aws-sdk-securityhub 1.52.0 → 1.53.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +349 -9
- data/lib/aws-sdk-securityhub/client_api.rb +261 -0
- data/lib/aws-sdk-securityhub/types.rb +2468 -75
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
@@ -2439,6 +2439,15 @@ module Aws::SecurityHub
|
|
2439
2439
|
# },
|
2440
2440
|
# ],
|
2441
2441
|
# },
|
2442
|
+
# viewer_certificate: {
|
2443
|
+
# acm_certificate_arn: "NonEmptyString",
|
2444
|
+
# certificate: "NonEmptyString",
|
2445
|
+
# certificate_source: "NonEmptyString",
|
2446
|
+
# cloud_front_default_certificate: false,
|
2447
|
+
# iam_certificate_id: "NonEmptyString",
|
2448
|
+
# minimum_protocol_version: "NonEmptyString",
|
2449
|
+
# ssl_support_method: "NonEmptyString",
|
2450
|
+
# },
|
2442
2451
|
# status: "NonEmptyString",
|
2443
2452
|
# web_acl_id: "NonEmptyString",
|
2444
2453
|
# }
|
@@ -2494,6 +2503,11 @@ module Aws::SecurityHub
|
|
2494
2503
|
# Provides information about the origin groups in the distribution.
|
2495
2504
|
# @return [Types::AwsCloudFrontDistributionOriginGroups]
|
2496
2505
|
#
|
2506
|
+
# @!attribute [rw] viewer_certificate
|
2507
|
+
# Provides information about the TLS/SSL configuration that the
|
2508
|
+
# distribution uses to communicate with viewers.
|
2509
|
+
# @return [Types::AwsCloudFrontDistributionViewerCertificate]
|
2510
|
+
#
|
2497
2511
|
# @!attribute [rw] status
|
2498
2512
|
# Indicates the current status of the distribution.
|
2499
2513
|
# @return [String]
|
@@ -2515,6 +2529,7 @@ module Aws::SecurityHub
|
|
2515
2529
|
:logging,
|
2516
2530
|
:origins,
|
2517
2531
|
:origin_groups,
|
2532
|
+
:viewer_certificate,
|
2518
2533
|
:status,
|
2519
2534
|
:web_acl_id)
|
2520
2535
|
SENSITIVE = []
|
@@ -2774,6 +2789,74 @@ module Aws::SecurityHub
|
|
2774
2789
|
include Aws::Structure
|
2775
2790
|
end
|
2776
2791
|
|
2792
|
+
# Provides information about the TLS/SSL configuration that the
|
2793
|
+
# distribution uses to communicate with viewers.
|
2794
|
+
#
|
2795
|
+
# @note When making an API call, you may pass AwsCloudFrontDistributionViewerCertificate
|
2796
|
+
# data as a hash:
|
2797
|
+
#
|
2798
|
+
# {
|
2799
|
+
# acm_certificate_arn: "NonEmptyString",
|
2800
|
+
# certificate: "NonEmptyString",
|
2801
|
+
# certificate_source: "NonEmptyString",
|
2802
|
+
# cloud_front_default_certificate: false,
|
2803
|
+
# iam_certificate_id: "NonEmptyString",
|
2804
|
+
# minimum_protocol_version: "NonEmptyString",
|
2805
|
+
# ssl_support_method: "NonEmptyString",
|
2806
|
+
# }
|
2807
|
+
#
|
2808
|
+
# @!attribute [rw] acm_certificate_arn
|
2809
|
+
# The ARN of the ACM certificate. Used if the certificate is stored in
|
2810
|
+
# ACM. If you provide an ACM certificate ARN, you must also provide
|
2811
|
+
# `MinimumCertificateVersion` and `SslSupportMethod`.
|
2812
|
+
# @return [String]
|
2813
|
+
#
|
2814
|
+
# @!attribute [rw] certificate
|
2815
|
+
# The identifier of the certificate. Note that in CloudFront, this
|
2816
|
+
# attribute is deprecated.
|
2817
|
+
# @return [String]
|
2818
|
+
#
|
2819
|
+
# @!attribute [rw] certificate_source
|
2820
|
+
# The source of the certificate identified by `Certificate`. Note that
|
2821
|
+
# in CloudFront, this attribute is deprecated.
|
2822
|
+
# @return [String]
|
2823
|
+
#
|
2824
|
+
# @!attribute [rw] cloud_front_default_certificate
|
2825
|
+
# Whether the distribution uses the CloudFront domain name. If set to
|
2826
|
+
# `false`, then you provide either `AcmCertificateArn` or
|
2827
|
+
# `IamCertificateId`.
|
2828
|
+
# @return [Boolean]
|
2829
|
+
#
|
2830
|
+
# @!attribute [rw] iam_certificate_id
|
2831
|
+
# The identifier of the IAM certificate. Used if the certificate is
|
2832
|
+
# stored in IAM. If you provide `IamCertificateId`, then you also must
|
2833
|
+
# provide `MinimumProtocolVersion` and `SslSupportMethod`.
|
2834
|
+
# @return [String]
|
2835
|
+
#
|
2836
|
+
# @!attribute [rw] minimum_protocol_version
|
2837
|
+
# The security policy that CloudFront uses for HTTPS connections with
|
2838
|
+
# viewers. If `SslSupportMethod` is `sni-only`, then
|
2839
|
+
# `MinimumProtocolVersion` must be `TLSv1` or higher.
|
2840
|
+
# @return [String]
|
2841
|
+
#
|
2842
|
+
# @!attribute [rw] ssl_support_method
|
2843
|
+
# The viewers that the distribution accepts HTTPS connections from.
|
2844
|
+
# @return [String]
|
2845
|
+
#
|
2846
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCloudFrontDistributionViewerCertificate AWS API Documentation
|
2847
|
+
#
|
2848
|
+
class AwsCloudFrontDistributionViewerCertificate < Struct.new(
|
2849
|
+
:acm_certificate_arn,
|
2850
|
+
:certificate,
|
2851
|
+
:certificate_source,
|
2852
|
+
:cloud_front_default_certificate,
|
2853
|
+
:iam_certificate_id,
|
2854
|
+
:minimum_protocol_version,
|
2855
|
+
:ssl_support_method)
|
2856
|
+
SENSITIVE = []
|
2857
|
+
include Aws::Structure
|
2858
|
+
end
|
2859
|
+
|
2777
2860
|
# Provides details about a CloudTrail trail.
|
2778
2861
|
#
|
2779
2862
|
# @note When making an API call, you may pass AwsCloudTrailTrailDetails
|
@@ -2886,6 +2969,85 @@ module Aws::SecurityHub
|
|
2886
2969
|
include Aws::Structure
|
2887
2970
|
end
|
2888
2971
|
|
2972
|
+
# Information about the build artifacts for the CodeBuild project.
|
2973
|
+
#
|
2974
|
+
# @note When making an API call, you may pass AwsCodeBuildProjectArtifactsDetails
|
2975
|
+
# data as a hash:
|
2976
|
+
#
|
2977
|
+
# {
|
2978
|
+
# artifact_identifier: "NonEmptyString",
|
2979
|
+
# encryption_disabled: false,
|
2980
|
+
# location: "NonEmptyString",
|
2981
|
+
# name: "NonEmptyString",
|
2982
|
+
# namespace_type: "NonEmptyString",
|
2983
|
+
# override_artifact_name: false,
|
2984
|
+
# packaging: "NonEmptyString",
|
2985
|
+
# path: "NonEmptyString",
|
2986
|
+
# type: "NonEmptyString",
|
2987
|
+
# }
|
2988
|
+
#
|
2989
|
+
# @!attribute [rw] artifact_identifier
|
2990
|
+
# An identifier for the artifact definition.
|
2991
|
+
# @return [String]
|
2992
|
+
#
|
2993
|
+
# @!attribute [rw] encryption_disabled
|
2994
|
+
# Indicates whether to disable encryption on the artifact. Only valid
|
2995
|
+
# when `Type` is `S3`.
|
2996
|
+
# @return [Boolean]
|
2997
|
+
#
|
2998
|
+
# @!attribute [rw] location
|
2999
|
+
# Only used when `Type` is `S3`. The name of the S3 bucket where the
|
3000
|
+
# artifact is located.
|
3001
|
+
# @return [String]
|
3002
|
+
#
|
3003
|
+
# @!attribute [rw] name
|
3004
|
+
# Only used when Type is S3. The name of the artifact. Used with
|
3005
|
+
# `NamepaceType` and `Path` to determine the pattern for storing the
|
3006
|
+
# artifact.
|
3007
|
+
# @return [String]
|
3008
|
+
#
|
3009
|
+
# @!attribute [rw] namespace_type
|
3010
|
+
# Only used when `Type` is `S3`. The value to use for the namespace.
|
3011
|
+
# Used with `Name` and `Path` to determine the pattern for storing the
|
3012
|
+
# artifact.
|
3013
|
+
# @return [String]
|
3014
|
+
#
|
3015
|
+
# @!attribute [rw] override_artifact_name
|
3016
|
+
# Whether the name specified in the buildspec file overrides the
|
3017
|
+
# artifact name.
|
3018
|
+
# @return [Boolean]
|
3019
|
+
#
|
3020
|
+
# @!attribute [rw] packaging
|
3021
|
+
# Only used when `Type` is `S3`. The type of output artifact to
|
3022
|
+
# create.
|
3023
|
+
# @return [String]
|
3024
|
+
#
|
3025
|
+
# @!attribute [rw] path
|
3026
|
+
# Only used when `Type` is `S3`. The path to the artifact. Used with
|
3027
|
+
# `Name` and `NamespaceType` to determine the pattern for storing the
|
3028
|
+
# artifact.
|
3029
|
+
# @return [String]
|
3030
|
+
#
|
3031
|
+
# @!attribute [rw] type
|
3032
|
+
# The type of build artifact.
|
3033
|
+
# @return [String]
|
3034
|
+
#
|
3035
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectArtifactsDetails AWS API Documentation
|
3036
|
+
#
|
3037
|
+
class AwsCodeBuildProjectArtifactsDetails < Struct.new(
|
3038
|
+
:artifact_identifier,
|
3039
|
+
:encryption_disabled,
|
3040
|
+
:location,
|
3041
|
+
:name,
|
3042
|
+
:namespace_type,
|
3043
|
+
:override_artifact_name,
|
3044
|
+
:packaging,
|
3045
|
+
:path,
|
3046
|
+
:type)
|
3047
|
+
SENSITIVE = []
|
3048
|
+
include Aws::Structure
|
3049
|
+
end
|
3050
|
+
|
2889
3051
|
# Information about an CodeBuild project.
|
2890
3052
|
#
|
2891
3053
|
# @note When making an API call, you may pass AwsCodeBuildProjectDetails
|
@@ -2893,8 +3055,29 @@ module Aws::SecurityHub
|
|
2893
3055
|
#
|
2894
3056
|
# {
|
2895
3057
|
# encryption_key: "NonEmptyString",
|
3058
|
+
# artifacts: [
|
3059
|
+
# {
|
3060
|
+
# artifact_identifier: "NonEmptyString",
|
3061
|
+
# encryption_disabled: false,
|
3062
|
+
# location: "NonEmptyString",
|
3063
|
+
# name: "NonEmptyString",
|
3064
|
+
# namespace_type: "NonEmptyString",
|
3065
|
+
# override_artifact_name: false,
|
3066
|
+
# packaging: "NonEmptyString",
|
3067
|
+
# path: "NonEmptyString",
|
3068
|
+
# type: "NonEmptyString",
|
3069
|
+
# },
|
3070
|
+
# ],
|
2896
3071
|
# environment: {
|
2897
3072
|
# certificate: "NonEmptyString",
|
3073
|
+
# environment_variables: [
|
3074
|
+
# {
|
3075
|
+
# name: "NonEmptyString",
|
3076
|
+
# type: "NonEmptyString",
|
3077
|
+
# value: "NonEmptyString",
|
3078
|
+
# },
|
3079
|
+
# ],
|
3080
|
+
# privileged_mode: false,
|
2898
3081
|
# image_pull_credentials_type: "NonEmptyString",
|
2899
3082
|
# registry_credential: {
|
2900
3083
|
# credential: "NonEmptyString",
|
@@ -2910,6 +3093,18 @@ module Aws::SecurityHub
|
|
2910
3093
|
# insecure_ssl: false,
|
2911
3094
|
# },
|
2912
3095
|
# service_role: "NonEmptyString",
|
3096
|
+
# logs_config: {
|
3097
|
+
# cloud_watch_logs: {
|
3098
|
+
# group_name: "NonEmptyString",
|
3099
|
+
# status: "NonEmptyString",
|
3100
|
+
# stream_name: "NonEmptyString",
|
3101
|
+
# },
|
3102
|
+
# s3_logs: {
|
3103
|
+
# encryption_disabled: false,
|
3104
|
+
# location: "NonEmptyString",
|
3105
|
+
# status: "NonEmptyString",
|
3106
|
+
# },
|
3107
|
+
# },
|
2913
3108
|
# vpc_config: {
|
2914
3109
|
# vpc_id: "NonEmptyString",
|
2915
3110
|
# subnets: ["NonEmptyString"],
|
@@ -2924,6 +3119,10 @@ module Aws::SecurityHub
|
|
2924
3119
|
# KMS key alias (using the format alias/alias-name).
|
2925
3120
|
# @return [String]
|
2926
3121
|
#
|
3122
|
+
# @!attribute [rw] artifacts
|
3123
|
+
# Information about the build artifacts for the CodeBuild project.
|
3124
|
+
# @return [Array<Types::AwsCodeBuildProjectArtifactsDetails>]
|
3125
|
+
#
|
2927
3126
|
# @!attribute [rw] environment
|
2928
3127
|
# Information about the build environment for this build project.
|
2929
3128
|
# @return [Types::AwsCodeBuildProjectEnvironment]
|
@@ -2943,6 +3142,10 @@ module Aws::SecurityHub
|
|
2943
3142
|
# Services account.
|
2944
3143
|
# @return [String]
|
2945
3144
|
#
|
3145
|
+
# @!attribute [rw] logs_config
|
3146
|
+
# Information about logs for the build project.
|
3147
|
+
# @return [Types::AwsCodeBuildProjectLogsConfigDetails]
|
3148
|
+
#
|
2946
3149
|
# @!attribute [rw] vpc_config
|
2947
3150
|
# Information about the VPC configuration that CodeBuild accesses.
|
2948
3151
|
# @return [Types::AwsCodeBuildProjectVpcConfig]
|
@@ -2951,10 +3154,12 @@ module Aws::SecurityHub
|
|
2951
3154
|
#
|
2952
3155
|
class AwsCodeBuildProjectDetails < Struct.new(
|
2953
3156
|
:encryption_key,
|
3157
|
+
:artifacts,
|
2954
3158
|
:environment,
|
2955
3159
|
:name,
|
2956
3160
|
:source,
|
2957
3161
|
:service_role,
|
3162
|
+
:logs_config,
|
2958
3163
|
:vpc_config)
|
2959
3164
|
SENSITIVE = []
|
2960
3165
|
include Aws::Structure
|
@@ -2967,6 +3172,14 @@ module Aws::SecurityHub
|
|
2967
3172
|
#
|
2968
3173
|
# {
|
2969
3174
|
# certificate: "NonEmptyString",
|
3175
|
+
# environment_variables: [
|
3176
|
+
# {
|
3177
|
+
# name: "NonEmptyString",
|
3178
|
+
# type: "NonEmptyString",
|
3179
|
+
# value: "NonEmptyString",
|
3180
|
+
# },
|
3181
|
+
# ],
|
3182
|
+
# privileged_mode: false,
|
2970
3183
|
# image_pull_credentials_type: "NonEmptyString",
|
2971
3184
|
# registry_credential: {
|
2972
3185
|
# credential: "NonEmptyString",
|
@@ -2979,6 +3192,16 @@ module Aws::SecurityHub
|
|
2979
3192
|
# The certificate to use with this build project.
|
2980
3193
|
# @return [String]
|
2981
3194
|
#
|
3195
|
+
# @!attribute [rw] environment_variables
|
3196
|
+
# A set of environment variables to make available to builds for the
|
3197
|
+
# build project.
|
3198
|
+
# @return [Array<Types::AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails>]
|
3199
|
+
#
|
3200
|
+
# @!attribute [rw] privileged_mode
|
3201
|
+
# Whether to allow the Docker daemon to run inside a Docker container.
|
3202
|
+
# Set to `true` if the build project is used to build Docker images.
|
3203
|
+
# @return [Boolean]
|
3204
|
+
#
|
2982
3205
|
# @!attribute [rw] image_pull_credentials_type
|
2983
3206
|
# The type of credentials CodeBuild uses to pull images in your build.
|
2984
3207
|
#
|
@@ -3031,6 +3254,8 @@ module Aws::SecurityHub
|
|
3031
3254
|
#
|
3032
3255
|
class AwsCodeBuildProjectEnvironment < Struct.new(
|
3033
3256
|
:certificate,
|
3257
|
+
:environment_variables,
|
3258
|
+
:privileged_mode,
|
3034
3259
|
:image_pull_credentials_type,
|
3035
3260
|
:registry_credential,
|
3036
3261
|
:type)
|
@@ -3038,6 +3263,40 @@ module Aws::SecurityHub
|
|
3038
3263
|
include Aws::Structure
|
3039
3264
|
end
|
3040
3265
|
|
3266
|
+
# Information about an environment variable that is available to builds
|
3267
|
+
# for the build project.
|
3268
|
+
#
|
3269
|
+
# @note When making an API call, you may pass AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails
|
3270
|
+
# data as a hash:
|
3271
|
+
#
|
3272
|
+
# {
|
3273
|
+
# name: "NonEmptyString",
|
3274
|
+
# type: "NonEmptyString",
|
3275
|
+
# value: "NonEmptyString",
|
3276
|
+
# }
|
3277
|
+
#
|
3278
|
+
# @!attribute [rw] name
|
3279
|
+
# The name of the environment variable.
|
3280
|
+
# @return [String]
|
3281
|
+
#
|
3282
|
+
# @!attribute [rw] type
|
3283
|
+
# The type of environment variable.
|
3284
|
+
# @return [String]
|
3285
|
+
#
|
3286
|
+
# @!attribute [rw] value
|
3287
|
+
# The value of the environment variable.
|
3288
|
+
# @return [String]
|
3289
|
+
#
|
3290
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails AWS API Documentation
|
3291
|
+
#
|
3292
|
+
class AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails < Struct.new(
|
3293
|
+
:name,
|
3294
|
+
:type,
|
3295
|
+
:value)
|
3296
|
+
SENSITIVE = []
