aws-sdk-securityhub 1.41.0 → 1.42.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub.rb +1 -1
  5. data/lib/aws-sdk-securityhub/client.rb +443 -11
  6. data/lib/aws-sdk-securityhub/client_api.rb +135 -5
  7. data/lib/aws-sdk-securityhub/types.rb +1853 -34
  8. metadata +2 -2
data/lib/aws-sdk-securityhub/client_api.rb CHANGED
@@ -241,6 +241,7 @@ module Aws::SecurityHub
241
241
  AwsRedshiftClusterRestoreStatus = Shapes::StructureShape.new(name: 'AwsRedshiftClusterRestoreStatus')
242
242
  AwsRedshiftClusterVpcSecurityGroup = Shapes::StructureShape.new(name: 'AwsRedshiftClusterVpcSecurityGroup')
243
243
  AwsRedshiftClusterVpcSecurityGroups = Shapes::ListShape.new(name: 'AwsRedshiftClusterVpcSecurityGroups')
244
+ AwsS3AccountPublicAccessBlockDetails = Shapes::StructureShape.new(name: 'AwsS3AccountPublicAccessBlockDetails')
244
245
  AwsS3BucketDetails = Shapes::StructureShape.new(name: 'AwsS3BucketDetails')
245
246
  AwsS3BucketServerSideEncryptionByDefault = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionByDefault')
246
247
  AwsS3BucketServerSideEncryptionConfiguration = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionConfiguration')
@@ -269,6 +270,7 @@ module Aws::SecurityHub
269
270
  BatchEnableStandardsRequest = Shapes::StructureShape.new(name: 'BatchEnableStandardsRequest')
270
271
  BatchEnableStandardsResponse = Shapes::StructureShape.new(name: 'BatchEnableStandardsResponse')
271
272
  BatchImportFindingsRequest = Shapes::StructureShape.new(name: 'BatchImportFindingsRequest')
273
+ BatchImportFindingsRequestFindingList = Shapes::ListShape.new(name: 'BatchImportFindingsRequestFindingList')
272
274
  BatchImportFindingsResponse = Shapes::StructureShape.new(name: 'BatchImportFindingsResponse')
273
275
  BatchUpdateFindingsRequest = Shapes::StructureShape.new(name: 'BatchUpdateFindingsRequest')
274
276
  BatchUpdateFindingsResponse = Shapes::StructureShape.new(name: 'BatchUpdateFindingsResponse')
@@ -276,9 +278,13 @@ module Aws::SecurityHub
276
278
  BatchUpdateFindingsUnprocessedFindingsList = Shapes::ListShape.new(name: 'BatchUpdateFindingsUnprocessedFindingsList')
277
279
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
278
280
  CategoryList = Shapes::ListShape.new(name: 'CategoryList')
281
+ Cell = Shapes::StructureShape.new(name: 'Cell')
282
+ Cells = Shapes::ListShape.new(name: 'Cells')
279
283
  CidrBlockAssociation = Shapes::StructureShape.new(name: 'CidrBlockAssociation')
280
284
  CidrBlockAssociationList = Shapes::ListShape.new(name: 'CidrBlockAssociationList')
281
285
  City = Shapes::StructureShape.new(name: 'City')
286
+ ClassificationResult = Shapes::StructureShape.new(name: 'ClassificationResult')
287
+ ClassificationStatus = Shapes::StructureShape.new(name: 'ClassificationStatus')
282
288
  Compliance = Shapes::StructureShape.new(name: 'Compliance')
283
289
  ComplianceStatus = Shapes::StringShape.new(name: 'ComplianceStatus')
284
290
  ContainerDetails = Shapes::StructureShape.new(name: 'ContainerDetails')
@@ -291,8 +297,12 @@ module Aws::SecurityHub
291
297
  CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
292
298
  CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
293
299
  CrossAccountMaxResults = Shapes::IntegerShape.new(name: 'CrossAccountMaxResults')
300
+ CustomDataIdentifiersDetections = Shapes::StructureShape.new(name: 'CustomDataIdentifiersDetections')
301
+ CustomDataIdentifiersDetectionsList = Shapes::ListShape.new(name: 'CustomDataIdentifiersDetectionsList')
302
+ CustomDataIdentifiersResult = Shapes::StructureShape.new(name: 'CustomDataIdentifiersResult')
294
303
  Cvss = Shapes::StructureShape.new(name: 'Cvss')
295
304
  CvssList = Shapes::ListShape.new(name: 'CvssList')
305
+ DataClassificationDetails = Shapes::StructureShape.new(name: 'DataClassificationDetails')
296
306
  DateFilter = Shapes::StructureShape.new(name: 'DateFilter')
297
307
  DateFilterList = Shapes::ListShape.new(name: 'DateFilterList')
298
308
  DateRange = Shapes::StructureShape.new(name: 'DateRange')
@@ -338,6 +348,8 @@ module Aws::SecurityHub
338
348
  EnableSecurityHubRequest = Shapes::StructureShape.new(name: 'EnableSecurityHubRequest')
339
349
  EnableSecurityHubResponse = Shapes::StructureShape.new(name: 'EnableSecurityHubResponse')
340
350
  FieldMap = Shapes::MapShape.new(name: 'FieldMap')
351
+ FindingProviderFields = Shapes::StructureShape.new(name: 'FindingProviderFields')
352
+ FindingProviderSeverity = Shapes::StructureShape.new(name: 'FindingProviderSeverity')
341
353
  GeoLocation = Shapes::StructureShape.new(name: 'GeoLocation')
342
354
  GetEnabledStandardsRequest = Shapes::StructureShape.new(name: 'GetEnabledStandardsRequest')
343
355
  GetEnabledStandardsResponse = Shapes::StructureShape.new(name: 'GetEnabledStandardsResponse')
@@ -414,6 +426,9 @@ module Aws::SecurityHub
414
426
  NoteUpdate = Shapes::StructureShape.new(name: 'NoteUpdate')
415
427
  NumberFilter = Shapes::StructureShape.new(name: 'NumberFilter')
416
428
  NumberFilterList = Shapes::ListShape.new(name: 'NumberFilterList')
429
+ Occurrences = Shapes::StructureShape.new(name: 'Occurrences')
430
+ Page = Shapes::StructureShape.new(name: 'Page')
431
+ Pages = Shapes::ListShape.new(name: 'Pages')
417
432
  Partition = Shapes::StringShape.new(name: 'Partition')
418
433
  PatchSummary = Shapes::StructureShape.new(name: 'PatchSummary')
419
434
  PortProbeAction = Shapes::StructureShape.new(name: 'PortProbeAction')
@@ -425,9 +440,13 @@ module Aws::SecurityHub
425
440
  Product = Shapes::StructureShape.new(name: 'Product')
426
441
  ProductSubscriptionArnList = Shapes::ListShape.new(name: 'ProductSubscriptionArnList')
427
442
  ProductsList = Shapes::ListShape.new(name: 'ProductsList')
443
+ Range = Shapes::StructureShape.new(name: 'Range')
444
+ Ranges = Shapes::ListShape.new(name: 'Ranges')
428
445
  RatioScale = Shapes::IntegerShape.new(name: 'RatioScale')
429
446
  Recommendation = Shapes::StructureShape.new(name: 'Recommendation')
447
+ Record = Shapes::StructureShape.new(name: 'Record')
430
448
  RecordState = Shapes::StringShape.new(name: 'RecordState')
449
+ Records = Shapes::ListShape.new(name: 'Records')
431
450
  RelatedFinding = Shapes::StructureShape.new(name: 'RelatedFinding')
432
451
  RelatedFindingList = Shapes::ListShape.new(name: 'RelatedFindingList')
433
452
  RelatedRequirementsList = Shapes::ListShape.new(name: 'RelatedRequirementsList')
@@ -441,6 +460,10 @@ module Aws::SecurityHub
441
460
  Result = Shapes::StructureShape.new(name: 'Result')
442
461
  ResultList = Shapes::ListShape.new(name: 'ResultList')
443
462
  SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
463
+ SensitiveDataDetections = Shapes::StructureShape.new(name: 'SensitiveDataDetections')
464
+ SensitiveDataDetectionsList = Shapes::ListShape.new(name: 'SensitiveDataDetectionsList')
465
+ SensitiveDataResult = Shapes::StructureShape.new(name: 'SensitiveDataResult')
466
+ SensitiveDataResultList = Shapes::ListShape.new(name: 'SensitiveDataResultList')
444
467
  Severity = Shapes::StructureShape.new(name: 'Severity')
445
468
  SeverityLabel = Shapes::StringShape.new(name: 'SeverityLabel')
446
469
  SeverityRating = Shapes::StringShape.new(name: 'SeverityRating')
@@ -1800,10 +1823,17 @@ module Aws::SecurityHub
1800
1823
 
1801
1824
  AwsRedshiftClusterVpcSecurityGroups.member = Shapes::ShapeRef.new(shape: AwsRedshiftClusterVpcSecurityGroup)
1802
1825
 
1826
+ AwsS3AccountPublicAccessBlockDetails.add_member(:block_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "BlockPublicAcls"))
1827
+ AwsS3AccountPublicAccessBlockDetails.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "BlockPublicPolicy"))
1828
+ AwsS3AccountPublicAccessBlockDetails.add_member(:ignore_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "IgnorePublicAcls"))
1829
+ AwsS3AccountPublicAccessBlockDetails.add_member(:restrict_public_buckets, Shapes::ShapeRef.new(shape: Boolean, location_name: "RestrictPublicBuckets"))
1830
+ AwsS3AccountPublicAccessBlockDetails.struct_class = Types::AwsS3AccountPublicAccessBlockDetails
1831
+
1803
1832
  AwsS3BucketDetails.add_member(:owner_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerId"))
1804
1833
  AwsS3BucketDetails.add_member(:owner_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerName"))
1805
1834
  AwsS3BucketDetails.add_member(:created_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CreatedAt"))
1806
1835
  AwsS3BucketDetails.add_member(:server_side_encryption_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketServerSideEncryptionConfiguration, location_name: "ServerSideEncryptionConfiguration"))
1836
+ AwsS3BucketDetails.add_member(:public_access_block_configuration, Shapes::ShapeRef.new(shape: AwsS3AccountPublicAccessBlockDetails, location_name: "PublicAccessBlockConfiguration"))
1807
1837
  AwsS3BucketDetails.struct_class = Types::AwsS3BucketDetails
1808
1838
 
1809
1839
  AwsS3BucketServerSideEncryptionByDefault.add_member(:sse_algorithm, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SSEAlgorithm"))
@@ -1844,12 +1874,12 @@ module Aws::SecurityHub
1844
1874
  AwsSecurityFinding.add_member(:product_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "ProductArn"))
1845
1875
  AwsSecurityFinding.add_member(:generator_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "GeneratorId"))
1846
1876
  AwsSecurityFinding.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AwsAccountId"))
1847
- AwsSecurityFinding.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, required: true, location_name: "Types"))
1877
+ AwsSecurityFinding.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, location_name: "Types"))
1848
1878
  AwsSecurityFinding.add_member(:first_observed_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "FirstObservedAt"))
1849
1879
  AwsSecurityFinding.add_member(:last_observed_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "LastObservedAt"))
1850
1880
  AwsSecurityFinding.add_member(:created_at, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "CreatedAt"))
1851
1881
  AwsSecurityFinding.add_member(:updated_at, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "UpdatedAt"))
1852
- AwsSecurityFinding.add_member(:severity, Shapes::ShapeRef.new(shape: Severity, required: true, location_name: "Severity"))
1882
+ AwsSecurityFinding.add_member(:severity, Shapes::ShapeRef.new(shape: Severity, location_name: "Severity"))
1853
1883
  AwsSecurityFinding.add_member(:confidence, Shapes::ShapeRef.new(shape: Integer, location_name: "Confidence"))
1854
1884
  AwsSecurityFinding.add_member(:criticality, Shapes::ShapeRef.new(shape: Integer, location_name: "Criticality"))
1855
1885
  AwsSecurityFinding.add_member(:title, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Title"))
@@ -1874,6 +1904,7 @@ module Aws::SecurityHub
1874
1904
  AwsSecurityFinding.add_member(:vulnerabilities, Shapes::ShapeRef.new(shape: VulnerabilityList, location_name: "Vulnerabilities"))
1875
1905
  AwsSecurityFinding.add_member(:patch_summary, Shapes::ShapeRef.new(shape: PatchSummary, location_name: "PatchSummary"))
1876
1906
  AwsSecurityFinding.add_member(:action, Shapes::ShapeRef.new(shape: Action, location_name: "Action"))
1907
+ AwsSecurityFinding.add_member(:finding_provider_fields, Shapes::ShapeRef.new(shape: FindingProviderFields, location_name: "FindingProviderFields"))
1877
1908
  AwsSecurityFinding.struct_class = Types::AwsSecurityFinding
1878
1909
 
