aws-sdk-securityhub 1.40.0 → 1.46.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (11) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +243 -0
  3. data/LICENSE.txt +202 -0
  4. data/VERSION +1 -0
  5. data/lib/aws-sdk-securityhub.rb +3 -3
  6. data/lib/aws-sdk-securityhub/client.rb +764 -69
  7. data/lib/aws-sdk-securityhub/client_api.rb +305 -7
  8. data/lib/aws-sdk-securityhub/errors.rb +1 -1
  9. data/lib/aws-sdk-securityhub/resource.rb +1 -1
  10. data/lib/aws-sdk-securityhub/types.rb +2961 -132
  11. metadata +9 -7
data/VERSION ADDED
@@ -0,0 +1 @@
1
+ 1.46.0
data/lib/aws-sdk-securityhub.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -28,7 +28,7 @@ require_relative 'aws-sdk-securityhub/customizations'
28
28
  # structure.
29
29
  #
30
30
  # security_hub = Aws::SecurityHub::Client.new
31
- # resp = security_hub.accept_invitation(params)
31
+ # resp = security_hub.accept_administrator_invitation(params)
32
32
  #
33
33
  # See {Client} for more information.
34
34
  #
@@ -48,6 +48,6 @@ require_relative 'aws-sdk-securityhub/customizations'
48
48
  # @!group service
49
49
  module Aws::SecurityHub
50
50
 
51
- GEM_VERSION = '1.40.0'
51
+ GEM_VERSION = '1.46.0'
52
52
 
53
53
  end
data/lib/aws-sdk-securityhub/client.rb CHANGED
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -328,21 +328,69 @@ module Aws::SecurityHub
328
328
  # @!group API Operations
329
329
 
330
330
  # Accepts the invitation to be a member account and be monitored by the
331
- # Security Hub master account that the invitation was sent from.
331
+ # Security Hub administrator account that the invitation was sent from.
332
332
  #
333
333
  # This operation is only used by member accounts that are not added
334
334
  # through Organizations.
335
335
  #
336
336
  # When the member account accepts the invitation, permission is granted
337
- # to the master account to view findings generated in the member
337
+ # to the administrator account to view findings generated in the member
338
+ # account.
339
+ #
340
+ # @option params [required, String] :administrator_id
341
+ # The account ID of the Security Hub administrator account that sent the
342
+ # invitation.
343
+ #
344
+ # @option params [required, String] :invitation_id
345
+ # The identifier of the invitation sent from the Security Hub
346
+ # administrator account.
347
+ #
348
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
349
+ #
350
+ # @example Request syntax with placeholder values
351
+ #
352
+ # resp = client.accept_administrator_invitation({
353
+ # administrator_id: "NonEmptyString", # required
354
+ # invitation_id: "NonEmptyString", # required
355
+ # })
356
+ #
357
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AcceptAdministratorInvitation AWS API Documentation
358
+ #
359
+ # @overload accept_administrator_invitation(params = {})
360
+ # @param [Hash] params ({})
361
+ def accept_administrator_invitation(params = {}, options = {})
362
+ req = build_request(:accept_administrator_invitation, params)
363
+ req.send_request(options)
364
+ end
365
+
366
+ # This method is deprecated. Instead, use
367
+ # `AcceptAdministratorInvitation`.
368
+ #
369
+ # The Security Hub console continues to use `AcceptInvitation`. It will
370
+ # eventually change to use `AcceptAdministratorInvitation`. Any IAM
371
+ # policies that specifically control access to this function must
372
+ # continue to use `AcceptInvitation`. You should also add
373
+ # `AcceptAdministratorInvitation` to your policies to ensure that the
374
+ # correct permissions are in place after the console begins to use
375
+ # `AcceptAdministratorInvitation`.
376
+ #
377
+ # Accepts the invitation to be a member account and be monitored by the
378
+ # Security Hub administrator account that the invitation was sent from.
379
+ #
380
+ # This operation is only used by member accounts that are not added
381
+ # through Organizations.
382
+ #
383
+ # When the member account accepts the invitation, permission is granted
384
+ # to the administrator account to view findings generated in the member
338
385
  # account.
339
386
  #
340
387
  # @option params [required, String] :master_id
341
- # The account ID of the Security Hub master account that sent the
388
+ # The account ID of the Security Hub administrator account that sent the
342
389
  # invitation.
343
390
  #
344
391
  # @option params [required, String] :invitation_id
345
- # The ID of the invitation sent from the Security Hub master account.
392
+ # The identifier of the invitation sent from the Security Hub
393
+ # administrator account.
346
394
  #
347
395
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
348
396
  #
@@ -452,9 +500,9 @@ module Aws::SecurityHub
452
500
  req.send_request(options)
453
501
  end
454
502
 
455
- # Imports security findings generated from an integrated third-party
456
- # product into Security Hub. This action is requested by the integrated
457
- # product to import its findings into Security Hub.
503
+ # Imports security findings generated from an integrated product into
504
+ # Security Hub. This action is requested by the integrated product to
505
+ # import its findings into Security Hub.
458
506
  #
459
507
  # The maximum allowed size for a finding is 240 Kb. An error is returned
460
508
  # for any finding larger than 240 Kb.
@@ -471,11 +519,8 @@ module Aws::SecurityHub
471
519
  #
472
520
  # * `Workflow`
473
521
  #
474
- # `BatchImportFindings` can be used to update the following finding
475
- # fields and objects only if they have not been updated using
476
- # `BatchUpdateFindings`. After they are updated using
477
- # `BatchUpdateFindings`, these fields cannot be updated using
478
- # `BatchImportFindings`.
522
+ # Finding providers also should not use `BatchImportFindings` to update
523
+ # the following attributes.
479
524
  #
480
525
  # * `Confidence`
481
526
  #
@@ -487,6 +532,9 @@ module Aws::SecurityHub
487
532
  #
488
533
  # * `Types`
489
534
  #
535
+ # Instead, finding providers use `FindingProviderFields` to provide
536
+ # values for these attributes.
