmptyString",
13233
+ # non_compliant_medium_count: 1,
13234
+ # non_compliant_unspecified_count: 1,
13235
+ # patch_group: "NonEmptyString",
13236
+ # }
13237
+ #
13238
+ # @!attribute [rw] status
13239
+ # The current patch compliance status.
13240
+ #
13241
+ # The possible status values are:
13242
+ #
13243
+ # * `COMPLIANT`
13244
+ #
13245
+ # * `NON_COMPLIANT`
13246
+ #
13247
+ # * `UNSPECIFIED_DATA`
13248
+ # @return [String]
13249
+ #
13250
+ # @!attribute [rw] compliant_critical_count
13251
+ # For the patches that are compliant, the number that have a severity
13252
+ # of `CRITICAL`.
13253
+ # @return [Integer]
13254
+ #
13255
+ # @!attribute [rw] compliant_high_count
13256
+ # For the patches that are compliant, the number that have a severity
13257
+ # of `HIGH`.
13258
+ # @return [Integer]
13259
+ #
13260
+ # @!attribute [rw] compliant_medium_count
13261
+ # For the patches that are compliant, the number that have a severity
13262
+ # of `MEDIUM`.
13263
+ # @return [Integer]
13264
+ #
13265
+ # @!attribute [rw] execution_type
13266
+ # The type of execution that was used determine compliance.
13267
+ # @return [String]
13268
+ #
13269
+ # @!attribute [rw] non_compliant_critical_count
13270
+ # For the patch items that are noncompliant, the number of items that
13271
+ # have a severity of `CRITICAL`.
13272
+ # @return [Integer]
13273
+ #
13274
+ # @!attribute [rw] compliant_informational_count
13275
+ # For the patches that are compliant, the number that have a severity
13276
+ # of `INFORMATIONAL`.
13277
+ # @return [Integer]
13278
+ #
13279
+ # @!attribute [rw] non_compliant_informational_count
13280
+ # For the patches that are noncompliant, the number that have a
13281
+ # severity of `INFORMATIONAL`.
13282
+ # @return [Integer]
13283
+ #
13284
+ # @!attribute [rw] compliant_unspecified_count
13285
+ # For the patches that are compliant, the number that have a severity
13286
+ # of `UNSPECIFIED`.
13287
+ # @return [Integer]
13288
+ #
13289
+ # @!attribute [rw] non_compliant_low_count
13290
+ # For the patches that are noncompliant, the number that have a
13291
+ # severity of `LOW`.
13292
+ # @return [Integer]
13293
+ #
13294
+ # @!attribute [rw] non_compliant_high_count
13295
+ # For the patches that are noncompliant, the number that have a
13296
+ # severity of `HIGH`.
13297
+ # @return [Integer]
13298
+ #
13299
+ # @!attribute [rw] compliant_low_count
13300
+ # For the patches that are compliant, the number that have a severity
13301
+ # of `LOW`.
13302
+ # @return [Integer]
13303
+ #
13304
+ # @!attribute [rw] compliance_type
13305
+ # The type of resource for which the compliance was determined. For
13306
+ # `AwsSsmPatchCompliance`, `ComplianceType` is `Patch`.
13307
+ # @return [String]
13308
+ #
13309
+ # @!attribute [rw] patch_baseline_id
13310
+ # The identifier of the patch baseline. The patch baseline lists the
13311
+ # patches that are approved for installation.
13312
+ # @return [String]
13313
+ #
13314
+ # @!attribute [rw] overall_severity
13315
+ # The highest severity for the patches.
13316
+ # @return [String]
13317
+ #
13318
+ # @!attribute [rw] non_compliant_medium_count
13319
+ # For the patches that are noncompliant, the number that have a
13320
+ # severity of `MEDIUM`.
13321
+ # @return [Integer]
13322
+ #
13323
+ # @!attribute [rw] non_compliant_unspecified_count
13324
+ # For the patches that are noncompliant, the number that have a
13325
+ # severity of `UNSPECIFIED`.
13326
+ # @return [Integer]
13327
+ #
13328
+ # @!attribute [rw] patch_group
13329
+ # The identifier of the patch group for which compliance was
13330
+ # determined. A patch group uses tags to group EC2 instances that
13331
+ # should have the same patch compliance.
13332
+ # @return [String]
13333
+ #
13334
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmComplianceSummary AWS API Documentation
13335
+ #
13336
+ class AwsSsmComplianceSummary < Struct.new(
13337
+ :status,
13338
+ :compliant_critical_count,
13339
+ :compliant_high_count,
13340
+ :compliant_medium_count,
13341
+ :execution_type,
13342
+ :non_compliant_critical_count,
13343
+ :compliant_informational_count,
13344
+ :non_compliant_informational_count,
13345
+ :compliant_unspecified_count,
13346
+ :non_compliant_low_count,
13347
+ :non_compliant_high_count,
13348
+ :compliant_low_count,
13349
+ :compliance_type,
13350
+ :patch_baseline_id,
13351
+ :overall_severity,
13352
+ :non_compliant_medium_count,
13353
+ :non_compliant_unspecified_count,
13354
+ :patch_group)
13355
+ SENSITIVE = []
13356
+ include Aws::Structure
13357
+ end
13358
+
13359
+ # Provides details about the compliance for a patch.
