aws-sdk-securityhub 1.38.0 → 1.43.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +228 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +3 -3
  6. data/lib/aws-sdk-securityhub/client.rb +601 -70
  7. data/lib/aws-sdk-securityhub/client_api.rb +202 -7
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +2004 -101
  11. metadata +11 -8
data/lib/aws-sdk-securityhub/errors.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/resource.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -3,13 +3,44 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
10
10
  module Aws::SecurityHub
11
11
  module Types
12
12
 
13
+ # @note When making an API call, you may pass AcceptAdministratorInvitationRequest
14
+ # data as a hash:
15
+ #
16
+ # {
17
+ # administrator_id: "NonEmptyString", # required
18
+ # invitation_id: "NonEmptyString", # required
19
+ # }
20
+ #
21
+ # @!attribute [rw] administrator_id
22
+ # The account ID of the Security Hub administrator account that sent
23
+ # the invitation.
24
+ # @return [String]
25
+ #
26
+ # @!attribute [rw] invitation_id
27
+ # The identifier of the invitation sent from the Security Hub
28
+ # administrator account.
29
+ # @return [String]
30
+ #
31
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationRequest AWS API Documentation
32
+ #
33
+ class AcceptAdministratorInvitationRequest < Struct.new(
34
+ :administrator_id,
35
+ :invitation_id)
36
+ SENSITIVE = []
37
+ include Aws::Structure
38
+ end
39
+
40
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationResponse AWS API Documentation
41
+ #
42
+ class AcceptAdministratorInvitationResponse < Aws::EmptyStructure; end
43
+
13
44
  # @note When making an API call, you may pass AcceptInvitationRequest
14
45
  # data as a hash:
15
46
  #
@@ -19,12 +50,13 @@ module Aws::SecurityHub
19
50
  # }
20
51
  #
21
52
  # @!attribute [rw] master_id
22
- # The account ID of the Security Hub master account that sent the
23
- # invitation.
53
+ # The account ID of the Security Hub administrator account that sent
54
+ # the invitation.
24
55
  # @return [String]
25
56
  #
26
57
  # @!attribute [rw] invitation_id
27
- # The ID of the invitation sent from the Security Hub master account.
58
+ # The identifier of the invitation sent from the Security Hub
59
+ # administrator account.
28
60
  # @return [String]
29
61
  #
30
62
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptInvitationRequest AWS API Documentation
@@ -85,8 +117,8 @@ module Aws::SecurityHub
85
117
  include Aws::Structure
86
118
  end
87
119
 
88
- # Provides details about one of the following actions that were detected
89
- # for the finding:
120
+ # Provides details about one of the following actions that affects or
121
+ # that was taken on a resource:
90
122
  #
91
123
  # * A remote IP address issued an AWS API call
92
124
  #
@@ -9765,6 +9797,51 @@ module Aws::SecurityHub
9765
9797
  include Aws::Structure
9766
9798
  end
9767
9799
 
9800
+ # provides information about the Amazon S3 Public Access Block
9801
+ # configuration for accounts.
9802
+ #
9803
+ # @note When making an API call, you may pass AwsS3AccountPublicAccessBlockDetails
9804
+ # data as a hash:
9805
+ #
9806
+ # {
9807
+ # block_public_acls: false,
9808
+ # block_public_policy: false,
9809
+ # ignore_public_acls: false,
9810
+ # restrict_public_buckets: false,
9811
+ # }
9812
+ #
9813
+ # @!attribute [rw] block_public_acls
9814
+ # Indicates whether to reject calls to update an S3 bucket if the
9815
+ # calls include a public access control list (ACL).
9816
+ # @return [Boolean]
9817
+ #
9818
+ # @!attribute [rw] block_public_policy
9819
+ # Indicates whether to reject calls to update the access policy for an
9820
+ # S3 bucket or access point if the policy allows public access.
9821
+ # @return [Boolean]
9822
+ #
9823
+ # @!attribute [rw] ignore_public_acls
9824
+ # Indicates whether Amazon S3 ignores public ACLs that are associated
9825
+ # with an S3 bucket.
9826
+ # @return [Boolean]
9827
+ #
9828
+ # @!attribute [rw] restrict_public_buckets
9829
+ # Indicates whether to restrict access to an access point or S3 bucket
9830
+ # that has a public policy to only AWS service principals and
9831
+ # authorized users within the S3 bucket owner's account.
9832
+ # @return [Boolean]
9833
+ #
9834
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3AccountPublicAccessBlockDetails AWS API Documentation
9835
+ #
9836
+ class AwsS3AccountPublicAccessBlockDetails < Struct.new(
9837
+ :block_public_acls,
9838
+ :block_public_policy,
9839
+ :ignore_public_acls,
9840
+ :restrict_public_buckets)
9841
+ SENSITIVE = []
9842
+ include Aws::Structure
9843
+ end
9844
+
9768
9845
  # The details of an Amazon S3 bucket.
9769
9846
  #
9770
9847
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -9784,6 +9861,12 @@ module Aws::SecurityHub
9784
9861
  # },
9785
9862
  # ],
9786
9863
  # },
9864
+ # public_access_block_configuration: {
9865
+ # block_public_acls: false,
9866
+ # block_public_policy: false,
9867
+ # ignore_public_acls: false,
9868
+ # restrict_public_buckets: false,
9869
+ # },
9787
9870
  # }
9788
9871
  #
9789
9872
  # @!attribute [rw] owner_id
@@ -9810,13 +9893,19 @@ module Aws::SecurityHub
9810
9893
  # The encryption rules that are applied to the S3 bucket.
9811
9894
  # @return [Types::AwsS3BucketServerSideEncryptionConfiguration]
9812
9895
  #
9896
+ # @!attribute [rw] public_access_block_configuration
9897
+ # Provides information about the Amazon S3 Public Access Block
9898
+ # configuration for the S3 bucket.
9899
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
9900
+ #
9813
9901
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
9814
9902
  #
9815
9903
  class AwsS3BucketDetails < Struct.new(
9816
9904
  :owner_id,
9817
9905
  :owner_name,
9818
9906
  :created_at,
9819
- :server_side_encryption_configuration)
9907
+ :server_side_encryption_configuration,
9908
+ :public_access_block_configuration)
9820
9909
  SENSITIVE = []
9821
9910
  include Aws::Structure
9822
9911
  end
@@ -10077,12 +10166,12 @@ module Aws::SecurityHub
10077
10166
  # product_arn: "NonEmptyString", # required
10078
10167
  # generator_id: "NonEmptyString", # required
10079
10168
  # aws_account_id: "NonEmptyString", # required
10080
- # types: ["NonEmptyString"], # required
10169
+ # types: ["NonEmptyString"],
10081
10170
  # first_observed_at: "NonEmptyString",
10082
10171
  # last_observed_at: "NonEmptyString",
10083
10172
  # created_at: "NonEmptyString", # required
10084
10173
  # updated_at: "NonEmptyString", # required
10085
- # severity: { # required
10174
+ # severity: {
10086
10175
  # product: 1.0,
10087
10176
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
10088
10177
  # normalized: 1,
@@ -10206,6 +10295,130 @@ module Aws::SecurityHub
10206
10295
  # tags: {
10207
10296
  # "NonEmptyString" => "NonEmptyString",
10208
10297
  # },
10298
+ # data_classification: {
10299
+ # detailed_results_location: "NonEmptyString",
10300
+ # result: {
10301
+ # mime_type: "NonEmptyString",
10302
+ # size_classified: 1,
10303
+ # additional_occurrences: false,
10304
+ # status: {
10305
+ # code: "NonEmptyString",
10306
+ # reason: "NonEmptyString",
10307
+ # },
10308
+ # sensitive_data: [
10309
+ # {
10310
+ # category: "NonEmptyString",
10311
+ # detections: [
10312
+ # {
10313
+ # count: 1,
10314
+ # type: "NonEmptyString",
10315
+ # occurrences: {
10316
+ # line_ranges: [
10317
+ # {
10318
+ # start: 1,
10319
+ # end: 1,
10320
+ # start_column: 1,
10321
+ # },
10322
+ # ],
10323
+ # offset_ranges: [
10324
+ # {
10325
+ # start: 1,
10326
+ # end: 1,
10327
+ # start_column: 1,
10328
+ # },
10329
+ # ],
10330
+ # pages: [
10331
+ # {
10332
+ # page_number: 1,
10333
+ # line_range: {
10334
+ # start: 1,
10335
+ # end: 1,
10336
+ # start_column: 1,
10337
+ # },
10338
+ # offset_range: {
10339
+ # start: 1,
10340
+ # end: 1,
10341
+ # start_column: 1,
10342
+ # },
10343
+ # },
10344
+ # ],
10345
+ # records: [
10346
+ # {
10347
+ # json_path: "NonEmptyString",
10348
+ # record_index: 1,
10349
+ # },
10350
+ # ],
10351
+ # cells: [
10352
+ # {
10353
+ # column: 1,
10354
+ # row: 1,
10355
+ # column_name: "NonEmptyString",
10356
+ # cell_reference: "NonEmptyString",
10357
+ # },
10358
+ # ],
10359
+ # },
10360
+ # },
10361
+ # ],
10362
+ # total_count: 1,
10363
+ # },
10364
+ # ],
10365
+ # custom_data_identifiers: {
10366
+ # detections: [
10367
+ # {
10368
+ # count: 1,
10369
+ # arn: "NonEmptyString",
10370
+ # name: "NonEmptyString",
10371
+ # occurrences: {
10372
+ # line_ranges: [
10373
+ # {
10374
+ # start: 1,
10375
+ # end: 1,
10376
+ # start_column: 1,
10377
+ # },
10378
+ # ],
10379
+ # offset_ranges: [
10380
+ # {
10381
+ # start: 1,
10382
+ # end: 1,
10383
+ # start_column: 1,
10384
+ # },
10385
+ # ],
10386
+ # pages: [
10387
+ # {
10388
+ # page_number: 1,
10389
+ # line_range: {
10390
+ # start: 1,
10391
+ # end: 1,
10392
+ # start_column: 1,
10393
+ # },
10394
+ # offset_range: {
10395
+ # start: 1,
10396
+ # end: 1,
10397
+ # start_column: 1,
10398
+ # },
10399
+ # },
10400
+ # ],
10401
+ # records: [
10402
+ # {
10403
+ # json_path: "NonEmptyString",
10404
+ # record_index: 1,
10405
+ # },
10406
+ # ],
10407
+ # cells: [
10408
+ # {
10409
+ # column: 1,
10410
+ # row: 1,
10411
+ # column_name: "NonEmptyString",
10412
+ # cell_reference: "NonEmptyString",
10413
+ # },
10414
+ # ],
10415
+ # },
10416
+ # },
10417
+ # ],
10418
+ # total_count: 1,
10419
+ # },
10420
+ # },
10421
+ # },
10209
10422
  # details: {
10210
10423
  # aws_auto_scaling_auto_scaling_group: {
10211
10424
  # launch_configuration_name: "NonEmptyString",
@@ -10507,6 +10720,18 @@ module Aws::SecurityHub
10507
10720
  # },
10508
10721
  # ],
10509
10722
  # },
10723
+ # public_access_block_configuration: {
10724
+ # block_public_acls: false,
10725
+ # block_public_policy: false,
10726
+ # ignore_public_acls: false,
10727
+ # restrict_public_buckets: false,
10728
+ # },
10729
+ # },
10730
+ # aws_s3_account_public_access_block: {
10731
+ # block_public_acls: false,
10732
+ # block_public_policy: false,
10733
+ # ignore_public_acls: false,
10734
+ # restrict_public_buckets: false,
10510
10735
  # },
10511
10736
  # aws_s3_object: {
10512
10737
  # last_modified: "NonEmptyString",
@@ -11737,6 +11962,21 @@ module Aws::SecurityHub
11737
11962
  # blocked: false,
11738
11963
  # },
11739
11964
  # },
11965
+ # finding_provider_fields: {
11966
+ # confidence: 1,
11967
+ # criticality: 1,
11968
+ # related_findings: [
11969
+ # {
11970
+ # product_arn: "NonEmptyString", # required
11971
+ # id: "NonEmptyString", # required
11972
+ # },
11973
+ # ],
11974
+ # severity: {
11975
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
11976
+ # original: "NonEmptyString",
11977
+ # },
11978
+ # types: ["NonEmptyString"],
11979
+ # },
11740
11980
  # }
11741
11981
  #
11742
11982
  # @!attribute [rw] schema_version
@@ -11953,9 +12193,16 @@ module Aws::SecurityHub
11953
12193
  # @return [Types::PatchSummary]
11954
12194
  #
11955
12195
  # @!attribute [rw] action
11956
- # Provides details about an action that was detected for the finding.
