aws-sdk-securityhub 1.37.0 → 1.38.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -85,6 +85,313 @@ module Aws::SecurityHub
85
85
  include Aws::Structure
86
86
  end
87
87
 
88
+ # Provides details about one of the following actions that were detected
89
+ # for the finding:
90
+ #
91
+ # * A remote IP address issued an AWS API call
92
+ #
93
+ # * A DNS request was received
94
+ #
95
+ # * A remote IP address attempted to connect to an EC2 instance
96
+ #
97
+ # * A remote IP address attempted a port probe on an EC2 instance
98
+ #
99
+ # @note When making an API call, you may pass Action
100
+ # data as a hash:
101
+ #
102
+ # {
103
+ # action_type: "NonEmptyString",
104
+ # network_connection_action: {
105
+ # connection_direction: "NonEmptyString",
106
+ # remote_ip_details: {
107
+ # ip_address_v4: "NonEmptyString",
108
+ # organization: {
109
+ # asn: 1,
110
+ # asn_org: "NonEmptyString",
111
+ # isp: "NonEmptyString",
112
+ # org: "NonEmptyString",
113
+ # },
114
+ # country: {
115
+ # country_code: "NonEmptyString",
116
+ # country_name: "NonEmptyString",
117
+ # },
118
+ # city: {
119
+ # city_name: "NonEmptyString",
120
+ # },
121
+ # geo_location: {
122
+ # lon: 1.0,
123
+ # lat: 1.0,
124
+ # },
125
+ # },
126
+ # remote_port_details: {
127
+ # port: 1,
128
+ # port_name: "NonEmptyString",
129
+ # },
130
+ # local_port_details: {
131
+ # port: 1,
132
+ # port_name: "NonEmptyString",
133
+ # },
134
+ # protocol: "NonEmptyString",
135
+ # blocked: false,
136
+ # },
137
+ # aws_api_call_action: {
138
+ # api: "NonEmptyString",
139
+ # service_name: "NonEmptyString",
140
+ # caller_type: "NonEmptyString",
141
+ # remote_ip_details: {
142
+ # ip_address_v4: "NonEmptyString",
143
+ # organization: {
144
+ # asn: 1,
145
+ # asn_org: "NonEmptyString",
146
+ # isp: "NonEmptyString",
147
+ # org: "NonEmptyString",
148
+ # },
149
+ # country: {
150
+ # country_code: "NonEmptyString",
151
+ # country_name: "NonEmptyString",
152
+ # },
153
+ # city: {
154
+ # city_name: "NonEmptyString",
155
+ # },
156
+ # geo_location: {
157
+ # lon: 1.0,
158
+ # lat: 1.0,
159
+ # },
160
+ # },
161
+ # domain_details: {
162
+ # domain: "NonEmptyString",
163
+ # },
164
+ # affected_resources: {
165
+ # "NonEmptyString" => "NonEmptyString",
166
+ # },
167
+ # first_seen: "NonEmptyString",
168
+ # last_seen: "NonEmptyString",
169
+ # },
170
+ # dns_request_action: {
171
+ # domain: "NonEmptyString",
172
+ # protocol: "NonEmptyString",
173
+ # blocked: false,
174
+ # },
175
+ # port_probe_action: {
176
+ # port_probe_details: [
177
+ # {
178
+ # local_port_details: {
179
+ # port: 1,
180
+ # port_name: "NonEmptyString",
181
+ # },
182
+ # local_ip_details: {
183
+ # ip_address_v4: "NonEmptyString",
184
+ # },
185
+ # remote_ip_details: {
186
+ # ip_address_v4: "NonEmptyString",
187
+ # organization: {
188
+ # asn: 1,
189
+ # asn_org: "NonEmptyString",
190
+ # isp: "NonEmptyString",
191
+ # org: "NonEmptyString",
192
+ # },
193
+ # country: {
194
+ # country_code: "NonEmptyString",
195
+ # country_name: "NonEmptyString",
196
+ # },
197
+ # city: {
198
+ # city_name: "NonEmptyString",
199
+ # },
200
+ # geo_location: {
201
+ # lon: 1.0,
202
+ # lat: 1.0,
203
+ # },
204
+ # },
205
+ # },
206
+ # ],
207
+ # blocked: false,
208
+ # },
209
+ # }
210
+ #
211
+ # @!attribute [rw] action_type
212
+ # The type of action that was detected. The possible action types are:
213
+ #
214
+ # * `NETWORK_CONNECTION`
215
+ #
216
+ # * `AWS_API_CALL`
217
+ #
218
+ # * `DNS_REQUEST`
219
+ #
220
+ # * `PORT_PROBE`
221
+ # @return [String]
222
+ #
223
+ # @!attribute [rw] network_connection_action
224
+ # Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
225
+ # about the network connection that was detected.
226
+ # @return [Types::NetworkConnectionAction]
227
+ #
228
+ # @!attribute [rw] aws_api_call_action
229
+ # Included if `ActionType` is `AWS_API_CALL`. Provides details about
230
+ # the API call that was detected.
231
+ # @return [Types::AwsApiCallAction]
232
+ #
233
+ # @!attribute [rw] dns_request_action
234
+ # Included if `ActionType` is `DNS_REQUEST`. Provides details about
235
+ # the DNS request that was detected.
236
+ # @return [Types::DnsRequestAction]
237
+ #
238
+ # @!attribute [rw] port_probe_action
239
+ # Included if `ActionType` is `PORT_PROBE`. Provides details about the
240
+ # port probe that was detected.
241
+ # @return [Types::PortProbeAction]
242
+ #
243
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
244
+ #
245
+ class Action < Struct.new(
246
+ :action_type,
247
+ :network_connection_action,
248
+ :aws_api_call_action,
249
+ :dns_request_action,
250
+ :port_probe_action)
251
+ SENSITIVE = []
252
+ include Aws::Structure
253
+ end
254
+
255
+ # Provides information about the IP address where the scanned port is
256
+ # located.
257
+ #
258
+ # @note When making an API call, you may pass ActionLocalIpDetails
259
+ # data as a hash:
260
+ #
261
+ # {
262
+ # ip_address_v4: "NonEmptyString",
263
+ # }
264
+ #
265
+ # @!attribute [rw] ip_address_v4
266
+ # The IP address.
267
+ # @return [String]
268
+ #
269
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalIpDetails AWS API Documentation
270
+ #
271
+ class ActionLocalIpDetails < Struct.new(
272
+ :ip_address_v4)
273
+ SENSITIVE = []
274
+ include Aws::Structure
275
+ end
276
+
277
+ # For `NetworkConnectionAction` and `PortProbeDetails`,
278
+ # `LocalPortDetails` provides information about the local port that was
279
+ # involved in the action.
280
+ #
281
+ # @note When making an API call, you may pass ActionLocalPortDetails
282
+ # data as a hash:
283
+ #
284
+ # {
285
+ # port: 1,
286
+ # port_name: "NonEmptyString",
287
+ # }
288
+ #
289
+ # @!attribute [rw] port
290
+ # The number of the port.
291
+ # @return [Integer]
292
+ #
293
+ # @!attribute [rw] port_name
294
+ # The port name of the local connection.
295
+ # @return [String]
296
+ #
297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalPortDetails AWS API Documentation
298
+ #
299
+ class ActionLocalPortDetails < Struct.new(
300
+ :port,
301
+ :port_name)
302
+ SENSITIVE = []
303
+ include Aws::Structure
304
+ end
305
+
306
+ # For `AwsApiAction`, `NetworkConnectionAction`, and `PortProbeAction`,
307
+ # `RemoteIpDetails` provides information about the remote IP address
308
+ # that was involved in the action.
309
+ #
310
+ # @note When making an API call, you may pass ActionRemoteIpDetails
311
+ # data as a hash:
312
+ #
313
+ # {
314
+ # ip_address_v4: "NonEmptyString",
315
+ # organization: {
316
+ # asn: 1,
317
+ # asn_org: "NonEmptyString",
318
+ # isp: "NonEmptyString",
319
+ # org: "NonEmptyString",
320
+ # },
321
+ # country: {
322
+ # country_code: "NonEmptyString",
323
+ # country_name: "NonEmptyString",
324
+ # },
325
+ # city: {
326
+ # city_name: "NonEmptyString",
327
+ # },
328
+ # geo_location: {
329
+ # lon: 1.0,
330
+ # lat: 1.0,
331
+ # },
332
+ # }
333
+ #
334
+ # @!attribute [rw] ip_address_v4
335
+ # The IP address.
336
+ # @return [String]
337
+ #
338
+ # @!attribute [rw] organization
339
+ # The internet service provider (ISP) organization associated with the
340
+ # remote IP address.
341
+ # @return [Types::IpOrganizationDetails]
342
+ #
343
+ # @!attribute [rw] country
344
+ # The country where the remote IP address is located.
345
+ # @return [Types::Country]
346
+ #
347
+ # @!attribute [rw] city
348
+ # The city where the remote IP address is located.
349
+ # @return [Types::City]
350
+ #
351
+ # @!attribute [rw] geo_location
352
+ # The coordinates of the location of the remote IP address.
353
+ # @return [Types::GeoLocation]
354
+ #
355
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemoteIpDetails AWS API Documentation
356
+ #
357
+ class ActionRemoteIpDetails < Struct.new(
358
+ :ip_address_v4,
359
+ :organization,
360
+ :country,
361
+ :city,
362
+ :geo_location)
363
+ SENSITIVE = []
364
+ include Aws::Structure
365
+ end
366
+
367
+ # Provides information about the remote port that was involved in an
368
+ # attempted network connection.
369
+ #
370
+ # @note When making an API call, you may pass ActionRemotePortDetails
371
+ # data as a hash:
372
+ #
373
+ # {
374
+ # port: 1,
375
+ # port_name: "NonEmptyString",
376
+ # }
377
+ #
378
+ # @!attribute [rw] port
379
+ # The number of the port.
380
+ # @return [Integer]
381
+ #
382
+ # @!attribute [rw] port_name
383
+ # The port name of the remote connection.
