aws-sdk-securityhub 1.37.0 → 1.38.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/aws-sdk-securityhub.rb +1 -1
  3. data/lib/aws-sdk-securityhub/client.rb +225 -1
  4. data/lib/aws-sdk-securityhub/client_api.rb +145 -0
  5. data/lib/aws-sdk-securityhub/types.rb +1584 -9
  6. metadata +2 -2
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -85,6 +85,313 @@ module Aws::SecurityHub
85
85
  include Aws::Structure
86
86
  end
87
87
 
88
+ # Provides details about one of the following actions that were detected
89
+ # for the finding:
90
+ #
91
+ # * A remote IP address issued an AWS API call
92
+ #
93
+ # * A DNS request was received
94
+ #
95
+ # * A remote IP address attempted to connect to an EC2 instance
96
+ #
97
+ # * A remote IP address attempted a port probe on an EC2 instance
98
+ #
99
+ # @note When making an API call, you may pass Action
100
+ # data as a hash:
101
+ #
102
+ # {
103
+ # action_type: "NonEmptyString",
104
+ # network_connection_action: {
105
+ # connection_direction: "NonEmptyString",
106
+ # remote_ip_details: {
107
+ # ip_address_v4: "NonEmptyString",
108
+ # organization: {
109
+ # asn: 1,
110
+ # asn_org: "NonEmptyString",
111
+ # isp: "NonEmptyString",
112
+ # org: "NonEmptyString",
113
+ # },
114
+ # country: {
115
+ # country_code: "NonEmptyString",
116
+ # country_name: "NonEmptyString",
117
+ # },
118
+ # city: {
119
+ # city_name: "NonEmptyString",
120
+ # },
121
+ # geo_location: {
122
+ # lon: 1.0,
123
+ # lat: 1.0,
124
+ # },
125
+ # },
126
+ # remote_port_details: {
127
+ # port: 1,
128
+ # port_name: "NonEmptyString",
129
+ # },
130
+ # local_port_details: {
131
+ # port: 1,
132
+ # port_name: "NonEmptyString",
133
+ # },
134
+ # protocol: "NonEmptyString",
135
+ # blocked: false,
136
+ # },
137
+ # aws_api_call_action: {
138
+ # api: "NonEmptyString",
139
+ # service_name: "NonEmptyString",
140
+ # caller_type: "NonEmptyString",
141
+ # remote_ip_details: {
142
+ # ip_address_v4: "NonEmptyString",
143
+ # organization: {
144
+ # asn: 1,
145
+ # asn_org: "NonEmptyString",
146
+ # isp: "NonEmptyString",
147
+ # org: "NonEmptyString",
148
+ # },
149
+ # country: {
150
+ # country_code: "NonEmptyString",
151
+ # country_name: "NonEmptyString",
152
+ # },
153
+ # city: {
154
+ # city_name: "NonEmptyString",
155
+ # },
156
+ # geo_location: {
157
+ # lon: 1.0,
158
+ # lat: 1.0,
159
+ # },
160
+ # },
161
+ # domain_details: {
162
+ # domain: "NonEmptyString",
163
+ # },
164
+ # affected_resources: {
165
+ # "NonEmptyString" => "NonEmptyString",
166
+ # },
167
+ # first_seen: "NonEmptyString",
168
+ # last_seen: "NonEmptyString",
169
+ # },
170
+ # dns_request_action: {
171
+ # domain: "NonEmptyString",
172
+ # protocol: "NonEmptyString",
173
+ # blocked: false,
174
+ # },
175
+ # port_probe_action: {
176
+ # port_probe_details: [
177
+ # {
178
+ # local_port_details: {
179
+ # port: 1,
180
+ # port_name: "NonEmptyString",
181
+ # },
182
+ # local_ip_details: {
183
+ # ip_address_v4: "NonEmptyString",
184
+ # },
185
+ # remote_ip_details: {
186
+ # ip_address_v4: "NonEmptyString",
187
+ # organization: {
188
+ # asn: 1,
189
+ # asn_org: "NonEmptyString",
190
+ # isp: "NonEmptyString",
191
+ # org: "NonEmptyString",
192
+ # },
193
+ # country: {
194
+ # country_code: "NonEmptyString",
195
+ # country_name: "NonEmptyString",
196
+ # },
197
+ # city: {
198
+ # city_name: "NonEmptyString",
199
+ # },
200
+ # geo_location: {
201
+ # lon: 1.0,
202
+ # lat: 1.0,
203
+ # },
204
+ # },
205
+ # },
206
+ # ],
207
+ # blocked: false,
208
+ # },
209
+ # }
210
+ #
211
+ # @!attribute [rw] action_type
212
+ # The type of action that was detected. The possible action types are:
213
+ #
214
+ # * `NETWORK_CONNECTION`
215
+ #
216
+ # * `AWS_API_CALL`
217
+ #
218
+ # * `DNS_REQUEST`
219
+ #
220
+ # * `PORT_PROBE`
221
+ # @return [String]
222
+ #
223
+ # @!attribute [rw] network_connection_action
224
+ # Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
225
+ # about the network connection that was detected.
226
+ # @return [Types::NetworkConnectionAction]
227
+ #
228
+ # @!attribute [rw] aws_api_call_action
229
+ # Included if `ActionType` is `AWS_API_CALL`. Provides details about
230
+ # the API call that was detected.
231
+ # @return [Types::AwsApiCallAction]
232
+ #
233
+ # @!attribute [rw] dns_request_action
234
+ # Included if `ActionType` is `DNS_REQUEST`. Provides details about
235
+ # the DNS request that was detected.
236
+ # @return [Types::DnsRequestAction]
237
+ #
238
+ # @!attribute [rw] port_probe_action
239
+ # Included if `ActionType` is `PORT_PROBE`. Provides details about the
240
+ # port probe that was detected.
241
+ # @return [Types::PortProbeAction]
242
+ #
243
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
244
+ #
245
+ class Action < Struct.new(
246
+ :action_type,
247
+ :network_connection_action,
248
+ :aws_api_call_action,
249
+ :dns_request_action,
250
+ :port_probe_action)
251
+ SENSITIVE = []
252
+ include Aws::Structure
253
+ end
254
+
255
+ # Provides information about the IP address where the scanned port is
256
+ # located.
257
+ #
258
+ # @note When making an API call, you may pass ActionLocalIpDetails
259
+ # data as a hash:
260
+ #
261
+ # {
262
+ # ip_address_v4: "NonEmptyString",
263
+ # }
264
+ #
265
+ # @!attribute [rw] ip_address_v4
266
+ # The IP address.
267
+ # @return [String]
268
+ #
269
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalIpDetails AWS API Documentation
270
+ #
271
+ class ActionLocalIpDetails < Struct.new(
272
+ :ip_address_v4)
273
+ SENSITIVE = []
274
+ include Aws::Structure
275
+ end
276
+
277
+ # For `NetworkConnectionAction` and `PortProbeDetails`,
278
+ # `LocalPortDetails` provides information about the local port that was
279
+ # involved in the action.
280
+ #
281
+ # @note When making an API call, you may pass ActionLocalPortDetails
282
+ # data as a hash:
283
+ #
284
+ # {
285
+ # port: 1,
286
+ # port_name: "NonEmptyString",
287
+ # }
288
+ #
289
+ # @!attribute [rw] port
290
+ # The number of the port.
291
+ # @return [Integer]
292
+ #
293
+ # @!attribute [rw] port_name
294
+ # The port name of the local connection.
295
+ # @return [String]
296
+ #
297
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionLocalPortDetails AWS API Documentation
298
+ #
299
+ class ActionLocalPortDetails < Struct.new(
300
+ :port,
301
+ :port_name)
302
+ SENSITIVE = []
303
+ include Aws::Structure
304
+ end
305
+
306
+ # For `AwsApiAction`, `NetworkConnectionAction`, and `PortProbeAction`,
307
+ # `RemoteIpDetails` provides information about the remote IP address
308
+ # that was involved in the action.
309
+ #
310
+ # @note When making an API call, you may pass ActionRemoteIpDetails
311
+ # data as a hash:
312
+ #
313
+ # {
314
+ # ip_address_v4: "NonEmptyString",
315
+ # organization: {
316
+ # asn: 1,
317
+ # asn_org: "NonEmptyString",
318
+ # isp: "NonEmptyString",
319
+ # org: "NonEmptyString",
320
+ # },
321
+ # country: {
322
+ # country_code: "NonEmptyString",
323
+ # country_name: "NonEmptyString",
324
+ # },
325
+ # city: {
326
+ # city_name: "NonEmptyString",
327
+ # },
328
+ # geo_location: {
329
+ # lon: 1.0,
330
+ # lat: 1.0,
331
+ # },
332
+ # }
333
+ #
334
+ # @!attribute [rw] ip_address_v4
335
+ # The IP address.
336
+ # @return [String]
337
+ #
338
+ # @!attribute [rw] organization
339
+ # The internet service provider (ISP) organization associated with the
340
+ # remote IP address.
341
+ # @return [Types::IpOrganizationDetails]
342
+ #
343
+ # @!attribute [rw] country
344
+ # The country where the remote IP address is located.
345
+ # @return [Types::Country]
346
+ #
347
+ # @!attribute [rw] city
348
+ # The city where the remote IP address is located.
349
+ # @return [Types::City]
350
+ #
351
+ # @!attribute [rw] geo_location
352
+ # The coordinates of the location of the remote IP address.
353
+ # @return [Types::GeoLocation]
354
+ #
355
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemoteIpDetails AWS API Documentation
356
+ #
357
+ class ActionRemoteIpDetails < Struct.new(
358
+ :ip_address_v4,
359
+ :organization,
360
+ :country,
361
+ :city,
362
+ :geo_location)
363
+ SENSITIVE = []
364
+ include Aws::Structure
365
+ end
366
+
367
+ # Provides information about the remote port that was involved in an
368
+ # attempted network connection.
369
+ #
370
+ # @note When making an API call, you may pass ActionRemotePortDetails
371
+ # data as a hash:
372
+ #
373
+ # {
374
+ # port: 1,
375
+ # port_name: "NonEmptyString",
376
+ # }
377
+ #
378
+ # @!attribute [rw] port
379
+ # The number of the port.
