aws-sdk-securityhub 1.68.0 → 1.69.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +142 -1
  5. data/lib/aws-sdk-securityhub/client_api.rb +108 -0
  6. data/lib/aws-sdk-securityhub/types.rb +1702 -78
  7. data/lib/aws-sdk-securityhub.rb +1 -1
  8. metadata +2 -2
data/lib/aws-sdk-securityhub/types.rb CHANGED
@@ -1491,7 +1491,8 @@ module Aws::SecurityHub
1491
1491
  # @return [Array<String>]
1492
1492
  #
1493
1493
  # @!attribute [rw] health_check_type
1494
- # The service to use for the health checks.
1494
+ # The service to use for the health checks. Valid values are `EC2` or
1495
+ # `ELB`.
1495
1496
  # @return [String]
1496
1497
  #
1497
1498
  # @!attribute [rw] health_check_grace_period
@@ -1645,7 +1646,8 @@ module Aws::SecurityHub
1645
1646
  # }
1646
1647
  #
1647
1648
  # @!attribute [rw] on_demand_allocation_strategy
1648
- # How to allocate instance types to fulfill On-Demand capacity.
1649
+ # How to allocate instance types to fulfill On-Demand capacity. The
1650
+ # valid value is `prioritized`.
1649
1651
  # @return [String]
1650
1652
  #
1651
1653
  # @!attribute [rw] on_demand_base_capacity
@@ -1659,7 +1661,14 @@ module Aws::SecurityHub
1659
1661
  # @return [Integer]
1660
1662
  #
1661
1663
  # @!attribute [rw] spot_allocation_strategy
1662
- # How to allocate instances across Spot Instance pools.
1664
+ # How to allocate instances across Spot Instance pools. Valid values
1665
+ # are as follows:
1666
+ #
1667
+ # * `lowest-price`
1668
+ #
1669
+ # * `capacity-optimized`
1670
+ #
1671
+ # * `capacity-optimized-prioritized`
1663
1672
  # @return [String]
1664
1673
  #
1665
1674
  # @!attribute [rw] spot_instance_pools
@@ -1896,7 +1905,19 @@ module Aws::SecurityHub
1896
1905
  # @return [Integer]
1897
1906
  #
1898
1907
  # @!attribute [rw] volume_type
1899
- # The volume type.
1908
+ # The volume type. Valid values are as follows:
1909
+ #
1910
+ # * `gp2`
1911
+ #
1912
+ # * `gp3`
1913
+ #
1914
+ # * `io1`
1915
+ #
1916
+ # * `sc1`
1917
+ #
1918
+ # * `st1`
1919
+ #
1920
+ # * `standard`
1900
1921
  # @return [String]
1901
1922
  #
1902
1923
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails AWS API Documentation
@@ -2141,6 +2162,746 @@ module Aws::SecurityHub
2141
2162
  include Aws::Structure
2142
2163
  end
2143
2164
 
2165
+ # Provides a list of backup options for each resource type.
2166
+ #
2167
+ # @note When making an API call, you may pass AwsBackupBackupPlanAdvancedBackupSettingsDetails
2168
+ # data as a hash:
2169
+ #
2170
+ # {
2171
+ # backup_options: {
2172
+ # "NonEmptyString" => "NonEmptyString",
2173
+ # },
2174
+ # resource_type: "NonEmptyString",
2175
+ # }
2176
+ #
2177
+ # @!attribute [rw] backup_options
2178
+ # Specifies the backup option for a selected resource. This option is
2179
+ # only available for Windows Volume Shadow Copy Service (VSS) backup
2180
+ # jobs. Valid values are as follows:
2181
+ #
2182
+ # * Set to `WindowsVSS: enabled` to enable the WindowsVSS backup
2183
+ # option and create a Windows VSS backup.
2184
+ #
2185
+ # * Set to `WindowsVSS: disabled` to create a regular backup. The
2186
+ # `WindowsVSS` option is not enabled by default.
2187
+ # @return [Hash<String,String>]
2188
+ #
2189
+ # @!attribute [rw] resource_type
2190
+ # The name of a resource type. The only supported resource type is
2191
+ # Amazon EC2 instances with Windows VSS.
2192
+ #
2193
+ # The only valid value is `EC2`.
2194
+ # @return [String]
2195
+ #
2196
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanAdvancedBackupSettingsDetails AWS API Documentation
2197
+ #
2198
+ class AwsBackupBackupPlanAdvancedBackupSettingsDetails < Struct.new(
2199
+ :backup_options,
2200
+ :resource_type)
2201
+ SENSITIVE = []
2202
+ include Aws::Structure
2203
+ end
2204
+
2205
+ # Provides details about an Backup backup plan and an array of
2206
+ # `BackupRule` objects, each of which specifies a backup rule.
2207
+ #
2208
+ # @note When making an API call, you may pass AwsBackupBackupPlanBackupPlanDetails
2209
+ # data as a hash:
2210
+ #
2211
+ # {
2212
+ # backup_plan_name: "NonEmptyString",
2213
+ # advanced_backup_settings: [
2214
+ # {
2215
+ # backup_options: {
2216
+ # "NonEmptyString" => "NonEmptyString",
2217
+ # },
2218
+ # resource_type: "NonEmptyString",
2219
+ # },
2220
+ # ],
2221
+ # backup_plan_rule: [
2222
+ # {
2223
+ # target_backup_vault: "NonEmptyString",
2224
+ # start_window_minutes: 1,
2225
+ # schedule_expression: "NonEmptyString",
2226
+ # rule_name: "NonEmptyString",
2227
+ # rule_id: "NonEmptyString",
2228
+ # enable_continuous_backup: false,
2229
+ # completion_window_minutes: 1,
2230
+ # copy_actions: [
2231
+ # {
2232
+ # destination_backup_vault_arn: "NonEmptyString",
2233
+ # lifecycle: {
2234
+ # delete_after_days: 1,
2235
+ # move_to_cold_storage_after_days: 1,
2236
+ # },
2237
+ # },
2238
+ # ],
2239
+ # lifecycle: {
2240
+ # delete_after_days: 1,
2241
+ # move_to_cold_storage_after_days: 1,
2242
+ # },
2243
+ # },
2244
+ # ],
2245
+ # }
2246
+ #
2247
+ # @!attribute [rw] backup_plan_name
2248
+ # The display name of a backup plan.
2249
+ # @return [String]
2250
+ #
2251
+ # @!attribute [rw] advanced_backup_settings
2252
+ # A list of backup options for each resource type.
2253
+ # @return [Array<Types::AwsBackupBackupPlanAdvancedBackupSettingsDetails>]
2254
+ #
2255
+ # @!attribute [rw] backup_plan_rule
2256
+ # An array of `BackupRule` objects, each of which specifies a
2257
+ # scheduled task that is used to back up a selection of resources.
2258
+ # @return [Array<Types::AwsBackupBackupPlanRuleDetails>]
2259
+ #
2260
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanBackupPlanDetails AWS API Documentation
2261
+ #
2262
+ class AwsBackupBackupPlanBackupPlanDetails < Struct.new(
2263
+ :backup_plan_name,
2264
+ :advanced_backup_settings,
2265
+ :backup_plan_rule)
2266
+ SENSITIVE = []
2267
+ include Aws::Structure
2268
+ end
2269
+
2270
+ # Provides details about an Backup backup plan and an array of
2271
+ # `BackupRule` objects, each of which specifies a backup rule.
2272
+ #
2273
+ # @note When making an API call, you may pass AwsBackupBackupPlanDetails
2274
+ # data as a hash:
2275
+ #
2276
+ # {
2277
+ # backup_plan: {
2278
+ # backup_plan_name: "NonEmptyString",
2279
+ # advanced_backup_settings: [
2280
+ # {
2281
+ # backup_options: {
2282
+ # "NonEmptyString" => "NonEmptyString",
2283
+ # },
2284
+ # resource_type: "NonEmptyString",
2285
+ # },
2286
+ # ],
2287
+ # backup_plan_rule: [
2288
+ # {
2289
+ # target_backup_vault: "NonEmptyString",
2290
+ # start_window_minutes: 1,
2291
+ # schedule_expression: "NonEmptyString",
2292
+ # rule_name: "NonEmptyString",
2293
+ # rule_id: "NonEmptyString",
2294
+ # enable_continuous_backup: false,
2295
+ # completion_window_minutes: 1,
2296
+ # copy_actions: [
2297
+ # {
2298
+ # destination_backup_vault_arn: "NonEmptyString",
2299
+ # lifecycle: {
2300
+ # delete_after_days: 1,
2301
+ # move_to_cold_storage_after_days: 1,
2302
+ # },
2303
+ # },
2304
+ # ],
2305
+ # lifecycle: {
2306
+ # delete_after_days: 1,
2307
+ # move_to_cold_storage_after_days: 1,
2308
+ # },
2309
+ # },
2310
+ # ],
2311
+ # },
2312
+ # backup_plan_arn: "NonEmptyString",
2313
+ # backup_plan_id: "NonEmptyString",
2314
+ # version_id: "NonEmptyString",
2315
+ # }
2316
+ #
2317
+ # @!attribute [rw] backup_plan
2318
+ # Uniquely identifies the backup plan to be associated with the
2319
+ # selection of resources.
2320
+ # @return [Types::AwsBackupBackupPlanBackupPlanDetails]
2321
+ #
2322
+ # @!attribute [rw] backup_plan_arn
2323
+ # An Amazon Resource Name (ARN) that uniquely identifies the backup
2324
+ # plan.
2325
+ # @return [String]
2326
+ #
2327
+ # @!attribute [rw] backup_plan_id
2328
+ # A unique ID for the backup plan.
2329
+ # @return [String]
2330
+ #
2331
+ # @!attribute [rw] version_id
2332
+ # Unique, randomly generated, Unicode, UTF-8 encoded strings. Version
2333
+ # IDs cannot be edited.
2334
+ # @return [String]
2335
+ #
2336
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanDetails AWS API Documentation
2337
+ #
2338
+ class AwsBackupBackupPlanDetails < Struct.new(
2339
+ :backup_plan,
2340
+ :backup_plan_arn,
2341
+ :backup_plan_id,
2342
+ :version_id)
2343
+ SENSITIVE = []
2344
+ include Aws::Structure
2345
+ end
2346
+
2347
+ # Provides lifecycle details for the backup plan. A lifecycle defines
2348
+ # when a backup is transitioned to cold storage and when it expires.
2349
+ #
2350
+ # @note When making an API call, you may pass AwsBackupBackupPlanLifecycleDetails
2351
+ # data as a hash:
2352
+ #
2353
+ # {
2354
+ # delete_after_days: 1,
2355
+ # move_to_cold_storage_after_days: 1,
2356
+ # }
2357
+ #
2358
+ # @!attribute [rw] delete_after_days
2359
+ # Specifies the number of days after creation that a recovery point is
2360
+ # deleted. Must be greater than 90 days plus
2361
+ # `MoveToColdStorageAfterDays`.
2362
+ # @return [Integer]
2363
+ #
2364
+ # @!attribute [rw] move_to_cold_storage_after_days
2365
+ # Specifies the number of days after creation that a recovery point is
2366
+ # moved to cold storage.
2367
+ # @return [Integer]
2368
+ #
2369
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanLifecycleDetails AWS API Documentation
2370
+ #
2371
+ class AwsBackupBackupPlanLifecycleDetails < Struct.new(
2372
+ :delete_after_days,
2373
+ :move_to_cold_storage_after_days)
2374
+ SENSITIVE = []
2375
+ include Aws::Structure
2376
+ end
2377
+
2378
+ # An array of `CopyAction` objects, which contains the details of the
2379
+ # copy operation.
2380
+ #
2381
+ # @note When making an API call, you may pass AwsBackupBackupPlanRuleCopyActionsDetails
2382
+ # data as a hash:
2383
+ #
2384
+ # {
2385
+ # destination_backup_vault_arn: "NonEmptyString",
2386
+ # lifecycle: {
2387
+ # delete_after_days: 1,
2388
+ # move_to_cold_storage_after_days: 1,
2389
+ # },
2390
+ # }
2391
+ #
2392
+ # @!attribute [rw] destination_backup_vault_arn
2393
+ # An Amazon Resource Name (ARN) that uniquely identifies the
2394
+ # destination backup vault for the copied backup.
2395
+ # @return [String]
2396
+ #
2397
+ # @!attribute [rw] lifecycle
2398
+ # Defines when a protected resource is transitioned to cold storage
2399
+ # and when it expires. Backup transitions and expires backups
2400
+ # automatically according to the lifecycle that you define. If you do
2401
+ # not specify a lifecycle, Backup applies the lifecycle policy of the
2402
+ # source backup to the destination backup.
2403
+ #
2404
+ # Backups transitioned to cold storage must be stored in cold storage
2405
+ # for a minimum of 90 days.
