aws-sdk-securityhub 1.79.0 → 1.80.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -388,6 +388,18 @@ module Aws::SecurityHub
388
388
  #
389
389
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
390
390
  #
391
+ #
392
+ # @example Example: To accept an invitation be a member account
393
+ #
394
+ # # The following example demonstrates how an account can accept an invitation from the Security Hub administrator account
395
+ # # to be a member account. This operation is applicable only to member accounts that are not added through AWS
396
+ # # Organizations.
397
+ #
398
+ # resp = client.accept_administrator_invitation({
399
+ # administrator_id: "123456789012",
400
+ # invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
401
+ # })
402
+ #
391
403
  # @example Request syntax with placeholder values
392
404
  #
393
405
  # resp = client.accept_administrator_invitation({
@@ -468,6 +480,30 @@ module Aws::SecurityHub
468
480
  #
469
481
  # * {Types::BatchDisableStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
470
482
  #
483
+ #
484
+ # @example Example: To disable one or more security standards
485
+ #
486
+ # # The following example disables a security standard in Security Hub.
487
+ #
488
+ # resp = client.batch_disable_standards({
489
+ # standards_subscription_arns: [
490
+ # "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
491
+ # ],
492
+ # })
493
+ #
494
+ # resp.to_h outputs the following:
495
+ # {
496
+ # standards_subscriptions: [
497
+ # {
498
+ # standards_arn: "arn:aws:securityhub:eu-central-1::standards/pci-dss/v/3.2.1",
499
+ # standards_input: {
500
+ # },
501
+ # standards_status: "DELETING",
502
+ # standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
503
+ # },
504
+ # ],
505
+ # }
506
+ #
471
507
  # @example Request syntax with placeholder values
472
508
  #
473
509
  # resp = client.batch_disable_standards({
@@ -510,6 +546,32 @@ module Aws::SecurityHub
510
546
  #
511
547
  # * {Types::BatchEnableStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
512
548
  #
549
+ #
550
+ # @example Example: To import security findings from a third party provider to Security Hub
551
+ #
552
+ # # The following example imports findings from a third party provider to Security Hub.
553
+ #
554
+ # resp = client.batch_enable_standards({
555
+ # standards_subscription_requests: [
556
+ # {
557
+ # standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
558
+ # },
559
+ # ],
560
+ # })
561
+ #
562
+ # resp.to_h outputs the following:
563
+ # {
564
+ # standards_subscriptions: [
565
+ # {
566
+ # standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
567
+ # standards_input: {
568
+ # },
569
+ # standards_status: "PENDING",
570
+ # standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
571
+ # },
572
+ # ],
573
+ # }
574
+ #
513
575
  # @example Request syntax with placeholder values
514
576
  #
515
577
  # resp = client.batch_enable_standards({
@@ -710,6 +772,52 @@ module Aws::SecurityHub
710
772
  # * {Types::BatchImportFindingsResponse#success_count #success_count} => Integer
711
773
  # * {Types::BatchImportFindingsResponse#failed_findings #failed_findings} => Array<Types::ImportFindingsError>
712
774
  #
775
+ #
776
+ # @example Example: To import security findings from a third party provider to Security Hub
777
+ #
778
+ # # The following example imports findings from a third party provider to Security Hub.
779
+ #
780
+ # resp = client.batch_import_findings({
781
+ # findings: [
782
+ # {
783
+ # aws_account_id: "123456789012",
784
+ # created_at: "2020-05-27T17:05:54.832Z",
785
+ # description: "Vulnerability in a CloudTrail trail",
786
+ # finding_provider_fields: {
787
+ # severity: {
788
+ # label: "LOW",
789
+ # original: "10",
790
+ # },
791
+ # types: [
792
+ # "Software and Configuration Checks/Vulnerabilities/CVE",
793
+ # ],
794
+ # },
795
+ # generator_id: "TestGeneratorId",
796
+ # id: "Id1",
797
+ # product_arn: "arn:aws:securityhub:us-west-1:123456789012:product/123456789012/default",
798
+ # resources: [
799
+ # {
800
+ # id: "arn:aws:cloudtrail:us-west-1:123456789012:trail/TrailName",
801
+ # partition: "aws",
802
+ # region: "us-west-1",
803
+ # type: "AwsCloudTrailTrail",
804
+ # },
805
+ # ],
806
+ # schema_version: "2018-10-08",
807
+ # title: "CloudTrail trail vulnerability",
808
+ # updated_at: "2020-06-02T16:05:54.832Z",
809
+ # },
810
+ # ],
811
+ # })
812
+ #
813
+ # resp.to_h outputs the following:
814
+ # {
815
+ # failed_count: 123,
816
+ # failed_findings: [
817
+ # ],
818
+ # success_count: 123,
819
+ # }
820
+ #
713
821
  # @example Response structure
714
822
  #
715
823
  # resp.failed_count #=> Integer
@@ -844,6 +952,66 @@ module Aws::SecurityHub
844
952
  # * {Types::BatchUpdateFindingsResponse#processed_findings #processed_findings} => Array<Types::AwsSecurityFindingIdentifier>
845
953
  # * {Types::BatchUpdateFindingsResponse#unprocessed_findings #unprocessed_findings} => Array<Types::BatchUpdateFindingsUnprocessedFinding>
846
954
  #
955
+ #
956
+ # @example Example: To update Security Hub findings
957
+ #
958
+ # # The following example updates Security Hub findings. The finding identifier parameter specifies which findings to
959
+ # # update. Only specific finding fields can be updated with this operation.