537
+ #
490
538
  # @option params [required, Array<Types::AwsSecurityFinding>] :findings
491
539
  # A list of findings to import. To successfully import a finding, it
492
540
  # must follow the [AWS Security Finding Format][1]. Maximum of 100
@@ -512,12 +560,12 @@ module Aws::SecurityHub
512
560
  # product_arn: "NonEmptyString", # required
513
561
  # generator_id: "NonEmptyString", # required
514
562
  # aws_account_id: "NonEmptyString", # required
515
- # types: ["NonEmptyString"], # required
563
+ # types: ["NonEmptyString"],
516
564
  # first_observed_at: "NonEmptyString",
517
565
  # last_observed_at: "NonEmptyString",
518
566
  # created_at: "NonEmptyString", # required
519
567
  # updated_at: "NonEmptyString", # required
520
- # severity: { # required
568
+ # severity: {
521
569
  # product: 1.0,
522
570
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
523
571
  # normalized: 1,
@@ -641,6 +689,130 @@ module Aws::SecurityHub
641
689
  # tags: {
642
690
  # "NonEmptyString" => "NonEmptyString",
643
691
  # },
692
+ # data_classification: {
693
+ # detailed_results_location: "NonEmptyString",
694
+ # result: {
695
+ # mime_type: "NonEmptyString",
696
+ # size_classified: 1,
697
+ # additional_occurrences: false,
698
+ # status: {
699
+ # code: "NonEmptyString",
700
+ # reason: "NonEmptyString",
701
+ # },
702
+ # sensitive_data: [
703
+ # {
704
+ # category: "NonEmptyString",
705
+ # detections: [
706
+ # {
707
+ # count: 1,
708
+ # type: "NonEmptyString",
709
+ # occurrences: {
710
+ # line_ranges: [
711
+ # {
712
+ # start: 1,
713
+ # end: 1,
714
+ # start_column: 1,
715
+ # },
716
+ # ],
717
+ # offset_ranges: [
718
+ # {
719
+ # start: 1,
720
+ # end: 1,
721
+ # start_column: 1,
722
+ # },
723
+ # ],
724
+ # pages: [
725
+ # {
726
+ # page_number: 1,
727
+ # line_range: {
728
+ # start: 1,
729
+ # end: 1,
730
+ # start_column: 1,
731
+ # },
732
+ # offset_range: {
733
+ # start: 1,
734
+ # end: 1,
735
+ # start_column: 1,
736
+ # },
737
+ # },
738
+ # ],
739
+ # records: [
740
+ # {
741
+ # json_path: "NonEmptyString",
742
+ # record_index: 1,
743
+ # },
744
+ # ],
745
+ # cells: [
746
+ # {
747
+ # column: 1,
748
+ # row: 1,
749
+ # column_name: "NonEmptyString",
750
+ # cell_reference: "NonEmptyString",
751
+ # },
752
+ # ],
753
+ # },
754
+ # },
755
+ # ],
756
+ # total_count: 1,
757
+ # },
758
+ # ],
759
+ # custom_data_identifiers: {
760
+ # detections: [
761
+ # {
762
+ # count: 1,
763
+ # arn: "NonEmptyString",
764
+ # name: "NonEmptyString",
765
+ # occurrences: {
766
+ # line_ranges: [
767
+ # {
768
+ # start: 1,
769
+ # end: 1,
770
+ # start_column: 1,
771
+ # },
772
+ # ],
773
+ # offset_ranges: [
774
+ # {
775
+ # start: 1,
776
+ # end: 1,
777
+ # start_column: 1,
778
+ # },
779
+ # ],
780
+ # pages: [
781
+ # {
782
+ # page_number: 1,
783
+ # line_range: {
784
+ # start: 1,
785
+ # end: 1,
786
+ # start_column: 1,
787
+ # },
788
+ # offset_range: {
789
+ # start: 1,
790
+ # end: 1,
791
+ # start_column: 1,
792
+ # },
793
+ # },
794
+ # ],
795
+ # records: [
796
+ # {
797
+ # json_path: "NonEmptyString",
798
+ # record_index: 1,
799
+ # },
800
+ # ],
801
+ # cells: [
802
+ # {
803
+ # column: 1,
804
+ # row: 1,
805
+ # column_name: "NonEmptyString",
806
+ # cell_reference: "NonEmptyString",
807
+ # },
808
+ # ],
809
+ # },
810
+ # },
811
+ # ],
812
+ # total_count: 1,
813
+ # },
814
+ # },
815
+ # },
644
816
  # details: {
645
817
  # aws_auto_scaling_auto_scaling_group: {
646
818
  # launch_configuration_name: "NonEmptyString",
@@ -881,6 +1053,58 @@ module Aws::SecurityHub
881
1053
  # network_interface_owner_id: "NonEmptyString",
882
1054
  # private_ip_address: "NonEmptyString",
883
1055
  # },
1056
+ # aws_ec2_subnet: {
1057
+ # assign_ipv_6_address_on_creation: false,
1058
+ # availability_zone: "NonEmptyString",
1059
+ # availability_zone_id: "NonEmptyString",
1060
+ # available_ip_address_count: 1,
1061
+ # cidr_block: "NonEmptyString",
1062
+ # default_for_az: false,
1063
+ # map_public_ip_on_launch: false,
1064
+ # owner_id: "NonEmptyString",
1065
+ # state: "NonEmptyString",
1066
+ # subnet_arn: "NonEmptyString",
1067
+ # subnet_id: "NonEmptyString",
1068
+ # vpc_id: "NonEmptyString",
1069
+ # ipv_6_cidr_block_association_set: [
1070
+ # {
1071
+ # association_id: "NonEmptyString",
1072
+ # ipv_6_cidr_block: "NonEmptyString",
1073
+ # cidr_block_state: "NonEmptyString",
1074
+ # },
1075
+ # ],
1076
+ # },
1077
+ # aws_ec2_network_acl: {
1078
+ # is_default: false,
1079
+ # network_acl_id: "NonEmptyString",
1080
+ # owner_id: "NonEmptyString",
1081
+ # vpc_id: "NonEmptyString",
1082
+ # associations: [
1083
+ # {
1084
+ # network_acl_association_id: "NonEmptyString",
1085
+ # network_acl_id: "NonEmptyString",
1086
+ # subnet_id: "NonEmptyString",
1087
+ # },
1088
+ # ],
1089
+ # entries: [
1090
+ # {
1091
+ # cidr_block: "NonEmptyString",
1092
+ # egress: false,
1093
+ # icmp_type_code: {
1094
+ # code: 1,
1095
+ # type: 1,
1096
+ # },
1097
+ # ipv_6_cidr_block: "NonEmptyString",
1098
+ # port_range: {
1099
+ # from: 1,
1100
+ # to: 1,
1101
+ # },
1102
+ # protocol: "NonEmptyString",
1103
+ # rule_action: "NonEmptyString",
1104
+ # rule_number: 1,
1105
+ # },
1106
+ # ],
1107
+ # },
884
1108
  # aws_elbv_2_load_balancer: {
885
1109
  # availability_zones: [
886
1110
  # {
@@ -901,6 +1125,40 @@ module Aws::SecurityHub
901
1125
  # type: "NonEmptyString",
902
1126