13360
+ #
13361
+ # @note When making an API call, you may pass AwsSsmPatch
13362
+ # data as a hash:
13363
+ #
13364
+ # {
13365
+ # compliance_summary: {
13366
+ # status: "NonEmptyString",
13367
+ # compliant_critical_count: 1,
13368
+ # compliant_high_count: 1,
13369
+ # compliant_medium_count: 1,
13370
+ # execution_type: "NonEmptyString",
13371
+ # non_compliant_critical_count: 1,
13372
+ # compliant_informational_count: 1,
13373
+ # non_compliant_informational_count: 1,
13374
+ # compliant_unspecified_count: 1,
13375
+ # non_compliant_low_count: 1,
13376
+ # non_compliant_high_count: 1,
13377
+ # compliant_low_count: 1,
13378
+ # compliance_type: "NonEmptyString",
13379
+ # patch_baseline_id: "NonEmptyString",
13380
+ # overall_severity: "NonEmptyString",
13381
+ # non_compliant_medium_count: 1,
13382
+ # non_compliant_unspecified_count: 1,
13383
+ # patch_group: "NonEmptyString",
13384
+ # },
13385
+ # }
13386
+ #
13387
+ # @!attribute [rw] compliance_summary
13388
+ # The compliance status details for the patch.
13389
+ # @return [Types::AwsSsmComplianceSummary]
13390
+ #
13391
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
13392
+ #
13393
+ class AwsSsmPatch < Struct.new(
13394
+ :compliance_summary)
13395
+ SENSITIVE = []
13396
+ include Aws::Structure
13397
+ end
13398
+
13399
+ # Provides information about the state of a patch on an instance based
13400
+ # on the patch baseline that was used to patch the instance.
13401
+ #
13402
+ # @note When making an API call, you may pass AwsSsmPatchComplianceDetails
13403
+ # data as a hash:
13404
+ #
13405
+ # {
13406
+ # patch: {
13407
+ # compliance_summary: {
13408
+ # status: "NonEmptyString",
13409
+ # compliant_critical_count: 1,
13410
+ # compliant_high_count: 1,
13411
+ # compliant_medium_count: 1,
13412
+ # execution_type: "NonEmptyString",
13413
+ # non_compliant_critical_count: 1,
13414
+ # compliant_informational_count: 1,
13415
+ # non_compliant_informational_count: 1,
13416
+ # compliant_unspecified_count: 1,
13417
+ # non_compliant_low_count: 1,
13418
+ # non_compliant_high_count: 1,
13419
+ # compliant_low_count: 1,
13420
+ # compliance_type: "NonEmptyString",
13421
+ # patch_baseline_id: "NonEmptyString",
13422
+ # overall_severity: "NonEmptyString",
13423
+ # non_compliant_medium_count: 1,
13424
+ # non_compliant_unspecified_count: 1,
13425
+ # patch_group: "NonEmptyString",
13426
+ # },
13427
+ # },
13428
+ # }
13429
+ #
13430
+ # @!attribute [rw] patch
13431
+ # Information about the status of a patch.
13432
+ # @return [Types::AwsSsmPatch]
13433
+ #
13434
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
13435
+ #
13436
+ class AwsSsmPatchComplianceDetails < Struct.new(
13437
+ :patch)
13438
+ SENSITIVE = []
13439
+ include Aws::Structure
13440
+ end
13441
+
12478
13442
  # Details about a WAF WebACL.
12479
13443
  #
12480
13444
  # @note When making an API call, you may pass AwsWafWebAclDetails
@@ -12937,6 +13901,19 @@ module Aws::SecurityHub
12937
13901
  # },
12938
13902
  # ],
12939
13903
  # source_dest_check: false,
13904
+ # ip_v6_addresses: [
13905
+ # {
13906
+ # ip_v6_address: "NonEmptyString",
13907
+ # },
13908
+ # ],
13909
+ # private_ip_addresses: [
13910
+ # {
13911
+ # private_ip_address: "NonEmptyString",
13912
+ # private_dns_name: "NonEmptyString",
13913
+ # },
13914
+ # ],
13915
+ # public_dns_name: "NonEmptyString",
13916
+ # public_ip: "NonEmptyString",
12940
13917
  # },
12941
13918
  # aws_ec2_security_group: {
12942
13919
  # group_name: "NonEmptyString",
@@ -13437,6 +14414,30 @@ module Aws::SecurityHub
13437
14414
  # sns_topic_name: "NonEmptyString",
13438
14415
  # trail_arn: "NonEmptyString",
13439
14416
  # },
14417
+ # aws_ssm_patch_compliance: {
14418
+ # patch: {
14419
+ # compliance_summary: {
14420
+ # status: "NonEmptyString",
14421
+ # compliant_critical_count: 1,
14422
+ # compliant_high_count: 1,
14423
+ # compliant_medium_count: 1,
14424
+ # execution_type: "NonEmptyString",
14425
+ # non_compliant_critical_count: 1,
14426
+ # compliant_informational_count: 1,
14427
+ # non_compliant_informational_count: 1,
