aws-sdk-securityhub 1.38.0 → 1.43.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +228 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +3 -3
  6. data/lib/aws-sdk-securityhub/client.rb +601 -70
  7. data/lib/aws-sdk-securityhub/client_api.rb +202 -7
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +2004 -101
  11. metadata +11 -8
data/lib/aws-sdk-securityhub/errors.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/resource.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -3,13 +3,44 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
10
10
  module Aws::SecurityHub
11
11
  module Types
12
12
 
13
+ # @note When making an API call, you may pass AcceptAdministratorInvitationRequest
14
+ # data as a hash:
15
+ #
16
+ # {
17
+ # administrator_id: "NonEmptyString", # required
18
+ # invitation_id: "NonEmptyString", # required
19
+ # }
20
+ #
21
+ # @!attribute [rw] administrator_id
22
+ # The account ID of the Security Hub administrator account that sent
23
+ # the invitation.
24
+ # @return [String]
25
+ #
26
+ # @!attribute [rw] invitation_id
27
+ # The identifier of the invitation sent from the Security Hub
28
+ # administrator account.
29
+ # @return [String]
30
+ #
31
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationRequest AWS API Documentation
32
+ #
33
+ class AcceptAdministratorInvitationRequest < Struct.new(
34
+ :administrator_id,
35
+ :invitation_id)
36
+ SENSITIVE = []
37
+ include Aws::Structure
38
+ end
39
+
40
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationResponse AWS API Documentation
41
+ #
42
+ class AcceptAdministratorInvitationResponse < Aws::EmptyStructure; end
43
+
13
44
  # @note When making an API call, you may pass AcceptInvitationRequest
14
45
  # data as a hash:
15
46
  #
@@ -19,12 +50,13 @@ module Aws::SecurityHub
19
50
  # }
20
51
  #
21
52
  # @!attribute [rw] master_id
22
- # The account ID of the Security Hub master account that sent the
23
- # invitation.
53
+ # The account ID of the Security Hub administrator account that sent
54
+ # the invitation.
24
55
  # @return [String]
25
56
  #
26
57
  # @!attribute [rw] invitation_id
27
- # The ID of the invitation sent from the Security Hub master account.
58
+ # The identifier of the invitation sent from the Security Hub
59
+ # administrator account.
28
60
  # @return [String]
29
61
  #
30
62
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptInvitationRequest AWS API Documentation
@@ -85,8 +117,8 @@ module Aws::SecurityHub
85
117
  include Aws::Structure
86
118
  end
87
119
 
88
- # Provides details about one of the following actions that were detected
89
- # for the finding:
120
+ # Provides details about one of the following actions that affects or
121
+ # that was taken on a resource:
90
122
  #
91
123
  # * A remote IP address issued an AWS API call
92
124
  #
@@ -9765,6 +9797,51 @@ module Aws::SecurityHub
9765
9797
  include Aws::Structure
9766
9798
  end
9767
9799
 
9800
+ # provides information about the Amazon S3 Public Access Block
9801
+ # configuration for accounts.
9802
+ #
9803
+ # @note When making an API call, you may pass AwsS3AccountPublicAccessBlockDetails
9804
+ # data as a hash:
9805
+ #
9806
+ # {
9807
+ # block_public_acls: false,
9808
+ # block_public_policy: false,
9809
+ # ignore_public_acls: false,
9810
+ # restrict_public_buckets: false,
9811
+ # }
9812
+ #
9813
+ # @!attribute [rw] block_public_acls
9814
+ # Indicates whether to reject calls to update an S3 bucket if the
9815
+ # calls include a public access control list (ACL).
9816
+ # @return [Boolean]
9817
+ #
9818
+ # @!attribute [rw] block_public_policy
9819
+ # Indicates whether to reject calls to update the access policy for an
9820
+ # S3 bucket or access point if the policy allows public access.
9821
+ # @return [Boolean]
9822
+ #
9823
+ # @!attribute [rw] ignore_public_acls
9824
+ # Indicates whether Amazon S3 ignores public ACLs that are associated
9825
+ # with an S3 bucket.
9826
+ # @return [Boolean]
9827
+ #
9828
+ # @!attribute [rw] restrict_public_buckets
9829
+ # Indicates whether to restrict access to an access point or S3 bucket
9830
+ # that has a public policy to only AWS service principals and
9831
+ # authorized users within the S3 bucket owner's account.
9832
+ # @return [Boolean]
9833
+ #
9834
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3AccountPublicAccessBlockDetails AWS API Documentation
9835
+ #
9836
+ class AwsS3AccountPublicAccessBlockDetails < Struct.new(
9837
+ :block_public_acls,
9838
+ :block_public_policy,
9839
+ :ignore_public_acls,
9840
+ :restrict_public_buckets)
9841
+ SENSITIVE = []
9842
+ include Aws::Structure
9843
+ end
9844
+
9768
9845
  # The details of an Amazon S3 bucket.
9769
9846
  #
9770
9847
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -9784,6 +9861,12 @@ module Aws::SecurityHub
9784
9861
  # },
9785
9862
  # ],
9786
9863
  # },
9864
+ # public_access_block_configuration: {
9865
+ # block_public_acls: false,
9866
+ # block_public_policy: false,
9867
+ # ignore_public_acls: false,
9868
+ # restrict_public_buckets: false,
9869
+ # },
9787
9870
  # }
9788
9871
  #
9789
9872
  # @!attribute [rw] owner_id
@@ -9810,13 +9893,19 @@ module Aws::SecurityHub
9810
9893
  # The encryption rules that are applied to the S3 bucket.
9811
9894
  # @return [Types::AwsS3BucketServerSideEncryptionConfiguration]
9812
9895
  #
9896
+ # @!attribute [rw] public_access_block_configuration
9897
+ # Provides information about the Amazon S3 Public Access Block
9898
+ # configuration for the S3 bucket.
9899
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
9900
+ #
9813
9901
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
9814
9902
  #
9815
9903
  class AwsS3BucketDetails < Struct.new(
9816
9904
  :owner_id,
9817
9905
  :owner_name,
9818
9906
  :created_at,
9819
- :server_side_encryption_configuration)
9907
+ :server_side_encryption_configuration,
9908
+ :public_access_block_configuration)
9820
9909
  SENSITIVE = []
9821
9910
  include Aws::Structure
9822
9911
  end
@@ -10077,12 +10166,12 @@ module Aws::SecurityHub
10077
10166
  # product_arn: "NonEmptyString", # required
10078
10167
  # generator_id: "NonEmptyString", # required
10079
10168
  # aws_account_id: "NonEmptyString", # required
10080
- # types: ["NonEmptyString"], # required
10169
+ # types: ["NonEmptyString"],
10081
10170
  # first_observed_at: "NonEmptyString",
10082
10171
  # last_observed_at: "NonEmptyString",
10083
10172
  # created_at: "NonEmptyString", # required
10084
10173
  # updated_at: "NonEmptyString", # required
10085
- # severity: { # required
10174
+ # severity: {
10086
10175
  # product: 1.0,
10087
10176
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
10088
10177
  # normalized: 1,
@@ -10206,6 +10295,130 @@ module Aws::SecurityHub
10206
10295
  # tags: {
10207
10296
  # "NonEmptyString" => "NonEmptyString",
10208
10297
  # },
10298
+ # data_classification: {
10299
+ # detailed_results_location: "NonEmptyString",
10300
+ # result: {
10301
+ # mime_type: "NonEmptyString",
10302
+ # size_classified: 1,
10303
+ # additional_occurrences: false,
10304
+ # status: {
10305
+ # code: "NonEmptyString",
10306
+ # reason: "NonEmptyString",
10307
+ # },
10308
+ # sensitive_data: [
10309
+ # {
10310
+ # category: "NonEmptyString",
10311
+ # detections: [
10312
+ # {
10313
+ # count: 1,
10314
+ # type: "NonEmptyString",
10315
+ # occurrences: {
10316
+ # line_ranges: [
10317
+ # {
10318
+ # start: 1,
10319
+ # end: 1,
10320
+ # start_column: 1,
10321
+ # },
10322
+ # ],
10323
+ # offset_ranges: [
10324
+ # {
10325
+ # start: 1,
10326
+ # end: 1,
10327
+ # start_column: 1,
10328
+ # },
10329
+ # ],
10330
+ # pages: [
10331
+ # {
10332
+ # page_number: 1,
10333
+ # line_range: {
10334
+ # start: 1,
10335
+ # end: 1,
10336
+ # start_column: 1,
10337
+ # },
10338
+ # offset_range: {
10339
+ # start: 1,
10340
+ # end: 1,
10341
+ # start_column: 1,
10342
+ # },
10343
+ # },
10344
+ # ],
10345
+ # records: [
10346
+ # {
10347
+ # json_path: "NonEmptyString",
10348
+ # record_index: 1,
10349
+ # },
10350
+ # ],
10351
+ # cells: [
10352
+ # {
10353
+ # column: 1,
10354
+ # row: 1,
10355
+ # column_name: "NonEmptyString",
10356
+ # cell_reference: "NonEmptyString",
10357
+ # },
10358
+ # ],
10359
+ # },
10360
+ # },
10361
+ # ],
10362
+ # total_count: 1,
10363
+ # },
10364
+ # ],
10365
+ # custom_data_identifiers: {
10366
+ # detections: [
10367
+ # {
10368
+ # count: 1,
10369
+ # arn: "NonEmptyString",
10370
+ # name: "NonEmptyString",
10371
+ # occurrences: {
10372
+ # line_ranges: [
10373
+ # {
10374
+ # start: 1,
10375
+ # end: 1,
10376
+ # start_column: 1,
10377
+ # },
10378
+ # ],
10379
+ # offset_ranges: [
10380
+ # {
10381
+ # start: 1,
10382
+ # end: 1,
10383
+ # start_column: 1,
10384
+ # },
10385
+ # ],
10386
+ # pages: [
10387
+ # {
10388
+ # page_number: 1,
10389
+ # line_range: {
10390
+ # start: 1,
10391
+ # end: 1,
10392
+ # start_column: 1,
10393
+ # },
10394
+ # offset_range: {
10395
+ # start: 1,
10396
+ # end: 1,
10397
+ # start_column: 1,
10398
+ # },
10399
+ # },
10400
+ # ],
10401
+ # records: [
10402
+ # {
10403
+ # json_path: "NonEmptyString",
10404
+ # record_index: 1,
10405
+ # },
10406
+ # ],
10407
+ # cells: [
10408
+ # {
10409
+ # column: 1,
10410
+ # row: 1,
10411
+ # column_name: "NonEmptyString",
10412
+ # cell_reference: "NonEmptyString",
10413
+ # },
10414
+ # ],
10415
+ # },
10416
+ # },
10417
+ # ],
10418
+ # total_count: 1,
10419
+ # },
10420
+ # },
10421
+ # },
10209
10422
  # details: {
10210
10423
  # aws_auto_scaling_auto_scaling_group: {
10211
10424
  # launch_configuration_name: "NonEmptyString",
@@ -10507,6 +10720,18 @@ module Aws::SecurityHub
10507
10720
  # },
10508
10721
  # ],
10509
10722
  # },
10723
+ # public_access_block_configuration: {
10724
+ # block_public_acls: false,
10725
+ # block_public_policy: false,
10726
+ # ignore_public_acls: false,
10727
+ # restrict_public_buckets: false,
10728
+ # },
10729
+ # },
10730
+ # aws_s3_account_public_access_block: {
10731
+ # block_public_acls: false,
10732
+ # block_public_policy: false,
10733
+ # ignore_public_acls: false,
10734
+ # restrict_public_buckets: false,
10510
10735
  # },
10511
10736
  # aws_s3_object: {
10512
10737
  # last_modified: "NonEmptyString",
@@ -11737,6 +11962,21 @@ module Aws::SecurityHub
11737
11962
  # blocked: false,
11738
11963
  # },
11739
11964
  # },
11965
+ # finding_provider_fields: {
11966
+ # confidence: 1,
11967
+ # criticality: 1,
11968
+ # related_findings: [
11969
+ # {
11970
+ # product_arn: "NonEmptyString", # required
11971
+ # id: "NonEmptyString", # required
11972
+ # },
11973
+ # ],
11974
+ # severity: {
11975
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
11976
+ # original: "NonEmptyString",
11977
+ # },
11978
+ # types: ["NonEmptyString"],
11979
+ # },
11740
11980
  # }
11741
11981
  #
11742
11982
  # @!attribute [rw] schema_version
@@ -11953,9 +12193,16 @@ module Aws::SecurityHub
11953
12193
  # @return [Types::PatchSummary]
11954
12194
  #
11955
12195
  # @!attribute [rw] action
11956
- # Provides details about an action that was detected for the finding.