|
3297
|
+
include Aws::Structure
|
3298
|
+
end
|
3299
|
+
|
3041
3300
|
# The credentials for access to a private registry.
|
3042
3301
|
#
|
3043
3302
|
# @note When making an API call, you may pass AwsCodeBuildProjectEnvironmentRegistryCredential
|
@@ -3073,6 +3332,108 @@ module Aws::SecurityHub
|
|
3073
3332
|
include Aws::Structure
|
3074
3333
|
end
|
3075
3334
|
|
3335
|
+
# Information about CloudWatch Logs for the build project.
|
3336
|
+
#
|
3337
|
+
# @note When making an API call, you may pass AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails
|
3338
|
+
# data as a hash:
|
3339
|
+
#
|
3340
|
+
# {
|
3341
|
+
# group_name: "NonEmptyString",
|
3342
|
+
# status: "NonEmptyString",
|
3343
|
+
# stream_name: "NonEmptyString",
|
3344
|
+
# }
|
3345
|
+
#
|
3346
|
+
# @!attribute [rw] group_name
|
3347
|
+
# The group name of the logs in CloudWatch Logs.
|
3348
|
+
# @return [String]
|
3349
|
+
#
|
3350
|
+
# @!attribute [rw] status
|
3351
|
+
# The current status of the logs in CloudWatch Logs for a build
|
3352
|
+
# project.
|
3353
|
+
# @return [String]
|
3354
|
+
#
|
3355
|
+
# @!attribute [rw] stream_name
|
3356
|
+
# The prefix of the stream name of the CloudWatch Logs.
|
3357
|
+
# @return [String]
|
3358
|
+
#
|
3359
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails AWS API Documentation
|
3360
|
+
#
|
3361
|
+
class AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails < Struct.new(
|
3362
|
+
:group_name,
|
3363
|
+
:status,
|
3364
|
+
:stream_name)
|
3365
|
+
SENSITIVE = []
|
3366
|
+
include Aws::Structure
|
3367
|
+
end
|
3368
|
+
|
3369
|
+
# Information about logs for the build project.
|
3370
|
+
#
|
3371
|
+
# @note When making an API call, you may pass AwsCodeBuildProjectLogsConfigDetails
|
3372
|
+
# data as a hash:
|
3373
|
+
#
|
3374
|
+
# {
|
3375
|
+
# cloud_watch_logs: {
|
3376
|
+
# group_name: "NonEmptyString",
|
3377
|
+
# status: "NonEmptyString",
|
3378
|
+
# stream_name: "NonEmptyString",
|
3379
|
+
# },
|
3380
|
+
# s3_logs: {
|
3381
|
+
# encryption_disabled: false,
|
3382
|
+
# location: "NonEmptyString",
|
3383
|
+
# status: "NonEmptyString",
|
3384
|
+
# },
|
3385
|
+
# }
|
3386
|
+
#
|
3387
|
+
# @!attribute [rw] cloud_watch_logs
|
3388
|
+
# Information about CloudWatch Logs for the build project.
|
3389
|
+
# @return [Types::AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails]
|
3390
|
+
#
|
3391
|
+
# @!attribute [rw] s3_logs
|
3392
|
+
# Information about logs built to an S3 bucket for a build project.
|
3393
|
+
# @return [Types::AwsCodeBuildProjectLogsConfigS3LogsDetails]
|
3394
|
+
#
|
3395
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectLogsConfigDetails AWS API Documentation
|
3396
|
+
#
|
3397
|
+
class AwsCodeBuildProjectLogsConfigDetails < Struct.new(
|
3398
|
+
:cloud_watch_logs,
|
3399
|
+
:s3_logs)
|
3400
|
+
SENSITIVE = []
|
3401
|
+
include Aws::Structure
|
3402
|
+
end
|
3403
|
+
|
3404
|
+
# Information about logs built to an S3 bucket for a build project.
|
3405
|
+
#
|
3406
|
+
# @note When making an API call, you may pass AwsCodeBuildProjectLogsConfigS3LogsDetails
|
3407
|
+
# data as a hash:
|
3408
|
+
#
|
3409
|
+
# {
|
3410
|
+
# encryption_disabled: false,
|
3411
|
+
# location: "NonEmptyString",
|
3412
|
+
# status: "NonEmptyString",
|
3413
|
+
# }
|
3414
|
+
#
|
3415
|
+
# @!attribute [rw] encryption_disabled
|
3416
|
+
# Whether to disable encryption of the S3 build log output.
|
3417
|
+
# @return [Boolean]
|
3418
|
+
#
|
3419
|
+
# @!attribute [rw] location
|
3420
|
+
# The ARN of the S3 bucket and the path prefix for S3 logs.
|
3421
|
+
# @return [String]
|
3422
|
+
#
|
3423
|
+
# @!attribute [rw] status
|
3424
|
+
# The current status of the S3 build logs.
|
3425
|
+
# @return [String]
|
3426
|
+
#
|
3427
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectLogsConfigS3LogsDetails AWS API Documentation
|
3428
|
+
#
|
3429
|
+
class AwsCodeBuildProjectLogsConfigS3LogsDetails < Struct.new(
|
3430
|
+
:encryption_disabled,
|
3431
|
+
:location,
|
3432
|
+
:status)
|
3433
|
+
SENSITIVE = []
|
3434
|
+
include Aws::Structure
|
3435
|
+
end
|
3436
|
+
|
3076
3437
|
# Information about the build input source code for this build project.
|
3077
3438
|
#
|
3078
3439
|
# @note When making an API call, you may pass AwsCodeBuildProjectSource
|
@@ -5246,6 +5607,114 @@ module Aws::SecurityHub
|
|
5246
5607
|
include Aws::Structure
|
5247
5608
|
end
|
5248
5609
|
|
5610
|
+
# Contains details about the service configuration for a VPC endpoint
|
5611
|
+
# service.
|
5612
|
+
#
|
5613
|
+
# @note When making an API call, you may pass AwsEc2VpcEndpointServiceDetails
|
5614
|
+
# data as a hash:
|
5615
|
+
#
|
5616
|
+
# {
|
5617
|
+
# acceptance_required: false,
|
5618
|
+
# availability_zones: ["NonEmptyString"],
|
5619
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
5620
|
+
# manages_vpc_endpoints: false,
|
5621
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
5622
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
5623
|
+
# private_dns_name: "NonEmptyString",
|
5624
|
+
# service_id: "NonEmptyString",
|
5625
|
+
# service_name: "NonEmptyString",
|
5626
|
+
# service_state: "NonEmptyString",
|
5627
|
+
# service_type: [
|
5628
|
+
# {
|
5629
|
+
# service_type: "NonEmptyString",
|
5630
|
+
# },
|
5631
|
+
# ],
|
5632
|
+
# }
|
5633
|
+
#
|
5634
|
+
# @!attribute [rw] acceptance_required
|
5635
|
+
# Whether requests from other Amazon Web Services accounts to create
|
5636
|
+
# an endpoint to the service must first be accepted.
|
5637
|
+
# @return [Boolean]
|
5638
|
+
#
|
5639
|
+
# @!attribute [rw] availability_zones
|
5640
|
+
# The Availability Zones where the service is available.
|
5641
|
+
# @return [Array<String>]
|
5642
|
+
#
|
5643
|
+
# @!attribute [rw] base_endpoint_dns_names
|
5644
|
+
# The DNS names for the service.
|
5645
|
+
# @return [Array<String>]
|
5646
|
+
#
|
5647
|
+
# @!attribute [rw] manages_vpc_endpoints
|
5648
|
+
# Whether the service manages its VPC endpoints.
|
5649
|
+
# @return [Boolean]
|
5650
|
+
#
|
5651
|
+
# @!attribute [rw] gateway_load_balancer_arns
|
5652
|
+
# The ARNs of the Gateway Load Balancers for the service.
|
5653
|
+
# @return [Array<String>]
|
5654
|
+
#
|
5655
|
+
# @!attribute [rw] network_load_balancer_arns
|
5656
|
+
# The ARNs of the Network Load Balancers for the service.
|
5657
|
+
# @return [Array<String>]
|
5658
|
+
#
|
5659
|
+
# @!attribute [rw] private_dns_name
|
5660
|
+
# The private DNS name for the service.
|
5661
|
+
# @return [String]
|
5662
|
+
#
|
5663
|
+
# @!attribute [rw] service_id
|
5664
|
+
# The identifier of the service.
|
5665
|
+
# @return [String]
|
5666
|
+
#
|
5667
|
+
# @!attribute [rw] service_name
|
5668
|
+
# The name of the service.
|
5669
|
+
# @return [String]
|
5670
|
+
#
|
5671
|
+
# @!attribute [rw] service_state
|
5672
|
+
# The current state of the service.
|
5673
|
+
# @return [String]
|
5674
|
+
#
|
5675
|
+
# @!attribute [rw] service_type
|
5676
|
+
# The types for the service.
|
5677
|
+
# @return [Array<Types::AwsEc2VpcEndpointServiceServiceTypeDetails>]
|
5678
|
+
#
|
5679
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpcEndpointServiceDetails AWS API Documentation
|
5680
|
+
#
|
5681
|
+
class AwsEc2VpcEndpointServiceDetails < Struct.new(
|
5682
|
+
:acceptance_required,
|
5683
|
+
:availability_zones,
|
5684
|
+
:base_endpoint_dns_names,
|
5685
|
+
:manages_vpc_endpoints,
|
5686
|
+
:gateway_load_balancer_arns,
|
5687
|
+
:network_load_balancer_arns,
|
5688
|
+
:private_dns_name,
|
5689
|
+
:service_id,
|
5690
|
+
:service_name,
|
5691
|
+
:service_state,
|
5692
|
+
:service_type)
|
5693
|
+
SENSITIVE = []
|
5694
|
+
include Aws::Structure
|
5695
|
+
end
|
5696
|
+
|
5697
|
+
# The service type information for a VPC endpoint service.
|
5698
|
+
#
|
5699
|
+
# @note When making an API call, you may pass AwsEc2VpcEndpointServiceServiceTypeDetails
|
5700
|
+
# data as a hash:
|
5701
|
+
#
|
5702
|
+
# {
|
5703
|
+
# service_type: "NonEmptyString",
|
5704
|
+
# }
|
5705
|
+
#
|
5706
|
+
# @!attribute [rw] service_type
|
5707
|
+
# The type of service.
|
5708
|
+
# @return [String]
|
5709
|
+
#
|
5710
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpcEndpointServiceServiceTypeDetails AWS API Documentation
|
5711
|
+
#
|
5712
|
+
class AwsEc2VpcEndpointServiceServiceTypeDetails < Struct.new(
|
5713
|
+
:service_type)
|
5714
|
+
SENSITIVE = []
|
5715
|
+
include Aws::Structure
|
5716
|
+
end
|
5717
|
+
|
5249
5718
|
# Details about an Amazon EC2 VPN connection.
|
5250
5719
|
#
|
5251
5720
|
# @note When making an API call, you may pass AwsEc2VpnConnectionDetails
|
@@ -5687,7 +6156,113 @@ module Aws::SecurityHub
|
|
5687
6156
|
include Aws::Structure
|
5688
6157
|
end
|
5689
6158
|
|
5690
|
-
#
|
6159
|
+
# Provides information about an Amazon Elastic Container Registry
|
6160
|
+
# repository.
|
6161
|
+
#
|
6162
|
+
# @note When making an API call, you may pass AwsEcrRepositoryDetails
|
6163
|
+
# data as a hash:
|
6164
|
+
#
|
6165
|
+
# {
|
6166
|
+
# arn: "NonEmptyString",
|
6167
|
+
# image_scanning_configuration: {
|
6168
|
+
# scan_on_push: false,
|
6169
|
+
# },
|
6170
|
+
# image_tag_mutability: "NonEmptyString",
|
6171
|
+
# lifecycle_policy: {
|
6172
|
+
# lifecycle_policy_text: "NonEmptyString",
|
6173
|
+
# registry_id: "NonEmptyString",
|
6174
|
+
# },
|
6175
|
+
# repository_name: "NonEmptyString",
|
6176
|
+
# repository_policy_text: "NonEmptyString",
|
6177
|
+
# }
|
6178
|
+
#
|
6179
|
+
# @!attribute [rw] arn
|
6180
|
+
# The ARN of the repository.
|
6181
|
+
# @return [String]
|
6182
|
+
#
|
6183
|
+
# @!attribute [rw] image_scanning_configuration
|
6184
|
+
# The image scanning configuration for a repository.
|
6185
|
+
# @return [Types::AwsEcrRepositoryImageScanningConfigurationDetails]
|
6186
|
+
#
|
6187
|
+
# @!attribute [rw] image_tag_mutability
|
6188
|
+
# The tag mutability setting for the repository.
|
6189
|
+
# @return [String]
|
6190
|
+
#
|
6191
|
+
# @!attribute [rw] lifecycle_policy
|
6192
|
+
# Information about the lifecycle policy for the repository.
|
6193
|
+
# @return [Types::AwsEcrRepositoryLifecyclePolicyDetails]
|
6194
|
+
#
|
6195
|
+
# @!attribute [rw] repository_name
|
6196
|
+
# The name of the repository.
|
6197
|
+
# @return [String]
|
6198
|
+
#
|
6199
|
+
# @!attribute [rw] repository_policy_text
|
6200
|
+
# The text of the repository policy.
|
6201
|
+
# @return [String]
|
6202
|
+
#
|
6203
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcrRepositoryDetails AWS API Documentation
|
6204
|
+
#
|
6205
|
+
class AwsEcrRepositoryDetails < Struct.new(
|
6206
|
+
:arn,
|
6207
|
+
:image_scanning_configuration,
|
6208
|
+
:image_tag_mutability,
|
6209
|
+
:lifecycle_policy,
|
6210
|
+
:repository_name,
|
6211
|
+
:repository_policy_text)
|
6212
|
+
SENSITIVE = []
|
6213
|
+
include Aws::Structure
|
6214
|
+
end
|
6215
|
+
|
6216
|
+
# The image scanning configuration for a repository.
|
6217
|
+
#
|
6218
|
+
# @note When making an API call, you may pass AwsEcrRepositoryImageScanningConfigurationDetails
|
6219
|
+
# data as a hash:
|
6220
|
+
#
|
6221
|
+
# {
|
6222
|
+
# scan_on_push: false,
|
6223
|
+
# }
|
6224
|
+
#
|
6225
|
+
# @!attribute [rw] scan_on_push
|
6226
|
+
# Whether to scan images after they are pushed to a repository.
|
6227
|
+
# @return [Boolean]
|
6228
|
+
#
|
6229
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcrRepositoryImageScanningConfigurationDetails AWS API Documentation
|
6230
|
+
#
|
6231
|
+
class AwsEcrRepositoryImageScanningConfigurationDetails < Struct.new(
|
6232
|
+
:scan_on_push)
|
6233
|
+
SENSITIVE = []
|
6234
|
+
include Aws::Structure
|
6235
|
+
end
|
6236
|
+
|
6237
|
+
# Information about the lifecycle policy for the repository.
|
6238
|
+
#
|
6239
|
+
# @note When making an API call, you may pass AwsEcrRepositoryLifecyclePolicyDetails
|
6240
|
+
# data as a hash:
|
6241
|
+
#
|
6242
|
+
# {
|
6243
|
+
# lifecycle_policy_text: "NonEmptyString",
|
6244
|
+
# registry_id: "NonEmptyString",
|
6245
|
+
# }
|
6246
|
+
#
|
6247
|
+
# @!attribute [rw] lifecycle_policy_text
|
6248
|
+
# The text of the lifecycle policy.
|
6249
|
+
# @return [String]
|
6250
|
+
#
|
6251
|
+
# @!attribute [rw] registry_id
|
6252
|
+
# The Amazon Web Services account identifier that is associated with
|
6253
|
+
# the registry that contains the repository.
|
6254
|
+
# @return [String]
|
6255
|
+
#
|
6256
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcrRepositoryLifecyclePolicyDetails AWS API Documentation
|
6257
|
+
#
|
6258
|
+
class AwsEcrRepositoryLifecyclePolicyDetails < Struct.new(
|
6259
|
+
:lifecycle_policy_text,
|
6260
|
+
:registry_id)
|
6261
|
+
SENSITIVE = []