380
+ # @return [Integer]
381
+ #
382
+ # @!attribute [rw] port_name
383
+ # The port name of the remote connection.
384
+ # @return [String]
385
+ #
386
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ActionRemotePortDetails AWS API Documentation
387
+ #
388
+ class ActionRemotePortDetails < Struct.new(
389
+ :port,
390
+ :port_name)
391
+ SENSITIVE = []
392
+ include Aws::Structure
393
+ end
394
+
88
395
  # An `ActionTarget` object.
89
396
  #
90
397
  # @!attribute [rw] action_target_arn
@@ -160,6 +467,120 @@ module Aws::SecurityHub
160
467
  include Aws::Structure
161
468
  end
162
469
 
470
+ # Provided if `ActionType` is `AWS_API_CALL`. It provides details about
471
+ # the API call that was detected.
472
+ #
473
+ # @note When making an API call, you may pass AwsApiCallAction
474
+ # data as a hash:
475
+ #
476
+ # {
477
+ # api: "NonEmptyString",
478
+ # service_name: "NonEmptyString",
479
+ # caller_type: "NonEmptyString",
480
+ # remote_ip_details: {
481
+ # ip_address_v4: "NonEmptyString",
482
+ # organization: {
483
+ # asn: 1,
484
+ # asn_org: "NonEmptyString",
485
+ # isp: "NonEmptyString",
486
+ # org: "NonEmptyString",
487
+ # },
488
+ # country: {
489
+ # country_code: "NonEmptyString",
490
+ # country_name: "NonEmptyString",
491
+ # },
492
+ # city: {
493
+ # city_name: "NonEmptyString",
494
+ # },
495
+ # geo_location: {
496
+ # lon: 1.0,
497
+ # lat: 1.0,
498
+ # },
499
+ # },
500
+ # domain_details: {
501
+ # domain: "NonEmptyString",
502
+ # },
503
+ # affected_resources: {
504
+ # "NonEmptyString" => "NonEmptyString",
505
+ # },
506
+ # first_seen: "NonEmptyString",
507
+ # last_seen: "NonEmptyString",
508
+ # }
509
+ #
510
+ # @!attribute [rw] api
511
+ # The name of the API method that was issued.
512
+ # @return [String]
513
+ #
514
+ # @!attribute [rw] service_name
515
+ # The name of the AWS service that the API method belongs to.
516
+ # @return [String]
517
+ #
518
+ # @!attribute [rw] caller_type
519
+ # Indicates whether the API call originated from a remote IP address
520
+ # (`remoteip`) or from a DNS domain (`domain`).
521
+ # @return [String]
522
+ #
523
+ # @!attribute [rw] remote_ip_details
524
+ # Provided if `CallerType` is `remoteIp`. Provides information about
525
+ # the remote IP address that the API call originated from.
526
+ # @return [Types::ActionRemoteIpDetails]
527
+ #
528
+ # @!attribute [rw] domain_details
529
+ # Provided if `CallerType` is `domain`. Provides information about the
530
+ # DNS domain that the API call originated from.
531
+ # @return [Types::AwsApiCallActionDomainDetails]
532
+ #
533
+ # @!attribute [rw] affected_resources
534
+ # Identifies the resources that were affected by the API call.
535
+ # @return [Hash<String,String>]
536
+ #
537
+ # @!attribute [rw] first_seen
538
+ # An ISO8601-formatted timestamp that indicates when the API call was
539
+ # first observed.
540
+ # @return [String]
541
+ #
542
+ # @!attribute [rw] last_seen
543
+ # An ISO8601-formatted timestamp that indicates when the API call was
544
+ # most recently observed.
545
+ # @return [String]
546
+ #
547
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallAction AWS API Documentation
548
+ #
549
+ class AwsApiCallAction < Struct.new(
550
+ :api,
551
+ :service_name,
552
+ :caller_type,
553
+ :remote_ip_details,
554
+ :domain_details,
555
+ :affected_resources,
556
+ :first_seen,
557
+ :last_seen)
558
+ SENSITIVE = []
559
+ include Aws::Structure
560
+ end
561
+
562
+ # Provided if `CallerType` is `domain`. It provides information about
563
+ # the DNS domain that issued the API call.
564
+ #
565
+ # @note When making an API call, you may pass AwsApiCallActionDomainDetails
566
+ # data as a hash:
567
+ #
568
+ # {
569
+ # domain: "NonEmptyString",
570
+ # }
571
+ #
572
+ # @!attribute [rw] domain
573
+ # The name of the DNS domain that issued the API call.
574
+ # @return [String]
575
+ #
576
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsApiCallActionDomainDetails AWS API Documentation
577
+ #
578
+ class AwsApiCallActionDomainDetails < Struct.new(
579
+ :domain)
580
+ SENSITIVE = []
581
+ include Aws::Structure
582
+ end
583
+
163
584
  # Contains information about settings for logging access for the stage.
164
585
  #
165
586
  # @note When making an API call, you may pass AwsApiGatewayAccessLogSettings
@@ -3488,6 +3909,19 @@ module Aws::SecurityHub
3488
3909
  # },
3489
3910
  # ],
3490
3911
  # source_dest_check: false,
3912
+ # ip_v6_addresses: [
3913
+ # {
3914
+ # ip_v6_address: "NonEmptyString",
3915
+ # },
3916
+ # ],
3917
+ # private_ip_addresses: [
3918
+ # {
3919
+ # private_ip_address: "NonEmptyString",
3920
+ # private_dns_name: "NonEmptyString",
3921
+ # },
3922
+ # ],
3923
+ # public_dns_name: "NonEmptyString",
3924
+ # public_ip: "NonEmptyString",
3491
3925
  # }
3492
3926
  #
3493
3927
  # @!attribute [rw] attachment
@@ -3506,13 +3940,84 @@ module Aws::SecurityHub
3506
3940
  # Indicates whether traffic to or from the instance is validated.
3507
3941
  # @return [Boolean]
3508
3942
  #
3943
+ # @!attribute [rw] ip_v6_addresses
3944
+ # The IPv6 addresses associated with the network interface.
3945
+ # @return [Array<Types::AwsEc2NetworkInterfaceIpV6AddressDetail>]
3946
+ #
3947
+ # @!attribute [rw] private_ip_addresses
3948
+ # The private IPv4 addresses associated with the network interface.
3949
+ # @return [Array<Types::AwsEc2NetworkInterfacePrivateIpAddressDetail>]
3950
+ #
3951
+ # @!attribute [rw] public_dns_name
3952
+ # The public DNS name of the network interface.
3953
+ # @return [String]
3954
+ #
3955
+ # @!attribute [rw] public_ip
3956
+ # The address of the Elastic IP address bound to the network
3957
+ # interface.
3958
+ # @return [String]
3959
+ #
3509
3960
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceDetails AWS API Documentation
3510
3961
  #
3511
3962
  class AwsEc2NetworkInterfaceDetails < Struct.new(
3512
3963
  :attachment,
3513
3964
  :network_interface_id,
3514
3965
  :security_groups,
3515
- :source_dest_check)
3966
+ :source_dest_check,
3967
+ :ip_v6_addresses,
3968
+ :private_ip_addresses,
3969
+ :public_dns_name,
3970
+ :public_ip)
3971
+ SENSITIVE = []
3972
+ include Aws::Structure
3973
+ end
3974
+
3975
+ # Provides information about an IPV6 address that is associated with the
3976
+ # network interface.
3977
+ #
3978
+ # @note When making an API call, you may pass AwsEc2NetworkInterfaceIpV6AddressDetail
3979
+ # data as a hash:
3980
+ #
3981
+ # {
3982
+ # ip_v6_address: "NonEmptyString",
3983
+ # }
3984
+ #
3985
+ # @!attribute [rw] ip_v6_address
3986
+ # The IPV6 address.
3987
+ # @return [String]
3988
+ #
3989
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfaceIpV6AddressDetail AWS API Documentation
3990
+ #
3991
+ class AwsEc2NetworkInterfaceIpV6AddressDetail < Struct.new(
3992
+ :ip_v6_address)
3993
+ SENSITIVE = []
3994
+ include Aws::Structure
3995
+ end
3996
+
3997
+ # Provides information about a private IPv4 address that is with the
3998
+ # network interface.
3999
+ #
4000
+ # @note When making an API call, you may pass AwsEc2NetworkInterfacePrivateIpAddressDetail
4001
+ # data as a hash:
4002
+ #
4003
+ # {
4004
+ # private_ip_address: "NonEmptyString",
4005
+ # private_dns_name: "NonEmptyString",
4006
+ # }
4007
+ #
4008
+ # @!attribute [rw] private_ip_address
4009
+ # The IP address.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] private_dns_name
4013
+ # The private DNS name for the IP address.
4014
+ # @return [String]
4015
+ #
4016
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkInterfacePrivateIpAddressDetail AWS API Documentation
4017
+ #
4018
+ class AwsEc2NetworkInterfacePrivateIpAddressDetail < Struct.new(
4019
+ :private_ip_address,
4020
+ :private_dns_name)
3516
4021
  SENSITIVE = []
3517
4022
  include Aws::Structure
3518
4023
  end
@@ -6884,6 +7389,8 @@ module Aws::SecurityHub
6884
7389
  # @return [String]
6885
7390
  #
6886
7391
  # @!attribute [rw] engine
7392
+ # The name of the database engine that you want to use for this DB
7393
+ # instance.
6887
7394
  # @return [String]
6888
7395
  #
6889
7396
  # @!attribute [rw] allocated_storage
@@ -7667,6 +8174,8 @@ module Aws::SecurityHub
7667
8174
  include Aws::Structure
7668
8175
  end
7669
8176
 
8177
+ # An option group membership.
8178
+ #
7670
8179
  # @note When making an API call, you may pass AwsRdsDbOptionGroupMembership
7671
8180
  # data as a hash:
7672
8181
  #
@@ -7676,9 +8185,11 @@ module Aws::SecurityHub
7676
8185
  # }
7677
8186
  #
7678
8187
  # @!attribute [rw] option_group_name
8188
+ # The name of the option group.
