aws-sdk-securityhub 1.75.0 → 1.77.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: aaa6faff45a268abc6ecf0c90d8bdba1fbe4a8a1bee44fbb7e19b55608ed1660
4
- data.tar.gz: df8b33938c1c0c5413a558b900737d70c24ce9ebaccb2d3e7fbc1fa20233d7cd
3
+ metadata.gz: 42097a9ea879fbbaca78b14e116697b2232e7647e217b098fbc12d4a10949c88
4
+ data.tar.gz: e65c14100c5d78c093c59f712e8810b68d9b2c79b3c3d6efe2a6769fd50b5dd3
5
5
  SHA512:
6
- metadata.gz: f280edf6cdc102e0fa7775e79022cbb06227662187732de522eef8dced53cdaf04b2cb9682bab6b733b0b542eed6aa4d157fb66a2b995381ce5e79d90c7fe667
7
- data.tar.gz: e461604a34deed87ccdc2c89d5073fc4024f0a059414d96295a19548c2a70bd34c36b8908d86fb0f275adffcaec46793140c6b5ff1c3edd71736b29aa621d12e
6
+ metadata.gz: f1263bfd760eb829b2281aa32da750834d60e4f34451c1688e2cfb7eedd6d9942bf920a7cc8ca2eeba4b985e29aca99826e0309afaed47c3244e506119ec249a
7
+ data.tar.gz: 88d7596b018cb3db89655b0443a667064679407bb7878165478227911263e5e6607830719985ee71f60537140b50169b3817ffc3c8198c4e36f065820dcad57d
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.77.0 (2023-02-21)
5
+ ------------------
6
+
7
+ * Feature - Documentation updates for AWS Security Hub
8
+
9
+ 1.76.0 (2023-01-31)
10
+ ------------------
11
+
12
+ * Feature - New fields have been added to the AWS Security Finding Format. Compliance.SecurityControlId is a unique identifier for a security control across standards. Compliance.AssociatedStandards contains all enabled standards in which a security control is enabled.
13
+
4
14
  1.75.0 (2023-01-18)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.75.0
1
+ 1.77.0
@@ -1566,6 +1566,18 @@ module Aws::SecurityHub
1566
1566
  # value: false,
1567
1567
  # },
1568
1568
  # ],
1569
+ # compliance_security_control_id: [
1570
+ # {
1571
+ # value: "NonEmptyString",
1572
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
1573
+ # },
1574
+ # ],
1575
+ # compliance_associated_standards_id: [
1576
+ # {
1577
+ # value: "NonEmptyString",
1578
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
1579
+ # },
1580
+ # ],
1569
1581
  # },
1570
1582
  # group_by_attribute: "NonEmptyString", # required
1571
1583
  # })
@@ -2356,16 +2368,16 @@ module Aws::SecurityHub
2356
2368
  # integrated with Security Hub.
2357
2369
  #
2358
2370
  # When you use the `EnableSecurityHub` operation to enable Security Hub,
2359
- # you also automatically enable the following standards.
2371
+ # you also automatically enable the following standards:
2360
2372
  #
2361
- # * CIS Amazon Web Services Foundations
2373
+ # * Center for Internet Security (CIS) Amazon Web Services Foundations
2374
+ # Benchmark v1.2.0
2362
2375
  #
2363
2376
  # * Amazon Web Services Foundational Security Best Practices
2364
2377
  #
2365
- # You do not enable the Payment Card Industry Data Security Standard
2366
- # (PCI DSS) standard.
2378
+ # Other standards are not automatically enabled.
2367
2379
  #
2368
- # To not enable the automatically enabled standards, set
2380
+ # To opt out of automatically enabled standards, set
2369