12196
+ # Provides details about an action that affects or that was taken on a
12197
+ # resource.
11957
12198
  # @return [Types::Action]
11958
12199
  #
12200
+ # @!attribute [rw] finding_provider_fields
12201
+ # In a `BatchImportFindings` request, finding providers use
12202
+ # `FindingProviderFields` to provide and update their own values for
12203
+ # confidence, criticality, related findings, severity, and types.
12204
+ # @return [Types::FindingProviderFields]
12205
+ #
11959
12206
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11960
12207
  #
11961
12208
  class AwsSecurityFinding < Struct.new(
@@ -11993,7 +12240,8 @@ module Aws::SecurityHub
11993
12240
  :note,
11994
12241
  :vulnerabilities,
11995
12242
  :patch_summary,
11996
- :action)
12243
+ :action,
12244
+ :finding_provider_fields)
11997
12245
  SENSITIVE = []
11998
12246
  include Aws::Structure
11999
12247
  end
@@ -12562,6 +12810,50 @@ module Aws::SecurityHub
12562
12810
  # value: "NonEmptyString",
12563
12811
  # },
12564
12812
  # ],
12813
+ # finding_provider_fields_confidence: [
12814
+ # {
12815
+ # gte: 1.0,
12816
+ # lte: 1.0,
12817
+ # eq: 1.0,
12818
+ # },
12819
+ # ],
12820
+ # finding_provider_fields_criticality: [
12821
+ # {
12822
+ # gte: 1.0,
12823
+ # lte: 1.0,
12824
+ # eq: 1.0,
12825
+ # },
12826
+ # ],
12827
+ # finding_provider_fields_related_findings_id: [
12828
+ # {
12829
+ # value: "NonEmptyString",
12830
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12831
+ # },
12832
+ # ],
12833
+ # finding_provider_fields_related_findings_product_arn: [
12834
+ # {
12835
+ # value: "NonEmptyString",
12836
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12837
+ # },
12838
+ # ],
12839
+ # finding_provider_fields_severity_label: [
12840
+ # {
12841
+ # value: "NonEmptyString",
12842
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12843
+ # },
12844
+ # ],
12845
+ # finding_provider_fields_severity_original: [
12846
+ # {
12847
+ # value: "NonEmptyString",
12848
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12849
+ # },
12850
+ # ],
12851
+ # finding_provider_fields_types: [
12852
+ # {
12853
+ # value: "NonEmptyString",
12854
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12855
+ # },
12856
+ # ],
12565
12857
  # }
12566
12858
  #
12567
12859
  # @!attribute [rw] product_arn
@@ -12969,6 +13261,52 @@ module Aws::SecurityHub
12969
13261
  # A keyword for a finding.
12970
13262
  # @return [Array<Types::KeywordFilter>]
12971
13263
  #
13264
+ # @!attribute [rw] finding_provider_fields_confidence
13265
+ # The finding provider value for the finding confidence. Confidence is
13266
+ # defined as the likelihood that a finding accurately identifies the
13267
+ # behavior or issue that it was intended to identify.
13268
+ #
13269
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
13270
+ # means zero percent confidence and 100 means 100 percent confidence.
13271
+ # @return [Array<Types::NumberFilter>]
13272
+ #
13273
+ # @!attribute [rw] finding_provider_fields_criticality
13274
+ # The finding provider value for the level of importance assigned to
13275
+ # the resources associated with the findings.
13276
+ #
13277
+ # A score of 0 means that the underlying resources have no
13278
+ # criticality, and a score of 100 is reserved for the most critical
13279
+ # resources.
13280
+ # @return [Array<Types::NumberFilter>]
13281
+ #
13282
+ # @!attribute [rw] finding_provider_fields_related_findings_id
13283
+ # The finding identifier of a related finding that is identified by
13284
+ # the finding provider.
13285
+ # @return [Array<Types::StringFilter>]
13286
+ #
13287
+ # @!attribute [rw] finding_provider_fields_related_findings_product_arn
13288
+ # The ARN of the solution that generated a related finding that is
13289
+ # identified by the finding provider.
13290
+ # @return [Array<Types::StringFilter>]
13291
+ #
13292
+ # @!attribute [rw] finding_provider_fields_severity_label
13293
+ # The finding provider value for the severity label.
13294
+ # @return [Array<Types::StringFilter>]
13295
+ #
13296
+ # @!attribute [rw] finding_provider_fields_severity_original
13297
+ # The finding provider's original value for the severity.
13298
+ # @return [Array<Types::StringFilter>]
13299
+ #
13300
+ # @!attribute [rw] finding_provider_fields_types
13301
+ # One or more finding types that the finding provider assigned to the
13302
+ # finding. Uses the format of `namespace/category/classifier` that
13303
+ # classify a finding.
13304
+ #
13305
+ # Valid namespace values are: Software and Configuration Checks \|
13306
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
13307
+ # Identifications
13308
+ # @return [Array<Types::StringFilter>]
13309
+ #
12972
13310
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
12973
13311
  #
12974
13312
  class AwsSecurityFindingFilters < Struct.new(
@@ -13055,7 +13393,14 @@ module Aws::SecurityHub
13055
13393
  :note_text,
13056
13394
  :note_updated_at,
13057
13395
  :note_updated_by,
13058
- :keyword)
13396
+ :keyword,
13397
+ :finding_provider_fields_confidence,
13398
+ :finding_provider_fields_criticality,
13399
+ :finding_provider_fields_related_findings_id,
13400
+ :finding_provider_fields_related_findings_product_arn,
13401
+ :finding_provider_fields_severity_label,
13402
+ :finding_provider_fields_severity_original,
13403
+ :finding_provider_fields_types)
13059
13404
  SENSITIVE = []
13060
13405
  include Aws::Structure
13061
13406
  end
@@ -13661,12 +14006,12 @@ module Aws::SecurityHub
13661
14006
  # product_arn: "NonEmptyString", # required
13662
14007
  # generator_id: "NonEmptyString", # required
13663
14008
  # aws_account_id: "NonEmptyString", # required
13664
- # types: ["NonEmptyString"], # required
14009
+ # types: ["NonEmptyString"],
13665
14010
  # first_observed_at: "NonEmptyString",
13666
14011
  # last_observed_at: "NonEmptyString",
13667
14012
  # created_at: "NonEmptyString", # required
13668
14013
  # updated_at: "NonEmptyString", # required
13669
- # severity: { # required
14014
+ # severity: {
13670
14015
  # product: 1.0,
13671
14016
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
13672
14017
  # normalized: 1,
@@ -13790,6 +14135,130 @@ module Aws::SecurityHub
13790
14135
  # tags: {
13791
14136
  # "NonEmptyString" => "NonEmptyString",
13792
14137
  # },
14138
+ # data_classification: {
14139
+ # detailed_results_location: "NonEmptyString",
14140
+ # result: {
14141
+ # mime_type: "NonEmptyString",
14142
+ # size_classified: 1,
14143
+ # additional_occurrences: false,
14144
+ # status: {
14145
+ # code: "NonEmptyString",
14146
+ # reason: "NonEmptyString",
14147
+ # },
14148
+ # sensitive_data: [
14149
+ # {
14150
+ # category: "NonEmptyString",
14151
+ # detections: [
14152
+ # {
14153
+ # count: 1,
14154
+ # type: "NonEmptyString",
14155
+ # occurrences: {
14156
+ # line_ranges: [
14157
+ # {
14158
+ # start: 1,
14159
+ # end: 1,
14160
+ # start_column: 1,
14161
+ # },
14162
+ # ],
14163
+ # offset_ranges: [
14164
+ # {
14165
+ # start: 1,
14166
+ # end: 1,
14167
+ # start_column: 1,
14168
+ # },
14169
+ # ],
14170
+ # pages: [
14171
+ # {
14172
+ # page_number: 1,
14173
+ # line_range: {
14174
+ # start: 1,
14175
+ # end: 1,
14176
+ # start_column: 1,
14177
+ # },
14178
+ # offset_range: {
14179
+ # start: 1,
14180
+ # end: 1,
14181
+ # start_column: 1,
14182
+ # },
14183
+ # },
14184
+ # ],
14185
+ # records: [
14186
+ # {
14187
+ # json_path: "NonEmptyString",
14188
+ # record_index: 1,
14189
+ # },
14190
+ # ],
14191
+ # cells: [
14192
+ # {
14193
+ # column: 1,
14194
+ # row: 1,
14195
+ # column_name: "NonEmptyString",
14196
+ # cell_reference: "NonEmptyString",
14197
+ # },
14198
+ # ],
14199
+ # },
14200
+ # },
14201
+ # ],
14202
+ # total_count: 1,
14203
+ # },
14204
+ # ],
14205
+ # custom_data_identifiers: {
14206
+ # detections: [
14207
+ # {
14208
+ # count: 1,
14209
+ # arn: "NonEmptyString",
14210
+ # name: "NonEmptyString",
14211
+ # occurrences: {
14212
+ # line_ranges: [
14213
+ # {
14214
+ # start: 1,
14215
+ # end: 1,
14216
+ # start_column: 1,
14217
+ # },
14218
+ # ],
14219
+ # offset_ranges: [
14220
+ # {
14221
+ # start: 1,
14222
+ # end: 1,
14223
+ # start_column: 1,
14224
+ # },
14225
+ # ],
14226
+ # pages: [
14227
+ # {
14228
+ # page_number: 1,
14229
+ # line_range: {
14230
+ # start: 1,
14231
+ # end: 1,
14232
+ # start_column: 1,
14233
+ # },
14234
+ # offset_range: {
14235
+ # start: 1,
14236
+ # end: 1,
14237
+ # start_column: 1,
14238
+ # },
14239
+ # },
14240
+ # ],
14241
+ # records: [
14242
+ # {
14243
+ # json_path: "NonEmptyString",
14244
+ # record_index: 1,
14245
+ # },
14246
+ # ],
14247
+ # cells: [
14248
+ # {
14249
+ # column: 1,
14250
+ # row: 1,
14251
+ # column_name: "NonEmptyString",
14252
+ # cell_reference: "NonEmptyString",
14253
+ # },
14254
+ # ],
14255
+ # },
14256
+ # },
14257
+ # ],
14258
+ # total_count: 1,
14259
+ # },
14260
+ # },
14261
+ # },
13793
14262
  # details: {
13794
14263
  # aws_auto_scaling_auto_scaling_group: {
13795
14264
  # launch_configuration_name: "NonEmptyString",
@@ -14091,6 +14560,18 @@ module Aws::SecurityHub
14091
14560
  # },
14092
14561
  # ],
14093
14562
  # },
14563
+ # public_access_block_configuration: {
14564
+ # block_public_acls: false,
14565
+ # block_public_policy: false,
14566
+ # ignore_public_acls: false,
14567
+ # restrict_public_buckets: false,
14568
+ # },
14569
+ # },
14570
+ # aws_s3_account_public_access_block: {
14571
+ # block_public_acls: false,
14572
+ # block_public_policy: false,
14573
+ # ignore_public_acls: false,
14574
+ # restrict_public_buckets: false,
14094
14575
  # },
14095
14576
  # aws_s3_object: {
14096
14577
  # last_modified: "NonEmptyString",
@@ -15321,6 +15802,21 @@ module Aws::SecurityHub
15321
15802
  # blocked: false,
15322
15803
  # },
15323
15804
  # },
15805
+ # finding_provider_fields: {
15806
+ # confidence: 1,
15807
+ # criticality: 1,
15808
+ # related_findings: [
15809
+ # {
15810
+ # product_arn: "NonEmptyString", # required
15811
+ # id: "NonEmptyString", # required
15812
+ # },
15813
+ # ],
15814
+ # severity: {
15815
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
15816
+ # original: "NonEmptyString",
15817
+ # },
15818
+ # types: ["NonEmptyString"],
15819
+ # },
15324
15820
  # },
15325
15821
  # ],
15326
15822
  # }
@@ -15544,6 +16040,52 @@ module Aws::SecurityHub
15544
16040
  include Aws::Structure
15545
16041
  end
15546
16042
 
16043
+ # An occurrence of sensitive data detected in a Microsoft Excel
16044
+ # workbook, comma-separated value (CSV) file, or tab-separated value
16045
+ # (TSV) file.