12196
+ # Provides details about an action that affects or that was taken on a
12197
+ # resource.
11957
12198
  # @return [Types::Action]
11958
12199
  #
12200
+ # @!attribute [rw] finding_provider_fields
12201
+ # In a `BatchImportFindings` request, finding providers use
12202
+ # `FindingProviderFields` to provide and update their own values for
12203
+ # confidence, criticality, related findings, severity, and types.
12204
+ # @return [Types::FindingProviderFields]
12205
+ #
11959
12206
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11960
12207
  #
11961
12208
  class AwsSecurityFinding < Struct.new(
@@ -11993,7 +12240,8 @@ module Aws::SecurityHub
11993
12240
  :note,
11994
12241
  :vulnerabilities,
11995
12242
  :patch_summary,
11996
- :action)
12243
+ :action,
12244
+ :finding_provider_fields)
11997
12245
  SENSITIVE = []
11998
12246
  include Aws::Structure
11999
12247
  end
@@ -12562,6 +12810,50 @@ module Aws::SecurityHub
12562
12810
  # value: "NonEmptyString",
12563
12811
  # },
12564
12812
  # ],
12813
+ # finding_provider_fields_confidence: [
12814
+ # {
12815
+ # gte: 1.0,
12816
+ # lte: 1.0,
12817
+ # eq: 1.0,
12818
+ # },
12819
+ # ],
12820
+ # finding_provider_fields_criticality: [
12821
+ # {
12822
+ # gte: 1.0,
12823
+ # lte: 1.0,
12824
+ # eq: 1.0,
12825
+ # },
12826
+ # ],
12827
+ # finding_provider_fields_related_findings_id: [
12828
+ # {
12829
+ # value: "NonEmptyString",
12830
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12831
+ # },
12832
+ # ],
12833
+ # finding_provider_fields_related_findings_product_arn: [
12834
+ # {
12835
+ # value: "NonEmptyString",
12836
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12837
+ # },
12838
+ # ],
12839
+ # finding_provider_fields_severity_label: [
12840
+ # {
12841
+ # value: "NonEmptyString",
12842
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12843
+ # },
12844
+ # ],
12845
+ # finding_provider_fields_severity_original: [
12846
+ # {
12847
+ # value: "NonEmptyString",
12848
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12849
+ # },
12850
+ # ],
12851
+ # finding_provider_fields_types: [
12852
+ # {
12853
+ # value: "NonEmptyString",
12854
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12855
+ # },
12856
+ # ],
12565
12857
  # }
12566
12858
  #
12567
12859
  # @!attribute [rw] product_arn
@@ -12969,6 +13261,52 @@ module Aws::SecurityHub
12969
13261
  # A keyword for a finding.
12970
13262
  # @return [Array<Types::KeywordFilter>]
12971
13263
  #
13264
+ # @!attribute [rw] finding_provider_fields_confidence
13265
+ # The finding provider value for the finding confidence. Confidence is
13266
+ # defined as the likelihood that a finding accurately identifies the
13267
+ # behavior or issue that it was intended to identify.
13268
+ #
13269
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
13270
+ # means zero percent confidence and 100 means 100 percent confidence.
13271
+ # @return [Array<Types::NumberFilter>]
13272
+ #
13273
+ # @!attribute [rw] finding_provider_fields_criticality
13274
+ # The finding provider value for the level of importance assigned to
13275
+ # the resources associated with the findings.
13276
+ #
13277
+ # A score of 0 means that the underlying resources have no
13278
+ # criticality, and a score of 100 is reserved for the most critical
13279
+ # resources.
13280
+ # @return [Array<Types::NumberFilter>]
13281
+ #
13282
+ # @!attribute [rw] finding_provider_fields_related_findings_id
13283
+ # The finding identifier of a related finding that is identified by
13284
+ # the finding provider.
13285
+ # @return [Array<Types::StringFilter>]
13286
+ #
13287
+ # @!attribute [rw] finding_provider_fields_related_findings_product_arn
13288
+ # The ARN of the solution that generated a related finding that is
13289
+ # identified by the finding provider.
13290
+ # @return [Array<Types::StringFilter>]
13291
+ #
13292
+ # @!attribute [rw] finding_provider_fields_severity_label
13293
+ # The finding provider value for the severity label.
13294
+ # @return [Array<Types::StringFilter>]
13295
+ #
13296
+ # @!attribute [rw] finding_provider_fields_severity_original
13297
+ # The finding provider's original value for the severity.
13298
+ # @return [Array<Types::StringFilter>]
13299
+ #
13300
+ # @!attribute [rw] finding_provider_fields_types
13301
+ # One or more finding types that the finding provider assigned to the
13302
+ # finding. Uses the format of `namespace/category/classifier` that
13303
+ # classify a finding.
13304
+ #
13305
+ # Valid namespace values are: Software and Configuration Checks \|
13306
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
13307
+ # Identifications
13308
+ # @return [Array<Types::StringFilter>]
13309
+ #
12972
13310
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
12973
13311
  #
12974
13312
  class AwsSecurityFindingFilters < Struct.new(
@@ -13055,7 +13393,14 @@ module Aws::SecurityHub
13055
13393
  :note_text,
13056
13394
  :note_updated_at,
13057
13395
  :note_updated_by,
13058
- :keyword)
13396
+ :keyword,
13397
+ :finding_provider_fields_confidence,
13398
+ :finding_provider_fields_criticality,
13399
+ :finding_provider_fields_related_findings_id,
13400
+ :finding_provider_fields_related_findings_product_arn,
13401
+ :finding_provider_fields_severity_label,
13402
+ :finding_provider_fields_severity_original,
13403
+ :finding_provider_fields_types)
13059
13404
  SENSITIVE = []
13060
13405
  include Aws::Structure
13061
13406
  end
@@ -13661,12 +14006,12 @@ module Aws::SecurityHub
13661
14006
  # product_arn: "NonEmptyString", # required
13662
14007
  # generator_id: "NonEmptyString", # required
13663
14008
  # aws_account_id: "NonEmptyString", # required
13664
- # types: ["NonEmptyString"], # required
14009
+ # types: ["NonEmptyString"],
13665
14010
  # first_observed_at: "NonEmptyString",
13666
14011
  # last_observed_at: "NonEmptyString",
13667
14012
  # created_at: "NonEmptyString", # required
13668
14013
  # updated_at: "NonEmptyString", # required
13669
- # severity: { # required
14014
+ # severity: {
13670
14015
  # product: 1.0,
13671
14016
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
13672
14017
  # normalized: 1,
@@ -13790,6 +14135,130 @@ module Aws::SecurityHub
13790
14135
  # tags: {
13791
14136
  # "NonEmptyString" => "NonEmptyString",
13792
14137
  # },
14138
+ # data_classification: {
14139
+ # detailed_results_location: "NonEmptyString",
14140
+ # result: {
14141
+ # mime_type: "NonEmptyString",
14142
+ # size_classified: 1,
14143
+ # additional_occurrences: false,
14144
+ # status: {
14145
+ # code: "NonEmptyString",
14146
+ # reason: "NonEmptyString",
14147
+ # },
14148
+ # sensitive_data: [
14149
+ # {
14150
+ # category: "NonEmptyString",
14151
+ # detections: [
14152
+ # {
14153
+ # count: 1,
14154
+ # type: "NonEmptyString",
14155
+ # occurrences: {
14156
+ # line_ranges: [
14157
+ # {
14158
+ # start: 1,
14159
+ # end: 1,
14160
+ # start_column: 1,
14161
+ # },
14162
+ # ],
14163
+ # offset_ranges: [
14164
+ # {
14165
+ # start: 1,
14166
+ # end: 1,
14167
+ # start_column: 1,
14168
+ # },
14169
+ # ],
14170
+ # pages: [
14171
+ # {
14172
+ # page_number: 1,
14173
+ # line_range: {
14174
+ # start: 1,
14175
+ # end: 1,
14176
+ # start_column: 1,
14177
+ # },
14178
+ # offset_range: {
14179
+ # start: 1,
14180
+ # end: 1,
14181
+ # start_column: 1,
14182
+ # },
14183
+ # },
14184
+ # ],
14185
+ # records: [
14186
+ # {
14187
+ # json_path: "NonEmptyString",
14188
+ # record_index: 1,
14189
+ # },
14190
+ # ],
14191
+ # cells: [
14192
+ # {
14193
+ # column: 1,
14194
+ # row: 1,
14195
+ # column_name: "NonEmptyString",
14196
+ # cell_reference: "NonEmptyString",
14197
+ # },
14198
+ # ],
14199
+ # },
14200
+ # },
14201
+ # ],
14202
+ # total_count: 1,
14203
+ # },
14204
+ # ],
14205
+ # custom_data_identifiers: {
14206
+ # detections: [
14207
+ # {
14208
+ # count: 1,
14209
+ # arn: "NonEmptyString",
14210
+ # name: "NonEmptyString",
14211
+ # occurrences: {
14212
+ # line_ranges: [
14213
+ # {
14214
+ # start: 1,
14215
+ # end: 1,
14216
+ # start_column: 1,
14217
+ # },
14218
+ # ],
14219
+ # offset_ranges: [
14220
+ # {
14221
+ # start: 1,
14222
+ # end: 1,
14223
+ # start_column: 1,
14224
+ # },
14225
+ # ],
14226
+ # pages: [
14227
+ # {
14228
+ # page_number: 1,
14229
+ # line_range: {
14230
+ # start: 1,
14231
+ # end: 1,
14232
+ # start_column: 1,
14233
+ # },
14234
+ # offset_range: {
14235
+ # start: 1,
14236
+ # end: 1,
14237
+ # start_column: 1,
14238
+ # },
14239
+ # },
14240
+ # ],
14241
+ # records: [
14242
+ # {
14243
+ # json_path: "NonEmptyString",
14244
+ # record_index: 1,
14245
+ # },
14246
+ # ],
14247
+ # cells: [
14248
+ # {
14249
+ # column: 1,
14250
+ # row: 1,
14251
+ # column_name: "NonEmptyString",
14252
+ # cell_reference: "NonEmptyString",
14253
+ # },
14254
+ # ],
14255
+ # },
14256
+ # },
14257
+ # ],
14258
+ # total_count: 1,
14259
+ # },
14260
+ # },
14261
+ # },
13793
14262
  # details: {
13794
14263
  # aws_auto_scaling_auto_scaling_group: {
13795
14264
  # launch_configuration_name: "NonEmptyString",
@@ -14091,6 +14560,18 @@ module Aws::SecurityHub
14091
14560
  # },
14092
14561
  # ],
14093
14562
  # },
14563
+ # public_access_block_configuration: {
14564
+ # block_public_acls: false,
14565
+ # block_public_policy: false,
14566
+ # ignore_public_acls: false,
14567
+ # restrict_public_buckets: false,
14568
+ # },
14569
+ # },
14570
+ # aws_s3_account_public_access_block: {
14571
+ # block_public_acls: false,
14572
+ # block_public_policy: false,
14573
+ # ignore_public_acls: false,
14574
+ # restrict_public_buckets: false,
14094
14575
  # },
14095
14576
  # aws_s3_object: {
14096
14577
  # last_modified: "NonEmptyString",
@@ -15321,6 +15802,21 @@ module Aws::SecurityHub
15321
15802
  # blocked: false,
15322
15803
  # },
15323
15804
  # },
15805
+ # finding_provider_fields: {
15806
+ # confidence: 1,
15807
+ # criticality: 1,
15808
+ # related_findings: [
15809
+ # {
15810
+ # product_arn: "NonEmptyString", # required
15811
+ # id: "NonEmptyString", # required
15812
+ # },
15813
+ # ],
15814
+ # severity: {
15815
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
15816
+ # original: "NonEmptyString",
15817
+ # },
15818
+ # types: ["NonEmptyString"],
15819
+ # },
15324
15820
  # },
15325
15821
  # ],
15326
15822
  # }
@@ -15544,6 +16040,52 @@ module Aws::SecurityHub
15544
16040
  include Aws::Structure
15545
16041
  end
15546
16042
 
16043
+ # An occurrence of sensitive data detected in a Microsoft Excel
16044
+ # workbook, comma-separated value (CSV) file, or tab-separated value
16045
+ # (TSV) file.