960
+ #
961
+ # resp = client.batch_update_findings({
962
+ # confidence: 80,
963
+ # criticality: 80,
964
+ # finding_identifiers: [
965
+ # {
966
+ # id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
967
+ # product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
968
+ # },
969
+ # {
970
+ # id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
971
+ # product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
972
+ # },
973
+ # ],
974
+ # note: {
975
+ # text: "Known issue that is not a risk.",
976
+ # updated_by: "user1",
977
+ # },
978
+ # related_findings: [
979
+ # {
980
+ # id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333",
981
+ # product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
982
+ # },
983
+ # ],
984
+ # severity: {
985
+ # label: "LOW",
986
+ # },
987
+ # types: [
988
+ # "Software and Configuration Checks/Vulnerabilities/CVE",
989
+ # ],
990
+ # user_defined_fields: {
991
+ # "reviewedByCio" => "true",
992
+ # },
993
+ # verification_state: "TRUE_POSITIVE",
994
+ # workflow: {
995
+ # status: "RESOLVED",
996
+ # },
997
+ # })
998
+ #
999
+ # resp.to_h outputs the following:
1000
+ # {
1001
+ # processed_findings: [
1002
+ # {
1003
+ # id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
1004
+ # product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
1005
+ # },
1006
+ # {
1007
+ # id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
1008
+ # product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
1009
+ # },
1010
+ # ],
1011
+ # unprocessed_findings: [
1012
+ # ],
1013
+ # }
1014
+ #
847
1015
  # @example Request syntax with placeholder values
848
1016
  #
849
1017
  # resp = client.batch_update_findings({
@@ -962,6 +1130,23 @@ module Aws::SecurityHub
962
1130
  #
963
1131
  # * {Types::CreateActionTargetResponse#action_target_arn #action_target_arn} => String
964
1132
  #
1133
+ #
1134
+ # @example Example: To create a custom action target
1135
+ #
1136
+ # # The following example creates a custom action target in Security Hub. Custom actions on findings and insights
1137
+ # # automatically trigger actions in Amazon CloudWatch Events.
1138
+ #
1139
+ # resp = client.create_action_target({
1140
+ # description: "Action to send the finding for remediation tracking",
1141
+ # id: "Remediation",
1142
+ # name: "Send to remediation",
1143
+ # })
1144
+ #
1145
+ # resp.to_h outputs the following:
1146
+ # {
1147
+ # action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
1148
+ # }
1149
+ #
965
1150
  # @example Request syntax with placeholder values
966
1151
  #
967
1152
  # resp = client.create_action_target({
@@ -1035,6 +1220,30 @@ module Aws::SecurityHub
1035
1220
  # * {Types::CreateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
1036
1221
  # * {Types::CreateFindingAggregatorResponse#regions #regions} => Array<String>
1037
1222
  #
1223
+ #
1224
+ # @example Example: To enable cross-Region aggregation
1225
+ #
1226
+ # # The following example creates a finding aggregator. This is required to enable cross-Region aggregation.
1227
+ #
1228
+ # resp = client.create_finding_aggregator({
1229
+ # region_linking_mode: "SPECIFIED_REGIONS",
1230
+ # regions: [
1231
+ # "us-west-1",
1232
+ # "us-west-2",
1233
+ # ],
1234
+ # })
1235
+ #
1236
+ # resp.to_h outputs the following:
1237
+ # {
1238
+ # finding_aggregation_region: "us-east-1",
1239
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:222222222222:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
1240
+ # region_linking_mode: "SPECIFIED_REGIONS",
1241
+ # regions: [
1242
+ # "us-west-1",
1243
+ # "us-west-2",
1244
+ # ],
1245
+ # }
1246
+ #
1038
1247
  # @example Request syntax with placeholder values
1039
1248
  #
1040
1249
  # resp = client.create_finding_aggregator({
@@ -1084,6 +1293,36 @@ module Aws::SecurityHub
1084
1293
  #
1085
1294
  # * {Types::CreateInsightResponse#insight_arn #insight_arn} => String
1086
1295
  #
1296
+ #
1297
+ # @example Example: To create a custom insight
1298
+ #
1299
+ # # The following example creates a custom insight in Security Hub. An insight is a collection of findings that relate to a
1300
+ # # security issue.
1301
+ #
1302
+ # resp = client.create_insight({
1303
+ # filters: {
1304
+ # resource_type: [
1305
+ # {
1306
+ # comparison: "EQUALS",
1307
+ # value: "AwsIamRole",
1308
+ # },
1309
+ # ],
1310
+ # severity_label: [
1311
+ # {
1312
+ # comparison: "EQUALS",
1313
+ # value: "CRITICAL",
1314
+ # },
1315
+ # ],
1316
+ # },
1317
+ # group_by_attribute: "ResourceId",
1318
+ # name: "Critical role findings",
1319
+ # })
1320
+ #
1321
+ # resp.to_h outputs the following:
1322
+ # {
1323
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
1324
+ # }
1325
+ #
1087
1326
  # @example Request syntax with placeholder values
1088
1327
  #
1089
1328
  # resp = client.create_insight({
@@ -1796,6 +2035,29 @@ module Aws::SecurityHub
1796
2035
  #
1797
2036
  # * {Types::CreateMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
1798
2037
  #
2038
+ #
2039
+ # @example Example: To add a member account
2040
+ #
2041
+ # # The following example creates a member association between the specified accounts and the administrator account (the
2042
+ # # account that makes the request). This operation is used to add accounts that aren't part of an organization.
2043
+ #
2044
+ # resp = client.create_members({
2045
+ # account_details: [
2046
+ # {
2047
+ # account_id: "123456789012",
2048
+ # },
2049
+ # {
2050
+ # account_id: "111122223333",
2051
+ # },
2052
+ # ],
2053
+ # })
2054
+ #
2055
+ # resp.to_h outputs the following:
2056
+ # {
2057
+ # unprocessed_accounts: [
2058
+ # ],
2059
+ # }
2060
+ #
1799
2061
  # @example Request syntax with placeholder values
1800
2062
  #
1801
2063
  # resp = client.create_members({
@@ -1838,6 +2100,25 @@ module Aws::SecurityHub
1838
2100
  #
1839
2101
  # * {Types::DeclineInvitationsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
1840
2102
  #
2103
+ #
2104
+ # @example Example: To decline invitation to become a member account
2105
+ #
2106
+ # # The following example declines an invitation from the Security Hub administrator account to become a member account. The
2107
+ # # invited account makes the request.