1879
1910
  AwsSecurityFindingFilters.add_member(:product_arn, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ProductArn"))
@@ -1885,8 +1916,8 @@ module Aws::SecurityHub
1885
1916
  AwsSecurityFindingFilters.add_member(:last_observed_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "LastObservedAt"))
1886
1917
  AwsSecurityFindingFilters.add_member(:created_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "CreatedAt"))
1887
1918
  AwsSecurityFindingFilters.add_member(:updated_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "UpdatedAt"))
1888
- AwsSecurityFindingFilters.add_member(:severity_product, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "SeverityProduct"))
1889
- AwsSecurityFindingFilters.add_member(:severity_normalized, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "SeverityNormalized"))
1919
+ AwsSecurityFindingFilters.add_member(:severity_product, Shapes::ShapeRef.new(shape: NumberFilterList, deprecated: true, location_name: "SeverityProduct", metadata: {"deprecatedMessage"=>"This filter is deprecated, use FindingProviiltersSeverityOriginal instead."}))
1920
+ AwsSecurityFindingFilters.add_member(:severity_normalized, Shapes::ShapeRef.new(shape: NumberFilterList, deprecated: true, location_name: "SeverityNormalized", metadata: {"deprecatedMessage"=>"This filter is deprecated, use SeverityLabel or FindingProviderFieldsSeverityLabel instead."}))
1890
1921
  AwsSecurityFindingFilters.add_member(:severity_label, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "SeverityLabel"))
1891
1922
  AwsSecurityFindingFilters.add_member(:confidence, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "Confidence"))
1892
1923
  AwsSecurityFindingFilters.add_member(:criticality, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "Criticality"))
@@ -1960,6 +1991,13 @@ module Aws::SecurityHub
1960
1991
  AwsSecurityFindingFilters.add_member(:note_updated_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "NoteUpdatedAt"))
1961
1992
  AwsSecurityFindingFilters.add_member(:note_updated_by, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "NoteUpdatedBy"))
1962
1993
  AwsSecurityFindingFilters.add_member(:keyword, Shapes::ShapeRef.new(shape: KeywordFilterList, location_name: "Keyword"))
1994
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_confidence, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "FindingProviderFieldsConfidence"))
1995
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_criticality, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "FindingProviderFieldsCriticality"))
1996
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_related_findings_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsRelatedFindingsId"))
1997
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_related_findings_product_arn, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsRelatedFindingsProductArn"))
1998
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_label, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityLabel"))
1999
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_original, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityOriginal"))
2000
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_types, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsTypes"))
1963
2001
  AwsSecurityFindingFilters.struct_class = Types::AwsSecurityFindingFilters
1964
2002
 
1965
2003
  AwsSecurityFindingIdentifier.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
@@ -2042,9 +2080,11 @@ module Aws::SecurityHub
2042
2080
  BatchEnableStandardsResponse.add_member(:standards_subscriptions, Shapes::ShapeRef.new(shape: StandardsSubscriptions, location_name: "StandardsSubscriptions"))
2043
2081
  BatchEnableStandardsResponse.struct_class = Types::BatchEnableStandardsResponse
2044
2082
 
2045
- BatchImportFindingsRequest.add_member(:findings, Shapes::ShapeRef.new(shape: AwsSecurityFindingList, required: true, location_name: "Findings"))
2083
+ BatchImportFindingsRequest.add_member(:findings, Shapes::ShapeRef.new(shape: BatchImportFindingsRequestFindingList, required: true, location_name: "Findings"))
2046
2084
  BatchImportFindingsRequest.struct_class = Types::BatchImportFindingsRequest
2047
2085
 
2086
+ BatchImportFindingsRequestFindingList.member = Shapes::ShapeRef.new(shape: AwsSecurityFinding)
2087
+
2048
2088
  BatchImportFindingsResponse.add_member(:failed_count, Shapes::ShapeRef.new(shape: Integer, required: true, location_name: "FailedCount"))
2049
2089
  BatchImportFindingsResponse.add_member(:success_count, Shapes::ShapeRef.new(shape: Integer, required: true, location_name: "SuccessCount"))
2050
2090
  BatchImportFindingsResponse.add_member(:failed_findings, Shapes::ShapeRef.new(shape: ImportFindingsErrorList, location_name: "FailedFindings"))
@@ -2075,6 +2115,14 @@ module Aws::SecurityHub
2075
2115
 
2076
2116
  CategoryList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
2077
2117
 
2118
+ Cell.add_member(:column, Shapes::ShapeRef.new(shape: Long, location_name: "Column"))
2119
+ Cell.add_member(:row, Shapes::ShapeRef.new(shape: Long, location_name: "Row"))
2120
+ Cell.add_member(:column_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ColumnName"))
2121
+ Cell.add_member(:cell_reference, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CellReference"))
2122
+ Cell.struct_class = Types::Cell
2123
+
2124
+ Cells.member = Shapes::ShapeRef.new(shape: Cell)
2125
+
2078
2126
  CidrBlockAssociation.add_member(:association_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "AssociationId"))
2079
2127
  CidrBlockAssociation.add_member(:cidr_block, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CidrBlock"))
2080
2128
  CidrBlockAssociation.add_member(:cidr_block_state, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CidrBlockState"))
@@ -2085,6 +2133,18 @@ module Aws::SecurityHub
2085
2133
  City.add_member(:city_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CityName"))
2086
2134
  City.struct_class = Types::City
2087
2135
 
2136
+ ClassificationResult.add_member(:mime_type, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "MimeType"))
2137
+ ClassificationResult.add_member(:size_classified, Shapes::ShapeRef.new(shape: Long, location_name: "SizeClassified"))
2138
+ ClassificationResult.add_member(:additional_occurrences, Shapes::ShapeRef.new(shape: Boolean, location_name: "AdditionalOccurrences"))
2139
+ ClassificationResult.add_member(:status, Shapes::ShapeRef.new(shape: ClassificationStatus, location_name: "Status"))
2140
+ ClassificationResult.add_member(:sensitive_data, Shapes::ShapeRef.new(shape: SensitiveDataResultList, location_name: "SensitiveData"))
2141
+ ClassificationResult.add_member(:custom_data_identifiers, Shapes::ShapeRef.new(shape: CustomDataIdentifiersResult, location_name: "CustomDataIdentifiers"))
2142
+ ClassificationResult.struct_class = Types::ClassificationResult
2143
+
2144
+ ClassificationStatus.add_member(:code, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Code"))
2145
+ ClassificationStatus.add_member(:reason, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Reason"))
2146
+ ClassificationStatus.struct_class = Types::ClassificationStatus
2147
+
2088
2148
  Compliance.add_member(:status, Shapes::ShapeRef.new(shape: ComplianceStatus, location_name: "Status"))
2089
2149
  Compliance.add_member(:related_requirements, Shapes::ShapeRef.new(shape: RelatedRequirementsList, location_name: "RelatedRequirements"))
2090
2150
  Compliance.add_member(:status_reasons, Shapes::ShapeRef.new(shape: StatusReasonsList, location_name: "StatusReasons"))
@@ -2122,6 +2182,18 @@ module Aws::SecurityHub
2122
2182
  CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
2123
2183
  CreateMembersResponse.struct_class = Types::CreateMembersResponse
2124
2184
 
2185
+ CustomDataIdentifiersDetections.add_member(:count, Shapes::ShapeRef.new(shape: Long, location_name: "Count"))
2186
+ CustomDataIdentifiersDetections.add_member(:arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Arn"))
2187
+ CustomDataIdentifiersDetections.add_member(:name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Name"))
2188
+ CustomDataIdentifiersDetections.add_member(:occurrences, Shapes::ShapeRef.new(shape: Occurrences, location_name: "Occurrences"))
2189
+ CustomDataIdentifiersDetections.struct_class = Types::CustomDataIdentifiersDetections
2190
+
2191
+ CustomDataIdentifiersDetectionsList.member = Shapes::ShapeRef.new(shape: CustomDataIdentifiersDetections)
2192
+
2193
+ CustomDataIdentifiersResult.add_member(:detections, Shapes::ShapeRef.new(shape: CustomDataIdentifiersDetectionsList, location_name: "Detections"))
2194
+ CustomDataIdentifiersResult.add_member(:total_count, Shapes::ShapeRef.new(shape: Long, location_name: "TotalCount"))
2195
+ CustomDataIdentifiersResult.struct_class = Types::CustomDataIdentifiersResult
2196
+
2125
2197
  Cvss.add_member(:version, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Version"))
2126
2198
  Cvss.add_member(:base_score, Shapes::ShapeRef.new(shape: Double, location_name: "BaseScore"))
2127
2199
  Cvss.add_member(:base_vector, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "BaseVector"))
@@ -2129,6 +2201,10 @@ module Aws::SecurityHub
2129
2201
 
2130
2202
  CvssList.member = Shapes::ShapeRef.new(shape: Cvss)
2131
2203
 
2204
+ DataClassificationDetails.add_member(:detailed_results_location, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DetailedResultsLocation"))
2205
+ DataClassificationDetails.add_member(:result, Shapes::ShapeRef.new(shape: ClassificationResult, location_name: "Result"))
2206
+ DataClassificationDetails.struct_class = Types::DataClassificationDetails
2207
+
2132
2208
  DateFilter.add_member(:start, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Start"))
2133
2209
  DateFilter.add_member(:end, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "End"))
2134
2210
  DateFilter.add_member(:date_range, Shapes::ShapeRef.new(shape: DateRange, location_name: "DateRange"))
@@ -2267,6 +2343,17 @@ module Aws::SecurityHub
2267
2343
  FieldMap.key = Shapes::ShapeRef.new(shape: NonEmptyString)
2268
2344
  FieldMap.value = Shapes::ShapeRef.new(shape: NonEmptyString)
2269
2345
 
2346
+ FindingProviderFields.add_member(:confidence, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Confidence"))
2347
+ FindingProviderFields.add_member(:criticality, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Criticality"))
2348
+ FindingProviderFields.add_member(:related_findings, Shapes::ShapeRef.new(shape: RelatedFindingList, location_name: "RelatedFindings"))
2349
+ FindingProviderFields.add_member(:severity, Shapes::ShapeRef.new(shape: FindingProviderSeverity, location_name: "Severity"))
2350
+ FindingProviderFields.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, location_name: "Types"))
2351
+ FindingProviderFields.struct_class = Types::FindingProviderFields
2352
+
2353
+ FindingProviderSeverity.add_member(:label, Shapes::ShapeRef.new(shape: SeverityLabel, location_name: "Label"))
2354
+ FindingProviderSeverity.add_member(:original, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Original"))
2355
+ FindingProviderSeverity.struct_class = Types::FindingProviderSeverity
2356
+
2270
2357
  GeoLocation.add_member(:lon, Shapes::ShapeRef.new(shape: Double, location_name: "Lon"))
2271
2358
  GeoLocation.add_member(:lat, Shapes::ShapeRef.new(shape: Double, location_name: "Lat"))
2272
2359
  GeoLocation.struct_class = Types::GeoLocation
@@ -2528,6 +2615,20 @@ module Aws::SecurityHub
2528
2615
 
2529
2616
  NumberFilterList.member = Shapes::ShapeRef.new(shape: NumberFilter)
2530
2617
 
2618
+ Occurrences.add_member(:line_ranges, Shapes::ShapeRef.new(shape: Ranges, location_name: "LineRanges"))
2619
+ Occurrences.add_member(:offset_ranges, Shapes::ShapeRef.new(shape: Ranges, location_name: "OffsetRanges"))
2620
+ Occurrences.add_member(:pages, Shapes::ShapeRef.new(shape: Pages, location_name: "Pages"))
2621
+ Occurrences.add_member(:records, Shapes::ShapeRef.new(shape: Records, location_name: "Records"))
2622
+ Occurrences.add_member(:cells, Shapes::ShapeRef.new(shape: Cells, location_name: "Cells"))
2623
+ Occurrences.struct_class = Types::Occurrences
2624
+
2625
+ Page.add_member(:page_number, Shapes::ShapeRef.new(shape: Long, location_name: "PageNumber"))
2626
+ Page.add_member(:line_range, Shapes::ShapeRef.new(shape: Range, location_name: "LineRange"))
2627
+ Page.add_member(:offset_range, Shapes::ShapeRef.new(shape: Range, location_name: "OffsetRange"))
2628
+ Page.struct_class = Types::Page
2629
+
2630
+ Pages.member = Shapes::ShapeRef.new(shape: Page)
2631
+
2531
2632
  PatchSummary.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
2532
2633
  PatchSummary.add_member(:installed_count, Shapes::ShapeRef.new(shape: Integer, location_name: "InstalledCount"))
2533
2634
  PatchSummary.add_member(:missing_count, Shapes::ShapeRef.new(shape: Integer, location_name: "MissingCount"))
@@ -2581,10 +2682,23 @@ module Aws::SecurityHub
2581
2682
 
