aws-sdk-securityhub 1.39.0 → 1.45.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +238 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +3 -3
  6. data/lib/aws-sdk-securityhub/client.rb +770 -70
  7. data/lib/aws-sdk-securityhub/client_api.rb +306 -7
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +2975 -142
  11. metadata +9 -7
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 1.45.0
data/lib/aws-sdk-securityhub.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -28,7 +28,7 @@ require_relative 'aws-sdk-securityhub/customizations'
28
28
  # structure.
29
29
  #
30
30
  # security_hub = Aws::SecurityHub::Client.new
31
- # resp = security_hub.accept_invitation(params)
31
+ # resp = security_hub.accept_administrator_invitation(params)
32
32
  #
33
33
  # See {Client} for more information.
34
34
  #
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-securityhub/customizations'
48
48
  # @!group service
49
49
  module Aws::SecurityHub
50
50
 
51
- GEM_VERSION = '1.39.0'
51
+ GEM_VERSION = '1.45.0'
52
52
 
53
53
  end
data/lib/aws-sdk-securityhub/client.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -328,21 +328,69 @@ module Aws::SecurityHub
328
328
  # @!group API Operations
329
329
 
330
330
  # Accepts the invitation to be a member account and be monitored by the
331
- # Security Hub master account that the invitation was sent from.
331
+ # Security Hub administrator account that the invitation was sent from.
332
332
  #
333
333
  # This operation is only used by member accounts that are not added
334
334
  # through Organizations.
335
335
  #
336
336
  # When the member account accepts the invitation, permission is granted
337
- # to the master account to view findings generated in the member
337
+ # to the administrator account to view findings generated in the member
338
+ # account.
339
+ #
340
+ # @option params [required, String] :administrator_id
341
+ # The account ID of the Security Hub administrator account that sent the
342
+ # invitation.
343
+ #
344
+ # @option params [required, String] :invitation_id
345
+ # The identifier of the invitation sent from the Security Hub
346
+ # administrator account.
347
+ #
348
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
349
+ #
350
+ # @example Request syntax with placeholder values
351
+ #
352
+ # resp = client.accept_administrator_invitation({
353
+ # administrator_id: "NonEmptyString", # required
354
+ # invitation_id: "NonEmptyString", # required
355
+ # })
356
+ #
357
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitation AWS API Documentation
358
+ #
359
+ # @overload accept_administrator_invitation(params = {})
360
+ # @param [Hash] params ({})
361
+ def accept_administrator_invitation(params = {}, options = {})
362
+ req = build_request(:accept_administrator_invitation, params)
363
+ req.send_request(options)
364
+ end
365
+
366
+ # This method is deprecated. Instead, use
367
+ # `AcceptAdministratorInvitation`.
368
+ #
369
+ # The Security Hub console continues to use `AcceptInvitation`. It will
370
+ # eventually change to use `AcceptAdministratorInvitation`. Any IAM
371
+ # policies that specifically control access to this function must
372
+ # continue to use `AcceptInvitation`. You should also add
373
+ # `AcceptAdministratorInvitation` to your policies to ensure that the
374
+ # correct permissions are in place after the console begins to use
375
+ # `AcceptAdministratorInvitation`.
376
+ #
377
+ # Accepts the invitation to be a member account and be monitored by the
378
+ # Security Hub administrator account that the invitation was sent from.
379
+ #
380
+ # This operation is only used by member accounts that are not added
381
+ # through Organizations.
382
+ #
383
+ # When the member account accepts the invitation, permission is granted
384
+ # to the administrator account to view findings generated in the member
338
385
  # account.
339
386
  #
340
387
  # @option params [required, String] :master_id
341
- # The account ID of the Security Hub master account that sent the
388
+ # The account ID of the Security Hub administrator account that sent the
342
389
  # invitation.
343
390
  #
344
391
  # @option params [required, String] :invitation_id
345
- # The ID of the invitation sent from the Security Hub master account.
392
+ # The identifier of the invitation sent from the Security Hub
393
+ # administrator account.
346
394
  #
347
395
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
348
396
  #
@@ -452,9 +500,9 @@ module Aws::SecurityHub
452
500
  req.send_request(options)
453
501
  end
454
502
 
455
- # Imports security findings generated from an integrated third-party
456
- # product into Security Hub. This action is requested by the integrated
457
- # product to import its findings into Security Hub.
503
+ # Imports security findings generated from an integrated product into
504
+ # Security Hub. This action is requested by the integrated product to
505
+ # import its findings into Security Hub.
458
506
  #
459
507
  # The maximum allowed size for a finding is 240 Kb. An error is returned
460
508
  # for any finding larger than 240 Kb.
@@ -471,11 +519,8 @@ module Aws::SecurityHub
471
519
  #
472
520
  # * `Workflow`
473
521
  #
474
- # `BatchImportFindings` can be used to update the following finding
475
- # fields and objects only if they have not been updated using
476
- # `BatchUpdateFindings`. After they are updated using
477
- # `BatchUpdateFindings`, these fields cannot be updated using
478
- # `BatchImportFindings`.
522
+ # Finding providers also should not use `BatchImportFindings` to update
523
+ # the following attributes.
479
524
  #
480
525
  # * `Confidence`
481
526
  #
@@ -487,6 +532,9 @@ module Aws::SecurityHub
487
532
  #
488
533
  # * `Types`
489
534
  #
535
+ # Instead, finding providers use `FindingProviderFields` to provide
536
+ # values for these attributes.