|
6262
|
+
include Aws::Structure
|
6263
|
+
end
|
6264
|
+
|
6265
|
+
# Indicates whether to enable CloudWatch Container Insights for the ECS
|
5691
6266
|
# cluster.
|
5692
6267
|
#
|
5693
6268
|
# @note When making an API call, you may pass AwsEcsClusterClusterSettingsDetails
|
@@ -8316,6 +8891,170 @@ module Aws::SecurityHub
|
|
8316
8891
|
include Aws::Structure
|
8317
8892
|
end
|
8318
8893
|
|
8894
|
+
# Provides details about an Amazon EKS cluster.
|
8895
|
+
#
|
8896
|
+
# @note When making an API call, you may pass AwsEksClusterDetails
|
8897
|
+
# data as a hash:
|
8898
|
+
#
|
8899
|
+
# {
|
8900
|
+
# arn: "NonEmptyString",
|
8901
|
+
# certificate_authority_data: "NonEmptyString",
|
8902
|
+
# cluster_status: "NonEmptyString",
|
8903
|
+
# endpoint: "NonEmptyString",
|
8904
|
+
# name: "NonEmptyString",
|
8905
|
+
# resources_vpc_config: {
|
8906
|
+
# security_group_ids: ["NonEmptyString"],
|
8907
|
+
# subnet_ids: ["NonEmptyString"],
|
8908
|
+
# },
|
8909
|
+
# role_arn: "NonEmptyString",
|
8910
|
+
# version: "NonEmptyString",
|
8911
|
+
# logging: {
|
8912
|
+
# cluster_logging: [
|
8913
|
+
# {
|
8914
|
+
# enabled: false,
|
8915
|
+
# types: ["NonEmptyString"],
|
8916
|
+
# },
|
8917
|
+
# ],
|
8918
|
+
# },
|
8919
|
+
# }
|
8920
|
+
#
|
8921
|
+
# @!attribute [rw] arn
|
8922
|
+
# The ARN of the cluster.
|
8923
|
+
# @return [String]
|
8924
|
+
#
|
8925
|
+
# @!attribute [rw] certificate_authority_data
|
8926
|
+
# The certificate authority data for the cluster.
|
8927
|
+
# @return [String]
|
8928
|
+
#
|
8929
|
+
# @!attribute [rw] cluster_status
|
8930
|
+
# The status of the cluster.
|
8931
|
+
# @return [String]
|
8932
|
+
#
|
8933
|
+
# @!attribute [rw] endpoint
|
8934
|
+
# The endpoint for the Amazon EKS API server.
|
8935
|
+
# @return [String]
|
8936
|
+
#
|
8937
|
+
# @!attribute [rw] name
|
8938
|
+
# The name of the cluster.
|
8939
|
+
# @return [String]
|
8940
|
+
#
|
8941
|
+
# @!attribute [rw] resources_vpc_config
|
8942
|
+
# The VPC configuration used by the cluster control plane.
|
8943
|
+
# @return [Types::AwsEksClusterResourcesVpcConfigDetails]
|
8944
|
+
#
|
8945
|
+
# @!attribute [rw] role_arn
|
8946
|
+
# The ARN of the IAM role that provides permissions for the Amazon EKS
|
8947
|
+
# control plane to make calls to Amazon Web Services API operations on
|
8948
|
+
# your behalf.
|
8949
|
+
# @return [String]
|
8950
|
+
#
|
8951
|
+
# @!attribute [rw] version
|
8952
|
+
# The Amazon EKS server version for the cluster.
|
8953
|
+
# @return [String]
|
8954
|
+
#
|
8955
|
+
# @!attribute [rw] logging
|
8956
|
+
# The logging configuration for the cluster.
|
8957
|
+
# @return [Types::AwsEksClusterLoggingDetails]
|
8958
|
+
#
|
8959
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterDetails AWS API Documentation
|
8960
|
+
#
|
8961
|
+
class AwsEksClusterDetails < Struct.new(
|
8962
|
+
:arn,
|
8963
|
+
:certificate_authority_data,
|
8964
|
+
:cluster_status,
|
8965
|
+
:endpoint,
|
8966
|
+
:name,
|
8967
|
+
:resources_vpc_config,
|
8968
|
+
:role_arn,
|
8969
|
+
:version,
|
8970
|
+
:logging)
|
8971
|
+
SENSITIVE = []
|
8972
|
+
include Aws::Structure
|
8973
|
+
end
|
8974
|
+
|
8975
|
+
# Details for a cluster logging configuration.
|
8976
|
+
#
|
8977
|
+
# @note When making an API call, you may pass AwsEksClusterLoggingClusterLoggingDetails
|
8978
|
+
# data as a hash:
|
8979
|
+
#
|
8980
|
+
# {
|
8981
|
+
# enabled: false,
|
8982
|
+
# types: ["NonEmptyString"],
|
8983
|
+
# }
|
8984
|
+
#
|
8985
|
+
# @!attribute [rw] enabled
|
8986
|
+
# Whether the logging types that are listed in `Types` are enabled.
|
8987
|
+
# @return [Boolean]
|
8988
|
+
#
|
8989
|
+
# @!attribute [rw] types
|
8990
|
+
# A list of logging types.
|
8991
|
+
# @return [Array<String>]
|
8992
|
+
#
|
8993
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterLoggingClusterLoggingDetails AWS API Documentation
|
8994
|
+
#
|
8995
|
+
class AwsEksClusterLoggingClusterLoggingDetails < Struct.new(
|
8996
|
+
:enabled,
|
8997
|
+
:types)
|
8998
|
+
SENSITIVE = []
|
8999
|
+
include Aws::Structure
|
9000
|
+
end
|
9001
|
+
|
9002
|
+
# The logging configuration for an Amazon EKS cluster.
|
9003
|
+
#
|
9004
|
+
# @note When making an API call, you may pass AwsEksClusterLoggingDetails
|
9005
|
+
# data as a hash:
|
9006
|
+
#
|
9007
|
+
# {
|
9008
|
+
# cluster_logging: [
|
9009
|
+
# {
|
9010
|
+
# enabled: false,
|
9011
|
+
# types: ["NonEmptyString"],
|
9012
|
+
# },
|
9013
|
+
# ],
|
9014
|
+
# }
|
9015
|
+
#
|
9016
|
+
# @!attribute [rw] cluster_logging
|
9017
|
+
# Cluster logging configurations.
|
9018
|
+
# @return [Array<Types::AwsEksClusterLoggingClusterLoggingDetails>]
|
9019
|
+
#
|
9020
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterLoggingDetails AWS API Documentation
|
9021
|
+
#
|
9022
|
+
class AwsEksClusterLoggingDetails < Struct.new(
|
9023
|
+
:cluster_logging)
|
9024
|
+
SENSITIVE = []
|
9025
|
+
include Aws::Structure
|
9026
|
+
end
|
9027
|
+
|
9028
|
+
# Information about the VPC configuration used by the cluster control
|
9029
|
+
# plane.
|
9030
|
+
#
|
9031
|
+
# @note When making an API call, you may pass AwsEksClusterResourcesVpcConfigDetails
|
9032
|
+
# data as a hash:
|
9033
|
+
#
|
9034
|
+
# {
|
9035
|
+
# security_group_ids: ["NonEmptyString"],
|
9036
|
+
# subnet_ids: ["NonEmptyString"],
|
9037
|
+
# }
|
9038
|
+
#
|
9039
|
+
# @!attribute [rw] security_group_ids
|
9040
|
+
# The security groups that are associated with the cross-account
|
9041
|
+
# elastic network interfaces that are used to allow communication
|
9042
|
+
# between your nodes and the Amazon EKS control plane.
|
9043
|
+
# @return [Array<String>]
|
9044
|
+
#
|
9045
|
+
# @!attribute [rw] subnet_ids
|
9046
|
+
# The subnets that are associated with the cluster.
|
9047
|
+
# @return [Array<String>]
|
9048
|
+
#
|
9049
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterResourcesVpcConfigDetails AWS API Documentation
|
9050
|
+
#
|
9051
|
+
class AwsEksClusterResourcesVpcConfigDetails < Struct.new(
|
9052
|
+
:security_group_ids,
|
9053
|
+
:subnet_ids)
|
9054
|
+
SENSITIVE = []
|
9055
|
+
include Aws::Structure
|
9056
|
+
end
|
9057
|
+
|
8319
9058
|
# Contains details about an Elastic Beanstalk environment.
|
8320
9059
|
#
|
8321
9060
|
# @note When making an API call, you may pass AwsElasticBeanstalkEnvironmentDetails
|
@@ -8547,7 +9286,7 @@ module Aws::SecurityHub
|
|
8547
9286
|
include Aws::Structure
|
8548
9287
|
end
|
8549
9288
|
|
8550
|
-
# Information about an
|
9289
|
+
# Information about an Elasticsearch domain.
|
8551
9290
|
#
|
8552
9291
|
# @note When making an API call, you may pass AwsElasticsearchDomainDetails
|
8553
9292
|
# data as a hash:
|
@@ -8652,11 +9391,11 @@ module Aws::SecurityHub
|
|
8652
9391
|
# @return [Hash<String,String>]
|
8653
9392
|
#
|
8654
9393
|
# @!attribute [rw] elasticsearch_version
|
8655
|
-
#
|
9394
|
+
# OpenSearch version.
|
8656
9395
|
# @return [String]
|
8657
9396
|
#
|
8658
9397
|
# @!attribute [rw] elasticsearch_cluster_config
|
8659
|
-
# Information about an
|
9398
|
+
# Information about an OpenSearch cluster configuration.
|
8660
9399
|
# @return [Types::AwsElasticsearchDomainElasticsearchClusterConfigDetails]
|
8661
9400
|
#
|
8662
9401
|
# @!attribute [rw] encryption_at_rest_options
|
@@ -8678,7 +9417,7 @@ module Aws::SecurityHub
|
|
8678
9417
|
# @return [Types::AwsElasticsearchDomainServiceSoftwareOptions]
|
8679
9418
|
#
|
8680
9419
|
# @!attribute [rw] vpc_options
|
8681
|
-
# Information that
|
9420
|
+
# Information that OpenSearch derives based on `VPCOptions` for the
|
8682
9421
|
# domain.
|
8683
9422
|
# @return [Types::AwsElasticsearchDomainVPCOptions]
|
8684
9423
|
#
|
@@ -8719,7 +9458,7 @@ module Aws::SecurityHub
|
|
8719
9458
|
#
|
8720
9459
|
# @!attribute [rw] tls_security_policy
|
8721
9460
|
# The TLS security policy to apply to the HTTPS endpoint of the
|
8722
|
-
#
|
9461
|
+
# OpenSearch domain.
|
8723
9462
|
#
|
8724
9463
|
# Valid values:
|
8725
9464
|
#
|
@@ -8737,7 +9476,7 @@ module Aws::SecurityHub
|
|
8737
9476
|
include Aws::Structure
|
8738
9477
|
end
|
8739
9478
|
|
8740
|
-
# details about the configuration of an
|
9479
|
+
# details about the configuration of an OpenSearch cluster.
|
8741
9480
|
#
|
8742
9481
|
# @note When making an API call, you may pass AwsElasticsearchDomainElasticsearchClusterConfigDetails
|
8743
9482
|
# data as a hash:
|
@@ -8789,8 +9528,8 @@ module Aws::SecurityHub
|
|
8789
9528
|
#
|
8790
9529
|
# @!attribute [rw] zone_awareness_enabled
|
8791
9530
|
# Whether to enable zone awareness for the Elasticsearch domain. When
|
8792
|
-
# zone awareness is enabled,
|
8793
|
-
#
|
9531
|
+
# zone awareness is enabled, OpenSearch allocates the cluster's nodes
|
9532
|
+
# and replica index shards across Availability Zones in the same
|
8794
9533
|
# Region. This prevents data loss and minimizes downtime if a node or
|
8795
9534
|
# data center fails.
|
8796
9535
|
# @return [Boolean]
|
@@ -8880,11 +9619,11 @@ module Aws::SecurityHub
|
|
8880
9619
|
# }
|
8881
9620
|
#
|
8882
9621
|
# @!attribute [rw] index_slow_logs
|
8883
|
-
# Configures the
|
9622
|
+
# Configures the OpenSearch index logs publishing.
|
8884
9623
|
# @return [Types::AwsElasticsearchDomainLogPublishingOptionsLogConfig]
|
8885
9624
|
#
|
8886
9625
|
# @!attribute [rw] search_slow_logs
|
8887
|
-
# Configures the
|
9626
|
+
# Configures the OpenSearch search slow log publishing.
|
8888
9627
|
# @return [Types::AwsElasticsearchDomainLogPublishingOptionsLogConfig]
|
8889
9628
|
#
|
8890
9629
|
# @!attribute [rw] audit_logs
|
@@ -8967,7 +9706,7 @@ module Aws::SecurityHub
|
|
8967
9706
|
#
|
8968
9707
|
# @!attribute [rw] automated_update_date
|
8969
9708
|
# The epoch time when the deployment window closes for required
|
8970
|
-
# updates. After this time, Amazon
|
9709
|
+
# updates. After this time, Amazon OpenSearch Service schedules the
|
8971
9710
|
# software upgrade automatically.
|
8972
9711
|
# @return [String]
|
8973
9712
|
#
|
@@ -9010,7 +9749,7 @@ module Aws::SecurityHub
|
|
9010
9749
|
include Aws::Structure
|
9011
9750
|
end
|
9012
9751
|
|
9013
|
-
# Information that
|
9752
|
+
# Information that OpenSearch derives based on `VPCOptions` for the
|
9014
9753
|
# domain.
|
9015
9754
|
#
|
9016
9755
|
# @note When making an API call, you may pass AwsElasticsearchDomainVPCOptions
|
@@ -9766,6 +10505,33 @@ module Aws::SecurityHub
|
|
9766
10505
|
include Aws::Structure
|
9767
10506
|
end
|
9768
10507
|
|
10508
|
+
# A load balancer attribute.
|
10509
|
+
#
|
10510
|
+
# @note When making an API call, you may pass AwsElbv2LoadBalancerAttribute
|
10511
|
+
# data as a hash:
|
10512
|
+
#
|
10513
|
+
# {
|
10514
|
+
# key: "NonEmptyString",
|
10515
|
+
# value: "NonEmptyString",
|
10516
|
+
# }
|
10517
|
+
#
|
10518
|
+
# @!attribute [rw] key
|
10519
|
+
# The name of the load balancer attribute.
|
10520
|
+
# @return [String]
|
10521
|
+
#
|
10522
|
+
# @!attribute [rw] value
|
10523
|
+
# The value of the load balancer attribute.
|
10524
|
+
# @return [String]
|
10525
|
+
#
|
10526
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbv2LoadBalancerAttribute AWS API Documentation
|
10527
|
+
#
|
10528
|
+
class AwsElbv2LoadBalancerAttribute < Struct.new(
|
10529
|
+
:key,
|
10530
|
+
:value)
|
10531
|
+
SENSITIVE = []
|
10532
|
+
include Aws::Structure
|
10533
|
+
end
|
10534
|
+
|
9769
10535
|
# Information about a load balancer.
|
9770
10536
|
#
|
9771
10537
|
# @note When making an API call, you may pass AwsElbv2LoadBalancerDetails
|
@@ -9790,6 +10556,12 @@ module Aws::SecurityHub
|
|
9790
10556
|
# },
|
9791
10557
|
# type: "NonEmptyString",
|
9792
10558
|
# vpc_id: "NonEmptyString",
|
10559
|
+
# load_balancer_attributes: [
|
10560
|
+
# {
|
10561
|
+
# key: "NonEmptyString",
|
10562
|
+
# value: "NonEmptyString",
|
10563
|
+
# },
|
10564
|
+
# ],
|
9793
10565
|
# }
|
9794
10566
|
#
|
9795
10567
|
# @!attribute [rw] availability_zones
|
@@ -9844,6 +10616,10 @@ module Aws::SecurityHub
|
|
9844
10616
|
# The ID of the VPC for the load balancer.
|
9845
10617
|
# @return [String]
|
9846
10618
|
#
|
10619
|
+
# @!attribute [rw] load_balancer_attributes
|
10620
|
+
# Attributes of the load balancer.
|
10621
|
+
# @return [Array<Types::AwsElbv2LoadBalancerAttribute>]
|
10622
|
+
#
|
9847
10623
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbv2LoadBalancerDetails AWS API Documentation
|
9848
10624
|
#
|
9849
10625
|
class AwsElbv2LoadBalancerDetails < Struct.new(
|
@@ -9856,7 +10632,8 @@ module Aws::SecurityHub
|
|
9856
10632
|
:security_groups,
|
9857
10633
|
:state,
|
9858
10634
|
:type,
|
9859
|
-
:vpc_id
|
10635
|
+
:vpc_id,
|
10636
|
+
:load_balancer_attributes)
|
9860
10637
|
SENSITIVE = []
|
9861
10638
|
include Aws::Structure
|
9862
10639
|
end
|
@@ -11227,6 +12004,537 @@ module Aws::SecurityHub
|
|
11227
12004
|
include Aws::Structure
|
11228
12005
|
end
|
11229
12006
|
|
12007
|
+
# Details about the configuration of an OpenSearch cluster.
|
12008
|
+
#
|
12009
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainClusterConfigDetails
|
12010
|
+
# data as a hash:
|
12011
|
+
#
|
12012
|
+
# {
|
12013
|
+
# instance_count: 1,
|
12014
|
+
# warm_enabled: false,
|
12015
|
+
# warm_count: 1,
|
12016
|
+
# dedicated_master_enabled: false,
|
12017
|
+
# zone_awareness_config: {
|
12018
|
+
# availability_zone_count: 1,
|
12019
|
+
# },
|
12020
|
+
# dedicated_master_count: 1,
|
12021
|
+
# instance_type: "NonEmptyString",
|
12022
|
+
# warm_type: "NonEmptyString",
|
12023
|
+
# zone_awareness_enabled: false,
|
12024
|
+
# dedicated_master_type: "NonEmptyString",
|
12025
|
+
# }
|
12026
|
+
#
|
12027
|
+
# @!attribute [rw] instance_count
|
12028
|
+
# The number of data nodes to use in the OpenSearch domain.
|
12029
|
+
# @return [Integer]
|
12030
|
+
#
|
12031
|
+
# @!attribute [rw] warm_enabled
|
12032
|
+
# Whether UltraWarm is enabled.
|
12033
|
+
# @return [Boolean]
|
12034
|
+
#
|
12035
|
+
# @!attribute [rw] warm_count
|
12036
|
+
# The number of UltraWarm instances.
|
12037
|
+
# @return [Integer]
|
12038
|
+
#
|
12039
|
+
# @!attribute [rw] dedicated_master_enabled
|
12040
|
+
# Whether to use a dedicated master node for the OpenSearch domain. A
|
12041
|
+
# dedicated master node performs cluster management tasks, but does
|
12042
|
+
# not hold data or respond to data upload requests.
|
12043
|
+
# @return [Boolean]
|
12044
|
+
#
|
12045
|
+
# @!attribute [rw] zone_awareness_config
|
12046
|
+
# Configuration options for zone awareness. Provided if
|
12047
|
+
# `ZoneAwarenessEnabled` is `true`.
|
12048
|
+
# @return [Types::AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails]
|
12049
|
+
#
|
12050
|
+
# @!attribute [rw] dedicated_master_count
|
12051
|
+
# The number of instances to use for the master node. If this
|
12052
|
+
# attribute is specified, then `DedicatedMasterEnabled` must be
|
12053
|
+
# `true`.
|
12054
|
+
# @return [Integer]
|
12055
|
+
#
|
12056
|
+
# @!attribute [rw] instance_type
|
12057
|
+
# The instance type for your data nodes.
|
12058
|
+
# @return [String]
|
12059
|
+
#
|
12060
|
+
# @!attribute [rw] warm_type
|
12061
|
+
# The type of UltraWarm instance.
|
12062
|
+
# @return [String]
|
12063
|
+
#
|
12064
|
+
# @!attribute [rw] zone_awareness_enabled
|
12065
|
+
# Whether to enable zone awareness for the OpenSearch domain. When
|
12066
|
+
# zone awareness is enabled, OpenSearch Service allocates the
|
12067
|
+
# cluster's nodes and replica index shards across Availability Zones
|
12068
|
+
# (AZs) in the same Region. This prevents data loss and minimizes
|
12069
|
+
# downtime if a node or data center fails.
|
12070
|
+
# @return [Boolean]
|
12071
|
+
#
|
12072
|
+
# @!attribute [rw] dedicated_master_type
|
12073
|
+
# The hardware configuration of the computer that hosts the dedicated
|
12074
|
+
# master node.
|
12075
|
+
#
|
12076
|
+
# If this attribute is specified, then `DedicatedMasterEnabled` must
|
12077
|
+
# be `true`.
|
12078
|
+
# @return [String]
|
12079
|
+
#
|
12080
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainClusterConfigDetails AWS API Documentation
|
12081
|
+
#
|
12082
|
+
class AwsOpenSearchServiceDomainClusterConfigDetails < Struct.new(
|
12083
|
+
:instance_count,
|
12084
|
+
:warm_enabled,
|
12085
|
+
:warm_count,
|
12086
|
+
:dedicated_master_enabled,
|
12087
|
+
:zone_awareness_config,
|
12088
|
+
:dedicated_master_count,
|
12089
|
+
:instance_type,
|
12090
|
+
:warm_type,
|
12091
|
+
:zone_awareness_enabled,
|
12092
|
+
:dedicated_master_type)
|
12093
|
+
SENSITIVE = []
