aws-sdk-securityhub 1.51.0 → 1.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +260 -1
  5. data/lib/aws-sdk-securityhub/client_api.rb +209 -0
  6. data/lib/aws-sdk-securityhub/types.rb +1938 -47
  7. data/lib/aws-sdk-securityhub.rb +1 -1
  8. metadata +2 -2
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -448,6 +448,33 @@ module Aws::SecurityHub
448
448
  include Aws::Structure
449
449
  end
450
450
 
451
+ # An adjustment to the CVSS metric.
452
+ #
453
+ # @note When making an API call, you may pass Adjustment
454
+ # data as a hash:
455
+ #
456
+ # {
457
+ # metric: "NonEmptyString",
458
+ # reason: "NonEmptyString",
459
+ # }
460
+ #
461
+ # @!attribute [rw] metric
462
+ # The metric to adjust.
463
+ # @return [String]
464
+ #
465
+ # @!attribute [rw] reason
466
+ # The reason for the adjustment.
467
+ # @return [String]
468
+ #
469
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Adjustment AWS API Documentation
470
+ #
471
+ class Adjustment < Struct.new(
472
+ :metric,
473
+ :reason)
474
+ SENSITIVE = []
475
+ include Aws::Structure
476
+ end
477
+
451
478
  # Represents a Security Hub administrator account designated by an
452
479
  # organization management account.
453
480
  #
@@ -1442,6 +1469,312 @@ module Aws::SecurityHub
1442
1469
  include Aws::Structure
1443
1470
  end
1444
1471
 
1472
+ # A block device for the instance.
1473
+ #
1474
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails
1475
+ # data as a hash:
1476
+ #
1477
+ # {
1478
+ # device_name: "NonEmptyString",
1479
+ # ebs: {
1480
+ # delete_on_termination: false,
1481
+ # encrypted: false,
1482
+ # iops: 1,
1483
+ # snapshot_id: "NonEmptyString",
1484
+ # volume_size: 1,
1485
+ # volume_type: "NonEmptyString",
1486
+ # },
1487
+ # no_device: false,
1488
+ # virtual_name: "NonEmptyString",
1489
+ # }
1490
+ #
1491
+ # @!attribute [rw] device_name
1492
+ # The device name that is exposed to the EC2 instance. For example,
1493
+ # `/dev/sdh` or `xvdh`.
1494
+ # @return [String]
1495
+ #
1496
+ # @!attribute [rw] ebs
1497
+ # Parameters that are used to automatically set up Amazon EBS volumes
1498
+ # when an instance is launched.
1499
+ # @return [Types::AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails]
1500
+ #
1501
+ # @!attribute [rw] no_device
1502
+ # Whether to suppress the device that is included in the block device
1503
+ # mapping of the Amazon Machine Image (AMI).
1504
+ #
1505
+ # If `NoDevice` is `true`, then you cannot specify `Ebs`.&gt;
1506
+ # @return [Boolean]
1507
+ #
1508
+ # @!attribute [rw] virtual_name
1509
+ # The name of the virtual device (for example, `ephemeral0`).
1510
+ #
1511
+ # You can provide either `VirtualName` or `Ebs`, but not both.
1512
+ # @return [String]
1513
+ #
1514
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails AWS API Documentation
1515
+ #
1516
+ class AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails < Struct.new(
1517
+ :device_name,
1518
+ :ebs,
1519
+ :no_device,
1520
+ :virtual_name)
1521
+ SENSITIVE = []
1522
+ include Aws::Structure
1523
+ end
1524
+
1525
+ # Parameters that are used to automatically set up EBS volumes when an
1526
+ # instance is launched.
1527
+ #
1528
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails
1529
+ # data as a hash:
1530
+ #
1531
+ # {
1532
+ # delete_on_termination: false,
1533
+ # encrypted: false,
1534
+ # iops: 1,
1535
+ # snapshot_id: "NonEmptyString",
1536
+ # volume_size: 1,
1537
+ # volume_type: "NonEmptyString",
1538
+ # }
1539
+ #
1540
+ # @!attribute [rw] delete_on_termination
1541
+ # Whether to delete the volume when the instance is terminated.
1542
+ # @return [Boolean]
1543
+ #
1544
+ # @!attribute [rw] encrypted
1545
+ # Whether to encrypt the volume.
1546
+ # @return [Boolean]
1547
+ #
1548
+ # @!attribute [rw] iops
1549
+ # The number of input/output (I/O) operations per second (IOPS) to
1550
+ # provision for the volume.
1551
+ #
1552
+ # Only supported for `gp3` or `io1` volumes. Required for `io1`
1553
+ # volumes. Not used with `standard`, `gp2`, `st1`, or `sc1` volumes.
1554
+ # @return [Integer]
1555
+ #
1556
+ # @!attribute [rw] snapshot_id
1557
+ # The snapshot ID of the volume to use.
1558
+ #
1559
+ # You must specify either `VolumeSize` or `SnapshotId`.
1560
+ # @return [String]
1561
+ #
1562
+ # @!attribute [rw] volume_size
1563
+ # The volume size, in GiBs. The following are the supported volumes
1564
+ # sizes for each volume type:
1565
+ #
1566
+ # * gp2 and gp3: 1-16,384
1567
+ #
1568
+ # * io1: 4-16,384
1569
+ #
1570
+ # * st1 and sc1: 125-16,384
1571
+ #
1572
+ # * standard: 1-1,024
1573
+ #
1574
+ # You must specify either `SnapshotId` or `VolumeSize`. If you specify
1575
+ # both `SnapshotId` and `VolumeSize`, the volume size must be equal or
1576
+ # greater than the size of the snapshot.
1577
+ # @return [Integer]
1578
+ #
1579
+ # @!attribute [rw] volume_type
1580
+ # The volume type.
1581
+ # @return [String]
1582
+ #
1583
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails AWS API Documentation
1584
+ #
1585
+ class AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails < Struct.new(
1586
+ :delete_on_termination,
1587
+ :encrypted,
1588
+ :iops,
1589
+ :snapshot_id,
1590
+ :volume_size,
1591
+ :volume_type)
1592
+ SENSITIVE = []
1593
+ include Aws::Structure
1594
+ end
1595
+
1596
+ # Details about a launch configuration.
1597
+ #
1598
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationDetails
1599
+ # data as a hash:
1600
+ #
1601
+ # {
1602
+ # associate_public_ip_address: false,
1603
+ # block_device_mappings: [
1604
+ # {
1605
+ # device_name: "NonEmptyString",
1606
+ # ebs: {
1607
+ # delete_on_termination: false,
1608
+ # encrypted: false,
1609
+ # iops: 1,
1610
+ # snapshot_id: "NonEmptyString",
1611
+ # volume_size: 1,
1612
+ # volume_type: "NonEmptyString",
1613
+ # },
1614
+ # no_device: false,
1615
+ # virtual_name: "NonEmptyString",
1616
+ # },
1617
+ # ],
1618
+ # classic_link_vpc_id: "NonEmptyString",
1619
+ # classic_link_vpc_security_groups: ["NonEmptyString"],
1620
+ # created_time: "NonEmptyString",
1621
+ # ebs_optimized: false,
1622
+ # iam_instance_profile: "NonEmptyString",
1623
+ # image_id: "NonEmptyString",
1624
+ # instance_monitoring: {
1625
+ # enabled: false,
1626
+ # },
1627
+ # instance_type: "NonEmptyString",
1628
+ # kernel_id: "NonEmptyString",
1629
+ # key_name: "NonEmptyString",
1630
+ # launch_configuration_name: "NonEmptyString",
1631
+ # placement_tenancy: "NonEmptyString",
1632
+ # ramdisk_id: "NonEmptyString",
1633
+ # security_groups: ["NonEmptyString"],
1634
+ # spot_price: "NonEmptyString",
1635
+ # user_data: "NonEmptyString",
1636
+ # }
1637
+ #
1638
+ # @!attribute [rw] associate_public_ip_address
1639
+ # For Auto Scaling groups that run in a VPC, specifies whether to
1640
+ # assign a public IP address to the group's instances.
1641
+ # @return [Boolean]
1642
+ #
1643
+ # @!attribute [rw] block_device_mappings
1644
+ # Specifies the block devices for the instance.
1645
+ # @return [Array<Types::AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails>]
1646
+ #
1647
+ # @!attribute [rw] classic_link_vpc_id
1648
+ # The identifier of a ClassicLink-enabled VPC that EC2-Classic
1649
+ # instances are linked to.
1650
+ # @return [String]
1651
+ #
1652
+ # @!attribute [rw] classic_link_vpc_security_groups
1653
+ # The identifiers of one or more security groups for the VPC that is
1654
+ # specified in `ClassicLinkVPCId`.
1655
+ # @return [Array<String>]
1656
+ #
1657
+ # @!attribute [rw] created_time
1658
+ # The creation date and time for the launch configuration.
1659
+ #
1660
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
1661
+ # Internet Date/Time Format][1]. The value cannot contain spaces. For
1662
+ # example, `2020-03-22T13:22:13.933Z`.
1663
+ #
1664
+ #
1665
+ #
1666
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
1667
+ # @return [String]
1668
+ #
1669
+ # @!attribute [rw] ebs_optimized
1670
+ # Whether the launch configuration is optimized for Amazon EBS I/O.
1671
+ # @return [Boolean]
1672
+ #
1673
+ # @!attribute [rw] iam_instance_profile
1674
+ # The name or the ARN of the instance profile associated with the IAM
1675
+ # role for the instance. The instance profile contains the IAM role.
1676
+ # @return [String]
1677
+ #
1678
+ # @!attribute [rw] image_id
1679
+ # The identifier of the Amazon Machine Image (AMI) that is used to
1680
+ # launch EC2 instances.
1681
+ # @return [String]
1682
+ #
1683
+ # @!attribute [rw] instance_monitoring
1684
+ # Indicates the type of monitoring for instances in the group.
1685
+ # @return [Types::AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails]
1686
+ #
1687
+ # @!attribute [rw] instance_type
1688
+ # The instance type for the instances.
1689
+ # @return [String]
1690
+ #
1691
+ # @!attribute [rw] kernel_id
1692
+ # The identifier of the kernel associated with the AMI.
1693
+ # @return [String]
1694
+ #
1695
+ # @!attribute [rw] key_name
1696
+ # The name of the key pair.
1697
+ # @return [String]
1698
+ #
1699
+ # @!attribute [rw] launch_configuration_name
1700
+ # The name of the launch configuration.
1701
+ # @return [String]
1702
+ #
1703
+ # @!attribute [rw] placement_tenancy
1704
+ # The tenancy of the instance. An instance with `dedicated` tenancy
1705
+ # runs on isolated, single-tenant hardware and can only be launched
1706
+ # into a VPC.
1707
+ # @return [String]
1708
+ #
1709
+ # @!attribute [rw] ramdisk_id
1710
+ # The identifier of the RAM disk associated with the AMI.
1711
+ # @return [String]
1712
+ #
1713
+ # @!attribute [rw] security_groups
1714
+ # The security groups to assign to the instances in the Auto Scaling
1715
+ # group.
1716
+ # @return [Array<String>]
1717
+ #
1718
+ # @!attribute [rw] spot_price
1719
+ # The maximum hourly price to be paid for any Spot Instance that is
1720
+ # launched to fulfill the request.
1721
+ # @return [String]
1722
+ #
1723
+ # @!attribute [rw] user_data
1724
+ # The user data to make available to the launched EC2 instances. Must
1725
+ # be base64-encoded text.
1726
+ # @return [String]
1727
+ #
1728
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationDetails AWS API Documentation
1729
+ #
1730
+ class AwsAutoScalingLaunchConfigurationDetails < Struct.new(
1731
+ :associate_public_ip_address,
1732
+ :block_device_mappings,
1733
+ :classic_link_vpc_id,
1734
+ :classic_link_vpc_security_groups,
1735
+ :created_time,
1736
+ :ebs_optimized,
1737
+ :iam_instance_profile,
1738
+ :image_id,
1739
+ :instance_monitoring,
1740
+ :instance_type,
1741
+ :kernel_id,
1742
+ :key_name,
1743
+ :launch_configuration_name,
1744
+ :placement_tenancy,
1745
+ :ramdisk_id,
1746
+ :security_groups,
1747
+ :spot_price,
1748
+ :user_data)
1749
+ SENSITIVE = []
1750
+ include Aws::Structure
1751
+ end
1752
+
1753
+ # Information about the type of monitoring for instances in the group.
