aws-sdk-securityhub 1.39.0 → 1.45.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +238 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +3 -3
  6. data/lib/aws-sdk-securityhub/client.rb +770 -70
  7. data/lib/aws-sdk-securityhub/client_api.rb +306 -7
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +2975 -142
  11. metadata +9 -7
data/lib/aws-sdk-securityhub/errors.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/resource.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -3,13 +3,44 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
10
10
  module Aws::SecurityHub
11
11
  module Types
12
12
 
13
+ # @note When making an API call, you may pass AcceptAdministratorInvitationRequest
14
+ # data as a hash:
15
+ #
16
+ # {
17
+ # administrator_id: "NonEmptyString", # required
18
+ # invitation_id: "NonEmptyString", # required
19
+ # }
20
+ #
21
+ # @!attribute [rw] administrator_id
22
+ # The account ID of the Security Hub administrator account that sent
23
+ # the invitation.
24
+ # @return [String]
25
+ #
26
+ # @!attribute [rw] invitation_id
27
+ # The identifier of the invitation sent from the Security Hub
28
+ # administrator account.
29
+ # @return [String]
30
+ #
31
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationRequest AWS API Documentation
32
+ #
33
+ class AcceptAdministratorInvitationRequest < Struct.new(
34
+ :administrator_id,
35
+ :invitation_id)
36
+ SENSITIVE = []
37
+ include Aws::Structure
38
+ end
39
+
40
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitationResponse AWS API Documentation
41
+ #
42
+ class AcceptAdministratorInvitationResponse < Aws::EmptyStructure; end
43
+
13
44
  # @note When making an API call, you may pass AcceptInvitationRequest
14
45
  # data as a hash:
15
46
  #
@@ -19,12 +50,13 @@ module Aws::SecurityHub
19
50
  # }
20
51
  #
21
52
  # @!attribute [rw] master_id
22
- # The account ID of the Security Hub master account that sent the
23
- # invitation.
53
+ # The account ID of the Security Hub administrator account that sent
54
+ # the invitation.
24
55
  # @return [String]
25
56
  #
26
57
  # @!attribute [rw] invitation_id
27
- # The ID of the invitation sent from the Security Hub master account.
58
+ # The identifier of the invitation sent from the Security Hub
59
+ # administrator account.
28
60
  # @return [String]
29
61
  #
30
62
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptInvitationRequest AWS API Documentation
@@ -85,8 +117,8 @@ module Aws::SecurityHub
85
117
  include Aws::Structure
86
118
  end
87
119
 
88
- # Provides details about one of the following actions that were detected
89
- # for the finding:
120
+ # Provides details about one of the following actions that affects or
121
+ # that was taken on a resource:
90
122
  #
91
123
  # * A remote IP address issued an AWS API call
92
124
  #
@@ -798,7 +830,7 @@ module Aws::SecurityHub
798
830
  include Aws::Structure
799
831
  end
800
832
 
801
- # contains information about a REST API in version 1 of Amazon API
833
+ # Contains information about a REST API in version 1 of Amazon API
802
834
  # Gateway.
803
835
  #
804
836
  # @note When making an API call, you may pass AwsApiGatewayRestApiDetails
@@ -3817,6 +3849,189 @@ module Aws::SecurityHub
3817
3849
  include Aws::Structure
3818
3850
  end
3819
3851
 
3852
+ # An association between the network ACL and a subnet.
3853
+ #
3854
+ # @note When making an API call, you may pass AwsEc2NetworkAclAssociation
3855
+ # data as a hash:
3856
+ #
3857
+ # {
3858
+ # network_acl_association_id: "NonEmptyString",
3859
+ # network_acl_id: "NonEmptyString",
3860
+ # subnet_id: "NonEmptyString",
3861
+ # }
3862
+ #
3863
+ # @!attribute [rw] network_acl_association_id
3864
+ # The identifier of the association between the network ACL and the
3865
+ # subnet.
3866
+ # @return [String]
3867
+ #
3868
+ # @!attribute [rw] network_acl_id
3869
+ # The identifier of the network ACL.
3870
+ # @return [String]
3871
+ #
3872
+ # @!attribute [rw] subnet_id
3873
+ # The identifier of the subnet that is associated with the network
3874
+ # ACL.
3875
+ # @return [String]
3876
+ #
3877
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkAclAssociation AWS API Documentation
3878
+ #
3879
+ class AwsEc2NetworkAclAssociation < Struct.new(
3880
+ :network_acl_association_id,
3881
+ :network_acl_id,
3882
+ :subnet_id)
3883
+ SENSITIVE = []
3884
+ include Aws::Structure
3885
+ end
3886
+
3887
+ # Contains details about an EC2 network access control list (ACL).
3888
+ #
3889
+ # @note When making an API call, you may pass AwsEc2NetworkAclDetails
3890
+ # data as a hash:
3891
+ #
3892
+ # {
3893
+ # is_default: false,
3894
+ # network_acl_id: "NonEmptyString",
3895
+ # owner_id: "NonEmptyString",
3896
+ # vpc_id: "NonEmptyString",
3897
+ # associations: [
3898
+ # {
3899
+ # network_acl_association_id: "NonEmptyString",
3900
+ # network_acl_id: "NonEmptyString",
3901
+ # subnet_id: "NonEmptyString",
3902
+ # },
3903
+ # ],
3904
+ # entries: [
3905
+ # {
3906
+ # cidr_block: "NonEmptyString",
3907
+ # egress: false,
3908
+ # icmp_type_code: {
3909
+ # code: 1,
3910
+ # type: 1,
3911
+ # },
3912
+ # ipv_6_cidr_block: "NonEmptyString",
3913
+ # port_range: {
3914
+ # from: 1,
3915
+ # to: 1,
3916
+ # },
3917
+ # protocol: "NonEmptyString",
3918
+ # rule_action: "NonEmptyString",
3919
+ # rule_number: 1,
3920
+ # },
3921
+ # ],
3922
+ # }
3923
+ #
3924
+ # @!attribute [rw] is_default
3925
+ # Whether this is the default network ACL for the VPC.
3926
+ # @return [Boolean]
3927
+ #
3928
+ # @!attribute [rw] network_acl_id
3929
+ # The identifier of the network ACL.
3930
+ # @return [String]
3931
+ #
3932
+ # @!attribute [rw] owner_id
3933
+ # The identifier of the AWS account that owns the network ACL.
3934
+ # @return [String]
3935
+ #
3936
+ # @!attribute [rw] vpc_id
3937
+ # The identifier of the VPC for the network ACL.
3938
+ # @return [String]
3939
+ #
3940
+ # @!attribute [rw] associations
3941
+ # Associations between the network ACL and subnets.
3942
+ # @return [Array<Types::AwsEc2NetworkAclAssociation>]
3943
+ #
3944
+ # @!attribute [rw] entries
3945
+ # The set of rules in the network ACL.
3946
+ # @return [Array<Types::AwsEc2NetworkAclEntry>]
3947
+ #
3948
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkAclDetails AWS API Documentation
3949
+ #
3950
+ class AwsEc2NetworkAclDetails < Struct.new(
3951
+ :is_default,
3952
+ :network_acl_id,
3953
+ :owner_id,
3954
+ :vpc_id,
3955
+ :associations,
3956
+ :entries)
3957
+ SENSITIVE = []
3958
+ include Aws::Structure
3959
+ end
3960
+
3961
+ # A rule for the network ACL. Each rule allows or denies access based on
3962
+ # the IP address, traffic direction, port, and protocol.
3963
+ #
3964
+ # @note When making an API call, you may pass AwsEc2NetworkAclEntry
3965
+ # data as a hash:
3966
+ #
3967
+ # {
3968
+ # cidr_block: "NonEmptyString",
3969
+ # egress: false,
3970
+ # icmp_type_code: {
3971
+ # code: 1,
3972
+ # type: 1,
3973
+ # },
3974
+ # ipv_6_cidr_block: "NonEmptyString",
3975
+ # port_range: {
3976
+ # from: 1,
3977
+ # to: 1,
3978
+ # },
3979
+ # protocol: "NonEmptyString",
3980
+ # rule_action: "NonEmptyString",
3981
+ # rule_number: 1,
3982
+ # }
3983
+ #
3984
+ # @!attribute [rw] cidr_block
3985
+ # The IPV4 network range for which to deny or allow access.
3986
+ # @return [String]
3987
+ #
3988
+ # @!attribute [rw] egress
3989
+ # Whether the rule is an egress rule. An egress rule is a rule that
3990
+ # applies to traffic that leaves the subnet.
3991
+ # @return [Boolean]
3992
+ #
3993
+ # @!attribute [rw] icmp_type_code
3994
+ # The Internet Control Message Protocol (ICMP) type and code for which
3995
+ # to deny or allow access.
3996
+ # @return [Types::IcmpTypeCode]
3997
+ #
3998
+ # @!attribute [rw] ipv_6_cidr_block
3999
+ # The IPV6 network range for which to deny or allow access.
4000
+ # @return [String]
4001
+ #
4002
+ # @!attribute [rw] port_range
4003
+ # For TCP or UDP protocols, the range of ports that the rule applies
4004
+ # to.
4005
+ # @return [Types::PortRangeFromTo]
4006
+ #
4007
+ # @!attribute [rw] protocol
4008
+ # The protocol that the rule applies to. To deny or allow access to
4009
+ # all protocols, use the value -1.
4010
+ # @return [String]
4011
+ #
4012
+ # @!attribute [rw] rule_action
4013
+ # Whether the rule is used to allow access or deny access.
4014
+ # @return [String]
4015
+ #
4016
+ # @!attribute [rw] rule_number
4017
+ # The rule number. The rules are processed in order by their number.
4018
+ # @return [Integer]
4019
+ #
4020
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2NetworkAclEntry AWS API Documentation
4021
+ #
4022
+ class AwsEc2NetworkAclEntry < Struct.new(
4023
+ :cidr_block,
4024
+ :egress,
4025
+ :icmp_type_code,
4026
+ :ipv_6_cidr_block,
4027
+ :port_range,
4028
+ :protocol,
4029
+ :rule_action,
4030
+ :rule_number)
4031
+ SENSITIVE = []
4032
+ include Aws::Structure
4033
+ end
4034
+
3820
4035
  # Information about the network interface attachment.
3821
4036
  #
3822
4037
  # @note When making an API call, you may pass AwsEc2NetworkInterfaceAttachment
@@ -4386,6 +4601,107 @@ module Aws::SecurityHub
4386
4601
  include Aws::Structure
4387
4602
  end
4388
4603
 
4604
+ # Contains information about a subnet in EC2.
4605
+ #
4606
+ # @note When making an API call, you may pass AwsEc2SubnetDetails
4607
+ # data as a hash:
4608
+ #
4609
+ # {
4610
+ # assign_ipv_6_address_on_creation: false,
4611
+ # availability_zone: "NonEmptyString",
4612
+ # availability_zone_id: "NonEmptyString",
4613
+ # available_ip_address_count: 1,
4614
+ # cidr_block: "NonEmptyString",
4615
+ # default_for_az: false,
4616
+ # map_public_ip_on_launch: false,
4617
+ # owner_id: "NonEmptyString",
4618
+ # state: "NonEmptyString",
4619
+ # subnet_arn: "NonEmptyString",
4620
+ # subnet_id: "NonEmptyString",
4621
+ # vpc_id: "NonEmptyString",
4622
+ # ipv_6_cidr_block_association_set: [
4623
+ # {
4624
+ # association_id: "NonEmptyString",
4625
+ # ipv_6_cidr_block: "NonEmptyString",
4626
+ # cidr_block_state: "NonEmptyString",
4627
+ # },
4628
+ # ],
4629
+ # }
4630
+ #
4631
+ # @!attribute [rw] assign_ipv_6_address_on_creation
4632
+ # Whether to assign an IPV6 address to a network interface that is
4633
+ # created in this subnet.
4634
+ # @return [Boolean]
4635
+ #
4636
+ # @!attribute [rw] availability_zone
4637
+ # The Availability Zone for the subnet.
4638
+ # @return [String]
4639
+ #
4640
+ # @!attribute [rw] availability_zone_id
4641
+ # The identifier of the Availability Zone for the subnet.
4642
+ # @return [String]
4643
+ #
4644
+ # @!attribute [rw] available_ip_address_count
4645
+ # The number of available IPV4 addresses in the subnet. Does not
4646
+ # include addresses for stopped instances.
4647
+ # @return [Integer]
4648
+ #
4649
+ # @!attribute [rw] cidr_block
4650
+ # The IPV4 CIDR block that is assigned to the subnet.
4651
+ # @return [String]
4652
+ #
4653
+ # @!attribute [rw] default_for_az
4654
+ # Whether this subnet is the default subnet for the Availability Zone.
4655
+ # @return [Boolean]
4656
+ #
4657
+ # @!attribute [rw] map_public_ip_on_launch
4658
+ # Whether instances in this subnet receive a public IP address.
4659
+ # @return [Boolean]
4660
+ #
4661
+ # @!attribute [rw] owner_id
4662
+ # The identifier of the AWS account that owns the subnet.
4663
+ # @return [String]
4664
+ #
4665
+ # @!attribute [rw] state
4666
+ # The current state of the subnet.
4667
+ # @return [String]
4668
+ #
4669
+ # @!attribute [rw] subnet_arn
4670
+ # The ARN of the subnet.
4671
+ # @return [String]
4672
+ #
4673
+ # @!attribute [rw] subnet_id
4674
+ # The identifier of the subnet.
4675
+ # @return [String]
4676
+ #
4677
+ # @!attribute [rw] vpc_id
4678
+ # The identifier of the VPC that contains the subnet.
4679
+ # @return [String]
4680
+ #
4681
+ # @!attribute [rw] ipv_6_cidr_block_association_set
4682
+ # The IPV6 CIDR blocks that are associated with the subnet.
4683
+ # @return [Array<Types::Ipv6CidrBlockAssociation>]
4684
+ #
4685
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2SubnetDetails AWS API Documentation
4686
+ #
4687
+ class AwsEc2SubnetDetails < Struct.new(
4688
+ :assign_ipv_6_address_on_creation,
4689
+ :availability_zone,
4690
+ :availability_zone_id,
4691
+ :available_ip_address_count,
4692
+ :cidr_block,
4693
+ :default_for_az,
4694
+ :map_public_ip_on_launch,
4695
+ :owner_id,
4696
+ :state,
4697
+ :subnet_arn,
4698
+ :subnet_id,
4699
+ :vpc_id,
4700
+ :ipv_6_cidr_block_association_set)
4701
+ SENSITIVE = []
4702
+ include Aws::Structure
4703
+ end
4704
+
4389
4705
  # An attachment to an AWS EC2 volume.
4390
4706
  #
4391
4707
  # @note When making an API call, you may pass AwsEc2VolumeAttachment
@@ -4553,85 +4869,316 @@ module Aws::SecurityHub
4553
4869
  include Aws::Structure
4554
4870
  end
4555
4871
 
