aws-sdk-securityhub 1.56.0 → 1.60.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +20 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +340 -5
  5. data/lib/aws-sdk-securityhub/client_api.rb +293 -0
  6. data/lib/aws-sdk-securityhub/types.rb +2728 -11
  7. data/lib/aws-sdk-securityhub.rb +1 -1
  8. metadata +4 -4
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -1414,6 +1414,27 @@ module Aws::SecurityHub
1414
1414
  include Aws::Structure
1415
1415
  end
1416
1416
 
1417
+ # An Availability Zone for the automatic scaling group.
1418
+ #
1419
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails
1420
+ # data as a hash:
1421
+ #
1422
+ # {
1423
+ # value: "NonEmptyString",
1424
+ # }
1425
+ #
1426
+ # @!attribute [rw] value
1427
+ # The name of the Availability Zone.
1428
+ # @return [String]
1429
+ #
1430
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails AWS API Documentation
1431
+ #
1432
+ class AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails < Struct.new(
1433
+ :value)
1434
+ SENSITIVE = []
1435
+ include Aws::Structure
1436
+ end
1437
+
1417
1438
  # Provides details about an auto scaling group.
1418
1439
  #
1419
1440
  # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupDetails
@@ -1425,6 +1446,34 @@ module Aws::SecurityHub
1425
1446
  # health_check_type: "NonEmptyString",
1426
1447
  # health_check_grace_period: 1,
1427
1448
  # created_time: "NonEmptyString",
1449
+ # mixed_instances_policy: {
1450
+ # instances_distribution: {
1451
+ # on_demand_allocation_strategy: "NonEmptyString",
1452
+ # on_demand_base_capacity: 1,
1453
+ # on_demand_percentage_above_base_capacity: 1,
1454
+ # spot_allocation_strategy: "NonEmptyString",
1455
+ # spot_instance_pools: 1,
1456
+ # spot_max_price: "NonEmptyString",
1457
+ # },
1458
+ # launch_template: {
1459
+ # launch_template_specification: {
1460
+ # launch_template_id: "NonEmptyString",
1461
+ # launch_template_name: "NonEmptyString",
1462
+ # version: "NonEmptyString",
1463
+ # },
1464
+ # overrides: [
1465
+ # {
1466
+ # instance_type: "NonEmptyString",
1467
+ # weighted_capacity: "NonEmptyString",
1468
+ # },
1469
+ # ],
1470
+ # },
1471
+ # },
1472
+ # availability_zones: [
1473
+ # {
1474
+ # value: "NonEmptyString",
1475
+ # },
1476
+ # ],
1428
1477
  # }
1429
1478
  #
1430
1479
  # @!attribute [rw] launch_configuration_name
@@ -1457,6 +1506,14 @@ module Aws::SecurityHub
1457
1506
  # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
1458
1507
  # @return [String]
1459
1508
  #
1509
+ # @!attribute [rw] mixed_instances_policy
1510
+ # The mixed instances policy for the automatic scaling group.
1511
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails]
1512
+ #
1513
+ # @!attribute [rw] availability_zones
1514
+ # The list of Availability Zones for the automatic scaling group.
1515
+ # @return [Array<Types::AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails>]
1516
+ #
1460
1517
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupDetails AWS API Documentation
1461
1518
  #
1462
1519
  class AwsAutoScalingAutoScalingGroupDetails < Struct.new(
@@ -1464,7 +1521,217 @@ module Aws::SecurityHub
1464
1521
  :load_balancer_names,
1465
1522
  :health_check_type,
1466
1523
  :health_check_grace_period,
1467
- :created_time)
1524
+ :created_time,
1525
+ :mixed_instances_policy,
1526
+ :availability_zones)
1527
+ SENSITIVE = []
1528
+ include Aws::Structure
1529
+ end
1530
+
1531
+ # The mixed instances policy for the automatic scaling group.
1532
+ #
1533
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails
1534
+ # data as a hash:
1535
+ #
1536
+ # {
1537
+ # instances_distribution: {
1538
+ # on_demand_allocation_strategy: "NonEmptyString",
1539
+ # on_demand_base_capacity: 1,
1540
+ # on_demand_percentage_above_base_capacity: 1,
1541
+ # spot_allocation_strategy: "NonEmptyString",
1542
+ # spot_instance_pools: 1,
1543
+ # spot_max_price: "NonEmptyString",
1544
+ # },
1545
+ # launch_template: {
1546
+ # launch_template_specification: {
1547
+ # launch_template_id: "NonEmptyString",
1548
+ # launch_template_name: "NonEmptyString",
1549
+ # version: "NonEmptyString",
1550
+ # },
1551
+ # overrides: [
1552
+ # {
1553
+ # instance_type: "NonEmptyString",
1554
+ # weighted_capacity: "NonEmptyString",
1555
+ # },
1556
+ # ],
1557
+ # },
1558
+ # }
1559
+ #
1560
+ # @!attribute [rw] instances_distribution
1561
+ # The instances distribution. The instances distribution specifies the
1562
+ # distribution of On-Demand Instances and Spot Instances, the maximum
1563
+ # price to pay for Spot Instances, and how the Auto Scaling group
1564
+ # allocates instance types to fulfill On-Demand and Spot capacity.
1565
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails]
1566
+ #
1567
+ # @!attribute [rw] launch_template
1568
+ # The launch template to use and the instance types (overrides) to use
1569
+ # to provision EC2 instances to fulfill On-Demand and Spot capacities.
1570
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails]
1571
+ #
1572
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails AWS API Documentation
1573
+ #
1574
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails < Struct.new(
1575
+ :instances_distribution,
1576
+ :launch_template)
1577
+ SENSITIVE = []
1578
+ include Aws::Structure
1579
+ end
1580
+
1581
+ # Information about the instances distribution.
1582
+ #
1583
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails
1584
+ # data as a hash:
1585
+ #
1586
+ # {
1587
+ # on_demand_allocation_strategy: "NonEmptyString",
1588
+ # on_demand_base_capacity: 1,
1589
+ # on_demand_percentage_above_base_capacity: 1,
1590
+ # spot_allocation_strategy: "NonEmptyString",
1591
+ # spot_instance_pools: 1,
1592
+ # spot_max_price: "NonEmptyString",
1593
+ # }
1594
+ #
1595
+ # @!attribute [rw] on_demand_allocation_strategy
1596
+ # How to allocate instance types to fulfill On-Demand capacity.
1597
+ # @return [String]
1598
+ #
1599
+ # @!attribute [rw] on_demand_base_capacity
1600
+ # The minimum amount of the Auto Scaling group's capacity that must
1601
+ # be fulfilled by On-Demand Instances.
1602
+ # @return [Integer]
1603
+ #
1604
+ # @!attribute [rw] on_demand_percentage_above_base_capacity
1605
+ # The percentage of On-Demand Instances and Spot Instances for
1606
+ # additional capacity beyond `OnDemandBaseCapacity`.
1607
+ # @return [Integer]
1608
+ #
1609
+ # @!attribute [rw] spot_allocation_strategy
1610
+ # How to allocate instances across Spot Instance pools.
1611
+ # @return [String]
1612
+ #
1613
+ # @!attribute [rw] spot_instance_pools
1614
+ # The number of Spot Instance pools across which to allocate your Spot
1615
+ # Instances.
1616
+ # @return [Integer]
1617
+ #
1618
+ # @!attribute [rw] spot_max_price
1619
+ # The maximum price per unit hour that you are willing to pay for a
1620
+ # Spot Instance.
1621
+ # @return [String]
1622
+ #
1623
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails AWS API Documentation
1624
+ #
1625
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails < Struct.new(
1626
+ :on_demand_allocation_strategy,
1627
+ :on_demand_base_capacity,
1628
+ :on_demand_percentage_above_base_capacity,
1629
+ :spot_allocation_strategy,
1630
+ :spot_instance_pools,
1631
+ :spot_max_price)
1632
+ SENSITIVE = []
1633
+ include Aws::Structure
1634
+ end
1635
+
1636
+ # Describes a launch template and overrides for a mixed instances
1637
+ # policy.
1638
+ #
1639
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails
1640
+ # data as a hash:
1641
+ #
1642
+ # {
1643
+ # launch_template_specification: {
1644
+ # launch_template_id: "NonEmptyString",
1645
+ # launch_template_name: "NonEmptyString",
1646
+ # version: "NonEmptyString",
1647
+ # },
1648
+ # overrides: [
1649
+ # {
1650
+ # instance_type: "NonEmptyString",
1651
+ # weighted_capacity: "NonEmptyString",
1652
+ # },
1653
+ # ],
1654
+ # }
1655
+ #
1656
+ # @!attribute [rw] launch_template_specification
1657
+ # The launch template to use.
1658
+ # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification]
1659
+ #
1660
+ # @!attribute [rw] overrides
1661
+ # Property values to use to override the values in the launch
1662
+ # template.
1663
+ # @return [Array<Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails>]
1664
+ #
1665
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails AWS API Documentation
1666
+ #
1667
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails < Struct.new(
1668
+ :launch_template_specification,
1669
+ :overrides)
1670
+ SENSITIVE = []
1671
+ include Aws::Structure
1672
+ end
1673
+
1674
+ # Details about the launch template to use.
1675
+ #
1676
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification
1677
+ # data as a hash:
1678
+ #
1679
+ # {
1680
+ # launch_template_id: "NonEmptyString",
1681
+ # launch_template_name: "NonEmptyString",
1682
+ # version: "NonEmptyString",
1683
+ # }
1684
+ #
1685
+ # @!attribute [rw] launch_template_id
1686
+ # The identifier of the launch template. You must specify either
1687
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1688
+ # @return [String]
1689
+ #
1690
+ # @!attribute [rw] launch_template_name
1691
+ # The name of the launch template. You must specify either
1692
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1693
+ # @return [String]
1694
+ #
1695
+ # @!attribute [rw] version
1696
+ # Identifies the version of the launch template. You can specify a
1697
+ # version identifier, or use the values `$Latest` or `$Default`.
1698
+ # @return [String]
1699
+ #
1700
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification AWS API Documentation
1701
+ #
1702
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification < Struct.new(
1703
+ :launch_template_id,
1704
+ :launch_template_name,
1705
+ :version)
1706
+ SENSITIVE = []
1707
+ include Aws::Structure
1708
+ end
1709
+
1710
+ # Property values to use to override the values in the launch template.
1711
+ #
1712
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails
1713
+ # data as a hash:
1714
+ #
1715
+ # {
1716
+ # instance_type: "NonEmptyString",
1717
+ # weighted_capacity: "NonEmptyString",
1718
+ # }
1719
+ #
1720
+ # @!attribute [rw] instance_type
1721
+ # The instance type. For example, `m3.xlarge`.
1722
+ # @return [String]
1723
+ #
1724
+ # @!attribute [rw] weighted_capacity
1725
+ # The number of capacity units provided by the specified instance type
1726
+ # in terms of virtual CPUs, memory, storage, throughput, or other
1727
+ # relative performance characteristic.
1728
+ # @return [String]
1729
+ #
1730
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails AWS API Documentation
1731
+ #
1732
+ class AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails < Struct.new(
1733
+ :instance_type,
1734
+ :weighted_capacity)
1468
1735
  SENSITIVE = []
1469
1736
  include Aws::Structure
1470
1737
  end
@@ -1633,6 +1900,11 @@ module Aws::SecurityHub
1633
1900
  # security_groups: ["NonEmptyString"],
1634
1901
  # spot_price: "NonEmptyString",
1635
1902
  # user_data: "NonEmptyString",
1903
+ # metadata_options: {
1904
+ # http_endpoint: "NonEmptyString",
1905
+ # http_put_response_hop_limit: 1,
1906
+ # http_tokens: "NonEmptyString",
1907
+ # },
1636
1908
  # }
1637
1909
  #
1638
1910
  # @!attribute [rw] associate_public_ip_address
@@ -1725,6 +1997,10 @@ module Aws::SecurityHub
1725
1997
  # be base64-encoded text.
1726
1998
  # @return [String]
1727
1999
  #
2000
+ # @!attribute [rw] metadata_options
2001
+ # The metadata options for the instances.
2002
+ # @return [Types::AwsAutoScalingLaunchConfigurationMetadataOptions]
2003
+ #
1728
2004
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationDetails AWS API Documentation
1729
2005
  #
1730
2006
  class AwsAutoScalingLaunchConfigurationDetails < Struct.new(
@@ -1745,7 +2021,8 @@ module Aws::SecurityHub
1745
2021
  :ramdisk_id,
1746
2022
  :security_groups,
1747
2023
  :spot_price,
1748
- :user_data)
2024
+ :user_data,
2025
+ :metadata_options)
1749
2026
  SENSITIVE = []
1750
2027
  include Aws::Structure
1751
2028
  end
@@ -1775,6 +2052,43 @@ module Aws::SecurityHub
1775
2052
  include Aws::Structure
1776
2053
  end
1777
2054
 
2055
+ # The metadata options for the instances.
2056
+ #
2057
+ # @note When making an API call, you may pass AwsAutoScalingLaunchConfigurationMetadataOptions
2058
+ # data as a hash:
2059
+ #
2060
+ # {
2061
+ # http_endpoint: "NonEmptyString",
2062
+ # http_put_response_hop_limit: 1,
2063
+ # http_tokens: "NonEmptyString",
2064
+ # }
2065
+ #
2066
+ # @!attribute [rw] http_endpoint
2067
+ # Enables or disables the HTTP metadata endpoint on your instances. By
2068
+ # default, the metadata endpoint is enabled.
2069
+ # @return [String]
2070
+ #
2071
+ # @!attribute [rw] http_put_response_hop_limit
2072
+ # The HTTP `PUT` response hop limit for instance metadata requests.
2073
+ # The larger the number, the further instance metadata requests can
2074
+ # travel.
2075
+ # @return [Integer]
2076
+ #
2077
+ # @!attribute [rw] http_tokens
2078
+ # Indicates whether token usage is `required` or `optional` for
2079
+ # metadata requests. By default, token usage is `optional`.