14428
+ # compliant_unspecified_count: 1,
14429
+ # non_compliant_low_count: 1,
14430
+ # non_compliant_high_count: 1,
14431
+ # compliant_low_count: 1,
14432
+ # compliance_type: "NonEmptyString",
14433
+ # patch_baseline_id: "NonEmptyString",
14434
+ # overall_severity: "NonEmptyString",
14435
+ # non_compliant_medium_count: 1,
14436
+ # non_compliant_unspecified_count: 1,
14437
+ # patch_group: "NonEmptyString",
14438
+ # },
14439
+ # },
14440
+ # },
13440
14441
  # aws_certificate_manager_certificate: {
13441
14442
  # certificate_authority_arn: "NonEmptyString",
13442
14443
  # created_at: "NonEmptyString",
@@ -14213,6 +15214,114 @@ module Aws::SecurityHub
14213
15214
  # reboot_option: "NonEmptyString",
14214
15215
  # operation: "NonEmptyString",
14215
15216
  # },
15217
+ # action: {
15218
+ # action_type: "NonEmptyString",
15219
+ # network_connection_action: {
15220
+ # connection_direction: "NonEmptyString",
15221
+ # remote_ip_details: {
15222
+ # ip_address_v4: "NonEmptyString",
15223
+ # organization: {
15224
+ # asn: 1,
15225
+ # asn_org: "NonEmptyString",
15226
+ # isp: "NonEmptyString",
15227
+ # org: "NonEmptyString",
15228
+ # },
15229
+ # country: {
15230
+ # country_code: "NonEmptyString",
15231
+ # country_name: "NonEmptyString",
15232
+ # },
15233
+ # city: {
15234
+ # city_name: "NonEmptyString",
15235
+ # },
15236
+ # geo_location: {
15237
+ # lon: 1.0,
15238
+ # lat: 1.0,
15239
+ # },
15240
+ # },
15241
+ # remote_port_details: {
15242
+ # port: 1,
15243
+ # port_name: "NonEmptyString",
15244
+ # },
15245
+ # local_port_details: {
15246
+ # port: 1,
15247
+ # port_name: "NonEmptyString",
15248
+ # },
15249
+ # protocol: "NonEmptyString",
15250
+ # blocked: false,
15251
+ # },
15252
+ # aws_api_call_action: {
15253
+ # api: "NonEmptyString",
15254
+ # service_name: "NonEmptyString",
15255
+ # caller_type: "NonEmptyString",
15256
+ # remote_ip_details: {
15257
+ # ip_address_v4: "NonEmptyString",
15258
+ # organization: {
15259
+ # asn: 1,
15260
+ # asn_org: "NonEmptyString",
15261
+ # isp: "NonEmptyString",
15262
+ # org: "NonEmptyString",
15263
+ # },
15264
+ # country: {
15265
+ # country_code: "NonEmptyString",
15266
+ # country_name: "NonEmptyString",
15267
+ # },
15268
+ # city: {
15269
+ # city_name: "NonEmptyString",
15270
+ # },
15271
+ # geo_location: {
15272
+ # lon: 1.0,
15273
+ # lat: 1.0,
15274
+ # },
15275
+ # },
15276
+ # domain_details: {
15277
+ # domain: "NonEmptyString",
15278
+ # },
15279
+ # affected_resources: {
15280
+ # "NonEmptyString" => "NonEmptyString",
15281
+ # },
15282
+ # first_seen: "NonEmptyString",
15283
+ # last_seen: "NonEmptyString",
15284
+ # },
15285
+ # dns_request_action: {
15286
+ # domain: "NonEmptyString",
15287
+ # protocol: "NonEmptyString",
15288
+ # blocked: false,
15289
+ # },
15290
+ # port_probe_action: {
15291
+ # port_probe_details: [
15292
+ # {
15293
+ # local_port_details: {
15294
+ # port: 1,
15295
+ # port_name: "NonEmptyString",
15296
+ # },
15297
+ # local_ip_details: {
15298
+ # ip_address_v4: "NonEmptyString",
15299
+ # },
15300
+ # remote_ip_details: {
15301
+ # ip_address_v4: "NonEmptyString",
15302
+ # organization: {
15303
+ # asn: 1,
15304
+ # asn_org: "NonEmptyString",
15305
+ # isp: "NonEmptyString",
15306
+ # org: "NonEmptyString",
15307
+ # },
15308
+ # country: {
15309
+ # country_code: "NonEmptyString",
15310
+ # country_name: "NonEmptyString",
15311
+ # },
15312
+ # city: {
15313
+ # city_name: "NonEmptyString",
15314
+ # },
15315
+ # geo_location: {
15316
+ # lon: 1.0,
15317
+ # lat: 1.0,
15318
+ # },
15319
+ # },
15320
+ # },
15321
+ # ],
15322
+ # blocked: false,
15323
+ # },
15324
+ # },
14216
15325
  # },
14217
15326
  # ],
14218
15327
  # }
@@ -14469,6 +15578,27 @@ module Aws::SecurityHub
14469
15578
  include Aws::Structure
14470
15579
  end
14471
15580
 
15581
+ # Information about a city.
15582
+ #
15583
+ # @note When making an API call, you may pass City
15584
+ # data as a hash:
15585
+ #
15586
+ # {
15587
+ # city_name: "NonEmptyString",
15588
+ # }
15589
+ #
15590
+ # @!attribute [rw] city_name
15591
+ # The name of the city.