4556
- # Information about an Elasticsearch domain.
4872
+ # Contains details about an Elastic Beanstalk environment.
4557
4873
  #
4558
- # @note When making an API call, you may pass AwsElasticsearchDomainDetails
4874
+ # @note When making an API call, you may pass AwsElasticBeanstalkEnvironmentDetails
4559
4875
  # data as a hash:
4560
4876
  #
4561
4877
  # {
4562
- # access_policies: "NonEmptyString",
4563
- # domain_endpoint_options: {
4564
- # enforce_https: false,
4565
- # tls_security_policy: "NonEmptyString",
4566
- # },
4567
- # domain_id: "NonEmptyString",
4568
- # domain_name: "NonEmptyString",
4569
- # endpoint: "NonEmptyString",
4570
- # endpoints: {
4571
- # "NonEmptyString" => "NonEmptyString",
4572
- # },
4573
- # elasticsearch_version: "NonEmptyString",
4574
- # encryption_at_rest_options: {
4575
- # enabled: false,
4576
- # kms_key_id: "NonEmptyString",
4577
- # },
4578
- # node_to_node_encryption_options: {
4579
- # enabled: false,
4580
- # },
4581
- # vpc_options: {
4582
- # availability_zones: ["NonEmptyString"],
4583
- # security_group_ids: ["NonEmptyString"],
4584
- # subnet_ids: ["NonEmptyString"],
4585
- # vpc_id: "NonEmptyString",
4878
+ # application_name: "NonEmptyString",
4879
+ # cname: "NonEmptyString",
4880
+ # date_created: "NonEmptyString",
4881
+ # date_updated: "NonEmptyString",
4882
+ # description: "NonEmptyString",
4883
+ # endpoint_url: "NonEmptyString",
4884
+ # environment_arn: "NonEmptyString",
4885
+ # environment_id: "NonEmptyString",
4886
+ # environment_links: [
4887
+ # {
4888
+ # environment_name: "NonEmptyString",
4889
+ # link_name: "NonEmptyString",
4890
+ # },
4891
+ # ],
4892
+ # environment_name: "NonEmptyString",
4893
+ # option_settings: [
4894
+ # {
4895
+ # namespace: "NonEmptyString",
4896
+ # option_name: "NonEmptyString",
4897
+ # resource_name: "NonEmptyString",
4898
+ # value: "NonEmptyString",
4899
+ # },
4900
+ # ],
4901
+ # platform_arn: "NonEmptyString",
4902
+ # solution_stack_name: "NonEmptyString",
4903
+ # status: "NonEmptyString",
4904
+ # tier: {
4905
+ # name: "NonEmptyString",
4906
+ # type: "NonEmptyString",
4907
+ # version: "NonEmptyString",
4586
4908
  # },
4909
+ # version_label: "NonEmptyString",
4587
4910
  # }
4588
4911
  #
4589
- # @!attribute [rw] access_policies
4590
- # IAM policy document specifying the access policies for the new
4591
- # Amazon ES domain.
4912
+ # @!attribute [rw] application_name
4913
+ # The name of the application that is associated with the environment.
4592
4914
  # @return [String]
4593
4915
  #
4594
- # @!attribute [rw] domain_endpoint_options
4595
- # Additional options for the domain endpoint.
4596
- # @return [Types::AwsElasticsearchDomainDomainEndpointOptions]
4916
+ # @!attribute [rw] cname
4917
+ # The URL to the CNAME for this environment.
4918
+ # @return [String]
4597
4919
  #
4598
- # @!attribute [rw] domain_id
4599
- # Unique identifier for an Amazon ES domain.
4920
+ # @!attribute [rw] date_created
4921
+ # The creation date for this environment.
4600
4922
  # @return [String]
4601
4923
  #
4602
- # @!attribute [rw] domain_name
4603
- # Name of an Amazon ES domain.
4924
+ # @!attribute [rw] date_updated
4925
+ # The date when this environment was last modified.
4926
+ # @return [String]
4604
4927
  #
4605
- # Domain names are unique across all domains owned by the same account
4606
- # within an AWS Region.
4928
+ # @!attribute [rw] description
4929
+ # A description of the environment.
4930
+ # @return [String]
4607
4931
  #
4608
- # Domain names must start with a lowercase letter and must be between
4609
- # 3 and 28 characters.
4932
+ # @!attribute [rw] endpoint_url
4933
+ # For load-balanced, autoscaling environments, the URL to the load
4934
+ # balancer. For single-instance environments, the IP address of the
4935
+ # instance.
4936
+ # @return [String]
4610
4937
  #
4611
- # Valid characters are a-z (lowercase only), 0-9, and – (hyphen).
4938
+ # @!attribute [rw] environment_arn
4939
+ # The ARN of the environment.
4612
4940
  # @return [String]
4613
4941
  #
4614
- # @!attribute [rw] endpoint
4615
- # Domain-specific endpoint used to submit index, search, and data
4616
- # upload requests to an Amazon ES domain.
4942
+ # @!attribute [rw] environment_id
4943
+ # The identifier of the environment.
4944
+ # @return [String]
4617
4945
  #
4618
- # The endpoint is a service URL.
4946
+ # @!attribute [rw] environment_links
4947
+ # Links to other environments in the same group.
4948
+ # @return [Array<Types::AwsElasticBeanstalkEnvironmentEnvironmentLink>]
4949
+ #
4950
+ # @!attribute [rw] environment_name
4951
+ # The name of the environment.
4619
4952
  # @return [String]
4620
4953
  #
4621
- # @!attribute [rw] endpoints
4622
- # The key-value pair that exists if the Amazon ES domain uses VPC
4623
- # endpoints.
4624
- # @return [Hash<String,String>]
4954
+ # @!attribute [rw] option_settings
4955
+ # The configuration setting for the environment.
4956
+ # @return [Array<Types::AwsElasticBeanstalkEnvironmentOptionSetting>]
4625
4957
  #
4626
- # @!attribute [rw] elasticsearch_version
4627
- # Elasticsearch version.
4958
+ # @!attribute [rw] platform_arn
4959
+ # The ARN of the platform version for the environment.
4628
4960
  # @return [String]
4629
4961
  #
4630
- # @!attribute [rw] encryption_at_rest_options
4631
- # Details about the configuration for encryption at rest.
4632
- # @return [Types::AwsElasticsearchDomainEncryptionAtRestOptions]
4962
+ # @!attribute [rw] solution_stack_name
4963
+ # The name of the solution stack that is deployed with the
4964
+ # environment.
4965
+ # @return [String]
4633
4966
  #
4634
- # @!attribute [rw] node_to_node_encryption_options
4967
+ # @!attribute [rw] status
4968
+ # The current operational status of the environment.
4969
+ # @return [String]
4970
+ #
4971
+ # @!attribute [rw] tier
4972
+ # The tier of the environment.
4973
+ # @return [Types::AwsElasticBeanstalkEnvironmentTier]
4974
+ #
4975
+ # @!attribute [rw] version_label
4976
+ # The application version of the environment.
4977
+ # @return [String]
4978
+ #
4979
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElasticBeanstalkEnvironmentDetails AWS API Documentation
4980
+ #
4981
+ class AwsElasticBeanstalkEnvironmentDetails < Struct.new(
4982
+ :application_name,
4983
+ :cname,
4984
+ :date_created,
4985
+ :date_updated,
4986
+ :description,
4987
+ :endpoint_url,
4988
+ :environment_arn,
4989
+ :environment_id,
4990
+ :environment_links,
4991
+ :environment_name,
4992
+ :option_settings,
4993
+ :platform_arn,
4994
+ :solution_stack_name,
4995
+ :status,
4996
+ :tier,
4997
+ :version_label)
4998
+ SENSITIVE = []
4999
+ include Aws::Structure
5000
+ end
5001
+
5002
+ # Contains information about a link to another environment that is in
5003
+ # the same group.
5004
+ #
5005
+ # @note When making an API call, you may pass AwsElasticBeanstalkEnvironmentEnvironmentLink
5006
+ # data as a hash:
5007
+ #
5008
+ # {
5009
+ # environment_name: "NonEmptyString",
5010
+ # link_name: "NonEmptyString",
5011
+ # }
5012
+ #
5013
+ # @!attribute [rw] environment_name
5014
+ # The name of the linked environment.
5015
+ # @return [String]
5016
+ #
5017
+ # @!attribute [rw] link_name
5018
+ # The name of the environment link.
5019
+ # @return [String]
5020
+ #
5021
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElasticBeanstalkEnvironmentEnvironmentLink AWS API Documentation
5022
+ #
5023
+ class AwsElasticBeanstalkEnvironmentEnvironmentLink < Struct.new(
5024
+ :environment_name,
5025
+ :link_name)
5026
+ SENSITIVE = []
5027
+ include Aws::Structure
5028
+ end
5029
+
5030
+ # A configuration option setting for the environment.
5031
+ #
5032
+ # @note When making an API call, you may pass AwsElasticBeanstalkEnvironmentOptionSetting
5033
+ # data as a hash:
5034
+ #
5035
+ # {
5036
+ # namespace: "NonEmptyString",
5037
+ # option_name: "NonEmptyString",
5038
+ # resource_name: "NonEmptyString",
5039
+ # value: "NonEmptyString",
5040
+ # }
5041
+ #
5042
+ # @!attribute [rw] namespace
5043
+ # The type of resource that the configuration option is associated
5044
+ # with.
5045
+ # @return [String]
5046
+ #
5047
+ # @!attribute [rw] option_name
5048
+ # The name of the option.
5049
+ # @return [String]
5050
+ #
5051
+ # @!attribute [rw] resource_name
5052
+ # The name of the resource.
5053
+ # @return [String]
5054
+ #
5055
+ # @!attribute [rw] value
5056
+ # The value of the configuration setting.
5057
+ # @return [String]
5058
+ #
5059
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElasticBeanstalkEnvironmentOptionSetting AWS API Documentation
5060
+ #
5061
+ class AwsElasticBeanstalkEnvironmentOptionSetting < Struct.new(
5062
+ :namespace,
5063
+ :option_name,
5064
+ :resource_name,
5065
+ :value)
5066
+ SENSITIVE = []
5067
+ include Aws::Structure
5068
+ end
5069
+
5070
+ # Contains information about the tier of the environment.
5071
+ #
5072
+ # @note When making an API call, you may pass AwsElasticBeanstalkEnvironmentTier
5073
+ # data as a hash:
5074
+ #
5075
+ # {
5076
+ # name: "NonEmptyString",
5077
+ # type: "NonEmptyString",
5078
+ # version: "NonEmptyString",
5079
+ # }
5080
+ #
5081
+ # @!attribute [rw] name
5082
+ # The name of the environment tier.
5083
+ # @return [String]
5084
+ #
5085
+ # @!attribute [rw] type
5086
+ # The type of environment tier.
5087
+ # @return [String]
5088
+ #
5089
+ # @!attribute [rw] version
5090
+ # The version of the environment tier.
5091
+ # @return [String]
5092
+ #
5093
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElasticBeanstalkEnvironmentTier AWS API Documentation
5094
+ #
5095
+ class AwsElasticBeanstalkEnvironmentTier < Struct.new(
5096
+ :name,
5097
+ :type,
5098
+ :version)
5099
+ SENSITIVE = []
5100
+ include Aws::Structure
5101
+ end
5102
+
5103
+ # Information about an Elasticsearch domain.
5104
+ #
5105
+ # @note When making an API call, you may pass AwsElasticsearchDomainDetails
5106
+ # data as a hash:
5107
+ #
5108
+ # {
5109
+ # access_policies: "NonEmptyString",
5110
+ # domain_endpoint_options: {
5111
+ # enforce_https: false,
5112
+ # tls_security_policy: "NonEmptyString",
5113
+ # },
5114
+ # domain_id: "NonEmptyString",
5115
+ # domain_name: "NonEmptyString",
5116
+ # endpoint: "NonEmptyString",
5117
+ # endpoints: {
5118
+ # "NonEmptyString" => "NonEmptyString",
5119
+ # },
5120
+ # elasticsearch_version: "NonEmptyString",
5121
+ # encryption_at_rest_options: {
5122
+ # enabled: false,
5123
+ # kms_key_id: "NonEmptyString",
5124
+ # },
5125
+ # node_to_node_encryption_options: {
5126
+ # enabled: false,
5127
+ # },
5128
+ # vpc_options: {
5129
+ # availability_zones: ["NonEmptyString"],
5130
+ # security_group_ids: ["NonEmptyString"],
5131
+ # subnet_ids: ["NonEmptyString"],
5132
+ # vpc_id: "NonEmptyString",
5133
+ # },
5134
+ # }
5135
+ #
5136
+ # @!attribute [rw] access_policies
5137
+ # IAM policy document specifying the access policies for the new
5138
+ # Amazon ES domain.
5139
+ # @return [String]
5140
+ #
5141
+ # @!attribute [rw] domain_endpoint_options
5142
+ # Additional options for the domain endpoint.
5143
+ # @return [Types::AwsElasticsearchDomainDomainEndpointOptions]
5144
+ #
5145
+ # @!attribute [rw] domain_id
5146
+ # Unique identifier for an Amazon ES domain.
5147
+ # @return [String]
5148
+ #
5149
+ # @!attribute [rw] domain_name
5150
+ # Name of an Amazon ES domain.
5151
+ #
5152
+ # Domain names are unique across all domains owned by the same account
5153
+ # within an AWS Region.
5154
+ #
5155
+ # Domain names must start with a lowercase letter and must be between
5156
+ # 3 and 28 characters.
5157
+ #
5158
+ # Valid characters are a-z (lowercase only), 0-9, and – (hyphen).
5159
+ # @return [String]
5160
+ #
5161
+ # @!attribute [rw] endpoint
5162
+ # Domain-specific endpoint used to submit index, search, and data
5163
+ # upload requests to an Amazon ES domain.
5164
+ #
5165
+ # The endpoint is a service URL.
5166
+ # @return [String]
5167
+ #
5168
+ # @!attribute [rw] endpoints
5169
+ # The key-value pair that exists if the Amazon ES domain uses VPC
5170
+ # endpoints.
5171
+ # @return [Hash<String,String>]
5172
+ #
5173
+ # @!attribute [rw] elasticsearch_version
5174
+ # Elasticsearch version.
5175
+ # @return [String]
5176
+ #
5177
+ # @!attribute [rw] encryption_at_rest_options
5178
+ # Details about the configuration for encryption at rest.
5179
+ # @return [Types::AwsElasticsearchDomainEncryptionAtRestOptions]
5180
+ #
5181
+ # @!attribute [rw] node_to_node_encryption_options
4635
5182
  # Details about the configuration for node-to-node encryption.
4636
5183
  # @return [Types::AwsElasticsearchDomainNodeToNodeEncryptionOptions]
4637
5184
  #
@@ -9765,6 +10312,51 @@ module Aws::SecurityHub
9765
10312
  include Aws::Structure
9766
10313
  end
9767
10314
 