2582
2683
  ProductsList.member = Shapes::ShapeRef.new(shape: Product)
2583
2684
 
2685
+ Range.add_member(:start, Shapes::ShapeRef.new(shape: Long, location_name: "Start"))
2686
+ Range.add_member(:end, Shapes::ShapeRef.new(shape: Long, location_name: "End"))
2687
+ Range.add_member(:start_column, Shapes::ShapeRef.new(shape: Long, location_name: "StartColumn"))
2688
+ Range.struct_class = Types::Range
2689
+
2690
+ Ranges.member = Shapes::ShapeRef.new(shape: Range)
2691
+
2584
2692
  Recommendation.add_member(:text, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Text"))
2585
2693
  Recommendation.add_member(:url, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Url"))
2586
2694
  Recommendation.struct_class = Types::Recommendation
2587
2695
 
2696
+ Record.add_member(:json_path, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "JsonPath"))
2697
+ Record.add_member(:record_index, Shapes::ShapeRef.new(shape: Long, location_name: "RecordIndex"))
2698
+ Record.struct_class = Types::Record
2699
+
2700
+ Records.member = Shapes::ShapeRef.new(shape: Record)
2701
+
2588
2702
  RelatedFinding.add_member(:product_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "ProductArn"))
2589
2703
  RelatedFinding.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
2590
2704
  RelatedFinding.struct_class = Types::RelatedFinding
@@ -2602,6 +2716,7 @@ module Aws::SecurityHub
2602
2716
  Resource.add_member(:region, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Region"))
2603
2717
  Resource.add_member(:resource_role, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ResourceRole"))
2604
2718
  Resource.add_member(:tags, Shapes::ShapeRef.new(shape: FieldMap, location_name: "Tags"))
2719
+ Resource.add_member(:data_classification, Shapes::ShapeRef.new(shape: DataClassificationDetails, location_name: "DataClassification"))
2605
2720
  Resource.add_member(:details, Shapes::ShapeRef.new(shape: ResourceDetails, location_name: "Details"))
2606
2721
  Resource.struct_class = Types::Resource
2607
2722
 
@@ -2621,6 +2736,7 @@ module Aws::SecurityHub
2621
2736
  ResourceDetails.add_member(:aws_elbv_2_load_balancer, Shapes::ShapeRef.new(shape: AwsElbv2LoadBalancerDetails, location_name: "AwsElbv2LoadBalancer"))
2622
2737
  ResourceDetails.add_member(:aws_elasticsearch_domain, Shapes::ShapeRef.new(shape: AwsElasticsearchDomainDetails, location_name: "AwsElasticsearchDomain"))
2623
2738
  ResourceDetails.add_member(:aws_s3_bucket, Shapes::ShapeRef.new(shape: AwsS3BucketDetails, location_name: "AwsS3Bucket"))
2739
+ ResourceDetails.add_member(:aws_s3_account_public_access_block, Shapes::ShapeRef.new(shape: AwsS3AccountPublicAccessBlockDetails, location_name: "AwsS3AccountPublicAccessBlock"))
2624
2740
  ResourceDetails.add_member(:aws_s3_object, Shapes::ShapeRef.new(shape: AwsS3ObjectDetails, location_name: "AwsS3Object"))
2625
2741
  ResourceDetails.add_member(:aws_secrets_manager_secret, Shapes::ShapeRef.new(shape: AwsSecretsManagerSecretDetails, location_name: "AwsSecretsManagerSecret"))
2626
2742
  ResourceDetails.add_member(:aws_iam_access_key, Shapes::ShapeRef.new(shape: AwsIamAccessKeyDetails, location_name: "AwsIamAccessKey"))
@@ -2666,6 +2782,20 @@ module Aws::SecurityHub
2666
2782
 
2667
2783
  SecurityGroups.member = Shapes::ShapeRef.new(shape: NonEmptyString)
2668
2784
 
2785
+ SensitiveDataDetections.add_member(:count, Shapes::ShapeRef.new(shape: Long, location_name: "Count"))
2786
+ SensitiveDataDetections.add_member(:type, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Type"))
2787
+ SensitiveDataDetections.add_member(:occurrences, Shapes::ShapeRef.new(shape: Occurrences, location_name: "Occurrences"))
2788
+ SensitiveDataDetections.struct_class = Types::SensitiveDataDetections
2789
+
2790
+ SensitiveDataDetectionsList.member = Shapes::ShapeRef.new(shape: SensitiveDataDetections)
2791
+
2792
+ SensitiveDataResult.add_member(:category, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Category"))
2793
+ SensitiveDataResult.add_member(:detections, Shapes::ShapeRef.new(shape: SensitiveDataDetectionsList, location_name: "Detections"))
2794
+ SensitiveDataResult.add_member(:total_count, Shapes::ShapeRef.new(shape: Long, location_name: "TotalCount"))
2795
+ SensitiveDataResult.struct_class = Types::SensitiveDataResult
2796
+
2797
+ SensitiveDataResultList.member = Shapes::ShapeRef.new(shape: SensitiveDataResult)
2798
+
2669
2799
  Severity.add_member(:product, Shapes::ShapeRef.new(shape: Double, location_name: "Product"))
2670
2800
  Severity.add_member(:label, Shapes::ShapeRef.new(shape: SeverityLabel, location_name: "Label"))
2671
2801
  Severity.add_member(:normalized, Shapes::ShapeRef.new(shape: Integer, location_name: "Normalized"))
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -9765,6 +9765,51 @@ module Aws::SecurityHub
9765
9765
  include Aws::Structure
9766
9766
  end
9767
9767
 