2406
+ # @return [Types::AwsBackupBackupPlanLifecycleDetails]
2407
+ #
2408
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanRuleCopyActionsDetails AWS API Documentation
2409
+ #
2410
+ class AwsBackupBackupPlanRuleCopyActionsDetails < Struct.new(
2411
+ :destination_backup_vault_arn,
2412
+ :lifecycle)
2413
+ SENSITIVE = []
2414
+ include Aws::Structure
2415
+ end
2416
+
2417
+ # Provides details about an array of `BackupRule` objects, each of which
2418
+ # specifies a scheduled task that is used to back up a selection of
2419
+ # resources.
2420
+ #
2421
+ # @note When making an API call, you may pass AwsBackupBackupPlanRuleDetails
2422
+ # data as a hash:
2423
+ #
2424
+ # {
2425
+ # target_backup_vault: "NonEmptyString",
2426
+ # start_window_minutes: 1,
2427
+ # schedule_expression: "NonEmptyString",
2428
+ # rule_name: "NonEmptyString",
2429
+ # rule_id: "NonEmptyString",
2430
+ # enable_continuous_backup: false,
2431
+ # completion_window_minutes: 1,
2432
+ # copy_actions: [
2433
+ # {
2434
+ # destination_backup_vault_arn: "NonEmptyString",
2435
+ # lifecycle: {
2436
+ # delete_after_days: 1,
2437
+ # move_to_cold_storage_after_days: 1,
2438
+ # },
2439
+ # },
2440
+ # ],
2441
+ # lifecycle: {
2442
+ # delete_after_days: 1,
2443
+ # move_to_cold_storage_after_days: 1,
2444
+ # },
2445
+ # }
2446
+ #
2447
+ # @!attribute [rw] target_backup_vault
2448
+ # The name of a logical container where backups are stored. Backup
2449
+ # vaults are identified by names that are unique to the Amazon Web
2450
+ # Services account used to create them and the Amazon Web Services
2451
+ # Region where they are created. They consist of letters, numbers, and
2452
+ # hyphens.
2453
+ # @return [String]
2454
+ #
2455
+ # @!attribute [rw] start_window_minutes
2456
+ # A value in minutes after a backup is scheduled before a job will be
2457
+ # canceled if it doesn't start successfully.
2458
+ # @return [Integer]
2459
+ #
2460
+ # @!attribute [rw] schedule_expression
2461
+ # A cron expression in UTC specifying when Backup initiates a backup
2462
+ # job.
2463
+ # @return [String]
2464
+ #
2465
+ # @!attribute [rw] rule_name
2466
+ # A display name for a backup rule. Must contain 1 to 50 alphanumeric
2467
+ # or '-\_.' characters.
2468
+ # @return [String]
2469
+ #
2470
+ # @!attribute [rw] rule_id
2471
+ # Uniquely identifies a rule that is used to schedule the backup of a
2472
+ # selection of resources.
2473
+ # @return [String]
2474
+ #
2475
+ # @!attribute [rw] enable_continuous_backup
2476
+ # Specifies whether Backup creates continuous backups capable of
2477
+ # point-in-time restore (PITR).
2478
+ # @return [Boolean]
2479
+ #
2480
+ # @!attribute [rw] completion_window_minutes
2481
+ # A value in minutes after a backup job is successfully started before
2482
+ # it must be completed, or it is canceled by Backup.
2483
+ # @return [Integer]
2484
+ #
2485
+ # @!attribute [rw] copy_actions
2486
+ # An array of `CopyAction` objects, which contains the details of the
2487
+ # copy operation.
2488
+ # @return [Array<Types::AwsBackupBackupPlanRuleCopyActionsDetails>]
2489
+ #
2490
+ # @!attribute [rw] lifecycle
2491
+ # Defines when a protected resource is transitioned to cold storage
2492
+ # and when it expires. Backup transitions and expires backups
2493
+ # automatically according to the lifecycle that you define. If you do
2494
+ # not specify a lifecycle, Backup applies the lifecycle policy of the
2495
+ # source backup to the destination backup.
2496
+ #
2497
+ # Backups transitioned to cold storage must be stored in cold storage
2498
+ # for a minimum of 90 days.
2499
+ # @return [Types::AwsBackupBackupPlanLifecycleDetails]
2500
+ #
2501
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupPlanRuleDetails AWS API Documentation
2502
+ #
2503
+ class AwsBackupBackupPlanRuleDetails < Struct.new(
2504
+ :target_backup_vault,
2505
+ :start_window_minutes,
2506
+ :schedule_expression,
2507
+ :rule_name,
2508
+ :rule_id,
2509
+ :enable_continuous_backup,
2510
+ :completion_window_minutes,
2511
+ :copy_actions,
2512
+ :lifecycle)
2513
+ SENSITIVE = []
2514
+ include Aws::Structure
2515
+ end
2516
+
2517
+ # Provides details about an Backup backup vault. In Backup, a backup
2518
+ # vault is a container that stores and organizes your backups.
2519
+ #
2520
+ # @note When making an API call, you may pass AwsBackupBackupVaultDetails
2521
+ # data as a hash:
2522
+ #
2523
+ # {
2524
+ # backup_vault_arn: "NonEmptyString",
2525
+ # backup_vault_name: "NonEmptyString",
2526
+ # encryption_key_arn: "NonEmptyString",
2527
+ # notifications: {
2528
+ # backup_vault_events: ["NonEmptyString"],
2529
+ # sns_topic_arn: "NonEmptyString",
2530
+ # },
2531
+ # access_policy: "NonEmptyString",
2532
+ # }
2533
+ #
2534
+ # @!attribute [rw] backup_vault_arn
2535
+ # An Amazon Resource Name (ARN) that uniquely identifies a backup
2536
+ # vault.
2537
+ # @return [String]
2538
+ #
2539
+ # @!attribute [rw] backup_vault_name
2540
+ # The name of a logical container where backups are stored. Backup
2541
+ # vaults are identified by names that are unique to the Amazon Web
2542
+ # Services account used to create them and the Amazon Web Services
2543
+ # Region where they are created. They consist of lowercase letters,
2544
+ # numbers, and hyphens.
2545
+ # @return [String]
2546
+ #
2547
+ # @!attribute [rw] encryption_key_arn
2548
+ # The unique ARN associated with the server-side encryption key. You
2549
+ # can specify a key to encrypt your backups from services that support
2550
+ # full Backup management. If you do not specify a key, Backup creates
2551
+ # an KMS key for you by default.
2552
+ # @return [String]
2553
+ #
2554
+ # @!attribute [rw] notifications
2555
+ # The Amazon SNS event notifications for the specified backup vault.
2556
+ # @return [Types::AwsBackupBackupVaultNotificationsDetails]
2557
+ #
2558
+ # @!attribute [rw] access_policy
2559
+ # A resource-based policy that is used to manage access permissions on
2560
+ # the target backup vault.
2561
+ # @return [String]
2562
+ #
2563
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupVaultDetails AWS API Documentation
2564
+ #
2565
+ class AwsBackupBackupVaultDetails < Struct.new(
2566
+ :backup_vault_arn,
2567
+ :backup_vault_name,
2568
+ :encryption_key_arn,
2569
+ :notifications,
2570
+ :access_policy)
2571
+ SENSITIVE = []
2572
+ include Aws::Structure
2573
+ end
2574
+
2575
+ # Provides details about the Amazon SNS event notifications for the
2576
+ # specified backup vault.
2577
+ #
2578
+ # @note When making an API call, you may pass AwsBackupBackupVaultNotificationsDetails
2579
+ # data as a hash:
2580
+ #
2581
+ # {
2582
+ # backup_vault_events: ["NonEmptyString"],
2583
+ # sns_topic_arn: "NonEmptyString",
2584
+ # }
2585
+ #
2586
+ # @!attribute [rw] backup_vault_events
2587
+ # An array of events that indicate the status of jobs to back up
2588
+ # resources to the backup vault. The following events are supported:
2589
+ #
2590
+ # * `BACKUP_JOB_STARTED | BACKUP_JOB_COMPLETED`
2591
+ #
2592
+ # * `COPY_JOB_STARTED | COPY_JOB_SUCCESSFUL | COPY_JOB_FAILED`
2593
+ #
2594
+ # * `RESTORE_JOB_STARTED | RESTORE_JOB_COMPLETED |
2595
+ # RECOVERY_POINT_MODIFIED`
2596
+ #
2597
+ # * `S3_BACKUP_OBJECT_FAILED | S3_RESTORE_OBJECT_FAILED`
2598
+ # @return [Array<String>]
2599
+ #
2600
+ # @!attribute [rw] sns_topic_arn
2601
+ # An ARN that uniquely identifies the Amazon SNS topic for a backup
2602
+ # vault’s events.
2603
+ # @return [String]
2604
+ #
2605
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupBackupVaultNotificationsDetails AWS API Documentation
2606
+ #
2607
+ class AwsBackupBackupVaultNotificationsDetails < Struct.new(
2608
+ :backup_vault_events,
2609
+ :sns_topic_arn)
2610
+ SENSITIVE = []
2611
+ include Aws::Structure
2612
+ end
2613
+
2614
+ # Specifies how long in days before a recovery point transitions to cold
2615
+ # storage or is deleted.
2616
+ #
2617
+ # @note When making an API call, you may pass AwsBackupRecoveryPointCalculatedLifecycleDetails
2618
+ # data as a hash:
2619
+ #
2620
+ # {
2621
+ # delete_at: "NonEmptyString",
2622
+ # move_to_cold_storage_at: "NonEmptyString",
2623
+ # }
2624
+ #
2625
+ # @!attribute [rw] delete_at
2626
+ # Specifies the number of days after creation that a recovery point is
2627
+ # deleted. Must be greater than 90 days plus
2628
+ # `MoveToColdStorageAfterDays`.
2629
+ # @return [String]
2630
+ #
2631
+ # @!attribute [rw] move_to_cold_storage_at
2632
+ # Specifies the number of days after creation that a recovery point is
2633
+ # moved to cold storage.
2634
+ # @return [String]
2635
+ #
2636
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupRecoveryPointCalculatedLifecycleDetails AWS API Documentation
2637
+ #
2638
+ class AwsBackupRecoveryPointCalculatedLifecycleDetails < Struct.new(
2639
+ :delete_at,
2640
+ :move_to_cold_storage_at)
2641
+ SENSITIVE = []
2642
+ include Aws::Structure
2643
+ end
2644
+
2645
+ # Contains information about the backup plan and rule that Backup used
2646
+ # to initiate the recovery point backup.
2647
+ #
2648
+ # @note When making an API call, you may pass AwsBackupRecoveryPointCreatedByDetails
2649
+ # data as a hash:
2650
+ #
2651
+ # {
2652
+ # backup_plan_arn: "NonEmptyString",
2653
+ # backup_plan_id: "NonEmptyString",
2654
+ # backup_plan_version: "NonEmptyString",
2655
+ # backup_rule_id: "NonEmptyString",
2656
+ # }
2657
+ #
2658
+ # @!attribute [rw] backup_plan_arn
2659
+ # An Amazon Resource Name (ARN) that uniquely identifies a backup
2660
+ # plan.
2661
+ # @return [String]
2662
+ #
2663
+ # @!attribute [rw] backup_plan_id
2664
+ # Uniquely identifies a backup plan.
2665
+ # @return [String]
2666
+ #
2667
+ # @!attribute [rw] backup_plan_version
2668
+ # Unique, randomly generated, Unicode, UTF-8 encoded strings that are
2669
+ # at most 1,024 bytes long. Version IDs cannot be edited.
2670
+ # @return [String]
2671
+ #
2672
+ # @!attribute [rw] backup_rule_id
2673
+ # Uniquely identifies a rule used to schedule the backup of a
2674
+ # selection of resources.
2675
+ # @return [String]
2676
+ #
2677
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupRecoveryPointCreatedByDetails AWS API Documentation
2678
+ #
2679
+ class AwsBackupRecoveryPointCreatedByDetails < Struct.new(
2680
+ :backup_plan_arn,
2681
+ :backup_plan_id,
2682
+ :backup_plan_version,
2683
+ :backup_rule_id)
2684
+ SENSITIVE = []
2685
+ include Aws::Structure
2686
+ end
2687
+
2688
+ # Contains detailed information about the recovery points stored in an
2689
+ # Backup backup vault. A backup, or recovery point, represents the
2690
+ # content of a resource at a specified time.