537
+ #
490
538
  # @option params [required, Array<Types::AwsSecurityFinding>] :findings
491
539
  # A list of findings to import. To successfully import a finding, it
492
540
  # must follow the [AWS Security Finding Format][1]. Maximum of 100
@@ -512,12 +560,12 @@ module Aws::SecurityHub
512
560
  # product_arn: "NonEmptyString", # required
513
561
  # generator_id: "NonEmptyString", # required
514
562
  # aws_account_id: "NonEmptyString", # required
515
- # types: ["NonEmptyString"], # required
563
+ # types: ["NonEmptyString"],
516
564
  # first_observed_at: "NonEmptyString",
517
565
  # last_observed_at: "NonEmptyString",
518
566
  # created_at: "NonEmptyString", # required
519
567
  # updated_at: "NonEmptyString", # required
520
- # severity: { # required
568
+ # severity: {
521
569
  # product: 1.0,
522
570
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
523
571
  # normalized: 1,
@@ -641,6 +689,130 @@ module Aws::SecurityHub
641
689
  # tags: {
642
690
  # "NonEmptyString" => "NonEmptyString",
643
691
  # },
692
+ # data_classification: {
693
+ # detailed_results_location: "NonEmptyString",
694
+ # result: {
695
+ # mime_type: "NonEmptyString",
696
+ # size_classified: 1,
697
+ # additional_occurrences: false,
698
+ # status: {
699
+ # code: "NonEmptyString",
700
+ # reason: "NonEmptyString",
701
+ # },
702
+ # sensitive_data: [
703
+ # {
704
+ # category: "NonEmptyString",
705
+ # detections: [
706
+ # {
707
+ # count: 1,
708
+ # type: "NonEmptyString",
709
+ # occurrences: {
710
+ # line_ranges: [
711
+ # {
712
+ # start: 1,
713
+ # end: 1,
714
+ # start_column: 1,
715
+ # },
716
+ # ],
717
+ # offset_ranges: [
718
+ # {
719
+ # start: 1,
720
+ # end: 1,
721
+ # start_column: 1,
722
+ # },
723
+ # ],
724
+ # pages: [
725
+ # {
726
+ # page_number: 1,
727
+ # line_range: {
728
+ # start: 1,
729
+ # end: 1,
730
+ # start_column: 1,
731
+ # },
732
+ # offset_range: {
733
+ # start: 1,
734
+ # end: 1,
735
+ # start_column: 1,
736
+ # },
737
+ # },
738
+ # ],
739
+ # records: [
740
+ # {
741
+ # json_path: "NonEmptyString",
742
+ # record_index: 1,
743
+ # },
744
+ # ],
745
+ # cells: [
746
+ # {
747
+ # column: 1,
748
+ # row: 1,
749
+ # column_name: "NonEmptyString",
750
+ # cell_reference: "NonEmptyString",
751
+ # },
752
+ # ],
753
+ # },
754
+ # },
755
+ # ],
756
+ # total_count: 1,
757
+ # },
758
+ # ],
759
+ # custom_data_identifiers: {
760
+ # detections: [
761
+ # {
762
+ # count: 1,
763
+ # arn: "NonEmptyString",
764
+ # name: "NonEmptyString",
765
+ # occurrences: {
766
+ # line_ranges: [
767
+ # {
768
+ # start: 1,
769
+ # end: 1,
770
+ # start_column: 1,
771
+ # },
772
+ # ],
773
+ # offset_ranges: [
774
+ # {
775
+ # start: 1,
776
+ # end: 1,
777
+ # start_column: 1,
778
+ # },
779
+ # ],
780
+ # pages: [
781
+ # {
782
+ # page_number: 1,
783
+ # line_range: {
784
+ # start: 1,
785
+ # end: 1,
786
+ # start_column: 1,
787
+ # },
788
+ # offset_range: {
789
+ # start: 1,
790
+ # end: 1,
791
+ # start_column: 1,
792
+ # },
793
+ # },
794
+ # ],
795
+ # records: [
796
+ # {
797
+ # json_path: "NonEmptyString",
798
+ # record_index: 1,
799
+ # },
800
+ # ],
801
+ # cells: [
802
+ # {
803
+ # column: 1,
804
+ # row: 1,
805
+ # column_name: "NonEmptyString",
806
+ # cell_reference: "NonEmptyString",
807
+ # },
808
+ # ],
809
+ # },
810
+ # },
811
+ # ],
812
+ # total_count: 1,
813
+ # },
814
+ # },
815
+ # },
644
816
  # details: {
645
817
  # aws_auto_scaling_auto_scaling_group: {
646
818
  # launch_configuration_name: "NonEmptyString",
@@ -881,6 +1053,58 @@ module Aws::SecurityHub
881
1053
  # network_interface_owner_id: "NonEmptyString",
882
1054
  # private_ip_address: "NonEmptyString",
883
1055
  # },
1056
+ # aws_ec2_subnet: {
1057
+ # assign_ipv_6_address_on_creation: false,
1058
+ # availability_zone: "NonEmptyString",
1059
+ # availability_zone_id: "NonEmptyString",
1060
+ # available_ip_address_count: 1,
1061
+ # cidr_block: "NonEmptyString",
1062
+ # default_for_az: false,
1063
+ # map_public_ip_on_launch: false,
1064
+ # owner_id: "NonEmptyString",
1065
+ # state: "NonEmptyString",
1066
+ # subnet_arn: "NonEmptyString",
1067
+ # subnet_id: "NonEmptyString",
1068
+ # vpc_id: "NonEmptyString",
1069
+ # ipv_6_cidr_block_association_set: [
1070
+ # {
1071
+ # association_id: "NonEmptyString",
1072
+ # ipv_6_cidr_block: "NonEmptyString",
1073
+ # cidr_block_state: "NonEmptyString",
1074
+ # },
1075
+ # ],
1076
+ # },
1077
+ # aws_ec2_network_acl: {
1078
+ # is_default: false,
1079
+ # network_acl_id: "NonEmptyString",
1080
+ # owner_id: "NonEmptyString",
1081
+ # vpc_id: "NonEmptyString",
1082
+ # associations: [
1083
+ # {
1084
+ # network_acl_association_id: "NonEmptyString",
1085
+ # network_acl_id: "NonEmptyString",
1086
+ # subnet_id: "NonEmptyString",
1087
+ # },
1088
+ # ],
1089
+ # entries: [
1090
+ # {
1091
+ # cidr_block: "NonEmptyString",
1092
+ # egress: false,
1093
+ # icmp_type_code: {
1094
+ # code: 1,
1095
+ # type: 1,
1096
+ # },
1097
+ # ipv_6_cidr_block: "NonEmptyString",
1098
+ # port_range: {
1099
+ # from: 1,
1100
+ # to: 1,
1101
+ # },
1102
+ # protocol: "NonEmptyString",
1103
+ # rule_action: "NonEmptyString",
1104
+ # rule_number: 1,
1105
+ # },
1106
+ # ],
1107
+ # },
884
1108
  # aws_elbv_2_load_balancer: {
885
1109
  # availability_zones: [
886
1110
  # {
@@ -901,6 +1125,40 @@ module Aws::SecurityHub
901
1125
  # type: "NonEmptyString",
902
1126