16046
+ #
16047
+ # @note When making an API call, you may pass Cell
16048
+ # data as a hash:
16049
+ #
16050
+ # {
16051
+ # column: 1,
16052
+ # row: 1,
16053
+ # column_name: "NonEmptyString",
16054
+ # cell_reference: "NonEmptyString",
16055
+ # }
16056
+ #
16057
+ # @!attribute [rw] column
16058
+ # The column number of the column that contains the data. For a
16059
+ # Microsoft Excel workbook, the column number corresponds to the
16060
+ # alphabetical column identifiers. For example, a value of 1 for
16061
+ # Column corresponds to the A column in the workbook.
16062
+ # @return [Integer]
16063
+ #
16064
+ # @!attribute [rw] row
16065
+ # The row number of the row that contains the data.
16066
+ # @return [Integer]
16067
+ #
16068
+ # @!attribute [rw] column_name
16069
+ # The name of the column that contains the data.
16070
+ # @return [String]
16071
+ #
16072
+ # @!attribute [rw] cell_reference
16073
+ # For a Microsoft Excel workbook, provides the location of the cell,
16074
+ # as an absolute cell reference, that contains the data. For example,
16075
+ # Sheet2!C5 for cell C5 on Sheet2.
16076
+ # @return [String]
16077
+ #
16078
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cell AWS API Documentation
16079
+ #
16080
+ class Cell < Struct.new(
16081
+ :column,
16082
+ :row,
16083
+ :column_name,
16084
+ :cell_reference)
16085
+ SENSITIVE = []
16086
+ include Aws::Structure
16087
+ end
16088
+
15547
16089
  # An IPv4 CIDR block association.
15548
16090
  #
15549
16091
  # @note When making an API call, you may pass CidrBlockAssociation
@@ -15598,39 +16140,236 @@ module Aws::SecurityHub
15598
16140
  include Aws::Structure
15599
16141
  end
15600
16142
 
15601
- # Contains finding details that are specific to control-based findings.
15602
- # Only returned for findings generated from controls.
16143
+ # Details about the sensitive data that was detected on the resource.
15603
16144
  #
15604
- # @note When making an API call, you may pass Compliance
16145
+ # @note When making an API call, you may pass ClassificationResult
15605
16146
  # data as a hash:
15606
16147
  #
15607
16148
  # {
15608
- # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
15609
- # related_requirements: ["NonEmptyString"],
15610
- # status_reasons: [
16149
+ # mime_type: "NonEmptyString",
16150
+ # size_classified: 1,
16151
+ # additional_occurrences: false,
16152
+ # status: {
16153
+ # code: "NonEmptyString",
16154
+ # reason: "NonEmptyString",
16155
+ # },
16156
+ # sensitive_data: [
15611
16157
  # {
15612
- # reason_code: "NonEmptyString", # required
15613
- # description: "NonEmptyString",
16158
+ # category: "NonEmptyString",
16159
+ # detections: [
16160
+ # {
16161
+ # count: 1,
16162
+ # type: "NonEmptyString",
16163
+ # occurrences: {
16164
+ # line_ranges: [
16165
+ # {
16166
+ # start: 1,
16167
+ # end: 1,
16168
+ # start_column: 1,
16169
+ # },
16170
+ # ],
16171
+ # offset_ranges: [
16172
+ # {
16173
+ # start: 1,
16174
+ # end: 1,
16175
+ # start_column: 1,
16176
+ # },
16177
+ # ],
16178
+ # pages: [
16179
+ # {
16180
+ # page_number: 1,
16181
+ # line_range: {
16182
+ # start: 1,
16183
+ # end: 1,
16184
+ # start_column: 1,
16185
+ # },
16186
+ # offset_range: {
16187
+ # start: 1,
16188
+ # end: 1,
16189
+ # start_column: 1,
16190
+ # },
16191
+ # },
16192
+ # ],
16193
+ # records: [
16194
+ # {
16195
+ # json_path: "NonEmptyString",
16196
+ # record_index: 1,
16197
+ # },
16198
+ # ],
16199
+ # cells: [
16200
+ # {
16201
+ # column: 1,
16202
+ # row: 1,
16203
+ # column_name: "NonEmptyString",
16204
+ # cell_reference: "NonEmptyString",
16205
+ # },
16206
+ # ],
16207
+ # },
16208
+ # },
16209
+ # ],
16210
+ # total_count: 1,
15614
16211
  # },
15615
16212
  # ],
15616
- # }
15617
- #
15618
- # @!attribute [rw] status
15619
- # The result of a standards check.
15620
- #
15621
- # The valid values for `Status` are as follows.
15622
- #
15623
- # * * `PASSED` - Standards check passed for all evaluated resources.
15624
- #
15625
- # * `WARNING` - Some information is missing or this check is not
15626
- # supported for your configuration.
15627
- #
15628
- # * `FAILED` - Standards check failed for at least one evaluated
15629
- # resource.
15630
- #
15631
- # * `NOT_AVAILABLE` - Check could not be performed due to a service
15632
- # outage, API error, or because the result of the AWS Config
15633
- # evaluation was `NOT_APPLICABLE`. If the AWS Config evaluation
16213
+ # custom_data_identifiers: {
16214
+ # detections: [
16215
+ # {
16216
+ # count: 1,
16217
+ # arn: "NonEmptyString",
16218
+ # name: "NonEmptyString",
16219
+ # occurrences: {
16220
+ # line_ranges: [
16221
+ # {
16222
+ # start: 1,
16223
+ # end: 1,
16224
+ # start_column: 1,
16225
+ # },
16226
+ # ],
16227
+ # offset_ranges: [
16228
+ # {
16229
+ # start: 1,
16230
+ # end: 1,
16231
+ # start_column: 1,
16232
+ # },
16233
+ # ],
16234
+ # pages: [
16235
+ # {
16236
+ # page_number: 1,
16237
+ # line_range: {
16238
+ # start: 1,
16239
+ # end: 1,
16240
+ # start_column: 1,
16241
+ # },
16242
+ # offset_range: {
16243
+ # start: 1,
16244
+ # end: 1,
16245
+ # start_column: 1,
16246
+ # },
16247
+ # },
16248
+ # ],
16249
+ # records: [
16250
+ # {
16251
+ # json_path: "NonEmptyString",
16252
+ # record_index: 1,
16253
+ # },
16254
+ # ],
16255
+ # cells: [
16256
+ # {
16257
+ # column: 1,
16258
+ # row: 1,
16259
+ # column_name: "NonEmptyString",
16260
+ # cell_reference: "NonEmptyString",
16261
+ # },
16262
+ # ],
16263
+ # },
16264
+ # },
16265
+ # ],
16266
+ # total_count: 1,
16267
+ # },
16268
+ # }
16269
+ #
16270
+ # @!attribute [rw] mime_type
16271
+ # The type of content that the finding applies to.
16272
+ # @return [String]
16273
+ #
16274
+ # @!attribute [rw] size_classified
16275
+ # The total size in bytes of the affected data.
16276
+ # @return [Integer]
16277
+ #
16278
+ # @!attribute [rw] additional_occurrences
16279
+ # Indicates whether there are additional occurrences of sensitive data
16280
+ # that are not included in the finding. This occurs when the number of
16281
+ # occurrences exceeds the maximum that can be included.
16282
+ # @return [Boolean]
16283
+ #
16284
+ # @!attribute [rw] status
16285
+ # The current status of the sensitive data detection.
16286
+ # @return [Types::ClassificationStatus]
16287
+ #
16288
+ # @!attribute [rw] sensitive_data
16289
+ # Provides details about sensitive data that was identified based on
16290
+ # built-in configuration.
16291
+ # @return [Array<Types::SensitiveDataResult>]
16292
+ #
16293
+ # @!attribute [rw] custom_data_identifiers
16294
+ # Provides details about sensitive data that was identified based on
16295
+ # customer-defined configuration.
16296
+ # @return [Types::CustomDataIdentifiersResult]
16297
+ #
16298
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationResult AWS API Documentation
16299
+ #
16300
+ class ClassificationResult < Struct.new(
16301
+ :mime_type,
16302
+ :size_classified,
16303
+ :additional_occurrences,
16304
+ :status,
16305
+ :sensitive_data,
16306
+ :custom_data_identifiers)
16307
+ SENSITIVE = []
16308
+ include Aws::Structure
16309
+ end
16310
+
16311
+ # Provides details about the current status of the sensitive data
16312
+ # detection.