1754
+ #
1755
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails
1756
+ # data as a hash:
1757
+ #
1758
+ # {
1759
+ # enabled: false,
1760
+ # }
1761
+ #
1762
+ # @!attribute [rw] enabled
1763
+ # If set to `true`, then instances in the group launch with detailed
1764
+ # monitoring.
1765
+ #
1766
+ # If set to `false`, then instances in the group launch with basic
1767
+ # monitoring.
1768
+ # @return [Boolean]
1769
+ #
1770
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails AWS API Documentation
1771
+ #
1772
+ class AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails < Struct.new(
1773
+ :enabled)
1774
+ SENSITIVE = []
1775
+ include Aws::Structure
1776
+ end
1777
+
1445
1778
  # Provides details about an Certificate Manager certificate.
1446
1779
  #
1447
1780
  # @note When making an API call, you may pass AwsCertificateManagerCertificateDetails
@@ -2585,11 +2918,10 @@ module Aws::SecurityHub
2585
2918
  # }
2586
2919
  #
2587
2920
  # @!attribute [rw] encryption_key
2588
- # The KMS customer master key (CMK) used to encrypt the build output
2589
- # artifacts.
2921
+ # The KMS key used to encrypt the build output artifacts.
2590
2922
  #
2591
- # You can specify either the ARN of the CMK or, if available, the CMK
2592
- # alias (using the format alias/alias-name).
2923
+ # You can specify either the ARN of the KMS key or, if available, the
2924
+ # KMS key alias (using the format alias/alias-name).
2593
2925
  # @return [String]
2594
2926
  #
2595
2927
  # @!attribute [rw] environment
@@ -3510,8 +3842,8 @@ module Aws::SecurityHub
3510
3842
  # @return [Array<Types::AwsDynamoDbTableReplicaGlobalSecondaryIndex>]
3511
3843
  #
3512
3844
  # @!attribute [rw] kms_master_key_id
3513
- # The identifier of the KMS customer master key (CMK) that will be
3514
- # used for KMS encryption for the replica.
3845
+ # The identifier of the KMS key that will be used for KMS encryption
3846
+ # for the replica.
3515
3847
  # @return [String]
3516
3848
  #
3517
3849
  # @!attribute [rw] provisioned_throughput_override
@@ -3655,8 +3987,7 @@ module Aws::SecurityHub
3655
3987
  # @return [String]
3656
3988
  #
3657
3989
  # @!attribute [rw] kms_master_key_arn
3658
- # The ARN of the KMS customer master key (CMK) that is used for the
3659
- # KMS encryption.
3990
+ # The ARN of the KMS key that is used for the KMS encryption.
3660
3991
  # @return [String]
3661
3992
  #
3662
3993
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsDynamoDbTableSseDescription AWS API Documentation
@@ -4840,8 +5171,8 @@ module Aws::SecurityHub
4840
5171
  # @return [String]
4841
5172
  #
4842
5173
  # @!attribute [rw] kms_key_id
4843
- # The ARN of the KMS customer master key (CMK) that was used to
4844
- # protect the volume encryption key for the volume.
5174
+ # The ARN of the KMS key that was used to protect the volume
5175
+ # encryption key for the volume.
4845
5176
  # @return [String]
4846
5177
  #
4847
5178
  # @!attribute [rw] attachments
@@ -4915,6 +5246,447 @@ module Aws::SecurityHub
4915
5246
  include Aws::Structure
4916
5247
  end
4917
5248
 
5249
+ # Details about an Amazon EC2 VPN connection.
5250
+ #
5251
+ # @note When making an API call, you may pass AwsEc2VpnConnectionDetails
5252
+ # data as a hash:
5253
+ #
5254
+ # {
5255
+ # vpn_connection_id: "NonEmptyString",
5256
+ # state: "NonEmptyString",
5257
+ # customer_gateway_id: "NonEmptyString",
5258
+ # customer_gateway_configuration: "NonEmptyString",
5259
+ # type: "NonEmptyString",
5260
+ # vpn_gateway_id: "NonEmptyString",
5261
+ # category: "NonEmptyString",
5262
+ # vgw_telemetry: [
5263
+ # {
5264
+ # accepted_route_count: 1,
5265
+ # certificate_arn: "NonEmptyString",
5266
+ # last_status_change: "NonEmptyString",
5267
+ # outside_ip_address: "NonEmptyString",
5268
+ # status: "NonEmptyString",
5269
+ # status_message: "NonEmptyString",
5270
+ # },
5271
+ # ],
5272
+ # options: {
5273
+ # static_routes_only: false,
5274
+ # tunnel_options: [
5275
+ # {
5276
+ # dpd_timeout_seconds: 1,
5277
+ # ike_versions: ["NonEmptyString"],
5278
+ # outside_ip_address: "NonEmptyString",
5279
+ # phase_1_dh_group_numbers: [1],
5280
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
5281
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
5282
+ # phase_1_lifetime_seconds: 1,
5283
+ # phase_2_dh_group_numbers: [1],
5284
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
5285
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
5286
+ # phase_2_lifetime_seconds: 1,
5287
+ # pre_shared_key: "NonEmptyString",
5288
+ # rekey_fuzz_percentage: 1,
5289
+ # rekey_margin_time_seconds: 1,
5290
+ # replay_window_size: 1,
5291
+ # tunnel_inside_cidr: "NonEmptyString",
5292
+ # },
5293
+ # ],
5294
+ # },
5295
+ # routes: [
5296
+ # {
5297
+ # destination_cidr_block: "NonEmptyString",
5298
+ # state: "NonEmptyString",
5299
+ # },
5300
+ # ],
5301
+ # transit_gateway_id: "NonEmptyString",
5302
+ # }
5303
+ #
5304
+ # @!attribute [rw] vpn_connection_id
5305
+ # The identifier of the VPN connection.
5306
+ # @return [String]
5307
+ #
5308
+ # @!attribute [rw] state
5309
+ # The current state of the VPN connection.
5310
+ # @return [String]
5311
+ #
5312
+ # @!attribute [rw] customer_gateway_id
5313
+ # The identifier of the customer gateway that is at your end of the
5314
+ # VPN connection.
5315
+ # @return [String]
5316
+ #
5317
+ # @!attribute [rw] customer_gateway_configuration
5318
+ # The configuration information for the VPN connection's customer
5319
+ # gateway, in the native XML format.
5320
+ # @return [String]
5321
+ #
5322
+ # @!attribute [rw] type
5323
+ # The type of VPN connection.
5324
+ # @return [String]
5325
+ #
5326
+ # @!attribute [rw] vpn_gateway_id
5327
+ # The identifier of the virtual private gateway that is at the Amazon
5328
+ # Web Services side of the VPN connection.
5329
+ # @return [String]
5330
+ #
5331
+ # @!attribute [rw] category
5332
+ # The category of the VPN connection. `VPN` indicates an Amazon Web
5333
+ # Services VPN connection. `VPN-Classic` indicates an Amazon Web
5334
+ # Services Classic VPN connection.
5335
+ # @return [String]
5336
+ #
5337
+ # @!attribute [rw] vgw_telemetry
5338
+ # Information about the VPN tunnel.
5339
+ # @return [Array<Types::AwsEc2VpnConnectionVgwTelemetryDetails>]
5340
+ #
5341
+ # @!attribute [rw] options
5342
+ # The VPN connection options.
5343
+ # @return [Types::AwsEc2VpnConnectionOptionsDetails]
5344
+ #
5345
+ # @!attribute [rw] routes
5346
+ # The static routes that are associated with the VPN connection.
5347
+ # @return [Array<Types::AwsEc2VpnConnectionRoutesDetails>]
5348
+ #
5349
+ # @!attribute [rw] transit_gateway_id
5350
+ # The identifier of the transit gateway that is associated with the
5351
+ # VPN connection.
5352
+ # @return [String]
5353
+ #
5354
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpnConnectionDetails AWS API Documentation
5355
+ #
5356
+ class AwsEc2VpnConnectionDetails < Struct.new(
5357
+ :vpn_connection_id,
5358
+ :state,
5359
+ :customer_gateway_id,
5360
+ :customer_gateway_configuration,
5361
+ :type,
5362
+ :vpn_gateway_id,
5363
+ :category,
5364
+ :vgw_telemetry,
5365
+ :options,
5366
+ :routes,
5367
+ :transit_gateway_id)
5368
+ SENSITIVE = []
5369
+ include Aws::Structure
5370
+ end
5371
+
5372
+ # VPN connection options.
5373
+ #
5374
+ # @note When making an API call, you may pass AwsEc2VpnConnectionOptionsDetails
5375
+ # data as a hash:
5376
+ #
5377
+ # {
5378
+ # static_routes_only: false,
5379
+ # tunnel_options: [
5380
+ # {
5381
+ # dpd_timeout_seconds: 1,
5382
+ # ike_versions: ["NonEmptyString"],
5383
+ # outside_ip_address: "NonEmptyString",
5384
+ # phase_1_dh_group_numbers: [1],
5385
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
5386
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
5387
+ # phase_1_lifetime_seconds: 1,
5388
+ # phase_2_dh_group_numbers: [1],
5389
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
5390
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
5391
+ # phase_2_lifetime_seconds: 1,
5392
+ # pre_shared_key: "NonEmptyString",
5393
+ # rekey_fuzz_percentage: 1,
5394
+ # rekey_margin_time_seconds: 1,
5395
+ # replay_window_size: 1,
5396
+ # tunnel_inside_cidr: "NonEmptyString",
5397
+ # },
5398
+ # ],
5399
+ # }
5400
+ #
5401
+ # @!attribute [rw] static_routes_only
5402
+ # Whether the VPN connection uses static routes only.
5403
+ # @return [Boolean]
5404
+ #
5405
+ # @!attribute [rw] tunnel_options
5406
+ # The VPN tunnel options.
5407
+ # @return [Array<Types::AwsEc2VpnConnectionOptionsTunnelOptionsDetails>]
5408
+ #
5409
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpnConnectionOptionsDetails AWS API Documentation
5410
+ #
5411
+ class AwsEc2VpnConnectionOptionsDetails < Struct.new(
5412
+ :static_routes_only,
5413
+ :tunnel_options)
5414
+ SENSITIVE = []
5415
+ include Aws::Structure
5416
+ end
5417
+
5418
+ # The VPN tunnel options.
5419
+ #
5420
+ # @note When making an API call, you may pass AwsEc2VpnConnectionOptionsTunnelOptionsDetails
5421
+ # data as a hash:
5422
+ #
5423
+ # {
5424
+ # dpd_timeout_seconds: 1,
5425
+ # ike_versions: ["NonEmptyString"],
5426
+ # outside_ip_address: "NonEmptyString",
5427
+ # phase_1_dh_group_numbers: [1],
5428
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
5429
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
5430
+ # phase_1_lifetime_seconds: 1,
5431
+ # phase_2_dh_group_numbers: [1],
5432
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
5433
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
5434
+ # phase_2_lifetime_seconds: 1,
5435
+ # pre_shared_key: "NonEmptyString",
5436
+ # rekey_fuzz_percentage: 1,
5437
+ # rekey_margin_time_seconds: 1,
5438
+ # replay_window_size: 1,
5439
+ # tunnel_inside_cidr: "NonEmptyString",
5440
+ # }
5441
+ #
5442
+ # @!attribute [rw] dpd_timeout_seconds
5443
+ # The number of seconds after which a Dead Peer Detection (DPD)
5444
+ # timeout occurs.
5445
+ # @return [Integer]
5446
+ #
5447
+ # @!attribute [rw] ike_versions
5448
+ # The Internet Key Exchange (IKE) versions that are permitted for the
5449
+ # VPN tunnel.
5450
+ # @return [Array<String>]
5451
+ #
5452
+ # @!attribute [rw] outside_ip_address
5453
+ # The external IP address of the VPN tunnel.
5454
+ # @return [String]
5455
+ #
5456
+ # @!attribute [rw] phase_1_dh_group_numbers
5457
+ # The permitted Diffie-Hellman group numbers for the VPN tunnel for
5458
+ # phase 1 IKE negotiations.
5459
+ # @return [Array<Integer>]
5460
+ #
5461
+ # @!attribute [rw] phase_1_encryption_algorithms
5462
+ # The permitted encryption algorithms for the VPN tunnel for phase 1
5463
+ # IKE negotiations.
