aws-sdk-securityhub 1.54.0 → 1.58.0

data/lib/aws-sdk-securityhub/client.rb

@@ -119,7 +119,9 @@ module Aws::SecurityHub
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
-    #       enable retries and extended timeouts.
+    #       enable retries and extended timeouts. Instance profile credential
+    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
+    #       to true.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -275,6 +277,15 @@ module Aws::SecurityHub
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Boolean] :use_dualstack_endpoint
+    #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
+    #     will be used if available.
+    #
+    #   @option options [Boolean] :use_fips_endpoint
+    #     When set to `true`, fips compatible endpoints will be used if available.
+    #     When a `fips` region is used, the region is normalized and this config
+    #     is set to `true`.
+    #
     #   @option options [Boolean] :validate_params (true)
     #     When `true`, request parameters are validated before
     #     sending the request.
@@ -441,6 +452,7 @@ module Aws::SecurityHub
     #   resp.standards_subscriptions[0].standards_input #=> Hash
     #   resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
     #   resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
+    #   resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "INTERNAL_ERROR"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchDisableStandards AWS API Documentation
     #
@@ -489,6 +501,7 @@ module Aws::SecurityHub
     #   resp.standards_subscriptions[0].standards_input #=> Hash
     #   resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
     #   resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
+    #   resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "INTERNAL_ERROR"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchEnableStandards AWS API Documentation
     #
@@ -499,10 +512,19 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
-    # Imports security findings generated from an integrated product into
-    # Security Hub. This action is requested by the integrated product to
+    # Imports security findings generated by a finding provider into
+    # Security Hub. This action is requested by the finding provider to
     # import its findings into Security Hub.
     #
+    # `BatchImportFindings` must be called by one of the following:
+    #
+    # * The account that is associated with the findings. The identifier of
+    #   the associated account is the value of the `AwsAccountId` attribute
+    #   for the finding.
+    #
+    # * An account that is allow-listed for an official Security Hub partner
+    #   integration.
+    #
     # The maximum allowed size for a finding is 240 Kb. An error is returned
     # for any finding larger than 240 Kb.
     #
@@ -822,6 +844,34 @@ module Aws::SecurityHub
     #                 health_check_type: "NonEmptyString",
     #                 health_check_grace_period: 1,
     #                 created_time: "NonEmptyString",
+    #                 mixed_instances_policy: {
+    #                   instances_distribution: {
+    #                     on_demand_allocation_strategy: "NonEmptyString",
+    #                     on_demand_base_capacity: 1,
+    #                     on_demand_percentage_above_base_capacity: 1,
+    #                     spot_allocation_strategy: "NonEmptyString",
+    #                     spot_instance_pools: 1,
+    #                     spot_max_price: "NonEmptyString",
+    #                   },
+    #                   launch_template: {
+    #                     launch_template_specification: {
+    #                       launch_template_id: "NonEmptyString",
+    #                       launch_template_name: "NonEmptyString",
+    #                       version: "NonEmptyString",
+    #                     },
+    #                     overrides: [
+    #                       {
+    #                         instance_type: "NonEmptyString",
+    #                         weighted_capacity: "NonEmptyString",
+    #                       },
+    #                     ],
+    #                   },
+    #                 },
+    #                 availability_zones: [
+    #                   {
+    #                     value: "NonEmptyString",
+    #                   },
+    #                 ],
     #               },
     #               aws_code_build_project: {
     #                 encryption_key: "NonEmptyString",
@@ -1392,6 +1442,10 @@ module Aws::SecurityHub
     #                     },
     #                   ],
     #                 },
+    #                 bucket_versioning_configuration: {
+    #                   is_mfa_delete_enabled: false,
+    #                   status: "NonEmptyString",
+    #                 },
     #               },
     #               aws_s3_account_public_access_block: {
     #                 block_public_acls: false,
@@ -2806,6 +2860,11 @@ module Aws::SecurityHub
     #                 security_groups: ["NonEmptyString"],
     #                 spot_price: "NonEmptyString",
     #                 user_data: "NonEmptyString",
+    #                 metadata_options: {
+    #                   http_endpoint: "NonEmptyString",
+    #                   http_put_response_hop_limit: 1,
+    #                   http_tokens: "NonEmptyString",
+    #                 },
     #               },
     #               aws_ec2_vpn_connection: {
     #                 vpn_connection_id: "NonEmptyString",
@@ -3015,6 +3074,157 @@ module Aws::SecurityHub
     #                   ],
     #                 },
     #               },
+    #               aws_network_firewall_firewall_policy: {
+    #                 firewall_policy: {
+    #                   stateful_rule_group_references: [
+    #                     {
+    #                       resource_arn: "NonEmptyString",
+    #                     },
+    #                   ],
+    #                   stateless_custom_actions: [
+    #                     {
+    #                       action_definition: {
+    #                         publish_metric_action: {
+    #                           dimensions: [
+    #                             {
+    #                               value: "NonEmptyString",
+    #                             },
+    #                           ],
+    #                         },
+    #                       },