  # vpc_id: "NonEmptyString",
903
1127
  # },
1128
+ # aws_elastic_beanstalk_environment: {
1129
+ # application_name: "NonEmptyString",
1130
+ # cname: "NonEmptyString",
1131
+ # date_created: "NonEmptyString",
1132
+ # date_updated: "NonEmptyString",
1133
+ # description: "NonEmptyString",
1134
+ # endpoint_url: "NonEmptyString",
1135
+ # environment_arn: "NonEmptyString",
1136
+ # environment_id: "NonEmptyString",
1137
+ # environment_links: [
1138
+ # {
1139
+ # environment_name: "NonEmptyString",
1140
+ # link_name: "NonEmptyString",
1141
+ # },
1142
+ # ],
1143
+ # environment_name: "NonEmptyString",
1144
+ # option_settings: [
1145
+ # {
1146
+ # namespace: "NonEmptyString",
1147
+ # option_name: "NonEmptyString",
1148
+ # resource_name: "NonEmptyString",
1149
+ # value: "NonEmptyString",
1150
+ # },
1151
+ # ],
1152
+ # platform_arn: "NonEmptyString",
1153
+ # solution_stack_name: "NonEmptyString",
1154
+ # status: "NonEmptyString",
1155
+ # tier: {
1156
+ # name: "NonEmptyString",
1157
+ # type: "NonEmptyString",
1158
+ # version: "NonEmptyString",
1159
+ # },
1160
+ # version_label: "NonEmptyString",
1161
+ # },
904
1162
  # aws_elasticsearch_domain: {
905
1163
  # access_policies: "NonEmptyString",
906
1164
  # domain_endpoint_options: {
@@ -942,6 +1200,18 @@ module Aws::SecurityHub
942
1200
  # },
943
1201
  # ],
944
1202
  # },
1203
+ # public_access_block_configuration: {
1204
+ # block_public_acls: false,
1205
+ # block_public_policy: false,
1206
+ # ignore_public_acls: false,
1207
+ # restrict_public_buckets: false,
1208
+ # },
1209
+ # },
1210
+ # aws_s3_account_public_access_block: {
1211
+ # block_public_acls: false,
1212
+ # block_public_policy: false,
1213
+ # ignore_public_acls: false,
1214
+ # restrict_public_buckets: false,
945
1215
  # },
946
1216
  # aws_s3_object: {
947
1217
  # last_modified: "NonEmptyString",
@@ -2172,6 +2442,21 @@ module Aws::SecurityHub
2172
2442
  # blocked: false,
2173
2443
  # },
2174
2444
  # },
2445
+ # finding_provider_fields: {
2446
+ # confidence: 1,
2447
+ # criticality: 1,
2448
+ # related_findings: [
2449
+ # {
2450
+ # product_arn: "NonEmptyString", # required
2451
+ # id: "NonEmptyString", # required
2452
+ # },
2453
+ # ],
2454
+ # severity: {
2455
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
2456
+ # original: "NonEmptyString",
2457
+ # },
2458
+ # types: ["NonEmptyString"],
2459
+ # },
2175
2460
  # },
2176
2461
  # ],
2177
2462
  # })
@@ -2195,16 +2480,16 @@ module Aws::SecurityHub
2195
2480
  end
2196
2481
 
2197
2482
  # Used by Security Hub customers to update information about their
2198
- # investigation into a finding. Requested by master accounts or member
2199
- # accounts. Master accounts can update findings for their account and
2200
- # their member accounts. Member accounts can update findings for their
2201
- # account.
2483
+ # investigation into a finding. Requested by administrator accounts or
2484
+ # member accounts. Administrator accounts can update findings for their
2485
+ # account and their member accounts. Member accounts can update findings
2486
+ # for their account.
2202
2487
  #
2203
2488
  # Updates from `BatchUpdateFindings` do not affect the value of
2204
2489
  # `UpdatedAt` for a finding.
2205
2490
  #
2206
- # Master and member accounts can use `BatchUpdateFindings` to update the
2207
- # following finding fields and objects.
2491
+ # Administrator and member accounts can use `BatchUpdateFindings` to
2492
+ # update the following finding fields and objects.
2208
2493
  #
2209
2494
  # * `Confidence`
2210
2495
  #
@@ -2989,6 +3274,50 @@ module Aws::SecurityHub
2989
3274
  # value: "NonEmptyString",
2990
3275
  # },
2991
3276
  # ],
3277
+ # finding_provider_fields_confidence: [
3278
+ # {
3279
+ # gte: 1.0,
3280
+ # lte: 1.0,
3281
+ # eq: 1.0,
3282
+ # },
3283
+ # ],
3284
+ # finding_provider_fields_criticality: [
3285
+ # {
3286
+ # gte: 1.0,
3287
+ # lte: 1.0,
3288
+ # eq: 1.0,
3289
+ # },
3290
+ # ],
3291
+ # finding_provider_fields_related_findings_id: [
3292
+ # {
3293
+ # value: "NonEmptyString",
3294
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3295
+ # },
3296
+ # ],
3297
+ # finding_provider_fields_related_findings_product_arn: [
3298
+ # {
3299
+ # value: "NonEmptyString",
3300
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3301
+ # },
3302
+ # ],
3303
+ # finding_provider_fields_severity_label: [
3304
+ # {
3305
+ # value: "NonEmptyString",
3306
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3307
+ # },
3308
+ # ],
3309
+ # finding_provider_fields_severity_original: [
3310
+ # {
3311
+ # value: "NonEmptyString",
3312
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3313
+ # },
3314
+ # ],
3315
+ # finding_provider_fields_types: [
3316
+ # {
3317
+ # value: "NonEmptyString",
3318
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3319
+ # },
3320
+ # ],
2992
3321
  # },
2993
3322
  # group_by_attribute: "NonEmptyString", # required
2994
3323
  # })
@@ -3007,10 +3336,10 @@ module Aws::SecurityHub
3007
3336
  end
3008
3337
 
3009
3338
  # Creates a member association in Security Hub between the specified
3010
- # accounts and the account used to make the request, which is the master
3011
- # account. If you are integrated with Organizations, then the master
3012
- # account is the Security Hub administrator account that is designated
3013
- # by the organization management account.