10315
+ # provides information about the Amazon S3 Public Access Block
10316
+ # configuration for accounts.
10317
+ #
10318
+ # @note When making an API call, you may pass AwsS3AccountPublicAccessBlockDetails
10319
+ # data as a hash:
10320
+ #
10321
+ # {
10322
+ # block_public_acls: false,
10323
+ # block_public_policy: false,
10324
+ # ignore_public_acls: false,
10325
+ # restrict_public_buckets: false,
10326
+ # }
10327
+ #
10328
+ # @!attribute [rw] block_public_acls
10329
+ # Indicates whether to reject calls to update an S3 bucket if the
10330
+ # calls include a public access control list (ACL).
10331
+ # @return [Boolean]
10332
+ #
10333
+ # @!attribute [rw] block_public_policy
10334
+ # Indicates whether to reject calls to update the access policy for an
10335
+ # S3 bucket or access point if the policy allows public access.
10336
+ # @return [Boolean]
10337
+ #
10338
+ # @!attribute [rw] ignore_public_acls
10339
+ # Indicates whether Amazon S3 ignores public ACLs that are associated
10340
+ # with an S3 bucket.
10341
+ # @return [Boolean]
10342
+ #
10343
+ # @!attribute [rw] restrict_public_buckets
10344
+ # Indicates whether to restrict access to an access point or S3 bucket
10345
+ # that has a public policy to only AWS service principals and
10346
+ # authorized users within the S3 bucket owner's account.
10347
+ # @return [Boolean]
10348
+ #
10349
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3AccountPublicAccessBlockDetails AWS API Documentation
10350
+ #
10351
+ class AwsS3AccountPublicAccessBlockDetails < Struct.new(
10352
+ :block_public_acls,
10353
+ :block_public_policy,
10354
+ :ignore_public_acls,
10355
+ :restrict_public_buckets)
10356
+ SENSITIVE = []
10357
+ include Aws::Structure
10358
+ end
10359
+
9768
10360
  # The details of an Amazon S3 bucket.
9769
10361
  #
9770
10362
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -9784,6 +10376,12 @@ module Aws::SecurityHub
9784
10376
  # },
9785
10377
  # ],
9786
10378
  # },
10379
+ # public_access_block_configuration: {
10380
+ # block_public_acls: false,
10381
+ # block_public_policy: false,
10382
+ # ignore_public_acls: false,
10383
+ # restrict_public_buckets: false,
10384
+ # },
9787
10385
  # }
9788
10386
  #
9789
10387
  # @!attribute [rw] owner_id
@@ -9810,13 +10408,19 @@ module Aws::SecurityHub
9810
10408
  # The encryption rules that are applied to the S3 bucket.
9811
10409
  # @return [Types::AwsS3BucketServerSideEncryptionConfiguration]
9812
10410
  #
10411
+ # @!attribute [rw] public_access_block_configuration
10412
+ # Provides information about the Amazon S3 Public Access Block
10413
+ # configuration for the S3 bucket.
10414
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
10415
+ #
9813
10416
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
9814
10417
  #
9815
10418
  class AwsS3BucketDetails < Struct.new(
9816
10419
  :owner_id,
9817
10420
  :owner_name,
9818
10421
  :created_at,
9819
- :server_side_encryption_configuration)
10422
+ :server_side_encryption_configuration,
10423
+ :public_access_block_configuration)
9820
10424
  SENSITIVE = []
9821
10425
  include Aws::Structure
9822
10426
  end
@@ -10077,12 +10681,12 @@ module Aws::SecurityHub
10077
10681
  # product_arn: "NonEmptyString", # required
10078
10682
  # generator_id: "NonEmptyString", # required
10079
10683
  # aws_account_id: "NonEmptyString", # required
10080
- # types: ["NonEmptyString"], # required
10684
+ # types: ["NonEmptyString"],
10081
10685
  # first_observed_at: "NonEmptyString",
10082
10686
  # last_observed_at: "NonEmptyString",
10083
10687
  # created_at: "NonEmptyString", # required
10084
10688
  # updated_at: "NonEmptyString", # required
10085
- # severity: { # required
10689
+ # severity: {
10086
10690
  # product: 1.0,
10087
10691
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
10088
10692
  # normalized: 1,
@@ -10206,6 +10810,130 @@ module Aws::SecurityHub
10206
10810
  # tags: {
10207
10811
  # "NonEmptyString" => "NonEmptyString",
10208
10812
  # },
10813
+ # data_classification: {
10814
+ # detailed_results_location: "NonEmptyString",
10815
+ # result: {
10816
+ # mime_type: "NonEmptyString",
10817
+ # size_classified: 1,
10818
+ # additional_occurrences: false,
10819
+ # status: {
10820
+ # code: "NonEmptyString",
10821
+ # reason: "NonEmptyString",
10822
+ # },
10823
+ # sensitive_data: [
10824
+ # {
10825
+ # category: "NonEmptyString",
10826
+ # detections: [
10827
+ # {
10828
+ # count: 1,
10829
+ # type: "NonEmptyString",
10830
+ # occurrences: {
10831
+ # line_ranges: [
10832
+ # {
10833
+ # start: 1,
10834
+ # end: 1,
10835
+ # start_column: 1,
10836
+ # },
10837
+ # ],
10838
+ # offset_ranges: [
10839
+ # {
10840
+ # start: 1,
10841
+ # end: 1,
10842
+ # start_column: 1,
10843
+ # },
10844
+ # ],
10845
+ # pages: [
10846
+ # {
10847
+ # page_number: 1,
10848
+ # line_range: {
10849
+ # start: 1,
10850
+ # end: 1,
10851
+ # start_column: 1,
10852
+ # },
10853
+ # offset_range: {
10854
+ # start: 1,
10855
+ # end: 1,
10856
+ # start_column: 1,
10857
+ # },
10858
+ # },
10859
+ # ],
10860
+ # records: [
10861
+ # {
10862
+ # json_path: "NonEmptyString",
10863
+ # record_index: 1,
10864
+ # },
10865
+ # ],
10866
+ # cells: [
10867
+ # {
10868
+ # column: 1,
10869
+ # row: 1,
10870
+ # column_name: "NonEmptyString",
10871
+ # cell_reference: "NonEmptyString",
10872
+ # },
10873
+ # ],
10874
+ # },
10875
+ # },
10876
+ # ],
10877
+ # total_count: 1,
10878
+ # },
10879
+ # ],
10880
+ # custom_data_identifiers: {
10881
+ # detections: [
10882
+ # {
10883
+ # count: 1,
10884
+ # arn: "NonEmptyString",
10885
+ # name: "NonEmptyString",
10886
+ # occurrences: {
10887
+ # line_ranges: [
10888
+ # {
10889
+ # start: 1,
10890
+ # end: 1,
10891
+ # start_column: 1,
10892
+ # },
10893
+ # ],
10894
+ # offset_ranges: [
10895
+ # {
10896
+ # start: 1,
10897
+ # end: 1,
10898
+ # start_column: 1,
10899
+ # },
10900
+ # ],
10901
+ # pages: [
10902
+ # {
10903
+ # page_number: 1,
10904
+ # line_range: {
10905
+ # start: 1,
10906
+ # end: 1,
10907
+ # start_column: 1,
10908
+ # },
10909
+ # offset_range: {
10910
+ # start: 1,
10911
+ # end: 1,
10912
+ # start_column: 1,
10913
+ # },
10914
+ # },
10915
+ # ],
10916
+ # records: [
10917
+ # {
10918
+ # json_path: "NonEmptyString",
10919
+ # record_index: 1,
10920
+ # },
10921
+ # ],
10922
+ # cells: [
10923
+ # {
10924
+ # column: 1,
10925
+ # row: 1,
10926
+ # column_name: "NonEmptyString",
10927
+ # cell_reference: "NonEmptyString",
10928
+ # },
10929
+ # ],
10930
+ # },
10931
+ # },
10932
+ # ],
10933
+ # total_count: 1,
10934
+ # },
10935
+ # },
10936
+ # },
10209
10937
  # details: {
10210
10938
  # aws_auto_scaling_auto_scaling_group: {
10211
10939
  # launch_configuration_name: "NonEmptyString",
@@ -10446,6 +11174,58 @@ module Aws::SecurityHub
10446
11174
  # network_interface_owner_id: "NonEmptyString",
10447
11175
  # private_ip_address: "NonEmptyString",
10448
11176
  # },
11177
+ # aws_ec2_subnet: {
11178
+ # assign_ipv_6_address_on_creation: false,
11179
+ # availability_zone: "NonEmptyString",
11180
+ # availability_zone_id: "NonEmptyString",
11181
+ # available_ip_address_count: 1,
11182
+ # cidr_block: "NonEmptyString",
11183
+ # default_for_az: false,
11184
+ # map_public_ip_on_launch: false,
11185
+ # owner_id: "NonEmptyString",
11186
+ # state: "NonEmptyString",
11187
+ # subnet_arn: "NonEmptyString",
11188
+ # subnet_id: "NonEmptyString",
11189
+ # vpc_id: "NonEmptyString",
11190
+ # ipv_6_cidr_block_association_set: [
11191
+ # {
11192
+ # association_id: "NonEmptyString",
11193
+ # ipv_6_cidr_block: "NonEmptyString",
11194
+ # cidr_block_state: "NonEmptyString",
11195
+ # },
11196
+ # ],
11197
+ # },
11198
+ # aws_ec2_network_acl: {
11199
+ # is_default: false,
11200
+ # network_acl_id: "NonEmptyString",
11201
+ # owner_id: "NonEmptyString",
11202
+ # vpc_id: "NonEmptyString",
11203
+ # associations: [
11204
+ # {
11205
+ # network_acl_association_id: "NonEmptyString",
11206
+ # network_acl_id: "NonEmptyString",
11207
+ # subnet_id: "NonEmptyString",
11208
+ # },
11209
+ # ],
11210
+ # entries: [
11211
+ # {
11212
+ # cidr_block: "NonEmptyString",
11213
+ # egress: false,
11214
+ # icmp_type_code: {
11215
+ # code: 1,
11216
+ # type: 1,
11217
+ # },
11218
+ # ipv_6_cidr_block: "NonEmptyString",
11219
+ # port_range: {
11220
+ # from: 1,
11221
+ # to: 1,
11222
+ # },
11223
+ # protocol: "NonEmptyString",
11224
+ # rule_action: "NonEmptyString",
11225
+ # rule_number: 1,
11226
+ # },
11227
+ # ],
11228
+ # },
10449
11229
  # aws_elbv_2_load_balancer: {
10450
11230
  # availability_zones: [
10451
11231
  # {
@@ -10466,12 +11246,46 @@ module Aws::SecurityHub
10466
11246
  # type: "NonEmptyString",
10467
11247
  # vpc_id: "NonEmptyString",
10468
11248
  # },
10469
- # aws_elasticsearch_domain: {
10470
- # access_policies: "NonEmptyString",
10471
- # domain_endpoint_options: {
10472
- # enforce_https: false,
10473
- # tls_security_policy: "NonEmptyString",
10474
- # },
11249
+ # aws_elastic_beanstalk_environment: {
11250
+ # application_name: "NonEmptyString",
11251
+ # cname: "NonEmptyString",
11252
+ # date_created: "NonEmptyString",
11253
+ # date_updated: "NonEmptyString",
11254
+ # description: "NonEmptyString",
11255
+ # endpoint_url: "NonEmptyString",
11256
+ # environment_arn: "NonEmptyString",
11257
+ # environment_id: "NonEmptyString",
11258
+ # environment_links: [
11259
+ # {
11260
+ # environment_name: "NonEmptyString",
11261
+ # link_name: "NonEmptyString",
11262
+ # },
11263
+ # ],
11264
+ # environment_name: "NonEmptyString",
11265
+ # option_settings: [
11266
+ # {
11267
+ # namespace: "NonEmptyString",
11268
+ # option_name: "NonEmptyString",
11269
+ # resource_name: "NonEmptyString",
11270
+ # value: "NonEmptyString",
11271
+ # },
11272
+ # ],
11273
+ # platform_arn: "NonEmptyString",
11274
+ # solution_stack_name: "NonEmptyString",
11275
+ # status: "NonEmptyString",
11276
+ # tier: {
11277
+ # name: "NonEmptyString",
11278
+ # type: "NonEmptyString",
11279
+ # version: "NonEmptyString",
11280
+ # },
11281
+ # version_label: "NonEmptyString",
11282
+ # },
11283
+ # aws_elasticsearch_domain: {
11284
+ # access_policies: "NonEmptyString",
11285
+ # domain_endpoint_options: {
11286
+ # enforce_https: false,
11287
+ # tls_security_policy: "NonEmptyString",
11288
+ # },
10475
11289
  # domain_id: "NonEmptyString",
10476
11290
  # domain_name: "NonEmptyString",
10477
11291
  # endpoint: "NonEmptyString",
@@ -10507,6 +11321,18 @@ module Aws::SecurityHub
10507
11321
  # },
10508
11322
  # ],
10509
11323
  # },
11324
+ # public_access_block_configuration: {
11325
+ # block_public_acls: false,
11326
+ # block_public_policy: false,
11327
+ # ignore_public_acls: false,
11328
+ # restrict_public_buckets: false,
11329
+ # },
11330
+ # },
11331
+ # aws_s3_account_public_access_block: {
11332
+ # block_public_acls: false,
11333
+ # block_public_policy: false,
11334
+ # ignore_public_acls: false,
11335
+ # restrict_public_buckets: false,
10510
11336
  # },
10511
11337
  # aws_s3_object: {
10512
11338
  # last_modified: "NonEmptyString",
@@ -11737,6 +12563,21 @@ module Aws::SecurityHub
11737
12563
  # blocked: false,
11738
12564
  # },
11739
12565
  # },
12566
+ # finding_provider_fields: {
12567
+ # confidence: 1,
12568
+ # criticality: 1,
12569
+ # related_findings: [
12570
+ # {
12571
+ # product_arn: "NonEmptyString", # required
12572
+ # id: "NonEmptyString", # required
12573
+ # },
12574
+ # ],
12575
+ # severity: {
12576
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
12577
+ # original: "NonEmptyString",
12578
+ # },
12579
+ # types: ["NonEmptyString"],
12580
+ # },
11740
12581
  # }
11741
12582
  #
11742
12583
  # @!attribute [rw] schema_version
@@ -11953,9 +12794,16 @@ module Aws::SecurityHub
11953
12794
  # @return [Types::PatchSummary]
11954
12795
  #
11955
12796
  # @!attribute [rw] action
11956
- # Provides details about an action that was detected for the finding.
12797
+ # Provides details about an action that affects or that was taken on a
12798
+ # resource.
11957
12799
  # @return [Types::Action]
11958
12800
  #
12801
+ # @!attribute [rw] finding_provider_fields
12802
+ # In a `BatchImportFindings` request, finding providers use
12803
+ # `FindingProviderFields` to provide and update their own values for
12804
+ # confidence, criticality, related findings, severity, and types.
12805
+ # @return [Types::FindingProviderFields]
12806
+ #
11959
12807
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11960
12808
  #
11961
12809
  class AwsSecurityFinding < Struct.new(
@@ -11993,7 +12841,8 @@ module Aws::SecurityHub
11993
12841
  :note,
11994
12842
  :vulnerabilities,
11995
12843
  :patch_summary,
11996
- :action)
12844
+ :action,
12845
+ :finding_provider_fields)
11997
12846
  SENSITIVE = []
11998
12847
  include Aws::Structure
11999
12848
  end
@@ -12562,6 +13411,50 @@ module Aws::SecurityHub
12562
13411
  # value: "NonEmptyString",
12563
13412
  # },
12564
13413
  # ],
13414
+ # finding_provider_fields_confidence: [
13415
+ # {
13416
+ # gte: 1.0,
13417
+ # lte: 1.0,
13418
+ # eq: 1.0,
13419
+ # },
13420
+ # ],
13421
+ # finding_provider_fields_criticality: [
13422
+ # {
13423
+ # gte: 1.0,
13424
+ # lte: 1.0,
13425
+ # eq: 1.0,
13426
+ # },
13427
+ # ],
13428
+ # finding_provider_fields_related_findings_id: [
13429
+ # {
13430
+ # value: "NonEmptyString",
13431
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
13432
+ # },
13433
+ # ],
13434
+ # finding_provider_fields_related_findings_product_arn: [
13435
+ # {
13436
+ # value: "NonEmptyString",
13437
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
13438
+ # },
13439
+ # ],
13440
+ # finding_provider_fields_severity_label: [
13441
+ # {
13442
+ # value: "NonEmptyString",
13443
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
13444
+ # },
13445
+ # ],
13446
+ # finding_provider_fields_severity_original: [
13447
+ # {
13448
+ # value: "NonEmptyString",
13449
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
13450
+ # },
13451
+ # ],
13452
+ # finding_provider_fields_types: [
13453
+ # {
13454
+ # value: "NonEmptyString",
13455
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
13456
+ # },
13457
+ # ],
12565
13458
  # }
12566
13459
  #
12567
13460
  # @!attribute [rw] product_arn
@@ -12969,6 +13862,52 @@ module Aws::SecurityHub
12969
13862
  # A keyword for a finding.
12970
13863
  # @return [Array<Types::KeywordFilter>]
12971
13864
  #
13865
+ # @!attribute [rw] finding_provider_fields_confidence
13866
+ # The finding provider value for the finding confidence. Confidence is
13867
+ # defined as the likelihood that a finding accurately identifies the
13868
+ # behavior or issue that it was intended to identify.
13869
+ #
13870
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
13871
+ # means zero percent confidence and 100 means 100 percent confidence.
13872
+ # @return [Array<Types::NumberFilter>]
13873
+ #
13874
+ # @!attribute [rw] finding_provider_fields_criticality
13875
+ # The finding provider value for the level of importance assigned to
13876
+ # the resources associated with the findings.
13877
+ #
13878
+ # A score of 0 means that the underlying resources have no
13879
+ # criticality, and a score of 100 is reserved for the most critical
13880
+ # resources.
13881
+ # @return [Array<Types::NumberFilter>]
13882
+ #
13883
+ # @!attribute [rw] finding_provider_fields_related_findings_id
13884
+ # The finding identifier of a related finding that is identified by
13885
+ # the finding provider.
13886
+ # @return [Array<Types::StringFilter>]
13887
+ #
13888
+ # @!attribute [rw] finding_provider_fields_related_findings_product_arn
13889
+ # The ARN of the solution that generated a related finding that is
13890
+ # identified by the finding provider.
13891
+ # @return [Array<Types::StringFilter>]
13892
+ #
13893
+ # @!attribute [rw] finding_provider_fields_severity_label
13894
+ # The finding provider value for the severity label.
13895
+ # @return [Array<Types::StringFilter>]
13896
+ #
13897
+ # @!attribute [rw] finding_provider_fields_severity_original
13898
+ # The finding provider's original value for the severity.
13899
+ # @return [Array<Types::StringFilter>]
13900
+ #
13901
+ # @!attribute [rw] finding_provider_fields_types
13902
+ # One or more finding types that the finding provider assigned to the
13903
+ # finding. Uses the format of `namespace/category/classifier` that
13904
+ # classify a finding.
13905
+ #
13906
+ # Valid namespace values are: Software and Configuration Checks \|
13907
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
13908
+ # Identifications
13909
+ # @return [Array<Types::StringFilter>]
13910
+ #
12972
13911
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
12973
13912
  #
12974
13913
  class AwsSecurityFindingFilters < Struct.new(
@@ -13055,7 +13994,14 @@ module Aws::SecurityHub
13055
13994
  :note_text,
13056
13995
  :note_updated_at,
13057
13996
  :note_updated_by,
13058
- :keyword)
13997
+ :keyword,
13998
+ :finding_provider_fields_confidence,
13999
+ :finding_provider_fields_criticality,
14000
+ :finding_provider_fields_related_findings_id,
14001
+ :finding_provider_fields_related_findings_product_arn,
14002
+ :finding_provider_fields_severity_label,
14003
+ :finding_provider_fields_severity_original,
14004
+ :finding_provider_fields_types)
13059
14005
  SENSITIVE = []
13060
14006
  include Aws::Structure
13061
14007
  end
@@ -13661,12 +14607,12 @@ module Aws::SecurityHub
13661
14607
  # product_arn: "NonEmptyString", # required
13662
14608
  # generator_id: "NonEmptyString", # required
13663
14609
  # aws_account_id: "NonEmptyString", # required
13664
- # types: ["NonEmptyString"], # required
14610
+ # types: ["NonEmptyString"],
13665
14611
  # first_observed_at: "NonEmptyString",
13666
14612
  # last_observed_at: "NonEmptyString",
13667
14613
  # created_at: "NonEmptyString", # required
13668
14614
  # updated_at: "NonEmptyString", # required
13669
- # severity: { # required
14615
+ # severity: {
13670
14616
  # product: 1.0,
13671
14617
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
13672
14618
  # normalized: 1,
@@ -13790,6 +14736,130 @@ module Aws::SecurityHub
13790
14736
  # tags: {
13791
14737
  # "NonEmptyString" => "NonEmptyString",
13792
14738
  # },
14739
+ # data_classification: {
14740
+ # detailed_results_location: "NonEmptyString",
14741
+ # result: {
14742
+ # mime_type: "NonEmptyString",
14743
+ # size_classified: 1,
14744
+ # additional_occurrences: false,
14745
+ # status: {
14746
+ # code: "NonEmptyString",
14747
+ # reason: "NonEmptyString",
14748
+ # },
14749
+ # sensitive_data: [
14750
+ # {
14751
+ # category: "NonEmptyString",
14752
+ # detections: [
14753
+ # {
14754
+ # count: 1,
14755
+ # type: "NonEmptyString",
14756
+ # occurrences: {
14757
+ # line_ranges: [
14758
+ # {
14759
+ # start: 1,
14760
+ # end: 1,
14761
+ # start_column: 1,
14762
+ # },
14763
+ # ],
14764
+ # offset_ranges: [
14765
+ # {
14766
+ # start: 1,
14767
+ # end: 1,
14768
+ # start_column: 1,
14769
+ # },
14770
+ # ],
14771
+ # pages: [
14772
+ # {
14773
+ # page_number: 1,
14774
+ # line_range: {
14775
+ # start: 1,
14776
+ # end: 1,
14777
+ # start_column: 1,
14778
+ # },
14779
+ # offset_range: {
14780
+ # start: 1,
14781
+ # end: 1,
14782
+ # start_column: 1,
14783
+ # },
14784
+ # },
14785
+ # ],
14786
+ # records: [
14787
+ # {
14788
+ # json_path: "NonEmptyString",
14789
+ # record_index: 1,
14790
+ # },
14791
+ # ],
14792
+ # cells: [
14793
+ # {
14794
+ # column: 1,
14795
+ # row: 1,
14796
+ # column_name: "NonEmptyString",
14797
+ # cell_reference: "NonEmptyString",
14798
+ # },
14799
+ # ],
14800
+ # },
14801
+ # },
14802
+ # ],
14803
+ # total_count: 1,
14804
+ # },
14805
+ # ],
14806
+ # custom_data_identifiers: {
14807
+ # detections: [
14808
+ # {
14809
+ # count: 1,
14810
+ # arn: "NonEmptyString",
14811
+ # name: "NonEmptyString",
14812
+ # occurrences: {
14813
+ # line_ranges: [
14814
+ # {
14815
+ # start: 1,
14816
+ # end: 1,
14817
+ # start_column: 1,
14818
+ # },
14819
+ # ],
14820
+ # offset_ranges: [
14821
+ # {
14822
+ # start: 1,
14823
+ # end: 1,
14824
+ # start_column: 1,
14825
+ # },
14826
+ # ],
14827
+ # pages: [
14828
+ # {
14829
+ # page_number: 1,
14830
+ # line_range: {
14831
+ # start: 1,
14832
+ # end: 1,
14833
+ # start_column: 1,
14834
+ # },
14835
+ # offset_range: {
14836
+ # start: 1,
14837
+ # end: 1,
14838
+ # start_column: 1,
14839
+ # },
14840
+ # },
14841
+ # ],
14842
+ # records: [
14843
+ # {
14844
+ # json_path: "NonEmptyString",
14845
+ # record_index: 1,
14846
+ # },
14847
+ # ],
14848
+ # cells: [
14849
+ # {
14850
+ # column: 1,
14851
+ # row: 1,
14852
+ # column_name: "NonEmptyString",
14853
+ # cell_reference: "NonEmptyString",
14854
+ # },
14855
+ # ],
14856
+ # },
14857
+ # },
14858
+ # ],
14859
+ # total_count: 1,
14860
+ # },
14861
+ # },
14862
+ # },
13793
14863
  # details: {
13794
14864
  # aws_auto_scaling_auto_scaling_group: {
13795
14865
  # launch_configuration_name: "NonEmptyString",
@@ -14030,6 +15100,58 @@ module Aws::SecurityHub
14030
15100
  # network_interface_owner_id: "NonEmptyString",
14031
15101
  # private_ip_address: "NonEmptyString",
14032
15102
  # },
15103
+ # aws_ec2_subnet: {
15104
+ # assign_ipv_6_address_on_creation: false,
15105
+ # availability_zone: "NonEmptyString",
15106
+ # availability_zone_id: "NonEmptyString",
15107
+ # available_ip_address_count: 1,
15108
+ # cidr_block: "NonEmptyString",
15109
+ # default_for_az: false,
15110
+ # map_public_ip_on_launch: false,
15111
+ # owner_id: "NonEmptyString",
15112
+ # state: "NonEmptyString",
15113
+ # subnet_arn: "NonEmptyString",
15114
+ # subnet_id: "NonEmptyString",
15115
+ # vpc_id: "NonEmptyString",
15116
+ # ipv_6_cidr_block_association_set: [
15117
+ # {
15118
+ # association_id: "NonEmptyString",
15119
+ # ipv_6_cidr_block: "NonEmptyString",
15120
+ # cidr_block_state: "NonEmptyString",
15121
+ # },
15122
+ # ],
15123
+ # },
15124
+ # aws_ec2_network_acl: {
15125
+ # is_default: false,
15126
+ # network_acl_id: "NonEmptyString",
15127
+ # owner_id: "NonEmptyString",
15128
+ # vpc_id: "NonEmptyString",
15129
+ # associations: [
15130
+ # {
15131
+ # network_acl_association_id: "NonEmptyString",
15132
+ # network_acl_id: "NonEmptyString",
15133
+ # subnet_id: "NonEmptyString",
15134
+ # },
15135
+ # ],
15136
+ # entries: [
15137
+ # {
15138
+ # cidr_block: "NonEmptyString",
15139
+ # egress: false,
15140
+ # icmp_type_code: {
15141
+ # code: 1,
15142
+ # type: 1,
15143
+ # },
15144
+ # ipv_6_cidr_block: "NonEmptyString",
15145
+ # port_range: {
15146
+ # from: 1,
15147
+ # to: 1,
15148
+ # },
15149
+ # protocol: "NonEmptyString",
15150
+ # rule_action: "NonEmptyString",
15151
+ # rule_number: 1,
15152
+ # },
15153
+ # ],
15154
+ # },
14033
15155
  # aws_elbv_2_load_balancer: {
14034
15156
  # availability_zones: [
14035
15157
  # {
@@ -14050,6 +15172,40 @@ module Aws::SecurityHub
14050
15172
  # type: "NonEmptyString",
14051
15173
  # vpc_id: "NonEmptyString",
14052
15174
  # },
15175
+ # aws_elastic_beanstalk_environment: {
15176
+ # application_name: "NonEmptyString",
15177
+ # cname: "NonEmptyString",
15178
+ # date_created: "NonEmptyString",
15179
+ # date_updated: "NonEmptyString",
15180
+ # description: "NonEmptyString",
15181
+ # endpoint_url: "NonEmptyString",
15182
+ # environment_arn: "NonEmptyString",
15183
+ # environment_id: "NonEmptyString",
15184
+ # environment_links: [
15185
+ # {
15186
+ # environment_name: "NonEmptyString",
15187
+ # link_name: "NonEmptyString",
15188
+ # },
15189
+ # ],
15190
+ # environment_name: "NonEmptyString",
15191
+ # option_settings: [
15192
+ # {
15193
+ # namespace: "NonEmptyString",
15194
+ # option_name: "NonEmptyString",
15195
+ # resource_name: "NonEmptyString",
15196
+ # value: "NonEmptyString",
15197
+ # },
15198
+ # ],
15199
+ # platform_arn: "NonEmptyString",
15200
+ # solution_stack_name: "NonEmptyString",
15201
+ # status: "NonEmptyString",
15202
+ # tier: {
15203
+ # name: "NonEmptyString",
15204
+ # type: "NonEmptyString",
15205
+ # version: "NonEmptyString",
15206
+ # },
15207
+ # version_label: "NonEmptyString",
15208
+ # },
14053
15209
  # aws_elasticsearch_domain: {
14054
15210
  # access_policies: "NonEmptyString",
14055
15211
  # domain_endpoint_options: {
@@ -14091,6 +15247,18 @@ module Aws::SecurityHub
14091
15247
  # },
14092
15248
  # ],
14093
15249
  # },
15250
+ # public_access_block_configuration: {
15251
+ # block_public_acls: false,
15252
+ # block_public_policy: false,
15253
+ # ignore_public_acls: false,
15254
+ # restrict_public_buckets: false,
15255
+ # },
15256
+ # },
15257
+ # aws_s3_account_public_access_block: {
15258
+ # block_public_acls: false,
15259
+ # block_public_policy: false,
15260
+ # ignore_public_acls: false,
15261
+ # restrict_public_buckets: false,
14094
15262
  # },
14095
15263
  # aws_s3_object: {
14096
15264
  # last_modified: "NonEmptyString",
@@ -15321,6 +16489,21 @@ module Aws::SecurityHub
15321
16489
  # blocked: false,
15322
16490
  # },
15323
16491
  # },
16492
+ # finding_provider_fields: {
16493
+ # confidence: 1,
16494
+ # criticality: 1,
16495
+ # related_findings: [
16496
+ # {
16497
+ # product_arn: "NonEmptyString", # required
16498
+ # id: "NonEmptyString", # required
16499
+ # },
16500
+ # ],
16501
+ # severity: {
16502
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
16503
+ # original: "NonEmptyString",
16504
+ # },
16505
+ # types: ["NonEmptyString"],
16506
+ # },
15324
16507
  # },
15325
16508
  # ],
15326
16509
  # }
@@ -15544,6 +16727,52 @@ module Aws::SecurityHub
15544
16727
  include Aws::Structure
15545
16728
  end
15546
16729
 