2108
+ #
2109
+ # resp = client.decline_invitations({
2110
+ # account_ids: [
2111
+ # "123456789012",
2112
+ # "111122223333",
2113
+ # ],
2114
+ # })
2115
+ #
2116
+ # resp.to_h outputs the following:
2117
+ # {
2118
+ # unprocessed_accounts: [
2119
+ # ],
2120
+ # }
2121
+ #
1841
2122
  # @example Request syntax with placeholder values
1842
2123
  #
1843
2124
  # resp = client.decline_invitations({
@@ -1872,6 +2153,22 @@ module Aws::SecurityHub
1872
2153
  #
1873
2154
  # * {Types::DeleteActionTargetResponse#action_target_arn #action_target_arn} => String
1874
2155
  #
2156
+ #
2157
+ # @example Example: To delete a custom action target
2158
+ #
2159
+ # # The following example deletes a custom action target that triggers target actions in Amazon CloudWatch Events. Deleting
2160
+ # # a custom action target doesn't affect findings or insights that were already sent to CloudWatch Events based on the
2161
+ # # custom action.
2162
+ #
2163
+ # resp = client.delete_action_target({
2164
+ # action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
2165
+ # })
2166
+ #
2167
+ # resp.to_h outputs the following:
2168
+ # {
2169
+ # action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
2170
+ # }
2171
+ #
1875
2172
  # @example Request syntax with placeholder values
1876
2173
  #
1877
2174
  # resp = client.delete_action_target({
@@ -1905,6 +2202,16 @@ module Aws::SecurityHub
1905
2202
  #
1906
2203
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1907
2204
  #
2205
+ #
2206
+ # @example Example: To delete a finding aggregator
2207
+ #
2208
+ # # The following example deletes a finding aggregator in Security Hub. Deleting the finding aggregator stops cross-Region
2209
+ # # aggregation. This operation produces no output.
2210
+ #
2211
+ # resp = client.delete_finding_aggregator({
2212
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
2213
+ # })
2214
+ #
1908
2215
  # @example Request syntax with placeholder values
1909
2216
  #
1910
2217
  # resp = client.delete_finding_aggregator({
@@ -1929,6 +2236,20 @@ module Aws::SecurityHub
1929
2236
  #
1930
2237
  # * {Types::DeleteInsightResponse#insight_arn #insight_arn} => String
1931
2238
  #
2239
+ #
2240
+ # @example Example: To delete a custom insight
2241
+ #
2242
+ # # The following example deletes a custom insight in Security Hub.
2243
+ #
2244
+ # resp = client.delete_insight({
2245
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
2246
+ # })
2247
+ #
2248
+ # resp.to_h outputs the following:
2249
+ # {
2250
+ # insight_arn: "arn:aws:securityhub:eu-central-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
2251
+ # }
2252
+ #
1932
2253
  # @example Request syntax with placeholder values
1933
2254
  #
1934
2255
  # resp = client.delete_insight({
@@ -1966,6 +2287,25 @@ module Aws::SecurityHub
1966
2287
  #
1967
2288
  # * {Types::DeleteInvitationsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
1968
2289
  #
2290
+ #
2291
+ # @example Example: To delete a custom insight
2292
+ #
2293
+ # # The following example deletes an invitation sent by the Security Hub administrator account to a prospective member
2294
+ # # account. This operation is used only for invitations sent to accounts that aren't part of an organization. Organization
2295
+ # # accounts don't receive invitations.
2296
+ #
2297
+ # resp = client.delete_invitations({
2298
+ # account_ids: [
2299
+ # "123456789012",
2300
+ # ],
2301
+ # })
2302
+ #
2303
+ # resp.to_h outputs the following:
2304
+ # {
2305
+ # unprocessed_accounts: [
2306
+ # ],
2307
+ # }
2308
+ #
1969
2309
  # @example Request syntax with placeholder values
1970
2310
  #
1971
2311
  # resp = client.delete_invitations({
@@ -1999,6 +2339,25 @@ module Aws::SecurityHub
1999
2339
  #
2000
2340
  # * {Types::DeleteMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
2001
2341
  #
2342
+ #
2343
+ # @example Example: To delete a member account
2344
+ #
2345
+ # # The following example deletes the specified member account from Security Hub. This operation can be used to delete
2346
+ # # member accounts that are part of an organization or that were invited manually.
2347
+ #
2348
+ # resp = client.delete_members({
2349
+ # account_ids: [
2350
+ # "123456789111",
2351
+ # "123456789222",
2352
+ # ],
2353
+ # })
2354
+ #
2355
+ # resp.to_h outputs the following:
2356
+ # {
2357
+ # unprocessed_accounts: [
2358
+ # ],
2359
+ # }
2360
+ #
2002
2361
  # @example Request syntax with placeholder values
2003
2362
  #
2004
2363
  # resp = client.delete_members({
@@ -2046,6 +2405,29 @@ module Aws::SecurityHub
2046
2405
  #
2047
2406
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2048
2407
  #
2408
+ #
2409
+ # @example Example: To return custom action targets
2410
+ #
2411
+ # # The following example returns a list of custom action targets. You use custom actions on findings and insights in
2412
+ # # Security Hub to trigger target actions in Amazon CloudWatch Events.
2413
+ #
2414
+ # resp = client.describe_action_targets({
2415
+ # action_target_arns: [
2416
+ # "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
2417
+ # ],
2418
+ # })
2419
+ #
2420
+ # resp.to_h outputs the following:
2421
+ # {
2422
+ # action_targets: [
2423
+ # {
2424
+ # action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
2425
+ # description: "Action to send the finding for remediation tracking",
2426
+ # name: "Send to remediation",
2427
+ # },
2428
+ # ],
2429
+ # }
2430
+ #
2049
2431
  # @example Request syntax with placeholder values
2050
2432
  #
2051
2433
  # resp = client.describe_action_targets({
@@ -2084,6 +2466,24 @@ module Aws::SecurityHub
2084
2466
  # * {Types::DescribeHubResponse#auto_enable_controls #auto_enable_controls} => Boolean
2085
2467
  # * {Types::DescribeHubResponse#control_finding_generator #control_finding_generator} => String
2086
2468
  #
2469
+ #
2470
+ # @example Example: To return details about Hub resource
2471
+ #
2472
+ # # The following example returns details about the Hub resource in the calling account. The Hub resource represents the
2473
+ # # implementation of the AWS Security Hub service in the calling account.