16313
+ #
16314
+ # @note When making an API call, you may pass ClassificationStatus
16315
+ # data as a hash:
16316
+ #
16317
+ # {
16318
+ # code: "NonEmptyString",
16319
+ # reason: "NonEmptyString",
16320
+ # }
16321
+ #
16322
+ # @!attribute [rw] code
16323
+ # The code that represents the status of the sensitive data detection.
16324
+ # @return [String]
16325
+ #
16326
+ # @!attribute [rw] reason
16327
+ # A longer description of the current status of the sensitive data
16328
+ # detection.
16329
+ # @return [String]
16330
+ #
16331
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationStatus AWS API Documentation
16332
+ #
16333
+ class ClassificationStatus < Struct.new(
16334
+ :code,
16335
+ :reason)
16336
+ SENSITIVE = []
16337
+ include Aws::Structure
16338
+ end
16339
+
16340
+ # Contains finding details that are specific to control-based findings.
16341
+ # Only returned for findings generated from controls.
16342
+ #
16343
+ # @note When making an API call, you may pass Compliance
16344
+ # data as a hash:
16345
+ #
16346
+ # {
16347
+ # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
16348
+ # related_requirements: ["NonEmptyString"],
16349
+ # status_reasons: [
16350
+ # {
16351
+ # reason_code: "NonEmptyString", # required
16352
+ # description: "NonEmptyString",
16353
+ # },
16354
+ # ],
16355
+ # }
16356
+ #
16357
+ # @!attribute [rw] status
16358
+ # The result of a standards check.
16359
+ #
16360
+ # The valid values for `Status` are as follows.
16361
+ #
16362
+ # * * `PASSED` - Standards check passed for all evaluated resources.
16363
+ #
16364
+ # * `WARNING` - Some information is missing or this check is not
16365
+ # supported for your configuration.
16366
+ #
16367
+ # * `FAILED` - Standards check failed for at least one evaluated
16368
+ # resource.
16369
+ #
16370
+ # * `NOT_AVAILABLE` - Check could not be performed due to a service
16371
+ # outage, API error, or because the result of the AWS Config
16372
+ # evaluation was `NOT_APPLICABLE`. If the AWS Config evaluation
15634
16373
  # result was `NOT_APPLICABLE`, then after 3 days, Security Hub
15635
16374
  # automatically archives the finding.
15636
16375
  # @return [String]
@@ -16338,6 +17077,50 @@ module Aws::SecurityHub
16338
17077
  # value: "NonEmptyString",
16339
17078
  # },
16340
17079
  # ],
17080
+ # finding_provider_fields_confidence: [
17081
+ # {
17082
+ # gte: 1.0,
17083
+ # lte: 1.0,
17084
+ # eq: 1.0,
17085
+ # },
17086
+ # ],
17087
+ # finding_provider_fields_criticality: [
17088
+ # {
17089
+ # gte: 1.0,
17090
+ # lte: 1.0,
17091
+ # eq: 1.0,
17092
+ # },
17093
+ # ],
17094
+ # finding_provider_fields_related_findings_id: [
17095
+ # {
17096
+ # value: "NonEmptyString",
17097
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17098
+ # },
17099
+ # ],
17100
+ # finding_provider_fields_related_findings_product_arn: [
17101
+ # {
17102
+ # value: "NonEmptyString",
17103
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17104
+ # },
17105
+ # ],
17106
+ # finding_provider_fields_severity_label: [
17107
+ # {
17108
+ # value: "NonEmptyString",
17109
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17110
+ # },
17111
+ # ],
17112
+ # finding_provider_fields_severity_original: [
17113
+ # {
17114
+ # value: "NonEmptyString",
17115
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17116
+ # },
17117
+ # ],
17118
+ # finding_provider_fields_types: [
17119
+ # {
17120
+ # value: "NonEmptyString",
17121
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17122
+ # },
17123
+ # ],
16341
17124
  # },
16342
17125
  # group_by_attribute: "NonEmptyString", # required
16343
17126
  # }
@@ -16395,9 +17178,9 @@ module Aws::SecurityHub
16395
17178
  # }
16396
17179
  #
16397
17180
  # @!attribute [rw] account_details
16398
- # The list of accounts to associate with the Security Hub master
16399
- # account. For each account, the list includes the account ID and
16400
- # optionally the email address.
17181
+ # The list of accounts to associate with the Security Hub
17182
+ # administrator account. For each account, the list includes the
17183
+ # account ID and optionally the email address.
16401
17184
  # @return [Array<Types::AccountDetails>]
16402
17185
  #
16403
17186
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
@@ -16421,6 +17204,170 @@ module Aws::SecurityHub
16421
17204
  include Aws::Structure
16422
17205
  end
16423
17206
 
17207
+ # The list of detected instances of sensitive data.
17208
+ #
17209
+ # @note When making an API call, you may pass CustomDataIdentifiersDetections
17210
+ # data as a hash:
17211
+ #
17212
+ # {
17213
+ # count: 1,
17214
+ # arn: "NonEmptyString",
17215
+ # name: "NonEmptyString",
17216
+ # occurrences: {
17217
+ # line_ranges: [
17218
+ # {
17219
+ # start: 1,
17220
+ # end: 1,
17221
+ # start_column: 1,
17222
+ # },
17223
+ # ],
17224
+ # offset_ranges: [
17225
+ # {
17226
+ # start: 1,
17227
+ # end: 1,
17228
+ # start_column: 1,
17229
+ # },
17230
+ # ],
17231
+ # pages: [
17232
+ # {
17233
+ # page_number: 1,
17234
+ # line_range: {
17235
+ # start: 1,
17236
+ # end: 1,
17237
+ # start_column: 1,
17238
+ # },
17239
+ # offset_range: {
17240
+ # start: 1,
17241
+ # end: 1,
17242
+ # start_column: 1,
17243
+ # },
17244
+ # },
17245
+ # ],
17246
+ # records: [
17247
+ # {
17248
+ # json_path: "NonEmptyString",
17249
+ # record_index: 1,
17250
+ # },
17251
+ # ],
17252
+ # cells: [
17253
+ # {
17254
+ # column: 1,
17255
+ # row: 1,
17256
+ # column_name: "NonEmptyString",
17257
+ # cell_reference: "NonEmptyString",
17258
+ # },
17259
+ # ],
17260
+ # },
17261
+ # }
17262
+ #
17263
+ # @!attribute [rw] count
17264
+ # The total number of occurrences of sensitive data that were
17265
+ # detected.
17266
+ # @return [Integer]
17267
+ #
17268
+ # @!attribute [rw] arn
17269
+ # The ARN of the custom identifier that was used to detect the
17270
+ # sensitive data.
17271
+ # @return [String]
17272
+ #
17273
+ # @!attribute [rw] name
17274
+ # he name of the custom identifier that detected the sensitive data.
17275
+ # @return [String]
17276
+ #
17277
+ # @!attribute [rw] occurrences
17278
+ # Details about the sensitive data that was detected.
17279
+ # @return [Types::Occurrences]
17280
+ #
17281
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersDetections AWS API Documentation
17282
+ #
17283
+ class CustomDataIdentifiersDetections < Struct.new(
17284
+ :count,
17285
+ :arn,
17286
+ :name,
17287
+ :occurrences)
17288
+ SENSITIVE = []
17289
+ include Aws::Structure
17290
+ end
17291
+
17292
+ # Contains an instance of sensitive data that was detected by a
17293
+ # customer-defined identifier.
17294
+ #
17295
+ # @note When making an API call, you may pass CustomDataIdentifiersResult
17296
+ # data as a hash:
17297
+ #
17298
+ # {
17299
+ # detections: [
17300
+ # {
17301
+ # count: 1,
17302
+ # arn: "NonEmptyString",
17303
+ # name: "NonEmptyString",
17304
+ # occurrences: {
17305
+ # line_ranges: [
17306
+ # {
17307
+ # start: 1,
17308
+ # end: 1,
17309
+ # start_column: 1,
17310
+ # },
17311
+ # ],
17312
+ # offset_ranges: [
17313
+ # {
17314
+ # start: 1,
17315
+ # end: 1,
17316
+ # start_column: 1,
17317
+ # },
17318
+ # ],
17319
+ # pages: [
17320
+ # {
17321
+ # page_number: 1,
17322
+ # line_range: {
17323
+ # start: 1,
17324
+ # end: 1,
17325
+ # start_column: 1,
17326
+ # },
17327
+ # offset_range: {
17328
+ # start: 1,
17329
+ # end: 1,
17330
+ # start_column: 1,
17331
+ # },
17332
+ # },
17333
+ # ],
17334
+ # records: [
17335
+ # {
17336
+ # json_path: "NonEmptyString",
17337
+ # record_index: 1,
17338
+ # },
17339
+ # ],
17340
+ # cells: [
17341
+ # {
17342
+ # column: 1,
17343
+ # row: 1,
17344
+ # column_name: "NonEmptyString",
17345
+ # cell_reference: "NonEmptyString",
17346
+ # },
17347
+ # ],
17348
+ # },
17349
+ # },
17350
+ # ],
17351
+ # total_count: 1,
17352
+ # }
17353
+ #
17354
+ # @!attribute [rw] detections
17355
+ # The list of detected instances of sensitive data.
17356
+ # @return [Array<Types::CustomDataIdentifiersDetections>]
17357
+ #
17358
+ # @!attribute [rw] total_count
17359
+ # The total number of occurrences of sensitive data.
17360
+ # @return [Integer]
17361
+ #
17362
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersResult AWS API Documentation
17363
+ #
17364
+ class CustomDataIdentifiersResult < Struct.new(
17365
+ :detections,
17366
+ :total_count)
17367
+ SENSITIVE = []
17368
+ include Aws::Structure
17369
+ end
17370
+
16424
17371
  # CVSS scores from the advisory related to the vulnerability.
16425
17372
  #
16426
17373
  # @note When making an API call, you may pass Cvss
@@ -16432,24 +17379,172 @@ module Aws::SecurityHub
16432
17379
  # base_vector: "NonEmptyString",
16433
17380
  # }
16434
17381
  #
16435
- # @!attribute [rw] version
16436
- # The version of CVSS for the CVSS score.
17382
+ # @!attribute [rw] version
17383
+ # The version of CVSS for the CVSS score.
17384
+ # @return [String]
17385
+ #
17386
+ # @!attribute [rw] base_score
17387
+ # The base CVSS score.
17388
+ # @return [Float]
17389
+ #
17390
+ # @!attribute [rw] base_vector
17391
+ # The base scoring vector for the CVSS score.
17392
+ # @return [String]
17393
+ #
17394
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
17395
+ #
17396
+ class Cvss < Struct.new(
17397
+ :version,
17398
+ :base_score,
17399
+ :base_vector)
17400
+ SENSITIVE = []
17401
+ include Aws::Structure
17402
+ end
17403
+
17404
+ # Provides details about sensitive data that was detected on a resource.