7679
8189
  # @return [String]
7680
8190
  #
7681
8191
  # @!attribute [rw] status
8192
+ # The status of the option group membership.
7682
8193
  # @return [String]
7683
8194
  #
7684
8195
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbOptionGroupMembership AWS API Documentation
@@ -7690,6 +8201,8 @@ module Aws::SecurityHub
7690
8201
  include Aws::Structure
7691
8202
  end
7692
8203
 
8204
+ # Provides information about a parameter group for a DB instance.
8205
+ #
7693
8206
  # @note When making an API call, you may pass AwsRdsDbParameterGroup
7694
8207
  # data as a hash:
7695
8208
  #
@@ -7699,9 +8212,11 @@ module Aws::SecurityHub
7699
8212
  # }
7700
8213
  #
7701
8214
  # @!attribute [rw] db_parameter_group_name
8215
+ # The name of the parameter group.
7702
8216
  # @return [String]
7703
8217
  #
7704
8218
  # @!attribute [rw] parameter_apply_status
8219
+ # The status of parameter updates.
7705
8220
  # @return [String]
7706
8221
  #
7707
8222
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbParameterGroup AWS API Documentation
@@ -7713,6 +8228,8 @@ module Aws::SecurityHub
7713
8228
  include Aws::Structure
7714
8229
  end
7715
8230
 
8231
+ # Changes to a DB instance that are currently pending.
8232
+ #
7716
8233
  # @note When making an API call, you may pass AwsRdsDbPendingModifiedValues
7717
8234
  # data as a hash:
7718
8235
  #
@@ -7743,48 +8260,64 @@ module Aws::SecurityHub
7743
8260
  # }
7744
8261
  #
7745
8262
  # @!attribute [rw] db_instance_class
8263
+ # The new DB instance class for the DB instance.
7746
8264
  # @return [String]
7747
8265
  #
7748
8266
  # @!attribute [rw] allocated_storage
8267
+ # The new value of the allocated storage for the DB instance.
7749
8268
  # @return [Integer]
7750
8269
  #
7751
8270
  # @!attribute [rw] master_user_password
8271
+ # The new master user password for the DB instance.
7752
8272
  # @return [String]
7753
8273
  #
7754
8274
  # @!attribute [rw] port
8275
+ # The new port for the DB instance.
7755
8276
  # @return [Integer]
7756
8277
  #
7757
8278
  # @!attribute [rw] backup_retention_period
8279
+ # The new backup retention period for the DB instance.
7758
8280
  # @return [Integer]
7759
8281
  #
7760
8282
  # @!attribute [rw] multi_az
8283
+ # Indicates that a single Availability Zone DB instance is changing to
8284
+ # a multiple Availability Zone deployment.
7761
8285
  # @return [Boolean]
7762
8286
  #
7763
8287
  # @!attribute [rw] engine_version
8288
+ # The new engine version for the DB instance.
7764
8289
  # @return [String]
7765
8290
  #
7766
8291
  # @!attribute [rw] license_model
8292
+ # The new license model value for the DB instance.
7767
8293
  # @return [String]
7768
8294
  #
7769
8295
  # @!attribute [rw] iops
8296
+ # The new provisioned IOPS value for the DB instance.
7770
8297
  # @return [Integer]
7771
8298
  #
7772
8299
  # @!attribute [rw] db_instance_identifier
8300
+ # The new DB instance identifier for the DB instance.
7773
8301
  # @return [String]
7774
8302
  #
7775
8303
  # @!attribute [rw] storage_type
8304
+ # The new storage type for the DB instance.
7776
8305
  # @return [String]
7777
8306
  #
7778
8307
  # @!attribute [rw] ca_certificate_identifier
8308
+ # The new CA certificate identifier for the DB instance.
7779
8309
  # @return [String]
7780
8310
  #
7781
8311
  # @!attribute [rw] db_subnet_group_name
8312
+ # The name of the new subnet group for the DB instance.
7782
8313
  # @return [String]
7783
8314
  #
7784
8315
  # @!attribute [rw] pending_cloud_watch_logs_exports
8316
+ # A list of log types that are being enabled or disabled.
7785
8317
  # @return [Types::AwsRdsPendingCloudWatchLogsExports]
7786
8318
  #
7787
8319
  # @!attribute [rw] processor_features
8320
+ # Processor features that are being updated.
7788
8321
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7789
8322
  #
7790
8323
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbPendingModifiedValues AWS API Documentation
@@ -7809,6 +8342,8 @@ module Aws::SecurityHub
7809
8342
  include Aws::Structure
7810
8343
  end
7811
8344
 
8345
+ # A processor feature.
8346
+ #
7812
8347
  # @note When making an API call, you may pass AwsRdsDbProcessorFeature
7813
8348
  # data as a hash:
7814
8349
  #
@@ -7818,9 +8353,11 @@ module Aws::SecurityHub
7818
8353
  # }
7819
8354
  #
7820
8355
  # @!attribute [rw] name
8356
+ # The name of the processor feature.
7821
8357
  # @return [String]
7822
8358
  #
7823
8359
  # @!attribute [rw] value
8360
+ # The value of the processor feature.
7824
8361
  # @return [String]
7825
8362
  #
7826
8363
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbProcessorFeature AWS API Documentation
@@ -7832,6 +8369,8 @@ module Aws::SecurityHub
7832
8369
  include Aws::Structure
7833
8370
  end
7834
8371
 
8372
+ # Provides details about an Amazon RDS DB cluster snapshot.
8373
+ #
7835
8374
  # @note When making an API call, you may pass AwsRdsDbSnapshotDetails
7836
8375
  # data as a hash:
7837
8376
  #
@@ -7871,84 +8410,120 @@ module Aws::SecurityHub
7871
8410
  # }
7872
8411
  #
7873
8412
  # @!attribute [rw] db_snapshot_identifier
8413
+ # The name or ARN of the DB snapshot that is used to restore the DB
8414
+ # instance.
7874
8415
  # @return [String]
7875
8416
  #
7876
8417
  # @!attribute [rw] db_instance_identifier
8418
+ # A name for the DB instance.
7877
8419
  # @return [String]
7878
8420
  #
7879
8421
  # @!attribute [rw] snapshot_create_time
8422
+ # When the snapshot was taken in Coordinated Universal Time (UTC).
7880
8423
  # @return [String]
7881
8424
  #
7882
8425
  # @!attribute [rw] engine
8426
+ # The name of the database engine to use for this DB instance.
7883
8427
  # @return [String]
7884
8428
  #
7885
8429
  # @!attribute [rw] allocated_storage
8430
+ # The amount of storage (in gigabytes) to be initially allocated for
8431
+ # the database instance.
7886
8432
  # @return [Integer]
7887
8433
  #
7888
8434
  # @!attribute [rw] status
8435
+ # The status of this DB snapshot.
7889
8436
  # @return [String]
7890
8437
  #
7891
8438
  # @!attribute [rw] port
8439
+ # The port that the database engine was listening on at the time of
8440
+ # the snapshot.
7892
8441
  # @return [Integer]
7893
8442
  #
7894
8443
  # @!attribute [rw] availability_zone
8444
+ # Specifies the name of the Availability Zone in which the DB instance
8445
+ # was located at the time of the DB snapshot.
7895
8446
  # @return [String]
7896
8447
  #
7897
8448
  # @!attribute [rw] vpc_id
8449
+ # The VPC ID associated with the DB snapshot.
7898
8450
  # @return [String]
7899
8451
  #
7900
8452
  # @!attribute [rw] instance_create_time
8453
+ # Specifies the time in Coordinated Universal Time (UTC) when the DB
8454
+ # instance, from which the snapshot was taken, was created.
7901
8455
  # @return [String]
7902
8456
  #
7903
8457
  # @!attribute [rw] master_username
8458
+ # The master user name for the DB snapshot.
7904
8459
  # @return [String]
7905
8460
  #
7906
8461
  # @!attribute [rw] engine_version
8462
+ # The version of the database engine.
7907
8463
  # @return [String]
7908
8464
  #
7909
8465
  # @!attribute [rw] license_model
8466
+ # License model information for the restored DB instance.
7910
8467
  # @return [String]
7911
8468
  #
7912
8469
  # @!attribute [rw] snapshot_type
8470
+ # The type of the DB snapshot.
7913
8471
  # @return [String]
7914
8472
  #
7915
8473
  # @!attribute [rw] iops
8474
+ # The provisioned IOPS (I/O operations per second) value of the DB
8475
+ # instance at the time of the snapshot.
7916
8476
  # @return [Integer]
7917
8477
  #
7918
8478
  # @!attribute [rw] option_group_name
8479
+ # The option group name for the DB snapshot.
7919
8480
  # @return [String]
7920
8481
  #
7921
8482
  # @!attribute [rw] percent_progress
8483
+ # The percentage of the estimated data that has been transferred.
7922
8484
  # @return [Integer]
7923
8485
  #
7924
8486
  # @!attribute [rw] source_region
8487
+ # The AWS Region that the DB snapshot was created in or copied from.
7925
8488
  # @return [String]
7926
8489
  #
7927
8490
  # @!attribute [rw] source_db_snapshot_identifier
8491
+ # The DB snapshot ARN that the DB snapshot was copied from.
7928
8492
  # @return [String]
7929
8493
  #
7930
8494
  # @!attribute [rw] storage_type
8495
+ # The storage type associated with the DB snapshot.
7931
8496
  # @return [String]
7932
8497
  #
7933
8498
  # @!attribute [rw] tde_credential_arn
8499
+ # The ARN from the key store with which to associate the instance for
8500
+ # TDE encryption.
7934
8501
  # @return [String]
7935
8502
  #
7936
8503
  # @!attribute [rw] encrypted
8504
+ # Whether the DB snapshot is encrypted.
7937
8505
  # @return [Boolean]
7938
8506
  #
7939
8507
  # @!attribute [rw] kms_key_id
8508
+ # If `Encrypted` is `true`, the AWS KMS key identifier for the
8509
+ # encrypted DB snapshot.