384
+ # @return [String]
385
+ #
386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemotePortDetails AWS API Documentation
387
+ #
388
+ class ActionRemotePortDetails < Struct.new(
389
+ :port,
390
+ :port_name)
391
+ SENSITIVE = []
392
+ include Aws::Structure
393
+ end
394
+
88
395
  # An `ActionTarget` object.
89
396
  #
90
397
  # @!attribute [rw] action_target_arn
@@ -160,6 +467,120 @@ module Aws::SecurityHub
160
467
  include Aws::Structure
161
468
  end
162
469
 
470
+ # Provided if `ActionType` is `AWS_API_CALL`. It provides details about
471
+ # the API call that was detected.
472
+ #
473
+ # @note When making an API call, you may pass AwsApiCallAction
474
+ # data as a hash:
475
+ #
476
+ # {
477
+ # api: "NonEmptyString",
478
+ # service_name: "NonEmptyString",
479
+ # caller_type: "NonEmptyString",
480
+ # remote_ip_details: {
481
+ # ip_address_v4: "NonEmptyString",
482
+ # organization: {
483
+ # asn: 1,
484
+ # asn_org: "NonEmptyString",
485
+ # isp: "NonEmptyString",
486
+ # org: "NonEmptyString",
487
+ # },
488
+ # country: {
489
+ # country_code: "NonEmptyString",
490
+ # country_name: "NonEmptyString",
491
+ # },
492
+ # city: {
493
+ # city_name: "NonEmptyString",
494
+ # },
495
+ # geo_location: {
496
+ # lon: 1.0,
497
+ # lat: 1.0,
498
+ # },
499
+ # },
500
+ # domain_details: {
501
+ # domain: "NonEmptyString",
502
+ # },
503
+ # affected_resources: {
504
+ # "NonEmptyString" => "NonEmptyString",
505
+ # },
506
+ # first_seen: "NonEmptyString",
507
+ # last_seen: "NonEmptyString",
508
+ # }
509
+ #
510
+ # @!attribute [rw] api
511
+ # The name of the API method that was issued.
512
+ # @return [String]
513
+ #
514
+ # @!attribute [rw] service_name
515
+ # The name of the AWS service that the API method belongs to.
516
+ # @return [String]
517
+ #
518
+ # @!attribute [rw] caller_type
519
+ # Indicates whether the API call originated from a remote IP address
520
+ # (`remoteip`) or from a DNS domain (`domain`).
521
+ # @return [String]
522
+ #
523
+ # @!attribute [rw] remote_ip_details
524
+ # Provided if `CallerType` is `remoteIp`. Provides information about
525
+ # the remote IP address that the API call originated from.
526
+ # @return [Types::ActionRemoteIpDetails]
527
+ #
528
+ # @!attribute [rw] domain_details
529
+ # Provided if `CallerType` is `domain`. Provides information about the
530
+ # DNS domain that the API call originated from.
531
+ # @return [Types::AwsApiCallActionDomainDetails]
532
+ #
533
+ # @!attribute [rw] affected_resources
534
+ # Identifies the resources that were affected by the API call.
535
+ # @return [Hash<String,String>]
536
+ #
537
+ # @!attribute [rw] first_seen
538
+ # An ISO8601-formatted timestamp that indicates when the API call was
539
+ # first observed.
540
+ # @return [String]
541
+ #
542
+ # @!attribute [rw] last_seen
543
+ # An ISO8601-formatted timestamp that indicates when the API call was
544
+ # most recently observed.
545
+ # @return [String]
546
+ #
547
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallAction AWS API Documentation
548
+ #
549
+ class AwsApiCallAction < Struct.new(
550
+ :api,
551
+ :service_name,
552
+ :caller_type,
553
+ :remote_ip_details,
554
+ :domain_details,
555
+ :affected_resources,
556
+ :first_seen,
557
+ :last_seen)
558
+ SENSITIVE = []
559
+ include Aws::Structure
560
+ end
561
+
562
+ # Provided if `CallerType` is `domain`. It provides information about
563
+ # the DNS domain that issued the API call.
564
+ #
565
+ # @note When making an API call, you may pass AwsApiCallActionDomainDetails
566
+ # data as a hash:
567
+ #
568
+ # {
569
+ # domain: "NonEmptyString",
570
+ # }
571
+ #
572
+ # @!attribute [rw] domain
573
+ # The name of the DNS domain that issued the API call.
574
+ # @return [String]
575
+ #
576
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallActionDomainDetails AWS API Documentation
577
+ #
578
+ class AwsApiCallActionDomainDetails < Struct.new(
579
+ :domain)
580
+ SENSITIVE = []
581
+ include Aws::Structure
582
+ end
583
+
163
584
  # Contains information about settings for logging access for the stage.
164
585
  #
165
586
  # @note When making an API call, you may pass AwsApiGatewayAccessLogSettings
@@ -3488,6 +3909,19 @@ module Aws::SecurityHub
3488
3909
  # },
3489
3910
  # ],
3490
3911
  # source_dest_check: false,
3912
+ # ip_v6_addresses: [
3913
+ # {
3914
+ # ip_v6_address: "NonEmptyString",
3915
+ # },
3916
+ # ],
3917
+ # private_ip_addresses: [
3918
+ # {
3919
+ # private_ip_address: "NonEmptyString",
3920
+ # private_dns_name: "NonEmptyString",
3921
+ # },
3922
+ # ],
3923
+ # public_dns_name: "NonEmptyString",
3924
+ # public_ip: "NonEmptyString",
3491
3925
  # }
3492
3926
  #
3493
3927
  # @!attribute [rw] attachment
@@ -3506,13 +3940,84 @@ module Aws::SecurityHub
3506
3940
  # Indicates whether traffic to or from the instance is validated.
3507
3941
  # @return [Boolean]
3508
3942
  #
3943
+ # @!attribute [rw] ip_v6_addresses
3944
+ # The IPv6 addresses associated with the network interface.
3945
+ # @return [Array<Types::AwsEc2NetworkInterfaceIpV6AddressDetail>]
3946
+ #
3947
+ # @!attribute [rw] private_ip_addresses
3948
+ # The private IPv4 addresses associated with the network interface.
3949
+ # @return [Array<Types::AwsEc2NetworkInterfacePrivateIpAddressDetail>]
3950
+ #
3951
+ # @!attribute [rw] public_dns_name
3952
+ # The public DNS name of the network interface.
3953
+ # @return [String]
3954
+ #
3955
+ # @!attribute [rw] public_ip
3956
+ # The address of the Elastic IP address bound to the network
3957
+ # interface.
3958
+ # @return [String]
3959
+ #
3509
3960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceDetails AWS API Documentation
3510
3961
  #
3511
3962
  class AwsEc2NetworkInterfaceDetails < Struct.new(
3512
3963
  :attachment,
3513
3964
  :network_interface_id,
3514
3965
  :security_groups,
3515
- :source_dest_check)
3966
+ :source_dest_check,
3967
+ :ip_v6_addresses,
3968
+ :private_ip_addresses,
3969
+ :public_dns_name,
3970
+ :public_ip)
3971
+ SENSITIVE = []
3972
+ include Aws::Structure
3973
+ end
3974
+
3975
+ # Provides information about an IPV6 address that is associated with the
3976
+ # network interface.
3977
+ #
3978
+ # @note When making an API call, you may pass AwsEc2NetworkInterfaceIpV6AddressDetail
3979
+ # data as a hash:
3980
+ #
3981
+ # {
3982
+ # ip_v6_address: "NonEmptyString",
3983
+ # }
3984
+ #
3985
+ # @!attribute [rw] ip_v6_address
3986
+ # The IPV6 address.
3987
+ # @return [String]
3988
+ #
3989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceIpV6AddressDetail AWS API Documentation
3990
+ #
3991
+ class AwsEc2NetworkInterfaceIpV6AddressDetail < Struct.new(
3992
+ :ip_v6_address)
3993
+ SENSITIVE = []
3994
+ include Aws::Structure
3995
+ end
3996
+
3997
+ # Provides information about a private IPv4 address that is with the
3998
+ # network interface.
3999
+ #
4000
+ # @note When making an API call, you may pass AwsEc2NetworkInterfacePrivateIpAddressDetail
4001
+ # data as a hash:
4002
+ #
4003
+ # {
4004
+ # private_ip_address: "NonEmptyString",
4005
+ # private_dns_name: "NonEmptyString",
4006
+ # }
4007
+ #
4008
+ # @!attribute [rw] private_ip_address
4009
+ # The IP address.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] private_dns_name
4013
+ # The private DNS name for the IP address.
4014
+ # @return [String]
4015
+ #
4016
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfacePrivateIpAddressDetail AWS API Documentation
4017
+ #
4018
+ class AwsEc2NetworkInterfacePrivateIpAddressDetail < Struct.new(
4019
+ :private_ip_address,
4020
+ :private_dns_name)
3516
4021
  SENSITIVE = []
3517
4022
  include Aws::Structure
3518
4023
  end
@@ -6884,6 +7389,8 @@ module Aws::SecurityHub
6884
7389
  # @return [String]
6885
7390
  #
6886
7391
  # @!attribute [rw] engine
7392
+ # The name of the database engine that you want to use for this DB
7393
+ # instance.
6887
7394
  # @return [String]
6888
7395
  #
6889
7396
  # @!attribute [rw] allocated_storage
@@ -7667,6 +8174,8 @@ module Aws::SecurityHub
7667
8174
  include Aws::Structure
7668
8175
  end
7669
8176
 
8177
+ # An option group membership.
8178
+ #
7670
8179
  # @note When making an API call, you may pass AwsRdsDbOptionGroupMembership
7671
8180
  # data as a hash:
7672
8181
  #
@@ -7676,9 +8185,11 @@ module Aws::SecurityHub
7676
8185
  # }
7677
8186
  #
7678
8187
  # @!attribute [rw] option_group_name
8188
+ # The name of the option group.
7679
8189
  # @return [String]
7680
8190
  #
7681
8191
  # @!attribute [rw] status
8192
+ # The status of the option group membership.