16730
+ # An occurrence of sensitive data detected in a Microsoft Excel
16731
+ # workbook, comma-separated value (CSV) file, or tab-separated value
16732
+ # (TSV) file.
16733
+ #
16734
+ # @note When making an API call, you may pass Cell
16735
+ # data as a hash:
16736
+ #
16737
+ # {
16738
+ # column: 1,
16739
+ # row: 1,
16740
+ # column_name: "NonEmptyString",
16741
+ # cell_reference: "NonEmptyString",
16742
+ # }
16743
+ #
16744
+ # @!attribute [rw] column
16745
+ # The column number of the column that contains the data. For a
16746
+ # Microsoft Excel workbook, the column number corresponds to the
16747
+ # alphabetical column identifiers. For example, a value of 1 for
16748
+ # Column corresponds to the A column in the workbook.
16749
+ # @return [Integer]
16750
+ #
16751
+ # @!attribute [rw] row
16752
+ # The row number of the row that contains the data.
16753
+ # @return [Integer]
16754
+ #
16755
+ # @!attribute [rw] column_name
16756
+ # The name of the column that contains the data.
16757
+ # @return [String]
16758
+ #
16759
+ # @!attribute [rw] cell_reference
16760
+ # For a Microsoft Excel workbook, provides the location of the cell,
16761
+ # as an absolute cell reference, that contains the data. For example,
16762
+ # Sheet2!C5 for cell C5 on Sheet2.
16763
+ # @return [String]
16764
+ #
16765
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cell AWS API Documentation
16766
+ #
16767
+ class Cell < Struct.new(
16768
+ :column,
16769
+ :row,
16770
+ :column_name,
16771
+ :cell_reference)
16772
+ SENSITIVE = []
16773
+ include Aws::Structure
16774
+ end
16775
+
15547
16776
  # An IPv4 CIDR block association.
15548
16777
  #
15549
16778
  # @note When making an API call, you may pass CidrBlockAssociation
@@ -15598,38 +16827,235 @@ module Aws::SecurityHub
15598
16827
  include Aws::Structure
15599
16828
  end
15600
16829
 