7940
8510
  # @return [String]
7941
8511
  #
7942
8512
  # @!attribute [rw] timezone
8513
+ # The time zone of the DB snapshot.
7943
8514
  # @return [String]
7944
8515
  #
7945
8516
  # @!attribute [rw] iam_database_authentication_enabled
8517
+ # Whether mapping of IAM accounts to database accounts is enabled.
7946
8518
  # @return [Boolean]
7947
8519
  #
7948
8520
  # @!attribute [rw] processor_features
8521
+ # The number of CPU cores and the number of threads per core for the
8522
+ # DB instance class of the DB instance.
7949
8523
  # @return [Array<Types::AwsRdsDbProcessorFeature>]
7950
8524
  #
7951
8525
  # @!attribute [rw] dbi_resource_id
8526
+ # The identifier for the source DB instance.
7952
8527
  # @return [String]
7953
8528
  #
7954
8529
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSnapshotDetails AWS API Documentation
@@ -9741,6 +10316,19 @@ module Aws::SecurityHub
9741
10316
  # },
9742
10317
  # ],
9743
10318
  # source_dest_check: false,
10319
+ # ip_v6_addresses: [
10320
+ # {
10321
+ # ip_v6_address: "NonEmptyString",
10322
+ # },
10323
+ # ],
10324
+ # private_ip_addresses: [
10325
+ # {
10326
+ # private_ip_address: "NonEmptyString",
10327
+ # private_dns_name: "NonEmptyString",
10328
+ # },
10329
+ # ],
10330
+ # public_dns_name: "NonEmptyString",
10331
+ # public_ip: "NonEmptyString",
9744
10332
  # },
9745
10333
  # aws_ec2_security_group: {
9746
10334
  # group_name: "NonEmptyString",
@@ -10241,6 +10829,30 @@ module Aws::SecurityHub
10241
10829
  # sns_topic_name: "NonEmptyString",
10242
10830
  # trail_arn: "NonEmptyString",
10243
10831
  # },
10832
+ # aws_ssm_patch_compliance: {
10833
+ # patch: {
10834
+ # compliance_summary: {
10835
+ # status: "NonEmptyString",
10836
+ # compliant_critical_count: 1,
10837
+ # compliant_high_count: 1,
10838
+ # compliant_medium_count: 1,
10839
+ # execution_type: "NonEmptyString",
10840
+ # non_compliant_critical_count: 1,
10841
+ # compliant_informational_count: 1,
10842
+ # non_compliant_informational_count: 1,
10843
+ # compliant_unspecified_count: 1,
10844
+ # non_compliant_low_count: 1,
10845
+ # non_compliant_high_count: 1,
10846
+ # compliant_low_count: 1,
10847
+ # compliance_type: "NonEmptyString",
10848
+ # patch_baseline_id: "NonEmptyString",
10849
+ # overall_severity: "NonEmptyString",
10850
+ # non_compliant_medium_count: 1,
10851
+ # non_compliant_unspecified_count: 1,
10852
+ # patch_group: "NonEmptyString",
10853
+ # },
10854
+ # },
10855
+ # },
10244
10856
  # aws_certificate_manager_certificate: {
10245
10857
  # certificate_authority_arn: "NonEmptyString",
10246
10858
  # created_at: "NonEmptyString",
@@ -11017,6 +11629,114 @@ module Aws::SecurityHub
11017
11629
  # reboot_option: "NonEmptyString",
11018
11630
  # operation: "NonEmptyString",
11019
11631
  # },
11632
+ # action: {
11633
+ # action_type: "NonEmptyString",
11634
+ # network_connection_action: {
11635
+ # connection_direction: "NonEmptyString",
11636
+ # remote_ip_details: {
11637
+ # ip_address_v4: "NonEmptyString",
11638
+ # organization: {
11639
+ # asn: 1,
11640
+ # asn_org: "NonEmptyString",
11641
+ # isp: "NonEmptyString",
11642
+ # org: "NonEmptyString",
11643
+ # },
11644
+ # country: {
11645
+ # country_code: "NonEmptyString",
11646
+ # country_name: "NonEmptyString",
11647
+ # },
11648
+ # city: {
11649
+ # city_name: "NonEmptyString",
11650
+ # },
11651
+ # geo_location: {
11652
+ # lon: 1.0,
11653
+ # lat: 1.0,
11654
+ # },
11655
+ # },
11656
+ # remote_port_details: {
11657
+ # port: 1,
11658
+ # port_name: "NonEmptyString",
11659
+ # },
11660
+ # local_port_details: {
11661
+ # port: 1,
11662
+ # port_name: "NonEmptyString",
11663
+ # },
11664
+ # protocol: "NonEmptyString",
11665
+ # blocked: false,
11666
+ # },
11667
+ # aws_api_call_action: {
11668
+ # api: "NonEmptyString",
11669
+ # service_name: "NonEmptyString",
11670
+ # caller_type: "NonEmptyString",
11671
+ # remote_ip_details: {
11672
+ # ip_address_v4: "NonEmptyString",
11673
+ # organization: {
11674
+ # asn: 1,
11675
+ # asn_org: "NonEmptyString",
11676
+ # isp: "NonEmptyString",
11677
+ # org: "NonEmptyString",
11678
+ # },
11679
+ # country: {
11680
+ # country_code: "NonEmptyString",
11681
+ # country_name: "NonEmptyString",
11682
+ # },
11683
+ # city: {
11684
+ # city_name: "NonEmptyString",
11685
+ # },
11686
+ # geo_location: {
11687
+ # lon: 1.0,
11688
+ # lat: 1.0,
11689
+ # },
11690
+ # },
11691
+ # domain_details: {
11692
+ # domain: "NonEmptyString",
11693
+ # },
11694
+ # affected_resources: {
11695
+ # "NonEmptyString" => "NonEmptyString",
11696
+ # },
11697
+ # first_seen: "NonEmptyString",
11698
+ # last_seen: "NonEmptyString",
11699
+ # },
11700
+ # dns_request_action: {
11701
+ # domain: "NonEmptyString",
11702
+ # protocol: "NonEmptyString",
11703
+ # blocked: false,
11704
+ # },
11705
+ # port_probe_action: {
11706
+ # port_probe_details: [
11707
+ # {
11708
+ # local_port_details: {
11709
+ # port: 1,
11710
+ # port_name: "NonEmptyString",
11711
+ # },
11712
+ # local_ip_details: {
11713
+ # ip_address_v4: "NonEmptyString",
11714
+ # },
11715
+ # remote_ip_details: {
11716
+ # ip_address_v4: "NonEmptyString",
11717
+ # organization: {
11718
+ # asn: 1,
11719
+ # asn_org: "NonEmptyString",
11720
+ # isp: "NonEmptyString",
11721
+ # org: "NonEmptyString",
11722
+ # },
11723
+ # country: {
11724
+ # country_code: "NonEmptyString",
11725
+ # country_name: "NonEmptyString",
11726
+ # },
11727
+ # city: {
11728
+ # city_name: "NonEmptyString",
11729
+ # },
11730
+ # geo_location: {
11731
+ # lon: 1.0,
11732
+ # lat: 1.0,
11733
+ # },
11734
+ # },
11735
+ # },
11736
+ # ],
11737
+ # blocked: false,
11738
+ # },
11739
+ # },
11020
11740
  # }
11021
11741
  #
11022
11742
  # @!attribute [rw] schema_version
@@ -11232,6 +11952,10 @@ module Aws::SecurityHub
11232
11952
  # against a selected compliance standard.
11233
11953
  # @return [Types::PatchSummary]
11234
11954
  #
11955
+ # @!attribute [rw] action
11956
+ # Provides details about an action that was detected for the finding.
11957
+ # @return [Types::Action]
11958
+ #
11235
11959
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11236
11960
  #
11237
11961
  class AwsSecurityFinding < Struct.new(
@@ -11268,7 +11992,8 @@ module Aws::SecurityHub
11268
11992
  :related_findings,
11269
11993
  :note,
11270
11994
  :vulnerabilities,
11271
- :patch_summary)
11995
+ :patch_summary,
11996
+ :action)
11272
11997
  SENSITIVE = []
11273
11998
  include Aws::Structure
11274
11999
  end
@@ -12196,6 +12921,14 @@ module Aws::SecurityHub
12196
12921
  #
12197
12922
  # * `NEW` - The initial state of a finding, before it is reviewed.
12198
12923
  #
12924
+ # Security Hub also resets the workflow status from `NOTIFIED` or
12925
+ # `RESOLVED` to `NEW` in the following cases:
12926
+ #
12927
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
12928
+ #
12929
+ # * The compliance status changes from `PASSED` to either `WARNING`,
12930
+ # `FAILED`, or `NOT_AVAILABLE`.
12931
+ #
12199
12932
  # * `NOTIFIED` - Indicates that the resource owner has been notified
12200
12933
  # about the security issue. Used when the initial reviewer is not
12201
12934
  # the resource owner, and needs intervention from the resource
@@ -12464,13 +13197,243 @@ module Aws::SecurityHub
12464
13197
  # exceeded.
12465
13198
  # @return [String]
12466
13199
  #
12467
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSqsQueueDetails AWS API Documentation
13200
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSqsQueueDetails AWS API Documentation
13201
+ #
13202
+ class AwsSqsQueueDetails < Struct.new(
13203
+ :kms_data_key_reuse_period_seconds,
13204
+ :kms_master_key_id,
13205
+ :queue_name,
13206
+ :dead_letter_target_arn)
13207
+ SENSITIVE = []
13208
+ include Aws::Structure
13209
+ end
13210
+
13211
+ # Provides the details about the compliance status for a patch.
