aws-sdk-securityhub 1.75.0 → 1.77.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +60 -6
- data/lib/aws-sdk-securityhub/client_api.rb +11 -0
- data/lib/aws-sdk-securityhub/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-securityhub/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-securityhub/types.rb +387 -163
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 42097a9ea879fbbaca78b14e116697b2232e7647e217b098fbc12d4a10949c88
|
|
4
|
+
data.tar.gz: e65c14100c5d78c093c59f712e8810b68d9b2c79b3c3d6efe2a6769fd50b5dd3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f1263bfd760eb829b2281aa32da750834d60e4f34451c1688e2cfb7eedd6d9942bf920a7cc8ca2eeba4b985e29aca99826e0309afaed47c3244e506119ec249a
|
|
7
|
+
data.tar.gz: 88d7596b018cb3db89655b0443a667064679407bb7878165478227911263e5e6607830719985ee71f60537140b50169b3817ffc3c8198c4e36f065820dcad57d
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,16 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.77.0 (2023-02-21)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Documentation updates for AWS Security Hub
|
|
8
|
+
|
|
9
|
+
1.76.0 (2023-01-31)
|
|
10
|
+
------------------
|
|
11
|
+
|
|
12
|
+
* Feature - New fields have been added to the AWS Security Finding Format. Compliance.SecurityControlId is a unique identifier for a security control across standards. Compliance.AssociatedStandards contains all enabled standards in which a security control is enabled.
|
|
13
|
+
|
|
4
14
|
1.75.0 (2023-01-18)