|
12094
|
+
include Aws::Structure
|
12095
|
+
end
|
12096
|
+
|
12097
|
+
# Configuration options for zone awareness.
|
12098
|
+
#
|
12099
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails
|
12100
|
+
# data as a hash:
|
12101
|
+
#
|
12102
|
+
# {
|
12103
|
+
# availability_zone_count: 1,
|
12104
|
+
# }
|
12105
|
+
#
|
12106
|
+
# @!attribute [rw] availability_zone_count
|
12107
|
+
# The number of Availability Zones that the domain uses. Valid values
|
12108
|
+
# are 2 and 3. The default is 2.
|
12109
|
+
# @return [Integer]
|
12110
|
+
#
|
12111
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails AWS API Documentation
|
12112
|
+
#
|
12113
|
+
class AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails < Struct.new(
|
12114
|
+
:availability_zone_count)
|
12115
|
+
SENSITIVE = []
|
12116
|
+
include Aws::Structure
|
12117
|
+
end
|
12118
|
+
|
12119
|
+
# Information about an Amazon OpenSearch Service domain.
|
12120
|
+
#
|
12121
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainDetails
|
12122
|
+
# data as a hash:
|
12123
|
+
#
|
12124
|
+
# {
|
12125
|
+
# arn: "NonEmptyString",
|
12126
|
+
# access_policies: "NonEmptyString",
|
12127
|
+
# domain_name: "NonEmptyString",
|
12128
|
+
# id: "NonEmptyString",
|
12129
|
+
# domain_endpoint: "NonEmptyString",
|
12130
|
+
# engine_version: "NonEmptyString",
|
12131
|
+
# encryption_at_rest_options: {
|
12132
|
+
# enabled: false,
|
12133
|
+
# kms_key_id: "NonEmptyString",
|
12134
|
+
# },
|
12135
|
+
# node_to_node_encryption_options: {
|
12136
|
+
# enabled: false,
|
12137
|
+
# },
|
12138
|
+
# service_software_options: {
|
12139
|
+
# automated_update_date: "NonEmptyString",
|
12140
|
+
# cancellable: false,
|
12141
|
+
# current_version: "NonEmptyString",
|
12142
|
+
# description: "NonEmptyString",
|
12143
|
+
# new_version: "NonEmptyString",
|
12144
|
+
# update_available: false,
|
12145
|
+
# update_status: "NonEmptyString",
|
12146
|
+
# optional_deployment: false,
|
12147
|
+
# },
|
12148
|
+
# cluster_config: {
|
12149
|
+
# instance_count: 1,
|
12150
|
+
# warm_enabled: false,
|
12151
|
+
# warm_count: 1,
|
12152
|
+
# dedicated_master_enabled: false,
|
12153
|
+
# zone_awareness_config: {
|
12154
|
+
# availability_zone_count: 1,
|
12155
|
+
# },
|
12156
|
+
# dedicated_master_count: 1,
|
12157
|
+
# instance_type: "NonEmptyString",
|
12158
|
+
# warm_type: "NonEmptyString",
|
12159
|
+
# zone_awareness_enabled: false,
|
12160
|
+
# dedicated_master_type: "NonEmptyString",
|
12161
|
+
# },
|
12162
|
+
# domain_endpoint_options: {
|
12163
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
12164
|
+
# custom_endpoint_enabled: false,
|
12165
|
+
# enforce_https: false,
|
12166
|
+
# custom_endpoint: "NonEmptyString",
|
12167
|
+
# tls_security_policy: "NonEmptyString",
|
12168
|
+
# },
|
12169
|
+
# vpc_options: {
|
12170
|
+
# security_group_ids: ["NonEmptyString"],
|
12171
|
+
# subnet_ids: ["NonEmptyString"],
|
12172
|
+
# },
|
12173
|
+
# log_publishing_options: {
|
12174
|
+
# index_slow_logs: {
|
12175
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12176
|
+
# enabled: false,
|
12177
|
+
# },
|
12178
|
+
# search_slow_logs: {
|
12179
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12180
|
+
# enabled: false,
|
12181
|
+
# },
|
12182
|
+
# audit_logs: {
|
12183
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12184
|
+
# enabled: false,
|
12185
|
+
# },
|
12186
|
+
# },
|
12187
|
+
# domain_endpoints: {
|
12188
|
+
# "NonEmptyString" => "NonEmptyString",
|
12189
|
+
# },
|
12190
|
+
# }
|
12191
|
+
#
|
12192
|
+
# @!attribute [rw] arn
|
12193
|
+
# The ARN of the OpenSearch Service domain.
|
12194
|
+
# @return [String]
|
12195
|
+
#
|
12196
|
+
# @!attribute [rw] access_policies
|
12197
|
+
# IAM policy document that specifies the access policies for the
|
12198
|
+
# OpenSearch Service domain.
|
12199
|
+
# @return [String]
|
12200
|
+
#
|
12201
|
+
# @!attribute [rw] domain_name
|
12202
|
+
# The name of the endpoint.
|
12203
|
+
# @return [String]
|
12204
|
+
#
|
12205
|
+
# @!attribute [rw] id
|
12206
|
+
# The identifier of the domain.
|
12207
|
+
# @return [String]
|
12208
|
+
#
|
12209
|
+
# @!attribute [rw] domain_endpoint
|
12210
|
+
# The domain endpoint.
|
12211
|
+
# @return [String]
|
12212
|
+
#
|
12213
|
+
# @!attribute [rw] engine_version
|
12214
|
+
# The version of the domain engine.
|
12215
|
+
# @return [String]
|
12216
|
+
#
|
12217
|
+
# @!attribute [rw] encryption_at_rest_options
|
12218
|
+
# Details about the configuration for encryption at rest.
|
12219
|
+
# @return [Types::AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails]
|
12220
|
+
#
|
12221
|
+
# @!attribute [rw] node_to_node_encryption_options
|
12222
|
+
# Details about the configuration for node-to-node encryption.
|
12223
|
+
# @return [Types::AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails]
|
12224
|
+
#
|
12225
|
+
# @!attribute [rw] service_software_options
|
12226
|
+
# Information about the status of a domain relative to the latest
|
12227
|
+
# service software.
|
12228
|
+
# @return [Types::AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails]
|
12229
|
+
#
|
12230
|
+
# @!attribute [rw] cluster_config
|
12231
|
+
# Details about the configuration of an OpenSearch cluster.
|
12232
|
+
# @return [Types::AwsOpenSearchServiceDomainClusterConfigDetails]
|
12233
|
+
#
|
12234
|
+
# @!attribute [rw] domain_endpoint_options
|
12235
|
+
# Additional options for the domain endpoint.
|
12236
|
+
# @return [Types::AwsOpenSearchServiceDomainDomainEndpointOptionsDetails]
|
12237
|
+
#
|
12238
|
+
# @!attribute [rw] vpc_options
|
12239
|
+
# Information that OpenSearch Service derives based on `VPCOptions`
|
12240
|
+
# for the domain.
|
12241
|
+
# @return [Types::AwsOpenSearchServiceDomainVpcOptionsDetails]
|
12242
|
+
#
|
12243
|
+
# @!attribute [rw] log_publishing_options
|
12244
|
+
# Configures the CloudWatch Logs to publish for the OpenSearch domain.
|
12245
|
+
# @return [Types::AwsOpenSearchServiceDomainLogPublishingOptionsDetails]
|
12246
|
+
#
|
12247
|
+
# @!attribute [rw] domain_endpoints
|
12248
|
+
# The domain endpoints. Used if the OpenSearch domain resides in a
|
12249
|
+
# VPC.
|
12250
|
+
#
|
12251
|
+
# This is a map of key-value pairs. The key is always `vpc`. The value
|
12252
|
+
# is the endpoint.
|
12253
|
+
# @return [Hash<String,String>]
|
12254
|
+
#
|
12255
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainDetails AWS API Documentation
|
12256
|
+
#
|
12257
|
+
class AwsOpenSearchServiceDomainDetails < Struct.new(
|
12258
|
+
:arn,
|
12259
|
+
:access_policies,
|
12260
|
+
:domain_name,
|
12261
|
+
:id,
|
12262
|
+
:domain_endpoint,
|
12263
|
+
:engine_version,
|
12264
|
+
:encryption_at_rest_options,
|
12265
|
+
:node_to_node_encryption_options,
|
12266
|
+
:service_software_options,
|
12267
|
+
:cluster_config,
|
12268
|
+
:domain_endpoint_options,
|
12269
|
+
:vpc_options,
|
12270
|
+
:log_publishing_options,
|
12271
|
+
:domain_endpoints)
|
12272
|
+
SENSITIVE = []
|
12273
|
+
include Aws::Structure
|
12274
|
+
end
|
12275
|
+
|
12276
|
+
# Information about additional options for the domain endpoint.
|
12277
|
+
#
|
12278
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainDomainEndpointOptionsDetails
|
12279
|
+
# data as a hash:
|
12280
|
+
#
|
12281
|
+
# {
|
12282
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
12283
|
+
# custom_endpoint_enabled: false,
|
12284
|
+
# enforce_https: false,
|
12285
|
+
# custom_endpoint: "NonEmptyString",
|
12286
|
+
# tls_security_policy: "NonEmptyString",
|
12287
|
+
# }
|
12288
|
+
#
|
12289
|
+
# @!attribute [rw] custom_endpoint_certificate_arn
|
12290
|
+
# The ARN for the security certificate. The certificate is managed in
|
12291
|
+
# ACM.
|
12292
|
+
# @return [String]
|
12293
|
+
#
|
12294
|
+
# @!attribute [rw] custom_endpoint_enabled
|
12295
|
+
# Whether to enable a custom endpoint for the domain.
|
12296
|
+
# @return [Boolean]
|
12297
|
+
#
|
12298
|
+
# @!attribute [rw] enforce_https
|
12299
|
+
# Whether to require that all traffic to the domain arrive over HTTPS.
|
12300
|
+
# @return [Boolean]
|
12301
|
+
#
|
12302
|
+
# @!attribute [rw] custom_endpoint
|
12303
|
+
# The fully qualified URL for the custom endpoint.
|
12304
|
+
# @return [String]
|
12305
|
+
#
|
12306
|
+
# @!attribute [rw] tls_security_policy
|
12307
|
+
# The TLS security policy to apply to the HTTPS endpoint of the
|
12308
|
+
# OpenSearch domain.
|
12309
|
+
# @return [String]
|
12310
|
+
#
|
12311
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainDomainEndpointOptionsDetails AWS API Documentation
|
12312
|
+
#
|
12313
|
+
class AwsOpenSearchServiceDomainDomainEndpointOptionsDetails < Struct.new(
|
12314
|
+
:custom_endpoint_certificate_arn,
|
12315
|
+
:custom_endpoint_enabled,
|
12316
|
+
:enforce_https,
|
12317
|
+
:custom_endpoint,
|
12318
|
+
:tls_security_policy)
|
12319
|
+
SENSITIVE = []
|
12320
|
+
include Aws::Structure
|
12321
|
+
end
|
12322
|
+
|
12323
|
+
# Details about the configuration for encryption at rest for the
|
12324
|
+
# OpenSearch domain.
|
12325
|
+
#
|
12326
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails
|
12327
|
+
# data as a hash:
|
12328
|
+
#
|
12329
|
+
# {
|
12330
|
+
# enabled: false,
|
12331
|
+
# kms_key_id: "NonEmptyString",
|
12332
|
+
# }
|
12333
|
+
#
|
12334
|
+
# @!attribute [rw] enabled
|
12335
|
+
# Whether encryption at rest is enabled.
|
12336
|
+
# @return [Boolean]
|
12337
|
+
#
|
12338
|
+
# @!attribute [rw] kms_key_id
|
12339
|
+
# The KMS key ID.
|
12340
|
+
# @return [String]
|
12341
|
+
#
|
12342
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails AWS API Documentation
|
12343
|
+
#
|
12344
|
+
class AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails < Struct.new(
|
12345
|
+
:enabled,
|
12346
|
+
:kms_key_id)
|
12347
|
+
SENSITIVE = []
|
12348
|
+
include Aws::Structure
|
12349
|
+
end
|
12350
|
+
|
12351
|
+
# Configuration details for a log publishing option.
|
12352
|
+
#
|
12353
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainLogPublishingOption
|
12354
|
+
# data as a hash:
|
12355
|
+
#
|
12356
|
+
# {
|
12357
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12358
|
+
# enabled: false,
|
12359
|
+
# }
|
12360
|
+
#
|
12361
|
+
# @!attribute [rw] cloud_watch_logs_log_group_arn
|
12362
|
+
# The ARN of the CloudWatch Logs group to publish the logs to.
|
12363
|
+
# @return [String]
|
12364
|
+
#
|
12365
|
+
# @!attribute [rw] enabled
|
12366
|
+
# Whether the log publishing is enabled.
|
12367
|
+
# @return [Boolean]
|
12368
|
+
#
|
12369
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainLogPublishingOption AWS API Documentation
|
12370
|
+
#
|
12371
|
+
class AwsOpenSearchServiceDomainLogPublishingOption < Struct.new(
|
12372
|
+
:cloud_watch_logs_log_group_arn,
|
12373
|
+
:enabled)
|
12374
|
+
SENSITIVE = []
|
12375
|
+
include Aws::Structure
|
12376
|
+
end
|
12377
|
+
|
12378
|
+
# Configures the CloudWatch Logs to publish for the OpenSearch domain.
|
12379
|
+
#
|
12380
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainLogPublishingOptionsDetails
|
12381
|
+
# data as a hash:
|
12382
|
+
#
|
12383
|
+
# {
|
12384
|
+
# index_slow_logs: {
|
12385
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12386
|
+
# enabled: false,
|
12387
|
+
# },
|
12388
|
+
# search_slow_logs: {
|
12389
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12390
|
+
# enabled: false,
|
12391
|
+
# },
|
12392
|
+
# audit_logs: {
|
12393
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
12394
|
+
# enabled: false,
|
12395
|
+
# },
|
12396
|
+
# }
|
12397
|
+
#
|
12398
|
+
# @!attribute [rw] index_slow_logs
|
12399
|
+
# Configures the OpenSearch index logs publishing.
|
12400
|
+
# @return [Types::AwsOpenSearchServiceDomainLogPublishingOption]
|
12401
|
+
#
|
12402
|
+
# @!attribute [rw] search_slow_logs
|
12403
|
+
# Configures the OpenSearch search slow log publishing.
|
12404
|
+
# @return [Types::AwsOpenSearchServiceDomainLogPublishingOption]
|
12405
|
+
#
|
12406
|
+
# @!attribute [rw] audit_logs
|
12407
|
+
# Configures the OpenSearch audit logs publishing.
|
12408
|
+
# @return [Types::AwsOpenSearchServiceDomainLogPublishingOption]
|
12409
|
+
#
|
12410
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainLogPublishingOptionsDetails AWS API Documentation
|
12411
|
+
#
|
12412
|
+
class AwsOpenSearchServiceDomainLogPublishingOptionsDetails < Struct.new(
|
12413
|
+
:index_slow_logs,
|
12414
|
+
:search_slow_logs,
|
12415
|
+
:audit_logs)
|
12416
|
+
SENSITIVE = []
|
12417
|
+
include Aws::Structure
|
12418
|
+
end
|
12419
|
+
|
12420
|
+
# Provides details about the configuration for node-to-node encryption.
|
12421
|
+
#
|
12422
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails
|
12423
|
+
# data as a hash:
|
12424
|
+
#
|
12425
|
+
# {
|
12426
|
+
# enabled: false,
|
12427
|
+
# }
|
12428
|
+
#
|
12429
|
+
# @!attribute [rw] enabled
|
12430
|
+
# Whether node-to-node encryption is enabled.
|
12431
|
+
# @return [Boolean]
|
12432
|
+
#
|
12433
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails AWS API Documentation
|
12434
|
+
#
|
12435
|
+
class AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails < Struct.new(
|
12436
|
+
:enabled)
|
12437
|
+
SENSITIVE = []