2691
+ #
2692
+ # @note When making an API call, you may pass AwsBackupRecoveryPointDetails
2693
+ # data as a hash:
2694
+ #
2695
+ # {
2696
+ # backup_size_in_bytes: 1,
2697
+ # backup_vault_arn: "NonEmptyString",
2698
+ # backup_vault_name: "NonEmptyString",
2699
+ # calculated_lifecycle: {
2700
+ # delete_at: "NonEmptyString",
2701
+ # move_to_cold_storage_at: "NonEmptyString",
2702
+ # },
2703
+ # completion_date: "NonEmptyString",
2704
+ # created_by: {
2705
+ # backup_plan_arn: "NonEmptyString",
2706
+ # backup_plan_id: "NonEmptyString",
2707
+ # backup_plan_version: "NonEmptyString",
2708
+ # backup_rule_id: "NonEmptyString",
2709
+ # },
2710
+ # creation_date: "NonEmptyString",
2711
+ # encryption_key_arn: "NonEmptyString",
2712
+ # iam_role_arn: "NonEmptyString",
2713
+ # is_encrypted: false,
2714
+ # last_restore_time: "NonEmptyString",
2715
+ # lifecycle: {
2716
+ # delete_after_days: 1,
2717
+ # move_to_cold_storage_after_days: 1,
2718
+ # },
2719
+ # recovery_point_arn: "NonEmptyString",
2720
+ # resource_arn: "NonEmptyString",
2721
+ # resource_type: "NonEmptyString",
2722
+ # source_backup_vault_arn: "NonEmptyString",
2723
+ # status: "NonEmptyString",
2724
+ # status_message: "NonEmptyString",
2725
+ # storage_class: "NonEmptyString",
2726
+ # }
2727
+ #
2728
+ # @!attribute [rw] backup_size_in_bytes
2729
+ # The size, in bytes, of a backup.
2730
+ # @return [Integer]
2731
+ #
2732
+ # @!attribute [rw] backup_vault_arn
2733
+ # An Amazon Resource Name (ARN) that uniquely identifies a backup
2734
+ # vault.
2735
+ # @return [String]
2736
+ #
2737
+ # @!attribute [rw] backup_vault_name
2738
+ # The name of a logical container where backups are stored. Backup
2739
+ # vaults are identified by names that are unique to the Amazon Web
2740
+ # Services account used to create them and the Amazon Web Services
2741
+ # Region where they are created. They consist of lowercase letters,
2742
+ # numbers, and hyphens.
2743
+ # @return [String]
2744
+ #
2745
+ # @!attribute [rw] calculated_lifecycle
2746
+ # A `CalculatedLifecycle` object containing `DeleteAt` and
2747
+ # `MoveToColdStorageAt` timestamps.
2748
+ # @return [Types::AwsBackupRecoveryPointCalculatedLifecycleDetails]
2749
+ #
2750
+ # @!attribute [rw] completion_date
2751
+ # The date and time that a job to create a recovery point is
2752
+ # completed, in Unix format and UTC. The value of `CompletionDate` is
2753
+ # accurate to milliseconds. For example, the value 1516925490.087
2754
+ # represents Friday, January 26, 2018 12:11:30.087 AM.
2755
+ # @return [String]
2756
+ #
2757
+ # @!attribute [rw] created_by
2758
+ # Contains identifying information about the creation of a recovery
2759
+ # point, including the `BackupPlanArn`, `BackupPlanId`,
2760
+ # `BackupPlanVersion`, and `BackupRuleId` of the backup plan that is
2761
+ # used to create it.
2762
+ # @return [Types::AwsBackupRecoveryPointCreatedByDetails]
2763
+ #
2764
+ # @!attribute [rw] creation_date
2765
+ # The date and time a recovery point is created, in Unix format and
2766
+ # UTC. The value of `CreationDate` is accurate to milliseconds. For
2767
+ # example, the value 1516925490.087 represents Friday, January 26,
2768
+ # 2018 12:11:30.087 AM.
2769
+ # @return [String]
2770
+ #
2771
+ # @!attribute [rw] encryption_key_arn
2772
+ # The ARN for the server-side encryption key that is used to protect
2773
+ # your backups.
2774
+ # @return [String]
2775
+ #
2776
+ # @!attribute [rw] iam_role_arn
2777
+ # Specifies the IAM role ARN used to create the target recovery point
2778
+ # @return [String]
2779
+ #
2780
+ # @!attribute [rw] is_encrypted
2781
+ # A Boolean value that is returned as `TRUE` if the specified recovery
2782
+ # point is encrypted, or `FALSE` if the recovery point is not
2783
+ # encrypted.
2784
+ # @return [Boolean]
2785
+ #
2786
+ # @!attribute [rw] last_restore_time
2787
+ # The date and time that a recovery point was last restored, in Unix
2788
+ # format and UTC. The value of `LastRestoreTime` is accurate to
2789
+ # milliseconds. For example, the value 1516925490.087 represents
2790
+ # Friday, January 26, 2018 12:11:30.087 AM.
2791
+ # @return [String]
2792
+ #
2793
+ # @!attribute [rw] lifecycle
2794
+ # The lifecycle defines when a protected resource is transitioned to
2795
+ # cold storage and when it expires. Backup transitions and expires
2796
+ # backups automatically according to the lifecycle that you define
2797
+ # @return [Types::AwsBackupRecoveryPointLifecycleDetails]
2798
+ #
2799
+ # @!attribute [rw] recovery_point_arn
2800
+ # An ARN that uniquely identifies a recovery point.
2801
+ # @return [String]
2802
+ #
2803
+ # @!attribute [rw] resource_arn
2804
+ # An ARN that uniquely identifies a resource. The format of the ARN
2805
+ # depends on the resource type.
2806
+ # @return [String]
2807
+ #
2808
+ # @!attribute [rw] resource_type
2809
+ # The type of Amazon Web Services resource saved as a recovery point,
2810
+ # such as an Amazon EBS volume or an Amazon RDS database.
2811
+ # @return [String]
2812
+ #
2813
+ # @!attribute [rw] source_backup_vault_arn
2814
+ # The ARN for the backup vault where the recovery point was originally
2815
+ # copied from. If the recovery point is restored to the same account,
2816
+ # this value will be null.
2817
+ # @return [String]
2818
+ #
2819
+ # @!attribute [rw] status
2820
+ # A status code specifying the state of the recovery point. Valid
2821
+ # values are as follows:
2822
+ #
2823
+ # * `COMPLETED`
2824
+ #
2825
+ # * `DELETING`
2826
+ #
2827
+ # * `EXPIRED`
2828
+ #
2829
+ # * `PARTIAL`
2830
+ # @return [String]
2831
+ #
2832
+ # @!attribute [rw] status_message
2833
+ # A message explaining the reason of the recovery point deletion
2834
+ # failure.
2835
+ # @return [String]
2836
+ #
2837
+ # @!attribute [rw] storage_class
2838
+ # Specifies the storage class of the recovery point. Valid values are
2839
+ # as follows:
2840
+ #
2841
+ # * `COLD`
2842
+ #
2843
+ # * `DELETED`
2844
+ #
2845
+ # * `WARM`
2846
+ # @return [String]
2847
+ #
2848
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupRecoveryPointDetails AWS API Documentation
2849
+ #
2850
+ class AwsBackupRecoveryPointDetails < Struct.new(
2851
+ :backup_size_in_bytes,
2852
+ :backup_vault_arn,
2853
+ :backup_vault_name,
2854
+ :calculated_lifecycle,
2855
+ :completion_date,
2856
+ :created_by,
2857
+ :creation_date,
2858
+ :encryption_key_arn,
2859
+ :iam_role_arn,
2860
+ :is_encrypted,
2861
+ :last_restore_time,
2862
+ :lifecycle,
2863
+ :recovery_point_arn,
2864
+ :resource_arn,
2865
+ :resource_type,
2866
+ :source_backup_vault_arn,
2867
+ :status,
2868
+ :status_message,
2869
+ :storage_class)
2870
+ SENSITIVE = []
2871
+ include Aws::Structure
2872
+ end
2873
+
2874
+ # Contains an array of Transition objects specifying how long in days
2875
+ # before a recovery point transitions to cold storage or is deleted.
2876
+ #
2877
+ # @note When making an API call, you may pass AwsBackupRecoveryPointLifecycleDetails
2878
+ # data as a hash:
2879
+ #
2880
+ # {
2881
+ # delete_after_days: 1,
2882
+ # move_to_cold_storage_after_days: 1,
2883
+ # }
2884
+ #
2885
+ # @!attribute [rw] delete_after_days
2886
+ # Specifies the number of days after creation that a recovery point is
2887
+ # deleted. Must be greater than 90 days plus
2888
+ # `MoveToColdStorageAfterDays`.
2889
+ # @return [Integer]
2890
+ #
2891
+ # @!attribute [rw] move_to_cold_storage_after_days
2892
+ # Specifies the number of days after creation that a recovery point is
2893
+ # moved to cold storage.
2894
+ # @return [Integer]
2895
+ #
2896
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsBackupRecoveryPointLifecycleDetails AWS API Documentation
2897
+ #
2898
+ class AwsBackupRecoveryPointLifecycleDetails < Struct.new(
2899
+ :delete_after_days,
2900
+ :move_to_cold_storage_after_days)
2901
+ SENSITIVE = []
2902
+ include Aws::Structure
2903
+ end
2904
+
2144
2905
  # Provides details about an Certificate Manager certificate.
2145
2906
  #
2146
2907
  # @note When making an API call, you may pass AwsCertificateManagerCertificateDetails
@@ -2598,7 +3359,8 @@ module Aws::SecurityHub
2598
3359
  # @return [String]
2599
3360
  #
2600
3361
  # @!attribute [rw] renewal_status_reason
2601
- # The reason that a renewal request was unsuccessful.
3362
+ # The reason that a renewal request was unsuccessful. This attribute
3363
+ # is used only when `RenewalStatus` is `FAILED`.
2602
3364
  #
2603
3365
  # Valid values: `NO_AVAILABLE_CONTACTS` \|
2604
3366
  # `ADDITIONAL_VERIFICATION_REQUIRED` \| `DOMAIN_NOT_ALLOWED` \|
@@ -4776,7 +5538,21 @@ module Aws::SecurityHub
4776
5538
  # @return [Integer]
4777
5539
  #
4778
5540
  # @!attribute [rw] table_status
4779
- # The current status of the table.
5541
+ # The current status of the table. Valid values are as follows:
5542
+ #
5543
+ # * `ACTIVE`
5544
+ #
5545
+ # * `ARCHIVED`
5546
+ #
5547
+ # * `ARCHIVING`
5548
+ #
5549
+ # * `CREATING`
5550
+ #
5551
+ # * `DELETING`
5552
+ #
5553
+ # * `INACCESSIBLE_ENCRYPTION_CREDENTIALS`
5554
+ #
5555
+ # * `UPDATING`
4780
5556
  # @return [String]
4781
5557
  #
4782
5558
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsDynamoDbTableDetails AWS API Documentation
@@ -4854,6 +5630,14 @@ module Aws::SecurityHub
4854
5630
  #
4855
5631
  # @!attribute [rw] index_status
4856
5632
  # The current status of the index.
5633
+ #
5634
+ # * `ACTIVE`
5635
+ #
5636
+ # * `CREATING`
5637
+ #
5638
+ # * `DELETING`
5639
+ #
5640
+ # * `UPDATING`
4857
5641
  # @return [String]
4858
5642
  #
4859
5643
  # @!attribute [rw] item_count
@@ -4905,7 +5689,8 @@ module Aws::SecurityHub
4905
5689
  # @return [String]
4906
5690
  #
4907
5691
  # @!attribute [rw] key_type
4908
- # The type of key used for the key schema attribute.
5692
+ # The type of key used for the key schema attribute. Valid values are
5693
+ # `HASH` or `RANGE`.
4909
5694
  # @return [String]
4910
5695
  #
4911
5696
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsDynamoDbTableKeySchema AWS API Documentation
@@ -4983,7 +5768,14 @@ module Aws::SecurityHub
4983
5768
  # @return [Array<String>]
4984
5769
  #
4985
5770
  # @!attribute [rw] projection_type
4986
- # The types of attributes that are projected into the index.
5771
+ # The types of attributes that are projected into the index. Valid
5772
+ # values are as follows:
5773
+ #
5774
+ # * `ALL`
5775
+ #
5776
+ # * `INCLUDE`
5777
+ #
5778
+ # * `KEYS_ONLY`
4987
5779
  # @return [String]
4988
5780
  #
4989
5781
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsDynamoDbTableProjection AWS API Documentation
@@ -5122,7 +5914,17 @@ module Aws::SecurityHub
5122
5914
  # @return [String]
5123
5915
  #
5124
5916
  # @!attribute [rw] replica_status
5125
- # The current status of the replica.
