aws-sdk-securityhub 1.54.0 → 1.58.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +20 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +577 -4
  5. data/lib/aws-sdk-securityhub/client_api.rb +418 -0
  6. data/lib/aws-sdk-securityhub/types.rb +2978 -9
  7. data/lib/aws-sdk-securityhub.rb +1 -1
  8. metadata +4 -4
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -1414,6 +1414,27 @@ module Aws::SecurityHub
1414
1414
  include Aws::Structure
1415
1415
  end
1416
1416
 
1417
+ # An Availability Zone for the automatic scaling group.
1418
+ #
1419
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails
1420
+ # data as a hash:
1421
+ #
1422
+ # {
1423
+ # value: "NonEmptyString",
1424
+ # }
1425
+ #
1426
+ # @!attribute [rw] value
1427
+ # The name of the Availability Zone.
1428
+ # @return [String]
1429
+ #
1430
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails AWS API Documentation
1431
+ #
1432
+ class AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails < Struct.new(
1433
+ :value)
1434
+ SENSITIVE = []
1435
+ include Aws::Structure
1436
+ end
1437
+
1417
1438
  # Provides details about an auto scaling group.
1418
1439
  #
1419
1440
  # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupDetails
@@ -1425,6 +1446,34 @@ module Aws::SecurityHub
1425
1446
  # health_check_type: "NonEmptyString",
1426
1447
  # health_check_grace_period: 1,
1427
1448
  # created_time: "NonEmptyString",
1449
+ # mixed_instances_policy: {
1450
+ # instances_distribution: {
1451
+ # on_demand_allocation_strategy: "NonEmptyString",
1452
+ # on_demand_base_capacity: 1,
1453
+ # on_demand_percentage_above_base_capacity: 1,
1454
+ # spot_allocation_strategy: "NonEmptyString",
1455
+ # spot_instance_pools: 1,
1456
+ # spot_max_price: "NonEmptyString",
1457
+ # },
1458
+ # launch_template: {
1459
+ # launch_template_specification: {
1460
+ # launch_template_id: "NonEmptyString",
1461
+ # launch_template_name: "NonEmptyString",
1462
+ # version: "NonEmptyString",
1463
+ # },
1464
+ # overrides: [
1465
+ # {
1466
+ # instance_type: "NonEmptyString",
1467
+ # weighted_capacity: "NonEmptyString",
1468
+ # },
1469
+ # ],
1470
+ # },
1471
+ # },
1472
+ # availability_zones: [
1473
+ # {
1474
+ # value: "NonEmptyString",
1475
+ # },
1476
+ # ],
1428
1477
  # }
1429
1478
  #
1430
1479
  # @!attribute [rw] launch_configuration_name
@@ -1457,6 +1506,14 @@ module Aws::SecurityHub
1457
1506
  # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
1458
1507
  # @return [String]
1459
1508
  #
1509
+ # @!attribute [rw] mixed_instances_policy
1510
+ # The mixed instances policy for the automatic scaling group.
1511
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails]
1512
+ #
1513
+ # @!attribute [rw] availability_zones
1514
+ # The list of Availability Zones for the automatic scaling group.
1515
+ # @return [Array<Types::AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails>]
1516
+ #
1460
1517
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupDetails AWS API Documentation
1461
1518
  #
1462
1519
  class AwsAutoScalingAutoScalingGroupDetails < Struct.new(
@@ -1464,7 +1521,217 @@ module Aws::SecurityHub
1464
1521
  :load_balancer_names,
1465
1522
  :health_check_type,
1466
1523
  :health_check_grace_period,
1467
- :created_time)
1524
+ :created_time,
1525
+ :mixed_instances_policy,
1526
+ :availability_zones)
1527
+ SENSITIVE = []
1528
+ include Aws::Structure
1529
+ end
1530
+
1531
+ # The mixed instances policy for the automatic scaling group.
1532
+ #
1533
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails
1534
+ # data as a hash:
1535
+ #
1536
+ # {
1537
+ # instances_distribution: {
1538
+ # on_demand_allocation_strategy: "NonEmptyString",
1539
+ # on_demand_base_capacity: 1,
1540
+ # on_demand_percentage_above_base_capacity: 1,
1541
+ # spot_allocation_strategy: "NonEmptyString",
1542
+ # spot_instance_pools: 1,
1543
+ # spot_max_price: "NonEmptyString",
1544
+ # },
1545
+ # launch_template: {
1546
+ # launch_template_specification: {
1547
+ # launch_template_id: "NonEmptyString",
1548
+ # launch_template_name: "NonEmptyString",
1549
+ # version: "NonEmptyString",
1550
+ # },
1551
+ # overrides: [
1552
+ # {
1553
+ # instance_type: "NonEmptyString",
1554
+ # weighted_capacity: "NonEmptyString",
1555
+ # },
1556
+ # ],
1557
+ # },
1558
+ # }
1559
+ #
1560
+ # @!attribute [rw] instances_distribution
1561
+ # The instances distribution. The instances distribution specifies the
1562
+ # distribution of On-Demand Instances and Spot Instances, the maximum
1563
+ # price to pay for Spot Instances, and how the Auto Scaling group
1564
+ # allocates instance types to fulfill On-Demand and Spot capacity.
1565
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails]
1566
+ #
1567
+ # @!attribute [rw] launch_template
1568
+ # The launch template to use and the instance types (overrides) to use
1569
+ # to provision EC2 instances to fulfill On-Demand and Spot capacities.
1570
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails]
1571
+ #
1572
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails AWS API Documentation
1573
+ #
1574
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails < Struct.new(
1575
+ :instances_distribution,
1576
+ :launch_template)
1577
+ SENSITIVE = []
1578
+ include Aws::Structure
1579
+ end
1580
+
1581
+ # Information about the instances distribution.
1582
+ #
1583
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails
1584
+ # data as a hash:
1585
+ #
1586
+ # {
1587
+ # on_demand_allocation_strategy: "NonEmptyString",
1588
+ # on_demand_base_capacity: 1,
1589
+ # on_demand_percentage_above_base_capacity: 1,
1590
+ # spot_allocation_strategy: "NonEmptyString",
1591
+ # spot_instance_pools: 1,
1592
+ # spot_max_price: "NonEmptyString",
1593
+ # }
1594
+ #
1595
+ # @!attribute [rw] on_demand_allocation_strategy
1596
+ # How to allocate instance types to fulfill On-Demand capacity.
1597
+ # @return [String]
1598
+ #
1599
+ # @!attribute [rw] on_demand_base_capacity
1600
+ # The minimum amount of the Auto Scaling group's capacity that must
1601
+ # be fulfilled by On-Demand Instances.
1602
+ # @return [Integer]
1603
+ #
1604
+ # @!attribute [rw] on_demand_percentage_above_base_capacity
1605
+ # The percentage of On-Demand Instances and Spot Instances for
1606
+ # additional capacity beyond `OnDemandBaseCapacity`.
1607
+ # @return [Integer]
1608
+ #
1609
+ # @!attribute [rw] spot_allocation_strategy
1610
+ # How to allocate instances across Spot Instance pools.
1611
+ # @return [String]
1612
+ #
1613
+ # @!attribute [rw] spot_instance_pools
1614
+ # The number of Spot Instance pools across which to allocate your Spot
1615
+ # Instances.
1616
+ # @return [Integer]
1617
+ #
1618
+ # @!attribute [rw] spot_max_price
1619
+ # The maximum price per unit hour that you are willing to pay for a
1620
+ # Spot Instance.
1621
+ # @return [String]
1622
+ #
1623
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails AWS API Documentation
1624
+ #
1625
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails < Struct.new(
1626
+ :on_demand_allocation_strategy,
1627
+ :on_demand_base_capacity,
1628
+ :on_demand_percentage_above_base_capacity,
1629
+ :spot_allocation_strategy,
1630
+ :spot_instance_pools,
1631
+ :spot_max_price)
1632
+ SENSITIVE = []
1633
+ include Aws::Structure
1634
+ end
1635
+
1636
+ # Describes a launch template and overrides for a mixed instances
1637
+ # policy.
1638
+ #
1639
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails
1640
+ # data as a hash:
1641
+ #
1642
+ # {
1643
+ # launch_template_specification: {
1644
+ # launch_template_id: "NonEmptyString",
1645
+ # launch_template_name: "NonEmptyString",
1646
+ # version: "NonEmptyString",
1647
+ # },
1648
+ # overrides: [
1649
+ # {
1650
+ # instance_type: "NonEmptyString",
1651
+ # weighted_capacity: "NonEmptyString",
1652
+ # },
1653
+ # ],
1654
+ # }
1655
+ #
1656
+ # @!attribute [rw] launch_template_specification
1657
+ # The launch template to use.
1658
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification]
1659
+ #
1660
+ # @!attribute [rw] overrides
1661
+ # Property values to use to override the values in the launch
1662
+ # template.
1663
+ # @return [Array<Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails>]
1664
+ #
1665
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails AWS API Documentation
1666
+ #
1667
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails < Struct.new(
1668
+ :launch_template_specification,
1669
+ :overrides)
1670
+ SENSITIVE = []
1671
+ include Aws::Structure
1672
+ end
1673
+
1674
+ # Details about the launch template to use.
1675
+ #
1676
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification
1677
+ # data as a hash:
1678
+ #
1679
+ # {
1680
+ # launch_template_id: "NonEmptyString",
1681
+ # launch_template_name: "NonEmptyString",
1682
+ # version: "NonEmptyString",
1683
+ # }
1684
+ #
1685
+ # @!attribute [rw] launch_template_id
1686
+ # The identifier of the launch template. You must specify either
1687
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1688
+ # @return [String]
1689
+ #
1690
+ # @!attribute [rw] launch_template_name
1691
+ # The name of the launch template. You must specify either
1692
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1693
+ # @return [String]
1694
+ #
1695
+ # @!attribute [rw] version
1696
+ # Identifies the version of the launch template. You can specify a
1697
+ # version identifier, or use the values `$Latest` or `$Default`.
1698
+ # @return [String]
1699
+ #
1700
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification AWS API Documentation
1701
+ #
1702
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification < Struct.new(
1703
+ :launch_template_id,
1704
+ :launch_template_name,
1705
+ :version)
1706
+ SENSITIVE = []
1707
+ include Aws::Structure
1708
+ end
1709
+
1710
+ # Property values to use to override the values in the launch template.
1711
+ #
1712
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails
1713
+ # data as a hash:
1714
+ #
1715
+ # {
1716
+ # instance_type: "NonEmptyString",
1717
+ # weighted_capacity: "NonEmptyString",
1718
+ # }
1719
+ #
1720
+ # @!attribute [rw] instance_type
1721
+ # The instance type. For example, `m3.xlarge`.
1722
+ # @return [String]
1723
+ #
1724
+ # @!attribute [rw] weighted_capacity
1725
+ # The number of capacity units provided by the specified instance type
1726
+ # in terms of virtual CPUs, memory, storage, throughput, or other
1727
+ # relative performance characteristic.
1728
+ # @return [String]
1729
+ #
1730
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails AWS API Documentation
1731
+ #
1732
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails < Struct.new(
1733
+ :instance_type,
1734
+ :weighted_capacity)
1468
1735
  SENSITIVE = []
1469
1736
  include Aws::Structure
1470
1737
  end
@@ -1633,6 +1900,11 @@ module Aws::SecurityHub
1633
1900
  # security_groups: ["NonEmptyString"],
1634
1901
  # spot_price: "NonEmptyString",
1635
1902
  # user_data: "NonEmptyString",
1903
+ # metadata_options: {
1904
+ # http_endpoint: "NonEmptyString",
1905
+ # http_put_response_hop_limit: 1,
1906
+ # http_tokens: "NonEmptyString",
1907
+ # },
1636
1908
  # }
1637
1909
  #
1638
1910
  # @!attribute [rw] associate_public_ip_address
@@ -1725,6 +1997,10 @@ module Aws::SecurityHub
1725
1997
  # be base64-encoded text.
1726
1998
  # @return [String]
1727
1999
  #
2000
+ # @!attribute [rw] metadata_options
2001
+ # The metadata options for the instances.
2002
+ # @return [Types::AwsAutoScalingLaunchConfigurationMetadataOptions]
2003
+ #
1728
2004
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationDetails AWS API Documentation
1729
2005
  #
1730
2006
  class AwsAutoScalingLaunchConfigurationDetails < Struct.new(
@@ -1745,7 +2021,8 @@ module Aws::SecurityHub
1745
2021
  :ramdisk_id,
1746
2022
  :security_groups,
1747
2023
  :spot_price,
1748
- :user_data)
2024
+ :user_data,
2025
+ :metadata_options)
1749
2026
  SENSITIVE = []
1750
2027
  include Aws::Structure
1751
2028
  end
@@ -1775,6 +2052,43 @@ module Aws::SecurityHub
1775
2052
  include Aws::Structure
1776
2053
  end
1777
2054
 
2055
+ # The metadata options for the instances.
2056
+ #
2057
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationMetadataOptions
2058
+ # data as a hash:
2059
+ #
2060
+ # {
2061
+ # http_endpoint: "NonEmptyString",
2062
+ # http_put_response_hop_limit: 1,
2063
+ # http_tokens: "NonEmptyString",
2064
+ # }
2065
+ #
2066
+ # @!attribute [rw] http_endpoint
2067
+ # Enables or disables the HTTP metadata endpoint on your instances. By
2068
+ # default, the metadata endpoint is enabled.
2069
+ # @return [String]
2070
+ #
2071
+ # @!attribute [rw] http_put_response_hop_limit
2072
+ # The HTTP `PUT` response hop limit for instance metadata requests.
2073
+ # The larger the number, the further instance metadata requests can
2074
+ # travel.
2075
+ # @return [Integer]
2076
+ #
2077
+ # @!attribute [rw] http_tokens
2078
+ # Indicates whether token usage is `required` or `optional` for
2079
+ # metadata requests. By default, token usage is `optional`.
2080
+ # @return [String]
2081
+ #
2082
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationMetadataOptions AWS API Documentation
2083
+ #
2084
+ class AwsAutoScalingLaunchConfigurationMetadataOptions < Struct.new(
2085
+ :http_endpoint,
2086
+ :http_put_response_hop_limit,
2087
+ :http_tokens)
2088
+ SENSITIVE = []
2089
+ include Aws::Structure
2090
+ end
2091
+
1778
2092
  # Provides details about an Certificate Manager certificate.
1779
2093
  #
1780
2094
  # @note When making an API call, you may pass AwsCertificateManagerCertificateDetails
@@ -12004,6 +12318,340 @@ module Aws::SecurityHub
12004
12318
  include Aws::Structure
12005
12319
  end
12006
12320
 
12321
+ # Details about an Network Firewall firewall.
12322
+ #
12323
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallDetails
12324
+ # data as a hash:
12325
+ #
12326
+ # {
12327
+ # delete_protection: false,
12328
+ # description: "NonEmptyString",
12329
+ # firewall_arn: "NonEmptyString",
12330
+ # firewall_id: "NonEmptyString",
12331
+ # firewall_name: "NonEmptyString",
12332
+ # firewall_policy_arn: "NonEmptyString",
12333
+ # firewall_policy_change_protection: false,
12334
+ # subnet_change_protection: false,
12335
+ # subnet_mappings: [
12336
+ # {
12337
+ # subnet_id: "NonEmptyString",
12338
+ # },
12339
+ # ],
12340
+ # vpc_id: "NonEmptyString",
12341
+ # }
12342
+ #
12343
+ # @!attribute [rw] delete_protection
12344
+ # Whether the firewall is protected from deletion. If set to `true`,
12345
+ # then the firewall cannot be deleted.
