aws-sdk-securityhub 1.51.0 → 1.55.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +870 -9
- data/lib/aws-sdk-securityhub/client_api.rb +604 -0
- data/lib/aws-sdk-securityhub/types.rb +4655 -60
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +4 -4
|
@@ -825,8 +825,29 @@ module Aws::SecurityHub
|
|
|
825
825
|
# },
|
|
826
826
|
# aws_code_build_project: {
|
|
827
827
|
# encryption_key: "NonEmptyString",
|
|
828
|
+
# artifacts: [
|
|
829
|
+
# {
|
|
830
|
+
# artifact_identifier: "NonEmptyString",
|
|
831
|
+
# encryption_disabled: false,
|
|
832
|
+
# location: "NonEmptyString",
|
|
833
|
+
# name: "NonEmptyString",
|
|
834
|
+
# namespace_type: "NonEmptyString",
|
|
835
|
+
# override_artifact_name: false,
|
|
836
|
+
# packaging: "NonEmptyString",
|
|
837
|
+
# path: "NonEmptyString",
|
|
838
|
+
# type: "NonEmptyString",
|
|
839
|
+
# },
|
|
840
|
+
# ],
|
|
828
841
|
# environment: {
|
|
829
842
|
# certificate: "NonEmptyString",
|
|
843
|
+
# environment_variables: [
|
|
844
|
+
# {
|
|
845
|
+
# name: "NonEmptyString",
|
|
846
|
+
# type: "NonEmptyString",
|
|
847
|
+
# value: "NonEmptyString",
|
|
848
|
+
# },
|
|
849
|
+
# ],
|
|
850
|
+
# privileged_mode: false,
|
|
830
851
|
# image_pull_credentials_type: "NonEmptyString",
|
|
831
852
|
# registry_credential: {
|
|
832
853
|
# credential: "NonEmptyString",
|
|
@@ -842,6 +863,18 @@ module Aws::SecurityHub
|
|
|
842
863
|
# insecure_ssl: false,
|
|
843
864
|
# },
|
|
844
865
|
# service_role: "NonEmptyString",
|
|
866
|
+
# logs_config: {
|
|
867
|
+
# cloud_watch_logs: {
|
|
868
|
+
# group_name: "NonEmptyString",
|
|
869
|
+
# status: "NonEmptyString",
|
|
870
|
+
# stream_name: "NonEmptyString",
|
|
871
|
+
# },
|
|
872
|
+
# s3_logs: {
|
|
873
|
+
# encryption_disabled: false,
|
|
874
|
+
# location: "NonEmptyString",
|
|
875
|
+
# status: "NonEmptyString",
|
|
876
|
+
# },
|
|
877
|
+
# },
|
|
845
878
|
# vpc_config: {
|
|
846
879
|
# vpc_id: "NonEmptyString",
|
|
847
880
|
# subnets: ["NonEmptyString"],
|
|
@@ -893,6 +926,15 @@ module Aws::SecurityHub
|
|
|
893
926
|
# },
|
|
894
927
|
# ],
|
|
895
928
|
# },
|
|
929
|
+
# viewer_certificate: {
|
|
930
|
+
# acm_certificate_arn: "NonEmptyString",
|
|
931
|
+
# certificate: "NonEmptyString",
|
|
932
|
+
# certificate_source: "NonEmptyString",
|
|
933
|
+
# cloud_front_default_certificate: false,
|
|
934
|
+
# iam_certificate_id: "NonEmptyString",
|
|
935
|
+
# minimum_protocol_version: "NonEmptyString",
|
|
936
|
+
# ssl_support_method: "NonEmptyString",
|
|
937
|
+
# },
|
|
896
938
|
# status: "NonEmptyString",
|
|
897
939
|
# web_acl_id: "NonEmptyString",
|
|
898
940
|
# },
|
|
@@ -1131,6 +1173,12 @@ module Aws::SecurityHub
|
|
|
1131
1173
|
# },
|
|
1132
1174
|
# type: "NonEmptyString",
|
|
1133
1175
|
# vpc_id: "NonEmptyString",
|
|
1176
|
+
# load_balancer_attributes: [
|
|
1177
|
+
# {
|
|
1178
|
+
# key: "NonEmptyString",
|
|
1179
|
+
# value: "NonEmptyString",
|
|
1180
|
+
# },
|
|
1181
|
+
# ],
|
|
1134
1182
|
# },
|
|
1135
1183
|
# aws_elastic_beanstalk_environment: {
|
|
1136
1184
|
# application_name: "NonEmptyString",
|
|
@@ -1230,6 +1278,7 @@ module Aws::SecurityHub
|
|
|
1230
1278
|
# aws_s3_bucket: {
|
|
1231
1279
|
# owner_id: "NonEmptyString",
|
|
1232
1280
|
# owner_name: "NonEmptyString",
|
|
1281
|
+
# owner_account_id: "NonEmptyString",
|
|
1233
1282
|
# created_at: "NonEmptyString",
|
|
1234
1283
|
# server_side_encryption_configuration: {
|
|
1235
1284
|
# rules: [
|
|
@@ -1296,6 +1345,53 @@ module Aws::SecurityHub
|
|
|
1296
1345
|
# ignore_public_acls: false,
|
|
1297
1346
|
# restrict_public_buckets: false,
|
|
1298
1347
|
# },
|
|
1348
|
+
# access_control_list: "NonEmptyString",
|
|
1349
|
+
# bucket_logging_configuration: {
|
|
1350
|
+
# destination_bucket_name: "NonEmptyString",
|
|
1351
|
+
# log_file_prefix: "NonEmptyString",
|
|
1352
|
+
# },
|
|
1353
|
+
# bucket_website_configuration: {
|
|
1354
|
+
# error_document: "NonEmptyString",
|
|
1355
|
+
# index_document_suffix: "NonEmptyString",
|
|
1356
|
+
# redirect_all_requests_to: {
|
|
1357
|
+
# hostname: "NonEmptyString",
|
|
1358
|
+
# protocol: "NonEmptyString",
|
|
1359
|
+
# },
|
|
1360
|
+
# routing_rules: [
|
|
1361
|
+
# {
|
|
1362
|
+
# condition: {
|
|
1363
|
+
# http_error_code_returned_equals: "NonEmptyString",
|
|
1364
|
+
# key_prefix_equals: "NonEmptyString",
|
|
1365
|
+
# },
|
|
1366
|
+
# redirect: {
|
|
1367
|
+
# hostname: "NonEmptyString",
|
|
1368
|
+
# http_redirect_code: "NonEmptyString",
|
|
1369
|
+
# protocol: "NonEmptyString",
|
|
1370
|
+
# replace_key_prefix_with: "NonEmptyString",
|
|
1371
|
+
# replace_key_with: "NonEmptyString",
|
|
1372
|
+
# },
|
|
1373
|
+
# },
|
|
1374
|
+
# ],
|
|
1375
|
+
# },
|
|
1376
|
+
# bucket_notification_configuration: {
|
|
1377
|
+
# configurations: [
|
|
1378
|
+
# {
|
|
1379
|
+
# events: ["NonEmptyString"],
|
|
1380
|
+
# filter: {
|
|
1381
|
+
# s3_key_filter: {
|
|
1382
|
+
# filter_rules: [
|
|
1383
|
+
# {
|
|
1384
|
+
# name: "Prefix", # accepts Prefix, Suffix
|
|
1385
|
+
# value: "NonEmptyString",
|
|
1386
|
+
# },
|
|
1387
|
+
# ],
|
|
1388
|
+
# },
|
|
1389
|
+
# },
|
|
1390
|
+
# destination: "NonEmptyString",
|
|
1391
|
+
# type: "NonEmptyString",
|
|
1392
|
+
# },
|
|
1393
|
+
# ],
|
|
1394
|
+
# },
|
|
1299
1395
|
# },
|
|
1300
1396
|
# aws_s3_account_public_access_block: {
|
|
1301
1397
|
# block_public_acls: false,
|
|