16046
+ #
16047
+ # @note When making an API call, you may pass Cell
16048
+ # data as a hash:
16049
+ #
16050
+ # {
16051
+ # column: 1,
16052
+ # row: 1,
16053
+ # column_name: "NonEmptyString",
16054
+ # cell_reference: "NonEmptyString",
16055
+ # }
16056
+ #
16057
+ # @!attribute [rw] column
16058
+ # The column number of the column that contains the data. For a
16059
+ # Microsoft Excel workbook, the column number corresponds to the
16060
+ # alphabetical column identifiers. For example, a value of 1 for
16061
+ # Column corresponds to the A column in the workbook.
16062
+ # @return [Integer]
16063
+ #
16064
+ # @!attribute [rw] row
16065
+ # The row number of the row that contains the data.
16066
+ # @return [Integer]
16067
+ #
16068
+ # @!attribute [rw] column_name
16069
+ # The name of the column that contains the data.
16070
+ # @return [String]
16071
+ #
16072
+ # @!attribute [rw] cell_reference
16073
+ # For a Microsoft Excel workbook, provides the location of the cell,
16074
+ # as an absolute cell reference, that contains the data. For example,
16075
+ # Sheet2!C5 for cell C5 on Sheet2.
16076
+ # @return [String]
16077
+ #
16078
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cell AWS API Documentation
16079
+ #
16080
+ class Cell < Struct.new(
16081
+ :column,
16082
+ :row,
16083
+ :column_name,
16084
+ :cell_reference)
16085
+ SENSITIVE = []
16086
+ include Aws::Structure
16087
+ end
16088
+
15547
16089
  # An IPv4 CIDR block association.
15548
16090
  #
15549
16091
  # @note When making an API call, you may pass CidrBlockAssociation
@@ -15598,39 +16140,236 @@ module Aws::SecurityHub
15598
16140
  include Aws::Structure
15599
16141
  end
15600
16142
 
15601
- # Contains finding details that are specific to control-based findings.
15602
- # Only returned for findings generated from controls.
16143
+ # Details about the sensitive data that was detected on the resource.
15603
16144
  #
15604
- # @note When making an API call, you may pass Compliance
16145
+ # @note When making an API call, you may pass ClassificationResult
15605
16146
  # data as a hash:
15606
16147
  #
15607
16148
  # {
15608
- # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
15609
- # related_requirements: ["NonEmptyString"],
15610
- # status_reasons: [
16149
+ # mime_type: "NonEmptyString",
16150
+ # size_classified: 1,
16151
+ # additional_occurrences: false,
16152
+ # status: {
16153
+ # code: "NonEmptyString",
16154
+ # reason: "NonEmptyString",
16155
+ # },
16156
+ # sensitive_data: [
15611
16157
  # {
15612
- # reason_code: "NonEmptyString", # required
15613
- # description: "NonEmptyString",
16158
+ # category: "NonEmptyString",
16159
+ # detections: [
16160
+ # {
16161
+ # count: 1,
16162
+ # type: "NonEmptyString",
16163
+ # occurrences: {
16164
+ # line_ranges: [
16165
+ # {
16166
+ # start: 1,
16167
+ # end: 1,
16168
+ # start_column: 1,
16169
+ # },
16170
+ # ],
16171
+ # offset_ranges: [
16172
+ # {
16173
+ # start: 1,
16174
+ # end: 1,
16175
+ # start_column: 1,
16176
+ # },
16177
+ # ],
16178
+ # pages: [
16179
+ # {
16180
+ # page_number: 1,
16181
+ # line_range: {
16182
+ # start: 1,
16183
+ # end: 1,
16184
+ # start_column: 1,
16185
+ # },
16186
+ # offset_range: {
16187
+ # start: 1,
16188
+ # end: 1,
16189
+ # start_column: 1,
16190
+ # },
16191
+ # },
16192
+ # ],
16193
+ # records: [
16194
+ # {
16195
+ # json_path: "NonEmptyString",
16196
+ # record_index: 1,
16197
+ # },
16198
+ # ],
16199
+ # cells: [
16200
+ # {
16201
+ # column: 1,
16202
+ # row: 1,
16203
+ # column_name: "NonEmptyString",
16204
+ # cell_reference: "NonEmptyString",
16205
+ # },
16206
+ # ],
16207
+ # },
16208
+ # },
16209
+ # ],
16210
+ # total_count: 1,
15614
16211
  # },
15615
16212
  # ],
15616
- # }
15617
- #
15618
- # @!attribute [rw] status
15619
- # The result of a standards check.
15620
- #
15621
- # The valid values for `Status` are as follows.
15622
- #
15623
- # * * `PASSED` - Standards check passed for all evaluated resources.
15624
- #
15625
- # * `WARNING` - Some information is missing or this check is not
15626
- # supported for your configuration.
15627
- #
15628
- # * `FAILED` - Standards check failed for at least one evaluated
15629
- # resource.
15630
- #
15631
- # * `NOT_AVAILABLE` - Check could not be performed due to a service
15632
- # outage, API error, or because the result of the AWS Config
15633
- # evaluation was `NOT_APPLICABLE`. If the AWS Config evaluation
16213
+ # custom_data_identifiers: {
16214
+ # detections: [
16215
+ # {
16216
+ # count: 1,
16217
+ # arn: "NonEmptyString",
16218
+ # name: "NonEmptyString",
16219
+ # occurrences: {
16220
+ # line_ranges: [
16221
+ # {
16222
+ # start: 1,
16223
+ # end: 1,
16224
+ # start_column: 1,
16225
+ # },
16226
+ # ],
16227
+ # offset_ranges: [
16228
+ # {
16229
+ # start: 1,
16230
+ # end: 1,
16231
+ # start_column: 1,
16232
+ # },
16233
+ # ],
16234
+ # pages: [
16235
+ # {
16236
+ # page_number: 1,
16237
+ # line_range: {
16238
+ # start: 1,
16239
+ # end: 1,
16240
+ # start_column: 1,
16241
+ # },
16242
+ # offset_range: {
16243
+ # start: 1,
16244
+ # end: 1,
16245
+ # start_column: 1,
16246
+ # },
16247
+ # },
16248
+ # ],
16249
+ # records: [
16250
+ # {
16251
+ # json_path: "NonEmptyString",
16252
+ # record_index: 1,
16253
+ # },
16254
+ # ],
16255
+ # cells: [
16256
+ # {
16257
+ # column: 1,
16258
+ # row: 1,
16259
+ # column_name: "NonEmptyString",
16260
+ # cell_reference: "NonEmptyString",
16261
+ # },
16262
+ # ],
16263
+ # },
16264
+ # },
16265
+ # ],
16266
+ # total_count: 1,
16267
+ # },
16268
+ # }
16269
+ #
16270
+ # @!attribute [rw] mime_type
16271
+ # The type of content that the finding applies to.
16272
+ # @return [String]
16273
+ #
16274
+ # @!attribute [rw] size_classified
16275
+ # The total size in bytes of the affected data.
16276
+ # @return [Integer]
16277
+ #
16278
+ # @!attribute [rw] additional_occurrences
16279
+ # Indicates whether there are additional occurrences of sensitive data
16280
+ # that are not included in the finding. This occurs when the number of
16281
+ # occurrences exceeds the maximum that can be included.
16282
+ # @return [Boolean]
16283
+ #
16284
+ # @!attribute [rw] status
16285
+ # The current status of the sensitive data detection.
16286
+ # @return [Types::ClassificationStatus]
16287
+ #
16288
+ # @!attribute [rw] sensitive_data
16289
+ # Provides details about sensitive data that was identified based on
16290
+ # built-in configuration.
16291
+ # @return [Array<Types::SensitiveDataResult>]
16292
+ #
16293
+ # @!attribute [rw] custom_data_identifiers
16294
+ # Provides details about sensitive data that was identified based on
16295
+ # customer-defined configuration.
16296
+ # @return [Types::CustomDataIdentifiersResult]
16297
+ #
16298
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationResult AWS API Documentation
16299
+ #
16300
+ class ClassificationResult < Struct.new(
16301
+ :mime_type,
16302
+ :size_classified,
16303
+ :additional_occurrences,
16304
+ :status,
16305
+ :sensitive_data,
16306
+ :custom_data_identifiers)
16307
+ SENSITIVE = []
16308
+ include Aws::Structure
16309
+ end
16310
+
16311
+ # Provides details about the current status of the sensitive data
16312
+ # detection.