2474
+ #
2475
+ # resp = client.describe_hub({
2476
+ # hub_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
2477
+ # })
2478
+ #
2479
+ # resp.to_h outputs the following:
2480
+ # {
2481
+ # auto_enable_controls: true,
2482
+ # control_finding_generator: "SECURITY_CONTROL",
2483
+ # hub_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
2484
+ # subscribed_at: "2019-11-19T23:15:10.046Z",
2485
+ # }
2486
+ #
2087
2487
  # @example Request syntax with placeholder values
2088
2488
  #
2089
2489
  # resp = client.describe_hub({
@@ -2115,6 +2515,22 @@ module Aws::SecurityHub
2115
2515
  # * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
2116
2516
  # * {Types::DescribeOrganizationConfigurationResponse#auto_enable_standards #auto_enable_standards} => String
2117
2517
  #
2518
+ #
2519
+ # @example Example: To get information about Organizations configuration
2520
+ #
2521
+ # # The following example returns details about the way in which AWS Organizations is configured for a Security Hub account
2522
+ # # that belongs to an organization. Only a Security Hub administrator account can call this operation.
2523
+ #
2524
+ # resp = client.describe_organization_configuration({
2525
+ # })
2526
+ #
2527
+ # resp.to_h outputs the following:
2528
+ # {
2529
+ # auto_enable: true,
2530
+ # auto_enable_standards: "DEFAULT",
2531
+ # member_account_limit_reached: true,
2532
+ # }
2533
+ #
2118
2534
  # @example Response structure
2119
2535
  #
2120
2536
  # resp.auto_enable #=> Boolean
@@ -2160,6 +2576,43 @@ module Aws::SecurityHub
2160
2576
  #
2161
2577
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2162
2578
  #
2579
+ #
2580
+ # @example Example: To get information about Security Hub integrations
2581
+ #
2582
+ # # The following example returns details about AWS services and third-party products that Security Hub integrates with.
2583
+ #
2584
+ # resp = client.describe_products({
2585
+ # max_results: 1,
2586
+ # next_token: "NULL",
2587
+ # product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
2588
+ # })
2589
+ #
2590
+ # resp.to_h outputs the following:
2591
+ # {
2592
+ # next_token: "U2FsdGVkX18vvPlOqb7RDrWRWVFBJI46MOIAb+nZmRJmR15NoRi2gm13sdQEn3O/pq/78dGs+bKpgA+7HMPHO0qX33/zoRI+uIG/F9yLNhcOrOWzFUdy36JcXLQji3Rpnn/cD1SVkGA98qI3zPOSDg==",
2593
+ # products: [
2594
+ # {
2595
+ # activation_url: "https://falcon.crowdstrike.com/support/documentation",
2596
+ # categories: [
2597
+ # "Endpoint Detection and Response (EDR)",
2598
+ # "AV Scanning and Sandboxing",
2599
+ # "Threat Intelligence Feeds and Reports",
2600
+ # "Endpoint Forensics",
2601
+ # "Network Forensics",
2602
+ # ],
2603
+ # company_name: "CrowdStrike",
2604
+ # description: "CrowdStrike Falcon's single lightweight sensor unifies next-gen antivirus, endpoint detection and response, and 24/7 managed hunting, via the cloud.",
2605
+ # integration_types: [
2606
+ # "SEND_FINDINGS_TO_SECURITY_HUB",
2607
+ # ],
2608
+ # marketplace_url: "https://aws.amazon.com/marketplace/seller-profile?id=a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
2609
+ # product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
2610
+ # product_name: "CrowdStrike Falcon",
2611
+ # product_subscription_resource_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789333\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789012:product-subscription/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}},{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789012\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789333:product/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}}]}",
2612
+ # },
2613
+ # ],
2614
+ # }
2615
+ #
2163
2616
  # @example Request syntax with placeholder values
2164
2617
  #
2165
2618
  # resp = client.describe_products({
@@ -2217,6 +2670,44 @@ module Aws::SecurityHub
2217
2670
  #
2218
2671
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2219
2672
  #
2673
+ #
2674
+ # @example Example: To get available Security Hub standards
2675
+ #
2676
+ # # The following example returns a list of available security standards in Security Hub.
2677
+ #
2678
+ # resp = client.describe_standards({
2679
+ # })
2680
+ #
2681
+ # resp.to_h outputs the following:
2682
+ # {
2683
+ # standards: [
2684
+ # {
2685
+ # description: "The AWS Foundational Security Best Practices standard is a set of automated security checks that detect when AWS accounts and deployed resources do not align to security best practices. The standard is defined by AWS security experts. This curated set of controls helps improve your security posture in AWS, and cover AWS's most popular and foundational services.",
2686
+ # enabled_by_default: true,
2687
+ # name: "AWS Foundational Security Best Practices v1.0.0",
2688
+ # standards_arn: "arn:aws:securityhub:us-west-1::standards/aws-foundational-security-best-practices/v/1.0.0",
2689
+ # },
2690
+ # {
2691
+ # description: "The Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 is a set of security configuration best practices for AWS. This Security Hub standard automatically checks for your compliance readiness against a subset of CIS requirements.",
2692
+ # enabled_by_default: true,
2693
+ # name: "CIS AWS Foundations Benchmark v1.2.0",
2694
+ # standards_arn: "arn:aws:securityhub:us-west-1::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
2695
+ # },
2696
+ # {
2697
+ # description: "The Center for Internet Security (CIS) AWS Foundations Benchmark v1.4.0 is a set of security configuration best practices for AWS. This Security Hub standard automatically checks for your compliance readiness against a subset of CIS requirements.",
2698
+ # enabled_by_default: false,
2699
+ # name: "CIS AWS Foundations Benchmark v1.4.0",
2700
+ # standards_arn: "arn:aws::securityhub:us-west-1::standards/cis-aws-foundations-benchmark/v/1.4.0",
2701
+ # },
2702
+ # {
2703
+ # description: "The Payment Card Industry Data Security Standard (PCI DSS) v3.2.1 is an information security standard for entities that store, process, and/or transmit cardholder data. This Security Hub standard automatically checks for your compliance readiness against a subset of PCI DSS requirements.",
2704
+ # enabled_by_default: false,
2705
+ # name: "PCI DSS v3.2.1",
2706
+ # standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
2707
+ # },
2708
+ # ],
2709
+ # }
2710
+ #
2220
2711
  # @example Request syntax with placeholder values
2221
2712
  #
2222
2713
  # resp = client.describe_standards({
@@ -2274,6 +2765,51 @@ module Aws::SecurityHub
2274
2765
  #
2275
2766
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2276
2767
  #
2768
+ #
2769
+ # @example Example: To get a list of controls for a security standard
2770
+ #
2771
+ # # The following example returns a list of security controls and control details that apply to a specified security
2772
+ # # standard. The list includes controls that are enabled and disabled in the standard.