+    #                       action_name: "NonEmptyString",
+    #                     },
+    #                   ],
+    #                   stateless_default_actions: ["NonEmptyString"],
+    #                   stateless_fragment_default_actions: ["NonEmptyString"],
+    #                   stateless_rule_group_references: [
+    #                     {
+    #                       priority: 1,
+    #                       resource_arn: "NonEmptyString",
+    #                     },
+    #                   ],
+    #                 },
+    #                 firewall_policy_arn: "NonEmptyString",
+    #                 firewall_policy_id: "NonEmptyString",
+    #                 firewall_policy_name: "NonEmptyString",
+    #                 description: "NonEmptyString",
+    #               },
+    #               aws_network_firewall_firewall: {
+    #                 delete_protection: false,
+    #                 description: "NonEmptyString",
+    #                 firewall_arn: "NonEmptyString",
+    #                 firewall_id: "NonEmptyString",
+    #                 firewall_name: "NonEmptyString",
+    #                 firewall_policy_arn: "NonEmptyString",
+    #                 firewall_policy_change_protection: false,
+    #                 subnet_change_protection: false,
+    #                 subnet_mappings: [
+    #                   {
+    #                     subnet_id: "NonEmptyString",
+    #                   },
+    #                 ],
+    #                 vpc_id: "NonEmptyString",
+    #               },
+    #               aws_network_firewall_rule_group: {
+    #                 capacity: 1,
+    #                 description: "NonEmptyString",
+    #                 rule_group: {
+    #                   rule_variables: {
+    #                     ip_sets: {
+    #                       definition: ["NonEmptyString"],
+    #                     },
+    #                     port_sets: {
+    #                       definition: ["NonEmptyString"],
+    #                     },
+    #                   },
+    #                   rules_source: {
+    #                     rules_source_list: {
+    #                       generated_rules_type: "NonEmptyString",
+    #                       target_types: ["NonEmptyString"],
+    #                       targets: ["NonEmptyString"],
+    #                     },
+    #                     rules_string: "NonEmptyString",
+    #                     stateful_rules: [
+    #                       {
+    #                         action: "NonEmptyString",
+    #                         header: {
+    #                           destination: "NonEmptyString",
+    #                           destination_port: "NonEmptyString",
+    #                           direction: "NonEmptyString",
+    #                           protocol: "NonEmptyString",
+    #                           source: "NonEmptyString",
+    #                           source_port: "NonEmptyString",
+    #                         },
+    #                         rule_options: [
+    #                           {
+    #                             keyword: "NonEmptyString",
+    #                             settings: ["NonEmptyString"],
+    #                           },
+    #                         ],
+    #                       },
+    #                     ],
+    #                     stateless_rules_and_custom_actions: {
+    #                       custom_actions: [
+    #                         {
+    #                           action_definition: {
+    #                             publish_metric_action: {
+    #                               dimensions: [
+    #                                 {
+    #                                   value: "NonEmptyString",
+    #                                 },
+    #                               ],
+    #                             },
+    #                           },
+    #                           action_name: "NonEmptyString",
+    #                         },
+    #                       ],
+    #                       stateless_rules: [
+    #                         {
+    #                           priority: 1,
+    #                           rule_definition: {
+    #                             actions: ["NonEmptyString"],
+    #                             match_attributes: {
+    #                               destination_ports: [
+    #                                 {
+    #                                   from_port: 1,
+    #                                   to_port: 1,
+    #                                 },
+    #                               ],
+    #                               destinations: [
+    #                                 {
+    #                                   address_definition: "NonEmptyString",
+    #                                 },
+    #                               ],
+    #                               protocols: [1],
+    #                               source_ports: [
+    #                                 {
+    #                                   from_port: 1,
+    #                                   to_port: 1,
+    #                                 },
+    #                               ],
+    #                               sources: [
+    #                                 {
+    #                                   address_definition: "NonEmptyString",
+    #                                 },
+    #                               ],
+    #                               tcp_flags: [
+    #                                 {
+    #                                   flags: ["NonEmptyString"],
+    #                                   masks: ["NonEmptyString"],
+    #                                 },
+    #                               ],
+    #                             },
+    #                           },
+    #                         },
+    #                       ],
+    #                     },
+    #                   },
+    #                 },
+    #                 rule_group_arn: "NonEmptyString",
+    #                 rule_group_id: "NonEmptyString",
+    #                 rule_group_name: "NonEmptyString",
+    #                 type: "NonEmptyString",
+    #               },
     #             },
     #           },
     #         ],
@@ -3454,6 +3664,80 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Used to enable finding aggregation. Must be called from the
+    # aggregation Region.