2080
+ # @return [String]
2081
+ #
2082
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationMetadataOptions AWS API Documentation
2083
+ #
2084
+ class AwsAutoScalingLaunchConfigurationMetadataOptions < Struct.new(
2085
+ :http_endpoint,
2086
+ :http_put_response_hop_limit,
2087
+ :http_tokens)
2088
+ SENSITIVE = []
2089
+ include Aws::Structure
2090
+ end
2091
+
1778
2092
  # Provides details about an Certificate Manager certificate.
1779
2093
  #
1780
2094
  # @note When making an API call, you may pass AwsCertificateManagerCertificateDetails
@@ -12004,6 +12318,340 @@ module Aws::SecurityHub
12004
12318
  include Aws::Structure
12005
12319
  end
12006
12320
 
12321
+ # Details about an Network Firewall firewall.
12322
+ #
12323
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallDetails
12324
+ # data as a hash:
12325
+ #
12326
+ # {
12327
+ # delete_protection: false,
12328
+ # description: "NonEmptyString",
12329
+ # firewall_arn: "NonEmptyString",
12330
+ # firewall_id: "NonEmptyString",
12331
+ # firewall_name: "NonEmptyString",
12332
+ # firewall_policy_arn: "NonEmptyString",
12333
+ # firewall_policy_change_protection: false,
12334
+ # subnet_change_protection: false,
12335
+ # subnet_mappings: [
12336
+ # {
12337
+ # subnet_id: "NonEmptyString",
12338
+ # },
12339
+ # ],
12340
+ # vpc_id: "NonEmptyString",
12341
+ # }
12342
+ #
12343
+ # @!attribute [rw] delete_protection
12344
+ # Whether the firewall is protected from deletion. If set to `true`,
12345
+ # then the firewall cannot be deleted.
12346
+ # @return [Boolean]
12347
+ #
12348
+ # @!attribute [rw] description
12349
+ # A description of the firewall.
12350
+ # @return [String]
12351
+ #
12352
+ # @!attribute [rw] firewall_arn
12353
+ # The ARN of the firewall.
12354
+ # @return [String]
12355
+ #
12356
+ # @!attribute [rw] firewall_id
12357
+ # The identifier of the firewall.
12358
+ # @return [String]
12359
+ #
12360
+ # @!attribute [rw] firewall_name
12361
+ # A descriptive name of the firewall.
12362
+ # @return [String]
12363
+ #
12364
+ # @!attribute [rw] firewall_policy_arn
12365
+ # The ARN of the firewall policy.
12366
+ # @return [String]
12367
+ #
12368
+ # @!attribute [rw] firewall_policy_change_protection
12369
+ # Whether the firewall is protected from a change to the firewall
12370
+ # policy. If set to `true`, you cannot associate a different policy
12371
+ # with the firewall.
12372
+ # @return [Boolean]
12373
+ #
12374
+ # @!attribute [rw] subnet_change_protection
12375
+ # Whether the firewall is protected from a change to the subnet
12376
+ # associations. If set to `true`, you cannot map different subnets to
12377
+ # the firewall.
12378
+ # @return [Boolean]
12379
+ #
12380
+ # @!attribute [rw] subnet_mappings
12381
+ # The public subnets that Network Firewall uses for the firewall. Each
12382
+ # subnet must belong to a different Availability Zone.
12383
+ # @return [Array<Types::AwsNetworkFirewallFirewallSubnetMappingsDetails>]
12384
+ #
12385
+ # @!attribute [rw] vpc_id
12386
+ # The identifier of the VPC where the firewall is used.
12387
+ # @return [String]
12388
+ #
12389
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallDetails AWS API Documentation
12390
+ #
12391
+ class AwsNetworkFirewallFirewallDetails < Struct.new(
12392
+ :delete_protection,
12393
+ :description,
12394
+ :firewall_arn,
12395
+ :firewall_id,
12396
+ :firewall_name,
12397
+ :firewall_policy_arn,
12398
+ :firewall_policy_change_protection,
12399
+ :subnet_change_protection,
12400
+ :subnet_mappings,
12401
+ :vpc_id)
12402
+ SENSITIVE = []
12403
+ include Aws::Structure
12404
+ end
12405
+
12406
+ # Details about a firewall policy. A firewall policy defines the
12407
+ # behavior of a network firewall.
12408
+ #
12409
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallPolicyDetails
12410
+ # data as a hash:
12411
+ #
12412
+ # {
12413
+ # firewall_policy: {
12414
+ # stateful_rule_group_references: [
12415
+ # {
12416
+ # resource_arn: "NonEmptyString",
12417
+ # },
12418
+ # ],
12419
+ # stateless_custom_actions: [
12420
+ # {
12421
+ # action_definition: {
12422
+ # publish_metric_action: {
12423
+ # dimensions: [
12424
+ # {
12425
+ # value: "NonEmptyString",
12426
+ # },
12427
+ # ],
12428
+ # },
12429
+ # },
12430
+ # action_name: "NonEmptyString",
12431
+ # },
12432
+ # ],
12433
+ # stateless_default_actions: ["NonEmptyString"],
12434
+ # stateless_fragment_default_actions: ["NonEmptyString"],
12435
+ # stateless_rule_group_references: [
12436
+ # {
12437
+ # priority: 1,
12438
+ # resource_arn: "NonEmptyString",
12439
+ # },
12440
+ # ],
12441
+ # },
12442
+ # firewall_policy_arn: "NonEmptyString",
12443
+ # firewall_policy_id: "NonEmptyString",
12444
+ # firewall_policy_name: "NonEmptyString",
12445
+ # description: "NonEmptyString",
12446
+ # }
12447
+ #
12448
+ # @!attribute [rw] firewall_policy
12449
+ # The firewall policy configuration.
12450
+ # @return [Types::FirewallPolicyDetails]
12451
+ #
12452
+ # @!attribute [rw] firewall_policy_arn
12453
+ # The ARN of the firewall policy.
12454
+ # @return [String]
12455
+ #
12456
+ # @!attribute [rw] firewall_policy_id
12457
+ # The identifier of the firewall policy.
12458
+ # @return [String]
12459
+ #
12460
+ # @!attribute [rw] firewall_policy_name
12461
+ # The name of the firewall policy.
12462
+ # @return [String]
12463
+ #
12464
+ # @!attribute [rw] description
12465
+ # A description of the firewall policy.
12466
+ # @return [String]
12467
+ #
12468
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallPolicyDetails AWS API Documentation
12469
+ #
12470
+ class AwsNetworkFirewallFirewallPolicyDetails < Struct.new(
12471
+ :firewall_policy,
12472
+ :firewall_policy_arn,
12473
+ :firewall_policy_id,
12474
+ :firewall_policy_name,
12475
+ :description)
12476
+ SENSITIVE = []
12477
+ include Aws::Structure
12478
+ end
12479
+
12480
+ # A public subnet that Network Firewall uses for the firewall.
12481
+ #
12482
+ # @note When making an API call, you may pass AwsNetworkFirewallFirewallSubnetMappingsDetails
12483
+ # data as a hash:
12484
+ #
12485
+ # {
12486
+ # subnet_id: "NonEmptyString",
12487
+ # }
12488
+ #
12489
+ # @!attribute [rw] subnet_id
12490
+ # The identifier of the subnet
12491
+ # @return [String]
12492
+ #
12493
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallFirewallSubnetMappingsDetails AWS API Documentation
12494
+ #
12495
+ class AwsNetworkFirewallFirewallSubnetMappingsDetails < Struct.new(
12496
+ :subnet_id)
12497
+ SENSITIVE = []
12498
+ include Aws::Structure
12499
+ end
12500
+
12501
+ # Details about an Network Firewall rule group. Rule groups are used to
12502
+ # inspect and control network traffic. Stateless rule groups apply to
12503
+ # individual packets. Stateful rule groups apply to packets in the
12504
+ # context of their traffic flow.
12505
+ #
12506
+ # Rule groups are referenced in firewall policies.
12507
+ #
12508
+ # @note When making an API call, you may pass AwsNetworkFirewallRuleGroupDetails
12509
+ # data as a hash:
12510
+ #
12511
+ # {
12512
+ # capacity: 1,
12513
+ # description: "NonEmptyString",
12514
+ # rule_group: {
12515
+ # rule_variables: {
12516
+ # ip_sets: {
12517
+ # definition: ["NonEmptyString"],
12518
+ # },
12519
+ # port_sets: {
12520
+ # definition: ["NonEmptyString"],
12521
+ # },
12522
+ # },
12523
+ # rules_source: {
12524
+ # rules_source_list: {
12525
+ # generated_rules_type: "NonEmptyString",
12526
+ # target_types: ["NonEmptyString"],
12527
+ # targets: ["NonEmptyString"],
12528
+ # },
12529
+ # rules_string: "NonEmptyString",
12530
+ # stateful_rules: [
12531
+ # {
12532
+ # action: "NonEmptyString",
12533
+ # header: {
12534
+ # destination: "NonEmptyString",
12535
+ # destination_port: "NonEmptyString",
12536
+ # direction: "NonEmptyString",
12537
+ # protocol: "NonEmptyString",
12538
+ # source: "NonEmptyString",
12539
+ # source_port: "NonEmptyString",
12540
+ # },
12541
+ # rule_options: [
12542
+ # {
12543
+ # keyword: "NonEmptyString",
12544
+ # settings: ["NonEmptyString"],
12545
+ # },
12546
+ # ],
12547
+ # },
12548
+ # ],
12549
+ # stateless_rules_and_custom_actions: {
12550
+ # custom_actions: [
12551
+ # {
12552
+ # action_definition: {
12553
+ # publish_metric_action: {
12554
+ # dimensions: [
12555
+ # {
12556
+ # value: "NonEmptyString",
12557
+ # },
12558
+ # ],
12559
+ # },
12560
+ # },
12561
+ # action_name: "NonEmptyString",
12562
+ # },
12563
+ # ],
12564
+ # stateless_rules: [
12565
+ # {
12566
+ # priority: 1,
12567
+ # rule_definition: {
12568
+ # actions: ["NonEmptyString"],
12569
+ # match_attributes: {
12570
+ # destination_ports: [
12571
+ # {
12572
+ # from_port: 1,
12573
+ # to_port: 1,
12574
+ # },
12575
+ # ],
12576
+ # destinations: [
12577
+ # {
12578
+ # address_definition: "NonEmptyString",
12579
+ # },
12580
+ # ],
12581
+ # protocols: [1],
12582
+ # source_ports: [
12583
+ # {
12584
+ # from_port: 1,
12585
+ # to_port: 1,
12586
+ # },
12587
+ # ],
12588
+ # sources: [
12589
+ # {
12590
+ # address_definition: "NonEmptyString",
12591
+ # },
12592
+ # ],
12593
+ # tcp_flags: [
12594
+ # {
12595
+ # flags: ["NonEmptyString"],
12596
+ # masks: ["NonEmptyString"],
12597
+ # },
12598
+ # ],
12599
+ # },
12600
+ # },
12601
+ # },
12602
+ # ],
12603
+ # },
12604
+ # },
12605
+ # },
12606
+ # rule_group_arn: "NonEmptyString",
12607
+ # rule_group_id: "NonEmptyString",
12608
+ # rule_group_name: "NonEmptyString",
12609
+ # type: "NonEmptyString",
12610
+ # }
12611
+ #
12612
+ # @!attribute [rw] capacity
12613
+ # The maximum number of operating resources that this rule group can
12614
+ # use.
12615
+ # @return [Integer]
12616
+ #
12617
+ # @!attribute [rw] description
12618
+ # A description of the rule group.
12619
+ # @return [String]
12620
+ #
12621
+ # @!attribute [rw] rule_group
12622
+ # Details about the rule group.
12623
+ # @return [Types::RuleGroupDetails]
12624
+ #
12625
+ # @!attribute [rw] rule_group_arn
12626
+ # The ARN of the rule group.
12627
+ # @return [String]
12628
+ #
12629
+ # @!attribute [rw] rule_group_id
12630
+ # The identifier of the rule group.
12631
+ # @return [String]
12632
+ #
12633
+ # @!attribute [rw] rule_group_name
12634
+ # The descriptive name of the rule group.
12635
+ # @return [String]
12636
+ #
12637
+ # @!attribute [rw] type
12638
+ # The type of rule group. A rule group can be stateful or stateless.
12639
+ # @return [String]
12640
+ #
12641
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsNetworkFirewallRuleGroupDetails AWS API Documentation
12642
+ #
12643
+ class AwsNetworkFirewallRuleGroupDetails < Struct.new(
12644
+ :capacity,
12645
+ :description,
12646
+ :rule_group,
12647
+ :rule_group_arn,
12648
+ :rule_group_id,
12649
+ :rule_group_name,
12650
+ :type)
12651
+ SENSITIVE = []
12652
+ include Aws::Structure
12653
+ end
12654
+
12007
12655
  # Details about the configuration of an OpenSearch cluster.
12008
12656
  #
12009
12657
  # @note When making an API call, you may pass AwsOpenSearchServiceDomainClusterConfigDetails
@@ -15965,6 +16613,35 @@ module Aws::SecurityHub
15965
16613
  include Aws::Structure
15966
16614
  end
15967
16615
 
16616
+ # Describes the versioning state of an S3 bucket.
16617
+ #
16618
+ # @note When making an API call, you may pass AwsS3BucketBucketVersioningConfiguration
16619
+ # data as a hash:
16620
+ #
16621
+ # {
16622
+ # is_mfa_delete_enabled: false,
16623
+ # status: "NonEmptyString",
16624
+ # }
16625
+ #
16626
+ # @!attribute [rw] is_mfa_delete_enabled
16627
+ # Specifies whether MFA delete is currently enabled in the S3 bucket
16628
+ # versioning configuration. If the S3 bucket was never configured with
16629
+ # MFA delete, then this attribute is not included.
16630
+ # @return [Boolean]
16631
+ #
16632
+ # @!attribute [rw] status
16633
+ # The versioning status of the S3 bucket.
16634
+ # @return [String]
16635
+ #
16636
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketVersioningConfiguration AWS API Documentation
16637
+ #
16638
+ class AwsS3BucketBucketVersioningConfiguration < Struct.new(
16639
+ :is_mfa_delete_enabled,
16640
+ :status)
16641
+ SENSITIVE = []
16642
+ include Aws::Structure
16643
+ end
16644
+
15968
16645
  # The details of an Amazon S3 bucket.
15969
16646
  #
15970
16647
  # @note When making an API call, you may pass AwsS3BucketDetails
@@ -16087,6 +16764,10 @@ module Aws::SecurityHub
16087
16764
  # },
16088
16765
  # ],
16089
16766
  # },
16767
+ # bucket_versioning_configuration: {
16768
+ # is_mfa_delete_enabled: false,
16769
+ # status: "NonEmptyString",
16770
+ # },
16090
16771
  # }
16091
16772
  #
16092
16773
  # @!attribute [rw] owner_id
@@ -16143,6 +16824,10 @@ module Aws::SecurityHub
16143
16824
  # The notification configuration for the S3 bucket.
16144
16825
  # @return [Types::AwsS3BucketNotificationConfiguration]
16145
16826
  #
16827
+ # @!attribute [rw] bucket_versioning_configuration
16828
+ # The versioning state of an S3 bucket.