9768
+ # provides information about the Amazon S3 Public Access Block
9769
+ # configuration for accounts.
9770
+ #
9771
+ # @note When making an API call, you may pass AwsS3AccountPublicAccessBlockDetails
9772
+ # data as a hash:
9773
+ #
9774
+ # {
9775
+ # block_public_acls: false,
9776
+ # block_public_policy: false,
9777
+ # ignore_public_acls: false,
9778
+ # restrict_public_buckets: false,
9779
+ # }
9780
+ #
9781
+ # @!attribute [rw] block_public_acls
9782
+ # Indicates whether to reject calls to update an S3 bucket if the
9783
+ # calls include a public access control list (ACL).
9784
+ # @return [Boolean]
9785
+ #
9786
+ # @!attribute [rw] block_public_policy
9787
+ # Indicates whether to reject calls to update the access policy for an
9788
+ # S3 bucket or access point if the policy allows public access.
9789
+ # @return [Boolean]
9790
+ #
9791
+ # @!attribute [rw] ignore_public_acls
9792
+ # Indicates whether Amazon S3 ignores public ACLs that are associated
9793
+ # with an S3 bucket.
9794
+ # @return [Boolean]
9795
+ #
9796
+ # @!attribute [rw] restrict_public_buckets
9797
+ # Indicates whether to restrict access to an access point or S3 bucket
9798
+ # that has a public policy to only AWS service principals and
9799
+ # authorized users within the S3 bucket owner's account.
9800
+ # @return [Boolean]
9801
+ #
9802
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3AccountPublicAccessBlockDetails AWS API Documentation
9803
+ #
9804
+ class AwsS3AccountPublicAccessBlockDetails < Struct.new(
9805
+ :block_public_acls,
9806
+ :block_public_policy,
9807
+ :ignore_public_acls,
9808
+ :restrict_public_buckets)
9809
+ SENSITIVE = []
9810
+ include Aws::Structure
9811
+ end
9812
+
9768
9813
  # The details of an Amazon S3 bucket.
9769
9814
  #
9770
9815
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -9784,6 +9829,12 @@ module Aws::SecurityHub
9784
9829
  # },
9785
9830
  # ],
9786
9831
  # },
9832
+ # public_access_block_configuration: {
9833
+ # block_public_acls: false,
9834
+ # block_public_policy: false,
9835
+ # ignore_public_acls: false,
9836
+ # restrict_public_buckets: false,
9837
+ # },
9787
9838
  # }
9788
9839
  #
9789
9840
  # @!attribute [rw] owner_id
@@ -9810,13 +9861,19 @@ module Aws::SecurityHub
9810
9861
  # The encryption rules that are applied to the S3 bucket.
9811
9862
  # @return [Types::AwsS3BucketServerSideEncryptionConfiguration]
9812
9863
  #
9864
+ # @!attribute [rw] public_access_block_configuration
9865
+ # Provides information about the Amazon S3 Public Access Block
9866
+ # configuration for the S3 bucket.
9867
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
9868
+ #
9813
9869
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
9814
9870
  #
9815
9871
  class AwsS3BucketDetails < Struct.new(
9816
9872
  :owner_id,
9817
9873
  :owner_name,
9818
9874
  :created_at,
9819
- :server_side_encryption_configuration)
9875
+ :server_side_encryption_configuration,
9876
+ :public_access_block_configuration)
9820
9877
  SENSITIVE = []
9821
9878
  include Aws::Structure
9822
9879
  end
@@ -10077,12 +10134,12 @@ module Aws::SecurityHub
10077
10134
  # product_arn: "NonEmptyString", # required
10078
10135
  # generator_id: "NonEmptyString", # required
10079
10136
  # aws_account_id: "NonEmptyString", # required
10080
- # types: ["NonEmptyString"], # required
10137
+ # types: ["NonEmptyString"],
10081
10138
  # first_observed_at: "NonEmptyString",
10082
10139
  # last_observed_at: "NonEmptyString",
10083
10140
  # created_at: "NonEmptyString", # required
10084
10141
  # updated_at: "NonEmptyString", # required
10085
- # severity: { # required
10142
+ # severity: {
10086
10143
  # product: 1.0,
10087
10144
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
10088
10145
  # normalized: 1,
@@ -10206,6 +10263,130 @@ module Aws::SecurityHub
10206
10263
  # tags: {
10207
10264
  # "NonEmptyString" => "NonEmptyString",
10208
10265
  # },
10266
+ # data_classification: {
10267
+ # detailed_results_location: "NonEmptyString",
10268
+ # result: {
10269
+ # mime_type: "NonEmptyString",
10270
+ # size_classified: 1,
10271
+ # additional_occurrences: false,
10272
+ # status: {
10273
+ # code: "NonEmptyString",
10274
+ # reason: "NonEmptyString",
10275
+ # },
10276
+ # sensitive_data: [
10277
+ # {
10278
+ # category: "NonEmptyString",
10279
+ # detections: [
10280
+ # {
10281
+ # count: 1,
10282
+ # type: "NonEmptyString",
10283
+ # occurrences: {
10284
+ # line_ranges: [
10285
+ # {
10286
+ # start: 1,
10287
+ # end: 1,
10288
+ # start_column: 1,
10289
+ # },
10290
+ # ],
10291
+ # offset_ranges: [
10292
+ # {
10293
+ # start: 1,
10294
+ # end: 1,
10295
+ # start_column: 1,
10296
+ # },
10297
+ # ],
10298
+ # pages: [
10299
+ # {
10300
+ # page_number: 1,
10301
+ # line_range: {
10302
+ # start: 1,
10303
+ # end: 1,
10304
+ # start_column: 1,
10305
+ # },
10306
+ # offset_range: {
10307
+ # start: 1,
10308
+ # end: 1,
10309
+ # start_column: 1,
10310
+ # },
10311
+ # },
10312
+ # ],
10313
+ # records: [
10314
+ # {
10315
+ # json_path: "NonEmptyString",
10316
+ # record_index: 1,
10317
+ # },
10318
+ # ],
10319
+ # cells: [
10320
+ # {
10321
+ # column: 1,
10322
+ # row: 1,
10323
+ # column_name: "NonEmptyString",
10324
+ # cell_reference: "NonEmptyString",
10325
+ # },
10326
+ # ],
10327
+ # },
10328
+ # },
10329
+ # ],
10330
+ # total_count: 1,
10331
+ # },
10332
+ # ],
10333
+ # custom_data_identifiers: {
10334
+ # detections: [
10335
+ # {
10336
+ # count: 1,
10337
+ # arn: "NonEmptyString",
10338
+ # name: "NonEmptyString",
10339
+ # occurrences: {
10340
+ # line_ranges: [
10341
+ # {
10342
+ # start: 1,
10343
+ # end: 1,
10344
+ # start_column: 1,
10345
+ # },
10346
+ # ],
10347
+ # offset_ranges: [
10348
+ # {
10349
+ # start: 1,
10350
+ # end: 1,
10351
+ # start_column: 1,
10352
+ # },
10353
+ # ],
10354
+ # pages: [
10355
+ # {
10356
+ # page_number: 1,
10357
+ # line_range: {
10358
+ # start: 1,
10359
+ # end: 1,
10360
+ # start_column: 1,
10361
+ # },
10362
+ # offset_range: {
10363
+ # start: 1,
10364
+ # end: 1,
10365
+ # start_column: 1,
10366
+ # },
10367
+ # },
10368
+ # ],
10369
+ # records: [
10370
+ # {
10371
+ # json_path: "NonEmptyString",
10372
+ # record_index: 1,
10373
+ # },
10374
+ # ],
10375
+ # cells: [
10376
+ # {
10377
+ # column: 1,
10378
+ # row: 1,
10379
+ # column_name: "NonEmptyString",
10380
+ # cell_reference: "NonEmptyString",
10381
+ # },
10382
+ # ],
10383
+ # },
10384
+ # },
10385
+ # ],
10386
+ # total_count: 1,
10387
+ # },
10388
+ # },
10389
+ # },
10209
10390
  # details: {
10210
10391
  # aws_auto_scaling_auto_scaling_group: {
10211
10392
  # launch_configuration_name: "NonEmptyString",
@@ -10507,6 +10688,18 @@ module Aws::SecurityHub
10507
10688
  # },
10508
10689
  # ],
10509
10690
  # },
10691
+ # public_access_block_configuration: {
10692
+ # block_public_acls: false,
10693
+ # block_public_policy: false,
10694
+ # ignore_public_acls: false,
10695
+ # restrict_public_buckets: false,
10696
+ # },
10697
+ # },
10698
+ # aws_s3_account_public_access_block: {
10699
+ # block_public_acls: false,
10700
+ # block_public_policy: false,
10701
+ # ignore_public_acls: false,
10702
+ # restrict_public_buckets: false,
10510
10703
  # },
10511
10704
  # aws_s3_object: {
10512
10705
  # last_modified: "NonEmptyString",
@@ -11737,6 +11930,21 @@ module Aws::SecurityHub
11737
11930
  # blocked: false,
11738
11931
  # },
11739
11932
  # },
11933
+ # finding_provider_fields: {
11934
+ # confidence: 1,
11935
+ # criticality: 1,
11936
+ # related_findings: [
11937
+ # {
11938
+ # product_arn: "NonEmptyString", # required
11939
+ # id: "NonEmptyString", # required
11940
+ # },
11941
+ # ],
11942
+ # severity: {
11943
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
11944
+ # original: "NonEmptyString",
11945
+ # },
11946
+ # types: ["NonEmptyString"],
11947
+ # },
11740
11948
  # }
11741
11949
  #
11742
11950
  # @!attribute [rw] schema_version
@@ -11957,6 +12165,12 @@ module Aws::SecurityHub
11957
12165
  # resource.
11958
12166
  # @return [Types::Action]
11959
12167
  #
12168
+ # @!attribute [rw] finding_provider_fields
12169
+ # In a `BatchImportFindings` request, finding providers use
12170
+ # `FindingProviderFields` to provide and update their own values for
12171
+ # confidence, criticality, related findings, severity, and types.
12172
+ # @return [Types::FindingProviderFields]
12173
+ #
11960
12174
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11961
12175
  #
11962
12176
  class AwsSecurityFinding < Struct.new(
@@ -11994,7 +12208,8 @@ module Aws::SecurityHub
11994
12208
  :note,
11995
12209
  :vulnerabilities,
11996
12210
  :patch_summary,
11997
- :action)
12211
+ :action,
12212
+ :finding_provider_fields)
11998
12213
  SENSITIVE = []
11999
12214
  include Aws::Structure
12000
12215
  end
@@ -12563,6 +12778,50 @@ module Aws::SecurityHub
12563
12778
  # value: "NonEmptyString",
12564
12779
  # },
12565
12780
  # ],
12781
+ # finding_provider_fields_confidence: [
12782
+ # {
12783
+ # gte: 1.0,
12784
+ # lte: 1.0,
12785
+ # eq: 1.0,
12786
+ # },
12787
+ # ],
12788
+ # finding_provider_fields_criticality: [
12789
+ # {
12790
+ # gte: 1.0,
12791
+ # lte: 1.0,
12792
+ # eq: 1.0,
12793
+ # },
12794
+ # ],
12795
+ # finding_provider_fields_related_findings_id: [
12796
+ # {
12797
+ # value: "NonEmptyString",
12798
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12799
+ # },
12800
+ # ],
12801
+ # finding_provider_fields_related_findings_product_arn: [
12802
+ # {
12803
+ # value: "NonEmptyString",
12804
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12805
+ # },
12806
+ # ],
12807
+ # finding_provider_fields_severity_label: [
12808
+ # {
12809
+ # value: "NonEmptyString",
12810
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12811
+ # },
12812
+ # ],
12813
+ # finding_provider_fields_severity_original: [
12814
+ # {
12815
+ # value: "NonEmptyString",
12816
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12817
+ # },
12818
+ # ],
12819
+ # finding_provider_fields_types: [
12820
+ # {
12821
+ # value: "NonEmptyString",
12822
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12823
+ # },
12824
+ # ],
12566
12825
  # }
12567
12826
  #
12568
12827
  # @!attribute [rw] product_arn
@@ -12970,6 +13229,52 @@ module Aws::SecurityHub
12970
13229
  # A keyword for a finding.
12971
13230
  # @return [Array<Types::KeywordFilter>]
12972
13231
  #
13232
+ # @!attribute [rw] finding_provider_fields_confidence
13233
+ # The finding provider value for the finding confidence. Confidence is
13234
+ # defined as the likelihood that a finding accurately identifies the
13235
+ # behavior or issue that it was intended to identify.
13236
+ #
13237
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
13238
+ # means zero percent confidence and 100 means 100 percent confidence.
13239
+ # @return [Array<Types::NumberFilter>]
13240
+ #
13241
+ # @!attribute [rw] finding_provider_fields_criticality
13242
+ # The finding provider value for the level of importance assigned to
13243
+ # the resources associated with the findings.
13244
+ #
13245
+ # A score of 0 means that the underlying resources have no
13246
+ # criticality, and a score of 100 is reserved for the most critical
13247
+ # resources.
13248
+ # @return [Array<Types::NumberFilter>]
13249
+ #
13250
+ # @!attribute [rw] finding_provider_fields_related_findings_id
13251
+ # The finding identifier of a related finding that is identified by
13252
+ # the finding provider.
13253
+ # @return [Array<Types::StringFilter>]
13254
+ #
13255
+ # @!attribute [rw] finding_provider_fields_related_findings_product_arn
13256
+ # The ARN of the solution that generated a related finding that is
13257
+ # identified by the finding provider.
13258
+ # @return [Array<Types::StringFilter>]
13259
+ #
13260
+ # @!attribute [rw] finding_provider_fields_severity_label
13261
+ # The finding provider value for the severity label.
13262
+ # @return [Array<Types::StringFilter>]
13263
+ #
13264
+ # @!attribute [rw] finding_provider_fields_severity_original
13265
+ # The finding provider's original value for the severity.
13266
+ # @return [Array<Types::StringFilter>]
13267
+ #
13268
+ # @!attribute [rw] finding_provider_fields_types
13269
+ # One or more finding types that the finding provider assigned to the
13270
+ # finding. Uses the format of `namespace/category/classifier` that
13271
+ # classify a finding.
13272
+ #
13273
+ # Valid namespace values are: Software and Configuration Checks \|
13274
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
13275
+ # Identifications
13276
+ # @return [Array<Types::StringFilter>]
13277
+ #
12973
13278
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
12974
13279
  #
12975
13280
  class AwsSecurityFindingFilters < Struct.new(
@@ -13056,7 +13361,14 @@ module Aws::SecurityHub
13056
13361
  :note_text,
13057
13362
  :note_updated_at,
13058
13363
  :note_updated_by,
13059
- :keyword)
13364
+ :keyword,
13365
+ :finding_provider_fields_confidence,
13366
+ :finding_provider_fields_criticality,
13367
+ :finding_provider_fields_related_findings_id,
13368
+ :finding_provider_fields_related_findings_product_arn,
13369
+ :finding_provider_fields_severity_label,
13370
+ :finding_provider_fields_severity_original,
13371
+ :finding_provider_fields_types)
13060
13372
  SENSITIVE = []
13061
13373
  include Aws::Structure
13062
13374
  end
@@ -13662,12 +13974,12 @@ module Aws::SecurityHub
13662
13974
  # product_arn: "NonEmptyString", # required
13663
13975
  # generator_id: "NonEmptyString", # required
13664
13976
  # aws_account_id: "NonEmptyString", # required
13665
- # types: ["NonEmptyString"], # required
13977
+ # types: ["NonEmptyString"],
13666
13978
  # first_observed_at: "NonEmptyString",
13667
13979
  # last_observed_at: "NonEmptyString",
13668
13980
  # created_at: "NonEmptyString", # required
13669
13981
  # updated_at: "NonEmptyString", # required
13670
- # severity: { # required
13982
+ # severity: {
13671
13983
  # product: 1.0,
13672
13984
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
13673
13985
  # normalized: 1,
@@ -13791,6 +14103,130 @@ module Aws::SecurityHub
13791
14103
  # tags: {
13792
14104
  # "NonEmptyString" => "NonEmptyString",
13793
14105
  # },
14106
+ # data_classification: {
14107
+ # detailed_results_location: "NonEmptyString",
14108
+ # result: {
14109
+ # mime_type: "NonEmptyString",
14110
+ # size_classified: 1,
14111
+ # additional_occurrences: false,
14112
+ # status: {
14113
+ # code: "NonEmptyString",
14114
+ # reason: "NonEmptyString",
14115
+ # },
14116
+ # sensitive_data: [
14117
+ # {
14118
+ # category: "NonEmptyString",
14119
+ # detections: [
14120
+ # {
14121
+ # count: 1,
14122
+ # type: "NonEmptyString",
14123
+ # occurrences: {
14124
+ # line_ranges: [
14125
+ # {
14126
+ # start: 1,
14127
+ # end: 1,
14128
+ # start_column: 1,
14129
+ # },
14130
+ # ],
14131
+ # offset_ranges: [
14132
+ # {
14133
+ # start: 1,
14134
+ # end: 1,
14135
+ # start_column: 1,
14136
+ # },
14137
+ # ],
14138
+ # pages: [
14139
+ # {
14140
+ # page_number: 1,
14141
+ # line_range: {
14142
+ # start: 1,
14143
+ # end: 1,
14144
+ # start_column: 1,
14145
+ # },
14146
+ # offset_range: {
14147
+ # start: 1,
14148
+ # end: 1,
14149
+ # start_column: 1,
14150
+ # },
14151
+ # },
14152
+ # ],
14153
+ # records: [
14154
+ # {
14155
+ # json_path: "NonEmptyString",
14156
+ # record_index: 1,
14157
+ # },
14158
+ # ],
14159
+ # cells: [
14160
+ # {
14161
+ # column: 1,
14162
+ # row: 1,
14163
+ # column_name: "NonEmptyString",
14164
+ # cell_reference: "NonEmptyString",
14165
+ # },
14166
+ # ],
14167
+ # },
14168
+ # },
14169
+ # ],
14170
+ # total_count: 1,
14171
+ # },
14172
+ # ],
14173
+ # custom_data_identifiers: {
14174
+ # detections: [
14175
+ # {
14176
+ # count: 1,
14177
+ # arn: "NonEmptyString",
14178
+ # name: "NonEmptyString",
14179
+ # occurrences: {
14180
+ # line_ranges: [
14181
+ # {
14182
+ # start: 1,
14183
+ # end: 1,
14184
+ # start_column: 1,
14185
+ # },
14186
+ # ],
14187
+ # offset_ranges: [
14188
+ # {
14189
+ # start: 1,
14190
+ # end: 1,
14191
+ # start_column: 1,
14192
+ # },
14193
+ # ],
14194
+ # pages: [
14195
+ # {
14196
+ # page_number: 1,
14197
+ # line_range: {
14198
+ # start: 1,
14199
+ # end: 1,
14200
+ # start_column: 1,
14201
+ # },
14202
+ # offset_range: {
14203
+ # start: 1,
14204
+ # end: 1,
14205
+ # start_column: 1,
14206
+ # },
14207
+ # },
14208
+ # ],
14209
+ # records: [
14210
+ # {
14211
+ # json_path: "NonEmptyString",
14212
+ # record_index: 1,
14213
+ # },
14214
+ # ],
14215
+ # cells: [
14216
+ # {
14217
+ # column: 1,
14218
+ # row: 1,
14219
+ # column_name: "NonEmptyString",
14220
+ # cell_reference: "NonEmptyString",
14221
+ # },
14222
+ # ],
14223
+ # },
14224
+ # },
14225
+ # ],
14226
+ # total_count: 1,
14227
+ # },
14228
+ # },
14229
+ # },
13794
14230
  # details: {
13795
14231
  # aws_auto_scaling_auto_scaling_group: {
13796
14232
  # launch_configuration_name: "NonEmptyString",
@@ -14092,6 +14528,18 @@ module Aws::SecurityHub
14092
14528
  # },
14093
14529
  # ],
14094
14530
  # },
14531
+ # public_access_block_configuration: {
14532
+ # block_public_acls: false,
14533
+ # block_public_policy: false,
14534
+ # ignore_public_acls: false,
14535
+ # restrict_public_buckets: false,
14536
+ # },
14537
+ # },
14538
+ # aws_s3_account_public_access_block: {
14539
+ # block_public_acls: false,
14540
+ # block_public_policy: false,
14541
+ # ignore_public_acls: false,
14542
+ # restrict_public_buckets: false,
14095
14543
  # },
14096
14544
  # aws_s3_object: {
14097
14545
  # last_modified: "NonEmptyString",
@@ -15322,6 +15770,21 @@ module Aws::SecurityHub
15322
15770
  # blocked: false,
15323
15771
  # },
15324
15772
  # },
15773
+ # finding_provider_fields: {
15774
+ # confidence: 1,
15775
+ # criticality: 1,
15776
+ # related_findings: [
15777
+ # {
15778
+ # product_arn: "NonEmptyString", # required
15779
+ # id: "NonEmptyString", # required
15780
+ # },
15781
+ # ],
15782
+ # severity: {
15783
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
15784
+ # original: "NonEmptyString",
15785
+ # },
15786
+ # types: ["NonEmptyString"],
15787
+ # },
15325
15788
  # },
15326
15789
  # ],
15327
15790
  # }
@@ -15545,6 +16008,52 @@ module Aws::SecurityHub
15545
16008
  include Aws::Structure
15546
16009
  end
15547
16010
 
