aws-sdk-securityhub 1.62.0 → 1.65.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +15 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +129 -10
  5. data/lib/aws-sdk-securityhub/client_api.rb +60 -0
  6. data/lib/aws-sdk-securityhub/types.rb +607 -39
  7. data/lib/aws-sdk-securityhub.rb +1 -1
  8. metadata +2 -2
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -1474,6 +1474,12 @@ module Aws::SecurityHub
1474
1474
  # value: "NonEmptyString",
1475
1475
  # },
1476
1476
  # ],
1477
+ # launch_template: {
1478
+ # launch_template_id: "NonEmptyString",
1479
+ # launch_template_name: "NonEmptyString",
1480
+ # version: "NonEmptyString",
1481
+ # },
1482
+ # capacity_rebalance: false,
1477
1483
  # }
1478
1484
  #
1479
1485
  # @!attribute [rw] launch_configuration_name
@@ -1514,6 +1520,14 @@ module Aws::SecurityHub
1514
1520
  # The list of Availability Zones for the automatic scaling group.
1515
1521
  # @return [Array<Types::AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails>]
1516
1522
  #
1523
+ # @!attribute [rw] launch_template
1524
+ # The launch template to use.
1525
+ # @return [Types::AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification]
1526
+ #
1527
+ # @!attribute [rw] capacity_rebalance
1528
+ # Indicates whether capacity rebalancing is enabled.
1529
+ # @return [Boolean]
1530
+ #
1517
1531
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupDetails AWS API Documentation
1518
1532
  #
1519
1533
  class AwsAutoScalingAutoScalingGroupDetails < Struct.new(
@@ -1523,7 +1537,45 @@ module Aws::SecurityHub
1523
1537
  :health_check_grace_period,
1524
1538
  :created_time,
1525
1539
  :mixed_instances_policy,
1526
- :availability_zones)
1540
+ :availability_zones,
1541
+ :launch_template,
1542
+ :capacity_rebalance)
1543
+ SENSITIVE = []
1544
+ include Aws::Structure
1545
+ end
1546
+
1547
+ # Details about the launch template to use.
1548
+ #
1549
+ # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification
1550
+ # data as a hash:
1551
+ #
1552
+ # {
1553
+ # launch_template_id: "NonEmptyString",
1554
+ # launch_template_name: "NonEmptyString",
1555
+ # version: "NonEmptyString",
1556
+ # }
1557
+ #
1558
+ # @!attribute [rw] launch_template_id
1559
+ # The identifier of the launch template. You must specify either
1560
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1561
+ # @return [String]
1562
+ #
1563
+ # @!attribute [rw] launch_template_name
1564
+ # The name of the launch template. You must specify either
1565
+ # `LaunchTemplateId` or `LaunchTemplateName`.
1566
+ # @return [String]
1567
+ #
1568
+ # @!attribute [rw] version
1569
+ # Identifies the version of the launch template. You can specify a
1570
+ # version identifier, or use the values `$Latest` or `$Default`.
1571
+ # @return [String]
1572
+ #
1573
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification AWS API Documentation
1574
+ #
1575
+ class AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification < Struct.new(
1576
+ :launch_template_id,
1577
+ :launch_template_name,
1578
+ :version)
1527
1579
  SENSITIVE = []
1528
1580
  include Aws::Structure
1529
1581
  end
@@ -1654,7 +1706,7 @@ module Aws::SecurityHub
1654
1706
  # }
1655
1707
  #
1656
1708
  # @!attribute [rw] launch_template_specification
1657
- # The launch template to use.
1709
+ # The launch template to use for a mixed instances policy.
1658
1710
  # @return [Types::AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification]
1659
1711
  #
1660
1712
  # @!attribute [rw] overrides
@@ -1671,7 +1723,7 @@ module Aws::SecurityHub
1671
1723
  include Aws::Structure
1672
1724
  end
1673
1725
 
1674
- # Details about the launch template to use.
1726
+ # Details about the launch template to use for a mixed instances policy.
1675
1727
  #
1676
1728
  # @note When making an API call, you may pass AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification
1677
1729
  # data as a hash:
@@ -3424,6 +3476,19 @@ module Aws::SecurityHub
3424
3476
  # subnets: ["NonEmptyString"],
3425
3477
  # security_group_ids: ["NonEmptyString"],
3426
3478
  # },
3479
+ # secondary_artifacts: [
3480
+ # {
3481
+ # artifact_identifier: "NonEmptyString",
3482
+ # encryption_disabled: false,
3483
+ # location: "NonEmptyString",
3484
+ # name: "NonEmptyString",
3485
+ # namespace_type: "NonEmptyString",
3486
+ # override_artifact_name: false,
3487
+ # packaging: "NonEmptyString",
3488
+ # path: "NonEmptyString",
3489
+ # type: "NonEmptyString",
3490
+ # },
3491
+ # ],
3427
3492
  # }
3428
3493
  #
3429
3494
  # @!attribute [rw] encryption_key
@@ -3464,6 +3529,10 @@ module Aws::SecurityHub
3464
3529
  # Information about the VPC configuration that CodeBuild accesses.
3465
3530
  # @return [Types::AwsCodeBuildProjectVpcConfig]
3466
3531
  #
3532
+ # @!attribute [rw] secondary_artifacts
3533
+ # Information about the secondary artifacts for the CodeBuild project.