15601
- # Contains finding details that are specific to control-based findings.
15602
- # Only returned for findings generated from controls.
16830
+ # Details about the sensitive data that was detected on the resource.
15603
16831
  #
15604
- # @note When making an API call, you may pass Compliance
16832
+ # @note When making an API call, you may pass ClassificationResult
15605
16833
  # data as a hash:
15606
16834
  #
15607
16835
  # {
15608
- # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
15609
- # related_requirements: ["NonEmptyString"],
15610
- # status_reasons: [
16836
+ # mime_type: "NonEmptyString",
16837
+ # size_classified: 1,
16838
+ # additional_occurrences: false,
16839
+ # status: {
16840
+ # code: "NonEmptyString",
16841
+ # reason: "NonEmptyString",
16842
+ # },
16843
+ # sensitive_data: [
15611
16844
  # {
15612
- # reason_code: "NonEmptyString", # required
15613
- # description: "NonEmptyString",
16845
+ # category: "NonEmptyString",
16846
+ # detections: [
16847
+ # {
16848
+ # count: 1,
16849
+ # type: "NonEmptyString",
16850
+ # occurrences: {
16851
+ # line_ranges: [
16852
+ # {
16853
+ # start: 1,
16854
+ # end: 1,
16855
+ # start_column: 1,
16856
+ # },
16857
+ # ],
16858
+ # offset_ranges: [
16859
+ # {
16860
+ # start: 1,
16861
+ # end: 1,
16862
+ # start_column: 1,
16863
+ # },
16864
+ # ],
16865
+ # pages: [
16866
+ # {
16867
+ # page_number: 1,
16868
+ # line_range: {
16869
+ # start: 1,
16870
+ # end: 1,
16871
+ # start_column: 1,
16872
+ # },
16873
+ # offset_range: {
16874
+ # start: 1,
16875
+ # end: 1,
16876
+ # start_column: 1,
16877
+ # },
16878
+ # },
16879
+ # ],
16880
+ # records: [
16881
+ # {
16882
+ # json_path: "NonEmptyString",
16883
+ # record_index: 1,
16884
+ # },
16885
+ # ],
16886
+ # cells: [
16887
+ # {
16888
+ # column: 1,
16889
+ # row: 1,
16890
+ # column_name: "NonEmptyString",
16891
+ # cell_reference: "NonEmptyString",
16892
+ # },
16893
+ # ],
16894
+ # },
16895
+ # },
16896
+ # ],
16897
+ # total_count: 1,
15614
16898
  # },
15615
16899
  # ],
16900
+ # custom_data_identifiers: {
16901
+ # detections: [
16902
+ # {
16903
+ # count: 1,
16904
+ # arn: "NonEmptyString",
16905
+ # name: "NonEmptyString",
16906
+ # occurrences: {
16907
+ # line_ranges: [
16908
+ # {
16909
+ # start: 1,
16910
+ # end: 1,
16911
+ # start_column: 1,
16912
+ # },
16913
+ # ],
16914
+ # offset_ranges: [
16915
+ # {
16916
+ # start: 1,
16917
+ # end: 1,
16918
+ # start_column: 1,
16919
+ # },
16920
+ # ],
16921
+ # pages: [
16922
+ # {
16923
+ # page_number: 1,
16924
+ # line_range: {
16925
+ # start: 1,
16926
+ # end: 1,
16927
+ # start_column: 1,
16928
+ # },
16929
+ # offset_range: {
16930
+ # start: 1,
16931
+ # end: 1,
16932
+ # start_column: 1,
16933
+ # },
16934
+ # },
16935
+ # ],
16936
+ # records: [
16937
+ # {
16938
+ # json_path: "NonEmptyString",
16939
+ # record_index: 1,
16940
+ # },
16941
+ # ],
16942
+ # cells: [
16943
+ # {
16944
+ # column: 1,
16945
+ # row: 1,
16946
+ # column_name: "NonEmptyString",
16947
+ # cell_reference: "NonEmptyString",
16948
+ # },
16949
+ # ],
16950
+ # },
16951
+ # },
16952
+ # ],
16953
+ # total_count: 1,
16954
+ # },
15616
16955
  # }
15617
16956
  #
15618
- # @!attribute [rw] status
15619
- # The result of a standards check.
16957
+ # @!attribute [rw] mime_type
16958
+ # The type of content that the finding applies to.
16959
+ # @return [String]
15620
16960
  #
15621
- # The valid values for `Status` are as follows.
16961
+ # @!attribute [rw] size_classified
16962
+ # The total size in bytes of the affected data.
16963
+ # @return [Integer]
15622
16964
  #
15623
- # * * `PASSED` - Standards check passed for all evaluated resources.
16965
+ # @!attribute [rw] additional_occurrences
16966
+ # Indicates whether there are additional occurrences of sensitive data
16967
+ # that are not included in the finding. This occurs when the number of
16968
+ # occurrences exceeds the maximum that can be included.
16969
+ # @return [Boolean]
15624
16970
  #
15625
- # * `WARNING` - Some information is missing or this check is not
15626
- # supported for your configuration.
16971
+ # @!attribute [rw] status
16972
+ # The current status of the sensitive data detection.
16973
+ # @return [Types::ClassificationStatus]
15627
16974
  #
15628
- # * `FAILED` - Standards check failed for at least one evaluated
15629
- # resource.
16975
+ # @!attribute [rw] sensitive_data
16976
+ # Provides details about sensitive data that was identified based on
16977
+ # built-in configuration.
16978
+ # @return [Array<Types::SensitiveDataResult>]
15630
16979
  #
15631
- # * `NOT_AVAILABLE` - Check could not be performed due to a service
15632
- # outage, API error, or because the result of the AWS Config
16980
+ # @!attribute [rw] custom_data_identifiers
16981
+ # Provides details about sensitive data that was identified based on
16982
+ # customer-defined configuration.
16983
+ # @return [Types::CustomDataIdentifiersResult]
16984
+ #
16985
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationResult AWS API Documentation
16986
+ #
16987
+ class ClassificationResult < Struct.new(
16988
+ :mime_type,
16989
+ :size_classified,
16990
+ :additional_occurrences,
16991
+ :status,
16992
+ :sensitive_data,
16993
+ :custom_data_identifiers)
16994
+ SENSITIVE = []
16995
+ include Aws::Structure
16996
+ end
16997
+
16998
+ # Provides details about the current status of the sensitive data
16999
+ # detection.
17000
+ #
17001
+ # @note When making an API call, you may pass ClassificationStatus
17002
+ # data as a hash:
17003
+ #
17004
+ # {
17005
+ # code: "NonEmptyString",
17006
+ # reason: "NonEmptyString",
17007
+ # }
17008
+ #
17009
+ # @!attribute [rw] code
17010
+ # The code that represents the status of the sensitive data detection.
17011
+ # @return [String]
17012
+ #
17013
+ # @!attribute [rw] reason
17014
+ # A longer description of the current status of the sensitive data
17015
+ # detection.
17016
+ # @return [String]
17017
+ #
17018
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationStatus AWS API Documentation
17019
+ #
17020
+ class ClassificationStatus < Struct.new(
17021
+ :code,
17022
+ :reason)
17023
+ SENSITIVE = []
17024
+ include Aws::Structure
17025
+ end
17026
+
17027
+ # Contains finding details that are specific to control-based findings.
17028
+ # Only returned for findings generated from controls.
17029
+ #
17030
+ # @note When making an API call, you may pass Compliance
17031
+ # data as a hash:
17032
+ #
17033
+ # {
17034
+ # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
17035
+ # related_requirements: ["NonEmptyString"],
17036
+ # status_reasons: [
17037
+ # {
17038
+ # reason_code: "NonEmptyString", # required
17039
+ # description: "NonEmptyString",
17040
+ # },
17041
+ # ],
17042
+ # }
17043
+ #
17044
+ # @!attribute [rw] status
17045
+ # The result of a standards check.
17046
+ #
17047
+ # The valid values for `Status` are as follows.
17048
+ #
17049
+ # * * `PASSED` - Standards check passed for all evaluated resources.
17050
+ #
17051
+ # * `WARNING` - Some information is missing or this check is not
17052
+ # supported for your configuration.
17053
+ #
17054
+ # * `FAILED` - Standards check failed for at least one evaluated
17055
+ # resource.
17056
+ #
17057
+ # * `NOT_AVAILABLE` - Check could not be performed due to a service
17058
+ # outage, API error, or because the result of the AWS Config
15633
17059
  # evaluation was `NOT_APPLICABLE`. If the AWS Config evaluation
15634
17060
  # result was `NOT_APPLICABLE`, then after 3 days, Security Hub
15635
17061
  # automatically archives the finding.
@@ -16338,6 +17764,50 @@ module Aws::SecurityHub
16338
17764
  # value: "NonEmptyString",
16339
17765
  # },
16340
17766
  # ],
17767
+ # finding_provider_fields_confidence: [
17768
+ # {
17769
+ # gte: 1.0,
17770
+ # lte: 1.0,
17771
+ # eq: 1.0,
17772
+ # },
17773
+ # ],
17774
+ # finding_provider_fields_criticality: [
17775
+ # {
17776
+ # gte: 1.0,
17777
+ # lte: 1.0,
17778
+ # eq: 1.0,
17779
+ # },
17780
+ # ],
17781
+ # finding_provider_fields_related_findings_id: [
17782
+ # {
17783
+ # value: "NonEmptyString",
17784
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17785
+ # },
17786
+ # ],
17787
+ # finding_provider_fields_related_findings_product_arn: [
17788
+ # {
17789
+ # value: "NonEmptyString",
17790
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17791
+ # },
17792
+ # ],
17793
+ # finding_provider_fields_severity_label: [
17794
+ # {
17795
+ # value: "NonEmptyString",
17796
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17797
+ # },
17798
+ # ],
17799
+ # finding_provider_fields_severity_original: [
17800
+ # {
17801
+ # value: "NonEmptyString",
17802
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17803
+ # },
17804
+ # ],
17805
+ # finding_provider_fields_types: [
17806
+ # {
17807
+ # value: "NonEmptyString",
17808
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17809
+ # },
17810
+ # ],
16341
17811
  # },
16342
17812
  # group_by_attribute: "NonEmptyString", # required
16343
17813
  # }
@@ -16395,9 +17865,9 @@ module Aws::SecurityHub
16395
17865
  # }
16396
17866
  #
16397
17867
  # @!attribute [rw] account_details
16398
- # The list of accounts to associate with the Security Hub master
16399
- # account. For each account, the list includes the account ID and
16400
- # optionally the email address.
17868
+ # The list of accounts to associate with the Security Hub
17869
+ # administrator account. For each account, the list includes the
17870
+ # account ID and optionally the email address.
16401
17871
  # @return [Array<Types::AccountDetails>]
16402
17872
  #
16403
17873
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
@@ -16421,6 +17891,170 @@ module Aws::SecurityHub
16421
17891
  include Aws::Structure
16422
17892
  end
16423
17893
 
17894
+ # The list of detected instances of sensitive data.
17895
+ #
17896
+ # @note When making an API call, you may pass CustomDataIdentifiersDetections
17897
+ # data as a hash:
17898
+ #
17899
+ # {
17900
+ # count: 1,
17901
+ # arn: "NonEmptyString",
17902
+ # name: "NonEmptyString",
17903
+ # occurrences: {
17904
+ # line_ranges: [
17905
+ # {
17906
+ # start: 1,
17907
+ # end: 1,
17908
+ # start_column: 1,
17909
+ # },
17910
+ # ],
17911
+ # offset_ranges: [
17912
+ # {
17913
+ # start: 1,
17914
+ # end: 1,
17915
+ # start_column: 1,
17916
+ # },
17917
+ # ],
17918
+ # pages: [
17919
+ # {
17920
+ # page_number: 1,
17921
+ # line_range: {
17922
+ # start: 1,
17923
+ # end: 1,
17924
+ # start_column: 1,
17925
+ # },
17926
+ # offset_range: {
17927
+ # start: 1,
17928
+ # end: 1,
17929
+ # start_column: 1,
17930
+ # },
17931
+ # },
17932
+ # ],
17933
+ # records: [
17934
+ # {
17935
+ # json_path: "NonEmptyString",
17936
+ # record_index: 1,
17937
+ # },
17938
+ # ],
17939
+ # cells: [
17940
+ # {
17941
+ # column: 1,
17942
+ # row: 1,
17943
+ # column_name: "NonEmptyString",
17944
+ # cell_reference: "NonEmptyString",
17945
+ # },
17946
+ # ],
17947
+ # },
17948
+ # }
17949
+ #
17950
+ # @!attribute [rw] count
17951
+ # The total number of occurrences of sensitive data that were
17952
+ # detected.
17953
+ # @return [Integer]
17954
+ #
17955
+ # @!attribute [rw] arn
17956
+ # The ARN of the custom identifier that was used to detect the
17957
+ # sensitive data.
17958
+ # @return [String]
17959
+ #
17960
+ # @!attribute [rw] name
17961
+ # he name of the custom identifier that detected the sensitive data.
17962
+ # @return [String]
17963
+ #
17964
+ # @!attribute [rw] occurrences
17965
+ # Details about the sensitive data that was detected.
17966
+ # @return [Types::Occurrences]
17967
+ #
17968
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersDetections AWS API Documentation
17969
+ #
17970
+ class CustomDataIdentifiersDetections < Struct.new(
17971
+ :count,
17972
+ :arn,
17973
+ :name,
17974
+ :occurrences)
17975
+ SENSITIVE = []
17976
+ include Aws::Structure
17977
+ end
17978
+
17979
+ # Contains an instance of sensitive data that was detected by a
17980
+ # customer-defined identifier.
17981
+ #
17982
+ # @note When making an API call, you may pass CustomDataIdentifiersResult
17983
+ # data as a hash:
17984
+ #
17985
+ # {
17986
+ # detections: [
17987
+ # {
17988
+ # count: 1,
17989
+ # arn: "NonEmptyString",
17990
+ # name: "NonEmptyString",
17991
+ # occurrences: {
17992
+ # line_ranges: [
17993
+ # {
17994
+ # start: 1,
17995
+ # end: 1,
17996
+ # start_column: 1,
17997
+ # },
17998
+ # ],
17999
+ # offset_ranges: [
18000
+ # {
18001
+ # start: 1,
18002
+ # end: 1,
18003
+ # start_column: 1,
18004
+ # },
18005
+ # ],
18006
+ # pages: [
18007
+ # {
18008
+ # page_number: 1,
18009
+ # line_range: {
18010
+ # start: 1,
18011
+ # end: 1,
18012
+ # start_column: 1,
18013
+ # },
18014
+ # offset_range: {
18015
+ # start: 1,
18016
+ # end: 1,
18017
+ # start_column: 1,
18018
+ # },
18019
+ # },
18020
+ # ],
18021
+ # records: [
18022
+ # {
18023
+ # json_path: "NonEmptyString",
18024
+ # record_index: 1,
18025
+ # },
18026
+ # ],
18027
+ # cells: [
18028
+ # {
18029
+ # column: 1,
18030
+ # row: 1,
18031
+ # column_name: "NonEmptyString",
18032
+ # cell_reference: "NonEmptyString",
18033
+ # },
18034
+ # ],
18035
+ # },
18036
+ # },
18037
+ # ],
18038
+ # total_count: 1,
18039
+ # }
18040
+ #
18041
+ # @!attribute [rw] detections
18042
+ # The list of detected instances of sensitive data.
18043
+ # @return [Array<Types::CustomDataIdentifiersDetections>]
18044
+ #
18045
+ # @!attribute [rw] total_count
18046
+ # The total number of occurrences of sensitive data.
18047
+ # @return [Integer]
18048
+ #
18049
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersResult AWS API Documentation
18050
+ #
18051
+ class CustomDataIdentifiersResult < Struct.new(
18052
+ :detections,
18053
+ :total_count)
18054
+ SENSITIVE = []
18055
+ include Aws::Structure
18056
+ end
18057
+
16424
18058
  # CVSS scores from the advisory related to the vulnerability.
16425
18059
  #
16426
18060
  # @note When making an API call, you may pass Cvss
@@ -16454,6 +18088,154 @@ module Aws::SecurityHub
16454
18088
  include Aws::Structure
16455
18089
  end
16456
18090
 
18091
+ # Provides details about sensitive data that was detected on a resource.
18092
+ #
18093
+ # @note When making an API call, you may pass DataClassificationDetails
18094
+ # data as a hash:
18095
+ #
18096
+ # {
18097
+ # detailed_results_location: "NonEmptyString",
18098
+ # result: {
18099
+ # mime_type: "NonEmptyString",
18100
+ # size_classified: 1,
18101
+ # additional_occurrences: false,
18102
+ # status: {
18103
+ # code: "NonEmptyString",
18104
+ # reason: "NonEmptyString",
18105
+ # },
18106
+ # sensitive_data: [
18107
+ # {
18108
+ # category: "NonEmptyString",
18109
+ # detections: [
18110
+ # {
18111
+ # count: 1,
18112
+ # type: "NonEmptyString",
18113
+ # occurrences: {
18114
+ # line_ranges: [
18115
+ # {
18116
+ # start: 1,
18117
+ # end: 1,
18118
+ # start_column: 1,
18119
+ # },
18120
+ # ],
18121
+ # offset_ranges: [
18122
+ # {
18123
+ # start: 1,
18124
+ # end: 1,
18125
+ # start_column: 1,
18126
+ # },
18127
+ # ],
18128
+ # pages: [
18129
+ # {
18130
+ # page_number: 1,
18131
+ # line_range: {
18132
+ # start: 1,
18133
+ # end: 1,
18134
+ # start_column: 1,
18135
+ # },
18136
+ # offset_range: {
18137
+ # start: 1,
18138
+ # end: 1,
18139
+ # start_column: 1,
18140
+ # },
18141
+ # },
18142
+ # ],
18143
+ # records: [
18144
+ # {
18145
+ # json_path: "NonEmptyString",
18146
+ # record_index: 1,
18147
+ # },
18148
+ # ],
18149
+ # cells: [
18150
+ # {
18151
+ # column: 1,
18152
+ # row: 1,
18153
+ # column_name: "NonEmptyString",
18154
+ # cell_reference: "NonEmptyString",
18155
+ # },
18156
+ # ],
18157
+ # },
18158
+ # },
18159
+ # ],
18160
+ # total_count: 1,
18161
+ # },
18162
+ # ],
18163
+ # custom_data_identifiers: {
18164
+ # detections: [
18165
+ # {
18166
+ # count: 1,
18167
+ # arn: "NonEmptyString",
18168
+ # name: "NonEmptyString",
18169
+ # occurrences: {
18170
+ # line_ranges: [
18171
+ # {
18172
+ # start: 1,
18173
+ # end: 1,
18174
+ # start_column: 1,
18175
+ # },
18176
+ # ],
18177
+ # offset_ranges: [
18178
+ # {
18179
+ # start: 1,
18180
+ # end: 1,
18181
+ # start_column: 1,
18182
+ # },
18183
+ # ],
18184
+ # pages: [
18185
+ # {
18186
+ # page_number: 1,
18187
+ # line_range: {
18188
+ # start: 1,
18189
+ # end: 1,
18190
+ # start_column: 1,
18191
+ # },
18192
+ # offset_range: {
18193
+ # start: 1,
18194
+ # end: 1,
18195
+ # start_column: 1,
18196
+ # },
18197
+ # },
18198
+ # ],
18199
+ # records: [
18200
+ # {
18201
+ # json_path: "NonEmptyString",
18202
+ # record_index: 1,
18203
+ # },
18204
+ # ],
18205
+ # cells: [
18206
+ # {
18207
+ # column: 1,
18208
+ # row: 1,
18209
+ # column_name: "NonEmptyString",
18210
+ # cell_reference: "NonEmptyString",
18211
+ # },
18212
+ # ],
18213
+ # },
18214
+ # },
18215
+ # ],
18216
+ # total_count: 1,
18217
+ # },
18218
+ # },
18219
+ # }
18220
+ #
18221
+ # @!attribute [rw] detailed_results_location
18222
+ # The path to the folder or file that contains the sensitive data.
18223
+ # @return [String]
18224
+ #
18225
+ # @!attribute [rw] result
18226
+ # The details about the sensitive data that was detected on the
18227
+ # resource.
18228
+ # @return [Types::ClassificationResult]
18229
+ #
18230
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DataClassificationDetails AWS API Documentation
18231
+ #
18232
+ class DataClassificationDetails < Struct.new(
18233
+ :detailed_results_location,
18234
+ :result)
18235
+ SENSITIVE = []
18236
+ include Aws::Structure
18237
+ end
18238
+
16457
18239
  # A date filter for querying findings.
16458
18240
  #
16459
18241
  # @note When making an API call, you may pass DateFilter
@@ -16814,6 +18596,7 @@ module Aws::SecurityHub
16814
18596
  # {
16815
18597
  # next_token: "NextToken",
16816
18598
  # max_results: 1,
18599
+ # product_arn: "NonEmptyString",
16817
18600
  # }
16818
18601
  #
16819
18602
  # @!attribute [rw] next_token
@@ -16830,11 +18613,16 @@ module Aws::SecurityHub
16830
18613
  # The maximum number of results to return.
16831
18614
  # @return [Integer]
16832
18615
  #
18616
+ # @!attribute [rw] product_arn
18617
+ # The ARN of the integration to return.
18618
+ # @return [String]
18619
+ #
16833
18620
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeProductsRequest AWS API Documentation
16834
18621
  #
16835
18622
  class DescribeProductsRequest < Struct.new(
16836
18623
  :next_token,
16837
- :max_results)
18624
+ :max_results,
18625
+ :product_arn)
16838
18626
  SENSITIVE = []
16839
18627
  include Aws::Structure
16840
18628
  end
@@ -17017,6 +18805,16 @@ module Aws::SecurityHub
17017
18805
  #
17018
18806
  class DisableSecurityHubResponse < Aws::EmptyStructure; end
17019
18807
 