15592
+ # @return [String]
15593
+ #
15594
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/City AWS API Documentation
15595
+ #
15596
+ class City < Struct.new(
15597
+ :city_name)
15598
+ SENSITIVE = []
15599
+ include Aws::Structure
15600
+ end
15601
+
14472
15602
  # Contains finding details that are specific to control-based findings.
14473
15603
  # Only returned for findings generated from controls.
14474
15604
  #
@@ -14580,6 +15710,33 @@ module Aws::SecurityHub
14580
15710
  include Aws::Structure
14581
15711
  end
14582
15712
 
15713
+ # Information about a country.
15714
+ #
15715
+ # @note When making an API call, you may pass Country
15716
+ # data as a hash:
15717
+ #
15718
+ # {
15719
+ # country_code: "NonEmptyString",
15720
+ # country_name: "NonEmptyString",
15721
+ # }
15722
+ #
15723
+ # @!attribute [rw] country_code
15724
+ # The 2-letter ISO 3166 country code for the country.
15725
+ # @return [String]
15726
+ #
15727
+ # @!attribute [rw] country_name
15728
+ # The name of the country.
15729
+ # @return [String]
15730
+ #
15731
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Country AWS API Documentation
15732
+ #
15733
+ class Country < Struct.new(
15734
+ :country_code,
15735
+ :country_name)
15736
+ SENSITIVE = []
15737
+ include Aws::Structure
15738
+ end
15739
+
14583
15740
  # @note When making an API call, you may pass CreateActionTargetRequest
14584
15741
  # data as a hash:
14585
15742
  #
@@ -15658,6 +16815,7 @@ module Aws::SecurityHub
15658
16815
  # {
15659
16816
  # next_token: "NextToken",
15660
16817
  # max_results: 1,
16818
+ # product_arn: "NonEmptyString",
15661
16819
  # }
15662
16820
  #
15663
16821
  # @!attribute [rw] next_token
@@ -15674,11 +16832,16 @@ module Aws::SecurityHub
15674
16832
  # The maximum number of results to return.
15675
16833
  # @return [Integer]
15676
16834
  #
16835
+ # @!attribute [rw] product_arn
16836
+ # The ARN of the integration to return.
16837
+ # @return [String]
16838
+ #
15677
16839
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
15678
16840
  #
15679
16841
  class DescribeProductsRequest < Struct.new(
15680
16842
  :next_token,
15681
- :max_results)
16843
+ :max_results,
16844
+ :product_arn)
15682
16845
  SENSITIVE = []
15683
16846
  include Aws::Structure
15684
16847
  end
@@ -15895,6 +17058,40 @@ module Aws::SecurityHub
15895
17058
  #
15896
17059
  class DisassociateMembersResponse < Aws::EmptyStructure; end
15897
17060
 
17061
+ # Provided if `ActionType` is `DNS_REQUEST`. It provides details about
17062
+ # the DNS request that was detected.
17063
+ #
17064
+ # @note When making an API call, you may pass DnsRequestAction
17065
+ # data as a hash:
17066
+ #
17067
+ # {
17068
+ # domain: "NonEmptyString",
17069
+ # protocol: "NonEmptyString",
17070
+ # blocked: false,
17071
+ # }
17072
+ #
17073
+ # @!attribute [rw] domain
17074
+ # The DNS domain that is associated with the DNS request.
17075
+ # @return [String]
17076
+ #
17077
+ # @!attribute [rw] protocol
17078
+ # The protocol that was used for the DNS request.
17079
+ # @return [String]
17080
+ #
17081
+ # @!attribute [rw] blocked
17082
+ # Indicates whether the DNS request was blocked.
17083
+ # @return [Boolean]
17084
+ #
17085
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DnsRequestAction AWS API Documentation
17086
+ #
17087
+ class DnsRequestAction < Struct.new(
17088
+ :domain,
17089
+ :protocol,
17090
+ :blocked)
17091
+ SENSITIVE = []
17092
+ include Aws::Structure
17093
+ end
17094
+
15898
17095
  # @note When making an API call, you may pass EnableImportFindingsForProductRequest
15899
17096
  # data as a hash:
15900
17097
  #
@@ -15986,6 +17183,33 @@ module Aws::SecurityHub
15986
17183
  #
15987
17184
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
15988
17185
 
17186
+ # Provides the latitude and longitude coordinates of a location.
17187
+ #
17188
+ # @note When making an API call, you may pass GeoLocation
17189
+ # data as a hash:
17190
+ #
17191
+ # {
17192
+ # lon: 1.0,
17193
+ # lat: 1.0,
17194
+ # }
17195
+ #
17196
+ # @!attribute [rw] lon
17197
+ # The longitude of the location.
17198
+ # @return [Float]
17199
+ #
17200
+ # @!attribute [rw] lat
17201
+ # The latitude of the location.
17202
+ # @return [Float]
17203
+ #
17204
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeoLocation AWS API Documentation
17205
+ #
17206
+ class GeoLocation < Struct.new(
17207
+ :lon,
17208
+ :lat)
17209
+ SENSITIVE = []
17210
+ include Aws::Structure
17211
+ end
17212
+
15989
17213
  # @note When making an API call, you may pass GetEnabledStandardsRequest
15990
17214
  # data as a hash:
15991
17215
  #
@@ -17080,6 +18304,45 @@ module Aws::SecurityHub
17080
18304
  include Aws::Structure
17081
18305
  end
17082
18306
 
18307
+ # Provides information about an internet provider.