  # vpc_id: "NonEmptyString",
903
1127
  # },
1128
+ # aws_elastic_beanstalk_environment: {
1129
+ # application_name: "NonEmptyString",
1130
+ # cname: "NonEmptyString",
1131
+ # date_created: "NonEmptyString",
1132
+ # date_updated: "NonEmptyString",
1133
+ # description: "NonEmptyString",
1134
+ # endpoint_url: "NonEmptyString",
1135
+ # environment_arn: "NonEmptyString",
1136
+ # environment_id: "NonEmptyString",
1137
+ # environment_links: [
1138
+ # {
1139
+ # environment_name: "NonEmptyString",
1140
+ # link_name: "NonEmptyString",
1141
+ # },
1142
+ # ],
1143
+ # environment_name: "NonEmptyString",
1144
+ # option_settings: [
1145
+ # {
1146
+ # namespace: "NonEmptyString",
1147
+ # option_name: "NonEmptyString",
1148
+ # resource_name: "NonEmptyString",
1149
+ # value: "NonEmptyString",
1150
+ # },
1151
+ # ],
1152
+ # platform_arn: "NonEmptyString",
1153
+ # solution_stack_name: "NonEmptyString",
1154
+ # status: "NonEmptyString",
1155
+ # tier: {
1156
+ # name: "NonEmptyString",
1157
+ # type: "NonEmptyString",
1158
+ # version: "NonEmptyString",
1159
+ # },
1160
+ # version_label: "NonEmptyString",
1161
+ # },
904
1162
  # aws_elasticsearch_domain: {
905
1163
  # access_policies: "NonEmptyString",
906
1164
  # domain_endpoint_options: {
@@ -942,6 +1200,18 @@ module Aws::SecurityHub
942
1200
  # },
943
1201
  # ],
944
1202
  # },
1203
+ # public_access_block_configuration: {
1204
+ # block_public_acls: false,
1205
+ # block_public_policy: false,
1206
+ # ignore_public_acls: false,
1207
+ # restrict_public_buckets: false,
1208
+ # },
1209
+ # },
1210
+ # aws_s3_account_public_access_block: {
1211
+ # block_public_acls: false,
1212
+ # block_public_policy: false,
1213
+ # ignore_public_acls: false,
1214
+ # restrict_public_buckets: false,
945
1215
  # },
946
1216
  # aws_s3_object: {
947
1217
  # last_modified: "NonEmptyString",
@@ -2172,6 +2442,21 @@ module Aws::SecurityHub
2172
2442
  # blocked: false,
2173
2443
  # },
2174
2444
  # },
2445
+ # finding_provider_fields: {
2446
+ # confidence: 1,
2447
+ # criticality: 1,
2448
+ # related_findings: [
2449
+ # {
2450
+ # product_arn: "NonEmptyString", # required
2451
+ # id: "NonEmptyString", # required
2452
+ # },
2453
+ # ],
2454
+ # severity: {
2455
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
2456
+ # original: "NonEmptyString",
2457
+ # },
2458
+ # types: ["NonEmptyString"],
2459
+ # },
2175
2460
  # },
2176
2461
  # ],
2177
2462
  # })
@@ -2195,16 +2480,16 @@ module Aws::SecurityHub
2195
2480
  end
2196
2481
 
2197
2482
  # Used by Security Hub customers to update information about their
2198
- # investigation into a finding. Requested by master accounts or member
2199
- # accounts. Master accounts can update findings for their account and
2200
- # their member accounts. Member accounts can update findings for their
2201
- # account.
2483
+ # investigation into a finding. Requested by administrator accounts or
2484
+ # member accounts. Administrator accounts can update findings for their
2485
+ # account and their member accounts. Member accounts can update findings
2486
+ # for their account.
2202
2487
  #
2203
2488
  # Updates from `BatchUpdateFindings` do not affect the value of
2204
2489
  # `UpdatedAt` for a finding.
2205
2490
  #
2206
- # Master and member accounts can use `BatchUpdateFindings` to update the
2207
- # following finding fields and objects.
2491
+ # Administrator and member accounts can use `BatchUpdateFindings` to
2492
+ # update the following finding fields and objects.
2208
2493
  #
2209
2494
  # * `Confidence`
2210
2495
  #
@@ -2989,6 +3274,50 @@ module Aws::SecurityHub
2989
3274
  # value: "NonEmptyString",
2990
3275
  # },
2991
3276
  # ],
3277
+ # finding_provider_fields_confidence: [
3278
+ # {
3279
+ # gte: 1.0,
3280
+ # lte: 1.0,
3281
+ # eq: 1.0,
3282
+ # },
3283
+ # ],
3284
+ # finding_provider_fields_criticality: [
3285
+ # {
3286
+ # gte: 1.0,
3287
+ # lte: 1.0,
3288
+ # eq: 1.0,
3289
+ # },
3290
+ # ],
3291
+ # finding_provider_fields_related_findings_id: [
3292
+ # {
3293
+ # value: "NonEmptyString",
3294
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3295
+ # },
3296
+ # ],
3297
+ # finding_provider_fields_related_findings_product_arn: [
3298
+ # {
3299
+ # value: "NonEmptyString",
3300
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3301
+ # },
3302
+ # ],
3303
+ # finding_provider_fields_severity_label: [
3304
+ # {
3305
+ # value: "NonEmptyString",
3306
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3307
+ # },
3308
+ # ],
3309
+ # finding_provider_fields_severity_original: [
3310
+ # {
3311
+ # value: "NonEmptyString",
3312
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3313
+ # },
3314
+ # ],
3315
+ # finding_provider_fields_types: [
3316
+ # {
3317
+ # value: "NonEmptyString",
3318
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3319
+ # },
3320
+ # ],
2992
3321
  # },
2993
3322
  # group_by_attribute: "NonEmptyString", # required
2994
3323
  # })
@@ -3007,10 +3336,10 @@ module Aws::SecurityHub
3007
3336
  end
3008
3337
 
3009
3338
  # Creates a member association in Security Hub between the specified
3010
- # accounts and the account used to make the request, which is the master
3011
- # account. If you are integrated with Organizations, then the master
3012
- # account is the Security Hub administrator account that is designated
3013
- # by the organization management account.