18808
+ # @api private
18809
+ #
18810
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountRequest AWS API Documentation
18811
+ #
18812
+ class DisassociateFromAdministratorAccountRequest < Aws::EmptyStructure; end
18813
+
18814
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccountResponse AWS API Documentation
18815
+ #
18816
+ class DisassociateFromAdministratorAccountResponse < Aws::EmptyStructure; end
18817
+
17020
18818
  # @api private
17021
18819
  #
17022
18820
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccountRequest AWS API Documentation
@@ -17036,7 +18834,7 @@ module Aws::SecurityHub
17036
18834
  #
17037
18835
  # @!attribute [rw] account_ids
17038
18836
  # The account IDs of the member accounts to disassociate from the
17039
- # master account.
18837
+ # administrator account.
17040
18838
  # @return [Array<String>]
17041
18839
  #
17042
18840
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembersRequest AWS API Documentation
@@ -17155,27 +18953,124 @@ module Aws::SecurityHub
17155
18953
  # The tags to add to the hub resource when you enable Security Hub.
17156
18954
  # @return [Hash<String,String>]
17157
18955
  #
17158
- # @!attribute [rw] enable_default_standards
17159
- # Whether to enable the security standards that Security Hub has
17160
- # designated as automatically enabled. If you do not provide a value
17161
- # for `EnableDefaultStandards`, it is set to `true`. To not enable the
17162
- # automatically enabled standards, set `EnableDefaultStandards` to
17163
- # `false`.
17164
- # @return [Boolean]
18956
+ # @!attribute [rw] enable_default_standards
18957
+ # Whether to enable the security standards that Security Hub has
18958
+ # designated as automatically enabled. If you do not provide a value
18959
+ # for `EnableDefaultStandards`, it is set to `true`. To not enable the
18960
+ # automatically enabled standards, set `EnableDefaultStandards` to
18961
+ # `false`.
18962
+ # @return [Boolean]
18963
+ #
18964
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubRequest AWS API Documentation
18965
+ #
18966
+ class EnableSecurityHubRequest < Struct.new(
18967
+ :tags,
18968
+ :enable_default_standards)
18969
+ SENSITIVE = []
18970
+ include Aws::Structure
18971
+ end
18972
+
18973
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubResponse AWS API Documentation
18974
+ #
18975
+ class EnableSecurityHubResponse < Aws::EmptyStructure; end
18976
+
18977
+ # In a `BatchImportFindings` request, finding providers use
18978
+ # `FindingProviderFields` to provide and update values for confidence,
18979
+ # criticality, related findings, severity, and types.
18980
+ #
18981
+ # @note When making an API call, you may pass FindingProviderFields
18982
+ # data as a hash:
18983
+ #
18984
+ # {
18985
+ # confidence: 1,
18986
+ # criticality: 1,
18987
+ # related_findings: [
18988
+ # {
18989
+ # product_arn: "NonEmptyString", # required
18990
+ # id: "NonEmptyString", # required
18991
+ # },
18992
+ # ],
18993
+ # severity: {
18994
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18995
+ # original: "NonEmptyString",
18996
+ # },
18997
+ # types: ["NonEmptyString"],
18998
+ # }
18999
+ #
19000
+ # @!attribute [rw] confidence
19001
+ # A finding's confidence. Confidence is defined as the likelihood
19002
+ # that a finding accurately identifies the behavior or issue that it
19003
+ # was intended to identify.
19004
+ #
19005
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
19006
+ # means zero percent confidence and 100 means 100 percent confidence.
19007
+ # @return [Integer]
19008
+ #
19009
+ # @!attribute [rw] criticality
19010
+ # The level of importance assigned to the resources associated with
19011
+ # the finding.
19012
+ #
19013
+ # A score of 0 means that the underlying resources have no
19014
+ # criticality, and a score of 100 is reserved for the most critical
19015
+ # resources.
19016
+ # @return [Integer]
19017
+ #
19018
+ # @!attribute [rw] related_findings
19019
+ # A list of findings that are related to the current finding.
19020
+ # @return [Array<Types::RelatedFinding>]
19021
+ #
19022
+ # @!attribute [rw] severity
19023
+ # The severity of a finding.
19024
+ # @return [Types::FindingProviderSeverity]
19025
+ #
19026
+ # @!attribute [rw] types
19027
+ # One or more finding types in the format of
19028
+ # `namespace/category/classifier` that classify a finding.
19029
+ #
19030
+ # Valid namespace values are: Software and Configuration Checks \|
19031
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
19032
+ # Identifications
19033
+ # @return [Array<String>]
19034
+ #
19035
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderFields AWS API Documentation
19036
+ #
19037
+ class FindingProviderFields < Struct.new(
19038
+ :confidence,
19039
+ :criticality,
19040
+ :related_findings,
19041
+ :severity,
19042
+ :types)
19043
+ SENSITIVE = []
19044
+ include Aws::Structure
19045
+ end
19046
+
19047
+ # The severity assigned to the finding by the finding provider.
19048
+ #
19049
+ # @note When making an API call, you may pass FindingProviderSeverity
19050
+ # data as a hash:
19051
+ #
19052
+ # {
19053
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
19054
+ # original: "NonEmptyString",
19055
+ # }
19056
+ #
19057
+ # @!attribute [rw] label
19058
+ # The severity label assigned to the finding by the finding provider.
19059
+ # @return [String]
19060
+ #
19061
+ # @!attribute [rw] original
19062
+ # The finding provider's original value for the severity.
19063
+ # @return [String]
17165
19064
  #
17166
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubRequest AWS API Documentation
19065
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderSeverity AWS API Documentation
17167
19066
  #
17168
- class EnableSecurityHubRequest < Struct.new(
17169
- :tags,
17170
- :enable_default_standards)
19067
+ class FindingProviderSeverity < Struct.new(
19068
+ :label,
19069
+ :original)
17171
19070
  SENSITIVE = []
17172
19071
  include Aws::Structure
17173
19072
  end
17174
19073
 
17175
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubResponse AWS API Documentation
17176
- #
17177
- class EnableSecurityHubResponse < Aws::EmptyStructure; end
17178
-
17179
19074
  # Provides the latitude and longitude coordinates of a location.
17180
19075
  #
17181
19076
  # @note When making an API call, you may pass GeoLocation
@@ -17203,6 +19098,24 @@ module Aws::SecurityHub
17203
19098
  include Aws::Structure
17204
19099
  end
17205
19100
 
19101
+ # @api private
19102
+ #
19103
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountRequest AWS API Documentation
19104
+ #
19105
+ class GetAdministratorAccountRequest < Aws::EmptyStructure; end
19106
+
19107
+ # @!attribute [rw] administrator
19108
+ # Details about an invitation.
19109
+ # @return [Types::Invitation]
19110
+ #
19111
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccountResponse AWS API Documentation
19112
+ #
19113
+ class GetAdministratorAccountResponse < Struct.new(
19114
+ :administrator)
19115
+ SENSITIVE = []
19116
+ include Aws::Structure
19117
+ end
19118
+
17206
19119
  # @note When making an API call, you may pass GetEnabledStandardsRequest
17207
19120
  # data as a hash:
17208
19121
  #
@@ -17817,6 +19730,50 @@ module Aws::SecurityHub
17817
19730
  # value: "NonEmptyString",
17818
19731
  # },
17819
19732
  # ],
19733
+ # finding_provider_fields_confidence: [
19734
+ # {
19735
+ # gte: 1.0,
19736
+ # lte: 1.0,
19737
+ # eq: 1.0,
19738
+ # },
19739
+ # ],
19740
+ # finding_provider_fields_criticality: [
19741
+ # {
19742
+ # gte: 1.0,
19743
+ # lte: 1.0,
19744
+ # eq: 1.0,
19745
+ # },
19746
+ # ],
19747
+ # finding_provider_fields_related_findings_id: [
19748
+ # {
19749
+ # value: "NonEmptyString",
19750
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19751
+ # },
19752
+ # ],
19753
+ # finding_provider_fields_related_findings_product_arn: [
19754
+ # {
19755
+ # value: "NonEmptyString",
19756
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19757
+ # },
19758
+ # ],
19759
+ # finding_provider_fields_severity_label: [
19760
+ # {
19761
+ # value: "NonEmptyString",
19762
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19763
+ # },
19764
+ # ],
19765
+ # finding_provider_fields_severity_original: [
19766
+ # {
19767
+ # value: "NonEmptyString",
19768
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19769
+ # },
19770
+ # ],
19771
+ # finding_provider_fields_types: [
19772
+ # {
19773
+ # value: "NonEmptyString",
19774
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19775
+ # },
19776
+ # ],
17820
19777
  # },
17821
19778
  # sort_criteria: [
17822
19779
  # {
@@ -17997,8 +19954,8 @@ module Aws::SecurityHub
17997
19954
  class GetMasterAccountRequest < Aws::EmptyStructure; end
17998
19955
 
17999
19956
  # @!attribute [rw] master
18000
- # A list of details about the Security Hub master account for the
18001
- # current member account.
19957
+ # A list of details about the Security Hub administrator account for
19958
+ # the current member account.
18002
19959
  # @return [Types::Invitation]
18003
19960
  #
18004
19961
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetMasterAccountResponse AWS API Documentation
@@ -18047,6 +20004,35 @@ module Aws::SecurityHub
18047
20004
  include Aws::Structure
18048
20005
  end
18049
20006
 
20007
+ # An Internet Control Message Protocol (ICMP) type and code.
20008
+ #
20009
+ # @note When making an API call, you may pass IcmpTypeCode
20010
+ # data as a hash:
20011
+ #
20012
+ # {
20013
+ # code: 1,
20014
+ # type: 1,
20015
+ # }
20016
+ #
20017
+ # @!attribute [rw] code
20018
+ # The ICMP code for which to deny or allow access. To deny or allow
20019
+ # all codes, use the value -1.
20020
+ # @return [Integer]
20021
+ #
20022
+ # @!attribute [rw] type
20023
+ # The ICMP type for which to deny or allow access. To deny or allow
20024
+ # all types, use the value -1.
20025
+ # @return [Integer]
20026
+ #
20027
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IcmpTypeCode AWS API Documentation
20028
+ #
20029
+ class IcmpTypeCode < Struct.new(
20030
+ :code,
20031
+ :type)
20032
+ SENSITIVE = []
20033
+ include Aws::Structure
20034
+ end
20035
+
18050
20036
  # The list of the findings that cannot be imported. For each finding,
18051
20037
  # the list provides the error.
18052
20038
  #
@@ -18215,7 +20201,7 @@ module Aws::SecurityHub
18215
20201
  # Details about an invitation.
18216
20202
  #
18217
20203
  # @!attribute [rw] account_id
18218
- # The account ID of the Security Hub master account that the
20204
+ # The account ID of the Security Hub administrator account that the
18219
20205
  # invitation was sent from.
18220
20206
  # @return [String]
18221
20207
  #
@@ -18228,8 +20214,8 @@ module Aws::SecurityHub
18228
20214
  # @return [Time]
18229
20215
  #
18230
20216
  # @!attribute [rw] member_status
18231
- # The current status of the association between the member and master
18232
- # accounts.
20217
+ # The current status of the association between the member and
20218
+ # administrator accounts.
18233
20219
  # @return [String]
18234
20220
  #
18235
20221
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Invitation AWS API Documentation
@@ -18517,12 +20503,12 @@ module Aws::SecurityHub
18517
20503
  #
18518
20504
  # @!attribute [rw] only_associated
18519
20505
  # Specifies which member accounts to include in the response based on
18520
- # their relationship status with the master account. The default value
18521
- # is `TRUE`.
20506
+ # their relationship status with the administrator account. The
20507
+ # default value is `TRUE`.
18522
20508
  #
18523
20509
  # If `OnlyAssociated` is set to `TRUE`, the response includes member
18524
- # accounts whose relationship status with the master is set to
18525
- # `ENABLED`.
20510
+ # accounts whose relationship status with the administrator account is
20511
+ # set to `ENABLED`.
18526
20512
  #
18527
20513
  # If `OnlyAssociated` is set to `FALSE`, the response includes all
18528
20514
  # existing member accounts.
@@ -18787,35 +20773,42 @@ module Aws::SecurityHub
18787
20773
  # @return [String]
18788
20774
  #
18789
20775
  # @!attribute [rw] master_id
18790
- # The AWS account ID of the Security Hub master account associated
18791
- # with this member account.
20776
+ # This is replaced by `AdministratorID`.
20777
+ #
20778
+ # The AWS account ID of the Security Hub administrator account
20779
+ # associated with this member account.
20780
+ # @return [String]
20781
+ #
20782
+ # @!attribute [rw] administrator_id
20783
+ # The AWS account ID of the Security Hub administrator account
20784
+ # associated with this member account.
18792
20785
  # @return [String]
18793
20786
  #
18794
20787
  # @!attribute [rw] member_status
18795
20788
  # The status of the relationship between the member account and its
18796
- # master account.
20789
+ # administrator account.
18797
20790
  #
18798
20791
  # The status can have one of the following values:
18799
20792
  #
18800
- # * `CREATED` - Indicates that the master account added the member
18801
- # account, but has not yet invited the member account.
20793
+ # * `CREATED` - Indicates that the administrator account added the
20794
+ # member account, but has not yet invited the member account.
18802
20795
  #
18803
- # * `INVITED` - Indicates that the master account invited the member
18804
- # account. The member account has not yet responded to the
20796
+ # * `INVITED` - Indicates that the administrator account invited the
20797
+ # member account. The member account has not yet responded to the
18805
20798
  # invitation.
18806
20799
  #
18807
20800
  # * `ENABLED` - Indicates that the member account is currently active.
18808
20801
  # For manually invited member accounts, indicates that the member
18809
20802
  # account accepted the invitation.
18810
20803
  #
18811
- # * `REMOVED` - Indicates that the master account disassociated the
18812
- # member account.
20804
+ # * `REMOVED` - Indicates that the administrator account disassociated
20805
+ # the member account.
18813
20806
  #
18814
20807
  # * `RESIGNED` - Indicates that the member account disassociated
18815
- # themselves from the master account.
20808
+ # themselves from the administrator account.
18816
20809
  #
18817
- # * `DELETED` - Indicates that the master account deleted the member
18818
- # account.
20810
+ # * `DELETED` - Indicates that the administrator account deleted the
20811
+ # member account.
18819
20812
  # @return [String]
18820
20813
  #
18821
20814
  # @!attribute [rw] invited_at
@@ -18834,6 +20827,7 @@ module Aws::SecurityHub
18834
20827
  :account_id,
18835
20828
  :email,
18836
20829
  :master_id,
20830
+ :administrator_id,
18837
20831
  :member_status,
18838
20832
  :invited_at,
18839
20833
  :updated_at)
@@ -19283,6 +21277,139 @@ module Aws::SecurityHub
19283
21277
  include Aws::Structure
19284
21278
  end
19285
21279
 