13212
+ #
13213
+ # @note When making an API call, you may pass AwsSsmComplianceSummary
13214
+ # data as a hash:
13215
+ #
13216
+ # {
13217
+ # status: "NonEmptyString",
13218
+ # compliant_critical_count: 1,
13219
+ # compliant_high_count: 1,
13220
+ # compliant_medium_count: 1,
13221
+ # execution_type: "NonEmptyString",
13222
+ # non_compliant_critical_count: 1,
13223
+ # compliant_informational_count: 1,
13224
+ # non_compliant_informational_count: 1,
13225
+ # compliant_unspecified_count: 1,
13226
+ # non_compliant_low_count: 1,
13227
+ # non_compliant_high_count: 1,
13228
+ # compliant_low_count: 1,
13229
+ # compliance_type: "NonEmptyString",
13230
+ # patch_baseline_id: "NonEmptyString",
13231
+ # overall_severity: "NonEmptyString",
13232
+ # non_compliant_medium_count: 1,
13233
+ # non_compliant_unspecified_count: 1,
13234
+ # patch_group: "NonEmptyString",
13235
+ # }
13236
+ #
13237
+ # @!attribute [rw] status
13238
+ # The current patch compliance status.
13239
+ #
13240
+ # The possible status values are:
13241
+ #
13242
+ # * `COMPLIANT`
13243
+ #
13244
+ # * `NON_COMPLIANT`
13245
+ #
13246
+ # * `UNSPECIFIED_DATA`
13247
+ # @return [String]
13248
+ #
13249
+ # @!attribute [rw] compliant_critical_count
13250
+ # For the patches that are compliant, the number that have a severity
13251
+ # of `CRITICAL`.
13252
+ # @return [Integer]
13253
+ #
13254
+ # @!attribute [rw] compliant_high_count
13255
+ # For the patches that are compliant, the number that have a severity
13256
+ # of `HIGH`.
13257
+ # @return [Integer]
13258
+ #
13259
+ # @!attribute [rw] compliant_medium_count
13260
+ # For the patches that are compliant, the number that have a severity
13261
+ # of `MEDIUM`.
13262
+ # @return [Integer]
13263
+ #
13264
+ # @!attribute [rw] execution_type
13265
+ # The type of execution that was used determine compliance.
13266
+ # @return [String]
13267
+ #
13268
+ # @!attribute [rw] non_compliant_critical_count
13269
+ # For the patch items that are noncompliant, the number of items that
13270
+ # have a severity of `CRITICAL`.
13271
+ # @return [Integer]
13272
+ #
13273
+ # @!attribute [rw] compliant_informational_count
13274
+ # For the patches that are compliant, the number that have a severity
13275
+ # of `INFORMATIONAL`.
13276
+ # @return [Integer]
13277
+ #
13278
+ # @!attribute [rw] non_compliant_informational_count
13279
+ # For the patches that are noncompliant, the number that have a
13280
+ # severity of `INFORMATIONAL`.
13281
+ # @return [Integer]
13282
+ #
13283
+ # @!attribute [rw] compliant_unspecified_count
13284
+ # For the patches that are compliant, the number that have a severity
13285
+ # of `UNSPECIFIED`.
13286
+ # @return [Integer]
13287
+ #
13288
+ # @!attribute [rw] non_compliant_low_count
13289
+ # For the patches that are noncompliant, the number that have a
13290
+ # severity of `LOW`.
13291
+ # @return [Integer]
13292
+ #
13293
+ # @!attribute [rw] non_compliant_high_count
13294
+ # For the patches that are noncompliant, the number that have a
13295
+ # severity of `HIGH`.
13296
+ # @return [Integer]
13297
+ #
13298
+ # @!attribute [rw] compliant_low_count
13299
+ # For the patches that are compliant, the number that have a severity
13300
+ # of `LOW`.
13301
+ # @return [Integer]
13302
+ #
13303
+ # @!attribute [rw] compliance_type
13304
+ # The type of resource for which the compliance was determined. For
13305
+ # `AwsSsmPatchCompliance`, `ComplianceType` is `Patch`.
13306
+ # @return [String]
13307
+ #
13308
+ # @!attribute [rw] patch_baseline_id
13309
+ # The identifier of the patch baseline. The patch baseline lists the
13310
+ # patches that are approved for installation.
13311
+ # @return [String]
13312
+ #
13313
+ # @!attribute [rw] overall_severity
13314
+ # The highest severity for the patches.
13315
+ # @return [String]
13316
+ #
13317
+ # @!attribute [rw] non_compliant_medium_count
13318
+ # For the patches that are noncompliant, the number that have a
13319
+ # severity of `MEDIUM`.
13320
+ # @return [Integer]
13321
+ #
13322
+ # @!attribute [rw] non_compliant_unspecified_count
13323
+ # For the patches that are noncompliant, the number that have a
13324
+ # severity of `UNSPECIFIED`.
13325
+ # @return [Integer]
13326
+ #
13327
+ # @!attribute [rw] patch_group
13328
+ # The identifier of the patch group for which compliance was
13329
+ # determined. A patch group uses tags to group EC2 instances that
13330
+ # should have the same patch compliance.
13331
+ # @return [String]
13332
+ #
13333
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmComplianceSummary AWS API Documentation
13334
+ #
13335
+ class AwsSsmComplianceSummary < Struct.new(
13336
+ :status,
13337
+ :compliant_critical_count,
13338
+ :compliant_high_count,
13339
+ :compliant_medium_count,
13340
+ :execution_type,
13341
+ :non_compliant_critical_count,
13342
+ :compliant_informational_count,
13343
+ :non_compliant_informational_count,
13344
+ :compliant_unspecified_count,
13345
+ :non_compliant_low_count,
13346
+ :non_compliant_high_count,
13347
+ :compliant_low_count,
13348
+ :compliance_type,
13349
+ :patch_baseline_id,
13350
+ :overall_severity,
13351
+ :non_compliant_medium_count,
13352
+ :non_compliant_unspecified_count,
13353
+ :patch_group)
13354
+ SENSITIVE = []
13355
+ include Aws::Structure
13356
+ end
13357
+
13358
+ # Provides details about the compliance for a patch.
13359
+ #
13360
+ # @note When making an API call, you may pass AwsSsmPatch
13361
+ # data as a hash:
13362
+ #
13363
+ # {
13364
+ # compliance_summary: {
13365
+ # status: "NonEmptyString",
13366
+ # compliant_critical_count: 1,
13367
+ # compliant_high_count: 1,
13368
+ # compliant_medium_count: 1,
13369
+ # execution_type: "NonEmptyString",
13370
+ # non_compliant_critical_count: 1,
13371
+ # compliant_informational_count: 1,
13372
+ # non_compliant_informational_count: 1,
13373
+ # compliant_unspecified_count: 1,
13374
+ # non_compliant_low_count: 1,
13375
+ # non_compliant_high_count: 1,
13376
+ # compliant_low_count: 1,
13377
+ # compliance_type: "NonEmptyString",
13378
+ # patch_baseline_id: "NonEmptyString",
13379
+ # overall_severity: "NonEmptyString",
13380
+ # non_compliant_medium_count: 1,
13381
+ # non_compliant_unspecified_count: 1,
13382
+ # patch_group: "NonEmptyString",
13383
+ # },
13384
+ # }
13385
+ #
13386
+ # @!attribute [rw] compliance_summary
13387
+ # The compliance status details for the patch.
13388
+ # @return [Types::AwsSsmComplianceSummary]
13389
+ #
13390
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
13391
+ #
13392
+ class AwsSsmPatch < Struct.new(
13393
+ :compliance_summary)
13394
+ SENSITIVE = []
13395
+ include Aws::Structure
13396
+ end
13397
+
13398
+ # Provides information about the state of a patch on an instance based
13399
+ # on the patch baseline that was used to patch the instance.
13400
+ #
13401
+ # @note When making an API call, you may pass AwsSsmPatchComplianceDetails
13402
+ # data as a hash:
13403
+ #
13404
+ # {
13405
+ # patch: {
13406
+ # compliance_summary: {
13407
+ # status: "NonEmptyString",
13408
+ # compliant_critical_count: 1,
13409
+ # compliant_high_count: 1,
13410
+ # compliant_medium_count: 1,
13411
+ # execution_type: "NonEmptyString",
13412
+ # non_compliant_critical_count: 1,
13413
+ # compliant_informational_count: 1,
13414
+ # non_compliant_informational_count: 1,
13415
+ # compliant_unspecified_count: 1,
13416
+ # non_compliant_low_count: 1,
13417
+ # non_compliant_high_count: 1,
13418
+ # compliant_low_count: 1,
13419
+ # compliance_type: "NonEmptyString",
13420
+ # patch_baseline_id: "NonEmptyString",
13421
+ # overall_severity: "NonEmptyString",
13422
+ # non_compliant_medium_count: 1,
13423
+ # non_compliant_unspecified_count: 1,
13424
+ # patch_group: "NonEmptyString",
13425
+ # },
13426
+ # },
13427
+ # }
13428
+ #
13429
+ # @!attribute [rw] patch
13430
+ # Information about the status of a patch.