2773
+ #
2774
+ # resp = client.describe_standards_controls({
2775
+ # max_results: 2,
2776
+ # next_token: "NULL",
2777
+ # standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
2778
+ # })
2779
+ #
2780
+ # resp.to_h outputs the following:
2781
+ # {
2782
+ # controls: [
2783
+ # {
2784
+ # control_id: "PCI.AutoScaling.1",
2785
+ # control_status: "ENABLED",
2786
+ # control_status_updated_at: Time.parse("2020-05-15T18:49:04.473000+00:00"),
2787
+ # description: "This AWS control checks whether your Auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks.",
2788
+ # related_requirements: [
2789
+ # "PCI DSS 2.2",
2790
+ # ],
2791
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/PCI.AutoScaling.1/remediation",
2792
+ # severity_rating: "LOW",
2793
+ # standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.AutoScaling.1",
2794
+ # title: "Auto scaling groups associated with a load balancer should use health checks",
2795
+ # },
2796
+ # {
2797
+ # control_id: "PCI.CW.1",
2798
+ # control_status: "ENABLED",
2799
+ # control_status_updated_at: Time.parse("2020-05-15T18:49:04.498000+00:00"),
2800
+ # description: "This control checks for the CloudWatch metric filters using the following pattern { $.userIdentity.type = \"Root\" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != \"AwsServiceEvent\" } It checks that the log group name is configured for use with active multi-region CloudTrail, that there is at least one Event Selector for a Trail with IncludeManagementEvents set to true and ReadWriteType set to All, and that there is at least one active subscriber to an SNS topic associated with the alarm.",
2801
+ # related_requirements: [
2802
+ # "PCI DSS 7.2.1",
2803
+ # ],
2804
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/PCI.CW.1/remediation",
2805
+ # severity_rating: "MEDIUM",
2806
+ # standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.CW.1",
2807
+ # title: "A log metric filter and alarm should exist for usage of the \"root\" user",
2808
+ # },
2809
+ # ],
2810
+ # next_token: "U2FsdGVkX1+eNkPoZHVl11ip5HUYQPWSWZGmftcmJiHL8JoKEsCDuaKayiPDyLK+LiTkShveoOdvfxXCkOBaGhohIXhsIedN+LSjQV/l7kfCfJcq4PziNC1N9xe9aq2pjlLVZnznTfSImrodT5bRNHe4fELCQq/z+5ka+5Lzmc11axcwTd5lKgQyQqmUVoeriHZhyIiBgWKf7oNYdBVG8OEortVWvSkoUTt+B2ThcnC7l43kI0UNxlkZ6sc64AsW",
2811
+ # }
2812
+ #
2277
2813
  # @example Request syntax with placeholder values
2278
2814
  #
2279
2815
  # resp = client.describe_standards_controls({
@@ -2316,6 +2852,16 @@ module Aws::SecurityHub
2316
2852
  #
2317
2853
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2318
2854
  #
2855
+ #
2856
+ # @example Example: To end a Security Hub integration
2857
+ #
2858
+ # # The following example ends an integration between Security Hub and the specified product that sends findings to Security
2859
+ # # Hub. After the integration ends, the product no longer sends findings to Security Hub.
2860
+ #
2861
+ # resp = client.disable_import_findings_for_product({
2862
+ # product_subscription_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
2863
+ # })
2864
+ #
2319
2865
  # @example Request syntax with placeholder values
2320
2866
  #
2321
2867
  # resp = client.disable_import_findings_for_product({
@@ -2340,6 +2886,16 @@ module Aws::SecurityHub
2340
2886
  #
2341
2887
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2342
2888
  #
2889
+ #
2890
+ # @example Example: To remove a Security Hub administrator account
2891
+ #
2892
+ # # The following example removes the Security Hub administrator account in the Region from which the operation was
2893
+ # # executed. This operation doesn't remove the delegated administrator account in AWS Organizations.
2894
+ #
2895
+ # resp = client.disable_organization_admin_account({
2896
+ # admin_account_id: "123456789012",
2897
+ # })
2898
+ #
2343
2899
  # @example Request syntax with placeholder values
2344
2900
  #
2345
2901
  # resp = client.disable_organization_admin_account({
@@ -2372,6 +2928,14 @@ module Aws::SecurityHub
2372
2928
  #
2373
2929
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2374
2930
  #
2931
+ #
2932
+ # @example Example: To deactivate Security Hub
2933
+ #
2934
+ # # The following example deactivates Security Hub for the current account and Region.
2935
+ #
2936
+ # resp = client.disable_security_hub({
2937
+ # })
2938
+ #
2375
2939
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHub AWS API Documentation
2376
2940
  #
2377
2941
  # @overload disable_security_hub(params = {})
@@ -2390,6 +2954,14 @@ module Aws::SecurityHub
2390
2954
  #
2391
2955
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2392
2956
  #
2957
+ #
2958
+ # @example Example: To disassociate requesting account from administrator account
2959
+ #
2960
+ # # The following example dissociates the requesting account from its associated administrator account.
2961
+ #
2962
+ # resp = client.disassociate_from_administrator_account({
2963
+ # })
2964
+ #
2393
2965
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccount AWS API Documentation
2394
2966
  #
2395
2967
  # @overload disassociate_from_administrator_account(params = {})
@@ -2441,6 +3013,18 @@ module Aws::SecurityHub
2441
3013
  #
2442
3014
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2443
3015
  #
3016
+ #
3017
+ # @example Example: To disassociate member accounts from administrator account
3018
+ #
3019
+ # # The following example dissociates the specified member accounts from the associated administrator account.