16011
+ # An occurrence of sensitive data detected in a Microsoft Excel
16012
+ # workbook, comma-separated value (CSV) file, or tab-separated value
16013
+ # (TSV) file.
16014
+ #
16015
+ # @note When making an API call, you may pass Cell
16016
+ # data as a hash:
16017
+ #
16018
+ # {
16019
+ # column: 1,
16020
+ # row: 1,
16021
+ # column_name: "NonEmptyString",
16022
+ # cell_reference: "NonEmptyString",
16023
+ # }
16024
+ #
16025
+ # @!attribute [rw] column
16026
+ # The column number of the column that contains the data. For a
16027
+ # Microsoft Excel workbook, the column number corresponds to the
16028
+ # alphabetical column identifiers. For example, a value of 1 for
16029
+ # Column corresponds to the A column in the workbook.
16030
+ # @return [Integer]
16031
+ #
16032
+ # @!attribute [rw] row
16033
+ # The row number of the row that contains the data.
16034
+ # @return [Integer]
16035
+ #
16036
+ # @!attribute [rw] column_name
16037
+ # The name of the column that contains the data.
16038
+ # @return [String]
16039
+ #
16040
+ # @!attribute [rw] cell_reference
16041
+ # For a Microsoft Excel workbook, provides the location of the cell,
16042
+ # as an absolute cell reference, that contains the data. For example,
16043
+ # Sheet2!C5 for cell C5 on Sheet2.
16044
+ # @return [String]
16045
+ #
16046
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cell AWS API Documentation
16047
+ #
16048
+ class Cell < Struct.new(
16049
+ :column,
16050
+ :row,
16051
+ :column_name,
16052
+ :cell_reference)
16053
+ SENSITIVE = []
16054
+ include Aws::Structure
16055
+ end
16056
+
15548
16057
  # An IPv4 CIDR block association.
15549
16058
  #
15550
16059
  # @note When making an API call, you may pass CidrBlockAssociation
@@ -15599,32 +16108,229 @@ module Aws::SecurityHub
15599
16108
  include Aws::Structure
15600
16109
  end
15601
16110
 
15602
- # Contains finding details that are specific to control-based findings.
15603
- # Only returned for findings generated from controls.
16111
+ # Details about the sensitive data that was detected on the resource.
15604
16112
  #
15605
- # @note When making an API call, you may pass Compliance
16113
+ # @note When making an API call, you may pass ClassificationResult
15606
16114
  # data as a hash:
15607
16115
  #
15608
16116
  # {
15609
- # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
15610
- # related_requirements: ["NonEmptyString"],
15611
- # status_reasons: [
16117
+ # mime_type: "NonEmptyString",
16118
+ # size_classified: 1,
16119
+ # additional_occurrences: false,
16120
+ # status: {
16121
+ # code: "NonEmptyString",
16122
+ # reason: "NonEmptyString",
16123
+ # },
16124
+ # sensitive_data: [
15612
16125
  # {
15613
- # reason_code: "NonEmptyString", # required
15614
- # description: "NonEmptyString",
16126
+ # category: "NonEmptyString",
16127
+ # detections: [
16128
+ # {
16129
+ # count: 1,
16130
+ # type: "NonEmptyString",
16131
+ # occurrences: {
16132
+ # line_ranges: [
16133
+ # {
16134
+ # start: 1,
16135
+ # end: 1,
16136
+ # start_column: 1,
16137
+ # },
16138
+ # ],
16139
+ # offset_ranges: [
16140
+ # {
16141
+ # start: 1,
16142
+ # end: 1,
16143
+ # start_column: 1,
16144
+ # },
16145
+ # ],
16146
+ # pages: [
16147
+ # {
16148
+ # page_number: 1,
16149
+ # line_range: {
16150
+ # start: 1,
16151
+ # end: 1,
16152
+ # start_column: 1,
16153
+ # },
16154
+ # offset_range: {
16155
+ # start: 1,
16156
+ # end: 1,
16157
+ # start_column: 1,
16158
+ # },
16159
+ # },
16160
+ # ],
16161
+ # records: [
16162
+ # {
16163
+ # json_path: "NonEmptyString",
16164
+ # record_index: 1,
16165
+ # },
16166
+ # ],
16167
+ # cells: [
16168
+ # {
16169
+ # column: 1,
16170
+ # row: 1,
16171
+ # column_name: "NonEmptyString",
16172
+ # cell_reference: "NonEmptyString",
16173
+ # },
16174
+ # ],
16175
+ # },
16176
+ # },
16177
+ # ],
16178
+ # total_count: 1,
15615
16179
  # },
15616
16180
  # ],
16181
+ # custom_data_identifiers: {
16182
+ # detections: [
16183
+ # {
16184
+ # count: 1,
16185
+ # arn: "NonEmptyString",
16186
+ # name: "NonEmptyString",
16187
+ # occurrences: {
16188
+ # line_ranges: [
16189
+ # {
16190
+ # start: 1,
16191
+ # end: 1,
16192
+ # start_column: 1,
16193
+ # },
16194
+ # ],
16195
+ # offset_ranges: [
16196
+ # {
16197
+ # start: 1,
16198
+ # end: 1,
16199
+ # start_column: 1,
16200
+ # },
16201
+ # ],
16202
+ # pages: [
16203
+ # {
16204
+ # page_number: 1,
16205
+ # line_range: {
16206
+ # start: 1,
16207
+ # end: 1,
16208
+ # start_column: 1,
16209
+ # },
16210
+ # offset_range: {
16211
+ # start: 1,
16212
+ # end: 1,
16213
+ # start_column: 1,
16214
+ # },
16215
+ # },
16216
+ # ],
16217
+ # records: [
16218
+ # {
16219
+ # json_path: "NonEmptyString",
16220
+ # record_index: 1,
16221
+ # },
16222
+ # ],
16223
+ # cells: [
16224
+ # {
16225
+ # column: 1,
16226
+ # row: 1,
16227
+ # column_name: "NonEmptyString",
16228
+ # cell_reference: "NonEmptyString",
16229
+ # },
16230
+ # ],
16231
+ # },
16232
+ # },
16233
+ # ],
16234
+ # total_count: 1,
16235
+ # },
15617
16236
  # }
15618
16237
  #
16238
+ # @!attribute [rw] mime_type
16239
+ # The type of content that the finding applies to.
16240
+ # @return [String]
16241
+ #
16242
+ # @!attribute [rw] size_classified
16243
+ # The total size in bytes of the affected data.
16244
+ # @return [Integer]
16245
+ #
16246
+ # @!attribute [rw] additional_occurrences
16247
+ # Indicates whether there are additional occurrences of sensitive data
16248
+ # that are not included in the finding. This occurs when the number of
16249
+ # occurrences exceeds the maximum that can be included.
16250
+ # @return [Boolean]
16251
+ #
15619
16252
  # @!attribute [rw] status
15620
- # The result of a standards check.
16253
+ # The current status of the sensitive data detection.
16254
+ # @return [Types::ClassificationStatus]
15621
16255
  #
15622
- # The valid values for `Status` are as follows.
16256
+ # @!attribute [rw] sensitive_data
16257
+ # Provides details about sensitive data that was identified based on
16258
+ # built-in configuration.
16259
+ # @return [Array<Types::SensitiveDataResult>]
15623
16260
  #
15624
- # * * `PASSED` - Standards check passed for all evaluated resources.
16261
+ # @!attribute [rw] custom_data_identifiers
16262
+ # Provides details about sensitive data that was identified based on
16263
+ # customer-defined configuration.
16264
+ # @return [Types::CustomDataIdentifiersResult]
15625
16265
  #
15626
- # * `WARNING` - Some information is missing or this check is not
15627
- # supported for your configuration.
16266
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationResult AWS API Documentation
16267
+ #
16268
+ class ClassificationResult < Struct.new(
16269
+ :mime_type,
16270
+ :size_classified,
16271
+ :additional_occurrences,
16272
+ :status,
16273
+ :sensitive_data,
16274
+ :custom_data_identifiers)
16275
+ SENSITIVE = []
16276
+ include Aws::Structure
16277
+ end
16278
+
16279
+ # Provides details about the current status of the sensitive data
16280
+ # detection.
16281
+ #
16282
+ # @note When making an API call, you may pass ClassificationStatus
16283
+ # data as a hash:
16284
+ #
16285
+ # {
16286
+ # code: "NonEmptyString",
16287
+ # reason: "NonEmptyString",
16288
+ # }
16289
+ #
16290
+ # @!attribute [rw] code
16291
+ # The code that represents the status of the sensitive data detection.
16292
+ # @return [String]
16293
+ #
16294
+ # @!attribute [rw] reason
16295
+ # A longer description of the current status of the sensitive data
16296
+ # detection.
16297
+ # @return [String]
16298
+ #
16299
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationStatus AWS API Documentation
16300
+ #
16301
+ class ClassificationStatus < Struct.new(
16302
+ :code,
16303
+ :reason)
16304
+ SENSITIVE = []
16305
+ include Aws::Structure
16306
+ end
16307
+
16308
+ # Contains finding details that are specific to control-based findings.
16309
+ # Only returned for findings generated from controls.
16310
+ #
16311
+ # @note When making an API call, you may pass Compliance
16312
+ # data as a hash:
16313
+ #
16314
+ # {
16315
+ # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
16316
+ # related_requirements: ["NonEmptyString"],
16317
+ # status_reasons: [
16318
+ # {
16319
+ # reason_code: "NonEmptyString", # required
16320
+ # description: "NonEmptyString",
16321
+ # },
16322
+ # ],
16323
+ # }
16324
+ #
16325
+ # @!attribute [rw] status
16326
+ # The result of a standards check.
16327
+ #
16328
+ # The valid values for `Status` are as follows.
16329
+ #
16330
+ # * * `PASSED` - Standards check passed for all evaluated resources.
16331
+ #
16332
+ # * `WARNING` - Some information is missing or this check is not
16333
+ # supported for your configuration.
15628
16334
  #
15629
16335
  # * `FAILED` - Standards check failed for at least one evaluated
15630
16336
  # resource.
@@ -16339,6 +17045,50 @@ module Aws::SecurityHub
16339
17045
  # value: "NonEmptyString",
16340
17046
  # },
16341
17047
  # ],
17048
+ # finding_provider_fields_confidence: [
17049
+ # {
17050
+ # gte: 1.0,
17051
+ # lte: 1.0,
17052
+ # eq: 1.0,
17053
+ # },
17054
+ # ],
17055
+ # finding_provider_fields_criticality: [
17056
+ # {
17057
+ # gte: 1.0,
17058
+ # lte: 1.0,
17059
+ # eq: 1.0,
17060
+ # },
17061
+ # ],
17062
+ # finding_provider_fields_related_findings_id: [
17063
+ # {
17064
+ # value: "NonEmptyString",
17065
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17066
+ # },
17067
+ # ],
17068
+ # finding_provider_fields_related_findings_product_arn: [
17069
+ # {
17070
+ # value: "NonEmptyString",
17071
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17072
+ # },
17073
+ # ],
17074
+ # finding_provider_fields_severity_label: [
17075
+ # {
17076
+ # value: "NonEmptyString",
17077
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17078
+ # },
17079
+ # ],
17080
+ # finding_provider_fields_severity_original: [
17081
+ # {
17082
+ # value: "NonEmptyString",
17083
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17084
+ # },
17085
+ # ],
17086
+ # finding_provider_fields_types: [
17087
+ # {
17088
+ # value: "NonEmptyString",
17089
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17090
+ # },
17091
+ # ],
16342
17092
  # },
16343
17093
  # group_by_attribute: "NonEmptyString", # required
16344
17094
  # }
@@ -16422,6 +17172,170 @@ module Aws::SecurityHub
16422
17172
  include Aws::Structure
16423
17173
  end
16424
17174
 