7682
8193
  # @return [String]
7683
8194
  #
7684
8195
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbOptionGroupMembership AWS API Documentation
@@ -7690,6 +8201,8 @@ module Aws::SecurityHub
7690
8201
  include Aws::Structure
7691
8202
  end
7692
8203
 
8204
+ # Provides information about a parameter group for a DB instance.
8205
+ #
7693
8206
  # @note When making an API call, you may pass AwsRdsDbParameterGroup
7694
8207
  # data as a hash:
7695
8208
  #
@@ -7699,9 +8212,11 @@ module Aws::SecurityHub
7699
8212
  # }
7700
8213
  #
7701
8214
  # @!attribute [rw] db_parameter_group_name
8215
+ # The name of the parameter group.
7702
8216
  # @return [String]
7703
8217
  #
7704
8218
  # @!attribute [rw] parameter_apply_status
8219
+ # The status of parameter updates.
7705
8220
  # @return [String]
7706
8221
  #
7707
8222
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbParameterGroup AWS API Documentation
@@ -7713,6 +8228,8 @@ module Aws::SecurityHub
7713
8228
  include Aws::Structure
7714
8229
  end
7715
8230
 
8231
+ # Changes to a DB instance that are currently pending.
8232
+ #
7716
8233
  # @note When making an API call, you may pass AwsRdsDbPendingModifiedValues
7717
8234
  # data as a hash:
7718
8235
  #
@@ -7743,48 +8260,64 @@ module Aws::SecurityHub
7743
8260
  # }
7744
8261
  #
7745
8262
  # @!attribute [rw] db_instance_class
8263
+ # The new DB instance class for the DB instance.
7746
8264
  # @return [String]
7747
8265
  #
7748
8266
  # @!attribute [rw] allocated_storage
8267
+ # The new value of the allocated storage for the DB instance.
7749
8268
  # @return [Integer]
7750
8269
  #
7751
8270
  # @!attribute [rw] master_user_password
8271
+ # The new master user password for the DB instance.
7752
8272
  # @return [String]
7753
8273
  #
7754
8274
  # @!attribute [rw] port
8275
+ # The new port for the DB instance.
7755
8276
  # @return [Integer]
7756
8277
  #
7757
8278
  # @!attribute [rw] backup_retention_period
8279
+ # The new backup retention period for the DB instance.
7758
8280
  # @return [Integer]
7759
8281
  #
7760
8282
  # @!attribute [rw] multi_az
8283
+ # Indicates that a single Availability Zone DB instance is changing to
8284
+ # a multiple Availability Zone deployment.
7761
8285
  # @return [Boolean]
7762
8286
  #
7763
8287
  # @!attribute [rw] engine_version
8288
+ # The new engine version for the DB instance.
7764
8289
  # @return [String]
7765
8290
  #
7766
8291
  # @!attribute [rw] license_model
8292
+ # The new license model value for the DB instance.
7767
8293
  # @return [String]
7768
8294
  #
7769
8295
  # @!attribute [rw] iops
8296
+ # The new provisioned IOPS value for the DB instance.
7770
8297
  # @return [Integer]
7771
8298
  #
7772
8299
  # @!attribute [rw] db_instance_identifier
8300
+ # The new DB instance identifier for the DB instance.
7773
8301
  # @return [String]
7774
8302
  #
7775
8303
  # @!attribute [rw] storage_type
8304
+ # The new storage type for the DB instance.
7776
8305
  # @return [String]
7777
8306
  #
7778
8307
  # @!attribute [rw] ca_certificate_identifier
8308
+ # The new CA certificate identifier for the DB instance.
7779
8309
  # @return [String]
7780
8310
  #
7781
8311
  # @!attribute [rw] db_subnet_group_name
8312
+ # The name of the new subnet group for the DB instance.
7782
8313
  # @return [String]
7783
8314
  #
7784
8315
  # @!attribute [rw] pending_cloud_watch_logs_exports
8316
+ # A list of log types that are being enabled or disabled.
7785
8317
  # @return [Types::AwsRdsPendingCloudWatchLogsExports]
7786
8318
  #
7787
8319
  # @!attribute [rw] processor_features
8320
+ # Processor features that are being updated.
7788
8321
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7789
8322
  #
7790
8323
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbPendingModifiedValues AWS API Documentation
@@ -7809,6 +8342,8 @@ module Aws::SecurityHub
7809
8342
  include Aws::Structure
7810
8343
  end
7811
8344
 
8345
+ # A processor feature.
8346
+ #
7812
8347
  # @note When making an API call, you may pass AwsRdsDbProcessorFeature
7813
8348
  # data as a hash:
7814
8349
  #
@@ -7818,9 +8353,11 @@ module Aws::SecurityHub
7818
8353
  # }
7819
8354
  #
7820
8355
  # @!attribute [rw] name
8356
+ # The name of the processor feature.
7821
8357
  # @return [String]
7822
8358
  #
7823
8359
  # @!attribute [rw] value
8360
+ # The value of the processor feature.
7824
8361
  # @return [String]
7825
8362
  #
7826
8363
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbProcessorFeature AWS API Documentation
@@ -7832,6 +8369,8 @@ module Aws::SecurityHub
7832
8369
  include Aws::Structure
7833
8370
  end
7834
8371
 
8372
+ # Provides details about an Amazon RDS DB cluster snapshot.
8373
+ #
7835
8374
  # @note When making an API call, you may pass AwsRdsDbSnapshotDetails
7836
8375
  # data as a hash:
7837
8376
  #
@@ -7871,84 +8410,120 @@ module Aws::SecurityHub
7871
8410
  # }
7872
8411
  #
7873
8412
  # @!attribute [rw] db_snapshot_identifier
8413
+ # The name or ARN of the DB snapshot that is used to restore the DB
8414
+ # instance.
7874
8415
  # @return [String]
7875
8416
  #
7876
8417
  # @!attribute [rw] db_instance_identifier
8418
+ # A name for the DB instance.
7877
8419
  # @return [String]
7878
8420
  #
7879
8421
  # @!attribute [rw] snapshot_create_time
8422
+ # When the snapshot was taken in Coordinated Universal Time (UTC).
7880
8423
  # @return [String]
7881
8424
  #
7882
8425
  # @!attribute [rw] engine
8426
+ # The name of the database engine to use for this DB instance.
7883
8427
  # @return [String]
7884
8428
  #
7885
8429
  # @!attribute [rw] allocated_storage
8430
+ # The amount of storage (in gigabytes) to be initially allocated for
8431
+ # the database instance.
7886
8432
  # @return [Integer]
7887
8433
  #
7888
8434
  # @!attribute [rw] status
8435
+ # The status of this DB snapshot.
7889
8436
  # @return [String]
7890
8437
  #
7891
8438
  # @!attribute [rw] port
8439
+ # The port that the database engine was listening on at the time of
8440
+ # the snapshot.
7892
8441
  # @return [Integer]
7893
8442
  #
7894
8443
  # @!attribute [rw] availability_zone
8444
+ # Specifies the name of the Availability Zone in which the DB instance
8445
+ # was located at the time of the DB snapshot.
7895
8446
  # @return [String]
7896
8447
  #
7897
8448
  # @!attribute [rw] vpc_id
8449
+ # The VPC ID associated with the DB snapshot.
7898
8450
  # @return [String]
7899
8451
  #
7900
8452
  # @!attribute [rw] instance_create_time
8453
+ # Specifies the time in Coordinated Universal Time (UTC) when the DB
8454
+ # instance, from which the snapshot was taken, was created.
7901
8455
  # @return [String]
7902
8456
  #
7903
8457
  # @!attribute [rw] master_username
8458
+ # The master user name for the DB snapshot.
7904
8459
  # @return [String]
7905
8460
  #
7906
8461
  # @!attribute [rw] engine_version
8462
+ # The version of the database engine.
7907
8463
  # @return [String]
7908
8464
  #
7909
8465
  # @!attribute [rw] license_model
8466
+ # License model information for the restored DB instance.
7910
8467
  # @return [String]
7911
8468
  #
7912
8469
  # @!attribute [rw] snapshot_type
8470
+ # The type of the DB snapshot.
7913
8471
  # @return [String]
7914
8472
  #
7915
8473
  # @!attribute [rw] iops
8474
+ # The provisioned IOPS (I/O operations per second) value of the DB
8475
+ # instance at the time of the snapshot.
7916
8476
  # @return [Integer]
7917
8477
  #
7918
8478
  # @!attribute [rw] option_group_name
8479
+ # The option group name for the DB snapshot.
7919
8480
  # @return [String]
7920
8481
  #
7921
8482
  # @!attribute [rw] percent_progress
8483
+ # The percentage of the estimated data that has been transferred.
7922
8484
  # @return [Integer]
7923
8485
  #
7924
8486
  # @!attribute [rw] source_region
8487
+ # The AWS Region that the DB snapshot was created in or copied from.
7925
8488
  # @return [String]
7926
8489
  #
7927
8490
  # @!attribute [rw] source_db_snapshot_identifier
8491
+ # The DB snapshot ARN that the DB snapshot was copied from.
7928
8492
  # @return [String]
7929
8493
  #
7930
8494
  # @!attribute [rw] storage_type
8495
+ # The storage type associated with the DB snapshot.
7931
8496
  # @return [String]
7932
8497
  #
7933
8498
  # @!attribute [rw] tde_credential_arn
8499
+ # The ARN from the key store with which to associate the instance for
8500
+ # TDE encryption.
7934
8501
  # @return [String]
7935
8502
  #
7936
8503
  # @!attribute [rw] encrypted
8504
+ # Whether the DB snapshot is encrypted.
7937
8505
  # @return [Boolean]
7938
8506
  #
7939
8507
  # @!attribute [rw] kms_key_id
8508
+ # If `Encrypted` is `true`, the AWS KMS key identifier for the
8509
+ # encrypted DB snapshot.
7940
8510
  # @return [String]
7941
8511
  #
7942
8512
  # @!attribute [rw] timezone
8513
+ # The time zone of the DB snapshot.