12346
+ # @return [Boolean]
12347
+ #
12348
+ # @!attribute [rw] description
12349
+ # A description of the firewall.
12350
+ # @return [String]
12351
+ #
12352
+ # @!attribute [rw] firewall_arn
12353
+ # The ARN of the firewall.
12354
+ # @return [String]
12355
+ #
12356
+ # @!attribute [rw] firewall_id
12357
+ # The identifier of the firewall.
12358
+ # @return [String]
12359
+ #
12360
+ # @!attribute [rw] firewall_name
12361
+ # A descriptive name of the firewall.
12362
+ # @return [String]
12363
+ #
12364
+ # @!attribute [rw] firewall_policy_arn
12365
+ # The ARN of the firewall policy.
12366
+ # @return [String]
12367
+ #
12368
+ # @!attribute [rw] firewall_policy_change_protection
12369
+ # Whether the firewall is protected from a change to the firewall
12370
+ # policy. If set to `true`, you cannot associate a different policy
12371
+ # with the firewall.
12372
+ # @return [Boolean]
12373
+ #
12374
+ # @!attribute [rw] subnet_change_protection
12375
+ # Whether the firewall is protected from a change to the subnet
12376
+ # associations. If set to `true`, you cannot map different subnets to
12377
+ # the firewall.
12378
+ # @return [Boolean]
12379
+ #
12380
+ # @!attribute [rw] subnet_mappings
12381
+ # The public subnets that Network Firewall uses for the firewall. Each
12382
+ # subnet must belong to a different Availability Zone.
12383
+ # @return [Array<Types::AwsNetworkFirewallFirewallSubnetMappingsDetails>]
12384
+ #
12385
+ # @!attribute [rw] vpc_id
12386
+ # The identifier of the VPC where the firewall is used.
12387
+ # @return [String]
12388
+ #
12389
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallDetails AWS API Documentation
12390
+ #
12391
+ class AwsNetworkFirewallFirewallDetails < Struct.new(
12392
+ :delete_protection,
12393
+ :description,
12394
+ :firewall_arn,
12395
+ :firewall_id,
12396
+ :firewall_name,
12397
+ :firewall_policy_arn,
12398
+ :firewall_policy_change_protection,
12399
+ :subnet_change_protection,
12400
+ :subnet_mappings,
12401
+ :vpc_id)
12402
+ SENSITIVE = []
12403
+ include Aws::Structure
12404
+ end
12405
+
12406
+ # Details about a firewall policy. A firewall policy defines the
12407
+ # behavior of a network firewall.
12408
+ #
12409
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallPolicyDetails
12410
+ # data as a hash:
12411
+ #
12412
+ # {
12413
+ # firewall_policy: {
12414
+ # stateful_rule_group_references: [
12415
+ # {
12416
+ # resource_arn: "NonEmptyString",
12417
+ # },
12418
+ # ],
12419
+ # stateless_custom_actions: [
12420
+ # {
12421
+ # action_definition: {
12422
+ # publish_metric_action: {
12423
+ # dimensions: [
12424
+ # {
12425
+ # value: "NonEmptyString",
12426
+ # },
12427
+ # ],
12428
+ # },
12429
+ # },
12430
+ # action_name: "NonEmptyString",
12431
+ # },
12432
+ # ],
12433
+ # stateless_default_actions: ["NonEmptyString"],
12434
+ # stateless_fragment_default_actions: ["NonEmptyString"],
12435
+ # stateless_rule_group_references: [
12436
+ # {
12437
+ # priority: 1,
12438
+ # resource_arn: "NonEmptyString",
12439
+ # },
12440
+ # ],
12441
+ # },
12442
+ # firewall_policy_arn: "NonEmptyString",
12443
+ # firewall_policy_id: "NonEmptyString",
12444
+ # firewall_policy_name: "NonEmptyString",
12445
+ # description: "NonEmptyString",
12446
+ # }
12447
+ #
12448
+ # @!attribute [rw] firewall_policy
12449
+ # The firewall policy configuration.
12450
+ # @return [Types::FirewallPolicyDetails]
12451
+ #
12452
+ # @!attribute [rw] firewall_policy_arn
12453
+ # The ARN of the firewall policy.
12454
+ # @return [String]
12455
+ #
12456
+ # @!attribute [rw] firewall_policy_id
12457
+ # The identifier of the firewall policy.
12458
+ # @return [String]
12459
+ #
12460
+ # @!attribute [rw] firewall_policy_name
12461
+ # The name of the firewall policy.
12462
+ # @return [String]
12463
+ #
12464
+ # @!attribute [rw] description
12465
+ # A description of the firewall policy.
12466
+ # @return [String]
12467
+ #
12468
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallPolicyDetails AWS API Documentation
12469
+ #
12470
+ class AwsNetworkFirewallFirewallPolicyDetails < Struct.new(
12471
+ :firewall_policy,
12472
+ :firewall_policy_arn,
12473
+ :firewall_policy_id,
12474
+ :firewall_policy_name,
12475
+ :description)
12476
+ SENSITIVE = []
12477
+ include Aws::Structure
12478
+ end
12479
+
12480
+ # A public subnet that Network Firewall uses for the firewall.
12481
+ #
12482
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallSubnetMappingsDetails
12483
+ # data as a hash:
12484
+ #
12485
+ # {
12486
+ # subnet_id: "NonEmptyString",
12487
+ # }
12488
+ #
12489
+ # @!attribute [rw] subnet_id
12490
+ # The identifier of the subnet
12491
+ # @return [String]
12492
+ #
12493
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallSubnetMappingsDetails AWS API Documentation
12494
+ #
12495
+ class AwsNetworkFirewallFirewallSubnetMappingsDetails < Struct.new(
12496
+ :subnet_id)
12497
+ SENSITIVE = []
12498
+ include Aws::Structure
12499
+ end
12500
+
12501
+ # Details about an Network Firewall rule group. Rule groups are used to
12502
+ # inspect and control network traffic. Stateless rule groups apply to
12503
+ # individual packets. Stateful rule groups apply to packets in the
12504
+ # context of their traffic flow.
12505
+ #
12506
+ # Rule groups are referenced in firewall policies.
12507
+ #
12508
+ # @note When making an API call, you may pass AwsNetworkFirewallRuleGroupDetails
12509
+ # data as a hash:
12510
+ #
12511
+ # {
12512
+ # capacity: 1,
12513
+ # description: "NonEmptyString",
12514
+ # rule_group: {
12515
+ # rule_variables: {
12516
+ # ip_sets: {
12517
+ # definition: ["NonEmptyString"],
12518
+ # },
12519
+ # port_sets: {
12520
+ # definition: ["NonEmptyString"],
12521
+ # },
12522
+ # },
12523
+ # rules_source: {
12524
+ # rules_source_list: {
12525
+ # generated_rules_type: "NonEmptyString",
12526
+ # target_types: ["NonEmptyString"],
12527
+ # targets: ["NonEmptyString"],
12528
+ # },
12529
+ # rules_string: "NonEmptyString",
12530
+ # stateful_rules: [
12531
+ # {
12532
+ # action: "NonEmptyString",
12533
+ # header: {
12534
+ # destination: "NonEmptyString",
12535
+ # destination_port: "NonEmptyString",
12536
+ # direction: "NonEmptyString",
12537
+ # protocol: "NonEmptyString",
12538
+ # source: "NonEmptyString",
12539
+ # source_port: "NonEmptyString",
12540
+ # },
12541
+ # rule_options: [
12542
+ # {
12543
+ # keyword: "NonEmptyString",
12544
+ # settings: ["NonEmptyString"],
12545
+ # },
12546
+ # ],
12547
+ # },
12548
+ # ],
12549
+ # stateless_rules_and_custom_actions: {
12550
+ # custom_actions: [
12551
+ # {
12552
+ # action_definition: {
12553
+ # publish_metric_action: {
12554
+ # dimensions: [
12555
+ # {
12556
+ # value: "NonEmptyString",
12557
+ # },
12558
+ # ],
12559
+ # },
12560
+ # },
12561
+ # action_name: "NonEmptyString",
12562
+ # },
12563
+ # ],
12564
+ # stateless_rules: [
12565
+ # {
12566
+ # priority: 1,
12567
+ # rule_definition: {
12568
+ # actions: ["NonEmptyString"],
12569
+ # match_attributes: {
12570
+ # destination_ports: [
12571
+ # {
12572
+ # from_port: 1,
12573
+ # to_port: 1,
12574
+ # },
12575
+ # ],
12576
+ # destinations: [
12577
+ # {
12578
+ # address_definition: "NonEmptyString",
12579
+ # },
12580
+ # ],
12581
+ # protocols: [1],
12582
+ # source_ports: [
12583
+ # {
12584
+ # from_port: 1,
12585
+ # to_port: 1,
12586
+ # },
12587
+ # ],
12588
+ # sources: [
12589
+ # {
12590
+ # address_definition: "NonEmptyString",
12591
+ # },
12592
+ # ],
12593
+ # tcp_flags: [
12594
+ # {
12595
+ # flags: ["NonEmptyString"],
12596
+ # masks: ["NonEmptyString"],
12597
+ # },
12598
+ # ],
12599
+ # },
12600
+ # },
12601
+ # },
12602
+ # ],
12603
+ # },
12604
+ # },
12605
+ # },
12606
+ # rule_group_arn: "NonEmptyString",
12607
+ # rule_group_id: "NonEmptyString",
12608
+ # rule_group_name: "NonEmptyString",
12609
+ # type: "NonEmptyString",
12610
+ # }
12611
+ #
12612
+ # @!attribute [rw] capacity
12613
+ # The maximum number of operating resources that this rule group can
12614
+ # use.
12615
+ # @return [Integer]
12616
+ #
12617
+ # @!attribute [rw] description
12618
+ # A description of the rule group.
12619
+ # @return [String]
12620
+ #
12621
+ # @!attribute [rw] rule_group
12622
+ # Details about the rule group.
12623
+ # @return [Types::RuleGroupDetails]
12624
+ #
12625
+ # @!attribute [rw] rule_group_arn
12626
+ # The ARN of the rule group.
12627
+ # @return [String]
12628
+ #
12629
+ # @!attribute [rw] rule_group_id
12630
+ # The identifier of the rule group.
12631
+ # @return [String]
12632
+ #
12633
+ # @!attribute [rw] rule_group_name
12634
+ # The descriptive name of the rule group.
12635
+ # @return [String]
12636
+ #
12637
+ # @!attribute [rw] type
12638
+ # The type of rule group. A rule group can be stateful or stateless.
12639
+ # @return [String]
12640
+ #
12641
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallRuleGroupDetails AWS API Documentation
12642
+ #
12643
+ class AwsNetworkFirewallRuleGroupDetails < Struct.new(
12644
+ :capacity,
12645
+ :description,
12646
+ :rule_group,
12647
+ :rule_group_arn,
12648
+ :rule_group_id,
12649
+ :rule_group_name,
12650
+ :type)
12651
+ SENSITIVE = []
12652
+ include Aws::Structure
12653
+ end
12654
+
12007
12655
  # Details about the configuration of an OpenSearch cluster.
12008
12656
  #
12009
12657
  # @note When making an API call, you may pass AwsOpenSearchServiceDomainClusterConfigDetails
@@ -15965,6 +16613,35 @@ module Aws::SecurityHub
15965
16613
  include Aws::Structure
15966
16614
  end
15967
16615
 
16616
+ # Describes the versioning state of an S3 bucket.
16617
+ #
16618
+ # @note When making an API call, you may pass AwsS3BucketBucketVersioningConfiguration
16619
+ # data as a hash:
16620
+ #
16621
+ # {
16622
+ # is_mfa_delete_enabled: false,
16623
+ # status: "NonEmptyString",
16624
+ # }
16625
+ #
16626
+ # @!attribute [rw] is_mfa_delete_enabled
16627
+ # Specifies whether MFA delete is currently enabled in the S3 bucket
16628
+ # versioning configuration. If the S3 bucket was never configured with
16629
+ # MFA delete, then this attribute is not included.
16630
+ # @return [Boolean]
16631
+ #
16632
+ # @!attribute [rw] status
16633
+ # The versioning status of the S3 bucket.
16634
+ # @return [String]
16635
+ #
16636
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketVersioningConfiguration AWS API Documentation
16637
+ #
16638
+ class AwsS3BucketBucketVersioningConfiguration < Struct.new(
16639
+ :is_mfa_delete_enabled,
16640
+ :status)
16641
+ SENSITIVE = []
16642
+ include Aws::Structure
16643
+ end
16644
+
15968
16645
  # The details of an Amazon S3 bucket.
15969
16646
  #
15970
16647
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -16087,6 +16764,10 @@ module Aws::SecurityHub
16087
16764
  # },
16088
16765
  # ],
16089
16766
  # },
16767
+ # bucket_versioning_configuration: {
16768
+ # is_mfa_delete_enabled: false,
16769
+ # status: "NonEmptyString",
16770
+ # },
16090
16771
  # }
16091
16772
  #
16092
16773
  # @!attribute [rw] owner_id
@@ -16143,6 +16824,10 @@ module Aws::SecurityHub
16143
16824
  # The notification configuration for the S3 bucket.
16144
16825
  # @return [Types::AwsS3BucketNotificationConfiguration]
16145
16826
  #
16827
+ # @!attribute [rw] bucket_versioning_configuration
16828
+ # The versioning state of an S3 bucket.