3339
+ # accounts and the account used to make the request, which is the
3340
+ # administrator account. If you are integrated with Organizations, then
3341
+ # the administrator account is designated by the organization management
3342
+ # account.
3014
3343
  #
3015
3344
  # `CreateMembers` is always used to add accounts that are not
3016
3345
  # organization members.
@@ -3037,17 +3366,17 @@ module Aws::SecurityHub
3037
3366
  # invitation. They automatically become a member account in Security
3038
3367
  # Hub.
3039
3368
  #
3040
- # A permissions policy is added that permits the master account to view
3041
- # the findings generated in the member account. When Security Hub is
3042
- # enabled in a member account, findings are sent to both the member and
3043
- # master accounts.
3369
+ # A permissions policy is added that permits the administrator account
3370
+ # to view the findings generated in the member account. When Security
3371
+ # Hub is enabled in a member account, the member account findings are
3372
+ # also visible to the administrator account.
3044
3373
  #
3045
- # To remove the association between the master and member accounts, use
3046
- # the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
3047
- # operation.
3374
+ # To remove the association between the administrator and member
3375
+ # accounts, use the ` DisassociateFromMasterAccount ` or `
3376
+ # DisassociateMembers ` operation.
3048
3377
  #
3049
3378
  # @option params [required, Array<Types::AccountDetails>] :account_details
3050
- # The list of accounts to associate with the Security Hub master
3379
+ # The list of accounts to associate with the Security Hub administrator
3051
3380
  # account. For each account, the list includes the account ID and
3052
3381
  # optionally the email address.
3053
3382
  #
@@ -3348,9 +3677,13 @@ module Aws::SecurityHub
3348
3677
  req.send_request(options)
3349
3678
  end
3350
3679
 
3351
- # Returns information about the available products that you can
3352
- # subscribe to and integrate with Security Hub in order to consolidate
3353
- # findings.
3680
+ # Returns information about product integrations in Security Hub.
3681
+ #
3682
+ # You can optionally provide an integration ARN. If you provide an
3683
+ # integration ARN, then the results only include that integration.
3684
+ #
3685
+ # If you do not provide an integration ARN, then the results include all
3686
+ # of the available product integrations.
3354
3687
  #
3355
3688
  # @option params [String] :next_token
3356
3689
  # The token that is required for pagination. On your first call to the
@@ -3364,6 +3697,9 @@ module Aws::SecurityHub
3364
3697
  # @option params [Integer] :max_results
3365
3698
  # The maximum number of results to return.
3366
3699
  #
3700
+ # @option params [String] :product_arn
3701
+ # The ARN of the integration to return.
3702
+ #
3367
3703
  # @return [Types::DescribeProductsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3368
3704
  #
3369
3705
  # * {Types::DescribeProductsResponse#products #products} => Array&lt;Types::Product&gt;
@@ -3376,6 +3712,7 @@ module Aws::SecurityHub
3376
3712
  # resp = client.describe_products({
3377
3713
  # next_token: "NextToken",
3378
3714
  # max_results: 1,
3715
+ # product_arn: "NonEmptyString",
3379
3716
  # })
3380
3717
  #
3381
3718
  # @example Response structure
@@ -3388,7 +3725,7 @@ module Aws::SecurityHub
3388
3725
  # resp.products[0].categories #=> Array
3389
3726
  # resp.products[0].categories[0] #=> String
3390
3727
  # resp.products[0].integration_types #=> Array
3391
- # resp.products[0].integration_types[0] #=> String, one of "SEND_FINDINGS_TO_SECURITY_HUB", "RECEIVE_FINDINGS_FROM_SECURITY_HUB"
3728
+ # resp.products[0].integration_types[0] #=> String, one of "SEND_FINDINGS_TO_SECURITY_HUB", "RECEIVE_FINDINGS_FROM_SECURITY_HUB", "UPDATE_FINDINGS_IN_SECURITY_HUB"
3392
3729
  # resp.products[0].marketplace_url #=> String
3393
3730
  # resp.products[0].activation_url #=> String
3394
3731
  # resp.products[0].product_subscription_resource_policy #=> String
@@ -3566,13 +3903,13 @@ module Aws::SecurityHub
3566
3903
  # disable Security Hub in all Regions, you must submit one request per
3567
3904
  # Region where you have enabled Security Hub.
3568
3905
  #
3569
- # When you disable Security Hub for a master account, it doesn't
3570
- # disable Security Hub for any associated member accounts.
3906
+ # When you disable Security Hub for an administrator account, it
3907
+ # doesn't disable Security Hub for any associated member accounts.
3571
3908
  #
3572
3909
  # When you disable Security Hub, your existing findings and insights and
3573
3910
  # any Security Hub configuration settings are deleted after 90 days and
3574
3911
  # cannot be recovered. Any standards that were enabled are disabled, and
3575
- # your master and member account associations are removed.
3912
+ # your administrator and member account associations are removed.
3576
3913
  #
3577
3914
  # If you want to save your existing findings, you must export them
3578
3915
  # before you disable Security Hub.
@@ -3589,12 +3926,41 @@ module Aws::SecurityHub
3589
3926
  end
3590
3927
 
3591
3928
  # Disassociates the current Security Hub member account from the
3592
- # associated master account.
3929
+ # associated administrator account.
3593
3930
  #
3594
3931
  # This operation is only used by accounts that are not part of an
3595
- # organization. For organization accounts, only the master account (the
3596
- # designated Security Hub administrator) can disassociate a member
3597
- # account.
3932
+ # organization. For organization accounts, only the administrator
3933
+ # account can disassociate a member account.