7943
8514
  # @return [String]
7944
8515
  #
7945
8516
  # @!attribute [rw] iam_database_authentication_enabled
8517
+ # Whether mapping of IAM accounts to database accounts is enabled.
7946
8518
  # @return [Boolean]
7947
8519
  #
7948
8520
  # @!attribute [rw] processor_features
8521
+ # The number of CPU cores and the number of threads per core for the
8522
+ # DB instance class of the DB instance.
7949
8523
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7950
8524
  #
7951
8525
  # @!attribute [rw] dbi_resource_id
8526
+ # The identifier for the source DB instance.
7952
8527
  # @return [String]
7953
8528
  #
7954
8529
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSnapshotDetails AWS API Documentation
@@ -9741,6 +10316,19 @@ module Aws::SecurityHub
9741
10316
  # },
9742
10317
  # ],
9743
10318
  # source_dest_check: false,
10319
+ # ip_v6_addresses: [
10320
+ # {
10321
+ # ip_v6_address: "NonEmptyString",
10322
+ # },
10323
+ # ],
10324
+ # private_ip_addresses: [
10325
+ # {
10326
+ # private_ip_address: "NonEmptyString",
10327
+ # private_dns_name: "NonEmptyString",
10328
+ # },
10329
+ # ],
10330
+ # public_dns_name: "NonEmptyString",
10331
+ # public_ip: "NonEmptyString",
9744
10332
  # },
9745
10333
  # aws_ec2_security_group: {
9746
10334
  # group_name: "NonEmptyString",
@@ -10241,6 +10829,30 @@ module Aws::SecurityHub
10241
10829
  # sns_topic_name: "NonEmptyString",
10242
10830
  # trail_arn: "NonEmptyString",
10243
10831
  # },
10832
+ # aws_ssm_patch_compliance: {
10833
+ # patch: {
10834
+ # compliance_summary: {
10835
+ # status: "NonEmptyString",
10836
+ # compliant_critical_count: 1,
10837
+ # compliant_high_count: 1,
10838
+ # compliant_medium_count: 1,
10839
+ # execution_type: "NonEmptyString",
10840
+ # non_compliant_critical_count: 1,
10841
+ # compliant_informational_count: 1,
10842
+ # non_compliant_informational_count: 1,
10843
+ # compliant_unspecified_count: 1,
10844
+ # non_compliant_low_count: 1,
10845
+ # non_compliant_high_count: 1,
10846
+ # compliant_low_count: 1,
10847
+ # compliance_type: "NonEmptyString",
10848
+ # patch_baseline_id: "NonEmptyString",
10849
+ # overall_severity: "NonEmptyString",
10850
+ # non_compliant_medium_count: 1,
10851
+ # non_compliant_unspecified_count: 1,
10852
+ # patch_group: "NonEmptyString",
10853
+ # },
10854
+ # },
10855
+ # },
10244
10856
  # aws_certificate_manager_certificate: {
10245
10857
  # certificate_authority_arn: "NonEmptyString",
10246
10858
  # created_at: "NonEmptyString",
@@ -11017,6 +11629,114 @@ module Aws::SecurityHub
11017
11629
  # reboot_option: "NonEmptyString",
11018
11630
  # operation: "NonEmptyString",
11019
11631
  # },
11632
+ # action: {
11633
+ # action_type: "NonEmptyString",
11634
+ # network_connection_action: {
11635
+ # connection_direction: "NonEmptyString",
11636
+ # remote_ip_details: {
11637
+ # ip_address_v4: "NonEmptyString",
11638
+ # organization: {
11639
+ # asn: 1,
11640
+ # asn_org: "NonEmptyString",
11641
+ # isp: "NonEmptyString",
11642
+ # org: "NonEmptyString",
11643
+ # },
11644
+ # country: {
11645
+ # country_code: "NonEmptyString",
11646
+ # country_name: "NonEmptyString",
11647
+ # },
11648
+ # city: {
11649
+ # city_name: "NonEmptyString",
11650
+ # },
11651
+ # geo_location: {
11652
+ # lon: 1.0,
11653
+ # lat: 1.0,
11654
+ # },
11655
+ # },
11656
+ # remote_port_details: {
11657
+ # port: 1,
11658
+ # port_name: "NonEmptyString",
11659
+ # },
11660
+ # local_port_details: {
11661
+ # port: 1,
11662
+ # port_name: "NonEmptyString",
11663
+ # },
11664
+ # protocol: "NonEmptyString",
11665
+ # blocked: false,
11666
+ # },
11667
+ # aws_api_call_action: {
11668
+ # api: "NonEmptyString",
11669
+ # service_name: "NonEmptyString",
11670
+ # caller_type: "NonEmptyString",
11671
+ # remote_ip_details: {
11672
+ # ip_address_v4: "NonEmptyString",
11673
+ # organization: {
11674
+ # asn: 1,
11675
+ # asn_org: "NonEmptyString",
11676
+ # isp: "NonEmptyString",
11677
+ # org: "NonEmptyString",
11678
+ # },
11679
+ # country: {
11680
+ # country_code: "NonEmptyString",
11681
+ # country_name: "NonEmptyString",
11682
+ # },
11683
+ # city: {
11684
+ # city_name: "NonEmptyString",
11685
+ # },
11686
+ # geo_location: {
11687
+ # lon: 1.0,
11688
+ # lat: 1.0,
11689
+ # },
11690
+ # },
11691
+ # domain_details: {
11692
+ # domain: "NonEmptyString",
11693
+ # },
11694
+ # affected_resources: {
11695
+ # "NonEmptyString" => "NonEmptyString",
11696
+ # },
11697
+ # first_seen: "NonEmptyString",
11698
+ # last_seen: "NonEmptyString",
11699
+ # },
11700
+ # dns_request_action: {
11701
+ # domain: "NonEmptyString",
11702
+ # protocol: "NonEmptyString",
11703
+ # blocked: false,
11704
+ # },
11705
+ # port_probe_action: {
11706
+ # port_probe_details: [
11707
+ # {
11708
+ # local_port_details: {
11709
+ # port: 1,
11710
+ # port_name: "NonEmptyString",
11711
+ # },
11712
+ # local_ip_details: {
11713
+ # ip_address_v4: "NonEmptyString",
11714
+ # },
11715
+ # remote_ip_details: {
11716
+ # ip_address_v4: "NonEmptyString",
11717
+ # organization: {
11718
+ # asn: 1,
11719
+ # asn_org: "NonEmptyString",
11720
+ # isp: "NonEmptyString",
11721
+ # org: "NonEmptyString",
11722
+ # },
11723
+ # country: {
11724
+ # country_code: "NonEmptyString",
11725
+ # country_name: "NonEmptyString",
11726
+ # },
11727
+ # city: {
11728
+ # city_name: "NonEmptyString",
11729
+ # },
11730
+ # geo_location: {
11731
+ # lon: 1.0,
11732
+ # lat: 1.0,
11733
+ # },
11734
+ # },
11735
+ # },
11736
+ # ],
11737
+ # blocked: false,
11738
+ # },
11739
+ # },
11020
11740
  # }
11021
11741
  #
11022
11742
  # @!attribute [rw] schema_version
@@ -11232,6 +11952,10 @@ module Aws::SecurityHub
11232
11952
  # against a selected compliance standard.
11233
11953
  # @return [Types::PatchSummary]
11234
11954
  #
11955
+ # @!attribute [rw] action
11956
+ # Provides details about an action that was detected for the finding.
11957
+ # @return [Types::Action]
11958
+ #
11235
11959
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11236
11960
  #
11237
11961
  class AwsSecurityFinding < Struct.new(
@@ -11268,7 +11992,8 @@ module Aws::SecurityHub
11268
11992
  :related_findings,
11269
11993
  :note,
11270
11994
  :vulnerabilities,
11271
- :patch_summary)
11995
+ :patch_summary,
11996
+ :action)
11272
11997
  SENSITIVE = []
11273
11998
  include Aws::Structure
11274
11999
  end
@@ -12196,6 +12921,14 @@ module Aws::SecurityHub
12196
12921
  #
12197
12922
  # * `NEW` - The initial state of a finding, before it is reviewed.
12198
12923
  #
12924
+ # Security Hub also resets the workflow status from `NOTIFIED` or
12925
+ # `RESOLVED` to `NEW` in the following cases:
12926
+ #
12927
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
12928
+ #
12929
+ # * The compliance status changes from `PASSED` to either `WARNING`,
12930
+ # `FAILED`, or `NOT_AVAILABLE`.
12931
+ #
12199
12932
  # * `NOTIFIED` - Indicates that the resource owner has been notified
12200
12933
  # about the security issue. Used when the initial reviewer is not
12201
12934
  # the resource owner, and needs intervention from the resource
@@ -12464,13 +13197,243 @@ module Aws::SecurityHub
12464
13197
  # exceeded.
12465
13198
  # @return [String]
12466
13199
  #
12467
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSqsQueueDetails AWS API Documentation
13200
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSqsQueueDetails AWS API Documentation
13201
+ #
13202
+ class AwsSqsQueueDetails < Struct.new(
13203
+ :kms_data_key_reuse_period_seconds,
13204
+ :kms_master_key_id,
13205
+ :queue_name,
13206
+ :dead_letter_target_arn)
13207
+ SENSITIVE = []
13208
+ include Aws::Structure
13209
+ end
13210
+
13211
+ # Provides the details about the compliance status for a patch.
13212
+ #
13213
+ # @note When making an API call, you may pass AwsSsmComplianceSummary
13214
+ # data as a hash:
13215
+ #
13216
+ # {
13217
+ # status: "NonEmptyString",
13218
+ # compliant_critical_count: 1,
13219
+ # compliant_high_count: 1,
13220
+ # compliant_medium_count: 1,
13221
+ # execution_type: "NonEmptyString",
13222
+ # non_compliant_critical_count: 1,
13223
+ # compliant_informational_count: 1,
13224
+ # non_compliant_informational_count: 1,
13225
+ # compliant_unspecified_count: 1,
13226
+ # non_compliant_low_count: 1,
13227
+ # non_compliant_high_count: 1,
13228
+ # compliant_low_count: 1,
13229
+ # compliance_type: "NonEmptyString",
13230
+ # patch_baseline_id: "NonEmptyString",
13231
+ # overall_severity: "NonEmptyString",
13232
+ # non_compliant_medium_count: 1,
13233
+ # non_compliant_unspecified_count: 1,
13234
+ # patch_group: "NonEmptyString",
13235
+ # }
13236
+ #
13237
+ # @!attribute [rw] status
13238
+ # The current patch compliance status.