+    #
+    # For more details about cross-Region replication, see [Configuring
+    # finding
+    # aggregation](securityhub/latest/userguide/finding-aggregation.html) in
+    # the *Security Hub User Guide*.
+    #
+    # @option params [required, String] :region_linking_mode
+    #   Indicates whether to aggregate findings from all of the available
+    #   Regions in the current partition. Also determines whether to
+    #   automatically aggregate findings from new Regions as Security Hub
+    #   supports them and you opt into them.
+    #
+    #   The selected option also determines how to use the Regions provided in
+    #   the Regions list.
+    #
+    #   The options are as follows:
+    #
+    #   * `ALL_REGIONS` - Indicates to aggregate findings from all of the
+    #     Regions where Security Hub is enabled. When you choose this option,
+    #     Security Hub also automatically aggregates findings from new Regions
+    #     as Security Hub supports them and you opt into them.
+    #
+    #   * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
+    #     from all of the Regions where Security Hub is enabled, except for
+    #     the Regions listed in the `Regions` parameter. When you choose this
+    #     option, Security Hub also automatically aggregates findings from new
+    #     Regions as Security Hub supports them and you opt into them.
+    #
+    #   * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the
+    #     Regions listed in the `Regions` parameter. Security Hub does not
+    #     automatically aggregate findings from new Regions.
+    #
+    # @option params [Array<String>] :regions
+    #   If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
+    #   a comma-separated list of Regions that do not aggregate findings to
+    #   the aggregation Region.
+    #
+    #   If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
+    #   comma-separated list of Regions that do aggregate findings to the
+    #   aggregation Region.
+    #
+    # @return [Types::CreateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
+    #   * {Types::CreateFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
+    #   * {Types::CreateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
+    #   * {Types::CreateFindingAggregatorResponse#regions #regions} => Array&lt;String&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_finding_aggregator({
+    #     region_linking_mode: "NonEmptyString", # required
+    #     regions: ["NonEmptyString"],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.finding_aggregator_arn #=> String
+    #   resp.finding_aggregation_region #=> String
+    #   resp.region_linking_mode #=> String
+    #   resp.regions #=> Array
+    #   resp.regions[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateFindingAggregator AWS API Documentation
+    #
+    # @overload create_finding_aggregator(params = {})
+    # @param [Hash] params ({})
+    def create_finding_aggregator(params = {}, options = {})
+      req = build_request(:create_finding_aggregator, params)
+      req.send_request(options)
+    end
+
     # Creates a custom insight in Security Hub. An insight is a
     # consolidation of findings that relate to a security issue that
     # requires attention or remediation.
@@ -4266,6 +4550,35 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Deletes a finding aggregator. When you delete the finding aggregator,
+    # you stop finding aggregation.
+    #
+    # When you stop finding aggregation, findings that were already
+    # aggregated to the aggregation Region are still visible from the
+    # aggregation Region. New findings and finding updates are not
+    # aggregated.