3339
+ # accounts and the account used to make the request, which is the
3340
+ # administrator account. If you are integrated with Organizations, then
3341
+ # the administrator account is designated by the organization management
3342
+ # account.
3014
3343
  #
3015
3344
  # `CreateMembers` is always used to add accounts that are not
3016
3345
  # organization members.
@@ -3037,17 +3366,17 @@ module Aws::SecurityHub
3037
3366
  # invitation. They automatically become a member account in Security
3038
3367
  # Hub.
3039
3368
  #
3040
- # A permissions policy is added that permits the master account to view
3041
- # the findings generated in the member account. When Security Hub is
3042
- # enabled in a member account, findings are sent to both the member and
3043
- # master accounts.
3369
+ # A permissions policy is added that permits the administrator account
3370
+ # to view the findings generated in the member account. When Security
3371
+ # Hub is enabled in a member account, the member account findings are
3372
+ # also visible to the administrator account.
3044
3373
  #
3045
- # To remove the association between the master and member accounts, use
3046
- # the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
3047
- # operation.
3374
+ # To remove the association between the administrator and member
3375
+ # accounts, use the ` DisassociateFromMasterAccount ` or `
3376
+ # DisassociateMembers ` operation.
3048
3377
  #
3049
3378
  # @option params [required, Array<Types::AccountDetails>] :account_details
3050
- # The list of accounts to associate with the Security Hub master
3379
+ # The list of accounts to associate with the Security Hub administrator
3051
3380
  # account. For each account, the list includes the account ID and
3052
3381
  # optionally the email address.
3053
3382
  #
@@ -3396,7 +3725,7 @@ module Aws::SecurityHub
3396
3725
  # resp.products[0].categories #=> Array
3397
3726
  # resp.products[0].categories[0] #=> String
3398
3727
  # resp.products[0].integration_types #=> Array
3399
- # resp.products[0].integration_types[0] #=> String, one of "SEND_FINDINGS_TO_SECURITY_HUB", "RECEIVE_FINDINGS_FROM_SECURITY_HUB"
3728
+ # resp.products[0].integration_types[0] #=> String, one of "SEND_FINDINGS_TO_SECURITY_HUB", "RECEIVE_FINDINGS_FROM_SECURITY_HUB", "UPDATE_FINDINGS_IN_SECURITY_HUB"
3400
3729
  # resp.products[0].marketplace_url #=> String
3401
3730
  # resp.products[0].activation_url #=> String
3402
3731
  # resp.products[0].product_subscription_resource_policy #=> String
@@ -3574,13 +3903,13 @@ module Aws::SecurityHub
3574
3903
  # disable Security Hub in all Regions, you must submit one request per
3575
3904
  # Region where you have enabled Security Hub.
3576
3905
  #
3577
- # When you disable Security Hub for a master account, it doesn't
3578
- # disable Security Hub for any associated member accounts.
3906
+ # When you disable Security Hub for an administrator account, it
3907
+ # doesn't disable Security Hub for any associated member accounts.
3579
3908
  #
3580
3909
  # When you disable Security Hub, your existing findings and insights and
3581
3910
  # any Security Hub configuration settings are deleted after 90 days and
3582
3911
  # cannot be recovered. Any standards that were enabled are disabled, and
3583
- # your master and member account associations are removed.
3912
+ # your administrator and member account associations are removed.
3584
3913
  #
3585
3914
  # If you want to save your existing findings, you must export them
3586
3915
  # before you disable Security Hub.
@@ -3597,12 +3926,41 @@ module Aws::SecurityHub
3597
3926
  end
3598
3927
 
3599
3928
  # Disassociates the current Security Hub member account from the
3600
- # associated master account.
3929
+ # associated administrator account.
3601
3930
  #
3602
3931
  # This operation is only used by accounts that are not part of an
3603
- # organization. For organization accounts, only the master account (the
3604
- # designated Security Hub administrator) can disassociate a member
3605
- # account.
3932
+ # organization. For organization accounts, only the administrator
3933
+ # account can disassociate a member account.
3934
+ #
3935
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3936
+ #
3937
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccount AWS API Documentation
3938
+ #
3939
+ # @overload disassociate_from_administrator_account(params = {})
3940
+ # @param [Hash] params ({})
3941
+ def disassociate_from_administrator_account(params = {}, options = {})
3942
+ req = build_request(:disassociate_from_administrator_account, params)
3943
+ req.send_request(options)
3944
+ end
3945
+
3946
+ # This method is deprecated. Instead, use
3947
+ # `DisassociateFromAdministratorAccount`.
3948
+ #
3949
+ # The Security Hub console continues to use
3950
+ # `DisassociateFromMasterAccount`. It will eventually change to use
3951
+ # `DisassociateFromAdministratorAccount`. Any IAM policies that
3952
+ # specifically control access to this function must continue to use
3953
+ # `DisassociateFromMasterAccount`. You should also add
3954
+ # `DisassociateFromAdministratorAccount` to your policies to ensure that
3955
+ # the correct permissions are in place after the console begins to use
3956
+ # `DisassociateFromAdministratorAccount`.
3957
+ #
3958
+ # Disassociates the current Security Hub member account from the
3959
+ # associated administrator account.
3960
+ #
3961
+ # This operation is only used by accounts that are not part of an
3962
+ # organization. For organization accounts, only the administrator
3963
+ # account can disassociate a member account.
3606
3964
  #
3607
3965
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3608
3966
  #
@@ -3615,15 +3973,15 @@ module Aws::SecurityHub
3615
3973
  req.send_request(options)
3616
3974
  end
3617
3975
 
3618
- # Disassociates the specified member accounts from the associated master
3619
- # account.