|
12438
|
+
include Aws::Structure
|
12439
|
+
end
|
12440
|
+
|
12441
|
+
# Provides information about the state of the domain relative to the
|
12442
|
+
# latest service software.
|
12443
|
+
#
|
12444
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails
|
12445
|
+
# data as a hash:
|
12446
|
+
#
|
12447
|
+
# {
|
12448
|
+
# automated_update_date: "NonEmptyString",
|
12449
|
+
# cancellable: false,
|
12450
|
+
# current_version: "NonEmptyString",
|
12451
|
+
# description: "NonEmptyString",
|
12452
|
+
# new_version: "NonEmptyString",
|
12453
|
+
# update_available: false,
|
12454
|
+
# update_status: "NonEmptyString",
|
12455
|
+
# optional_deployment: false,
|
12456
|
+
# }
|
12457
|
+
#
|
12458
|
+
# @!attribute [rw] automated_update_date
|
12459
|
+
# The epoch time when the deployment window closes for required
|
12460
|
+
# updates. After this time, OpenSearch Service schedules the software
|
12461
|
+
# upgrade automatically.
|
12462
|
+
# @return [String]
|
12463
|
+
#
|
12464
|
+
# @!attribute [rw] cancellable
|
12465
|
+
# Whether a request to update the domain can be canceled.
|
12466
|
+
# @return [Boolean]
|
12467
|
+
#
|
12468
|
+
# @!attribute [rw] current_version
|
12469
|
+
# The version of the service software that is currently installed on
|
12470
|
+
# the domain.
|
12471
|
+
# @return [String]
|
12472
|
+
#
|
12473
|
+
# @!attribute [rw] description
|
12474
|
+
# A more detailed description of the service software status.
|
12475
|
+
# @return [String]
|
12476
|
+
#
|
12477
|
+
# @!attribute [rw] new_version
|
12478
|
+
# The most recent version of the service software.
|
12479
|
+
# @return [String]
|
12480
|
+
#
|
12481
|
+
# @!attribute [rw] update_available
|
12482
|
+
# Whether a service software update is available for the domain.
|
12483
|
+
# @return [Boolean]
|
12484
|
+
#
|
12485
|
+
# @!attribute [rw] update_status
|
12486
|
+
# The status of the service software update.
|
12487
|
+
# @return [String]
|
12488
|
+
#
|
12489
|
+
# @!attribute [rw] optional_deployment
|
12490
|
+
# Whether the service software update is optional.
|
12491
|
+
# @return [Boolean]
|
12492
|
+
#
|
12493
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails AWS API Documentation
|
12494
|
+
#
|
12495
|
+
class AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails < Struct.new(
|
12496
|
+
:automated_update_date,
|
12497
|
+
:cancellable,
|
12498
|
+
:current_version,
|
12499
|
+
:description,
|
12500
|
+
:new_version,
|
12501
|
+
:update_available,
|
12502
|
+
:update_status,
|
12503
|
+
:optional_deployment)
|
12504
|
+
SENSITIVE = []
|
12505
|
+
include Aws::Structure
|
12506
|
+
end
|
12507
|
+
|
12508
|
+
# Contains information that OpenSearch Service derives based on the
|
12509
|
+
# `VPCOptions` for the domain.
|
12510
|
+
#
|
12511
|
+
# @note When making an API call, you may pass AwsOpenSearchServiceDomainVpcOptionsDetails
|
12512
|
+
# data as a hash:
|
12513
|
+
#
|
12514
|
+
# {
|
12515
|
+
# security_group_ids: ["NonEmptyString"],
|
12516
|
+
# subnet_ids: ["NonEmptyString"],
|
12517
|
+
# }
|
12518
|
+
#
|
12519
|
+
# @!attribute [rw] security_group_ids
|
12520
|
+
# The list of security group IDs that are associated with the VPC
|
12521
|
+
# endpoints for the domain.
|
12522
|
+
# @return [Array<String>]
|
12523
|
+
#
|
12524
|
+
# @!attribute [rw] subnet_ids
|
12525
|
+
# A list of subnet IDs that are associated with the VPC endpoints for
|
12526
|
+
# the domain.
|
12527
|
+
# @return [Array<String>]
|
12528
|
+
#
|
12529
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainVpcOptionsDetails AWS API Documentation
|
12530
|
+
#
|
12531
|
+
class AwsOpenSearchServiceDomainVpcOptionsDetails < Struct.new(
|
12532
|
+
:security_group_ids,
|
12533
|
+
:subnet_ids)
|
12534
|
+
SENSITIVE = []
|
12535
|
+
include Aws::Structure
|
12536
|
+
end
|
12537
|
+
|
11230
12538
|
# An IAM role that is associated with the Amazon RDS DB cluster.
|
11231
12539
|
#
|
11232
12540
|
# @note When making an API call, you may pass AwsRdsDbClusterAssociatedRole
|
@@ -14665,6 +15973,7 @@ module Aws::SecurityHub
|
|
14665
15973
|
# {
|
14666
15974
|
# owner_id: "NonEmptyString",
|
14667
15975
|
# owner_name: "NonEmptyString",
|
15976
|
+
# owner_account_id: "NonEmptyString",
|
14668
15977
|
# created_at: "NonEmptyString",
|
14669
15978
|
# server_side_encryption_configuration: {
|
14670
15979
|
# rules: [
|
@@ -14788,6 +16097,11 @@ module Aws::SecurityHub
|
|
14788
16097
|
# The display name of the owner of the S3 bucket.
|
14789
16098
|
# @return [String]
|
14790
16099
|
#
|
16100
|
+
# @!attribute [rw] owner_account_id
|
16101
|
+
# The Amazon Web Services account identifier of the account that owns
|
16102
|
+
# the S3 bucket.
|
16103
|
+
# @return [String]
|
16104
|
+
#
|
14791
16105
|
# @!attribute [rw] created_at
|
14792
16106
|
# Indicates when the S3 bucket was created.
|
14793
16107
|
#
|
@@ -14834,6 +16148,7 @@ module Aws::SecurityHub
|
|
14834
16148
|
class AwsS3BucketDetails < Struct.new(
|
14835
16149
|
:owner_id,
|
14836
16150
|
:owner_name,
|
16151
|
+
:owner_account_id,
|
14837
16152
|
:created_at,
|
14838
16153
|
:server_side_encryption_configuration,
|
14839
16154
|
:bucket_lifecycle_configuration,
|
@@ -15765,8 +17080,29 @@ module Aws::SecurityHub
|
|
15765
17080
|
# },
|
15766
17081
|
# aws_code_build_project: {
|
15767
17082
|
# encryption_key: "NonEmptyString",
|
17083
|
+
# artifacts: [
|
17084
|
+
# {
|
17085
|
+
# artifact_identifier: "NonEmptyString",
|
17086
|
+
# encryption_disabled: false,
|
17087
|
+
# location: "NonEmptyString",
|
17088
|
+
# name: "NonEmptyString",
|
17089
|
+
# namespace_type: "NonEmptyString",
|
17090
|
+
# override_artifact_name: false,
|
17091
|
+
# packaging: "NonEmptyString",
|
17092
|
+
# path: "NonEmptyString",
|
17093
|
+
# type: "NonEmptyString",
|
17094
|
+
# },
|
17095
|
+
# ],
|
15768
17096
|
# environment: {
|
15769
17097
|
# certificate: "NonEmptyString",
|
17098
|
+
# environment_variables: [
|
17099
|
+
# {
|
17100
|
+
# name: "NonEmptyString",
|
17101
|
+
# type: "NonEmptyString",
|
17102
|
+
# value: "NonEmptyString",
|
17103
|
+
# },
|
17104
|
+
# ],
|
17105
|
+
# privileged_mode: false,
|
15770
17106
|
# image_pull_credentials_type: "NonEmptyString",
|
15771
17107
|
# registry_credential: {
|
15772
17108
|
# credential: "NonEmptyString",
|
@@ -15782,6 +17118,18 @@ module Aws::SecurityHub
|
|
15782
17118
|
# insecure_ssl: false,
|
15783
17119
|
# },
|
15784
17120
|
# service_role: "NonEmptyString",
|
17121
|
+
# logs_config: {
|
17122
|
+
# cloud_watch_logs: {
|
17123
|
+
# group_name: "NonEmptyString",
|
17124
|
+
# status: "NonEmptyString",
|
17125
|
+
# stream_name: "NonEmptyString",
|
17126
|
+
# },
|
17127
|
+
# s3_logs: {
|
17128
|
+
# encryption_disabled: false,
|
17129
|
+
# location: "NonEmptyString",
|
17130
|
+
# status: "NonEmptyString",
|
17131
|
+
# },
|
17132
|
+
# },
|
15785
17133
|
# vpc_config: {
|
15786
17134
|
# vpc_id: "NonEmptyString",
|
15787
17135
|
# subnets: ["NonEmptyString"],
|
@@ -15833,6 +17181,15 @@ module Aws::SecurityHub
|
|
15833
17181
|
# },
|
15834
17182
|
# ],
|
15835
17183
|
# },
|
17184
|
+
# viewer_certificate: {
|
17185
|
+
# acm_certificate_arn: "NonEmptyString",
|
17186
|
+
# certificate: "NonEmptyString",
|
17187
|
+
# certificate_source: "NonEmptyString",
|
17188
|
+
# cloud_front_default_certificate: false,
|
17189
|
+
# iam_certificate_id: "NonEmptyString",
|
17190
|
+
# minimum_protocol_version: "NonEmptyString",
|
17191
|
+
# ssl_support_method: "NonEmptyString",
|
17192
|
+
# },
|
15836
17193
|
# status: "NonEmptyString",
|
15837
17194
|
# web_acl_id: "NonEmptyString",
|
15838
17195
|
# },
|
@@ -16071,6 +17428,12 @@ module Aws::SecurityHub
|
|
16071
17428
|
# },
|
16072
17429
|
# type: "NonEmptyString",
|
16073
17430
|
# vpc_id: "NonEmptyString",
|
17431
|
+
# load_balancer_attributes: [
|
17432
|
+
# {
|
17433
|
+
# key: "NonEmptyString",
|
17434
|
+
# value: "NonEmptyString",
|
17435
|
+
# },
|
17436
|
+
# ],
|
16074
17437
|
# },
|
16075
17438
|
# aws_elastic_beanstalk_environment: {
|
16076
17439
|
# application_name: "NonEmptyString",
|
@@ -16170,6 +17533,7 @@ module Aws::SecurityHub
|
|
16170
17533
|
# aws_s3_bucket: {
|
16171
17534
|
# owner_id: "NonEmptyString",
|
16172
17535
|
# owner_name: "NonEmptyString",
|
17536
|
+
# owner_account_id: "NonEmptyString",
|
16173
17537
|
# created_at: "NonEmptyString",
|
16174
17538
|
# server_side_encryption_configuration: {
|
16175
17539
|
# rules: [
|
@@ -17755,6 +19119,157 @@ module Aws::SecurityHub
|
|
17755
19119
|
# image_tags: ["NonEmptyString"],
|
17756
19120
|
# image_published_at: "NonEmptyString",
|
17757
19121
|
# },
|
19122
|
+
# aws_open_search_service_domain: {
|
19123
|
+
# arn: "NonEmptyString",
|
19124
|
+
# access_policies: "NonEmptyString",
|
19125
|
+
# domain_name: "NonEmptyString",
|
19126
|
+
# id: "NonEmptyString",
|
19127
|
+
# domain_endpoint: "NonEmptyString",
|
19128
|
+
# engine_version: "NonEmptyString",
|
19129
|
+
# encryption_at_rest_options: {
|
19130
|
+
# enabled: false,
|
19131
|
+
# kms_key_id: "NonEmptyString",
|
19132
|
+
# },
|
19133
|
+
# node_to_node_encryption_options: {
|
19134
|
+
# enabled: false,
|
19135
|
+
# },
|
19136
|
+
# service_software_options: {
|
19137
|
+
# automated_update_date: "NonEmptyString",
|
19138
|
+
# cancellable: false,
|
19139
|
+
# current_version: "NonEmptyString",
|
19140
|
+
# description: "NonEmptyString",
|
19141
|
+
# new_version: "NonEmptyString",
|
19142
|
+
# update_available: false,
|
19143
|
+
# update_status: "NonEmptyString",
|
19144
|
+
# optional_deployment: false,
|
19145
|
+
# },
|
19146
|
+
# cluster_config: {
|
19147
|
+
# instance_count: 1,
|
19148
|
+
# warm_enabled: false,
|
19149
|
+
# warm_count: 1,
|
19150
|
+
# dedicated_master_enabled: false,
|
19151
|
+
# zone_awareness_config: {
|
19152
|
+
# availability_zone_count: 1,
|
19153
|
+
# },
|
19154
|
+
# dedicated_master_count: 1,
|
19155
|
+
# instance_type: "NonEmptyString",
|
19156
|
+
# warm_type: "NonEmptyString",
|
19157
|
+
# zone_awareness_enabled: false,
|
19158
|
+
# dedicated_master_type: "NonEmptyString",
|
19159
|
+
# },
|
19160
|
+
# domain_endpoint_options: {
|
19161
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
19162
|
+
# custom_endpoint_enabled: false,
|
19163
|
+
# enforce_https: false,
|
19164
|
+
# custom_endpoint: "NonEmptyString",
|
19165
|
+
# tls_security_policy: "NonEmptyString",
|
19166
|
+
# },
|
19167
|
+
# vpc_options: {
|
19168
|
+
# security_group_ids: ["NonEmptyString"],
|
19169
|
+
# subnet_ids: ["NonEmptyString"],
|
19170
|
+
# },
|
19171
|
+
# log_publishing_options: {
|
19172
|
+
# index_slow_logs: {
|
19173
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
19174
|
+
# enabled: false,
|
19175
|
+
# },
|
19176
|
+
# search_slow_logs: {
|
19177
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
19178
|
+
# enabled: false,
|
19179
|
+
# },
|
19180
|
+
# audit_logs: {
|
19181
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
19182
|
+
# enabled: false,
|
19183
|
+
# },
|
19184
|
+
# },
|
19185
|
+
# domain_endpoints: {
|
19186
|
+
# "NonEmptyString" => "NonEmptyString",
|
19187
|
+
# },
|
19188
|
+
# },
|
19189
|
+
# aws_ec2_vpc_endpoint_service: {
|
19190
|
+
# acceptance_required: false,
|
19191
|
+
# availability_zones: ["NonEmptyString"],
|
19192
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
19193
|
+
# manages_vpc_endpoints: false,
|
19194
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
19195
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
19196
|
+
# private_dns_name: "NonEmptyString",
|
19197
|
+
# service_id: "NonEmptyString",
|
19198
|
+
# service_name: "NonEmptyString",
|
19199
|
+
# service_state: "NonEmptyString",
|
19200
|
+
# service_type: [
|
19201
|
+
# {
|
19202
|
+
# service_type: "NonEmptyString",
|
19203
|
+
# },
|
19204
|
+
# ],
|
19205
|
+
# },
|
19206
|
+
# aws_xray_encryption_config: {
|
19207
|
+
# key_id: "NonEmptyString",
|
19208
|
+
# status: "NonEmptyString",
|
19209
|
+
# type: "NonEmptyString",
|
19210
|
+
# },
|
19211
|
+
# aws_waf_rate_based_rule: {
|
19212
|
+
# metric_name: "NonEmptyString",
|
19213
|
+
# name: "NonEmptyString",
|
19214
|
+
# rate_key: "NonEmptyString",
|
19215
|
+
# rate_limit: 1,
|
19216
|
+
# rule_id: "NonEmptyString",
|
19217
|
+
# match_predicates: [
|
19218
|
+
# {
|
19219
|
+
# data_id: "NonEmptyString",
|
19220
|
+
# negated: false,
|
19221
|
+
# type: "NonEmptyString",
|
19222
|
+
# },
|
19223
|
+
# ],
|
19224
|
+
# },
|
19225
|
+
# aws_waf_regional_rate_based_rule: {
|
19226
|
+
# metric_name: "NonEmptyString",
|
19227
|
+
# name: "NonEmptyString",
|
19228
|
+
# rate_key: "NonEmptyString",
|
19229
|
+
# rate_limit: 1,
|
19230
|
+
# rule_id: "NonEmptyString",
|
19231
|
+
# match_predicates: [
|
19232
|
+
# {
|
19233
|
+
# data_id: "NonEmptyString",
|
19234
|
+
# negated: false,
|
19235
|
+
# type: "NonEmptyString",
|
19236
|
+
# },
|
19237
|
+
# ],
|
19238
|
+
# },
|
19239
|
+
# aws_ecr_repository: {
|
19240
|
+
# arn: "NonEmptyString",
|
19241
|
+
# image_scanning_configuration: {
|
19242
|
+
# scan_on_push: false,
|
19243
|
+
# },
|
19244
|
+
# image_tag_mutability: "NonEmptyString",
|
19245
|
+
# lifecycle_policy: {
|
19246
|
+
# lifecycle_policy_text: "NonEmptyString",
|
19247
|
+
# registry_id: "NonEmptyString",
|
19248
|
+
# },
|
19249
|
+
# repository_name: "NonEmptyString",
|
19250
|
+
# repository_policy_text: "NonEmptyString",
|
19251
|
+
# },
|
19252
|
+
# aws_eks_cluster: {
|
19253
|
+
# arn: "NonEmptyString",
|
19254
|
+
# certificate_authority_data: "NonEmptyString",
|
19255
|
+
# cluster_status: "NonEmptyString",
|
19256
|
+
# endpoint: "NonEmptyString",
|
19257
|
+
# name: "NonEmptyString",
|
19258
|
+
# resources_vpc_config: {
|
19259
|
+
# security_group_ids: ["NonEmptyString"],
|
19260
|
+
# subnet_ids: ["NonEmptyString"],
|
19261
|
+
# },
|
19262
|
+
# role_arn: "NonEmptyString",
|
19263
|
+
# version: "NonEmptyString",
|
19264
|
+
# logging: {
|
19265
|
+
# cluster_logging: [
|
19266
|
+
# {
|
19267
|
+
# enabled: false,
|
19268
|
+
# types: ["NonEmptyString"],
|
19269
|
+
# },
|
19270
|
+
# ],
|
19271
|
+
# },
|
19272
|
+
# },
|
17758
19273
|
# },
|
17759
19274
|
# },
|
17760
19275
|
# ],
|
@@ -19775,85 +21290,292 @@ module Aws::SecurityHub
|
|
19775
21290
|
include Aws::Structure
|
19776
21291
|
end
|
19777
21292
|
|
19778
|
-
# Provides details about the compliance for a patch.
|
21293
|
+
# Provides details about the compliance for a patch.
|
21294
|
+
#
|
21295
|
+
# @note When making an API call, you may pass AwsSsmPatch
|
21296
|
+
# data as a hash:
|
21297
|
+
#
|
21298
|
+
# {
|
21299
|
+
# compliance_summary: {
|
21300
|
+
# status: "NonEmptyString",
|
21301
|
+
# compliant_critical_count: 1,
|
21302
|
+
# compliant_high_count: 1,
|
21303
|
+
# compliant_medium_count: 1,
|
21304
|
+
# execution_type: "NonEmptyString",
|
21305
|
+
# non_compliant_critical_count: 1,
|
21306
|
+
# compliant_informational_count: 1,
|
21307
|
+
# non_compliant_informational_count: 1,
|
21308
|
+
# compliant_unspecified_count: 1,
|
21309
|
+
# non_compliant_low_count: 1,
|
21310
|
+
# non_compliant_high_count: 1,
|
21311
|
+
# compliant_low_count: 1,
|
21312
|
+
# compliance_type: "NonEmptyString",
|
21313
|
+
# patch_baseline_id: "NonEmptyString",
|
21314
|
+
# overall_severity: "NonEmptyString",
|
21315
|
+
# non_compliant_medium_count: 1,
|
21316
|
+
# non_compliant_unspecified_count: 1,
|
21317
|
+
# patch_group: "NonEmptyString",
|
21318
|
+
# },
|
21319
|
+
# }
|
21320
|
+
#
|
21321
|
+
# @!attribute [rw] compliance_summary
|
21322
|
+
# The compliance status details for the patch.
|
21323
|
+
# @return [Types::AwsSsmComplianceSummary]
|
21324
|
+
#
|
21325
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatch AWS API Documentation
|
21326
|
+
#
|
21327
|
+
class AwsSsmPatch < Struct.new(
|
21328
|
+
:compliance_summary)
|
21329
|
+
SENSITIVE = []