16829
+ # @return [Types::AwsS3BucketBucketVersioningConfiguration]
16830
+ #
16146
16831
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
16147
16832
  #
16148
16833
  class AwsS3BucketDetails < Struct.new(
@@ -16156,7 +16841,8 @@ module Aws::SecurityHub
16156
16841
  :access_control_list,
16157
16842
  :bucket_logging_configuration,
16158
16843
  :bucket_website_configuration,
16159
- :bucket_notification_configuration)
16844
+ :bucket_notification_configuration,
16845
+ :bucket_versioning_configuration)
16160
16846
  SENSITIVE = []
16161
16847
  include Aws::Structure
16162
16848
  end
@@ -17077,6 +17763,34 @@ module Aws::SecurityHub
17077
17763
  # health_check_type: "NonEmptyString",
17078
17764
  # health_check_grace_period: 1,
17079
17765
  # created_time: "NonEmptyString",
17766
+ # mixed_instances_policy: {
17767
+ # instances_distribution: {
17768
+ # on_demand_allocation_strategy: "NonEmptyString",
17769
+ # on_demand_base_capacity: 1,
17770
+ # on_demand_percentage_above_base_capacity: 1,
17771
+ # spot_allocation_strategy: "NonEmptyString",
17772
+ # spot_instance_pools: 1,
17773
+ # spot_max_price: "NonEmptyString",
17774
+ # },
17775
+ # launch_template: {
17776
+ # launch_template_specification: {
17777
+ # launch_template_id: "NonEmptyString",
17778
+ # launch_template_name: "NonEmptyString",
17779
+ # version: "NonEmptyString",
17780
+ # },
17781
+ # overrides: [
17782
+ # {
17783
+ # instance_type: "NonEmptyString",
17784
+ # weighted_capacity: "NonEmptyString",
17785
+ # },
17786
+ # ],
17787
+ # },
17788
+ # },
17789
+ # availability_zones: [
17790
+ # {
17791
+ # value: "NonEmptyString",
17792
+ # },
17793
+ # ],
17080
17794
  # },
17081
17795
  # aws_code_build_project: {
17082
17796
  # encryption_key: "NonEmptyString",
@@ -17647,6 +18361,10 @@ module Aws::SecurityHub
17647
18361
  # },
17648
18362
  # ],
17649
18363
  # },
18364
+ # bucket_versioning_configuration: {
18365
+ # is_mfa_delete_enabled: false,
18366
+ # status: "NonEmptyString",
18367
+ # },
17650
18368
  # },
17651
18369
  # aws_s3_account_public_access_block: {
17652
18370
  # block_public_acls: false,
@@ -19061,6 +19779,11 @@ module Aws::SecurityHub
19061
19779
  # security_groups: ["NonEmptyString"],
19062
19780
  # spot_price: "NonEmptyString",
19063
19781
  # user_data: "NonEmptyString",
19782
+ # metadata_options: {
19783
+ # http_endpoint: "NonEmptyString",
19784
+ # http_put_response_hop_limit: 1,
19785
+ # http_tokens: "NonEmptyString",
19786
+ # },
19064
19787
  # },
19065
19788
  # aws_ec2_vpn_connection: {
19066
19789
  # vpn_connection_id: "NonEmptyString",
@@ -19270,6 +19993,157 @@ module Aws::SecurityHub
19270
19993
  # ],
19271
19994
  # },
19272
19995
  # },
19996
+ # aws_network_firewall_firewall_policy: {
19997
+ # firewall_policy: {
19998
+ # stateful_rule_group_references: [
19999
+ # {
20000
+ # resource_arn: "NonEmptyString",
20001
+ # },
20002
+ # ],
20003
+ # stateless_custom_actions: [
20004
+ # {
20005
+ # action_definition: {
20006
+ # publish_metric_action: {
20007
+ # dimensions: [
20008
+ # {
20009
+ # value: "NonEmptyString",
20010
+ # },
20011
+ # ],
20012
+ # },
20013
+ # },
20014
+ # action_name: "NonEmptyString",
20015
+ # },
20016
+ # ],
20017
+ # stateless_default_actions: ["NonEmptyString"],
20018
+ # stateless_fragment_default_actions: ["NonEmptyString"],
20019
+ # stateless_rule_group_references: [
20020
+ # {
20021
+ # priority: 1,
20022
+ # resource_arn: "NonEmptyString",
20023
+ # },
20024
+ # ],
20025
+ # },
20026
+ # firewall_policy_arn: "NonEmptyString",
20027
+ # firewall_policy_id: "NonEmptyString",
20028
+ # firewall_policy_name: "NonEmptyString",
20029
+ # description: "NonEmptyString",
20030
+ # },
20031
+ # aws_network_firewall_firewall: {
20032
+ # delete_protection: false,
20033
+ # description: "NonEmptyString",
20034
+ # firewall_arn: "NonEmptyString",
20035
+ # firewall_id: "NonEmptyString",
20036
+ # firewall_name: "NonEmptyString",
20037
+ # firewall_policy_arn: "NonEmptyString",
20038
+ # firewall_policy_change_protection: false,
20039
+ # subnet_change_protection: false,
20040
+ # subnet_mappings: [
20041
+ # {
20042
+ # subnet_id: "NonEmptyString",
20043
+ # },
20044
+ # ],
20045
+ # vpc_id: "NonEmptyString",
20046
+ # },
20047
+ # aws_network_firewall_rule_group: {
20048
+ # capacity: 1,
20049
+ # description: "NonEmptyString",
20050
+ # rule_group: {
20051
+ # rule_variables: {
20052
+ # ip_sets: {
20053
+ # definition: ["NonEmptyString"],
20054
+ # },
20055
+ # port_sets: {
20056
+ # definition: ["NonEmptyString"],
20057
+ # },
20058
+ # },
20059
+ # rules_source: {
20060
+ # rules_source_list: {
20061
+ # generated_rules_type: "NonEmptyString",
20062
+ # target_types: ["NonEmptyString"],
20063
+ # targets: ["NonEmptyString"],
20064
+ # },
20065
+ # rules_string: "NonEmptyString",
20066
+ # stateful_rules: [
20067
+ # {
20068
+ # action: "NonEmptyString",
20069
+ # header: {
20070
+ # destination: "NonEmptyString",
20071
+ # destination_port: "NonEmptyString",
20072
+ # direction: "NonEmptyString",
20073
+ # protocol: "NonEmptyString",
20074
+ # source: "NonEmptyString",
20075
+ # source_port: "NonEmptyString",
20076
+ # },
20077
+ # rule_options: [
20078
+ # {
20079
+ # keyword: "NonEmptyString",
20080
+ # settings: ["NonEmptyString"],
20081
+ # },
20082
+ # ],
20083
+ # },
20084
+ # ],
20085
+ # stateless_rules_and_custom_actions: {
20086
+ # custom_actions: [
20087
+ # {
20088
+ # action_definition: {
20089
+ # publish_metric_action: {
20090
+ # dimensions: [
20091
+ # {
20092
+ # value: "NonEmptyString",
20093
+ # },
20094
+ # ],
20095
+ # },
20096
+ # },
20097
+ # action_name: "NonEmptyString",
20098
+ # },
20099
+ # ],
20100
+ # stateless_rules: [
20101
+ # {
20102
+ # priority: 1,
20103
+ # rule_definition: {
20104
+ # actions: ["NonEmptyString"],
20105
+ # match_attributes: {
20106
+ # destination_ports: [
20107
+ # {
20108
+ # from_port: 1,
20109
+ # to_port: 1,
20110
+ # },
20111
+ # ],
20112
+ # destinations: [
20113
+ # {
20114
+ # address_definition: "NonEmptyString",
20115
+ # },
20116
+ # ],
20117
+ # protocols: [1],
20118
+ # source_ports: [
20119
+ # {
20120
+ # from_port: 1,
20121
+ # to_port: 1,
20122
+ # },
20123
+ # ],
20124
+ # sources: [
20125
+ # {
20126
+ # address_definition: "NonEmptyString",
20127
+ # },
20128
+ # ],
20129
+ # tcp_flags: [
20130
+ # {
20131
+ # flags: ["NonEmptyString"],
20132
+ # masks: ["NonEmptyString"],
20133
+ # },
20134
+ # ],
20135
+ # },
20136
+ # },
20137
+ # },
20138
+ # ],
20139
+ # },
20140
+ # },
20141
+ # },
20142
+ # rule_group_arn: "NonEmptyString",
20143
+ # rule_group_id: "NonEmptyString",
20144
+ # rule_group_name: "NonEmptyString",
20145
+ # type: "NonEmptyString",
20146
+ # },
19273
20147
  # },
19274
20148
  # },
19275
20149
  # ],
@@ -19475,6 +20349,7 @@ module Aws::SecurityHub
19475
20349
  # },
19476
20350
  # types: ["NonEmptyString"],
19477
20351
  # },
20352
+ # sample: false,
19478
20353
  # }
19479
20354
  #
19480
20355
  # @!attribute [rw] schema_version
@@ -19749,6 +20624,10 @@ module Aws::SecurityHub
19749
20624
  # confidence, criticality, related findings, severity, and types.
19750
20625
  # @return [Types::FindingProviderFields]
19751
20626
  #
20627
+ # @!attribute [rw] sample
20628
+ # Indicates whether the finding is a sample finding.
20629
+ # @return [Boolean]
20630
+ #
19752
20631
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
19753
20632
  #
19754
20633
  class AwsSecurityFinding < Struct.new(
@@ -19790,7 +20669,8 @@ module Aws::SecurityHub
19790
20669
  :vulnerabilities,
19791
20670
  :patch_summary,
19792
20671
  :action,
19793
- :finding_provider_fields)
20672
+ :finding_provider_fields,
20673
+ :sample)
19794
20674
  SENSITIVE = []
19795
20675
  include Aws::Structure
19796
20676
  end
@@ -20421,6 +21301,11 @@ module Aws::SecurityHub
20421
21301
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
20422
21302
  # },
20423
21303
  # ],
21304
+ # sample: [
21305
+ # {
21306
+ # value: false,
21307
+ # },
21308
+ # ],
20424
21309
  # }
20425
21310
  #
20426
21311
  # @!attribute [rw] product_arn
@@ -20805,9 +21690,9 @@ module Aws::SecurityHub
20805
21690
  # Security Hub also resets the workflow status from `NOTIFIED` or
20806
21691
  # `RESOLVED` to `NEW` in the following cases:
20807
21692
  #
20808
- # * The record state changes from `ARCHIVED` to `ACTIVE`.
21693
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
20809
21694
  #
20810
- # * The compliance status changes from `PASSED` to either `WARNING`,
21695
+ # * `Compliance.Status` changes from `PASSED` to either `WARNING`,
20811
21696
  # `FAILED`, or `NOT_AVAILABLE`.
20812
21697
  #
20813
21698
  # * `NOTIFIED` - Indicates that the resource owner has been notified
@@ -20815,11 +21700,36 @@ module Aws::SecurityHub
20815
21700
  # the resource owner, and needs intervention from the resource
20816
21701
  # owner.
20817
21702
  #
20818
- # * `SUPPRESSED` - The finding will not be reviewed again and will not
20819
- # be acted upon.
21703
+ # If one of the following occurs, the workflow status is changed
21704
+ # automatically from `NOTIFIED` to `NEW`\:
21705
+ #
21706
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
21707
+ #
21708
+ # * `Compliance.Status` changes from `PASSED` to `FAILED`,
21709
+ # `WARNING`, or `NOT_AVAILABLE`.
21710
+ #
21711
+ # * `SUPPRESSED` - Indicates that you reviewed the finding and do not
21712
+ # believe that any action is needed.
21713
+ #
21714
+ # The workflow status of a `SUPPRESSED` finding does not change if
21715
+ # `RecordState` changes from `ARCHIVED` to `ACTIVE`.
20820
21716
  #
20821
21717
  # * `RESOLVED` - The finding was reviewed and remediated and is now
20822
21718
  # considered resolved.
21719
+ #
21720
+ # The finding remains `RESOLVED` unless one of the following occurs:
21721
+ #
21722
+ # * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
21723
+ #
21724
+ # * `Compliance.Status` changes from `PASSED` to `FAILED`,
21725
+ # `WARNING`, or `NOT_AVAILABLE`.
21726
+ #
21727
+ # In those cases, the workflow status is automatically reset to
21728
+ # `NEW`.
21729
+ #
21730
+ # For findings from controls, if `Compliance.Status` is `PASSED`,
21731
+ # then Security Hub automatically sets the workflow status to
21732
+ # `RESOLVED`.
20823
21733
  # @return [Array<Types::StringFilter>]
20824
21734
  #
20825
21735
  # @!attribute [rw] record_state
@@ -20896,6 +21806,11 @@ module Aws::SecurityHub
20896
21806
  # Identifications
20897
21807
  # @return [Array<Types::StringFilter>]
20898
21808
  #
21809
+ # @!attribute [rw] sample
21810
+ # Indicates whether or not sample findings are included in the filter
21811
+ # results.
