aws-sdk-securityhub 1.41.0 → 1.42.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub.rb +1 -1
  5. data/lib/aws-sdk-securityhub/client.rb +443 -11
  6. data/lib/aws-sdk-securityhub/client_api.rb +135 -5
  7. data/lib/aws-sdk-securityhub/types.rb +1853 -34
  8. metadata +2 -2
data/lib/aws-sdk-securityhub/client_api.rb CHANGED
@@ -241,6 +241,7 @@ module Aws::SecurityHub
241
241
  AwsRedshiftClusterRestoreStatus = Shapes::StructureShape.new(name: 'AwsRedshiftClusterRestoreStatus')
242
242
  AwsRedshiftClusterVpcSecurityGroup = Shapes::StructureShape.new(name: 'AwsRedshiftClusterVpcSecurityGroup')
243
243
  AwsRedshiftClusterVpcSecurityGroups = Shapes::ListShape.new(name: 'AwsRedshiftClusterVpcSecurityGroups')
244
+ AwsS3AccountPublicAccessBlockDetails = Shapes::StructureShape.new(name: 'AwsS3AccountPublicAccessBlockDetails')
244
245
  AwsS3BucketDetails = Shapes::StructureShape.new(name: 'AwsS3BucketDetails')
245
246
  AwsS3BucketServerSideEncryptionByDefault = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionByDefault')
246
247
  AwsS3BucketServerSideEncryptionConfiguration = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionConfiguration')
@@ -269,6 +270,7 @@ module Aws::SecurityHub
269
270
  BatchEnableStandardsRequest = Shapes::StructureShape.new(name: 'BatchEnableStandardsRequest')
270
271
  BatchEnableStandardsResponse = Shapes::StructureShape.new(name: 'BatchEnableStandardsResponse')
271
272
  BatchImportFindingsRequest = Shapes::StructureShape.new(name: 'BatchImportFindingsRequest')
273
+ BatchImportFindingsRequestFindingList = Shapes::ListShape.new(name: 'BatchImportFindingsRequestFindingList')
272
274
  BatchImportFindingsResponse = Shapes::StructureShape.new(name: 'BatchImportFindingsResponse')
273
275
  BatchUpdateFindingsRequest = Shapes::StructureShape.new(name: 'BatchUpdateFindingsRequest')
274
276
  BatchUpdateFindingsResponse = Shapes::StructureShape.new(name: 'BatchUpdateFindingsResponse')
@@ -276,9 +278,13 @@ module Aws::SecurityHub
276
278
  BatchUpdateFindingsUnprocessedFindingsList = Shapes::ListShape.new(name: 'BatchUpdateFindingsUnprocessedFindingsList')
277
279
  Boolean = Shapes::BooleanShape.new(name: 'Boolean')
278
280
  CategoryList = Shapes::ListShape.new(name: 'CategoryList')
281
+ Cell = Shapes::StructureShape.new(name: 'Cell')
282
+ Cells = Shapes::ListShape.new(name: 'Cells')
279
283
  CidrBlockAssociation = Shapes::StructureShape.new(name: 'CidrBlockAssociation')
280
284
  CidrBlockAssociationList = Shapes::ListShape.new(name: 'CidrBlockAssociationList')
281
285
  City = Shapes::StructureShape.new(name: 'City')
286
+ ClassificationResult = Shapes::StructureShape.new(name: 'ClassificationResult')
287
+ ClassificationStatus = Shapes::StructureShape.new(name: 'ClassificationStatus')
282
288
  Compliance = Shapes::StructureShape.new(name: 'Compliance')
283
289
  ComplianceStatus = Shapes::StringShape.new(name: 'ComplianceStatus')
284
290
  ContainerDetails = Shapes::StructureShape.new(name: 'ContainerDetails')
@@ -291,8 +297,12 @@ module Aws::SecurityHub
291
297
  CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
292
298
  CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
293
299
  CrossAccountMaxResults = Shapes::IntegerShape.new(name: 'CrossAccountMaxResults')
300
+ CustomDataIdentifiersDetections = Shapes::StructureShape.new(name: 'CustomDataIdentifiersDetections')
301
+ CustomDataIdentifiersDetectionsList = Shapes::ListShape.new(name: 'CustomDataIdentifiersDetectionsList')
302
+ CustomDataIdentifiersResult = Shapes::StructureShape.new(name: 'CustomDataIdentifiersResult')
294
303
  Cvss = Shapes::StructureShape.new(name: 'Cvss')
295
304
  CvssList = Shapes::ListShape.new(name: 'CvssList')
305
+ DataClassificationDetails = Shapes::StructureShape.new(name: 'DataClassificationDetails')
296
306
  DateFilter = Shapes::StructureShape.new(name: 'DateFilter')
297
307
  DateFilterList = Shapes::ListShape.new(name: 'DateFilterList')
298
308
  DateRange = Shapes::StructureShape.new(name: 'DateRange')
@@ -338,6 +348,8 @@ module Aws::SecurityHub
338
348
  EnableSecurityHubRequest = Shapes::StructureShape.new(name: 'EnableSecurityHubRequest')
339
349
  EnableSecurityHubResponse = Shapes::StructureShape.new(name: 'EnableSecurityHubResponse')
340
350
  FieldMap = Shapes::MapShape.new(name: 'FieldMap')
351
+ FindingProviderFields = Shapes::StructureShape.new(name: 'FindingProviderFields')
352
+ FindingProviderSeverity = Shapes::StructureShape.new(name: 'FindingProviderSeverity')
341
353
  GeoLocation = Shapes::StructureShape.new(name: 'GeoLocation')
342
354
  GetEnabledStandardsRequest = Shapes::StructureShape.new(name: 'GetEnabledStandardsRequest')
343
355
  GetEnabledStandardsResponse = Shapes::StructureShape.new(name: 'GetEnabledStandardsResponse')
@@ -414,6 +426,9 @@ module Aws::SecurityHub
414
426
  NoteUpdate = Shapes::StructureShape.new(name: 'NoteUpdate')
415
427
  NumberFilter = Shapes::StructureShape.new(name: 'NumberFilter')
416
428
  NumberFilterList = Shapes::ListShape.new(name: 'NumberFilterList')
429
+ Occurrences = Shapes::StructureShape.new(name: 'Occurrences')
430
+ Page = Shapes::StructureShape.new(name: 'Page')
431
+ Pages = Shapes::ListShape.new(name: 'Pages')
417
432
  Partition = Shapes::StringShape.new(name: 'Partition')
418
433
  PatchSummary = Shapes::StructureShape.new(name: 'PatchSummary')
419
434
  PortProbeAction = Shapes::StructureShape.new(name: 'PortProbeAction')
@@ -425,9 +440,13 @@ module Aws::SecurityHub
425
440
  Product = Shapes::StructureShape.new(name: 'Product')
426
441
  ProductSubscriptionArnList = Shapes::ListShape.new(name: 'ProductSubscriptionArnList')
427
442
  ProductsList = Shapes::ListShape.new(name: 'ProductsList')
443
+ Range = Shapes::StructureShape.new(name: 'Range')
444
+ Ranges = Shapes::ListShape.new(name: 'Ranges')
428
445
  RatioScale = Shapes::IntegerShape.new(name: 'RatioScale')
429
446
  Recommendation = Shapes::StructureShape.new(name: 'Recommendation')
447
+ Record = Shapes::StructureShape.new(name: 'Record')
430
448
  RecordState = Shapes::StringShape.new(name: 'RecordState')
449
+ Records = Shapes::ListShape.new(name: 'Records')
431
450
  RelatedFinding = Shapes::StructureShape.new(name: 'RelatedFinding')
432
451
  RelatedFindingList = Shapes::ListShape.new(name: 'RelatedFindingList')
433
452
  RelatedRequirementsList = Shapes::ListShape.new(name: 'RelatedRequirementsList')
@@ -441,6 +460,10 @@ module Aws::SecurityHub
441
460
  Result = Shapes::StructureShape.new(name: 'Result')
442
461
  ResultList = Shapes::ListShape.new(name: 'ResultList')
443
462
  SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
463
+ SensitiveDataDetections = Shapes::StructureShape.new(name: 'SensitiveDataDetections')
464
+ SensitiveDataDetectionsList = Shapes::ListShape.new(name: 'SensitiveDataDetectionsList')
465
+ SensitiveDataResult = Shapes::StructureShape.new(name: 'SensitiveDataResult')
466
+ SensitiveDataResultList = Shapes::ListShape.new(name: 'SensitiveDataResultList')
444
467
  Severity = Shapes::StructureShape.new(name: 'Severity')
445
468
  SeverityLabel = Shapes::StringShape.new(name: 'SeverityLabel')
446
469
  SeverityRating = Shapes::StringShape.new(name: 'SeverityRating')
@@ -1800,10 +1823,17 @@ module Aws::SecurityHub
1800
1823
 
1801
1824
  AwsRedshiftClusterVpcSecurityGroups.member = Shapes::ShapeRef.new(shape: AwsRedshiftClusterVpcSecurityGroup)
1802
1825
 
1826
+ AwsS3AccountPublicAccessBlockDetails.add_member(:block_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "BlockPublicAcls"))
1827
+ AwsS3AccountPublicAccessBlockDetails.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "BlockPublicPolicy"))
1828
+ AwsS3AccountPublicAccessBlockDetails.add_member(:ignore_public_acls, Shapes::ShapeRef.new(shape: Boolean, location_name: "IgnorePublicAcls"))
1829
+ AwsS3AccountPublicAccessBlockDetails.add_member(:restrict_public_buckets, Shapes::ShapeRef.new(shape: Boolean, location_name: "RestrictPublicBuckets"))
1830
+ AwsS3AccountPublicAccessBlockDetails.struct_class = Types::AwsS3AccountPublicAccessBlockDetails
1831
+
1803
1832
  AwsS3BucketDetails.add_member(:owner_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerId"))
1804
1833
  AwsS3BucketDetails.add_member(:owner_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerName"))
1805
1834
  AwsS3BucketDetails.add_member(:created_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CreatedAt"))
1806
1835
  AwsS3BucketDetails.add_member(:server_side_encryption_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketServerSideEncryptionConfiguration, location_name: "ServerSideEncryptionConfiguration"))
1836
+ AwsS3BucketDetails.add_member(:public_access_block_configuration, Shapes::ShapeRef.new(shape: AwsS3AccountPublicAccessBlockDetails, location_name: "PublicAccessBlockConfiguration"))
1807
1837
  AwsS3BucketDetails.struct_class = Types::AwsS3BucketDetails
1808
1838
 
1809
1839
  AwsS3BucketServerSideEncryptionByDefault.add_member(:sse_algorithm, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SSEAlgorithm"))
@@ -1844,12 +1874,12 @@ module Aws::SecurityHub
1844
1874
  AwsSecurityFinding.add_member(:product_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "ProductArn"))
1845
1875
  AwsSecurityFinding.add_member(:generator_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "GeneratorId"))
1846
1876
  AwsSecurityFinding.add_member(:aws_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AwsAccountId"))
1847
- AwsSecurityFinding.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, required: true, location_name: "Types"))
1877
+ AwsSecurityFinding.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, location_name: "Types"))
1848
1878
  AwsSecurityFinding.add_member(:first_observed_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "FirstObservedAt"))
1849
1879
  AwsSecurityFinding.add_member(:last_observed_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "LastObservedAt"))
1850
1880
  AwsSecurityFinding.add_member(:created_at, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "CreatedAt"))
1851
1881
  AwsSecurityFinding.add_member(:updated_at, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "UpdatedAt"))
1852
- AwsSecurityFinding.add_member(:severity, Shapes::ShapeRef.new(shape: Severity, required: true, location_name: "Severity"))
1882
+ AwsSecurityFinding.add_member(:severity, Shapes::ShapeRef.new(shape: Severity, location_name: "Severity"))
1853
1883
  AwsSecurityFinding.add_member(:confidence, Shapes::ShapeRef.new(shape: Integer, location_name: "Confidence"))
1854
1884
  AwsSecurityFinding.add_member(:criticality, Shapes::ShapeRef.new(shape: Integer, location_name: "Criticality"))
1855
1885
  AwsSecurityFinding.add_member(:title, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Title"))
@@ -1874,6 +1904,7 @@ module Aws::SecurityHub
1874
1904
  AwsSecurityFinding.add_member(:vulnerabilities, Shapes::ShapeRef.new(shape: VulnerabilityList, location_name: "Vulnerabilities"))
1875
1905
  AwsSecurityFinding.add_member(:patch_summary, Shapes::ShapeRef.new(shape: PatchSummary, location_name: "PatchSummary"))
1876
1906
  AwsSecurityFinding.add_member(:action, Shapes::ShapeRef.new(shape: Action, location_name: "Action"))
1907
+ AwsSecurityFinding.add_member(:finding_provider_fields, Shapes::ShapeRef.new(shape: FindingProviderFields, location_name: "FindingProviderFields"))
1877
1908
  AwsSecurityFinding.struct_class = Types::AwsSecurityFinding
1878
1909
 