3534
+ # @return [Array<Types::AwsCodeBuildProjectArtifactsDetails>]
3535
+ #
3467
3536
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsCodeBuildProjectDetails AWS API Documentation
3468
3537
  #
3469
3538
  class AwsCodeBuildProjectDetails < Struct.new(
@@ -3474,7 +3543,8 @@ module Aws::SecurityHub
3474
3543
  :source,
3475
3544
  :service_role,
3476
3545
  :logs_config,
3477
- :vpc_config)
3546
+ :vpc_config,
3547
+ :secondary_artifacts)
3478
3548
  SENSITIVE = []
3479
3549
  include Aws::Structure
3480
3550
  end
@@ -10211,6 +10281,34 @@ module Aws::SecurityHub
10211
10281
  include Aws::Structure
10212
10282
  end
10213
10283
 
10284
+ # Provides information about additional attributes for the load
10285
+ # balancer.
10286
+ #
10287
+ # @note When making an API call, you may pass AwsElbLoadBalancerAdditionalAttribute
10288
+ # data as a hash:
10289
+ #
10290
+ # {
10291
+ # key: "NonEmptyString",
10292
+ # value: "NonEmptyString",
10293
+ # }
10294
+ #
10295
+ # @!attribute [rw] key
10296
+ # The name of the attribute.
10297
+ # @return [String]
10298
+ #
10299
+ # @!attribute [rw] value
10300
+ # The value of the attribute.
10301
+ # @return [String]
10302
+ #
10303
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbLoadBalancerAdditionalAttribute AWS API Documentation
10304
+ #
10305
+ class AwsElbLoadBalancerAdditionalAttribute < Struct.new(
10306
+ :key,
10307
+ :value)
10308
+ SENSITIVE = []
10309
+ include Aws::Structure
10310
+ end
10311
+
10214
10312
  # Contains attributes for the load balancer.
10215
10313
  #
10216
10314
  # @note When making an API call, you may pass AwsElbLoadBalancerAttributes
@@ -10233,6 +10331,12 @@ module Aws::SecurityHub
10233
10331
  # cross_zone_load_balancing: {
10234
10332
  # enabled: false,
10235
10333
  # },
10334
+ # additional_attributes: [
10335
+ # {
10336
+ # key: "NonEmptyString",
10337
+ # value: "NonEmptyString",
10338
+ # },
10339
+ # ],
10236
10340
  # }
10237
10341
  #
10238
10342
  # @!attribute [rw] access_log
@@ -10269,13 +10373,18 @@ module Aws::SecurityHub
10269
10373
  # Availability Zones.
10270
10374
  # @return [Types::AwsElbLoadBalancerCrossZoneLoadBalancing]
10271
10375
  #
10376
+ # @!attribute [rw] additional_attributes
10377
+ # Any additional attributes for a load balancer.
10378
+ # @return [Array<Types::AwsElbLoadBalancerAdditionalAttribute>]
10379
+ #
10272
10380
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbLoadBalancerAttributes AWS API Documentation
10273
10381
  #
10274
10382
  class AwsElbLoadBalancerAttributes < Struct.new(
10275
10383
  :access_log,
10276
10384
  :connection_draining,
10277
10385
  :connection_settings,
10278
- :cross_zone_load_balancing)
10386
+ :cross_zone_load_balancing,
10387
+ :additional_attributes)
10279
10388
  SENSITIVE = []
10280
10389
  include Aws::Structure
10281
10390
  end
@@ -10440,6 +10549,12 @@ module Aws::SecurityHub
10440
10549
  # cross_zone_load_balancing: {
10441
10550
  # enabled: false,
10442
10551
  # },
10552
+ # additional_attributes: [
10553
+ # {
10554
+ # key: "NonEmptyString",
10555
+ # value: "NonEmptyString",
10556
+ # },
10557
+ # ],
10443
10558
  # },
10444
10559
  # load_balancer_name: "NonEmptyString",
10445
10560
  # policies: {
@@ -14602,6 +14717,143 @@ module Aws::SecurityHub
14602
14717
  include Aws::Structure
14603
14718
  end
14604
14719
 
14720
+ # Provides information about an Amazon RDS DB security group.
14721
+ #
14722
+ # @note When making an API call, you may pass AwsRdsDbSecurityGroupDetails
14723
+ # data as a hash:
14724
+ #
14725
+ # {
14726
+ # db_security_group_arn: "NonEmptyString",
14727
+ # db_security_group_description: "NonEmptyString",
14728
+ # db_security_group_name: "NonEmptyString",
14729
+ # ec2_security_groups: [
14730
+ # {
14731
+ # ec2_security_group_id: "NonEmptyString",
14732
+ # ec2_security_group_name: "NonEmptyString",
14733
+ # ec2_security_group_owner_id: "NonEmptyString",
14734
+ # status: "NonEmptyString",
14735
+ # },
14736
+ # ],
14737
+ # ip_ranges: [
14738
+ # {
14739
+ # cidr_ip: "NonEmptyString",
14740
+ # status: "NonEmptyString",
14741
+ # },
14742
+ # ],
14743
+ # owner_id: "NonEmptyString",
14744
+ # vpc_id: "NonEmptyString",
14745
+ # }
14746
+ #
14747
+ # @!attribute [rw] db_security_group_arn
14748
+ # The ARN for the DB security group.