@@ -1983,6 +2079,7 @@ module Aws::SecurityHub
|
|
|
1983
2079
|
# key_state: "NonEmptyString",
|
|
1984
2080
|
# origin: "NonEmptyString",
|
|
1985
2081
|
# description: "NonEmptyString",
|
|
2082
|
+
# key_rotation_status: false,
|
|
1986
2083
|
# },
|
|
1987
2084
|
# aws_lambda_function: {
|
|
1988
2085
|
# code: {
|
|
@@ -2674,6 +2771,250 @@ module Aws::SecurityHub
|
|
|
2674
2771
|
# ],
|
|
2675
2772
|
# task_definition: "NonEmptyString",
|
|
2676
2773
|
# },
|
|
2774
|
+
# aws_auto_scaling_launch_configuration: {
|
|
2775
|
+
# associate_public_ip_address: false,
|
|
2776
|
+
# block_device_mappings: [
|
|
2777
|
+
# {
|
|
2778
|
+
# device_name: "NonEmptyString",
|
|
2779
|
+
# ebs: {
|
|
2780
|
+
# delete_on_termination: false,
|
|
2781
|
+
# encrypted: false,
|
|
2782
|
+
# iops: 1,
|
|
2783
|
+
# snapshot_id: "NonEmptyString",
|
|
2784
|
+
# volume_size: 1,
|
|
2785
|
+
# volume_type: "NonEmptyString",
|
|
2786
|
+
# },
|
|
2787
|
+
# no_device: false,
|
|
2788
|
+
# virtual_name: "NonEmptyString",
|
|
2789
|
+
# },
|
|
2790
|
+
# ],
|
|
2791
|
+
# classic_link_vpc_id: "NonEmptyString",
|
|
2792
|
+
# classic_link_vpc_security_groups: ["NonEmptyString"],
|
|
2793
|
+
# created_time: "NonEmptyString",
|
|
2794
|
+
# ebs_optimized: false,
|
|
2795
|
+
# iam_instance_profile: "NonEmptyString",
|
|
2796
|
+
# image_id: "NonEmptyString",
|
|
2797
|
+
# instance_monitoring: {
|
|
2798
|
+
# enabled: false,
|
|
2799
|
+
# },
|
|
2800
|
+
# instance_type: "NonEmptyString",
|
|
2801
|
+
# kernel_id: "NonEmptyString",
|
|
2802
|
+
# key_name: "NonEmptyString",
|
|
2803
|
+
# launch_configuration_name: "NonEmptyString",
|
|
2804
|
+
# placement_tenancy: "NonEmptyString",
|
|
2805
|
+
# ramdisk_id: "NonEmptyString",
|
|
2806
|
+
# security_groups: ["NonEmptyString"],
|
|
2807
|
+
# spot_price: "NonEmptyString",
|
|
2808
|
+
# user_data: "NonEmptyString",
|
|
2809
|
+
# },
|
|
2810
|
+
# aws_ec2_vpn_connection: {
|
|
2811
|
+
# vpn_connection_id: "NonEmptyString",
|
|
2812
|
+
# state: "NonEmptyString",
|
|
2813
|
+
# customer_gateway_id: "NonEmptyString",
|
|
2814
|
+
# customer_gateway_configuration: "NonEmptyString",
|
|
2815
|
+
# type: "NonEmptyString",
|
|
2816
|
+
# vpn_gateway_id: "NonEmptyString",
|
|
2817
|
+
# category: "NonEmptyString",
|
|
2818
|
+
# vgw_telemetry: [
|
|
2819
|
+
# {
|
|
2820
|
+
# accepted_route_count: 1,
|
|
2821
|
+
# certificate_arn: "NonEmptyString",
|
|
2822
|
+
# last_status_change: "NonEmptyString",
|
|
2823
|
+
# outside_ip_address: "NonEmptyString",
|
|
2824
|
+
# status: "NonEmptyString",
|
|
2825
|
+
# status_message: "NonEmptyString",
|
|
2826
|
+
# },
|
|
2827
|
+
# ],
|
|
2828
|
+
# options: {
|
|
2829
|
+
# static_routes_only: false,
|
|
2830
|
+
# tunnel_options: [
|
|
2831
|
+
# {
|
|
2832
|
+
# dpd_timeout_seconds: 1,
|
|
2833
|
+
# ike_versions: ["NonEmptyString"],
|
|
2834
|
+
# outside_ip_address: "NonEmptyString",
|
|
2835
|
+
# phase_1_dh_group_numbers: [1],
|
|
2836
|
+
# phase_1_encryption_algorithms: ["NonEmptyString"],
|
|
2837
|
+
# phase_1_integrity_algorithms: ["NonEmptyString"],
|
|
2838
|
+
# phase_1_lifetime_seconds: 1,
|
|
2839
|
+
# phase_2_dh_group_numbers: [1],
|
|
2840
|
+
# phase_2_encryption_algorithms: ["NonEmptyString"],
|
|
2841
|
+
# phase_2_integrity_algorithms: ["NonEmptyString"],
|
|
2842
|
+
# phase_2_lifetime_seconds: 1,
|
|
2843
|
+
# pre_shared_key: "NonEmptyString",
|
|
2844
|
+
# rekey_fuzz_percentage: 1,
|
|
2845
|
+
# rekey_margin_time_seconds: 1,
|
|
2846
|
+
# replay_window_size: 1,
|
|
2847
|
+
# tunnel_inside_cidr: "NonEmptyString",
|
|
2848
|
+
# },
|
|
2849
|
+
# ],
|
|
2850
|
+
# },
|
|
2851
|
+
# routes: [
|
|
2852
|
+
# {
|
|
2853
|
+
# destination_cidr_block: "NonEmptyString",
|
|
2854
|
+
# state: "NonEmptyString",
|
|
2855
|
+
# },
|
|
2856
|
+
# ],
|
|
2857
|
+
# transit_gateway_id: "NonEmptyString",
|
|
2858
|
+
# },
|
|
2859
|
+
# aws_ecr_container_image: {
|
|
2860
|
+
# registry_id: "NonEmptyString",
|
|
2861
|
+
# repository_name: "NonEmptyString",
|
|
2862
|
+
# architecture: "NonEmptyString",
|
|
2863
|
+
# image_digest: "NonEmptyString",
|
|
2864
|
+
# image_tags: ["NonEmptyString"],
|
|
2865
|
+
# image_published_at: "NonEmptyString",
|
|
2866
|
+
# },
|
|
2867
|
+
# aws_open_search_service_domain: {
|
|
2868
|
+
# arn: "NonEmptyString",
|
|
2869
|
+
# access_policies: "NonEmptyString",
|
|
2870
|
+
# domain_name: "NonEmptyString",
|
|
2871
|
+
# id: "NonEmptyString",
|
|
2872
|
+
# domain_endpoint: "NonEmptyString",
|
|
2873
|
+
# engine_version: "NonEmptyString",
|
|
2874
|
+
# encryption_at_rest_options: {
|
|
2875
|
+
# enabled: false,
|
|
2876
|
+
# kms_key_id: "NonEmptyString",
|
|
2877
|
+
# },
|
|
2878
|
+
# node_to_node_encryption_options: {
|
|
2879
|
+
# enabled: false,
|
|
2880
|
+
# },
|
|
2881
|
+
# service_software_options: {
|
|
2882
|
+
# automated_update_date: "NonEmptyString",
|
|
2883
|
+
# cancellable: false,
|
|
2884
|
+
# current_version: "NonEmptyString",
|
|
2885
|
+
# description: "NonEmptyString",
|
|
2886
|
+
# new_version: "NonEmptyString",
|
|
2887
|
+
# update_available: false,
|
|
2888
|
+
# update_status: "NonEmptyString",
|
|
2889
|
+
# optional_deployment: false,
|
|
2890
|
+
# },
|
|
2891
|
+
# cluster_config: {
|
|
2892
|
+
# instance_count: 1,
|
|
2893
|
+
# warm_enabled: false,
|
|
2894
|
+
# warm_count: 1,
|
|
2895
|
+
# dedicated_master_enabled: false,
|
|
2896
|
+
# zone_awareness_config: {
|
|
2897
|
+