16829
+ # @return [Types::AwsS3BucketBucketVersioningConfiguration]
16830
+ #
16146
16831
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
16147
16832
  #
16148
16833
  class AwsS3BucketDetails < Struct.new(
@@ -16156,7 +16841,8 @@ module Aws::SecurityHub
16156
16841
  :access_control_list,
16157
16842
  :bucket_logging_configuration,
16158
16843
  :bucket_website_configuration,
16159
- :bucket_notification_configuration)
16844
+ :bucket_notification_configuration,
16845
+ :bucket_versioning_configuration)
16160
16846
  SENSITIVE = []
16161
16847
  include Aws::Structure
16162
16848
  end
@@ -17077,6 +17763,34 @@ module Aws::SecurityHub
17077
17763
  # health_check_type: "NonEmptyString",
17078
17764
  # health_check_grace_period: 1,
17079
17765
  # created_time: "NonEmptyString",
17766
+ # mixed_instances_policy: {
17767
+ # instances_distribution: {
17768
+ # on_demand_allocation_strategy: "NonEmptyString",
17769
+ # on_demand_base_capacity: 1,
17770
+ # on_demand_percentage_above_base_capacity: 1,
17771
+ # spot_allocation_strategy: "NonEmptyString",
17772
+ # spot_instance_pools: 1,
17773
+ # spot_max_price: "NonEmptyString",
17774
+ # },
17775
+ # launch_template: {
17776
+ # launch_template_specification: {
17777
+ # launch_template_id: "NonEmptyString",
17778
+ # launch_template_name: "NonEmptyString",
17779
+ # version: "NonEmptyString",
17780
+ # },
17781
+ # overrides: [
17782
+ # {
17783
+ # instance_type: "NonEmptyString",
17784
+ # weighted_capacity: "NonEmptyString",
17785
+ # },
17786
+ # ],
17787
+ # },
17788
+ # },
17789
+ # availability_zones: [
17790
+ # {
17791
+ # value: "NonEmptyString",
17792
+ # },
17793
+ # ],
17080
17794
  # },
17081
17795
  # aws_code_build_project: {
17082
17796
  # encryption_key: "NonEmptyString",
@@ -17647,6 +18361,10 @@ module Aws::SecurityHub
17647
18361
  # },
17648
18362
  # ],
17649
18363
  # },
18364
+ # bucket_versioning_configuration: {
18365
+ # is_mfa_delete_enabled: false,
18366
+ # status: "NonEmptyString",
18367
+ # },
17650
18368
  # },
17651
18369
  # aws_s3_account_public_access_block: {
17652
18370
  # block_public_acls: false,
@@ -19061,6 +19779,11 @@ module Aws::SecurityHub
19061
19779
  # security_groups: ["NonEmptyString"],
19062
19780
  # spot_price: "NonEmptyString",
19063
19781
  # user_data: "NonEmptyString",
19782
+ # metadata_options: {
19783
+ # http_endpoint: "NonEmptyString",
19784
+ # http_put_response_hop_limit: 1,
19785
+ # http_tokens: "NonEmptyString",
19786
+ # },
19064
19787
  # },
19065
19788
  # aws_ec2_vpn_connection: {
19066
19789
  # vpn_connection_id: "NonEmptyString",
@@ -19270,6 +19993,157 @@ module Aws::SecurityHub
19270
19993
  # ],
19271
19994
  # },
19272
19995
  # },
19996
+ # aws_network_firewall_firewall_policy: {
19997
+ # firewall_policy: {
19998
+ # stateful_rule_group_references: [
19999
+ # {
20000
+ # resource_arn: "NonEmptyString",
20001
+ # },
20002
+ # ],
20003
+ # stateless_custom_actions: [
20004
+ # {
20005
+ # action_definition: {
20006
+ # publish_metric_action: {
20007
+ # dimensions: [
20008
+ # {
20009
+ # value: "NonEmptyString",
20010
+ # },
20011
+ # ],
20012
+ # },
20013
+ # },
20014
+ # action_name: "NonEmptyString",
20015
+ # },
20016
+ # ],
20017
+ # stateless_default_actions: ["NonEmptyString"],
20018
+ # stateless_fragment_default_actions: ["NonEmptyString"],
20019
+ # stateless_rule_group_references: [
20020
+ # {
20021
+ # priority: 1,
20022
+ # resource_arn: "NonEmptyString",
20023
+ # },
20024
+ # ],
20025
+ # },
20026
+ # firewall_policy_arn: "NonEmptyString",
20027
+ # firewall_policy_id: "NonEmptyString",
20028
+ # firewall_policy_name: "NonEmptyString",
20029
+ # description: "NonEmptyString",
20030
+ # },
20031
+ # aws_network_firewall_firewall: {
20032
+ # delete_protection: false,
20033
+ # description: "NonEmptyString",
20034
+ # firewall_arn: "NonEmptyString",
20035
+ # firewall_id: "NonEmptyString",
20036
+ # firewall_name: "NonEmptyString",
20037
+ # firewall_policy_arn: "NonEmptyString",
20038
+ # firewall_policy_change_protection: false,
20039
+ # subnet_change_protection: false,
20040
+ # subnet_mappings: [
20041
+ # {
20042
+ # subnet_id: "NonEmptyString",
20043
+ # },
20044
+ # ],
20045
+ # vpc_id: "NonEmptyString",
20046
+ # },
20047
+ # aws_network_firewall_rule_group: {
20048
+ # capacity: 1,
20049
+ # description: "NonEmptyString",
20050
+ # rule_group: {
20051
+ # rule_variables: {
20052
+ # ip_sets: {
20053
+ # definition: ["NonEmptyString"],
20054
+ # },
20055
+ # port_sets: {
20056
+ # definition: ["NonEmptyString"],
20057
+ # },
20058
+ # },
20059
+ # rules_source: {
20060
+ # rules_source_list: {
20061
+ # generated_rules_type: "NonEmptyString",
20062
+ # target_types: ["NonEmptyString"],
20063
+ # targets: ["NonEmptyString"],
20064
+ # },
20065
+ # rules_string: "NonEmptyString",
20066
+ # stateful_rules: [
20067
+ # {
20068
+ # action: "NonEmptyString",
20069
+ # header: {
20070
+ # destination: "NonEmptyString",
20071
+ # destination_port: "NonEmptyString",
20072
+ # direction: "NonEmptyString",
20073
+ # protocol: "NonEmptyString",
20074
+ # source: "NonEmptyString",
20075
+ # source_port: "NonEmptyString",
20076
+ # },
20077
+ # rule_options: [
20078
+ # {
20079
+ # keyword: "NonEmptyString",
20080
+ # settings: ["NonEmptyString"],
20081
+ # },
20082
+ # ],
20083
+ # },
20084
+ # ],
20085
+ # stateless_rules_and_custom_actions: {
20086
+ # custom_actions: [
20087
+ # {
20088
+ # action_definition: {
20089
+ # publish_metric_action: {
20090
+ # dimensions: [
20091
+ # {
20092
+ # value: "NonEmptyString",
20093
+ # },
20094
+ # ],
20095
+ # },
20096
+ # },
20097
+ # action_name: "NonEmptyString",
20098
+ # },
20099
+ # ],
20100
+ # stateless_rules: [
20101
+ # {
20102
+ # priority: 1,
20103
+ # rule_definition: {
20104
+ # actions: ["NonEmptyString"],
20105
+ # match_attributes: {
20106
+ # destination_ports: [
20107
+ # {
20108
+ # from_port: 1,
20109
+ # to_port: 1,
20110
+ # },
20111
+ # ],
20112
+ # destinations: [
20113
+ # {
20114
+ # address_definition: "NonEmptyString",
20115
+ # },
20116
+ # ],
20117
+ # protocols: [1],
20118
+ # source_ports: [
20119
+ # {
20120
+ # from_port: 1,
20121
+ # to_port: 1,
20122
+ # },
20123
+ # ],
20124
+ # sources: [
20125
+ # {
20126
+ # address_definition: "NonEmptyString",
20127
+ # },
20128
+ # ],
20129
+ # tcp_flags: [
20130
+ # {
20131
+ # flags: ["NonEmptyString"],
20132
+ # masks: ["NonEmptyString"],
20133
+ # },
20134
+ # ],
20135
+ # },
20136
+ # },
20137
+ # },
20138
+ # ],
20139
+ # },
20140
+ # },
20141
+ # },
20142
+ # rule_group_arn: "NonEmptyString",
20143
+ # rule_group_id: "NonEmptyString",
20144
+ # rule_group_name: "NonEmptyString",
20145
+ # type: "NonEmptyString",
20146
+ # },
19273
20147
  # },
19274
20148
  # },
19275
20149
  # ],
@@ -20805,9 +21679,9 @@ module Aws::SecurityHub
20805
21679
  # Security Hub also resets the workflow status from `NOTIFIED` or
20806
21680
  # `RESOLVED` to `NEW` in the following cases:
20807
21681
  #
20808
- # * The record state changes from `ARCHIVED` to `ACTIVE`.
21682
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
20809
21683
  #
20810
- # * The compliance status changes from `PASSED` to either `WARNING`,
21684
+ # * `Compliance.Status` changes from `PASSED` to either `WARNING`,
20811
21685
  # `FAILED`, or `NOT_AVAILABLE`.
20812
21686
  #
20813
21687
  # * `NOTIFIED` - Indicates that the resource owner has been notified
@@ -20815,11 +21689,36 @@ module Aws::SecurityHub
20815
21689
  # the resource owner, and needs intervention from the resource
20816
21690
  # owner.
20817
21691
  #
20818
- # * `SUPPRESSED` - The finding will not be reviewed again and will not
20819
- # be acted upon.
21692
+ # If one of the following occurs, the workflow status is changed
21693
+ # automatically from `NOTIFIED` to `NEW`\:
21694
+ #
21695
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
21696
+ #
21697
+ # * `Compliance.Status` changes from `PASSED` to `FAILED`,
21698
+ # `WARNING`, or `NOT_AVAILABLE`.
21699
+ #
21700
+ # * `SUPPRESSED` - Indicates that you reviewed the finding and do not
21701
+ # believe that any action is needed.
21702
+ #
21703
+ # The workflow status of a `SUPPRESSED` finding does not change if
21704
+ # `RecordState` changes from `ARCHIVED` to `ACTIVE`.
20820
21705
  #
20821
21706
  # * `RESOLVED` - The finding was reviewed and remediated and is now
20822
21707
  # considered resolved.
21708
+ #
21709
+ # The finding remains `RESOLVED` unless one of the following occurs:
21710
+ #
21711
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
21712
+ #
21713
+ # * `Compliance.Status` changes from `PASSED` to `FAILED`,
21714
+ # `WARNING`, or `NOT_AVAILABLE`.
21715
+ #
21716
+ # In those cases, the workflow status is automatically reset to
21717
+ # `NEW`.
21718
+ #
21719
+ # For findings from controls, if `Compliance.Status` is `PASSED`,
21720
+ # then Security Hub automatically sets the workflow status to
21721
+ # `RESOLVED`.
20823
21722
  # @return [Array<Types::StringFilter>]
20824
21723
  #
20825
21724
  # @!attribute [rw] record_state
@@ -22102,6 +23001,34 @@ module Aws::SecurityHub
22102
23001
  # health_check_type: "NonEmptyString",
22103
23002
  # health_check_grace_period: 1,
22104
23003
  # created_time: "NonEmptyString",
23004
+ # mixed_instances_policy: {
23005
+ # instances_distribution: {
23006
+ # on_demand_allocation_strategy: "NonEmptyString",
23007
+ # on_demand_base_capacity: 1,
23008
+ # on_demand_percentage_above_base_capacity: 1,
23009
+ # spot_allocation_strategy: "NonEmptyString",
23010
+ # spot_instance_pools: 1,
23011
+ # spot_max_price: "NonEmptyString",
23012
+ # },
23013
+ # launch_template: {
23014
+ # launch_template_specification: {
23015
+ # launch_template_id: "NonEmptyString",
23016
+ # launch_template_name: "NonEmptyString",
23017
+ # version: "NonEmptyString",
23018
+ # },
23019
+ # overrides: [
23020
+ # {
23021
+ # instance_type: "NonEmptyString",
23022
+ # weighted_capacity: "NonEmptyString",
23023
+ # },
23024
+ # ],
23025
+ # },
23026
+ # },
23027
+ # availability_zones: [
23028
+ # {
23029
+ # value: "NonEmptyString",
23030
+ # },
23031
+ # ],
22105
23032
  # },
22106
23033
  # aws_code_build_project: {
22107
23034
  # encryption_key: "NonEmptyString",
@@ -22672,6 +23599,10 @@ module Aws::SecurityHub
22672
23599
  # },
22673
23600
  # ],
22674
23601
  # },
23602
+ # bucket_versioning_configuration: {
23603
+ # is_mfa_delete_enabled: false,
23604
+ # status: "NonEmptyString",
23605
+ # },
22675
23606
  # },
22676
23607
  # aws_s3_account_public_access_block: {
22677
23608
  # block_public_acls: false,
@@ -24086,6 +25017,11 @@ module Aws::SecurityHub
24086
25017
  # security_groups: ["NonEmptyString"],
24087
25018
  # spot_price: "NonEmptyString",
24088
25019
  # user_data: "NonEmptyString",
25020
+ # metadata_options: {
25021
+ # http_endpoint: "NonEmptyString",
25022
+ # http_put_response_hop_limit: 1,
25023
+ # http_tokens: "NonEmptyString",
25024
+ # },
24089
25025
  # },
24090
25026
  # aws_ec2_vpn_connection: {
24091
25027
  # vpn_connection_id: "NonEmptyString",
@@ -24295,6 +25231,157 @@ module Aws::SecurityHub
24295
25231
  # ],
24296
25232
  # },
24297
25233
  # },
25234
+ # aws_network_firewall_firewall_policy: {
25235
+ # firewall_policy: {
25236
+ # stateful_rule_group_references: [
25237
+ # {
25238
+ # resource_arn: "NonEmptyString",
25239
+ # },
25240
+ # ],
25241
+ # stateless_custom_actions: [
25242
+ # {
25243
+ # action_definition: {
25244
+ # publish_metric_action: {
25245
+ # dimensions: [
25246
+ # {
25247
+ # value: "NonEmptyString",
25248
+ # },
25249
+ # ],
25250
+ # },
25251
+ # },
25252
+ # action_name: "NonEmptyString",
25253
+ # },
25254
+ # ],
25255
+ # stateless_default_actions: ["NonEmptyString"],
25256
+ # stateless_fragment_default_actions: ["NonEmptyString"],
25257
+ # stateless_rule_group_references: [
25258
+ # {
25259
+ # priority: 1,
25260
+ # resource_arn: "NonEmptyString",
25261
+ # },
25262
+ # ],
25263
+ # },
25264
+ # firewall_policy_arn: "NonEmptyString",
25265
+ # firewall_policy_id: "NonEmptyString",
25266
+ # firewall_policy_name: "NonEmptyString",
25267
+ # description: "NonEmptyString",
25268
+ # },
25269
+ # aws_network_firewall_firewall: {
25270
+ # delete_protection: false,
25271
+ # description: "NonEmptyString",
25272
+ # firewall_arn: "NonEmptyString",
25273
+ # firewall_id: "NonEmptyString",
25274
+ # firewall_name: "NonEmptyString",
25275
+ # firewall_policy_arn: "NonEmptyString",
25276
+ # firewall_policy_change_protection: false,
25277
+ # subnet_change_protection: false,
25278
+ # subnet_mappings: [
25279
+ # {
25280
+ # subnet_id: "NonEmptyString",
25281
+ # },
25282
+ # ],
25283
+ # vpc_id: "NonEmptyString",
25284
+ # },
25285
+ # aws_network_firewall_rule_group: {
25286
+ # capacity: 1,
25287
+ # description: "NonEmptyString",
25288
+ # rule_group: {
25289
+ # rule_variables: {
25290
+ # ip_sets: {
25291
+ # definition: ["NonEmptyString"],
25292
+ # },
25293
+ # port_sets: {
25294
+ # definition: ["NonEmptyString"],
25295
+ # },
25296
+ # },
25297
+ # rules_source: {
25298
+ # rules_source_list: {
25299
+ # generated_rules_type: "NonEmptyString",
25300
+ # target_types: ["NonEmptyString"],
25301
+ # targets: ["NonEmptyString"],
25302
+ # },
25303
+ # rules_string: "NonEmptyString",
25304
+ # stateful_rules: [
25305
+ # {
25306
+ # action: "NonEmptyString",
25307
+ # header: {
25308
+ # destination: "NonEmptyString",
25309
+ # destination_port: "NonEmptyString",
25310
+ # direction: "NonEmptyString",
25311
+ # protocol: "NonEmptyString",
25312
+ # source: "NonEmptyString",
25313
+ # source_port: "NonEmptyString",
25314
+ # },
25315
+ # rule_options: [
25316
+ # {
25317
+ # keyword: "NonEmptyString",
25318
+ # settings: ["NonEmptyString"],
25319
+ # },
25320
+ # ],
25321
+ # },
25322
+ # ],
25323
+ # stateless_rules_and_custom_actions: {
25324
+ # custom_actions: [
25325
+ # {
25326
+ # action_definition: {
25327
+ # publish_metric_action: {
25328
+ # dimensions: [
25329
+ # {
25330
+ # value: "NonEmptyString",
25331
+ # },
25332
+ # ],
25333
+ # },
25334
+ # },
25335
+ # action_name: "NonEmptyString",
25336
+ # },
25337
+ # ],
25338
+ # stateless_rules: [
25339
+ # {
25340
+ # priority: 1,
25341
+ # rule_definition: {
25342
+ # actions: ["NonEmptyString"],
25343
+ # match_attributes: {
25344
+ # destination_ports: [
25345
+ # {
25346
+ # from_port: 1,
25347
+ # to_port: 1,
25348
+ # },
25349
+ # ],
25350
+ # destinations: [
25351
+ # {
25352
+ # address_definition: "NonEmptyString",
25353
+ # },
25354
+ # ],
25355
+ # protocols: [1],
25356
+ # source_ports: [
25357
+ # {
25358
+ # from_port: 1,
25359
+ # to_port: 1,
25360
+ # },
25361
+ # ],
25362
+ # sources: [
25363
+ # {
25364
+ # address_definition: "NonEmptyString",
25365
+ # },
25366
+ # ],
25367
+ # tcp_flags: [
25368
+ # {
25369
+ # flags: ["NonEmptyString"],
25370
+ # masks: ["NonEmptyString"],
25371
+ # },
25372
+ # ],
25373
+ # },
25374
+ # },
25375
+ # },
25376
+ # ],
25377
+ # },
25378
+ # },
25379
+ # },
25380
+ # rule_group_arn: "NonEmptyString",
25381
+ # rule_group_id: "NonEmptyString",
25382
+ # rule_group_name: "NonEmptyString",
25383
+ # type: "NonEmptyString",
25384
+ # },
24298
25385
  # },
24299
25386
  # },
24300
25387
  # ],
@@ -25203,6 +26290,90 @@ module Aws::SecurityHub
25203
26290
  include Aws::Structure
25204
26291
  end
25205
26292
 
26293
+ # @note When making an API call, you may pass CreateFindingAggregatorRequest
26294
+ # data as a hash:
26295
+ #
26296
+ # {
26297
+ # region_linking_mode: "NonEmptyString", # required
26298
+ # regions: ["NonEmptyString"],
26299
+ # }
26300
+ #
26301
+ # @!attribute [rw] region_linking_mode
26302
+ # Indicates whether to aggregate findings from all of the available
26303
+ # Regions in the current partition. Also determines whether to
26304
+ # automatically aggregate findings from new Regions as Security Hub
26305
+ # supports them and you opt into them.