|
21330
|
+
include Aws::Structure
|
21331
|
+
end
|
21332
|
+
|
21333
|
+
# Provides information about the state of a patch on an instance based
|
21334
|
+
# on the patch baseline that was used to patch the instance.
|
21335
|
+
#
|
21336
|
+
# @note When making an API call, you may pass AwsSsmPatchComplianceDetails
|
21337
|
+
# data as a hash:
|
21338
|
+
#
|
21339
|
+
# {
|
21340
|
+
# patch: {
|
21341
|
+
# compliance_summary: {
|
21342
|
+
# status: "NonEmptyString",
|
21343
|
+
# compliant_critical_count: 1,
|
21344
|
+
# compliant_high_count: 1,
|
21345
|
+
# compliant_medium_count: 1,
|
21346
|
+
# execution_type: "NonEmptyString",
|
21347
|
+
# non_compliant_critical_count: 1,
|
21348
|
+
# compliant_informational_count: 1,
|
21349
|
+
# non_compliant_informational_count: 1,
|
21350
|
+
# compliant_unspecified_count: 1,
|
21351
|
+
# non_compliant_low_count: 1,
|
21352
|
+
# non_compliant_high_count: 1,
|
21353
|
+
# compliant_low_count: 1,
|
21354
|
+
# compliance_type: "NonEmptyString",
|
21355
|
+
# patch_baseline_id: "NonEmptyString",
|
21356
|
+
# overall_severity: "NonEmptyString",
|
21357
|
+
# non_compliant_medium_count: 1,
|
21358
|
+
# non_compliant_unspecified_count: 1,
|
21359
|
+
# patch_group: "NonEmptyString",
|
21360
|
+
# },
|
21361
|
+
# },
|
21362
|
+
# }
|
21363
|
+
#
|
21364
|
+
# @!attribute [rw] patch
|
21365
|
+
# Information about the status of a patch.
|
21366
|
+
# @return [Types::AwsSsmPatch]
|
21367
|
+
#
|
21368
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSsmPatchComplianceDetails AWS API Documentation
|
21369
|
+
#
|
21370
|
+
class AwsSsmPatchComplianceDetails < Struct.new(
|
21371
|
+
:patch)
|
21372
|
+
SENSITIVE = []
|
21373
|
+
include Aws::Structure
|
21374
|
+
end
|
21375
|
+
|
21376
|
+
# Details about a rate-based rule for global resources. A rate-based
|
21377
|
+
# rule provides settings to indicate when to allow, block, or count a
|
21378
|
+
# request. Rate-based rules include the number of requests that arrive
|
21379
|
+
# over a specified period of time.
|
21380
|
+
#
|
21381
|
+
# @note When making an API call, you may pass AwsWafRateBasedRuleDetails
|
21382
|
+
# data as a hash:
|
21383
|
+
#
|
21384
|
+
# {
|
21385
|
+
# metric_name: "NonEmptyString",
|
21386
|
+
# name: "NonEmptyString",
|
21387
|
+
# rate_key: "NonEmptyString",
|
21388
|
+
# rate_limit: 1,
|
21389
|
+
# rule_id: "NonEmptyString",
|
21390
|
+
# match_predicates: [
|
21391
|
+
# {
|
21392
|
+
# data_id: "NonEmptyString",
|
21393
|
+
# negated: false,
|
21394
|
+
# type: "NonEmptyString",
|
21395
|
+
# },
|
21396
|
+
# ],
|
21397
|
+
# }
|
21398
|
+
#
|
21399
|
+
# @!attribute [rw] metric_name
|
21400
|
+
# The name of the metrics for the rate-based rule.
|
21401
|
+
# @return [String]
|
21402
|
+
#
|
21403
|
+
# @!attribute [rw] name
|
21404
|
+
# The name of the rate-based rule.
|
21405
|
+
# @return [String]
|
21406
|
+
#
|
21407
|
+
# @!attribute [rw] rate_key
|
21408
|
+
# The field that WAF uses to determine whether requests are likely
|
21409
|
+
# arriving from single source and are subject to rate monitoring.
|
21410
|
+
# @return [String]
|
21411
|
+
#
|
21412
|
+
# @!attribute [rw] rate_limit
|
21413
|
+
# The maximum number of requests that have an identical value for the
|
21414
|
+
# field specified in `RateKey` that are allowed within a five-minute
|
21415
|
+
# period. If the number of requests exceeds `RateLimit` and the other
|
21416
|
+
# predicates specified in the rule are met, WAF triggers the action
|
21417
|
+
# for the rule.
|
21418
|
+
# @return [Integer]
|
21419
|
+
#
|
21420
|
+
# @!attribute [rw] rule_id
|
21421
|
+
# The unique identifier for the rate-based rule.
|
21422
|
+
# @return [String]
|
21423
|
+
#
|
21424
|
+
# @!attribute [rw] match_predicates
|
21425
|
+
# The predicates to include in the rate-based rule.
|
21426
|
+
# @return [Array<Types::AwsWafRateBasedRuleMatchPredicate>]
|
21427
|
+
#
|
21428
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRateBasedRuleDetails AWS API Documentation
|
21429
|
+
#
|
21430
|
+
class AwsWafRateBasedRuleDetails < Struct.new(
|
21431
|
+
:metric_name,
|
21432
|
+
:name,
|
21433
|
+
:rate_key,
|
21434
|
+
:rate_limit,
|
21435
|
+
:rule_id,
|
21436
|
+
:match_predicates)
|
21437
|
+
SENSITIVE = []
|
21438
|
+
include Aws::Structure
|
21439
|
+
end
|
21440
|
+
|
21441
|
+
# A match predicate. A predicate might look for characteristics such as
|
21442
|
+
# specific IP addresses, geographic locations, or sizes.
|
21443
|
+
#
|
21444
|
+
# @note When making an API call, you may pass AwsWafRateBasedRuleMatchPredicate
|
21445
|
+
# data as a hash:
|
21446
|
+
#
|
21447
|
+
# {
|
21448
|
+
# data_id: "NonEmptyString",
|
21449
|
+
# negated: false,
|
21450
|
+
# type: "NonEmptyString",
|
21451
|
+
# }
|
21452
|
+
#
|
21453
|
+
# @!attribute [rw] data_id
|
21454
|
+
# The unique identifier for the predicate.
|
21455
|
+
# @return [String]
|
21456
|
+
#
|
21457
|
+
# @!attribute [rw] negated
|
21458
|
+
# If set to `true`, then the rule actions are performed on requests
|
21459
|
+
# that match the predicate settings.
|
21460
|
+
#
|
21461
|
+
# If set to `false`, then the rule actions are performed on all
|
21462
|
+
# requests except those that match the predicate settings.
|
21463
|
+
# @return [Boolean]
|
21464
|
+
#
|
21465
|
+
# @!attribute [rw] type
|
21466
|
+
# The type of predicate.
|
21467
|
+
# @return [String]
|
21468
|
+
#
|
21469
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRateBasedRuleMatchPredicate AWS API Documentation
|
21470
|
+
#
|
21471
|
+
class AwsWafRateBasedRuleMatchPredicate < Struct.new(
|
21472
|
+
:data_id,
|
21473
|
+
:negated,
|
21474
|
+
:type)
|
21475
|
+
SENSITIVE = []
|
21476
|
+
include Aws::Structure
|
21477
|
+
end
|
21478
|
+
|
21479
|
+
# contains details about a rate-based rule for Regional resources. A
|
21480
|
+
# rate-based rule provides settings to indicate when to allow, block, or
|
21481
|
+
# count a request. Rate-based rules include the number of requests that
|
21482
|
+
# arrive over a specified period of time.
|
19779
21483
|
#
|
19780
|
-
# @note When making an API call, you may pass
|
21484
|
+
# @note When making an API call, you may pass AwsWafRegionalRateBasedRuleDetails
|
19781
21485
|
# data as a hash:
|
19782
21486
|
#
|
19783
21487
|
# {
|
19784
|
-
#
|
19785
|
-
#
|
19786
|
-
#
|
19787
|
-
#
|
19788
|
-
#
|
19789
|
-
#
|
19790
|
-
#
|
19791
|
-
#
|
19792
|
-
#
|
19793
|
-
#
|
19794
|
-
#
|
19795
|
-
#
|
19796
|
-
# compliant_low_count: 1,
|
19797
|
-
# compliance_type: "NonEmptyString",
|
19798
|
-
# patch_baseline_id: "NonEmptyString",
|
19799
|
-
# overall_severity: "NonEmptyString",
|
19800
|
-
# non_compliant_medium_count: 1,
|
19801
|
-
# non_compliant_unspecified_count: 1,
|
19802
|
-
# patch_group: "NonEmptyString",
|
19803
|
-
# },
|
21488
|
+
# metric_name: "NonEmptyString",
|
21489
|
+
# name: "NonEmptyString",
|
21490
|
+
# rate_key: "NonEmptyString",
|
21491
|
+
# rate_limit: 1,
|
21492
|
+
# rule_id: "NonEmptyString",
|
21493
|
+
# match_predicates: [
|
21494
|
+
# {
|
21495
|
+
# data_id: "NonEmptyString",
|
21496
|
+
# negated: false,
|
21497
|
+
# type: "NonEmptyString",
|
21498
|
+
# },
|
21499
|
+
# ],
|
19804
21500
|
# }
|
19805
21501
|
#
|
19806
|
-
# @!attribute [rw]
|
19807
|
-
# The
|
19808
|
-
# @return [
|
21502
|
+
# @!attribute [rw] metric_name
|
21503
|
+
# The name of the metrics for the rate-based rule.
|
21504
|
+
# @return [String]
|
19809
21505
|
#
|
19810
|
-
#
|
21506
|
+
# @!attribute [rw] name
|
21507
|
+
# The name of the rate-based rule.
|
21508
|
+
# @return [String]
|
19811
21509
|
#
|
19812
|
-
|
19813
|
-
|
21510
|
+
# @!attribute [rw] rate_key
|
21511
|
+
# The field that WAF uses to determine whether requests are likely
|
21512
|
+
# arriving from single source and are subject to rate monitoring.
|
21513
|
+
# @return [String]
|
21514
|
+
#
|
21515
|
+
# @!attribute [rw] rate_limit
|
21516
|
+
# The maximum number of requests that have an identical value for the
|
21517
|
+
# field specified in `RateKey` that are allowed within a five-minute
|
21518
|
+
# period. If the number of requests exceeds `RateLimit` and the other
|
21519
|
+
# predicates specified in the rule are met, WAF triggers the action
|
21520
|
+
# for the rule.
|
21521
|
+
# @return [Integer]
|
21522
|
+
#
|
21523
|
+
# @!attribute [rw] rule_id
|
21524
|
+
# The unique identifier for the rate-based rule.
|
21525
|
+
# @return [String]
|
21526
|
+
#
|
21527
|
+
# @!attribute [rw] match_predicates
|
21528
|
+
# The predicates to include in the rate-based rule.
|
21529
|
+
# @return [Array<Types::AwsWafRegionalRateBasedRuleMatchPredicate>]
|
21530
|
+
#
|
21531
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRegionalRateBasedRuleDetails AWS API Documentation
|
21532
|
+
#
|
21533
|
+
class AwsWafRegionalRateBasedRuleDetails < Struct.new(
|
21534
|
+
:metric_name,
|
21535
|
+
:name,
|
21536
|
+
:rate_key,
|
21537
|
+
:rate_limit,
|
21538
|
+
:rule_id,
|
21539
|
+
:match_predicates)
|
19814
21540
|
SENSITIVE = []
|
19815
21541
|
include Aws::Structure
|
19816
21542
|
end
|
19817
21543
|
|
19818
|
-
#
|
19819
|
-
#
|
21544
|
+
# Details for a match predicate. A predicate might look for
|
21545
|
+
# characteristics such as specific IP addresses, geographic locations,
|
21546
|
+
# or sizes.
|
19820
21547
|
#
|
19821
|
-
# @note When making an API call, you may pass
|
21548
|
+
# @note When making an API call, you may pass AwsWafRegionalRateBasedRuleMatchPredicate
|
19822
21549
|
# data as a hash:
|
19823
21550
|
#
|
19824
21551
|
# {
|
19825
|
-
#
|
19826
|
-
#
|
19827
|
-
#
|
19828
|
-
# compliant_critical_count: 1,
|
19829
|
-
# compliant_high_count: 1,
|
19830
|
-
# compliant_medium_count: 1,
|
19831
|
-
# execution_type: "NonEmptyString",
|
19832
|
-
# non_compliant_critical_count: 1,
|
19833
|
-
# compliant_informational_count: 1,
|
19834
|
-
# non_compliant_informational_count: 1,
|
19835
|
-
# compliant_unspecified_count: 1,
|
19836
|
-
# non_compliant_low_count: 1,
|
19837
|
-
# non_compliant_high_count: 1,
|
19838
|
-
# compliant_low_count: 1,
|
19839
|
-
# compliance_type: "NonEmptyString",
|
19840
|
-
# patch_baseline_id: "NonEmptyString",
|
19841
|
-
# overall_severity: "NonEmptyString",
|
19842
|
-
# non_compliant_medium_count: 1,
|
19843
|
-
# non_compliant_unspecified_count: 1,
|
19844
|
-
# patch_group: "NonEmptyString",
|
19845
|
-
# },
|
19846
|
-
# },
|
21552
|
+
# data_id: "NonEmptyString",
|
21553
|
+
# negated: false,
|
21554
|
+
# type: "NonEmptyString",
|
19847
21555
|
# }
|
19848
21556
|
#
|
19849
|
-
# @!attribute [rw]
|
19850
|
-
#
|
19851
|
-
# @return [
|
21557
|
+
# @!attribute [rw] data_id
|
21558
|
+
# The unique identifier for the predicate.
|
21559
|
+
# @return [String]
|
19852
21560
|
#
|
19853
|
-
#
|
21561
|
+
# @!attribute [rw] negated
|
21562
|
+
# If set to `true`, then the rule actions are performed on requests
|
21563
|
+
# that match the predicate settings.
|
19854
21564
|
#
|
19855
|
-
|
19856
|
-
|
21565
|
+
# If set to `false`, then the rule actions are performed on all
|
21566
|
+
# requests except those that match the predicate settings.
|
21567
|
+
# @return [Boolean]
|
21568
|
+
#
|
21569
|
+
# @!attribute [rw] type
|
21570
|
+
# The type of predicate.
|
21571
|
+
# @return [String]
|
21572
|
+
#
|
21573
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRegionalRateBasedRuleMatchPredicate AWS API Documentation
|
21574
|
+
#
|
21575
|
+
class AwsWafRegionalRateBasedRuleMatchPredicate < Struct.new(
|
21576
|
+
:data_id,
|
21577
|
+
:negated,
|
21578
|
+
:type)
|
19857
21579
|
SENSITIVE = []