# availability_zone_count: 1,
|
|
2898
|
+
# },
|
|
2899
|
+
# dedicated_master_count: 1,
|
|
2900
|
+
# instance_type: "NonEmptyString",
|
|
2901
|
+
# warm_type: "NonEmptyString",
|
|
2902
|
+
# zone_awareness_enabled: false,
|
|
2903
|
+
# dedicated_master_type: "NonEmptyString",
|
|
2904
|
+
# },
|
|
2905
|
+
# domain_endpoint_options: {
|
|
2906
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
|
2907
|
+
# custom_endpoint_enabled: false,
|
|
2908
|
+
# enforce_https: false,
|
|
2909
|
+
# custom_endpoint: "NonEmptyString",
|
|
2910
|
+
# tls_security_policy: "NonEmptyString",
|
|
2911
|
+
# },
|
|
2912
|
+
# vpc_options: {
|
|
2913
|
+
# security_group_ids: ["NonEmptyString"],
|
|
2914
|
+
# subnet_ids: ["NonEmptyString"],
|
|
2915
|
+
# },
|
|
2916
|
+
# log_publishing_options: {
|
|
2917
|
+
# index_slow_logs: {
|
|
2918
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
2919
|
+
# enabled: false,
|
|
2920
|
+
# },
|
|
2921
|
+
# search_slow_logs: {
|
|
2922
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
2923
|
+
# enabled: false,
|
|
2924
|
+
# },
|
|
2925
|
+
# audit_logs: {
|
|
2926
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
2927
|
+
# enabled: false,
|
|
2928
|
+
# },
|
|
2929
|
+
# },
|
|
2930
|
+
# domain_endpoints: {
|
|
2931
|
+
# "NonEmptyString" => "NonEmptyString",
|
|
2932
|
+
# },
|
|
2933
|
+
# },
|
|
2934
|
+
# aws_ec2_vpc_endpoint_service: {
|
|
2935
|
+
# acceptance_required: false,
|
|
2936
|
+
# availability_zones: ["NonEmptyString"],
|
|
2937
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
|
2938
|
+
# manages_vpc_endpoints: false,
|
|
2939
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
|
2940
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
|
2941
|
+
# private_dns_name: "NonEmptyString",
|
|
2942
|
+
# service_id: "NonEmptyString",
|
|
2943
|
+
# service_name: "NonEmptyString",
|
|
2944
|
+
# service_state: "NonEmptyString",
|
|
2945
|
+
# service_type: [
|
|
2946
|
+
# {
|
|
2947
|
+
# service_type: "NonEmptyString",
|
|
2948
|
+
# },
|
|
2949
|
+
# ],
|
|
2950
|
+
# },
|
|
2951
|
+
# aws_xray_encryption_config: {
|
|
2952
|
+
# key_id: "NonEmptyString",
|
|
2953
|
+
# status: "NonEmptyString",
|
|
2954
|
+
# type: "NonEmptyString",
|
|
2955
|
+
# },
|
|
2956
|
+
# aws_waf_rate_based_rule: {
|
|
2957
|
+
# metric_name: "NonEmptyString",
|
|
2958
|
+
# name: "NonEmptyString",
|
|
2959
|
+
# rate_key: "NonEmptyString",
|
|
2960
|
+
# rate_limit: 1,
|
|
2961
|
+
# rule_id: "NonEmptyString",
|
|
2962
|
+
# match_predicates: [
|
|
2963
|
+
# {
|
|
2964
|
+
# data_id: "NonEmptyString",
|
|
2965
|
+
# negated: false,
|
|
2966
|
+
# type: "NonEmptyString",
|
|
2967
|
+
# },
|
|
2968
|
+
# ],
|
|
2969
|
+
# },
|
|
2970
|
+
# aws_waf_regional_rate_based_rule: {
|
|
2971
|
+
# metric_name: "NonEmptyString",
|
|
2972
|
+
# name: "NonEmptyString",
|
|
2973
|
+
# rate_key: "NonEmptyString",
|
|
2974
|
+
# rate_limit: 1,
|
|
2975
|
+
# rule_id: "NonEmptyString",
|
|
2976
|
+
# match_predicates: [
|
|
2977
|
+
# {
|
|
2978
|
+
# data_id: "NonEmptyString",
|
|
2979
|
+
# negated: false,
|
|
2980
|
+
# type: "NonEmptyString",
|
|
2981
|
+
# },
|
|
2982
|
+
# ],
|
|
2983
|
+
# },
|
|
2984
|
+
# aws_ecr_repository: {
|
|
2985
|
+
# arn: "NonEmptyString",
|
|
2986
|
+
# image_scanning_configuration: {
|
|
2987
|
+
# scan_on_push: false,
|
|
2988
|
+
# },
|
|
2989
|
+
# image_tag_mutability: "NonEmptyString",
|
|
2990
|
+
# lifecycle_policy: {
|
|
2991
|
+
# lifecycle_policy_text: "NonEmptyString",
|
|
2992
|
+
# registry_id: "NonEmptyString",
|
|
2993
|
+
# },
|
|
2994
|
+
# repository_name: "NonEmptyString",
|
|
2995
|
+
# repository_policy_text: "NonEmptyString",
|
|
2996
|
+
# },
|
|
2997
|
+
# aws_eks_cluster: {
|
|
2998
|
+
# arn: "NonEmptyString",
|
|
2999
|
+
# certificate_authority_data: "NonEmptyString",
|
|
3000
|
+
# cluster_status: "NonEmptyString",
|
|
3001
|
+
# endpoint: "NonEmptyString",
|
|
3002
|
+
# name: "NonEmptyString",
|
|
3003
|
+
# resources_vpc_config: {
|
|
3004
|
+
# security_group_ids: ["NonEmptyString"],
|
|
3005
|
+
# subnet_ids: ["NonEmptyString"],
|
|
3006
|
+
# },
|
|
3007
|
+
# role_arn: "NonEmptyString",
|
|
3008
|
+
# version: "NonEmptyString",
|
|
3009
|
+
# logging: {
|
|
3010
|
+
# cluster_logging: [
|
|
3011
|
+
# {
|
|
3012
|
+
# enabled: false,
|
|
3013
|
+
# types: ["NonEmptyString"],
|
|
3014
|
+
# },
|
|
3015
|
+
# ],
|
|
3016
|
+
# },
|
|
3017
|
+
# },
|
|
2677
3018
|
# },
|
|
2678
3019
|
# },
|
|
2679
3020
|
# ],
|
|
@@ -2714,6 +3055,8 @@ module Aws::SecurityHub
|
|
|
2714
3055
|
# epoch: "NonEmptyString",
|
|
2715
3056
|
# release: "NonEmptyString",
|
|
2716
3057
|
# architecture: "NonEmptyString",
|
|
3058
|
+
# package_manager: "NonEmptyString",
|
|
3059
|
+
# file_path: "NonEmptyString",
|
|
2717
3060
|
# },
|
|
2718
3061
|
# ],
|
|
2719
3062
|
# cvss: [
|
|
@@ -2721,6 +3064,13 @@ module Aws::SecurityHub
|
|
|
2721
3064
|
# version: "NonEmptyString",
|
|
2722
3065
|
# base_score: 1.0,
|
|
2723
3066
|
# base_vector: "NonEmptyString",
|
|
3067
|
+
# source: "NonEmptyString",
|
|
3068
|
+
# adjustments: [
|
|
3069
|
+
# {
|
|
3070
|
+
# metric: "NonEmptyString",
|
|
3071
|
+
# reason: "NonEmptyString",
|
|
3072
|
+
# },
|
|
3073
|
+
# ],
|
|
2724
3074
|
# },
|
|
2725
3075
|
# ],
|
|
2726
3076
|
# related_vulnerabilities: ["NonEmptyString"],
|
|
@@ -3104,6 +3454,80 @@ module Aws::SecurityHub
|
|
|
3104
3454
|
req.send_request(options)