17175
+ # The list of detected instances of sensitive data.
17176
+ #
17177
+ # @note When making an API call, you may pass CustomDataIdentifiersDetections
17178
+ # data as a hash:
17179
+ #
17180
+ # {
17181
+ # count: 1,
17182
+ # arn: "NonEmptyString",
17183
+ # name: "NonEmptyString",
17184
+ # occurrences: {
17185
+ # line_ranges: [
17186
+ # {
17187
+ # start: 1,
17188
+ # end: 1,
17189
+ # start_column: 1,
17190
+ # },
17191
+ # ],
17192
+ # offset_ranges: [
17193
+ # {
17194
+ # start: 1,
17195
+ # end: 1,
17196
+ # start_column: 1,
17197
+ # },
17198
+ # ],
17199
+ # pages: [
17200
+ # {
17201
+ # page_number: 1,
17202
+ # line_range: {
17203
+ # start: 1,
17204
+ # end: 1,
17205
+ # start_column: 1,
17206
+ # },
17207
+ # offset_range: {
17208
+ # start: 1,
17209
+ # end: 1,
17210
+ # start_column: 1,
17211
+ # },
17212
+ # },
17213
+ # ],
17214
+ # records: [
17215
+ # {
17216
+ # json_path: "NonEmptyString",
17217
+ # record_index: 1,
17218
+ # },
17219
+ # ],
17220
+ # cells: [
17221
+ # {
17222
+ # column: 1,
17223
+ # row: 1,
17224
+ # column_name: "NonEmptyString",
17225
+ # cell_reference: "NonEmptyString",
17226
+ # },
17227
+ # ],
17228
+ # },
17229
+ # }
17230
+ #
17231
+ # @!attribute [rw] count
17232
+ # The total number of occurrences of sensitive data that were
17233
+ # detected.
17234
+ # @return [Integer]
17235
+ #
17236
+ # @!attribute [rw] arn
17237
+ # The ARN of the custom identifier that was used to detect the
17238
+ # sensitive data.
17239
+ # @return [String]
17240
+ #
17241
+ # @!attribute [rw] name
17242
+ # he name of the custom identifier that detected the sensitive data.
17243
+ # @return [String]
17244
+ #
17245
+ # @!attribute [rw] occurrences
17246
+ # Details about the sensitive data that was detected.
17247
+ # @return [Types::Occurrences]
17248
+ #
17249
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersDetections AWS API Documentation
17250
+ #
17251
+ class CustomDataIdentifiersDetections < Struct.new(
17252
+ :count,
17253
+ :arn,
17254
+ :name,
17255
+ :occurrences)
17256
+ SENSITIVE = []
17257
+ include Aws::Structure
17258
+ end
17259
+
17260
+ # Contains an instance of sensitive data that was detected by a
17261
+ # customer-defined identifier.
17262
+ #
17263
+ # @note When making an API call, you may pass CustomDataIdentifiersResult
17264
+ # data as a hash:
17265
+ #
17266
+ # {
17267
+ # detections: [
17268
+ # {
17269
+ # count: 1,
17270
+ # arn: "NonEmptyString",
17271
+ # name: "NonEmptyString",
17272
+ # occurrences: {
17273
+ # line_ranges: [
17274
+ # {
17275
+ # start: 1,
17276
+ # end: 1,
17277
+ # start_column: 1,
17278
+ # },
17279
+ # ],
17280
+ # offset_ranges: [
17281
+ # {
17282
+ # start: 1,
17283
+ # end: 1,
17284
+ # start_column: 1,
17285
+ # },
17286
+ # ],
17287
+ # pages: [
17288
+ # {
17289
+ # page_number: 1,
17290
+ # line_range: {
17291
+ # start: 1,
17292
+ # end: 1,
17293
+ # start_column: 1,
17294
+ # },
17295
+ # offset_range: {
17296
+ # start: 1,
17297
+ # end: 1,
17298
+ # start_column: 1,
17299
+ # },
17300
+ # },
17301
+ # ],
17302
+ # records: [
17303
+ # {
17304
+ # json_path: "NonEmptyString",
17305
+ # record_index: 1,
17306
+ # },
17307
+ # ],
17308
+ # cells: [
17309
+ # {
17310
+ # column: 1,
17311
+ # row: 1,
17312
+ # column_name: "NonEmptyString",
17313
+ # cell_reference: "NonEmptyString",
17314
+ # },
17315
+ # ],
17316
+ # },
17317
+ # },
17318
+ # ],
17319
+ # total_count: 1,
17320
+ # }
17321
+ #
17322
+ # @!attribute [rw] detections
17323
+ # The list of detected instances of sensitive data.
17324
+ # @return [Array<Types::CustomDataIdentifiersDetections>]
17325
+ #
17326
+ # @!attribute [rw] total_count
17327
+ # The total number of occurrences of sensitive data.
17328
+ # @return [Integer]
17329
+ #
17330
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersResult AWS API Documentation
17331
+ #
17332
+ class CustomDataIdentifiersResult < Struct.new(
17333
+ :detections,
17334
+ :total_count)
17335
+ SENSITIVE = []
17336
+ include Aws::Structure
17337
+ end
17338
+
16425
17339
  # CVSS scores from the advisory related to the vulnerability.
16426
17340
  #
16427
17341
  # @note When making an API call, you may pass Cvss
@@ -16455,6 +17369,154 @@ module Aws::SecurityHub
16455
17369
  include Aws::Structure
16456
17370
  end
16457
17371
 
17372
+ # Provides details about sensitive data that was detected on a resource.
17373
+ #
17374
+ # @note When making an API call, you may pass DataClassificationDetails
17375
+ # data as a hash:
17376
+ #
17377
+ # {
17378
+ # detailed_results_location: "NonEmptyString",
17379
+ # result: {
17380
+ # mime_type: "NonEmptyString",
17381
+ # size_classified: 1,
17382
+ # additional_occurrences: false,
17383
+ # status: {
17384
+ # code: "NonEmptyString",
17385
+ # reason: "NonEmptyString",
17386
+ # },
17387
+ # sensitive_data: [
17388
+ # {
17389
+ # category: "NonEmptyString",
17390
+ # detections: [
17391
+ # {
17392
+ # count: 1,
17393
+ # type: "NonEmptyString",
17394
+ # occurrences: {
17395
+ # line_ranges: [
17396
+ # {
17397
+ # start: 1,
17398
+ # end: 1,
17399
+ # start_column: 1,
17400
+ # },
17401
+ # ],
17402
+ # offset_ranges: [
17403
+ # {
17404
+ # start: 1,
17405
+ # end: 1,
17406
+ # start_column: 1,
17407
+ # },
17408
+ # ],
17409
+ # pages: [
17410
+ # {
17411
+ # page_number: 1,
17412
+ # line_range: {
17413
+ # start: 1,
17414
+ # end: 1,
17415
+ # start_column: 1,
17416
+ # },
17417
+ # offset_range: {
17418
+ # start: 1,
17419
+ # end: 1,
17420
+ # start_column: 1,
17421
+ # },
17422
+ # },
17423
+ # ],
17424
+ # records: [
17425
+ # {
17426
+ # json_path: "NonEmptyString",
17427
+ # record_index: 1,
17428
+ # },
17429
+ # ],
17430
+ # cells: [
17431
+ # {
17432
+ # column: 1,
17433
+ # row: 1,
17434
+ # column_name: "NonEmptyString",
17435
+ # cell_reference: "NonEmptyString",
17436
+ # },
17437
+ # ],
17438
+ # },
17439
+ # },
17440
+ # ],
17441
+ # total_count: 1,
17442
+ # },
17443
+ # ],
17444
+ # custom_data_identifiers: {
17445
+ # detections: [
17446
+ # {
17447
+ # count: 1,
17448
+ # arn: "NonEmptyString",
17449
+ # name: "NonEmptyString",
17450
+ # occurrences: {
17451
+ # line_ranges: [
17452
+ # {
17453
+ # start: 1,
17454
+ # end: 1,
17455
+ # start_column: 1,
17456
+ # },
17457
+ # ],
17458
+ # offset_ranges: [
17459
+ # {
17460
+ # start: 1,
17461
+ # end: 1,
17462
+ # start_column: 1,
17463
+ # },
17464
+ # ],
17465
+ # pages: [
17466
+ # {
17467
+ # page_number: 1,
17468
+ # line_range: {
17469
+ # start: 1,
17470
+ # end: 1,
17471
+ # start_column: 1,
17472
+ # },
17473
+ # offset_range: {
17474
+ # start: 1,
17475
+ # end: 1,
17476
+ # start_column: 1,
17477
+ # },
17478
+ # },
17479
+ # ],
17480
+ # records: [
17481
+ # {
17482
+ # json_path: "NonEmptyString",
17483
+ # record_index: 1,
17484
+ # },
17485
+ # ],
17486
+ # cells: [
17487
+ # {
17488
+ # column: 1,
17489
+ # row: 1,
17490
+ # column_name: "NonEmptyString",
17491
+ # cell_reference: "NonEmptyString",
17492
+ # },
17493
+ # ],
17494
+ # },
17495
+ # },
17496
+ # ],
17497
+ # total_count: 1,
17498
+ # },
17499
+ # },
17500
+ # }
17501
+ #
17502
+ # @!attribute [rw] detailed_results_location
17503
+ # The path to the folder or file that contains the sensitive data.
17504
+ # @return [String]
17505
+ #
17506
+ # @!attribute [rw] result
17507
+ # The details about the sensitive data that was detected on the
17508
+ # resource.
17509
+ # @return [Types::ClassificationResult]
17510
+ #
17511
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DataClassificationDetails AWS API Documentation
17512
+ #
17513
+ class DataClassificationDetails < Struct.new(
17514
+ :detailed_results_location,
17515
+ :result)
17516
+ SENSITIVE = []
17517
+ include Aws::Structure
17518
+ end
17519
+
16458
17520
  # A date filter for querying findings.
16459
17521
  #
16460
17522
  # @note When making an API call, you may pass DateFilter
@@ -17183,6 +18245,103 @@ module Aws::SecurityHub
17183
18245
  #
17184
18246
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
17185
18247
 
18248
+ # In a `BatchImportFindings` request, finding providers use
18249
+ # `FindingProviderFields` to provide and update values for confidence,
18250
+ # criticality, related findings, severity, and types.
18251
+ #
18252
+ # @note When making an API call, you may pass FindingProviderFields
18253
+ # data as a hash:
18254
+ #
18255
+ # {
18256
+ # confidence: 1,
18257
+ # criticality: 1,
18258
+ # related_findings: [
18259
+ # {
18260
+ # product_arn: "NonEmptyString", # required
18261
+ # id: "NonEmptyString", # required
18262
+ # },
18263
+ # ],
18264
+ # severity: {
18265
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18266
+ # original: "NonEmptyString",
18267
+ # },
18268
+ # types: ["NonEmptyString"],
18269
+ # }
18270
+ #
18271
+ # @!attribute [rw] confidence
18272
+ # A finding's confidence. Confidence is defined as the likelihood
18273
+ # that a finding accurately identifies the behavior or issue that it
18274
+ # was intended to identify.
18275
+ #
18276
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
18277
+ # means zero percent confidence and 100 means 100 percent confidence.
18278
+ # @return [Integer]
18279
+ #
18280
+ # @!attribute [rw] criticality
18281
+ # The level of importance assigned to the resources associated with
18282
+ # the finding.
18283
+ #
18284
+ # A score of 0 means that the underlying resources have no
18285
+ # criticality, and a score of 100 is reserved for the most critical
18286
+ # resources.
18287
+ # @return [Integer]
18288
+ #
18289
+ # @!attribute [rw] related_findings
18290
+ # A list of findings that are related to the current finding.
18291
+ # @return [Array<Types::RelatedFinding>]
18292
+ #
18293
+ # @!attribute [rw] severity
18294
+ # The severity of a finding.
18295
+ # @return [Types::FindingProviderSeverity]
18296
+ #
18297
+ # @!attribute [rw] types
18298
+ # One or more finding types in the format of
18299
+ # `namespace/category/classifier` that classify a finding.
18300
+ #
18301
+ # Valid namespace values are: Software and Configuration Checks \|
18302
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
18303
+ # Identifications
18304
+ # @return [Array<String>]
18305
+ #
18306
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderFields AWS API Documentation
18307
+ #
18308
+ class FindingProviderFields < Struct.new(
18309
+ :confidence,
18310
+ :criticality,
18311
+ :related_findings,
18312
+ :severity,
18313
+ :types)
18314
+ SENSITIVE = []
18315
+ include Aws::Structure
18316
+ end
18317
+
18318
+ # The severity assigned to the finding by the finding provider.
18319
+ #
18320
+ # @note When making an API call, you may pass FindingProviderSeverity
18321
+ # data as a hash:
18322
+ #
18323
+ # {
18324
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18325
+ # original: "NonEmptyString",
18326
+ # }
18327
+ #
18328
+ # @!attribute [rw] label
18329
+ # The severity label assigned to the finding by the finding provider.
18330
+ # @return [String]
18331
+ #
18332
+ # @!attribute [rw] original
18333
+ # The finding provider's original value for the severity.
18334
+ # @return [String]
18335
+ #
18336
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderSeverity AWS API Documentation
18337
+ #
18338
+ class FindingProviderSeverity < Struct.new(
18339
+ :label,
18340
+ :original)
18341
+ SENSITIVE = []
18342
+ include Aws::Structure
18343
+ end
18344
+
17186
18345
  # Provides the latitude and longitude coordinates of a location.
17187
18346
  #
17188
18347
  # @note When making an API call, you may pass GeoLocation
@@ -17824,6 +18983,50 @@ module Aws::SecurityHub
17824
18983
  # value: "NonEmptyString",
17825
18984
  # },
17826
18985
  # ],
18986
+ # finding_provider_fields_confidence: [
18987
+ # {
18988
+ # gte: 1.0,
18989
+ # lte: 1.0,
18990
+ # eq: 1.0,
18991
+ # },
18992
+ # ],
18993
+ # finding_provider_fields_criticality: [
18994
+ # {
18995
+ # gte: 1.0,
18996
+ # lte: 1.0,
18997
+ # eq: 1.0,
18998
+ # },
18999
+ # ],
19000
+ # finding_provider_fields_related_findings_id: [
19001
+ # {
19002
+ # value: "NonEmptyString",
19003
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19004
+ # },
19005
+ # ],
19006
+ # finding_provider_fields_related_findings_product_arn: [
19007
+ # {
19008
+ # value: "NonEmptyString",
19009
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19010
+ # },
19011
+ # ],
19012
+ # finding_provider_fields_severity_label: [
19013
+ # {
19014
+ # value: "NonEmptyString",
19015
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19016
+ # },
19017
+ # ],
19018
+ # finding_provider_fields_severity_original: [
19019
+ # {
19020
+ # value: "NonEmptyString",
19021
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19022
+ # },
19023
+ # ],
19024
+ # finding_provider_fields_types: [
19025
+ # {
19026
+ # value: "NonEmptyString",
19027
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19028
+ # },
19029
+ # ],
17827
19030
  # },
17828
19031
  # sort_criteria: [
17829
19032
  # {
@@ -19290,6 +20493,139 @@ module Aws::SecurityHub
19290
20493
  include Aws::Structure
19291
20494
  end
19292
20495
 