21812
+ # @return [Array<Types::BooleanFilter>]
21813
+ #
20899
21814
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
20900
21815
  #
20901
21816
  class AwsSecurityFindingFilters < Struct.new(
@@ -20992,7 +21907,8 @@ module Aws::SecurityHub
20992
21907
  :finding_provider_fields_related_findings_product_arn,
20993
21908
  :finding_provider_fields_severity_label,
20994
21909
  :finding_provider_fields_severity_original,
20995
- :finding_provider_fields_types)
21910
+ :finding_provider_fields_types,
21911
+ :sample)
20996
21912
  SENSITIVE = []
20997
21913
  include Aws::Structure
20998
21914
  end
@@ -22102,6 +23018,34 @@ module Aws::SecurityHub
22102
23018
  # health_check_type: "NonEmptyString",
22103
23019
  # health_check_grace_period: 1,
22104
23020
  # created_time: "NonEmptyString",
23021
+ # mixed_instances_policy: {
23022
+ # instances_distribution: {
23023
+ # on_demand_allocation_strategy: "NonEmptyString",
23024
+ # on_demand_base_capacity: 1,
23025
+ # on_demand_percentage_above_base_capacity: 1,
23026
+ # spot_allocation_strategy: "NonEmptyString",
23027
+ # spot_instance_pools: 1,
23028
+ # spot_max_price: "NonEmptyString",
23029
+ # },
23030
+ # launch_template: {
23031
+ # launch_template_specification: {
23032
+ # launch_template_id: "NonEmptyString",
23033
+ # launch_template_name: "NonEmptyString",
23034
+ # version: "NonEmptyString",
23035
+ # },
23036
+ # overrides: [
23037
+ # {
23038
+ # instance_type: "NonEmptyString",
23039
+ # weighted_capacity: "NonEmptyString",
23040
+ # },
23041
+ # ],
23042
+ # },
23043
+ # },
23044
+ # availability_zones: [
23045
+ # {
23046
+ # value: "NonEmptyString",
23047
+ # },
23048
+ # ],
22105
23049
  # },
22106
23050
  # aws_code_build_project: {
22107
23051
  # encryption_key: "NonEmptyString",
@@ -22672,6 +23616,10 @@ module Aws::SecurityHub
22672
23616
  # },
22673
23617
  # ],
22674
23618
  # },
23619
+ # bucket_versioning_configuration: {
23620
+ # is_mfa_delete_enabled: false,
23621
+ # status: "NonEmptyString",
23622
+ # },
22675
23623
  # },
22676
23624
  # aws_s3_account_public_access_block: {
22677
23625
  # block_public_acls: false,
@@ -24086,6 +25034,11 @@ module Aws::SecurityHub
24086
25034
  # security_groups: ["NonEmptyString"],
24087
25035
  # spot_price: "NonEmptyString",
24088
25036
  # user_data: "NonEmptyString",
25037
+ # metadata_options: {
25038
+ # http_endpoint: "NonEmptyString",
25039
+ # http_put_response_hop_limit: 1,
25040
+ # http_tokens: "NonEmptyString",
25041
+ # },
24089
25042
  # },
24090
25043
  # aws_ec2_vpn_connection: {
24091
25044
  # vpn_connection_id: "NonEmptyString",
@@ -24295,6 +25248,157 @@ module Aws::SecurityHub
24295
25248
  # ],
24296
25249
  # },
24297
25250
  # },
25251
+ # aws_network_firewall_firewall_policy: {
25252
+ # firewall_policy: {
25253
+ # stateful_rule_group_references: [
25254
+ # {
25255
+ # resource_arn: "NonEmptyString",
25256
+ # },
25257
+ # ],
25258
+ # stateless_custom_actions: [
25259
+ # {
25260
+ # action_definition: {
25261
+ # publish_metric_action: {
25262
+ # dimensions: [
25263
+ # {
25264
+ # value: "NonEmptyString",
25265
+ # },
25266
+ # ],
25267
+ # },
25268
+ # },
25269
+ # action_name: "NonEmptyString",
25270
+ # },
25271
+ # ],
25272
+ # stateless_default_actions: ["NonEmptyString"],
25273
+ # stateless_fragment_default_actions: ["NonEmptyString"],
25274
+ # stateless_rule_group_references: [
25275
+ # {
25276
+ # priority: 1,
25277
+ # resource_arn: "NonEmptyString",
25278
+ # },
25279
+ # ],
25280
+ # },
25281
+ # firewall_policy_arn: "NonEmptyString",
25282
+ # firewall_policy_id: "NonEmptyString",
25283
+ # firewall_policy_name: "NonEmptyString",
25284
+ # description: "NonEmptyString",
25285
+ # },
25286
+ # aws_network_firewall_firewall: {
25287
+ # delete_protection: false,
25288
+ # description: "NonEmptyString",
25289
+ # firewall_arn: "NonEmptyString",
25290
+ # firewall_id: "NonEmptyString",
25291
+ # firewall_name: "NonEmptyString",
25292
+ # firewall_policy_arn: "NonEmptyString",
25293
+ # firewall_policy_change_protection: false,
25294
+ # subnet_change_protection: false,
25295
+ # subnet_mappings: [
25296
+ # {
25297
+ # subnet_id: "NonEmptyString",
25298
+ # },
25299
+ # ],
25300
+ # vpc_id: "NonEmptyString",
25301
+ # },
25302
+ # aws_network_firewall_rule_group: {
25303
+ # capacity: 1,
25304
+ # description: "NonEmptyString",
25305
+ # rule_group: {
25306
+ # rule_variables: {
25307
+ # ip_sets: {
25308
+ # definition: ["NonEmptyString"],
25309
+ # },
25310
+ # port_sets: {
25311
+ # definition: ["NonEmptyString"],
25312
+ # },
25313
+ # },
25314
+ # rules_source: {
25315
+ # rules_source_list: {
25316
+ # generated_rules_type: "NonEmptyString",
25317
+ # target_types: ["NonEmptyString"],
25318
+ # targets: ["NonEmptyString"],
25319
+ # },
25320
+ # rules_string: "NonEmptyString",
25321
+ # stateful_rules: [
25322
+ # {
25323
+ # action: "NonEmptyString",
25324
+ # header: {
25325
+ # destination: "NonEmptyString",
25326
+ # destination_port: "NonEmptyString",
25327
+ # direction: "NonEmptyString",
25328
+ # protocol: "NonEmptyString",
25329
+ # source: "NonEmptyString",
25330
+ # source_port: "NonEmptyString",
25331
+ # },
25332
+ # rule_options: [
25333
+ # {
25334
+ # keyword: "NonEmptyString",
25335
+ # settings: ["NonEmptyString"],
25336
+ # },
25337
+ # ],
25338
+ # },
25339
+ # ],
25340
+ # stateless_rules_and_custom_actions: {
25341
+ # custom_actions: [
25342
+ # {
25343
+ # action_definition: {
25344
+ # publish_metric_action: {
25345
+ # dimensions: [
25346
+ # {
25347
+ # value: "NonEmptyString",
25348
+ # },
25349
+ # ],
25350
+ # },
25351
+ # },
25352
+ # action_name: "NonEmptyString",
25353
+ # },
25354
+ # ],
25355
+ # stateless_rules: [
25356
+ # {
25357
+ # priority: 1,
25358
+ # rule_definition: {
25359
+ # actions: ["NonEmptyString"],
25360
+ # match_attributes: {
25361
+ # destination_ports: [
25362
+ # {
25363
+ # from_port: 1,
25364
+ # to_port: 1,
25365
+ # },
25366
+ # ],
25367
+ # destinations: [
25368
+ # {
25369
+ # address_definition: "NonEmptyString",
25370
+ # },
25371
+ # ],
25372
+ # protocols: [1],
25373
+ # source_ports: [
25374
+ # {
25375
+ # from_port: 1,
25376
+ # to_port: 1,
25377
+ # },
25378
+ # ],
25379
+ # sources: [
25380
+ # {
25381
+ # address_definition: "NonEmptyString",
25382
+ # },
25383
+ # ],
25384
+ # tcp_flags: [
25385
+ # {
25386
+ # flags: ["NonEmptyString"],
25387
+ # masks: ["NonEmptyString"],
25388
+ # },
25389
+ # ],
25390
+ # },
25391
+ # },
25392
+ # },
25393
+ # ],
25394
+ # },
25395
+ # },
25396
+ # },
25397
+ # rule_group_arn: "NonEmptyString",
25398
+ # rule_group_id: "NonEmptyString",
25399
+ # rule_group_name: "NonEmptyString",
25400
+ # type: "NonEmptyString",
25401
+ # },
24298
25402
  # },
24299
25403
  # },
24300
25404
  # ],
@@ -24500,6 +25604,7 @@ module Aws::SecurityHub
24500
25604
  # },
24501
25605
  # types: ["NonEmptyString"],
24502
25606
  # },
25607
+ # sample: false,
24503
25608
  # },
24504
25609
  # ],
24505
25610
  # }
@@ -24723,6 +25828,27 @@ module Aws::SecurityHub
24723
25828
  include Aws::Structure
24724
25829
  end
24725
25830
 
25831
+ # Boolean filter for querying findings.
25832
+ #
25833
+ # @note When making an API call, you may pass BooleanFilter
25834
+ # data as a hash:
25835
+ #
25836
+ # {
25837
+ # value: false,
25838
+ # }
25839
+ #
25840
+ # @!attribute [rw] value
25841
+ # The value of the boolean.
25842
+ # @return [Boolean]
25843
+ #
25844
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BooleanFilter AWS API Documentation
25845
+ #
25846
+ class BooleanFilter < Struct.new(
25847
+ :value)
25848
+ SENSITIVE = []
25849
+ include Aws::Structure
25850
+ end
25851
+
24726
25852
  # An occurrence of sensitive data detected in a Microsoft Excel
24727
25853
  # workbook, comma-separated value (CSV) file, or tab-separated value
24728
25854
  # (TSV) file.
@@ -25908,6 +27034,11 @@ module Aws::SecurityHub
25908
27034
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
25909
27035
  # },
25910
27036
  # ],
27037
+ # sample: [
27038
+ # {
27039
+ # value: false,
27040
+ # },
27041
+ # ],
25911
27042
  # },
25912
27043
  # group_by_attribute: "NonEmptyString", # required
25913
27044
  # }
@@ -27232,6 +28363,167 @@ module Aws::SecurityHub
27232
28363
  include Aws::Structure
27233
28364
  end
27234
28365
 
28366
+ # Defines the behavior of the firewall.
28367
+ #
28368
+ # @note When making an API call, you may pass FirewallPolicyDetails
28369
+ # data as a hash:
28370
+ #
28371
+ # {
28372
+ # stateful_rule_group_references: [
28373
+ # {
28374
+ # resource_arn: "NonEmptyString",
28375
+ # },
28376
+ # ],
28377
+ # stateless_custom_actions: [
28378
+ # {
28379
+ # action_definition: {
28380
+ # publish_metric_action: {
28381
+ # dimensions: [
28382
+ # {
28383
+ # value: "NonEmptyString",
28384
+ # },
28385
+ # ],
28386
+ # },
28387
+ # },
28388
+ # action_name: "NonEmptyString",
28389
+ # },
28390
+ # ],
28391
+ # stateless_default_actions: ["NonEmptyString"],
28392
+ # stateless_fragment_default_actions: ["NonEmptyString"],
28393
+ # stateless_rule_group_references: [
28394
+ # {
28395
+ # priority: 1,
28396
+ # resource_arn: "NonEmptyString",
28397
+ # },
28398
+ # ],
28399
+ # }
28400
+ #
28401
+ # @!attribute [rw] stateful_rule_group_references
28402
+ # The stateful rule groups that are used in the firewall policy.
28403
+ # @return [Array<Types::FirewallPolicyStatefulRuleGroupReferencesDetails>]
28404
+ #
28405
+ # @!attribute [rw] stateless_custom_actions
28406
+ # The custom action definitions that are available to use in the
28407
+ # firewall policy's `StatelessDefaultActions` setting.
28408
+ # @return [Array<Types::FirewallPolicyStatelessCustomActionsDetails>]
28409
+ #
28410
+ # @!attribute [rw] stateless_default_actions
28411
+ # The actions to take on a packet if it doesn't match any of the
28412
+ # stateless rules in the policy.
28413
+ #
28414
+ # You must specify a standard action (`aws:pass`, `aws:drop`,
28415
+ # `aws:forward_to_sfe`), and can optionally include a custom action
28416
+ # from `StatelessCustomActions`.
28417
+ # @return [Array<String>]
28418
+ #
28419
+ # @!attribute [rw] stateless_fragment_default_actions
28420
+ # The actions to take on a fragmented UDP packet if it doesn't match
28421
+ # any of the stateless rules in the policy.
28422
+ #
28423
+ # You must specify a standard action (`aws:pass`, `aws:drop`,
28424
+ # `aws:forward_to_sfe`), and can optionally include a custom action
28425
+ # from `StatelessCustomActions`.
28426
+ # @return [Array<String>]
28427
+ #
28428
+ # @!attribute [rw] stateless_rule_group_references
28429
+ # The stateless rule groups that are used in the firewall policy.
28430
+ # @return [Array<Types::FirewallPolicyStatelessRuleGroupReferencesDetails>]
28431
+ #
28432
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyDetails AWS API Documentation
28433
+ #
28434
+ class FirewallPolicyDetails < Struct.new(
28435
+ :stateful_rule_group_references,
28436
+ :stateless_custom_actions,
28437
+ :stateless_default_actions,
28438
+ :stateless_fragment_default_actions,
28439
+ :stateless_rule_group_references)
28440
+ SENSITIVE = []
28441
+ include Aws::Structure
28442
+ end
28443
+
28444
+ # A stateful rule group that is used by the firewall policy.
28445
+ #
28446
+ # @note When making an API call, you may pass FirewallPolicyStatefulRuleGroupReferencesDetails
28447
+ # data as a hash:
28448
+ #
28449
+ # {
28450
+ # resource_arn: "NonEmptyString",
28451
+ # }
28452
+ #
28453
+ # @!attribute [rw] resource_arn
28454
+ # The ARN of the stateful rule group.
28455
+ # @return [String]
28456
+ #
28457
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatefulRuleGroupReferencesDetails AWS API Documentation
28458
+ #
28459
+ class FirewallPolicyStatefulRuleGroupReferencesDetails < Struct.new(
28460
+ :resource_arn)
28461
+ SENSITIVE = []
28462
+ include Aws::Structure
28463
+ end
28464
+
28465
+ # A custom action that can be used for stateless packet handling.
28466
+ #
28467
+ # @note When making an API call, you may pass FirewallPolicyStatelessCustomActionsDetails
28468
+ # data as a hash:
28469
+ #
28470
+ # {
28471
+ # action_definition: {
28472
+ # publish_metric_action: {
28473
+ # dimensions: [
28474
+ # {
28475
+ # value: "NonEmptyString",
28476
+ # },
28477
+ # ],
28478
+ # },
28479
+ # },
28480
+ # action_name: "NonEmptyString",
28481
+ # }
28482
+ #
28483
+ # @!attribute [rw] action_definition
28484
+ # The definition of the custom action.