2381
  # `EnableDefaultStandards` to `false`.
2370
2382
  #
2371
2383
  # After you enable Security Hub, to enable a standard, use the
@@ -3186,6 +3198,18 @@ module Aws::SecurityHub
3186
3198
  # value: false,
3187
3199
  # },
3188
3200
  # ],
3201
+ # compliance_security_control_id: [
3202
+ # {
3203
+ # value: "NonEmptyString",
3204
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3205
+ # },
3206
+ # ],
3207
+ # compliance_associated_standards_id: [
3208
+ # {
3209
+ # value: "NonEmptyString",
3210
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
3211
+ # },
3212
+ # ],
3189
3213
  # },
3190
3214
  # sort_criteria: [
3191
3215
  # {
@@ -3590,6 +3614,12 @@ module Aws::SecurityHub
3590
3614
  # resp.insights[0].filters.finding_provider_fields_types[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
3591
3615
  # resp.insights[0].filters.sample #=> Array
3592
3616
  # resp.insights[0].filters.sample[0].value #=> Boolean
3617
+ # resp.insights[0].filters.compliance_security_control_id #=> Array
3618
+ # resp.insights[0].filters.compliance_security_control_id[0].value #=> String
3619
+ # resp.insights[0].filters.compliance_security_control_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
3620
+ # resp.insights[0].filters.compliance_associated_standards_id #=> Array
3621
+ # resp.insights[0].filters.compliance_associated_standards_id[0].value #=> String
3622
+ # resp.insights[0].filters.compliance_associated_standards_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
3593
3623
  # resp.insights[0].group_by_attribute #=> String
3594
3624
  # resp.next_token #=> String
3595
3625
  #
@@ -4832,6 +4862,18 @@ module Aws::SecurityHub
4832
4862
  # value: false,
4833
4863
  # },
4834
4864
  # ],
4865
+ # compliance_security_control_id: [
4866
+ # {
4867
+ # value: "NonEmptyString",
4868
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4869
+ # },
4870
+ # ],
4871
+ # compliance_associated_standards_id: [
4872
+ # {
4873
+ # value: "NonEmptyString",
4874
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
4875
+ # },
4876
+ # ],
4835
4877
  # },
4836
4878
  # note: {
4837
4879
  # text: "NonEmptyString", # required
@@ -5492,6 +5534,18 @@ module Aws::SecurityHub
5492
5534
  # value: false,
5493
5535
  # },
5494
5536
  # ],
5537
+ # compliance_security_control_id: [
5538
+ # {
5539
+ # value: "NonEmptyString",
5540
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
5541
+ # },
5542
+ # ],
5543
+ # compliance_associated_standards_id: [
5544
+ # {
5545
+ # value: "NonEmptyString",
5546
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
5547
+ # },
5548
+ # ],
5495
5549
  # },
5496
5550
  # group_by_attribute: "NonEmptyString",
5497
5551
  # })
@@ -5623,7 +5677,7 @@ module Aws::SecurityHub
5623
5677
  params: params,
5624
5678
  config: config)
5625
5679
  context[:gem_name] = 'aws-sdk-securityhub'
5626
- context[:gem_version] = '1.75.0'
5680
+ context[:gem_version] = '1.77.0'
5627
5681
  Seahorse::Client::Request.new(handlers, context)
5628
5682
  end
5629
5683
 