|
|
3105
3455
|
end
|
|
3106
3456
|
|
|
3457
|
+
# Used to enable finding aggregation. Must be called from the
|
|
3458
|
+
# aggregation Region.
|
|
3459
|
+
#
|
|
3460
|
+
# For more details about cross-Region replication, see [Configuring
|
|
3461
|
+
# finding
|
|
3462
|
+
# aggregation](securityhub/latest/userguide/finding-aggregation.html) in
|
|
3463
|
+
# the *Security Hub User Guide*.
|
|
3464
|
+
#
|
|
3465
|
+
# @option params [required, String] :region_linking_mode
|
|
3466
|
+
# Indicates whether to aggregate findings from all of the available
|
|
3467
|
+
# Regions in the current partition. Also determines whether to
|
|
3468
|
+
# automatically aggregate findings from new Regions as Security Hub
|
|
3469
|
+
# supports them and you opt into them.
|
|
3470
|
+
#
|
|
3471
|
+
# The selected option also determines how to use the Regions provided in
|
|
3472
|
+
# the Regions list.
|
|
3473
|
+
#
|
|
3474
|
+
# The options are as follows:
|
|
3475
|
+
#
|
|
3476
|
+
# * `ALL_REGIONS` - Indicates to aggregate findings from all of the
|
|
3477
|
+
# Regions where Security Hub is enabled. When you choose this option,
|
|
3478
|
+
# Security Hub also automatically aggregates findings from new Regions
|
|
3479
|
+
# as Security Hub supports them and you opt into them.
|
|
3480
|
+
#
|
|
3481
|
+
# * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
|
|
3482
|
+
# from all of the Regions where Security Hub is enabled, except for
|
|
3483
|
+
# the Regions listed in the `Regions` parameter. When you choose this
|
|
3484
|
+
# option, Security Hub also automatically aggregates findings from new
|
|
3485
|
+
# Regions as Security Hub supports them and you opt into them.
|
|
3486
|
+
#
|
|
3487
|
+
# * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the
|
|
3488
|
+
# Regions listed in the `Regions` parameter. Security Hub does not
|
|
3489
|
+
# automatically aggregate findings from new Regions.
|
|
3490
|
+
#
|
|
3491
|
+
# @option params [Array<String>] :regions
|
|
3492
|
+
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
|
|
3493
|
+
# a comma-separated list of Regions that do not aggregate findings to
|
|
3494
|
+
# the aggregation Region.
|
|
3495
|
+
#
|
|
3496
|
+
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
|
3497
|
+
# comma-separated list of Regions that do aggregate findings to the
|
|
3498
|
+
# aggregation Region.
|
|
3499
|
+
#
|
|
3500
|
+
# @return [Types::CreateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
3501
|
+
#
|
|
3502
|
+
# * {Types::CreateFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
|
|
3503
|
+
# * {Types::CreateFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
|
|
3504
|
+
# * {Types::CreateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
|
3505
|
+
# * {Types::CreateFindingAggregatorResponse#regions #regions} => Array<String>
|
|
3506
|
+
#
|
|
3507
|
+
# @example Request syntax with placeholder values
|
|
3508
|
+
#
|
|
3509
|
+
# resp = client.create_finding_aggregator({
|
|
3510
|
+
# region_linking_mode: "NonEmptyString", # required
|
|
3511
|
+
# regions: ["NonEmptyString"],
|
|
3512
|
+
# })
|
|
3513
|
+
#
|
|
3514
|
+
# @example Response structure
|
|
3515
|
+
#
|
|
3516
|
+
# resp.finding_aggregator_arn #=> String
|
|
3517
|
+
# resp.finding_aggregation_region #=> String
|
|
3518
|
+
# resp.region_linking_mode #=> String
|
|
3519
|
+
# resp.regions #=> Array
|
|
3520
|
+
# resp.regions[0] #=> String
|
|
3521
|
+
#
|
|
3522
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateFindingAggregator AWS API Documentation
|
|
3523
|
+
#
|
|
3524
|
+
# @overload create_finding_aggregator(params = {})
|
|
3525
|
+
# @param [Hash] params ({})
|
|
3526
|
+
def create_finding_aggregator(params = {}, options = {})
|
|
3527
|
+
req = build_request(:create_finding_aggregator, params)
|
|
3528
|
+
req.send_request(options)
|
|
3529
|
+
end
|
|
3530
|
+
|
|
3107
3531
|
# Creates a custom insight in Security Hub. An insight is a
|
|
3108
3532
|
# consolidation of findings that relate to a security issue that
|
|
3109
3533
|
# requires attention or remediation.
|
|
@@ -3795,16 +4219,21 @@ module Aws::SecurityHub
|
|
|
3795
4219
|
#
|
|
3796
4220
|
# Accounts that are managed using Organizations do not receive an
|
|
3797
4221
|
# invitation. They automatically become a member account in Security
|
|
3798
|
-
# Hub
|
|
3799
|
-
#
|
|
3800
|
-
# organization
|
|
3801
|
-
#
|
|
3802
|
-
#
|
|
4222
|
+
# Hub.
|
|
4223
|
+
#
|
|
4224
|
+
# * If the organization account does not have Security Hub enabled, then
|
|
4225
|
+
# Security Hub and the default standards are automatically enabled.
|
|
4226
|
+
# Note that Security Hub cannot be enabled automatically for the
|
|
4227
|
+
# organization management account. The organization management account
|
|
4228
|
+
# must enable Security Hub before the administrator account enables it
|
|
4229
|
+
# as a member account.
|
|
4230
|
+
#
|
|
4231
|
+
# * For organization accounts that already have Security Hub enabled,
|
|
4232
|
+
# Security Hub does not make any other changes to those accounts. It
|
|
4233
|
+
# does not change their enabled standards or controls.
|
|
3803
4234
|
#
|
|
3804
4235
|
# A permissions policy is added that permits the administrator account
|
|
3805
|
-
# to view the findings generated in the member account.
|
|
3806
|
-
# Hub is enabled in a member account, the member account findings are
|
|
3807
|
-
# also visible to the administrator account.
|
|
4236
|
+
# to view the findings generated in the member account.
|
|
3808
4237
|
#
|
|
3809
4238
|
# To remove the association between the administrator and member
|
|
3810
4239
|
# accounts, use the `DisassociateFromMasterAccount` or
|
|
@@ -3911,6 +4340,35 @@ module Aws::SecurityHub
|
|
|
3911
4340
|
req.send_request(options)
|
|
3912
4341
|
end
|
|
3913
4342
|
|
|
4343
|
+
# Deletes a finding aggregator. When you delete the finding aggregator,
|
|
4344
|
+
# you stop finding aggregation.
|
|
4345
|
+
#
|
|
4346
|
+
# When you stop finding aggregation, findings that were already
|
|
4347
|
+
# aggregated to the aggregation Region are still visible from the
|
|
4348
|
+
# aggregation Region. New findings and finding updates are not
|
|
4349
|
+
# aggregated.
|
|
4350
|
+
#
|
|
4351
|
+
# @option params [required, String] :finding_aggregator_arn
|
|
4352
|
+
# The ARN of the finding aggregator to delete. To obtain the ARN, use
|
|
4353
|
+
# `ListFindingAggregators`.
|
|
4354
|
+
#
|
|
4355
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
4356
|
+
#
|
|
4357
|
+
# @example Request syntax with placeholder values
|
|
4358
|
+
#
|
|
4359
|
+
# resp = client.delete_finding_aggregator({
|
|
4360
|
+
# finding_aggregator_arn: "NonEmptyString", # required
|
|
4361
|
+
# })
|
|
4362
|
+
#
|
|
4363
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteFindingAggregator AWS API Documentation
|
|
4364
|
+
#
|
|
4365
|
+
# @overload delete_finding_aggregator(params = {})
|
|
4366
|
+
# @param [Hash] params ({})
|
|
4367
|
+
def delete_finding_aggregator(params = {}, options = {})
|
|
4368
|
+
req = build_request(:delete_finding_aggregator, params)
|
|
4369
|
+
req.send_request(options)
|
|
4370
|
+
end
|
|
4371
|
+
|
|
3914
4372
|
# Deletes the insight specified by the `InsightArn`.
|
|
3915
4373
|
#
|
|
3916
4374
|
# @option params [required, String] :insight_arn
|
|
@@ -4632,8 +5090,48 @@ module Aws::SecurityHub
|
|
|
4632
5090
|
req.send_request(options)