28485
+ # @return [Types::StatelessCustomActionDefinition]
28486
+ #
28487
+ # @!attribute [rw] action_name
28488
+ # The name of the custom action.
28489
+ # @return [String]
28490
+ #
28491
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatelessCustomActionsDetails AWS API Documentation
28492
+ #
28493
+ class FirewallPolicyStatelessCustomActionsDetails < Struct.new(
28494
+ :action_definition,
28495
+ :action_name)
28496
+ SENSITIVE = []
28497
+ include Aws::Structure
28498
+ end
28499
+
28500
+ # A stateless rule group that is used by the firewall policy.
28501
+ #
28502
+ # @note When making an API call, you may pass FirewallPolicyStatelessRuleGroupReferencesDetails
28503
+ # data as a hash:
28504
+ #
28505
+ # {
28506
+ # priority: 1,
28507
+ # resource_arn: "NonEmptyString",
28508
+ # }
28509
+ #
28510
+ # @!attribute [rw] priority
28511
+ # The order in which to run the stateless rule group.
28512
+ # @return [Integer]
28513
+ #
28514
+ # @!attribute [rw] resource_arn
28515
+ # The ARN of the stateless rule group.
28516
+ # @return [String]
28517
+ #
28518
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FirewallPolicyStatelessRuleGroupReferencesDetails AWS API Documentation
28519
+ #
28520
+ class FirewallPolicyStatelessRuleGroupReferencesDetails < Struct.new(
28521
+ :priority,
28522
+ :resource_arn)
28523
+ SENSITIVE = []