13239
+ #
13240
+ # The possible status values are:
13241
+ #
13242
+ # * `COMPLIANT`
13243
+ #
13244
+ # * `NON_COMPLIANT`
13245
+ #
13246
+ # * `UNSPECIFIED_DATA`
13247
+ # @return [String]
13248
+ #
13249
+ # @!attribute [rw] compliant_critical_count
13250
+ # For the patches that are compliant, the number that have a severity
13251
+ # of `CRITICAL`.
13252
+ # @return [Integer]
13253
+ #
13254
+ # @!attribute [rw] compliant_high_count
13255
+ # For the patches that are compliant, the number that have a severity
13256
+ # of `HIGH`.
13257
+ # @return [Integer]
13258
+ #
13259
+ # @!attribute [rw] compliant_medium_count
13260
+ # For the patches that are compliant, the number that have a severity
13261
+ # of `MEDIUM`.
13262
+ # @return [Integer]
13263
+ #
13264
+ # @!attribute [rw] execution_type
13265
+ # The type of execution that was used determine compliance.
13266
+ # @return [String]
13267
+ #
13268
+ # @!attribute [rw] non_compliant_critical_count
13269
+ # For the patch items that are noncompliant, the number of items that
13270
+ # have a severity of `CRITICAL`.
13271
+ # @return [Integer]
13272
+ #
13273
+ # @!attribute [rw] compliant_informational_count
13274
+ # For the patches that are compliant, the number that have a severity
13275
+ # of `INFORMATIONAL`.
13276
+ # @return [Integer]
13277
+ #
13278
+ # @!attribute [rw] non_compliant_informational_count
13279
+ # For the patches that are noncompliant, the number that have a
13280
+ # severity of `INFORMATIONAL`.
13281
+ # @return [Integer]
13282
+ #
13283
+ # @!attribute [rw] compliant_unspecified_count
13284
+ # For the patches that are compliant, the number that have a severity
13285
+ # of `UNSPECIFIED`.
13286
+ # @return [Integer]
13287
+ #
13288
+ # @!attribute [rw] non_compliant_low_count
13289
+ # For the patches that are noncompliant, the number that have a
13290
+ # severity of `LOW`.
13291
+ # @return [Integer]
13292
+ #
13293
+ # @!attribute [rw] non_compliant_high_count
13294
+ # For the patches that are noncompliant, the number that have a
13295
+ # severity of `HIGH`.
13296
+ # @return [Integer]
13297
+ #
13298
+ # @!attribute [rw] compliant_low_count
13299
+ # For the patches that are compliant, the number that have a severity
13300
+ # of `LOW`.
13301
+ # @return [Integer]
13302
+ #
13303
+ # @!attribute [rw] compliance_type
13304
+ # The type of resource for which the compliance was determined. For
13305
+ # `AwsSsmPatchCompliance`, `ComplianceType` is `Patch`.
13306
+ # @return [String]
13307
+ #
13308
+ # @!attribute [rw] patch_baseline_id
13309
+ # The identifier of the patch baseline. The patch baseline lists the
13310
+ # patches that are approved for installation.
13311
+ # @return [String]
13312
+ #
13313
+ # @!attribute [rw] overall_severity
13314
+ # The highest severity for the patches.
13315
+ # @return [String]
13316
+ #
13317
+ # @!attribute [rw] non_compliant_medium_count
13318
+ # For the patches that are noncompliant, the number that have a
13319
+ # severity of `MEDIUM`.
13320
+ # @return [Integer]
13321
+ #
13322
+ # @!attribute [rw] non_compliant_unspecified_count
13323
+ # For the patches that are noncompliant, the number that have a
13324
+ # severity of `UNSPECIFIED`.
13325
+ # @return [Integer]
13326
+ #
13327
+ # @!attribute [rw] patch_group
13328
+ # The identifier of the patch group for which compliance was
13329
+ # determined. A patch group uses tags to group EC2 instances that
13330
+ # should have the same patch compliance.
13331
+ # @return [String]
13332
+ #
13333
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmComplianceSummary AWS API Documentation
13334
+ #
13335
+ class AwsSsmComplianceSummary < Struct.new(
13336
+ :status,
13337
+ :compliant_critical_count,
13338
+ :compliant_high_count,
13339
+ :compliant_medium_count,
13340
+ :execution_type,
13341
+ :non_compliant_critical_count,
13342
+ :compliant_informational_count,
13343
+ :non_compliant_informational_count,
13344
+ :compliant_unspecified_count,
13345
+ :non_compliant_low_count,
13346
+ :non_compliant_high_count,
13347
+ :compliant_low_count,
13348
+ :compliance_type,
13349
+ :patch_baseline_id,
13350
+ :overall_severity,
13351
+ :non_compliant_medium_count,
13352
+ :non_compliant_unspecified_count,
13353
+ :patch_group)
13354
+ SENSITIVE = []
13355
+ include Aws::Structure
13356
+ end
13357
+
13358
+ # Provides details about the compliance for a patch.
13359
+ #
13360
+ # @note When making an API call, you may pass AwsSsmPatch
13361
+ # data as a hash:
13362
+ #
13363
+ # {
13364
+ # compliance_summary: {
13365
+ # status: "NonEmptyString",
13366
+ # compliant_critical_count: 1,
13367
+ # compliant_high_count: 1,
13368
+ # compliant_medium_count: 1,
13369
+ # execution_type: "NonEmptyString",
13370
+ # non_compliant_critical_count: 1,
13371
+ # compliant_informational_count: 1,
13372
+ # non_compliant_informational_count: 1,
13373
+ # compliant_unspecified_count: 1,
13374
+ # non_compliant_low_count: 1,
13375
+ # non_compliant_high_count: 1,
13376
+ # compliant_low_count: 1,
13377
+ # compliance_type: "NonEmptyString",
13378
+ # patch_baseline_id: "NonEmptyString",
13379
+ # overall_severity: "NonEmptyString",
13380
+ # non_compliant_medium_count: 1,
13381
+ # non_compliant_unspecified_count: 1,
13382
+ # patch_group: "NonEmptyString",
13383
+ # },
13384
+ # }
13385
+ #
13386
+ # @!attribute [rw] compliance_summary
13387
+ # The compliance status details for the patch.
13388
+ # @return [Types::AwsSsmComplianceSummary]
13389
+ #
13390
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
13391
+ #
13392
+ class AwsSsmPatch < Struct.new(
13393
+ :compliance_summary)
13394
+ SENSITIVE = []
13395
+ include Aws::Structure
13396
+ end
13397
+
13398
+ # Provides information about the state of a patch on an instance based
13399
+ # on the patch baseline that was used to patch the instance.
13400
+ #
13401
+ # @note When making an API call, you may pass AwsSsmPatchComplianceDetails
13402
+ # data as a hash:
13403
+ #
13404
+ # {
13405
+ # patch: {
13406
+ # compliance_summary: {
13407
+ # status: "NonEmptyString",
13408
+ # compliant_critical_count: 1,
13409
+ # compliant_high_count: 1,
13410
+ # compliant_medium_count: 1,
13411
+ # execution_type: "NonEmptyString",
13412
+ # non_compliant_critical_count: 1,
13413
+ # compliant_informational_count: 1,
13414
+ # non_compliant_informational_count: 1,
13415
+ # compliant_unspecified_count: 1,
13416
+ # non_compliant_low_count: 1,
13417
+ # non_compliant_high_count: 1,
13418
+ # compliant_low_count: 1,
13419
+ # compliance_type: "NonEmptyString",
13420
+ # patch_baseline_id: "NonEmptyString",
13421
+ # overall_severity: "NonEmptyString",
13422
+ # non_compliant_medium_count: 1,
13423
+ # non_compliant_unspecified_count: 1,
13424
+ # patch_group: "NonEmptyString",
13425
+ # },
13426
+ # },
13427
+ # }
13428
+ #
13429
+ # @!attribute [rw] patch
13430
+ # Information about the status of a patch.