13431
+ # @return [Types::AwsSsmPatch]
12468
13432
  #
12469
- class AwsSqsQueueDetails < Struct.new(
12470
- :kms_data_key_reuse_period_seconds,
12471
- :kms_master_key_id,
12472
- :queue_name,
12473
- :dead_letter_target_arn)
13433
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
13434
+ #
13435
+ class AwsSsmPatchComplianceDetails < Struct.new(
13436
+ :patch)
12474
13437
  SENSITIVE = []
12475
13438
  include Aws::Structure
12476
13439
  end
@@ -12937,6 +13900,19 @@ module Aws::SecurityHub
12937
13900
  # },
12938
13901
  # ],
12939
13902
  # source_dest_check: false,
13903
+ # ip_v6_addresses: [
13904
+ # {
13905
+ # ip_v6_address: "NonEmptyString",
13906
+ # },
13907
+ # ],
13908
+ # private_ip_addresses: [
13909
+ # {
13910
+ # private_ip_address: "NonEmptyString",
13911
+ # private_dns_name: "NonEmptyString",
13912
+ # },
13913
+ # ],
13914
+ # public_dns_name: "NonEmptyString",
13915
+ # public_ip: "NonEmptyString",
12940
13916
  # },
12941
13917
  # aws_ec2_security_group: {
12942
13918
  # group_name: "NonEmptyString",
@@ -13437,6 +14413,30 @@ module Aws::SecurityHub
13437
14413
  # sns_topic_name: "NonEmptyString",
13438
14414
  # trail_arn: "NonEmptyString",
13439
14415
  # },
14416
+ # aws_ssm_patch_compliance: {
14417
+ # patch: {
14418
+ # compliance_summary: {
14419
+ # status: "NonEmptyString",
14420
+ # compliant_critical_count: 1,
14421
+ # compliant_high_count: 1,
14422
+ # compliant_medium_count: 1,
14423
+ # execution_type: "NonEmptyString",
14424
+ # non_compliant_critical_count: 1,
14425
+ # compliant_informational_count: 1,
14426
+ # non_compliant_informational_count: 1,
14427
+ # compliant_unspecified_count: 1,
14428
+ # non_compliant_low_count: 1,
14429
+ # non_compliant_high_count: 1,
14430
+ # compliant_low_count: 1,
14431
+ # compliance_type: "NonEmptyString",
14432
+ # patch_baseline_id: "NonEmptyString",
14433
+ # overall_severity: "NonEmptyString",
14434
+ # non_compliant_medium_count: 1,
14435
+ # non_compliant_unspecified_count: 1,
14436
+ # patch_group: "NonEmptyString",
14437
+ # },
14438
+ # },
14439
+ # },
13440
14440
  # aws_certificate_manager_certificate: {
13441
14441
  # certificate_authority_arn: "NonEmptyString",
13442
14442
  # created_at: "NonEmptyString",
@@ -14213,6 +15213,114 @@ module Aws::SecurityHub
14213
15213
  # reboot_option: "NonEmptyString",
14214
15214
  # operation: "NonEmptyString",
14215
15215
  # },
15216
+ # action: {
15217
+ # action_type: "NonEmptyString",
15218
+ # network_connection_action: {
15219
+ # connection_direction: "NonEmptyString",
15220
+ # remote_ip_details: {
15221
+ # ip_address_v4: "NonEmptyString",
15222
+ # organization: {
15223
+ # asn: 1,
15224
+ # asn_org: "NonEmptyString",
15225
+ # isp: "NonEmptyString",
15226
+ # org: "NonEmptyString",
15227
+ # },
15228
+ # country: {
15229
+ # country_code: "NonEmptyString",
15230
+ # country_name: "NonEmptyString",
15231
+ # },
15232
+ # city: {
15233
+ # city_name: "NonEmptyString",
15234
+ # },
15235
+ # geo_location: {
15236
+ # lon: 1.0,
15237
+ # lat: 1.0,
15238
+ # },
15239
+ # },
15240
+ # remote_port_details: {
15241
+ # port: 1,
15242
+ # port_name: "NonEmptyString",
15243
+ # },
15244
+ # local_port_details: {
15245
+ # port: 1,
15246
+ # port_name: "NonEmptyString",
15247
+ # },
15248
+ # protocol: "NonEmptyString",
15249
+ # blocked: false,
15250
+ # },
15251
+ # aws_api_call_action: {
15252
+ # api: "NonEmptyString",
15253
+ # service_name: "NonEmptyString",
15254
+ # caller_type: "NonEmptyString",
15255
+ # remote_ip_details: {
15256
+ # ip_address_v4: "NonEmptyString",
15257
+ # organization: {
15258
+ # asn: 1,
15259
+ # asn_org: "NonEmptyString",
15260
+ # isp: "NonEmptyString",
15261
+ # org: "NonEmptyString",
15262
+ # },
15263
+ # country: {
15264
+ # country_code: "NonEmptyString",
15265
+ # country_name: "NonEmptyString",
15266
+ # },
15267
+ # city: {
15268
+ # city_name: "NonEmptyString",
15269
+ # },
15270
+ # geo_location: {
15271
+ # lon: 1.0,
15272
+ # lat: 1.0,
15273
+ # },
15274
+ # },
15275
+ # domain_details: {
15276
+ # domain: "NonEmptyString",
15277
+ # },
15278
+ # affected_resources: {
15279
+ # "NonEmptyString" => "NonEmptyString",
15280
+ # },
15281
+ # first_seen: "NonEmptyString",
15282
+ # last_seen: "NonEmptyString",
15283
+ # },
15284
+ # dns_request_action: {
15285
+ # domain: "NonEmptyString",
15286
+ # protocol: "NonEmptyString",
15287
+ # blocked: false,
15288
+ # },
15289
+ # port_probe_action: {
15290
+ # port_probe_details: [
15291
+ # {
15292
+ # local_port_details: {
15293
+ # port: 1,
15294
+ # port_name: "NonEmptyString",
15295
+ # },
15296
+ # local_ip_details: {
15297
+ # ip_address_v4: "NonEmptyString",
15298
+ # },
15299
+ # remote_ip_details: {
15300
+ # ip_address_v4: "NonEmptyString",
15301
+ # organization: {
15302
+ # asn: 1,
15303
+ # asn_org: "NonEmptyString",
15304
+ # isp: "NonEmptyString",
15305
+ # org: "NonEmptyString",
15306
+ # },
15307
+ # country: {
15308
+ # country_code: "NonEmptyString",
15309
+ # country_name: "NonEmptyString",
15310
+ # },
15311
+ # city: {
15312
+ # city_name: "NonEmptyString",
15313
+ # },
15314
+ # geo_location: {
15315
+ # lon: 1.0,
15316
+ # lat: 1.0,
15317
+ # },
15318
+ # },
15319
+ # },
15320
+ # ],
15321
+ # blocked: false,
15322
+ # },
15323
+ # },
14216
15324
  # },
14217
15325
  # ],
14218
15326
  # }
@@ -14469,6 +15577,27 @@ module Aws::SecurityHub
14469
15577
  include Aws::Structure
14470
15578
  end
14471
15579
 
15580
+ # Information about a city.
15581
+ #
15582
+ # @note When making an API call, you may pass City
15583
+ # data as a hash:
15584
+ #
15585
+ # {
15586
+ # city_name: "NonEmptyString",
15587
+ # }
15588
+ #
15589
+ # @!attribute [rw] city_name
15590
+ # The name of the city.
15591
+ # @return [String]
15592
+ #
15593
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/City AWS API Documentation
15594
+ #
15595
+ class City < Struct.new(
15596
+ :city_name)
15597
+ SENSITIVE = []
15598
+ include Aws::Structure
15599
+ end
15600
+
14472
15601
  # Contains finding details that are specific to control-based findings.
14473
15602
  # Only returned for findings generated from controls.
14474
15603
  #
@@ -14580,6 +15709,33 @@ module Aws::SecurityHub
14580
15709
  include Aws::Structure
14581
15710
  end
14582
15711
 
15712
+ # Information about a country.
15713
+ #
15714
+ # @note When making an API call, you may pass Country
15715
+ # data as a hash:
15716
+ #
15717
+ # {
15718
+ # country_code: "NonEmptyString",
15719
+ # country_name: "NonEmptyString",
15720
+ # }
15721
+ #
15722
+ # @!attribute [rw] country_code
15723
+ # The 2-letter ISO 3166 country code for the country.
15724
+ # @return [String]
15725
+ #
15726
+ # @!attribute [rw] country_name
15727
+ # The name of the country.
15728
+ # @return [String]
15729
+ #
15730
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Country AWS API Documentation
15731
+ #
15732
+ class Country < Struct.new(
15733
+ :country_code,
15734
+ :country_name)
15735
+ SENSITIVE = []
15736
+ include Aws::Structure
15737
+ end
15738
+
14583
15739
  # @note When making an API call, you may pass CreateActionTargetRequest
14584
15740
  # data as a hash:
14585
15741
  #
@@ -15895,6 +17051,40 @@ module Aws::SecurityHub
15895
17051
  #
15896
17052
  class DisassociateMembersResponse < Aws::EmptyStructure; end
15897
17053
 
17054
+ # Provided if `ActionType` is `DNS_REQUEST`. It provides details about
17055
+ # the DNS request that was detected.
17056
+ #
17057
+ # @note When making an API call, you may pass DnsRequestAction
17058
+ # data as a hash:
17059
+ #
17060
+ # {
17061
+ # domain: "NonEmptyString",
17062
+ # protocol: "NonEmptyString",
17063
+ # blocked: false,
17064
+ # }
17065
+ #
17066
+ # @!attribute [rw] domain
17067
+ # The DNS domain that is associated with the DNS request.
17068
+ # @return [String]
17069
+ #
17070
+ # @!attribute [rw] protocol
17071
+ # The protocol that was used for the DNS request.
17072
+ # @return [String]
17073
+ #
17074
+ # @!attribute [rw] blocked
17075
+ # Indicates whether the DNS request was blocked.
17076
+ # @return [Boolean]
17077
+ #
17078
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DnsRequestAction AWS API Documentation
17079
+ #
17080
+ class DnsRequestAction < Struct.new(
17081
+ :domain,
17082
+ :protocol,
17083
+ :blocked)
17084
+ SENSITIVE = []
17085
+ include Aws::Structure
17086
+ end
17087
+
15898
17088
  # @note When making an API call, you may pass EnableImportFindingsForProductRequest
15899
17089
  # data as a hash:
15900
17090
  #
@@ -15986,6 +17176,33 @@ module Aws::SecurityHub
15986
17176
  #
15987
17177
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
15988
17178
 
17179
+ # Provides the latitude and longitude coordinates of a location.
17180
+ #
17181
+ # @note When making an API call, you may pass GeoLocation
17182
+ # data as a hash:
17183
+ #
17184
+ # {
17185
+ # lon: 1.0,
17186
+ # lat: 1.0,
17187
+ # }
17188
+ #
17189
+ # @!attribute [rw] lon
17190
+ # The longitude of the location.
17191
+ # @return [Float]
17192
+ #
17193
+ # @!attribute [rw] lat
17194
+ # The latitude of the location.
17195
+ # @return [Float]
17196
+ #
17197
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeoLocation AWS API Documentation
17198
+ #
17199
+ class GeoLocation < Struct.new(
17200
+ :lon,
17201
+ :lat)
17202
+ SENSITIVE = []
17203
+ include Aws::Structure
17204
+ end
17205
+
15989
17206
  # @note When making an API call, you may pass GetEnabledStandardsRequest
15990
17207
  # data as a hash:
15991
17208
  #
@@ -17080,6 +18297,45 @@ module Aws::SecurityHub
17080
18297
  include Aws::Structure
17081
18298
  end
17082
18299
 
18300
+ # Provides information about an internet provider.