1879
1910
  AwsSecurityFindingFilters.add_member(:product_arn, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ProductArn"))
@@ -1885,8 +1916,8 @@ module Aws::SecurityHub
1885
1916
  AwsSecurityFindingFilters.add_member(:last_observed_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "LastObservedAt"))
1886
1917
  AwsSecurityFindingFilters.add_member(:created_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "CreatedAt"))
1887
1918
  AwsSecurityFindingFilters.add_member(:updated_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "UpdatedAt"))
1888
- AwsSecurityFindingFilters.add_member(:severity_product, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "SeverityProduct"))
1889
- AwsSecurityFindingFilters.add_member(:severity_normalized, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "SeverityNormalized"))
1919
+ AwsSecurityFindingFilters.add_member(:severity_product, Shapes::ShapeRef.new(shape: NumberFilterList, deprecated: true, location_name: "SeverityProduct", metadata: {"deprecatedMessage"=>"This filter is deprecated, use FindingProviiltersSeverityOriginal instead."}))
1920
+ AwsSecurityFindingFilters.add_member(:severity_normalized, Shapes::ShapeRef.new(shape: NumberFilterList, deprecated: true, location_name: "SeverityNormalized", metadata: {"deprecatedMessage"=>"This filter is deprecated, use SeverityLabel or FindingProviderFieldsSeverityLabel instead."}))
1890
1921
  AwsSecurityFindingFilters.add_member(:severity_label, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "SeverityLabel"))
1891
1922
  AwsSecurityFindingFilters.add_member(:confidence, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "Confidence"))
1892
1923
  AwsSecurityFindingFilters.add_member(:criticality, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "Criticality"))
@@ -1960,6 +1991,13 @@ module Aws::SecurityHub
1960
1991
  AwsSecurityFindingFilters.add_member(:note_updated_at, Shapes::ShapeRef.new(shape: DateFilterList, location_name: "NoteUpdatedAt"))
1961
1992
  AwsSecurityFindingFilters.add_member(:note_updated_by, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "NoteUpdatedBy"))
1962
1993
  AwsSecurityFindingFilters.add_member(:keyword, Shapes::ShapeRef.new(shape: KeywordFilterList, location_name: "Keyword"))
1994
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_confidence, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "FindingProviderFieldsConfidence"))
1995
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_criticality, Shapes::ShapeRef.new(shape: NumberFilterList, location_name: "FindingProviderFieldsCriticality"))
1996
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_related_findings_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsRelatedFindingsId"))
1997
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_related_findings_product_arn, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsRelatedFindingsProductArn"))
1998
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_label, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityLabel"))
1999
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_original, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityOriginal"))
2000
+ AwsSecurityFindingFilters.add_member(:finding_provider_fields_types, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsTypes"))
1963
2001
  AwsSecurityFindingFilters.struct_class = Types::AwsSecurityFindingFilters
1964
2002
 
1965
2003
  AwsSecurityFindingIdentifier.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
@@ -2042,9 +2080,11 @@ module Aws::SecurityHub
2042
2080
  BatchEnableStandardsResponse.add_member(:standards_subscriptions, Shapes::ShapeRef.new(shape: StandardsSubscriptions, location_name: "StandardsSubscriptions"))
2043
2081
  BatchEnableStandardsResponse.struct_class = Types::BatchEnableStandardsResponse
2044
2082
 
2045
- BatchImportFindingsRequest.add_member(:findings, Shapes::ShapeRef.new(shape: AwsSecurityFindingList, required: true, location_name: "Findings"))
2083
+ BatchImportFindingsRequest.add_member(:findings, Shapes::ShapeRef.new(shape: BatchImportFindingsRequestFindingList, required: true, location_name: "Findings"))
2046
2084
  BatchImportFindingsRequest.struct_class = Types::BatchImportFindingsRequest
2047
2085
 
2086
+ BatchImportFindingsRequestFindingList.member = Shapes::ShapeRef.new(shape: AwsSecurityFinding)
2087
+
2048
2088
  BatchImportFindingsResponse.add_member(:failed_count, Shapes::ShapeRef.new(shape: Integer, required: true, location_name: "FailedCount"))
2049
2089
  BatchImportFindingsResponse.add_member(:success_count, Shapes::ShapeRef.new(shape: Integer, required: true, location_name: "SuccessCount"))
2050
2090
  BatchImportFindingsResponse.add_member(:failed_findings, Shapes::ShapeRef.new(shape: ImportFindingsErrorList, location_name: "FailedFindings"))
@@ -2075,6 +2115,14 @@ module Aws::SecurityHub
2075
2115
 
2076
2116
  CategoryList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
2077
2117
 
2118
+ Cell.add_member(:column, Shapes::ShapeRef.new(shape: Long, location_name: "Column"))
2119
+ Cell.add_member(:row, Shapes::ShapeRef.new(shape: Long, location_name: "Row"))
2120
+ Cell.add_member(:column_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ColumnName"))
2121
+ Cell.add_member(:cell_reference, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CellReference"))
2122
+ Cell.struct_class = Types::Cell
2123
+
2124
+ Cells.member = Shapes::ShapeRef.new(shape: Cell)
2125
+
2078
2126
  CidrBlockAssociation.add_member(:association_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "AssociationId"))
2079
2127
  CidrBlockAssociation.add_member(:cidr_block, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CidrBlock"))
2080
2128
  CidrBlockAssociation.add_member(:cidr_block_state, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CidrBlockState"))
@@ -2085,6 +2133,18 @@ module Aws::SecurityHub
2085
2133
  City.add_member(:city_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CityName"))
2086
2134
  City.struct_class = Types::City
2087
2135
 
2136
+ ClassificationResult.add_member(:mime_type, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "MimeType"))
2137
+ ClassificationResult.add_member(:size_classified, Shapes::ShapeRef.new(shape: Long, location_name: "SizeClassified"))
2138
+ ClassificationResult.add_member(:additional_occurrences, Shapes::ShapeRef.new(shape: Boolean, location_name: "AdditionalOccurrences"))
2139
+ ClassificationResult.add_member(:status, Shapes::ShapeRef.new(shape: ClassificationStatus, location_name: "Status"))
2140
+ ClassificationResult.add_member(:sensitive_data, Shapes::ShapeRef.new(shape: SensitiveDataResultList, location_name: "SensitiveData"))
2141
+ ClassificationResult.add_member(:custom_data_identifiers, Shapes::ShapeRef.new(shape: CustomDataIdentifiersResult, location_name: "CustomDataIdentifiers"))
2142
+ ClassificationResult.struct_class = Types::ClassificationResult
2143
+
2144
+ ClassificationStatus.add_member(:code, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Code"))
2145
+ ClassificationStatus.add_member(:reason, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Reason"))
2146
+ ClassificationStatus.struct_class = Types::ClassificationStatus
2147
+
2088
2148
  Compliance.add_member(:status, Shapes::ShapeRef.new(shape: ComplianceStatus, location_name: "Status"))
2089
2149
  Compliance.add_member(:related_requirements, Shapes::ShapeRef.new(shape: RelatedRequirementsList, location_name: "RelatedRequirements"))
2090
2150
  Compliance.add_member(:status_reasons, Shapes::ShapeRef.new(shape: StatusReasonsList, location_name: "StatusReasons"))
@@ -2122,6 +2182,18 @@ module Aws::SecurityHub
2122
2182
  CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
2123
2183
  CreateMembersResponse.struct_class = Types::CreateMembersResponse
2124
2184
 
2185
+ CustomDataIdentifiersDetections.add_member(:count, Shapes::ShapeRef.new(shape: Long, location_name: "Count"))
2186
+ CustomDataIdentifiersDetections.add_member(:arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Arn"))
2187
+ CustomDataIdentifiersDetections.add_member(:name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Name"))
2188
+ CustomDataIdentifiersDetections.add_member(:occurrences, Shapes::ShapeRef.new(shape: Occurrences, location_name: "Occurrences"))
2189
+ CustomDataIdentifiersDetections.struct_class = Types::CustomDataIdentifiersDetections
2190
+
2191
+ CustomDataIdentifiersDetectionsList.member = Shapes::ShapeRef.new(shape: CustomDataIdentifiersDetections)
2192
+
2193
+ CustomDataIdentifiersResult.add_member(:detections, Shapes::ShapeRef.new(shape: CustomDataIdentifiersDetectionsList, location_name: "Detections"))
2194
+ CustomDataIdentifiersResult.add_member(:total_count, Shapes::ShapeRef.new(shape: Long, location_name: "TotalCount"))
2195
+ CustomDataIdentifiersResult.struct_class = Types::CustomDataIdentifiersResult
2196
+
2125
2197
  Cvss.add_member(:version, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Version"))
2126
2198
  Cvss.add_member(:base_score, Shapes::ShapeRef.new(shape: Double, location_name: "BaseScore"))
2127
2199
  Cvss.add_member(:base_vector, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "BaseVector"))
@@ -2129,6 +2201,10 @@ module Aws::SecurityHub
2129
2201
 
2130
2202
  CvssList.member = Shapes::ShapeRef.new(shape: Cvss)
2131
2203
 
2204
+ DataClassificationDetails.add_member(:detailed_results_location, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DetailedResultsLocation"))
2205
+ DataClassificationDetails.add_member(:result, Shapes::ShapeRef.new(shape: ClassificationResult, location_name: "Result"))
2206
+ DataClassificationDetails.struct_class = Types::DataClassificationDetails
2207
+
2132
2208
  DateFilter.add_member(:start, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Start"))
2133
2209
  DateFilter.add_member(:end, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "End"))
2134
2210
  DateFilter.add_member(:date_range, Shapes::ShapeRef.new(shape: DateRange, location_name: "DateRange"))
@@ -2267,6 +2343,17 @@ module Aws::SecurityHub
2267
2343
  FieldMap.key = Shapes::ShapeRef.new(shape: NonEmptyString)
2268
2344
  FieldMap.value = Shapes::ShapeRef.new(shape: NonEmptyString)
2269
2345
 
2346
+ FindingProviderFields.add_member(:confidence, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Confidence"))
2347
+ FindingProviderFields.add_member(:criticality, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Criticality"))
2348
+ FindingProviderFields.add_member(:related_findings, Shapes::ShapeRef.new(shape: RelatedFindingList, location_name: "RelatedFindings"))
2349
+ FindingProviderFields.add_member(:severity, Shapes::ShapeRef.new(shape: FindingProviderSeverity, location_name: "Severity"))
2350
+ FindingProviderFields.add_member(:types, Shapes::ShapeRef.new(shape: TypeList, location_name: "Types"))
2351
+ FindingProviderFields.struct_class = Types::FindingProviderFields
2352
+
2353
+ FindingProviderSeverity.add_member(:label, Shapes::ShapeRef.new(shape: SeverityLabel, location_name: "Label"))
2354
+ FindingProviderSeverity.add_member(:original, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Original"))
2355
+ FindingProviderSeverity.struct_class = Types::FindingProviderSeverity
2356
+
2270
2357
  GeoLocation.add_member(:lon, Shapes::ShapeRef.new(shape: Double, location_name: "Lon"))
2271
2358
  GeoLocation.add_member(:lat, Shapes::ShapeRef.new(shape: Double, location_name: "Lat"))
2272
2359
  GeoLocation.struct_class = Types::GeoLocation
@@ -2528,6 +2615,20 @@ module Aws::SecurityHub
2528
2615
 
2529
2616
  NumberFilterList.member = Shapes::ShapeRef.new(shape: NumberFilter)
2530
2617
 
2618
+ Occurrences.add_member(:line_ranges, Shapes::ShapeRef.new(shape: Ranges, location_name: "LineRanges"))
2619
+ Occurrences.add_member(:offset_ranges, Shapes::ShapeRef.new(shape: Ranges, location_name: "OffsetRanges"))
2620
+ Occurrences.add_member(:pages, Shapes::ShapeRef.new(shape: Pages, location_name: "Pages"))
2621
+ Occurrences.add_member(:records, Shapes::ShapeRef.new(shape: Records, location_name: "Records"))
2622
+ Occurrences.add_member(:cells, Shapes::ShapeRef.new(shape: Cells, location_name: "Cells"))
2623
+ Occurrences.struct_class = Types::Occurrences
2624
+
2625
+ Page.add_member(:page_number, Shapes::ShapeRef.new(shape: Long, location_name: "PageNumber"))
2626
+ Page.add_member(:line_range, Shapes::ShapeRef.new(shape: Range, location_name: "LineRange"))
2627
+ Page.add_member(:offset_range, Shapes::ShapeRef.new(shape: Range, location_name: "OffsetRange"))
2628
+ Page.struct_class = Types::Page
2629
+
2630
+ Pages.member = Shapes::ShapeRef.new(shape: Page)
2631
+
2531
2632
  PatchSummary.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
2532
2633
  PatchSummary.add_member(:installed_count, Shapes::ShapeRef.new(shape: Integer, location_name: "InstalledCount"))
2533
2634
  PatchSummary.add_member(:missing_count, Shapes::ShapeRef.new(shape: Integer, location_name: "MissingCount"))
@@ -2581,10 +2682,23 @@ module Aws::SecurityHub
2581
2682
 