3976
+ # Disassociates the specified member accounts from the associated
3977
+ # administrator account.
3620
3978
  #
3621
- # Can be used to disassociate both accounts that are in an organization
3622
- # and accounts that were invited manually.
3979
+ # Can be used to disassociate both accounts that are managed using
3980
+ # Organizations and accounts that were invited manually.
3623
3981
  #
3624
3982
  # @option params [required, Array<String>] :account_ids
3625
- # The account IDs of the member accounts to disassociate from the master
3626
- # account.
3983
+ # The account IDs of the member accounts to disassociate from the
3984
+ # administrator account.
3627
3985
  #
3628
3986
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
3629
3987
  #
@@ -3760,6 +4118,32 @@ module Aws::SecurityHub
3760
4118
  req.send_request(options)
3761
4119
  end
3762
4120
 
4121
+ # Provides the details for the Security Hub administrator account for
4122
+ # the current member account.
4123
+ #
4124
+ # Can be used by both member accounts that are managed using
4125
+ # Organizations and accounts that were invited manually.
4126
+ #
4127
+ # @return [Types::GetAdministratorAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4128
+ #
4129
+ # * {Types::GetAdministratorAccountResponse#administrator #administrator} => Types::Invitation
4130
+ #
4131
+ # @example Response structure
4132
+ #
4133
+ # resp.administrator.account_id #=> String
4134
+ # resp.administrator.invitation_id #=> String
4135
+ # resp.administrator.invited_at #=> Time
4136
+ # resp.administrator.member_status #=> String
4137
+ #
4138
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetAdministratorAccount AWS API Documentation
4139
+ #
4140
+ # @overload get_administrator_account(params = {})
4141
+ # @param [Hash] params ({})
4142
+ def get_administrator_account(params = {}, options = {})
4143
+ req = build_request(:get_administrator_account, params)
4144
+ req.send_request(options)
4145
+ end
4146
+
3763
4147
  # Returns a list of the standards that are currently enabled.
3764
4148
  #
3765
4149
  # @option params [Array<String>] :standards_subscription_arns
@@ -4403,6 +4787,50 @@ module Aws::SecurityHub
4403
4787
  # value: "NonEmptyString",
4404
4788
  # },
4405
4789
  # ],
4790
+ # finding_provider_fields_confidence: [
4791
+ # {
4792
+ # gte: 1.0,
4793
+ # lte: 1.0,
4794
+ # eq: 1.0,
4795
+ # },
4796
+ # ],
4797
+ # finding_provider_fields_criticality: [
4798
+ # {
4799
+ # gte: 1.0,
4800
+ # lte: 1.0,
4801
+ # eq: 1.0,
4802
+ # },
4803
+ # ],
4804
+ # finding_provider_fields_related_findings_id: [
4805
+ # {
4806
+ # value: "NonEmptyString",
4807
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4808
+ # },
4809
+ # ],
4810
+ # finding_provider_fields_related_findings_product_arn: [
4811
+ # {
4812
+ # value: "NonEmptyString",
4813
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4814
+ # },
4815
+ # ],
4816
+ # finding_provider_fields_severity_label: [
4817
+ # {
4818
+ # value: "NonEmptyString",
4819
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4820
+ # },
4821
+ # ],
4822
+ # finding_provider_fields_severity_original: [
4823
+ # {
4824
+ # value: "NonEmptyString",
4825
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4826
+ # },
4827
+ # ],
4828
+ # finding_provider_fields_types: [
4829
+ # {
4830
+ # value: "NonEmptyString",
4831
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4832
+ # },
4833
+ # ],
4406
4834
  # },
4407
4835
  # sort_criteria: [
4408
4836
  # {
@@ -4507,6 +4935,71 @@ module Aws::SecurityHub
4507
4935
  # resp.findings[0].resources[0].resource_role #=> String
4508
4936
  # resp.findings[0].resources[0].tags #=> Hash
4509
4937
  # resp.findings[0].resources[0].tags["NonEmptyString"] #=> String
4938
+ # resp.findings[0].resources[0].data_classification.detailed_results_location #=> String
4939
+ # resp.findings[0].resources[0].data_classification.result.mime_type #=> String
4940
+ # resp.findings[0].resources[0].data_classification.result.size_classified #=> Integer
4941
+ # resp.findings[0].resources[0].data_classification.result.additional_occurrences #=> Boolean
4942
+ # resp.findings[0].resources[0].data_classification.result.status.code #=> String
4943
+ # resp.findings[0].resources[0].data_classification.result.status.reason #=> String
4944
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data #=> Array
4945
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].category #=> String
4946
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections #=> Array
4947
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].count #=> Integer
4948
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].type #=> String
4949
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges #=> Array
4950
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start #=> Integer
4951
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].end #=> Integer
4952
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.line_ranges[0].start_column #=> Integer
4953
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges #=> Array
4954
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start #=> Integer
4955
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].end #=> Integer
4956
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.offset_ranges[0].start_column #=> Integer
4957
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages #=> Array
4958
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].page_number #=> Integer
4959
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start #=> Integer
4960
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.end #=> Integer
4961
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].line_range.start_column #=> Integer
4962
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start #=> Integer
4963
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.end #=> Integer
4964
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
4965
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records #=> Array
4966
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records[0].json_path #=> String
4967
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.records[0].record_index #=> Integer
4968
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells #=> Array
4969
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].column #=> Integer
4970
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].row #=> Integer
4971
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].column_name #=> String
4972
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].detections[0].occurrences.cells[0].cell_reference #=> String
4973
+ # resp.findings[0].resources[0].data_classification.result.sensitive_data[0].total_count #=> Integer
4974
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections #=> Array
4975
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].count #=> Integer
4976
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].arn #=> String
4977
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].name #=> String
4978
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges #=> Array
4979
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start #=> Integer
4980
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].end #=> Integer
4981
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.line_ranges[0].start_column #=> Integer
4982
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges #=> Array
4983
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start #=> Integer
4984
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].end #=> Integer
4985
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.offset_ranges[0].start_column #=> Integer
4986
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages #=> Array
4987
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].page_number #=> Integer
4988
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start #=> Integer
4989
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.end #=> Integer
4990
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].line_range.start_column #=> Integer
4991
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start #=> Integer
4992
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.end #=> Integer
4993