26306
+ #
26307
+ # The selected option also determines how to use the Regions provided
26308
+ # in the Regions list.
26309
+ #
26310
+ # The options are as follows:
26311
+ #
26312
+ # * `ALL_REGIONS` - Indicates to aggregate findings from all of the
26313
+ # Regions where Security Hub is enabled. When you choose this
26314
+ # option, Security Hub also automatically aggregates findings from
26315
+ # new Regions as Security Hub supports them and you opt into them.
26316
+ #
26317
+ # * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
26318
+ # from all of the Regions where Security Hub is enabled, except for
26319
+ # the Regions listed in the `Regions` parameter. When you choose
26320
+ # this option, Security Hub also automatically aggregates findings
26321
+ # from new Regions as Security Hub supports them and you opt into
26322
+ # them.
26323
+ #
26324
+ # * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from
26325
+ # the Regions listed in the `Regions` parameter. Security Hub does
26326
+ # not automatically aggregate findings from new Regions.
26327
+ # @return [String]
26328
+ #
26329
+ # @!attribute [rw] regions
26330
+ # If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this
26331
+ # is a comma-separated list of Regions that do not aggregate findings
26332
+ # to the aggregation Region.
26333
+ #
26334
+ # If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
26335
+ # comma-separated list of Regions that do aggregate findings to the
26336
+ # aggregation Region.
26337
+ # @return [Array<String>]
26338
+ #
26339
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateFindingAggregatorRequest AWS API Documentation
26340
+ #
26341
+ class CreateFindingAggregatorRequest < Struct.new(
26342
+ :region_linking_mode,
26343
+ :regions)
26344
+ SENSITIVE = []
26345
+ include Aws::Structure
26346
+ end
26347
+
26348
+ # @!attribute [rw] finding_aggregator_arn
26349
+ # The ARN of the finding aggregator. You use the finding aggregator
26350
+ # ARN to retrieve details for, update, and stop finding aggregation.
26351
+ # @return [String]
26352
+ #
26353
+ # @!attribute [rw] finding_aggregation_region
26354
+ # The aggregation Region.
26355
+ # @return [String]
26356
+ #
26357
+ # @!attribute [rw] region_linking_mode
26358
+ # Indicates whether to link all Regions, all Regions except for a list
26359
+ # of excluded Regions, or a list of included Regions.
26360
+ # @return [String]
26361
+ #
26362
+ # @!attribute [rw] regions
26363
+ # The list of excluded Regions or included Regions.
26364
+ # @return [Array<String>]
26365
+ #
26366
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateFindingAggregatorResponse AWS API Documentation
26367
+ #
26368
+ class CreateFindingAggregatorResponse < Struct.new(
26369
+ :finding_aggregator_arn,
26370
+ :finding_aggregation_region,
26371
+ :region_linking_mode,
26372
+ :regions)
26373
+ SENSITIVE = []
26374
+ include Aws::Structure
26375
+ end
26376
+
25206
26377
  # @note When making an API call, you may pass CreateInsightRequest
25207
26378
  # data as a hash:
25208
26379
  #
@@ -26398,6 +27569,30 @@ module Aws::SecurityHub
26398
27569
  include Aws::Structure
26399
27570
  end
26400
27571
 
27572
+ # @note When making an API call, you may pass DeleteFindingAggregatorRequest
27573
+ # data as a hash:
27574
+ #
27575
+ # {
27576
+ # finding_aggregator_arn: "NonEmptyString", # required
27577
+ # }
27578
+ #
27579
+ # @!attribute [rw] finding_aggregator_arn
27580
+ # The ARN of the finding aggregator to delete. To obtain the ARN, use
27581
+ # `ListFindingAggregators`.
27582
+ # @return [String]
27583
+ #
27584
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteFindingAggregatorRequest AWS API Documentation
27585
+ #
27586
+ class DeleteFindingAggregatorRequest < Struct.new(
27587
+ :finding_aggregator_arn)
27588
+ SENSITIVE = []
27589
+ include Aws::Structure
27590
+ end
27591
+
27592
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteFindingAggregatorResponse AWS API Documentation
27593
+ #
27594
+ class DeleteFindingAggregatorResponse < Aws::EmptyStructure; end
27595
+
26401
27596
  # @note When making an API call, you may pass DeleteInsightRequest
26402
27597
  # data as a hash:
26403
27598
  #
@@ -27010,6 +28205,23 @@ module Aws::SecurityHub
27010
28205
  #
27011
28206
  class EnableSecurityHubResponse < Aws::EmptyStructure; end
27012
28207
 
28208
+ # A finding aggregator. A finding aggregator contains the configuration
28209
+ # for finding aggregation.
28210
+ #
28211
+ # @!attribute [rw] finding_aggregator_arn
28212
+ # The ARN of the finding aggregator. You use the finding aggregator
28213
+ # ARN to retrieve details for, update, and delete the finding
28214
+ # aggregator.
28215
+ # @return [String]
28216
+ #
28217
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingAggregator AWS API Documentation
28218
+ #
28219
+ class FindingAggregator < Struct.new(
28220
+ :finding_aggregator_arn)
28221
+ SENSITIVE = []
28222
+ include Aws::Structure
28223
+ end
28224
+
27013
28225
  # In a `BatchImportFindings` request, finding providers use
27014
28226
  # `FindingProviderFields` to provide and update values for confidence,
27015
28227
  # criticality, related findings, severity, and types.
@@ -27107,6 +28319,167 @@ module Aws::SecurityHub
27107
28319
  include Aws::Structure
27108
28320
  end
27109
28321
 
28322
+ # Defines the behavior of the firewall.
28323
+ #
28324
+ # @note When making an API call, you may pass FirewallPolicyDetails
28325
+ # data as a hash:
28326
+ #
28327
+ # {
28328
+ # stateful_rule_group_references: [
28329
+ # {
28330
+ # resource_arn: "NonEmptyString",
28331
+ # },
28332
+ # ],
28333
+ # stateless_custom_actions: [
28334
+ # {
28335
+ # action_definition: {
28336
+ # publish_metric_action: {
28337
+ # dimensions: [
28338
+ # {
28339
+ # value: "NonEmptyString",
28340
+ # },
28341
+ # ],
28342
+ # },
28343
+ # },
28344
+ # action_name: "NonEmptyString",
28345
+ # },
28346
+ # ],
28347
+ # stateless_default_actions: ["NonEmptyString"],
28348
+ # stateless_fragment_default_actions: ["NonEmptyString"],
28349
+ # stateless_rule_group_references: [
28350
+ # {
28351
+ # priority: 1,
28352
+ # resource_arn: "NonEmptyString",
28353
+ # },
28354
+ # ],
28355
+ # }
28356
+ #
28357
+ # @!attribute [rw] stateful_rule_group_references
28358
+ # The stateful rule groups that are used in the firewall policy.
28359
+ # @return [Array<Types::FirewallPolicyStatefulRuleGroupReferencesDetails>]
28360
+ #
28361
+ # @!attribute [rw] stateless_custom_actions
28362
+ # The custom action definitions that are available to use in the
28363
+ # firewall policy's `StatelessDefaultActions` setting.
28364
+ # @return [Array<Types::FirewallPolicyStatelessCustomActionsDetails>]
28365
+ #
28366
+ # @!attribute [rw] stateless_default_actions
28367
+ # The actions to take on a packet if it doesn't match any of the
28368
+ # stateless rules in the policy.
28369
+ #
28370
+ # You must specify a standard action (`aws:pass`, `aws:drop`,
28371
+ # `aws:forward_to_sfe`), and can optionally include a custom action
28372
+ # from `StatelessCustomActions`.
28373
+ # @return [Array<String>]
28374
+ #
28375
+ # @!attribute [rw] stateless_fragment_default_actions
28376
+ # The actions to take on a fragmented UDP packet if it doesn't match
28377
+ # any of the stateless rules in the policy.
28378
+ #
28379
+ # You must specify a standard action (`aws:pass`, `aws:drop`,
28380
+ # `aws:forward_to_sfe`), and can optionally include a custom action
28381
+ # from `StatelessCustomActions`.
28382
+ # @return [Array<String>]
28383
+ #
28384
+ # @!attribute [rw] stateless_rule_group_references
28385
+ # The stateless rule groups that are used in the firewall policy.
28386
+ # @return [Array<Types::FirewallPolicyStatelessRuleGroupReferencesDetails>]
28387
+ #
28388
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyDetails AWS API Documentation
28389
+ #
28390
+ class FirewallPolicyDetails < Struct.new(
28391
+ :stateful_rule_group_references,
28392
+ :stateless_custom_actions,
28393
+ :stateless_default_actions,
28394
+ :stateless_fragment_default_actions,
28395
+ :stateless_rule_group_references)
28396
+ SENSITIVE = []
28397
+ include Aws::Structure
28398
+ end
28399
+
28400
+ # A stateful rule group that is used by the firewall policy.
28401
+ #
28402
+ # @note When making an API call, you may pass FirewallPolicyStatefulRuleGroupReferencesDetails
28403
+ # data as a hash:
28404
+ #
28405
+ # {
28406
+ # resource_arn: "NonEmptyString",
28407
+ # }
28408
+ #
28409
+ # @!attribute [rw] resource_arn
28410
+ # The ARN of the stateful rule group.
28411
+ # @return [String]
28412
+ #
28413
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatefulRuleGroupReferencesDetails AWS API Documentation
28414
+ #
28415
+ class FirewallPolicyStatefulRuleGroupReferencesDetails < Struct.new(
28416
+ :resource_arn)
28417
+ SENSITIVE = []
28418
+ include Aws::Structure
28419
+ end
28420
+
28421
+ # A custom action that can be used for stateless packet handling.
28422
+ #
28423
+ # @note When making an API call, you may pass FirewallPolicyStatelessCustomActionsDetails
28424
+ # data as a hash:
28425
+ #
28426
+ # {
28427
+ # action_definition: {
28428
+ # publish_metric_action: {
28429
+ # dimensions: [
28430
+ # {
28431
+ # value: "NonEmptyString",
28432
+ # },
28433
+ # ],
28434
+ # },
28435
+ # },
28436
+ # action_name: "NonEmptyString",
28437
+ # }
28438
+ #
28439
+ # @!attribute [rw] action_definition
28440
+ # The definition of the custom action.
28441
+ # @return [Types::StatelessCustomActionDefinition]
28442
+ #
28443
+ # @!attribute [rw] action_name
28444
+ # The name of the custom action.
28445
+ # @return [String]
28446
+ #
28447
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatelessCustomActionsDetails AWS API Documentation
28448
+ #
28449
+ class FirewallPolicyStatelessCustomActionsDetails < Struct.new(
28450
+ :action_definition,
28451
+ :action_name)
28452
+ SENSITIVE = []
28453
+ include Aws::Structure
28454
+ end
28455
+
28456
+ # A stateless rule group that is used by the firewall policy.
28457
+ #
28458
+ # @note When making an API call, you may pass FirewallPolicyStatelessRuleGroupReferencesDetails
28459
+ # data as a hash:
28460
+ #
28461
+ # {
28462
+ # priority: 1,
28463
+ # resource_arn: "NonEmptyString",
28464
+ # }
28465
+ #
28466
+ # @!attribute [rw] priority
28467
+ # The order in which to run the stateless rule group.
28468
+ # @return [Integer]
28469
+ #
28470
+ # @!attribute [rw] resource_arn
28471
+ # The ARN of the stateless rule group.
28472
+ # @return [String]
28473
+ #
28474
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatelessRuleGroupReferencesDetails AWS API Documentation
28475
+ #
28476
+ class FirewallPolicyStatelessRuleGroupReferencesDetails < Struct.new(
28477
+ :priority,
28478
+ :resource_arn)
28479
+ SENSITIVE = []
28480
+ include Aws::Structure
28481
+ end
28482
+
27110
28483
  # Provides the latitude and longitude coordinates of a location.
27111
28484
  #
27112
28485
  # @note When making an API call, you may pass GeoLocation
@@ -27208,6 +28581,54 @@ module Aws::SecurityHub
27208
28581
  include Aws::Structure
27209
28582
  end
27210
28583
 
28584
+ # @note When making an API call, you may pass GetFindingAggregatorRequest
28585
+ # data as a hash:
28586
+ #
28587
+ # {
28588
+ # finding_aggregator_arn: "NonEmptyString", # required
28589
+ # }
28590
+ #
28591
+ # @!attribute [rw] finding_aggregator_arn
28592
+ # The ARN of the finding aggregator to return details for. To obtain
28593
+ # the ARN, use `ListFindingAggregators`.