5464
+ # @return [Array<String>]
5465
+ #
5466
+ # @!attribute [rw] phase_1_integrity_algorithms
5467
+ # The permitted integrity algorithms for the VPN tunnel for phase 1
5468
+ # IKE negotiations.
5469
+ # @return [Array<String>]
5470
+ #
5471
+ # @!attribute [rw] phase_1_lifetime_seconds
5472
+ # The lifetime for phase 1 of the IKE negotiation, in seconds.
5473
+ # @return [Integer]
5474
+ #
5475
+ # @!attribute [rw] phase_2_dh_group_numbers
5476
+ # The permitted Diffie-Hellman group numbers for the VPN tunnel for
5477
+ # phase 2 IKE negotiations.
5478
+ # @return [Array<Integer>]
5479
+ #
5480
+ # @!attribute [rw] phase_2_encryption_algorithms
5481
+ # The permitted encryption algorithms for the VPN tunnel for phase 2
5482
+ # IKE negotiations.
5483
+ # @return [Array<String>]
5484
+ #
5485
+ # @!attribute [rw] phase_2_integrity_algorithms
5486
+ # The permitted integrity algorithms for the VPN tunnel for phase 2
5487
+ # IKE negotiations.
5488
+ # @return [Array<String>]
5489
+ #
5490
+ # @!attribute [rw] phase_2_lifetime_seconds
5491
+ # The lifetime for phase 2 of the IKE negotiation, in seconds.
5492
+ # @return [Integer]
5493
+ #
5494
+ # @!attribute [rw] pre_shared_key
5495
+ # The preshared key to establish initial authentication between the
5496
+ # virtual private gateway and the customer gateway.
5497
+ # @return [String]
5498
+ #
5499
+ # @!attribute [rw] rekey_fuzz_percentage
5500
+ # The percentage of the rekey window, which is determined by
5501
+ # `RekeyMarginTimeSeconds` during which the rekey time is randomly
5502
+ # selected.
5503
+ # @return [Integer]
5504
+ #
5505
+ # @!attribute [rw] rekey_margin_time_seconds
5506
+ # The margin time, in seconds, before the phase 2 lifetime expires,
5507
+ # during which the Amazon Web Services side of the VPN connection
5508
+ # performs an IKE rekey.
5509
+ # @return [Integer]
5510
+ #
5511
+ # @!attribute [rw] replay_window_size
5512
+ # The number of packets in an IKE replay window.
5513
+ # @return [Integer]
5514
+ #
5515
+ # @!attribute [rw] tunnel_inside_cidr
5516
+ # The range of inside IPv4 addresses for the tunnel.
5517
+ # @return [String]
5518
+ #
5519
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpnConnectionOptionsTunnelOptionsDetails AWS API Documentation
5520
+ #
5521
+ class AwsEc2VpnConnectionOptionsTunnelOptionsDetails < Struct.new(
5522
+ :dpd_timeout_seconds,
5523
+ :ike_versions,
5524
+ :outside_ip_address,
5525
+ :phase_1_dh_group_numbers,
5526
+ :phase_1_encryption_algorithms,
5527
+ :phase_1_integrity_algorithms,
5528
+ :phase_1_lifetime_seconds,
5529
+ :phase_2_dh_group_numbers,
5530
+ :phase_2_encryption_algorithms,
5531
+ :phase_2_integrity_algorithms,
5532
+ :phase_2_lifetime_seconds,
5533
+ :pre_shared_key,
5534
+ :rekey_fuzz_percentage,
5535
+ :rekey_margin_time_seconds,
5536
+ :replay_window_size,
5537
+ :tunnel_inside_cidr)
5538
+ SENSITIVE = []
5539
+ include Aws::Structure
5540
+ end
5541
+
5542
+ # A static routes associated with the VPN connection.
5543
+ #
5544
+ # @note When making an API call, you may pass AwsEc2VpnConnectionRoutesDetails
5545
+ # data as a hash:
5546
+ #
5547
+ # {
5548
+ # destination_cidr_block: "NonEmptyString",
5549
+ # state: "NonEmptyString",
5550
+ # }
5551
+ #
5552
+ # @!attribute [rw] destination_cidr_block
5553
+ # The CIDR block associated with the local subnet of the customer data
5554
+ # center.
5555
+ # @return [String]
5556
+ #
5557
+ # @!attribute [rw] state
5558
+ # The current state of the static route.
5559
+ # @return [String]
5560
+ #
5561
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpnConnectionRoutesDetails AWS API Documentation
5562
+ #
5563
+ class AwsEc2VpnConnectionRoutesDetails < Struct.new(
5564
+ :destination_cidr_block,
5565
+ :state)
5566
+ SENSITIVE = []
5567
+ include Aws::Structure
5568
+ end
5569
+
5570
+ # Information about the VPN tunnel.
5571
+ #
5572
+ # @note When making an API call, you may pass AwsEc2VpnConnectionVgwTelemetryDetails
5573
+ # data as a hash:
5574
+ #
5575
+ # {
5576
+ # accepted_route_count: 1,
5577
+ # certificate_arn: "NonEmptyString",
5578
+ # last_status_change: "NonEmptyString",
5579
+ # outside_ip_address: "NonEmptyString",
5580
+ # status: "NonEmptyString",
5581
+ # status_message: "NonEmptyString",
5582
+ # }
5583
+ #
5584
+ # @!attribute [rw] accepted_route_count
5585
+ # The number of accepted routes.
5586
+ # @return [Integer]
5587
+ #
5588
+ # @!attribute [rw] certificate_arn
5589
+ # The ARN of the VPN tunnel endpoint certificate.
5590
+ # @return [String]
5591
+ #
5592
+ # @!attribute [rw] last_status_change
5593
+ # The date and time of the last change in status.
5594
+ #
5595
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
5596
+ # Internet Date/Time Format][1]. The value cannot contain spaces. For
5597
+ # example, `2020-03-22T13:22:13.933Z`.
5598
+ #
5599
+ #
5600
+ #
5601
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
5602
+ # @return [String]
5603
+ #
5604
+ # @!attribute [rw] outside_ip_address
5605
+ # The Internet-routable IP address of the virtual private gateway's
5606
+ # outside interface.
5607
+ # @return [String]
5608
+ #
5609
+ # @!attribute [rw] status
5610
+ # The status of the VPN tunnel.
5611
+ # @return [String]
5612
+ #
5613
+ # @!attribute [rw] status_message
5614
+ # If an error occurs, a description of the error.
5615
+ # @return [String]
5616
+ #
5617
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpnConnectionVgwTelemetryDetails AWS API Documentation
5618
+ #
5619
+ class AwsEc2VpnConnectionVgwTelemetryDetails < Struct.new(
5620
+ :accepted_route_count,
5621
+ :certificate_arn,
5622
+ :last_status_change,
5623
+ :outside_ip_address,
5624
+ :status,
5625
+ :status_message)
5626
+ SENSITIVE = []
5627
+ include Aws::Structure
5628
+ end
5629
+
5630
+ # Information about an Amazon ECR image.
5631
+ #
5632
+ # @note When making an API call, you may pass AwsEcrContainerImageDetails
5633
+ # data as a hash:
5634
+ #
5635
+ # {
5636
+ # registry_id: "NonEmptyString",
5637
+ # repository_name: "NonEmptyString",
5638
+ # architecture: "NonEmptyString",
5639
+ # image_digest: "NonEmptyString",
5640
+ # image_tags: ["NonEmptyString"],
5641
+ # image_published_at: "NonEmptyString",
5642
+ # }
5643
+ #
5644
+ # @!attribute [rw] registry_id
5645
+ # The Amazon Web Services account identifier that is associated with
5646
+ # the registry that the image belongs to.
5647
+ # @return [String]
5648
+ #
5649
+ # @!attribute [rw] repository_name
5650
+ # The name of the repository that the image belongs to.
5651
+ # @return [String]
5652
+ #
5653
+ # @!attribute [rw] architecture
5654
+ # The architecture of the image.
5655
+ # @return [String]
5656
+ #
5657
+ # @!attribute [rw] image_digest
5658
+ # The sha256 digest of the image manifest.
5659
+ # @return [String]
5660
+ #
5661
+ # @!attribute [rw] image_tags
5662
+ # The list of tags that are associated with the image.
5663
+ # @return [Array<String>]
5664
+ #
5665
+ # @!attribute [rw] image_published_at
5666
+ # The date and time when the image was pushed to the repository.
5667
+ #
5668
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
5669
+ # Internet Date/Time Format][1]. The value cannot contain spaces. For
5670
+ # example, `2020-03-22T13:22:13.933Z`.
5671
+ #
5672
+ #
5673
+ #
5674
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
5675
+ # @return [String]
5676
+ #
5677
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcrContainerImageDetails AWS API Documentation
5678
+ #
5679
+ class AwsEcrContainerImageDetails < Struct.new(
5680
+ :registry_id,
5681
+ :repository_name,
5682
+ :architecture,
5683
+ :image_digest,
5684
+ :image_tags,
5685
+ :image_published_at)
5686
+ SENSITIVE = []
5687
+ include Aws::Structure
5688
+ end
5689
+
4918
5690
  # Indicates whether to enable CloudWatch Container Insights for the ECS
4919
5691
  # cluster.
4920
5692
  #
@@ -9960,7 +10732,7 @@ module Aws::SecurityHub
9960
10732
  include Aws::Structure
9961
10733
  end
9962
10734
 
9963
- # Contains metadata about a customer master key (CMK).
10735
+ # Contains metadata about an KMS key.
9964
10736
  #
9965
10737
  # @note When making an API call, you may pass AwsKmsKeyDetails
9966
10738
  # data as a hash:
@@ -9973,15 +10745,16 @@ module Aws::SecurityHub
9973
10745
  # key_state: "NonEmptyString",
9974
10746
  # origin: "NonEmptyString",
9975
10747
  # description: "NonEmptyString",
10748
+ # key_rotation_status: false,
9976
10749
  # }
9977
10750
  #
9978
10751
  # @!attribute [rw] aws_account_id
9979
10752
  # The twelve-digit account ID of the Amazon Web Services account that
9980
- # owns the CMK.
10753
+ # owns the KMS key.
9981
10754
  # @return [String]
9982
10755
  #
9983
10756
  # @!attribute [rw] creation_date
9984
- # Indicates when the CMK was created.
10757
+ # Indicates when the KMS key was created.
9985
10758
  #
9986
10759
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
9987
10760
  # Internet Date/Time Format][1]. The value cannot contain spaces. For
@@ -9993,25 +10766,25 @@ module Aws::SecurityHub
9993
10766
  # @return [Float]
9994
10767
  #
9995
10768
  # @!attribute [rw] key_id
9996
- # The globally unique identifier for the CMK.
10769
+ # The globally unique identifier for the KMS key.
9997
10770
  # @return [String]
9998
10771
  #
9999
10772
  # @!attribute [rw] key_manager
10000
- # The manager of the CMK. CMKs in your Amazon Web Services account are
10001
- # either customer managed or Amazon Web Services managed.
10773
+ # The manager of the KMS key. KMS keys in your Amazon Web Services
10774
+ # account are either customer managed or Amazon Web Services managed.
10002
10775
  # @return [String]
10003
10776
  #
10004
10777
  # @!attribute [rw] key_state
10005
- # The state of the CMK.
10778
+ # The state of the KMS key.
10006
10779
  # @return [String]
10007
10780
  #
10008
10781
  # @!attribute [rw] origin
10009
- # The source of the CMK's key material.
10782
+ # The source of the KMS key material.
10010
10783
  #
10011
10784
  # When this value is `AWS_KMS`, KMS created the key material.
10012
10785
  #
10013
10786
  # When this value is `EXTERNAL`, the key material was imported from
10014
- # your existing key management infrastructure or the CMK lacks key
10787
+ # your existing key management infrastructure or the KMS key lacks key
10015
10788
  # material.
10016
10789
  #
10017
10790
  # When this value is `AWS_CLOUDHSM`, the key material was created in
@@ -10022,6 +10795,10 @@ module Aws::SecurityHub
10022
10795
  # A description of the key.
10023
10796
  # @return [String]
10024
10797
  #
10798
+ # @!attribute [rw] key_rotation_status
10799
+ # Whether the key has key rotation enabled.