18301
+ #
18302
+ # @note When making an API call, you may pass IpOrganizationDetails
18303
+ # data as a hash:
18304
+ #
18305
+ # {
18306
+ # asn: 1,
18307
+ # asn_org: "NonEmptyString",
18308
+ # isp: "NonEmptyString",
18309
+ # org: "NonEmptyString",
18310
+ # }
18311
+ #
18312
+ # @!attribute [rw] asn
18313
+ # The Autonomous System Number (ASN) of the internet provider
18314
+ # @return [Integer]
18315
+ #
18316
+ # @!attribute [rw] asn_org
18317
+ # The name of the organization that registered the ASN.
18318
+ # @return [String]
18319
+ #
18320
+ # @!attribute [rw] isp
18321
+ # The ISP information for the internet provider.
18322
+ # @return [String]
18323
+ #
18324
+ # @!attribute [rw] org
18325
+ # The name of the internet provider.
18326
+ # @return [String]
18327
+ #
18328
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IpOrganizationDetails AWS API Documentation
18329
+ #
18330
+ class IpOrganizationDetails < Struct.new(
18331
+ :asn,
18332
+ :asn_org,
18333
+ :isp,
18334
+ :org)
18335
+ SENSITIVE = []
18336
+ include Aws::Structure
18337
+ end
18338
+
17083
18339
  # An IPV6 CIDR block association.
17084
18340
  #
17085
18341
  # @note When making an API call, you may pass Ipv6CidrBlockAssociation
@@ -17681,6 +18937,84 @@ module Aws::SecurityHub
17681
18937
  include Aws::Structure
17682
18938
  end
17683
18939
 
18940
+ # Provided if `ActionType` is `NETWORK_CONNECTION`. It provides details
18941
+ # about the attempted network connection that was detected.
18942
+ #
18943
+ # @note When making an API call, you may pass NetworkConnectionAction
18944
+ # data as a hash:
18945
+ #
18946
+ # {
18947
+ # connection_direction: "NonEmptyString",
18948
+ # remote_ip_details: {
18949
+ # ip_address_v4: "NonEmptyString",
18950
+ # organization: {
18951
+ # asn: 1,
18952
+ # asn_org: "NonEmptyString",
18953
+ # isp: "NonEmptyString",
18954
+ # org: "NonEmptyString",
18955
+ # },
18956
+ # country: {
18957
+ # country_code: "NonEmptyString",
18958
+ # country_name: "NonEmptyString",
18959
+ # },
18960
+ # city: {
18961
+ # city_name: "NonEmptyString",
18962
+ # },
18963
+ # geo_location: {
18964
+ # lon: 1.0,
18965
+ # lat: 1.0,
18966
+ # },
18967
+ # },
18968
+ # remote_port_details: {
18969
+ # port: 1,
18970
+ # port_name: "NonEmptyString",
18971
+ # },
18972
+ # local_port_details: {
18973
+ # port: 1,
18974
+ # port_name: "NonEmptyString",
18975
+ # },
18976
+ # protocol: "NonEmptyString",
18977
+ # blocked: false,
18978
+ # }
18979
+ #
18980
+ # @!attribute [rw] connection_direction
18981
+ # The direction of the network connection request (`IN` or `OUT`).
18982
+ # @return [String]
18983
+ #
18984
+ # @!attribute [rw] remote_ip_details
18985
+ # Information about the remote IP address that issued the network
18986
+ # connection request.
18987
+ # @return [Types::ActionRemoteIpDetails]
18988
+ #
18989
+ # @!attribute [rw] remote_port_details
18990
+ # Information about the port on the remote IP address.
18991
+ # @return [Types::ActionRemotePortDetails]
18992
+ #
18993
+ # @!attribute [rw] local_port_details
18994
+ # Information about the port on the EC2 instance.
18995
+ # @return [Types::ActionLocalPortDetails]
18996
+ #
18997
+ # @!attribute [rw] protocol
18998
+ # The protocol used to make the network connection request.
18999
+ # @return [String]
19000
+ #
19001
+ # @!attribute [rw] blocked
19002
+ # Indicates whether the network connection attempt was blocked.
19003
+ # @return [Boolean]
19004
+ #
19005
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NetworkConnectionAction AWS API Documentation
19006
+ #
19007
+ class NetworkConnectionAction < Struct.new(
19008
+ :connection_direction,
19009
+ :remote_ip_details,
19010
+ :remote_port_details,
19011
+ :local_port_details,
19012
+ :protocol,
19013
+ :blocked)
19014
+ SENSITIVE = []
19015
+ include Aws::Structure
19016
+ end
19017
+
17684
19018
  # Details about a network path component that occurs before or after the
17685
19019
  # current component.
17686
19020
  #
@@ -18056,6 +19390,126 @@ module Aws::SecurityHub
18056
19390
  include Aws::Structure
18057
19391
  end
18058
19392
 
19393
+ # Provided if `ActionType` is `PORT_PROBE`. It provides details about
19394
+ # the attempted port probe that was detected.
19395
+ #
19396
+ # @note When making an API call, you may pass PortProbeAction
19397
+ # data as a hash:
19398
+ #
19399
+ # {
19400
+ # port_probe_details: [
19401
+ # {
19402
+ # local_port_details: {
19403
+ # port: 1,
19404
+ # port_name: "NonEmptyString",
19405
+ # },
19406
+ # local_ip_details: {
19407
+ # ip_address_v4: "NonEmptyString",
19408
+ # },
19409
+ # remote_ip_details: {
19410
+ # ip_address_v4: "NonEmptyString",
19411
+ # organization: {
19412
+ # asn: 1,
19413
+ # asn_org: "NonEmptyString",
19414
+ # isp: "NonEmptyString",
19415
+ # org: "NonEmptyString",
19416
+ # },
19417
+ # country: {
19418
+ # country_code: "NonEmptyString",
19419
+ # country_name: "NonEmptyString",
19420
+ # },
19421
+ # city: {
19422
+ # city_name: "NonEmptyString",
19423
+ # },
19424
+ # geo_location: {
19425
+ # lon: 1.0,
19426
+ # lat: 1.0,
19427
+ # },
19428
+ # },
19429
+ # },
19430
+ # ],
19431
+ # blocked: false,
19432
+ # }
19433
+ #
19434
+ # @!attribute [rw] port_probe_details
19435
+ # Information about the ports affected by the port probe.
19436
+ # @return [Array<Types::PortProbeDetail>]
19437
+ #
19438
+ # @!attribute [rw] blocked
19439
+ # Indicates whether the port probe was blocked.
19440
+ # @return [Boolean]
19441
+ #
19442
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeAction AWS API Documentation
19443
+ #
19444
+ class PortProbeAction < Struct.new(
19445
+ :port_probe_details,
19446
+ :blocked)
19447
+ SENSITIVE = []
19448
+ include Aws::Structure
19449
+ end
19450
+
19451
+ # A port scan that was part of the port probe. For each scan,
19452
+ # PortProbeDetails provides information about the local IP address and
19453
+ # port that were scanned, and the remote IP address that the scan
19454
+ # originated from.
19455
+ #
19456
+ # @note When making an API call, you may pass PortProbeDetail
19457
+ # data as a hash:
19458
+ #
19459
+ # {
19460
+ # local_port_details: {
19461
+ # port: 1,
19462
+ # port_name: "NonEmptyString",
19463
+ # },
19464
+ # local_ip_details: {
19465
+ # ip_address_v4: "NonEmptyString",
19466
+ # },
19467
+ # remote_ip_details: {
19468
+ # ip_address_v4: "NonEmptyString",
19469
+ # organization: {
19470
+ # asn: 1,
19471
+ # asn_org: "NonEmptyString",
19472
+ # isp: "NonEmptyString",
19473
+ # org: "NonEmptyString",
19474
+ # },
19475
+ # country: {
19476
+ # country_code: "NonEmptyString",
19477
+ # country_name: "NonEmptyString",
19478
+ # },
19479
+ # city: {
19480
+ # city_name: "NonEmptyString",
19481
+ # },
19482
+ # geo_location: {
19483
+ # lon: 1.0,
19484
+ # lat: 1.0,
19485
+ # },
19486
+ # },
19487
+ # }
19488
+ #
19489
+ # @!attribute [rw] local_port_details
19490
+ # Provides information about the port that was scanned.
19491
+ # @return [Types::ActionLocalPortDetails]
19492
+ #
19493
+ # @!attribute [rw] local_ip_details
19494
+ # Provides information about the IP address where the scanned port is
19495
+ # located.
19496
+ # @return [Types::ActionLocalIpDetails]
19497
+ #
19498
+ # @!attribute [rw] remote_ip_details
19499
+ # Provides information about the remote IP address that performed the
19500
+ # scan.