28594
+ # @return [String]
28595
+ #
28596
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingAggregatorRequest AWS API Documentation
28597
+ #
28598
+ class GetFindingAggregatorRequest < Struct.new(
28599
+ :finding_aggregator_arn)
28600
+ SENSITIVE = []
28601
+ include Aws::Structure
28602
+ end
28603
+
28604
+ # @!attribute [rw] finding_aggregator_arn
28605
+ # The ARN of the finding aggregator.
28606
+ # @return [String]
28607
+ #
28608
+ # @!attribute [rw] finding_aggregation_region
28609
+ # The aggregation Region.
28610
+ # @return [String]
28611
+ #
28612
+ # @!attribute [rw] region_linking_mode
28613
+ # Indicates whether to link all Regions, all Regions except for a list
28614
+ # of excluded Regions, or a list of included Regions.
28615
+ # @return [String]
28616
+ #
28617
+ # @!attribute [rw] regions
28618
+ # The list of excluded Regions or included Regions.
28619
+ # @return [Array<String>]
28620
+ #
28621
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingAggregatorResponse AWS API Documentation
28622
+ #
28623
+ class GetFindingAggregatorResponse < Struct.new(
28624
+ :finding_aggregator_arn,
28625
+ :finding_aggregation_region,
28626
+ :region_linking_mode,
28627
+ :regions)
28628
+ SENSITIVE = []
28629
+ include Aws::Structure
28630
+ end
28631
+
27211
28632
  # @note When making an API call, you may pass GetFindingsRequest
27212
28633
  # data as a hash:
27213
28634
  #
@@ -28500,6 +29921,54 @@ module Aws::SecurityHub
28500
29921
  include Aws::Structure
28501
29922
  end
28502
29923
 
29924
+ # @note When making an API call, you may pass ListFindingAggregatorsRequest
29925
+ # data as a hash:
29926
+ #
29927
+ # {
29928
+ # next_token: "NextToken",
29929
+ # max_results: 1,
29930
+ # }
29931
+ #
29932
+ # @!attribute [rw] next_token
29933
+ # The token returned with the previous set of results. Identifies the
29934
+ # next set of results to return.
29935
+ # @return [String]
29936
+ #
29937
+ # @!attribute [rw] max_results
29938
+ # The maximum number of results to return. This operation currently
29939
+ # only returns a single result.
29940
+ # @return [Integer]
29941
+ #
29942
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListFindingAggregatorsRequest AWS API Documentation
29943
+ #
29944
+ class ListFindingAggregatorsRequest < Struct.new(
29945
+ :next_token,
29946
+ :max_results)
29947
+ SENSITIVE = []
29948
+ include Aws::Structure
29949
+ end
29950
+
29951
+ # @!attribute [rw] finding_aggregators
29952
+ # The list of finding aggregators. This operation currently only
29953
+ # returns a single result.
29954
+ # @return [Array<Types::FindingAggregator>]
29955
+ #
29956
+ # @!attribute [rw] next_token
29957
+ # If there are more results, this is the token to provide in the next
29958
+ # call to `ListFindingAggregators`.
29959
+ #
29960
+ # This operation currently only returns a single result.
29961
+ # @return [String]
29962
+ #
29963
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListFindingAggregatorsResponse AWS API Documentation
29964
+ #
29965
+ class ListFindingAggregatorsResponse < Struct.new(
29966
+ :finding_aggregators,
29967
+ :next_token)
29968
+ SENSITIVE = []