5917
+ # The current status of the replica. Valid values are as follows:
5918
+ #
5919
+ # * `ACTIVE`
5920
+ #
5921
+ # * `CREATING`
5922
+ #
5923
+ # * `CREATION_FAILED`
5924
+ #
5925
+ # * `DELETING`
5926
+ #
5927
+ # * `UPDATING`
5126
5928
  # @return [String]
5127
5929
  #
5128
5930
  # @!attribute [rw] replica_status_description
@@ -6378,7 +7180,8 @@ module Aws::SecurityHub
6378
7180
  # @return [String]
6379
7181
  #
6380
7182
  # @!attribute [rw] state
6381
- # The current state of the subnet.
7183
+ # The current state of the subnet. Valid values are `available` or
7184
+ # `pending`.
6382
7185
  # @return [String]
6383
7186
  #
6384
7187
  # @!attribute [rw] subnet_arn
@@ -6535,7 +7338,17 @@ module Aws::SecurityHub
6535
7338
  # @return [String]
6536
7339
  #
6537
7340
  # @!attribute [rw] status
6538
- # The attachment state of the volume.
7341
+ # The attachment state of the volume. Valid values are as follows:
7342
+ #
7343
+ # * `attaching`
7344
+ #
7345
+ # * `attached`
7346
+ #
7347
+ # * `busy`
7348
+ #
7349
+ # * `detaching`
7350
+ #
7351
+ # * `detached`
6539
7352
  # @return [String]
6540
7353
  #
6541
7354
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VolumeAttachment AWS API Documentation
@@ -6604,7 +7417,19 @@ module Aws::SecurityHub
6604
7417
  # @return [String]
6605
7418
  #
6606
7419
  # @!attribute [rw] status
6607
- # The volume state.
7420
+ # The volume state. Valid values are as follows:
7421
+ #
7422
+ # * `available`
7423
+ #
7424
+ # * `creating`
7425
+ #
7426
+ # * `deleted`
7427
+ #
7428
+ # * `deleting`
7429
+ #
7430
+ # * `error`
7431
+ #
7432
+ # * `in-use`
6608
7433
  # @return [String]
6609
7434
  #
6610
7435
  # @!attribute [rw] kms_key_id
@@ -6685,7 +7510,8 @@ module Aws::SecurityHub
6685
7510
  # @return [String]
6686
7511
  #
6687
7512
  # @!attribute [rw] state
6688
- # The current state of the VPC.
7513
+ # The current state of the VPC. Valid values are `available` or
7514
+ # `pending`.
6689
7515
  # @return [String]
6690
7516
  #
6691
7517
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2VpcDetails AWS API Documentation
@@ -6761,7 +7587,17 @@ module Aws::SecurityHub
6761
7587
  # @return [String]
6762
7588
  #
6763
7589
  # @!attribute [rw] service_state
6764
- # The current state of the service.
7590
+ # The current state of the service. Valid values are as follows:
7591
+ #
7592
+ # * `Available`
7593
+ #
7594
+ # * `Deleted`
7595
+ #
7596
+ # * `Deleting`
7597
+ #
7598
+ # * `Failed`
7599
+ #
7600
+ # * `Pending`
6765
7601
  # @return [String]
6766
7602
  #
6767
7603
  # @!attribute [rw] service_type
@@ -7055,7 +7891,16 @@ module Aws::SecurityHub
7055
7891
  # @return [String]
7056
7892
  #
7057
7893
  # @!attribute [rw] state
7058
- # The current state of the VPN connection.
7894
+ # The current state of the VPN connection. Valid values are as
7895
+ # follows:
7896
+ #
7897
+ # * `available`
7898
+ #
7899
+ # * `deleted`
7900
+ #
7901
+ # * `deleting`
7902
+ #
7903
+ # * `pending`
7059
7904
  # @return [String]
7060
7905
  #
7061
7906
  # @!attribute [rw] customer_gateway_id
@@ -7356,7 +8201,7 @@ module Aws::SecurityHub
7356
8201
  # @return [String]
7357
8202
  #
7358
8203
  # @!attribute [rw] status
7359
- # The status of the VPN tunnel.
8204
+ # The status of the VPN tunnel. Valid values are `DOWN` or `UP`.
7360
8205
  # @return [String]
7361
8206
  #
7362
8207
  # @!attribute [rw] status_message
@@ -7400,7 +8245,13 @@ module Aws::SecurityHub
7400
8245
  # @return [String]
7401
8246
  #
7402
8247
  # @!attribute [rw] architecture
7403
- # The architecture of the image.
8248
+ # The architecture of the image. Valid values are as follows:
8249
+ #
8250
+ # * `arm64`
8251
+ #
8252
+ # * `i386`
8253
+ #
8254
+ # * `x86_64`
7404
8255
  # @return [String]
7405
8256
  #
7406
8257
  # @!attribute [rw] image_digest
@@ -7465,7 +8316,8 @@ module Aws::SecurityHub
7465
8316
  # @return [Types::AwsEcrRepositoryImageScanningConfigurationDetails]
7466
8317
  #
7467
8318
  # @!attribute [rw] image_tag_mutability
7468
- # The tag mutability setting for the repository.
8319
+ # The tag mutability setting for the repository. Valid values are
8320
+ # `IMMUTABLE` or `MUTABLE`.
7469
8321
  # @return [String]
7470
8322
  #
7471
8323
  # @!attribute [rw] lifecycle_policy
@@ -7554,11 +8406,11 @@ module Aws::SecurityHub
7554
8406
  # }
7555
8407
  #
7556
8408
  # @!attribute [rw] name
7557
- # The name of the setting.
8409
+ # The name of the setting. The valid value is `containerInsights`.
7558
8410
  # @return [String]
7559
8411
  #
7560
8412
  # @!attribute [rw] value
7561
- # The value of the setting.
8413
+ # The value of the setting. Valid values are `disabled` or `enabled`.
7562
8414
  # @return [String]
7563
8415
  #
7564
8416
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcsClusterClusterSettingsDetails AWS API Documentation
@@ -8549,7 +9401,15 @@ module Aws::SecurityHub
8549
9401
  # @!attribute [rw] condition
8550
9402
  # The dependency condition of the dependent container. Indicates the
8551
9403
  # required status of the dependent container before the current
8552
- # container can start.
9404
+ # container can start. Valid values are as follows:
9405
+ #
9406
+ # * `COMPLETE`
9407
+ #
9408
+ # * `HEALTHY`
9409
+ #
9410
+ # * `SUCCESS`
9411
+ #
9412
+ # * `START`
8553
9413
  # @return [String]
8554
9414
  #
8555
9415
  # @!attribute [rw] container_name
@@ -8994,7 +9854,7 @@ module Aws::SecurityHub
8994
9854
  # }
8995
9855
  #
8996
9856
  # @!attribute [rw] type
8997
- # The type of environment file.
9857
+ # The type of environment file. The valid value is `s3`.
8998
9858
  # @return [String]
8999
9859
  #
9000
9860
  # @!attribute [rw] value
@@ -9065,7 +9925,7 @@ module Aws::SecurityHub
9065
9925
  # @return [Hash<String,String>]
9066
9926
  #
9067
9927
  # @!attribute [rw] type
9068
- # The log router to use.
9928
+ # The log router to use. Valid values are `fluentbit` or `fluentd`.
9069
9929
  # @return [String]
9070
9930
  #
9071
9931
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails AWS API Documentation
@@ -9142,12 +10002,37 @@ module Aws::SecurityHub
9142
10002
  #
9143
10003
  # @!attribute [rw] add
9144
10004
  # The Linux capabilities for the container that are added to the
9145
- # default configuration provided by Docker.
10005
+ # default configuration provided by Docker. Valid values are as
10006
+ # follows:
10007
+ #
10008
+ # Valid values: `"ALL"` \| `"AUDIT_CONTROL"` \|` "AUDIT_WRITE"` \|
10009
+ # `"BLOCK_SUSPEND"` \| `"CHOWN"` \| `"DAC_OVERRIDE"` \|
10010
+ # `"DAC_READ_SEARCH"` \| `"FOWNER"` \| `"FSETID"` \| `"IPC_LOCK"` \|
10011
+ # `"IPC_OWNER"` \| `"KILL"` \| `"LEASE"` \| `"LINUX_IMMUTABLE"` \|
10012
+ # `"MAC_ADMIN"` \|` "MAC_OVERRIDE"` \| `"MKNOD"` \| `"NET_ADMIN"` \|
10013
+ # `"NET_BIND_SERVICE"` \| `"NET_BROADCAST"` \| `"NET_RAW"` \|
10014
+ # `"SETFCAP"` \| `"SETGID"` \| `"SETPCAP"` \| `"SETUID"` \|
10015
+ # `"SYS_ADMIN"` \| `"SYS_BOOT"` \| `"SYS_CHROOT"` \| `"SYS_MODULE"` \|
10016
+ # `"SYS_NICE"` \| `"SYS_PACCT"` \| `"SYS_PTRACE"` \| `"SYS_RAWIO"` \|
10017
+ # `"SYS_RESOURCE"` \| `"SYS_TIME"` \| `"SYS_TTY_CONFIG"` \| `"SYSLOG"`
10018
+ # \| `"WAKE_ALARM"`
9146
10019
  # @return [Array<String>]
9147
10020
  #
9148
10021
  # @!attribute [rw] drop
9149
10022
  # The Linux capabilities for the container that are dropped from the
9150
10023
  # default configuration provided by Docker.
10024
+ #
10025
+ # Valid values: `"ALL"` \| `"AUDIT_CONTROL"` \|` "AUDIT_WRITE"` \|
10026
+ # `"BLOCK_SUSPEND"` \| `"CHOWN"` \| `"DAC_OVERRIDE"` \|
10027
+ # `"DAC_READ_SEARCH"` \| `"FOWNER"` \| `"FSETID"` \| `"IPC_LOCK"` \|
10028
+ # `"IPC_OWNER"` \| `"KILL"` \| `"LEASE"` \| `"LINUX_IMMUTABLE"` \|
10029
+ # `"MAC_ADMIN"` \|` "MAC_OVERRIDE"` \| `"MKNOD"` \| `"NET_ADMIN"` \|
10030
+ # `"NET_BIND_SERVICE"` \| `"NET_BROADCAST"` \| `"NET_RAW"` \|
10031
+ # `"SETFCAP"` \| `"SETGID"` \| `"SETPCAP"` \| `"SETUID"` \|
10032
+ # `"SYS_ADMIN"` \| `"SYS_BOOT"` \| `"SYS_CHROOT"` \| `"SYS_MODULE"` \|
10033
+ # `"SYS_NICE"` \| `"SYS_PACCT"` \| `"SYS_PTRACE"` \| `"SYS_RAWIO"` \|
10034
+ # `"SYS_RESOURCE"` \| `"SYS_TIME"` \| `"SYS_TTY_CONFIG"` \| `"SYSLOG"`
10035
+ # \| `"WAKE_ALARM"`
9151
10036
  # @return [Array<String>]
9152
10037
  #
9153
10038
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersCapabilitiesDetails AWS API Documentation
@@ -9289,6 +10174,16 @@ module Aws::SecurityHub
9289
10174
  #
9290
10175
  # @!attribute [rw] mount_options
9291
10176
  # The list of tmpfs volume mount options.
10177
+ #
10178
+ # Valid values: `"defaults"` \| `"ro"` \| `"rw"` \| `"suid"` \|
10179
+ # `"nosuid"` \| `"dev"` \| `"nodev"` \|` "exec"` \| `"noexec"` \|
10180
+ # `"sync"` \| `"async"` \| `"dirsync"` \| `"remount"` \| `"mand"` \|
10181
+ # `"nomand"` \| `"atime"` \| `"noatime"` \| `"diratime"` \|
10182
+ # `"nodiratime"` \| `"bind"` \| `"rbind"` \| `"unbindable"` \|
10183
+ # `"runbindable"` \| `"private"` \| `"rprivate"` \| `"shared"` \|
10184
+ # `"rshared"` \| `"slave"` \| `"rslave"` \| `"relatime"` \|
10185
+ # `"norelatime"` \| `"strictatime"` \| `"nostrictatime"` \|` "mode"`
10186
+ # \| `"uid"` \| `"gid"` \| `"nr_inodes"` \|` "nr_blocks"` \| `"mpol"`
9292
10187
  # @return [Array<String>]
9293
10188
  #
9294
10189
  # @!attribute [rw] size
@@ -9325,6 +10220,34 @@ module Aws::SecurityHub
9325
10220
  #
9326
10221
  # @!attribute [rw] log_driver
9327
10222
  # The log driver to use for the container.
10223
+ #
10224
+ # Valid values on Fargate are as follows:
10225
+ #
10226
+ # * `awsfirelens`
10227
+ #
10228
+ # * `awslogs`
10229
+ #
10230
+ # * `splunk`
10231
+ #
10232
+ # Valid values on Amazon EC2 are as follows:
10233
+ #
10234
+ # * `awsfirelens`
10235
+ #
10236
+ # * `awslogs`
10237
+ #
10238
+ # * `fluentd`
10239
+ #
10240
+ # * `gelf`
10241
+ #
10242
+ # * `journald`
10243
+ #
10244
+ # * `json-file`
10245
+ #
10246
+ # * `logentries`
10247
+ #
10248
+ # * `splunk`
10249
+ #
10250
+ # * `syslog`
9328
10251
  # @return [String]
9329
10252
  #
9330
10253
  # @!attribute [rw] options
@@ -9480,7 +10403,8 @@ module Aws::SecurityHub
9480
10403
  # }
9481
10404
  #
9482
10405
  # @!attribute [rw] type
9483
- # The type of resource to assign to a container.