14749
+ # @return [String]
14750
+ #
14751
+ # @!attribute [rw] db_security_group_description
14752
+ # Provides the description of the DB security group.
14753
+ # @return [String]
14754
+ #
14755
+ # @!attribute [rw] db_security_group_name
14756
+ # Specifies the name of the DB security group.
14757
+ # @return [String]
14758
+ #
14759
+ # @!attribute [rw] ec2_security_groups
14760
+ # Contains a list of EC2 security groups.
14761
+ # @return [Array<Types::AwsRdsDbSecurityGroupEc2SecurityGroup>]
14762
+ #
14763
+ # @!attribute [rw] ip_ranges
14764
+ # Contains a list of IP ranges.
14765
+ # @return [Array<Types::AwsRdsDbSecurityGroupIpRange>]
14766
+ #
14767
+ # @!attribute [rw] owner_id
14768
+ # Provides the Amazon Web Services ID of the owner of a specific DB
14769
+ # security group.
14770
+ # @return [String]
14771
+ #
14772
+ # @!attribute [rw] vpc_id
14773
+ # Provides VPC ID associated with the DB security group.
14774
+ # @return [String]
14775
+ #
14776
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSecurityGroupDetails AWS API Documentation
14777
+ #
14778
+ class AwsRdsDbSecurityGroupDetails < Struct.new(
14779
+ :db_security_group_arn,
14780
+ :db_security_group_description,
14781
+ :db_security_group_name,
14782
+ :ec2_security_groups,
14783
+ :ip_ranges,
14784
+ :owner_id,
14785
+ :vpc_id)
14786
+ SENSITIVE = []
14787
+ include Aws::Structure
14788
+ end
14789
+
14790
+ # EC2 security group information for an RDS DB security group.
14791
+ #
14792
+ # @note When making an API call, you may pass AwsRdsDbSecurityGroupEc2SecurityGroup
14793
+ # data as a hash:
14794
+ #
14795
+ # {
14796
+ # ec2_security_group_id: "NonEmptyString",
14797
+ # ec2_security_group_name: "NonEmptyString",
14798
+ # ec2_security_group_owner_id: "NonEmptyString",
14799
+ # status: "NonEmptyString",
14800
+ # }
14801
+ #
14802
+ # @!attribute [rw] ec2_security_group_id
14803
+ # Specifies the ID for the EC2 security group.
14804
+ # @return [String]
14805
+ #
14806
+ # @!attribute [rw] ec2_security_group_name
14807
+ # Specifies the name of the EC2 security group.
14808
+ # @return [String]
14809
+ #
14810
+ # @!attribute [rw] ec2_security_group_owner_id
14811
+ # Provides the Amazon Web Services ID of the owner of the EC2 security
14812
+ # group.
14813
+ # @return [String]
14814
+ #
14815
+ # @!attribute [rw] status
14816
+ # Provides the status of the EC2 security group.
14817
+ # @return [String]
14818
+ #
14819
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSecurityGroupEc2SecurityGroup AWS API Documentation
14820
+ #
14821
+ class AwsRdsDbSecurityGroupEc2SecurityGroup < Struct.new(
14822
+ :ec2_security_group_id,
14823
+ :ec2_security_group_name,
14824
+ :ec2_security_group_owner_id,
14825
+ :status)
14826
+ SENSITIVE = []
14827
+ include Aws::Structure
14828
+ end
14829
+
14830
+ # IP range information for an RDS DB security group.
14831
+ #
14832
+ # @note When making an API call, you may pass AwsRdsDbSecurityGroupIpRange
14833
+ # data as a hash:
14834
+ #
14835
+ # {
14836
+ # cidr_ip: "NonEmptyString",
14837
+ # status: "NonEmptyString",
14838
+ # }
14839
+ #
14840
+ # @!attribute [rw] cidr_ip
14841
+ # Specifies the IP range.
14842
+ # @return [String]
14843
+ #
14844
+ # @!attribute [rw] status
14845
+ # Specifies the status of the IP range.
14846
+ # @return [String]
14847
+ #
14848
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbSecurityGroupIpRange AWS API Documentation
14849
+ #
14850
+ class AwsRdsDbSecurityGroupIpRange < Struct.new(
14851
+ :cidr_ip,
14852
+ :status)
14853
+ SENSITIVE = []
14854
+ include Aws::Structure
14855
+ end
14856
+
14605
14857
  # Provides details about an Amazon RDS DB cluster snapshot.
14606
14858
  #
14607
14859
  # @note When making an API call, you may pass AwsRdsDbSnapshotDetails
@@ -15432,6 +15684,14 @@ module Aws::SecurityHub
15432
15684
  # vpc_security_group_id: "NonEmptyString",
15433
15685
  # },
15434
15686
  # ],
15687
+ # logging_status: {
15688
+ # bucket_name: "NonEmptyString",
15689
+ # last_failure_message: "NonEmptyString",
15690
+ # last_failure_time: "NonEmptyString",
15691
+ # last_successful_delivery_time: "NonEmptyString",
15692
+ # logging_enabled: false,
15693
+ # s3_key_prefix: "NonEmptyString",
15694
+ # },
15435
15695
  # }
15436
15696
  #
15437
15697
  # @!attribute [rw] allow_version_upgrade
@@ -15694,6 +15954,10 @@ module Aws::SecurityHub
15694
15954
  # cluster is in a VPC.
15695
15955
  # @return [Array<Types::AwsRedshiftClusterVpcSecurityGroup>]
15696
15956
  #
15957
+ # @!attribute [rw] logging_status
15958
+ # Information about the logging status of the cluster.