20496
+ # The detected occurrences of sensitive data.
20497
+ #
20498
+ # @note When making an API call, you may pass Occurrences
20499
+ # data as a hash:
20500
+ #
20501
+ # {
20502
+ # line_ranges: [
20503
+ # {
20504
+ # start: 1,
20505
+ # end: 1,
20506
+ # start_column: 1,
20507
+ # },
20508
+ # ],
20509
+ # offset_ranges: [
20510
+ # {
20511
+ # start: 1,
20512
+ # end: 1,
20513
+ # start_column: 1,
20514
+ # },
20515
+ # ],
20516
+ # pages: [
20517
+ # {
20518
+ # page_number: 1,
20519
+ # line_range: {
20520
+ # start: 1,
20521
+ # end: 1,
20522
+ # start_column: 1,
20523
+ # },
20524
+ # offset_range: {
20525
+ # start: 1,
20526
+ # end: 1,
20527
+ # start_column: 1,
20528
+ # },
20529
+ # },
20530
+ # ],
20531
+ # records: [
20532
+ # {
20533
+ # json_path: "NonEmptyString",
20534
+ # record_index: 1,
20535
+ # },
20536
+ # ],
20537
+ # cells: [
20538
+ # {
20539
+ # column: 1,
20540
+ # row: 1,
20541
+ # column_name: "NonEmptyString",
20542
+ # cell_reference: "NonEmptyString",
20543
+ # },
20544
+ # ],
20545
+ # }
20546
+ #
20547
+ # @!attribute [rw] line_ranges
20548
+ # Occurrences of sensitive data detected in a non-binary text file or
20549
+ # a Microsoft Word file. Non-binary text files include files such as
20550
+ # HTML, XML, JSON, and TXT files.
20551
+ # @return [Array<Types::Range>]
20552
+ #
20553
+ # @!attribute [rw] offset_ranges
20554
+ # Occurrences of sensitive data detected in a binary text file.
20555
+ # @return [Array<Types::Range>]
20556
+ #
20557
+ # @!attribute [rw] pages
20558
+ # Occurrences of sensitive data in an Adobe Portable Document Format
20559
+ # (PDF) file.
20560
+ # @return [Array<Types::Page>]
20561
+ #
20562
+ # @!attribute [rw] records
20563
+ # Occurrences of sensitive data in an Apache Avro object container or
20564
+ # an Apache Parquet file.
20565
+ # @return [Array<Types::Record>]
20566
+ #
20567
+ # @!attribute [rw] cells
20568
+ # Occurrences of sensitive data detected in Microsoft Excel workbooks,
20569
+ # comma-separated value (CSV) files, or tab-separated value (TSV)
20570
+ # files.
20571
+ # @return [Array<Types::Cell>]
20572
+ #
20573
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Occurrences AWS API Documentation
20574
+ #
20575
+ class Occurrences < Struct.new(
20576
+ :line_ranges,
20577
+ :offset_ranges,
20578
+ :pages,
20579
+ :records,
20580
+ :cells)
20581
+ SENSITIVE = []
20582
+ include Aws::Structure
20583
+ end
20584
+
20585
+ # An occurrence of sensitive data in an Adobe Portable Document Format
20586
+ # (PDF) file.
20587
+ #
20588
+ # @note When making an API call, you may pass Page
20589
+ # data as a hash:
20590
+ #
20591
+ # {
20592
+ # page_number: 1,
20593
+ # line_range: {
20594
+ # start: 1,
20595
+ # end: 1,
20596
+ # start_column: 1,
20597
+ # },
20598
+ # offset_range: {
20599
+ # start: 1,
20600
+ # end: 1,
20601
+ # start_column: 1,
20602
+ # },
20603
+ # }
20604
+ #
20605
+ # @!attribute [rw] page_number
20606
+ # The page number of the page that contains the sensitive data.
20607
+ # @return [Integer]
20608
+ #
20609
+ # @!attribute [rw] line_range
20610
+ # An occurrence of sensitive data detected in a non-binary text file
20611
+ # or a Microsoft Word file. Non-binary text files include files such
20612
+ # as HTML, XML, JSON, and TXT files.
20613
+ # @return [Types::Range]
20614
+ #
20615
+ # @!attribute [rw] offset_range
20616
+ # An occurrence of sensitive data detected in a binary text file.
20617
+ # @return [Types::Range]
20618
+ #
20619
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Page AWS API Documentation
20620
+ #
20621
+ class Page < Struct.new(
20622
+ :page_number,
20623
+ :line_range,
20624
+ :offset_range)
20625
+ SENSITIVE = []
20626
+ include Aws::Structure
20627
+ end
20628
+
19293
20629
  # Provides an overview of the patch compliance status for an instance
19294
20630
  # against a selected compliance standard.
19295
20631
  #
@@ -19653,22 +20989,60 @@ module Aws::SecurityHub
19653
20989
  # The URL used to activate the product.
19654
20990
  # @return [String]
19655
20991
  #
19656
- # @!attribute [rw] product_subscription_resource_policy
19657
- # The resource policy associated with the product.
19658
- # @return [String]
20992
+ # @!attribute [rw] product_subscription_resource_policy
20993
+ # The resource policy associated with the product.
20994
+ # @return [String]
20995
+ #
20996
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
20997
+ #
20998
+ class Product < Struct.new(
20999
+ :product_arn,
21000
+ :product_name,
21001
+ :company_name,
21002
+ :description,
21003
+ :categories,
21004
+ :integration_types,
21005
+ :marketplace_url,
21006
+ :activation_url,
21007
+ :product_subscription_resource_policy)
21008
+ SENSITIVE = []
21009
+ include Aws::Structure
21010
+ end
21011
+
21012
+ # Identifies where the sensitive data begins and ends.
21013
+ #
21014
+ # @note When making an API call, you may pass Range
21015
+ # data as a hash:
21016
+ #
21017
+ # {
21018
+ # start: 1,
21019
+ # end: 1,
21020
+ # start_column: 1,
21021
+ # }
21022
+ #
21023
+ # @!attribute [rw] start
21024
+ # The number of lines (for a line range) or characters (for an offset
21025
+ # range) from the beginning of the file to the end of the sensitive
21026
+ # data.
21027
+ # @return [Integer]
21028
+ #
21029
+ # @!attribute [rw] end
21030
+ # The number of lines (for a line range) or characters (for an offset
21031
+ # range) from the beginning of the file to the end of the sensitive
21032
+ # data.
21033
+ # @return [Integer]
21034
+ #
21035
+ # @!attribute [rw] start_column
21036
+ # In the line where the sensitive data starts, the column within the
21037
+ # line where the sensitive data starts.
21038
+ # @return [Integer]
19659
21039
  #
19660
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21040
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Range AWS API Documentation
19661
21041
  #
19662
- class Product < Struct.new(
19663
- :product_arn,
19664
- :product_name,
19665
- :company_name,
19666
- :description,
19667
- :categories,
19668
- :integration_types,
19669
- :marketplace_url,
19670
- :activation_url,
19671
- :product_subscription_resource_policy)
21042
+ class Range < Struct.new(
21043
+ :start,
21044
+ :end,
21045
+ :start_column)
19672
21046
  SENSITIVE = []
19673
21047
  include Aws::Structure
19674
21048
  end
@@ -19703,6 +21077,38 @@ module Aws::SecurityHub
19703
21077
  include Aws::Structure
19704
21078
  end
19705
21079
 