10406
+ # The type of resource to assign to a container. Valid values are
10407
+ # `GPU` or `InferenceAccelerator`.
9484
10408
  # @return [String]
9485
10409
  #
9486
10410
  # @!attribute [rw] value
@@ -9574,7 +10498,37 @@ module Aws::SecurityHub
9574
10498
  # @return [Integer]
9575
10499
  #
9576
10500
  # @!attribute [rw] name
9577
- # The type of the ulimit.
10501
+ # The type of the ulimit. Valid values are as follows:
10502
+ #
10503
+ # * `core`
10504
+ #
10505
+ # * `cpu`
10506
+ #
10507
+ # * `data`
10508
+ #
10509
+ # * `fsize`
10510
+ #
10511
+ # * `locks`
10512
+ #
10513
+ # * `memlock`
10514
+ #
10515
+ # * `msgqueue`
10516
+ #
10517
+ # * `nice`
10518
+ #
10519
+ # * `nofile`
10520
+ #
10521
+ # * `nproc`
10522
+ #
10523
+ # * `rss`
10524
+ #
10525
+ # * `rtprio`
10526
+ #
10527
+ # * `rttime`
10528
+ #
10529
+ # * `sigpending`
10530
+ #
10531
+ # * `stack`
9578
10532
  # @return [String]
9579
10533
  #
9580
10534
  # @!attribute [rw] soft_limit
@@ -9845,7 +10799,18 @@ module Aws::SecurityHub
9845
10799
  # @return [Array<Types::AwsEcsTaskDefinitionContainerDefinitionsDetails>]
9846
10800
  #
9847
10801
  # @!attribute [rw] cpu
9848
- # The number of CPU units used by the task.
10802
+ # The number of CPU units used by the task.Valid values are as
10803
+ # follows:
10804
+ #
10805
+ # * `256 (.25 vCPU)`
10806
+ #
10807
+ # * `512 (.5 vCPU)`
10808
+ #
10809
+ # * `1024 (1 vCPU)`
10810
+ #
10811
+ # * `2048 (2 vCPU)`
10812
+ #
10813
+ # * `4096 (4 vCPU)`
9849
10814
  # @return [String]
9850
10815
  #
9851
10816
  # @!attribute [rw] execution_role_arn
@@ -9863,19 +10828,47 @@ module Aws::SecurityHub
9863
10828
  # @return [Array<Types::AwsEcsTaskDefinitionInferenceAcceleratorsDetails>]
9864
10829
  #
9865
10830
  # @!attribute [rw] ipc_mode
9866
- # The IPC resource namespace to use for the containers in the task.
10831
+ # The inter-process communication (IPC) resource namespace to use for
10832
+ # the containers in the task. Valid values are as follows:
10833
+ #
10834
+ # * `host`
10835
+ #
10836
+ # * `none`
10837
+ #
10838
+ # * `task`
9867
10839
  # @return [String]
9868
10840
  #
9869
10841
  # @!attribute [rw] memory
9870
10842
  # The amount (in MiB) of memory used by the task.
10843
+ #
10844
+ # For tasks that are hosted on Amazon EC2, you can provide a
10845
+ # task-level memory value or a container-level memory value. For tasks
10846
+ # that are hosted on Fargate, you must use one of the [specified
10847
+ # values][1] in the <i> <i>Amazon Elastic Container Service Developer
10848
+ # Guide</i> </i>, which determines your range of supported values for
10849
+ # the `Cpu` and `Memory` parameters.
10850
+ #
10851
+ #
10852
+ #
10853
+ # [1]: https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_size
9871
10854
  # @return [String]
9872
10855
  #
9873
10856
  # @!attribute [rw] network_mode
9874
10857
  # The Docker networking mode to use for the containers in the task.
10858
+ # Valid values are as follows:
10859
+ #
10860
+ # * `awsvpc`
10861
+ #
10862
+ # * `bridge`
10863
+ #
10864
+ # * `host`
10865
+ #
10866
+ # * `none`
9875
10867
  # @return [String]
9876
10868
  #
9877
10869
  # @!attribute [rw] pid_mode
9878
- # The process namespace to use for the containers in the task.
10870
+ # The process namespace to use for the containers in the task. Valid
10871
+ # values are `host` or `task`.
9879
10872
  # @return [String]
9880
10873
  #
9881
10874
  # @!attribute [rw] placement_constraints
@@ -10145,6 +11138,7 @@ module Aws::SecurityHub
10145
11138
  # Docker volumes that are scoped to a task are provisioned
10146
11139
  # automatically when the task starts and destroyed when the task
10147
11140
  # stops. Docker volumes that are shared persist after the task stops.
11141
+ # Valid values are `shared` or `task`.
10148
11142
  # @return [String]
10149
11143
  #
10150
11144
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEcsTaskDefinitionVolumesDockerVolumeConfigurationDetails AWS API Documentation
@@ -10626,7 +11620,19 @@ module Aws::SecurityHub
10626
11620
  # @return [String]
10627
11621
  #
10628
11622
  # @!attribute [rw] cluster_status
10629
- # The status of the cluster.
11623
+ # The status of the cluster. Valid values are as follows:
11624
+ #
11625
+ # * `ACTIVE`
11626
+ #
11627
+ # * `CREATING`
11628
+ #
11629
+ # * `DELETING`
11630
+ #
11631
+ # * `FAILED`
11632
+ #
11633
+ # * `PENDING`
11634
+ #
11635
+ # * `UPDATING`
10630
11636
  # @return [String]
10631
11637
  #
10632
11638
  # @!attribute [rw] endpoint
@@ -10686,7 +11692,17 @@ module Aws::SecurityHub
10686
11692
  # @return [Boolean]
10687
11693
  #
10688
11694
  # @!attribute [rw] types
10689
- # A list of logging types.
11695
+ # A list of logging types. Valid values are as follows:
11696
+ #
11697
+ # * `api`
11698
+ #
11699
+ # * `audit`
11700
+ #
11701
+ # * `authenticator`
11702
+ #
11703
+ # * `controllerManager`
11704
+ #
11705
+ # * `scheduler`
10690
11706
  # @return [Array<String>]
10691
11707
  #
10692
11708
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterLoggingClusterLoggingDetails AWS API Documentation
@@ -10850,7 +11866,24 @@ module Aws::SecurityHub
10850
11866
  # @return [String]
10851
11867
  #
10852
11868
  # @!attribute [rw] status
10853
- # The current operational status of the environment.
11869
+ # The current operational status of the environment. Valid values are
11870
+ # as follows:
11871
+ #
11872
+ # * `Aborting`
11873
+ #
11874
+ # * `Launching`
11875
+ #
11876
+ # * `LinkingFrom`
11877
+ #
11878
+ # * `LinkingTo`
11879
+ #
11880
+ # * `Ready`
11881
+ #
11882
+ # * `Terminated`
11883
+ #
11884
+ # * `Terminating`
11885
+ #
11886
+ # * `Updating`
10854
11887
  # @return [String]
10855
11888
  #
10856
11889
  # @!attribute [rw] tier
@@ -10964,11 +11997,13 @@ module Aws::SecurityHub
10964
11997
  # }
10965
11998
  #
10966
11999
  # @!attribute [rw] name
10967
- # The name of the environment tier.
12000
+ # The name of the environment tier. Valid values are `WebServer` or
12001
+ # `Worker`.
10968
12002
  # @return [String]
10969
12003
  #
10970
12004
  # @!attribute [rw] type
10971
- # The type of environment tier.
12005
+ # The type of environment tier. Valid values are `Standard` or
12006
+ # `SQS/HTTP`.
10972
12007
  # @return [String]
10973
12008
  #
10974
12009
  # @!attribute [rw] version
@@ -11206,9 +12241,17 @@ module Aws::SecurityHub
11206
12241
  #
11207
12242
  # @!attribute [rw] dedicated_master_type
11208
12243
  # The hardware configuration of the computer that hosts the dedicated
11209
- # master node. For example, `m3.medium.elasticsearch`. If this
12244
+ # master node. A sample value is `m3.medium.elasticsearch`. If this
11210
12245
  # attribute is specified, then `DedicatedMasterEnabled` must be
11211
12246
  # `true`.
12247
+ #
12248
+ # For a list of valid values, see [Supported instance types in Amazon
12249
+ # OpenSearch Service][1] in the *Amazon OpenSearch Service Developer
12250
+ # Guide*.
12251
+ #
12252
+ #
12253
+ #
12254
+ # [1]: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html
11212
12255
  # @return [String]
11213
12256
  #
11214
12257
  # @!attribute [rw] instance_count
@@ -11218,6 +12261,14 @@ module Aws::SecurityHub
11218
12261
  # @!attribute [rw] instance_type
11219
12262
  # The instance type for your data nodes. For example,
11220
12263
  # `m3.medium.elasticsearch`.
12264
+ #
12265
+ # For a list of valid values, see [Supported instance types in Amazon
12266
+ # OpenSearch Service][1] in the *Amazon OpenSearch Service Developer
12267
+ # Guide*.
12268
+ #
12269
+ #
12270
+ #
12271
+ # [1]: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html
11221
12272
  # @return [String]
11222
12273
  #
11223
12274
  # @!attribute [rw] zone_awareness_config
@@ -11432,7 +12483,18 @@ module Aws::SecurityHub
11432
12483
  # @return [Boolean]
11433
12484
  #
11434
12485
  # @!attribute [rw] update_status
11435
- # The status of the service software update.
12486
+ # The status of the service software update. Valid values are as
12487
+ # follows:
12488
+ #
12489
+ # * `COMPLETED`
12490
+ #
12491
+ # * `ELIGIBLE`
12492
+ #
12493
+ # * `IN_PROGRESS`
12494
+ #
12495
+ # * `NOT_ELIGIBLE`
12496
+ #
12497
+ # * `PENDING_UPDATE`
11436
12498
  # @return [String]
11437
12499
  #
11438
12500
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElasticsearchDomainServiceSoftwareOptions AWS API Documentation
@@ -13378,7 +14440,17 @@ module Aws::SecurityHub
13378
14440
  # @return [String]
13379
14441
  #
13380
14442
  # @!attribute [rw] key_state
13381
- # The state of the KMS key.
14443
+ # The state of the KMS key. Valid values are as follows:
14444
+ #
14445
+ # * `Disabled`
14446
+ #
14447
+ # * `Enabled`
14448
+ #
14449
+ # * `PendingDeletion`
14450
+ #
14451
+ # * `PendingImport`
14452
+ #
14453
+ # * `Unavailable`
13382
14454
  # @return [String]
13383
14455
  #
13384
14456
  # @!attribute [rw] origin
@@ -14281,6 +15353,14 @@ module Aws::SecurityHub
14281
15353
  #
14282
15354
  # @!attribute [rw] instance_type
14283
15355
  # The instance type for your data nodes.
15356
+ #
15357
+ # For a list of valid values, see [Supported instance types in Amazon
15358
+ # OpenSearch Service][1] in the *Amazon OpenSearch Service Developer
15359
+ # Guide*.
15360
+ #
15361
+ #
15362
+ #
15363
+ # [1]: https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html
14284
15364
  # @return [String]
14285
15365
  #
14286
15366
  # @!attribute [rw] warm_type
@@ -14331,7 +15411,7 @@ module Aws::SecurityHub
14331
15411
  #
14332
15412
  # @!attribute [rw] availability_zone_count
14333
15413
  # The number of Availability Zones that the domain uses. Valid values
14334
- # are 2 and 3. The default is 2.
15414
+ # are `2` or `3`. The default is `2`.
14335
15415
  # @return [Integer]
14336
15416
  #
14337
15417
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails AWS API Documentation
@@ -14756,7 +15836,18 @@ module Aws::SecurityHub
14756
15836
  # @return [Boolean]
14757
15837
  #
14758
15838
  # @!attribute [rw] update_status
14759
- # The status of the service software update.