3020
+ #
3021
+ # resp = client.disassociate_members({
3022
+ # account_ids: [
3023
+ # "123456789012",
3024
+ # "111122223333",
3025
+ # ],
3026
+ # })
3027
+ #
2444
3028
  # @example Request syntax with placeholder values
2445
3029
  #
2446
3030
  # resp = client.disassociate_members({
@@ -2470,6 +3054,21 @@ module Aws::SecurityHub
2470
3054
  #
2471
3055
  # * {Types::EnableImportFindingsForProductResponse#product_subscription_arn #product_subscription_arn} => String
2472
3056
  #
3057
+ #
3058
+ # @example Example: To activate an integration
3059
+ #
3060
+ # # The following example activates an integration between Security Hub and a third party partner product that sends
3061
+ # # findings to Security Hub.
3062
+ #
3063
+ # resp = client.enable_import_findings_for_product({
3064
+ # product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
3065
+ # })
3066
+ #
3067
+ # resp.to_h outputs the following:
3068
+ # {
3069
+ # product_subscription_arn: "arn:aws:securityhub:us-east-1:517716713836:product-subscription/crowdstrike/crowdstrike-falcon",
3070
+ # }
3071
+ #
2473
3072
  # @example Request syntax with placeholder values
2474
3073
  #
2475
3074
  # resp = client.enable_import_findings_for_product({
@@ -2498,6 +3097,16 @@ module Aws::SecurityHub
2498
3097
  #
2499
3098
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2500
3099
  #
3100
+ #
3101
+ # @example Example: To designate a Security Hub administrator
3102
+ #
3103
+ # # The following example designates the specified account as the Security Hub administrator account. The requesting account
3104
+ # # must be the organization management account.
3105
+ #
3106
+ # resp = client.enable_organization_admin_account({
3107
+ # admin_account_id: "123456789012",
3108
+ # })
3109
+ #
2501
3110
  # @example Request syntax with placeholder values
2502
3111
  #
2503
3112
  # resp = client.enable_organization_admin_account({
@@ -2572,6 +3181,21 @@ module Aws::SecurityHub
2572
3181
  #
2573
3182
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2574
3183
  #
3184
+ #
3185
+ # @example Example: To activate Security Hub
3186
+ #
3187
+ # # The following example activates the Security Hub service in the requesting AWS account. The service is activated in the
3188
+ # # current AWS Region or the Region that you specify in the request. Some standards are automatically turned on in your
3189
+ # # account unless you opt out. To determine which standards are automatically turned on, see the Security Hub
3190
+ # # documentation.
3191
+ #
3192
+ # resp = client.enable_security_hub({
3193
+ # enable_default_standards: true,
3194
+ # tags: {
3195
+ # "Department" => "Security",
3196
+ # },
3197
+ # })
3198
+ #
2575
3199
  # @example Request syntax with placeholder values
2576
3200
  #
2577
3201
  # resp = client.enable_security_hub({
@@ -2601,6 +3225,24 @@ module Aws::SecurityHub
2601
3225
  #
2602
3226
  # * {Types::GetAdministratorAccountResponse#administrator #administrator} => Types::Invitation
2603
3227
  #
3228
+ #
3229
+ # @example Example: To get details about the Security Hub administrator account
3230
+ #
3231
+ # # The following example provides details about the Security Hub administrator account for the requesting member account.
3232
+ #
3233
+ # resp = client.get_administrator_account({
3234
+ # })
3235
+ #
3236
+ # resp.to_h outputs the following:
3237
+ # {
3238
+ # administrator: {
3239
+ # account_id: "123456789012",
3240
+ # invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
3241
+ # invited_at: Time.parse("2020-06-01T20:21:18.042000+00:00"),
3242
+ # member_status: "ASSOCIATED",
3243
+ # },
3244
+ # }
3245
+ #
2604
3246
  # @example Response structure
2605
3247
  #
2606
3248
  # resp.administrator.account_id #=> String
@@ -2642,6 +3284,30 @@ module Aws::SecurityHub
2642
3284
  #
2643
3285
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2644
3286
  #
3287
+ #
3288
+ # @example Example: To return a list of enabled standards
3289
+ #
3290
+ # # The following example returns a list of Security Hub standards that are currently enabled in your account.
3291
+ #
3292
+ # resp = client.get_enabled_standards({
3293
+ # standards_subscription_arns: [
3294
+ # "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
3295
+ # ],
3296
+ # })
3297
+ #
3298
+ # resp.to_h outputs the following:
3299
+ # {
3300
+ # standards_subscriptions: [
3301
+ # {
3302
+ # standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
3303
+ # standards_input: {
3304
+ # },
3305
+ # standards_status: "READY",
3306
+ # standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
3307
+ # },
3308
+ # ],
3309
+ # }
3310
+ #
2645
3311
  # @example Request syntax with placeholder values
2646
3312
  #
2647
3313
  # resp = client.get_enabled_standards({
@@ -2683,6 +3349,26 @@ module Aws::SecurityHub
2683
3349
  # * {Types::GetFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
2684
3350
  # * {Types::GetFindingAggregatorResponse#regions #regions} => Array<String>
2685
3351
  #
3352
+ #
3353
+ # @example Example: To get cross-Region aggregation details
3354
+ #
3355
+ # # The following example returns cross-Region aggregation details for the requesting account.
3356
+ #
3357
+ # resp = client.get_finding_aggregator({
3358
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3359
+ # })
3360
+ #
3361
+ # resp.to_h outputs the following:
3362
+ # {
3363
+ # finding_aggregation_region: "us-east-1",
3364
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3365
+ # region_linking_mode: "SPECIFIED_REGIONS",
3366
+ # regions: [
3367
+ # "us-west-1",
3368
+ # "us-west-2",
3369
+ # ],
3370
+ # }
3371
+ #
2686
3372
  # @example Request syntax with placeholder values
2687
3373
  #
2688
3374
  # resp = client.get_finding_aggregator({
@@ -2744,6 +3430,115 @@ module Aws::SecurityHub
2744
3430
  #
2745
3431
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
2746
3432
  #
3433
+ #
3434
+ # @example Example: To get a list of findings
3435
+ #
3436
+ # # The following example returns a filtered and sorted list of Security Hub findings.