2582
2683
  ProductsList.member = Shapes::ShapeRef.new(shape: Product)
2583
2684
 
2685
+ Range.add_member(:start, Shapes::ShapeRef.new(shape: Long, location_name: "Start"))
2686
+ Range.add_member(:end, Shapes::ShapeRef.new(shape: Long, location_name: "End"))
2687
+ Range.add_member(:start_column, Shapes::ShapeRef.new(shape: Long, location_name: "StartColumn"))
2688
+ Range.struct_class = Types::Range
2689
+
2690
+ Ranges.member = Shapes::ShapeRef.new(shape: Range)
2691
+
2584
2692
  Recommendation.add_member(:text, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Text"))
2585
2693
  Recommendation.add_member(:url, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Url"))
2586
2694
  Recommendation.struct_class = Types::Recommendation
2587
2695
 
2696
+ Record.add_member(:json_path, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "JsonPath"))
2697
+ Record.add_member(:record_index, Shapes::ShapeRef.new(shape: Long, location_name: "RecordIndex"))
2698
+ Record.struct_class = Types::Record
2699
+
2700
+ Records.member = Shapes::ShapeRef.new(shape: Record)
2701
+
2588
2702
  RelatedFinding.add_member(:product_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "ProductArn"))
2589
2703
  RelatedFinding.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
2590
2704
  RelatedFinding.struct_class = Types::RelatedFinding
@@ -2602,6 +2716,7 @@ module Aws::SecurityHub
2602
2716
  Resource.add_member(:region, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Region"))
2603
2717
  Resource.add_member(:resource_role, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ResourceRole"))
2604
2718
  Resource.add_member(:tags, Shapes::ShapeRef.new(shape: FieldMap, location_name: "Tags"))
2719
+ Resource.add_member(:data_classification, Shapes::ShapeRef.new(shape: DataClassificationDetails, location_name: "DataClassification"))
2605
2720
  Resource.add_member(:details, Shapes::ShapeRef.new(shape: ResourceDetails, location_name: "Details"))
2606
2721
  Resource.struct_class = Types::Resource
2607
2722
 
@@ -2621,6 +2736,7 @@ module Aws::SecurityHub
2621
2736
  ResourceDetails.add_member(:aws_elbv_2_load_balancer, Shapes::ShapeRef.new(shape: AwsElbv2LoadBalancerDetails, location_name: "AwsElbv2LoadBalancer"))
2622
2737
  ResourceDetails.add_member(:aws_elasticsearch_domain, Shapes::ShapeRef.new(shape: AwsElasticsearchDomainDetails, location_name: "AwsElasticsearchDomain"))
2623
2738
  ResourceDetails.add_member(:aws_s3_bucket, Shapes::ShapeRef.new(shape: AwsS3BucketDetails, location_name: "AwsS3Bucket"))
2739
+ ResourceDetails.add_member(:aws_s3_account_public_access_block, Shapes::ShapeRef.new(shape: AwsS3AccountPublicAccessBlockDetails, location_name: "AwsS3AccountPublicAccessBlock"))
2624
2740
  ResourceDetails.add_member(:aws_s3_object, Shapes::ShapeRef.new(shape: AwsS3ObjectDetails, location_name: "AwsS3Object"))
2625
2741
  ResourceDetails.add_member(:aws_secrets_manager_secret, Shapes::ShapeRef.new(shape: AwsSecretsManagerSecretDetails, location_name: "AwsSecretsManagerSecret"))
2626
2742
  ResourceDetails.add_member(:aws_iam_access_key, Shapes::ShapeRef.new(shape: AwsIamAccessKeyDetails, location_name: "AwsIamAccessKey"))
@@ -2666,6 +2782,20 @@ module Aws::SecurityHub
2666
2782
 
2667
2783
  SecurityGroups.member = Shapes::ShapeRef.new(shape: NonEmptyString)
2668
2784
 
2785
+ SensitiveDataDetections.add_member(:count, Shapes::ShapeRef.new(shape: Long, location_name: "Count"))
2786
+ SensitiveDataDetections.add_member(:type, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Type"))
2787
+ SensitiveDataDetections.add_member(:occurrences, Shapes::ShapeRef.new(shape: Occurrences, location_name: "Occurrences"))
2788
+ SensitiveDataDetections.struct_class = Types::SensitiveDataDetections
2789
+
2790
+ SensitiveDataDetectionsList.member = Shapes::ShapeRef.new(shape: SensitiveDataDetections)
2791
+
2792
+ SensitiveDataResult.add_member(:category, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Category"))
2793
+ SensitiveDataResult.add_member(:detections, Shapes::ShapeRef.new(shape: SensitiveDataDetectionsList, location_name: "Detections"))
2794
+ SensitiveDataResult.add_member(:total_count, Shapes::ShapeRef.new(shape: Long, location_name: "TotalCount"))
2795
+ SensitiveDataResult.struct_class = Types::SensitiveDataResult
2796
+
2797
+ SensitiveDataResultList.member = Shapes::ShapeRef.new(shape: SensitiveDataResult)
2798
+
2669
2799
  Severity.add_member(:product, Shapes::ShapeRef.new(shape: Double, location_name: "Product"))
2670
2800
  Severity.add_member(:label, Shapes::ShapeRef.new(shape: SeverityLabel, location_name: "Label"))
2671
2801
  Severity.add_member(:normalized, Shapes::ShapeRef.new(shape: Integer, location_name: "Normalized"))
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -9765,6 +9765,51 @@ module Aws::SecurityHub
9765
9765
  include Aws::Structure
9766
9766
  end
9767
9767
 