19501
+ # @return [Types::ActionRemoteIpDetails]
19502
+ #
19503
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortProbeDetail AWS API Documentation
19504
+ #
19505
+ class PortProbeDetail < Struct.new(
19506
+ :local_port_details,
19507
+ :local_ip_details,
19508
+ :remote_ip_details)
19509
+ SENSITIVE = []
19510
+ include Aws::Structure
19511
+ end
19512
+
18059
19513
  # A range of ports.
18060
19514
  #
18061
19515
  # @note When making an API call, you may pass PortRange
@@ -18418,6 +19872,19 @@ module Aws::SecurityHub
18418
19872
  # },
18419
19873
  # ],
18420
19874
  # source_dest_check: false,
19875
+ # ip_v6_addresses: [
19876
+ # {
19877
+ # ip_v6_address: "NonEmptyString",
19878
+ # },
19879
+ # ],
19880
+ # private_ip_addresses: [
19881
+ # {
19882
+ # private_ip_address: "NonEmptyString",
19883
+ # private_dns_name: "NonEmptyString",
19884
+ # },
19885
+ # ],
19886
+ # public_dns_name: "NonEmptyString",
19887
+ # public_ip: "NonEmptyString",
18421
19888
  # },
18422
19889
  # aws_ec2_security_group: {
18423
19890
  # group_name: "NonEmptyString",
@@ -18918,6 +20385,30 @@ module Aws::SecurityHub
18918
20385
  # sns_topic_name: "NonEmptyString",
18919
20386
  # trail_arn: "NonEmptyString",
18920
20387
  # },
20388
+ # aws_ssm_patch_compliance: {
20389
+ # patch: {
20390
+ # compliance_summary: {
20391
+ # status: "NonEmptyString",
20392
+ # compliant_critical_count: 1,
20393
+ # compliant_high_count: 1,
20394
+ # compliant_medium_count: 1,
20395
+ # execution_type: "NonEmptyString",
20396
+ # non_compliant_critical_count: 1,
20397
+ # compliant_informational_count: 1,
20398
+ # non_compliant_informational_count: 1,
20399
+ # compliant_unspecified_count: 1,
20400
+ # non_compliant_low_count: 1,
20401
+ # non_compliant_high_count: 1,
20402
+ # compliant_low_count: 1,
20403
+ # compliance_type: "NonEmptyString",
20404
+ # patch_baseline_id: "NonEmptyString",
20405
+ # overall_severity: "NonEmptyString",
20406
+ # non_compliant_medium_count: 1,
20407
+ # non_compliant_unspecified_count: 1,
20408
+ # patch_group: "NonEmptyString",
20409
+ # },
20410
+ # },
20411
+ # },
18921
20412
  # aws_certificate_manager_certificate: {
18922
20413
  # certificate_authority_arn: "NonEmptyString",
18923
20414
  # created_at: "NonEmptyString",
@@ -19648,6 +21139,8 @@ module Aws::SecurityHub
19648
21139
  # @return [String]
19649
21140
  #
19650
21141
  # @!attribute [rw] resource_role
21142
+ # Identifies the role of the resource in the finding. A resource is
21143
+ # either the actor or target of the finding activity,
19651
21144
  # @return [String]
19652
21145
  #
19653
21146
  # @!attribute [rw] tags
@@ -19817,6 +21310,19 @@ module Aws::SecurityHub
19817
21310
  # },
19818
21311
  # ],
19819
21312
  # source_dest_check: false,
21313
+ # ip_v6_addresses: [
21314
+ # {
21315
+ # ip_v6_address: "NonEmptyString",
21316
+ # },
21317
+ # ],
21318
+ # private_ip_addresses: [
21319
+ # {
21320
+ # private_ip_address: "NonEmptyString",
21321
+ # private_dns_name: "NonEmptyString",
21322
+ # },
21323
+ # ],
21324
+ # public_dns_name: "NonEmptyString",
21325
+ # public_ip: "NonEmptyString",
19820
21326
  # },
19821
21327
  # aws_ec2_security_group: {
19822
21328
  # group_name: "NonEmptyString",
@@ -20317,6 +21823,30 @@ module Aws::SecurityHub
20317
21823
  # sns_topic_name: "NonEmptyString",
20318
21824
  # trail_arn: "NonEmptyString",
20319
21825
  # },
21826
+ # aws_ssm_patch_compliance: {
21827
+ # patch: {
21828
+ # compliance_summary: {
21829
+ # status: "NonEmptyString",
21830
+ # compliant_critical_count: 1,
21831
+ # compliant_high_count: 1,
21832
+ # compliant_medium_count: 1,
21833
+ # execution_type: "NonEmptyString",
21834
+ # non_compliant_critical_count: 1,
21835
+ # compliant_informational_count: 1,
21836
+ # non_compliant_informational_count: 1,
21837
+ # compliant_unspecified_count: 1,
21838
+ # non_compliant_low_count: 1,
21839
+ # non_compliant_high_count: 1,
21840
+ # compliant_low_count: 1,
21841
+ # compliance_type: "NonEmptyString",
21842
+ # patch_baseline_id: "NonEmptyString",
21843
+ # overall_severity: "NonEmptyString",
21844
+ # non_compliant_medium_count: 1,
21845
+ # non_compliant_unspecified_count: 1,
21846
+ # patch_group: "NonEmptyString",
21847
+ # },
21848
+ # },
21849
+ # },
20320
21850
  # aws_certificate_manager_certificate: {
20321
21851
  # certificate_authority_arn: "NonEmptyString",
20322
21852
  # created_at: "NonEmptyString",
@@ -21091,9 +22621,11 @@ module Aws::SecurityHub
21091
22621
  # @return [Types::AwsIamPolicyDetails]
21092
22622
  #
21093
22623
  # @!attribute [rw] aws_api_gateway_v2_stage
22624
+ # Provides information about a version 2 stage for Amazon API Gateway.
21094
22625
  # @return [Types::AwsApiGatewayV2StageDetails]
21095
22626
  #
21096
22627
  # @!attribute [rw] aws_api_gateway_v2_api
22628
+ # Provides information about a version 2 API in Amazon API Gateway.
21097
22629
  # @return [Types::AwsApiGatewayV2ApiDetails]
21098
22630
  #
21099
22631
  # @!attribute [rw] aws_dynamo_db_table
@@ -21101,24 +22633,37 @@ module Aws::SecurityHub
21101
22633
  # @return [Types::AwsDynamoDbTableDetails]
21102
22634
  #
21103
22635
  # @!attribute [rw] aws_api_gateway_stage
22636
+ # Provides information about a version 1 Amazon API Gateway stage.
21104
22637
  # @return [Types::AwsApiGatewayStageDetails]
21105
22638
  #
21106
22639
  # @!attribute [rw] aws_api_gateway_rest_api
22640
+ # Provides information about a REST API in version 1 of Amazon API
22641
+ # Gateway.
21107
22642
  # @return [Types::AwsApiGatewayRestApiDetails]
21108
22643
  #
21109
22644
  # @!attribute [rw] aws_cloud_trail_trail
22645
+ # Provides details about a CloudTrail trail.
21110
22646
  # @return [Types::AwsCloudTrailTrailDetails]
21111
22647
  #
22648
+ # @!attribute [rw] aws_ssm_patch_compliance
22649
+ # Provides information about the state of a patch on an instance based
22650
+ # on the patch baseline that was used to patch the instance.
22651
+ # @return [Types::AwsSsmPatchComplianceDetails]
22652
+ #
21112
22653
  # @!attribute [rw] aws_certificate_manager_certificate
22654
+ # Provides details about an AWS Certificate Manager (ACM) certificate.
21113
22655
  # @return [Types::AwsCertificateManagerCertificateDetails]
21114
22656
  #
21115
22657
  # @!attribute [rw] aws_redshift_cluster
22658
+ # Contains details about an Amazon Redshift cluster.
21116
22659
  # @return [Types::AwsRedshiftClusterDetails]
21117
22660
  #
21118
22661
  # @!attribute [rw] aws_elb_load_balancer
22662
+ # contains details about a Classic Load Balancer.
21119
22663
  # @return [Types::AwsElbLoadBalancerDetails]
21120
22664
  #
21121
22665
  # @!attribute [rw] aws_iam_group
22666
+ # Contains details about an IAM group.
21122
22667
  # @return [Types::AwsIamGroupDetails]
21123
22668
  #
21124
22669
  # @!attribute [rw] aws_iam_role
@@ -21209,6 +22754,7 @@ module Aws::SecurityHub
21209
22754
  :aws_api_gateway_stage,
21210
22755
  :aws_api_gateway_rest_api,
21211
22756
  :aws_cloud_trail_trail,
22757
+ :aws_ssm_patch_compliance,
21212
22758
  :aws_certificate_manager_certificate,
21213
22759
  :aws_redshift_cluster,
21214
22760
  :aws_elb_load_balancer,
@@ -21613,7 +23159,20 @@ module Aws::SecurityHub
21613
23159
  # @return [Hash<String,String>]
21614
23160
  #
21615
23161
  # @!attribute [rw] standards_status
21616
- # The status of the standards subscription.
23162
+ # The status of the standard subscription.
23163
+ #
23164
+ # The status values are as follows:
23165
+ #
23166
+ # * `PENDING` - Standard is in the process of being enabled.
23167
+ #
23168
+ # * `READY` - Standard is enabled.
23169
+ #
23170
+ # * `INCOMPLETE` - Standard could not be enabled completely. Some
23171
+ # controls may not be available.
23172
+ #
23173
+ # * `DELETING` - Standard is in the process of being disabled.
23174
+ #
23175
+ # * `FAILED` - Standard could not be disabled.
21617
23176
  # @return [String]
21618
23177
  #
21619
23178
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
@@ -23457,6 +25016,14 @@ module Aws::SecurityHub
23457
25016
  #
23458
25017
  # * `NEW` - The initial state of a finding, before it is reviewed.
23459
25018
  #
25019
+ # Security Hub also resets the workflow status from `NOTIFIED` or
25020
+ # `RESOLVED` to `NEW` in the following cases:
25021
+ #
25022
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
25023
+ #
25024
+ # * `ComplianceStatus` changes from `PASSED` to either `WARNING`,
25025
+ # `FAILED`, or `NOT_AVAILABLE`.
25026
+ #
23460
25027
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23461
25028
  # the security issue. Used when the initial reviewer is not the
23462
25029
  # resource owner, and needs intervention from the resource owner.
@@ -23491,6 +25058,14 @@ module Aws::SecurityHub
23491
25058
  #
23492
25059
  # * `NEW` - The initial state of a finding, before it is reviewed.
23493
25060
  #
25061
+ # Security Hub also resets `WorkFlowStatus` from `NOTIFIED` or
25062
+ # `RESOLVED` to `NEW` in the following cases:
25063
+ #
25064
+ # * The record state changes from `ARCHIVED` to `ACTIVE`.
25065
+ #
25066
+ # * The compliance status changes from `PASSED` to either `WARNING`,
25067
+ # `FAILED`, or `NOT_AVAILABLE`.
25068
+ #
23494
25069
  # * `NOTIFIED` - Indicates that you notified the resource owner about
23495
25070
  # the security issue. Used when the initial reviewer is not the
23496
25071
  # resource owner, and needs intervention from the resource owner.