3437
+ #
3438
+ # resp = client.get_findings({
3439
+ # filters: {
3440
+ # aws_account_id: [
3441
+ # {
3442
+ # comparison: "PREFIX",
3443
+ # value: "123456789012",
3444
+ # },
3445
+ # ],
3446
+ # },
3447
+ # max_results: 1,
3448
+ # })
3449
+ #
3450
+ # resp.to_h outputs the following:
3451
+ # {
3452
+ # findings: [
3453
+ # {
3454
+ # aws_account_id: "123456789012",
3455
+ # company_name: "AWS",
3456
+ # compliance: {
3457
+ # associated_standards: [
3458
+ # {
3459
+ # standards_id: "standards/aws-foundational-security-best-practices/v/1.0.0",
3460
+ # },
3461
+ # {
3462
+ # standards_id: "standards/pci-dss/v/3.2.1",
3463
+ # },
3464
+ # {
3465
+ # standards_id: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
3466
+ # },
3467
+ # {
3468
+ # standards_id: "standards/cis-aws-foundations-benchmark/v/1.4.0",
3469
+ # },
3470
+ # {
3471
+ # standards_id: "standards/service-managed-aws-control-tower/v/1.0.0",
3472
+ # },
3473
+ # ],
3474
+ # related_requirements: [
3475
+ # "PCI DSS v3.2.1/3.4",
3476
+ # "CIS AWS Foundations Benchmark v1.2.0/2.7",
3477
+ # "CIS AWS Foundations Benchmark v1.4.0/3.7",
3478
+ # ],
3479
+ # security_control_id: "CloudTrail.2",
3480
+ # status: "FAILED",
3481
+ # },
3482
+ # created_at: "2022-10-06T02:18:23.076Z",
3483
+ # description: "This AWS control checks whether AWS CloudTrail is configured to use the server side encryption (SSE) AWS Key Management Service (AWS KMS) customer master key (CMK) encryption. The check will pass if the KmsKeyId is defined.",
3484
+ # finding_provider_fields: {
3485
+ # severity: {
3486
+ # label: "MEDIUM",
3487
+ # original: "MEDIUM",
3488
+ # },
3489
+ # types: [
3490
+ # "Software and Configuration Checks/Industry and Regulatory Standards",
3491
+ # ],
3492
+ # },
3493
+ # first_observed_at: "2022-10-06T02:18:23.076Z",
3494
+ # generator_id: "security-control/CloudTrail.2",
3495
+ # id: "arn:aws:securityhub:us-east-2:123456789012:security-control/CloudTrail.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3496
+ # last_observed_at: "2022-10-28T16:10:06.956Z",
3497
+ # product_arn: "arn:aws:securityhub:us-east-2::product/aws/securityhub",
3498
+ # product_fields: {
3499
+ # "RelatedAWSResources:0/name" => "securityhub-cloud-trail-encryption-enabled-fe95bf3f",
3500
+ # "RelatedAWSResources:0/type" => "AWS::Config::ConfigRule",
3501
+ # "Resources:0/Id" => "arn:aws:cloudtrail:us-east-2:123456789012:trail/AWSMacieTrail-DO-NOT-EDIT",
3502
+ # "aws/securityhub/CompanyName" => "AWS",
3503
+ # "aws/securityhub/FindingId" => "arn:aws:securityhub:us-east-2::product/aws/securityhub/arn:aws:securityhub:us-east-2:123456789012:security-control/CloudTrail.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3504
+ # "aws/securityhub/ProductName" => "Security Hub",
3505
+ # },
3506
+ # product_name: "Security Hub",
3507
+ # record_state: "ACTIVE",
3508
+ # region: "us-east-2",
3509
+ # remediation: {
3510
+ # recommendation: {
3511
+ # text: "For directions on how to correct this issue, consult the AWS Security Hub controls documentation.",
3512
+ # url: "https://docs.aws.amazon.com/console/securityhub/CloudTrail.2/remediation",
3513
+ # },
3514
+ # },
3515
+ # resources: [
3516
+ # {
3517
+ # id: "arn:aws:cloudtrail:us-east-2:123456789012:trail/AWSMacieTrail-DO-NOT-EDIT",
3518
+ # partition: "aws",
3519
+ # region: "us-east-2",
3520
+ # type: "AwsCloudTrailTrail",
3521
+ # },
3522
+ # ],
3523
+ # schema_version: "2018-10-08",
3524
+ # severity: {
3525
+ # label: "MEDIUM",
3526
+ # normalized: 40,
3527
+ # original: "MEDIUM",
3528
+ # },
3529
+ # title: "CloudTrail should have encryption at-rest enabled",
3530
+ # types: [
3531
+ # "Software and Configuration Checks/Industry and Regulatory Standards",
3532
+ # ],
3533
+ # updated_at: "2022-10-28T16:10:00.093Z",
3534
+ # workflow: {
3535
+ # status: "NEW",
3536
+ # },
3537
+ # workflow_state: "NEW",
3538
+ # },
3539
+ # ],
3540
+ # }
3541
+ #
2747
3542
  # @example Request syntax with placeholder values
2748
3543
  #
2749
3544
  # resp = client.get_findings({
@@ -3410,6 +4205,33 @@ module Aws::SecurityHub
3410
4205
  #
3411
4206
  # * {Types::GetInsightResultsResponse#insight_results #insight_results} => Types::InsightResults
3412
4207
  #
4208
+ #
4209
+ # @example Example: To get the results of a Security Hub insight
4210
+ #
4211
+ # # The following example returns the results of the Security Hub insight specified by the insight ARN.