15959
+ # @return [Types::AwsRedshiftClusterLoggingStatus]
15960
+ #
15697
15961
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRedshiftClusterDetails AWS API Documentation
15698
15962
  #
15699
15963
  class AwsRedshiftClusterDetails < Struct.new(
@@ -15739,7 +16003,8 @@ module Aws::SecurityHub
15739
16003
  :snapshot_schedule_identifier,
15740
16004
  :snapshot_schedule_state,
15741
16005
  :vpc_id,
15742
- :vpc_security_groups)
16006
+ :vpc_security_groups,
16007
+ :logging_status)
15743
16008
  SENSITIVE = []
15744
16009
  include Aws::Structure
15745
16010
  end
@@ -15873,6 +16138,73 @@ module Aws::SecurityHub
15873
16138
  include Aws::Structure
15874
16139
  end
15875
16140
 
16141
+ # Provides information about the logging status of the cluster.
16142
+ #
16143
+ # @note When making an API call, you may pass AwsRedshiftClusterLoggingStatus
16144
+ # data as a hash:
16145
+ #
16146
+ # {
16147
+ # bucket_name: "NonEmptyString",
16148
+ # last_failure_message: "NonEmptyString",
16149
+ # last_failure_time: "NonEmptyString",
16150
+ # last_successful_delivery_time: "NonEmptyString",
16151
+ # logging_enabled: false,
16152
+ # s3_key_prefix: "NonEmptyString",
16153
+ # }
16154
+ #
16155
+ # @!attribute [rw] bucket_name
16156
+ # The name of the S3 bucket where the log files are stored.
16157
+ # @return [String]
16158
+ #
16159
+ # @!attribute [rw] last_failure_message
16160
+ # The message indicating that the logs failed to be delivered.
16161
+ # @return [String]
16162
+ #
16163
+ # @!attribute [rw] last_failure_time
16164
+ # The last time when logs failed to be delivered.
16165
+ #
16166
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
16167
+ # Internet Date/Time Format][1]. The value cannot contain spaces. For
16168
+ # example, `2020-03-22T13:22:13.933Z`.
16169
+ #
16170
+ #
16171
+ #
16172
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
16173
+ # @return [String]
16174
+ #
16175
+ # @!attribute [rw] last_successful_delivery_time
16176
+ # The last time that logs were delivered successfully.
16177
+ #
16178
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
16179
+ # Internet Date/Time Format][1]. The value cannot contain spaces. For
16180
+ # example, `2020-03-22T13:22:13.933Z`.
16181
+ #
16182
+ #
16183
+ #
16184
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
16185
+ # @return [String]
16186
+ #
16187
+ # @!attribute [rw] logging_enabled
16188
+ # Indicates whether logging is enabled.
16189
+ # @return [Boolean]
16190
+ #
16191
+ # @!attribute [rw] s3_key_prefix
16192
+ # Provides the prefix applied to the log file names.
16193
+ # @return [String]
16194
+ #
16195
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRedshiftClusterLoggingStatus AWS API Documentation
16196
+ #
16197
+ class AwsRedshiftClusterLoggingStatus < Struct.new(
16198
+ :bucket_name,
16199
+ :last_failure_message,
16200
+ :last_failure_time,
16201
+ :last_successful_delivery_time,
16202
+ :logging_enabled,
16203
+ :s3_key_prefix)
16204
+ SENSITIVE = []