18308
+ #
18309
+ # @note When making an API call, you may pass IpOrganizationDetails
18310
+ # data as a hash:
18311
+ #
18312
+ # {
18313
+ # asn: 1,
18314
+ # asn_org: "NonEmptyString",
18315
+ # isp: "NonEmptyString",
18316
+ # org: "NonEmptyString",
18317
+ # }
18318
+ #
18319
+ # @!attribute [rw] asn
18320
+ # The Autonomous System Number (ASN) of the internet provider
18321
+ # @return [Integer]
18322
+ #
18323
+ # @!attribute [rw] asn_org
18324
+ # The name of the organization that registered the ASN.
18325
+ # @return [String]
18326
+ #
18327
+ # @!attribute [rw] isp
18328
+ # The ISP information for the internet provider.
18329
+ # @return [String]
18330
+ #
18331
+ # @!attribute [rw] org
18332
+ # The name of the internet provider.
18333
+ # @return [String]
18334
+ #
18335
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IpOrganizationDetails AWS API Documentation
18336
+ #
18337
+ class IpOrganizationDetails < Struct.new(
18338
+ :asn,
18339
+ :asn_org,
18340
+ :isp,
18341
+ :org)
18342
+ SENSITIVE = []
18343
+ include Aws::Structure
18344
+ end
18345
+
17083
18346
  # An IPV6 CIDR block association.
17084
18347
  #
17085
18348
  # @note When making an API call, you may pass Ipv6CidrBlockAssociation
@@ -17681,6 +18944,84 @@ module Aws::SecurityHub
17681
18944
  include Aws::Structure
17682
18945
  end
17683
18946
 
18947
+ # Provided if `ActionType` is `NETWORK_CONNECTION`. It provides details
18948
+ # about the attempted network connection that was detected.
18949
+ #
18950
+ # @note When making an API call, you may pass NetworkConnectionAction
18951
+ # data as a hash:
18952
+ #
18953
+ # {
18954
+ # connection_direction: "NonEmptyString",
18955
+ # remote_ip_details: {
18956
+ # ip_address_v4: "NonEmptyString",
18957
+ # organization: {
18958
+ # asn: 1,
18959
+ # asn_org: "NonEmptyString",
18960
+ # isp: "NonEmptyString",
18961
+ # org: "NonEmptyString",
18962
+ # },
18963
+ # country: {
18964
+ # country_code: "NonEmptyString",
18965
+ # country_name: "NonEmptyString",
18966
+ # },
18967
+ # city: {
18968
+ # city_name: "NonEmptyString",
18969
+ # },
18970
+ # geo_location: {
18971
+ # lon: 1.0,
18972
+ # lat: 1.0,
18973
+ # },
18974
+ # },
18975
+ # remote_port_details: {
18976
+ # port: 1,
18977
+ # port_name: "NonEmptyString",
18978
+ # },
18979
+ # local_port_details: {
18980
+ # port: 1,
18981
+ # port_name: "NonEmptyString",
18982
+ # },
18983
+ # protocol: "NonEmptyString",
18984
+ # blocked: false,
18985
+ # }
18986
+ #
18987
+ # @!attribute [rw] connection_direction
18988
+ # The direction of the network connection request (`IN` or `OUT`).
18989
+ # @return [String]
18990
+ #
18991
+ # @!attribute [rw] remote_ip_details
18992
+ # Information about the remote IP address that issued the network
18993
+ # connection request.
18994
+ # @return [Types::ActionRemoteIpDetails]
18995
+ #
18996
+ # @!attribute [rw] remote_port_details
18997
+ # Information about the port on the remote IP address.
18998
+ # @return [Types::ActionRemotePortDetails]
18999
+ #
19000
+ # @!attribute [rw] local_port_details
19001
+ # Information about the port on the EC2 instance.
19002
+ # @return [Types::ActionLocalPortDetails]
19003
+ #
19004
+ # @!attribute [rw] protocol
19005
+ # The protocol used to make the network connection request.
19006
+ # @return [String]
19007
+ #
19008
+ # @!attribute [rw] blocked
19009
+ # Indicates whether the network connection attempt was blocked.
19010
+ # @return [Boolean]
19011
+ #
19012
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkConnectionAction AWS API Documentation
19013
+ #
19014
+ class NetworkConnectionAction < Struct.new(
19015
+ :connection_direction,
19016
+ :remote_ip_details,
19017
+ :remote_port_details,
19018
+ :local_port_details,
19019
+ :protocol,
19020
+ :blocked)
19021
+ SENSITIVE = []
19022
+ include Aws::Structure
19023
+ end
19024
+
17684
19025
  # Details about a network path component that occurs before or after the
17685
19026
  # current component.
17686
19027
  #
@@ -18056,6 +19397,126 @@ module Aws::SecurityHub
18056
19397
  include Aws::Structure
18057
19398
  end
18058
19399
 
19400
+ # Provided if `ActionType` is `PORT_PROBE`. It provides details about
19401
+ # the attempted port probe that was detected.