+    #
+    # @option params [required, String] :finding_aggregator_arn
+    #   The ARN of the finding aggregator to delete. To obtain the ARN, use
+    #   `ListFindingAggregators`.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_finding_aggregator({
+    #     finding_aggregator_arn: "NonEmptyString", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteFindingAggregator AWS API Documentation
+    #
+    # @overload delete_finding_aggregator(params = {})
+    # @param [Hash] params ({})
+    def delete_finding_aggregator(params = {}, options = {})
+      req = build_request(:delete_finding_aggregator, params)
+      req.send_request(options)
+    end
+
     # Deletes the insight specified by the `InsightArn`.
     #
     # @option params [required, String] :insight_arn
@@ -4976,6 +5289,7 @@ module Aws::SecurityHub
     #   resp.standards_subscriptions[0].standards_input #=> Hash
     #   resp.standards_subscriptions[0].standards_input["NonEmptyString"] #=> String
     #   resp.standards_subscriptions[0].standards_status #=> String, one of "PENDING", "READY", "FAILED", "DELETING", "INCOMPLETE"
+    #   resp.standards_subscriptions[0].standards_status_reason.status_reason_code #=> String, one of "NO_AVAILABLE_CONFIGURATION_RECORDER", "INTERNAL_ERROR"
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetEnabledStandards AWS API Documentation
@@ -4987,8 +5301,48 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Returns the current finding aggregation configuration.
+    #
+    # @option params [required, String] :finding_aggregator_arn
+    #   The ARN of the finding aggregator to return details for. To obtain the
+    #   ARN, use `ListFindingAggregators`.
+    #
+    # @return [Types::GetFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
+    #   * {Types::GetFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
+    #   * {Types::GetFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
+    #   * {Types::GetFindingAggregatorResponse#regions #regions} => Array&lt;String&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_finding_aggregator({
+    #     finding_aggregator_arn: "NonEmptyString", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.finding_aggregator_arn #=> String
+    #   resp.finding_aggregation_region #=> String
+    #   resp.region_linking_mode #=> String
+    #   resp.regions #=> Array
+    #   resp.regions[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingAggregator AWS API Documentation
+    #
+    # @overload get_finding_aggregator(params = {})
+    # @param [Hash] params ({})
+    def get_finding_aggregator(params = {}, options = {})
+      req = build_request(:get_finding_aggregator, params)
+      req.send_request(options)
+    end
+
     # Returns a list of findings that match the specified criteria.
     #
+    # If finding aggregation is enabled, then when you call `GetFindings`
+    # from the aggregation Region, the results include all of the matching
+    # findings from both the aggregation Region and the linked Regions.
+    #
     # @option params [Types::AwsSecurityFindingFilters] :filters
     #   The finding attributes used to define a condition to filter the
     #   returned findings.
@@ -5818,6 +6172,20 @@ module Aws::SecurityHub
     #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.health_check_type #=> String
     #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.health_check_grace_period #=> Integer
     #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.created_time #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.on_demand_allocation_strategy #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.on_demand_base_capacity #=> Integer
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.on_demand_percentage_above_base_capacity #=> Integer
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.spot_allocation_strategy #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.spot_instance_pools #=> Integer
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.instances_distribution.spot_max_price #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.launch_template_specification.launch_template_id #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.launch_template_specification.launch_template_name #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.launch_template_specification.version #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.overrides #=> Array
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.overrides[0].instance_type #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.mixed_instances_policy.launch_template.overrides[0].weighted_capacity #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.availability_zones #=> Array
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_auto_scaling_group.availability_zones[0].value #=> String
     #   resp.findings[0].resources[0].details.aws_code_build_project.encryption_key #=> String
     #   resp.findings[0].resources[0].details.aws_code_build_project.artifacts #=> Array
     #   resp.findings[0].resources[0].details.aws_code_build_project.artifacts[0].artifact_identifier #=> String
@@ -6160,6 +6528,8 @@ module Aws::SecurityHub
     #   resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].filter.s3_key_filter.filter_rules[0].value #=> String
     #   resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].destination #=> String
     #   resp.findings[0].resources[0].details.aws_s3_bucket.bucket_notification_configuration.configurations[0].type #=> String
+    #   resp.findings[0].resources[0].details.aws_s3_bucket.bucket_versioning_configuration.is_mfa_delete_enabled #=> Boolean
+    #   resp.findings[0].resources[0].details.aws_s3_bucket.bucket_versioning_configuration.status #=> String
     #   resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_acls #=> Boolean
     #   resp.findings[0].resources[0].details.aws_s3_account_public_access_block.block_public_policy #=> Boolean
     #   resp.findings[0].resources[0].details.aws_s3_account_public_access_block.ignore_public_acls #=> Boolean
@@ -7149,6 +7519,9 @@ module Aws::SecurityHub
     #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.security_groups[0] #=> String
     #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.spot_price #=> String
     #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.user_data #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.metadata_options.http_endpoint #=> String
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.metadata_options.http_put_response_hop_limit #=> Integer
+    #   resp.findings[0].resources[0].details.aws_auto_scaling_launch_configuration.metadata_options.http_tokens #=> String
     #   resp.findings[0].resources[0].details.aws_ec2_vpn_connection.vpn_connection_id #=> String
     #   resp.findings[0].resources[0].details.aws_ec2_vpn_connection.state #=> String
     #   resp.findings[0].resources[0].details.aws_ec2_vpn_connection.customer_gateway_id #=> String
@@ -7302,6 +7675,87 @@ module Aws::SecurityHub