16313
+ #
16314
+ # @note When making an API call, you may pass ClassificationStatus
16315
+ # data as a hash:
16316
+ #
16317
+ # {
16318
+ # code: "NonEmptyString",
16319
+ # reason: "NonEmptyString",
16320
+ # }
16321
+ #
16322
+ # @!attribute [rw] code
16323
+ # The code that represents the status of the sensitive data detection.
16324
+ # @return [String]
16325
+ #
16326
+ # @!attribute [rw] reason
16327
+ # A longer description of the current status of the sensitive data
16328
+ # detection.
16329
+ # @return [String]
16330
+ #
16331
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationStatus AWS API Documentation
16332
+ #
16333
+ class ClassificationStatus < Struct.new(
16334
+ :code,
16335
+ :reason)
16336
+ SENSITIVE = []
16337
+ include Aws::Structure
16338
+ end
16339
+
16340
+ # Contains finding details that are specific to control-based findings.
16341
+ # Only returned for findings generated from controls.
16342
+ #
16343
+ # @note When making an API call, you may pass Compliance
16344
+ # data as a hash:
16345
+ #
16346
+ # {
16347
+ # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
16348
+ # related_requirements: ["NonEmptyString"],
16349
+ # status_reasons: [
16350
+ # {
16351
+ # reason_code: "NonEmptyString", # required
16352
+ # description: "NonEmptyString",
16353
+ # },
16354
+ # ],
16355
+ # }
16356
+ #
16357
+ # @!attribute [rw] status
16358
+ # The result of a standards check.
16359
+ #
16360
+ # The valid values for `Status` are as follows.
16361
+ #
16362
+ # * * `PASSED` - Standards check passed for all evaluated resources.
16363
+ #
16364
+ # * `WARNING` - Some information is missing or this check is not
16365
+ # supported for your configuration.
16366
+ #
16367
+ # * `FAILED` - Standards check failed for at least one evaluated
16368
+ # resource.
16369
+ #
16370
+ # * `NOT_AVAILABLE` - Check could not be performed due to a service
16371
+ # outage, API error, or because the result of the AWS Config
16372
+ # evaluation was `NOT_APPLICABLE`. If the AWS Config evaluation
15634
16373
  # result was `NOT_APPLICABLE`, then after 3 days, Security Hub
15635
16374
  # automatically archives the finding.
15636
16375
  # @return [String]
@@ -16338,6 +17077,50 @@ module Aws::SecurityHub
16338
17077
  # value: "NonEmptyString",
16339
17078
  # },
16340
17079
  # ],
17080
+ # finding_provider_fields_confidence: [
17081
+ # {
17082
+ # gte: 1.0,
17083
+ # lte: 1.0,
17084
+ # eq: 1.0,
17085
+ # },
17086
+ # ],
17087
+ # finding_provider_fields_criticality: [
17088
+ # {
17089
+ # gte: 1.0,
17090
+ # lte: 1.0,
17091
+ # eq: 1.0,
17092
+ # },
17093
+ # ],
17094
+ # finding_provider_fields_related_findings_id: [
17095
+ # {
17096
+ # value: "NonEmptyString",
17097
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17098
+ # },
17099
+ # ],
17100
+ # finding_provider_fields_related_findings_product_arn: [
17101
+ # {
17102
+ # value: "NonEmptyString",
17103
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17104
+ # },
17105
+ # ],
17106
+ # finding_provider_fields_severity_label: [
17107
+ # {
17108
+ # value: "NonEmptyString",
17109
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17110
+ # },
17111
+ # ],
17112
+ # finding_provider_fields_severity_original: [
17113
+ # {
17114
+ # value: "NonEmptyString",
17115
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17116
+ # },
17117
+ # ],
17118
+ # finding_provider_fields_types: [
17119
+ # {
17120
+ # value: "NonEmptyString",
17121
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17122
+ # },
17123
+ # ],
16341
17124
  # },
16342
17125
  # group_by_attribute: "NonEmptyString", # required
16343
17126
  # }
@@ -16395,9 +17178,9 @@ module Aws::SecurityHub
16395
17178
  # }
16396
17179
  #
16397
17180
  # @!attribute [rw] account_details
16398
- # The list of accounts to associate with the Security Hub master
16399
- # account. For each account, the list includes the account ID and
16400
- # optionally the email address.
17181
+ # The list of accounts to associate with the Security Hub
17182
+ # administrator account. For each account, the list includes the
17183
+ # account ID and optionally the email address.
16401
17184
  # @return [Array<Types::AccountDetails>]
16402
17185
  #
16403
17186
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
@@ -16421,6 +17204,170 @@ module Aws::SecurityHub
16421
17204
  include Aws::Structure
16422
17205
  end
16423
17206
 
17207
+ # The list of detected instances of sensitive data.
17208
+ #
17209
+ # @note When making an API call, you may pass CustomDataIdentifiersDetections
17210
+ # data as a hash:
17211
+ #
17212
+ # {
17213
+ # count: 1,
17214
+ # arn: "NonEmptyString",
17215
+ # name: "NonEmptyString",
17216
+ # occurrences: {
17217
+ # line_ranges: [
17218
+ # {
17219
+ # start: 1,
17220
+ # end: 1,
17221
+ # start_column: 1,
17222
+ # },
17223
+ # ],
17224
+ # offset_ranges: [
17225
+ # {
17226
+ # start: 1,
17227
+ # end: 1,
17228
+ # start_column: 1,
17229
+ # },
17230
+ # ],
17231
+ # pages: [
17232
+ # {
17233
+ # page_number: 1,
17234
+ # line_range: {
17235
+ # start: 1,
17236
+ # end: 1,
17237
+ # start_column: 1,
17238
+ # },
17239
+ # offset_range: {
17240
+ # start: 1,
17241
+ # end: 1,
17242
+ # start_column: 1,
17243
+ # },
17244
+ # },
17245
+ # ],
17246
+ # records: [
17247
+ # {
17248
+ # json_path: "NonEmptyString",
17249
+ # record_index: 1,
17250
+ # },
17251
+ # ],
17252
+ # cells: [
17253
+ # {
17254
+ # column: 1,
17255
+ # row: 1,
17256
+ # column_name: "NonEmptyString",
17257
+ # cell_reference: "NonEmptyString",
17258
+ # },
17259
+ # ],
17260
+ # },
17261
+ # }
17262
+ #
17263
+ # @!attribute [rw] count
17264
+ # The total number of occurrences of sensitive data that were
17265
+ # detected.
17266
+ # @return [Integer]
17267
+ #
17268
+ # @!attribute [rw] arn
17269
+ # The ARN of the custom identifier that was used to detect the
17270
+ # sensitive data.
17271
+ # @return [String]
17272
+ #
17273
+ # @!attribute [rw] name
17274
+ # he name of the custom identifier that detected the sensitive data.
17275
+ # @return [String]
17276
+ #
17277
+ # @!attribute [rw] occurrences
17278
+ # Details about the sensitive data that was detected.
17279
+ # @return [Types::Occurrences]
17280
+ #
17281
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersDetections AWS API Documentation
17282
+ #
17283
+ class CustomDataIdentifiersDetections < Struct.new(
17284
+ :count,
17285
+ :arn,
17286
+ :name,
17287
+ :occurrences)
17288
+ SENSITIVE = []
17289
+ include Aws::Structure
17290
+ end
17291
+
17292
+ # Contains an instance of sensitive data that was detected by a
17293
+ # customer-defined identifier.
17294
+ #
17295
+ # @note When making an API call, you may pass CustomDataIdentifiersResult
17296
+ # data as a hash:
17297
+ #
17298
+ # {
17299
+ # detections: [
17300
+ # {
17301
+ # count: 1,
17302
+ # arn: "NonEmptyString",
17303
+ # name: "NonEmptyString",
17304
+ # occurrences: {
17305
+ # line_ranges: [
17306
+ # {
17307
+ # start: 1,
17308
+ # end: 1,
17309
+ # start_column: 1,
17310
+ # },
17311
+ # ],
17312
+ # offset_ranges: [
17313
+ # {
17314
+ # start: 1,
17315
+ # end: 1,
17316
+ # start_column: 1,
17317
+ # },
17318
+ # ],
17319
+ # pages: [
17320
+ # {
17321
+ # page_number: 1,
17322
+ # line_range: {
17323
+ # start: 1,
17324
+ # end: 1,
17325
+ # start_column: 1,
17326
+ # },
17327
+ # offset_range: {
17328
+ # start: 1,
17329
+ # end: 1,
17330
+ # start_column: 1,
17331
+ # },
17332
+ # },
17333
+ # ],
17334
+ # records: [
17335
+ # {
17336
+ # json_path: "NonEmptyString",
17337
+ # record_index: 1,
17338
+ # },
17339
+ # ],
17340
+ # cells: [
17341
+ # {
17342
+ # column: 1,
17343
+ # row: 1,
17344
+ # column_name: "NonEmptyString",
17345
+ # cell_reference: "NonEmptyString",
17346
+ # },
17347
+ # ],
17348
+ # },
17349
+ # },
17350
+ # ],
17351
+ # total_count: 1,
17352
+ # }
17353
+ #
17354
+ # @!attribute [rw] detections
17355
+ # The list of detected instances of sensitive data.
17356
+ # @return [Array<Types::CustomDataIdentifiersDetections>]
17357
+ #
17358
+ # @!attribute [rw] total_count
17359
+ # The total number of occurrences of sensitive data.
17360
+ # @return [Integer]
17361
+ #
17362
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersResult AWS API Documentation
17363
+ #
17364
+ class CustomDataIdentifiersResult < Struct.new(
17365
+ :detections,
17366
+ :total_count)
17367
+ SENSITIVE = []
17368
+ include Aws::Structure
17369
+ end
17370
+
16424
17371
  # CVSS scores from the advisory related to the vulnerability.
16425
17372
  #
16426
17373
  # @note When making an API call, you may pass Cvss
@@ -16432,24 +17379,172 @@ module Aws::SecurityHub
16432
17379
  # base_vector: "NonEmptyString",
16433
17380
  # }
16434
17381
  #
16435
- # @!attribute [rw] version
16436
- # The version of CVSS for the CVSS score.
17382
+ # @!attribute [rw] version
17383
+ # The version of CVSS for the CVSS score.
17384
+ # @return [String]
17385
+ #
17386
+ # @!attribute [rw] base_score
17387
+ # The base CVSS score.
17388
+ # @return [Float]
17389
+ #
17390
+ # @!attribute [rw] base_vector
17391
+ # The base scoring vector for the CVSS score.
17392
+ # @return [String]
17393
+ #
17394
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
17395
+ #
17396
+ class Cvss < Struct.new(
17397
+ :version,
17398
+ :base_score,
17399
+ :base_vector)
17400
+ SENSITIVE = []
17401
+ include Aws::Structure
17402
+ end
17403
+
17404
+ # Provides details about sensitive data that was detected on a resource.