3934
+ #
3935
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3936
+ #
3937
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccount AWS API Documentation
3938
+ #
3939
+ # @overload disassociate_from_administrator_account(params = {})
3940
+ # @param [Hash] params ({})
3941
+ def disassociate_from_administrator_account(params = {}, options = {})
3942
+ req = build_request(:disassociate_from_administrator_account, params)
3943
+ req.send_request(options)
3944
+ end
3945
+
3946
+ # This method is deprecated. Instead, use
3947
+ # `DisassociateFromAdministratorAccount`.
3948
+ #
3949
+ # The Security Hub console continues to use
3950
+ # `DisassociateFromMasterAccount`. It will eventually change to use
3951
+ # `DisassociateFromAdministratorAccount`. Any IAM policies that
3952
+ # specifically control access to this function must continue to use
3953
+ # `DisassociateFromMasterAccount`. You should also add
3954
+ # `DisassociateFromAdministratorAccount` to your policies to ensure that
3955
+ # the correct permissions are in place after the console begins to use
3956
+ # `DisassociateFromAdministratorAccount`.
3957
+ #
3958
+ # Disassociates the current Security Hub member account from the
3959
+ # associated administrator account.
3960
+ #
3961
+ # This operation is only used by accounts that are not part of an
3962
+ # organization. For organization accounts, only the administrator
3963
+ # account can disassociate a member account.
3598
3964
  #
3599
3965
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3600
3966
  #
@@ -3607,15 +3973,15 @@ module Aws::SecurityHub
3607
3973
  req.send_request(options)
3608
3974
  end
3609
3975
 
3610
- # Disassociates the specified member accounts from the associated master
3611
- # account.
3976
+ # Disassociates the specified member accounts from the associated
3977
+ # administrator account.
3612
3978
  #
3613
- # Can be used to disassociate both accounts that are in an organization
3614
- # and accounts that were invited manually.
3979
+ # Can be used to disassociate both accounts that are managed using
3980
+ # Organizations and accounts that were invited manually.
3615
3981
  #
3616
3982
  # @option params [required, Array<String>] :account_ids
3617
- # The account IDs of the member accounts to disassociate from the master
3618
- # account.
3983
+ # The account IDs of the member accounts to disassociate from the
3984
+ # administrator account.
3619
3985
  #
3620
3986
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3621
3987
  #
@@ -3752,6 +4118,32 @@ module Aws::SecurityHub
3752
4118
  req.send_request(options)
3753
4119
  end
3754
4120
 
4121
+ # Provides the details for the Security Hub administrator account for
4122
+ # the current member account.
4123
+ #
4124
+ # Can be used by both member accounts that are managed using
4125
+ # Organizations and accounts that were invited manually.
4126
+ #
4127
+ # @return [Types::GetAdministratorAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4128
+ #
4129
+ # * {Types::GetAdministratorAccountResponse#administrator #administrator} => Types::Invitation
4130
+ #
4131
+ # @example Response structure
4132
+ #
4133
+ # resp.administrator.account_id #=> String
4134
+ # resp.administrator.invitation_id #=> String
4135
+ # resp.administrator.invited_at #=> Time
4136
+ # resp.administrator.member_status #=> String
4137
+ #
4138
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccount AWS API Documentation
4139
+ #
4140
+ # @overload get_administrator_account(params = {})
4141
+ # @param [Hash] params ({})
4142
+ def get_administrator_account(params = {}, options = {})
4143
+ req = build_request(:get_administrator_account, params)
4144
+ req.send_request(options)
4145
+ end
4146
+
3755
4147
  # Returns a list of the standards that are currently enabled.
3756
4148
  #
3757
4149
  # @option params [Array<String>] :standards_subscription_arns
@@ -4395,6 +4787,50 @@ module Aws::SecurityHub
4395
4787
  # value: "NonEmptyString",
4396
4788
  # },
4397
4789
  # ],
4790
+ # finding_provider_fields_confidence: [
4791
+ # {
4792
+ # gte: 1.0,
4793
+ # lte: 1.0,
4794
+ # eq: 1.0,
4795
+ # },
4796
+ # ],
4797
+ # finding_provider_fields_criticality: [
4798
+ # {
4799
+ # gte: 1.0,
4800
+ # lte: 1.0,
4801
+ # eq: 1.0,
4802
+ # },
4803
+ # ],
4804
+ # finding_provider_fields_related_findings_id: [
4805
+ # {
4806
+ # value: "NonEmptyString",
4807
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4808
+ # },
4809
+ # ],
4810
+ # finding_provider_fields_related_findings_product_arn: [
4811
+ # {
4812
+ # value: "NonEmptyString",
4813
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4814
+ # },
4815
+ # ],
4816
+ # finding_provider_fields_severity_label: [
4817
+ # {
4818
+ # value: "NonEmptyString",
4819
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4820
+ # },
4821
+ # ],
4822
+ # finding_provider_fields_severity_original: [
4823
+ # {
4824
+ # value: "NonEmptyString",
4825
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4826
+ # },
4827
+ # ],
4828
+ # finding_provider_fields_types: [
4829
+ # {
4830
+ # value: "NonEmptyString",
4831
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4832
+ # },
4833
+ # ],
4398
4834
  # },
4399
4835
  # sort_criteria: [
4400
4836
  # {
@@ -4499,6 +4935,71 @@ module Aws::SecurityHub
4499
4935
  # resp.findings[0].resources[0].resource_role #=> String
4500
4936
  # resp.findings[0].resources[0].tags #=> Hash
4501
4937
  # resp.findings[0].resources[0].tags["NonEmptyString"] #=> String
4938
+ # resp.findings[0].resources[0].data_classification.detailed_results_location #=> String
4939
+ # resp.findings[0].resources[0].data_classification.result.mime_type #=> String
4940
+ # resp.findings[0].resources[0].data_classification.result.size_classified #=> Integer
4941
+ # resp.findings[0].resources[0].data_classification.result.additional_occurrences #=> Boolean
4942
+ # resp.findings[0].resources[0].data_classification.result.status.code #=> String
4943
+ # resp.findings[0].resources[0].data_classification.result.status.reason #=> String
4944
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data #=> Array
4945
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].category #=> String
4946
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections #=> Array
4947
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].count #=> Integer
4948
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].type #=> String
4949
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges #=> Array
4950
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start #=> Integer
4951
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].end #=> Integer
4952
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start_column #=> Integer
4953
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges #=> Array
4954
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start #=> Integer
4955
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].end #=> Integer
4956
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start_column #=> Integer
4957
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages #=> Array
4958
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].page_number #=> Integer
4959
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start #=> Integer
4960
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.end #=> Integer
4961
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start_column #=> Integer
4962
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start #=> Integer
4963
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.end #=> Integer
4964
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
4965
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records #=> Array
4966
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records[0].json_path #=> String
4967
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records[0].record_index #=> Integer
4968
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells #=> Array
4969
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].column #=> Integer
4970
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].row #=> Integer
4971
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].column_name #=> String
4972
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].cell_reference #=> String
4973
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].total_count #=> Integer