|
|
5
15
|
------------------
|
|
6
16
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.77.0
|
|
@@ -1566,6 +1566,18 @@ module Aws::SecurityHub
|
|
|
1566
1566
|
# value: false,
|
|
1567
1567
|
# },
|
|
1568
1568
|
# ],
|
|
1569
|
+
# compliance_security_control_id: [
|
|
1570
|
+
# {
|
|
1571
|
+
# value: "NonEmptyString",
|
|
1572
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
1573
|
+
# },
|
|
1574
|
+
# ],
|
|
1575
|
+
# compliance_associated_standards_id: [
|
|
1576
|
+
# {
|
|
1577
|
+
# value: "NonEmptyString",
|
|
1578
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
1579
|
+
# },
|
|
1580
|
+
# ],
|
|
1569
1581
|
# },
|
|
1570
1582
|
# group_by_attribute: "NonEmptyString", # required
|
|
1571
1583
|
# })
|
|
@@ -2356,16 +2368,16 @@ module Aws::SecurityHub
|
|
|
2356
2368
|
# integrated with Security Hub.
|
|
2357
2369
|
#
|
|
2358
2370
|
# When you use the `EnableSecurityHub` operation to enable Security Hub,
|
|
2359
|
-
# you also automatically enable the following standards
|
|
2371
|
+
# you also automatically enable the following standards:
|
|
2360
2372
|
#
|
|
2361
|
-
# * CIS Amazon Web Services Foundations
|
|
2373
|
+
# * Center for Internet Security (CIS) Amazon Web Services Foundations
|
|
2374
|
+
# Benchmark v1.2.0
|
|
2362
2375
|
#
|
|
2363
2376
|
# * Amazon Web Services Foundational Security Best Practices
|
|
2364
2377
|
#
|
|
2365
|
-
#
|
|
2366
|
-
# (PCI DSS) standard.
|
|
2378
|
+
# Other standards are not automatically enabled.
|
|
2367
2379
|
#
|
|
2368
|
-
# To
|
|
2380
|
+
# To opt out of automatically enabled standards, set
|
|
2369
2381
|
# `EnableDefaultStandards` to `false`.
|
|
2370
2382
|
#
|
|
2371
2383
|
# After you enable Security Hub, to enable a standard, use the
|
|
@@ -3186,6 +3198,18 @@ module Aws::SecurityHub
|
|
|
3186
3198
|
# value: false,
|
|
3187
3199
|
# },
|
|
3188
3200
|
# ],
|
|
3201
|
+
# compliance_security_control_id: [
|
|
3202
|
+
# {
|
|
3203
|
+
# value: "NonEmptyString",
|
|
3204
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3205
|
+
# },
|
|
3206
|
+
# ],
|
|
3207
|
+
# compliance_associated_standards_id: [
|
|
3208
|
+
# {
|
|
3209
|
+
# value: "NonEmptyString",
|
|
3210
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3211
|
+
# },
|
|
3212
|
+
# ],
|
|
3189
3213
|
# },
|
|
3190
3214
|
# sort_criteria: [
|
|
3191
3215
|
# {
|
|
@@ -3590,6 +3614,12 @@ module Aws::SecurityHub
|
|
|
3590
3614
|
# resp.insights[0].filters.finding_provider_fields_types[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
3591
3615
|
# resp.insights[0].filters.sample #=> Array
|
|
3592
3616
|
# resp.insights[0].filters.sample[0].value #=> Boolean
|
|
3617
|
+
# resp.insights[0].filters.compliance_security_control_id #=> Array
|
|
3618
|
+
# resp.insights[0].filters.compliance_security_control_id[0].value #=> String
|
|
3619
|
+
# resp.insights[0].filters.compliance_security_control_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
3620
|
+
# resp.insights[0].filters.compliance_associated_standards_id #=> Array
|
|
3621
|
+
# resp.insights[0].filters.compliance_associated_standards_id[0].value #=> String
|
|
3622
|
+
# resp.insights[0].filters.compliance_associated_standards_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
3593
3623
|
# resp.insights[0].group_by_attribute #=> String
|
|
3594
3624
|
# resp.next_token #=> String
|
|
3595
3625
|
#
|
|
@@ -4832,6 +4862,18 @@ module Aws::SecurityHub
|
|
|
4832
4862
|
# value: false,
|
|
4833
4863
|
# },
|
|
4834
4864
|
# ],
|
|
4865
|
+
# compliance_security_control_id: [
|
|
4866
|
+
# {
|
|
4867
|
+
# value: "NonEmptyString",
|
|
4868
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
4869
|
+
# },
|
|
4870
|
+
# ],
|
|
4871
|
+
# compliance_associated_standards_id: [
|
|
4872
|
+
# {
|
|
4873
|
+
# value: "NonEmptyString",
|
|
4874
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
4875
|
+
# },
|
|
4876
|
+
# ],
|
|
4835
4877
|
# },
|
|
4836
4878
|
# note: {
|
|
4837
4879
|
# text: "NonEmptyString", # required
|
|
@@ -5492,6 +5534,18 @@ module Aws::SecurityHub
|
|
|
5492
5534
|
# value: false,
|
|
5493
5535
|
# },
|
|
5494
5536
|
# ],
|
|
5537
|
+
# compliance_security_control_id: [
|
|
5538
|
+
# {
|
|
5539
|
+
# value: "NonEmptyString",
|
|
5540
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
5541
|
+
# },
|
|
5542
|
+
# ],
|
|
5543
|
+
# compliance_associated_standards_id: [
|
|
5544
|
+
# {
|
|
5545
|
+
# value: "NonEmptyString",
|
|
5546
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
5547
|
+
# },
|
|
5548
|
+
# ],
|
|
5495
5549
|
# },
|
|
5496
5550
|
# group_by_attribute: "NonEmptyString",
|
|
5497
5551
|
# })
|
|
@@ -5623,7 +5677,7 @@ module Aws::SecurityHub
|
|
|
5623
5677
|
params: params,
|
|
5624
5678
|
config: config)
|
|
5625
5679
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
5626
|
-
context[:gem_version] = '1.
|
|
5680
|
+
context[:gem_version] = '1.77.0'
|
|
5627
5681
|
Seahorse::Client::Request.new(handlers, context)
|
|
5628
5682
|
end
|
|
5629
5683
|
|
|
@@ -36,6 +36,8 @@ module Aws::SecurityHub
|
|
|
36
36
|
AdminStatus = Shapes::StringShape.new(name: 'AdminStatus')
|
|
37
37
|
AdminsMaxResults = Shapes::IntegerShape.new(name: 'AdminsMaxResults')
|
|
38
38
|
ArnList = Shapes::ListShape.new(name: 'ArnList')
|
|
39
|
+
AssociatedStandard = Shapes::StructureShape.new(name: 'AssociatedStandard')
|
|
40
|
+
AssociatedStandardsList = Shapes::ListShape.new(name: 'AssociatedStandardsList')
|
|
39
41
|
AutoEnableStandards = Shapes::StringShape.new(name: 'AutoEnableStandards')
|
|
40
42
|
AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
|
|
41
43
|
AvailabilityZones = Shapes::ListShape.new(name: 'AvailabilityZones')
|
|
@@ -1009,6 +1011,11 @@ module Aws::SecurityHub