9768
+ # provides information about the Amazon S3 Public Access Block
9769
+ # configuration for accounts.
9770
+ #
9771
+ # @note When making an API call, you may pass AwsS3AccountPublicAccessBlockDetails
9772
+ # data as a hash:
9773
+ #
9774
+ # {
9775
+ # block_public_acls: false,
9776
+ # block_public_policy: false,
9777
+ # ignore_public_acls: false,
9778
+ # restrict_public_buckets: false,
9779
+ # }
9780
+ #
9781
+ # @!attribute [rw] block_public_acls
9782
+ # Indicates whether to reject calls to update an S3 bucket if the
9783
+ # calls include a public access control list (ACL).
9784
+ # @return [Boolean]
9785
+ #
9786
+ # @!attribute [rw] block_public_policy
9787
+ # Indicates whether to reject calls to update the access policy for an
9788
+ # S3 bucket or access point if the policy allows public access.
9789
+ # @return [Boolean]
9790
+ #
9791
+ # @!attribute [rw] ignore_public_acls
9792
+ # Indicates whether Amazon S3 ignores public ACLs that are associated
9793
+ # with an S3 bucket.
9794
+ # @return [Boolean]
9795
+ #
9796
+ # @!attribute [rw] restrict_public_buckets
9797
+ # Indicates whether to restrict access to an access point or S3 bucket
9798
+ # that has a public policy to only AWS service principals and
9799
+ # authorized users within the S3 bucket owner's account.
9800
+ # @return [Boolean]
9801
+ #
9802
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3AccountPublicAccessBlockDetails AWS API Documentation
9803
+ #
9804
+ class AwsS3AccountPublicAccessBlockDetails < Struct.new(
9805
+ :block_public_acls,
9806
+ :block_public_policy,
9807
+ :ignore_public_acls,
9808
+ :restrict_public_buckets)
9809
+ SENSITIVE = []
9810
+ include Aws::Structure
9811
+ end
9812
+
9768
9813
  # The details of an Amazon S3 bucket.
9769
9814
  #
9770
9815
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -9784,6 +9829,12 @@ module Aws::SecurityHub
9784
9829
  # },
9785
9830
  # ],
9786
9831
  # },
9832
+ # public_access_block_configuration: {
9833
+ # block_public_acls: false,
9834
+ # block_public_policy: false,
9835
+ # ignore_public_acls: false,
9836
+ # restrict_public_buckets: false,
9837
+ # },
9787
9838
  # }
9788
9839
  #
9789
9840
  # @!attribute [rw] owner_id
@@ -9810,13 +9861,19 @@ module Aws::SecurityHub
9810
9861
  # The encryption rules that are applied to the S3 bucket.
9811
9862
  # @return [Types::AwsS3BucketServerSideEncryptionConfiguration]
9812
9863
  #
9864
+ # @!attribute [rw] public_access_block_configuration
9865
+ # Provides information about the Amazon S3 Public Access Block
9866
+ # configuration for the S3 bucket.
9867
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
9868
+ #
9813
9869
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
9814
9870
  #
9815
9871
  class AwsS3BucketDetails < Struct.new(
9816
9872
  :owner_id,
9817
9873
  :owner_name,
9818
9874
  :created_at,
9819
- :server_side_encryption_configuration)
9875
+ :server_side_encryption_configuration,
9876
+ :public_access_block_configuration)
9820
9877
  SENSITIVE = []
9821
9878
  include Aws::Structure
9822
9879
  end
@@ -10077,12 +10134,12 @@ module Aws::SecurityHub
10077
10134
  # product_arn: "NonEmptyString", # required
10078
10135
  # generator_id: "NonEmptyString", # required
10079
10136
  # aws_account_id: "NonEmptyString", # required
10080
- # types: ["NonEmptyString"], # required
10137
+ # types: ["NonEmptyString"],
10081
10138
  # first_observed_at: "NonEmptyString",
10082
10139
  # last_observed_at: "NonEmptyString",
10083
10140
  # created_at: "NonEmptyString", # required
10084
10141
  # updated_at: "NonEmptyString", # required
10085
- # severity: { # required
10142
+ # severity: {
10086
10143
  # product: 1.0,
10087
10144
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
10088
10145
  # normalized: 1,
@@ -10206,6 +10263,130 @@ module Aws::SecurityHub
10206
10263
  # tags: {
10207
10264
  # "NonEmptyString" => "NonEmptyString",
10208
10265
  # },
10266
+ # data_classification: {
10267
+ # detailed_results_location: "NonEmptyString",
10268
+ # result: {
10269
+ # mime_type: "NonEmptyString",
10270
+ # size_classified: 1,
10271
+ # additional_occurrences: false,
10272
+ # status: {
10273
+ # code: "NonEmptyString",
10274
+ # reason: "NonEmptyString",
10275
+ # },
10276
+ # sensitive_data: [
10277
+ # {
10278
+ # category: "NonEmptyString",
10279
+ # detections: [
10280
+ # {
10281
+ # count: 1,
10282
+ # type: "NonEmptyString",
10283
+ # occurrences: {
10284
+ # line_ranges: [
10285
+ # {
10286
+ # start: 1,
10287
+ # end: 1,
10288
+ # start_column: 1,
10289
+ # },
10290
+ # ],
10291
+ # offset_ranges: [
10292
+ # {
10293
+ # start: 1,
10294
+ # end: 1,
10295
+ # start_column: 1,
10296
+ # },
10297
+ # ],
10298
+ # pages: [
10299
+ # {
10300
+ # page_number: 1,
10301
+ # line_range: {
10302
+ # start: 1,
10303
+ # end: 1,
10304
+ # start_column: 1,
10305
+ # },
10306
+ # offset_range: {
10307
+ # start: 1,
10308
+ # end: 1,
10309
+ # start_column: 1,
10310
+ # },
10311
+ # },
10312
+ # ],
10313
+ # records: [
10314
+ # {
10315
+ # json_path: "NonEmptyString",
10316
+ # record_index: 1,
10317
+ # },
10318
+ # ],
10319
+ # cells: [
10320
+ # {
10321
+ # column: 1,
10322
+ # row: 1,
10323
+ # column_name: "NonEmptyString",
10324
+ # cell_reference: "NonEmptyString",
10325
+ # },
10326
+ # ],
10327
+ # },
10328
+ # },
10329
+ # ],
10330
+ # total_count: 1,
10331
+ # },
10332
+ # ],
10333
+ # custom_data_identifiers: {
10334
+ # detections: [
10335
+ # {
10336
+ # count: 1,
10337
+ # arn: "NonEmptyString",
10338
+ # name: "NonEmptyString",
10339
+ # occurrences: {
10340
+ # line_ranges: [
10341
+ # {
10342
+ # start: 1,
10343
+ # end: 1,
10344
+ # start_column: 1,
10345
+ # },
10346
+ # ],
10347
+ # offset_ranges: [
10348
+ # {
10349
+ # start: 1,
10350
+ # end: 1,
10351
+ # start_column: 1,
10352
+ # },
10353
+ # ],
10354
+ # pages: [
10355
+ # {
10356
+ # page_number: 1,
10357
+ # line_range: {
10358
+ # start: 1,
10359
+ # end: 1,
10360
+ # start_column: 1,
10361
+ # },
10362
+ # offset_range: {
10363
+ # start: 1,
10364
+ # end: 1,
10365
+ # start_column: 1,
10366
+ # },
10367
+ # },
10368
+ # ],
10369
+ # records: [
10370
+ # {
10371
+ # json_path: "NonEmptyString",
10372
+ # record_index: 1,
10373
+ # },
10374
+ # ],
10375
+ # cells: [
10376
+ # {
10377
+ # column: 1,
10378
+ # row: 1,
10379
+ # column_name: "NonEmptyString",
10380
+ # cell_reference: "NonEmptyString",
10381
+ # },
10382
+ # ],
10383
+ # },
10384
+ # },
10385
+ # ],
10386
+ # total_count: 1,
10387
+ # },
10388
+ # },
10389
+ # },
10209
10390
  # details: {
10210
10391
  # aws_auto_scaling_auto_scaling_group: {
10211
10392
  # launch_configuration_name: "NonEmptyString",
@@ -10507,6 +10688,18 @@ module Aws::SecurityHub
10507
10688
  # },
10508
10689
  # ],
10509
10690
  # },
10691
+ # public_access_block_configuration: {
10692
+ # block_public_acls: false,
10693
+ # block_public_policy: false,
10694
+ # ignore_public_acls: false,
10695
+ # restrict_public_buckets: false,
10696
+ # },
10697
+ # },
10698
+ # aws_s3_account_public_access_block: {
10699
+ # block_public_acls: false,
10700
+ # block_public_policy: false,
10701
+ # ignore_public_acls: false,
10702
+ # restrict_public_buckets: false,
10510
10703
  # },
10511
10704
  # aws_s3_object: {
10512
10705
  # last_modified: "NonEmptyString",
@@ -11737,6 +11930,21 @@ module Aws::SecurityHub
11737
11930
  # blocked: false,
11738
11931
  # },
11739
11932
  # },
11933
+ # finding_provider_fields: {
11934
+ # confidence: 1,
11935
+ # criticality: 1,
11936
+ # related_findings: [
11937
+ # {
11938
+ # product_arn: "NonEmptyString", # required
11939
+ # id: "NonEmptyString", # required
11940
+ # },
11941
+ # ],
11942
+ # severity: {
11943
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
11944
+ # original: "NonEmptyString",
11945
+ # },
11946
+ # types: ["NonEmptyString"],
11947
+ # },
11740
11948
  # }
11741
11949
  #
11742
11950
  # @!attribute [rw] schema_version
@@ -11957,6 +12165,12 @@ module Aws::SecurityHub
11957
12165
  # resource.
11958
12166
  # @return [Types::Action]
11959
12167
  #
12168
+ # @!attribute [rw] finding_provider_fields
12169
+ # In a `BatchImportFindings` request, finding providers use
12170
+ # `FindingProviderFields` to provide and update their own values for
12171
+ # confidence, criticality, related findings, severity, and types.
12172
+ # @return [Types::FindingProviderFields]
12173
+ #
11960
12174
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
11961
12175
  #
11962
12176
  class AwsSecurityFinding < Struct.new(
@@ -11994,7 +12208,8 @@ module Aws::SecurityHub
11994
12208
  :note,
11995
12209
  :vulnerabilities,
11996
12210
  :patch_summary,
11997
- :action)
12211
+ :action,
12212
+ :finding_provider_fields)
11998
12213
  SENSITIVE = []
11999
12214
  include Aws::Structure
12000
12215
  end
@@ -12563,6 +12778,50 @@ module Aws::SecurityHub
12563
12778
  # value: "NonEmptyString",
12564
12779
  # },
12565
12780
  # ],
12781
+ # finding_provider_fields_confidence: [
12782
+ # {
12783
+ # gte: 1.0,
12784
+ # lte: 1.0,
12785
+ # eq: 1.0,
12786
+ # },
12787
+ # ],
12788
+ # finding_provider_fields_criticality: [
12789
+ # {
12790
+ # gte: 1.0,
12791
+ # lte: 1.0,
12792
+ # eq: 1.0,
12793
+ # },
12794
+ # ],
12795
+ # finding_provider_fields_related_findings_id: [
12796
+ # {
12797
+ # value: "NonEmptyString",
12798
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12799
+ # },
12800
+ # ],
12801
+ # finding_provider_fields_related_findings_product_arn: [
12802
+ # {
12803
+ # value: "NonEmptyString",
12804
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12805
+ # },
12806
+ # ],
12807
+ # finding_provider_fields_severity_label: [
12808
+ # {
12809
+ # value: "NonEmptyString",
12810
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12811
+ # },
12812
+ # ],
12813
+ # finding_provider_fields_severity_original: [
12814
+ # {
12815
+ # value: "NonEmptyString",
12816
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12817
+ # },
12818
+ # ],
12819
+ # finding_provider_fields_types: [
12820
+ # {
12821
+ # value: "NonEmptyString",
12822
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
12823
+ # },
12824
+ # ],
12566
12825
  # }
12567
12826
  #
12568
12827
  # @!attribute [rw] product_arn
@@ -12970,6 +13229,52 @@ module Aws::SecurityHub
12970
13229
  # A keyword for a finding.
12971
13230
  # @return [Array<Types::KeywordFilter>]
12972
13231
  #
13232
+ # @!attribute [rw] finding_provider_fields_confidence
13233
+ # The finding provider value for the finding confidence. Confidence is
13234
+ # defined as the likelihood that a finding accurately identifies the
13235
+ # behavior or issue that it was intended to identify.
13236
+ #
13237
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
13238
+ # means zero percent confidence and 100 means 100 percent confidence.
13239
+ # @return [Array<Types::NumberFilter>]
13240
+ #
13241
+ # @!attribute [rw] finding_provider_fields_criticality
13242
+ # The finding provider value for the level of importance assigned to
13243
+ # the resources associated with the findings.
13244
+ #
13245
+ # A score of 0 means that the underlying resources have no
13246
+ # criticality, and a score of 100 is reserved for the most critical
13247
+ # resources.
13248
+ # @return [Array<Types::NumberFilter>]
13249
+ #
13250
+ # @!attribute [rw] finding_provider_fields_related_findings_id
13251
+ # The finding identifier of a related finding that is identified by
13252
+ # the finding provider.
13253
+ # @return [Array<Types::StringFilter>]
13254
+ #
13255
+ # @!attribute [rw] finding_provider_fields_related_findings_product_arn
13256
+ # The ARN of the solution that generated a related finding that is
13257
+ # identified by the finding provider.
13258
+ # @return [Array<Types::StringFilter>]
13259
+ #
13260
+ # @!attribute [rw] finding_provider_fields_severity_label
13261
+ # The finding provider value for the severity label.
13262
+ # @return [Array<Types::StringFilter>]
13263
+ #
13264
+ # @!attribute [rw] finding_provider_fields_severity_original
13265
+ # The finding provider's original value for the severity.
13266
+ # @return [Array<Types::StringFilter>]
13267
+ #
13268
+ # @!attribute [rw] finding_provider_fields_types
13269
+ # One or more finding types that the finding provider assigned to the
13270
+ # finding. Uses the format of `namespace/category/classifier` that
13271
+ # classify a finding.
13272
+ #
13273
+ # Valid namespace values are: Software and Configuration Checks \|
13274
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
13275
+ # Identifications
13276
+ # @return [Array<Types::StringFilter>]
13277
+ #
12973
13278
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
12974
13279
  #
12975
13280
  class AwsSecurityFindingFilters < Struct.new(
@@ -13056,7 +13361,14 @@ module Aws::SecurityHub
13056
13361
  :note_text,
13057
13362
  :note_updated_at,
13058
13363
  :note_updated_by,
13059
- :keyword)
13364
+ :keyword,
13365
+ :finding_provider_fields_confidence,
13366
+ :finding_provider_fields_criticality,
13367
+ :finding_provider_fields_related_findings_id,
13368
+ :finding_provider_fields_related_findings_product_arn,
13369
+ :finding_provider_fields_severity_label,
13370
+ :finding_provider_fields_severity_original,
13371
+ :finding_provider_fields_types)
13060
13372
  SENSITIVE = []
13061
13373
  include Aws::Structure
13062
13374
  end
@@ -13662,12 +13974,12 @@ module Aws::SecurityHub
13662
13974
  # product_arn: "NonEmptyString", # required
13663
13975
  # generator_id: "NonEmptyString", # required
13664
13976
  # aws_account_id: "NonEmptyString", # required
13665
- # types: ["NonEmptyString"], # required
13977
+ # types: ["NonEmptyString"],
13666
13978
  # first_observed_at: "NonEmptyString",
13667
13979
  # last_observed_at: "NonEmptyString",
13668
13980
  # created_at: "NonEmptyString", # required
13669
13981
  # updated_at: "NonEmptyString", # required
13670
- # severity: { # required
13982
+ # severity: {
13671
13983
  # product: 1.0,
13672
13984
  # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
13673
13985
  # normalized: 1,
@@ -13791,6 +14103,130 @@ module Aws::SecurityHub
13791
14103
  # tags: {
13792
14104
  # "NonEmptyString" => "NonEmptyString",
13793
14105
  # },
14106
+ # data_classification: {
14107
+ # detailed_results_location: "NonEmptyString",
14108
+ # result: {
14109
+ # mime_type: "NonEmptyString",
14110
+ # size_classified: 1,
14111
+ # additional_occurrences: false,
14112
+ # status: {
14113
+ # code: "NonEmptyString",
14114
+ # reason: "NonEmptyString",
14115
+ # },
14116
+ # sensitive_data: [
14117
+ # {
14118
+ # category: "NonEmptyString",
14119
+ # detections: [
14120
+ # {
14121
+ # count: 1,
14122
+ # type: "NonEmptyString",
14123
+ # occurrences: {
14124
+ # line_ranges: [
14125
+ # {
14126
+ # start: 1,
14127
+ # end: 1,
14128
+ # start_column: 1,
14129
+ # },
14130
+ # ],
14131
+ # offset_ranges: [
14132
+ # {
14133
+ # start: 1,
14134
+ # end: 1,
14135
+ # start_column: 1,
14136
+ # },
14137
+ # ],
14138
+ # pages: [
14139
+ # {
14140
+ # page_number: 1,
14141
+ # line_range: {
14142
+ # start: 1,
14143
+ # end: 1,
14144
+ # start_column: 1,
14145
+ # },
14146
+ # offset_range: {
14147
+ # start: 1,
14148
+ # end: 1,
14149
+ # start_column: 1,
14150
+ # },
14151
+ # },
14152
+ # ],
14153
+ # records: [
14154
+ # {
14155
+ # json_path: "NonEmptyString",
14156
+ # record_index: 1,
14157
+ # },
14158
+ # ],
14159
+ # cells: [
14160
+ # {
14161
+ # column: 1,
14162
+ # row: 1,
14163
+ # column_name: "NonEmptyString",
14164
+ # cell_reference: "NonEmptyString",
14165
+ # },
14166
+ # ],
14167
+ # },
14168
+ # },
14169
+ # ],
14170
+ # total_count: 1,
14171
+ # },
14172
+ # ],
14173
+ # custom_data_identifiers: {
14174
+ # detections: [
14175
+ # {
14176
+ # count: 1,
14177
+ # arn: "NonEmptyString",
14178
+ # name: "NonEmptyString",
14179
+ # occurrences: {
14180
+ # line_ranges: [
14181
+ # {
14182
+ # start: 1,
14183
+ # end: 1,
14184
+ # start_column: 1,
14185
+ # },
14186
+ # ],
14187
+ # offset_ranges: [
14188
+ # {
14189
+ # start: 1,
14190
+ # end: 1,
14191
+ # start_column: 1,
14192
+ # },
14193
+ # ],
14194
+ # pages: [
14195
+ # {
14196
+ # page_number: 1,
14197
+ # line_range: {
14198
+ # start: 1,
14199
+ # end: 1,
14200
+ # start_column: 1,
14201
+ # },
14202
+ # offset_range: {
14203
+ # start: 1,
14204
+ # end: 1,
14205
+ # start_column: 1,
14206
+ # },
14207
+ # },
14208
+ # ],
14209
+ # records: [
14210
+ # {
14211
+ # json_path: "NonEmptyString",
14212
+ # record_index: 1,
14213
+ # },
14214
+ # ],
14215
+ # cells: [
14216
+ # {
14217
+ # column: 1,
14218
+ # row: 1,
14219
+ # column_name: "NonEmptyString",
14220
+ # cell_reference: "NonEmptyString",
14221
+ # },
14222
+ # ],
14223
+ # },
14224
+ # },
14225
+ # ],
14226
+ # total_count: 1,
14227
+ # },
14228
+ # },
14229
+ # },
13794
14230
  # details: {
13795
14231
  # aws_auto_scaling_auto_scaling_group: {
13796
14232
  # launch_configuration_name: "NonEmptyString",
@@ -14092,6 +14528,18 @@ module Aws::SecurityHub
14092
14528
  # },
14093
14529
  # ],
14094
14530
  # },
14531
+ # public_access_block_configuration: {
14532
+ # block_public_acls: false,
14533
+ # block_public_policy: false,
14534
+ # ignore_public_acls: false,
14535
+ # restrict_public_buckets: false,
14536
+ # },
14537
+ # },
14538
+ # aws_s3_account_public_access_block: {
14539
+ # block_public_acls: false,
14540
+ # block_public_policy: false,
14541
+ # ignore_public_acls: false,
14542
+ # restrict_public_buckets: false,
14095
14543
  # },
14096
14544
  # aws_s3_object: {
14097
14545
  # last_modified: "NonEmptyString",
@@ -15322,6 +15770,21 @@ module Aws::SecurityHub
15322
15770
  # blocked: false,
15323
15771
  # },
15324
15772
  # },
15773
+ # finding_provider_fields: {
15774
+ # confidence: 1,
15775
+ # criticality: 1,
15776
+ # related_findings: [
15777
+ # {
15778
+ # product_arn: "NonEmptyString", # required
15779
+ # id: "NonEmptyString", # required
15780
+ # },
15781
+ # ],
15782
+ # severity: {
15783
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
15784
+ # original: "NonEmptyString",
15785
+ # },
15786
+ # types: ["NonEmptyString"],
15787
+ # },
15325
15788
  # },
15326
15789
  # ],
15327
15790
  # }
@@ -15545,6 +16008,52 @@ module Aws::SecurityHub
15545
16008
  include Aws::Structure
15546
16009
  end
15547
16010
 