19402
+ #
19403
+ # @note When making an API call, you may pass PortProbeAction
19404
+ # data as a hash:
19405
+ #
19406
+ # {
19407
+ # port_probe_details: [
19408
+ # {
19409
+ # local_port_details: {
19410
+ # port: 1,
19411
+ # port_name: "NonEmptyString",
19412
+ # },
19413
+ # local_ip_details: {
19414
+ # ip_address_v4: "NonEmptyString",
19415
+ # },
19416
+ # remote_ip_details: {
19417
+ # ip_address_v4: "NonEmptyString",
19418
+ # organization: {
19419
+ # asn: 1,
19420
+ # asn_org: "NonEmptyString",
19421
+ # isp: "NonEmptyString",
19422
+ # org: "NonEmptyString",
19423
+ # },
19424
+ # country: {
19425
+ # country_code: "NonEmptyString",
19426
+ # country_name: "NonEmptyString",
19427
+ # },
19428
+ # city: {
19429
+ # city_name: "NonEmptyString",
19430
+ # },
19431
+ # geo_location: {
19432
+ # lon: 1.0,
19433
+ # lat: 1.0,
19434
+ # },
19435
+ # },
19436
+ # },
19437
+ # ],
19438
+ # blocked: false,
19439
+ # }
19440
+ #
19441
+ # @!attribute [rw] port_probe_details
19442
+ # Information about the ports affected by the port probe.
19443
+ # @return [Array<Types::PortProbeDetail>]
19444
+ #
19445
+ # @!attribute [rw] blocked
19446
+ # Indicates whether the port probe was blocked.
19447
+ # @return [Boolean]
19448
+ #
19449
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeAction AWS API Documentation
19450
+ #
19451
+ class PortProbeAction < Struct.new(
19452
+ :port_probe_details,
19453
+ :blocked)
19454
+ SENSITIVE = []
19455
+ include Aws::Structure
19456
+ end
19457
+
19458
+ # A port scan that was part of the port probe. For each scan,
19459
+ # PortProbeDetails provides information about the local IP address and
19460
+ # port that were scanned, and the remote IP address that the scan
19461
+ # originated from.
19462
+ #
19463
+ # @note When making an API call, you may pass PortProbeDetail
19464
+ # data as a hash:
19465
+ #
19466
+ # {
19467
+ # local_port_details: {
19468
+ # port: 1,
19469
+ # port_name: "NonEmptyString",
19470
+ # },
19471
+ # local_ip_details: {
19472
+ # ip_address_v4: "NonEmptyString",
19473
+ # },
19474
+ # remote_ip_details: {
19475
+ # ip_address_v4: "NonEmptyString",
19476
+ # organization: {
19477
+ # asn: 1,
19478
+ # asn_org: "NonEmptyString",
19479
+ # isp: "NonEmptyString",
19480
+ # org: "NonEmptyString",
19481
+ # },
19482
+ # country: {
19483
+ # country_code: "NonEmptyString",
19484
+ # country_name: "NonEmptyString",
19485
+ # },
19486
+ # city: {
19487
+ # city_name: "NonEmptyString",
19488
+ # },
19489
+ # geo_location: {
19490
+ # lon: 1.0,
19491
+ # lat: 1.0,
19492
+ # },
19493
+ # },
19494
+ # }
19495
+ #
19496
+ # @!attribute [rw] local_port_details
19497
+ # Provides information about the port that was scanned.
19498
+ # @return [Types::ActionLocalPortDetails]
19499
+ #
19500
+ # @!attribute [rw] local_ip_details
19501
+ # Provides information about the IP address where the scanned port is
19502
+ # located.
19503
+ # @return [Types::ActionLocalIpDetails]
19504
+ #
19505
+ # @!attribute [rw] remote_ip_details
19506
+ # Provides information about the remote IP address that performed the
19507
+ # scan.
19508
+ # @return [Types::ActionRemoteIpDetails]
19509
+ #
19510
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeDetail AWS API Documentation
19511
+ #
19512
+ class PortProbeDetail < Struct.new(
19513
+ :local_port_details,
19514
+ :local_ip_details,
19515
+ :remote_ip_details)
19516
+ SENSITIVE = []