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.pages[0].offset_range.start_column #=> Integer
4994
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records #=> Array
4995
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records[0].json_path #=> String
4996
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.records[0].record_index #=> Integer
4997
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells #=> Array
4998
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].column #=> Integer
4999
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].row #=> Integer
5000
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].column_name #=> String
5001
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.detections[0].occurrences.cells[0].cell_reference #=> String
5002
+ # resp.findings[0].resources[0].data_classification.result.custom_data_identifiers.total_count #=> Integer
4510
5003
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.launch_configuration_name #=> String
4511
5004
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.load_balancer_names #=> Array
4512
5005
  # resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.load_balancer_names[0] #=> String
@@ -4651,6 +5144,41 @@ module Aws::SecurityHub
4651
5144
  # resp.findings[0].resources[0].details.aws_ec2_eip.network_interface_id #=> String
4652
5145
  # resp.findings[0].resources[0].details.aws_ec2_eip.network_interface_owner_id #=> String
4653
5146
  # resp.findings[0].resources[0].details.aws_ec2_eip.private_ip_address #=> String
5147
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.assign_ipv_6_address_on_creation #=> Boolean
5148
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.availability_zone #=> String
5149
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.availability_zone_id #=> String
5150
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.available_ip_address_count #=> Integer
5151
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.cidr_block #=> String
5152
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.default_for_az #=> Boolean
5153
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.map_public_ip_on_launch #=> Boolean
5154
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.owner_id #=> String
5155
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.state #=> String
5156
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.subnet_arn #=> String
5157
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.subnet_id #=> String
5158
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.vpc_id #=> String
5159
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set #=> Array
5160
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].association_id #=> String
5161
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].ipv_6_cidr_block #=> String
5162
+ # resp.findings[0].resources[0].details.aws_ec2_subnet.ipv_6_cidr_block_association_set[0].cidr_block_state #=> String
5163
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.is_default #=> Boolean
5164
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.network_acl_id #=> String
5165
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.owner_id #=> String
5166
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.vpc_id #=> String
5167
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations #=> Array
5168
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].network_acl_association_id #=> String
5169
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].network_acl_id #=> String
5170
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.associations[0].subnet_id #=> String
5171
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries #=> Array
5172
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].cidr_block #=> String
5173
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].egress #=> Boolean
5174
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].icmp_type_code.code #=> Integer
5175
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].icmp_type_code.type #=> Integer
5176
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].ipv_6_cidr_block #=> String
5177
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].port_range.from #=> Integer
5178
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].port_range.to #=> Integer
5179
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].protocol #=> String
5180
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].rule_action #=> String
5181
+ # resp.findings[0].resources[0].details.aws_ec2_network_acl.entries[0].rule_number #=> Integer
4654
5182
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones #=> Array
4655
5183
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones[0].zone_name #=> String
4656
5184
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.availability_zones[0].subnet_id #=> String
@@ -4665,6 +5193,30 @@ module Aws::SecurityHub
4665
5193
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.state.reason #=> String
4666
5194
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.type #=> String
4667
5195
  # resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.vpc_id #=> String
5196
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.application_name #=> String
5197
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.cname #=> String
5198
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.date_created #=> String
5199
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.date_updated #=> String
5200
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.description #=> String
5201
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.endpoint_url #=> String
5202
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_arn #=> String
5203
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_id #=> String
5204
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links #=> Array
5205
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links[0].environment_name #=> String
5206
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_links[0].link_name #=> String
5207
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.environment_name #=> String
5208
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings #=> Array
5209
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].namespace #=> String
5210
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].option_name #=> String
5211
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].resource_name #=> String
5212
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.option_settings[0].value #=> String
5213
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.platform_arn #=> String
5214
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.solution_stack_name #=> String
5215
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.status #=> String
5216
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.name #=> String
5217
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.type #=> String
5218
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.tier.version #=> String
5219
+ # resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.version_label #=> String
4668
5220
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.access_policies #=> String
4669
5221
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.domain_endpoint_options.enforce_https #=> Boolean
4670
5222
  # resp.findings[0].resources[0].details.aws_elasticsearch_domain.domain_endpoint_options.tls_security_policy #=> String
@@ -4690,6 +5242,14 @@ module Aws::SecurityHub
4690
5242
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules #=> Array
4691
5243
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String
4692
5244
  # resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.kms_master_key_id #=> String
5245
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.block_public_acls #=> Boolean
5246
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.block_public_policy #=> Boolean
5247
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.ignore_public_acls #=> Boolean
5248
+ # resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.restrict_public_buckets #=> Boolean
5249
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_acls #=> Boolean
5250
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_policy #=> Boolean
5251