16011
+ # An occurrence of sensitive data detected in a Microsoft Excel
16012
+ # workbook, comma-separated value (CSV) file, or tab-separated value
16013
+ # (TSV) file.
16014
+ #
16015
+ # @note When making an API call, you may pass Cell
16016
+ # data as a hash:
16017
+ #
16018
+ # {
16019
+ # column: 1,
16020
+ # row: 1,
16021
+ # column_name: "NonEmptyString",
16022
+ # cell_reference: "NonEmptyString",
16023
+ # }
16024
+ #
16025
+ # @!attribute [rw] column
16026
+ # The column number of the column that contains the data. For a
16027
+ # Microsoft Excel workbook, the column number corresponds to the
16028
+ # alphabetical column identifiers. For example, a value of 1 for
16029
+ # Column corresponds to the A column in the workbook.
16030
+ # @return [Integer]
16031
+ #
16032
+ # @!attribute [rw] row
16033
+ # The row number of the row that contains the data.
16034
+ # @return [Integer]
16035
+ #
16036
+ # @!attribute [rw] column_name
16037
+ # The name of the column that contains the data.
16038
+ # @return [String]
16039
+ #
16040
+ # @!attribute [rw] cell_reference
16041
+ # For a Microsoft Excel workbook, provides the location of the cell,
16042
+ # as an absolute cell reference, that contains the data. For example,
16043
+ # Sheet2!C5 for cell C5 on Sheet2.
16044
+ # @return [String]
16045
+ #
16046
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cell AWS API Documentation
16047
+ #
16048
+ class Cell < Struct.new(
16049
+ :column,
16050
+ :row,
16051
+ :column_name,
16052
+ :cell_reference)
16053
+ SENSITIVE = []
16054
+ include Aws::Structure
16055
+ end
16056
+
15548
16057
  # An IPv4 CIDR block association.
15549
16058
  #
15550
16059
  # @note When making an API call, you may pass CidrBlockAssociation
@@ -15599,32 +16108,229 @@ module Aws::SecurityHub
15599
16108
  include Aws::Structure
15600
16109
  end
15601
16110
 
15602
- # Contains finding details that are specific to control-based findings.
15603
- # Only returned for findings generated from controls.
16111
+ # Details about the sensitive data that was detected on the resource.
15604
16112
  #
15605
- # @note When making an API call, you may pass Compliance
16113
+ # @note When making an API call, you may pass ClassificationResult
15606
16114
  # data as a hash:
15607
16115
  #
15608
16116
  # {
15609
- # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
15610
- # related_requirements: ["NonEmptyString"],
15611
- # status_reasons: [
16117
+ # mime_type: "NonEmptyString",
16118
+ # size_classified: 1,
16119
+ # additional_occurrences: false,
16120
+ # status: {
16121
+ # code: "NonEmptyString",
16122
+ # reason: "NonEmptyString",
16123
+ # },
16124
+ # sensitive_data: [
15612
16125
  # {
15613
- # reason_code: "NonEmptyString", # required
15614
- # description: "NonEmptyString",
16126
+ # category: "NonEmptyString",
16127
+ # detections: [
16128
+ # {
16129
+ # count: 1,
16130
+ # type: "NonEmptyString",
16131
+ # occurrences: {
16132
+ # line_ranges: [
16133
+ # {
16134
+ # start: 1,
16135
+ # end: 1,
16136
+ # start_column: 1,
16137
+ # },
16138
+ # ],
16139
+ # offset_ranges: [
16140
+ # {
16141
+ # start: 1,
16142
+ # end: 1,
16143
+ # start_column: 1,
16144
+ # },
16145
+ # ],
16146
+ # pages: [
16147
+ # {
16148
+ # page_number: 1,
16149
+ # line_range: {
16150
+ # start: 1,
16151
+ # end: 1,
16152
+ # start_column: 1,
16153
+ # },
16154
+ # offset_range: {
16155
+ # start: 1,
16156
+ # end: 1,
16157
+ # start_column: 1,
16158
+ # },
16159
+ # },
16160
+ # ],
16161
+ # records: [
16162
+ # {
16163
+ # json_path: "NonEmptyString",
16164
+ # record_index: 1,
16165
+ # },
16166
+ # ],
16167
+ # cells: [
16168
+ # {
16169
+ # column: 1,
16170
+ # row: 1,
16171
+ # column_name: "NonEmptyString",
16172
+ # cell_reference: "NonEmptyString",
16173
+ # },
16174
+ # ],
16175
+ # },
16176
+ # },
16177
+ # ],
16178
+ # total_count: 1,
15615
16179
  # },
15616
16180
  # ],
16181
+ # custom_data_identifiers: {
16182
+ # detections: [
16183
+ # {
16184
+ # count: 1,
16185
+ # arn: "NonEmptyString",
16186
+ # name: "NonEmptyString",
16187
+ # occurrences: {
16188
+ # line_ranges: [
16189
+ # {
16190
+ # start: 1,
16191
+ # end: 1,
16192
+ # start_column: 1,
16193
+ # },
16194
+ # ],
16195
+ # offset_ranges: [
16196
+ # {
16197
+ # start: 1,
16198
+ # end: 1,
16199
+ # start_column: 1,
16200
+ # },
16201
+ # ],
16202
+ # pages: [
16203
+ # {
16204
+ # page_number: 1,
16205
+ # line_range: {
16206
+ # start: 1,
16207
+ # end: 1,
16208
+ # start_column: 1,
16209
+ # },
16210
+ # offset_range: {
16211
+ # start: 1,
16212
+ # end: 1,
16213
+ # start_column: 1,
16214
+ # },
16215
+ # },
16216
+ # ],
16217
+ # records: [
16218
+ # {
16219
+ # json_path: "NonEmptyString",
16220
+ # record_index: 1,
16221
+ # },
16222
+ # ],
16223
+ # cells: [
16224
+ # {
16225
+ # column: 1,
16226
+ # row: 1,
16227
+ # column_name: "NonEmptyString",
16228
+ # cell_reference: "NonEmptyString",
16229
+ # },
16230
+ # ],
16231
+ # },
16232
+ # },
16233
+ # ],
16234
+ # total_count: 1,
16235
+ # },
15617
16236
  # }
15618
16237
  #
16238
+ # @!attribute [rw] mime_type
16239
+ # The type of content that the finding applies to.
16240
+ # @return [String]
16241
+ #
16242
+ # @!attribute [rw] size_classified
16243
+ # The total size in bytes of the affected data.
16244
+ # @return [Integer]
16245
+ #
16246
+ # @!attribute [rw] additional_occurrences
16247
+ # Indicates whether there are additional occurrences of sensitive data
16248
+ # that are not included in the finding. This occurs when the number of
16249
+ # occurrences exceeds the maximum that can be included.
16250
+ # @return [Boolean]
16251
+ #
15619
16252
  # @!attribute [rw] status
15620
- # The result of a standards check.
16253
+ # The current status of the sensitive data detection.
16254
+ # @return [Types::ClassificationStatus]
15621
16255
  #
15622
- # The valid values for `Status` are as follows.
16256
+ # @!attribute [rw] sensitive_data
16257
+ # Provides details about sensitive data that was identified based on
16258
+ # built-in configuration.
16259
+ # @return [Array<Types::SensitiveDataResult>]
15623
16260
  #
15624
- # * * `PASSED` - Standards check passed for all evaluated resources.
16261
+ # @!attribute [rw] custom_data_identifiers
16262
+ # Provides details about sensitive data that was identified based on
16263
+ # customer-defined configuration.
16264
+ # @return [Types::CustomDataIdentifiersResult]
15625
16265
  #
15626
- # * `WARNING` - Some information is missing or this check is not
15627
- # supported for your configuration.
16266
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationResult AWS API Documentation
16267
+ #
16268
+ class ClassificationResult < Struct.new(
16269
+ :mime_type,
16270
+ :size_classified,
16271
+ :additional_occurrences,
16272
+ :status,
16273
+ :sensitive_data,
16274
+ :custom_data_identifiers)
16275
+ SENSITIVE = []
16276
+ include Aws::Structure
16277
+ end
16278
+
16279
+ # Provides details about the current status of the sensitive data
16280
+ # detection.
16281
+ #
16282
+ # @note When making an API call, you may pass ClassificationStatus
16283
+ # data as a hash:
16284
+ #
16285
+ # {
16286
+ # code: "NonEmptyString",
16287
+ # reason: "NonEmptyString",
16288
+ # }
16289
+ #
16290
+ # @!attribute [rw] code
16291
+ # The code that represents the status of the sensitive data detection.
16292
+ # @return [String]
16293
+ #
16294
+ # @!attribute [rw] reason
16295
+ # A longer description of the current status of the sensitive data
16296
+ # detection.
16297
+ # @return [String]
16298
+ #
16299
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ClassificationStatus AWS API Documentation
16300
+ #
16301
+ class ClassificationStatus < Struct.new(
16302
+ :code,
16303
+ :reason)
16304
+ SENSITIVE = []
16305
+ include Aws::Structure
16306
+ end
16307
+
16308
+ # Contains finding details that are specific to control-based findings.
16309
+ # Only returned for findings generated from controls.
16310
+ #
16311
+ # @note When making an API call, you may pass Compliance
16312
+ # data as a hash:
16313
+ #
16314
+ # {
16315
+ # status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
16316
+ # related_requirements: ["NonEmptyString"],
16317
+ # status_reasons: [
16318
+ # {
16319
+ # reason_code: "NonEmptyString", # required
16320
+ # description: "NonEmptyString",
16321
+ # },
16322
+ # ],
16323
+ # }
16324
+ #
16325
+ # @!attribute [rw] status
16326
+ # The result of a standards check.
16327
+ #
16328
+ # The valid values for `Status` are as follows.
16329
+ #
16330
+ # * * `PASSED` - Standards check passed for all evaluated resources.
16331
+ #
16332
+ # * `WARNING` - Some information is missing or this check is not
16333
+ # supported for your configuration.
15628
16334
  #
15629
16335
  # * `FAILED` - Standards check failed for at least one evaluated
15630
16336
  # resource.
@@ -16339,6 +17045,50 @@ module Aws::SecurityHub
16339
17045
  # value: "NonEmptyString",
16340
17046
  # },
16341
17047
  # ],
17048
+ # finding_provider_fields_confidence: [
17049
+ # {
17050
+ # gte: 1.0,
17051
+ # lte: 1.0,
17052
+ # eq: 1.0,
17053
+ # },
17054
+ # ],
17055
+ # finding_provider_fields_criticality: [
17056
+ # {
17057
+ # gte: 1.0,
17058
+ # lte: 1.0,
17059
+ # eq: 1.0,
17060
+ # },
17061
+ # ],
17062
+ # finding_provider_fields_related_findings_id: [
17063
+ # {
17064
+ # value: "NonEmptyString",
17065
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17066
+ # },
17067
+ # ],
17068
+ # finding_provider_fields_related_findings_product_arn: [
17069
+ # {
17070
+ # value: "NonEmptyString",
17071
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17072
+ # },
17073
+ # ],
17074
+ # finding_provider_fields_severity_label: [
17075
+ # {
17076
+ # value: "NonEmptyString",
17077
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17078
+ # },
17079
+ # ],
17080
+ # finding_provider_fields_severity_original: [
17081
+ # {
17082
+ # value: "NonEmptyString",
17083
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17084
+ # },
17085
+ # ],
17086
+ # finding_provider_fields_types: [
17087
+ # {
17088
+ # value: "NonEmptyString",
17089
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
17090
+ # },
17091
+ # ],
16342
17092
  # },
16343
17093
  # group_by_attribute: "NonEmptyString", # required
16344
17094
  # }
@@ -16422,6 +17172,170 @@ module Aws::SecurityHub
16422
17172
  include Aws::Structure
16423
17173
  end
16424
17174
 