17405
+ #
17406
+ # @note When making an API call, you may pass DataClassificationDetails
17407
+ # data as a hash:
17408
+ #
17409
+ # {
17410
+ # detailed_results_location: "NonEmptyString",
17411
+ # result: {
17412
+ # mime_type: "NonEmptyString",
17413
+ # size_classified: 1,
17414
+ # additional_occurrences: false,
17415
+ # status: {
17416
+ # code: "NonEmptyString",
17417
+ # reason: "NonEmptyString",
17418
+ # },
17419
+ # sensitive_data: [
17420
+ # {
17421
+ # category: "NonEmptyString",
17422
+ # detections: [
17423
+ # {
17424
+ # count: 1,
17425
+ # type: "NonEmptyString",
17426
+ # occurrences: {
17427
+ # line_ranges: [
17428
+ # {
17429
+ # start: 1,
17430
+ # end: 1,
17431
+ # start_column: 1,
17432
+ # },
17433
+ # ],
17434
+ # offset_ranges: [
17435
+ # {
17436
+ # start: 1,
17437
+ # end: 1,
17438
+ # start_column: 1,
17439
+ # },
17440
+ # ],
17441
+ # pages: [
17442
+ # {
17443
+ # page_number: 1,
17444
+ # line_range: {
17445
+ # start: 1,
17446
+ # end: 1,
17447
+ # start_column: 1,
17448
+ # },
17449
+ # offset_range: {
17450
+ # start: 1,
17451
+ # end: 1,
17452
+ # start_column: 1,
17453
+ # },
17454
+ # },
17455
+ # ],
17456
+ # records: [
17457
+ # {
17458
+ # json_path: "NonEmptyString",
17459
+ # record_index: 1,
17460
+ # },
17461
+ # ],
17462
+ # cells: [
17463
+ # {
17464
+ # column: 1,
17465
+ # row: 1,
17466
+ # column_name: "NonEmptyString",
17467
+ # cell_reference: "NonEmptyString",
17468
+ # },
17469
+ # ],
17470
+ # },
17471
+ # },
17472
+ # ],
17473
+ # total_count: 1,
17474
+ # },
17475
+ # ],
17476
+ # custom_data_identifiers: {
17477
+ # detections: [
17478
+ # {
17479
+ # count: 1,
17480
+ # arn: "NonEmptyString",
17481
+ # name: "NonEmptyString",
17482
+ # occurrences: {
17483
+ # line_ranges: [
17484
+ # {
17485
+ # start: 1,
17486
+ # end: 1,
17487
+ # start_column: 1,
17488
+ # },
17489
+ # ],
17490
+ # offset_ranges: [
17491
+ # {
17492
+ # start: 1,
17493
+ # end: 1,
17494
+ # start_column: 1,
17495
+ # },
17496
+ # ],
17497
+ # pages: [
17498
+ # {
17499
+ # page_number: 1,
17500
+ # line_range: {
17501
+ # start: 1,
17502
+ # end: 1,
17503
+ # start_column: 1,
17504
+ # },
17505
+ # offset_range: {
17506
+ # start: 1,
17507
+ # end: 1,
17508
+ # start_column: 1,
17509
+ # },
17510
+ # },
17511
+ # ],
17512
+ # records: [
17513
+ # {
17514
+ # json_path: "NonEmptyString",
17515
+ # record_index: 1,
17516
+ # },
17517
+ # ],
17518
+ # cells: [
17519
+ # {
17520
+ # column: 1,
17521
+ # row: 1,
17522
+ # column_name: "NonEmptyString",
17523
+ # cell_reference: "NonEmptyString",
17524
+ # },
17525
+ # ],
17526
+ # },
17527
+ # },
17528
+ # ],
17529
+ # total_count: 1,
17530
+ # },
17531
+ # },
17532
+ # }
17533
+ #
17534
+ # @!attribute [rw] detailed_results_location
17535
+ # The path to the folder or file that contains the sensitive data.
16437
17536
  # @return [String]
16438
17537
  #
16439
- # @!attribute [rw] base_score
16440
- # The base CVSS score.
16441
- # @return [Float]
16442
- #
16443
- # @!attribute [rw] base_vector
16444
- # The base scoring vector for the CVSS score.
16445
- # @return [String]
17538
+ # @!attribute [rw] result
17539
+ # The details about the sensitive data that was detected on the
17540
+ # resource.
17541
+ # @return [Types::ClassificationResult]
16446
17542
  #
16447
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
17543
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DataClassificationDetails AWS API Documentation
16448
17544
  #
16449
- class Cvss < Struct.new(
16450
- :version,
16451
- :base_score,
16452
- :base_vector)
17545
+ class DataClassificationDetails < Struct.new(
17546
+ :detailed_results_location,
17547
+ :result)
16453
17548
  SENSITIVE = []
16454
17549
  include Aws::Structure
16455
17550
  end
@@ -16814,6 +17909,7 @@ module Aws::SecurityHub
16814
17909
  # {
16815
17910
  # next_token: "NextToken",
16816
17911
  # max_results: 1,
17912
+ # product_arn: "NonEmptyString",
16817
17913
  # }
16818
17914
  #
16819
17915
  # @!attribute [rw] next_token
@@ -16830,11 +17926,16 @@ module Aws::SecurityHub
16830
17926
  # The maximum number of results to return.
16831
17927
  # @return [Integer]
16832
17928
  #
17929
+ # @!attribute [rw] product_arn
17930
+ # The ARN of the integration to return.
17931
+ # @return [String]
17932
+ #
16833
17933
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
16834
17934
  #
16835
17935
  class DescribeProductsRequest < Struct.new(
16836
17936
  :next_token,
16837
- :max_results)
17937
+ :max_results,
17938
+ :product_arn)
16838
17939
  SENSITIVE = []
16839
17940
  include Aws::Structure
16840
17941
  end
@@ -17017,6 +18118,16 @@ module Aws::SecurityHub
17017
18118
  #
17018
18119
  class DisableSecurityHubResponse < Aws::EmptyStructure; end
17019
18120
 
18121
+ # @api private
18122
+ #
18123
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountRequest AWS API Documentation
18124
+ #
18125
+ class DisassociateFromAdministratorAccountRequest < Aws::EmptyStructure; end
18126
+
18127
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountResponse AWS API Documentation
18128
+ #
18129
+ class DisassociateFromAdministratorAccountResponse < Aws::EmptyStructure; end
18130
+
17020
18131
  # @api private
17021
18132
  #
17022
18133
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccountRequest AWS API Documentation
@@ -17036,7 +18147,7 @@ module Aws::SecurityHub
17036
18147
  #
17037
18148
  # @!attribute [rw] account_ids
17038
18149
  # The account IDs of the member accounts to disassociate from the
17039
- # master account.
18150
+ # administrator account.
17040
18151
  # @return [Array<String>]
17041
18152
  #
17042
18153
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembersRequest AWS API Documentation
@@ -17176,6 +18287,103 @@ module Aws::SecurityHub
17176
18287
  #
17177
18288
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
17178
18289
 
18290
+ # In a `BatchImportFindings` request, finding providers use
18291
+ # `FindingProviderFields` to provide and update values for confidence,
18292
+ # criticality, related findings, severity, and types.
18293
+ #
18294
+ # @note When making an API call, you may pass FindingProviderFields
18295
+ # data as a hash:
18296
+ #
18297
+ # {
18298
+ # confidence: 1,
18299
+ # criticality: 1,
18300
+ # related_findings: [
18301
+ # {
18302
+ # product_arn: "NonEmptyString", # required
18303
+ # id: "NonEmptyString", # required
18304
+ # },
18305
+ # ],
18306
+ # severity: {
18307
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18308
+ # original: "NonEmptyString",
18309
+ # },
18310
+ # types: ["NonEmptyString"],
18311
+ # }
18312
+ #
18313
+ # @!attribute [rw] confidence
18314
+ # A finding's confidence. Confidence is defined as the likelihood
18315
+ # that a finding accurately identifies the behavior or issue that it
18316
+ # was intended to identify.
18317
+ #
18318
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
18319
+ # means zero percent confidence and 100 means 100 percent confidence.
18320
+ # @return [Integer]
18321
+ #
18322
+ # @!attribute [rw] criticality
18323
+ # The level of importance assigned to the resources associated with
18324
+ # the finding.
18325
+ #
18326
+ # A score of 0 means that the underlying resources have no
18327
+ # criticality, and a score of 100 is reserved for the most critical
18328
+ # resources.
18329
+ # @return [Integer]
18330
+ #
18331
+ # @!attribute [rw] related_findings
18332
+ # A list of findings that are related to the current finding.
18333
+ # @return [Array<Types::RelatedFinding>]
18334
+ #
18335
+ # @!attribute [rw] severity
18336
+ # The severity of a finding.
18337
+ # @return [Types::FindingProviderSeverity]
18338
+ #
18339
+ # @!attribute [rw] types
18340
+ # One or more finding types in the format of
18341
+ # `namespace/category/classifier` that classify a finding.
18342
+ #
18343
+ # Valid namespace values are: Software and Configuration Checks \|
18344
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
18345
+ # Identifications
18346
+ # @return [Array<String>]
18347
+ #
18348
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderFields AWS API Documentation
18349
+ #
18350
+ class FindingProviderFields < Struct.new(
18351
+ :confidence,
18352
+ :criticality,
18353
+ :related_findings,
18354
+ :severity,
18355
+ :types)
18356
+ SENSITIVE = []
18357
+ include Aws::Structure
18358
+ end
18359
+
18360
+ # The severity assigned to the finding by the finding provider.
18361
+ #
18362
+ # @note When making an API call, you may pass FindingProviderSeverity
18363
+ # data as a hash:
18364
+ #
18365
+ # {
18366
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18367
+ # original: "NonEmptyString",
18368
+ # }
18369
+ #
18370
+ # @!attribute [rw] label
18371
+ # The severity label assigned to the finding by the finding provider.
18372
+ # @return [String]
18373
+ #
18374
+ # @!attribute [rw] original
18375
+ # The finding provider's original value for the severity.
18376
+ # @return [String]
18377
+ #
18378
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderSeverity AWS API Documentation
18379
+ #
18380
+ class FindingProviderSeverity < Struct.new(
18381
+ :label,
18382
+ :original)
18383
+ SENSITIVE = []
18384
+ include Aws::Structure
18385
+ end
18386
+
17179
18387
  # Provides the latitude and longitude coordinates of a location.
17180
18388
  #
17181
18389
  # @note When making an API call, you may pass GeoLocation
@@ -17203,6 +18411,24 @@ module Aws::SecurityHub
17203
18411
  include Aws::Structure
17204
18412
  end
17205
18413
 
18414
+ # @api private
18415
+ #
18416
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountRequest AWS API Documentation
18417
+ #
18418
+ class GetAdministratorAccountRequest < Aws::EmptyStructure; end
18419
+
18420
+ # @!attribute [rw] administrator
18421
+ # Details about an invitation.