13431
+ # @return [Types::AwsSsmPatch]
12468
13432
  #
12469
- class AwsSqsQueueDetails < Struct.new(
12470
- :kms_data_key_reuse_period_seconds,
12471
- :kms_master_key_id,
12472
- :queue_name,
12473
- :dead_letter_target_arn)
13433
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
13434
+ #
13435
+ class AwsSsmPatchComplianceDetails < Struct.new(
13436
+ :patch)
12474
13437
  SENSITIVE = []
12475
13438
  include Aws::Structure
12476
13439
  end
@@ -12937,6 +13900,19 @@ module Aws::SecurityHub
12937
13900
  # },
12938
13901
  # ],
12939
13902
  # source_dest_check: false,
13903
+ # ip_v6_addresses: [
13904
+ # {
13905
+ # ip_v6_address: "NonEmptyString",
13906
+ # },
13907
+ # ],
13908
+ # private_ip_addresses: [
13909
+ # {
13910
+ # private_ip_address: "NonEmptyString",
13911
+ # private_dns_name: "NonEmptyString",
13912
+ # },
13913
+ # ],
13914
+ # public_dns_name: "NonEmptyString",
13915
+ # public_ip: "NonEmptyString",
12940
13916
  # },
12941
13917
  # aws_ec2_security_group: {
12942
13918
  # group_name: "NonEmptyString",
@@ -13437,6 +14413,30 @@ module Aws::SecurityHub
13437
14413
  # sns_topic_name: "NonEmptyString",
13438
14414
  # trail_arn: "NonEmptyString",
13439
14415
  # },
14416
+ # aws_ssm_patch_compliance: {
14417
+ # patch: {
14418
+ # compliance_summary: {
14419
+ # status: "NonEmptyString",
14420
+ # compliant_critical_count: 1,
14421
+ # compliant_high_count: 1,
14422
+ # compliant_medium_count: 1,
14423
+ # execution_type: "NonEmptyString",
14424
+ # non_compliant_critical_count: 1,
14425
+ # compliant_informational_count: 1,
14426
+ # non_compliant_informational_count: 1,
14427
+ # compliant_unspecified_count: 1,
14428
+ # non_compliant_low_count: 1,
14429
+ # non_compliant_high_count: 1,
14430
+ # compliant_low_count: 1,
14431
+ # compliance_type: "NonEmptyString",
14432
+ # patch_baseline_id: "NonEmptyString",
14433
+ # overall_severity: "NonEmptyString",
14434
+ # non_compliant_medium_count: 1,
14435
+ # non_compliant_unspecified_count: 1,
14436
+ # patch_group: "NonEmptyString",
14437
+ # },
14438
+ # },
14439
+ # },
13440
14440
  # aws_certificate_manager_certificate: {
13441
14441
  # certificate_authority_arn: "NonEmptyString",
13442
14442
  # created_at: "NonEmptyString",
@@ -14213,6 +15213,114 @@ module Aws::SecurityHub
14213
15213
  # reboot_option: "NonEmptyString",
14214
15214
  # operation: "NonEmptyString",
14215
15215
  # },
15216
+ # action: {
15217
+ # action_type: "NonEmptyString",
15218
+ # network_connection_action: {
15219
+ # connection_direction: "NonEmptyString",
15220
+ # remote_ip_details: {
15221
+ # ip_address_v4: "NonEmptyString",
15222
+ # organization: {
15223
+ # asn: 1,
15224
+ # asn_org: "NonEmptyString",
15225
+ # isp: "NonEmptyString",
15226
+ # org: "NonEmptyString",
15227
+ # },
15228
+ # country: {
15229
+ # country_code: "NonEmptyString",
15230
+ # country_name: "NonEmptyString",
15231
+ # },
15232
+ # city: {
15233
+ # city_name: "NonEmptyString",
15234
+ # },
15235
+ # geo_location: {
15236
+ # lon: 1.0,
15237
+ # lat: 1.0,
15238
+ # },
15239
+ # },
15240
+ # remote_port_details: {
15241
+ # port: 1,
15242
+ # port_name: "NonEmptyString",
15243
+ # },
15244
+ # local_port_details: {
15245
+ # port: 1,
15246
+ # port_name: "NonEmptyString",
15247
+ # },
15248
+ # protocol: "NonEmptyString",
15249
+ # blocked: false,
15250
+ # },
15251
+ # aws_api_call_action: {
15252
+ # api: "NonEmptyString",
15253
+ # service_name: "NonEmptyString",
15254
+ # caller_type: "NonEmptyString",
15255
+ # remote_ip_details: {
15256
+ # ip_address_v4: "NonEmptyString",
15257
+ # organization: {
15258
+ # asn: 1,
15259
+ # asn_org: "NonEmptyString",
15260
+ # isp: "NonEmptyString",
15261
+ # org: "NonEmptyString",
15262
+ # },
15263
+ # country: {
15264
+ # country_code: "NonEmptyString",
15265
+ # country_name: "NonEmptyString",
15266
+ # },
15267
+ # city: {
15268
+ # city_name: "NonEmptyString",
15269
+ # },
15270
+ # geo_location: {
15271
+ # lon: 1.0,
15272
+ # lat: 1.0,
15273
+ # },
15274
+ # },
15275
+ # domain_details: {
15276
+ # domain: "NonEmptyString",
15277
+ # },
15278
+ # affected_resources: {
15279
+ # "NonEmptyString" => "NonEmptyString",
15280
+ # },
15281
+ # first_seen: "NonEmptyString",
15282
+ # last_seen: "NonEmptyString",
15283
+ # },
15284
+ # dns_request_action: {
15285
+ # domain: "NonEmptyString",
15286
+ # protocol: "NonEmptyString",
15287
+ # blocked: false,
15288
+ # },
15289
+ # port_probe_action: {
15290
+ # port_probe_details: [
15291
+ # {
15292
+ # local_port_details: {
15293
+ # port: 1,
15294
+ # port_name: "NonEmptyString",
15295
+ # },
15296
+ # local_ip_details: {
15297
+ # ip_address_v4: "NonEmptyString",
15298
+ # },
15299
+ # remote_ip_details: {
15300
+ # ip_address_v4: "NonEmptyString",
15301
+ # organization: {
15302
+ # asn: 1,
15303
+ # asn_org: "NonEmptyString",
15304
+ # isp: "NonEmptyString",
15305
+ # org: "NonEmptyString",
15306
+ # },
15307
+ # country: {
15308
+ # country_code: "NonEmptyString",
15309
+ # country_name: "NonEmptyString",
15310
+ # },
15311
+ # city: {
15312
+ # city_name: "NonEmptyString",
15313
+ # },
15314
+ # geo_location: {
15315
+ # lon: 1.0,
15316
+ # lat: 1.0,
15317
+ # },
15318
+ # },
15319
+ # },
15320
+ # ],
15321
+ # blocked: false,
15322
+ # },
15323
+ # },
14216
15324
  # },
14217
15325
  # ],
14218
15326
  # }
@@ -14469,6 +15577,27 @@ module Aws::SecurityHub
14469
15577
  include Aws::Structure
14470
15578
  end
14471
15579
 
15580
+ # Information about a city.
15581
+ #
15582
+ # @note When making an API call, you may pass City
15583
+ # data as a hash:
15584
+ #
15585
+ # {
15586
+ # city_name: "NonEmptyString",
15587
+ # }
15588
+ #
15589
+ # @!attribute [rw] city_name
15590
+ # The name of the city.
15591
+ # @return [String]
15592
+ #
15593
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/City AWS API Documentation
15594
+ #
15595
+ class City < Struct.new(
15596
+ :city_name)
15597
+ SENSITIVE = []
15598
+ include Aws::Structure
15599
+ end
15600
+
14472
15601
  # Contains finding details that are specific to control-based findings.
14473
15602
  # Only returned for findings generated from controls.
14474
15603
  #
@@ -14580,6 +15709,33 @@ module Aws::SecurityHub
14580
15709
  include Aws::Structure
14581
15710
  end
14582
15711
 
15712
+ # Information about a country.
15713
+ #
15714
+ # @note When making an API call, you may pass Country
15715
+ # data as a hash:
15716
+ #
15717
+ # {
15718
+ # country_code: "NonEmptyString",
15719
+ # country_name: "NonEmptyString",
15720
+ # }
15721
+ #
15722
+ # @!attribute [rw] country_code
15723
+ # The 2-letter ISO 3166 country code for the country.
15724
+ # @return [String]
15725
+ #
15726
+ # @!attribute [rw] country_name
15727
+ # The name of the country.
15728
+ # @return [String]
15729
+ #
15730
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Country AWS API Documentation
15731
+ #
15732
+ class Country < Struct.new(
15733
+ :country_code,
15734
+ :country_name)
15735
+ SENSITIVE = []
15736
+ include Aws::Structure
15737
+ end
15738
+
14583
15739
  # @note When making an API call, you may pass CreateActionTargetRequest
14584
15740
  # data as a hash:
14585
15741
  #
@@ -15895,6 +17051,40 @@ module Aws::SecurityHub
15895
17051
  #
15896
17052
  class DisassociateMembersResponse < Aws::EmptyStructure; end
15897
17053
 
17054
+ # Provided if `ActionType` is `DNS_REQUEST`. It provides details about
17055
+ # the DNS request that was detected.
17056
+ #
17057
+ # @note When making an API call, you may pass DnsRequestAction
17058
+ # data as a hash:
17059
+ #
17060
+ # {
17061
+ # domain: "NonEmptyString",
17062
+ # protocol: "NonEmptyString",
17063
+ # blocked: false,
17064
+ # }
17065
+ #
17066
+ # @!attribute [rw] domain
17067
+ # The DNS domain that is associated with the DNS request.
17068
+ # @return [String]
17069
+ #
17070
+ # @!attribute [rw] protocol
17071
+ # The protocol that was used for the DNS request.
17072
+ # @return [String]
17073
+ #
17074
+ # @!attribute [rw] blocked
17075
+ # Indicates whether the DNS request was blocked.
17076
+ # @return [Boolean]
17077
+ #
17078
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DnsRequestAction AWS API Documentation
17079
+ #
17080
+ class DnsRequestAction < Struct.new(
17081
+ :domain,
17082
+ :protocol,
17083
+ :blocked)
17084
+ SENSITIVE = []
17085
+ include Aws::Structure
17086
+ end
17087
+
15898
17088
  # @note When making an API call, you may pass EnableImportFindingsForProductRequest
15899
17089
  # data as a hash:
15900
17090
  #
@@ -15986,6 +17176,33 @@ module Aws::SecurityHub
15986
17176
  #
15987
17177
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
15988
17178
 
17179
+ # Provides the latitude and longitude coordinates of a location.
17180
+ #
17181
+ # @note When making an API call, you may pass GeoLocation
17182
+ # data as a hash:
17183
+ #
17184
+ # {
17185
+ # lon: 1.0,
17186
+ # lat: 1.0,
17187
+ # }
17188
+ #
17189
+ # @!attribute [rw] lon
17190
+ # The longitude of the location.
17191
+ # @return [Float]
17192
+ #
17193
+ # @!attribute [rw] lat
17194
+ # The latitude of the location.
17195
+ # @return [Float]
17196
+ #
17197
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeoLocation AWS API Documentation
17198
+ #
17199
+ class GeoLocation < Struct.new(
17200
+ :lon,
17201
+ :lat)
17202
+ SENSITIVE = []
17203
+ include Aws::Structure
17204
+ end
17205
+
15989
17206
  # @note When making an API call, you may pass GetEnabledStandardsRequest
15990
17207
  # data as a hash:
15991
17208
  #
@@ -17080,6 +18297,45 @@ module Aws::SecurityHub
17080
18297
  include Aws::Structure
17081
18298
  end
17082
18299
 
18300
+ # Provides information about an internet provider.