17405
+ #
17406
+ # @note When making an API call, you may pass DataClassificationDetails
17407
+ # data as a hash:
17408
+ #
17409
+ # {
17410
+ # detailed_results_location: "NonEmptyString",
17411
+ # result: {
17412
+ # mime_type: "NonEmptyString",
17413
+ # size_classified: 1,
17414
+ # additional_occurrences: false,
17415
+ # status: {
17416
+ # code: "NonEmptyString",
17417
+ # reason: "NonEmptyString",
17418
+ # },
17419
+ # sensitive_data: [
17420
+ # {
17421
+ # category: "NonEmptyString",
17422
+ # detections: [
17423
+ # {
17424
+ # count: 1,
17425
+ # type: "NonEmptyString",
17426
+ # occurrences: {
17427
+ # line_ranges: [
17428
+ # {
17429
+ # start: 1,
17430
+ # end: 1,
17431
+ # start_column: 1,
17432
+ # },
17433
+ # ],
17434
+ # offset_ranges: [
17435
+ # {
17436
+ # start: 1,
17437
+ # end: 1,
17438
+ # start_column: 1,
17439
+ # },
17440
+ # ],
17441
+ # pages: [
17442
+ # {
17443
+ # page_number: 1,
17444
+ # line_range: {
17445
+ # start: 1,
17446
+ # end: 1,
17447
+ # start_column: 1,
17448
+ # },
17449
+ # offset_range: {
17450
+ # start: 1,
17451
+ # end: 1,
17452
+ # start_column: 1,
17453
+ # },
17454
+ # },
17455
+ # ],
17456
+ # records: [
17457
+ # {
17458
+ # json_path: "NonEmptyString",
17459
+ # record_index: 1,
17460
+ # },
17461
+ # ],
17462
+ # cells: [
17463
+ # {
17464
+ # column: 1,
17465
+ # row: 1,
17466
+ # column_name: "NonEmptyString",
17467
+ # cell_reference: "NonEmptyString",
17468
+ # },
17469
+ # ],
17470
+ # },
17471
+ # },
17472
+ # ],
17473
+ # total_count: 1,
17474
+ # },
17475
+ # ],
17476
+ # custom_data_identifiers: {
17477
+ # detections: [
17478
+ # {
17479
+ # count: 1,
17480
+ # arn: "NonEmptyString",
17481
+ # name: "NonEmptyString",
17482
+ # occurrences: {
17483
+ # line_ranges: [
17484
+ # {
17485
+ # start: 1,
17486
+ # end: 1,
17487
+ # start_column: 1,
17488
+ # },
17489
+ # ],
17490
+ # offset_ranges: [
17491
+ # {
17492
+ # start: 1,
17493
+ # end: 1,
17494
+ # start_column: 1,
17495
+ # },
17496
+ # ],
17497
+ # pages: [
17498
+ # {
17499
+ # page_number: 1,
17500
+ # line_range: {
17501
+ # start: 1,
17502
+ # end: 1,
17503
+ # start_column: 1,
17504
+ # },
17505
+ # offset_range: {
17506
+ # start: 1,
17507
+ # end: 1,
17508
+ # start_column: 1,
17509
+ # },
17510
+ # },
17511
+ # ],
17512
+ # records: [
17513
+ # {
17514
+ # json_path: "NonEmptyString",
17515
+ # record_index: 1,
17516
+ # },
17517
+ # ],
17518
+ # cells: [
17519
+ # {
17520
+ # column: 1,
17521
+ # row: 1,
17522
+ # column_name: "NonEmptyString",
17523
+ # cell_reference: "NonEmptyString",
17524
+ # },
17525
+ # ],
17526
+ # },
17527
+ # },
17528
+ # ],
17529
+ # total_count: 1,
17530
+ # },
17531
+ # },
17532
+ # }
17533
+ #
17534
+ # @!attribute [rw] detailed_results_location
17535
+ # The path to the folder or file that contains the sensitive data.
16437
17536
  # @return [String]
16438
17537
  #
16439
- # @!attribute [rw] base_score
16440
- # The base CVSS score.
16441
- # @return [Float]
16442
- #
16443
- # @!attribute [rw] base_vector
16444
- # The base scoring vector for the CVSS score.
16445
- # @return [String]
17538
+ # @!attribute [rw] result
17539
+ # The details about the sensitive data that was detected on the
17540
+ # resource.
17541
+ # @return [Types::ClassificationResult]
16446
17542
  #
16447
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
17543
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DataClassificationDetails AWS API Documentation
16448
17544
  #
16449
- class Cvss < Struct.new(
16450
- :version,
16451
- :base_score,
16452
- :base_vector)
17545
+ class DataClassificationDetails < Struct.new(
17546
+ :detailed_results_location,
17547
+ :result)
16453
17548
  SENSITIVE = []
16454
17549
  include Aws::Structure
16455
17550
  end
@@ -16814,6 +17909,7 @@ module Aws::SecurityHub
16814
17909
  # {
16815
17910
  # next_token: "NextToken",
16816
17911
  # max_results: 1,
17912
+ # product_arn: "NonEmptyString",
16817
17913
  # }
16818
17914
  #
16819
17915
  # @!attribute [rw] next_token
@@ -16830,11 +17926,16 @@ module Aws::SecurityHub
16830
17926
  # The maximum number of results to return.
16831
17927
  # @return [Integer]
16832
17928
  #
17929
+ # @!attribute [rw] product_arn
17930
+ # The ARN of the integration to return.
17931
+ # @return [String]
17932
+ #
16833
17933
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
16834
17934
  #
16835
17935
  class DescribeProductsRequest < Struct.new(
16836
17936
  :next_token,
16837
- :max_results)
17937
+ :max_results,
17938
+ :product_arn)
16838
17939
  SENSITIVE = []
16839
17940
  include Aws::Structure
16840
17941
  end
@@ -17017,6 +18118,16 @@ module Aws::SecurityHub
17017
18118
  #
17018
18119
  class DisableSecurityHubResponse < Aws::EmptyStructure; end
17019
18120
 
18121
+ # @api private
18122
+ #
18123
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountRequest AWS API Documentation
18124
+ #
18125
+ class DisassociateFromAdministratorAccountRequest < Aws::EmptyStructure; end
18126
+
18127
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountResponse AWS API Documentation
18128
+ #
18129
+ class DisassociateFromAdministratorAccountResponse < Aws::EmptyStructure; end
18130
+
17020
18131
  # @api private
17021
18132
  #
17022
18133
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccountRequest AWS API Documentation
@@ -17036,7 +18147,7 @@ module Aws::SecurityHub
17036
18147
  #
17037
18148
  # @!attribute [rw] account_ids
17038
18149
  # The account IDs of the member accounts to disassociate from the
17039
- # master account.
18150
+ # administrator account.
17040
18151
  # @return [Array<String>]
17041
18152
  #
17042
18153
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembersRequest AWS API Documentation
@@ -17176,6 +18287,103 @@ module Aws::SecurityHub
17176
18287
  #
17177
18288
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
17178
18289
 
18290
+ # In a `BatchImportFindings` request, finding providers use
18291
+ # `FindingProviderFields` to provide and update values for confidence,
18292
+ # criticality, related findings, severity, and types.
18293
+ #
18294
+ # @note When making an API call, you may pass FindingProviderFields
18295
+ # data as a hash:
18296
+ #
18297
+ # {
18298
+ # confidence: 1,
18299
+ # criticality: 1,
18300
+ # related_findings: [
18301
+ # {
18302
+ # product_arn: "NonEmptyString", # required
18303
+ # id: "NonEmptyString", # required
18304
+ # },
18305
+ # ],
18306
+ # severity: {
18307
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18308
+ # original: "NonEmptyString",
18309
+ # },
18310
+ # types: ["NonEmptyString"],
18311
+ # }
18312
+ #
18313
+ # @!attribute [rw] confidence
18314
+ # A finding's confidence. Confidence is defined as the likelihood
18315
+ # that a finding accurately identifies the behavior or issue that it
18316
+ # was intended to identify.
18317
+ #
18318
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
18319
+ # means zero percent confidence and 100 means 100 percent confidence.
18320
+ # @return [Integer]
18321
+ #
18322
+ # @!attribute [rw] criticality
18323
+ # The level of importance assigned to the resources associated with
18324
+ # the finding.
18325
+ #
18326
+ # A score of 0 means that the underlying resources have no
18327
+ # criticality, and a score of 100 is reserved for the most critical
18328
+ # resources.
18329
+ # @return [Integer]
18330
+ #
18331
+ # @!attribute [rw] related_findings
18332
+ # A list of findings that are related to the current finding.
18333
+ # @return [Array<Types::RelatedFinding>]
18334
+ #
18335
+ # @!attribute [rw] severity
18336
+ # The severity of a finding.
18337
+ # @return [Types::FindingProviderSeverity]
18338
+ #
18339
+ # @!attribute [rw] types
18340
+ # One or more finding types in the format of
18341
+ # `namespace/category/classifier` that classify a finding.
18342
+ #
18343
+ # Valid namespace values are: Software and Configuration Checks \|
18344
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
18345
+ # Identifications
18346
+ # @return [Array<String>]
18347
+ #
18348
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderFields AWS API Documentation
18349
+ #
18350
+ class FindingProviderFields < Struct.new(
18351
+ :confidence,
18352
+ :criticality,
18353
+ :related_findings,
18354
+ :severity,
18355
+ :types)
18356
+ SENSITIVE = []
18357
+ include Aws::Structure
18358
+ end
18359
+
18360
+ # The severity assigned to the finding by the finding provider.
18361
+ #
18362
+ # @note When making an API call, you may pass FindingProviderSeverity
18363
+ # data as a hash:
18364
+ #
18365
+ # {
18366
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18367
+ # original: "NonEmptyString",
18368
+ # }
18369
+ #
18370
+ # @!attribute [rw] label
18371
+ # The severity label assigned to the finding by the finding provider.
18372
+ # @return [String]
18373
+ #
18374
+ # @!attribute [rw] original
18375
+ # The finding provider's original value for the severity.
18376
+ # @return [String]
18377
+ #
18378
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderSeverity AWS API Documentation
18379
+ #
18380
+ class FindingProviderSeverity < Struct.new(
18381
+ :label,
18382
+ :original)
18383
+ SENSITIVE = []
18384
+ include Aws::Structure
18385
+ end
18386
+
17179
18387
  # Provides the latitude and longitude coordinates of a location.
17180
18388
  #
17181
18389
  # @note When making an API call, you may pass GeoLocation
@@ -17203,6 +18411,24 @@ module Aws::SecurityHub
17203
18411
  include Aws::Structure
17204
18412
  end
17205
18413
 
18414
+ # @api private
18415
+ #
18416
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountRequest AWS API Documentation
18417
+ #
18418
+ class GetAdministratorAccountRequest < Aws::EmptyStructure; end
18419
+
18420
+ # @!attribute [rw] administrator
18421
+ # Details about an invitation.