21280
+ # The detected occurrences of sensitive data.
21281
+ #
21282
+ # @note When making an API call, you may pass Occurrences
21283
+ # data as a hash:
21284
+ #
21285
+ # {
21286
+ # line_ranges: [
21287
+ # {
21288
+ # start: 1,
21289
+ # end: 1,
21290
+ # start_column: 1,
21291
+ # },
21292
+ # ],
21293
+ # offset_ranges: [
21294
+ # {
21295
+ # start: 1,
21296
+ # end: 1,
21297
+ # start_column: 1,
21298
+ # },
21299
+ # ],
21300
+ # pages: [
21301
+ # {
21302
+ # page_number: 1,
21303
+ # line_range: {
21304
+ # start: 1,
21305
+ # end: 1,
21306
+ # start_column: 1,
21307
+ # },
21308
+ # offset_range: {
21309
+ # start: 1,
21310
+ # end: 1,
21311
+ # start_column: 1,
21312
+ # },
21313
+ # },
21314
+ # ],
21315
+ # records: [
21316
+ # {
21317
+ # json_path: "NonEmptyString",
21318
+ # record_index: 1,
21319
+ # },
21320
+ # ],
21321
+ # cells: [
21322
+ # {
21323
+ # column: 1,
21324
+ # row: 1,
21325
+ # column_name: "NonEmptyString",
21326
+ # cell_reference: "NonEmptyString",
21327
+ # },
21328
+ # ],
21329
+ # }
21330
+ #
21331
+ # @!attribute [rw] line_ranges
21332
+ # Occurrences of sensitive data detected in a non-binary text file or
21333
+ # a Microsoft Word file. Non-binary text files include files such as
21334
+ # HTML, XML, JSON, and TXT files.
21335
+ # @return [Array<Types::Range>]
21336
+ #
21337
+ # @!attribute [rw] offset_ranges
21338
+ # Occurrences of sensitive data detected in a binary text file.
21339
+ # @return [Array<Types::Range>]
21340
+ #
21341
+ # @!attribute [rw] pages
21342
+ # Occurrences of sensitive data in an Adobe Portable Document Format
21343
+ # (PDF) file.
21344
+ # @return [Array<Types::Page>]
21345
+ #
21346
+ # @!attribute [rw] records
21347
+ # Occurrences of sensitive data in an Apache Avro object container or
21348
+ # an Apache Parquet file.
21349
+ # @return [Array<Types::Record>]
21350
+ #
21351
+ # @!attribute [rw] cells
21352
+ # Occurrences of sensitive data detected in Microsoft Excel workbooks,
21353
+ # comma-separated value (CSV) files, or tab-separated value (TSV)
21354
+ # files.
21355
+ # @return [Array<Types::Cell>]
21356
+ #
21357
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Occurrences AWS API Documentation
21358
+ #
21359
+ class Occurrences < Struct.new(
21360
+ :line_ranges,
21361
+ :offset_ranges,
21362
+ :pages,
21363
+ :records,
21364
+ :cells)
21365
+ SENSITIVE = []
21366
+ include Aws::Structure
21367
+ end
21368
+
21369
+ # An occurrence of sensitive data in an Adobe Portable Document Format
21370
+ # (PDF) file.
21371
+ #
21372
+ # @note When making an API call, you may pass Page
21373
+ # data as a hash:
21374
+ #
21375
+ # {
21376
+ # page_number: 1,
21377
+ # line_range: {
21378
+ # start: 1,
21379
+ # end: 1,
21380
+ # start_column: 1,
21381
+ # },
21382
+ # offset_range: {
21383
+ # start: 1,
21384
+ # end: 1,
21385
+ # start_column: 1,
21386
+ # },
21387
+ # }
21388
+ #
21389
+ # @!attribute [rw] page_number
21390
+ # The page number of the page that contains the sensitive data.
21391
+ # @return [Integer]
21392
+ #
21393
+ # @!attribute [rw] line_range
21394
+ # An occurrence of sensitive data detected in a non-binary text file
21395
+ # or a Microsoft Word file. Non-binary text files include files such
21396
+ # as HTML, XML, JSON, and TXT files.
21397
+ # @return [Types::Range]
21398
+ #
21399
+ # @!attribute [rw] offset_range
21400
+ # An occurrence of sensitive data detected in a binary text file.
21401
+ # @return [Types::Range]
21402
+ #
21403
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Page AWS API Documentation
21404
+ #
21405
+ class Page < Struct.new(
21406
+ :page_number,
21407
+ :line_range,
21408
+ :offset_range)
21409
+ SENSITIVE = []
21410
+ include Aws::Structure
21411
+ end
21412
+
19286
21413
  # Provides an overview of the patch compliance status for an instance
19287
21414
  # against a selected compliance standard.
19288
21415
  #
@@ -19537,6 +21664,33 @@ module Aws::SecurityHub
19537
21664
  include Aws::Structure
19538
21665
  end
19539
21666
 
21667
+ # A range of ports.
21668
+ #
21669
+ # @note When making an API call, you may pass PortRangeFromTo
21670
+ # data as a hash:
21671
+ #
21672
+ # {
21673
+ # from: 1,
21674
+ # to: 1,
21675
+ # }
21676
+ #
21677
+ # @!attribute [rw] from
21678
+ # The first port in the port range.
21679
+ # @return [Integer]
21680
+ #
21681
+ # @!attribute [rw] to
21682
+ # The last port in the port range.
21683
+ # @return [Integer]
21684
+ #
21685
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PortRangeFromTo AWS API Documentation
21686
+ #
21687
+ class PortRangeFromTo < Struct.new(
21688
+ :from,
21689
+ :to)
21690
+ SENSITIVE = []
21691
+ include Aws::Structure
21692
+ end
21693
+
19540
21694
  # The details of process-related information about a finding.
19541
21695
  #
19542
21696
  # @note When making an API call, you may pass ProcessDetails
@@ -19630,20 +21784,29 @@ module Aws::SecurityHub
19630
21784
  # The types of integration that the product supports. Available values
19631
21785
  # are the following.
19632
21786
  #
19633
- # * `SEND_FINDINGS_TO_SECURITY_HUB` - Indicates that the integration
19634
- # sends findings to Security Hub.
21787
+ # * `SEND_FINDINGS_TO_SECURITY_HUB` - The integration sends findings
21788
+ # to Security Hub.
21789
+ #
21790
+ # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - The integration receives
21791
+ # findings from Security Hub.
19635
21792
  #
19636
- # * `RECEIVE_FINDINGS_FROM_SECURITY_HUB` - Indicates that the
19637
- # integration receives findings from Security Hub.
21793
+ # * `UPDATE_FINDINGS_IN_SECURITY_HUB` - The integration does not send
21794
+ # new findings to Security Hub, but does make updates to the
21795
+ # findings that it receives from Security Hub.
19638
21796
  # @return [Array<String>]
19639
21797
  #
19640
21798
  # @!attribute [rw] marketplace_url
19641
- # The URL for the page that contains more information about the
19642
- # product.
21799
+ # For integrations with AWS services, the AWS Console URL from which
21800
+ # to activate the service.
21801
+ #
21802
+ # For integrations with third-party products, the AWS Marketplace URL
21803
+ # from which to subscribe to or purchase the product.
19643
21804
  # @return [String]
19644
21805
  #
19645
21806
  # @!attribute [rw] activation_url
19646
- # The URL used to activate the product.
21807
+ # The URL to the service or product documentation about the
21808
+ # integration with Security Hub, including how to activate the
21809
+ # integration.
19647
21810
  # @return [String]
19648
21811
  #
19649
21812
  # @!attribute [rw] product_subscription_resource_policy
@@ -19666,6 +21829,44 @@ module Aws::SecurityHub
19666
21829
  include Aws::Structure
19667
21830
  end
19668
21831
 
21832
+ # Identifies where the sensitive data begins and ends.
21833
+ #
21834
+ # @note When making an API call, you may pass Range
21835
+ # data as a hash:
21836
+ #
21837
+ # {
21838
+ # start: 1,
21839
+ # end: 1,
21840
+ # start_column: 1,
21841
+ # }
21842
+ #
21843
+ # @!attribute [rw] start
21844
+ # The number of lines (for a line range) or characters (for an offset
21845
+ # range) from the beginning of the file to the end of the sensitive
21846
+ # data.
21847
+ # @return [Integer]
21848
+ #
21849
+ # @!attribute [rw] end
21850
+ # The number of lines (for a line range) or characters (for an offset
21851
+ # range) from the beginning of the file to the end of the sensitive
21852
+ # data.
21853
+ # @return [Integer]
21854
+ #
21855
+ # @!attribute [rw] start_column
21856
+ # In the line where the sensitive data starts, the column within the
21857
+ # line where the sensitive data starts.
21858
+ # @return [Integer]
21859
+ #
21860
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Range AWS API Documentation
21861
+ #
21862
+ class Range < Struct.new(
21863
+ :start,
21864
+ :end,
21865
+ :start_column)
21866
+ SENSITIVE = []
21867
+ include Aws::Structure
21868
+ end
21869
+
19669
21870
  # A recommendation on how to remediate the issue identified in a
19670
21871
  # finding.
19671
21872
  #
@@ -19696,6 +21897,38 @@ module Aws::SecurityHub
19696
21897
  include Aws::Structure
19697
21898
  end
19698
21899
 
21900
+ # An occurrence of sensitive data in an Apache Avro object container or
21901
+ # an Apache Parquet file.
21902
+ #
21903
+ # @note When making an API call, you may pass Record
21904
+ # data as a hash:
21905
+ #
21906
+ # {
21907
+ # json_path: "NonEmptyString",
21908
+ # record_index: 1,
21909
+ # }
21910
+ #
21911
+ # @!attribute [rw] json_path
21912
+ # The path, as a JSONPath expression, to the field in the record that
21913
+ # contains the data. If the field name is longer than 20 characters,
21914
+ # it is truncated. If the path is longer than 250 characters, it is
21915
+ # truncated.
21916
+ # @return [String]
21917
+ #
21918
+ # @!attribute [rw] record_index
21919
+ # The record index, starting from 0, for the record that contains the
21920
+ # data.
21921
+ # @return [Integer]
21922
+ #
21923
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Record AWS API Documentation
21924
+ #
21925
+ class Record < Struct.new(
21926
+ :json_path,
21927
+ :record_index)
21928
+ SENSITIVE = []
21929
+ include Aws::Structure
21930
+ end
21931
+
19699
21932
  # Details about a related finding.
19700
21933
  #
19701
21934
  # @note When making an API call, you may pass RelatedFinding
@@ -19762,6 +21995,130 @@ module Aws::SecurityHub
19762
21995
  # tags: {
19763
21996
  # "NonEmptyString" => "NonEmptyString",
19764
21997
  # },
21998
+ # data_classification: {
21999
+ # detailed_results_location: "NonEmptyString",
22000
+ # result: {
22001
+ # mime_type: "NonEmptyString",
22002
+ # size_classified: 1,
22003
+ # additional_occurrences: false,
22004
+ # status: {
22005
+ # code: "NonEmptyString",
22006
+ # reason: "NonEmptyString",
22007
+ # },
22008
+ # sensitive_data: [
22009
+ # {
22010
+ # category: "NonEmptyString",
22011
+ # detections: [
22012
+ # {
22013
+ # count: 1,
22014
+ # type: "NonEmptyString",
22015
+ # occurrences: {
22016
+ # line_ranges: [
22017
+ # {
22018
+ # start: 1,
22019
+ # end: 1,
22020
+ # start_column: 1,
22021
+ # },
22022
+ # ],
22023
+ # offset_ranges: [
22024
+ # {
22025
+ # start: 1,
22026
+ # end: 1,
22027
+ # start_column: 1,
22028
+ # },
22029
+ # ],
22030
+ # pages: [
22031
+ # {
22032
+ # page_number: 1,
22033
+ # line_range: {
22034
+ # start: 1,
22035
+ # end: 1,
22036
+ # start_column: 1,
22037
+ # },
22038
+ # offset_range: {
22039
+ # start: 1,
22040
+ # end: 1,
22041
+ # start_column: 1,
22042
+ # },
22043
+ # },
22044
+ # ],
22045
+ # records: [
22046
+ # {
22047
+ # json_path: "NonEmptyString",
22048
+ # record_index: 1,
22049
+ # },
22050
+ # ],
22051
+ # cells: [
22052
+ # {
22053
+ # column: 1,
22054
+ # row: 1,
22055
+ # column_name: "NonEmptyString",
22056
+ # cell_reference: "NonEmptyString",
22057
+ # },
22058
+ # ],
22059
+ # },
22060
+ # },
22061
+ # ],
22062
+ # total_count: 1,
22063
+ # },
22064
+ # ],
22065
+ # custom_data_identifiers: {
22066
+ # detections: [
22067
+ # {
22068
+ # count: 1,
22069
+ # arn: "NonEmptyString",
22070
+ # name: "NonEmptyString",
22071
+ # occurrences: {
22072
+ # line_ranges: [
22073
+ # {
22074
+ # start: 1,
22075
+ # end: 1,
22076
+ # start_column: 1,
22077
+ # },
22078
+ # ],
22079
+ # offset_ranges: [
22080
+ # {
22081
+ # start: 1,
22082
+ # end: 1,
22083
+ # start_column: 1,
22084
+ # },
22085
+ # ],
22086
+ # pages: [
22087
+ # {
22088
+ # page_number: 1,
22089
+ # line_range: {
22090
+ # start: 1,
22091
+ # end: 1,
22092
+ # start_column: 1,
22093
+ # },
22094
+ # offset_range: {
22095
+ # start: 1,
22096
+ # end: 1,
22097
+ # start_column: 1,
22098
+ # },
22099
+ # },
22100
+ # ],
22101
+ # records: [
22102
+ # {
22103
+ # json_path: "NonEmptyString",
22104
+ # record_index: 1,
22105
+ # },
22106
+ # ],
22107
+ # cells: [
22108
+ # {
22109
+ # column: 1,
22110
+ # row: 1,
22111
+ # column_name: "NonEmptyString",
22112
+ # cell_reference: "NonEmptyString",
22113
+ # },
22114
+ # ],
22115
+ # },
22116
+ # },
22117
+ # ],
22118
+ # total_count: 1,
22119
+ # },
22120
+ # },
22121
+ # },
19765
22122
  # details: {
19766
22123
  # aws_auto_scaling_auto_scaling_group: {
19767
22124
  # launch_configuration_name: "NonEmptyString",
@@ -20002,6 +22359,58 @@ module Aws::SecurityHub
20002
22359
  # network_interface_owner_id: "NonEmptyString",
20003
22360
  # private_ip_address: "NonEmptyString",
20004
22361
  # },
22362
+ # aws_ec2_subnet: {
22363
+ # assign_ipv_6_address_on_creation: false,
22364
+ # availability_zone: "NonEmptyString",
22365
+ # availability_zone_id: "NonEmptyString",
22366
+ # available_ip_address_count: 1,
22367
+ # cidr_block: "NonEmptyString",
22368
+ # default_for_az: false,
22369
+ # map_public_ip_on_launch: false,
22370
+ # owner_id: "NonEmptyString",
22371
+ # state: "NonEmptyString",
22372
+ # subnet_arn: "NonEmptyString",
22373
+ # subnet_id: "NonEmptyString",
22374
+ # vpc_id: "NonEmptyString",
22375
+ # ipv_6_cidr_block_association_set: [
22376
+ # {
22377
+ # association_id: "NonEmptyString",
22378
+ # ipv_6_cidr_block: "NonEmptyString",
22379
+ # cidr_block_state: "NonEmptyString",
22380
+ # },
22381
+ # ],
22382
+ # },
22383
+ # aws_ec2_network_acl: {
22384
+ # is_default: false,
22385
+ # network_acl_id: "NonEmptyString",
22386
+ # owner_id: "NonEmptyString",
22387
+ # vpc_id: "NonEmptyString",
22388
+ # associations: [
22389
+ # {
22390
+ # network_acl_association_id: "NonEmptyString",
22391
+ # network_acl_id: "NonEmptyString",
22392
+ # subnet_id: "NonEmptyString",
22393
+ # },
22394
+ # ],
22395
+ # entries: [
22396
+ # {
22397
+ # cidr_block: "NonEmptyString",
22398
+ # egress: false,
22399
+ # icmp_type_code: {
22400
+ # code: 1,
22401
+ # type: 1,
22402
+ # },
22403
+ # ipv_6_cidr_block: "NonEmptyString",
22404
+ # port_range: {
22405
+ # from: 1,
22406
+ # to: 1,
22407
+ # },
22408
+ # protocol: "NonEmptyString",
22409
+ # rule_action: "NonEmptyString",
22410
+ # rule_number: 1,
22411
+ # },
22412
+ # ],
22413
+ # },
20005
22414
  # aws_elbv_2_load_balancer: {
20006
22415
  # availability_zones: [
20007
22416
  # {
@@ -20022,6 +22431,40 @@ module Aws::SecurityHub
20022
22431
  # type: "NonEmptyString",
20023
22432
  # vpc_id: "NonEmptyString",
20024
22433
  # },
22434
+ # aws_elastic_beanstalk_environment: {
22435
+ # application_name: "NonEmptyString",
22436
+ # cname: "NonEmptyString",
22437
+ # date_created: "NonEmptyString",
22438
+ # date_updated: "NonEmptyString",
22439
+ # description: "NonEmptyString",
22440
+ # endpoint_url: "NonEmptyString",
22441
+ # environment_arn: "NonEmptyString",
22442
+ # environment_id: "NonEmptyString",
22443
+ # environment_links: [
22444
+ # {
22445
+ # environment_name: "NonEmptyString",
22446
+ # link_name: "NonEmptyString",
22447
+ # },
22448
+ # ],
22449
+ # environment_name: "NonEmptyString",
22450
+ # option_settings: [
22451
+ # {
22452
+ # namespace: "NonEmptyString",
22453
+ # option_name: "NonEmptyString",
22454
+ # resource_name: "NonEmptyString",
22455
+ # value: "NonEmptyString",
22456
+ # },
22457
+ # ],
22458
+ # platform_arn: "NonEmptyString",
22459
+ # solution_stack_name: "NonEmptyString",
22460
+ # status: "NonEmptyString",
22461
+ # tier: {
22462
+ # name: "NonEmptyString",
22463
+ # type: "NonEmptyString",
22464
+ # version: "NonEmptyString",
22465
+ # },
22466
+ # version_label: "NonEmptyString",
22467
+ # },
20025
22468
  # aws_elasticsearch_domain: {
20026
22469
  # access_policies: "NonEmptyString",
20027
22470
  # domain_endpoint_options: {
@@ -20063,6 +22506,18 @@ module Aws::SecurityHub
20063
22506
  # },
20064
22507
  # ],
20065
22508
  # },
22509
+ # public_access_block_configuration: {
22510
+ # block_public_acls: false,
22511
+ # block_public_policy: false,
22512
+ # ignore_public_acls: false,
22513
+ # restrict_public_buckets: false,
22514
+ # },
22515
+ # },
22516
+ # aws_s3_account_public_access_block: {
22517
+ # block_public_acls: false,
22518
+ # block_public_policy: false,
22519
+ # ignore_public_acls: false,
22520
+ # restrict_public_buckets: false,
20066
22521
  # },
20067
22522
  # aws_s3_object: {
20068
22523
  # last_modified: "NonEmptyString",
@@ -21148,6 +23603,11 @@ module Aws::SecurityHub
21148
23603
  # finding was processed.
21149
23604
  # @return [Hash<String,String>]
21150
23605
  #
23606
+ # @!attribute [rw] data_classification
23607
+ # Contains information about sensitive data that was detected on the
23608
+ # resource.
23609
+ # @return [Types::DataClassificationDetails]
23610
+ #
21151
23611
  # @!attribute [rw] details
21152
23612
  # Additional details about the resource related to a finding.
21153
23613
  # @return [Types::ResourceDetails]
@@ -21161,6 +23621,7 @@ module Aws::SecurityHub
21161
23621
  :region,
21162
23622
  :resource_role,
21163
23623
  :tags,
23624
+ :data_classification,
21164
23625
  :details)
21165
23626
  SENSITIVE = []
21166
23627
  include Aws::Structure
@@ -21440,6 +23901,58 @@ module Aws::SecurityHub
21440
23901
  # network_interface_owner_id: "NonEmptyString",
21441
23902
  # private_ip_address: "NonEmptyString",
21442
23903
  # },
23904
+ # aws_ec2_subnet: {
23905
+ # assign_ipv_6_address_on_creation: false,
23906
+ # availability_zone: "NonEmptyString",
23907
+ # availability_zone_id: "NonEmptyString",
23908
+ # available_ip_address_count: 1,
23909
+ # cidr_block: "NonEmptyString",
23910
+ # default_for_az: false,
23911
+ # map_public_ip_on_launch: false,
23912
+ # owner_id: "NonEmptyString",
23913
+ # state: "NonEmptyString",
23914
+ # subnet_arn: "NonEmptyString",
23915
+ # subnet_id: "NonEmptyString",
23916
+ # vpc_id: "NonEmptyString",
23917
+ # ipv_6_cidr_block_association_set: [
23918
+ # {
23919
+ # association_id: "NonEmptyString",
23920
+ # ipv_6_cidr_block: "NonEmptyString",
23921
+ # cidr_block_state: "NonEmptyString",
23922
+ # },
23923
+ # ],
23924
+ # },
23925
+ # aws_ec2_network_acl: {
23926
+ # is_default: false,
23927
+ # network_acl_id: "NonEmptyString",
23928
+ # owner_id: "NonEmptyString",
23929
+ # vpc_id: "NonEmptyString",
23930
+ # associations: [
23931
+ # {
23932
+ # network_acl_association_id: "NonEmptyString",
23933
+ # network_acl_id: "NonEmptyString",
23934
+ # subnet_id: "NonEmptyString",
23935
+ # },
23936
+ # ],
23937
+ # entries: [
23938
+ # {
23939
+ # cidr_block: "NonEmptyString",
23940
+ # egress: false,
23941
+ # icmp_type_code: {
23942
+ # code: 1,
23943
+ # type: 1,
23944
+ # },
23945
+ # ipv_6_cidr_block: "NonEmptyString",
23946
+ # port_range: {
23947
+ # from: 1,
23948
+ # to: 1,
23949
+ # },
23950
+ # protocol: "NonEmptyString",
23951
+ # rule_action: "NonEmptyString",
23952
+ # rule_number: 1,
23953
+ # },
23954
+ # ],
23955
+ # },
21443
23956
  # aws_elbv_2_load_balancer: {
21444
23957
  # availability_zones: [
21445
23958
  # {
@@ -21460,6 +23973,40 @@ module Aws::SecurityHub
21460
23973
  # type: "NonEmptyString",
21461
23974
  # vpc_id: "NonEmptyString",
21462
23975
  # },
23976
+ # aws_elastic_beanstalk_environment: {
23977
+ # application_name: "NonEmptyString",
23978
+ # cname: "NonEmptyString",
23979
+ # date_created: "NonEmptyString",
23980
+ # date_updated: "NonEmptyString",
23981
+ # description: "NonEmptyString",
23982
+ # endpoint_url: "NonEmptyString",
23983
+ # environment_arn: "NonEmptyString",
23984
+ # environment_id: "NonEmptyString",
23985
+ # environment_links: [
23986
+ # {
23987
+ # environment_name: "NonEmptyString",
23988
+ # link_name: "NonEmptyString",
23989
+ # },
23990
+ # ],
23991
+ # environment_name: "NonEmptyString",
23992
+ # option_settings: [
23993
+ # {
23994
+ # namespace: "NonEmptyString",
23995
+ # option_name: "NonEmptyString",
23996
+ # resource_name: "NonEmptyString",
23997
+ # value: "NonEmptyString",
23998
+ # },
23999
+ # ],
24000
+ # platform_arn: "NonEmptyString",
24001
+ # solution_stack_name: "NonEmptyString",
24002
+ # status: "NonEmptyString",
24003
+ # tier: {
24004
+ # name: "NonEmptyString",
24005
+ # type: "NonEmptyString",
24006
+ # version: "NonEmptyString",
24007
+ # },
24008
+ # version_label: "NonEmptyString",
24009
+ # },
21463
24010
  # aws_elasticsearch_domain: {
21464
24011
  # access_policies: "NonEmptyString",
21465
24012
  # domain_endpoint_options: {
@@ -21501,6 +24048,18 @@ module Aws::SecurityHub
21501
24048
  # },
21502
24049
  # ],
21503
24050
  # },
24051
+ # public_access_block_configuration: {
24052
+ # block_public_acls: false,
24053
+ # block_public_policy: false,
24054
+ # ignore_public_acls: false,
24055
+ # restrict_public_buckets: false,
24056
+ # },
24057
+ # },
24058
+ # aws_s3_account_public_access_block: {
24059
+ # block_public_acls: false,
24060
+ # block_public_policy: false,
24061
+ # ignore_public_acls: false,
24062
+ # restrict_public_buckets: false,
21504
24063
  # },
21505
24064
  # aws_s3_object: {
21506
24065
  # last_modified: "NonEmptyString",
@@ -22588,10 +25147,22 @@ module Aws::SecurityHub
22588
25147
  # Details about an Elastic IP address.
22589
25148
  # @return [Types::AwsEc2EipDetails]
22590
25149
  #
25150
+ # @!attribute [rw] aws_ec2_subnet
25151
+ # Details about a subnet in EC2.
25152
+ # @return [Types::AwsEc2SubnetDetails]
25153
+ #
25154
+ # @!attribute [rw] aws_ec2_network_acl
25155
+ # Details about an EC2 network access control list (ACL).
25156
+ # @return [Types::AwsEc2NetworkAclDetails]
25157
+ #
22591
25158
  # @!attribute [rw] aws_elbv_2_load_balancer
22592
25159
  # Details about a load balancer.
22593
25160
  # @return [Types::AwsElbv2LoadBalancerDetails]
22594
25161
  #
25162
+ # @!attribute [rw] aws_elastic_beanstalk_environment
25163
+ # Details about an Elastic Beanstalk environment.
25164
+ # @return [Types::AwsElasticBeanstalkEnvironmentDetails]
25165
+ #
22595
25166
  # @!attribute [rw] aws_elasticsearch_domain
22596
25167
  # Details for an Elasticsearch domain.
22597
25168
  # @return [Types::AwsElasticsearchDomainDetails]
@@ -22600,6 +25171,11 @@ module Aws::SecurityHub
22600
25171
  # Details about an Amazon S3 bucket related to a finding.
22601
25172
  # @return [Types::AwsS3BucketDetails]
22602
25173
  #
25174
+ # @!attribute [rw] aws_s3_account_public_access_block
25175
+ # Details about the Amazon S3 Public Access Block configuration for an
25176
+ # account.
25177
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
25178
+ #
22603
25179
  # @!attribute [rw] aws_s3_object
22604
25180
  # Details about an Amazon S3 object related to a finding.
22605
25181
  # @return [Types::AwsS3ObjectDetails]
@@ -22740,9 +25316,13 @@ module Aws::SecurityHub
22740
25316
  :aws_ec2_volume,
22741
25317
  :aws_ec2_vpc,
22742
25318
  :aws_ec2_eip,
25319
+ :aws_ec2_subnet,
25320
+ :aws_ec2_network_acl,
22743
25321
  :aws_elbv_2_load_balancer,
25322
+ :aws_elastic_beanstalk_environment,
22744
25323
  :aws_elasticsearch_domain,
22745
25324
  :aws_s3_bucket,
25325
+ :aws_s3_account_public_access_block,
22746
25326
  :aws_s3_object,
22747
25327
  :aws_secrets_manager_secret,
22748
25328
  :aws_iam_access_key,
@@ -22813,6 +25393,171 @@ module Aws::SecurityHub
22813
25393
  include Aws::Structure
22814
25394
  end
22815
25395
 