16205
+ include Aws::Structure
16206
+ end
16207
+
15876
16208
  # Changes to the Amazon Redshift cluster that are currently pending.
15877
16209
  #
15878
16210
  # @note When making an API call, you may pass AwsRedshiftClusterPendingModifiedValues
@@ -17791,6 +18123,12 @@ module Aws::SecurityHub
17791
18123
  # value: "NonEmptyString",
17792
18124
  # },
17793
18125
  # ],
18126
+ # launch_template: {
18127
+ # launch_template_id: "NonEmptyString",
18128
+ # launch_template_name: "NonEmptyString",
18129
+ # version: "NonEmptyString",
18130
+ # },
18131
+ # capacity_rebalance: false,
17794
18132
  # },
17795
18133
  # aws_code_build_project: {
17796
18134
  # encryption_key: "NonEmptyString",
@@ -17849,6 +18187,19 @@ module Aws::SecurityHub
17849
18187
  # subnets: ["NonEmptyString"],
17850
18188
  # security_group_ids: ["NonEmptyString"],
17851
18189
  # },
18190
+ # secondary_artifacts: [
18191
+ # {
18192
+ # artifact_identifier: "NonEmptyString",
18193
+ # encryption_disabled: false,
18194
+ # location: "NonEmptyString",
18195
+ # name: "NonEmptyString",
18196
+ # namespace_type: "NonEmptyString",
18197
+ # override_artifact_name: false,
18198
+ # packaging: "NonEmptyString",
18199
+ # path: "NonEmptyString",
18200
+ # type: "NonEmptyString",
18201
+ # },
18202
+ # ],
17852
18203
  # },
17853
18204
  # aws_cloud_front_distribution: {
17854
18205
  # cache_behaviors: {
@@ -18905,6 +19256,14 @@ module Aws::SecurityHub
18905
19256
  # vpc_security_group_id: "NonEmptyString",
18906
19257
  # },
18907
19258
  # ],
19259
+ # logging_status: {
19260
+ # bucket_name: "NonEmptyString",
19261
+ # last_failure_message: "NonEmptyString",
19262
+ # last_failure_time: "NonEmptyString",
19263
+ # last_successful_delivery_time: "NonEmptyString",
19264
+ # logging_enabled: false,
19265
+ # s3_key_prefix: "NonEmptyString",
19266
+ # },
18908
19267
  # },
18909
19268
  # aws_elb_load_balancer: {
18910
19269
  # availability_zones: ["NonEmptyString"],
@@ -18959,6 +19318,12 @@ module Aws::SecurityHub
18959
19318
  # cross_zone_load_balancing: {
18960
19319
  # enabled: false,
18961
19320
  # },
19321
+ # additional_attributes: [
19322
+ # {
19323
+ # key: "NonEmptyString",
19324
+ # value: "NonEmptyString",
19325
+ # },
19326
+ # ],
18962
19327
  # },
18963
19328
  # load_balancer_name: "NonEmptyString",
18964
19329
  # policies: {
@@ -20144,6 +20509,27 @@ module Aws::SecurityHub
20144
20509
  # rule_group_name: "NonEmptyString",
20145
20510
  # type: "NonEmptyString",
20146
20511
  # },
20512
+ # aws_rds_db_security_group: {
20513
+ # db_security_group_arn: "NonEmptyString",
20514
+ # db_security_group_description: "NonEmptyString",
20515
+ # db_security_group_name: "NonEmptyString",
20516
+ # ec2_security_groups: [
20517
+ # {
20518
+ # ec2_security_group_id: "NonEmptyString",
20519
+ # ec2_security_group_name: "NonEmptyString",
20520
+ # ec2_security_group_owner_id: "NonEmptyString",
20521
+ # status: "NonEmptyString",
20522
+ # },
20523
+ # ],
20524
+ # ip_ranges: [
20525
+ # {
20526
+ # cidr_ip: "NonEmptyString",
20527
+ # status: "NonEmptyString",
20528
+ # },
20529
+ # ],
20530
+ # owner_id: "NonEmptyString",
20531
+ # vpc_id: "NonEmptyString",
20532
+ # },
20147
20533
  # },
20148
20534
  # },
20149
20535
  # ],
@@ -20371,36 +20757,24 @@ module Aws::SecurityHub
20371
20757
  # The name of the product that generated the finding.
20372
20758
  #
20373
20759
  # Security Hub populates this attribute automatically for each
20374
- # finding. You cannot update it using `BatchImportFindings` or
20375
- # `BatchUpdateFindings`. The exception to this is when you use a
20376
- # custom integration.
20377
- #
20378
- # When you use the Security Hub console to filter findings by product
20379
- # name, you use this attribute.
20380
- #
20381
- # When you use the Security Hub API to filter findings by product
20382
- # name, you use the `aws/securityhub/ProductName` attribute under
20383
- # `ProductFields`.
20760
+ # finding. You cannot update this attribute with `BatchImportFindings`
20761
+ # or `BatchUpdateFindings`. The exception to this is a custom
20762
+ # integration.
20384
20763
  #
20385
- # Security Hub does not synchronize those two attributes.
20764
+ # When you use the Security Hub console or API to filter findings by
20765
+ # product name, you use this attribute.
20386
20766
  # @return [String]
20387
20767
  #
20388
20768
  # @!attribute [rw] company_name
20389
20769
  # The name of the company for the product that generated the finding.
20390
20770
  #
20391
20771
  # Security Hub populates this attribute automatically for each
20392
- # finding. You cannot be updated using `BatchImportFindings` or
20393
- # `BatchUpdateFindings`. The exception to this is when you use a
20394
- # custom integration.
20395
- #
20396
- # When you use the Security Hub console to filter findings by company
20397
- # name, you use this attribute.
20398
- #
20399
- # When you use the Security Hub API to filter findings by company
20400
- # name, you use the `aws/securityhub/CompanyName` attribute under
20401
- # `ProductFields`.
20772
+ # finding. You cannot update this attribute with `BatchImportFindings`
20773
+ # or `BatchUpdateFindings`. The exception to this is a custom
20774
+ # integration.
20402
20775
  #
20403
- # Security Hub does not synchronize those two attributes.
20776
+ # When you use the Security Hub console or API to filter findings by
20777
+ # company name, you use this attribute.
20404
20778
  # @return [String]
20405
20779
  #
20406
20780
  # @!attribute [rw] region
@@ -21419,19 +21793,11 @@ module Aws::SecurityHub
21419
21793
  #
21420
21794
  # @!attribute [rw] product_name
21421
21795
  # The name of the solution (product) that generates findings.
21422
- #
21423
- # Note that this is a filter against the `aws/securityhub/ProductName`
21424
- # field in `ProductFields`. It is not a filter for the top-level
21425
- # `ProductName` field.