18301
+ #
18302
+ # @note When making an API call, you may pass IpOrganizationDetails
18303
+ # data as a hash:
18304
+ #
18305
+ # {
18306
+ # asn: 1,
18307
+ # asn_org: "NonEmptyString",
18308
+ # isp: "NonEmptyString",
18309
+ # org: "NonEmptyString",
18310
+ # }
18311
+ #
18312
+ # @!attribute [rw] asn
18313
+ # The Autonomous System Number (ASN) of the internet provider
18314
+ # @return [Integer]
18315
+ #
18316
+ # @!attribute [rw] asn_org
18317
+ # The name of the organization that registered the ASN.
18318
+ # @return [String]
18319
+ #
18320
+ # @!attribute [rw] isp
18321
+ # The ISP information for the internet provider.
18322
+ # @return [String]
18323
+ #
18324
+ # @!attribute [rw] org
18325
+ # The name of the internet provider.
18326
+ # @return [String]
18327
+ #
18328
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IpOrganizationDetails AWS API Documentation
18329
+ #
18330
+ class IpOrganizationDetails < Struct.new(
18331
+ :asn,
18332
+ :asn_org,
18333
+ :isp,
18334
+ :org)
18335
+ SENSITIVE = []
18336
+ include Aws::Structure
18337
+ end
18338
+
17083
18339
  # An IPV6 CIDR block association.
17084
18340
  #
17085
18341
  # @note When making an API call, you may pass Ipv6CidrBlockAssociation
@@ -17681,6 +18937,84 @@ module Aws::SecurityHub
17681
18937
  include Aws::Structure
17682
18938
  end
17683
18939
 
18940
+ # Provided if `ActionType` is `NETWORK_CONNECTION`. It provides details
18941
+ # about the attempted network connection that was detected.
18942
+ #
18943
+ # @note When making an API call, you may pass NetworkConnectionAction
18944
+ # data as a hash:
18945
+ #
18946
+ # {
18947
+ # connection_direction: "NonEmptyString",
18948
+ # remote_ip_details: {
18949
+ # ip_address_v4: "NonEmptyString",
18950
+ # organization: {
18951
+ # asn: 1,
18952
+ # asn_org: "NonEmptyString",
18953
+ # isp: "NonEmptyString",
18954
+ # org: "NonEmptyString",
18955
+ # },
18956
+ # country: {
18957
+ # country_code: "NonEmptyString",
18958
+ # country_name: "NonEmptyString",
18959
+ # },
18960
+ # city: {
18961
+ # city_name: "NonEmptyString",
18962
+ # },
18963
+ # geo_location: {
18964
+ # lon: 1.0,
18965
+ # lat: 1.0,
18966
+ # },
18967
+ # },
18968
+ # remote_port_details: {
18969
+ # port: 1,
18970
+ # port_name: "NonEmptyString",
18971
+ # },
18972
+ # local_port_details: {
18973
+ # port: 1,
18974
+ # port_name: "NonEmptyString",
18975
+ # },
18976
+ # protocol: "NonEmptyString",
18977
+ # blocked: false,
18978
+ # }
18979
+ #
18980
+ # @!attribute [rw] connection_direction
18981
+ # The direction of the network connection request (`IN` or `OUT`).
18982
+ # @return [String]
18983
+ #
18984
+ # @!attribute [rw] remote_ip_details
18985
+ # Information about the remote IP address that issued the network
18986
+ # connection request.
18987
+ # @return [Types::ActionRemoteIpDetails]
18988
+ #
18989
+ # @!attribute [rw] remote_port_details
18990
+ # Information about the port on the remote IP address.
18991
+ # @return [Types::ActionRemotePortDetails]
18992
+ #
18993
+ # @!attribute [rw] local_port_details
18994
+ # Information about the port on the EC2 instance.
18995
+ # @return [Types::ActionLocalPortDetails]
18996
+ #
18997
+ # @!attribute [rw] protocol
18998
+ # The protocol used to make the network connection request.
18999
+ # @return [String]
19000
+ #
19001
+ # @!attribute [rw] blocked
19002
+ # Indicates whether the network connection attempt was blocked.
19003
+ # @return [Boolean]
19004
+ #
19005
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkConnectionAction AWS API Documentation
19006
+ #
19007
+ class NetworkConnectionAction < Struct.new(
19008
+ :connection_direction,
19009
+ :remote_ip_details,
19010
+ :remote_port_details,
19011
+ :local_port_details,
19012
+ :protocol,
19013
+ :blocked)
19014
+ SENSITIVE = []
19015
+ include Aws::Structure
19016
+ end
19017
+
17684
19018
  # Details about a network path component that occurs before or after the
17685
19019
  # current component.
17686
19020
  #
@@ -18056,6 +19390,126 @@ module Aws::SecurityHub
18056
19390
  include Aws::Structure
18057
19391
  end
18058
19392
 
19393
+ # Provided if `ActionType` is `PORT_PROBE`. It provides details about
19394
+ # the attempted port probe that was detected.
19395
+ #
19396
+ # @note When making an API call, you may pass PortProbeAction
19397
+ # data as a hash:
19398
+ #
19399
+ # {
19400
+ # port_probe_details: [
19401
+ # {
19402
+ # local_port_details: {
19403
+ # port: 1,
19404
+ # port_name: "NonEmptyString",
19405
+ # },
19406
+ # local_ip_details: {
19407
+ # ip_address_v4: "NonEmptyString",
19408
+ # },
19409
+ # remote_ip_details: {
19410
+ # ip_address_v4: "NonEmptyString",
19411
+ # organization: {
19412
+ # asn: 1,
19413
+ # asn_org: "NonEmptyString",
19414
+ # isp: "NonEmptyString",
19415
+ # org: "NonEmptyString",
19416
+ # },
19417
+ # country: {
19418
+ # country_code: "NonEmptyString",
19419
+ # country_name: "NonEmptyString",
19420
+ # },
19421
+ # city: {
19422
+ # city_name: "NonEmptyString",
19423
+ # },
19424
+ # geo_location: {
19425
+ # lon: 1.0,
19426
+ # lat: 1.0,
19427
+ # },
19428
+ # },
19429
+ # },
19430
+ # ],
19431
+ # blocked: false,
19432
+ # }
19433
+ #
19434
+ # @!attribute [rw] port_probe_details
19435
+ # Information about the ports affected by the port probe.
19436
+ # @return [Array<Types::PortProbeDetail>]
19437
+ #
19438
+ # @!attribute [rw] blocked
19439
+ # Indicates whether the port probe was blocked.
19440
+ # @return [Boolean]
19441
+ #
19442
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeAction AWS API Documentation
19443
+ #
19444
+ class PortProbeAction < Struct.new(
19445
+ :port_probe_details,
19446
+ :blocked)
19447
+ SENSITIVE = []
19448
+ include Aws::Structure
19449
+ end
19450
+
19451
+ # A port scan that was part of the port probe. For each scan,
19452
+ # PortProbeDetails provides information about the local IP address and
19453
+ # port that were scanned, and the remote IP address that the scan
19454
+ # originated from.
19455
+ #
19456
+ # @note When making an API call, you may pass PortProbeDetail
19457
+ # data as a hash:
19458
+ #
19459
+ # {
19460
+ # local_port_details: {
19461
+ # port: 1,
19462
+ # port_name: "NonEmptyString",
19463
+ # },
19464
+ # local_ip_details: {
19465
+ # ip_address_v4: "NonEmptyString",
19466
+ # },
19467
+ # remote_ip_details: {
19468
+ # ip_address_v4: "NonEmptyString",
19469
+ # organization: {
19470
+ # asn: 1,
19471
+ # asn_org: "NonEmptyString",
19472
+ # isp: "NonEmptyString",
19473
+ # org: "NonEmptyString",
19474
+ # },
19475
+ # country: {
19476
+ # country_code: "NonEmptyString",
19477
+ # country_name: "NonEmptyString",
19478
+ # },
19479
+ # city: {
19480
+ # city_name: "NonEmptyString",
19481
+ # },
19482
+ # geo_location: {
19483
+ # lon: 1.0,
19484
+ # lat: 1.0,
19485
+ # },
19486
+ # },
19487
+ # }
19488
+ #
19489
+ # @!attribute [rw] local_port_details
19490
+ # Provides information about the port that was scanned.
19491
+ # @return [Types::ActionLocalPortDetails]
19492
+ #
19493
+ # @!attribute [rw] local_ip_details
19494
+ # Provides information about the IP address where the scanned port is
19495
+ # located.
19496
+ # @return [Types::ActionLocalIpDetails]
19497
+ #
19498
+ # @!attribute [rw] remote_ip_details
19499
+ # Provides information about the remote IP address that performed the
19500
+ # scan.