18422
+ # @return [Types::Invitation]
18423
+ #
18424
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountResponse AWS API Documentation
18425
+ #
18426
+ class GetAdministratorAccountResponse < Struct.new(
18427
+ :administrator)
18428
+ SENSITIVE = []
18429
+ include Aws::Structure
18430
+ end
18431
+
17206
18432
  # @note When making an API call, you may pass GetEnabledStandardsRequest
17207
18433
  # data as a hash:
17208
18434
  #
@@ -17817,6 +19043,50 @@ module Aws::SecurityHub
17817
19043
  # value: "NonEmptyString",
17818
19044
  # },
17819
19045
  # ],
19046
+ # finding_provider_fields_confidence: [
19047
+ # {
19048
+ # gte: 1.0,
19049
+ # lte: 1.0,
19050
+ # eq: 1.0,
19051
+ # },
19052
+ # ],
19053
+ # finding_provider_fields_criticality: [
19054
+ # {
19055
+ # gte: 1.0,
19056
+ # lte: 1.0,
19057
+ # eq: 1.0,
19058
+ # },
19059
+ # ],
19060
+ # finding_provider_fields_related_findings_id: [
19061
+ # {
19062
+ # value: "NonEmptyString",
19063
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19064
+ # },
19065
+ # ],
19066
+ # finding_provider_fields_related_findings_product_arn: [
19067
+ # {
19068
+ # value: "NonEmptyString",
19069
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19070
+ # },
19071
+ # ],
19072
+ # finding_provider_fields_severity_label: [
19073
+ # {
19074
+ # value: "NonEmptyString",
19075
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19076
+ # },
19077
+ # ],
19078
+ # finding_provider_fields_severity_original: [
19079
+ # {
19080
+ # value: "NonEmptyString",
19081
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19082
+ # },
19083
+ # ],
19084
+ # finding_provider_fields_types: [
19085
+ # {
19086
+ # value: "NonEmptyString",
19087
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19088
+ # },
19089
+ # ],
17820
19090
  # },
17821
19091
  # sort_criteria: [
17822
19092
  # {
@@ -17997,8 +19267,8 @@ module Aws::SecurityHub
17997
19267
  class GetMasterAccountRequest < Aws::EmptyStructure; end
17998
19268
 
17999
19269
  # @!attribute [rw] master
18000
- # A list of details about the Security Hub master account for the
18001
- # current member account.
19270
+ # A list of details about the Security Hub administrator account for
19271
+ # the current member account.
18002
19272
  # @return [Types::Invitation]
18003
19273
  #
18004
19274
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetMasterAccountResponse AWS API Documentation
@@ -18215,7 +19485,7 @@ module Aws::SecurityHub
18215
19485
  # Details about an invitation.
18216
19486
  #
18217
19487
  # @!attribute [rw] account_id
18218
- # The account ID of the Security Hub master account that the
19488
+ # The account ID of the Security Hub administrator account that the
18219
19489
  # invitation was sent from.
18220
19490
  # @return [String]
18221
19491
  #
@@ -18228,8 +19498,8 @@ module Aws::SecurityHub
18228
19498
  # @return [Time]
18229
19499
  #
18230
19500
  # @!attribute [rw] member_status
18231
- # The current status of the association between the member and master
18232
- # accounts.
19501
+ # The current status of the association between the member and
19502
+ # administrator accounts.
18233
19503
  # @return [String]
18234
19504
  #
18235
19505
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Invitation AWS API Documentation
@@ -18517,12 +19787,12 @@ module Aws::SecurityHub
18517
19787
  #
18518
19788
  # @!attribute [rw] only_associated
18519
19789
  # Specifies which member accounts to include in the response based on
18520
- # their relationship status with the master account. The default value
18521
- # is `TRUE`.
19790
+ # their relationship status with the administrator account. The
19791
+ # default value is `TRUE`.
18522
19792
  #
18523
19793
  # If `OnlyAssociated` is set to `TRUE`, the response includes member
18524
- # accounts whose relationship status with the master is set to
18525
- # `ENABLED`.
19794
+ # accounts whose relationship status with the administrator account is
19795
+ # set to `ENABLED`.
18526
19796
  #
18527
19797
  # If `OnlyAssociated` is set to `FALSE`, the response includes all
18528
19798
  # existing member accounts.
@@ -18787,35 +20057,42 @@ module Aws::SecurityHub
18787
20057
  # @return [String]
18788
20058
  #
18789
20059
  # @!attribute [rw] master_id
18790
- # The AWS account ID of the Security Hub master account associated
18791
- # with this member account.
20060
+ # This is replaced by `AdministratorID`.
20061
+ #
20062
+ # The AWS account ID of the Security Hub administrator account
20063
+ # associated with this member account.
20064
+ # @return [String]
20065
+ #
20066
+ # @!attribute [rw] administrator_id
20067
+ # The AWS account ID of the Security Hub administrator account
20068
+ # associated with this member account.
18792
20069
  # @return [String]
18793
20070
  #
18794
20071
  # @!attribute [rw] member_status
18795
20072
  # The status of the relationship between the member account and its
18796
- # master account.
20073
+ # administrator account.
18797
20074
  #
18798
20075
  # The status can have one of the following values:
18799
20076
  #
18800
- # * `CREATED` - Indicates that the master account added the member
18801
- # account, but has not yet invited the member account.
20077
+ # * `CREATED` - Indicates that the administrator account added the
20078
+ # member account, but has not yet invited the member account.
18802
20079
  #
18803
- # * `INVITED` - Indicates that the master account invited the member
18804
- # account. The member account has not yet responded to the
20080
+ # * `INVITED` - Indicates that the administrator account invited the
20081
+ # member account. The member account has not yet responded to the
18805
20082
  # invitation.
18806
20083
  #
18807
20084
  # * `ENABLED` - Indicates that the member account is currently active.
18808
20085
  # For manually invited member accounts, indicates that the member
18809
20086
  # account accepted the invitation.
18810
20087
  #
18811
- # * `REMOVED` - Indicates that the master account disassociated the
18812
- # member account.
20088
+ # * `REMOVED` - Indicates that the administrator account disassociated
20089
+ # the member account.
18813
20090
  #
18814
20091
  # * `RESIGNED` - Indicates that the member account disassociated
18815
- # themselves from the master account.
20092
+ # themselves from the administrator account.
18816
20093
  #
18817
- # * `DELETED` - Indicates that the master account deleted the member
18818
- # account.
20094
+ # * `DELETED` - Indicates that the administrator account deleted the
20095
+ # member account.
18819
20096
  # @return [String]
18820
20097
  #
18821
20098
  # @!attribute [rw] invited_at
@@ -18834,6 +20111,7 @@ module Aws::SecurityHub
18834
20111
  :account_id,
18835
20112
  :email,
18836
20113
  :master_id,
20114
+ :administrator_id,
18837
20115
  :member_status,
18838
20116
  :invited_at,
18839
20117
  :updated_at)
@@ -19283,6 +20561,139 @@ module Aws::SecurityHub
19283
20561
  include Aws::Structure
19284
20562
  end
19285
20563
 
20564
+ # The detected occurrences of sensitive data.
20565
+ #
20566
+ # @note When making an API call, you may pass Occurrences
20567
+ # data as a hash:
20568
+ #
20569
+ # {
20570
+ # line_ranges: [
20571
+ # {
20572
+ # start: 1,
20573
+ # end: 1,
20574
+ # start_column: 1,
20575
+ # },
20576
+ # ],
20577
+ # offset_ranges: [
20578
+ # {
20579
+ # start: 1,
20580
+ # end: 1,
20581
+ # start_column: 1,
20582
+ # },
20583
+ # ],
20584
+ # pages: [
20585
+ # {
20586
+ # page_number: 1,
20587
+ # line_range: {
20588
+ # start: 1,
20589
+ # end: 1,
20590
+ # start_column: 1,
20591
+ # },
20592
+ # offset_range: {
20593
+ # start: 1,
20594
+ # end: 1,
20595
+ # start_column: 1,
20596
+ # },
20597
+ # },
20598
+ # ],
20599
+ # records: [
20600
+ # {
20601
+ # json_path: "NonEmptyString",
20602
+ # record_index: 1,
20603
+ # },
20604
+ # ],
20605
+ # cells: [
20606
+ # {
20607
+ # column: 1,
20608
+ # row: 1,
20609
+ # column_name: "NonEmptyString",
20610
+ # cell_reference: "NonEmptyString",
20611
+ # },
20612
+ # ],
20613
+ # }
20614
+ #
20615
+ # @!attribute [rw] line_ranges
20616
+ # Occurrences of sensitive data detected in a non-binary text file or
20617
+ # a Microsoft Word file. Non-binary text files include files such as
20618
+ # HTML, XML, JSON, and TXT files.
20619
+ # @return [Array<Types::Range>]
20620
+ #
20621
+ # @!attribute [rw] offset_ranges
20622
+ # Occurrences of sensitive data detected in a binary text file.
20623
+ # @return [Array<Types::Range>]
20624
+ #
20625
+ # @!attribute [rw] pages
20626
+ # Occurrences of sensitive data in an Adobe Portable Document Format
20627
+ # (PDF) file.
20628
+ # @return [Array<Types::Page>]
20629
+ #
20630
+ # @!attribute [rw] records
20631
+ # Occurrences of sensitive data in an Apache Avro object container or
20632
+ # an Apache Parquet file.
20633
+ # @return [Array<Types::Record>]
20634
+ #
20635
+ # @!attribute [rw] cells
20636
+ # Occurrences of sensitive data detected in Microsoft Excel workbooks,
20637
+ # comma-separated value (CSV) files, or tab-separated value (TSV)
20638
+ # files.
20639
+ # @return [Array<Types::Cell>]
20640
+ #
20641
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Occurrences AWS API Documentation
20642
+ #
20643
+ class Occurrences < Struct.new(
20644
+ :line_ranges,
20645
+ :offset_ranges,
20646
+ :pages,
20647
+ :records,
20648
+ :cells)
20649
+ SENSITIVE = []
20650
+ include Aws::Structure
20651
+ end
20652
+
20653
+ # An occurrence of sensitive data in an Adobe Portable Document Format
20654
+ # (PDF) file.
20655
+ #
20656
+ # @note When making an API call, you may pass Page
20657
+ # data as a hash:
20658
+ #
20659
+ # {
20660
+ # page_number: 1,
20661
+ # line_range: {
20662
+ # start: 1,
20663
+ # end: 1,
20664
+ # start_column: 1,
20665
+ # },
20666
+ # offset_range: {
20667
+ # start: 1,
20668
+ # end: 1,
20669
+ # start_column: 1,
20670
+ # },
20671
+ # }
20672
+ #
20673
+ # @!attribute [rw] page_number
20674
+ # The page number of the page that contains the sensitive data.
20675
+ # @return [Integer]
20676
+ #
20677
+ # @!attribute [rw] line_range
20678
+ # An occurrence of sensitive data detected in a non-binary text file
20679
+ # or a Microsoft Word file. Non-binary text files include files such
20680
+ # as HTML, XML, JSON, and TXT files.