21426
21796
  # @return [Array<Types::StringFilter>]
21427
21797
  #
21428
21798
  # @!attribute [rw] company_name
21429
21799
  # The name of the findings provider (company) that owns the solution
21430
21800
  # (product) that generates findings.
21431
- #
21432
- # Note that this is a filter against the `aws/securityhub/CompanyName`
21433
- # field in `ProductFields`. It is not a filter for the top-level
21434
- # `CompanyName` field.
21435
21801
  # @return [Array<Types::StringFilter>]
21436
21802
  #
21437
21803
  # @!attribute [rw] user_defined_fields
@@ -23046,6 +23412,12 @@ module Aws::SecurityHub
23046
23412
  # value: "NonEmptyString",
23047
23413
  # },
23048
23414
  # ],
23415
+ # launch_template: {
23416
+ # launch_template_id: "NonEmptyString",
23417
+ # launch_template_name: "NonEmptyString",
23418
+ # version: "NonEmptyString",
23419
+ # },
23420
+ # capacity_rebalance: false,
23049
23421
  # },
23050
23422
  # aws_code_build_project: {
23051
23423
  # encryption_key: "NonEmptyString",
@@ -23104,6 +23476,19 @@ module Aws::SecurityHub
23104
23476
  # subnets: ["NonEmptyString"],
23105
23477
  # security_group_ids: ["NonEmptyString"],
23106
23478
  # },
23479
+ # secondary_artifacts: [
23480
+ # {
23481
+ # artifact_identifier: "NonEmptyString",
23482
+ # encryption_disabled: false,
23483
+ # location: "NonEmptyString",
23484
+ # name: "NonEmptyString",
23485
+ # namespace_type: "NonEmptyString",
23486
+ # override_artifact_name: false,
23487
+ # packaging: "NonEmptyString",
23488
+ # path: "NonEmptyString",
23489
+ # type: "NonEmptyString",
23490
+ # },
23491
+ # ],
23107
23492
  # },
23108
23493
  # aws_cloud_front_distribution: {
23109
23494
  # cache_behaviors: {
@@ -24160,6 +24545,14 @@ module Aws::SecurityHub
24160
24545
  # vpc_security_group_id: "NonEmptyString",
24161
24546
  # },
24162
24547
  # ],
24548
+ # logging_status: {
24549
+ # bucket_name: "NonEmptyString",
24550
+ # last_failure_message: "NonEmptyString",
24551
+ # last_failure_time: "NonEmptyString",
24552
+ # last_successful_delivery_time: "NonEmptyString",
24553
+ # logging_enabled: false,
24554
+ # s3_key_prefix: "NonEmptyString",
24555
+ # },
24163
24556
  # },
24164
24557
  # aws_elb_load_balancer: {
24165
24558
  # availability_zones: ["NonEmptyString"],
@@ -24214,6 +24607,12 @@ module Aws::SecurityHub
24214
24607
  # cross_zone_load_balancing: {
24215
24608
  # enabled: false,
24216
24609
  # },
24610
+ # additional_attributes: [
24611
+ # {
24612
+ # key: "NonEmptyString",
24613
+ # value: "NonEmptyString",
24614
+ # },
24615
+ # ],
24217
24616
  # },
24218
24617
  # load_balancer_name: "NonEmptyString",
24219
24618
  # policies: {
@@ -25399,6 +25798,27 @@ module Aws::SecurityHub
25399
25798
  # rule_group_name: "NonEmptyString",
25400
25799
  # type: "NonEmptyString",
25401
25800
  # },
25801
+ # aws_rds_db_security_group: {
25802
+ # db_security_group_arn: "NonEmptyString",
25803
+ # db_security_group_description: "NonEmptyString",
25804
+ # db_security_group_name: "NonEmptyString",
25805
+ # ec2_security_groups: [
25806
+ # {
25807
+ # ec2_security_group_id: "NonEmptyString",
25808
+ # ec2_security_group_name: "NonEmptyString",
25809
+ # ec2_security_group_owner_id: "NonEmptyString",
25810
+ # status: "NonEmptyString",
25811
+ # },
25812
+ # ],
25813
+ # ip_ranges: [
25814
+ # {
25815
+ # cidr_ip: "NonEmptyString",
25816
+ # status: "NonEmptyString",
25817
+ # },
25818
+ # ],
25819
+ # owner_id: "NonEmptyString",
25820
+ # vpc_id: "NonEmptyString",
25821
+ # },
25402
25822
  # },
25403
25823
  # },
25404
25824
  # ],
@@ -27856,11 +28276,28 @@ module Aws::SecurityHub
27856
28276
  # associated with the Security Hub administrator account.
27857
28277
  # @return [Boolean]
27858
28278
  #
28279
+ # @!attribute [rw] auto_enable_standards
28280
+ # Whether to automatically enable Security Hub [default standards][1]
28281
+ # for new member accounts in the organization.
28282
+ #
28283
+ # The default value of this parameter is equal to `DEFAULT`.
28284
+ #
28285
+ # If equal to `DEFAULT`, then Security Hub default standards are
28286
+ # automatically enabled for new member accounts. If equal to `NONE`,
28287
+ # then default standards are not automatically enabled for new member
28288
+ # accounts.