17175
+ # The list of detected instances of sensitive data.
17176
+ #
17177
+ # @note When making an API call, you may pass CustomDataIdentifiersDetections
17178
+ # data as a hash:
17179
+ #
17180
+ # {
17181
+ # count: 1,
17182
+ # arn: "NonEmptyString",
17183
+ # name: "NonEmptyString",
17184
+ # occurrences: {
17185
+ # line_ranges: [
17186
+ # {
17187
+ # start: 1,
17188
+ # end: 1,
17189
+ # start_column: 1,
17190
+ # },
17191
+ # ],
17192
+ # offset_ranges: [
17193
+ # {
17194
+ # start: 1,
17195
+ # end: 1,
17196
+ # start_column: 1,
17197
+ # },
17198
+ # ],
17199
+ # pages: [
17200
+ # {
17201
+ # page_number: 1,
17202
+ # line_range: {
17203
+ # start: 1,
17204
+ # end: 1,
17205
+ # start_column: 1,
17206
+ # },
17207
+ # offset_range: {
17208
+ # start: 1,
17209
+ # end: 1,
17210
+ # start_column: 1,
17211
+ # },
17212
+ # },
17213
+ # ],
17214
+ # records: [
17215
+ # {
17216
+ # json_path: "NonEmptyString",
17217
+ # record_index: 1,
17218
+ # },
17219
+ # ],
17220
+ # cells: [
17221
+ # {
17222
+ # column: 1,
17223
+ # row: 1,
17224
+ # column_name: "NonEmptyString",
17225
+ # cell_reference: "NonEmptyString",
17226
+ # },
17227
+ # ],
17228
+ # },
17229
+ # }
17230
+ #
17231
+ # @!attribute [rw] count
17232
+ # The total number of occurrences of sensitive data that were
17233
+ # detected.
17234
+ # @return [Integer]
17235
+ #
17236
+ # @!attribute [rw] arn
17237
+ # The ARN of the custom identifier that was used to detect the
17238
+ # sensitive data.
17239
+ # @return [String]
17240
+ #
17241
+ # @!attribute [rw] name
17242
+ # he name of the custom identifier that detected the sensitive data.
17243
+ # @return [String]
17244
+ #
17245
+ # @!attribute [rw] occurrences
17246
+ # Details about the sensitive data that was detected.
17247
+ # @return [Types::Occurrences]
17248
+ #
17249
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersDetections AWS API Documentation
17250
+ #
17251
+ class CustomDataIdentifiersDetections < Struct.new(
17252
+ :count,
17253
+ :arn,
17254
+ :name,
17255
+ :occurrences)
17256
+ SENSITIVE = []
17257
+ include Aws::Structure
17258
+ end
17259
+
17260
+ # Contains an instance of sensitive data that was detected by a
17261
+ # customer-defined identifier.
17262
+ #
17263
+ # @note When making an API call, you may pass CustomDataIdentifiersResult
17264
+ # data as a hash:
17265
+ #
17266
+ # {
17267
+ # detections: [
17268
+ # {
17269
+ # count: 1,
17270
+ # arn: "NonEmptyString",
17271
+ # name: "NonEmptyString",
17272
+ # occurrences: {
17273
+ # line_ranges: [
17274
+ # {
17275
+ # start: 1,
17276
+ # end: 1,
17277
+ # start_column: 1,
17278
+ # },
17279
+ # ],
17280
+ # offset_ranges: [
17281
+ # {
17282
+ # start: 1,
17283
+ # end: 1,
17284
+ # start_column: 1,
17285
+ # },
17286
+ # ],
17287
+ # pages: [
17288
+ # {
17289
+ # page_number: 1,
17290
+ # line_range: {
17291
+ # start: 1,
17292
+ # end: 1,
17293
+ # start_column: 1,
17294
+ # },
17295
+ # offset_range: {
17296
+ # start: 1,
17297
+ # end: 1,
17298
+ # start_column: 1,
17299
+ # },
17300
+ # },
17301
+ # ],
17302
+ # records: [
17303
+ # {
17304
+ # json_path: "NonEmptyString",
17305
+ # record_index: 1,
17306
+ # },
17307
+ # ],
17308
+ # cells: [
17309
+ # {
17310
+ # column: 1,
17311
+ # row: 1,
17312
+ # column_name: "NonEmptyString",
17313
+ # cell_reference: "NonEmptyString",
17314
+ # },
17315
+ # ],
17316
+ # },
17317
+ # },
17318
+ # ],
17319
+ # total_count: 1,
17320
+ # }
17321
+ #
17322
+ # @!attribute [rw] detections
17323
+ # The list of detected instances of sensitive data.
17324
+ # @return [Array<Types::CustomDataIdentifiersDetections>]
17325
+ #
17326
+ # @!attribute [rw] total_count
17327
+ # The total number of occurrences of sensitive data.
17328
+ # @return [Integer]
17329
+ #
17330
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CustomDataIdentifiersResult AWS API Documentation
17331
+ #
17332
+ class CustomDataIdentifiersResult < Struct.new(
17333
+ :detections,
17334
+ :total_count)
17335
+ SENSITIVE = []
17336
+ include Aws::Structure
17337
+ end
17338
+
16425
17339
  # CVSS scores from the advisory related to the vulnerability.
16426
17340
  #
16427
17341
  # @note When making an API call, you may pass Cvss
@@ -16455,6 +17369,154 @@ module Aws::SecurityHub
16455
17369
  include Aws::Structure
16456
17370
  end
16457
17371
 
17372
+ # Provides details about sensitive data that was detected on a resource.
17373
+ #
17374
+ # @note When making an API call, you may pass DataClassificationDetails
17375
+ # data as a hash:
17376
+ #
17377
+ # {
17378
+ # detailed_results_location: "NonEmptyString",
17379
+ # result: {
17380
+ # mime_type: "NonEmptyString",
17381
+ # size_classified: 1,
17382
+ # additional_occurrences: false,
17383
+ # status: {
17384
+ # code: "NonEmptyString",
17385
+ # reason: "NonEmptyString",
17386
+ # },
17387
+ # sensitive_data: [
17388
+ # {
17389
+ # category: "NonEmptyString",
17390
+ # detections: [
17391
+ # {
17392
+ # count: 1,
17393
+ # type: "NonEmptyString",
17394
+ # occurrences: {
17395
+ # line_ranges: [
17396
+ # {
17397
+ # start: 1,
17398
+ # end: 1,
17399
+ # start_column: 1,
17400
+ # },
17401
+ # ],
17402
+ # offset_ranges: [
17403
+ # {
17404
+ # start: 1,
17405
+ # end: 1,
17406
+ # start_column: 1,
17407
+ # },
17408
+ # ],
17409
+ # pages: [
17410
+ # {
17411
+ # page_number: 1,
17412
+ # line_range: {
17413
+ # start: 1,
17414
+ # end: 1,
17415
+ # start_column: 1,
17416
+ # },
17417
+ # offset_range: {
17418
+ # start: 1,
17419
+ # end: 1,
17420
+ # start_column: 1,
17421
+ # },
17422
+ # },
17423
+ # ],
17424
+ # records: [
17425
+ # {
17426
+ # json_path: "NonEmptyString",
17427
+ # record_index: 1,
17428
+ # },
17429
+ # ],
17430
+ # cells: [
17431
+ # {
17432
+ # column: 1,
17433
+ # row: 1,
17434
+ # column_name: "NonEmptyString",
17435
+ # cell_reference: "NonEmptyString",
17436
+ # },
17437
+ # ],
17438
+ # },
17439
+ # },
17440
+ # ],
17441
+ # total_count: 1,
17442
+ # },
17443
+ # ],
17444
+ # custom_data_identifiers: {
17445
+ # detections: [
17446
+ # {
17447
+ # count: 1,
17448
+ # arn: "NonEmptyString",
17449
+ # name: "NonEmptyString",
17450
+ # occurrences: {
17451
+ # line_ranges: [
17452
+ # {
17453
+ # start: 1,
17454
+ # end: 1,
17455
+ # start_column: 1,
17456
+ # },
17457
+ # ],
17458
+ # offset_ranges: [
17459
+ # {
17460
+ # start: 1,
17461
+ # end: 1,
17462
+ # start_column: 1,
17463
+ # },
17464
+ # ],
17465
+ # pages: [
17466
+ # {
17467
+ # page_number: 1,
17468
+ # line_range: {
17469
+ # start: 1,
17470
+ # end: 1,
17471
+ # start_column: 1,
17472
+ # },
17473
+ # offset_range: {
17474
+ # start: 1,
17475
+ # end: 1,
17476
+ # start_column: 1,
17477
+ # },
17478
+ # },
17479
+ # ],
17480
+ # records: [
17481
+ # {
17482
+ # json_path: "NonEmptyString",
17483
+ # record_index: 1,
17484
+ # },
17485
+ # ],
17486
+ # cells: [
17487
+ # {
17488
+ # column: 1,
17489
+ # row: 1,
17490
+ # column_name: "NonEmptyString",
17491
+ # cell_reference: "NonEmptyString",
17492
+ # },
17493
+ # ],
17494
+ # },
17495
+ # },
17496
+ # ],
17497
+ # total_count: 1,
17498
+ # },
17499
+ # },
17500
+ # }
17501
+ #
17502
+ # @!attribute [rw] detailed_results_location
17503
+ # The path to the folder or file that contains the sensitive data.
17504
+ # @return [String]
17505
+ #
17506
+ # @!attribute [rw] result
17507
+ # The details about the sensitive data that was detected on the
17508
+ # resource.
17509
+ # @return [Types::ClassificationResult]
17510
+ #
17511
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DataClassificationDetails AWS API Documentation
17512
+ #
17513
+ class DataClassificationDetails < Struct.new(
17514
+ :detailed_results_location,
17515
+ :result)
17516
+ SENSITIVE = []
17517
+ include Aws::Structure
17518
+ end
17519
+
16458
17520
  # A date filter for querying findings.
16459
17521
  #
16460
17522
  # @note When making an API call, you may pass DateFilter
@@ -17183,6 +18245,103 @@ module Aws::SecurityHub
17183
18245
  #
17184
18246
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
17185
18247
 
18248
+ # In a `BatchImportFindings` request, finding providers use
18249
+ # `FindingProviderFields` to provide and update values for confidence,
18250
+ # criticality, related findings, severity, and types.
18251
+ #
18252
+ # @note When making an API call, you may pass FindingProviderFields
18253
+ # data as a hash:
18254
+ #
18255
+ # {
18256
+ # confidence: 1,
18257
+ # criticality: 1,
18258
+ # related_findings: [
18259
+ # {
18260
+ # product_arn: "NonEmptyString", # required
18261
+ # id: "NonEmptyString", # required
18262
+ # },
18263
+ # ],
18264
+ # severity: {
18265
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18266
+ # original: "NonEmptyString",
18267
+ # },
18268
+ # types: ["NonEmptyString"],
18269
+ # }
18270
+ #
18271
+ # @!attribute [rw] confidence
18272
+ # A finding's confidence. Confidence is defined as the likelihood
18273
+ # that a finding accurately identifies the behavior or issue that it
18274
+ # was intended to identify.
18275
+ #
18276
+ # Confidence is scored on a 0-100 basis using a ratio scale, where 0
18277
+ # means zero percent confidence and 100 means 100 percent confidence.
18278
+ # @return [Integer]
18279
+ #
18280
+ # @!attribute [rw] criticality
18281
+ # The level of importance assigned to the resources associated with
18282
+ # the finding.
18283
+ #
18284
+ # A score of 0 means that the underlying resources have no
18285
+ # criticality, and a score of 100 is reserved for the most critical
18286
+ # resources.
18287
+ # @return [Integer]
18288
+ #
18289
+ # @!attribute [rw] related_findings
18290
+ # A list of findings that are related to the current finding.
18291
+ # @return [Array<Types::RelatedFinding>]
18292
+ #
18293
+ # @!attribute [rw] severity
18294
+ # The severity of a finding.
18295
+ # @return [Types::FindingProviderSeverity]
18296
+ #
18297
+ # @!attribute [rw] types
18298
+ # One or more finding types in the format of
18299
+ # `namespace/category/classifier` that classify a finding.
18300
+ #
18301
+ # Valid namespace values are: Software and Configuration Checks \|
18302
+ # TTPs \| Effects \| Unusual Behaviors \| Sensitive Data
18303
+ # Identifications
18304
+ # @return [Array<String>]
18305
+ #
18306
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderFields AWS API Documentation
18307
+ #
18308
+ class FindingProviderFields < Struct.new(
18309
+ :confidence,
18310
+ :criticality,
18311
+ :related_findings,
18312
+ :severity,
18313
+ :types)
18314
+ SENSITIVE = []
18315
+ include Aws::Structure
18316
+ end
18317
+
18318
+ # The severity assigned to the finding by the finding provider.
18319
+ #
18320
+ # @note When making an API call, you may pass FindingProviderSeverity
18321
+ # data as a hash:
18322
+ #
18323
+ # {
18324
+ # label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
18325
+ # original: "NonEmptyString",
18326
+ # }
18327
+ #
18328
+ # @!attribute [rw] label
18329
+ # The severity label assigned to the finding by the finding provider.
18330
+ # @return [String]
18331
+ #
18332
+ # @!attribute [rw] original
18333
+ # The finding provider's original value for the severity.
18334
+ # @return [String]
18335
+ #
18336
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingProviderSeverity AWS API Documentation
18337
+ #
18338
+ class FindingProviderSeverity < Struct.new(
18339
+ :label,
18340
+ :original)
18341
+ SENSITIVE = []
18342
+ include Aws::Structure
18343
+ end
18344
+
17186
18345
  # Provides the latitude and longitude coordinates of a location.
17187
18346
  #
17188
18347
  # @note When making an API call, you may pass GeoLocation
@@ -17824,6 +18983,50 @@ module Aws::SecurityHub
17824
18983
  # value: "NonEmptyString",
17825
18984
  # },
17826
18985
  # ],
18986
+ # finding_provider_fields_confidence: [
18987
+ # {
18988
+ # gte: 1.0,
18989
+ # lte: 1.0,
18990
+ # eq: 1.0,
18991
+ # },
18992
+ # ],
18993
+ # finding_provider_fields_criticality: [
18994
+ # {
18995
+ # gte: 1.0,
18996
+ # lte: 1.0,
18997
+ # eq: 1.0,
18998
+ # },
18999
+ # ],
19000
+ # finding_provider_fields_related_findings_id: [
19001
+ # {
19002
+ # value: "NonEmptyString",
19003
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19004
+ # },
19005
+ # ],
19006
+ # finding_provider_fields_related_findings_product_arn: [
19007
+ # {
19008
+ # value: "NonEmptyString",
19009
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19010
+ # },
19011
+ # ],
19012
+ # finding_provider_fields_severity_label: [
19013
+ # {
19014
+ # value: "NonEmptyString",
19015
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19016
+ # },
19017
+ # ],
19018
+ # finding_provider_fields_severity_original: [
19019
+ # {
19020
+ # value: "NonEmptyString",
19021
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19022
+ # },
19023
+ # ],
19024
+ # finding_provider_fields_types: [
19025
+ # {
19026
+ # value: "NonEmptyString",
19027
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
19028
+ # },
19029
+ # ],
17827
19030
  # },
17828
19031
  # sort_criteria: [
17829
19032
  # {
@@ -19290,6 +20493,139 @@ module Aws::SecurityHub
19290
20493
  include Aws::Structure
19291
20494
  end
19292
20495
 