|
19858
21580
|
include Aws::Structure
|
19859
21581
|
end
|
@@ -20001,6 +21723,42 @@ module Aws::SecurityHub
|
|
20001
21723
|
include Aws::Structure
|
20002
21724
|
end
|
20003
21725
|
|
21726
|
+
# Information about the encryption configuration for X-Ray.
|
21727
|
+
#
|
21728
|
+
# @note When making an API call, you may pass AwsXrayEncryptionConfigDetails
|
21729
|
+
# data as a hash:
|
21730
|
+
#
|
21731
|
+
# {
|
21732
|
+
# key_id: "NonEmptyString",
|
21733
|
+
# status: "NonEmptyString",
|
21734
|
+
# type: "NonEmptyString",
|
21735
|
+
# }
|
21736
|
+
#
|
21737
|
+
# @!attribute [rw] key_id
|
21738
|
+
# The identifier of the KMS key that is used for encryption. Provided
|
21739
|
+
# if `Type` is `KMS`.
|
21740
|
+
# @return [String]
|
21741
|
+
#
|
21742
|
+
# @!attribute [rw] status
|
21743
|
+
# The current status of the encryption configuration. When `Status` is
|
21744
|
+
# `UPDATING`, X-Ray might use both the old and new encryption.
|
21745
|
+
# @return [String]
|
21746
|
+
#
|
21747
|
+
# @!attribute [rw] type
|
21748
|
+
# The type of encryption. `KMS` indicates that the encryption uses KMS
|
21749
|
+
# keys. `NONE` indicates to use the default encryption.
|
21750
|
+
# @return [String]
|
21751
|
+
#
|
21752
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsXrayEncryptionConfigDetails AWS API Documentation
|
21753
|
+
#
|
21754
|
+
class AwsXrayEncryptionConfigDetails < Struct.new(
|
21755
|
+
:key_id,
|
21756
|
+
:status,
|
21757
|
+
:type)
|
21758
|
+
SENSITIVE = []
|
21759
|
+
include Aws::Structure
|
21760
|
+
end
|
21761
|
+
|
20004
21762
|
# @note When making an API call, you may pass BatchDisableStandardsRequest
|
20005
21763
|
# data as a hash:
|
20006
21764
|
#
|
@@ -20347,8 +22105,29 @@ module Aws::SecurityHub
|
|
20347
22105
|
# },
|
20348
22106
|
# aws_code_build_project: {
|
20349
22107
|
# encryption_key: "NonEmptyString",
|
22108
|
+
# artifacts: [
|
22109
|
+
# {
|
22110
|
+
# artifact_identifier: "NonEmptyString",
|
22111
|
+
# encryption_disabled: false,
|
22112
|
+
# location: "NonEmptyString",
|
22113
|
+
# name: "NonEmptyString",
|
22114
|
+
# namespace_type: "NonEmptyString",
|
22115
|
+
# override_artifact_name: false,
|
22116
|
+
# packaging: "NonEmptyString",
|
22117
|
+
# path: "NonEmptyString",
|
22118
|
+
# type: "NonEmptyString",
|
22119
|
+
# },
|
22120
|
+
# ],
|
20350
22121
|
# environment: {
|
20351
22122
|
# certificate: "NonEmptyString",
|
22123
|
+
# environment_variables: [
|
22124
|
+
# {
|
22125
|
+
# name: "NonEmptyString",
|
22126
|
+
# type: "NonEmptyString",
|
22127
|
+
# value: "NonEmptyString",
|
22128
|
+
# },
|
22129
|
+
# ],
|
22130
|
+
# privileged_mode: false,
|
20352
22131
|
# image_pull_credentials_type: "NonEmptyString",
|
20353
22132
|
# registry_credential: {
|
20354
22133
|
# credential: "NonEmptyString",
|
@@ -20364,6 +22143,18 @@ module Aws::SecurityHub
|
|
20364
22143
|
# insecure_ssl: false,
|
20365
22144
|
# },
|
20366
22145
|
# service_role: "NonEmptyString",
|
22146
|
+
# logs_config: {
|
22147
|
+
# cloud_watch_logs: {
|
22148
|
+
# group_name: "NonEmptyString",
|
22149
|
+
# status: "NonEmptyString",
|
22150
|
+
# stream_name: "NonEmptyString",
|
22151
|
+
# },
|
22152
|
+
# s3_logs: {
|
22153
|
+
# encryption_disabled: false,
|
22154
|
+
# location: "NonEmptyString",
|
22155
|
+
# status: "NonEmptyString",
|
22156
|
+
# },
|
22157
|
+
# },
|
20367
22158
|
# vpc_config: {
|
20368
22159
|
# vpc_id: "NonEmptyString",
|
20369
22160
|
# subnets: ["NonEmptyString"],
|
@@ -20415,6 +22206,15 @@ module Aws::SecurityHub
|
|
20415
22206
|
# },
|
20416
22207
|
# ],
|
20417
22208
|
# },
|
22209
|
+
# viewer_certificate: {
|
22210
|
+
# acm_certificate_arn: "NonEmptyString",
|
22211
|
+
# certificate: "NonEmptyString",
|
22212
|
+
# certificate_source: "NonEmptyString",
|
22213
|
+
# cloud_front_default_certificate: false,
|
22214
|
+
# iam_certificate_id: "NonEmptyString",
|
22215
|
+
# minimum_protocol_version: "NonEmptyString",
|
22216
|
+
# ssl_support_method: "NonEmptyString",
|
22217
|
+
# },
|
20418
22218
|
# status: "NonEmptyString",
|
20419
22219
|
# web_acl_id: "NonEmptyString",
|
20420
22220
|
# },
|
@@ -20653,6 +22453,12 @@ module Aws::SecurityHub
|
|
20653
22453
|
# },
|
20654
22454
|
# type: "NonEmptyString",
|
20655
22455
|
# vpc_id: "NonEmptyString",
|
22456
|
+
# load_balancer_attributes: [
|
22457
|
+
# {
|
22458
|
+
# key: "NonEmptyString",
|
22459
|
+
# value: "NonEmptyString",
|
22460
|
+
# },
|
22461
|
+
# ],
|
20656
22462
|
# },
|
20657
22463
|
# aws_elastic_beanstalk_environment: {
|
20658
22464
|
# application_name: "NonEmptyString",
|
@@ -20752,6 +22558,7 @@ module Aws::SecurityHub
|
|
20752
22558
|
# aws_s3_bucket: {
|
20753
22559
|
# owner_id: "NonEmptyString",
|
20754
22560
|
# owner_name: "NonEmptyString",
|
22561
|
+
# owner_account_id: "NonEmptyString",
|
20755
22562
|
# created_at: "NonEmptyString",
|
20756
22563
|
# server_side_encryption_configuration: {
|
20757
22564
|
# rules: [
|
@@ -22337,6 +24144,157 @@ module Aws::SecurityHub
|
|
22337
24144
|
# image_tags: ["NonEmptyString"],
|
22338
24145
|
# image_published_at: "NonEmptyString",
|
22339
24146
|
# },
|
24147
|
+
# aws_open_search_service_domain: {
|
24148
|
+
# arn: "NonEmptyString",
|
24149
|
+
# access_policies: "NonEmptyString",
|
24150
|
+
# domain_name: "NonEmptyString",
|
24151
|
+
# id: "NonEmptyString",
|
24152
|
+
# domain_endpoint: "NonEmptyString",
|
24153
|
+
# engine_version: "NonEmptyString",
|
24154
|
+
# encryption_at_rest_options: {
|
24155
|
+
# enabled: false,
|
24156
|
+
# kms_key_id: "NonEmptyString",
|
24157
|
+
# },
|
24158
|
+
# node_to_node_encryption_options: {
|
24159
|
+
# enabled: false,
|
24160
|
+
# },
|
24161
|
+
# service_software_options: {
|
24162
|
+
# automated_update_date: "NonEmptyString",
|
24163
|
+
# cancellable: false,
|
24164
|
+
# current_version: "NonEmptyString",
|
24165
|
+
# description: "NonEmptyString",
|
24166
|
+
# new_version: "NonEmptyString",
|
24167
|
+
# update_available: false,
|
24168
|
+
# update_status: "NonEmptyString",
|
24169
|
+
# optional_deployment: false,
|
24170
|
+
# },
|
24171
|
+
# cluster_config: {
|
24172
|
+
# instance_count: 1,
|
24173
|
+
# warm_enabled: false,
|
24174
|
+
# warm_count: 1,
|
24175
|
+
# dedicated_master_enabled: false,
|
24176
|
+
# zone_awareness_config: {
|
24177
|
+
# availability_zone_count: 1,
|
24178
|
+
# },
|
24179
|
+
# dedicated_master_count: 1,
|
24180
|
+
# instance_type: "NonEmptyString",
|
24181
|
+
# warm_type: "NonEmptyString",
|
24182
|
+
# zone_awareness_enabled: false,
|
24183
|
+
# dedicated_master_type: "NonEmptyString",
|
24184
|
+
# },
|
24185
|
+
# domain_endpoint_options: {
|
24186
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
24187
|
+
# custom_endpoint_enabled: false,
|
24188
|
+
# enforce_https: false,
|
24189
|
+
# custom_endpoint: "NonEmptyString",
|
24190
|
+
# tls_security_policy: "NonEmptyString",
|
24191
|
+
# },
|
24192
|
+
# vpc_options: {
|
24193
|
+
# security_group_ids: ["NonEmptyString"],
|
24194
|
+
# subnet_ids: ["NonEmptyString"],
|
24195
|
+
# },
|
24196
|
+
# log_publishing_options: {
|
24197
|
+
# index_slow_logs: {
|
24198
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
24199
|
+
# enabled: false,
|
24200
|
+
# },
|
24201
|
+
# search_slow_logs: {
|
24202
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
24203
|
+
# enabled: false,
|
24204
|
+
# },
|
24205
|
+
# audit_logs: {
|
24206
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
24207
|
+
# enabled: false,
|
24208
|
+
# },
|
24209
|
+
# },
|
24210
|
+
# domain_endpoints: {
|
24211
|
+
# "NonEmptyString" => "NonEmptyString",
|
24212
|
+
# },
|
24213
|
+
# },
|
24214
|
+
# aws_ec2_vpc_endpoint_service: {
|
24215
|
+
# acceptance_required: false,
|
24216
|
+
# availability_zones: ["NonEmptyString"],
|
24217
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
24218
|
+
# manages_vpc_endpoints: false,
|
24219
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
24220
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
24221
|
+
# private_dns_name: "NonEmptyString",
|
24222
|
+
# service_id: "NonEmptyString",
|
24223
|
+
# service_name: "NonEmptyString",
|
24224
|
+
# service_state: "NonEmptyString",
|
24225
|
+
# service_type: [
|
24226
|
+
# {
|
24227
|
+
# service_type: "NonEmptyString",
|
24228
|
+
# },
|
24229
|
+
# ],
|
24230
|
+
# },
|
24231
|
+
# aws_xray_encryption_config: {
|
24232
|
+
# key_id: "NonEmptyString",
|
24233
|
+
# status: "NonEmptyString",
|
24234
|
+
# type: "NonEmptyString",
|
24235
|
+
# },
|
24236
|
+
# aws_waf_rate_based_rule: {
|
24237
|
+
# metric_name: "NonEmptyString",
|
24238
|
+
# name: "NonEmptyString",
|
24239
|
+
# rate_key: "NonEmptyString",
|
24240
|
+
# rate_limit: 1,
|
24241
|
+
# rule_id: "NonEmptyString",
|
24242
|
+
# match_predicates: [
|
24243
|
+
# {
|
24244
|
+
# data_id: "NonEmptyString",
|
24245
|
+
# negated: false,
|
24246
|
+
# type: "NonEmptyString",
|
24247
|
+
# },
|
24248
|
+
# ],
|
24249
|
+
# },
|
24250
|
+
# aws_waf_regional_rate_based_rule: {
|
24251
|
+
# metric_name: "NonEmptyString",
|
24252
|
+
# name: "NonEmptyString",
|
24253
|
+
# rate_key: "NonEmptyString",
|
24254
|
+
# rate_limit: 1,
|
24255
|
+
# rule_id: "NonEmptyString",
|
24256
|
+
# match_predicates: [
|
24257
|
+
# {
|
24258
|
+
# data_id: "NonEmptyString",
|
24259
|
+
# negated: false,
|
24260
|
+
# type: "NonEmptyString",
|
24261
|
+
# },
|
24262
|
+
# ],
|
24263
|
+
# },
|
24264
|
+
# aws_ecr_repository: {
|
24265
|
+
# arn: "NonEmptyString",
|
24266
|
+
# image_scanning_configuration: {
|
24267
|
+
# scan_on_push: false,
|
24268
|
+
# },
|
24269
|
+
# image_tag_mutability: "NonEmptyString",
|
24270
|
+
# lifecycle_policy: {
|
24271
|
+
# lifecycle_policy_text: "NonEmptyString",
|
24272
|
+
# registry_id: "NonEmptyString",
|
24273
|
+
# },
|
24274
|
+
# repository_name: "NonEmptyString",
|
24275
|
+
# repository_policy_text: "NonEmptyString",
|
24276
|
+
# },
|
24277
|
+
# aws_eks_cluster: {
|
24278
|
+
# arn: "NonEmptyString",
|
24279
|
+
# certificate_authority_data: "NonEmptyString",
|
24280
|
+
# cluster_status: "NonEmptyString",
|
24281
|
+
# endpoint: "NonEmptyString",
|
24282
|
+
# name: "NonEmptyString",
|
24283
|
+
# resources_vpc_config: {
|
24284
|
+
# security_group_ids: ["NonEmptyString"],
|
24285
|
+
# subnet_ids: ["NonEmptyString"],
|
24286
|
+
# },
|
24287
|
+
# role_arn: "NonEmptyString",
|
24288
|
+
# version: "NonEmptyString",
|
24289
|
+
# logging: {
|
24290
|
+
# cluster_logging: [
|
24291
|
+
# {
|
24292
|
+
# enabled: false,
|
24293
|
+
# types: ["NonEmptyString"],
|
24294
|
+
# },
|
24295
|
+
# ],
|
24296
|
+
# },
|
24297
|
+
# },
|
22340
24298
|
# },
|
22341
24299
|
# },
|
22342
24300
|
# ],
|
@@ -28232,8 +30190,29 @@ module Aws::SecurityHub
|
|
28232
30190
|
# },
|
28233
30191
|
# aws_code_build_project: {
|
28234
30192
|
# encryption_key: "NonEmptyString",
|
30193
|
+
# artifacts: [
|
30194
|
+
# {
|
30195
|
+
# artifact_identifier: "NonEmptyString",
|
30196
|
+
# encryption_disabled: false,
|
30197
|
+
# location: "NonEmptyString",
|
30198
|
+
# name: "NonEmptyString",
|
30199
|
+
# namespace_type: "NonEmptyString",
|
30200
|
+
# override_artifact_name: false,
|
30201
|
+
# packaging: "NonEmptyString",
|
30202
|
+
# path: "NonEmptyString",
|
30203
|
+
# type: "NonEmptyString",
|
30204
|
+
# },
|
30205
|
+
# ],
|
28235
30206
|
# environment: {
|
28236
30207
|
# certificate: "NonEmptyString",
|
30208
|
+
# environment_variables: [
|
30209
|
+
# {
|
30210
|
+
# name: "NonEmptyString",
|
30211
|
+
# type: "NonEmptyString",
|
30212
|
+
# value: "NonEmptyString",
|
30213
|
+
# },
|
30214
|
+
# ],
|
30215
|
+
# privileged_mode: false,
|
28237
30216
|
# image_pull_credentials_type: "NonEmptyString",
|
28238
30217
|
# registry_credential: {
|
28239
30218
|
# credential: "NonEmptyString",
|
@@ -28249,6 +30228,18 @@ module Aws::SecurityHub
|
|
28249
30228
|
# insecure_ssl: false,
|
28250
30229
|
# },
|
28251
30230
|
# service_role: "NonEmptyString",
|
30231
|
+
# logs_config: {
|
30232
|
+
# cloud_watch_logs: {
|
30233
|
+
# group_name: "NonEmptyString",
|
30234
|
+
# status: "NonEmptyString",
|
30235
|
+
# stream_name: "NonEmptyString",
|
30236
|
+
# },
|
30237
|
+
# s3_logs: {
|
30238
|
+
# encryption_disabled: false,
|
30239
|
+
# location: "NonEmptyString",
|
30240
|
+
# status: "NonEmptyString",
|
30241
|
+
# },
|
30242
|
+
# },
|
28252
30243
|
# vpc_config: {
|
28253
30244
|
# vpc_id: "NonEmptyString",
|
28254
30245
|
# subnets: ["NonEmptyString"],
|
@@ -28300,6 +30291,15 @@ module Aws::SecurityHub
|
|
28300
30291
|
# },
|
28301
30292
|
# ],
|
28302
30293
|
# },
|
30294
|
+
# viewer_certificate: {
|
30295
|
+
# acm_certificate_arn: "NonEmptyString",
|
30296
|
+
# certificate: "NonEmptyString",
|
30297
|
+
# certificate_source: "NonEmptyString",
|
30298
|
+
# cloud_front_default_certificate: false,
|
30299
|
+
# iam_certificate_id: "NonEmptyString",
|
30300
|
+
# minimum_protocol_version: "NonEmptyString",
|
30301
|
+
# ssl_support_method: "NonEmptyString",
|
30302
|
+
# },
|
28303
30303
|
# status: "NonEmptyString",
|
28304
30304
|
# web_acl_id: "NonEmptyString",
|
28305
30305
|
# },
|
@@ -28538,6 +30538,12 @@ module Aws::SecurityHub
|
|
28538
30538
|
# },
|
28539
30539
|
# type: "NonEmptyString",
|
28540
30540
|
# vpc_id: "NonEmptyString",
|
30541
|
+
# load_balancer_attributes: [
|
30542
|
+
# {
|
30543
|
+
# key: "NonEmptyString",
|
30544
|
+
# value: "NonEmptyString",
|
30545
|
+
# },
|
30546
|
+
# ],
|
28541
30547
|
# },
|
28542
30548
|
# aws_elastic_beanstalk_environment: {
|
28543
30549
|
# application_name: "NonEmptyString",
|
@@ -28637,6 +30643,7 @@ module Aws::SecurityHub
|
|
28637
30643
|
# aws_s3_bucket: {
|
28638
30644
|
# owner_id: "NonEmptyString",
|
28639
30645
|
# owner_name: "NonEmptyString",
|
30646
|
+
# owner_account_id: "NonEmptyString",
|
28640
30647
|
# created_at: "NonEmptyString",
|
28641
30648
|
# server_side_encryption_configuration: {
|
28642
30649
|
# rules: [
|
@@ -30222,6 +32229,157 @@ module Aws::SecurityHub
|
|
30222
32229
|
# image_tags: ["NonEmptyString"],
|
30223
32230
|
# image_published_at: "NonEmptyString",
|
30224
32231
|
# },
|
32232
|
+
# aws_open_search_service_domain: {
|
32233
|
+
# arn: "NonEmptyString",
|
32234
|
+
# access_policies: "NonEmptyString",
|
32235
|
+
# domain_name: "NonEmptyString",
|
32236
|
+
# id: "NonEmptyString",
|
32237
|
+
# domain_endpoint: "NonEmptyString",
|
32238
|
+
# engine_version: "NonEmptyString",
|
32239
|
+
# encryption_at_rest_options: {
|
32240
|
+
# enabled: false,
|
32241
|
+
# kms_key_id: "NonEmptyString",
|
32242
|
+
# },
|
32243
|
+
# node_to_node_encryption_options: {
|
32244
|
+
# enabled: false,
|
32245
|
+
# },
|
32246
|
+
# service_software_options: {
|
32247
|
+
# automated_update_date: "NonEmptyString",
|
32248
|
+
# cancellable: false,
|
32249
|
+
# current_version: "NonEmptyString",
|
32250
|
+
# description: "NonEmptyString",
|
32251
|
+
# new_version: "NonEmptyString",
|
32252
|
+
# update_available: false,
|
32253
|
+
# update_status: "NonEmptyString",
|
32254
|
+
# optional_deployment: false,
|
32255
|
+
# },
|
32256
|
+
# cluster_config: {
|
32257
|
+
# instance_count: 1,
|
32258
|
+
# warm_enabled: false,
|
32259
|
+
# warm_count: 1,
|
32260
|
+
# dedicated_master_enabled: false,
|
32261
|
+
# zone_awareness_config: {
|
32262
|
+
# availability_zone_count: 1,
|
32263
|
+
# },
|
32264
|
+
# dedicated_master_count: 1,
|
32265
|
+
# instance_type: "NonEmptyString",
|
32266
|
+
# warm_type: "NonEmptyString",
|
32267
|
+
# zone_awareness_enabled: false,
|
32268
|
+
# dedicated_master_type: "NonEmptyString",
|
32269
|
+
# },
|