10800
+ # @return [Boolean]
10801
+ #
10025
10802
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsKmsKeyDetails AWS API Documentation
10026
10803
  #
10027
10804
  class AwsKmsKeyDetails < Struct.new(
@@ -10031,7 +10808,8 @@ module Aws::SecurityHub
10031
10808
  :key_manager,
10032
10809
  :key_state,
10033
10810
  :origin,
10034
- :description)
10811
+ :description,
10812
+ :key_rotation_status)
10035
10813
  SENSITIVE = []
10036
10814
  include Aws::Structure
10037
10815
  end
@@ -10181,7 +10959,7 @@ module Aws::SecurityHub
10181
10959
  # @!attribute [rw] kms_key_arn
10182
10960
  # The KMS key that is used to encrypt the function's environment
10183
10961
  # variables. This key is only returned if you've configured a
10184
- # customer managed CMK.
10962
+ # customer managed customer managed key.
10185
10963
  # @return [String]
10186
10964
  #
10187
10965
  # @!attribute [rw] last_modified
@@ -13953,6 +14731,53 @@ module Aws::SecurityHub
13953
14731
  # ignore_public_acls: false,
13954
14732
  # restrict_public_buckets: false,
13955
14733
  # },
14734
+ # access_control_list: "NonEmptyString",
14735
+ # bucket_logging_configuration: {
14736
+ # destination_bucket_name: "NonEmptyString",
14737
+ # log_file_prefix: "NonEmptyString",
14738
+ # },
14739
+ # bucket_website_configuration: {
14740
+ # error_document: "NonEmptyString",
14741
+ # index_document_suffix: "NonEmptyString",
14742
+ # redirect_all_requests_to: {
14743
+ # hostname: "NonEmptyString",
14744
+ # protocol: "NonEmptyString",
14745
+ # },
14746
+ # routing_rules: [
14747
+ # {
14748
+ # condition: {
14749
+ # http_error_code_returned_equals: "NonEmptyString",
14750
+ # key_prefix_equals: "NonEmptyString",
14751
+ # },
14752
+ # redirect: {
14753
+ # hostname: "NonEmptyString",
14754
+ # http_redirect_code: "NonEmptyString",
14755
+ # protocol: "NonEmptyString",
14756
+ # replace_key_prefix_with: "NonEmptyString",
14757
+ # replace_key_with: "NonEmptyString",
14758
+ # },
14759
+ # },
14760
+ # ],
14761
+ # },
14762
+ # bucket_notification_configuration: {
14763
+ # configurations: [
14764
+ # {
14765
+ # events: ["NonEmptyString"],
14766
+ # filter: {
14767
+ # s3_key_filter: {
14768
+ # filter_rules: [
14769
+ # {
14770
+ # name: "Prefix", # accepts Prefix, Suffix
14771
+ # value: "NonEmptyString",
14772
+ # },
14773
+ # ],
14774
+ # },
14775
+ # },
14776
+ # destination: "NonEmptyString",
14777
+ # type: "NonEmptyString",
14778
+ # },
14779
+ # ],
14780
+ # },
13956
14781
  # }
13957
14782
  #
13958
14783
  # @!attribute [rw] owner_id
@@ -13988,6 +14813,22 @@ module Aws::SecurityHub
13988
14813
  # configuration for the S3 bucket.
13989
14814
  # @return [Types::AwsS3AccountPublicAccessBlockDetails]
13990
14815
  #
14816
+ # @!attribute [rw] access_control_list
14817
+ # The access control list for the S3 bucket.
14818
+ # @return [String]
14819
+ #
14820
+ # @!attribute [rw] bucket_logging_configuration
14821
+ # The logging configuration for the S3 bucket.
14822
+ # @return [Types::AwsS3BucketLoggingConfiguration]
14823
+ #
14824
+ # @!attribute [rw] bucket_website_configuration
14825
+ # The website configuration parameters for the S3 bucket.
14826
+ # @return [Types::AwsS3BucketWebsiteConfiguration]
14827
+ #
14828
+ # @!attribute [rw] bucket_notification_configuration
14829
+ # The notification configuration for the S3 bucket.
14830
+ # @return [Types::AwsS3BucketNotificationConfiguration]
14831
+ #
13991
14832
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
13992
14833
  #
13993
14834
  class AwsS3BucketDetails < Struct.new(
@@ -13996,7 +14837,209 @@ module Aws::SecurityHub
13996
14837
  :created_at,
13997
14838
  :server_side_encryption_configuration,
13998
14839
  :bucket_lifecycle_configuration,
13999
- :public_access_block_configuration)
14840
+ :public_access_block_configuration,
14841
+ :access_control_list,
14842
+ :bucket_logging_configuration,
14843
+ :bucket_website_configuration,
14844
+ :bucket_notification_configuration)
14845
+ SENSITIVE = []
14846
+ include Aws::Structure
14847
+ end
14848
+
14849
+ # Information about logging for the S3 bucket
14850
+ #
14851
+ # @note When making an API call, you may pass AwsS3BucketLoggingConfiguration
14852
+ # data as a hash:
14853
+ #
14854
+ # {
14855
+ # destination_bucket_name: "NonEmptyString",
14856
+ # log_file_prefix: "NonEmptyString",
14857
+ # }
14858
+ #
14859
+ # @!attribute [rw] destination_bucket_name
14860
+ # The name of the S3 bucket where log files for the S3 bucket are
14861
+ # stored.
14862
+ # @return [String]
14863
+ #
14864
+ # @!attribute [rw] log_file_prefix
14865
+ # The prefix added to log files for the S3 bucket.
14866
+ # @return [String]
14867
+ #
14868
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketLoggingConfiguration AWS API Documentation
14869
+ #
14870
+ class AwsS3BucketLoggingConfiguration < Struct.new(
14871
+ :destination_bucket_name,
14872
+ :log_file_prefix)
14873
+ SENSITIVE = []
14874
+ include Aws::Structure
14875
+ end
14876
+
14877
+ # The notification configuration for the S3 bucket.
14878
+ #
14879
+ # @note When making an API call, you may pass AwsS3BucketNotificationConfiguration
14880
+ # data as a hash:
14881
+ #
14882
+ # {
14883
+ # configurations: [
14884
+ # {
14885
+ # events: ["NonEmptyString"],
14886
+ # filter: {
14887
+ # s3_key_filter: {
14888
+ # filter_rules: [
14889
+ # {
14890
+ # name: "Prefix", # accepts Prefix, Suffix
14891
+ # value: "NonEmptyString",
14892
+ # },
14893
+ # ],
14894
+ # },
14895
+ # },
14896
+ # destination: "NonEmptyString",
14897
+ # type: "NonEmptyString",
14898
+ # },
14899
+ # ],
14900
+ # }
14901
+ #
14902
+ # @!attribute [rw] configurations
14903
+ # Configurations for S3 bucket notifications.
14904
+ # @return [Array<Types::AwsS3BucketNotificationConfigurationDetail>]
14905
+ #
14906
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfiguration AWS API Documentation
14907
+ #
14908
+ class AwsS3BucketNotificationConfiguration < Struct.new(
14909
+ :configurations)
14910
+ SENSITIVE = []
14911
+ include Aws::Structure
14912
+ end
14913
+
14914
+ # Details for an S3 bucket notification configuration.
14915
+ #
14916
+ # @note When making an API call, you may pass AwsS3BucketNotificationConfigurationDetail
14917
+ # data as a hash:
14918
+ #
14919
+ # {
14920
+ # events: ["NonEmptyString"],
14921
+ # filter: {
14922
+ # s3_key_filter: {
14923
+ # filter_rules: [
14924
+ # {
14925
+ # name: "Prefix", # accepts Prefix, Suffix
14926
+ # value: "NonEmptyString",
14927
+ # },
14928
+ # ],
14929
+ # },
14930
+ # },
14931
+ # destination: "NonEmptyString",
14932
+ # type: "NonEmptyString",
14933
+ # }
14934
+ #
14935
+ # @!attribute [rw] events
14936
+ # The list of events that trigger a notification.
14937
+ # @return [Array<String>]
14938
+ #
14939
+ # @!attribute [rw] filter
14940
+ # The filters that determine which S3 buckets generate notifications.
14941
+ # @return [Types::AwsS3BucketNotificationConfigurationFilter]
14942
+ #
14943
+ # @!attribute [rw] destination
14944
+ # The ARN of the Lambda function, Amazon SQS queue, or Amazon SNS
14945
+ # topic that generates the notification.
14946
+ # @return [String]
14947
+ #
14948
+ # @!attribute [rw] type
14949
+ # Indicates the type of notification. Notifications can be generated
14950
+ # using Lambda functions, Amazon SQS queues or Amazon SNS topics.
14951
+ # @return [String]
14952
+ #
14953
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfigurationDetail AWS API Documentation
14954
+ #
14955
+ class AwsS3BucketNotificationConfigurationDetail < Struct.new(
14956
+ :events,
14957
+ :filter,
14958
+ :destination,
14959
+ :type)
14960
+ SENSITIVE = []
14961
+ include Aws::Structure
14962
+ end
14963
+
14964
+ # Filtering information for the notifications. The filtering is based on
14965
+ # Amazon S3 key names.
14966
+ #
14967
+ # @note When making an API call, you may pass AwsS3BucketNotificationConfigurationFilter
14968
+ # data as a hash:
14969
+ #
14970
+ # {
14971
+ # s3_key_filter: {
14972
+ # filter_rules: [
14973
+ # {
14974
+ # name: "Prefix", # accepts Prefix, Suffix
14975
+ # value: "NonEmptyString",
14976
+ # },
14977
+ # ],
14978
+ # },
14979
+ # }
14980
+ #
14981
+ # @!attribute [rw] s3_key_filter
14982
+ # Details for an Amazon S3 filter.
14983
+ # @return [Types::AwsS3BucketNotificationConfigurationS3KeyFilter]
14984
+ #
14985
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfigurationFilter AWS API Documentation
14986
+ #
14987
+ class AwsS3BucketNotificationConfigurationFilter < Struct.new(
14988
+ :s3_key_filter)
14989
+ SENSITIVE = []
14990
+ include Aws::Structure
14991
+ end
14992
+
14993
+ # Details for an Amazon S3 filter.
14994
+ #
14995
+ # @note When making an API call, you may pass AwsS3BucketNotificationConfigurationS3KeyFilter
14996
+ # data as a hash:
14997
+ #
14998
+ # {
14999
+ # filter_rules: [
15000
+ # {
15001
+ # name: "Prefix", # accepts Prefix, Suffix
15002
+ # value: "NonEmptyString",
15003
+ # },
15004
+ # ],
15005
+ # }
15006
+ #
15007
+ # @!attribute [rw] filter_rules
15008
+ # The filter rules for the filter.
15009
+ # @return [Array<Types::AwsS3BucketNotificationConfigurationS3KeyFilterRule>]
15010
+ #
15011
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfigurationS3KeyFilter AWS API Documentation
15012
+ #
15013
+ class AwsS3BucketNotificationConfigurationS3KeyFilter < Struct.new(
15014
+ :filter_rules)
15015
+ SENSITIVE = []
15016
+ include Aws::Structure
15017
+ end
15018
+
15019
+ # Details for a filter rule.
15020
+ #
15021
+ # @note When making an API call, you may pass AwsS3BucketNotificationConfigurationS3KeyFilterRule
15022
+ # data as a hash:
15023
+ #
15024
+ # {
15025
+ # name: "Prefix", # accepts Prefix, Suffix
15026
+ # value: "NonEmptyString",
15027
+ # }
15028
+ #
15029
+ # @!attribute [rw] name
15030
+ # Indicates whether the filter is based on the prefix or suffix of the
15031
+ # Amazon S3 key.
15032
+ # @return [String]
15033
+ #
15034
+ # @!attribute [rw] value
15035
+ # The filter value.
15036
+ # @return [String]
15037
+ #
15038
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfigurationS3KeyFilterRule AWS API Documentation
15039
+ #
15040
+ class AwsS3BucketNotificationConfigurationS3KeyFilterRule < Struct.new(
15041
+ :name,
15042
+ :value)
14000
15043
  SENSITIVE = []
14001
15044
  include Aws::Structure
14002
15045
  end
@@ -14017,7 +15060,7 @@ module Aws::SecurityHub
14017
15060
  # @return [String]
14018
15061
  #
14019
15062
  # @!attribute [rw] kms_master_key_id
14020
- # KMS customer master key (CMK) ID to use for the default encryption.
15063
+ # KMS key ID to use for the default encryption.