29969
+ include Aws::Structure
29970
+ end
29971
+
28503
29972
  # @note When making an API call, you may pass ListInvitationsRequest
28504
29973
  # data as a hash:
28505
29974
  #
@@ -30187,6 +31656,34 @@ module Aws::SecurityHub
30187
31656
  # health_check_type: "NonEmptyString",
30188
31657
  # health_check_grace_period: 1,
30189
31658
  # created_time: "NonEmptyString",
31659
+ # mixed_instances_policy: {
31660
+ # instances_distribution: {
31661
+ # on_demand_allocation_strategy: "NonEmptyString",
31662
+ # on_demand_base_capacity: 1,
31663
+ # on_demand_percentage_above_base_capacity: 1,
31664
+ # spot_allocation_strategy: "NonEmptyString",
31665
+ # spot_instance_pools: 1,
31666
+ # spot_max_price: "NonEmptyString",
31667
+ # },
31668
+ # launch_template: {
31669
+ # launch_template_specification: {
31670
+ # launch_template_id: "NonEmptyString",
31671
+ # launch_template_name: "NonEmptyString",
31672
+ # version: "NonEmptyString",
31673
+ # },
31674
+ # overrides: [
31675
+ # {
31676
+ # instance_type: "NonEmptyString",
31677
+ # weighted_capacity: "NonEmptyString",
31678
+ # },
31679
+ # ],
31680
+ # },
31681
+ # },
31682
+ # availability_zones: [
31683
+ # {
31684
+ # value: "NonEmptyString",
31685
+ # },
31686
+ # ],
30190
31687
  # },
30191
31688
  # aws_code_build_project: {
30192
31689
  # encryption_key: "NonEmptyString",
@@ -30757,6 +32254,10 @@ module Aws::SecurityHub
30757
32254
  # },
30758
32255
  # ],
30759
32256
  # },
32257
+ # bucket_versioning_configuration: {
32258
+ # is_mfa_delete_enabled: false,
32259
+ # status: "NonEmptyString",
32260
+ # },
30760
32261
  # },
30761
32262
  # aws_s3_account_public_access_block: {
30762
32263
  # block_public_acls: false,
@@ -32171,6 +33672,11 @@ module Aws::SecurityHub
32171
33672
  # security_groups: ["NonEmptyString"],
32172
33673
  # spot_price: "NonEmptyString",
32173
33674
  # user_data: "NonEmptyString",
33675
+ # metadata_options: {
33676
+ # http_endpoint: "NonEmptyString",
33677
+ # http_put_response_hop_limit: 1,
33678
+ # http_tokens: "NonEmptyString",
33679
+ # },
32174
33680
  # },
32175
33681
  # aws_ec2_vpn_connection: {
32176
33682
  # vpn_connection_id: "NonEmptyString",
@@ -32380,6 +33886,157 @@ module Aws::SecurityHub
32380
33886
  # ],
32381
33887
  # },
32382
33888
  # },
33889
+ # aws_network_firewall_firewall_policy: {
33890
+ # firewall_policy: {
33891
+ # stateful_rule_group_references: [
33892
+ # {
33893
+ # resource_arn: "NonEmptyString",
33894
+ # },
33895
+ # ],
33896
+ # stateless_custom_actions: [
33897
+ # {
33898
+ # action_definition: {
33899
+ # publish_metric_action: {
33900
+ # dimensions: [
33901
+ # {
33902
+ # value: "NonEmptyString",
33903
+ # },
33904
+ # ],
33905
+ # },
33906
+ # },
33907
+ # action_name: "NonEmptyString",
33908
+ # },
33909
+ # ],
33910
+ # stateless_default_actions: ["NonEmptyString"],
33911
+ # stateless_fragment_default_actions: ["NonEmptyString"],
33912
+ # stateless_rule_group_references: [
33913
+ # {
33914
+ # priority: 1,
33915
+ # resource_arn: "NonEmptyString",
33916
+ # },
33917
+ # ],
33918
+ # },
33919
+ # firewall_policy_arn: "NonEmptyString",
33920
+ # firewall_policy_id: "NonEmptyString",
33921
+ # firewall_policy_name: "NonEmptyString",
33922
+ # description: "NonEmptyString",
33923
+ # },
33924
+ # aws_network_firewall_firewall: {
33925
+ # delete_protection: false,
33926
+ # description: "NonEmptyString",
33927
+ # firewall_arn: "NonEmptyString",
33928
+ # firewall_id: "NonEmptyString",
33929
+ # firewall_name: "NonEmptyString",
33930
+ # firewall_policy_arn: "NonEmptyString",
33931
+ # firewall_policy_change_protection: false,
33932
+ # subnet_change_protection: false,
33933
+ # subnet_mappings: [
33934
+ # {
33935
+ # subnet_id: "NonEmptyString",
33936
+ # },
33937
+ # ],
33938
+ # vpc_id: "NonEmptyString",
33939
+ # },
33940
+ # aws_network_firewall_rule_group: {
33941
+ # capacity: 1,
33942
+ # description: "NonEmptyString",
33943
+ # rule_group: {
33944
+ # rule_variables: {
33945
+ # ip_sets: {
33946
+ # definition: ["NonEmptyString"],
33947
+ # },
33948
+ # port_sets: {
33949
+ # definition: ["NonEmptyString"],
33950
+ # },
33951
+ # },
33952
+ # rules_source: {
33953
+ # rules_source_list: {
33954
+ # generated_rules_type: "NonEmptyString",
33955
+ # target_types: ["NonEmptyString"],
33956
+ # targets: ["NonEmptyString"],
33957
+ # },
33958
+ # rules_string: "NonEmptyString",
33959
+ # stateful_rules: [
33960
+ # {
33961
+ # action: "NonEmptyString",
33962
+ # header: {
33963
+ # destination: "NonEmptyString",
33964
+ # destination_port: "NonEmptyString",
33965
+ # direction: "NonEmptyString",
33966
+ # protocol: "NonEmptyString",
33967
+ # source: "NonEmptyString",
33968
+ # source_port: "NonEmptyString",
33969
+ # },
33970
+ # rule_options: [
33971
+ # {
33972
+ # keyword: "NonEmptyString",
33973
+ # settings: ["NonEmptyString"],
33974
+ # },
33975
+ # ],
33976
+ # },
33977
+ # ],
33978
+ # stateless_rules_and_custom_actions: {
33979
+ # custom_actions: [
33980
+ # {
33981
+ # action_definition: {
33982
+ # publish_metric_action: {
33983
+ # dimensions: [
33984
+ # {
33985
+ # value: "NonEmptyString",
33986
+ # },
33987
+ # ],
33988
+ # },
33989
+ # },
33990
+ # action_name: "NonEmptyString",
33991
+ # },
33992
+ # ],
33993
+ # stateless_rules: [
33994
+ # {
33995
+ # priority: 1,
33996
+ # rule_definition: {
33997
+ # actions: ["NonEmptyString"],
33998
+ # match_attributes: {
33999
+ # destination_ports: [
34000
+ # {
34001
+ # from_port: 1,
34002
+ # to_port: 1,
34003
+ # },
34004
+ # ],
34005
+ # destinations: [
34006
+ # {
34007
+ # address_definition: "NonEmptyString",
34008
+ # },
34009
+ # ],
34010
+ # protocols: [1],
34011
+ # source_ports: [
34012
+ # {
34013
+ # from_port: 1,
34014
+ # to_port: 1,
34015
+ # },
34016
+ # ],
34017
+ # sources: [
34018
+ # {
34019
+ # address_definition: "NonEmptyString",
34020
+ # },
34021
+ # ],
34022
+ # tcp_flags: [
34023
+ # {
34024
+ # flags: ["NonEmptyString"],
34025
+ # masks: ["NonEmptyString"],
34026
+ # },
34027
+ # ],
34028
+ # },
34029
+ # },
34030
+ # },
34031
+ # ],
34032
+ # },
34033
+ # },
34034
+ # },
34035
+ # rule_group_arn: "NonEmptyString",
34036
+ # rule_group_id: "NonEmptyString",
34037
+ # rule_group_name: "NonEmptyString",
34038
+ # type: "NonEmptyString",
34039
+ # },
32383
34040
  # },
32384
34041
  # }
32385
34042
  #
@@ -32482,6 +34139,34 @@ module Aws::SecurityHub
32482
34139
  # health_check_type: "NonEmptyString",
32483
34140
  # health_check_grace_period: 1,
32484
34141
  # created_time: "NonEmptyString",
34142
+ # mixed_instances_policy: {
34143
+ # instances_distribution: {
34144
+ # on_demand_allocation_strategy: "NonEmptyString",
34145
+ # on_demand_base_capacity: 1,
34146
+ # on_demand_percentage_above_base_capacity: 1,
34147
+ # spot_allocation_strategy: "NonEmptyString",
34148
+ # spot_instance_pools: 1,
34149
+ # spot_max_price: "NonEmptyString",
34150
+ # },
34151
+ # launch_template: {
34152
+ # launch_template_specification: {
34153
+ # launch_template_id: "NonEmptyString",
34154
+ # launch_template_name: "NonEmptyString",
34155
+ # version: "NonEmptyString",
34156
+ # },
34157
+ # overrides: [
34158
+ # {
34159
+ # instance_type: "NonEmptyString",
34160
+ # weighted_capacity: "NonEmptyString",
34161
+ # },
34162
+ # ],
34163
+ # },
34164
+ # },
34165
+ # availability_zones: [
34166
+ # {
34167
+ # value: "NonEmptyString",
34168
+ # },
34169
+ # ],
32485
34170
  # },
32486
34171
  # aws_code_build_project: {
32487
34172
  # encryption_key: "NonEmptyString",
@@ -33052,6 +34737,10 @@ module Aws::SecurityHub
33052
34737
  # },
33053
34738
  # ],
33054
34739
  # },
34740
+ # bucket_versioning_configuration: {
34741
+ # is_mfa_delete_enabled: false,
34742
+ # status: "NonEmptyString",
34743
+ # },
33055
34744
  # },
33056
34745
  # aws_s3_account_public_access_block: {
33057
34746
  # block_public_acls: false,
@@ -34466,6 +36155,11 @@ module Aws::SecurityHub
34466
36155
  # security_groups: ["NonEmptyString"],
34467
36156
  # spot_price: "NonEmptyString",
34468
36157
  # user_data: "NonEmptyString",
36158
+ # metadata_options: {
36159
+ # http_endpoint: "NonEmptyString",
36160
+ # http_put_response_hop_limit: 1,
36161
+ # http_tokens: "NonEmptyString",
36162
+ # },
34469
36163
  # },
34470
36164
  # aws_ec2_vpn_connection: {
34471
36165
  # vpn_connection_id: "NonEmptyString",
@@ -34675,6 +36369,157 @@ module Aws::SecurityHub
34675
36369
  # ],
34676
36370
  # },
34677
36371
  # },
36372
+ # aws_network_firewall_firewall_policy: {
36373
+ # firewall_policy: {
36374
+ # stateful_rule_group_references: [
36375
+ # {
36376
+ # resource_arn: "NonEmptyString",
36377
+ # },
36378
+ # ],
36379
+ # stateless_custom_actions: [
36380
+ # {
36381
+ # action_definition: {
36382
+ # publish_metric_action: {
36383
+ # dimensions: [
36384
+ # {
36385
+ # value: "NonEmptyString",
36386
+ # },
36387
+ # ],
36388
+ # },
36389
+ # },
36390
+ # action_name: "NonEmptyString",
36391
+ # },
36392
+ # ],
36393
+ # stateless_default_actions: ["NonEmptyString"],
36394
+ # stateless_fragment_default_actions: ["NonEmptyString"],
36395
+ # stateless_rule_group_references: [
36396
+ # {
36397
+ # priority: 1,
36398
+ # resource_arn: "NonEmptyString",
36399
+ # },
36400
+ # ],
36401
+ # },
36402
+ # firewall_policy_arn: "NonEmptyString",
36403
+ # firewall_policy_id: "NonEmptyString",
36404
+ # firewall_policy_name: "NonEmptyString",
36405
+ # description: "NonEmptyString",
36406
+ # },
36407
+ # aws_network_firewall_firewall: {
36408
+ # delete_protection: false,
36409
+ # description: "NonEmptyString",
36410
+ # firewall_arn: "NonEmptyString",
36411
+ # firewall_id: "NonEmptyString",
36412
+ # firewall_name: "NonEmptyString",
36413
+ # firewall_policy_arn: "NonEmptyString",
36414
+ # firewall_policy_change_protection: false,
36415
+ # subnet_change_protection: false,
36416
+ # subnet_mappings: [
36417
+ # {
36418
+ # subnet_id: "NonEmptyString",
36419
+ # },
36420
+ # ],
36421
+ # vpc_id: "NonEmptyString",
36422
+ # },
36423
+ # aws_network_firewall_rule_group: {
36424
+ # capacity: 1,
36425
+ # description: "NonEmptyString",
36426
+ # rule_group: {
36427
+ # rule_variables: {
36428
+ # ip_sets: {
36429
+ # definition: ["NonEmptyString"],
36430
+ # },
36431
+ # port_sets: {
36432
+ # definition: ["NonEmptyString"],
36433
+ # },
36434
+ # },
36435
+ # rules_source: {
36436
+ # rules_source_list: {
36437
+ # generated_rules_type: "NonEmptyString",
36438
+ # target_types: ["NonEmptyString"],
36439
+ # targets: ["NonEmptyString"],
36440
+ # },
36441
+ # rules_string: "NonEmptyString",
36442
+ # stateful_rules: [
36443
+ # {
36444
+ # action: "NonEmptyString",
36445
+ # header: {
36446
+ # destination: "NonEmptyString",
36447
+ # destination_port: "NonEmptyString",
36448
+ # direction: "NonEmptyString",
36449
+ # protocol: "NonEmptyString",
36450
+ # source: "NonEmptyString",
36451
+ # source_port: "NonEmptyString",
36452
+ # },
36453
+ # rule_options: [
36454
+ # {
36455
+ # keyword: "NonEmptyString",
36456
+ # settings: ["NonEmptyString"],
36457
+ # },
36458
+ # ],
36459
+ # },
36460
+ # ],
36461
+ # stateless_rules_and_custom_actions: {
36462
+ # custom_actions: [
36463
+ # {
36464
+ # action_definition: {
36465
+ # publish_metric_action: {
36466
+ # dimensions: [
36467
+ # {
36468
+ # value: "NonEmptyString",
36469
+ # },
36470
+ # ],
36471
+ # },
36472
+ # },
36473
+ # action_name: "NonEmptyString",
36474
+ # },
36475
+ # ],
36476
+ # stateless_rules: [
36477
+ # {
36478
+ # priority: 1,
36479
+ # rule_definition: {
36480
+ # actions: ["NonEmptyString"],
36481
+ # match_attributes: {
36482
+ # destination_ports: [
36483
+ # {
36484
+ # from_port: 1,
36485
+ # to_port: 1,
36486
+ # },
36487
+ # ],
36488
+ # destinations: [
36489
+ # {
36490
+ # address_definition: "NonEmptyString",
36491
+ # },
36492
+ # ],
36493
+ # protocols: [1],
36494
+ # source_ports: [
36495
+ # {
36496
+ # from_port: 1,
36497
+ # to_port: 1,
36498
+ # },
36499
+ # ],
36500
+ # sources: [
36501
+ # {
36502
+ # address_definition: "NonEmptyString",
36503
+ # },
36504
+ # ],
36505
+ # tcp_flags: [
36506
+ # {
36507
+ # flags: ["NonEmptyString"],
36508
+ # masks: ["NonEmptyString"],
36509
+ # },
36510
+ # ],
36511
+ # },
36512
+ # },
36513
+ # },
36514
+ # ],
36515
+ # },
36516
+ # },
36517
+ # },
36518
+ # rule_group_arn: "NonEmptyString",
36519
+ # rule_group_id: "NonEmptyString",
36520
+ # rule_group_name: "NonEmptyString",
36521
+ # type: "NonEmptyString",
36522
+ # },
34678
36523
  # }
34679
36524
  #
34680
36525
  # @!attribute [rw] aws_auto_scaling_auto_scaling_group
@@ -34928,6 +36773,18 @@ module Aws::SecurityHub
34928
36773
  # Details about an Amazon EKS cluster.
34929
36774
  # @return [Types::AwsEksClusterDetails]
34930
36775
  #
36776
+ # @!attribute [rw] aws_network_firewall_firewall_policy
36777
+ # Details about an Network Firewall firewall policy.
36778
+ # @return [Types::AwsNetworkFirewallFirewallPolicyDetails]
36779
+ #
36780
+ # @!attribute [rw] aws_network_firewall_firewall
36781
+ # Details about an Network Firewall firewall.
36782
+ # @return [Types::AwsNetworkFirewallFirewallDetails]
36783
+ #
36784
+ # @!attribute [rw] aws_network_firewall_rule_group
36785
+ # Details about an Network Firewall rule group.
36786
+ # @return [Types::AwsNetworkFirewallRuleGroupDetails]
36787
+ #
34931
36788
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
34932
36789
  #
34933
36790
  class ResourceDetails < Struct.new(
@@ -34989,7 +36846,10 @@ module Aws::SecurityHub
34989
36846
  :aws_waf_rate_based_rule,
34990
36847
  :aws_waf_regional_rate_based_rule,
34991
36848
  :aws_ecr_repository,
34992
- :aws_eks_cluster)
36849
+ :aws_eks_cluster,
36850
+ :aws_network_firewall_firewall_policy,
36851
+ :aws_network_firewall_firewall,
36852
+ :aws_network_firewall_rule_group)
34993
36853
  SENSITIVE = []
34994
36854
  include Aws::Structure
34995
36855
  end
@@ -35032,6 +36892,931 @@ module Aws::SecurityHub
35032
36892
  include Aws::Structure
35033
36893
  end
35034
36894
 
36895
+ # Details about the rule group.
36896
+ #
36897
+ # @note When making an API call, you may pass RuleGroupDetails
36898
+ # data as a hash:
36899
+ #
36900
+ # {
36901
+ # rule_variables: {
36902
+ # ip_sets: {
36903
+ # definition: ["NonEmptyString"],
36904
+ # },
36905
+ # port_sets: {
36906
+ # definition: ["NonEmptyString"],
36907
+ # },
36908
+ # },
36909
+ # rules_source: {
36910
+ # rules_source_list: {
36911
+ # generated_rules_type: "NonEmptyString",
36912
+ # target_types: ["NonEmptyString"],
36913
+ # targets: ["NonEmptyString"],
36914
+ # },
36915
+ # rules_string: "NonEmptyString",
36916
+ # stateful_rules: [
36917
+ # {
36918
+ # action: "NonEmptyString",
36919
+ # header: {
36920
+ # destination: "NonEmptyString",
36921
+ # destination_port: "NonEmptyString",
36922
+ # direction: "NonEmptyString",
36923
+ # protocol: "NonEmptyString",
36924
+ # source: "NonEmptyString",
36925
+ # source_port: "NonEmptyString",
36926
+ # },
36927
+ # rule_options: [
36928
+ # {
36929
+ # keyword: "NonEmptyString",
36930
+ # settings: ["NonEmptyString"],
36931
+ # },
36932
+ # ],
36933
+ # },
36934
+ # ],
36935
+ # stateless_rules_and_custom_actions: {
36936
+ # custom_actions: [
36937
+ # {
36938
+ # action_definition: {
36939
+ # publish_metric_action: {
36940
+ # dimensions: [
36941
+ # {
36942
+ # value: "NonEmptyString",
36943
+ # },
36944
+ # ],
36945
+ # },
36946
+ # },
36947
+ # action_name: "NonEmptyString",
36948
+ # },
36949
+ # ],
36950
+ # stateless_rules: [
36951
+ # {
36952
+ # priority: 1,
36953
+ # rule_definition: {
36954
+ # actions: ["NonEmptyString"],
36955
+ # match_attributes: {
36956
+ # destination_ports: [
36957
+ # {
36958
+ # from_port: 1,
36959
+ # to_port: 1,
36960
+ # },
36961
+ # ],
36962
+ # destinations: [
36963
+ # {
36964
+ # address_definition: "NonEmptyString",
36965
+ # },
36966
+ # ],
36967
+ # protocols: [1],
36968
+ # source_ports: [
36969
+ # {
36970
+ # from_port: 1,
36971
+ # to_port: 1,
36972
+ # },
36973
+ # ],
36974
+ # sources: [
36975
+ # {
36976
+ # address_definition: "NonEmptyString",
36977
+ # },
36978
+ # ],
36979
+ # tcp_flags: [
36980
+ # {
36981
+ # flags: ["NonEmptyString"],
36982
+ # masks: ["NonEmptyString"],
36983
+ # },
36984
+ # ],
36985
+ # },
36986
+ # },
36987
+ # },
36988
+ # ],
36989
+ # },
36990
+ # },
36991
+ # }
36992
+ #
36993
+ # @!attribute [rw] rule_variables
36994
+ # Additional settings to use in the specified rules.
36995
+ # @return [Types::RuleGroupVariables]
36996
+ #
36997
+ # @!attribute [rw] rules_source
36998
+ # The rules and actions for the rule group.
36999
+ #
37000
+ # For stateful rule groups, can contain `RulesString`,
37001
+ # `RulesSourceList`, or `StatefulRules`.
37002
+ #
37003
+ # For stateless rule groups, contains
37004
+ # `StatelessRulesAndCustomActions`.
37005
+ # @return [Types::RuleGroupSource]
37006
+ #
37007
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupDetails AWS API Documentation
37008
+ #
37009
+ class RuleGroupDetails < Struct.new(
37010
+ :rule_variables,
37011
+ :rules_source)
37012
+ SENSITIVE = []
37013
+ include Aws::Structure
37014
+ end
37015
+
37016
+ # The rules and actions for the rule group.
37017
+ #
37018
+ # @note When making an API call, you may pass RuleGroupSource
37019
+ # data as a hash:
37020
+ #
37021
+ # {
37022
+ # rules_source_list: {
37023
+ # generated_rules_type: "NonEmptyString",
37024
+ # target_types: ["NonEmptyString"],
37025
+ # targets: ["NonEmptyString"],
37026
+ # },
37027
+ # rules_string: "NonEmptyString",
37028
+ # stateful_rules: [
37029
+ # {
37030
+ # action: "NonEmptyString",
37031
+ # header: {
37032
+ # destination: "NonEmptyString",
37033
+ # destination_port: "NonEmptyString",
37034
+ # direction: "NonEmptyString",
37035
+ # protocol: "NonEmptyString",
37036
+ # source: "NonEmptyString",
37037
+ # source_port: "NonEmptyString",
37038
+ # },
37039
+ # rule_options: [
37040
+ # {
37041
+ # keyword: "NonEmptyString",
37042
+ # settings: ["NonEmptyString"],
37043
+ # },
37044
+ # ],
37045
+ # },
37046
+ # ],
37047
+ # stateless_rules_and_custom_actions: {
37048
+ # custom_actions: [
37049
+ # {
37050
+ # action_definition: {
37051
+ # publish_metric_action: {
37052
+ # dimensions: [
37053
+ # {
37054
+ # value: "NonEmptyString",
37055
+ # },
37056
+ # ],
37057
+ # },
37058
+ # },
37059
+ # action_name: "NonEmptyString",
37060
+ # },
37061
+ # ],
37062
+ # stateless_rules: [
37063
+ # {
37064
+ # priority: 1,
37065
+ # rule_definition: {
37066
+ # actions: ["NonEmptyString"],
37067
+ # match_attributes: {
37068
+ # destination_ports: [
37069
+ # {
37070
+ # from_port: 1,
37071
+ # to_port: 1,
37072
+ # },
37073
+ # ],
37074
+ # destinations: [
37075
+ # {
37076
+ # address_definition: "NonEmptyString",
37077
+ # },
37078
+ # ],
37079
+ # protocols: [1],
37080
+ # source_ports: [
37081
+ # {
37082
+ # from_port: 1,
37083
+ # to_port: 1,
37084
+ # },
37085
+ # ],
37086
+ # sources: [
37087
+ # {
37088
+ # address_definition: "NonEmptyString",
37089
+ # },
37090
+ # ],
37091
+ # tcp_flags: [
37092
+ # {
37093
+ # flags: ["NonEmptyString"],
37094
+ # masks: ["NonEmptyString"],
37095
+ # },
37096
+ # ],
37097
+ # },
37098
+ # },
37099
+ # },
37100
+ # ],
37101
+ # },
37102
+ # }
37103
+ #
37104
+ # @!attribute [rw] rules_source_list
37105
+ # Stateful inspection criteria for a domain list rule group. A domain
37106
+ # list rule group determines access by specific protocols to specific
37107
+ # domains.
37108
+ # @return [Types::RuleGroupSourceListDetails]
37109
+ #
37110
+ # @!attribute [rw] rules_string
37111
+ # Stateful inspection criteria, provided in Suricata compatible
37112
+ # intrusion prevention system (IPS) rules.
37113
+ # @return [String]
37114
+ #
37115
+ # @!attribute [rw] stateful_rules
37116
+ # Suricata rule specifications.
37117
+ # @return [Array<Types::RuleGroupSourceStatefulRulesDetails>]
37118
+ #
37119
+ # @!attribute [rw] stateless_rules_and_custom_actions
37120
+ # The stateless rules and custom actions used by a stateless rule
37121
+ # group.
37122
+ # @return [Types::RuleGroupSourceStatelessRulesAndCustomActionsDetails]
37123
+ #
37124
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSource AWS API Documentation
37125
+ #
37126
+ class RuleGroupSource < Struct.new(
37127
+ :rules_source_list,
37128
+ :rules_string,
37129
+ :stateful_rules,
37130
+ :stateless_rules_and_custom_actions)
37131
+ SENSITIVE = []
37132
+ include Aws::Structure
37133
+ end
37134
+
37135
+ # A custom action definition. A custom action is an optional,
37136
+ # non-standard action to use for stateless packet handling.
37137
+ #
37138
+ # @note When making an API call, you may pass RuleGroupSourceCustomActionsDetails
37139
+ # data as a hash:
37140
+ #
37141
+ # {
37142
+ # action_definition: {
37143
+ # publish_metric_action: {
37144
+ # dimensions: [
37145
+ # {
37146
+ # value: "NonEmptyString",
37147
+ # },
37148
+ # ],
37149
+ # },
37150
+ # },
37151
+ # action_name: "NonEmptyString",
37152
+ # }
37153
+ #
37154
+ # @!attribute [rw] action_definition
37155
+ # The definition of a custom action.
37156
+ # @return [Types::StatelessCustomActionDefinition]
37157
+ #
37158
+ # @!attribute [rw] action_name
37159
+ # A descriptive name of the custom action.
37160
+ # @return [String]
37161
+ #
37162
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceCustomActionsDetails AWS API Documentation
37163
+ #
37164
+ class RuleGroupSourceCustomActionsDetails < Struct.new(
37165
+ :action_definition,
37166
+ :action_name)
37167
+ SENSITIVE = []
37168
+ include Aws::Structure
37169
+ end
37170
+
37171
+ # Stateful inspection criteria for a domain list rule group.
37172
+ #
37173
+ # @note When making an API call, you may pass RuleGroupSourceListDetails
37174
+ # data as a hash:
37175
+ #
37176
+ # {
37177
+ # generated_rules_type: "NonEmptyString",
37178
+ # target_types: ["NonEmptyString"],
37179
+ # targets: ["NonEmptyString"],
37180
+ # }
37181
+ #
37182
+ # @!attribute [rw] generated_rules_type
37183
+ # Indicates whether to allow or deny access to the domains listed in
37184
+ # `Targets`.