28289
+ #
28290
+ #
28291
+ #
28292
+ # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html
28293
+ # @return [String]
28294
+ #
27859
28295
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
27860
28296
  #
27861
28297
  class DescribeOrganizationConfigurationResponse < Struct.new(
27862
28298
  :auto_enable,
27863
- :member_account_limit_reached)
28299
+ :member_account_limit_reached,
28300
+ :auto_enable_standards)
27864
28301
  SENSITIVE = []
27865
28302
  include Aws::Structure
27866
28303
  end
@@ -31733,6 +32170,12 @@ module Aws::SecurityHub
31733
32170
  # value: "NonEmptyString",
31734
32171
  # },
31735
32172
  # ],
32173
+ # launch_template: {
32174
+ # launch_template_id: "NonEmptyString",
32175
+ # launch_template_name: "NonEmptyString",
32176
+ # version: "NonEmptyString",
32177
+ # },
32178
+ # capacity_rebalance: false,
31736
32179
  # },
31737
32180
  # aws_code_build_project: {
31738
32181
  # encryption_key: "NonEmptyString",
@@ -31791,6 +32234,19 @@ module Aws::SecurityHub
31791
32234
  # subnets: ["NonEmptyString"],
31792
32235
  # security_group_ids: ["NonEmptyString"],
31793
32236
  # },
32237
+ # secondary_artifacts: [
32238
+ # {
32239
+ # artifact_identifier: "NonEmptyString",
32240
+ # encryption_disabled: false,
32241
+ # location: "NonEmptyString",
32242
+ # name: "NonEmptyString",
32243
+ # namespace_type: "NonEmptyString",
32244
+ # override_artifact_name: false,
32245
+ # packaging: "NonEmptyString",
32246
+ # path: "NonEmptyString",
32247
+ # type: "NonEmptyString",
32248
+ # },
32249
+ # ],
31794
32250
  # },
31795
32251
  # aws_cloud_front_distribution: {
31796
32252
  # cache_behaviors: {
@@ -32847,6 +33303,14 @@ module Aws::SecurityHub
32847
33303
  # vpc_security_group_id: "NonEmptyString",
32848
33304
  # },
32849
33305
  # ],
33306
+ # logging_status: {
33307
+ # bucket_name: "NonEmptyString",
33308
+ # last_failure_message: "NonEmptyString",
33309
+ # last_failure_time: "NonEmptyString",
33310
+ # last_successful_delivery_time: "NonEmptyString",
33311
+ # logging_enabled: false,
33312
+ # s3_key_prefix: "NonEmptyString",
33313
+ # },
32850
33314
  # },
32851
33315
  # aws_elb_load_balancer: {
32852
33316
  # availability_zones: ["NonEmptyString"],
@@ -32901,6 +33365,12 @@ module Aws::SecurityHub
32901
33365
  # cross_zone_load_balancing: {
32902
33366
  # enabled: false,
32903
33367
  # },
33368
+ # additional_attributes: [
33369
+ # {
33370
+ # key: "NonEmptyString",
33371
+ # value: "NonEmptyString",
33372
+ # },
33373
+ # ],
32904
33374
  # },
32905
33375
  # load_balancer_name: "NonEmptyString",
32906
33376
  # policies: {
@@ -34086,6 +34556,27 @@ module Aws::SecurityHub
34086
34556
  # rule_group_name: "NonEmptyString",
34087
34557
  # type: "NonEmptyString",
34088
34558
  # },
34559
+ # aws_rds_db_security_group: {
34560
+ # db_security_group_arn: "NonEmptyString",
34561
+ # db_security_group_description: "NonEmptyString",
34562
+ # db_security_group_name: "NonEmptyString",
34563
+ # ec2_security_groups: [
34564
+ # {
34565
+ # ec2_security_group_id: "NonEmptyString",
34566
+ # ec2_security_group_name: "NonEmptyString",
34567
+ # ec2_security_group_owner_id: "NonEmptyString",
34568
+ # status: "NonEmptyString",
34569
+ # },
34570
+ # ],
34571
+ # ip_ranges: [
34572
+ # {
34573
+ # cidr_ip: "NonEmptyString",
34574
+ # status: "NonEmptyString",
34575
+ # },
34576
+ # ],
34577
+ # owner_id: "NonEmptyString",
34578
+ # vpc_id: "NonEmptyString",
34579
+ # },
34089
34580
  # },
34090
34581
  # }
34091
34582
  #
@@ -34216,6 +34707,12 @@ module Aws::SecurityHub
34216
34707
  # value: "NonEmptyString",
34217
34708
  # },
34218
34709
  # ],
34710
+ # launch_template: {
34711
+ # launch_template_id: "NonEmptyString",
34712
+ # launch_template_name: "NonEmptyString",
34713
+ # version: "NonEmptyString",
34714
+ # },
34715
+ # capacity_rebalance: false,
34219
34716
  # },
34220
34717
  # aws_code_build_project: {
34221
34718
  # encryption_key: "NonEmptyString",
@@ -34274,6 +34771,19 @@ module Aws::SecurityHub
34274
34771
  # subnets: ["NonEmptyString"],
34275
34772
  # security_group_ids: ["NonEmptyString"],
34276
34773
  # },
34774
+ # secondary_artifacts: [
34775
+ # {
34776
+ # artifact_identifier: "NonEmptyString",
34777
+ # encryption_disabled: false,
34778
+ # location: "NonEmptyString",
34779
+ # name: "NonEmptyString",
34780
+ # namespace_type: "NonEmptyString",
34781