14021
15064
  # @return [String]
14022
15065
  #
14023
15066
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketServerSideEncryptionByDefault AWS API Documentation
@@ -14083,6 +15126,208 @@ module Aws::SecurityHub
14083
15126
  include Aws::Structure
14084
15127
  end
14085
15128
 
15129
+ # Website parameters for the S3 bucket.
15130
+ #
15131
+ # @note When making an API call, you may pass AwsS3BucketWebsiteConfiguration
15132
+ # data as a hash:
15133
+ #
15134
+ # {
15135
+ # error_document: "NonEmptyString",
15136
+ # index_document_suffix: "NonEmptyString",
15137
+ # redirect_all_requests_to: {
15138
+ # hostname: "NonEmptyString",
15139
+ # protocol: "NonEmptyString",
15140
+ # },
15141
+ # routing_rules: [
15142
+ # {
15143
+ # condition: {
15144
+ # http_error_code_returned_equals: "NonEmptyString",
15145
+ # key_prefix_equals: "NonEmptyString",
15146
+ # },
15147
+ # redirect: {
15148
+ # hostname: "NonEmptyString",
15149
+ # http_redirect_code: "NonEmptyString",
15150
+ # protocol: "NonEmptyString",
15151
+ # replace_key_prefix_with: "NonEmptyString",
15152
+ # replace_key_with: "NonEmptyString",
15153
+ # },
15154
+ # },
15155
+ # ],
15156
+ # }
15157
+ #
15158
+ # @!attribute [rw] error_document
15159
+ # The name of the error document for the website.
15160
+ # @return [String]
15161
+ #
15162
+ # @!attribute [rw] index_document_suffix
15163
+ # The name of the index document for the website.
15164
+ # @return [String]
15165
+ #
15166
+ # @!attribute [rw] redirect_all_requests_to
15167
+ # The redirect behavior for requests to the website.
15168
+ # @return [Types::AwsS3BucketWebsiteConfigurationRedirectTo]
15169
+ #
15170
+ # @!attribute [rw] routing_rules
15171
+ # The rules for applying redirects for requests to the website.
15172
+ # @return [Array<Types::AwsS3BucketWebsiteConfigurationRoutingRule>]
15173
+ #
15174
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfiguration AWS API Documentation
15175
+ #
15176
+ class AwsS3BucketWebsiteConfiguration < Struct.new(
15177
+ :error_document,
15178
+ :index_document_suffix,
15179
+ :redirect_all_requests_to,
15180
+ :routing_rules)
15181
+ SENSITIVE = []
15182
+ include Aws::Structure
15183
+ end
15184
+
15185
+ # The redirect behavior for requests to the website.
15186
+ #
15187
+ # @note When making an API call, you may pass AwsS3BucketWebsiteConfigurationRedirectTo
15188
+ # data as a hash:
15189
+ #
15190
+ # {
15191
+ # hostname: "NonEmptyString",
15192
+ # protocol: "NonEmptyString",
15193
+ # }
15194
+ #
15195
+ # @!attribute [rw] hostname
15196
+ # The name of the host to redirect requests to.
15197
+ # @return [String]
15198
+ #
15199
+ # @!attribute [rw] protocol
15200
+ # The protocol to use when redirecting requests. By default, uses the
15201
+ # same protocol as the original request.
15202
+ # @return [String]
15203
+ #
15204
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfigurationRedirectTo AWS API Documentation
15205
+ #
15206
+ class AwsS3BucketWebsiteConfigurationRedirectTo < Struct.new(
15207
+ :hostname,
15208
+ :protocol)
15209
+ SENSITIVE = []
15210
+ include Aws::Structure
15211
+ end
15212
+
15213
+ # A rule for redirecting requests to the website.
15214
+ #
15215
+ # @note When making an API call, you may pass AwsS3BucketWebsiteConfigurationRoutingRule
15216
+ # data as a hash:
15217
+ #
15218
+ # {
15219
+ # condition: {
15220
+ # http_error_code_returned_equals: "NonEmptyString",
15221
+ # key_prefix_equals: "NonEmptyString",
15222
+ # },
15223
+ # redirect: {
15224
+ # hostname: "NonEmptyString",
15225
+ # http_redirect_code: "NonEmptyString",
15226
+ # protocol: "NonEmptyString",
15227
+ # replace_key_prefix_with: "NonEmptyString",
15228
+ # replace_key_with: "NonEmptyString",
15229
+ # },
15230
+ # }
15231
+ #
15232
+ # @!attribute [rw] condition
15233
+ # Provides the condition that must be met in order to apply the
15234
+ # routing rule.
15235
+ # @return [Types::AwsS3BucketWebsiteConfigurationRoutingRuleCondition]
15236
+ #
15237
+ # @!attribute [rw] redirect
15238
+ # Provides the rules to redirect the request if the condition in
15239
+ # `Condition` is met.
15240
+ # @return [Types::AwsS3BucketWebsiteConfigurationRoutingRuleRedirect]
15241
+ #
15242
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfigurationRoutingRule AWS API Documentation
15243
+ #
15244
+ class AwsS3BucketWebsiteConfigurationRoutingRule < Struct.new(
15245
+ :condition,
15246
+ :redirect)
15247
+ SENSITIVE = []
15248
+ include Aws::Structure
15249
+ end
15250
+
15251
+ # The condition that must be met in order to apply the routing rule.
15252
+ #
15253
+ # @note When making an API call, you may pass AwsS3BucketWebsiteConfigurationRoutingRuleCondition
15254
+ # data as a hash:
15255
+ #
15256
+ # {
15257
+ # http_error_code_returned_equals: "NonEmptyString",
15258
+ # key_prefix_equals: "NonEmptyString",
15259
+ # }
15260
+ #
15261
+ # @!attribute [rw] http_error_code_returned_equals
15262
+ # Indicates to redirect the request if the HTTP error code matches
15263
+ # this value.
15264
+ # @return [String]
15265
+ #
15266
+ # @!attribute [rw] key_prefix_equals
15267
+ # Indicates to redirect the request if the key prefix matches this
15268
+ # value.
15269
+ # @return [String]
15270
+ #
15271
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfigurationRoutingRuleCondition AWS API Documentation
15272
+ #
15273
+ class AwsS3BucketWebsiteConfigurationRoutingRuleCondition < Struct.new(
15274
+ :http_error_code_returned_equals,
15275
+ :key_prefix_equals)
15276
+ SENSITIVE = []
15277
+ include Aws::Structure
15278
+ end
15279
+
15280
+ # The rules to redirect the request if the condition in `Condition` is
15281
+ # met.
15282
+ #
15283
+ # @note When making an API call, you may pass AwsS3BucketWebsiteConfigurationRoutingRuleRedirect
15284
+ # data as a hash:
15285
+ #
15286
+ # {
15287
+ # hostname: "NonEmptyString",
15288
+ # http_redirect_code: "NonEmptyString",
15289
+ # protocol: "NonEmptyString",
15290
+ # replace_key_prefix_with: "NonEmptyString",
15291
+ # replace_key_with: "NonEmptyString",
15292
+ # }
15293
+ #
15294
+ # @!attribute [rw] hostname
15295
+ # The host name to use in the redirect request.
15296
+ # @return [String]
15297
+ #
15298
+ # @!attribute [rw] http_redirect_code
15299
+ # The HTTP redirect code to use in the response.
15300
+ # @return [String]
15301
+ #
15302
+ # @!attribute [rw] protocol
15303
+ # The protocol to use to redirect the request. By default, uses the
15304
+ # protocol from the original request.
15305
+ # @return [String]
15306
+ #
15307
+ # @!attribute [rw] replace_key_prefix_with
15308
+ # The object key prefix to use in the redirect request.
15309
+ #
15310
+ # Cannot be provided if `ReplaceKeyWith` is present.
15311
+ # @return [String]
15312
+ #
15313
+ # @!attribute [rw] replace_key_with
15314
+ # The specific object key to use in the redirect request.
15315
+ #
15316
+ # Cannot be provided if `ReplaceKeyPrefixWith` is present.
15317
+ # @return [String]
15318
+ #
15319
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfigurationRoutingRuleRedirect AWS API Documentation
15320
+ #
15321
+ class AwsS3BucketWebsiteConfigurationRoutingRuleRedirect < Struct.new(
15322
+ :hostname,
15323
+ :http_redirect_code,
15324
+ :protocol,
15325
+ :replace_key_prefix_with,
15326
+ :replace_key_with)
15327
+ SENSITIVE = []
15328
+ include Aws::Structure
15329
+ end
15330
+
14086
15331
  # Details about an Amazon S3 object.
14087
15332
  #
14088
15333
  # @note When making an API call, you may pass AwsS3ObjectDetails
@@ -14129,8 +15374,8 @@ module Aws::SecurityHub
14129
15374
  # @return [String]
14130
15375
  #
14131
15376
  # @!attribute [rw] ssekms_key_id
14132
- # The identifier of the KMS symmetric customer managed customer master
14133
- # key (CMK) that was used for the object.
15377
+ # The identifier of the KMS symmetric customer managed key that was
15378
+ # used for the object.
14134
15379
  # @return [String]
14135
15380
  #
14136
15381
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3ObjectDetails AWS API Documentation
@@ -14174,9 +15419,8 @@ module Aws::SecurityHub
14174
15419
  # @return [Boolean]
14175
15420
  #
14176
15421
  # @!attribute [rw] kms_key_id
14177
- # The ARN, Key ID, or alias of the KMS customer master key (CMK) used
14178
- # to encrypt the `SecretString` or `SecretBinary` values for versions
14179
- # of this secret.
15422
+ # The ARN, Key ID, or alias of the KMS key used to encrypt the
15423
+ # `SecretString` or `SecretBinary` values for versions of this secret.