21080
+ # An occurrence of sensitive data in an Apache Avro object container or
21081
+ # an Apache Parquet file.
21082
+ #
21083
+ # @note When making an API call, you may pass Record
21084
+ # data as a hash:
21085
+ #
21086
+ # {
21087
+ # json_path: "NonEmptyString",
21088
+ # record_index: 1,
21089
+ # }
21090
+ #
21091
+ # @!attribute [rw] json_path
21092
+ # The path, as a JSONPath expression, to the field in the record that
21093
+ # contains the data. If the field name is longer than 20 characters,
21094
+ # it is truncated. If the path is longer than 250 characters, it is
21095
+ # truncated.
21096
+ # @return [String]
21097
+ #
21098
+ # @!attribute [rw] record_index
21099
+ # The record index, starting from 0, for the record that contains the
21100
+ # data.
21101
+ # @return [Integer]
21102
+ #
21103
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Record AWS API Documentation
21104
+ #
21105
+ class Record < Struct.new(
21106
+ :json_path,
21107
+ :record_index)
21108
+ SENSITIVE = []
21109
+ include Aws::Structure
21110
+ end
21111
+
19706
21112
  # Details about a related finding.
19707
21113
  #
19708
21114
  # @note When making an API call, you may pass RelatedFinding
@@ -19769,6 +21175,130 @@ module Aws::SecurityHub
19769
21175
  # tags: {
19770
21176
  # "NonEmptyString" => "NonEmptyString",
19771
21177
  # },
21178
+ # data_classification: {
21179
+ # detailed_results_location: "NonEmptyString",
21180
+ # result: {
21181
+ # mime_type: "NonEmptyString",
21182
+ # size_classified: 1,
21183
+ # additional_occurrences: false,
21184
+ # status: {
21185
+ # code: "NonEmptyString",
21186
+ # reason: "NonEmptyString",
21187
+ # },
21188
+ # sensitive_data: [
21189
+ # {
21190
+ # category: "NonEmptyString",
21191
+ # detections: [
21192
+ # {
21193
+ # count: 1,
21194
+ # type: "NonEmptyString",
21195
+ # occurrences: {
21196
+ # line_ranges: [
21197
+ # {
21198
+ # start: 1,
21199
+ # end: 1,
21200
+ # start_column: 1,
21201
+ # },
21202
+ # ],
21203
+ # offset_ranges: [
21204
+ # {
21205
+ # start: 1,
21206
+ # end: 1,
21207
+ # start_column: 1,
21208
+ # },
21209
+ # ],
21210
+ # pages: [
21211
+ # {
21212
+ # page_number: 1,
21213
+ # line_range: {
21214
+ # start: 1,
21215
+ # end: 1,
21216
+ # start_column: 1,
21217
+ # },
21218
+ # offset_range: {
21219
+ # start: 1,
21220
+ # end: 1,
21221
+ # start_column: 1,
21222
+ # },
21223
+ # },
21224
+ # ],
21225
+ # records: [
21226
+ # {
21227
+ # json_path: "NonEmptyString",
21228
+ # record_index: 1,
21229
+ # },
21230
+ # ],
21231
+ # cells: [
21232
+ # {
21233
+ # column: 1,
21234
+ # row: 1,
21235
+ # column_name: "NonEmptyString",
21236
+ # cell_reference: "NonEmptyString",
21237
+ # },
21238
+ # ],
21239
+ # },
21240
+ # },
21241
+ # ],
21242
+ # total_count: 1,
21243
+ # },
21244
+ # ],
21245
+ # custom_data_identifiers: {
21246
+ # detections: [
21247
+ # {
21248
+ # count: 1,
21249
+ # arn: "NonEmptyString",
21250
+ # name: "NonEmptyString",
21251
+ # occurrences: {
21252
+ # line_ranges: [
21253
+ # {
21254
+ # start: 1,
21255
+ # end: 1,
21256
+ # start_column: 1,
21257
+ # },
21258
+ # ],
21259
+ # offset_ranges: [
21260
+ # {
21261
+ # start: 1,
21262
+ # end: 1,
21263
+ # start_column: 1,
21264
+ # },
21265
+ # ],
21266
+ # pages: [
21267
+ # {
21268
+ # page_number: 1,
21269
+ # line_range: {
21270
+ # start: 1,
21271
+ # end: 1,
21272
+ # start_column: 1,
21273
+ # },
21274
+ # offset_range: {
21275
+ # start: 1,
21276
+ # end: 1,
21277
+ # start_column: 1,
21278
+ # },
21279
+ # },
21280
+ # ],
21281
+ # records: [
21282
+ # {
21283
+ # json_path: "NonEmptyString",
21284
+ # record_index: 1,
21285
+ # },
21286
+ # ],
21287
+ # cells: [
21288
+ # {
21289
+ # column: 1,
21290
+ # row: 1,
21291
+ # column_name: "NonEmptyString",
21292
+ # cell_reference: "NonEmptyString",
21293
+ # },
21294
+ # ],
21295
+ # },
21296
+ # },
21297
+ # ],
21298
+ # total_count: 1,
21299
+ # },
21300
+ # },
21301
+ # },
19772
21302
  # details: {
19773
21303
  # aws_auto_scaling_auto_scaling_group: {
19774
21304
  # launch_configuration_name: "NonEmptyString",
@@ -20070,6 +21600,18 @@ module Aws::SecurityHub
20070
21600
  # },
20071
21601
  # ],
20072
21602
  # },
21603
+ # public_access_block_configuration: {
21604
+ # block_public_acls: false,
21605
+ # block_public_policy: false,
21606
+ # ignore_public_acls: false,
21607
+ # restrict_public_buckets: false,
21608
+ # },
21609
+ # },
21610
+ # aws_s3_account_public_access_block: {
21611
+ # block_public_acls: false,
21612
+ # block_public_policy: false,
21613
+ # ignore_public_acls: false,
21614
+ # restrict_public_buckets: false,
20073
21615
  # },
20074
21616
  # aws_s3_object: {
20075
21617
  # last_modified: "NonEmptyString",
@@ -21155,6 +22697,11 @@ module Aws::SecurityHub
21155
22697
  # finding was processed.
21156
22698
  # @return [Hash<String,String>]
21157
22699
  #
22700
+ # @!attribute [rw] data_classification
22701
+ # Contains information about sensitive data that was detected on the
22702
+ # resource.
22703
+ # @return [Types::DataClassificationDetails]
22704
+ #
21158
22705
  # @!attribute [rw] details
21159
22706
  # Additional details about the resource related to a finding.
21160
22707
  # @return [Types::ResourceDetails]
@@ -21168,6 +22715,7 @@ module Aws::SecurityHub
21168
22715
  :region,
21169
22716
  :resource_role,
21170
22717
  :tags,
22718
+ :data_classification,
21171
22719
  :details)
21172
22720
  SENSITIVE = []
21173
22721
  include Aws::Structure
@@ -21508,6 +23056,18 @@ module Aws::SecurityHub
21508
23056
  # },
21509
23057
  # ],
21510
23058
  # },
23059
+ # public_access_block_configuration: {
23060
+ # block_public_acls: false,
23061
+ # block_public_policy: false,
23062
+ # ignore_public_acls: false,
23063
+ # restrict_public_buckets: false,
23064
+ # },
23065
+ # },
23066
+ # aws_s3_account_public_access_block: {
23067
+ # block_public_acls: false,
23068
+ # block_public_policy: false,
23069
+ # ignore_public_acls: false,
23070
+ # restrict_public_buckets: false,
21511
23071
  # },
21512
23072
  # aws_s3_object: {
21513
23073
  # last_modified: "NonEmptyString",
@@ -22607,6 +24167,11 @@ module Aws::SecurityHub
22607
24167
  # Details about an Amazon S3 bucket related to a finding.
22608
24168
  # @return [Types::AwsS3BucketDetails]
22609
24169
  #
24170
+ # @!attribute [rw] aws_s3_account_public_access_block
24171
+ # Details about the Amazon S3 Public Access Block configuration for an
24172
+ # account.
24173
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
24174
+ #
22610
24175
  # @!attribute [rw] aws_s3_object
22611
24176
  # Details about an Amazon S3 object related to a finding.
22612
24177
  # @return [Types::AwsS3ObjectDetails]
@@ -22750,6 +24315,7 @@ module Aws::SecurityHub
22750
24315
  :aws_elbv_2_load_balancer,
22751
24316
  :aws_elasticsearch_domain,
22752
24317
  :aws_s3_bucket,
24318
+ :aws_s3_account_public_access_block,
22753
24319
  :aws_s3_object,
22754
24320
  :aws_secrets_manager_secret,
22755
24321
  :aws_iam_access_key,
@@ -22820,6 +24386,171 @@ module Aws::SecurityHub
22820
24386
  include Aws::Structure
22821
24387
  end
22822
24388
 
24389
+ # The list of detected instances of sensitive data.
24390
+ #
24391
+ # @note When making an API call, you may pass SensitiveDataDetections
24392
+ # data as a hash:
24393
+ #
24394
+ # {
24395
+ # count: 1,
24396
+ # type: "NonEmptyString",
24397
+ # occurrences: {
24398
+ # line_ranges: [
24399
+ # {
24400
+ # start: 1,
24401
+ # end: 1,
24402
+ # start_column: 1,
24403
+ # },
24404
+ # ],
24405
+ # offset_ranges: [
24406
+ # {
24407
+ # start: 1,
24408
+ # end: 1,
24409
+ # start_column: 1,
24410
+ # },
24411
+ # ],
24412
+ # pages: [
24413
+ # {
24414
+ # page_number: 1,
24415
+ # line_range: {
24416
+ # start: 1,
24417
+ # end: 1,
24418
+ # start_column: 1,
24419
+ # },
24420
+ # offset_range: {
24421
+ # start: 1,
24422
+ # end: 1,
24423
+ # start_column: 1,
24424
+ # },
24425
+ # },
24426
+ # ],
24427
+ # records: [
24428
+ # {
24429
+ # json_path: "NonEmptyString",
24430
+ # record_index: 1,
24431
+ # },
24432
+ # ],
24433
+ # cells: [
24434
+ # {
24435
+ # column: 1,
24436
+ # row: 1,
24437
+ # column_name: "NonEmptyString",
24438
+ # cell_reference: "NonEmptyString",
24439
+ # },
24440
+ # ],
24441
+ # },
24442
+ # }
24443
+ #
24444
+ # @!attribute [rw] count
24445
+ # The total number of occurrences of sensitive data that were
24446
+ # detected.
24447
+ # @return [Integer]
24448
+ #
24449
+ # @!attribute [rw] type
24450
+ # The type of sensitive data that was detected. For example, the type
24451
+ # might indicate that the data is an email address.
24452
+ # @return [String]
24453
+ #
24454
+ # @!attribute [rw] occurrences
24455
+ # Details about the sensitive data that was detected.
24456
+ # @return [Types::Occurrences]
24457
+ #
24458
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataDetections AWS API Documentation
24459
+ #
24460
+ class SensitiveDataDetections < Struct.new(
24461
+ :count,
24462
+ :type,
24463
+ :occurrences)
24464
+ SENSITIVE = []
24465
+ include Aws::Structure
24466
+ end
24467
+
24468
+ # Contains a detected instance of sensitive data that are based on
24469
+ # built-in identifiers.
24470
+ #
24471
+ # @note When making an API call, you may pass SensitiveDataResult
24472
+ # data as a hash:
24473
+ #
24474
+ # {
24475
+ # category: "NonEmptyString",
24476
+ # detections: [
24477
+ # {
24478
+ # count: 1,
24479
+ # type: "NonEmptyString",
24480
+ # occurrences: {
24481
+ # line_ranges: [
24482
+ # {
24483
+ # start: 1,
24484
+ # end: 1,
24485
+ # start_column: 1,
24486
+ # },
24487
+ # ],
24488
+ # offset_ranges: [
24489
+ # {
24490
+ # start: 1,
24491
+ # end: 1,
24492
+ # start_column: 1,
24493
+ # },
24494
+ # ],
24495
+ # pages: [
24496
+ # {
24497
+ # page_number: 1,
24498
+ # line_range: {
24499
+ # start: 1,
24500
+ # end: 1,
24501
+ # start_column: 1,
24502
+ # },
24503
+ # offset_range: {
24504
+ # start: 1,
24505
+ # end: 1,
24506
+ # start_column: 1,
24507
+ # },
24508
+ # },
24509
+ # ],
24510
+ # records: [
24511
+ # {
24512
+ # json_path: "NonEmptyString",
24513
+ # record_index: 1,
24514
+ # },
24515
+ # ],
24516
+ # cells: [
24517
+ # {
24518
+ # column: 1,
24519
+ # row: 1,
24520
+ # column_name: "NonEmptyString",
24521
+ # cell_reference: "NonEmptyString",
24522
+ # },
24523
+ # ],
24524
+ # },
24525
+ # },
24526
+ # ],
24527
+ # total_count: 1,
24528
+ # }
24529
+ #
24530
+ # @!attribute [rw] category
24531
+ # The category of sensitive data that was detected. For example, the
24532
+ # category can indicate that the sensitive data involved credentials,
24533
+ # financial information, or personal information.
24534
+ # @return [String]
24535
+ #
24536
+ # @!attribute [rw] detections
24537
+ # The list of detected instances of sensitive data.
24538
+ # @return [Array<Types::SensitiveDataDetections>]
24539
+ #
24540
+ # @!attribute [rw] total_count
24541
+ # The total number of occurrences of sensitive data.
24542
+ # @return [Integer]
24543
+ #
24544
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataResult AWS API Documentation
24545
+ #
24546
+ class SensitiveDataResult < Struct.new(
24547
+ :category,
24548
+ :detections,
24549
+ :total_count)
24550
+ SENSITIVE = []
24551
+ include Aws::Structure
24552
+ end
24553
+
22823
24554
  # The severity of the finding.
22824
24555
  #
22825
24556
  # The finding provider can provide the initial severity. The finding
@@ -24068,6 +25799,50 @@ module Aws::SecurityHub
24068
25799
  # value: "NonEmptyString",
24069
25800
  # },
24070
25801
  # ],
25802
+ # finding_provider_fields_confidence: [
25803
+ # {
25804
+ # gte: 1.0,
25805
+ # lte: 1.0,
25806
+ # eq: 1.0,
25807
+ # },
25808
+ # ],
25809
+ # finding_provider_fields_criticality: [
25810
+ # {
25811
+ # gte: 1.0,
25812
+ # lte: 1.0,
25813
+ # eq: 1.0,
25814
+ # },
25815
+ # ],
25816
+ # finding_provider_fields_related_findings_id: [
25817
+ # {
25818
+ # value: "NonEmptyString",
25819
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25820
+ # },
25821
+ # ],
25822
+ # finding_provider_fields_related_findings_product_arn: [
25823
+ # {
25824
+ # value: "NonEmptyString",
25825
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25826
+ # },
25827
+ # ],
25828
+ # finding_provider_fields_severity_label: [
25829
+ # {
25830
+ # value: "NonEmptyString",
25831
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25832
+ # },
25833
+ # ],
25834
+ # finding_provider_fields_severity_original: [
25835
+ # {
25836
+ # value: "NonEmptyString",
25837
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25838
+ # },
25839
+ # ],
25840
+ # finding_provider_fields_types: [
25841
+ # {
25842
+ # value: "NonEmptyString",
25843
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25844
+ # },
25845
+ # ],
24071
25846
  # },
24072
25847
  # note: {
24073
25848
  # text: "NonEmptyString", # required
@@ -24663,6 +26438,50 @@ module Aws::SecurityHub
24663
26438
  # value: "NonEmptyString",
24664
26439
  # },
24665
26440
  # ],
26441
+ # finding_provider_fields_confidence: [
26442
+ # {
26443
+ # gte: 1.0,
26444
+ # lte: 1.0,
26445
+ # eq: 1.0,
26446
+ # },
26447
+ # ],
26448
+ # finding_provider_fields_criticality: [
26449
+ # {
26450
+ # gte: 1.0,
26451
+ # lte: 1.0,
26452
+ # eq: 1.0,
26453
+ # },
26454
+ # ],
26455
+ # finding_provider_fields_related_findings_id: [
26456
+ # {
26457
+ # value: "NonEmptyString",
26458
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26459
+ # },
26460
+ # ],
26461
+ # finding_provider_fields_related_findings_product_arn: [
26462
+ # {
26463
+ # value: "NonEmptyString",
26464
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26465
+ # },
26466
+ # ],
26467
+ # finding_provider_fields_severity_label: [
26468
+ # {
26469
+ # value: "NonEmptyString",
26470
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26471
+ # },
26472
+ # ],
26473
+ # finding_provider_fields_severity_original: [
26474
+ # {
26475
+ # value: "NonEmptyString",
26476
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26477
+ # },
26478
+ # ],
26479
+ # finding_provider_fields_types: [
26480
+ # {
26481
+ # value: "NonEmptyString",
26482
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26483
+ # },
26484
+ # ],
24666
26485
  # },
24667
26486
  # group_by_attribute: "NonEmptyString",
24668
26487
  # }