20496
+ # The detected occurrences of sensitive data.
20497
+ #
20498
+ # @note When making an API call, you may pass Occurrences
20499
+ # data as a hash:
20500
+ #
20501
+ # {
20502
+ # line_ranges: [
20503
+ # {
20504
+ # start: 1,
20505
+ # end: 1,
20506
+ # start_column: 1,
20507
+ # },
20508
+ # ],
20509
+ # offset_ranges: [
20510
+ # {
20511
+ # start: 1,
20512
+ # end: 1,
20513
+ # start_column: 1,
20514
+ # },
20515
+ # ],
20516
+ # pages: [
20517
+ # {
20518
+ # page_number: 1,
20519
+ # line_range: {
20520
+ # start: 1,
20521
+ # end: 1,
20522
+ # start_column: 1,
20523
+ # },
20524
+ # offset_range: {
20525
+ # start: 1,
20526
+ # end: 1,
20527
+ # start_column: 1,
20528
+ # },
20529
+ # },
20530
+ # ],
20531
+ # records: [
20532
+ # {
20533
+ # json_path: "NonEmptyString",
20534
+ # record_index: 1,
20535
+ # },
20536
+ # ],
20537
+ # cells: [
20538
+ # {
20539
+ # column: 1,
20540
+ # row: 1,
20541
+ # column_name: "NonEmptyString",
20542
+ # cell_reference: "NonEmptyString",
20543
+ # },
20544
+ # ],
20545
+ # }
20546
+ #
20547
+ # @!attribute [rw] line_ranges
20548
+ # Occurrences of sensitive data detected in a non-binary text file or
20549
+ # a Microsoft Word file. Non-binary text files include files such as
20550
+ # HTML, XML, JSON, and TXT files.
20551
+ # @return [Array<Types::Range>]
20552
+ #
20553
+ # @!attribute [rw] offset_ranges
20554
+ # Occurrences of sensitive data detected in a binary text file.
20555
+ # @return [Array<Types::Range>]
20556
+ #
20557
+ # @!attribute [rw] pages
20558
+ # Occurrences of sensitive data in an Adobe Portable Document Format
20559
+ # (PDF) file.
20560
+ # @return [Array<Types::Page>]
20561
+ #
20562
+ # @!attribute [rw] records
20563
+ # Occurrences of sensitive data in an Apache Avro object container or
20564
+ # an Apache Parquet file.
20565
+ # @return [Array<Types::Record>]
20566
+ #
20567
+ # @!attribute [rw] cells
20568
+ # Occurrences of sensitive data detected in Microsoft Excel workbooks,
20569
+ # comma-separated value (CSV) files, or tab-separated value (TSV)
20570
+ # files.
20571
+ # @return [Array<Types::Cell>]
20572
+ #
20573
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Occurrences AWS API Documentation
20574
+ #
20575
+ class Occurrences < Struct.new(
20576
+ :line_ranges,
20577
+ :offset_ranges,
20578
+ :pages,
20579
+ :records,
20580
+ :cells)
20581
+ SENSITIVE = []
20582
+ include Aws::Structure
20583
+ end
20584
+
20585
+ # An occurrence of sensitive data in an Adobe Portable Document Format
20586
+ # (PDF) file.
20587
+ #
20588
+ # @note When making an API call, you may pass Page
20589
+ # data as a hash:
20590
+ #
20591
+ # {
20592
+ # page_number: 1,
20593
+ # line_range: {
20594
+ # start: 1,
20595
+ # end: 1,
20596
+ # start_column: 1,
20597
+ # },
20598
+ # offset_range: {
20599
+ # start: 1,
20600
+ # end: 1,
20601
+ # start_column: 1,
20602
+ # },
20603
+ # }
20604
+ #
20605
+ # @!attribute [rw] page_number
20606
+ # The page number of the page that contains the sensitive data.
20607
+ # @return [Integer]
20608
+ #
20609
+ # @!attribute [rw] line_range
20610
+ # An occurrence of sensitive data detected in a non-binary text file
20611
+ # or a Microsoft Word file. Non-binary text files include files such
20612
+ # as HTML, XML, JSON, and TXT files.
20613
+ # @return [Types::Range]
20614
+ #
20615
+ # @!attribute [rw] offset_range
20616
+ # An occurrence of sensitive data detected in a binary text file.
20617
+ # @return [Types::Range]
20618
+ #
20619
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Page AWS API Documentation
20620
+ #
20621
+ class Page < Struct.new(
20622
+ :page_number,
20623
+ :line_range,
20624
+ :offset_range)
20625
+ SENSITIVE = []
20626
+ include Aws::Structure
20627
+ end
20628
+
19293
20629
  # Provides an overview of the patch compliance status for an instance
19294
20630
  # against a selected compliance standard.
19295
20631
  #
@@ -19653,22 +20989,60 @@ module Aws::SecurityHub
19653
20989
  # The URL used to activate the product.
19654
20990
  # @return [String]
19655
20991
  #
19656
- # @!attribute [rw] product_subscription_resource_policy
19657
- # The resource policy associated with the product.
19658
- # @return [String]
20992
+ # @!attribute [rw] product_subscription_resource_policy
20993
+ # The resource policy associated with the product.
20994
+ # @return [String]
20995
+ #
20996
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
20997
+ #
20998
+ class Product < Struct.new(
20999
+ :product_arn,
21000
+ :product_name,
21001
+ :company_name,
21002
+ :description,
21003
+ :categories,
21004
+ :integration_types,
21005
+ :marketplace_url,
21006
+ :activation_url,
21007
+ :product_subscription_resource_policy)
21008
+ SENSITIVE = []
21009
+ include Aws::Structure
21010
+ end
21011
+
21012
+ # Identifies where the sensitive data begins and ends.
21013
+ #
21014
+ # @note When making an API call, you may pass Range
21015
+ # data as a hash:
21016
+ #
21017
+ # {
21018
+ # start: 1,
21019
+ # end: 1,
21020
+ # start_column: 1,
21021
+ # }
21022
+ #
21023
+ # @!attribute [rw] start
21024
+ # The number of lines (for a line range) or characters (for an offset
21025
+ # range) from the beginning of the file to the end of the sensitive
21026
+ # data.
21027
+ # @return [Integer]
21028
+ #
21029
+ # @!attribute [rw] end
21030
+ # The number of lines (for a line range) or characters (for an offset
21031
+ # range) from the beginning of the file to the end of the sensitive
21032
+ # data.
21033
+ # @return [Integer]
21034
+ #
21035
+ # @!attribute [rw] start_column
21036
+ # In the line where the sensitive data starts, the column within the
21037
+ # line where the sensitive data starts.
21038
+ # @return [Integer]
19659
21039
  #
19660
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Product AWS API Documentation
21040
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Range AWS API Documentation
19661
21041
  #
19662
- class Product < Struct.new(
19663
- :product_arn,
19664
- :product_name,
19665
- :company_name,
19666
- :description,
19667
- :categories,
19668
- :integration_types,
19669
- :marketplace_url,
19670
- :activation_url,
19671
- :product_subscription_resource_policy)
21042
+ class Range < Struct.new(
21043
+ :start,
21044
+ :end,
21045
+ :start_column)
19672
21046
  SENSITIVE = []
19673
21047
  include Aws::Structure
19674
21048
  end
@@ -19703,6 +21077,38 @@ module Aws::SecurityHub
19703
21077
  include Aws::Structure
19704
21078
  end
19705
21079
 