25396
+ # The list of detected instances of sensitive data.
25397
+ #
25398
+ # @note When making an API call, you may pass SensitiveDataDetections
25399
+ # data as a hash:
25400
+ #
25401
+ # {
25402
+ # count: 1,
25403
+ # type: "NonEmptyString",
25404
+ # occurrences: {
25405
+ # line_ranges: [
25406
+ # {
25407
+ # start: 1,
25408
+ # end: 1,
25409
+ # start_column: 1,
25410
+ # },
25411
+ # ],
25412
+ # offset_ranges: [
25413
+ # {
25414
+ # start: 1,
25415
+ # end: 1,
25416
+ # start_column: 1,
25417
+ # },
25418
+ # ],
25419
+ # pages: [
25420
+ # {
25421
+ # page_number: 1,
25422
+ # line_range: {
25423
+ # start: 1,
25424
+ # end: 1,
25425
+ # start_column: 1,
25426
+ # },
25427
+ # offset_range: {
25428
+ # start: 1,
25429
+ # end: 1,
25430
+ # start_column: 1,
25431
+ # },
25432
+ # },
25433
+ # ],
25434
+ # records: [
25435
+ # {
25436
+ # json_path: "NonEmptyString",
25437
+ # record_index: 1,
25438
+ # },
25439
+ # ],
25440
+ # cells: [
25441
+ # {
25442
+ # column: 1,
25443
+ # row: 1,
25444
+ # column_name: "NonEmptyString",
25445
+ # cell_reference: "NonEmptyString",
25446
+ # },
25447
+ # ],
25448
+ # },
25449
+ # }
25450
+ #
25451
+ # @!attribute [rw] count
25452
+ # The total number of occurrences of sensitive data that were
25453
+ # detected.
25454
+ # @return [Integer]
25455
+ #
25456
+ # @!attribute [rw] type
25457
+ # The type of sensitive data that was detected. For example, the type
25458
+ # might indicate that the data is an email address.
25459
+ # @return [String]
25460
+ #
25461
+ # @!attribute [rw] occurrences
25462
+ # Details about the sensitive data that was detected.
25463
+ # @return [Types::Occurrences]
25464
+ #
25465
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataDetections AWS API Documentation
25466
+ #
25467
+ class SensitiveDataDetections < Struct.new(
25468
+ :count,
25469
+ :type,
25470
+ :occurrences)
25471
+ SENSITIVE = []
25472
+ include Aws::Structure
25473
+ end
25474
+
25475
+ # Contains a detected instance of sensitive data that are based on
25476
+ # built-in identifiers.
25477
+ #
25478
+ # @note When making an API call, you may pass SensitiveDataResult
25479
+ # data as a hash:
25480
+ #
25481
+ # {
25482
+ # category: "NonEmptyString",
25483
+ # detections: [
25484
+ # {
25485
+ # count: 1,
25486
+ # type: "NonEmptyString",
25487
+ # occurrences: {
25488
+ # line_ranges: [
25489
+ # {
25490
+ # start: 1,
25491
+ # end: 1,
25492
+ # start_column: 1,
25493
+ # },
25494
+ # ],
25495
+ # offset_ranges: [
25496
+ # {
25497
+ # start: 1,
25498
+ # end: 1,
25499
+ # start_column: 1,
25500
+ # },
25501
+ # ],
25502
+ # pages: [
25503
+ # {
25504
+ # page_number: 1,
25505
+ # line_range: {
25506
+ # start: 1,
25507
+ # end: 1,
25508
+ # start_column: 1,
25509
+ # },
25510
+ # offset_range: {
25511
+ # start: 1,
25512
+ # end: 1,
25513
+ # start_column: 1,
25514
+ # },
25515
+ # },
25516
+ # ],
25517
+ # records: [
25518
+ # {
25519
+ # json_path: "NonEmptyString",
25520
+ # record_index: 1,
25521
+ # },
25522
+ # ],
25523
+ # cells: [
25524
+ # {
25525
+ # column: 1,
25526
+ # row: 1,
25527
+ # column_name: "NonEmptyString",
25528
+ # cell_reference: "NonEmptyString",
25529
+ # },
25530
+ # ],
25531
+ # },
25532
+ # },
25533
+ # ],
25534
+ # total_count: 1,
25535
+ # }
25536
+ #
25537
+ # @!attribute [rw] category
25538
+ # The category of sensitive data that was detected. For example, the
25539
+ # category can indicate that the sensitive data involved credentials,
25540
+ # financial information, or personal information.
25541
+ # @return [String]
25542
+ #
25543
+ # @!attribute [rw] detections
25544
+ # The list of detected instances of sensitive data.
25545
+ # @return [Array<Types::SensitiveDataDetections>]
25546
+ #
25547
+ # @!attribute [rw] total_count
25548
+ # The total number of occurrences of sensitive data.
25549
+ # @return [Integer]
25550
+ #
25551
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataResult AWS API Documentation
25552
+ #
25553
+ class SensitiveDataResult < Struct.new(
25554
+ :category,
25555
+ :detections,
25556
+ :total_count)
25557
+ SENSITIVE = []
25558
+ include Aws::Structure
25559
+ end
25560
+
22816
25561
  # The severity of the finding.
22817
25562
  #
22818
25563
  # The finding provider can provide the initial severity. The finding
@@ -24061,6 +26806,50 @@ module Aws::SecurityHub
24061
26806
  # value: "NonEmptyString",
24062
26807
  # },
24063
26808
  # ],
26809
+ # finding_provider_fields_confidence: [
26810
+ # {
26811
+ # gte: 1.0,
26812
+ # lte: 1.0,
26813
+ # eq: 1.0,
26814
+ # },
26815
+ # ],
26816
+ # finding_provider_fields_criticality: [
26817
+ # {
26818
+ # gte: 1.0,
26819
+ # lte: 1.0,
26820
+ # eq: 1.0,
26821
+ # },
26822
+ # ],
26823
+ # finding_provider_fields_related_findings_id: [
26824
+ # {
26825
+ # value: "NonEmptyString",
26826
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26827
+ # },
26828
+ # ],
26829
+ # finding_provider_fields_related_findings_product_arn: [
26830
+ # {
26831
+ # value: "NonEmptyString",
26832
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26833
+ # },
26834
+ # ],
26835
+ # finding_provider_fields_severity_label: [
26836
+ # {
26837
+ # value: "NonEmptyString",
26838
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26839
+ # },
26840
+ # ],
26841
+ # finding_provider_fields_severity_original: [
26842
+ # {
26843
+ # value: "NonEmptyString",
26844
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26845
+ # },
26846
+ # ],
26847
+ # finding_provider_fields_types: [
26848
+ # {
26849
+ # value: "NonEmptyString",
26850
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26851
+ # },
26852
+ # ],
24064
26853
  # },
24065
26854
  # note: {
24066
26855
  # text: "NonEmptyString", # required
@@ -24656,6 +27445,50 @@ module Aws::SecurityHub
24656
27445
  # value: "NonEmptyString",
24657
27446
  # },
24658
27447
  # ],
27448
+ # finding_provider_fields_confidence: [
27449
+ # {
27450
+ # gte: 1.0,
27451
+ # lte: 1.0,
27452
+ # eq: 1.0,
27453
+ # },
27454
+ # ],
27455
+ # finding_provider_fields_criticality: [
27456
+ # {
27457
+ # gte: 1.0,
27458
+ # lte: 1.0,
27459
+ # eq: 1.0,
27460
+ # },
27461
+ # ],
27462
+ # finding_provider_fields_related_findings_id: [
27463
+ # {
27464
+ # value: "NonEmptyString",
27465
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
27466
+ # },
27467
+ # ],
27468
+ # finding_provider_fields_related_findings_product_arn: [
27469
+ # {
27470
+ # value: "NonEmptyString",
27471
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
27472
+ # },
27473
+ # ],
27474
+ # finding_provider_fields_severity_label: [
27475
+ # {
27476
+ # value: "NonEmptyString",
27477
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
27478
+ # },
27479
+ # ],
27480
+ # finding_provider_fields_severity_original: [
27481
+ # {
27482
+ # value: "NonEmptyString",
27483
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
27484
+ # },
27485
+ # ],
27486
+ # finding_provider_fields_types: [
27487
+ # {
27488
+ # value: "NonEmptyString",
27489
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
27490
+ # },
27491
+ # ],
24659
27492
  # },
24660
27493
  # group_by_attribute: "NonEmptyString",
24661
27494
  # }