|
|
4633
5091
|
end
|
|
4634
5092
|
|
|
5093
|
+
# Returns the current finding aggregation configuration.
|
|
5094
|
+
#
|
|
5095
|
+
# @option params [required, String] :finding_aggregator_arn
|
|
5096
|
+
# The ARN of the finding aggregator to return details for. To obtain the
|
|
5097
|
+
# ARN, use `ListFindingAggregators`.
|
|
5098
|
+
#
|
|
5099
|
+
# @return [Types::GetFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
5100
|
+
#
|
|
5101
|
+
# * {Types::GetFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
|
|
5102
|
+
# * {Types::GetFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
|
|
5103
|
+
# * {Types::GetFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
|
5104
|
+
# * {Types::GetFindingAggregatorResponse#regions #regions} => Array<String>
|
|
5105
|
+
#
|
|
5106
|
+
# @example Request syntax with placeholder values
|
|
5107
|
+
#
|
|
5108
|
+
# resp = client.get_finding_aggregator({
|
|
5109
|
+
# finding_aggregator_arn: "NonEmptyString", # required
|
|
5110
|
+
# })
|
|
5111
|
+
#
|
|
5112
|
+
# @example Response structure
|
|
5113
|
+
#
|
|
5114
|
+
# resp.finding_aggregator_arn #=> String
|
|
5115
|
+
# resp.finding_aggregation_region #=> String
|
|
5116
|
+
# resp.region_linking_mode #=> String
|
|
5117
|
+
# resp.regions #=> Array
|
|
5118
|
+
# resp.regions[0] #=> String
|
|
5119
|
+
#
|
|
5120
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingAggregator AWS API Documentation
|
|
5121
|
+
#
|
|
5122
|
+
# @overload get_finding_aggregator(params = {})
|
|
5123
|
+
# @param [Hash] params ({})
|
|
5124
|
+
def get_finding_aggregator(params = {}, options = {})
|
|
5125
|
+
req = build_request(:get_finding_aggregator, params)
|
|
5126
|
+
req.send_request(options)
|
|
5127
|
+
end
|
|
5128
|
+
|
|
4635
5129
|
# Returns a list of findings that match the specified criteria.
|
|
4636
5130
|
#
|
|
5131
|
+
# If finding aggregation is enabled, then when you call `GetFindings`
|
|
5132
|
+
# from the aggregation Region, the results include all of the matching
|
|
5133
|
+
# findings from both the aggregation Region and the linked Regions.
|
|
5134
|
+
#
|
|
4637
5135
|
# @option params [Types::AwsSecurityFindingFilters] :filters
|
|
4638
5136
|
# The finding attributes used to define a condition to filter the
|
|
4639
5137
|
# returned findings.
|
|
@@ -5464,7 +5962,22 @@ module Aws::SecurityHub
|
|
|
5464
5962
|
# resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.health_check_grace_period #=> Integer
|
|
5465
5963
|
# resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.created_time #=> String
|
|
5466
5964
|
# resp.findings[0].resources[0].details.aws_code_build_project.encryption_key #=> String
|
|
5965
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts #=> Array
|
|
5966
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].artifact_identifier #=> String
|
|
5967
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].encryption_disabled #=> Boolean
|
|
5968
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].location #=> String
|
|
5969
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].name #=> String
|
|
5970
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].namespace_type #=> String
|
|
5971
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].override_artifact_name #=> Boolean
|
|
5972
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].packaging #=> String
|
|
5973
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].path #=> String
|
|
5974
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].type #=> String
|
|
5467
5975
|
# resp.findings[0].resources[0].details.aws_code_build_project.environment.certificate #=> String
|
|
5976
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.environment.environment_variables #=> Array
|
|
5977
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.environment.environment_variables[0].name #=> String
|
|
5978
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.environment.environment_variables[0].type #=> String
|
|
5979
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.environment.environment_variables[0].value #=> String
|
|
5980
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.environment.privileged_mode #=> Boolean
|
|
5468
5981
|
# resp.findings[0].resources[0].details.aws_code_build_project.environment.image_pull_credentials_type #=> String
|
|
5469
5982
|
# resp.findings[0].resources[0].details.aws_code_build_project.environment.registry_credential.credential #=> String
|
|
5470
5983
|
# resp.findings[0].resources[0].details.aws_code_build_project.environment.registry_credential.credential_provider #=> String
|
|
@@ -5475,6 +5988,12 @@ module Aws::SecurityHub
|
|
|
5475
5988
|
# resp.findings[0].resources[0].details.aws_code_build_project.source.git_clone_depth #=> Integer
|
|
5476
5989
|
# resp.findings[0].resources[0].details.aws_code_build_project.source.insecure_ssl #=> Boolean
|
|
5477
5990
|
# resp.findings[0].resources[0].details.aws_code_build_project.service_role #=> String
|
|
5991
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.cloud_watch_logs.group_name #=> String
|
|
5992
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.cloud_watch_logs.status #=> String
|
|
5993
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.cloud_watch_logs.stream_name #=> String
|
|
5994
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.s3_logs.encryption_disabled #=> Boolean
|
|
5995
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.s3_logs.location #=> String
|
|
5996
|
+
# resp.findings[0].resources[0].details.aws_code_build_project.logs_config.s3_logs.status #=> String
|
|
5478
5997
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.vpc_id #=> String
|
|
5479
5998
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.subnets #=> Array
|
|
5480
5999
|
# resp.findings[0].resources[0].details.aws_code_build_project.vpc_config.subnets[0] #=> String
|
|
@@ -5500,6 +6019,13 @@ module Aws::SecurityHub
|
|
|
5500
6019
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.items #=> Array
|
|
5501
6020
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.items[0] #=> Integer
|
|
5502
6021
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.origin_groups.items[0].failover_criteria.status_codes.quantity #=> Integer
|
|
6022
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.acm_certificate_arn #=> String
|
|
6023
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.certificate #=> String
|
|
6024
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.certificate_source #=> String
|
|
6025
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.cloud_front_default_certificate #=> Boolean
|
|
6026
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.iam_certificate_id #=> String
|
|
6027
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.minimum_protocol_version #=> String
|
|
6028
|
+
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.viewer_certificate.ssl_support_method #=> String
|
|
5503
6029
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.status #=> String
|
|
5504
6030
|
# resp.findings[0].resources[0].details.aws_cloud_front_distribution.web_acl_id #=> String
|
|
5505
6031
|
# resp.findings[0].resources[0].details.aws_ec2_instance.type #=> String
|
|
@@ -5652,6 +6178,9 @@ module Aws::SecurityHub
|
|
|
5652
6178
|
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.state.reason #=> String
|
|
5653
6179
|
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.type #=> String
|
|
5654
6180
|
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.vpc_id #=> String
|
|
6181
|
+
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.load_balancer_attributes #=> Array
|
|
6182
|
+
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.load_balancer_attributes[0].key #=> String
|
|
6183
|
+
# resp.findings[0].resources[0].details.aws_elbv_2_load_balancer.load_balancer_attributes[0].value #=> String
|
|
5655
6184
|
# resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.application_name #=> String
|
|
5656
6185
|
# resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.cname #=> String
|
|
5657
6186
|
# resp.findings[0].resources[0].details.aws_elastic_beanstalk_environment.date_created #=> String
|
|
@@ -5717,6 +6246,7 @@ module Aws::SecurityHub
|
|
|
5717
6246
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.vpc_options.vpc_id #=> String
|
|
5718
6247
|
# resp.findings[0].resources[0].details.aws_s3_bucket.owner_id #=> String
|
|
5719
6248
|
# resp.findings[0].resources[0].details.aws_s3_bucket.owner_name #=> String
|
|
6249
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.owner_account_id #=> String
|
|
5720
6250
|
# resp.findings[0].resources[0].details.aws_s3_bucket.created_at #=> String
|
|
5721
6251
|
# resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules #=> Array
|
|
5722
6252
|
# resp.findings[0].resources[0].details.aws_s3_bucket.server_side_encryption_configuration.rules[0].apply_server_side_encryption_by_default.sse_algorithm #=> String
|
|
@@ -5750,6 +6280,29 @@ module Aws::SecurityHub
|
|
|
5750
6280
|
# resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.block_public_policy #=> Boolean
|
|
5751
6281
|
# resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.ignore_public_acls #=> Boolean
|
|
5752
6282
|
# resp.findings[0].resources[0].details.aws_s3_bucket.public_access_block_configuration.restrict_public_buckets #=> Boolean
|
|
6283
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.access_control_list #=> String
|
|
6284
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_logging_configuration.destination_bucket_name #=> String
|
|
6285
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_logging_configuration.log_file_prefix #=> String
|
|
6286
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.error_document #=> String
|
|
6287
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.index_document_suffix #=> String
|
|
6288
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.redirect_all_requests_to.hostname #=> String
|
|
6289
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.redirect_all_requests_to.protocol #=> String
|
|
6290
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules #=> Array
|
|
6291
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].condition.http_error_code_returned_equals #=> String
|
|
6292
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].condition.key_prefix_equals #=> String
|
|
6293
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].redirect.hostname #=> String
|
|
6294
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].redirect.http_redirect_code #=> String
|
|
6295
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].redirect.protocol #=> String
|
|
6296