14180
15424
  # @return [String]
14181
15425
  #
14182
15426
  # @!attribute [rw] rotation_enabled
@@ -14992,6 +16236,53 @@ module Aws::SecurityHub
14992
16236
  # ignore_public_acls: false,
14993
16237
  # restrict_public_buckets: false,
14994
16238
  # },
16239
+ # access_control_list: "NonEmptyString",
16240
+ # bucket_logging_configuration: {
16241
+ # destination_bucket_name: "NonEmptyString",
16242
+ # log_file_prefix: "NonEmptyString",
16243
+ # },
16244
+ # bucket_website_configuration: {
16245
+ # error_document: "NonEmptyString",
16246
+ # index_document_suffix: "NonEmptyString",
16247
+ # redirect_all_requests_to: {
16248
+ # hostname: "NonEmptyString",
16249
+ # protocol: "NonEmptyString",
16250
+ # },
16251
+ # routing_rules: [
16252
+ # {
16253
+ # condition: {
16254
+ # http_error_code_returned_equals: "NonEmptyString",
16255
+ # key_prefix_equals: "NonEmptyString",
16256
+ # },
16257
+ # redirect: {
16258
+ # hostname: "NonEmptyString",
16259
+ # http_redirect_code: "NonEmptyString",
16260
+ # protocol: "NonEmptyString",
16261
+ # replace_key_prefix_with: "NonEmptyString",
16262
+ # replace_key_with: "NonEmptyString",
16263
+ # },
16264
+ # },
16265
+ # ],
16266
+ # },
16267
+ # bucket_notification_configuration: {
16268
+ # configurations: [
16269
+ # {
16270
+ # events: ["NonEmptyString"],
16271
+ # filter: {
16272
+ # s3_key_filter: {
16273
+ # filter_rules: [
16274
+ # {
16275
+ # name: "Prefix", # accepts Prefix, Suffix
16276
+ # value: "NonEmptyString",
16277
+ # },
16278
+ # ],
16279
+ # },
16280
+ # },
16281
+ # destination: "NonEmptyString",
16282
+ # type: "NonEmptyString",
16283
+ # },
16284
+ # ],
16285
+ # },
14995
16286
  # },
14996
16287
  # aws_s3_account_public_access_block: {
14997
16288
  # block_public_acls: false,
@@ -15679,6 +16970,7 @@ module Aws::SecurityHub
15679
16970
  # key_state: "NonEmptyString",
15680
16971
  # origin: "NonEmptyString",
15681
16972
  # description: "NonEmptyString",
16973
+ # key_rotation_status: false,
15682
16974
  # },
15683
16975
  # aws_lambda_function: {
15684
16976
  # code: {
@@ -16370,6 +17662,99 @@ module Aws::SecurityHub
16370
17662
  # ],
16371
17663
  # task_definition: "NonEmptyString",
16372
17664
  # },
17665
+ # aws_auto_scaling_launch_configuration: {
17666
+ # associate_public_ip_address: false,
17667
+ # block_device_mappings: [
17668
+ # {
17669
+ # device_name: "NonEmptyString",
17670
+ # ebs: {
17671
+ # delete_on_termination: false,
17672
+ # encrypted: false,
17673
+ # iops: 1,
17674
+ # snapshot_id: "NonEmptyString",
17675
+ # volume_size: 1,
17676
+ # volume_type: "NonEmptyString",
17677
+ # },
17678
+ # no_device: false,
17679
+ # virtual_name: "NonEmptyString",
17680
+ # },
17681
+ # ],
17682
+ # classic_link_vpc_id: "NonEmptyString",
17683
+ # classic_link_vpc_security_groups: ["NonEmptyString"],
17684
+ # created_time: "NonEmptyString",
17685
+ # ebs_optimized: false,
17686
+ # iam_instance_profile: "NonEmptyString",
17687
+ # image_id: "NonEmptyString",
17688
+ # instance_monitoring: {
17689
+ # enabled: false,
17690
+ # },
17691
+ # instance_type: "NonEmptyString",
17692
+ # kernel_id: "NonEmptyString",
17693
+ # key_name: "NonEmptyString",
17694
+ # launch_configuration_name: "NonEmptyString",
17695
+ # placement_tenancy: "NonEmptyString",
17696
+ # ramdisk_id: "NonEmptyString",
17697
+ # security_groups: ["NonEmptyString"],
17698
+ # spot_price: "NonEmptyString",
17699
+ # user_data: "NonEmptyString",
17700
+ # },
17701
+ # aws_ec2_vpn_connection: {
17702
+ # vpn_connection_id: "NonEmptyString",
17703
+ # state: "NonEmptyString",
17704
+ # customer_gateway_id: "NonEmptyString",
17705
+ # customer_gateway_configuration: "NonEmptyString",
17706
+ # type: "NonEmptyString",
17707
+ # vpn_gateway_id: "NonEmptyString",
17708
+ # category: "NonEmptyString",
17709
+ # vgw_telemetry: [
17710
+ # {
17711
+ # accepted_route_count: 1,
17712
+ # certificate_arn: "NonEmptyString",
17713
+ # last_status_change: "NonEmptyString",
17714
+ # outside_ip_address: "NonEmptyString",
17715
+ # status: "NonEmptyString",
17716
+ # status_message: "NonEmptyString",
17717
+ # },
17718
+ # ],
17719
+ # options: {
17720
+ # static_routes_only: false,
17721
+ # tunnel_options: [
17722
+ # {
17723
+ # dpd_timeout_seconds: 1,
17724
+ # ike_versions: ["NonEmptyString"],
17725
+ # outside_ip_address: "NonEmptyString",
17726
+ # phase_1_dh_group_numbers: [1],
17727
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
17728
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
17729
+ # phase_1_lifetime_seconds: 1,
17730
+ # phase_2_dh_group_numbers: [1],
17731
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
17732
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
17733
+ # phase_2_lifetime_seconds: 1,
17734
+ # pre_shared_key: "NonEmptyString",
17735
+ # rekey_fuzz_percentage: 1,
17736
+ # rekey_margin_time_seconds: 1,
17737
+ # replay_window_size: 1,
17738
+ # tunnel_inside_cidr: "NonEmptyString",
17739
+ # },
17740
+ # ],
17741
+ # },
17742
+ # routes: [
17743
+ # {
17744
+ # destination_cidr_block: "NonEmptyString",
17745
+ # state: "NonEmptyString",
17746
+ # },
17747
+ # ],
17748
+ # transit_gateway_id: "NonEmptyString",
17749
+ # },
17750
+ # aws_ecr_container_image: {
17751
+ # registry_id: "NonEmptyString",
17752
+ # repository_name: "NonEmptyString",
17753
+ # architecture: "NonEmptyString",
17754
+ # image_digest: "NonEmptyString",
17755
+ # image_tags: ["NonEmptyString"],
17756
+ # image_published_at: "NonEmptyString",
17757
+ # },
16373
17758
  # },
16374
17759
  # },
16375
17760
  # ],
@@ -16410,6 +17795,8 @@ module Aws::SecurityHub
16410
17795
  # epoch: "NonEmptyString",
16411
17796
  # release: "NonEmptyString",
16412
17797
  # architecture: "NonEmptyString",
17798
+ # package_manager: "NonEmptyString",
17799
+ # file_path: "NonEmptyString",
16413
17800
  # },
16414
17801
  # ],
16415
17802
  # cvss: [
@@ -16417,6 +17804,13 @@ module Aws::SecurityHub
16417
17804
  # version: "NonEmptyString",
16418
17805
  # base_score: 1.0,
16419
17806
  # base_vector: "NonEmptyString",
17807
+ # source: "NonEmptyString",
17808
+ # adjustments: [
17809
+ # {
17810
+ # metric: "NonEmptyString",
17811
+ # reason: "NonEmptyString",
17812
+ # },
17813
+ # ],
16420
17814
  # },
16421
17815
  # ],
16422
17816
  # related_vulnerabilities: ["NonEmptyString"],
@@ -16595,7 +17989,7 @@ module Aws::SecurityHub
16595
17989
  # name, you use this attribute.
16596
17990
  #
16597
17991
  # When you use the Security Hub API to filter findings by product
16598
- # name, you use the `aws/securityhub/ProductyName` attribute under
17992
+ # name, you use the `aws/securityhub/ProductName` attribute under
16599
17993
  # `ProductFields`.
16600
17994
  #
16601
17995
  # Security Hub does not synchronize those two attributes.
@@ -18137,8 +19531,8 @@ module Aws::SecurityHub
18137
19531
  # }
18138
19532
  #
18139
19533
  # @!attribute [rw] kms_master_key_id
18140
- # The ID of an Amazon Web Services managed customer master key (CMK)
18141
- # for Amazon SNS or a custom CMK.
19534
+ # The ID of an Amazon Web Services managed key for Amazon SNS or a
19535
+ # customer managed key.
18142
19536
  # @return [String]
18143
19537
  #
18144
19538
  # @!attribute [rw] subscription
@@ -18210,8 +19604,8 @@ module Aws::SecurityHub
18210
19604
  # @return [Integer]
18211
19605
  #
18212
19606
  # @!attribute [rw] kms_master_key_id
18213
- # The ID of an Amazon Web Services managed customer master key (CMK)
18214
- # for Amazon SQS or a custom CMK.
19607
+ # The ID of an Amazon Web Services managed key for Amazon SQS or a
19608
+ # custom KMS key.