     #   resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].enabled #=> Boolean
     #   resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].types #=> Array
     #   resp.findings[0].resources[0].details.aws_eks_cluster.logging.cluster_logging[0].types[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateful_rule_group_references #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateful_rule_group_references[0].resource_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_custom_actions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_custom_actions[0].action_definition.publish_metric_action.dimensions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_custom_actions[0].action_definition.publish_metric_action.dimensions[0].value #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_custom_actions[0].action_name #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_default_actions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_default_actions[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_fragment_default_actions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_fragment_default_actions[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_rule_group_references #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_rule_group_references[0].priority #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy.stateless_rule_group_references[0].resource_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy_id #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.firewall_policy_name #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall_policy.description #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.delete_protection #=> Boolean
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.description #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.firewall_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.firewall_id #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.firewall_name #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.firewall_policy_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.firewall_policy_change_protection #=> Boolean
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.subnet_change_protection #=> Boolean
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.subnet_mappings #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.subnet_mappings[0].subnet_id #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_firewall.vpc_id #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.capacity #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.description #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rule_variables.ip_sets.definition #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rule_variables.ip_sets.definition[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rule_variables.port_sets.definition #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rule_variables.port_sets.definition[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_source_list.generated_rules_type #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_source_list.target_types #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_source_list.target_types[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_source_list.targets #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_source_list.targets[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.rules_string #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].action #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.destination #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.destination_port #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.direction #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.protocol #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.source #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].header.source_port #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].rule_options #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].rule_options[0].keyword #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].rule_options[0].settings #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateful_rules[0].rule_options[0].settings[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.custom_actions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.custom_actions[0].action_definition.publish_metric_action.dimensions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.custom_actions[0].action_definition.publish_metric_action.dimensions[0].value #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.custom_actions[0].action_name #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].priority #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.actions #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.actions[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.destination_ports #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.destination_ports[0].from_port #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.destination_ports[0].to_port #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.destinations #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.destinations[0].address_definition #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.protocols #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.protocols[0] #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.source_ports #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.source_ports[0].from_port #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.source_ports[0].to_port #=> Integer
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.sources #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.sources[0].address_definition #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.tcp_flags #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.tcp_flags[0].flags #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.tcp_flags[0].flags[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.tcp_flags[0].masks #=> Array
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group.rules_source.stateless_rules_and_custom_actions.stateless_rules[0].rule_definition.match_attributes.tcp_flags[0].masks[0] #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group_arn #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group_id #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.rule_group_name #=> String
+    #   resp.findings[0].resources[0].details.aws_network_firewall_rule_group.type #=> String
     #   resp.findings[0].compliance.status #=> String, one of "PASSED", "WARNING", "FAILED", "NOT_AVAILABLE"
     #   resp.findings[0].compliance.related_requirements #=> Array
     #   resp.findings[0].compliance.related_requirements[0] #=> String
@@ -8016,6 +8470,47 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # If finding aggregation is enabled, then `ListFindingAggregators`
+    # returns the ARN of the finding aggregator. You can run this operation
+    # from any Region.