37185
+ # @return [String]
37186
+ #
37187
+ # @!attribute [rw] target_types
37188
+ # The protocols that you want to inspect. Specify `LS_SNI` for HTTPS.
37189
+ # Specify `HTTP_HOST` for HTTP. You can specify either or both.
37190
+ # @return [Array<String>]
37191
+ #
37192
+ # @!attribute [rw] targets
37193
+ # The domains that you want to inspect for in your traffic flows. You
37194
+ # can provide full domain names, or use the '.' prefix as a
37195
+ # wildcard. For example, `.example.com` matches all domains that end
37196
+ # with `example.com`.
37197
+ # @return [Array<String>]
37198
+ #
37199
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceListDetails AWS API Documentation
37200
+ #
37201
+ class RuleGroupSourceListDetails < Struct.new(
37202
+ :generated_rules_type,
37203
+ :target_types,
37204
+ :targets)
37205
+ SENSITIVE = []
37206
+ include Aws::Structure
37207
+ end
37208
+
37209
+ # A Suricata rule specification.
37210
+ #
37211
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesDetails
37212
+ # data as a hash:
37213
+ #
37214
+ # {
37215
+ # action: "NonEmptyString",
37216
+ # header: {
37217
+ # destination: "NonEmptyString",
37218
+ # destination_port: "NonEmptyString",
37219
+ # direction: "NonEmptyString",
37220
+ # protocol: "NonEmptyString",
37221
+ # source: "NonEmptyString",
37222
+ # source_port: "NonEmptyString",
37223
+ # },
37224
+ # rule_options: [
37225
+ # {
37226
+ # keyword: "NonEmptyString",
37227
+ # settings: ["NonEmptyString"],
37228
+ # },
37229
+ # ],
37230
+ # }
37231
+ #
37232
+ # @!attribute [rw] action
37233
+ # Defines what Network Firewall should do with the packets in a
37234
+ # traffic flow when the flow matches the stateful rule criteria.
37235
+ # @return [String]
37236
+ #
37237
+ # @!attribute [rw] header
37238
+ # The stateful inspection criteria for the rule.
37239
+ # @return [Types::RuleGroupSourceStatefulRulesHeaderDetails]
37240
+ #
37241
+ # @!attribute [rw] rule_options
37242
+ # Additional options for the rule.
37243
+ # @return [Array<Types::RuleGroupSourceStatefulRulesOptionsDetails>]
37244
+ #
37245
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesDetails AWS API Documentation
37246
+ #
37247
+ class RuleGroupSourceStatefulRulesDetails < Struct.new(
37248
+ :action,
37249
+ :header,
37250
+ :rule_options)
37251
+ SENSITIVE = []
37252
+ include Aws::Structure
37253
+ end
37254
+
37255
+ # The inspection criteria for a stateful rule.
37256
+ #
37257
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesHeaderDetails
37258
+ # data as a hash:
37259
+ #
37260
+ # {
37261
+ # destination: "NonEmptyString",
37262
+ # destination_port: "NonEmptyString",
37263
+ # direction: "NonEmptyString",
37264
+ # protocol: "NonEmptyString",
37265
+ # source: "NonEmptyString",
37266
+ # source_port: "NonEmptyString",
37267
+ # }
37268
+ #
37269
+ # @!attribute [rw] destination
37270
+ # The destination IP address or address range to inspect for, in CIDR
37271
+ # notation. To match with any address, specify `ANY`.
37272
+ # @return [String]
37273
+ #
37274
+ # @!attribute [rw] destination_port
37275
+ # The destination port to inspect for. You can specify an individual
37276
+ # port, such as `1994`. You also can specify a port range, such as
37277
+ # `1990:1994`. To match with any port, specify `ANY`.
37278
+ # @return [String]
37279
+ #
37280
+ # @!attribute [rw] direction
37281
+ # The direction of traffic flow to inspect. If set to `ANY`, the
37282
+ # inspection matches bidirectional traffic, both from the source to
37283
+ # the destination and from the destination to the source. If set to
37284
+ # `FORWARD`, the inspection only matches traffic going from the source
37285
+ # to the destination.
37286
+ # @return [String]
37287
+ #
37288
+ # @!attribute [rw] protocol
37289
+ # The protocol to inspect for. To inspector for all protocols, use
37290
+ # `IP`.
37291
+ # @return [String]
37292
+ #
37293
+ # @!attribute [rw] source
37294
+ # The source IP address or address range to inspect for, in CIDR
37295
+ # notation. To match with any address, specify `ANY`.
37296
+ # @return [String]
37297
+ #
37298
+ # @!attribute [rw] source_port
37299
+ # The source port to inspect for. You can specify an individual port,
37300
+ # such as `1994`. You also can specify a port range, such as
37301
+ # `1990:1994`. To match with any port, specify `ANY`.
37302
+ # @return [String]
37303
+ #
37304
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesHeaderDetails AWS API Documentation
37305
+ #
37306
+ class RuleGroupSourceStatefulRulesHeaderDetails < Struct.new(
37307
+ :destination,
37308
+ :destination_port,
37309
+ :direction,
37310
+ :protocol,
37311
+ :source,
37312
+ :source_port)
37313
+ SENSITIVE = []
37314
+ include Aws::Structure
37315
+ end
37316
+
37317
+ # A rule option for a stateful rule.
37318
+ #
37319
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesOptionsDetails
37320
+ # data as a hash:
37321
+ #
37322
+ # {
37323
+ # keyword: "NonEmptyString",
37324
+ # settings: ["NonEmptyString"],
37325
+ # }
37326
+ #
37327
+ # @!attribute [rw] keyword
37328
+ # A keyword to look for.
37329
+ # @return [String]
37330
+ #
37331
+ # @!attribute [rw] settings
37332
+ # A list of settings.
37333
+ # @return [Array<String>]
37334
+ #
37335
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesOptionsDetails AWS API Documentation
37336
+ #
37337
+ class RuleGroupSourceStatefulRulesOptionsDetails < Struct.new(
37338
+ :keyword,
37339
+ :settings)
37340
+ SENSITIVE = []
37341
+ include Aws::Structure
37342
+ end
37343
+
37344
+ # The definition of the stateless rule.
37345
+ #
37346
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleDefinition
37347
+ # data as a hash:
37348
+ #
37349
+ # {
37350
+ # actions: ["NonEmptyString"],
37351
+ # match_attributes: {
37352
+ # destination_ports: [
37353
+ # {
37354
+ # from_port: 1,
37355
+ # to_port: 1,
37356
+ # },
37357
+ # ],
37358
+ # destinations: [
37359
+ # {
37360
+ # address_definition: "NonEmptyString",
37361
+ # },
37362
+ # ],
37363
+ # protocols: [1],
37364
+ # source_ports: [
37365
+ # {
37366
+ # from_port: 1,
37367
+ # to_port: 1,
37368
+ # },
37369
+ # ],
37370
+ # sources: [
37371
+ # {
37372
+ # address_definition: "NonEmptyString",
37373
+ # },
37374
+ # ],
37375
+ # tcp_flags: [
37376
+ # {
37377
+ # flags: ["NonEmptyString"],
37378
+ # masks: ["NonEmptyString"],
37379
+ # },
37380
+ # ],
37381
+ # },
37382
+ # }
37383
+ #
37384
+ # @!attribute [rw] actions
37385
+ # The actions to take on a packet that matches one of the stateless
37386
+ # rule definition's match attributes. You must specify a standard
37387
+ # action (`aws:pass`, `aws:drop`, or `aws:forward_to_sfe`). You can
37388
+ # then add custom actions.
37389
+ # @return [Array<String>]
37390
+ #
37391
+ # @!attribute [rw] match_attributes
37392
+ # The criteria for Network Firewall to use to inspect an individual
37393
+ # packet in a stateless rule inspection.
37394
+ # @return [Types::RuleGroupSourceStatelessRuleMatchAttributes]
37395
+ #
37396
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleDefinition AWS API Documentation
37397
+ #
37398
+ class RuleGroupSourceStatelessRuleDefinition < Struct.new(
37399
+ :actions,
37400
+ :match_attributes)
37401
+ SENSITIVE = []
37402
+ include Aws::Structure
37403
+ end
37404
+
37405
+ # Criteria for the stateless rule.
37406
+ #
37407
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributes
37408
+ # data as a hash:
37409
+ #
37410
+ # {
37411
+ # destination_ports: [
37412
+ # {
37413
+ # from_port: 1,
37414
+ # to_port: 1,
37415
+ # },
37416
+ # ],
37417
+ # destinations: [
37418
+ # {
37419
+ # address_definition: "NonEmptyString",
37420
+ # },
37421
+ # ],
37422
+ # protocols: [1],
37423
+ # source_ports: [
37424
+ # {
37425
+ # from_port: 1,
37426
+ # to_port: 1,
37427
+ # },
37428
+ # ],
37429
+ # sources: [
37430
+ # {
37431
+ # address_definition: "NonEmptyString",
37432
+ # },
37433
+ # ],
37434
+ # tcp_flags: [
37435
+ # {
37436
+ # flags: ["NonEmptyString"],
37437
+ # masks: ["NonEmptyString"],
37438
+ # },
37439
+ # ],
37440
+ # }
37441
+ #
37442
+ # @!attribute [rw] destination_ports
37443
+ # A list of port ranges to specify the destination ports to inspect
37444
+ # for.
37445
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts>]
37446
+ #
37447
+ # @!attribute [rw] destinations
37448
+ # The destination IP addresses and address ranges to inspect for, in
37449
+ # CIDR notation.
37450
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesDestinations>]
37451
+ #
37452
+ # @!attribute [rw] protocols
37453
+ # The protocols to inspect for.
37454
+ # @return [Array<Integer>]
37455
+ #
37456
+ # @!attribute [rw] source_ports
37457
+ # A list of port ranges to specify the source ports to inspect for.
37458
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesSourcePorts>]
37459
+ #
37460
+ # @!attribute [rw] sources
37461
+ # The source IP addresses and address ranges to inspect for, in CIDR
37462
+ # notation.
37463
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesSources>]
37464
+ #
37465
+ # @!attribute [rw] tcp_flags
37466
+ # The TCP flags and masks to inspect for.
37467
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesTcpFlags>]
37468
+ #
37469
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributes AWS API Documentation
37470
+ #
37471
+ class RuleGroupSourceStatelessRuleMatchAttributes < Struct.new(
37472
+ :destination_ports,
37473
+ :destinations,
37474
+ :protocols,
37475
+ :source_ports,
37476
+ :sources,
37477
+ :tcp_flags)
37478
+ SENSITIVE = []
37479
+ include Aws::Structure
37480
+ end
37481
+
37482
+ # A port range to specify the destination ports to inspect for.
37483
+ #
37484
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts
37485
+ # data as a hash:
37486
+ #
37487
+ # {
37488
+ # from_port: 1,
37489
+ # to_port: 1,
37490
+ # }
37491
+ #
37492
+ # @!attribute [rw] from_port
37493
+ # The starting port value for the port range.
37494
+ # @return [Integer]
37495
+ #
37496
+ # @!attribute [rw] to_port
37497
+ # The ending port value for the port range.
37498
+ # @return [Integer]
37499
+ #
37500
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts AWS API Documentation
37501
+ #
37502
+ class RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts < Struct.new(
37503
+ :from_port,
37504
+ :to_port)
37505
+ SENSITIVE = []
37506
+ include Aws::Structure
37507
+ end
37508
+
37509
+ # A destination IP address or range.
37510
+ #
37511
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesDestinations
37512
+ # data as a hash:
37513
+ #
37514
+ # {
37515
+ # address_definition: "NonEmptyString",
37516
+ # }
37517
+ #
37518
+ # @!attribute [rw] address_definition
37519
+ # An IP address or a block of IP addresses.
37520
+ # @return [String]
37521
+ #
37522
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesDestinations AWS API Documentation
37523
+ #
37524
+ class RuleGroupSourceStatelessRuleMatchAttributesDestinations < Struct.new(
37525
+ :address_definition)
37526
+ SENSITIVE = []
37527
+ include Aws::Structure
37528
+ end
37529
+
37530
+ # A port range to specify the source ports to inspect for.
37531
+ #
37532
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesSourcePorts
37533
+ # data as a hash:
37534
+ #
37535
+ # {
37536
+ # from_port: 1,
37537
+ # to_port: 1,
37538
+ # }
37539
+ #
37540
+ # @!attribute [rw] from_port
37541
+ # The starting port value for the port range.
37542
+ # @return [Integer]
37543
+ #
37544
+ # @!attribute [rw] to_port
37545
+ # The ending port value for the port range.
37546
+ # @return [Integer]
37547
+ #
37548
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesSourcePorts AWS API Documentation
37549
+ #
37550
+ class RuleGroupSourceStatelessRuleMatchAttributesSourcePorts < Struct.new(
37551
+ :from_port,
37552
+ :to_port)
37553
+ SENSITIVE = []
37554
+ include Aws::Structure
37555
+ end
37556
+
37557
+ # A source IP addresses and address range to inspect for.
37558
+ #
37559
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesSources
37560
+ # data as a hash:
37561
+ #
37562
+ # {
37563
+ # address_definition: "NonEmptyString",
37564
+ # }
37565
+ #
37566
+ # @!attribute [rw] address_definition
37567
+ # An IP address or a block of IP addresses.
37568
+ # @return [String]
37569
+ #
37570
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesSources AWS API Documentation
37571
+ #
37572
+ class RuleGroupSourceStatelessRuleMatchAttributesSources < Struct.new(
37573
+ :address_definition)
37574
+ SENSITIVE = []
37575
+ include Aws::Structure
37576
+ end
37577
+
37578
+ # A set of TCP flags and masks to inspect for.
37579
+ #
37580
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesTcpFlags
37581
+ # data as a hash:
37582
+ #
37583
+ # {
37584
+ # flags: ["NonEmptyString"],
37585
+ # masks: ["NonEmptyString"],
37586
+ # }
37587
+ #
37588
+ # @!attribute [rw] flags
37589
+ # Defines the flags from the `Masks` setting that must be set in order
37590
+ # for the packet to match. Flags that are listed must be set. Flags
37591
+ # that are not listed must not be set.
37592
+ # @return [Array<String>]
37593
+ #
37594
+ # @!attribute [rw] masks
37595
+ # The set of flags to consider in the inspection. If not specified,
37596
+ # then all flags are inspected.
37597
+ # @return [Array<String>]
37598
+ #
37599
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesTcpFlags AWS API Documentation
37600
+ #
37601
+ class RuleGroupSourceStatelessRuleMatchAttributesTcpFlags < Struct.new(
37602
+ :flags,
37603
+ :masks)
37604
+ SENSITIVE = []
37605
+ include Aws::Structure
37606
+ end
37607
+
37608
+ # Stateless rules and custom actions for a stateless rule group.