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.ignore_public_acls #=> Boolean
5252
+ # resp.findings[0].resources[0].details.aws_s3_account_public_access_block.restrict_public_buckets #=> Boolean
4693
5253
  # resp.findings[0].resources[0].details.aws_s3_object.last_modified #=> String
4694
5254
  # resp.findings[0].resources[0].details.aws_s3_object.etag #=> String
4695
5255
  # resp.findings[0].resources[0].details.aws_s3_object.version_id #=> String
@@ -5536,6 +6096,15 @@ module Aws::SecurityHub
5536
6096
  # resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lon #=> Float
5537
6097
  # resp.findings[0].action.port_probe_action.port_probe_details[0].remote_ip_details.geo_location.lat #=> Float
5538
6098
  # resp.findings[0].action.port_probe_action.blocked #=> Boolean
6099
+ # resp.findings[0].finding_provider_fields.confidence #=> Integer
6100
+ # resp.findings[0].finding_provider_fields.criticality #=> Integer
6101
+ # resp.findings[0].finding_provider_fields.related_findings #=> Array
6102
+ # resp.findings[0].finding_provider_fields.related_findings[0].product_arn #=> String
6103
+ # resp.findings[0].finding_provider_fields.related_findings[0].id #=> String
6104
+ # resp.findings[0].finding_provider_fields.severity.label #=> String, one of "INFORMATIONAL", "LOW", "MEDIUM", "HIGH", "CRITICAL"
6105
+ # resp.findings[0].finding_provider_fields.severity.original #=> String
6106
+ # resp.findings[0].finding_provider_fields.types #=> Array
6107
+ # resp.findings[0].finding_provider_fields.types[0] #=> String
5539
6108
  # resp.next_token #=> String
5540
6109
  #
5541
6110
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings AWS API Documentation
@@ -5897,6 +6466,29 @@ module Aws::SecurityHub
5897
6466
  # resp.insights[0].filters.note_updated_by[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
5898
6467
  # resp.insights[0].filters.keyword #=> Array
5899
6468
  # resp.insights[0].filters.keyword[0].value #=> String
6469
+ # resp.insights[0].filters.finding_provider_fields_confidence #=> Array
6470
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].gte #=> Float
6471
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].lte #=> Float
6472
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].eq #=> Float
6473
+ # resp.insights[0].filters.finding_provider_fields_criticality #=> Array
6474
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].gte #=> Float
6475
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].lte #=> Float
6476
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].eq #=> Float
6477
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id #=> Array
6478
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].value #=> String
6479
+ # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6480
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn #=> Array
6481
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn[0].value #=> String
6482
+ # resp.insights[0].filters.finding_provider_fields_related_findings_product_arn[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6483
+ # resp.insights[0].filters.finding_provider_fields_severity_label #=> Array
6484
+ # resp.insights[0].filters.finding_provider_fields_severity_label[0].value #=> String
6485
+ # resp.insights[0].filters.finding_provider_fields_severity_label[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6486
+ # resp.insights[0].filters.finding_provider_fields_severity_original #=> Array
6487
+ # resp.insights[0].filters.finding_provider_fields_severity_original[0].value #=> String
6488
+ # resp.insights[0].filters.finding_provider_fields_severity_original[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
6489
+ # resp.insights[0].filters.finding_provider_fields_types #=> Array
6490
+ # resp.insights[0].filters.finding_provider_fields_types[0].value #=> String
6491
+ # resp.insights[0].filters.finding_provider_fields_types[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
5900
6492
  # resp.insights[0].group_by_attribute #=> String
5901
6493
  # resp.next_token #=> String
5902
6494
  #
@@ -5930,11 +6522,20 @@ module Aws::SecurityHub
5930
6522
  req.send_request(options)
5931
6523
  end
5932
6524
 
5933
- # Provides the details for the Security Hub master account for the
5934
- # current member account.
6525
+ # This method is deprecated. Instead, use `GetAdministratorAccount`.
6526
+ #
6527
+ # The Security Hub console continues to use `GetMasterAccount`. It will
6528
+ # eventually change to use `GetAdministratorAccount`. Any IAM policies
6529
+ # that specifically control access to this function must continue to use
6530
+ # `GetMasterAccount`. You should also add `GetAdministratorAccount` to
6531
+ # your policies to ensure that the correct permissions are in place
6532
+ # after the console begins to use `GetAdministratorAccount`.
5935
6533
  #
5936
- # Can be used by both member accounts that are in an organization and
5937
- # accounts that were invited manually.
6534
+ # Provides the details for the Security Hub administrator account for
6535
+ # the current member account.
6536
+ #
6537
+ # Can be used by both member accounts that are managed using
6538
+ # Organizations and accounts that were invited manually.
5938
6539
  #
5939
6540
  # @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5940
6541
  #
@@ -5959,12 +6560,12 @@ module Aws::SecurityHub
5959
6560
  # Returns the details for the Security Hub member accounts for the
5960
6561
  # specified account IDs.
5961
6562
  #
5962
- # A master account can be either a delegated Security Hub administrator
5963
- # account for an organization or a master account that enabled Security
5964
- # Hub manually.
6563
+ # An administrator account can be either the delegated Security Hub
6564
+ # administrator account for an organization or an administrator account
6565
+ # that enabled Security Hub manually.
5965
6566
  #
5966
- # The results include both member accounts that are in an organization
5967
- # and accounts that were invited manually.
6567
+ # The results include both member accounts that are managed using
6568
+ # Organizations and accounts that were invited manually.
5968
6569
  #
5969
6570
  # @option params [required, Array<String>] :account_ids
5970
6571
  # The list of account IDs for the Security Hub member accounts to return
@@ -5987,6 +6588,7 @@ module Aws::SecurityHub
5987
6588
  # resp.members[0].account_id #=> String
5988
6589
  # resp.members[0].email #=> String
5989
6590
  # resp.members[0].master_id #=> String
6591
+ # resp.members[0].administrator_id #=> String
5990
6592
  # resp.members[0].member_status #=> String
5991
6593
  # resp.members[0].invited_at #=> Time
5992
6594
  # resp.members[0].updated_at #=> Time
@@ -6004,7 +6606,7 @@ module Aws::SecurityHub
6004
6606
  end
6005
6607
 
6006
6608
  # Invites other AWS accounts to become member accounts for the Security
6007
- # Hub master account that the invitation is sent from.
6609
+ # Hub administrator account that the invitation is sent from.
6008
6610
  #
6009
6611
  # This operation is only used to invite accounts that do not belong to
6010
6612
  # an organization. Organization accounts do not receive invitations.
@@ -6014,8 +6616,8 @@ module Aws::SecurityHub
6014
6616
  # Hub.
6015
6617
  #
6016
6618
  # When the account owner enables Security Hub and accepts the invitation
6017
- # to become a member account, the master account can view the findings
6018
- # generated from the member account.
6619
+ # to become a member account, the administrator account can view the
6620
+ # findings generated from the member account.
6019
6621
  #
6020
6622
  # @option params [required, Array<String>] :account_ids
6021
6623
  # The list of account IDs of the AWS accounts to invite to Security Hub
@@ -6093,8 +6695,9 @@ module Aws::SecurityHub
6093
6695
  # Lists all Security Hub membership invitations that were sent to the
6094
6696
  # current AWS account.
6095
6697
  #
6096
- # This operation is only used by accounts that do not belong to an
6097
- # organization. Organization accounts do not receive invitations.
6698
+ # This operation is only used by accounts that are managed by
6699
+ # invitation. Accounts that are managed using the integration with AWS
6700
+ # Organizations do not receive invitations.