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].redirect.replace_key_prefix_with #=> String
|
|
6297
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_website_configuration.routing_rules[0].redirect.replace_key_with #=> String
|
|
6298
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations #=> Array
|
|
6299
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].events #=> Array
|
|
6300
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].events[0] #=> String
|
|
6301
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].filter.s3_key_filter.filter_rules #=> Array
|
|
6302
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].filter.s3_key_filter.filter_rules[0].name #=> String, one of "Prefix", "Suffix"
|
|
6303
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].filter.s3_key_filter.filter_rules[0].value #=> String
|
|
6304
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].destination #=> String
|
|
6305
|
+
# resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].type #=> String
|
|
5753
6306
|
# resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_acls #=> Boolean
|
|
5754
6307
|
# resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_policy #=> Boolean
|
|
5755
6308
|
# resp.findings[0].resources[0].details.aws_s3_account_public_access_block.ignore_public_acls #=> Boolean
|
|
@@ -6224,6 +6777,7 @@ module Aws::SecurityHub
|
|
|
6224
6777
|
# resp.findings[0].resources[0].details.aws_kms_key.key_state #=> String
|
|
6225
6778
|
# resp.findings[0].resources[0].details.aws_kms_key.origin #=> String
|
|
6226
6779
|
# resp.findings[0].resources[0].details.aws_kms_key.description #=> String
|
|
6780
|
+
# resp.findings[0].resources[0].details.aws_kms_key.key_rotation_status #=> Boolean
|
|
6227
6781
|
# resp.findings[0].resources[0].details.aws_lambda_function.code.s3_bucket #=> String
|
|
6228
6782
|
# resp.findings[0].resources[0].details.aws_lambda_function.code.s3_key #=> String
|
|
6229
6783
|
# resp.findings[0].resources[0].details.aws_lambda_function.code.s3_object_version #=> String
|
|
@@ -6709,6 +7263,188 @@ module Aws::SecurityHub
|
|
|
6709
7263
|
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].port #=> Integer
|
|
6710
7264
|
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].registry_arn #=> String
|
|
6711
7265
|
# resp.findings[0].resources[0].details.aws_ecs_service.task_definition #=> String
|
|
7266
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.associate_public_ip_address #=> Boolean
|
|
7267
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings #=> Array
|
|
7268
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].device_name #=> String
|
|
7269
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.delete_on_termination #=> Boolean
|
|
7270
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.encrypted #=> Boolean
|
|
7271
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.iops #=> Integer
|
|
7272
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.snapshot_id #=> String
|
|
7273
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.volume_size #=> Integer
|
|
7274
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].ebs.volume_type #=> String
|
|
7275
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].no_device #=> Boolean
|
|
7276
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.block_device_mappings[0].virtual_name #=> String
|
|
7277
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.classic_link_vpc_id #=> String
|
|
7278
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.classic_link_vpc_security_groups #=> Array
|
|
7279
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.classic_link_vpc_security_groups[0] #=> String
|
|
7280
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.created_time #=> String
|
|
7281
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.ebs_optimized #=> Boolean
|
|
7282
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.iam_instance_profile #=> String
|
|
7283
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.image_id #=> String
|
|
7284
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.instance_monitoring.enabled #=> Boolean
|
|
7285
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.instance_type #=> String
|
|
7286
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.kernel_id #=> String
|
|
7287
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.key_name #=> String
|
|
7288
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.launch_configuration_name #=> String
|
|
7289
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.placement_tenancy #=> String
|
|
7290
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.ramdisk_id #=> String
|
|
7291
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.security_groups #=> Array
|
|
7292
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.security_groups[0] #=> String
|
|
7293
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.spot_price #=> String
|
|
7294
|
+
# resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.user_data #=> String
|
|
7295
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vpn_connection_id #=> String
|
|
7296
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.state #=> String
|
|
7297
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.customer_gateway_id #=> String
|
|
7298
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.customer_gateway_configuration #=> String
|
|
7299
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.type #=> String
|
|
7300
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vpn_gateway_id #=> String
|
|
7301
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.category #=> String
|
|
7302
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry #=> Array
|
|
7303
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].accepted_route_count #=> Integer
|
|
7304
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].certificate_arn #=> String
|
|
7305
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].last_status_change #=> String
|
|
7306
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].outside_ip_address #=> String
|
|
7307
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].status #=> String
|
|
7308
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vgw_telemetry[0].status_message #=> String
|
|
7309
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.static_routes_only #=> Boolean
|
|
7310
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options #=> Array
|
|
7311
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].dpd_timeout_seconds #=> Integer
|
|
7312
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].ike_versions #=> Array
|
|
7313
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].ike_versions[0] #=> String
|
|
7314
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].outside_ip_address #=> String
|
|
7315
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_dh_group_numbers #=> Array
|
|
7316
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_dh_group_numbers[0] #=> Integer
|
|
7317
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_encryption_algorithms #=> Array
|
|
7318
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_encryption_algorithms[0] #=> String
|
|
7319
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_integrity_algorithms #=> Array
|
|
7320
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_integrity_algorithms[0] #=> String
|
|
7321
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_1_lifetime_seconds #=> Integer
|
|
7322
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_dh_group_numbers #=> Array
|
|
7323
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_dh_group_numbers[0] #=> Integer
|
|
7324
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_encryption_algorithms #=> Array
|
|
7325
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_encryption_algorithms[0] #=> String
|
|
7326
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_integrity_algorithms #=> Array
|
|
7327
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_integrity_algorithms[0] #=> String
|
|
7328
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].phase_2_lifetime_seconds #=> Integer
|
|
7329
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].pre_shared_key #=> String
|
|
7330
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].rekey_fuzz_percentage #=> Integer
|
|
7331
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].rekey_margin_time_seconds #=> Integer
|
|
7332
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].replay_window_size #=> Integer
|
|
7333
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.options.tunnel_options[0].tunnel_inside_cidr #=> String
|
|
7334
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.routes #=> Array
|
|
7335
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.routes[0].destination_cidr_block #=> String
|
|
7336
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.routes[0].state #=> String
|
|
7337
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpn_connection.transit_gateway_id #=> String
|
|
7338
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.registry_id #=> String
|
|
7339
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.repository_name #=> String
|
|
7340
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.architecture #=> String
|
|
7341
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.image_digest #=> String
|
|
7342
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.image_tags #=> Array
|
|
7343
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.image_tags[0] #=> String
|
|
7344
|
+
# resp.findings[0].resources[0].details.aws_ecr_container_image.image_published_at #=> String
|
|
7345
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.arn #=> String
|
|
7346
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.access_policies #=> String
|
|
7347
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_name #=> String
|
|
7348
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.id #=> String
|
|
7349
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint #=> String
|
|
7350
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.engine_version #=> String
|
|
7351
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.encryption_at_rest_options.enabled #=> Boolean
|
|
7352
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.encryption_at_rest_options.kms_key_id #=> String
|
|
7353
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.node_to_node_encryption_options.enabled #=> Boolean
|
|
7354
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.automated_update_date #=> String
|
|
7355
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.cancellable #=> Boolean
|
|
7356