18422
+ # @return [Types::Invitation]
18423
+ #
18424
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountResponse AWS API Documentation
18425
+ #
18426
+ class GetAdministratorAccountResponse < Struct.new(
18427
+ :administrator)
18428
+ SENSITIVE = []
18429
+ include Aws::Structure
18430
+ end
18431
+
17206
18432
  # @note When making an API call, you may pass GetEnabledStandardsRequest
17207
18433
  # data as a hash:
17208
18434
  #
@@ -17817,6 +19043,50 @@ module Aws::SecurityHub
17817
19043
  # value: "NonEmptyString",
17818
19044
  # },
17819
19045
  # ],
19046
+ # finding_provider_fields_confidence: [
19047
+ # {
19048
+ # gte: 1.0,
19049
+ # lte: 1.0,
19050
+ # eq: 1.0,
19051
+ # },
19052
+ # ],
19053
+ # finding_provider_fields_criticality: [
19054
+ # {
19055
+ # gte: 1.0,
19056
+ # lte: 1.0,
19057
+ # eq: 1.0,
19058
+ # },
19059
+ # ],
19060
+ # finding_provider_fields_related_findings_id: [
19061
+ # {
19062
+ # value: "NonEmptyString",
19063
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19064
+ # },
19065
+ # ],
19066
+ # finding_provider_fields_related_findings_product_arn: [
19067
+ # {
19068
+ # value: "NonEmptyString",
19069
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19070
+ # },
19071
+ # ],
19072
+ # finding_provider_fields_severity_label: [
19073
+ # {
19074
+ # value: "NonEmptyString",
19075
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19076
+ # },
19077
+ # ],
19078
+ # finding_provider_fields_severity_original: [
19079
+ # {
19080
+ # value: "NonEmptyString",
19081
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19082
+ # },
19083
+ # ],
19084
+ # finding_provider_fields_types: [
19085
+ # {
19086
+ # value: "NonEmptyString",
19087
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19088
+ # },
19089
+ # ],
17820
19090
  # },
17821
19091
  # sort_criteria: [
17822
19092
  # {
@@ -17997,8 +19267,8 @@ module Aws::SecurityHub
17997
19267
  class GetMasterAccountRequest < Aws::EmptyStructure; end
17998
19268
 
17999
19269
  # @!attribute [rw] master
18000
- # A list of details about the Security Hub master account for the
18001
- # current member account.
19270
+ # A list of details about the Security Hub administrator account for
19271
+ # the current member account.
18002
19272
  # @return [Types::Invitation]
18003
19273
  #
18004
19274
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetMasterAccountResponse AWS API Documentation
@@ -18215,7 +19485,7 @@ module Aws::SecurityHub
18215
19485
  # Details about an invitation.
18216
19486
  #
18217
19487
  # @!attribute [rw] account_id
18218
- # The account ID of the Security Hub master account that the
19488
+ # The account ID of the Security Hub administrator account that the
18219
19489
  # invitation was sent from.
18220
19490
  # @return [String]
18221
19491
  #
@@ -18228,8 +19498,8 @@ module Aws::SecurityHub
18228
19498
  # @return [Time]
18229
19499
  #
18230
19500
  # @!attribute [rw] member_status
18231
- # The current status of the association between the member and master
18232
- # accounts.
19501
+ # The current status of the association between the member and
19502
+ # administrator accounts.
18233
19503
  # @return [String]
18234
19504
  #
18235
19505
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Invitation AWS API Documentation
@@ -18517,12 +19787,12 @@ module Aws::SecurityHub
18517
19787
  #
18518
19788
  # @!attribute [rw] only_associated
18519
19789
  # Specifies which member accounts to include in the response based on
18520
- # their relationship status with the master account. The default value
18521
- # is `TRUE`.
19790
+ # their relationship status with the administrator account. The
19791
+ # default value is `TRUE`.
18522
19792
  #
18523
19793
  # If `OnlyAssociated` is set to `TRUE`, the response includes member
18524
- # accounts whose relationship status with the master is set to
18525
- # `ENABLED`.
19794
+ # accounts whose relationship status with the administrator account is
19795
+ # set to `ENABLED`.
18526
19796
  #
18527
19797
  # If `OnlyAssociated` is set to `FALSE`, the response includes all
18528
19798
  # existing member accounts.
@@ -18787,35 +20057,42 @@ module Aws::SecurityHub
18787
20057
  # @return [String]
18788
20058
  #
18789
20059
  # @!attribute [rw] master_id
18790
- # The AWS account ID of the Security Hub master account associated
18791
- # with this member account.
20060
+ # This is replaced by `AdministratorID`.
20061
+ #
20062
+ # The AWS account ID of the Security Hub administrator account
20063
+ # associated with this member account.
20064
+ # @return [String]
20065
+ #
20066
+ # @!attribute [rw] administrator_id
20067
+ # The AWS account ID of the Security Hub administrator account
20068
+ # associated with this member account.
18792
20069
  # @return [String]
18793
20070
  #
18794
20071
  # @!attribute [rw] member_status
18795
20072
  # The status of the relationship between the member account and its
18796
- # master account.
20073
+ # administrator account.
18797
20074
  #
18798
20075
  # The status can have one of the following values:
18799
20076
  #
18800
- # * `CREATED` - Indicates that the master account added the member
18801
- # account, but has not yet invited the member account.
20077
+ # * `CREATED` - Indicates that the administrator account added the
20078
+ # member account, but has not yet invited the member account.
18802
20079
  #
18803
- # * `INVITED` - Indicates that the master account invited the member
18804
- # account. The member account has not yet responded to the
20080
+ # * `INVITED` - Indicates that the administrator account invited the
20081
+ # member account. The member account has not yet responded to the
18805
20082
  # invitation.
18806
20083
  #
18807
20084
  # * `ENABLED` - Indicates that the member account is currently active.
18808
20085
  # For manually invited member accounts, indicates that the member
18809
20086
  # account accepted the invitation.
18810
20087
  #
18811
- # * `REMOVED` - Indicates that the master account disassociated the
18812
- # member account.
20088
+ # * `REMOVED` - Indicates that the administrator account disassociated
20089
+ # the member account.
18813
20090
  #
18814
20091
  # * `RESIGNED` - Indicates that the member account disassociated
18815
- # themselves from the master account.
20092
+ # themselves from the administrator account.
18816
20093
  #
18817
- # * `DELETED` - Indicates that the master account deleted the member
18818
- # account.
20094
+ # * `DELETED` - Indicates that the administrator account deleted the
20095
+ # member account.
18819
20096
  # @return [String]
18820
20097
  #
18821
20098
  # @!attribute [rw] invited_at
@@ -18834,6 +20111,7 @@ module Aws::SecurityHub
18834
20111
  :account_id,
18835
20112
  :email,
18836
20113
  :master_id,
20114
+ :administrator_id,
18837
20115
  :member_status,
18838
20116
  :invited_at,
18839
20117
  :updated_at)
@@ -19283,6 +20561,139 @@ module Aws::SecurityHub
19283
20561
  include Aws::Structure
19284
20562
  end
19285
20563
 
20564
+ # The detected occurrences of sensitive data.
20565
+ #
20566
+ # @note When making an API call, you may pass Occurrences
20567
+ # data as a hash:
20568
+ #
20569
+ # {
20570
+ # line_ranges: [
20571
+ # {
20572
+ # start: 1,
20573
+ # end: 1,
20574
+ # start_column: 1,
20575
+ # },
20576
+ # ],
20577
+ # offset_ranges: [
20578
+ # {
20579
+ # start: 1,
20580
+ # end: 1,
20581
+ # start_column: 1,
20582
+ # },
20583
+ # ],
20584
+ # pages: [
20585
+ # {
20586
+ # page_number: 1,
20587
+ # line_range: {
20588
+ # start: 1,
20589
+ # end: 1,
20590
+ # start_column: 1,
20591
+ # },
20592
+ # offset_range: {
20593
+ # start: 1,
20594
+ # end: 1,
20595
+ # start_column: 1,
20596
+ # },
20597
+ # },
20598
+ # ],
20599
+ # records: [
20600
+ # {
20601
+ # json_path: "NonEmptyString",
20602
+ # record_index: 1,
20603
+ # },
20604
+ # ],
20605
+ # cells: [
20606
+ # {
20607
+ # column: 1,
20608
+ # row: 1,
20609
+ # column_name: "NonEmptyString",
20610
+ # cell_reference: "NonEmptyString",
20611
+ # },
20612
+ # ],
20613
+ # }
20614
+ #
20615
+ # @!attribute [rw] line_ranges
20616
+ # Occurrences of sensitive data detected in a non-binary text file or
20617
+ # a Microsoft Word file. Non-binary text files include files such as
20618
+ # HTML, XML, JSON, and TXT files.
20619
+ # @return [Array<Types::Range>]
20620
+ #
20621
+ # @!attribute [rw] offset_ranges
20622
+ # Occurrences of sensitive data detected in a binary text file.
20623
+ # @return [Array<Types::Range>]
20624
+ #
20625
+ # @!attribute [rw] pages
20626
+ # Occurrences of sensitive data in an Adobe Portable Document Format
20627
+ # (PDF) file.
20628
+ # @return [Array<Types::Page>]
20629
+ #
20630
+ # @!attribute [rw] records
20631
+ # Occurrences of sensitive data in an Apache Avro object container or
20632
+ # an Apache Parquet file.
20633
+ # @return [Array<Types::Record>]
20634
+ #
20635
+ # @!attribute [rw] cells
20636
+ # Occurrences of sensitive data detected in Microsoft Excel workbooks,
20637
+ # comma-separated value (CSV) files, or tab-separated value (TSV)
20638
+ # files.
20639
+ # @return [Array<Types::Cell>]
20640
+ #
20641
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Occurrences AWS API Documentation
20642
+ #
20643
+ class Occurrences < Struct.new(
20644
+ :line_ranges,
20645
+ :offset_ranges,
20646
+ :pages,
20647
+ :records,
20648
+ :cells)
20649
+ SENSITIVE = []
20650
+ include Aws::Structure
20651
+ end
20652
+
20653
+ # An occurrence of sensitive data in an Adobe Portable Document Format
20654
+ # (PDF) file.
20655
+ #
20656
+ # @note When making an API call, you may pass Page
20657
+ # data as a hash:
20658
+ #
20659
+ # {
20660
+ # page_number: 1,
20661
+ # line_range: {
20662
+ # start: 1,
20663
+ # end: 1,
20664
+ # start_column: 1,
20665
+ # },
20666
+ # offset_range: {
20667
+ # start: 1,
20668
+ # end: 1,
20669
+ # start_column: 1,
20670
+ # },
20671
+ # }
20672
+ #
20673
+ # @!attribute [rw] page_number
20674
+ # The page number of the page that contains the sensitive data.
20675
+ # @return [Integer]
20676
+ #
20677
+ # @!attribute [rw] line_range
20678
+ # An occurrence of sensitive data detected in a non-binary text file
20679
+ # or a Microsoft Word file. Non-binary text files include files such
20680
+ # as HTML, XML, JSON, and TXT files.