15839
+ # The status of the service software update. Valid values are as
15840
+ # follows:
15841
+ #
15842
+ # * `COMPLETED`
15843
+ #
15844
+ # * `ELIGIBLE`
15845
+ #
15846
+ # * `IN_PROGRESS`
15847
+ #
15848
+ # * `NOT_ELIGIBLE`
15849
+ #
15850
+ # * `PENDING_UPDATE`
14760
15851
  # @return [String]
14761
15852
  #
14762
15853
  # @!attribute [rw] optional_deployment
@@ -14824,7 +15915,13 @@ module Aws::SecurityHub
14824
15915
  #
14825
15916
  # @!attribute [rw] status
14826
15917
  # The status of the association between the IAM role and the DB
14827
- # cluster.
15918
+ # cluster. Valid values are as follows:
15919
+ #
15920
+ # * `ACTIVE`
15921
+ #
15922
+ # * `INVALID`
15923
+ #
15924
+ # * `PENDING`
14828
15925
  # @return [String]
14829
15926
  #
14830
15927
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbClusterAssociatedRole AWS API Documentation
@@ -14949,7 +16046,14 @@ module Aws::SecurityHub
14949
16046
  # @return [Boolean]
14950
16047
  #
14951
16048
  # @!attribute [rw] engine
14952
- # The name of the database engine to use for this DB cluster.
16049
+ # The name of the database engine to use for this DB cluster. Valid
16050
+ # values are as follows:
16051
+ #
16052
+ # * `aurora`
16053
+ #
16054
+ # * `aurora-mysql`
16055
+ #
16056
+ # * `aurora-postgresql`
14953
16057
  # @return [String]
14954
16058
  #
14955
16059
  # @!attribute [rw] engine_version
@@ -15035,7 +16139,18 @@ module Aws::SecurityHub
15035
16139
  # @return [Array<String>]
15036
16140
  #
15037
16141
  # @!attribute [rw] engine_mode
15038
- # The database engine mode of the DB cluster.
16142
+ # The database engine mode of the DB cluster.Valid values are as
16143
+ # follows:
16144
+ #
16145
+ # * `global`
16146
+ #
16147
+ # * `multimaster`
16148
+ #
16149
+ # * `parallelquery`
16150
+ #
16151
+ # * `provisioned`
16152
+ #
16153
+ # * `serverless`
15039
16154
  # @return [String]
15040
16155
  #
15041
16156
  # @!attribute [rw] deletion_protection
@@ -15048,7 +16163,16 @@ module Aws::SecurityHub
15048
16163
  # @return [Boolean]
15049
16164
  #
15050
16165
  # @!attribute [rw] activity_stream_status
15051
- # The status of the database activity stream.
16166
+ # The status of the database activity stream. Valid values are as
16167
+ # follows:
16168
+ #
16169
+ # * `started`
16170
+ #
16171
+ # * `starting`
16172
+ #
16173
+ # * `stopped`
16174
+ #
16175
+ # * `stopping`
15052
16176
  # @return [String]
15053
16177
  #
15054
16178
  # @!attribute [rw] copy_tags_to_snapshot
@@ -16211,7 +17335,8 @@ module Aws::SecurityHub
16211
17335
  # }
16212
17336
  #
16213
17337
  # @!attribute [rw] name
16214
- # The name of the processor feature.
17338
+ # The name of the processor feature. Valid values are `coreCount` or
17339
+ # `threadsPerCore`.
16215
17340
  # @return [String]
16216
17341
  #
16217
17342
  # @!attribute [rw] value
@@ -16418,7 +17543,36 @@ module Aws::SecurityHub
16418
17543
  # @return [String]
16419
17544
  #
16420
17545
  # @!attribute [rw] engine
16421
- # The name of the database engine to use for this DB instance.
17546
+ # The name of the database engine to use for this DB instance. Valid
17547
+ # values are as follows:
17548
+ #
17549
+ # * `aurora`
17550
+ #
17551
+ # * `aurora-mysql`
17552
+ #
17553
+ # * `aurora-postgresql`
17554
+ #
17555
+ # * `c`
17556
+ #
17557
+ # * `mariadb`
17558
+ #
17559
+ # * `mysql`
17560
+ #
17561
+ # * `oracle-ee`
17562
+ #
17563
+ # * `oracle-se`
17564
+ #
17565
+ # * `oracle-se1`
17566
+ #
17567
+ # * `oracle-se2`
17568
+ #
17569
+ # * `sqlserver-ee`
17570
+ #
17571
+ # * `sqlserver-ex`
17572
+ #
17573
+ # * `sqlserver-se`
17574
+ #
17575
+ # * `sqlserver-web`
16422
17576
  # @return [String]
16423
17577
  #
16424
17578
  # @!attribute [rw] allocated_storage
@@ -16488,7 +17642,14 @@ module Aws::SecurityHub
16488
17642
  # @return [String]
16489
17643
  #
16490
17644
  # @!attribute [rw] storage_type
16491
- # The storage type associated with the DB snapshot.
17645
+ # The storage type associated with the DB snapshot. Valid values are
17646
+ # as follows:
17647
+ #
17648
+ # * `gp2`
17649
+ #
17650
+ # * `io1`
17651
+ #
17652
+ # * `standard`
16492
17653
  # @return [String]
16493
17654
  #
16494
17655
  # @!attribute [rw] tde_credential_arn
@@ -18277,7 +19438,8 @@ module Aws::SecurityHub
18277
19438
  # @return [Types::AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails]
18278
19439
  #
18279
19440
  # @!attribute [rw] type
18280
- # Whether to use `AND` or `OR` to join the operands.
19441
+ # Whether to use `AND` or `OR` to join the operands. Valid values are
19442
+ # `LifecycleAndOperator` or `LifecycleOrOperator`.
18281
19443
  # @return [String]
18282
19444
  #
18283
19445
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails AWS API Documentation
@@ -18314,7 +19476,8 @@ module Aws::SecurityHub
18314
19476
  # @return [Types::AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails]
18315
19477
  #
18316
19478
  # @!attribute [rw] type
18317
- # The type of filter value.
19479
+ # The type of filter value. Valid values are
19480
+ # `LifecyclePrefixPredicate` or `LifecycleTagPredicate`.
18318
19481
  # @return [String]
18319
19482
  #
18320
19483
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails AWS API Documentation
@@ -18442,7 +19605,18 @@ module Aws::SecurityHub
18442
19605
  # @return [Integer]
18443
19606
  #
18444
19607
  # @!attribute [rw] storage_class
18445
- # The storage class to transition the object to.
19608
+ # The storage class to transition the object to. Valid values are as
19609
+ # follows:
19610
+ #
19611
+ # * `DEEP_ARCHIVE`
19612
+ #
19613
+ # * `GLACIER`
19614
+ #
19615
+ # * `INTELLIGENT_TIERING`
19616
+ #
19617
+ # * `ONEZONE_IA`
19618
+ #
19619
+ # * `STANDARD_IA`
18446
19620
  # @return [String]
18447
19621
  #
18448
19622
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails AWS API Documentation
@@ -18472,7 +19646,8 @@ module Aws::SecurityHub
18472
19646
  # @return [Boolean]
18473
19647
  #
18474
19648
  # @!attribute [rw] status
18475
- # The versioning status of the S3 bucket.
19649
+ # The versioning status of the S3 bucket. Valid values are `Enabled`
19650
+ # or `Suspended`.
18476
19651
  # @return [String]
18477
19652
  #
18478
19653
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketBucketVersioningConfiguration AWS API Documentation
@@ -18790,7 +19965,14 @@ module Aws::SecurityHub
18790
19965
  #
18791
19966
  # @!attribute [rw] type
18792
19967
  # Indicates the type of notification. Notifications can be generated
18793
- # using Lambda functions, Amazon SQS queues or Amazon SNS topics.
19968
+ # using Lambda functions, Amazon SQS queues, or Amazon SNS topics,
19969
+ # with corresponding valid values as follows:
19970
+ #
19971
+ # * `LambdaConfiguration`
19972
+ #
19973
+ # * `QueueConfiguration`
19974
+ #
19975
+ # * `TopicConfiguration`
18794
19976
  # @return [String]
18795
19977
  #
18796
19978
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketNotificationConfigurationDetail AWS API Documentation
@@ -18900,6 +20082,7 @@ module Aws::SecurityHub
18900
20082
  #
18901
20083
  # @!attribute [rw] sse_algorithm
18902
20084
  # Server-side encryption algorithm to use for the default encryption.
20085
+ # Valid values are `aws: kms` or `AES256`.
18903
20086
  # @return [String]
18904
20087
  #
18905
20088
  # @!attribute [rw] kms_master_key_id
@@ -19040,8 +20223,9 @@ module Aws::SecurityHub
19040
20223
  # @return [String]
19041
20224
  #
19042
20225
  # @!attribute [rw] protocol
19043
- # The protocol to use when redirecting requests. By default, uses the
19044
- # same protocol as the original request.
20226
+ # The protocol to use when redirecting requests. By default, this
20227
+ # field uses the same protocol as the original request. Valid values
20228
+ # are `http` or `https`.
19045
20229
  # @return [String]
19046
20230
  #
19047
20231
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketWebsiteConfigurationRedirectTo AWS API Documentation
@@ -19322,10 +20506,9 @@ module Aws::SecurityHub
19322
20506
  include Aws::Structure
19323
20507
  end
19324
20508
 
19325
- # Provides consistent format for the contents of the Security
19326
- # Hub-aggregated findings. `AwsSecurityFinding` format enables you to
19327
- # share findings between Amazon Web Services security services and
19328
- # third-party solutions, and security standards checks.
20509
+ # Provides a consistent format for Security Hub findings.
20510
+ # `AwsSecurityFinding` format allows you to share findings between
20511
+ # Amazon Web Services security services and third-party solutions.
19329
20512
  #
19330
20513
  # <note markdown="1"> A finding is a potential security issue generated either by Amazon Web
19331
20514
  # Services services or by the integrated third-party solutions and
@@ -22369,6 +23552,88 @@ module Aws::SecurityHub
22369
23552
  # },
22370
23553
  # ],
22371
23554
  # },
23555
+ # aws_backup_backup_vault: {
23556
+ # backup_vault_arn: "NonEmptyString",
23557
+ # backup_vault_name: "NonEmptyString",
23558
+ # encryption_key_arn: "NonEmptyString",
23559
+ # notifications: {
23560
+ # backup_vault_events: ["NonEmptyString"],
23561
+ # sns_topic_arn: "NonEmptyString",
23562
+ # },
23563
+ # access_policy: "NonEmptyString",
23564
+ # },
23565
+ # aws_backup_backup_plan: {
23566
+ # backup_plan: {
23567
+ # backup_plan_name: "NonEmptyString",
23568
+ # advanced_backup_settings: [
23569
+ # {
23570
+ # backup_options: {
23571
+ # "NonEmptyString" => "NonEmptyString",
23572
+ # },
23573
+ # resource_type: "NonEmptyString",
23574
+ # },
23575
+ # ],
23576
+ # backup_plan_rule: [
23577
+ # {
23578
+ # target_backup_vault: "NonEmptyString",
23579
+ # start_window_minutes: 1,
23580
+ # schedule_expression: "NonEmptyString",
23581
+ # rule_name: "NonEmptyString",
23582
+ # rule_id: "NonEmptyString",
23583
+ # enable_continuous_backup: false,
23584
+ # completion_window_minutes: 1,
23585
+ # copy_actions: [
23586
+ # {
23587
+ # destination_backup_vault_arn: "NonEmptyString",
23588
+ # lifecycle: {
23589
+ # delete_after_days: 1,
23590
+ # move_to_cold_storage_after_days: 1,
23591
+ # },
23592
+ # },
23593
+ # ],
23594
+ # lifecycle: {
23595
+ # delete_after_days: 1,
23596
+ # move_to_cold_storage_after_days: 1,
23597
+ # },
23598
+ # },
23599
+ # ],
23600
+ # },
23601
+ # backup_plan_arn: "NonEmptyString",
23602
+ # backup_plan_id: "NonEmptyString",
23603
+ # version_id: "NonEmptyString",
23604
+ # },
23605
+ # aws_backup_recovery_point: {
23606
+ # backup_size_in_bytes: 1,
23607
+ # backup_vault_arn: "NonEmptyString",
23608
+ # backup_vault_name: "NonEmptyString",
23609
+ # calculated_lifecycle: {
23610
+ # delete_at: "NonEmptyString",
23611
+ # move_to_cold_storage_at: "NonEmptyString",
23612
+ # },
23613
+ # completion_date: "NonEmptyString",
23614
+ # created_by: {
23615
+ # backup_plan_arn: "NonEmptyString",
23616
+ # backup_plan_id: "NonEmptyString",
23617
+ # backup_plan_version: "NonEmptyString",
23618
+ # backup_rule_id: "NonEmptyString",
23619
+ # },
23620
+ # creation_date: "NonEmptyString",
23621
+ # encryption_key_arn: "NonEmptyString",
23622
+ # iam_role_arn: "NonEmptyString",
23623
+ # is_encrypted: false,
23624
+ # last_restore_time: "NonEmptyString",
23625
+ # lifecycle: {
23626
+ # delete_after_days: 1,
23627
+ # move_to_cold_storage_after_days: 1,
23628
+ # },
23629
+ # recovery_point_arn: "NonEmptyString",
23630
+ # resource_arn: "NonEmptyString",
23631
+ # resource_type: "NonEmptyString",
23632
+ # source_backup_vault_arn: "NonEmptyString",
23633
+ # status: "NonEmptyString",
23634
+ # status_message: "NonEmptyString",
23635
+ # storage_class: "NonEmptyString",
23636
+ # },
22372
23637
  # },
22373
23638
  # },
22374
23639
  # ],
@@ -22411,6 +23676,8 @@ module Aws::SecurityHub
22411
23676
  # architecture: "NonEmptyString",
22412
23677
  # package_manager: "NonEmptyString",
22413
23678
  # file_path: "NonEmptyString",
23679
+ # fixed_in_version: "NonEmptyString",
23680
+ # remediation: "NonEmptyString",
22414
23681
  # },
22415
23682
  # ],
22416
23683
  # cvss: [
@@ -22436,6 +23703,7 @@ module Aws::SecurityHub
22436
23703
  # vendor_updated_at: "NonEmptyString",
22437
23704
  # },
22438
23705
  # reference_urls: ["NonEmptyString"],
23706
+ # fix_available: "YES", # accepts YES, NO, PARTIAL
22439
23707
  # },
22440
23708
  # ],
22441
23709
  # patch_summary: {
@@ -24347,9 +25615,7 @@ module Aws::SecurityHub
24347
25615
  # }
24348
25616
  #
24349
25617
  # @!attribute [rw] status
24350
- # The current patch compliance status.