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.current_version #=> String
|
|
7357
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.description #=> String
|
|
7358
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.new_version #=> String
|
|
7359
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.update_available #=> Boolean
|
|
7360
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.update_status #=> String
|
|
7361
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.service_software_options.optional_deployment #=> Boolean
|
|
7362
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.instance_count #=> Integer
|
|
7363
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.warm_enabled #=> Boolean
|
|
7364
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.warm_count #=> Integer
|
|
7365
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.dedicated_master_enabled #=> Boolean
|
|
7366
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.zone_awareness_config.availability_zone_count #=> Integer
|
|
7367
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.dedicated_master_count #=> Integer
|
|
7368
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.instance_type #=> String
|
|
7369
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.warm_type #=> String
|
|
7370
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.zone_awareness_enabled #=> Boolean
|
|
7371
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.cluster_config.dedicated_master_type #=> String
|
|
7372
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint_options.custom_endpoint_certificate_arn #=> String
|
|
7373
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint_options.custom_endpoint_enabled #=> Boolean
|
|
7374
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint_options.enforce_https #=> Boolean
|
|
7375
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint_options.custom_endpoint #=> String
|
|
7376
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoint_options.tls_security_policy #=> String
|
|
7377
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.vpc_options.security_group_ids #=> Array
|
|
7378
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.vpc_options.security_group_ids[0] #=> String
|
|
7379
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.vpc_options.subnet_ids #=> Array
|
|
7380
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.vpc_options.subnet_ids[0] #=> String
|
|
7381
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.index_slow_logs.cloud_watch_logs_log_group_arn #=> String
|
|
7382
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.index_slow_logs.enabled #=> Boolean
|
|
7383
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.search_slow_logs.cloud_watch_logs_log_group_arn #=> String
|
|
7384
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.search_slow_logs.enabled #=> Boolean
|
|
7385
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.audit_logs.cloud_watch_logs_log_group_arn #=> String
|
|
7386
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.log_publishing_options.audit_logs.enabled #=> Boolean
|
|
7387
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoints #=> Hash
|
|
7388
|
+
# resp.findings[0].resources[0].details.aws_open_search_service_domain.domain_endpoints["NonEmptyString"] #=> String
|
|
7389
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.acceptance_required #=> Boolean
|
|
7390
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.availability_zones #=> Array
|
|
7391
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.availability_zones[0] #=> String
|
|
7392
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.base_endpoint_dns_names #=> Array
|
|
7393
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.base_endpoint_dns_names[0] #=> String
|
|
7394
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.manages_vpc_endpoints #=> Boolean
|
|
7395
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.gateway_load_balancer_arns #=> Array
|
|
7396
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.gateway_load_balancer_arns[0] #=> String
|
|
7397
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.network_load_balancer_arns #=> Array
|
|
7398
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.network_load_balancer_arns[0] #=> String
|
|
7399
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.private_dns_name #=> String
|
|
7400
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.service_id #=> String
|
|
7401
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.service_name #=> String
|
|
7402
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.service_state #=> String
|
|
7403
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.service_type #=> Array
|
|
7404
|
+
# resp.findings[0].resources[0].details.aws_ec2_vpc_endpoint_service.service_type[0].service_type #=> String
|
|
7405
|
+
# resp.findings[0].resources[0].details.aws_xray_encryption_config.key_id #=> String
|
|
7406
|
+
# resp.findings[0].resources[0].details.aws_xray_encryption_config.status #=> String
|
|
7407
|
+
# resp.findings[0].resources[0].details.aws_xray_encryption_config.type #=> String
|
|
7408
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.metric_name #=> String
|
|
7409
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.name #=> String
|
|
7410
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.rate_key #=> String
|
|
7411
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.rate_limit #=> Integer
|
|
7412
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.rule_id #=> String
|
|
7413
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.match_predicates #=> Array
|
|
7414
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.match_predicates[0].data_id #=> String
|
|
7415
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.match_predicates[0].negated #=> Boolean
|
|
7416
|
+
# resp.findings[0].resources[0].details.aws_waf_rate_based_rule.match_predicates[0].type #=> String
|
|
7417
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.metric_name #=> String
|
|
7418
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.name #=> String
|
|
7419
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.rate_key #=> String
|
|
7420
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.rate_limit #=> Integer
|
|
7421
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.rule_id #=> String
|
|
7422
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.match_predicates #=> Array
|
|
7423
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.match_predicates[0].data_id #=> String
|
|
7424
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.match_predicates[0].negated #=> Boolean
|
|
7425
|
+
# resp.findings[0].resources[0].details.aws_waf_regional_rate_based_rule.match_predicates[0].type #=> String
|
|
7426
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.arn #=> String
|
|
7427
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.image_scanning_configuration.scan_on_push #=> Boolean
|
|
7428
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.image_tag_mutability #=> String
|
|
7429
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.lifecycle_policy.lifecycle_policy_text #=> String
|
|
7430
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.lifecycle_policy.registry_id #=> String
|
|
7431
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.repository_name #=> String
|
|
7432
|
+
# resp.findings[0].resources[0].details.aws_ecr_repository.repository_policy_text #=> String
|
|
7433
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.arn #=> String
|
|
7434
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.certificate_authority_data #=> String
|
|
7435
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.cluster_status #=> String
|
|
7436
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.endpoint #=> String
|
|
7437
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.name #=> String
|
|
7438
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.resources_vpc_config.security_group_ids #=> Array
|
|
7439
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.resources_vpc_config.security_group_ids[0] #=> String
|
|
7440
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.resources_vpc_config.subnet_ids #=> Array
|
|
7441
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.resources_vpc_config.subnet_ids[0] #=> String
|
|
7442
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.role_arn #=> String
|
|
7443
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.version #=> String
|
|
7444
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging #=> Array
|
|
7445
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].enabled #=> Boolean
|
|
7446
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].types #=> Array
|
|
7447
|
+
# resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].types[0] #=> String
|
|
6712
7448
|
# resp.findings[0].compliance.status #=> String, one of "PASSED", "WARNING", "FAILED", "NOT_AVAILABLE"
|
|
6713
7449
|
# resp.findings[0].compliance.related_requirements #=> Array
|
|
6714
7450
|
# resp.findings[0].compliance.related_requirements[0] #=> String
|
|
@@ -6733,10 +7469,16 @@ module Aws::SecurityHub
|
|
|
6733
7469
|
# resp.findings[0].vulnerabilities[0].vulnerable_packages[0].epoch #=> String
|
|
6734
7470
|
# resp.findings[0].vulnerabilities[0].vulnerable_packages[0].release #=> String
|
|
6735
7471
|
# resp.findings[0].vulnerabilities[0].vulnerable_packages[0].architecture #=> String
|
|
7472
|
+
# resp.findings[0].vulnerabilities[0].vulnerable_packages[0].package_manager #=> String
|
|
7473
|
+
# resp.findings[0].vulnerabilities[0].vulnerable_packages[0].file_path #=> String
|
|
6736
7474
|
# resp.findings[0].vulnerabilities[0].cvss #=> Array
|
|
6737
7475
|
# resp.findings[0].vulnerabilities[0].cvss[0].version #=> String
|
|
6738
7476
|
# resp.findings[0].vulnerabilities[0].cvss[0].base_score #=> Float
|
|
6739
7477
|
# resp.findings[0].vulnerabilities[0].cvss[0].base_vector #=> String
|
|
7478
|
+
# resp.findings[0].vulnerabilities[0].cvss[0].source #=> String
|
|
7479
|
+
# resp.findings[0].vulnerabilities[0].cvss[0].adjustments #=> Array
|
|
7480
|
+
# resp.findings[0].vulnerabilities[0].cvss[0].adjustments[0].metric #=> String
|
|
7481
|
+
# resp.findings[0].vulnerabilities[0].cvss[0].adjustments[0].reason #=> String
|
|
6740
7482
|
# resp.findings[0].vulnerabilities[0].related_vulnerabilities #=> Array
|
|
6741
7483
|
# resp.findings[0].vulnerabilities[0].related_vulnerabilities[0] #=> String
|
|
6742
7484
|
# resp.findings[0].vulnerabilities[0].vendor.name #=> String
|
|
@@ -7417,6 +8159,47 @@ module Aws::SecurityHub
|
|
|
7417
8159
|
req.send_request(options)