20681
+ # @return [Types::Range]
20682
+ #
20683
+ # @!attribute [rw] offset_range
20684
+ # An occurrence of sensitive data detected in a binary text file.
20685
+ # @return [Types::Range]
20686
+ #
20687
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Page AWS API Documentation
20688
+ #
20689
+ class Page < Struct.new(
20690
+ :page_number,
20691
+ :line_range,
20692
+ :offset_range)
20693
+ SENSITIVE = []
20694
+ include Aws::Structure
20695
+ end
20696
+
19286
20697
  # Provides an overview of the patch compliance status for an instance
19287
20698
  # against a selected compliance standard.
19288
20699
  #
@@ -19630,38 +21041,85 @@ module Aws::SecurityHub
19630
21041
  # The types of integration that the product supports. Available values
19631
21042
  # are the following.
19632
21043
  #
19633
- # * `SEND_FINDINGS_TO_SECURITY_HUB` - Indicates that the integration
19634
- # sends findings to Security Hub.
21044
+ # * `SEND_FINDINGS_TO_SECURITY_HUB` - The integration sends findings
21045
+ # to Security Hub.
19635
21046
  #
19636
- # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - Indicates that the
19637
- # integration receives findings from Security Hub.
21047
+ # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - The integration receives
21048
+ # findings from Security Hub.
21049
+ #
21050
+ # * `UPDATE_FINDINGS_IN_SECURITY_HUB` - The integration does not send
21051
+ # new findings to Security Hub, but does make updates to the
21052
+ # findings that it receives from Security Hub.
19638
21053
  # @return [Array<String>]
19639
21054
  #
19640
21055
  # @!attribute [rw] marketplace_url
19641
- # The URL for the page that contains more information about the
19642
- # product.
21056
+ # For integrations with AWS services, the AWS Console URL from which
21057
+ # to activate the service.
21058
+ #
21059
+ # For integrations with third-party products, the AWS Marketplace URL
21060
+ # from which to subscribe to or purchase the product.
19643
21061
  # @return [String]
19644
21062
  #
19645
21063
  # @!attribute [rw] activation_url
19646
- # The URL used to activate the product.
21064
+ # The URL to the service or product documentation about the
21065
+ # integration with Security Hub, including how to activate the
21066
+ # integration.
21067
+ # @return [String]
21068
+ #
21069
+ # @!attribute [rw] product_subscription_resource_policy
21070
+ # The resource policy associated with the product.
19647
21071
  # @return [String]
19648
21072
  #
19649
- # @!attribute [rw] product_subscription_resource_policy
19650
- # The resource policy associated with the product.
19651
- # @return [String]
21073
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21074
+ #
21075
+ class Product < Struct.new(
21076
+ :product_arn,
21077
+ :product_name,
21078
+ :company_name,
21079
+ :description,
21080
+ :categories,
21081
+ :integration_types,
21082
+ :marketplace_url,
21083
+ :activation_url,
21084
+ :product_subscription_resource_policy)
21085
+ SENSITIVE = []
21086
+ include Aws::Structure
21087
+ end
21088
+
21089
+ # Identifies where the sensitive data begins and ends.
21090
+ #
21091
+ # @note When making an API call, you may pass Range
21092
+ # data as a hash:
21093
+ #
21094
+ # {
21095
+ # start: 1,
21096
+ # end: 1,
21097
+ # start_column: 1,
21098
+ # }
21099
+ #
21100
+ # @!attribute [rw] start
21101
+ # The number of lines (for a line range) or characters (for an offset
21102
+ # range) from the beginning of the file to the end of the sensitive
21103
+ # data.
21104
+ # @return [Integer]
21105
+ #
21106
+ # @!attribute [rw] end
21107
+ # The number of lines (for a line range) or characters (for an offset
21108
+ # range) from the beginning of the file to the end of the sensitive
21109
+ # data.
21110
+ # @return [Integer]
19652
21111
  #
19653
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21112
+ # @!attribute [rw] start_column
21113
+ # In the line where the sensitive data starts, the column within the
21114
+ # line where the sensitive data starts.
21115
+ # @return [Integer]
19654
21116
  #
19655
- class Product < Struct.new(
19656
- :product_arn,
19657
- :product_name,
19658
- :company_name,
19659
- :description,
19660
- :categories,
19661
- :integration_types,
19662
- :marketplace_url,
19663
- :activation_url,
19664
- :product_subscription_resource_policy)
21117
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Range AWS API Documentation
21118
+ #
21119
+ class Range < Struct.new(
21120
+ :start,
21121
+ :end,
21122
+ :start_column)
19665
21123
  SENSITIVE = []
19666
21124
  include Aws::Structure
19667
21125
  end
@@ -19696,6 +21154,38 @@ module Aws::SecurityHub
19696
21154
  include Aws::Structure
19697
21155
  end
19698
21156
 
21157
+ # An occurrence of sensitive data in an Apache Avro object container or
21158
+ # an Apache Parquet file.
21159
+ #
21160
+ # @note When making an API call, you may pass Record
21161
+ # data as a hash:
21162
+ #
21163
+ # {
21164
+ # json_path: "NonEmptyString",
21165
+ # record_index: 1,
21166
+ # }
21167
+ #
21168
+ # @!attribute [rw] json_path
21169
+ # The path, as a JSONPath expression, to the field in the record that
21170
+ # contains the data. If the field name is longer than 20 characters,
21171
+ # it is truncated. If the path is longer than 250 characters, it is
21172
+ # truncated.
21173
+ # @return [String]
21174
+ #
21175
+ # @!attribute [rw] record_index
21176
+ # The record index, starting from 0, for the record that contains the
21177
+ # data.
21178
+ # @return [Integer]
21179
+ #
21180
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Record AWS API Documentation
21181
+ #
21182
+ class Record < Struct.new(
21183
+ :json_path,
21184
+ :record_index)
21185
+ SENSITIVE = []
21186
+ include Aws::Structure
21187
+ end
21188
+
19699
21189
  # Details about a related finding.
19700
21190
  #
19701
21191
  # @note When making an API call, you may pass RelatedFinding
@@ -19762,6 +21252,130 @@ module Aws::SecurityHub
19762
21252
  # tags: {
19763
21253
  # "NonEmptyString" => "NonEmptyString",
19764
21254
  # },
21255
+ # data_classification: {
21256
+ # detailed_results_location: "NonEmptyString",
21257
+ # result: {
21258
+ # mime_type: "NonEmptyString",
21259
+ # size_classified: 1,
21260
+ # additional_occurrences: false,
21261
+ # status: {
21262
+ # code: "NonEmptyString",
21263
+ # reason: "NonEmptyString",
21264
+ # },
21265
+ # sensitive_data: [
21266
+ # {
21267
+ # category: "NonEmptyString",
21268
+ # detections: [
21269
+ # {
21270
+ # count: 1,
21271
+ # type: "NonEmptyString",
21272
+ # occurrences: {
21273
+ # line_ranges: [
21274
+ # {
21275
+ # start: 1,
21276
+ # end: 1,
21277
+ # start_column: 1,
21278
+ # },
21279
+ # ],
21280
+ # offset_ranges: [
21281
+ # {
21282
+ # start: 1,
21283
+ # end: 1,
21284
+ # start_column: 1,
21285
+ # },
21286
+ # ],
21287
+ # pages: [
21288
+ # {
21289
+ # page_number: 1,
21290
+ # line_range: {
21291
+ # start: 1,
21292
+ # end: 1,
21293
+ # start_column: 1,
21294
+ # },
21295
+ # offset_range: {
21296
+ # start: 1,
21297
+ # end: 1,
21298
+ # start_column: 1,
21299
+ # },
21300
+ # },
21301
+ # ],
21302
+ # records: [
21303
+ # {
21304
+ # json_path: "NonEmptyString",
21305
+ # record_index: 1,
21306
+ # },
21307
+ # ],
21308
+ # cells: [
21309
+ # {
21310
+ # column: 1,
21311
+ # row: 1,
21312
+ # column_name: "NonEmptyString",
21313
+ # cell_reference: "NonEmptyString",
21314
+ # },
21315
+ # ],
21316
+ # },
21317
+ # },
21318
+ # ],
21319
+ # total_count: 1,
21320
+ # },
21321
+ # ],
21322
+ # custom_data_identifiers: {
21323
+ # detections: [
21324
+ # {
21325
+ # count: 1,
21326
+ # arn: "NonEmptyString",
21327
+ # name: "NonEmptyString",
21328
+ # occurrences: {
21329
+ # line_ranges: [
21330
+ # {
21331
+ # start: 1,
21332
+ # end: 1,
21333
+ # start_column: 1,
21334
+ # },
21335
+ # ],
21336
+ # offset_ranges: [
21337
+ # {
21338
+ # start: 1,
21339
+ # end: 1,
21340
+ # start_column: 1,
21341
+ # },
21342
+ # ],
21343
+ # pages: [
21344
+ # {
21345
+ # page_number: 1,
21346
+ # line_range: {
21347
+ # start: 1,
21348
+ # end: 1,
21349
+ # start_column: 1,
21350
+ # },
21351
+ # offset_range: {
21352
+ # start: 1,
21353
+ # end: 1,
21354
+ # start_column: 1,
21355
+ # },
21356
+ # },
21357
+ # ],
21358
+ # records: [
21359
+ # {
21360
+ # json_path: "NonEmptyString",
21361
+ # record_index: 1,
21362
+ # },
21363
+ # ],
21364
+ # cells: [
21365
+ # {
21366
+ # column: 1,
21367
+ # row: 1,
21368
+ # column_name: "NonEmptyString",
21369
+ # cell_reference: "NonEmptyString",
21370
+ # },
21371
+ # ],
21372
+ # },
21373
+ # },
21374
+ # ],
21375
+ # total_count: 1,
21376
+ # },
21377
+ # },
21378
+ # },
19765
21379
  # details: {
19766
21380
  # aws_auto_scaling_auto_scaling_group: {
19767
21381
  # launch_configuration_name: "NonEmptyString",
@@ -20063,6 +21677,18 @@ module Aws::SecurityHub
20063
21677
  # },
20064
21678
  # ],
20065
21679
  # },
21680
+ # public_access_block_configuration: {
21681
+ # block_public_acls: false,
21682
+ # block_public_policy: false,
21683
+ # ignore_public_acls: false,
21684
+ # restrict_public_buckets: false,
21685
+ # },
21686
+ # },
21687
+ # aws_s3_account_public_access_block: {
21688
+ # block_public_acls: false,
21689
+ # block_public_policy: false,
21690
+ # ignore_public_acls: false,
21691
+ # restrict_public_buckets: false,
20066
21692
  # },
20067
21693
  # aws_s3_object: {
20068
21694
  # last_modified: "NonEmptyString",
@@ -21148,6 +22774,11 @@ module Aws::SecurityHub
21148
22774
  # finding was processed.
21149
22775
  # @return [Hash<String,String>]
21150
22776
  #
22777
+ # @!attribute [rw] data_classification
22778
+ # Contains information about sensitive data that was detected on the
22779
+ # resource.