18215
19609
  # @return [String]
18216
19610
  #
18217
19611
  # @!attribute [rw] queue_name
@@ -19424,6 +20818,53 @@ module Aws::SecurityHub
19424
20818
  # ignore_public_acls: false,
19425
20819
  # restrict_public_buckets: false,
19426
20820
  # },
20821
+ # access_control_list: "NonEmptyString",
20822
+ # bucket_logging_configuration: {
20823
+ # destination_bucket_name: "NonEmptyString",
20824
+ # log_file_prefix: "NonEmptyString",
20825
+ # },
20826
+ # bucket_website_configuration: {
20827
+ # error_document: "NonEmptyString",
20828
+ # index_document_suffix: "NonEmptyString",
20829
+ # redirect_all_requests_to: {
20830
+ # hostname: "NonEmptyString",
20831
+ # protocol: "NonEmptyString",
20832
+ # },
20833
+ # routing_rules: [
20834
+ # {
20835
+ # condition: {
20836
+ # http_error_code_returned_equals: "NonEmptyString",
20837
+ # key_prefix_equals: "NonEmptyString",
20838
+ # },
20839
+ # redirect: {
20840
+ # hostname: "NonEmptyString",
20841
+ # http_redirect_code: "NonEmptyString",
20842
+ # protocol: "NonEmptyString",
20843
+ # replace_key_prefix_with: "NonEmptyString",
20844
+ # replace_key_with: "NonEmptyString",
20845
+ # },
20846
+ # },
20847
+ # ],
20848
+ # },
20849
+ # bucket_notification_configuration: {
20850
+ # configurations: [
20851
+ # {
20852
+ # events: ["NonEmptyString"],
20853
+ # filter: {
20854
+ # s3_key_filter: {
20855
+ # filter_rules: [
20856
+ # {
20857
+ # name: "Prefix", # accepts Prefix, Suffix
20858
+ # value: "NonEmptyString",
20859
+ # },
20860
+ # ],
20861
+ # },
20862
+ # },
20863
+ # destination: "NonEmptyString",
20864
+ # type: "NonEmptyString",
20865
+ # },
20866
+ # ],
20867
+ # },
19427
20868
  # },
19428
20869
  # aws_s3_account_public_access_block: {
19429
20870
  # block_public_acls: false,
@@ -20111,6 +21552,7 @@ module Aws::SecurityHub
20111
21552
  # key_state: "NonEmptyString",
20112
21553
  # origin: "NonEmptyString",
20113
21554
  # description: "NonEmptyString",
21555
+ # key_rotation_status: false,
20114
21556
  # },
20115
21557
  # aws_lambda_function: {
20116
21558
  # code: {
@@ -20802,6 +22244,99 @@ module Aws::SecurityHub
20802
22244
  # ],
20803
22245
  # task_definition: "NonEmptyString",
20804
22246
  # },
22247
+ # aws_auto_scaling_launch_configuration: {
22248
+ # associate_public_ip_address: false,
22249
+ # block_device_mappings: [
22250
+ # {
22251
+ # device_name: "NonEmptyString",
22252
+ # ebs: {
22253
+ # delete_on_termination: false,
22254
+ # encrypted: false,
22255
+ # iops: 1,
22256
+ # snapshot_id: "NonEmptyString",
22257
+ # volume_size: 1,
22258
+ # volume_type: "NonEmptyString",
22259
+ # },
22260
+ # no_device: false,
22261
+ # virtual_name: "NonEmptyString",
22262
+ # },
22263
+ # ],
22264
+ # classic_link_vpc_id: "NonEmptyString",
22265
+ # classic_link_vpc_security_groups: ["NonEmptyString"],
22266
+ # created_time: "NonEmptyString",
22267
+ # ebs_optimized: false,
22268
+ # iam_instance_profile: "NonEmptyString",
22269
+ # image_id: "NonEmptyString",
22270
+ # instance_monitoring: {
22271
+ # enabled: false,
22272
+ # },
22273
+ # instance_type: "NonEmptyString",
22274
+ # kernel_id: "NonEmptyString",
22275
+ # key_name: "NonEmptyString",
22276
+ # launch_configuration_name: "NonEmptyString",
22277
+ # placement_tenancy: "NonEmptyString",
22278
+ # ramdisk_id: "NonEmptyString",
22279
+ # security_groups: ["NonEmptyString"],
22280
+ # spot_price: "NonEmptyString",
22281
+ # user_data: "NonEmptyString",
22282
+ # },
22283
+ # aws_ec2_vpn_connection: {
22284
+ # vpn_connection_id: "NonEmptyString",
22285
+ # state: "NonEmptyString",
22286
+ # customer_gateway_id: "NonEmptyString",
22287
+ # customer_gateway_configuration: "NonEmptyString",
22288
+ # type: "NonEmptyString",
22289
+ # vpn_gateway_id: "NonEmptyString",
22290
+ # category: "NonEmptyString",
22291
+ # vgw_telemetry: [
22292
+ # {
22293
+ # accepted_route_count: 1,
22294
+ # certificate_arn: "NonEmptyString",
22295
+ # last_status_change: "NonEmptyString",
22296
+ # outside_ip_address: "NonEmptyString",
22297
+ # status: "NonEmptyString",
22298
+ # status_message: "NonEmptyString",
22299
+ # },
22300
+ # ],
22301
+ # options: {
22302
+ # static_routes_only: false,
22303
+ # tunnel_options: [
22304
+ # {
22305
+ # dpd_timeout_seconds: 1,
22306
+ # ike_versions: ["NonEmptyString"],
22307
+ # outside_ip_address: "NonEmptyString",
22308
+ # phase_1_dh_group_numbers: [1],
22309
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
22310
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
22311
+ # phase_1_lifetime_seconds: 1,
22312
+ # phase_2_dh_group_numbers: [1],
22313
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
22314
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
22315
+ # phase_2_lifetime_seconds: 1,
22316
+ # pre_shared_key: "NonEmptyString",
22317
+ # rekey_fuzz_percentage: 1,
22318
+ # rekey_margin_time_seconds: 1,
22319
+ # replay_window_size: 1,
22320
+ # tunnel_inside_cidr: "NonEmptyString",
22321
+ # },
22322
+ # ],
22323
+ # },
22324
+ # routes: [
22325
+ # {
22326
+ # destination_cidr_block: "NonEmptyString",
22327
+ # state: "NonEmptyString",
22328
+ # },
22329
+ # ],
22330
+ # transit_gateway_id: "NonEmptyString",
22331
+ # },
22332
+ # aws_ecr_container_image: {
22333
+ # registry_id: "NonEmptyString",
22334
+ # repository_name: "NonEmptyString",
22335
+ # architecture: "NonEmptyString",
22336
+ # image_digest: "NonEmptyString",
22337
+ # image_tags: ["NonEmptyString"],
22338
+ # image_published_at: "NonEmptyString",
22339
+ # },
20805
22340
  # },
20806
22341
  # },
20807
22342
  # ],
@@ -20842,6 +22377,8 @@ module Aws::SecurityHub
20842
22377
  # epoch: "NonEmptyString",
20843
22378
  # release: "NonEmptyString",
20844
22379
  # architecture: "NonEmptyString",
22380
+ # package_manager: "NonEmptyString",
22381
+ # file_path: "NonEmptyString",
20845
22382
  # },
20846
22383
  # ],
20847
22384
  # cvss: [
@@ -20849,6 +22386,13 @@ module Aws::SecurityHub
20849
22386
  # version: "NonEmptyString",
20850
22387
  # base_score: 1.0,
20851
22388
  # base_vector: "NonEmptyString",
22389
+ # source: "NonEmptyString",
22390
+ # adjustments: [
22391
+ # {
22392
+ # metric: "NonEmptyString",
22393
+ # reason: "NonEmptyString",
22394
+ # },
22395
+ # ],
20852
22396
  # },
20853
22397
  # ],
20854
22398
  # related_vulnerabilities: ["NonEmptyString"],
@@ -22579,6 +24123,13 @@ module Aws::SecurityHub
22579
24123
  # version: "NonEmptyString",
22580
24124
  # base_score: 1.0,
22581
24125
  # base_vector: "NonEmptyString",
24126
+ # source: "NonEmptyString",
24127
+ # adjustments: [
24128
+ # {
24129
+ # metric: "NonEmptyString",
24130
+ # reason: "NonEmptyString",
24131
+ # },
24132
+ # ],
22582
24133
  # }
22583
24134
  #
22584
24135
  # @!attribute [rw] version
@@ -22593,12 +24144,22 @@ module Aws::SecurityHub
22593
24144
  # The base scoring vector for the CVSS score.
22594
24145
  # @return [String]
22595
24146
  #
24147
+ # @!attribute [rw] source
24148
+ # The origin of the original CVSS score and vector.
24149
+ # @return [String]
24150
+ #
24151
+ # @!attribute [rw] adjustments
24152
+ # Adjustments to the CVSS metrics.
24153
+ # @return [Array<Types::Adjustment>]
24154
+ #
22596
24155
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Cvss AWS API Documentation
22597
24156
  #
22598
24157
  class Cvss < Struct.new(
22599
24158
  :version,
22600
24159
  :base_score,
22601
- :base_vector)
24160
+ :base_vector,
24161
+ :source,
24162
+ :adjustments)
22602
24163
  SENSITIVE = []
22603
24164
  include Aws::Structure
22604
24165
  end
@@ -26341,8 +27902,8 @@ module Aws::SecurityHub
26341
27902
  # For integrations with Amazon Web Services services, the Amazon Web
26342
27903
  # Services Console URL from which to activate the service.
26343
27904
  #
26344
- # For integrations with third-party products, the Marketplace URL from
26345
- # which to subscribe to or purchase the product.
27905
+ # For integrations with third-party products, the Amazon Web Services
27906
+ # Marketplace URL from which to subscribe to or purchase the product.
26346
27907
  # @return [String]
26347
27908
  #
26348
27909
  # @!attribute [rw] activation_url
@@ -27142,6 +28703,53 @@ module Aws::SecurityHub
27142
28703
  # ignore_public_acls: false,
27143
28704
  # restrict_public_buckets: false,
27144
28705
  # },
28706
+ # access_control_list: "NonEmptyString",
28707
+ # bucket_logging_configuration: {
28708
+ # destination_bucket_name: "NonEmptyString",
28709
+ # log_file_prefix: "NonEmptyString",
28710
+ # },
28711
+ # bucket_website_configuration: {
28712
+ # error_document: "NonEmptyString",
28713
+ # index_document_suffix: "NonEmptyString",
28714
+ # redirect_all_requests_to: {
28715
+ # hostname: "NonEmptyString",
28716
+ # protocol: "NonEmptyString",
28717
+ # },
28718
+ # routing_rules: [
28719
+ # {
28720
+ # condition: {
28721
+ # http_error_code_returned_equals: "NonEmptyString",
28722
+ # key_prefix_equals: "NonEmptyString",
28723
+ # },
28724
+ # redirect: {
28725
+ # hostname: "NonEmptyString",
28726
+ # http_redirect_code: "NonEmptyString",
28727
+ # protocol: "NonEmptyString",
28728
+ # replace_key_prefix_with: "NonEmptyString",
28729
+ # replace_key_with: "NonEmptyString",
28730
+ # },
28731
+ # },
28732
+ # ],
28733
+ # },
28734
+ # bucket_notification_configuration: {
28735
+ # configurations: [
28736
+ # {
28737
+ # events: ["NonEmptyString"],
28738
+ # filter: {
28739
+ # s3_key_filter: {
28740
+ # filter_rules: [
28741
+ # {
28742
+ # name: "Prefix", # accepts Prefix, Suffix
28743
+ # value: "NonEmptyString",
28744
+ # },
28745
+ # ],
28746
+ # },
28747
+ # },
28748
+ # destination: "NonEmptyString",
28749
+ # type: "NonEmptyString",
28750
+ # },
28751
+ # ],
28752
+ # },
27145
28753
  # },
27146
28754
  # aws_s3_account_public_access_block: {
27147
28755
  # block_public_acls: false,
@@ -27829,6 +29437,7 @@ module Aws::SecurityHub
27829
29437
  # key_state: "NonEmptyString",
27830
29438
  # origin: "NonEmptyString",
27831
29439
  # description: "NonEmptyString",
29440
+ # key_rotation_status: false,
27832
29441
  # },
27833
29442
  # aws_lambda_function: {
27834
29443
  # code: {
@@ -28520,6 +30129,99 @@ module Aws::SecurityHub
28520
30129
  # ],
28521
30130
  # task_definition: "NonEmptyString",
28522
30131
  # },
30132
+ # aws_auto_scaling_launch_configuration: {
30133
+ # associate_public_ip_address: false,
30134
+ # block_device_mappings: [
30135
+ # {
30136
+ # device_name: "NonEmptyString",
30137
+ # ebs: {
30138
+ # delete_on_termination: false,
30139
+ # encrypted: false,
30140
+ # iops: 1,
30141
+ # snapshot_id: "NonEmptyString",
30142
+ # volume_size: 1,
30143
+ # volume_type: "NonEmptyString",
30144
+ # },
30145
+ # no_device: false,
30146
+ # virtual_name: "NonEmptyString",
30147
+ # },
30148
+ # ],
30149
+ # classic_link_vpc_id: "NonEmptyString",
30150
+ # classic_link_vpc_security_groups: ["NonEmptyString"],
30151
+ # created_time: "NonEmptyString",
30152
+ # ebs_optimized: false,
30153
+ # iam_instance_profile: "NonEmptyString",
30154
+ # image_id: "NonEmptyString",
30155
+ # instance_monitoring: {
30156
+ # enabled: false,
30157
+ # },
30158
+ # instance_type: "NonEmptyString",
30159
+ # kernel_id: "NonEmptyString",
30160
+ # key_name: "NonEmptyString",
30161
+ # launch_configuration_name: "NonEmptyString",
30162
+ # placement_tenancy: "NonEmptyString",
30163
+ # ramdisk_id: "NonEmptyString",
30164
+ # security_groups: ["NonEmptyString"],
30165
+ # spot_price: "NonEmptyString",
30166
+ # user_data: "NonEmptyString",
30167
+ # },
30168
+ # aws_ec2_vpn_connection: {
30169
+ # vpn_connection_id: "NonEmptyString",
30170
+ # state: "NonEmptyString",
30171
+ # customer_gateway_id: "NonEmptyString",
30172
+ # customer_gateway_configuration: "NonEmptyString",
30173
+ # type: "NonEmptyString",
30174
+ # vpn_gateway_id: "NonEmptyString",
30175
+ # category: "NonEmptyString",
30176
+ # vgw_telemetry: [
30177
+ # {
30178
+ # accepted_route_count: 1,
30179
+ # certificate_arn: "NonEmptyString",
30180
+ # last_status_change: "NonEmptyString",
30181
+ # outside_ip_address: "NonEmptyString",
30182
+ # status: "NonEmptyString",
30183
+ # status_message: "NonEmptyString",
30184
+ # },
30185
+ # ],
30186
+ # options: {
30187
+ # static_routes_only: false,
30188
+ # tunnel_options: [
30189
+ # {
30190
+ # dpd_timeout_seconds: 1,
30191
+ # ike_versions: ["NonEmptyString"],
30192
+ # outside_ip_address: "NonEmptyString",
30193
+ # phase_1_dh_group_numbers: [1],
30194
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
30195
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
30196
+ # phase_1_lifetime_seconds: 1,
30197
+ # phase_2_dh_group_numbers: [1],
30198
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
30199