28524
+ include Aws::Structure
28525
+ end
28526
+
27235
28527
  # Provides the latitude and longitude coordinates of a location.
27236
28528
  #
27237
28529
  # @note When making an API call, you may pass GeoLocation
@@ -28001,6 +29293,11 @@ module Aws::SecurityHub
28001
29293
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
28002
29294
  # },
28003
29295
  # ],
29296
+ # sample: [
29297
+ # {
29298
+ # value: false,
29299
+ # },
29300
+ # ],
28004
29301
  # },
28005
29302
  # sort_criteria: [
28006
29303
  # {
@@ -30408,6 +31705,34 @@ module Aws::SecurityHub
30408
31705
  # health_check_type: "NonEmptyString",
30409
31706
  # health_check_grace_period: 1,
30410
31707
  # created_time: "NonEmptyString",
31708
+ # mixed_instances_policy: {
31709
+ # instances_distribution: {
31710
+ # on_demand_allocation_strategy: "NonEmptyString",
31711
+ # on_demand_base_capacity: 1,
31712
+ # on_demand_percentage_above_base_capacity: 1,
31713
+ # spot_allocation_strategy: "NonEmptyString",
31714
+ # spot_instance_pools: 1,
31715
+ # spot_max_price: "NonEmptyString",
31716
+ # },
31717
+ # launch_template: {
31718
+ # launch_template_specification: {
31719
+ # launch_template_id: "NonEmptyString",
31720
+ # launch_template_name: "NonEmptyString",
31721
+ # version: "NonEmptyString",
31722
+ # },
31723
+ # overrides: [
31724
+ # {
31725
+ # instance_type: "NonEmptyString",
31726
+ # weighted_capacity: "NonEmptyString",
31727
+ # },
31728
+ # ],
31729
+ # },
31730
+ # },
31731
+ # availability_zones: [
31732
+ # {
31733
+ # value: "NonEmptyString",
31734
+ # },
31735
+ # ],
30411
31736
  # },
30412
31737
  # aws_code_build_project: {
30413
31738
  # encryption_key: "NonEmptyString",
@@ -30978,6 +32303,10 @@ module Aws::SecurityHub
30978
32303
  # },
30979
32304
  # ],
30980
32305
  # },
32306
+ # bucket_versioning_configuration: {
32307
+ # is_mfa_delete_enabled: false,
32308
+ # status: "NonEmptyString",
32309
+ # },
30981
32310
  # },
30982
32311
  # aws_s3_account_public_access_block: {
30983
32312
  # block_public_acls: false,
@@ -32392,6 +33721,11 @@ module Aws::SecurityHub
32392
33721
  # security_groups: ["NonEmptyString"],
32393
33722
  # spot_price: "NonEmptyString",
32394
33723
  # user_data: "NonEmptyString",
33724
+ # metadata_options: {
33725
+ # http_endpoint: "NonEmptyString",
33726
+ # http_put_response_hop_limit: 1,
33727
+ # http_tokens: "NonEmptyString",
33728
+ # },
32395
33729
  # },
32396
33730
  # aws_ec2_vpn_connection: {
32397
33731
  # vpn_connection_id: "NonEmptyString",
@@ -32601,6 +33935,157 @@ module Aws::SecurityHub
32601
33935
  # ],
32602
33936
  # },
32603
33937
  # },
33938
+ # aws_network_firewall_firewall_policy: {
33939
+ # firewall_policy: {
33940
+ # stateful_rule_group_references: [
33941
+ # {
33942
+ # resource_arn: "NonEmptyString",
33943
+ # },
33944
+ # ],
33945
+ # stateless_custom_actions: [
33946
+ # {
33947
+ # action_definition: {
33948
+ # publish_metric_action: {
33949
+ # dimensions: [
33950
+ # {
33951
+ # value: "NonEmptyString",
33952
+ # },
33953
+ # ],
33954
+ # },
33955
+ # },
33956
+ # action_name: "NonEmptyString",
33957
+ # },
33958
+ # ],
33959
+ # stateless_default_actions: ["NonEmptyString"],
33960
+ # stateless_fragment_default_actions: ["NonEmptyString"],
33961
+ # stateless_rule_group_references: [
33962
+ # {
33963
+ # priority: 1,
33964
+ # resource_arn: "NonEmptyString",
33965
+ # },
33966
+ # ],
33967
+ # },
33968
+ # firewall_policy_arn: "NonEmptyString",
33969
+ # firewall_policy_id: "NonEmptyString",
33970
+ # firewall_policy_name: "NonEmptyString",
33971
+ # description: "NonEmptyString",
33972
+ # },
33973
+ # aws_network_firewall_firewall: {
33974
+ # delete_protection: false,
33975
+ # description: "NonEmptyString",
33976
+ # firewall_arn: "NonEmptyString",
33977
+ # firewall_id: "NonEmptyString",
33978
+ # firewall_name: "NonEmptyString",
33979
+ # firewall_policy_arn: "NonEmptyString",
33980
+ # firewall_policy_change_protection: false,
33981
+ # subnet_change_protection: false,
33982
+ # subnet_mappings: [
33983
+ # {
33984
+ # subnet_id: "NonEmptyString",
33985
+ # },
33986
+ # ],
33987
+ # vpc_id: "NonEmptyString",
33988
+ # },
33989
+ # aws_network_firewall_rule_group: {
33990
+ # capacity: 1,
33991
+ # description: "NonEmptyString",
33992
+ # rule_group: {
33993
+ # rule_variables: {
33994
+ # ip_sets: {
33995
+ # definition: ["NonEmptyString"],
33996
+ # },
33997
+ # port_sets: {
33998
+ # definition: ["NonEmptyString"],
33999
+ # },
34000
+ # },
34001
+ # rules_source: {
34002
+ # rules_source_list: {
34003
+ # generated_rules_type: "NonEmptyString",
34004
+ # target_types: ["NonEmptyString"],
34005
+ # targets: ["NonEmptyString"],
34006
+ # },
34007
+ # rules_string: "NonEmptyString",
34008
+ # stateful_rules: [
34009
+ # {
34010
+ # action: "NonEmptyString",
34011
+ # header: {
34012
+ # destination: "NonEmptyString",
34013
+ # destination_port: "NonEmptyString",
34014
+ # direction: "NonEmptyString",
34015
+ # protocol: "NonEmptyString",
34016
+ # source: "NonEmptyString",
34017
+ # source_port: "NonEmptyString",
34018
+ # },
34019
+ # rule_options: [
34020
+ # {
34021
+ # keyword: "NonEmptyString",
34022
+ # settings: ["NonEmptyString"],
34023
+ # },
34024
+ # ],
34025
+ # },
34026
+ # ],
34027
+ # stateless_rules_and_custom_actions: {
34028
+ # custom_actions: [
34029
+ # {
34030
+ # action_definition: {
34031
+ # publish_metric_action: {
34032
+ # dimensions: [
34033
+ # {
34034
+ # value: "NonEmptyString",
34035
+ # },
34036
+ # ],
34037
+ # },
34038
+ # },
34039
+ # action_name: "NonEmptyString",
34040
+ # },
34041
+ # ],
34042
+ # stateless_rules: [
34043
+ # {
34044
+ # priority: 1,
34045
+ # rule_definition: {
34046
+ # actions: ["NonEmptyString"],
34047
+ # match_attributes: {
34048
+ # destination_ports: [
34049
+ # {
34050
+ # from_port: 1,
34051
+ # to_port: 1,
34052
+ # },
34053
+ # ],
34054
+ # destinations: [
34055
+ # {
34056
+ # address_definition: "NonEmptyString",
34057
+ # },
34058
+ # ],
34059
+ # protocols: [1],
34060
+ # source_ports: [
34061
+ # {
34062
+ # from_port: 1,
34063
+ # to_port: 1,
34064
+ # },
34065
+ # ],
34066
+ # sources: [
34067
+ # {
34068
+ # address_definition: "NonEmptyString",
34069
+ # },
34070
+ # ],
34071
+ # tcp_flags: [
34072
+ # {
34073
+ # flags: ["NonEmptyString"],
34074
+ # masks: ["NonEmptyString"],
34075
+ # },
34076
+ # ],
34077
+ # },
34078
+ # },
34079
+ # },
34080
+ # ],
34081
+ # },
34082
+ # },
34083
+ # },
34084
+ # rule_group_arn: "NonEmptyString",
34085
+ # rule_group_id: "NonEmptyString",
34086
+ # rule_group_name: "NonEmptyString",
34087
+ # type: "NonEmptyString",
34088
+ # },
32604
34089
  # },
32605
34090
  # }
32606
34091
  #
@@ -32703,6 +34188,34 @@ module Aws::SecurityHub
32703
34188
  # health_check_type: "NonEmptyString",
32704
34189
  # health_check_grace_period: 1,
32705
34190
  # created_time: "NonEmptyString",
34191
+ # mixed_instances_policy: {
34192
+ # instances_distribution: {
34193
+ # on_demand_allocation_strategy: "NonEmptyString",
34194
+ # on_demand_base_capacity: 1,
34195
+ # on_demand_percentage_above_base_capacity: 1,
34196
+ # spot_allocation_strategy: "NonEmptyString",
34197
+ # spot_instance_pools: 1,
34198
+ # spot_max_price: "NonEmptyString",
34199
+ # },
34200
+ # launch_template: {
34201
+ # launch_template_specification: {
34202
+ # launch_template_id: "NonEmptyString",
34203
+ # launch_template_name: "NonEmptyString",
34204
+ # version: "NonEmptyString",
34205
+ # },
34206
+ # overrides: [
34207
+ # {
34208
+ # instance_type: "NonEmptyString",
34209
+ # weighted_capacity: "NonEmptyString",
34210
+ # },
34211
+ # ],
34212
+ # },
34213
+ # },
34214
+ # availability_zones: [
34215
+ # {
34216
+ # value: "NonEmptyString",
34217
+ # },
34218
+ # ],
32706
34219
  # },
32707
34220
  # aws_code_build_project: {
32708
34221
  # encryption_key: "NonEmptyString",
@@ -33273,6 +34786,10 @@ module Aws::SecurityHub
33273
34786
  # },
33274
34787
  # ],
33275
34788
  # },
34789
+ # bucket_versioning_configuration: {
34790
+ # is_mfa_delete_enabled: false,
34791
+ # status: "NonEmptyString",
34792
+ # },
33276
34793
  # },
33277
34794
  # aws_s3_account_public_access_block: {
33278
34795
  # block_public_acls: false,
@@ -34687,6 +36204,11 @@ module Aws::SecurityHub
34687
36204
  # security_groups: ["NonEmptyString"],
34688
36205
  # spot_price: "NonEmptyString",
34689
36206
  # user_data: "NonEmptyString",
36207
+ # metadata_options: {
36208
+ # http_endpoint: "NonEmptyString",
36209
+ # http_put_response_hop_limit: 1,
36210
+ # http_tokens: "NonEmptyString",
36211
+ # },
34690
36212
  # },
34691
36213
  # aws_ec2_vpn_connection: {
34692
36214
  # vpn_connection_id: "NonEmptyString",
@@ -34896,6 +36418,157 @@ module Aws::SecurityHub
34896
36418
  # ],
34897
36419
  # },
34898
36420
  # },
36421
+ # aws_network_firewall_firewall_policy: {
36422
+ # firewall_policy: {
36423
+ # stateful_rule_group_references: [
36424
+ # {
36425
+ # resource_arn: "NonEmptyString",
36426
+ # },
36427
+ # ],
36428
+ # stateless_custom_actions: [
36429
+ # {
36430
+ # action_definition: {
36431
+ # publish_metric_action: {
36432
+ # dimensions: [
36433
+ # {
36434
+ # value: "NonEmptyString",
36435
+ # },
36436
+ # ],
36437
+ # },
36438
+ # },
36439
+ # action_name: "NonEmptyString",
36440
+ # },
36441
+ # ],
36442
+ # stateless_default_actions: ["NonEmptyString"],
36443
+ # stateless_fragment_default_actions: ["NonEmptyString"],
36444
+ # stateless_rule_group_references: [
36445
+ # {
36446
+ # priority: 1,
36447
+ # resource_arn: "NonEmptyString",
36448
+ # },
36449
+ # ],
36450
+ # },
36451
+ # firewall_policy_arn: "NonEmptyString",
36452
+ # firewall_policy_id: "NonEmptyString",
36453
+ # firewall_policy_name: "NonEmptyString",
36454
+ # description: "NonEmptyString",
36455
+ # },
36456
+ # aws_network_firewall_firewall: {
36457
+ # delete_protection: false,
36458
+ # description: "NonEmptyString",
36459
+ # firewall_arn: "NonEmptyString",
36460
+ # firewall_id: "NonEmptyString",
36461
+ # firewall_name: "NonEmptyString",
36462
+ # firewall_policy_arn: "NonEmptyString",
36463
+ # firewall_policy_change_protection: false,
36464
+ # subnet_change_protection: false,
36465
+ # subnet_mappings: [
36466
+ # {
36467
+ # subnet_id: "NonEmptyString",
36468
+ # },
36469
+ # ],
36470
+ # vpc_id: "NonEmptyString",
36471
+ # },
36472
+ # aws_network_firewall_rule_group: {
36473
+ # capacity: 1,
36474
+ # description: "NonEmptyString",
36475
+ # rule_group: {
36476
+ # rule_variables: {
36477
+ # ip_sets: {
36478
+ # definition: ["NonEmptyString"],
36479
+ # },
36480
+ # port_sets: {
36481
+ # definition: ["NonEmptyString"],
36482
+ # },
36483
+ # },
36484
+ # rules_source: {
36485
+ # rules_source_list: {
36486
+ # generated_rules_type: "NonEmptyString",
36487
+ # target_types: ["NonEmptyString"],
36488
+ # targets: ["NonEmptyString"],
36489
+ # },
36490
+ # rules_string: "NonEmptyString",
36491
+ # stateful_rules: [
36492
+ # {
36493
+ # action: "NonEmptyString",
36494
+ # header: {
36495
+ # destination: "NonEmptyString",
36496
+ # destination_port: "NonEmptyString",
36497
+ # direction: "NonEmptyString",
36498
+ # protocol: "NonEmptyString",
36499
+ # source: "NonEmptyString",
36500
+ # source_port: "NonEmptyString",
36501
+ # },
36502
+ # rule_options: [
36503
+ # {
36504
+ # keyword: "NonEmptyString",
36505
+ # settings: ["NonEmptyString"],
36506
+ # },
36507
+ # ],
36508
+ # },
36509
+ # ],
36510
+ # stateless_rules_and_custom_actions: {
36511
+ # custom_actions: [
36512
+ # {
36513
+ # action_definition: {
36514
+ # publish_metric_action: {
36515
+ # dimensions: [
36516
+ # {
36517
+ # value: "NonEmptyString",
36518
+ # },
36519
+ # ],
36520
+ # },
36521
+ # },
36522
+ # action_name: "NonEmptyString",
36523
+ # },
36524
+ # ],
36525
+ # stateless_rules: [
36526
+ # {
36527
+ # priority: 1,
36528
+ # rule_definition: {
36529
+ # actions: ["NonEmptyString"],
36530
+ # match_attributes: {
36531
+ # destination_ports: [
36532
+ # {
36533
+ # from_port: 1,
36534
+ # to_port: 1,
36535
+ # },
36536
+ # ],
36537
+ # destinations: [
36538
+ # {
36539
+ # address_definition: "NonEmptyString",
36540
+ # },
36541
+ # ],
36542
+ # protocols: [1],
36543
+ # source_ports: [
36544
+ # {
36545
+ # from_port: 1,
36546
+ # to_port: 1,
36547
+ # },
36548
+ # ],
36549
+ # sources: [
36550
+ # {
36551
+ # address_definition: "NonEmptyString",
36552
+ # },
36553
+ # ],
36554
+ # tcp_flags: [
36555
+ # {
36556
+ # flags: ["NonEmptyString"],
36557
+ # masks: ["NonEmptyString"],
36558
+ # },
36559
+ # ],
36560
+ # },
36561
+ # },
36562
+ # },
36563
+ # ],
36564
+ # },
36565
+ # },
36566
+ # },
36567
+ # rule_group_arn: "NonEmptyString",
36568
+ # rule_group_id: "NonEmptyString",
36569
+ # rule_group_name: "NonEmptyString",
36570
+ # type: "NonEmptyString",
36571
+ # },
34899
36572
  # }
34900
36573
  #
34901
36574
  # @!attribute [rw] aws_auto_scaling_auto_scaling_group
@@ -35149,6 +36822,18 @@ module Aws::SecurityHub
35149
36822
  # Details about an Amazon EKS cluster.
35150
36823
  # @return [Types::AwsEksClusterDetails]
35151
36824
  #
36825
+ # @!attribute [rw] aws_network_firewall_firewall_policy
36826
+ # Details about an Network Firewall firewall policy.
36827
+ # @return [Types::AwsNetworkFirewallFirewallPolicyDetails]
36828
+ #
36829
+ # @!attribute [rw] aws_network_firewall_firewall
36830
+ # Details about an Network Firewall firewall.
36831
+ # @return [Types::AwsNetworkFirewallFirewallDetails]
36832
+ #
36833
+ # @!attribute [rw] aws_network_firewall_rule_group
36834
+ # Details about an Network Firewall rule group.
36835
+ # @return [Types::AwsNetworkFirewallRuleGroupDetails]
36836
+ #
35152
36837
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
35153
36838
  #
35154
36839
  class ResourceDetails < Struct.new(
@@ -35210,7 +36895,10 @@ module Aws::SecurityHub
35210
36895
  :aws_waf_rate_based_rule,
35211
36896
  :aws_waf_regional_rate_based_rule,
35212
36897
  :aws_ecr_repository,
35213
- :aws_eks_cluster)
36898
+ :aws_eks_cluster,
36899
+ :aws_network_firewall_firewall_policy,
36900
+ :aws_network_firewall_firewall,
36901
+ :aws_network_firewall_rule_group)
35214
36902
  SENSITIVE = []
35215
36903
  include Aws::Structure
35216
36904
  end
@@ -35253,6 +36941,931 @@ module Aws::SecurityHub
35253
36941
  include Aws::Structure
35254
36942
  end
35255
36943
 
36944
+ # Details about the rule group.
36945
+ #
36946
+ # @note When making an API call, you may pass RuleGroupDetails
36947
+ # data as a hash:
36948
+ #
36949
+ # {
36950
+ # rule_variables: {
36951
+ # ip_sets: {
36952
+ # definition: ["NonEmptyString"],
36953
+ # },
36954
+ # port_sets: {
36955
+ # definition: ["NonEmptyString"],
36956
+ # },
36957
+ # },
36958
+ # rules_source: {
36959
+ # rules_source_list: {
36960
+ # generated_rules_type: "NonEmptyString",
36961
+ # target_types: ["NonEmptyString"],
36962
+ # targets: ["NonEmptyString"],
36963
+ # },
36964
+ # rules_string: "NonEmptyString",
36965
+ # stateful_rules: [
36966
+ # {
36967
+ # action: "NonEmptyString",
36968
+ # header: {
36969
+ # destination: "NonEmptyString",
36970
+ # destination_port: "NonEmptyString",
36971
+ # direction: "NonEmptyString",
36972
+ # protocol: "NonEmptyString",
36973
+ # source: "NonEmptyString",
36974
+ # source_port: "NonEmptyString",
36975
+ # },
36976
+ # rule_options: [
36977
+ # {
36978
+ # keyword: "NonEmptyString",
36979
+ # settings: ["NonEmptyString"],
36980
+ # },
36981
+ # ],
36982
+ # },
36983
+ # ],
36984
+ # stateless_rules_and_custom_actions: {
36985
+ # custom_actions: [
36986
+ # {
36987
+ # action_definition: {
36988
+ # publish_metric_action: {
36989
+ # dimensions: [
36990
+ # {
36991
+ # value: "NonEmptyString",
36992
+ # },
36993
+ # ],
36994
+ # },
36995
+ # },
36996
+ # action_name: "NonEmptyString",
36997
+ # },
36998
+ # ],
36999
+ # stateless_rules: [
37000
+ # {
37001
+ # priority: 1,
37002
+ # rule_definition: {
37003
+ # actions: ["NonEmptyString"],
37004
+ # match_attributes: {
37005
+ # destination_ports: [
37006
+ # {
37007
+ # from_port: 1,
37008
+ # to_port: 1,
37009
+ # },
37010
+ # ],
37011
+ # destinations: [
37012
+ # {
37013
+ # address_definition: "NonEmptyString",
37014
+ # },
37015
+ # ],
37016
+ # protocols: [1],
37017
+ # source_ports: [
37018
+ # {
37019
+ # from_port: 1,
37020
+ # to_port: 1,
37021
+ # },
37022
+ # ],
37023
+ # sources: [
37024
+ # {
37025
+ # address_definition: "NonEmptyString",
37026
+ # },
37027
+ # ],
37028
+ # tcp_flags: [
37029
+ # {
37030
+ # flags: ["NonEmptyString"],
37031
+ # masks: ["NonEmptyString"],
37032
+ # },
37033
+ # ],
37034
+ # },
37035
+ # },
37036
+ # },
37037
+ # ],
37038
+ # },
37039
+ # },
37040
+ # }
37041
+ #
37042
+ # @!attribute [rw] rule_variables
37043
+ # Additional settings to use in the specified rules.
37044
+ # @return [Types::RuleGroupVariables]
37045
+ #
37046
+ # @!attribute [rw] rules_source
37047
+ # The rules and actions for the rule group.
37048
+ #
37049
+ # For stateful rule groups, can contain `RulesString`,
37050
+ # `RulesSourceList`, or `StatefulRules`.
37051
+ #
37052
+ # For stateless rule groups, contains
37053
+ # `StatelessRulesAndCustomActions`.
37054
+ # @return [Types::RuleGroupSource]
37055
+ #
37056
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupDetails AWS API Documentation
37057
+ #
37058
+ class RuleGroupDetails < Struct.new(
37059
+ :rule_variables,
37060
+ :rules_source)
37061
+ SENSITIVE = []
37062
+ include Aws::Structure
37063
+ end
37064
+
37065
+ # The rules and actions for the rule group.
37066
+ #
37067
+ # @note When making an API call, you may pass RuleGroupSource
37068
+ # data as a hash:
37069
+ #
37070
+ # {
37071
+ # rules_source_list: {
37072
+ # generated_rules_type: "NonEmptyString",
37073
+ # target_types: ["NonEmptyString"],
37074
+ # targets: ["NonEmptyString"],
37075
+ # },
37076
+ # rules_string: "NonEmptyString",
37077
+ # stateful_rules: [
37078
+ # {
37079
+ # action: "NonEmptyString",
37080
+ # header: {
37081
+ # destination: "NonEmptyString",
37082
+ # destination_port: "NonEmptyString",
37083
+ # direction: "NonEmptyString",
37084
+ # protocol: "NonEmptyString",
37085
+ # source: "NonEmptyString",
37086
+ # source_port: "NonEmptyString",
37087
+ # },
37088
+ # rule_options: [
37089
+ # {
37090
+ # keyword: "NonEmptyString",
37091
+ # settings: ["NonEmptyString"],
37092
+ # },
37093
+ # ],
37094
+ # },
37095
+ # ],
37096
+ # stateless_rules_and_custom_actions: {
37097
+ # custom_actions: [
37098
+ # {
37099
+ # action_definition: {
37100
+ # publish_metric_action: {
37101
+ # dimensions: [
37102
+ # {
37103
+ # value: "NonEmptyString",
37104
+ # },
37105
+ # ],
37106
+ # },
37107
+ # },
37108
+ # action_name: "NonEmptyString",
37109
+ # },
37110
+ # ],
37111
+ # stateless_rules: [
37112
+ # {
37113
+ # priority: 1,
37114
+ # rule_definition: {
37115
+ # actions: ["NonEmptyString"],
37116
+ # match_attributes: {
37117
+ # destination_ports: [
37118
+ # {
37119
+ # from_port: 1,
37120
+ # to_port: 1,
37121
+ # },
37122
+ # ],
37123
+ # destinations: [
37124
+ # {
37125
+ # address_definition: "NonEmptyString",
37126
+ # },
37127
+ # ],
37128
+ # protocols: [1],
37129
+ # source_ports: [
37130
+ # {
37131
+ # from_port: 1,
37132
+ # to_port: 1,
37133
+ # },
37134
+ # ],
37135
+ # sources: [
37136
+ # {
37137
+ # address_definition: "NonEmptyString",
37138
+ # },
37139
+ # ],
37140
+ # tcp_flags: [
37141
+ # {
37142
+ # flags: ["NonEmptyString"],
37143
+ # masks: ["NonEmptyString"],
37144
+ # },
37145
+ # ],
37146
+ # },
37147
+ # },
37148
+ # },
37149
+ # ],
37150
+ # },
37151
+ # }
37152
+ #
37153
+ # @!attribute [rw] rules_source_list
37154
+ # Stateful inspection criteria for a domain list rule group. A domain
37155
+ # list rule group determines access by specific protocols to specific
37156
+ # domains.
37157
+ # @return [Types::RuleGroupSourceListDetails]
37158
+ #
37159
+ # @!attribute [rw] rules_string
37160
+ # Stateful inspection criteria, provided in Suricata compatible
37161
+ # intrusion prevention system (IPS) rules.
37162
+ # @return [String]
37163
+ #
37164
+ # @!attribute [rw] stateful_rules
37165
+ # Suricata rule specifications.
37166
+ # @return [Array<Types::RuleGroupSourceStatefulRulesDetails>]
37167
+ #
37168
+ # @!attribute [rw] stateless_rules_and_custom_actions
37169
+ # The stateless rules and custom actions used by a stateless rule
37170
+ # group.
37171
+ # @return [Types::RuleGroupSourceStatelessRulesAndCustomActionsDetails]
37172
+ #
37173
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSource AWS API Documentation
37174
+ #
37175
+ class RuleGroupSource < Struct.new(
37176
+ :rules_source_list,
37177
+ :rules_string,
37178
+ :stateful_rules,
37179
+ :stateless_rules_and_custom_actions)
37180
+ SENSITIVE = []
37181
+ include Aws::Structure
37182
+ end
37183
+
37184
+ # A custom action definition. A custom action is an optional,
37185
+ # non-standard action to use for stateless packet handling.
37186
+ #
37187
+ # @note When making an API call, you may pass RuleGroupSourceCustomActionsDetails
37188
+ # data as a hash:
37189
+ #
37190
+ # {
37191
+ # action_definition: {
37192
+ # publish_metric_action: {
37193
+ # dimensions: [
37194
+ # {
37195
+ # value: "NonEmptyString",
37196
+ # },
37197
+ # ],
37198
+ # },
37199
+ # },
37200
+ # action_name: "NonEmptyString",
37201
+ # }
37202
+ #
37203
+ # @!attribute [rw] action_definition
37204
+ # The definition of a custom action.