22780
+ # @return [Types::DataClassificationDetails]
22781
+ #
21151
22782
  # @!attribute [rw] details
21152
22783
  # Additional details about the resource related to a finding.
21153
22784
  # @return [Types::ResourceDetails]
@@ -21161,6 +22792,7 @@ module Aws::SecurityHub
21161
22792
  :region,
21162
22793
  :resource_role,
21163
22794
  :tags,
22795
+ :data_classification,
21164
22796
  :details)
21165
22797
  SENSITIVE = []
21166
22798
  include Aws::Structure
@@ -21501,6 +23133,18 @@ module Aws::SecurityHub
21501
23133
  # },
21502
23134
  # ],
21503
23135
  # },
23136
+ # public_access_block_configuration: {
23137
+ # block_public_acls: false,
23138
+ # block_public_policy: false,
23139
+ # ignore_public_acls: false,
23140
+ # restrict_public_buckets: false,
23141
+ # },
23142
+ # },
23143
+ # aws_s3_account_public_access_block: {
23144
+ # block_public_acls: false,
23145
+ # block_public_policy: false,
23146
+ # ignore_public_acls: false,
23147
+ # restrict_public_buckets: false,
21504
23148
  # },
21505
23149
  # aws_s3_object: {
21506
23150
  # last_modified: "NonEmptyString",
@@ -22600,6 +24244,11 @@ module Aws::SecurityHub
22600
24244
  # Details about an Amazon S3 bucket related to a finding.
22601
24245
  # @return [Types::AwsS3BucketDetails]
22602
24246
  #
24247
+ # @!attribute [rw] aws_s3_account_public_access_block
24248
+ # Details about the Amazon S3 Public Access Block configuration for an
24249
+ # account.
24250
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
24251
+ #
22603
24252
  # @!attribute [rw] aws_s3_object
22604
24253
  # Details about an Amazon S3 object related to a finding.
22605
24254
  # @return [Types::AwsS3ObjectDetails]
@@ -22743,6 +24392,7 @@ module Aws::SecurityHub
22743
24392
  :aws_elbv_2_load_balancer,
22744
24393
  :aws_elasticsearch_domain,
22745
24394
  :aws_s3_bucket,
24395
+ :aws_s3_account_public_access_block,
22746
24396
  :aws_s3_object,
22747
24397
  :aws_secrets_manager_secret,
22748
24398
  :aws_iam_access_key,
@@ -22813,6 +24463,171 @@ module Aws::SecurityHub
22813
24463
  include Aws::Structure
22814
24464
  end
22815
24465
 
24466
+ # The list of detected instances of sensitive data.
24467
+ #
24468
+ # @note When making an API call, you may pass SensitiveDataDetections
24469
+ # data as a hash:
24470
+ #
24471
+ # {
24472
+ # count: 1,
24473
+ # type: "NonEmptyString",
24474
+ # occurrences: {
24475
+ # line_ranges: [
24476
+ # {
24477
+ # start: 1,
24478
+ # end: 1,
24479
+ # start_column: 1,
24480
+ # },
24481
+ # ],
24482
+ # offset_ranges: [
24483
+ # {
24484
+ # start: 1,
24485
+ # end: 1,
24486
+ # start_column: 1,
24487
+ # },
24488
+ # ],
24489
+ # pages: [
24490
+ # {
24491
+ # page_number: 1,
24492
+ # line_range: {
24493
+ # start: 1,
24494
+ # end: 1,
24495
+ # start_column: 1,
24496
+ # },
24497
+ # offset_range: {
24498
+ # start: 1,
24499
+ # end: 1,
24500
+ # start_column: 1,
24501
+ # },
24502
+ # },
24503
+ # ],
24504
+ # records: [
24505
+ # {
24506
+ # json_path: "NonEmptyString",
24507
+ # record_index: 1,
24508
+ # },
24509
+ # ],
24510
+ # cells: [
24511
+ # {
24512
+ # column: 1,
24513
+ # row: 1,
24514
+ # column_name: "NonEmptyString",
24515
+ # cell_reference: "NonEmptyString",
24516
+ # },
24517
+ # ],
24518
+ # },
24519
+ # }
24520
+ #
24521
+ # @!attribute [rw] count
24522
+ # The total number of occurrences of sensitive data that were
24523
+ # detected.
24524
+ # @return [Integer]
24525
+ #
24526
+ # @!attribute [rw] type
24527
+ # The type of sensitive data that was detected. For example, the type
24528
+ # might indicate that the data is an email address.
24529
+ # @return [String]
24530
+ #
24531
+ # @!attribute [rw] occurrences
24532
+ # Details about the sensitive data that was detected.
24533
+ # @return [Types::Occurrences]
24534
+ #
24535
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataDetections AWS API Documentation
24536
+ #
24537
+ class SensitiveDataDetections < Struct.new(
24538
+ :count,
24539
+ :type,
24540
+ :occurrences)
24541
+ SENSITIVE = []
24542
+ include Aws::Structure
24543
+ end
24544
+
24545
+ # Contains a detected instance of sensitive data that are based on
24546
+ # built-in identifiers.
24547
+ #
24548
+ # @note When making an API call, you may pass SensitiveDataResult
24549
+ # data as a hash:
24550
+ #
24551
+ # {
24552
+ # category: "NonEmptyString",
24553
+ # detections: [
24554
+ # {
24555
+ # count: 1,
24556
+ # type: "NonEmptyString",
24557
+ # occurrences: {
24558
+ # line_ranges: [
24559
+ # {
24560
+ # start: 1,
24561
+ # end: 1,
24562
+ # start_column: 1,
24563
+ # },
24564
+ # ],
24565
+ # offset_ranges: [
24566
+ # {
24567
+ # start: 1,
24568
+ # end: 1,
24569
+ # start_column: 1,
24570
+ # },
24571
+ # ],
24572
+ # pages: [
24573
+ # {
24574
+ # page_number: 1,
24575
+ # line_range: {
24576
+ # start: 1,
24577
+ # end: 1,
24578
+ # start_column: 1,
24579
+ # },
24580
+ # offset_range: {
24581
+ # start: 1,
24582
+ # end: 1,
24583
+ # start_column: 1,
24584
+ # },
24585
+ # },
24586
+ # ],
24587
+ # records: [
24588
+ # {
24589
+ # json_path: "NonEmptyString",
24590
+ # record_index: 1,
24591
+ # },
24592
+ # ],
24593
+ # cells: [
24594
+ # {
24595
+ # column: 1,
24596
+ # row: 1,
24597
+ # column_name: "NonEmptyString",
24598
+ # cell_reference: "NonEmptyString",
24599
+ # },
24600
+ # ],
24601
+ # },
24602
+ # },
24603
+ # ],
24604
+ # total_count: 1,
24605
+ # }
24606
+ #
24607
+ # @!attribute [rw] category
24608
+ # The category of sensitive data that was detected. For example, the
24609
+ # category can indicate that the sensitive data involved credentials,
24610
+ # financial information, or personal information.
24611
+ # @return [String]
24612
+ #
24613
+ # @!attribute [rw] detections
24614
+ # The list of detected instances of sensitive data.
24615
+ # @return [Array<Types::SensitiveDataDetections>]
24616
+ #
24617
+ # @!attribute [rw] total_count
24618
+ # The total number of occurrences of sensitive data.
24619
+ # @return [Integer]
24620
+ #
24621
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataResult AWS API Documentation
24622
+ #
24623
+ class SensitiveDataResult < Struct.new(
24624
+ :category,
24625
+ :detections,
24626
+ :total_count)
24627
+ SENSITIVE = []
24628
+ include Aws::Structure
24629
+ end
24630
+
22816
24631
  # The severity of the finding.
22817
24632
  #
22818
24633
  # The finding provider can provide the initial severity. The finding
@@ -24061,6 +25876,50 @@ module Aws::SecurityHub
24061
25876
  # value: "NonEmptyString",
24062
25877
  # },
24063
25878
  # ],
25879
+ # finding_provider_fields_confidence: [
25880
+ # {
25881
+ # gte: 1.0,
25882
+ # lte: 1.0,
25883
+ # eq: 1.0,
25884
+ # },
25885
+ # ],
25886
+ # finding_provider_fields_criticality: [
25887
+ # {
25888
+ # gte: 1.0,
25889
+ # lte: 1.0,
25890
+ # eq: 1.0,
25891
+ # },
25892
+ # ],
25893
+ # finding_provider_fields_related_findings_id: [
25894
+ # {
25895
+ # value: "NonEmptyString",
25896
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25897
+ # },
25898
+ # ],
25899
+ # finding_provider_fields_related_findings_product_arn: [
25900
+ # {
25901
+ # value: "NonEmptyString",
25902
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25903
+ # },
25904
+ # ],
25905
+ # finding_provider_fields_severity_label: [
25906
+ # {
25907
+ # value: "NonEmptyString",
25908
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25909
+ # },
25910
+ # ],
25911
+ # finding_provider_fields_severity_original: [
25912
+ # {
25913
+ # value: "NonEmptyString",
25914
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25915
+ # },
25916
+ # ],
25917
+ # finding_provider_fields_types: [
25918
+ # {
25919
+ # value: "NonEmptyString",
25920
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25921
+ # },
25922
+ # ],
24064
25923
  # },
24065
25924
  # note: {
24066
25925
  # text: "NonEmptyString", # required
@@ -24656,6 +26515,50 @@ module Aws::SecurityHub
24656
26515
  # value: "NonEmptyString",
24657
26516
  # },
24658
26517
  # ],
26518
+ # finding_provider_fields_confidence: [
26519
+ # {
26520
+ # gte: 1.0,
26521
+ # lte: 1.0,
26522
+ # eq: 1.0,
26523
+ # },
26524
+ # ],
26525
+ # finding_provider_fields_criticality: [
26526
+ # {
26527
+ # gte: 1.0,
26528
+ # lte: 1.0,
26529
+ # eq: 1.0,
26530
+ # },
26531
+ # ],
26532
+ # finding_provider_fields_related_findings_id: [
26533
+ # {
26534
+ # value: "NonEmptyString",
26535
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26536
+ # },
26537
+ # ],
26538
+ # finding_provider_fields_related_findings_product_arn: [
26539
+ # {
26540
+ # value: "NonEmptyString",
26541
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26542
+ # },
26543
+ # ],
26544
+ # finding_provider_fields_severity_label: [
26545
+ # {
26546
+ # value: "NonEmptyString",
26547
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26548
+ # },
26549
+ # ],
26550
+ # finding_provider_fields_severity_original: [
26551
+ # {
26552
+ # value: "NonEmptyString",
26553
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26554
+ # },
26555
+ # ],
26556
+ # finding_provider_fields_types: [
26557
+ # {
26558
+ # value: "NonEmptyString",
26559
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26560
+ # },
26561
+ # ],
24659
26562
  # },
24660
26563
  # group_by_attribute: "NonEmptyString",
24661
26564
  # }