|
|
7418
8160
|
end
|
|
7419
8161
|
|
|
8162
|
+
# If finding aggregation is enabled, then `ListFindingAggregators`
|
|
8163
|
+
# returns the ARN of the finding aggregator. You can run this operation
|
|
8164
|
+
# from any Region.
|
|
8165
|
+
#
|
|
8166
|
+
# @option params [String] :next_token
|
|
8167
|
+
# The token returned with the previous set of results. Identifies the
|
|
8168
|
+
# next set of results to return.
|
|
8169
|
+
#
|
|
8170
|
+
# @option params [Integer] :max_results
|
|
8171
|
+
# The maximum number of results to return. This operation currently only
|
|
8172
|
+
# returns a single result.
|
|
8173
|
+
#
|
|
8174
|
+
# @return [Types::ListFindingAggregatorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
8175
|
+
#
|
|
8176
|
+
# * {Types::ListFindingAggregatorsResponse#finding_aggregators #finding_aggregators} => Array<Types::FindingAggregator>
|
|
8177
|
+
# * {Types::ListFindingAggregatorsResponse#next_token #next_token} => String
|
|
8178
|
+
#
|
|
8179
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
|
8180
|
+
#
|
|
8181
|
+
# @example Request syntax with placeholder values
|
|
8182
|
+
#
|
|
8183
|
+
# resp = client.list_finding_aggregators({
|
|
8184
|
+
# next_token: "NextToken",
|
|
8185
|
+
# max_results: 1,
|
|
8186
|
+
# })
|
|
8187
|
+
#
|
|
8188
|
+
# @example Response structure
|
|
8189
|
+
#
|
|
8190
|
+
# resp.finding_aggregators #=> Array
|
|
8191
|
+
# resp.finding_aggregators[0].finding_aggregator_arn #=> String
|
|
8192
|
+
# resp.next_token #=> String
|
|
8193
|
+
#
|
|
8194
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListFindingAggregators AWS API Documentation
|
|
8195
|
+
#
|
|
8196
|
+
# @overload list_finding_aggregators(params = {})
|
|
8197
|
+
# @param [Hash] params ({})
|
|
8198
|
+
def list_finding_aggregators(params = {}, options = {})
|
|
8199
|
+
req = build_request(:list_finding_aggregators, params)
|
|
8200
|
+
req.send_request(options)
|
|
8201
|
+
end
|
|
8202
|
+
|
|
7420
8203
|
# Lists all Security Hub membership invitations that were sent to the
|
|
7421
8204
|
# current Amazon Web Services account.
|
|
7422
8205
|
#
|
|
@@ -7693,6 +8476,84 @@ module Aws::SecurityHub
|
|
|
7693
8476
|
req.send_request(options)
|
|
7694
8477
|
end
|
|
7695
8478
|
|
|
8479
|
+
# Updates the finding aggregation configuration. Used to update the
|
|
8480
|
+
# Region linking mode and the list of included or excluded Regions. You
|
|
8481
|
+
# cannot use `UpdateFindingAggregator` to change the aggregation Region.
|
|
8482
|
+
#
|
|
8483
|
+
# You must run `UpdateFindingAggregator` from the current aggregation
|
|
8484
|
+
# Region.
|
|
8485
|
+
#
|
|
8486
|
+
# @option params [required, String] :finding_aggregator_arn
|
|
8487
|
+
# The ARN of the finding aggregator. To obtain the ARN, use
|
|
8488
|
+
# `ListFindingAggregators`.
|
|
8489
|
+
#
|
|
8490
|
+
# @option params [required, String] :region_linking_mode
|
|
8491
|
+
# Indicates whether to aggregate findings from all of the available
|
|
8492
|
+
# Regions in the current partition. Also determines whether to
|
|
8493
|
+
# automatically aggregate findings from new Regions as Security Hub
|
|
8494
|
+
# supports them and you opt into them.
|
|
8495
|
+
#
|
|
8496
|
+
# The selected option also determines how to use the Regions provided in
|
|
8497
|
+
# the Regions list.
|
|
8498
|
+
#
|
|
8499
|
+
# The options are as follows:
|
|
8500
|
+
#
|
|
8501
|
+
# * `ALL_REGIONS` - Indicates to aggregate findings from all of the
|
|
8502
|
+
# Regions where Security Hub is enabled. When you choose this option,
|
|
8503
|
+
# Security Hub also automatically aggregates findings from new Regions
|
|
8504
|
+
# as Security Hub supports them and you opt into them.
|
|
8505
|
+
#
|
|
8506
|
+
# * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
|
|
8507
|
+
# from all of the Regions where Security Hub is enabled, except for
|
|
8508
|
+
# the Regions listed in the `Regions` parameter. When you choose this
|
|
8509
|
+
# option, Security Hub also automatically aggregates findings from new
|
|
8510
|
+
# Regions as Security Hub supports them and you opt into them.
|
|
8511
|
+
#
|
|
8512
|
+
# * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the
|
|
8513
|
+
# Regions listed in the `Regions` parameter. Security Hub does not
|
|
8514
|
+
# automatically aggregate findings from new Regions.
|
|
8515
|
+
#
|
|
8516
|
+
# @option params [Array<String>] :regions
|
|
8517
|
+
# If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
|
|
8518
|
+
# a comma-separated list of Regions that do not aggregate findings to
|
|
8519
|
+
# the aggregation Region.
|
|
8520
|
+
#
|
|
8521
|
+
# If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
|
|
8522
|
+
# comma-separated list of Regions that do aggregate findings to the
|
|
8523
|
+
# aggregation Region.
|
|
8524
|
+
#
|
|
8525
|
+
# @return [Types::UpdateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
8526
|
+
#
|
|
8527
|
+
# * {Types::UpdateFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
|
|
8528
|
+
# * {Types::UpdateFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
|
|
8529
|
+
# * {Types::UpdateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
|
8530
|
+
# * {Types::UpdateFindingAggregatorResponse#regions #regions} => Array<String>
|
|
8531
|
+
#
|
|
8532
|
+
# @example Request syntax with placeholder values
|
|
8533
|
+
#
|
|
8534
|
+
# resp = client.update_finding_aggregator({
|
|
8535
|
+
# finding_aggregator_arn: "NonEmptyString", # required
|
|
8536
|
+
# region_linking_mode: "NonEmptyString", # required
|
|
8537
|
+
# regions: ["NonEmptyString"],
|
|
8538
|
+
# })
|
|
8539
|
+
#
|
|
8540
|
+
# @example Response structure
|
|
8541
|
+
#
|
|
8542
|
+
# resp.finding_aggregator_arn #=> String
|
|
8543
|
+
# resp.finding_aggregation_region #=> String
|
|
8544
|
+
# resp.region_linking_mode #=> String
|
|
8545
|
+
# resp.regions #=> Array
|
|
8546
|
+
# resp.regions[0] #=> String
|
|
8547
|
+
#
|
|
8548
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateFindingAggregator AWS API Documentation
|
|
8549
|
+
#
|
|
8550
|
+
# @overload update_finding_aggregator(params = {})
|
|
8551
|
+
# @param [Hash] params ({})
|
|
8552
|
+
def update_finding_aggregator(params = {}, options = {})
|
|
8553
|
+
req = build_request(:update_finding_aggregator, params)
|
|
8554
|
+
req.send_request(options)
|
|
8555
|
+
end
|
|
8556
|
+
|
|
7696
8557
|
# `UpdateFindings` is deprecated. Instead of `UpdateFindings`, use
|
|
7697
8558
|
# `BatchUpdateFindings`.
|
|
7698
8559
|
#
|
|
@@ -9101,7 +9962,7 @@ module Aws::SecurityHub
|
|
|
9101
9962
|
params: params,
|
|
9102
9963
|
config: config)
|
|
9103
9964
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
9104
|
-
context[:gem_version] = '1.
|
|
9965
|
+
context[:gem_version] = '1.55.0'
|
|
9105
9966
|
Seahorse::Client::Request.new(handlers, context)
|
|
9106
9967
|
end
|
|
9107
9968
|
|