4974
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections #=> Array
4975
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].count #=> Integer
4976
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].arn #=> String
4977
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].name #=> String
4978
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges #=> Array
4979
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start #=> Integer
4980
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].end #=> Integer
4981
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start_column #=> Integer
4982
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges #=> Array
4983
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start #=> Integer
4984
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].end #=> Integer
4985
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start_column #=> Integer
4986
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages #=> Array
4987
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].page_number #=> Integer
4988
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start #=> Integer
4989
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.end #=> Integer
4990
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start_column #=> Integer
4991
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start #=> Integer
4992
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.end #=> Integer
4993
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
4994
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records #=> Array
4995
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records[0].json_path #=> String
4996
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records[0].record_index #=> Integer
4997
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells #=> Array
4998
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].column #=> Integer
4999
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].row #=> Integer
5000
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].column_name #=> String
5001
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].cell_reference #=> String
5002
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.total_count #=> Integer
4502
5003
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.launch_configuration_name #=> String
4503
5004
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.load_balancer_names #=> Array
4504
5005
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.load_balancer_names[0] #=> String
@@ -4643,6 +5144,41 @@ module Aws::SecurityHub
4643
5144
  # resp.findings[0].resources[0].details.aws_ec2_eip.network_interface_id #=> String
4644
5145
  # resp.findings[0].resources[0].details.aws_ec2_eip.network_interface_owner_id #=> String
4645
5146
  # resp.findings[0].resources[0].details.aws_ec2_eip.private_ip_address #=> String
5147
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.assign_ipv_6_address_on_creation #=> Boolean
5148
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.availability_zone #=> String
5149
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.availability_zone_id #=> String
5150
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.available_ip_address_count #=> Integer
5151
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.cidr_block #=> String
5152
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.default_for_az #=> Boolean
5153
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.map_public_ip_on_launch #=> Boolean
5154
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.owner_id #=> String
5155
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.state #=> String
5156
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.subnet_arn #=> String
5157
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.subnet_id #=> String
5158
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.vpc_id #=> String
5159
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set #=> Array
5160
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].association_id #=> String
5161
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].ipv_6_cidr_block #=> String
5162
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].cidr_block_state #=> String
5163
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.is_default #=> Boolean
5164
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.network_acl_id #=> String
5165
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.owner_id #=> String
5166
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.vpc_id #=> String
5167
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations #=> Array
5168
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].network_acl_association_id #=> String
5169
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].network_acl_id #=> String
5170
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].subnet_id #=> String
5171
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries #=> Array
5172
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].cidr_block #=> String
5173
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].egress #=> Boolean
5174
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].icmp_type_code.code #=> Integer
5175
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].icmp_type_code.type #=> Integer
5176
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].ipv_6_cidr_block #=> String
5177
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].port_range.from #=> Integer
5178
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].port_range.to #=> Integer
5179
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].protocol #=> String
5180
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].rule_action #=> String
5181
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].rule_number #=> Integer
4646
5182
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones #=> Array
4647
5183
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones[0].zone_name #=> String
4648
5184
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones[0].subnet_id #=> String
@@ -4657,6 +5193,30 @@ module Aws::SecurityHub
4657
5193
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.state.reason #=> String
4658
5194
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.type #=> String
4659
5195
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.vpc_id #=> String
5196
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.application_name #=> String
5197
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.cname #=> String
5198
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.date_created #=> String
5199
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.date_updated #=> String
5200
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.description #=> String
5201
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.endpoint_url #=> String
5202
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_arn #=> String
5203
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_id #=> String
5204
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links #=> Array
5205
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links[0].environment_name #=> String
5206
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links[0].link_name #=> String
5207
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_name #=> String
5208
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings #=> Array
5209
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].namespace #=> String
5210
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].option_name #=> String
5211
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].resource_name #=> String
5212
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].value #=> String
5213
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.platform_arn #=> String
5214
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.solution_stack_name #=> String
5215
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.status #=> String
5216
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.name #=> String
5217
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.type #=> String
5218
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.version #=> String
5219
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.version_label #=> String
4660
5220