24351
- #
24352
- # The possible status values are:
25618
+ # The current patch compliance status. Valid values are as follows:
24353
25619
  #
24354
25620
  # * `COMPLIANT`
24355
25621
  #
@@ -24423,7 +25689,19 @@ module Aws::SecurityHub
24423
25689
  # @return [String]
24424
25690
  #
24425
25691
  # @!attribute [rw] overall_severity
24426
- # The highest severity for the patches.
25692
+ # The highest severity for the patches. Valid values are as follows:
25693
+ #
25694
+ # * `CRITICAL`
25695
+ #
25696
+ # * `HIGH`
25697
+ #
25698
+ # * `MEDIUM`
25699
+ #
25700
+ # * `LOW`
25701
+ #
25702
+ # * `INFORMATIONAL`
25703
+ #
25704
+ # * `UNSPECIFIED`
24427
25705
  # @return [String]
24428
25706
  #
24429
25707
  # @!attribute [rw] non_compliant_medium_count
@@ -24640,7 +25918,21 @@ module Aws::SecurityHub
24640
25918
  # @return [Boolean]
24641
25919
  #
24642
25920
  # @!attribute [rw] type
24643
- # The type of predicate.
25921
+ # The type of predicate. Valid values are as follows:
25922
+ #
25923
+ # * `ByteMatch`
25924
+ #
25925
+ # * `GeoMatch`
25926
+ #
25927
+ # * `IPMatch`
25928
+ #
25929
+ # * `RegexMatch`
25930
+ #
25931
+ # * `SizeConstraint`
25932
+ #
25933
+ # * `SqlInjectionMatch`
25934
+ #
25935
+ # * `XssMatch`
24644
25936
  # @return [String]
24645
25937
  #
24646
25938
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRateBasedRuleMatchPredicate AWS API Documentation
@@ -24744,7 +26036,21 @@ module Aws::SecurityHub
24744
26036
  # @return [Boolean]
24745
26037
  #
24746
26038
  # @!attribute [rw] type
24747
- # The type of predicate.
26039
+ # The type of predicate. Valid values are as follows:
26040
+ #
26041
+ # * `ByteMatch`
26042
+ #
26043
+ # * `GeoMatch`
26044
+ #
26045
+ # * `IPMatch`
26046
+ #
26047
+ # * `RegexMatch`
26048
+ #
26049
+ # * `SizeConstraint`
26050
+ #
26051
+ # * `SqlInjectionMatch`
26052
+ #
26053
+ # * `XssMatch`
24748
26054
  # @return [String]
24749
26055
  #
24750
26056
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsWafRegionalRateBasedRuleMatchPredicate AWS API Documentation
@@ -25492,13 +26798,16 @@ module Aws::SecurityHub
25492
26798
  # @return [String]
25493
26799
  #
25494
26800
  # @!attribute [rw] status
25495
- # The current status of the encryption configuration. When `Status` is
25496
- # `UPDATING`, X-Ray might use both the old and new encryption.
26801
+ # The current status of the encryption configuration. Valid values are
26802
+ # `ACTIVE` or `UPDATING`.
26803
+ #
26804
+ # When `Status` is equal to `UPDATING`, X-Ray might use both the old
26805
+ # and new encryption.
25497
26806
  # @return [String]
25498
26807
  #
25499
26808
  # @!attribute [rw] type
25500
26809
  # The type of encryption. `KMS` indicates that the encryption uses KMS
25501
- # keys. `NONE` indicates to use the default encryption.
26810
+ # keys. `NONE` indicates the default encryption.
25502
26811
  # @return [String]
25503
26812
  #
25504
26813
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsXrayEncryptionConfigDetails AWS API Documentation
@@ -28618,6 +29927,88 @@ module Aws::SecurityHub
28618
29927
  # },
28619
29928
  # ],
28620
29929
  # },
29930
+ # aws_backup_backup_vault: {
29931
+ # backup_vault_arn: "NonEmptyString",
29932
+ # backup_vault_name: "NonEmptyString",
29933
+ # encryption_key_arn: "NonEmptyString",
29934
+ # notifications: {
29935
+ # backup_vault_events: ["NonEmptyString"],
29936
+ # sns_topic_arn: "NonEmptyString",
29937
+ # },
29938
+ # access_policy: "NonEmptyString",
29939
+ # },
29940
+ # aws_backup_backup_plan: {
29941
+ # backup_plan: {
29942
+ # backup_plan_name: "NonEmptyString",
29943
+ # advanced_backup_settings: [
29944
+ # {
29945
+ # backup_options: {
29946
+ # "NonEmptyString" => "NonEmptyString",
29947
+ # },
29948
+ # resource_type: "NonEmptyString",
29949
+ # },
29950
+ # ],
29951
+ # backup_plan_rule: [
29952
+ # {
29953
+ # target_backup_vault: "NonEmptyString",
29954
+ # start_window_minutes: 1,
29955
+ # schedule_expression: "NonEmptyString",
29956
+ # rule_name: "NonEmptyString",
29957
+ # rule_id: "NonEmptyString",
29958
+ # enable_continuous_backup: false,
29959
+ # completion_window_minutes: 1,
29960
+ # copy_actions: [
29961
+ # {
29962
+ # destination_backup_vault_arn: "NonEmptyString",
29963
+ # lifecycle: {
29964
+ # delete_after_days: 1,
29965
+ # move_to_cold_storage_after_days: 1,
29966
+ # },
29967
+ # },
29968
+ # ],
29969
+ # lifecycle: {
29970
+ # delete_after_days: 1,
29971
+ # move_to_cold_storage_after_days: 1,
29972
+ # },
29973
+ # },
29974
+ # ],
29975
+ # },
29976
+ # backup_plan_arn: "NonEmptyString",
29977
+ # backup_plan_id: "NonEmptyString",
29978
+ # version_id: "NonEmptyString",
29979
+ # },
29980
+ # aws_backup_recovery_point: {
29981
+ # backup_size_in_bytes: 1,
29982
+ # backup_vault_arn: "NonEmptyString",
29983
+ # backup_vault_name: "NonEmptyString",
29984
+ # calculated_lifecycle: {
29985
+ # delete_at: "NonEmptyString",
29986
+ # move_to_cold_storage_at: "NonEmptyString",
29987
+ # },
29988
+ # completion_date: "NonEmptyString",
29989
+ # created_by: {
29990
+ # backup_plan_arn: "NonEmptyString",
29991
+ # backup_plan_id: "NonEmptyString",
29992
+ # backup_plan_version: "NonEmptyString",
29993
+ # backup_rule_id: "NonEmptyString",
29994
+ # },
29995
+ # creation_date: "NonEmptyString",
29996
+ # encryption_key_arn: "NonEmptyString",
29997
+ # iam_role_arn: "NonEmptyString",
29998
+ # is_encrypted: false,
29999
+ # last_restore_time: "NonEmptyString",
30000
+ # lifecycle: {
30001
+ # delete_after_days: 1,
30002
+ # move_to_cold_storage_after_days: 1,
30003
+ # },
30004
+ # recovery_point_arn: "NonEmptyString",
30005
+ # resource_arn: "NonEmptyString",
30006
+ # resource_type: "NonEmptyString",
30007
+ # source_backup_vault_arn: "NonEmptyString",
30008
+ # status: "NonEmptyString",
30009
+ # status_message: "NonEmptyString",
30010
+ # storage_class: "NonEmptyString",
30011
+ # },
28621
30012
  # },
28622
30013
  # },
28623
30014
  # ],
@@ -28660,6 +30051,8 @@ module Aws::SecurityHub
28660
30051
  # architecture: "NonEmptyString",
28661
30052
  # package_manager: "NonEmptyString",
28662
30053
  # file_path: "NonEmptyString",
30054
+ # fixed_in_version: "NonEmptyString",
30055
+ # remediation: "NonEmptyString",
28663
30056
  # },
28664
30057
  # ],
28665
30058
  # cvss: [
@@ -28685,6 +30078,7 @@ module Aws::SecurityHub
28685
30078
  # vendor_updated_at: "NonEmptyString",
28686
30079
  # },
28687
30080
  # reference_urls: ["NonEmptyString"],
30081
+ # fix_available: "YES", # accepts YES, NO, PARTIAL
28688
30082
  # },
28689
30083
  # ],
28690
30084
  # patch_summary: {
@@ -29032,28 +30426,32 @@ module Aws::SecurityHub
29032
30426
  # @!attribute [rw] error_code
29033
30427
  # The code associated with the error. Possible values are:
29034
30428
  #
29035
- # * `ConcurrentUpdateError` - Another process or request attempted to
29036
- # update the finding while this request was being processed
30429
+ # * `ConcurrentUpdateError` - Another request attempted to update the
30430
+ # finding while this request was being processed. This error may
30431
+ # also occur if you call [ `BatchUpdateFindings` ][1] and [
30432
+ # `BatchImportFindings` ][2] at the same time.
29037
30433
  #
29038
30434
  # * `DuplicatedFindingIdentifier` - The request included two or more
29039
- # findings with the same `FindingIdentifier`
30435
+ # findings with the same `FindingIdentifier`.
29040
30436
  #
29041
30437
  # * `FindingNotFound` - The `FindingIdentifier` included in the
29042
- # request did not match an existing finding
30438
+ # request did not match an existing finding.
29043
30439
  #
29044
30440
  # * `FindingSizeExceeded` - The finding size was greater than the
29045
- # permissible value of 240 KB
30441
+ # permissible value of 240 KB.
29046
30442
  #
29047
30443
  # * `InternalFailure` - An internal service failure occurred when
29048
- # updating the finding
30444
+ # updating the finding.
29049
30445
  #
29050
30446
  # * `InvalidInput` - The finding update contained an invalid value
29051
30447
  # that did not satisfy the [Amazon Web Services Security Finding
29052
- # Format][1] syntax
30448
+ # Format][3] syntax.
29053
30449
  #
29054
30450
  #
29055
30451
  #
29056
- # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html
30452
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
30453
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
30454
+ # [3]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format.html
29057
30455
  # @return [String]
29058
30456
  #
29059
30457
  # @!attribute [rw] error_message
@@ -33207,7 +34605,20 @@ module Aws::SecurityHub
33207
34605
  # @return [String]
33208
34606
  #
33209
34607
  # @!attribute [rw] cidr_block_state
33210
- # Information about the state of the CIDR block.