37205
+ # @return [Types::StatelessCustomActionDefinition]
37206
+ #
37207
+ # @!attribute [rw] action_name
37208
+ # A descriptive name of the custom action.
37209
+ # @return [String]
37210
+ #
37211
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceCustomActionsDetails AWS API Documentation
37212
+ #
37213
+ class RuleGroupSourceCustomActionsDetails < Struct.new(
37214
+ :action_definition,
37215
+ :action_name)
37216
+ SENSITIVE = []
37217
+ include Aws::Structure
37218
+ end
37219
+
37220
+ # Stateful inspection criteria for a domain list rule group.
37221
+ #
37222
+ # @note When making an API call, you may pass RuleGroupSourceListDetails
37223
+ # data as a hash:
37224
+ #
37225
+ # {
37226
+ # generated_rules_type: "NonEmptyString",
37227
+ # target_types: ["NonEmptyString"],
37228
+ # targets: ["NonEmptyString"],
37229
+ # }
37230
+ #
37231
+ # @!attribute [rw] generated_rules_type
37232
+ # Indicates whether to allow or deny access to the domains listed in
37233
+ # `Targets`.
37234
+ # @return [String]
37235
+ #
37236
+ # @!attribute [rw] target_types
37237
+ # The protocols that you want to inspect. Specify `LS_SNI` for HTTPS.
37238
+ # Specify `HTTP_HOST` for HTTP. You can specify either or both.
37239
+ # @return [Array<String>]
37240
+ #
37241
+ # @!attribute [rw] targets
37242
+ # The domains that you want to inspect for in your traffic flows. You
37243
+ # can provide full domain names, or use the '.' prefix as a
37244
+ # wildcard. For example, `.example.com` matches all domains that end
37245
+ # with `example.com`.
37246
+ # @return [Array<String>]
37247
+ #
37248
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceListDetails AWS API Documentation
37249
+ #
37250
+ class RuleGroupSourceListDetails < Struct.new(
37251
+ :generated_rules_type,
37252
+ :target_types,
37253
+ :targets)
37254
+ SENSITIVE = []
37255
+ include Aws::Structure
37256
+ end
37257
+
37258
+ # A Suricata rule specification.
37259
+ #
37260
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesDetails
37261
+ # data as a hash:
37262
+ #
37263
+ # {
37264
+ # action: "NonEmptyString",
37265
+ # header: {
37266
+ # destination: "NonEmptyString",
37267
+ # destination_port: "NonEmptyString",
37268
+ # direction: "NonEmptyString",
37269
+ # protocol: "NonEmptyString",
37270
+ # source: "NonEmptyString",
37271
+ # source_port: "NonEmptyString",
37272
+ # },
37273
+ # rule_options: [
37274
+ # {
37275
+ # keyword: "NonEmptyString",
37276
+ # settings: ["NonEmptyString"],
37277
+ # },
37278
+ # ],
37279
+ # }
37280
+ #
37281
+ # @!attribute [rw] action
37282
+ # Defines what Network Firewall should do with the packets in a
37283
+ # traffic flow when the flow matches the stateful rule criteria.
37284
+ # @return [String]
37285
+ #
37286
+ # @!attribute [rw] header
37287
+ # The stateful inspection criteria for the rule.
37288
+ # @return [Types::RuleGroupSourceStatefulRulesHeaderDetails]
37289
+ #
37290
+ # @!attribute [rw] rule_options
37291
+ # Additional options for the rule.
37292
+ # @return [Array<Types::RuleGroupSourceStatefulRulesOptionsDetails>]
37293
+ #
37294
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesDetails AWS API Documentation
37295
+ #
37296
+ class RuleGroupSourceStatefulRulesDetails < Struct.new(
37297
+ :action,
37298
+ :header,
37299
+ :rule_options)
37300
+ SENSITIVE = []
37301
+ include Aws::Structure
37302
+ end
37303
+
37304
+ # The inspection criteria for a stateful rule.
37305
+ #
37306
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesHeaderDetails
37307
+ # data as a hash:
37308
+ #
37309
+ # {
37310
+ # destination: "NonEmptyString",
37311
+ # destination_port: "NonEmptyString",
37312
+ # direction: "NonEmptyString",
37313
+ # protocol: "NonEmptyString",
37314
+ # source: "NonEmptyString",
37315
+ # source_port: "NonEmptyString",
37316
+ # }
37317
+ #
37318
+ # @!attribute [rw] destination
37319
+ # The destination IP address or address range to inspect for, in CIDR
37320
+ # notation. To match with any address, specify `ANY`.
37321
+ # @return [String]
37322
+ #
37323
+ # @!attribute [rw] destination_port
37324
+ # The destination port to inspect for. You can specify an individual
37325
+ # port, such as `1994`. You also can specify a port range, such as
37326
+ # `1990:1994`. To match with any port, specify `ANY`.
37327
+ # @return [String]
37328
+ #
37329
+ # @!attribute [rw] direction
37330
+ # The direction of traffic flow to inspect. If set to `ANY`, the
37331
+ # inspection matches bidirectional traffic, both from the source to
37332
+ # the destination and from the destination to the source. If set to
37333
+ # `FORWARD`, the inspection only matches traffic going from the source
37334
+ # to the destination.
37335
+ # @return [String]
37336
+ #
37337
+ # @!attribute [rw] protocol
37338
+ # The protocol to inspect for. To inspector for all protocols, use
37339
+ # `IP`.
37340
+ # @return [String]
37341
+ #
37342
+ # @!attribute [rw] source
37343
+ # The source IP address or address range to inspect for, in CIDR
37344
+ # notation. To match with any address, specify `ANY`.
37345
+ # @return [String]
37346
+ #
37347
+ # @!attribute [rw] source_port
37348
+ # The source port to inspect for. You can specify an individual port,
37349
+ # such as `1994`. You also can specify a port range, such as
37350
+ # `1990:1994`. To match with any port, specify `ANY`.
37351
+ # @return [String]
37352
+ #
37353
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesHeaderDetails AWS API Documentation
37354
+ #
37355
+ class RuleGroupSourceStatefulRulesHeaderDetails < Struct.new(
37356
+ :destination,
37357
+ :destination_port,
37358
+ :direction,
37359
+ :protocol,
37360
+ :source,
37361
+ :source_port)
37362
+ SENSITIVE = []
37363
+ include Aws::Structure
37364
+ end
37365
+
37366
+ # A rule option for a stateful rule.
37367
+ #
37368
+ # @note When making an API call, you may pass RuleGroupSourceStatefulRulesOptionsDetails
37369
+ # data as a hash:
37370
+ #
37371
+ # {
37372
+ # keyword: "NonEmptyString",
37373
+ # settings: ["NonEmptyString"],
37374
+ # }
37375
+ #
37376
+ # @!attribute [rw] keyword
37377
+ # A keyword to look for.
37378
+ # @return [String]
37379
+ #
37380
+ # @!attribute [rw] settings
37381
+ # A list of settings.
37382
+ # @return [Array<String>]
37383
+ #
37384
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatefulRulesOptionsDetails AWS API Documentation
37385
+ #
37386
+ class RuleGroupSourceStatefulRulesOptionsDetails < Struct.new(
37387
+ :keyword,
37388
+ :settings)
37389
+ SENSITIVE = []
37390
+ include Aws::Structure
37391
+ end
37392
+
37393
+ # The definition of the stateless rule.
37394
+ #
37395
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleDefinition
37396
+ # data as a hash:
37397
+ #
37398
+ # {
37399
+ # actions: ["NonEmptyString"],
37400
+ # match_attributes: {
37401
+ # destination_ports: [
37402
+ # {
37403
+ # from_port: 1,
37404
+ # to_port: 1,
37405
+ # },
37406
+ # ],
37407
+ # destinations: [
37408
+ # {
37409
+ # address_definition: "NonEmptyString",
37410
+ # },
37411
+ # ],
37412
+ # protocols: [1],
37413
+ # source_ports: [
37414
+ # {
37415
+ # from_port: 1,
37416
+ # to_port: 1,
37417
+ # },
37418
+ # ],
37419
+ # sources: [
37420
+ # {
37421
+ # address_definition: "NonEmptyString",
37422
+ # },
37423
+ # ],
37424
+ # tcp_flags: [
37425
+ # {
37426
+ # flags: ["NonEmptyString"],
37427
+ # masks: ["NonEmptyString"],
37428
+ # },
37429
+ # ],
37430
+ # },
37431
+ # }
37432
+ #
37433
+ # @!attribute [rw] actions
37434
+ # The actions to take on a packet that matches one of the stateless
37435
+ # rule definition's match attributes. You must specify a standard
37436
+ # action (`aws:pass`, `aws:drop`, or `aws:forward_to_sfe`). You can
37437
+ # then add custom actions.
37438
+ # @return [Array<String>]
37439
+ #
37440
+ # @!attribute [rw] match_attributes
37441
+ # The criteria for Network Firewall to use to inspect an individual
37442
+ # packet in a stateless rule inspection.
37443
+ # @return [Types::RuleGroupSourceStatelessRuleMatchAttributes]
37444
+ #
37445
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleDefinition AWS API Documentation
37446
+ #
37447
+ class RuleGroupSourceStatelessRuleDefinition < Struct.new(
37448
+ :actions,
37449
+ :match_attributes)
37450
+ SENSITIVE = []
37451
+ include Aws::Structure
37452
+ end
37453
+
37454
+ # Criteria for the stateless rule.
37455
+ #
37456
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributes
37457
+ # data as a hash:
37458
+ #
37459
+ # {
37460
+ # destination_ports: [
37461
+ # {
37462
+ # from_port: 1,
37463
+ # to_port: 1,
37464
+ # },
37465
+ # ],
37466
+ # destinations: [
37467
+ # {
37468
+ # address_definition: "NonEmptyString",
37469
+ # },
37470
+ # ],
37471
+ # protocols: [1],
37472
+ # source_ports: [
37473
+ # {
37474
+ # from_port: 1,
37475
+ # to_port: 1,
37476
+ # },
37477
+ # ],
37478
+ # sources: [
37479
+ # {
37480
+ # address_definition: "NonEmptyString",
37481
+ # },
37482
+ # ],
37483
+ # tcp_flags: [
37484
+ # {
37485
+ # flags: ["NonEmptyString"],
37486
+ # masks: ["NonEmptyString"],
37487
+ # },
37488
+ # ],
37489
+ # }
37490
+ #
37491
+ # @!attribute [rw] destination_ports
37492
+ # A list of port ranges to specify the destination ports to inspect
37493
+ # for.
37494
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts>]
37495
+ #
37496
+ # @!attribute [rw] destinations
37497
+ # The destination IP addresses and address ranges to inspect for, in
37498
+ # CIDR notation.
37499
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesDestinations>]
37500
+ #
37501
+ # @!attribute [rw] protocols
37502
+ # The protocols to inspect for.
37503
+ # @return [Array<Integer>]
37504
+ #
37505
+ # @!attribute [rw] source_ports
37506
+ # A list of port ranges to specify the source ports to inspect for.
37507
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesSourcePorts>]
37508
+ #
37509
+ # @!attribute [rw] sources
37510
+ # The source IP addresses and address ranges to inspect for, in CIDR
37511
+ # notation.
37512
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesSources>]
37513
+ #
37514
+ # @!attribute [rw] tcp_flags
37515
+ # The TCP flags and masks to inspect for.
37516
+ # @return [Array<Types::RuleGroupSourceStatelessRuleMatchAttributesTcpFlags>]
37517
+ #
37518
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributes AWS API Documentation
37519
+ #
37520
+ class RuleGroupSourceStatelessRuleMatchAttributes < Struct.new(
37521
+ :destination_ports,
37522
+ :destinations,
37523
+ :protocols,
37524
+ :source_ports,
37525
+ :sources,
37526
+ :tcp_flags)
37527
+ SENSITIVE = []
37528
+ include Aws::Structure
37529
+ end
37530
+
37531
+ # A port range to specify the destination ports to inspect for.
37532
+ #
37533
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts
37534
+ # data as a hash:
37535
+ #
37536
+ # {
37537
+ # from_port: 1,
37538
+ # to_port: 1,
37539
+ # }
37540
+ #
37541
+ # @!attribute [rw] from_port
37542
+ # The starting port value for the port range.
37543
+ # @return [Integer]
37544
+ #
37545
+ # @!attribute [rw] to_port
37546
+ # The ending port value for the port range.
37547
+ # @return [Integer]
37548
+ #
37549
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts AWS API Documentation
37550
+ #
37551
+ class RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts < Struct.new(
37552
+ :from_port,
37553
+ :to_port)
37554
+ SENSITIVE = []
37555
+ include Aws::Structure
37556
+ end
37557
+
37558
+ # A destination IP address or range.
37559
+ #
37560
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesDestinations
37561
+ # data as a hash:
37562
+ #
37563
+ # {
37564
+ # address_definition: "NonEmptyString",
37565
+ # }
37566
+ #
37567
+ # @!attribute [rw] address_definition
37568
+ # An IP address or a block of IP addresses.
37569
+ # @return [String]
37570
+ #
37571
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesDestinations AWS API Documentation
37572
+ #
37573
+ class RuleGroupSourceStatelessRuleMatchAttributesDestinations < Struct.new(
37574
+ :address_definition)
37575
+ SENSITIVE = []
37576
+ include Aws::Structure
37577
+ end
37578
+
37579
+ # A port range to specify the source ports to inspect for.
37580
+ #
37581
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesSourcePorts
37582
+ # data as a hash:
37583
+ #
37584
+ # {
37585
+ # from_port: 1,
37586
+ # to_port: 1,
37587
+ # }
37588
+ #
37589
+ # @!attribute [rw] from_port
37590
+ # The starting port value for the port range.
37591
+ # @return [Integer]
37592
+ #
37593
+ # @!attribute [rw] to_port
37594
+ # The ending port value for the port range.
37595
+ # @return [Integer]
37596
+ #
37597
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesSourcePorts AWS API Documentation
37598
+ #
37599
+ class RuleGroupSourceStatelessRuleMatchAttributesSourcePorts < Struct.new(
37600
+ :from_port,
37601
+ :to_port)
37602
+ SENSITIVE = []
37603
+ include Aws::Structure
37604
+ end
37605
+
37606
+ # A source IP addresses and address range to inspect for.