6098
6701
  #
6099
6702
  # @option params [Integer] :max_results
6100
6703
  # The maximum number of items to return in the response.
@@ -6141,19 +6744,19 @@ module Aws::SecurityHub
6141
6744
  end
6142
6745
 
6143
6746
  # Lists details about all member accounts for the current Security Hub
6144
- # master account.
6747
+ # administrator account.
6145
6748
  #
6146
6749
  # The results include both member accounts that belong to an
6147
6750
  # organization and member accounts that were invited manually.
6148
6751
  #
6149
6752
  # @option params [Boolean] :only_associated
6150
6753
  # Specifies which member accounts to include in the response based on
6151
- # their relationship status with the master account. The default value
6152
- # is `TRUE`.
6754
+ # their relationship status with the administrator account. The default
6755
+ # value is `TRUE`.
6153
6756
  #
6154
6757
  # If `OnlyAssociated` is set to `TRUE`, the response includes member
6155
- # accounts whose relationship status with the master is set to
6156
- # `ENABLED`.
6758
+ # accounts whose relationship status with the administrator account is
6759
+ # set to `ENABLED`.
6157
6760
  #
6158
6761
  # If `OnlyAssociated` is set to `FALSE`, the response includes all
6159
6762
  # existing member accounts.
@@ -6190,6 +6793,7 @@ module Aws::SecurityHub
6190
6793
  # resp.members[0].account_id #=> String
6191
6794
  # resp.members[0].email #=> String
6192
6795
  # resp.members[0].master_id #=> String
6796
+ # resp.members[0].administrator_id #=> String
6193
6797
  # resp.members[0].member_status #=> String
6194
6798
  # resp.members[0].invited_at #=> Time
6195
6799
  # resp.members[0].updated_at #=> Time
@@ -6282,7 +6886,9 @@ module Aws::SecurityHub
6282
6886
  # The ARN of the resource to apply the tags to.
6283
6887
  #
6284
6888
  # @option params [required, Hash<String,String>] :tags
6285
- # The tags to add to the resource.
6889
+ # The tags to add to the resource. You can add up to 50 tags at a time.
6890
+ # The tag keys can be no longer than 128 characters. The tag values can
6891
+ # be no longer than 256 characters.
6286
6892
  #
6287
6893
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
6288
6894
  #
@@ -6310,7 +6916,8 @@ module Aws::SecurityHub
6310
6916
  # The ARN of the resource to remove the tags from.
6311
6917
  #
6312
6918
  # @option params [required, Array<String>] :tag_keys
6313
- # The tag keys associated with the tags to remove from the resource.
6919
+ # The tag keys associated with the tags to remove from the resource. You
6920
+ # can remove up to 50 tags at a time.
6314
6921
  #
6315
6922
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
6316
6923
  #
@@ -6937,6 +7544,50 @@ module Aws::SecurityHub
6937
7544
  # value: "NonEmptyString",
6938
7545
  # },
6939
7546
  # ],
7547
+ # finding_provider_fields_confidence: [
7548
+ # {
7549
+ # gte: 1.0,
7550
+ # lte: 1.0,
7551
+ # eq: 1.0,
7552
+ # },
7553
+ # ],
7554
+ # finding_provider_fields_criticality: [
7555
+ # {
7556
+ # gte: 1.0,
7557
+ # lte: 1.0,
7558
+ # eq: 1.0,
7559
+ # },
7560
+ # ],
7561
+ # finding_provider_fields_related_findings_id: [
7562
+ # {
7563
+ # value: "NonEmptyString",
7564
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7565
+ # },
7566
+ # ],
7567
+ # finding_provider_fields_related_findings_product_arn: [
7568
+ # {
7569
+ # value: "NonEmptyString",
7570
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7571
+ # },
7572
+ # ],
7573
+ # finding_provider_fields_severity_label: [
7574
+ # {
7575
+ # value: "NonEmptyString",
7576
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7577
+ # },
7578
+ # ],
7579
+ # finding_provider_fields_severity_original: [
7580
+ # {
7581
+ # value: "NonEmptyString",
7582
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7583
+ # },
7584
+ # ],
7585
+ # finding_provider_fields_types: [
7586
+ # {
7587
+ # value: "NonEmptyString",
7588
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
7589
+ # },
7590
+ # ],
6940
7591
  # },
6941
7592
  # note: {
6942
7593
  # text: "NonEmptyString", # required
@@ -7530,6 +8181,50 @@ module Aws::SecurityHub
7530
8181
  # value: "NonEmptyString",
7531
8182
  # },
7532
8183
  # ],
8184
+ # finding_provider_fields_confidence: [
8185
+ # {
8186
+ # gte: 1.0,
8187
+ # lte: 1.0,
8188
+ # eq: 1.0,
8189
+ # },
8190
+ # ],
8191
+ # finding_provider_fields_criticality: [
8192
+ # {
8193
+ # gte: 1.0,
8194
+ # lte: 1.0,
8195
+ # eq: 1.0,
8196
+ # },
8197
+ # ],
8198
+ # finding_provider_fields_related_findings_id: [
8199
+ # {
8200
+ # value: "NonEmptyString",
8201
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8202
+ # },
8203
+ # ],
8204
+ # finding_provider_fields_related_findings_product_arn: [
8205
+ # {
8206
+ # value: "NonEmptyString",
8207
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8208
+ # },
8209
+ # ],
8210
+ # finding_provider_fields_severity_label: [
8211
+ # {
8212
+ # value: "NonEmptyString",
8213
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8214
+ # },
8215
+ # ],
8216
+ # finding_provider_fields_severity_original: [
8217
+ # {
8218
+ # value: "NonEmptyString",
8219
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8220
+ # },
8221
+ # ],
8222
+ # finding_provider_fields_types: [
8223
+ # {
8224
+ # value: "NonEmptyString",
8225
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
8226
+ # },
8227
+ # ],
7533
8228
  # },
7534
8229
  # group_by_attribute: "NonEmptyString",
7535
8230
  # })
@@ -7645,7 +8340,7 @@ module Aws::SecurityHub
7645
8340
  params: params,
7646
8341
  config: config)
7647
8342
  context[:gem_name] = 'aws-sdk-securityhub'
7648
- context[:gem_version] = '1.40.0'
8343
+ context[:gem_version] = '1.46.0'
7649
8344
  Seahorse::Client::Request.new(handlers, context)
7650
8345
  end
7651
8346