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.access_policies #=> String
4661
5221
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.domain_endpoint_options.enforce_https #=> Boolean
4662
5222
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.domain_endpoint_options.tls_security_policy #=> String
@@ -4682,6 +5242,14 @@ module Aws::SecurityHub
4682
5242
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules #=> Array
4683
5243
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String
4684
5244
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.kms_master_key_id #=> String
5245
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.block_public_acls #=> Boolean
5246
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.block_public_policy #=> Boolean
5247
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.ignore_public_acls #=> Boolean
5248
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.restrict_public_buckets #=> Boolean
5249
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_acls #=> Boolean
5250
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_policy #=> Boolean
5251
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.ignore_public_acls #=> Boolean
5252
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.restrict_public_buckets #=> Boolean
4685
5253
  # resp.findings[0].resources[0].details.aws_s3_object.last_modified #=> String
4686
5254
  # resp.findings[0].resources[0].details.aws_s3_object.etag #=> String
4687
5255
  # resp.findings[0].resources[0].details.aws_s3_object.version_id #=> String
@@ -5528,6 +6096,15 @@ module Aws::SecurityHub
5528
6096
  # resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
5529
6097
  # resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
5530
6098
  # resp.findings[0].action.port_probe_action.blocked #=> Boolean
6099
+ # resp.findings[0].finding_provider_fields.confidence #=> Integer
6100
+ # resp.findings[0].finding_provider_fields.criticality #=> Integer
6101
+ # resp.findings[0].finding_provider_fields.related_findings #=> Array
6102
+ # resp.findings[0].finding_provider_fields.related_findings[0].product_arn #=> String
6103
+ # resp.findings[0].finding_provider_fields.related_findings[0].id #=> String
6104
+ # resp.findings[0].finding_provider_fields.severity.label #=> String, one of "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
6105
+ # resp.findings[0].finding_provider_fields.severity.original #=> String
6106
+ # resp.findings[0].finding_provider_fields.types #=> Array
6107
+ # resp.findings[0].finding_provider_fields.types[0] #=> String
5531
6108
  # resp.next_token #=> String
5532
6109
  #
5533
6110
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings AWS API Documentation
@@ -5889,6 +6466,29 @@ module Aws::SecurityHub
5889
6466
  # resp.insights[0].filters.note_updated_by[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
5890
6467
  # resp.insights[0].filters.keyword #=> Array
5891
6468
  # resp.insights[0].filters.keyword[0].value #=> String
6469
+ # resp.insights[0].filters.finding_provider_fields_confidence #=> Array
6470
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].gte #=> Float
6471
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].lte #=> Float
6472
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].eq #=> Float
6473
+ # resp.insights[0].filters.finding_provider_fields_criticality #=> Array
6474
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].gte #=> Float
6475
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].lte #=> Float
6476
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].eq #=> Float
6477
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id #=> Array
6478
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].value #=> String
6479
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6480
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn #=> Array
6481
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn[0].value #=> String
6482
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6483
+ # resp.insights[0].filters.finding_provider_fields_severity_label #=> Array
6484
+ # resp.insights[0].filters.finding_provider_fields_severity_label[0].value #=> String
6485
+ # resp.insights[0].filters.finding_provider_fields_severity_label[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6486
+ # resp.insights[0].filters.finding_provider_fields_severity_original #=> Array
6487
+ # resp.insights[0].filters.finding_provider_fields_severity_original[0].value #=> String
6488
+ # resp.insights[0].filters.finding_provider_fields_severity_original[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6489
+ # resp.insights[0].filters.finding_provider_fields_types #=> Array
6490
+ # resp.insights[0].filters.finding_provider_fields_types[0].value #=> String
6491
+ # resp.insights[0].filters.finding_provider_fields_types[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
5892
6492
  # resp.insights[0].group_by_attribute #=> String
5893
6493
  # resp.next_token #=> String
5894
6494
  #
@@ -5922,11 +6522,20 @@ module Aws::SecurityHub
5922
6522
  req.send_request(options)
5923
6523
  end
5924
6524
 
5925
- # Provides the details for the Security Hub master account for the
5926
- # current member account.
6525
+ # This method is deprecated. Instead, use `GetAdministratorAccount`.
5927
6526
  #
5928
- # Can be used by both member accounts that are in an organization and
5929
- # accounts that were invited manually.
6527
+ # The Security Hub console continues to use `GetMasterAccount`. It will
6528
+ # eventually change to use `GetAdministratorAccount`. Any IAM policies
6529
+ # that specifically control access to this function must continue to use
6530
+ # `GetMasterAccount`. You should also add `GetAdministratorAccount` to
6531
+ # your policies to ensure that the correct permissions are in place
6532
+ # after the console begins to use `GetAdministratorAccount`.
6533
+ #
6534
+ # Provides the details for the Security Hub administrator account for
6535
+ # the current member account.
6536
+ #
6537
+ # Can be used by both member accounts that are managed using
6538
+ # Organizations and accounts that were invited manually.
5930
6539
  #
5931
6540
  # @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5932
6541
  #
@@ -5951,12 +6560,12 @@ module Aws::SecurityHub
5951
6560
  # Returns the details for the Security Hub member accounts for the
5952
6561
  # specified account IDs.
5953
6562
  #
5954
- # A master account can be either a delegated Security Hub administrator
5955
- # account for an organization or a master account that enabled Security
5956
- # Hub manually.
6563
+ # An administrator account can be either the delegated Security Hub
6564
+ # administrator account for an organization or an administrator account
6565
+ # that enabled Security Hub manually.
5957
6566
  #
5958
- # The results include both member accounts that are in an organization
5959
- # and accounts that were invited manually.
6567
+ # The results include both member accounts that are managed using
6568
+ # Organizations and accounts that were invited manually.
5960
6569
  #
5961
6570
  # @option params [required, Array<String>] :account_ids
5962
6571
  # The list of account IDs for the Security Hub member accounts to return
@@ -5979,6 +6588,7 @@ module Aws::SecurityHub
5979
6588
  # resp.members[0].account_id #=> String
5980
6589
  # resp.members[0].email #=> String
5981
6590
  # resp.members[0].master_id #=> String
6591
+ # resp.members[0].administrator_id #=> String
5982
6592
  # resp.members[0].member_status #=> String
5983
6593
  # resp.members[0].invited_at #=> Time
5984
6594
  # resp.members[0].updated_at #=> Time
@@ -5996,7 +6606,7 @@ module Aws::SecurityHub
5996
6606
  end
5997
6607
 
5998
6608
  # Invites other AWS accounts to become member accounts for the Security
5999
- # Hub master account that the invitation is sent from.
6609
+ # Hub administrator account that the invitation is sent from.
6000
6610
  #
6001
6611
  # This operation is only used to invite accounts that do not belong to
6002
6612
  # an organization. Organization accounts do not receive invitations.
@@ -6006,8 +6616,8 @@ module Aws::SecurityHub
6006
6616
  # Hub.
6007
6617
  #
6008
6618
  # When the account owner enables Security Hub and accepts the invitation
6009
- # to become a member account, the master account can view the findings
6010
- # generated from the member account.