|
|
|
1009
1011
|
|
|
1010
1012
|
ArnList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
|
|
1011
1013
|
|
|
1014
|
+
AssociatedStandard.add_member(:standards_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "StandardsId"))
|
|
1015
|
+
AssociatedStandard.struct_class = Types::AssociatedStandard
|
|
1016
|
+
|
|
1017
|
+
AssociatedStandardsList.member = Shapes::ShapeRef.new(shape: AssociatedStandard)
|
|
1018
|
+
|
|
1012
1019
|
AvailabilityZone.add_member(:zone_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ZoneName"))
|
|
1013
1020
|
AvailabilityZone.add_member(:subnet_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SubnetId"))
|
|
1014
1021
|
AvailabilityZone.struct_class = Types::AvailabilityZone
|
|
@@ -3980,6 +3987,8 @@ module Aws::SecurityHub
|
|
|
3980
3987
|
AwsSecurityFindingFilters.add_member(:finding_provider_fields_severity_original, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsSeverityOriginal"))
|
|
3981
3988
|
AwsSecurityFindingFilters.add_member(:finding_provider_fields_types, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "FindingProviderFieldsTypes"))
|
|
3982
3989
|
AwsSecurityFindingFilters.add_member(:sample, Shapes::ShapeRef.new(shape: BooleanFilterList, location_name: "Sample"))
|
|
3990
|
+
AwsSecurityFindingFilters.add_member(:compliance_security_control_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ComplianceSecurityControlId"))
|
|
3991
|
+
AwsSecurityFindingFilters.add_member(:compliance_associated_standards_id, Shapes::ShapeRef.new(shape: StringFilterList, location_name: "ComplianceAssociatedStandardsId"))
|
|
3983
3992
|
AwsSecurityFindingFilters.struct_class = Types::AwsSecurityFindingFilters
|
|
3984
3993
|
|
|
3985
3994
|
AwsSecurityFindingIdentifier.add_member(:id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "Id"))
|
|
@@ -4337,6 +4346,8 @@ module Aws::SecurityHub
|
|
|
4337
4346
|
Compliance.add_member(:status, Shapes::ShapeRef.new(shape: ComplianceStatus, location_name: "Status"))
|
|
4338
4347
|
Compliance.add_member(:related_requirements, Shapes::ShapeRef.new(shape: RelatedRequirementsList, location_name: "RelatedRequirements"))
|
|
4339
4348
|
Compliance.add_member(:status_reasons, Shapes::ShapeRef.new(shape: StatusReasonsList, location_name: "StatusReasons"))
|
|
4349
|
+
Compliance.add_member(:security_control_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SecurityControlId"))
|
|
4350
|
+
Compliance.add_member(:associated_standards, Shapes::ShapeRef.new(shape: AssociatedStandardsList, location_name: "AssociatedStandards"))
|
|
4340
4351
|
Compliance.struct_class = Types::Compliance
|
|
4341
4352
|
|
|
4342
4353
|
ContainerDetails.add_member(:container_runtime, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ContainerRuntime"))
|
|
@@ -50,9 +50,6 @@ module Aws::SecurityHub
|
|
|
50
50
|
|
|
51
51
|
def initialize(options = {})
|
|
52
52
|
self[:region] = options[:region]
|
|
53
|
-
if self[:region].nil?
|
|
54
|
-
raise ArgumentError, "Missing required EndpointParameter: :region"
|
|
55
|
-
end
|
|
56
53
|
self[:use_dual_stack] = options[:use_dual_stack]
|
|
57
54
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
|
58
55
|
if self[:use_dual_stack].nil?
|
|
@@ -14,36 +14,39 @@ module Aws::SecurityHub
|
|
|
14
14
|
use_dual_stack = parameters.use_dual_stack
|
|
15
15
|
use_fips = parameters.use_fips
|
|
16
16
|
endpoint = parameters.endpoint
|
|
17
|
-
if
|
|
18
|
-
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
19
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
20
|
-
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
21
|
-
end
|
|
22
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
23
|
-
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
24
|
-
end
|
|
25
|
-
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
26
|
-
end
|
|
27
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
28
|
-
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
29
|
-
return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
30
|
-
end
|
|
31
|
-
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
32
|
-
end
|
|
17
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
33
18
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
34
|
-
|
|
35
|
-
return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
36
|
-
end
|
|
37
|
-
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
19
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
38
20
|
end
|
|
39
21
|
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
40
|
-
|
|
41
|
-
|
|
22
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
23
|
+
end
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
25
|
+
end
|
|
26
|
+
if Aws::Endpoints::Matchers.set?(region)
|
|
27
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
29
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
31
|
+
end
|
|
32
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
33
|
+
end
|
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://securityhub-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
37
|
+
end
|
|
38
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
39
|
+
end
|
|
40
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
41
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
43
|
+
end
|
|
44
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
|
42
45
|
end
|
|
43
|
-
|
|
46
|
+
return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
44
47
|
end
|
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://securityhub.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
46
48
|
end
|
|
49
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
|
47
50
|
raise ArgumentError, 'No endpoint could be resolved'
|
|
48
51
|
|
|
49
52
|
end
|