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
30200
+ # phase_2_lifetime_seconds: 1,
30201
+ # pre_shared_key: "NonEmptyString",
30202
+ # rekey_fuzz_percentage: 1,
30203
+ # rekey_margin_time_seconds: 1,
30204
+ # replay_window_size: 1,
30205
+ # tunnel_inside_cidr: "NonEmptyString",
30206
+ # },
30207
+ # ],
30208
+ # },
30209
+ # routes: [
30210
+ # {
30211
+ # destination_cidr_block: "NonEmptyString",
30212
+ # state: "NonEmptyString",
30213
+ # },
30214
+ # ],
30215
+ # transit_gateway_id: "NonEmptyString",
30216
+ # },
30217
+ # aws_ecr_container_image: {
30218
+ # registry_id: "NonEmptyString",
30219
+ # repository_name: "NonEmptyString",
30220
+ # architecture: "NonEmptyString",
30221
+ # image_digest: "NonEmptyString",
30222
+ # image_tags: ["NonEmptyString"],
30223
+ # image_published_at: "NonEmptyString",
30224
+ # },
28523
30225
  # },
28524
30226
  # }
28525
30227
  #
@@ -29096,6 +30798,53 @@ module Aws::SecurityHub
29096
30798
  # ignore_public_acls: false,
29097
30799
  # restrict_public_buckets: false,
29098
30800
  # },
30801
+ # access_control_list: "NonEmptyString",
30802
+ # bucket_logging_configuration: {
30803
+ # destination_bucket_name: "NonEmptyString",
30804
+ # log_file_prefix: "NonEmptyString",
30805
+ # },
30806
+ # bucket_website_configuration: {
30807
+ # error_document: "NonEmptyString",
30808
+ # index_document_suffix: "NonEmptyString",
30809
+ # redirect_all_requests_to: {
30810
+ # hostname: "NonEmptyString",
30811
+ # protocol: "NonEmptyString",
30812
+ # },
30813
+ # routing_rules: [
30814
+ # {
30815
+ # condition: {
30816
+ # http_error_code_returned_equals: "NonEmptyString",
30817
+ # key_prefix_equals: "NonEmptyString",
30818
+ # },
30819
+ # redirect: {
30820
+ # hostname: "NonEmptyString",
30821
+ # http_redirect_code: "NonEmptyString",
30822
+ # protocol: "NonEmptyString",
30823
+ # replace_key_prefix_with: "NonEmptyString",
30824
+ # replace_key_with: "NonEmptyString",
30825
+ # },
30826
+ # },
30827
+ # ],
30828
+ # },
30829
+ # bucket_notification_configuration: {
30830
+ # configurations: [
30831
+ # {
30832
+ # events: ["NonEmptyString"],
30833
+ # filter: {
30834
+ # s3_key_filter: {
30835
+ # filter_rules: [
30836
+ # {
30837
+ # name: "Prefix", # accepts Prefix, Suffix
30838
+ # value: "NonEmptyString",
30839
+ # },
30840
+ # ],
30841
+ # },
30842
+ # },
30843
+ # destination: "NonEmptyString",
30844
+ # type: "NonEmptyString",
30845
+ # },
30846
+ # ],
30847
+ # },
29099
30848
  # },
29100
30849
  # aws_s3_account_public_access_block: {
29101
30850
  # block_public_acls: false,
@@ -29783,6 +31532,7 @@ module Aws::SecurityHub
29783
31532
  # key_state: "NonEmptyString",
29784
31533
  # origin: "NonEmptyString",
29785
31534
  # description: "NonEmptyString",
31535
+ # key_rotation_status: false,
29786
31536
  # },
29787
31537
  # aws_lambda_function: {
29788
31538
  # code: {
@@ -30474,6 +32224,99 @@ module Aws::SecurityHub
30474
32224
  # ],
30475
32225
  # task_definition: "NonEmptyString",
30476
32226
  # },
32227
+ # aws_auto_scaling_launch_configuration: {
32228
+ # associate_public_ip_address: false,
32229
+ # block_device_mappings: [
32230
+ # {
32231
+ # device_name: "NonEmptyString",
32232
+ # ebs: {
32233
+ # delete_on_termination: false,
32234
+ # encrypted: false,
32235
+ # iops: 1,
32236
+ # snapshot_id: "NonEmptyString",
32237
+ # volume_size: 1,
32238
+ # volume_type: "NonEmptyString",
32239
+ # },
32240
+ # no_device: false,
32241
+ # virtual_name: "NonEmptyString",
32242
+ # },
32243
+ # ],
32244
+ # classic_link_vpc_id: "NonEmptyString",
32245
+ # classic_link_vpc_security_groups: ["NonEmptyString"],
32246
+ # created_time: "NonEmptyString",
32247
+ # ebs_optimized: false,
32248
+ # iam_instance_profile: "NonEmptyString",
32249
+ # image_id: "NonEmptyString",
32250
+ # instance_monitoring: {
32251
+ # enabled: false,
32252
+ # },
32253
+ # instance_type: "NonEmptyString",
32254
+ # kernel_id: "NonEmptyString",
32255
+ # key_name: "NonEmptyString",
32256
+ # launch_configuration_name: "NonEmptyString",
32257
+ # placement_tenancy: "NonEmptyString",
32258
+ # ramdisk_id: "NonEmptyString",
32259
+ # security_groups: ["NonEmptyString"],
32260
+ # spot_price: "NonEmptyString",
32261
+ # user_data: "NonEmptyString",
32262
+ # },
32263
+ # aws_ec2_vpn_connection: {
32264
+ # vpn_connection_id: "NonEmptyString",
32265
+ # state: "NonEmptyString",
32266
+ # customer_gateway_id: "NonEmptyString",
32267
+ # customer_gateway_configuration: "NonEmptyString",
32268
+ # type: "NonEmptyString",
32269
+ # vpn_gateway_id: "NonEmptyString",
32270
+ # category: "NonEmptyString",
32271
+ # vgw_telemetry: [
32272
+ # {
32273
+ # accepted_route_count: 1,
32274
+ # certificate_arn: "NonEmptyString",
32275
+ # last_status_change: "NonEmptyString",
32276
+ # outside_ip_address: "NonEmptyString",
32277
+ # status: "NonEmptyString",
32278
+ # status_message: "NonEmptyString",
32279
+ # },
32280
+ # ],
32281
+ # options: {
32282
+ # static_routes_only: false,
32283
+ # tunnel_options: [
32284
+ # {
32285
+ # dpd_timeout_seconds: 1,
32286
+ # ike_versions: ["NonEmptyString"],
32287
+ # outside_ip_address: "NonEmptyString",
32288
+ # phase_1_dh_group_numbers: [1],
32289
+ # phase_1_encryption_algorithms: ["NonEmptyString"],
32290
+ # phase_1_integrity_algorithms: ["NonEmptyString"],
32291
+ # phase_1_lifetime_seconds: 1,
32292
+ # phase_2_dh_group_numbers: [1],
32293
+ # phase_2_encryption_algorithms: ["NonEmptyString"],
32294
+ # phase_2_integrity_algorithms: ["NonEmptyString"],
32295
+ # phase_2_lifetime_seconds: 1,
32296
+ # pre_shared_key: "NonEmptyString",
32297
+ # rekey_fuzz_percentage: 1,
32298
+ # rekey_margin_time_seconds: 1,
32299
+ # replay_window_size: 1,
32300
+ # tunnel_inside_cidr: "NonEmptyString",
32301
+ # },
32302
+ # ],
32303
+ # },
32304
+ # routes: [
32305
+ # {
32306
+ # destination_cidr_block: "NonEmptyString",
32307
+ # state: "NonEmptyString",
32308
+ # },
32309
+ # ],
32310
+ # transit_gateway_id: "NonEmptyString",
32311
+ # },
32312
+ # aws_ecr_container_image: {
32313
+ # registry_id: "NonEmptyString",
32314
+ # repository_name: "NonEmptyString",
32315
+ # architecture: "NonEmptyString",
32316
+ # image_digest: "NonEmptyString",
32317
+ # image_tags: ["NonEmptyString"],
32318
+ # image_published_at: "NonEmptyString",
32319
+ # },
30477
32320
  # }
30478
32321
  #
30479
32322
  # @!attribute [rw] aws_auto_scaling_auto_scaling_group
@@ -30600,7 +32443,7 @@ module Aws::SecurityHub
30600
32443
  # @return [Types::AwsRedshiftClusterDetails]
30601
32444
  #
30602
32445
  # @!attribute [rw] aws_elb_load_balancer
30603
- # contains details about a Classic Load Balancer.
32446
+ # Contains details about a Classic Load Balancer.
30604
32447
  # @return [Types::AwsElbLoadBalancerDetails]
30605
32448
  #
30606
32449
  # @!attribute [rw] aws_iam_group
@@ -30687,6 +32530,18 @@ module Aws::SecurityHub
30687
32530
  # Details about a service within an ECS cluster.
30688
32531
  # @return [Types::AwsEcsServiceDetails]
30689
32532
  #
32533
+ # @!attribute [rw] aws_auto_scaling_launch_configuration
32534
+ # Provides details about a launch configuration.
32535
+ # @return [Types::AwsAutoScalingLaunchConfigurationDetails]
32536
+ #
32537
+ # @!attribute [rw] aws_ec2_vpn_connection
32538
+ # Details about an EC2 VPN connection.
32539
+ # @return [Types::AwsEc2VpnConnectionDetails]
32540
+ #
32541
+ # @!attribute [rw] aws_ecr_container_image
32542
+ # information about an Amazon ECR image.
32543
+ # @return [Types::AwsEcrContainerImageDetails]
32544
+ #
30690
32545
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
30691
32546
  #
30692
32547
  class ResourceDetails < Struct.new(
@@ -30738,7 +32593,10 @@ module Aws::SecurityHub
30738
32593
  :container,
30739
32594
  :other,
30740
32595
  :aws_rds_event_subscription,
30741
- :aws_ecs_service)
32596
+ :aws_ecs_service,
32597
+ :aws_auto_scaling_launch_configuration,
32598
+ :aws_ec2_vpn_connection,
32599
+ :aws_ecr_container_image)
30742
32600
  SENSITIVE = []
30743
32601
  include Aws::Structure
30744
32602
  end
@@ -31111,6 +32969,8 @@ module Aws::SecurityHub
31111
32969
  # epoch: "NonEmptyString",
31112
32970
  # release: "NonEmptyString",
31113
32971
  # architecture: "NonEmptyString",
32972
+ # package_manager: "NonEmptyString",
32973
+ # file_path: "NonEmptyString",
31114
32974
  # }
31115
32975
  #
31116
32976
  # @!attribute [rw] name
@@ -31133,6 +32993,14 @@ module Aws::SecurityHub
31133
32993
  # The architecture used for the software package.
31134
32994
  # @return [String]
31135
32995
  #
32996
+ # @!attribute [rw] package_manager
32997
+ # The source of the package.
32998
+ # @return [String]
32999
+ #
33000
+ # @!attribute [rw] file_path
33001
+ # The file system path to the package manager inventory file.
33002
+ # @return [String]
33003
+ #
31136
33004
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SoftwarePackage AWS API Documentation
31137
33005
  #
31138
33006
  class SoftwarePackage < Struct.new(
@@ -31140,7 +33008,9 @@ module Aws::SecurityHub
31140
33008
  :version,
31141
33009
  :epoch,
31142
33010
  :release,
31143
- :architecture)
33011
+ :architecture,
33012
+ :package_manager,
33013
+ :file_path)
31144
33014
  SENSITIVE = []
31145
33015
  include Aws::Structure
31146
33016
  end
@@ -33061,6 +34931,8 @@ module Aws::SecurityHub
33061
34931
  # epoch: "NonEmptyString",
33062
34932
  # release: "NonEmptyString",
33063
34933
  # architecture: "NonEmptyString",
34934
+ # package_manager: "NonEmptyString",
34935
+ # file_path: "NonEmptyString",
33064
34936
  # },
33065
34937
  # ],
33066
34938
  # cvss: [
@@ -33068,6 +34940,13 @@ module Aws::SecurityHub
33068
34940
  # version: "NonEmptyString",
33069
34941
  # base_score: 1.0,
33070
34942
  # base_vector: "NonEmptyString",
34943
+ # source: "NonEmptyString",
34944
+ # adjustments: [
34945
+ # {
34946
+ # metric: "NonEmptyString",
34947
+ # reason: "NonEmptyString",
34948
+ # },
34949
+ # ],
33071
34950
  # },
33072
34951
  # ],
33073
34952
  # related_vulnerabilities: ["NonEmptyString"],
@@ -33271,8 +35150,13 @@ module Aws::SecurityHub
33271
35150
  # }
33272
35151
  #
33273
35152
  # @!attribute [rw] status
33274
- # The status of the investigation into the finding. The allowed values
33275
- # are the following.
35153
+ # The status of the investigation into the finding. The workflow
35154
+ # status is specific to an individual finding. It does not affect the
35155
+ # generation of new findings. For example, setting the workflow status
35156
+ # to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the
35157
+ # same issue.
35158
+ #
35159
+ # The allowed values are the following.
33276
35160
  #
33277
35161
  # * `NEW` - The initial state of a finding, before it is reviewed.
33278
35162
  #
@@ -33288,8 +35172,9 @@ module Aws::SecurityHub
33288
35172
  # the security issue. Used when the initial reviewer is not the
33289
35173
  # resource owner, and needs intervention from the resource owner.
33290
35174
  #
33291
- # * `SUPPRESSED` - The finding will not be reviewed again and will not
33292
- # be acted upon.
35175
+ # * `SUPPRESSED` - Indicates that you reviewed the finding and do not
35176
+ # believe that any action is needed. The finding is no longer
35177
+ # updated.
33293
35178
  #
33294
35179
  # * `RESOLVED` - The finding was reviewed and remediated and is now
33295
35180
  # considered resolved.
@@ -33313,8 +35198,13 @@ module Aws::SecurityHub
33313
35198
  # }
33314
35199
  #
33315
35200
  # @!attribute [rw] status
33316
- # The status of the investigation into the finding. The allowed values
33317
- # are the following.
35201
+ # The status of the investigation into the finding. The workflow
35202
+ # status is specific to an individual finding. It does not affect the
35203
+ # generation of new findings. For example, setting the workflow status
35204
+ # to `SUPPRESSED` or `RESOLVED` does not prevent a new finding for the
35205
+ # same issue.
35206
+ #
35207
+ # The allowed values are the following.
33318
35208
  #
33319
35209
  # * `NEW` - The initial state of a finding, before it is reviewed.
33320
35210
  #
@@ -33333,8 +35223,9 @@ module Aws::SecurityHub
33333
35223
  # * `RESOLVED` - The finding was reviewed and remediated and is now
33334
35224
  # considered resolved.
33335
35225
  #
33336
- # * `SUPPRESSED` - The finding will not be reviewed again and will not
33337
- # be acted upon.
35226
+ # * `SUPPRESSED` - Indicates that you reviewed the finding and do not
35227
+ # believe that any action is needed. The finding is no longer
35228
+ # updated.
33338
35229
  # @return [String]
33339
35230
  #
33340
35231
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/WorkflowUpdate AWS API Documentation