@@ -36,6 +36,8 @@ module Aws::SecurityHub
36
36
  AdminStatus = Shapes::StringShape.new(name: 'AdminStatus')
37
37
  AdminsMaxResults = Shapes::IntegerShape.new(name: 'AdminsMaxResults')
38
38
  ArnList = Shapes::ListShape.new(name: 'ArnList')
39
+ AssociatedStandard = Shapes::StructureShape.new(name: 'AssociatedStandard')
40
+ AssociatedStandardsList = Shapes::ListShape.new(name: 'AssociatedStandardsList')
39
41
  AutoEnableStandards = Shapes::StringShape.new(name: 'AutoEnableStandards')
40
42
  AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
41
43
  AvailabilityZones = Shapes::ListShape.new(name: 'AvailabilityZones')
@@ -1009,6 +1011,11 @@ module Aws::SecurityHub
1009
1011
 
1010
1012
  ArnList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
1011
1013
 
1014
+ AssociatedStandard.add_member(:standards_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "StandardsId"))
1015
+ AssociatedStandard.struct_class = Types::AssociatedStandard
1016
+
1017
+ AssociatedStandardsList.member = Shapes::ShapeRef.new(shape: AssociatedStandard)
1018
+
1012
1019
  AvailabilityZone.add_member(:zone_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ZoneName"))
1013
1020
  AvailabilityZone.add_member(:subnet_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SubnetId"))
1014
1021
  AvailabilityZone.struct_class = Types::AvailabilityZone
@@ -3980,6 +3987,8 @@ module Aws::SecurityHub
3980
3987
  AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_original, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityOriginal"))
3981
3988
  AwsSecurityFindingFilters.add_member(:finding_provider_fields_types, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsTypes"))
3982
3989
  AwsSecurityFindingFilters.add_member(:sample, Shapes::ShapeRef.new(shape: BooleanFilterList, location_name: "Sample"))
3990
+ AwsSecurityFindingFilters.add_member(:compliance_security_control_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ComplianceSecurityControlId"))
3991
+ AwsSecurityFindingFilters.add_member(:compliance_associated_standards_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ComplianceAssociatedStandardsId"))
3983
3992
  AwsSecurityFindingFilters.struct_class = Types::AwsSecurityFindingFilters
3984
3993
 
3985
3994
  AwsSecurityFindingIdentifier.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
@@ -4337,6 +4346,8 @@ module Aws::SecurityHub
4337
4346
  Compliance.add_member(:status, Shapes::ShapeRef.new(shape: ComplianceStatus, location_name: "Status"))
4338
4347
  Compliance.add_member(:related_requirements, Shapes::ShapeRef.new(shape: RelatedRequirementsList, location_name: "RelatedRequirements"))
4339
4348
  Compliance.add_member(:status_reasons, Shapes::ShapeRef.new(shape: StatusReasonsList, location_name: "StatusReasons"))
4349
+ Compliance.add_member(:security_control_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SecurityControlId"))
4350
+ Compliance.add_member(:associated_standards, Shapes::ShapeRef.new(shape: AssociatedStandardsList, location_name: "AssociatedStandards"))
4340
4351
  Compliance.struct_class = Types::Compliance
4341
4352
 
4342
4353
  ContainerDetails.add_member(:container_runtime, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ContainerRuntime"))
@@ -50,9 +50,6 @@ module Aws::SecurityHub
50
50
 
51
51
  def initialize(options = {})
52
52
  self[:region] = options[:region]
53
- if self[:region].nil?
54
- raise ArgumentError, "Missing required EndpointParameter: :region"
55
- end
56
53
  self[:use_dual_stack] = options[:use_dual_stack]
57
54
  self[:use_dual_stack] = false if self[:use_dual_stack].nil?
58
55
  if self[:use_dual_stack].nil?
@@ -14,36 +14,39 @@ module Aws::SecurityHub
14
14
  use_dual_stack = parameters.use_dual_stack
15
15
  use_fips = parameters.use_fips
16
16
  endpoint = parameters.endpoint
17
- if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
18
- if Aws::Endpoints::Matchers.set?(endpoint)
19
- if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
20
- raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
21
- end
22
- if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
23
- raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
24
- end
25
- return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
26
- end
27
- if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
28
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
29
- return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
30
- end
31
- raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
32
- end
17
+ if Aws::Endpoints::Matchers.set?(endpoint)
33
18
  if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
34
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
35
- return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
36
- end
37
- raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
19
+ raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
38
20
  end
39
21
  if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
40
- if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
41
- return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
22
+ raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
23
+ end
24
+ return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
25
+ end
26
+ if Aws::Endpoints::Matchers.set?(region)
27
+ if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
28
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
29
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
30
+ return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
31
+ end
32
+ raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
33
+ end
34
+ if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
35
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
36
+ return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
37
+ end
38
+ raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
39
+ end
40
+ if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
41
+ if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
42
+ return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
43
+ end
44
+ raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
42
45
  end
43
- raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
46
+ return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
44
47
  end
45
- return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
46
48
  end
49
+ raise ArgumentError, "Invalid Configuration: Missing Region"
47
50
  raise ArgumentError, 'No endpoint could be resolved'
48
51
 
49
52
  end