34608
+ # Information about the state of the CIDR block. Valid values are as
34609
+ # follows:
34610
+ #
34611
+ # * `associating`
34612
+ #
34613
+ # * `associated`
34614
+ #
34615
+ # * `disassociating`
34616
+ #
34617
+ # * `disassociated`
34618
+ #
34619
+ # * `failed`
34620
+ #
34621
+ # * `failing`
33211
34622
  # @return [String]
33212
34623
  #
33213
34624
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Ipv6CidrBlockAssociation AWS API Documentation
@@ -37793,6 +39204,88 @@ module Aws::SecurityHub
37793
39204
  # },
37794
39205
  # ],
37795
39206
  # },
39207
+ # aws_backup_backup_vault: {
39208
+ # backup_vault_arn: "NonEmptyString",
39209
+ # backup_vault_name: "NonEmptyString",
39210
+ # encryption_key_arn: "NonEmptyString",
39211
+ # notifications: {
39212
+ # backup_vault_events: ["NonEmptyString"],
39213
+ # sns_topic_arn: "NonEmptyString",
39214
+ # },
39215
+ # access_policy: "NonEmptyString",
39216
+ # },
39217
+ # aws_backup_backup_plan: {
39218
+ # backup_plan: {
39219
+ # backup_plan_name: "NonEmptyString",
39220
+ # advanced_backup_settings: [
39221
+ # {
39222
+ # backup_options: {
39223
+ # "NonEmptyString" => "NonEmptyString",
39224
+ # },
39225
+ # resource_type: "NonEmptyString",
39226
+ # },
39227
+ # ],
39228
+ # backup_plan_rule: [
39229
+ # {
39230
+ # target_backup_vault: "NonEmptyString",
39231
+ # start_window_minutes: 1,
39232
+ # schedule_expression: "NonEmptyString",
39233
+ # rule_name: "NonEmptyString",
39234
+ # rule_id: "NonEmptyString",
39235
+ # enable_continuous_backup: false,
39236
+ # completion_window_minutes: 1,
39237
+ # copy_actions: [
39238
+ # {
39239
+ # destination_backup_vault_arn: "NonEmptyString",
39240
+ # lifecycle: {
39241
+ # delete_after_days: 1,
39242
+ # move_to_cold_storage_after_days: 1,
39243
+ # },
39244
+ # },
39245
+ # ],
39246
+ # lifecycle: {
39247
+ # delete_after_days: 1,
39248
+ # move_to_cold_storage_after_days: 1,
39249
+ # },
39250
+ # },
39251
+ # ],
39252
+ # },
39253
+ # backup_plan_arn: "NonEmptyString",
39254
+ # backup_plan_id: "NonEmptyString",
39255
+ # version_id: "NonEmptyString",
39256
+ # },
39257
+ # aws_backup_recovery_point: {
39258
+ # backup_size_in_bytes: 1,
39259
+ # backup_vault_arn: "NonEmptyString",
39260
+ # backup_vault_name: "NonEmptyString",
39261
+ # calculated_lifecycle: {
39262
+ # delete_at: "NonEmptyString",
39263
+ # move_to_cold_storage_at: "NonEmptyString",
39264
+ # },
39265
+ # completion_date: "NonEmptyString",
39266
+ # created_by: {
39267
+ # backup_plan_arn: "NonEmptyString",
39268
+ # backup_plan_id: "NonEmptyString",
39269
+ # backup_plan_version: "NonEmptyString",
39270
+ # backup_rule_id: "NonEmptyString",
39271
+ # },
39272
+ # creation_date: "NonEmptyString",
39273
+ # encryption_key_arn: "NonEmptyString",
39274
+ # iam_role_arn: "NonEmptyString",
39275
+ # is_encrypted: false,
39276
+ # last_restore_time: "NonEmptyString",
39277
+ # lifecycle: {
39278
+ # delete_after_days: 1,
39279
+ # move_to_cold_storage_after_days: 1,
39280
+ # },
39281
+ # recovery_point_arn: "NonEmptyString",
39282
+ # resource_arn: "NonEmptyString",
39283
+ # resource_type: "NonEmptyString",
39284
+ # source_backup_vault_arn: "NonEmptyString",
39285
+ # status: "NonEmptyString",
39286
+ # status_message: "NonEmptyString",
39287
+ # storage_class: "NonEmptyString",
39288
+ # },
37796
39289
  # },
37797
39290
  # }
37798
39291
  #
@@ -40644,6 +42137,88 @@ module Aws::SecurityHub
40644
42137
  # },
40645
42138
  # ],
40646
42139
  # },
42140
+ # aws_backup_backup_vault: {
42141
+ # backup_vault_arn: "NonEmptyString",
42142
+ # backup_vault_name: "NonEmptyString",
42143
+ # encryption_key_arn: "NonEmptyString",
42144
+ # notifications: {
42145
+ # backup_vault_events: ["NonEmptyString"],
42146
+ # sns_topic_arn: "NonEmptyString",
42147
+ # },
42148
+ # access_policy: "NonEmptyString",
42149
+ # },
42150
+ # aws_backup_backup_plan: {
42151
+ # backup_plan: {
42152
+ # backup_plan_name: "NonEmptyString",
42153
+ # advanced_backup_settings: [
42154
+ # {
42155
+ # backup_options: {
42156
+ # "NonEmptyString" => "NonEmptyString",
42157
+ # },
42158
+ # resource_type: "NonEmptyString",
42159
+ # },
42160
+ # ],
42161
+ # backup_plan_rule: [
42162
+ # {
42163
+ # target_backup_vault: "NonEmptyString",
42164
+ # start_window_minutes: 1,
42165
+ # schedule_expression: "NonEmptyString",
42166
+ # rule_name: "NonEmptyString",
42167
+ # rule_id: "NonEmptyString",
42168
+ # enable_continuous_backup: false,
42169
+ # completion_window_minutes: 1,
42170
+ # copy_actions: [
42171
+ # {
42172
+ # destination_backup_vault_arn: "NonEmptyString",
42173
+ # lifecycle: {
42174
+ # delete_after_days: 1,
42175
+ # move_to_cold_storage_after_days: 1,
42176
+ # },
42177
+ # },
42178
+ # ],
42179
+ # lifecycle: {
42180
+ # delete_after_days: 1,
42181
+ # move_to_cold_storage_after_days: 1,
42182
+ # },
42183
+ # },
42184
+ # ],
42185
+ # },
42186
+ # backup_plan_arn: "NonEmptyString",
42187
+ # backup_plan_id: "NonEmptyString",
42188
+ # version_id: "NonEmptyString",
42189
+ # },
42190
+ # aws_backup_recovery_point: {
42191
+ # backup_size_in_bytes: 1,
42192
+ # backup_vault_arn: "NonEmptyString",
42193
+ # backup_vault_name: "NonEmptyString",
42194
+ # calculated_lifecycle: {
42195
+ # delete_at: "NonEmptyString",
42196
+ # move_to_cold_storage_at: "NonEmptyString",
42197
+ # },
42198
+ # completion_date: "NonEmptyString",
42199
+ # created_by: {
42200
+ # backup_plan_arn: "NonEmptyString",
42201
+ # backup_plan_id: "NonEmptyString",
42202
+ # backup_plan_version: "NonEmptyString",
42203
+ # backup_rule_id: "NonEmptyString",
42204
+ # },
42205
+ # creation_date: "NonEmptyString",
42206
+ # encryption_key_arn: "NonEmptyString",
42207
+ # iam_role_arn: "NonEmptyString",
42208
+ # is_encrypted: false,
42209
+ # last_restore_time: "NonEmptyString",
42210
+ # lifecycle: {
42211
+ # delete_after_days: 1,
42212
+ # move_to_cold_storage_after_days: 1,
42213
+ # },
42214
+ # recovery_point_arn: "NonEmptyString",
42215
+ # resource_arn: "NonEmptyString",
42216
+ # resource_type: "NonEmptyString",
42217
+ # source_backup_vault_arn: "NonEmptyString",
42218
+ # status: "NonEmptyString",
42219
+ # status_message: "NonEmptyString",
42220
+ # storage_class: "NonEmptyString",
42221
+ # },
40647
42222
  # }
40648
42223
  #
40649
42224
  # @!attribute [rw] aws_auto_scaling_auto_scaling_group
@@ -40976,6 +42551,18 @@ module Aws::SecurityHub
40976
42551
  # Details about a task in a cluster.
40977
42552
  # @return [Types::AwsEcsTaskDetails]
40978
42553
  #
42554
+ # @!attribute [rw] aws_backup_backup_vault
42555
+ # Provides details about an Backup backup vault.
42556
+ # @return [Types::AwsBackupBackupVaultDetails]
42557
+ #
42558
+ # @!attribute [rw] aws_backup_backup_plan
42559
+ # Provides details about an Backup backup plan.
42560
+ # @return [Types::AwsBackupBackupPlanDetails]
42561
+ #
42562
+ # @!attribute [rw] aws_backup_recovery_point
42563
+ # Provides details about an Backup backup, or recovery point.
42564
+ # @return [Types::AwsBackupRecoveryPointDetails]
42565
+ #
40979
42566
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
40980
42567
  #
40981
42568
  class ResourceDetails < Struct.new(
@@ -41054,7 +42641,10 @@ module Aws::SecurityHub
41054
42641
  :aws_waf_regional_web_acl,
41055
42642
  :aws_waf_rule,
41056
42643
  :aws_waf_rule_group,
41057
- :aws_ecs_task)
42644
+ :aws_ecs_task,
42645
+ :aws_backup_backup_vault,
42646
+ :aws_backup_backup_plan,
42647
+ :aws_backup_recovery_point)
41058
42648
  SENSITIVE = []
41059
42649
  include Aws::Structure
41060
42650
  end
@@ -42354,6 +43944,8 @@ module Aws::SecurityHub
42354
43944
  # architecture: "NonEmptyString",
42355
43945
  # package_manager: "NonEmptyString",
42356
43946
  # file_path: "NonEmptyString",
43947
+ # fixed_in_version: "NonEmptyString",
43948
+ # remediation: "NonEmptyString",
42357
43949
  # }
42358
43950
  #
42359
43951
  # @!attribute [rw] name
@@ -42384,6 +43976,16 @@ module Aws::SecurityHub
42384
43976
  # The file system path to the package manager inventory file.
42385
43977
  # @return [String]
42386
43978
  #
43979
+ # @!attribute [rw] fixed_in_version
43980
+ # The version of the software package in which the vulnerability has
43981
+ # been resolved.
43982
+ # @return [String]
43983
+ #
43984
+ # @!attribute [rw] remediation
43985
+ # Describes the actions a customer can take to resolve the
43986
+ # vulnerability in the software package.
43987
+ # @return [String]
43988
+ #
42387
43989
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SoftwarePackage AWS API Documentation
42388
43990
  #
42389
43991
  class SoftwarePackage < Struct.new(
@@ -42393,7 +43995,9 @@ module Aws::SecurityHub
42393
43995
  :release,
42394
43996
  :architecture,
42395
43997
  :package_manager,
42396
- :file_path)
43998
+ :file_path,
43999
+ :fixed_in_version,
44000
+ :remediation)
42397
44001
  SENSITIVE = []
42398
44002
  include Aws::Structure
42399
44003
  end
@@ -44682,6 +46286,8 @@ module Aws::SecurityHub
44682
46286
  # architecture: "NonEmptyString",
44683
46287
  # package_manager: "NonEmptyString",
44684
46288
  # file_path: "NonEmptyString",
46289
+ # fixed_in_version: "NonEmptyString",
46290
+ # remediation: "NonEmptyString",
44685
46291
  # },
44686
46292
  # ],
44687
46293
  # cvss: [
@@ -44707,6 +46313,7 @@ module Aws::SecurityHub
44707
46313
  # vendor_updated_at: "NonEmptyString",
44708
46314
  # },
44709
46315
  # reference_urls: ["NonEmptyString"],
46316
+ # fix_available: "YES", # accepts YES, NO, PARTIAL
44710
46317
  # }
44711
46318
  #
44712
46319
  # @!attribute [rw] id
@@ -44735,6 +46342,22 @@ module Aws::SecurityHub
44735
46342
  # vulnerability.
44736
46343
  # @return [Array<String>]
44737
46344
  #
46345
+ # @!attribute [rw] fix_available
46346
+ # Specifies if all vulnerable packages in a finding have a value for
46347
+ # `FixedInVersion` and `Remediation`. This field is evaluated for each
46348
+ # vulnerability `Id` based on the number of vulnerable packages that
46349
+ # have a value for both `FixedInVersion` and `Remediation`. Valid
46350
+ # values are as follows:
46351
+ #
46352
+ # * `YES` if all vulnerable packages have a value for both
46353
+ # `FixedInVersion` and `Remediation`
46354
+ #
46355
+ # * `NO` if no vulnerable packages have a value for `FixedInVersion`
46356
+ # and `Remediation`
46357
+ #
46358
+ # * `PARTIAL` otherwise
46359
+ # @return [String]
46360
+ #
44738
46361
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Vulnerability AWS API Documentation
44739
46362
  #
44740
46363
  class Vulnerability < Struct.new(
@@ -44743,7 +46366,8 @@ module Aws::SecurityHub
44743
46366
  :cvss,
44744
46367
  :related_vulnerabilities,
44745
46368
  :vendor,
44746
- :reference_urls)
46369
+ :reference_urls,
46370
+ :fix_available)
44747
46371
  SENSITIVE = []
44748
46372
  include Aws::Structure
44749
46373
  end