37607
+ #
37608
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesSources
37609
+ # data as a hash:
37610
+ #
37611
+ # {
37612
+ # address_definition: "NonEmptyString",
37613
+ # }
37614
+ #
37615
+ # @!attribute [rw] address_definition
37616
+ # An IP address or a block of IP addresses.
37617
+ # @return [String]
37618
+ #
37619
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesSources AWS API Documentation
37620
+ #
37621
+ class RuleGroupSourceStatelessRuleMatchAttributesSources < Struct.new(
37622
+ :address_definition)
37623
+ SENSITIVE = []
37624
+ include Aws::Structure
37625
+ end
37626
+
37627
+ # A set of TCP flags and masks to inspect for.
37628
+ #
37629
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRuleMatchAttributesTcpFlags
37630
+ # data as a hash:
37631
+ #
37632
+ # {
37633
+ # flags: ["NonEmptyString"],
37634
+ # masks: ["NonEmptyString"],
37635
+ # }
37636
+ #
37637
+ # @!attribute [rw] flags
37638
+ # Defines the flags from the `Masks` setting that must be set in order
37639
+ # for the packet to match. Flags that are listed must be set. Flags
37640
+ # that are not listed must not be set.
37641
+ # @return [Array<String>]
37642
+ #
37643
+ # @!attribute [rw] masks
37644
+ # The set of flags to consider in the inspection. If not specified,
37645
+ # then all flags are inspected.
37646
+ # @return [Array<String>]
37647
+ #
37648
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRuleMatchAttributesTcpFlags AWS API Documentation
37649
+ #
37650
+ class RuleGroupSourceStatelessRuleMatchAttributesTcpFlags < Struct.new(
37651
+ :flags,
37652
+ :masks)
37653
+ SENSITIVE = []
37654
+ include Aws::Structure
37655
+ end
37656
+
37657
+ # Stateless rules and custom actions for a stateless rule group.
37658
+ #
37659
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRulesAndCustomActionsDetails
37660
+ # data as a hash:
37661
+ #
37662
+ # {
37663
+ # custom_actions: [
37664
+ # {
37665
+ # action_definition: {
37666
+ # publish_metric_action: {
37667
+ # dimensions: [
37668
+ # {
37669
+ # value: "NonEmptyString",
37670
+ # },
37671
+ # ],
37672
+ # },
37673
+ # },
37674
+ # action_name: "NonEmptyString",
37675
+ # },
37676
+ # ],
37677
+ # stateless_rules: [
37678
+ # {
37679
+ # priority: 1,
37680
+ # rule_definition: {
37681
+ # actions: ["NonEmptyString"],
37682
+ # match_attributes: {
37683
+ # destination_ports: [
37684
+ # {
37685
+ # from_port: 1,
37686
+ # to_port: 1,
37687
+ # },
37688
+ # ],
37689
+ # destinations: [
37690
+ # {
37691
+ # address_definition: "NonEmptyString",
37692
+ # },
37693
+ # ],
37694
+ # protocols: [1],
37695
+ # source_ports: [
37696
+ # {
37697
+ # from_port: 1,
37698
+ # to_port: 1,
37699
+ # },
37700
+ # ],
37701
+ # sources: [
37702
+ # {
37703
+ # address_definition: "NonEmptyString",
37704
+ # },
37705
+ # ],
37706
+ # tcp_flags: [
37707
+ # {
37708
+ # flags: ["NonEmptyString"],
37709
+ # masks: ["NonEmptyString"],
37710
+ # },
37711
+ # ],
37712
+ # },
37713
+ # },
37714
+ # },
37715
+ # ],
37716
+ # }
37717
+ #
37718
+ # @!attribute [rw] custom_actions
37719
+ # Custom actions for the rule group.
37720
+ # @return [Array<Types::RuleGroupSourceCustomActionsDetails>]
37721
+ #
37722
+ # @!attribute [rw] stateless_rules
37723
+ # Stateless rules for the rule group.
37724
+ # @return [Array<Types::RuleGroupSourceStatelessRulesDetails>]
37725
+ #
37726
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRulesAndCustomActionsDetails AWS API Documentation
37727
+ #
37728
+ class RuleGroupSourceStatelessRulesAndCustomActionsDetails < Struct.new(
37729
+ :custom_actions,
37730
+ :stateless_rules)
37731
+ SENSITIVE = []
37732
+ include Aws::Structure
37733
+ end
37734
+
37735
+ # A stateless rule in the rule group.
37736
+ #
37737
+ # @note When making an API call, you may pass RuleGroupSourceStatelessRulesDetails
37738
+ # data as a hash:
37739
+ #
37740
+ # {
37741
+ # priority: 1,
37742
+ # rule_definition: {
37743
+ # actions: ["NonEmptyString"],
37744
+ # match_attributes: {
37745
+ # destination_ports: [
37746
+ # {
37747
+ # from_port: 1,
37748
+ # to_port: 1,
37749
+ # },
37750
+ # ],
37751
+ # destinations: [
37752
+ # {
37753
+ # address_definition: "NonEmptyString",
37754
+ # },
37755
+ # ],
37756
+ # protocols: [1],
37757
+ # source_ports: [
37758
+ # {
37759
+ # from_port: 1,
37760
+ # to_port: 1,
37761
+ # },
37762
+ # ],
37763
+ # sources: [
37764
+ # {
37765
+ # address_definition: "NonEmptyString",
37766
+ # },
37767
+ # ],
37768
+ # tcp_flags: [
37769
+ # {
37770
+ # flags: ["NonEmptyString"],
37771
+ # masks: ["NonEmptyString"],
37772
+ # },
37773
+ # ],
37774
+ # },
37775
+ # },
37776
+ # }
37777
+ #
37778
+ # @!attribute [rw] priority
37779
+ # Indicates the order in which to run this rule relative to all of the
37780
+ # rules in the stateless rule group.
37781
+ # @return [Integer]
37782
+ #
37783
+ # @!attribute [rw] rule_definition
37784
+ # Provides the definition of the stateless rule.
37785
+ # @return [Types::RuleGroupSourceStatelessRuleDefinition]
37786
+ #
37787
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupSourceStatelessRulesDetails AWS API Documentation
37788
+ #
37789
+ class RuleGroupSourceStatelessRulesDetails < Struct.new(
37790
+ :priority,
37791
+ :rule_definition)
37792
+ SENSITIVE = []
37793
+ include Aws::Structure
37794
+ end
37795
+
37796
+ # Additional settings to use in the specified rules.
37797
+ #
37798
+ # @note When making an API call, you may pass RuleGroupVariables
37799
+ # data as a hash:
37800
+ #
37801
+ # {
37802
+ # ip_sets: {
37803
+ # definition: ["NonEmptyString"],
37804
+ # },
37805
+ # port_sets: {
37806
+ # definition: ["NonEmptyString"],
37807
+ # },
37808
+ # }
37809
+ #
37810
+ # @!attribute [rw] ip_sets
37811
+ # A list of IP addresses and address ranges, in CIDR notation.
37812
+ # @return [Types::RuleGroupVariablesIpSetsDetails]
37813
+ #
37814
+ # @!attribute [rw] port_sets
37815
+ # A list of port ranges.
37816
+ # @return [Types::RuleGroupVariablesPortSetsDetails]
37817
+ #
37818
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariables AWS API Documentation
37819
+ #
37820
+ class RuleGroupVariables < Struct.new(
37821
+ :ip_sets,
37822
+ :port_sets)
37823
+ SENSITIVE = []
37824
+ include Aws::Structure
37825
+ end
37826
+
37827
+ # A list of IP addresses and address ranges, in CIDR notation.
37828
+ #
37829
+ # @note When making an API call, you may pass RuleGroupVariablesIpSetsDetails
37830
+ # data as a hash:
37831
+ #
37832
+ # {
37833
+ # definition: ["NonEmptyString"],
37834
+ # }
37835
+ #
37836
+ # @!attribute [rw] definition
37837
+ # The list of IP addresses and ranges.
37838
+ # @return [Array<String>]
37839
+ #
37840
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariablesIpSetsDetails AWS API Documentation
37841
+ #
37842
+ class RuleGroupVariablesIpSetsDetails < Struct.new(
37843
+ :definition)
37844
+ SENSITIVE = []
37845
+ include Aws::Structure
37846
+ end
37847
+
37848
+ # A list of port ranges.
37849
+ #
37850
+ # @note When making an API call, you may pass RuleGroupVariablesPortSetsDetails
37851
+ # data as a hash:
37852
+ #
37853
+ # {
37854
+ # definition: ["NonEmptyString"],
37855
+ # }
37856
+ #
37857
+ # @!attribute [rw] definition
37858
+ # The list of port ranges.
37859
+ # @return [Array<String>]
37860
+ #
37861
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RuleGroupVariablesPortSetsDetails AWS API Documentation
37862
+ #
37863
+ class RuleGroupVariablesPortSetsDetails < Struct.new(
37864
+ :definition)
37865
+ SENSITIVE = []
37866
+ include Aws::Structure
37867
+ end
37868
+
35256
37869
  # The list of detected instances of sensitive data.
35257
37870
  #
35258
37871
  # @note When making an API call, you may pass SensitiveDataDetections
@@ -35761,6 +38374,21 @@ module Aws::SecurityHub
35761
38374
  include Aws::Structure
35762
38375
  end
35763
38376
 
38377
+ # The reason for the current status of a standard subscription.
38378
+ #
38379
+ # @!attribute [rw] status_reason_code
38380
+ # The reason code that represents the reason for the current status of
38381
+ # a standard subscription.
38382
+ # @return [String]
38383
+ #
38384
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsStatusReason AWS API Documentation
38385
+ #
38386
+ class StandardsStatusReason < Struct.new(
38387
+ :status_reason_code)
38388
+ SENSITIVE = []
38389
+ include Aws::Structure
38390
+ end
38391
+
35764
38392
  # A resource that represents your subscription to a supported standard.
35765
38393
  #
35766
38394
  # @!attribute [rw] standards_subscription_arn
@@ -35793,13 +38421,18 @@ module Aws::SecurityHub
35793
38421
  # * `FAILED` - Standard could not be disabled.
35794
38422
  # @return [String]
35795
38423
  #
38424
+ # @!attribute [rw] standards_status_reason
38425
+ # The reason for the current status.
38426
+ # @return [Types::StandardsStatusReason]
38427
+ #
35796
38428
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsSubscription AWS API Documentation
35797
38429
  #
35798
38430
  class StandardsSubscription < Struct.new(
35799
38431
  :standards_subscription_arn,
35800
38432
  :standards_arn,
35801
38433
  :standards_input,
35802
- :standards_status)
38434
+ :standards_status,
38435
+ :standards_status_reason)
35803
38436
  SENSITIVE = []
35804
38437
  include Aws::Structure
35805
38438
  end
@@ -35835,6 +38468,80 @@ module Aws::SecurityHub
35835
38468
  include Aws::Structure
35836
38469
  end
35837
38470
 
38471
+ # The definition of a custom action that can be used for stateless
38472
+ # packet handling.
38473
+ #
38474
+ # @note When making an API call, you may pass StatelessCustomActionDefinition
38475
+ # data as a hash:
38476
+ #
38477
+ # {
38478
+ # publish_metric_action: {
38479
+ # dimensions: [
38480
+ # {
38481
+ # value: "NonEmptyString",
38482
+ # },
38483
+ # ],
38484
+ # },
38485
+ # }
38486
+ #
38487
+ # @!attribute [rw] publish_metric_action
38488
+ # Information about metrics to publish to CloudWatch.
38489
+ # @return [Types::StatelessCustomPublishMetricAction]
38490
+ #
38491
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomActionDefinition AWS API Documentation
38492
+ #
38493
+ class StatelessCustomActionDefinition < Struct.new(
38494
+ :publish_metric_action)
38495
+ SENSITIVE = []
38496
+ include Aws::Structure
38497
+ end
38498
+
38499
+ # Information about metrics to publish to CloudWatch.
38500
+ #
38501
+ # @note When making an API call, you may pass StatelessCustomPublishMetricAction
38502
+ # data as a hash:
38503
+ #
38504
+ # {
38505
+ # dimensions: [
38506
+ # {
38507
+ # value: "NonEmptyString",
38508
+ # },
38509
+ # ],
38510
+ # }
38511
+ #
38512
+ # @!attribute [rw] dimensions
38513
+ # Defines CloudWatch dimension values to publish.
38514
+ # @return [Array<Types::StatelessCustomPublishMetricActionDimension>]
38515
+ #
38516
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomPublishMetricAction AWS API Documentation
38517
+ #
38518
+ class StatelessCustomPublishMetricAction < Struct.new(
38519
+ :dimensions)
38520
+ SENSITIVE = []
38521
+ include Aws::Structure
38522
+ end
38523
+
38524
+ # Defines a CloudWatch dimension value to publish.
38525
+ #
38526
+ # @note When making an API call, you may pass StatelessCustomPublishMetricActionDimension
38527
+ # data as a hash:
38528
+ #
38529
+ # {
38530
+ # value: "NonEmptyString",
38531
+ # }
38532
+ #
38533
+ # @!attribute [rw] value
38534
+ # The value to use for the custom metric dimension.
38535
+ # @return [String]
38536
+ #
38537
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StatelessCustomPublishMetricActionDimension AWS API Documentation
38538
+ #
38539
+ class StatelessCustomPublishMetricActionDimension < Struct.new(
38540
+ :value)
38541
+ SENSITIVE = []
38542
+ include Aws::Structure
38543
+ end
38544
+
35838
38545
  # Provides additional context for the value of `Compliance.Status`.
35839
38546
  #
35840
38547
  # @note When making an API call, you may pass StatusReason
@@ -36834,6 +39541,11 @@ module Aws::SecurityHub
36834
39541
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
36835
39542
  # },
36836
39543
  # ],
39544
+ # sample: [
39545
+ # {
39546
+ # value: false,
39547
+ # },
39548
+ # ],
36837
39549
  # },
36838
39550
  # note: {
36839
39551
  # text: "NonEmptyString", # required
@@ -37491,6 +40203,11 @@ module Aws::SecurityHub
37491
40203
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
37492
40204
  # },
37493
40205
  # ],
40206
+ # sample: [
40207
+ # {
40208
+ # value: false,
40209
+ # },
40210
+ # ],
37494
40211
  # },
37495
40212
  # group_by_attribute: "NonEmptyString",
37496
40213
  # }