6619
+ # to become a member account, the administrator account can view the
6620
+ # findings generated from the member account.
6011
6621
  #
6012
6622
  # @option params [required, Array<String>] :account_ids
6013
6623
  # The list of account IDs of the AWS accounts to invite to Security Hub
@@ -6085,8 +6695,9 @@ module Aws::SecurityHub
6085
6695
  # Lists all Security Hub membership invitations that were sent to the
6086
6696
  # current AWS account.
6087
6697
  #
6088
- # This operation is only used by accounts that do not belong to an
6089
- # organization. Organization accounts do not receive invitations.
6698
+ # This operation is only used by accounts that are managed by
6699
+ # invitation. Accounts that are managed using the integration with AWS
6700
+ # Organizations do not receive invitations.
6090
6701
  #
6091
6702
  # @option params [Integer] :max_results
6092
6703
  # The maximum number of items to return in the response.
@@ -6133,19 +6744,19 @@ module Aws::SecurityHub
6133
6744
  end
6134
6745
 
6135
6746
  # Lists details about all member accounts for the current Security Hub
6136
- # master account.
6747
+ # administrator account.
6137
6748
  #
6138
6749
  # The results include both member accounts that belong to an
6139
6750
  # organization and member accounts that were invited manually.
6140
6751
  #
6141
6752
  # @option params [Boolean] :only_associated
6142
6753
  # Specifies which member accounts to include in the response based on
6143
- # their relationship status with the master account. The default value
6144
- # is `TRUE`.
6754
+ # their relationship status with the administrator account. The default
6755
+ # value is `TRUE`.
6145
6756
  #
6146
6757
  # If `OnlyAssociated` is set to `TRUE`, the response includes member
6147
- # accounts whose relationship status with the master is set to
6148
- # `ENABLED`.
6758
+ # accounts whose relationship status with the administrator account is
6759
+ # set to `ENABLED`.
6149
6760
  #
6150
6761
  # If `OnlyAssociated` is set to `FALSE`, the response includes all
6151
6762
  # existing member accounts.
@@ -6182,6 +6793,7 @@ module Aws::SecurityHub
6182
6793
  # resp.members[0].account_id #=> String
6183
6794
  # resp.members[0].email #=> String
6184
6795
  # resp.members[0].master_id #=> String
6796
+ # resp.members[0].administrator_id #=> String
6185
6797
  # resp.members[0].member_status #=> String
6186
6798
  # resp.members[0].invited_at #=> Time
6187
6799
  # resp.members[0].updated_at #=> Time
@@ -6929,6 +7541,50 @@ module Aws::SecurityHub
6929
7541
  # value: "NonEmptyString",
6930
7542
  # },
6931
7543
  # ],
7544
+ # finding_provider_fields_confidence: [
7545
+ # {
7546
+ # gte: 1.0,
7547
+ # lte: 1.0,
7548
+ # eq: 1.0,
7549
+ # },
7550
+ # ],
7551
+ # finding_provider_fields_criticality: [
7552
+ # {
7553
+ # gte: 1.0,
7554
+ # lte: 1.0,
7555
+ # eq: 1.0,
7556
+ # },
7557
+ # ],
7558
+ # finding_provider_fields_related_findings_id: [
7559
+ # {
7560
+ # value: "NonEmptyString",
7561
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7562
+ # },
7563
+ # ],
7564
+ # finding_provider_fields_related_findings_product_arn: [
7565
+ # {
7566
+ # value: "NonEmptyString",
7567
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7568
+ # },
7569
+ # ],
7570
+ # finding_provider_fields_severity_label: [
7571
+ # {
7572
+ # value: "NonEmptyString",
7573
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7574
+ # },
7575
+ # ],
7576
+ # finding_provider_fields_severity_original: [
7577
+ # {
7578
+ # value: "NonEmptyString",
7579
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7580
+ # },
7581
+ # ],
7582
+ # finding_provider_fields_types: [
7583
+ # {
7584
+ # value: "NonEmptyString",
7585
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7586
+ # },
7587
+ # ],
6932
7588
  # },
6933
7589
  # note: {
6934
7590
  # text: "NonEmptyString", # required
@@ -7522,6 +8178,50 @@ module Aws::SecurityHub
7522
8178
  # value: "NonEmptyString",
7523
8179
  # },
7524
8180
  # ],
8181
+ # finding_provider_fields_confidence: [
8182
+ # {
8183
+ # gte: 1.0,
8184
+ # lte: 1.0,
8185
+ # eq: 1.0,
8186
+ # },
8187
+ # ],
8188
+ # finding_provider_fields_criticality: [
8189
+ # {
8190
+ # gte: 1.0,
8191
+ # lte: 1.0,
8192
+ # eq: 1.0,
8193
+ # },
8194
+ # ],
8195
+ # finding_provider_fields_related_findings_id: [
8196
+ # {
8197
+ # value: "NonEmptyString",
8198
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8199
+ # },
8200
+ # ],
8201
+ # finding_provider_fields_related_findings_product_arn: [
8202
+ # {
8203
+ # value: "NonEmptyString",
8204
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8205
+ # },
8206
+ # ],
8207
+ # finding_provider_fields_severity_label: [
8208
+ # {
8209
+ # value: "NonEmptyString",
8210
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8211
+ # },
8212
+ # ],
8213
+ # finding_provider_fields_severity_original: [
8214
+ # {
8215
+ # value: "NonEmptyString",
8216
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8217
+ # },
8218
+ # ],
8219
+ # finding_provider_fields_types: [
8220
+ # {
8221
+ # value: "NonEmptyString",
8222
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8223
+ # },
8224
+ # ],
7525
8225
  # },
7526
8226
  # group_by_attribute: "NonEmptyString",
7527
8227
  # })
@@ -7637,7 +8337,7 @@ module Aws::SecurityHub
7637
8337
  params: params,
7638
8338
  config: config)
7639
8339
  context[:gem_name] = 'aws-sdk-securityhub'
7640
- context[:gem_version] = '1.39.0'
8340
+ context[:gem_version] = '1.45.0'
7641
8341
  Seahorse::Client::Request.new(handlers, context)
7642
8342
  end
7643
8343