19517
+ include Aws::Structure
19518
+ end
19519
+
18059
19520
  # A range of ports.
18060
19521
  #
18061
19522
  # @note When making an API call, you may pass PortRange
@@ -18418,6 +19879,19 @@ module Aws::SecurityHub
18418
19879
  # },
18419
19880
  # ],
18420
19881
  # source_dest_check: false,
19882
+ # ip_v6_addresses: [
19883
+ # {
19884
+ # ip_v6_address: "NonEmptyString",
19885
+ # },
19886
+ # ],
19887
+ # private_ip_addresses: [
19888
+ # {
19889
+ # private_ip_address: "NonEmptyString",
19890
+ # private_dns_name: "NonEmptyString",
19891
+ # },
19892
+ # ],
19893
+ # public_dns_name: "NonEmptyString",
19894
+ # public_ip: "NonEmptyString",
18421
19895
  # },
18422
19896
  # aws_ec2_security_group: {
18423
19897
  # group_name: "NonEmptyString",
@@ -18918,6 +20392,30 @@ module Aws::SecurityHub
18918
20392
  # sns_topic_name: "NonEmptyString",
18919
20393
  # trail_arn: "NonEmptyString",
18920
20394
  # },
20395
+ # aws_ssm_patch_compliance: {
20396
+ # patch: {
20397
+ # compliance_summary: {
20398
+ # status: "NonEmptyString",
20399
+ # compliant_critical_count: 1,
20400
+ # compliant_high_count: 1,
20401
+ # compliant_medium_count: 1,
20402
+ # execution_type: "NonEmptyString",
20403
+ # non_compliant_critical_count: 1,
20404
+ # compliant_informational_count: 1,
20405
+ # non_compliant_informational_count: 1,
20406
+ # compliant_unspecified_count: 1,
20407
+ # non_compliant_low_count: 1,
20408
+ # non_compliant_high_count: 1,
20409
+ # compliant_low_count: 1,
20410
+ # compliance_type: "NonEmptyString",
20411
+ # patch_baseline_id: "NonEmptyString",
20412
+ # overall_severity: "NonEmptyString",
20413
+ # non_compliant_medium_count: 1,
20414
+ # non_compliant_unspecified_count: 1,
20415
+ # patch_group: "NonEmptyString",
20416
+ # },
20417
+ # },
20418
+ # },
18921
20419
  # aws_certificate_manager_certificate: {
18922
20420
  # certificate_authority_arn: "NonEmptyString",
18923
20421
  # created_at: "NonEmptyString",
@@ -19648,6 +21146,8 @@ module Aws::SecurityHub
19648
21146
  # @return [String]
19649
21147
  #
19650
21148
  # @!attribute [rw] resource_role
21149
+ # Identifies the role of the resource in the finding. A resource is
21150
+ # either the actor or target of the finding activity,
19651
21151
  # @return [String]
19652
21152
  #
19653
21153
  # @!attribute [rw] tags
@@ -19817,6 +21317,19 @@ module Aws::SecurityHub
19817
21317
  # },
19818
21318
  # ],
19819
21319
  # source_dest_check: false,
21320
+ # ip_v6_addresses: [
21321
+ # {
21322
+ # ip_v6_address: "NonEmptyString",
21323
+ # },
21324
+ # ],
21325
+ # private_ip_addresses: [
21326
+ # {
21327
+ # private_ip_address: "NonEmptyString",
21328
+ # private_dns_name: "NonEmptyString",
21329
+ # },
21330
+ # ],
21331
+ # public_dns_name: "NonEmptyString",
21332
+ # public_ip: "NonEmptyString",
19820
21333
  # },
19821
21334
  # aws_ec2_security_group: {
19822
21335
  # group_name: "NonEmptyString",
@@ -20317,6 +21830,30 @@ module Aws::SecurityHub
20317
21830
  # sns_topic_name: "NonEmptyString",
20318
21831
  # trail_arn: "NonEmptyString",
20319
21832
  # },
21833
+ # aws_ssm_patch_compliance: {
21834
+ # patch: {
21835
+ # compliance_summary: {
21836
+ # status: "NonEmptyString",
21837
+ # compliant_critical_count: 1,
21838
+ # compliant_high_count: 1,
21839
+ # compliant_medium_count: 1,
21840
+ # execution_type: "NonEmptyString",
21841
+ # non_compliant_critical_count: 1,
21842
+ # compliant_informational_count: 1,
21843
+ # non_compliant_informational_count: 1,
21844
+ # compliant_unspecified_count: 1,
21845
+ # non_compliant_low_count: 1,
21846
+ # non_compliant_high_count: 1,
21847
+ # compliant_low_count: 1,
21848
+ # compliance_type: "NonEmptyString",
21849
+ # patch_baseline_id: "NonEmptyString",
21850
+ # overall_severity: "NonEmptyString",
21851
+ # non_compliant_medium_count: 1,
21852
+ # non_compliant_unspecified_count: 1,
21853
+ # patch_group: "NonEmptyString",
21854
+ # },
21855
+ # },
21856
+ # },
20320
21857
  # aws_certificate_manager_certificate: {
20321
21858
  # certificate_authority_arn: "NonEmptyString",
20322
21859
  # created_at: "NonEmptyString",
@@ -21091,9 +22628,11 @@ module Aws::SecurityHub
21091
22628
  # @return [Types::AwsIamPolicyDetails]
21092
22629
  #
21093
22630
  # @!attribute [rw] aws_api_gateway_v2_stage
22631
+ # Provides information about a version 2 stage for Amazon API Gateway.
21094
22632
  # @return [Types::AwsApiGatewayV2StageDetails]
21095
22633
  #
21096
22634
  # @!attribute [rw] aws_api_gateway_v2_api
22635
+ # Provides information about a version 2 API in Amazon API Gateway.
21097
22636
  # @return [Types::AwsApiGatewayV2ApiDetails]
21098
22637
  #
21099
22638
  # @!attribute [rw] aws_dynamo_db_table
@@ -21101,24 +22640,37 @@ module Aws::SecurityHub
21101
22640
  # @return [Types::AwsDynamoDbTableDetails]
21102
22641
  #
21103
22642
  # @!attribute [rw] aws_api_gateway_stage
22643
+ # Provides information about a version 1 Amazon API Gateway stage.