+    #
+    # @option params [String] :next_token
+    #   The token returned with the previous set of results. Identifies the
+    #   next set of results to return.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to return. This operation currently only
+    #   returns a single result.
+    #
+    # @return [Types::ListFindingAggregatorsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListFindingAggregatorsResponse#finding_aggregators #finding_aggregators} => Array&lt;Types::FindingAggregator&gt;
+    #   * {Types::ListFindingAggregatorsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_finding_aggregators({
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.finding_aggregators #=> Array
+    #   resp.finding_aggregators[0].finding_aggregator_arn #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListFindingAggregators AWS API Documentation
+    #
+    # @overload list_finding_aggregators(params = {})
+    # @param [Hash] params ({})
+    def list_finding_aggregators(params = {}, options = {})
+      req = build_request(:list_finding_aggregators, params)
+      req.send_request(options)
+    end
+
     # Lists all Security Hub membership invitations that were sent to the
     # current Amazon Web Services account.
     #
@@ -8292,6 +8787,84 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Updates the finding aggregation configuration. Used to update the
+    # Region linking mode and the list of included or excluded Regions. You
+    # cannot use `UpdateFindingAggregator` to change the aggregation Region.
+    #
+    # You must run `UpdateFindingAggregator` from the current aggregation
+    # Region.
+    #
+    # @option params [required, String] :finding_aggregator_arn
+    #   The ARN of the finding aggregator. To obtain the ARN, use
+    #   `ListFindingAggregators`.
+    #
+    # @option params [required, String] :region_linking_mode
+    #   Indicates whether to aggregate findings from all of the available
+    #   Regions in the current partition. Also determines whether to
+    #   automatically aggregate findings from new Regions as Security Hub
+    #   supports them and you opt into them.
+    #
+    #   The selected option also determines how to use the Regions provided in
+    #   the Regions list.
+    #
+    #   The options are as follows:
+    #
+    #   * `ALL_REGIONS` - Indicates to aggregate findings from all of the
+    #     Regions where Security Hub is enabled. When you choose this option,
+    #     Security Hub also automatically aggregates findings from new Regions
+    #     as Security Hub supports them and you opt into them.
+    #
+    #   * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
+    #     from all of the Regions where Security Hub is enabled, except for
+    #     the Regions listed in the `Regions` parameter. When you choose this
+    #     option, Security Hub also automatically aggregates findings from new
+    #     Regions as Security Hub supports them and you opt into them.
+    #
+    #   * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from the
+    #     Regions listed in the `Regions` parameter. Security Hub does not
+    #     automatically aggregate findings from new Regions.
+    #
+    # @option params [Array<String>] :regions
+    #   If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is
+    #   a comma-separated list of Regions that do not aggregate findings to
+    #   the aggregation Region.
+    #
+    #   If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
+    #   comma-separated list of Regions that do aggregate findings to the
+    #   aggregation Region.
+    #
+    # @return [Types::UpdateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdateFindingAggregatorResponse#finding_aggregator_arn #finding_aggregator_arn} => String
+    #   * {Types::UpdateFindingAggregatorResponse#finding_aggregation_region #finding_aggregation_region} => String
+    #   * {Types::UpdateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
+    #   * {Types::UpdateFindingAggregatorResponse#regions #regions} => Array&lt;String&gt;
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_finding_aggregator({
+    #     finding_aggregator_arn: "NonEmptyString", # required
+    #     region_linking_mode: "NonEmptyString", # required
+    #     regions: ["NonEmptyString"],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.finding_aggregator_arn #=> String
+    #   resp.finding_aggregation_region #=> String
+    #   resp.region_linking_mode #=> String
+    #   resp.regions #=> Array
+    #   resp.regions[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateFindingAggregator AWS API Documentation
+    #
+    # @overload update_finding_aggregator(params = {})
+    # @param [Hash] params ({})
+    def update_finding_aggregator(params = {}, options = {})
+      req = build_request(:update_finding_aggregator, params)
+      req.send_request(options)
+    end
+
     # `UpdateFindings` is deprecated. Instead of `UpdateFindings`, use
     # `BatchUpdateFindings`.
     #
@@ -9700,7 +10273,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.54.0'
+      context[:gem_version] = '1.58.0'
       Seahorse::Client::Request.new(handlers, context)
     end