32270
|
+
# domain_endpoint_options: {
|
32271
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
32272
|
+
# custom_endpoint_enabled: false,
|
32273
|
+
# enforce_https: false,
|
32274
|
+
# custom_endpoint: "NonEmptyString",
|
32275
|
+
# tls_security_policy: "NonEmptyString",
|
32276
|
+
# },
|
32277
|
+
# vpc_options: {
|
32278
|
+
# security_group_ids: ["NonEmptyString"],
|
32279
|
+
# subnet_ids: ["NonEmptyString"],
|
32280
|
+
# },
|
32281
|
+
# log_publishing_options: {
|
32282
|
+
# index_slow_logs: {
|
32283
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
32284
|
+
# enabled: false,
|
32285
|
+
# },
|
32286
|
+
# search_slow_logs: {
|
32287
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
32288
|
+
# enabled: false,
|
32289
|
+
# },
|
32290
|
+
# audit_logs: {
|
32291
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
32292
|
+
# enabled: false,
|
32293
|
+
# },
|
32294
|
+
# },
|
32295
|
+
# domain_endpoints: {
|
32296
|
+
# "NonEmptyString" => "NonEmptyString",
|
32297
|
+
# },
|
32298
|
+
# },
|
32299
|
+
# aws_ec2_vpc_endpoint_service: {
|
32300
|
+
# acceptance_required: false,
|
32301
|
+
# availability_zones: ["NonEmptyString"],
|
32302
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
32303
|
+
# manages_vpc_endpoints: false,
|
32304
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
32305
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
32306
|
+
# private_dns_name: "NonEmptyString",
|
32307
|
+
# service_id: "NonEmptyString",
|
32308
|
+
# service_name: "NonEmptyString",
|
32309
|
+
# service_state: "NonEmptyString",
|
32310
|
+
# service_type: [
|
32311
|
+
# {
|
32312
|
+
# service_type: "NonEmptyString",
|
32313
|
+
# },
|
32314
|
+
# ],
|
32315
|
+
# },
|
32316
|
+
# aws_xray_encryption_config: {
|
32317
|
+
# key_id: "NonEmptyString",
|
32318
|
+
# status: "NonEmptyString",
|
32319
|
+
# type: "NonEmptyString",
|
32320
|
+
# },
|
32321
|
+
# aws_waf_rate_based_rule: {
|
32322
|
+
# metric_name: "NonEmptyString",
|
32323
|
+
# name: "NonEmptyString",
|
32324
|
+
# rate_key: "NonEmptyString",
|
32325
|
+
# rate_limit: 1,
|
32326
|
+
# rule_id: "NonEmptyString",
|
32327
|
+
# match_predicates: [
|
32328
|
+
# {
|
32329
|
+
# data_id: "NonEmptyString",
|
32330
|
+
# negated: false,
|
32331
|
+
# type: "NonEmptyString",
|
32332
|
+
# },
|
32333
|
+
# ],
|
32334
|
+
# },
|
32335
|
+
# aws_waf_regional_rate_based_rule: {
|
32336
|
+
# metric_name: "NonEmptyString",
|
32337
|
+
# name: "NonEmptyString",
|
32338
|
+
# rate_key: "NonEmptyString",
|
32339
|
+
# rate_limit: 1,
|
32340
|
+
# rule_id: "NonEmptyString",
|
32341
|
+
# match_predicates: [
|
32342
|
+
# {
|
32343
|
+
# data_id: "NonEmptyString",
|
32344
|
+
# negated: false,
|
32345
|
+
# type: "NonEmptyString",
|
32346
|
+
# },
|
32347
|
+
# ],
|
32348
|
+
# },
|
32349
|
+
# aws_ecr_repository: {
|
32350
|
+
# arn: "NonEmptyString",
|
32351
|
+
# image_scanning_configuration: {
|
32352
|
+
# scan_on_push: false,
|
32353
|
+
# },
|
32354
|
+
# image_tag_mutability: "NonEmptyString",
|
32355
|
+
# lifecycle_policy: {
|
32356
|
+
# lifecycle_policy_text: "NonEmptyString",
|
32357
|
+
# registry_id: "NonEmptyString",
|
32358
|
+
# },
|
32359
|
+
# repository_name: "NonEmptyString",
|
32360
|
+
# repository_policy_text: "NonEmptyString",
|
32361
|
+
# },
|
32362
|
+
# aws_eks_cluster: {
|
32363
|
+
# arn: "NonEmptyString",
|
32364
|
+
# certificate_authority_data: "NonEmptyString",
|
32365
|
+
# cluster_status: "NonEmptyString",
|
32366
|
+
# endpoint: "NonEmptyString",
|
32367
|
+
# name: "NonEmptyString",
|
32368
|
+
# resources_vpc_config: {
|
32369
|
+
# security_group_ids: ["NonEmptyString"],
|
32370
|
+
# subnet_ids: ["NonEmptyString"],
|
32371
|
+
# },
|
32372
|
+
# role_arn: "NonEmptyString",
|
32373
|
+
# version: "NonEmptyString",
|
32374
|
+
# logging: {
|
32375
|
+
# cluster_logging: [
|
32376
|
+
# {
|
32377
|
+
# enabled: false,
|
32378
|
+
# types: ["NonEmptyString"],
|
32379
|
+
# },
|
32380
|
+
# ],
|
32381
|
+
# },
|
32382
|
+
# },
|
30225
32383
|
# },
|
30226
32384
|
# }
|
30227
32385
|
#
|
@@ -30327,8 +32485,29 @@ module Aws::SecurityHub
|
|
30327
32485
|
# },
|
30328
32486
|
# aws_code_build_project: {
|
30329
32487
|
# encryption_key: "NonEmptyString",
|
32488
|
+
# artifacts: [
|
32489
|
+
# {
|
32490
|
+
# artifact_identifier: "NonEmptyString",
|
32491
|
+
# encryption_disabled: false,
|
32492
|
+
# location: "NonEmptyString",
|
32493
|
+
# name: "NonEmptyString",
|
32494
|
+
# namespace_type: "NonEmptyString",
|
32495
|
+
# override_artifact_name: false,
|
32496
|
+
# packaging: "NonEmptyString",
|
32497
|
+
# path: "NonEmptyString",
|
32498
|
+
# type: "NonEmptyString",
|
32499
|
+
# },
|
32500
|
+
# ],
|
30330
32501
|
# environment: {
|
30331
32502
|
# certificate: "NonEmptyString",
|
32503
|
+
# environment_variables: [
|
32504
|
+
# {
|
32505
|
+
# name: "NonEmptyString",
|
32506
|
+
# type: "NonEmptyString",
|
32507
|
+
# value: "NonEmptyString",
|
32508
|
+
# },
|
32509
|
+
# ],
|
32510
|
+
# privileged_mode: false,
|
30332
32511
|
# image_pull_credentials_type: "NonEmptyString",
|
30333
32512
|
# registry_credential: {
|
30334
32513
|
# credential: "NonEmptyString",
|
@@ -30344,6 +32523,18 @@ module Aws::SecurityHub
|
|
30344
32523
|
# insecure_ssl: false,
|
30345
32524
|
# },
|
30346
32525
|
# service_role: "NonEmptyString",
|
32526
|
+
# logs_config: {
|
32527
|
+
# cloud_watch_logs: {
|
32528
|
+
# group_name: "NonEmptyString",
|
32529
|
+
# status: "NonEmptyString",
|
32530
|
+
# stream_name: "NonEmptyString",
|
32531
|
+
# },
|
32532
|
+
# s3_logs: {
|
32533
|
+
# encryption_disabled: false,
|
32534
|
+
# location: "NonEmptyString",
|
32535
|
+
# status: "NonEmptyString",
|
32536
|
+
# },
|
32537
|
+
# },
|
30347
32538
|
# vpc_config: {
|
30348
32539
|
# vpc_id: "NonEmptyString",
|
30349
32540
|
# subnets: ["NonEmptyString"],
|
@@ -30395,6 +32586,15 @@ module Aws::SecurityHub
|
|
30395
32586
|
# },
|
30396
32587
|
# ],
|
30397
32588
|
# },
|
32589
|
+
# viewer_certificate: {
|
32590
|
+
# acm_certificate_arn: "NonEmptyString",
|
32591
|
+
# certificate: "NonEmptyString",
|
32592
|
+
# certificate_source: "NonEmptyString",
|
32593
|
+
# cloud_front_default_certificate: false,
|
32594
|
+
# iam_certificate_id: "NonEmptyString",
|
32595
|
+
# minimum_protocol_version: "NonEmptyString",
|
32596
|
+
# ssl_support_method: "NonEmptyString",
|
32597
|
+
# },
|
30398
32598
|
# status: "NonEmptyString",
|
30399
32599
|
# web_acl_id: "NonEmptyString",
|
30400
32600
|
# },
|
@@ -30633,6 +32833,12 @@ module Aws::SecurityHub
|
|
30633
32833
|
# },
|
30634
32834
|
# type: "NonEmptyString",
|
30635
32835
|
# vpc_id: "NonEmptyString",
|
32836
|
+
# load_balancer_attributes: [
|
32837
|
+
# {
|
32838
|
+
# key: "NonEmptyString",
|
32839
|
+
# value: "NonEmptyString",
|
32840
|
+
# },
|
32841
|
+
# ],
|
30636
32842
|
# },
|
30637
32843
|
# aws_elastic_beanstalk_environment: {
|
30638
32844
|
# application_name: "NonEmptyString",
|
@@ -30732,6 +32938,7 @@ module Aws::SecurityHub
|
|
30732
32938
|
# aws_s3_bucket: {
|
30733
32939
|
# owner_id: "NonEmptyString",
|
30734
32940
|
# owner_name: "NonEmptyString",
|
32941
|
+
# owner_account_id: "NonEmptyString",
|
30735
32942
|
# created_at: "NonEmptyString",
|
30736
32943
|
# server_side_encryption_configuration: {
|
30737
32944
|
# rules: [
|
@@ -32317,6 +34524,157 @@ module Aws::SecurityHub
|
|
32317
34524
|
# image_tags: ["NonEmptyString"],
|
32318
34525
|
# image_published_at: "NonEmptyString",
|
32319
34526
|
# },
|
34527
|
+
# aws_open_search_service_domain: {
|
34528
|
+
# arn: "NonEmptyString",
|
34529
|
+
# access_policies: "NonEmptyString",
|
34530
|
+
# domain_name: "NonEmptyString",
|
34531
|
+
# id: "NonEmptyString",
|
34532
|
+
# domain_endpoint: "NonEmptyString",
|
34533
|
+
# engine_version: "NonEmptyString",
|
34534
|
+
# encryption_at_rest_options: {
|
34535
|
+
# enabled: false,
|
34536
|
+
# kms_key_id: "NonEmptyString",
|
34537
|
+
# },
|
34538
|
+
# node_to_node_encryption_options: {
|
34539
|
+
# enabled: false,
|
34540
|
+
# },
|
34541
|
+
# service_software_options: {
|
34542
|
+
# automated_update_date: "NonEmptyString",
|
34543
|
+
# cancellable: false,
|
34544
|
+
# current_version: "NonEmptyString",
|
34545
|
+
# description: "NonEmptyString",
|
34546
|
+
# new_version: "NonEmptyString",
|
34547
|
+
# update_available: false,
|
34548
|
+
# update_status: "NonEmptyString",
|
34549
|
+
# optional_deployment: false,
|
34550
|
+
# },
|
34551
|
+
# cluster_config: {
|
34552
|
+
# instance_count: 1,
|
34553
|
+
# warm_enabled: false,
|
34554
|
+
# warm_count: 1,
|
34555
|
+
# dedicated_master_enabled: false,
|
34556
|
+
# zone_awareness_config: {
|
34557
|
+
# availability_zone_count: 1,
|
34558
|
+
# },
|
34559
|
+
# dedicated_master_count: 1,
|
34560
|
+
# instance_type: "NonEmptyString",
|
34561
|
+
# warm_type: "NonEmptyString",
|
34562
|
+
# zone_awareness_enabled: false,
|
34563
|
+
# dedicated_master_type: "NonEmptyString",
|
34564
|
+
# },
|
34565
|
+
# domain_endpoint_options: {
|
34566
|
+
# custom_endpoint_certificate_arn: "NonEmptyString",
|
34567
|
+
# custom_endpoint_enabled: false,
|
34568
|
+
# enforce_https: false,
|
34569
|
+
# custom_endpoint: "NonEmptyString",
|
34570
|
+
# tls_security_policy: "NonEmptyString",
|
34571
|
+
# },
|
34572
|
+
# vpc_options: {
|
34573
|
+
# security_group_ids: ["NonEmptyString"],
|
34574
|
+
# subnet_ids: ["NonEmptyString"],
|
34575
|
+
# },
|
34576
|
+
# log_publishing_options: {
|
34577
|
+
# index_slow_logs: {
|
34578
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
34579
|
+
# enabled: false,
|
34580
|
+
# },
|
34581
|
+
# search_slow_logs: {
|
34582
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
34583
|
+
# enabled: false,
|
34584
|
+
# },
|
34585
|
+
# audit_logs: {
|
34586
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
34587
|
+
# enabled: false,
|
34588
|
+
# },
|
34589
|
+
# },
|
34590
|
+
# domain_endpoints: {
|
34591
|
+
# "NonEmptyString" => "NonEmptyString",
|
34592
|
+
# },
|
34593
|
+
# },
|
34594
|
+
# aws_ec2_vpc_endpoint_service: {
|
34595
|
+
# acceptance_required: false,
|
34596
|
+
# availability_zones: ["NonEmptyString"],
|
34597
|
+
# base_endpoint_dns_names: ["NonEmptyString"],
|
34598
|
+
# manages_vpc_endpoints: false,
|
34599
|
+
# gateway_load_balancer_arns: ["NonEmptyString"],
|
34600
|
+
# network_load_balancer_arns: ["NonEmptyString"],
|
34601
|
+
# private_dns_name: "NonEmptyString",
|
34602
|
+
# service_id: "NonEmptyString",
|
34603
|
+
# service_name: "NonEmptyString",
|
34604
|
+
# service_state: "NonEmptyString",
|
34605
|
+
# service_type: [
|
34606
|
+
# {
|
34607
|
+
# service_type: "NonEmptyString",
|
34608
|
+
# },
|
34609
|
+
# ],
|
34610
|
+
# },
|
34611
|
+
# aws_xray_encryption_config: {
|
34612
|
+
# key_id: "NonEmptyString",
|
34613
|
+
# status: "NonEmptyString",
|
34614
|
+
# type: "NonEmptyString",
|
34615
|
+
# },
|
34616
|
+
# aws_waf_rate_based_rule: {
|
34617
|
+
# metric_name: "NonEmptyString",
|
34618
|
+
# name: "NonEmptyString",
|
34619
|
+
# rate_key: "NonEmptyString",
|
34620
|
+
# rate_limit: 1,
|
34621
|
+
# rule_id: "NonEmptyString",
|
34622
|
+
# match_predicates: [
|
34623
|
+
# {
|
34624
|
+
# data_id: "NonEmptyString",
|
34625
|
+
# negated: false,
|
34626
|
+
# type: "NonEmptyString",
|
34627
|
+
# },
|
34628
|
+
# ],
|
34629
|
+
# },
|
34630
|
+
# aws_waf_regional_rate_based_rule: {
|
34631
|
+
# metric_name: "NonEmptyString",
|
34632
|
+
# name: "NonEmptyString",
|
34633
|
+
# rate_key: "NonEmptyString",
|
34634
|
+
# rate_limit: 1,
|
34635
|
+
# rule_id: "NonEmptyString",
|
34636
|
+
# match_predicates: [
|
34637
|
+
# {
|
34638
|
+
# data_id: "NonEmptyString",
|
34639
|
+
# negated: false,
|
34640
|
+
# type: "NonEmptyString",
|
34641
|
+
# },
|
34642
|
+
# ],
|
34643
|
+
# },
|
34644
|
+
# aws_ecr_repository: {
|
34645
|
+
# arn: "NonEmptyString",
|
34646
|
+
# image_scanning_configuration: {
|
34647
|
+
# scan_on_push: false,
|
34648
|
+
# },
|
34649
|
+
# image_tag_mutability: "NonEmptyString",
|
34650
|
+
# lifecycle_policy: {
|
34651
|
+
# lifecycle_policy_text: "NonEmptyString",
|
34652
|
+
# registry_id: "NonEmptyString",
|
34653
|
+
# },
|
34654
|
+
# repository_name: "NonEmptyString",
|
34655
|
+
# repository_policy_text: "NonEmptyString",
|
34656
|
+
# },
|
34657
|
+
# aws_eks_cluster: {
|
34658
|
+
# arn: "NonEmptyString",
|
34659
|
+
# certificate_authority_data: "NonEmptyString",
|
34660
|
+
# cluster_status: "NonEmptyString",
|
34661
|
+
# endpoint: "NonEmptyString",
|
34662
|
+
# name: "NonEmptyString",
|
34663
|
+
# resources_vpc_config: {
|
34664
|
+
# security_group_ids: ["NonEmptyString"],
|
34665
|
+
# subnet_ids: ["NonEmptyString"],
|
34666
|
+
# },
|
34667
|
+
# role_arn: "NonEmptyString",
|
34668
|
+
# version: "NonEmptyString",
|
34669
|
+
# logging: {
|
34670
|
+
# cluster_logging: [
|
34671
|
+
# {
|
34672
|
+
# enabled: false,
|
34673
|
+
# types: ["NonEmptyString"],
|
34674
|
+
# },
|
34675
|
+
# ],
|
34676
|
+
# },
|
34677
|
+
# },
|
32320
34678
|
# }
|
32321
34679
|
#
|
32322
34680
|
# @!attribute [rw] aws_auto_scaling_auto_scaling_group
|
@@ -32539,9 +34897,37 @@ module Aws::SecurityHub
|
|
32539
34897
|
# @return [Types::AwsEc2VpnConnectionDetails]
|
32540
34898
|
#
|
32541
34899
|
# @!attribute [rw] aws_ecr_container_image
|
32542
|
-
#
|
34900
|
+
# Information about an Amazon ECR image.
|
32543
34901
|
# @return [Types::AwsEcrContainerImageDetails]
|
32544
34902
|
#
|
34903
|
+
# @!attribute [rw] aws_open_search_service_domain
|
34904
|
+
# Details about an Amazon OpenSearch Service domain.
|
34905
|
+
# @return [Types::AwsOpenSearchServiceDomainDetails]
|
34906
|
+
#
|
34907
|
+
# @!attribute [rw] aws_ec2_vpc_endpoint_service
|
34908
|
+
# Details about the service configuration for a VPC endpoint service.
|
34909
|
+
# @return [Types::AwsEc2VpcEndpointServiceDetails]
|
34910
|
+
#
|
34911
|
+
# @!attribute [rw] aws_xray_encryption_config
|
34912
|
+
# Information about the encryption configuration for X-Ray.
|
34913
|
+
# @return [Types::AwsXrayEncryptionConfigDetails]
|
34914
|
+
#
|
34915
|
+
# @!attribute [rw] aws_waf_rate_based_rule
|
34916
|
+
# Details about a rate-based rule for global resources.
|
34917
|
+
# @return [Types::AwsWafRateBasedRuleDetails]
|
34918
|
+
#
|
34919
|
+
# @!attribute [rw] aws_waf_regional_rate_based_rule
|
34920
|
+
# Details about a rate-based rule for Regional resources.
|
34921
|
+
# @return [Types::AwsWafRegionalRateBasedRuleDetails]
|
34922
|
+
#
|
34923
|
+
# @!attribute [rw] aws_ecr_repository
|
34924
|
+
# Information about an Amazon Elastic Container Registry repository.
|
34925
|
+
# @return [Types::AwsEcrRepositoryDetails]
|
34926
|
+
#
|
34927
|
+
# @!attribute [rw] aws_eks_cluster
|
34928
|
+
# Details about an Amazon EKS cluster.
|
34929
|
+
# @return [Types::AwsEksClusterDetails]
|
34930
|
+
#
|
32545
34931
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
|
32546
34932
|
#
|
32547
34933
|
class ResourceDetails < Struct.new(
|
@@ -32596,7 +34982,14 @@ module Aws::SecurityHub
|
|
32596
34982
|
:aws_ecs_service,
|
32597
34983
|
:aws_auto_scaling_launch_configuration,
|
32598
34984
|
:aws_ec2_vpn_connection,
|
32599
|
-
:aws_ecr_container_image
|
34985
|
+
:aws_ecr_container_image,
|
34986
|
+
:aws_open_search_service_domain,
|
34987
|
+
:aws_ec2_vpc_endpoint_service,
|
34988
|
+
:aws_xray_encryption_config,
|
34989
|
+
:aws_waf_rate_based_rule,
|
34990
|
+
:aws_waf_regional_rate_based_rule,
|
34991
|
+
:aws_ecr_repository,
|
34992
|
+
:aws_eks_cluster)
|
32600
34993
|
SENSITIVE = []
|
32601
34994
|
include Aws::Structure
|
32602
34995
|
end
|