19501
+ # @return [Types::ActionRemoteIpDetails]
19502
+ #
19503
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeDetail AWS API Documentation
19504
+ #
19505
+ class PortProbeDetail < Struct.new(
19506
+ :local_port_details,
19507
+ :local_ip_details,
19508
+ :remote_ip_details)
19509
+ SENSITIVE = []
19510
+ include Aws::Structure
19511
+ end
19512
+
18059
19513
  # A range of ports.
18060
19514
  #
18061
19515
  # @note When making an API call, you may pass PortRange
@@ -18418,6 +19872,19 @@ module Aws::SecurityHub
18418
19872
  # },
18419
19873
  # ],
18420
19874
  # source_dest_check: false,
19875
+ # ip_v6_addresses: [
19876
+ # {
19877
+ # ip_v6_address: "NonEmptyString",
19878
+ # },
19879
+ # ],
19880
+ # private_ip_addresses: [
19881
+ # {
19882
+ # private_ip_address: "NonEmptyString",
19883
+ # private_dns_name: "NonEmptyString",
19884
+ # },
19885
+ # ],
19886
+ # public_dns_name: "NonEmptyString",
19887
+ # public_ip: "NonEmptyString",
18421
19888
  # },
18422
19889
  # aws_ec2_security_group: {
18423
19890
  # group_name: "NonEmptyString",
@@ -18918,6 +20385,30 @@ module Aws::SecurityHub
18918
20385
  # sns_topic_name: "NonEmptyString",
18919
20386
  # trail_arn: "NonEmptyString",
18920
20387
  # },
20388
+ # aws_ssm_patch_compliance: {
20389
+ # patch: {
20390
+ # compliance_summary: {
20391
+ # status: "NonEmptyString",
20392
+ # compliant_critical_count: 1,
20393
+ # compliant_high_count: 1,
20394
+ # compliant_medium_count: 1,
20395
+ # execution_type: "NonEmptyString",
20396
+ # non_compliant_critical_count: 1,
20397
+ # compliant_informational_count: 1,
20398
+ # non_compliant_informational_count: 1,
20399
+ # compliant_unspecified_count: 1,
20400
+ # non_compliant_low_count: 1,
20401
+ # non_compliant_high_count: 1,
20402
+ # compliant_low_count: 1,
20403
+ # compliance_type: "NonEmptyString",
20404
+ # patch_baseline_id: "NonEmptyString",
20405
+ # overall_severity: "NonEmptyString",
20406
+ # non_compliant_medium_count: 1,
20407
+ # non_compliant_unspecified_count: 1,
20408
+ # patch_group: "NonEmptyString",
20409
+ # },
20410
+ # },
20411
+ # },
18921
20412
  # aws_certificate_manager_certificate: {
18922
20413
  # certificate_authority_arn: "NonEmptyString",
18923
20414
  # created_at: "NonEmptyString",
@@ -19648,6 +21139,8 @@ module Aws::SecurityHub
19648
21139
  # @return [String]
19649
21140
  #
19650
21141
  # @!attribute [rw] resource_role
21142
+ # Identifies the role of the resource in the finding. A resource is
21143
+ # either the actor or target of the finding activity,
19651
21144
  # @return [String]
19652
21145
  #
19653
21146
  # @!attribute [rw] tags
@@ -19817,6 +21310,19 @@ module Aws::SecurityHub
19817
21310
  # },
19818
21311
  # ],
19819
21312
  # source_dest_check: false,
21313
+ # ip_v6_addresses: [
21314
+ # {
21315
+ # ip_v6_address: "NonEmptyString",
21316
+ # },
21317
+ # ],
21318
+ # private_ip_addresses: [
21319
+ # {
21320
+ # private_ip_address: "NonEmptyString",
21321
+ # private_dns_name: "NonEmptyString",
21322
+ # },
21323
+ # ],
21324
+ # public_dns_name: "NonEmptyString",
21325
+ # public_ip: "NonEmptyString",
19820
21326
  # },
19821
21327
  # aws_ec2_security_group: {
19822
21328
  # group_name: "NonEmptyString",
@@ -20317,6 +21823,30 @@ module Aws::SecurityHub
20317
21823
  # sns_topic_name: "NonEmptyString",
20318
21824
  # trail_arn: "NonEmptyString",
20319
21825
  # },
21826
+ # aws_ssm_patch_compliance: {
21827
+ # patch: {
21828
+ # compliance_summary: {
21829
+ # status: "NonEmptyString",
21830
+ # compliant_critical_count: 1,
21831
+ # compliant_high_count: 1,
21832
+ # compliant_medium_count: 1,
21833
+ # execution_type: "NonEmptyString",
21834
+ # non_compliant_critical_count: 1,
21835
+ # compliant_informational_count: 1,
21836
+ # non_compliant_informational_count: 1,
21837
+ # compliant_unspecified_count: 1,
21838
+ # non_compliant_low_count: 1,
21839
+ # non_compliant_high_count: 1,
21840
+ # compliant_low_count: 1,
21841
+ # compliance_type: "NonEmptyString",
21842
+ # patch_baseline_id: "NonEmptyString",
21843
+ # overall_severity: "NonEmptyString",
21844
+ # non_compliant_medium_count: 1,
21845
+ # non_compliant_unspecified_count: 1,
21846
+ # patch_group: "NonEmptyString",
21847
+ # },
21848
+ # },
21849
+ # },
20320
21850
  # aws_certificate_manager_certificate: {
20321
21851
  # certificate_authority_arn: "NonEmptyString",
20322
21852
  # created_at: "NonEmptyString",
@@ -21091,9 +22621,11 @@ module Aws::SecurityHub
21091
22621
  # @return [Types::AwsIamPolicyDetails]
21092
22622
  #
21093
22623
  # @!attribute [rw] aws_api_gateway_v2_stage
22624
+ # Provides information about a version 2 stage for Amazon API Gateway.
21094
22625
  # @return [Types::AwsApiGatewayV2StageDetails]
21095
22626
  #
21096
22627
  # @!attribute [rw] aws_api_gateway_v2_api
22628
+ # Provides information about a version 2 API in Amazon API Gateway.
21097
22629
  # @return [Types::AwsApiGatewayV2ApiDetails]
21098
22630
  #
21099
22631
  # @!attribute [rw] aws_dynamo_db_table
@@ -21101,24 +22633,37 @@ module Aws::SecurityHub
21101
22633
  # @return [Types::AwsDynamoDbTableDetails]
21102
22634
  #
21103
22635
  # @!attribute [rw] aws_api_gateway_stage
22636
+ # Provides information about a version 1 Amazon API Gateway stage.
21104
22637
  # @return [Types::AwsApiGatewayStageDetails]
21105
22638
  #
21106
22639
  # @!attribute [rw] aws_api_gateway_rest_api
22640
+ # Provides information about a REST API in version 1 of Amazon API
22641
+ # Gateway.
21107
22642
  # @return [Types::AwsApiGatewayRestApiDetails]
21108
22643
  #
21109
22644
  # @!attribute [rw] aws_cloud_trail_trail
22645
+ # Provides details about a CloudTrail trail.
21110
22646
  # @return [Types::AwsCloudTrailTrailDetails]
21111
22647
  #
22648
+ # @!attribute [rw] aws_ssm_patch_compliance
22649
+ # Provides information about the state of a patch on an instance based
22650
+ # on the patch baseline that was used to patch the instance.
22651
+ # @return [Types::AwsSsmPatchComplianceDetails]
22652
+ #
21112
22653
  # @!attribute [rw] aws_certificate_manager_certificate
22654
+ # Provides details about an AWS Certificate Manager (ACM) certificate.
21113
22655
  # @return [Types::AwsCertificateManagerCertificateDetails]
21114
22656
  #
21115
22657
  # @!attribute [rw] aws_redshift_cluster
22658
+ # Contains details about an Amazon Redshift cluster.
21116
22659
  # @return [Types::AwsRedshiftClusterDetails]
21117
22660
  #
21118
22661
  # @!attribute [rw] aws_elb_load_balancer
22662
+ # contains details about a Classic Load Balancer.
21119
22663
  # @return [Types::AwsElbLoadBalancerDetails]
21120
22664
  #
21121
22665
  # @!attribute [rw] aws_iam_group
22666
+ # Contains details about an IAM group.
21122
22667
  # @return [Types::AwsIamGroupDetails]
21123
22668
  #
21124
22669
  # @!attribute [rw] aws_iam_role
@@ -21209,6 +22754,7 @@ module Aws::SecurityHub
21209
22754
  :aws_api_gateway_stage,
21210
22755
  :aws_api_gateway_rest_api,
21211
22756
  :aws_cloud_trail_trail,
22757
+ :aws_ssm_patch_compliance,
21212
22758
  :aws_certificate_manager_certificate,
21213
22759
  :aws_redshift_cluster,
21214
22760
  :aws_elb_load_balancer,
@@ -21613,7 +23159,20 @@ module Aws::SecurityHub
21613
23159
  # @return [Hash<String,String>]
21614
23160
  #
21615
23161
  # @!attribute [rw] standards_status
21616
- # The status of the standards subscription.
23162
+ # The status of the standard subscription.
23163
+ #
23164
+ # The status values are as follows:
23165
+ #
23166
+ # * `PENDING` - Standard is in the process of being enabled.
23167
+ #
23168
+ # * `READY` - Standard is enabled.
23169
+ #
23170
+ # * `INCOMPLETE` - Standard could not be enabled completely. Some
23171
+ # controls may not be available.
23172
+ #
23173
+ # * `DELETING` - Standard is in the process of being disabled.
23174
+ #
23175
+ # * `FAILED` - Standard could not be disabled.
21617
23176
  # @return [String]
21618
23177
  #
21619
23178
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
@@ -23457,6 +25016,14 @@ module Aws::SecurityHub
23457
25016
  #
23458
25017
  # * `NEW` - The initial state of a finding, before it is reviewed.
23459
25018
  #
25019
+ # Security Hub also resets the workflow status from `NOTIFIED` or
25020
+ # `RESOLVED` to `NEW` in the following cases:
25021
+ #
25022
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
25023
+ #
25024
+ # * `ComplianceStatus` changes from `PASSED` to either `WARNING`,
25025
+ # `FAILED`, or `NOT_AVAILABLE`.
25026
+ #
23460
25027
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23461
25028
  # the security issue. Used when the initial reviewer is not the
23462
25029
  # resource owner, and needs intervention from the resource owner.
@@ -23491,6 +25058,14 @@ module Aws::SecurityHub
23491
25058
  #
23492
25059
  # * `NEW` - The initial state of a finding, before it is reviewed.
23493
25060
  #
25061
+ # Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or
25062
+ # `RESOLVED` to `NEW` in the following cases:
25063
+ #
25064
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
25065
+ #
25066
+ # * The compliance status changes from `PASSED` to either `WARNING`,
25067
+ # `FAILED`, or `NOT_AVAILABLE`.
25068
+ #
23494
25069
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23495
25070
  # the security issue. Used when the initial reviewer is not the
23496
25071
  # resource owner, and needs intervention from the resource owner.