20681
+ # @return [Types::Range]
20682
+ #
20683
+ # @!attribute [rw] offset_range
20684
+ # An occurrence of sensitive data detected in a binary text file.
20685
+ # @return [Types::Range]
20686
+ #
20687
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Page AWS API Documentation
20688
+ #
20689
+ class Page < Struct.new(
20690
+ :page_number,
20691
+ :line_range,
20692
+ :offset_range)
20693
+ SENSITIVE = []
20694
+ include Aws::Structure
20695
+ end
20696
+
19286
20697
  # Provides an overview of the patch compliance status for an instance
19287
20698
  # against a selected compliance standard.
19288
20699
  #
@@ -19630,38 +21041,85 @@ module Aws::SecurityHub
19630
21041
  # The types of integration that the product supports. Available values
19631
21042
  # are the following.
19632
21043
  #
19633
- # * `SEND_FINDINGS_TO_SECURITY_HUB` - Indicates that the integration
19634
- # sends findings to Security Hub.
21044
+ # * `SEND_FINDINGS_TO_SECURITY_HUB` - The integration sends findings
21045
+ # to Security Hub.
19635
21046
  #
19636
- # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - Indicates that the
19637
- # integration receives findings from Security Hub.
21047
+ # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - The integration receives
21048
+ # findings from Security Hub.
21049
+ #
21050
+ # * `UPDATE_FINDINGS_IN_SECURITY_HUB` - The integration does not send
21051
+ # new findings to Security Hub, but does make updates to the
21052
+ # findings that it receives from Security Hub.
19638
21053
  # @return [Array<String>]
19639
21054
  #
19640
21055
  # @!attribute [rw] marketplace_url
19641
- # The URL for the page that contains more information about the
19642
- # product.
21056
+ # For integrations with AWS services, the AWS Console URL from which
21057
+ # to activate the service.
21058
+ #
21059
+ # For integrations with third-party products, the AWS Marketplace URL
21060
+ # from which to subscribe to or purchase the product.
19643
21061
  # @return [String]
19644
21062
  #
19645
21063
  # @!attribute [rw] activation_url
19646
- # The URL used to activate the product.
21064
+ # The URL to the service or product documentation about the
21065
+ # integration with Security Hub, including how to activate the
21066
+ # integration.
21067
+ # @return [String]
21068
+ #
21069
+ # @!attribute [rw] product_subscription_resource_policy
21070
+ # The resource policy associated with the product.
19647
21071
  # @return [String]
19648
21072
  #
19649
- # @!attribute [rw] product_subscription_resource_policy
19650
- # The resource policy associated with the product.
19651
- # @return [String]
21073
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21074
+ #
21075
+ class Product < Struct.new(
21076
+ :product_arn,
21077
+ :product_name,
21078
+ :company_name,
21079
+ :description,
21080
+ :categories,
21081
+ :integration_types,
21082
+ :marketplace_url,
21083
+ :activation_url,
21084
+ :product_subscription_resource_policy)
21085
+ SENSITIVE = []
21086
+ include Aws::Structure
21087
+ end
21088
+
21089
+ # Identifies where the sensitive data begins and ends.
21090
+ #
21091
+ # @note When making an API call, you may pass Range
21092
+ # data as a hash:
21093
+ #
21094
+ # {
21095
+ # start: 1,
21096
+ # end: 1,
21097
+ # start_column: 1,
21098
+ # }
21099
+ #
21100
+ # @!attribute [rw] start
21101
+ # The number of lines (for a line range) or characters (for an offset
21102
+ # range) from the beginning of the file to the end of the sensitive
21103
+ # data.
21104
+ # @return [Integer]
21105
+ #
21106
+ # @!attribute [rw] end
21107
+ # The number of lines (for a line range) or characters (for an offset
21108
+ # range) from the beginning of the file to the end of the sensitive
21109
+ # data.
21110
+ # @return [Integer]
19652
21111
  #
19653
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21112
+ # @!attribute [rw] start_column
21113
+ # In the line where the sensitive data starts, the column within the
21114
+ # line where the sensitive data starts.
21115
+ # @return [Integer]
19654
21116
  #
19655
- class Product < Struct.new(
19656
- :product_arn,
19657
- :product_name,
19658
- :company_name,
19659
- :description,
19660
- :categories,
19661
- :integration_types,
19662
- :marketplace_url,
19663
- :activation_url,
19664
- :product_subscription_resource_policy)
21117
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Range AWS API Documentation
21118
+ #
21119
+ class Range < Struct.new(
21120
+ :start,
21121
+ :end,
21122
+ :start_column)
19665
21123
  SENSITIVE = []
19666
21124
  include Aws::Structure
19667
21125
  end
@@ -19696,6 +21154,38 @@ module Aws::SecurityHub
19696
21154
  include Aws::Structure
19697
21155
  end
19698
21156
 
21157
+ # An occurrence of sensitive data in an Apache Avro object container or
21158
+ # an Apache Parquet file.
21159
+ #
21160
+ # @note When making an API call, you may pass Record
21161
+ # data as a hash:
21162
+ #
21163
+ # {
21164
+ # json_path: "NonEmptyString",
21165
+ # record_index: 1,
21166
+ # }
21167
+ #
21168
+ # @!attribute [rw] json_path
21169
+ # The path, as a JSONPath expression, to the field in the record that
21170
+ # contains the data. If the field name is longer than 20 characters,
21171
+ # it is truncated. If the path is longer than 250 characters, it is
21172
+ # truncated.
21173
+ # @return [String]
21174
+ #
21175
+ # @!attribute [rw] record_index
21176
+ # The record index, starting from 0, for the record that contains the
21177
+ # data.
21178
+ # @return [Integer]
21179
+ #
21180
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Record AWS API Documentation
21181
+ #
21182
+ class Record < Struct.new(
21183
+ :json_path,
21184
+ :record_index)
21185
+ SENSITIVE = []
21186
+ include Aws::Structure
21187
+ end
21188
+
19699
21189
  # Details about a related finding.
19700
21190
  #
19701
21191
  # @note When making an API call, you may pass RelatedFinding
@@ -19762,6 +21252,130 @@ module Aws::SecurityHub
19762
21252
  # tags: {
19763
21253
  # "NonEmptyString" => "NonEmptyString",
19764
21254
  # },
21255
+ # data_classification: {
21256
+ # detailed_results_location: "NonEmptyString",
21257
+ # result: {
21258
+ # mime_type: "NonEmptyString",
21259
+ # size_classified: 1,
21260
+ # additional_occurrences: false,
21261
+ # status: {
21262
+ # code: "NonEmptyString",
21263
+ # reason: "NonEmptyString",
21264
+ # },
21265
+ # sensitive_data: [
21266
+ # {
21267
+ # category: "NonEmptyString",
21268
+ # detections: [
21269
+ # {
21270
+ # count: 1,
21271
+ # type: "NonEmptyString",
21272
+ # occurrences: {
21273
+ # line_ranges: [
21274
+ # {
21275
+ # start: 1,
21276
+ # end: 1,
21277
+ # start_column: 1,
21278
+ # },
21279
+ # ],
21280
+ # offset_ranges: [
21281
+ # {
21282
+ # start: 1,
21283
+ # end: 1,
21284
+ # start_column: 1,
21285
+ # },
21286
+ # ],
21287
+ # pages: [
21288
+ # {
21289
+ # page_number: 1,
21290
+ # line_range: {
21291
+ # start: 1,
21292
+ # end: 1,
21293
+ # start_column: 1,
21294
+ # },
21295
+ # offset_range: {
21296
+ # start: 1,
21297
+ # end: 1,
21298
+ # start_column: 1,
21299
+ # },
21300
+ # },
21301
+ # ],
21302
+ # records: [
21303
+ # {
21304
+ # json_path: "NonEmptyString",
21305
+ # record_index: 1,
21306
+ # },
21307
+ # ],
21308
+ # cells: [
21309
+ # {
21310
+ # column: 1,
21311
+ # row: 1,
21312
+ # column_name: "NonEmptyString",
21313
+ # cell_reference: "NonEmptyString",
21314
+ # },
21315
+ # ],
21316
+ # },
21317
+ # },
21318
+ # ],
21319
+ # total_count: 1,
21320
+ # },
21321
+ # ],
21322
+ # custom_data_identifiers: {
21323
+ # detections: [
21324
+ # {
21325
+ # count: 1,
21326
+ # arn: "NonEmptyString",
21327
+ # name: "NonEmptyString",
21328
+ # occurrences: {
21329
+ # line_ranges: [
21330
+ # {
21331
+ # start: 1,
21332
+ # end: 1,
21333
+ # start_column: 1,
21334
+ # },
21335
+ # ],
21336
+ # offset_ranges: [
21337
+ # {
21338
+ # start: 1,
21339
+ # end: 1,
21340
+ # start_column: 1,
21341
+ # },
21342
+ # ],
21343
+ # pages: [
21344
+ # {
21345
+ # page_number: 1,
21346
+ # line_range: {
21347
+ # start: 1,
21348
+ # end: 1,
21349
+ # start_column: 1,
21350
+ # },
21351
+ # offset_range: {
21352
+ # start: 1,
21353
+ # end: 1,
21354
+ # start_column: 1,
21355
+ # },
21356
+ # },
21357
+ # ],
21358
+ # records: [
21359
+ # {
21360
+ # json_path: "NonEmptyString",
21361
+ # record_index: 1,
21362
+ # },
21363
+ # ],
21364
+ # cells: [
21365
+ # {
21366
+ # column: 1,
21367
+ # row: 1,
21368
+ # column_name: "NonEmptyString",
21369
+ # cell_reference: "NonEmptyString",
21370
+ # },
21371
+ # ],
21372
+ # },
21373
+ # },
21374
+ # ],
21375
+ # total_count: 1,
21376
+ # },
21377
+ # },
21378
+ # },
19765
21379
  # details: {
19766
21380
  # aws_auto_scaling_auto_scaling_group: {
19767
21381
  # launch_configuration_name: "NonEmptyString",
@@ -20063,6 +21677,18 @@ module Aws::SecurityHub
20063
21677
  # },
20064
21678
  # ],
20065
21679
  # },
21680
+ # public_access_block_configuration: {
21681
+ # block_public_acls: false,
21682
+ # block_public_policy: false,
21683
+ # ignore_public_acls: false,
21684
+ # restrict_public_buckets: false,
21685
+ # },
21686
+ # },
21687
+ # aws_s3_account_public_access_block: {
21688
+ # block_public_acls: false,
21689
+ # block_public_policy: false,
21690
+ # ignore_public_acls: false,
21691
+ # restrict_public_buckets: false,
20066
21692
  # },
20067
21693
  # aws_s3_object: {
20068
21694
  # last_modified: "NonEmptyString",
@@ -21148,6 +22774,11 @@ module Aws::SecurityHub
21148
22774
  # finding was processed.
21149
22775
  # @return [Hash<String,String>]
21150
22776
  #
22777
+ # @!attribute [rw] data_classification
22778
+ # Contains information about sensitive data that was detected on the
22779
+ # resource.