37609
+ #
37610
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRulesAndCustomActionsDetails
37611
+ # data as a hash:
37612
+ #
37613
+ # {
37614
+ # custom_actions: [
37615
+ # {
37616
+ # action_definition: {
37617
+ # publish_metric_action: {
37618
+ # dimensions: [
37619
+ # {
37620
+ # value: "NonEmptyString",
37621
+ # },
37622
+ # ],
37623
+ # },
37624
+ # },
37625
+ # action_name: "NonEmptyString",
37626
+ # },
37627
+ # ],
37628
+ # stateless_rules: [
37629
+ # {
37630
+ # priority: 1,
37631
+ # rule_definition: {
37632
+ # actions: ["NonEmptyString"],
37633
+ # match_attributes: {
37634
+ # destination_ports: [
37635
+ # {
37636
+ # from_port: 1,
37637
+ # to_port: 1,
37638
+ # },
37639
+ # ],
37640
+ # destinations: [
37641
+ # {
37642
+ # address_definition: "NonEmptyString",
37643
+ # },
37644
+ # ],
37645
+ # protocols: [1],
37646
+ # source_ports: [
37647
+ # {
37648
+ # from_port: 1,
37649
+ # to_port: 1,
37650
+ # },
37651
+ # ],
37652
+ # sources: [
37653
+ # {
37654
+ # address_definition: "NonEmptyString",
37655
+ # },
37656
+ # ],
37657
+ # tcp_flags: [
37658
+ # {
37659
+ # flags: ["NonEmptyString"],
37660
+ # masks: ["NonEmptyString"],
37661
+ # },
37662
+ # ],
37663
+ # },
37664
+ # },
37665
+ # },
37666
+ # ],
37667
+ # }
37668
+ #
37669
+ # @!attribute [rw] custom_actions
37670
+ # Custom actions for the rule group.
37671
+ # @return [Array<Types::RuleGroupSourceCustomActionsDetails>]
37672
+ #
37673
+ # @!attribute [rw] stateless_rules
37674
+ # Stateless rules for the rule group.
37675
+ # @return [Array<Types::RuleGroupSourceStatelessRulesDetails>]
37676
+ #
37677
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRulesAndCustomActionsDetails AWS API Documentation
37678
+ #
37679
+ class RuleGroupSourceStatelessRulesAndCustomActionsDetails < Struct.new(
37680
+ :custom_actions,
37681
+ :stateless_rules)
37682
+ SENSITIVE = []
37683
+ include Aws::Structure
37684
+ end
37685
+
37686
+ # A stateless rule in the rule group.
37687
+ #
37688
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRulesDetails
37689
+ # data as a hash:
37690
+ #
37691
+ # {
37692
+ # priority: 1,
37693
+ # rule_definition: {
37694
+ # actions: ["NonEmptyString"],
37695
+ # match_attributes: {
37696
+ # destination_ports: [
37697
+ # {
37698
+ # from_port: 1,
37699
+ # to_port: 1,
37700
+ # },
37701
+ # ],
37702
+ # destinations: [
37703
+ # {
37704
+ # address_definition: "NonEmptyString",
37705
+ # },
37706
+ # ],
37707
+ # protocols: [1],
37708
+ # source_ports: [
37709
+ # {
37710
+ # from_port: 1,
37711
+ # to_port: 1,
37712
+ # },
37713
+ # ],
37714
+ # sources: [
37715
+ # {
37716
+ # address_definition: "NonEmptyString",
37717
+ # },
37718
+ # ],
37719
+ # tcp_flags: [
37720
+ # {
37721
+ # flags: ["NonEmptyString"],
37722
+ # masks: ["NonEmptyString"],
37723
+ # },
37724
+ # ],
37725
+ # },
37726
+ # },
37727
+ # }
37728
+ #
37729
+ # @!attribute [rw] priority
37730
+ # Indicates the order in which to run this rule relative to all of the
37731
+ # rules in the stateless rule group.
37732
+ # @return [Integer]
37733
+ #
37734
+ # @!attribute [rw] rule_definition
37735
+ # Provides the definition of the stateless rule.
37736
+ # @return [Types::RuleGroupSourceStatelessRuleDefinition]
37737
+ #
37738
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRulesDetails AWS API Documentation
37739
+ #
37740
+ class RuleGroupSourceStatelessRulesDetails < Struct.new(
37741
+ :priority,
37742
+ :rule_definition)
37743
+ SENSITIVE = []
37744
+ include Aws::Structure
37745
+ end
37746
+
37747
+ # Additional settings to use in the specified rules.
37748
+ #
37749
+ # @note When making an API call, you may pass RuleGroupVariables
37750
+ # data as a hash:
37751
+ #
37752
+ # {
37753
+ # ip_sets: {
37754
+ # definition: ["NonEmptyString"],
37755
+ # },
37756
+ # port_sets: {
37757
+ # definition: ["NonEmptyString"],
37758
+ # },
37759
+ # }
37760
+ #
37761
+ # @!attribute [rw] ip_sets
37762
+ # A list of IP addresses and address ranges, in CIDR notation.
37763
+ # @return [Types::RuleGroupVariablesIpSetsDetails]
37764
+ #
37765
+ # @!attribute [rw] port_sets
37766
+ # A list of port ranges.
37767
+ # @return [Types::RuleGroupVariablesPortSetsDetails]
37768
+ #
37769
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariables AWS API Documentation
37770
+ #
37771
+ class RuleGroupVariables < Struct.new(
37772
+ :ip_sets,
37773
+ :port_sets)
37774
+ SENSITIVE = []
37775
+ include Aws::Structure
37776
+ end
37777
+
37778
+ # A list of IP addresses and address ranges, in CIDR notation.
37779
+ #
37780
+ # @note When making an API call, you may pass RuleGroupVariablesIpSetsDetails
37781
+ # data as a hash:
37782
+ #
37783
+ # {
37784
+ # definition: ["NonEmptyString"],
37785
+ # }
37786
+ #
37787
+ # @!attribute [rw] definition
37788
+ # The list of IP addresses and ranges.
37789
+ # @return [Array<String>]
37790
+ #
37791
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariablesIpSetsDetails AWS API Documentation
37792
+ #
37793
+ class RuleGroupVariablesIpSetsDetails < Struct.new(
37794
+ :definition)
37795
+ SENSITIVE = []
37796
+ include Aws::Structure
37797
+ end
37798
+
37799
+ # A list of port ranges.
37800
+ #
37801
+ # @note When making an API call, you may pass RuleGroupVariablesPortSetsDetails
37802
+ # data as a hash:
37803
+ #
37804
+ # {
37805
+ # definition: ["NonEmptyString"],
37806
+ # }
37807
+ #
37808
+ # @!attribute [rw] definition
37809
+ # The list of port ranges.
37810
+ # @return [Array<String>]
37811
+ #
37812
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariablesPortSetsDetails AWS API Documentation
37813
+ #
37814
+ class RuleGroupVariablesPortSetsDetails < Struct.new(
37815
+ :definition)
37816
+ SENSITIVE = []
37817
+ include Aws::Structure
37818
+ end
37819
+
35035
37820
  # The list of detected instances of sensitive data.
35036
37821
  #
35037
37822
  # @note When making an API call, you may pass SensitiveDataDetections
@@ -35540,6 +38325,21 @@ module Aws::SecurityHub
35540
38325
  include Aws::Structure
35541
38326
  end
35542
38327
 
38328
+ # The reason for the current status of a standard subscription.
38329
+ #
38330
+ # @!attribute [rw] status_reason_code
38331
+ # The reason code that represents the reason for the current status of
38332
+ # a standard subscription.
38333
+ # @return [String]
38334
+ #
38335
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsStatusReason AWS API Documentation
38336
+ #
38337
+ class StandardsStatusReason < Struct.new(
38338
+ :status_reason_code)
38339
+ SENSITIVE = []
38340
+ include Aws::Structure
38341
+ end
38342
+
35543
38343
  # A resource that represents your subscription to a supported standard.
35544
38344
  #
35545
38345
  # @!attribute [rw] standards_subscription_arn
@@ -35572,13 +38372,18 @@ module Aws::SecurityHub
35572
38372
  # * `FAILED` - Standard could not be disabled.
35573
38373
  # @return [String]
35574
38374
  #
38375
+ # @!attribute [rw] standards_status_reason
38376
+ # The reason for the current status.
38377
+ # @return [Types::StandardsStatusReason]
38378
+ #
35575
38379
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
35576
38380
  #
35577
38381
  class StandardsSubscription < Struct.new(
35578
38382
  :standards_subscription_arn,
35579
38383
  :standards_arn,
35580
38384
  :standards_input,
35581
- :standards_status)
38385
+ :standards_status,
38386
+ :standards_status_reason)
35582
38387
  SENSITIVE = []
35583
38388
  include Aws::Structure
35584
38389
  end
@@ -35614,6 +38419,80 @@ module Aws::SecurityHub
35614
38419
  include Aws::Structure
35615
38420
  end
35616
38421
 
38422
+ # The definition of a custom action that can be used for stateless
38423
+ # packet handling.
38424
+ #
38425
+ # @note When making an API call, you may pass StatelessCustomActionDefinition
38426
+ # data as a hash:
38427
+ #
38428
+ # {
38429
+ # publish_metric_action: {
38430
+ # dimensions: [
38431
+ # {
38432
+ # value: "NonEmptyString",
38433
+ # },
38434
+ # ],
38435
+ # },
38436
+ # }
38437
+ #
38438
+ # @!attribute [rw] publish_metric_action
38439
+ # Information about metrics to publish to CloudWatch.
38440
+ # @return [Types::StatelessCustomPublishMetricAction]
38441
+ #
38442
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomActionDefinition AWS API Documentation
38443
+ #
38444
+ class StatelessCustomActionDefinition < Struct.new(
38445
+ :publish_metric_action)
38446
+ SENSITIVE = []
38447
+ include Aws::Structure
38448
+ end
38449
+
38450
+ # Information about metrics to publish to CloudWatch.
38451
+ #
38452
+ # @note When making an API call, you may pass StatelessCustomPublishMetricAction
38453
+ # data as a hash:
38454
+ #
38455
+ # {
38456
+ # dimensions: [
38457
+ # {
38458
+ # value: "NonEmptyString",
38459
+ # },
38460
+ # ],
38461
+ # }
38462
+ #
38463
+ # @!attribute [rw] dimensions
38464
+ # Defines CloudWatch dimension values to publish.
38465
+ # @return [Array<Types::StatelessCustomPublishMetricActionDimension>]
38466
+ #
38467
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomPublishMetricAction AWS API Documentation
38468
+ #
38469
+ class StatelessCustomPublishMetricAction < Struct.new(
38470
+ :dimensions)
38471
+ SENSITIVE = []
38472
+ include Aws::Structure
38473
+ end
38474
+
38475
+ # Defines a CloudWatch dimension value to publish.
38476
+ #
38477
+ # @note When making an API call, you may pass StatelessCustomPublishMetricActionDimension
38478
+ # data as a hash:
38479
+ #
38480
+ # {
38481
+ # value: "NonEmptyString",
38482
+ # }
38483
+ #
38484
+ # @!attribute [rw] value
38485
+ # The value to use for the custom metric dimension.
38486
+ # @return [String]
38487
+ #
38488
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomPublishMetricActionDimension AWS API Documentation
38489
+ #
38490
+ class StatelessCustomPublishMetricActionDimension < Struct.new(
38491
+ :value)
38492
+ SENSITIVE = []
38493
+ include Aws::Structure
38494
+ end
38495
+
35617
38496
  # Provides additional context for the value of `Compliance.Status`.
35618
38497
  #
35619
38498
  # @note When making an API call, you may pass StatusReason
@@ -35903,6 +38782,96 @@ module Aws::SecurityHub
35903
38782
  #
35904
38783
  class UpdateActionTargetResponse < Aws::EmptyStructure; end
35905
38784
 
38785
+ # @note When making an API call, you may pass UpdateFindingAggregatorRequest
38786
+ # data as a hash:
38787
+ #
38788
+ # {
38789
+ # finding_aggregator_arn: "NonEmptyString", # required
38790
+ # region_linking_mode: "NonEmptyString", # required
38791
+ # regions: ["NonEmptyString"],
38792
+ # }
38793
+ #
38794
+ # @!attribute [rw] finding_aggregator_arn
38795
+ # The ARN of the finding aggregator. To obtain the ARN, use
38796
+ # `ListFindingAggregators`.
38797
+ # @return [String]
38798
+ #
38799
+ # @!attribute [rw] region_linking_mode
38800
+ # Indicates whether to aggregate findings from all of the available
38801
+ # Regions in the current partition. Also determines whether to
38802
+ # automatically aggregate findings from new Regions as Security Hub
38803
+ # supports them and you opt into them.
38804
+ #
38805
+ # The selected option also determines how to use the Regions provided
38806
+ # in the Regions list.
38807
+ #
38808
+ # The options are as follows:
38809
+ #
38810
+ # * `ALL_REGIONS` - Indicates to aggregate findings from all of the
38811
+ # Regions where Security Hub is enabled. When you choose this
38812
+ # option, Security Hub also automatically aggregates findings from
38813
+ # new Regions as Security Hub supports them and you opt into them.
38814
+ #
38815
+ # * `ALL_REGIONS_EXCEPT_SPECIFIED` - Indicates to aggregate findings
38816
+ # from all of the Regions where Security Hub is enabled, except for
38817
+ # the Regions listed in the `Regions` parameter. When you choose
38818
+ # this option, Security Hub also automatically aggregates findings
38819
+ # from new Regions as Security Hub supports them and you opt into
38820
+ # them.
38821
+ #
38822
+ # * `SPECIFIED_REGIONS` - Indicates to aggregate findings only from
38823
+ # the Regions listed in the `Regions` parameter. Security Hub does
38824
+ # not automatically aggregate findings from new Regions.
38825
+ # @return [String]
38826
+ #
38827
+ # @!attribute [rw] regions
38828
+ # If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this
38829
+ # is a comma-separated list of Regions that do not aggregate findings
38830
+ # to the aggregation Region.
38831
+ #
38832
+ # If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a
38833
+ # comma-separated list of Regions that do aggregate findings to the
38834
+ # aggregation Region.
38835
+ # @return [Array<String>]
38836
+ #
38837
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateFindingAggregatorRequest AWS API Documentation
38838
+ #
38839
+ class UpdateFindingAggregatorRequest < Struct.new(
38840
+ :finding_aggregator_arn,
38841
+ :region_linking_mode,
38842
+ :regions)
38843
+ SENSITIVE = []
38844
+ include Aws::Structure
38845
+ end
38846
+
38847
+ # @!attribute [rw] finding_aggregator_arn
38848
+ # The ARN of the finding aggregator.
38849
+ # @return [String]
38850
+ #
38851
+ # @!attribute [rw] finding_aggregation_region
38852
+ # The aggregation Region.
38853
+ # @return [String]
38854
+ #
38855
+ # @!attribute [rw] region_linking_mode
38856
+ # Indicates whether to link all Regions, all Regions except for a list
38857
+ # of excluded Regions, or a list of included Regions.
38858
+ # @return [String]
38859
+ #
38860
+ # @!attribute [rw] regions
38861
+ # The list of excluded Regions or included Regions.
38862
+ # @return [Array<String>]
38863
+ #
38864
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateFindingAggregatorResponse AWS API Documentation
38865
+ #
38866
+ class UpdateFindingAggregatorResponse < Struct.new(
38867
+ :finding_aggregator_arn,
38868
+ :finding_aggregation_region,
38869
+ :region_linking_mode,
38870
+ :regions)
38871
+ SENSITIVE = []
38872
+ include Aws::Structure
38873
+ end
38874
+
35906
38875
  # @note When making an API call, you may pass UpdateFindingsRequest
35907
38876
  # data as a hash:
35908
38877
  #