+ # override_artifact_name: false,
34782
+ # packaging: "NonEmptyString",
34783
+ # path: "NonEmptyString",
34784
+ # type: "NonEmptyString",
34785
+ # },
34786
+ # ],
34277
34787
  # },
34278
34788
  # aws_cloud_front_distribution: {
34279
34789
  # cache_behaviors: {
@@ -35330,6 +35840,14 @@ module Aws::SecurityHub
35330
35840
  # vpc_security_group_id: "NonEmptyString",
35331
35841
  # },
35332
35842
  # ],
35843
+ # logging_status: {
35844
+ # bucket_name: "NonEmptyString",
35845
+ # last_failure_message: "NonEmptyString",
35846
+ # last_failure_time: "NonEmptyString",
35847
+ # last_successful_delivery_time: "NonEmptyString",
35848
+ # logging_enabled: false,
35849
+ # s3_key_prefix: "NonEmptyString",
35850
+ # },
35333
35851
  # },
35334
35852
  # aws_elb_load_balancer: {
35335
35853
  # availability_zones: ["NonEmptyString"],
@@ -35384,6 +35902,12 @@ module Aws::SecurityHub
35384
35902
  # cross_zone_load_balancing: {
35385
35903
  # enabled: false,
35386
35904
  # },
35905
+ # additional_attributes: [
35906
+ # {
35907
+ # key: "NonEmptyString",
35908
+ # value: "NonEmptyString",
35909
+ # },
35910
+ # ],
35387
35911
  # },
35388
35912
  # load_balancer_name: "NonEmptyString",
35389
35913
  # policies: {
@@ -36569,6 +37093,27 @@ module Aws::SecurityHub
36569
37093
  # rule_group_name: "NonEmptyString",
36570
37094
  # type: "NonEmptyString",
36571
37095
  # },
37096
+ # aws_rds_db_security_group: {
37097
+ # db_security_group_arn: "NonEmptyString",
37098
+ # db_security_group_description: "NonEmptyString",
37099
+ # db_security_group_name: "NonEmptyString",
37100
+ # ec2_security_groups: [
37101
+ # {
37102
+ # ec2_security_group_id: "NonEmptyString",
37103
+ # ec2_security_group_name: "NonEmptyString",
37104
+ # ec2_security_group_owner_id: "NonEmptyString",
37105
+ # status: "NonEmptyString",
37106
+ # },
37107
+ # ],
37108
+ # ip_ranges: [
37109
+ # {
37110
+ # cidr_ip: "NonEmptyString",
37111
+ # status: "NonEmptyString",
37112
+ # },
37113
+ # ],
37114
+ # owner_id: "NonEmptyString",
37115
+ # vpc_id: "NonEmptyString",
37116
+ # },
36572
37117
  # }
36573
37118
  #
36574
37119
  # @!attribute [rw] aws_auto_scaling_auto_scaling_group
@@ -36834,6 +37379,10 @@ module Aws::SecurityHub
36834
37379
  # Details about an Network Firewall rule group.
36835
37380
  # @return [Types::AwsNetworkFirewallRuleGroupDetails]
36836
37381
  #
37382
+ # @!attribute [rw] aws_rds_db_security_group
37383
+ # Details about an Amazon RDS DB security group.
37384
+ # @return [Types::AwsRdsDbSecurityGroupDetails]
37385
+ #
36837
37386
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
36838
37387
  #
36839
37388
  class ResourceDetails < Struct.new(
@@ -36898,7 +37447,8 @@ module Aws::SecurityHub
36898
37447
  :aws_eks_cluster,
36899
37448
  :aws_network_firewall_firewall_policy,
36900
37449
  :aws_network_firewall_firewall,
36901
- :aws_network_firewall_rule_group)
37450
+ :aws_network_firewall_rule_group,
37451
+ :aws_rds_db_security_group)
36902
37452
  SENSITIVE = []
36903
37453
  include Aws::Structure
36904
37454
  end
@@ -40248,6 +40798,7 @@ module Aws::SecurityHub
40248
40798
  #
40249
40799
  # {
40250
40800
  # auto_enable: false, # required
40801
+ # auto_enable_standards: "NONE", # accepts NONE, DEFAULT
40251
40802
  # }
40252
40803
  #
40253
40804
  # @!attribute [rw] auto_enable
@@ -40261,10 +40812,27 @@ module Aws::SecurityHub
40261
40812
  # `true`.
40262
40813
  # @return [Boolean]
40263
40814
  #
40815
+ # @!attribute [rw] auto_enable_standards
40816
+ # Whether to automatically enable Security Hub [default standards][1]
40817
+ # for new member accounts in the organization.
40818
+ #
40819
+ # By default, this parameter is equal to `DEFAULT`, and new member
40820
+ # accounts are automatically enabled with default Security Hub
40821
+ # standards.
40822
+ #
40823
+ # To opt out of enabling default standards for new member accounts,
40824
+ # set this parameter equal to `NONE`.
40825
+ #
40826
+ #
40827
+ #
40828
+ # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html
40829
+ # @return [String]
40830
+ #
40264
40831
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
40265
40832
  #
40266
40833
  class UpdateOrganizationConfigurationRequest < Struct.new(
40267
- :auto_enable)
40834
+ :auto_enable,
40835
+ :auto_enable_standards)
40268
40836
  SENSITIVE = []
40269
40837
  include Aws::Structure
40270
40838
  end