22780
+ # @return [Types::DataClassificationDetails]
22781
+ #
21151
22782
  # @!attribute [rw] details
21152
22783
  # Additional details about the resource related to a finding.
21153
22784
  # @return [Types::ResourceDetails]
@@ -21161,6 +22792,7 @@ module Aws::SecurityHub
21161
22792
  :region,
21162
22793
  :resource_role,
21163
22794
  :tags,
22795
+ :data_classification,
21164
22796
  :details)
21165
22797
  SENSITIVE = []
21166
22798
  include Aws::Structure
@@ -21501,6 +23133,18 @@ module Aws::SecurityHub
21501
23133
  # },
21502
23134
  # ],
21503
23135
  # },
23136
+ # public_access_block_configuration: {
23137
+ # block_public_acls: false,
23138
+ # block_public_policy: false,
23139
+ # ignore_public_acls: false,
23140
+ # restrict_public_buckets: false,
23141
+ # },
23142
+ # },
23143
+ # aws_s3_account_public_access_block: {
23144
+ # block_public_acls: false,
23145
+ # block_public_policy: false,
23146
+ # ignore_public_acls: false,
23147
+ # restrict_public_buckets: false,
21504
23148
  # },
21505
23149
  # aws_s3_object: {
21506
23150
  # last_modified: "NonEmptyString",
@@ -22600,6 +24244,11 @@ module Aws::SecurityHub
22600
24244
  # Details about an Amazon S3 bucket related to a finding.
22601
24245
  # @return [Types::AwsS3BucketDetails]
22602
24246
  #
24247
+ # @!attribute [rw] aws_s3_account_public_access_block
24248
+ # Details about the Amazon S3 Public Access Block configuration for an
24249
+ # account.
24250
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
24251
+ #
22603
24252
  # @!attribute [rw] aws_s3_object
22604
24253
  # Details about an Amazon S3 object related to a finding.
22605
24254
  # @return [Types::AwsS3ObjectDetails]
@@ -22743,6 +24392,7 @@ module Aws::SecurityHub
22743
24392
  :aws_elbv_2_load_balancer,
22744
24393
  :aws_elasticsearch_domain,
22745
24394
  :aws_s3_bucket,
24395
+ :aws_s3_account_public_access_block,
22746
24396
  :aws_s3_object,
22747
24397
  :aws_secrets_manager_secret,
22748
24398
  :aws_iam_access_key,
@@ -22813,6 +24463,171 @@ module Aws::SecurityHub
22813
24463
  include Aws::Structure
22814
24464
  end
22815
24465
 
24466
+ # The list of detected instances of sensitive data.
24467
+ #
24468
+ # @note When making an API call, you may pass SensitiveDataDetections
24469
+ # data as a hash:
24470
+ #
24471
+ # {
24472
+ # count: 1,
24473
+ # type: "NonEmptyString",
24474
+ # occurrences: {
24475
+ # line_ranges: [
24476
+ # {
24477
+ # start: 1,
24478
+ # end: 1,
24479
+ # start_column: 1,
24480
+ # },
24481
+ # ],
24482
+ # offset_ranges: [
24483
+ # {
24484
+ # start: 1,
24485
+ # end: 1,
24486
+ # start_column: 1,
24487
+ # },
24488
+ # ],
24489
+ # pages: [
24490
+ # {
24491
+ # page_number: 1,
24492
+ # line_range: {
24493
+ # start: 1,
24494
+ # end: 1,
24495
+ # start_column: 1,
24496
+ # },
24497
+ # offset_range: {
24498
+ # start: 1,
24499
+ # end: 1,
24500
+ # start_column: 1,
24501
+ # },
24502
+ # },
24503
+ # ],
24504
+ # records: [
24505
+ # {
24506
+ # json_path: "NonEmptyString",
24507
+ # record_index: 1,
24508
+ # },
24509
+ # ],
24510
+ # cells: [
24511
+ # {
24512
+ # column: 1,
24513
+ # row: 1,
24514
+ # column_name: "NonEmptyString",
24515
+ # cell_reference: "NonEmptyString",
24516
+ # },
24517
+ # ],
24518
+ # },
24519
+ # }
24520
+ #
24521
+ # @!attribute [rw] count
24522
+ # The total number of occurrences of sensitive data that were
24523
+ # detected.
24524
+ # @return [Integer]
24525
+ #
24526
+ # @!attribute [rw] type
24527
+ # The type of sensitive data that was detected. For example, the type
24528
+ # might indicate that the data is an email address.
24529
+ # @return [String]
24530
+ #
24531
+ # @!attribute [rw] occurrences
24532
+ # Details about the sensitive data that was detected.
24533
+ # @return [Types::Occurrences]
24534
+ #
24535
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataDetections AWS API Documentation
24536
+ #
24537
+ class SensitiveDataDetections < Struct.new(
24538
+ :count,
24539
+ :type,
24540
+ :occurrences)
24541
+ SENSITIVE = []
24542
+ include Aws::Structure
24543
+ end
24544
+
24545
+ # Contains a detected instance of sensitive data that are based on
24546
+ # built-in identifiers.
24547
+ #
24548
+ # @note When making an API call, you may pass SensitiveDataResult
24549
+ # data as a hash:
24550
+ #
24551
+ # {
24552
+ # category: "NonEmptyString",
24553
+ # detections: [
24554
+ # {
24555
+ # count: 1,
24556
+ # type: "NonEmptyString",
24557
+ # occurrences: {
24558
+ # line_ranges: [
24559
+ # {
24560
+ # start: 1,
24561
+ # end: 1,
24562
+ # start_column: 1,
24563
+ # },
24564
+ # ],
24565
+ # offset_ranges: [
24566
+ # {
24567
+ # start: 1,
24568
+ # end: 1,
24569
+ # start_column: 1,
24570
+ # },
24571
+ # ],
24572
+ # pages: [
24573
+ # {
24574
+ # page_number: 1,
24575
+ # line_range: {
24576
+ # start: 1,
24577
+ # end: 1,
24578
+ # start_column: 1,
24579
+ # },
24580
+ # offset_range: {
24581
+ # start: 1,
24582
+ # end: 1,
24583
+ # start_column: 1,
24584
+ # },
24585
+ # },
24586
+ # ],
24587
+ # records: [
24588
+ # {
24589
+ # json_path: "NonEmptyString",
24590
+ # record_index: 1,
24591
+ # },
24592
+ # ],
24593
+ # cells: [
24594
+ # {
24595
+ # column: 1,
24596
+ # row: 1,
24597
+ # column_name: "NonEmptyString",
24598
+ # cell_reference: "NonEmptyString",
24599
+ # },
24600
+ # ],
24601
+ # },
24602
+ # },
24603
+ # ],
24604
+ # total_count: 1,
24605
+ # }
24606
+ #
24607
+ # @!attribute [rw] category
24608
+ # The category of sensitive data that was detected. For example, the
24609
+ # category can indicate that the sensitive data involved credentials,
24610
+ # financial information, or personal information.
24611
+ # @return [String]
24612
+ #
24613
+ # @!attribute [rw] detections
24614
+ # The list of detected instances of sensitive data.
24615
+ # @return [Array<Types::SensitiveDataDetections>]
24616
+ #
24617
+ # @!attribute [rw] total_count
24618
+ # The total number of occurrences of sensitive data.
24619
+ # @return [Integer]
24620
+ #
24621
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataResult AWS API Documentation
24622
+ #
24623
+ class SensitiveDataResult < Struct.new(
24624
+ :category,
24625
+ :detections,
24626
+ :total_count)
24627
+ SENSITIVE = []
24628
+ include Aws::Structure
24629
+ end
24630
+
22816
24631
  # The severity of the finding.
22817
24632
  #
22818
24633
  # The finding provider can provide the initial severity. The finding
@@ -24061,6 +25876,50 @@ module Aws::SecurityHub
24061
25876
  # value: "NonEmptyString",
24062
25877
  # },
24063
25878
  # ],
25879
+ # finding_provider_fields_confidence: [
25880
+ # {
25881
+ # gte: 1.0,
25882
+ # lte: 1.0,
25883
+ # eq: 1.0,
25884
+ # },
25885
+ # ],
25886
+ # finding_provider_fields_criticality: [
25887
+ # {
25888
+ # gte: 1.0,
25889
+ # lte: 1.0,
25890
+ # eq: 1.0,
25891
+ # },
25892
+ # ],
25893
+ # finding_provider_fields_related_findings_id: [
25894
+ # {
25895
+ # value: "NonEmptyString",
25896
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25897
+ # },
25898
+ # ],
25899
+ # finding_provider_fields_related_findings_product_arn: [
25900
+ # {
25901
+ # value: "NonEmptyString",
25902
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25903
+ # },
25904
+ # ],
25905
+ # finding_provider_fields_severity_label: [
25906
+ # {
25907
+ # value: "NonEmptyString",
25908
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25909
+ # },
25910
+ # ],
25911
+ # finding_provider_fields_severity_original: [
25912
+ # {
25913
+ # value: "NonEmptyString",
25914
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25915
+ # },
25916
+ # ],
25917
+ # finding_provider_fields_types: [
25918
+ # {
25919
+ # value: "NonEmptyString",
25920
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25921
+ # },
25922
+ # ],
24064
25923
  # },
24065
25924
  # note: {
24066
25925
  # text: "NonEmptyString", # required
@@ -24656,6 +26515,50 @@ module Aws::SecurityHub
24656
26515
  # value: "NonEmptyString",
24657
26516
  # },
24658
26517
  # ],
26518
+ # finding_provider_fields_confidence: [
26519
+ # {
26520
+ # gte: 1.0,
26521
+ # lte: 1.0,
26522
+ # eq: 1.0,
26523
+ # },
26524
+ # ],
26525
+ # finding_provider_fields_criticality: [
26526
+ # {
26527
+ # gte: 1.0,
26528
+ # lte: 1.0,
26529
+ # eq: 1.0,
26530
+ # },
26531
+ # ],
26532
+ # finding_provider_fields_related_findings_id: [
26533
+ # {
26534
+ # value: "NonEmptyString",
26535
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26536
+ # },
26537
+ # ],
26538
+ # finding_provider_fields_related_findings_product_arn: [
26539
+ # {
26540
+ # value: "NonEmptyString",
26541
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26542
+ # },
26543
+ # ],
26544
+ # finding_provider_fields_severity_label: [
26545
+ # {
26546
+ # value: "NonEmptyString",
26547
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26548
+ # },
26549
+ # ],
26550
+ # finding_provider_fields_severity_original: [
26551
+ # {
26552
+ # value: "NonEmptyString",
26553
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26554
+ # },
26555
+ # ],
26556
+ # finding_provider_fields_types: [
26557
+ # {
26558
+ # value: "NonEmptyString",
26559
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26560
+ # },
26561
+ # ],
24659
26562
  # },
24660
26563
  # group_by_attribute: "NonEmptyString",
24661
26564
  # }