21104
22644
  # @return [Types::AwsApiGatewayStageDetails]
21105
22645
  #
21106
22646
  # @!attribute [rw] aws_api_gateway_rest_api
22647
+ # Provides information about a REST API in version 1 of Amazon API
22648
+ # Gateway.
21107
22649
  # @return [Types::AwsApiGatewayRestApiDetails]
21108
22650
  #
21109
22651
  # @!attribute [rw] aws_cloud_trail_trail
22652
+ # Provides details about a CloudTrail trail.
21110
22653
  # @return [Types::AwsCloudTrailTrailDetails]
21111
22654
  #
22655
+ # @!attribute [rw] aws_ssm_patch_compliance
22656
+ # Provides information about the state of a patch on an instance based
22657
+ # on the patch baseline that was used to patch the instance.
22658
+ # @return [Types::AwsSsmPatchComplianceDetails]
22659
+ #
21112
22660
  # @!attribute [rw] aws_certificate_manager_certificate
22661
+ # Provides details about an AWS Certificate Manager (ACM) certificate.
21113
22662
  # @return [Types::AwsCertificateManagerCertificateDetails]
21114
22663
  #
21115
22664
  # @!attribute [rw] aws_redshift_cluster
22665
+ # Contains details about an Amazon Redshift cluster.
21116
22666
  # @return [Types::AwsRedshiftClusterDetails]
21117
22667
  #
21118
22668
  # @!attribute [rw] aws_elb_load_balancer
22669
+ # contains details about a Classic Load Balancer.
21119
22670
  # @return [Types::AwsElbLoadBalancerDetails]
21120
22671
  #
21121
22672
  # @!attribute [rw] aws_iam_group
22673
+ # Contains details about an IAM group.
21122
22674
  # @return [Types::AwsIamGroupDetails]
21123
22675
  #
21124
22676
  # @!attribute [rw] aws_iam_role
@@ -21209,6 +22761,7 @@ module Aws::SecurityHub
21209
22761
  :aws_api_gateway_stage,
21210
22762
  :aws_api_gateway_rest_api,
21211
22763
  :aws_cloud_trail_trail,
22764
+ :aws_ssm_patch_compliance,
21212
22765
  :aws_certificate_manager_certificate,
21213
22766
  :aws_redshift_cluster,
21214
22767
  :aws_elb_load_balancer,
@@ -21269,9 +22822,9 @@ module Aws::SecurityHub
21269
22822
 
21270
22823
  # The severity of the finding.
21271
22824
  #
21272
- # The finding provider can provide the initial severity, but cannot
21273
- # update it after that. The severity can only be updated by a master
21274
- # account. It cannot be updated by a member account.
22825
+ # The finding provider can provide the initial severity. The finding
22826
+ # provider can only update the severity if it has not been updated using
22827
+ # `BatchUpdateFindings`.
21275
22828
  #
21276
22829
  # The finding must have either `Label` or `Normalized` populated. If
21277
22830
  # only one of these attributes is populated, then Security Hub
@@ -21613,7 +23166,20 @@ module Aws::SecurityHub
21613
23166
  # @return [Hash<String,String>]
21614
23167
  #
21615
23168
  # @!attribute [rw] standards_status
21616
- # The status of the standards subscription.
23169
+ # The status of the standard subscription.
23170
+ #
23171
+ # The status values are as follows:
23172
+ #
23173
+ # * `PENDING` - Standard is in the process of being enabled.
23174
+ #
23175
+ # * `READY` - Standard is enabled.
23176
+ #
23177
+ # * `INCOMPLETE` - Standard could not be enabled completely. Some
23178
+ # controls may not be available.
23179
+ #
23180
+ # * `DELETING` - Standard is in the process of being disabled.
23181
+ #
23182
+ # * `FAILED` - Standard could not be disabled.
21617
23183
  # @return [String]
21618
23184
  #
21619
23185
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
@@ -23457,6 +25023,14 @@ module Aws::SecurityHub
23457
25023
  #
23458
25024
  # * `NEW` - The initial state of a finding, before it is reviewed.
23459
25025
  #
25026
+ # Security Hub also resets the workflow status from `NOTIFIED` or
25027
+ # `RESOLVED` to `NEW` in the following cases:
25028
+ #
25029
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
25030
+ #
25031
+ # * `ComplianceStatus` changes from `PASSED` to either `WARNING`,
25032
+ # `FAILED`, or `NOT_AVAILABLE`.
25033
+ #
23460
25034
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23461
25035
  # the security issue. Used when the initial reviewer is not the
23462
25036
  # resource owner, and needs intervention from the resource owner.
@@ -23491,6 +25065,14 @@ module Aws::SecurityHub
23491
25065
  #
23492
25066
  # * `NEW` - The initial state of a finding, before it is reviewed.
23493
25067
  #
25068
+ # Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or
25069
+ # `RESOLVED` to `NEW` in the following cases:
25070
+ #
25071
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
25072
+ #
25073
+ # * The compliance status changes from `PASSED` to either `WARNING`,
25074
+ # `FAILED`, or `NOT_AVAILABLE`.
25075
+ #
23494
25076
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23495
25077
  # the security issue. Used when the initial reviewer is not the
23496
25078
  # resource owner, and needs intervention from the resource owner.