21080
+ # An occurrence of sensitive data in an Apache Avro object container or
21081
+ # an Apache Parquet file.
21082
+ #
21083
+ # @note When making an API call, you may pass Record
21084
+ # data as a hash:
21085
+ #
21086
+ # {
21087
+ # json_path: "NonEmptyString",
21088
+ # record_index: 1,
21089
+ # }
21090
+ #
21091
+ # @!attribute [rw] json_path
21092
+ # The path, as a JSONPath expression, to the field in the record that
21093
+ # contains the data. If the field name is longer than 20 characters,
21094
+ # it is truncated. If the path is longer than 250 characters, it is
21095
+ # truncated.
21096
+ # @return [String]
21097
+ #
21098
+ # @!attribute [rw] record_index
21099
+ # The record index, starting from 0, for the record that contains the
21100
+ # data.
21101
+ # @return [Integer]
21102
+ #
21103
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Record AWS API Documentation
21104
+ #
21105
+ class Record < Struct.new(
21106
+ :json_path,
21107
+ :record_index)
21108
+ SENSITIVE = []
21109
+ include Aws::Structure
21110
+ end
21111
+
19706
21112
  # Details about a related finding.
19707
21113
  #
19708
21114
  # @note When making an API call, you may pass RelatedFinding
@@ -19769,6 +21175,130 @@ module Aws::SecurityHub
19769
21175
  # tags: {
19770
21176
  # "NonEmptyString" => "NonEmptyString",
19771
21177
  # },
21178
+ # data_classification: {
21179
+ # detailed_results_location: "NonEmptyString",
21180
+ # result: {
21181
+ # mime_type: "NonEmptyString",
21182
+ # size_classified: 1,
21183
+ # additional_occurrences: false,
21184
+ # status: {
21185
+ # code: "NonEmptyString",
21186
+ # reason: "NonEmptyString",
21187
+ # },
21188
+ # sensitive_data: [
21189
+ # {
21190
+ # category: "NonEmptyString",
21191
+ # detections: [
21192
+ # {
21193
+ # count: 1,
21194
+ # type: "NonEmptyString",
21195
+ # occurrences: {
21196
+ # line_ranges: [
21197
+ # {
21198
+ # start: 1,
21199
+ # end: 1,
21200
+ # start_column: 1,
21201
+ # },
21202
+ # ],
21203
+ # offset_ranges: [
21204
+ # {
21205
+ # start: 1,
21206
+ # end: 1,
21207
+ # start_column: 1,
21208
+ # },
21209
+ # ],
21210
+ # pages: [
21211
+ # {
21212
+ # page_number: 1,
21213
+ # line_range: {
21214
+ # start: 1,
21215
+ # end: 1,
21216
+ # start_column: 1,
21217
+ # },
21218
+ # offset_range: {
21219
+ # start: 1,
21220
+ # end: 1,
21221
+ # start_column: 1,
21222
+ # },
21223
+ # },
21224
+ # ],
21225
+ # records: [
21226
+ # {
21227
+ # json_path: "NonEmptyString",
21228
+ # record_index: 1,
21229
+ # },
21230
+ # ],
21231
+ # cells: [
21232
+ # {
21233
+ # column: 1,
21234
+ # row: 1,
21235
+ # column_name: "NonEmptyString",
21236
+ # cell_reference: "NonEmptyString",
21237
+ # },
21238
+ # ],
21239
+ # },
21240
+ # },
21241
+ # ],
21242
+ # total_count: 1,
21243
+ # },
21244
+ # ],
21245
+ # custom_data_identifiers: {
21246
+ # detections: [
21247
+ # {
21248
+ # count: 1,
21249
+ # arn: "NonEmptyString",
21250
+ # name: "NonEmptyString",
21251
+ # occurrences: {
21252
+ # line_ranges: [
21253
+ # {
21254
+ # start: 1,
21255
+ # end: 1,
21256
+ # start_column: 1,
21257
+ # },
21258
+ # ],
21259
+ # offset_ranges: [
21260
+ # {
21261
+ # start: 1,
21262
+ # end: 1,
21263
+ # start_column: 1,
21264
+ # },
21265
+ # ],
21266
+ # pages: [
21267
+ # {
21268
+ # page_number: 1,
21269
+ # line_range: {
21270
+ # start: 1,
21271
+ # end: 1,
21272
+ # start_column: 1,
21273
+ # },
21274
+ # offset_range: {
21275
+ # start: 1,
21276
+ # end: 1,
21277
+ # start_column: 1,
21278
+ # },
21279
+ # },
21280
+ # ],
21281
+ # records: [
21282
+ # {
21283
+ # json_path: "NonEmptyString",
21284
+ # record_index: 1,
21285
+ # },
21286
+ # ],
21287
+ # cells: [
21288
+ # {
21289
+ # column: 1,
21290
+ # row: 1,
21291
+ # column_name: "NonEmptyString",
21292
+ # cell_reference: "NonEmptyString",
21293
+ # },
21294
+ # ],
21295
+ # },
21296
+ # },
21297
+ # ],
21298
+ # total_count: 1,
21299
+ # },
21300
+ # },
21301
+ # },
19772
21302
  # details: {
19773
21303
  # aws_auto_scaling_auto_scaling_group: {
19774
21304
  # launch_configuration_name: "NonEmptyString",
@@ -20070,6 +21600,18 @@ module Aws::SecurityHub
20070
21600
  # },
20071
21601
  # ],
20072
21602
  # },
21603
+ # public_access_block_configuration: {
21604
+ # block_public_acls: false,
21605
+ # block_public_policy: false,
21606
+ # ignore_public_acls: false,
21607
+ # restrict_public_buckets: false,
21608
+ # },
21609
+ # },
21610
+ # aws_s3_account_public_access_block: {
21611
+ # block_public_acls: false,
21612
+ # block_public_policy: false,
21613
+ # ignore_public_acls: false,
21614
+ # restrict_public_buckets: false,
20073
21615
  # },
20074
21616
  # aws_s3_object: {
20075
21617
  # last_modified: "NonEmptyString",
@@ -21155,6 +22697,11 @@ module Aws::SecurityHub
21155
22697
  # finding was processed.
21156
22698
  # @return [Hash<String,String>]
21157
22699
  #
22700
+ # @!attribute [rw] data_classification
22701
+ # Contains information about sensitive data that was detected on the
22702
+ # resource.
22703
+ # @return [Types::DataClassificationDetails]
22704
+ #
21158
22705
  # @!attribute [rw] details
21159
22706
  # Additional details about the resource related to a finding.
21160
22707
  # @return [Types::ResourceDetails]
@@ -21168,6 +22715,7 @@ module Aws::SecurityHub
21168
22715
  :region,
21169
22716
  :resource_role,
21170
22717
  :tags,
22718
+ :data_classification,
21171
22719
  :details)
21172
22720
  SENSITIVE = []
21173
22721
  include Aws::Structure
@@ -21508,6 +23056,18 @@ module Aws::SecurityHub
21508
23056
  # },
21509
23057
  # ],
21510
23058
  # },
23059
+ # public_access_block_configuration: {
23060
+ # block_public_acls: false,
23061
+ # block_public_policy: false,
23062
+ # ignore_public_acls: false,
23063
+ # restrict_public_buckets: false,
23064
+ # },
23065
+ # },
23066
+ # aws_s3_account_public_access_block: {
23067
+ # block_public_acls: false,
23068
+ # block_public_policy: false,
23069
+ # ignore_public_acls: false,
23070
+ # restrict_public_buckets: false,
21511
23071
  # },
21512
23072
  # aws_s3_object: {
21513
23073
  # last_modified: "NonEmptyString",
@@ -22607,6 +24167,11 @@ module Aws::SecurityHub
22607
24167
  # Details about an Amazon S3 bucket related to a finding.
22608
24168
  # @return [Types::AwsS3BucketDetails]
22609
24169
  #
24170
+ # @!attribute [rw] aws_s3_account_public_access_block
24171
+ # Details about the Amazon S3 Public Access Block configuration for an
24172
+ # account.
24173
+ # @return [Types::AwsS3AccountPublicAccessBlockDetails]
24174
+ #
22610
24175
  # @!attribute [rw] aws_s3_object
22611
24176
  # Details about an Amazon S3 object related to a finding.
22612
24177
  # @return [Types::AwsS3ObjectDetails]
@@ -22750,6 +24315,7 @@ module Aws::SecurityHub
22750
24315
  :aws_elbv_2_load_balancer,
22751
24316
  :aws_elasticsearch_domain,
22752
24317
  :aws_s3_bucket,
24318
+ :aws_s3_account_public_access_block,
22753
24319
  :aws_s3_object,
22754
24320
  :aws_secrets_manager_secret,
22755
24321
  :aws_iam_access_key,
@@ -22820,6 +24386,171 @@ module Aws::SecurityHub
22820
24386
  include Aws::Structure
22821
24387
  end
22822
24388
 
24389
+ # The list of detected instances of sensitive data.
24390
+ #
24391
+ # @note When making an API call, you may pass SensitiveDataDetections
24392
+ # data as a hash:
24393
+ #
24394
+ # {
24395
+ # count: 1,
24396
+ # type: "NonEmptyString",
24397
+ # occurrences: {
24398
+ # line_ranges: [
24399
+ # {
24400
+ # start: 1,
24401
+ # end: 1,
24402
+ # start_column: 1,
24403
+ # },
24404
+ # ],
24405
+ # offset_ranges: [
24406
+ # {
24407
+ # start: 1,
24408
+ # end: 1,
24409
+ # start_column: 1,
24410
+ # },
24411
+ # ],
24412
+ # pages: [
24413
+ # {
24414
+ # page_number: 1,
24415
+ # line_range: {
24416
+ # start: 1,
24417
+ # end: 1,
24418
+ # start_column: 1,
24419
+ # },
24420
+ # offset_range: {
24421
+ # start: 1,
24422
+ # end: 1,
24423
+ # start_column: 1,
24424
+ # },
24425
+ # },
24426
+ # ],
24427
+ # records: [
24428
+ # {
24429
+ # json_path: "NonEmptyString",
24430
+ # record_index: 1,
24431
+ # },
24432
+ # ],
24433
+ # cells: [
24434
+ # {
24435
+ # column: 1,
24436
+ # row: 1,
24437
+ # column_name: "NonEmptyString",
24438
+ # cell_reference: "NonEmptyString",
24439
+ # },
24440
+ # ],
24441
+ # },
24442
+ # }
24443
+ #
24444
+ # @!attribute [rw] count
24445
+ # The total number of occurrences of sensitive data that were
24446
+ # detected.
24447
+ # @return [Integer]
24448
+ #
24449
+ # @!attribute [rw] type
24450
+ # The type of sensitive data that was detected. For example, the type
24451
+ # might indicate that the data is an email address.
24452
+ # @return [String]
24453
+ #
24454
+ # @!attribute [rw] occurrences
24455
+ # Details about the sensitive data that was detected.
24456
+ # @return [Types::Occurrences]
24457
+ #
24458
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataDetections AWS API Documentation
24459
+ #
24460
+ class SensitiveDataDetections < Struct.new(
24461
+ :count,
24462
+ :type,
24463
+ :occurrences)
24464
+ SENSITIVE = []
24465
+ include Aws::Structure
24466
+ end
24467
+
24468
+ # Contains a detected instance of sensitive data that are based on
24469
+ # built-in identifiers.
24470
+ #
24471
+ # @note When making an API call, you may pass SensitiveDataResult
24472
+ # data as a hash:
24473
+ #
24474
+ # {
24475
+ # category: "NonEmptyString",
24476
+ # detections: [
24477
+ # {
24478
+ # count: 1,
24479
+ # type: "NonEmptyString",
24480
+ # occurrences: {
24481
+ # line_ranges: [
24482
+ # {
24483
+ # start: 1,
24484
+ # end: 1,
24485
+ # start_column: 1,
24486
+ # },
24487
+ # ],
24488
+ # offset_ranges: [
24489
+ # {
24490
+ # start: 1,
24491
+ # end: 1,
24492
+ # start_column: 1,
24493
+ # },
24494
+ # ],
24495
+ # pages: [
24496
+ # {
24497
+ # page_number: 1,
24498
+ # line_range: {
24499
+ # start: 1,
24500
+ # end: 1,
24501
+ # start_column: 1,
24502
+ # },
24503
+ # offset_range: {
24504
+ # start: 1,
24505
+ # end: 1,
24506
+ # start_column: 1,
24507
+ # },
24508
+ # },
24509
+ # ],
24510
+ # records: [
24511
+ # {
24512
+ # json_path: "NonEmptyString",
24513
+ # record_index: 1,
24514
+ # },
24515
+ # ],
24516
+ # cells: [
24517
+ # {
24518
+ # column: 1,
24519
+ # row: 1,
24520
+ # column_name: "NonEmptyString",
24521
+ # cell_reference: "NonEmptyString",
24522
+ # },
24523
+ # ],
24524
+ # },
24525
+ # },
24526
+ # ],
24527
+ # total_count: 1,
24528
+ # }
24529
+ #
24530
+ # @!attribute [rw] category
24531
+ # The category of sensitive data that was detected. For example, the
24532
+ # category can indicate that the sensitive data involved credentials,
24533
+ # financial information, or personal information.
24534
+ # @return [String]
24535
+ #
24536
+ # @!attribute [rw] detections
24537
+ # The list of detected instances of sensitive data.
24538
+ # @return [Array<Types::SensitiveDataDetections>]
24539
+ #
24540
+ # @!attribute [rw] total_count
24541
+ # The total number of occurrences of sensitive data.
24542
+ # @return [Integer]
24543
+ #
24544
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SensitiveDataResult AWS API Documentation
24545
+ #
24546
+ class SensitiveDataResult < Struct.new(
24547
+ :category,
24548
+ :detections,
24549
+ :total_count)
24550
+ SENSITIVE = []
24551
+ include Aws::Structure
24552
+ end
24553
+
22823
24554
  # The severity of the finding.
22824
24555
  #
22825
24556
  # The finding provider can provide the initial severity. The finding
@@ -24068,6 +25799,50 @@ module Aws::SecurityHub
24068
25799
  # value: "NonEmptyString",
24069
25800
  # },
24070
25801
  # ],
25802
+ # finding_provider_fields_confidence: [
25803
+ # {
25804
+ # gte: 1.0,
25805
+ # lte: 1.0,
25806
+ # eq: 1.0,
25807
+ # },
25808
+ # ],
25809
+ # finding_provider_fields_criticality: [
25810
+ # {
25811
+ # gte: 1.0,
25812
+ # lte: 1.0,
25813
+ # eq: 1.0,
25814
+ # },
25815
+ # ],
25816
+ # finding_provider_fields_related_findings_id: [
25817
+ # {
25818
+ # value: "NonEmptyString",
25819
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25820
+ # },
25821
+ # ],
25822
+ # finding_provider_fields_related_findings_product_arn: [
25823
+ # {
25824
+ # value: "NonEmptyString",
25825
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25826
+ # },
25827
+ # ],
25828
+ # finding_provider_fields_severity_label: [
25829
+ # {
25830
+ # value: "NonEmptyString",
25831
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25832
+ # },
25833
+ # ],
25834
+ # finding_provider_fields_severity_original: [
25835
+ # {
25836
+ # value: "NonEmptyString",
25837
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25838
+ # },
25839
+ # ],
25840
+ # finding_provider_fields_types: [
25841
+ # {
25842
+ # value: "NonEmptyString",
25843
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25844
+ # },
25845
+ # ],
24071
25846
  # },
24072
25847
  # note: {
24073
25848
  # text: "NonEmptyString", # required
@@ -24663,6 +26438,50 @@ module Aws::SecurityHub
24663
26438
  # value: "NonEmptyString",
24664
26439
  # },
24665
26440
  # ],
26441
+ # finding_provider_fields_confidence: [
26442
+ # {
26443
+ # gte: 1.0,
26444
+ # lte: 1.0,
26445
+ # eq: 1.0,
26446
+ # },
26447
+ # ],
26448
+ # finding_provider_fields_criticality: [
26449
+ # {
26450
+ # gte: 1.0,
26451
+ # lte: 1.0,
26452
+ # eq: 1.0,
26453
+ # },
26454
+ # ],
26455
+ # finding_provider_fields_related_findings_id: [
26456
+ # {
26457
+ # value: "NonEmptyString",
26458
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26459
+ # },
26460
+ # ],
26461
+ # finding_provider_fields_related_findings_product_arn: [
26462
+ # {
26463
+ # value: "NonEmptyString",
26464
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26465
+ # },
26466
+ # ],
26467
+ # finding_provider_fields_severity_label: [
26468
+ # {
26469
+ # value: "NonEmptyString",
26470
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26471
+ # },
26472
+ # ],
26473
+ # finding_provider_fields_severity_original: [
26474
+ # {
26475
+ # value: "NonEmptyString",
26476
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26477
+ # },
26478
+ # ],
26479
+ # finding_provider_fields_types: [
26480
+ # {
26481
+ # value: "NonEmptyString",
26482
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
26483
+ # },
26484
+ # ],
24666
26485
  # },
24667
26486
  # group_by_attribute: "NonEmptyString",
24668
26487
  # }