4212
+ #
4213
+ # resp = client.get_insight_results({
4214
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4215
+ # })
4216
+ #
4217
+ # resp.to_h outputs the following:
4218
+ # {
4219
+ # insight_results: {
4220
+ # group_by_attribute: "ResourceId",
4221
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4222
+ # result_values: [
4223
+ # {
4224
+ # count: 10,
4225
+ # group_by_attribute_value: "AWS::::Account:111122223333",
4226
+ # },
4227
+ # {
4228
+ # count: 3,
4229
+ # group_by_attribute_value: "AWS::::Account:444455556666",
4230
+ # },
4231
+ # ],
4232
+ # },
4233
+ # }
4234
+ #
3413
4235
  # @example Request syntax with placeholder values
3414
4236
  #
3415
4237
  # resp = client.get_insight_results({
@@ -3458,6 +4280,42 @@ module Aws::SecurityHub
3458
4280
  #
3459
4281
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
3460
4282
  #
4283
+ #
4284
+ # @example Example: To get details of a Security Hub insight
4285
+ #
4286
+ # # The following example returns details of the Security Hub insight with the specified ARN.
4287
+ #
4288
+ # resp = client.get_insights({
4289
+ # insight_arns: [
4290
+ # "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4291
+ # ],
4292
+ # })
4293
+ #
4294
+ # resp.to_h outputs the following:
4295
+ # {
4296
+ # insights: [
4297
+ # {
4298
+ # filters: {
4299
+ # resource_type: [
4300
+ # {
4301
+ # comparison: "EQUALS",
4302
+ # value: "AwsIamRole",
4303
+ # },
4304
+ # ],
4305
+ # severity_label: [
4306
+ # {
4307
+ # comparison: "EQUALS",
4308
+ # value: "CRITICAL",
4309
+ # },
4310
+ # ],
4311
+ # },
4312
+ # group_by_attribute: "ResourceId",
4313
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4314
+ # name: "Critical role findings",
4315
+ # },
4316
+ # ],
4317
+ # }
4318
+ #
3461
4319
  # @example Request syntax with placeholder values
3462
4320
  #
3463
4321
  # resp = client.get_insights({
@@ -3810,6 +4668,20 @@ module Aws::SecurityHub
3810
4668
  #
3811
4669
  # * {Types::GetInvitationsCountResponse#invitations_count #invitations_count} => Integer
3812
4670
  #
4671
+ #
4672
+ # @example Example: To get a count of membership invitations
4673
+ #
4674
+ # # The following example returns a count of invitations that the Security Hub administrator sent to the current member
4675
+ # # account, not including the currently accepted invitation.
4676
+ #
4677
+ # resp = client.get_invitations_count({
4678
+ # })
4679
+ #
4680
+ # resp.to_h outputs the following:
4681
+ # {
4682
+ # invitations_count: 3,
4683
+ # }
4684
+ #
3813
4685
  # @example Response structure
3814
4686
  #
3815
4687
  # resp.invitations_count #=> Integer
@@ -3877,6 +4749,44 @@ module Aws::SecurityHub
3877
4749
  # * {Types::GetMembersResponse#members #members} => Array<Types::Member>
3878
4750
  # * {Types::GetMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
3879
4751
  #
4752
+ #
4753
+ # @example Example: To get member account details
4754
+ #
4755
+ # # The following example returns details for the Security Hub member accounts with the specified AWS account IDs. An
4756
+ # # administrator account may be the delegated Security Hub administrator account for an organization or an administrator
4757
+ # # account that enabled Security Hub manually. The Security Hub administrator must call this operation.
4758
+ #
4759
+ # resp = client.get_members({
4760
+ # account_ids: [
4761
+ # "444455556666",
4762
+ # "777788889999",
4763
+ # ],
4764
+ # })
4765
+ #
4766
+ # resp.to_h outputs the following:
4767
+ # {
4768
+ # members: [
4769
+ # {
4770
+ # account_id: "444455556666",
4771
+ # administrator_id: "123456789012",
4772
+ # invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
4773
+ # master_id: "123456789012",
4774
+ # member_status: "ASSOCIATED",
4775
+ # updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
4776
+ # },
4777
+ # {
4778
+ # account_id: "777788889999",
4779
+ # administrator_id: "123456789012",
4780
+ # invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
4781
+ # master_id: "123456789012",
4782
+ # member_status: "ASSOCIATED",
4783
+ # updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
4784
+ # },
4785
+ # ],
4786
+ # unprocessed_accounts: [
4787
+ # ],
4788
+ # }
4789
+ #
3880
4790
  # @example Request syntax with placeholder values
3881
4791
  #
3882
4792
  # resp = client.get_members({
@@ -3929,6 +4839,26 @@ module Aws::SecurityHub
3929
4839
  #
3930
4840
  # * {Types::InviteMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
3931
4841
  #
4842
+ #
4843
+ # @example Example: To invite accounts to become members
4844
+ #
4845
+ # # The following example invites the specified AWS accounts to become member accounts associated with the calling Security
4846
+ # # Hub administrator account. You only use this operation to invite accounts that don't belong to an AWS Organizations
4847
+ # # organization.
4848
+ #
4849
+ # resp = client.invite_members({
4850
+ # account_ids: [
4851
+ # "111122223333",
4852
+ # "444455556666",
4853
+ # ],
4854
+ # })
4855
+ #
4856
+ # resp.to_h outputs the following:
4857
+ # {
4858
+ # unprocessed_accounts: [
4859
+ # ],
4860
+ # }
4861
+ #
3932
4862
  # @example Request syntax with placeholder values
3933
4863
  #
3934
4864
  # resp = client.invite_members({
@@ -3972,6 +4902,23 @@ module Aws::SecurityHub
3972
4902
  #
3973
4903
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
3974
4904
  #
4905
+ #
4906
+ # @example Example: To list ARNs for enabled integrations
4907
+ #
4908
+ # # The following example returns a list of subscription Amazon Resource Names (ARNs) for the product integrations that you
4909
+ # # have currently enabled in Security Hub.
4910
+ #
4911
+ # resp = client.list_enabled_products_for_import({
4912
+ # })
4913
+ #
4914
+ # resp.to_h outputs the following:
4915
+ # {
4916
+ # product_subscriptions: [
4917
+ # "arn:aws:securityhub:us-east-1:517716713836:product-subscription/crowdstrike/crowdstrike-falcon",
4918
+ # "arn:aws:securityhub:us-east-1::product/3coresec/3coresec",
4919
+ # ],
4920
+ # }
4921
+ #
3975
4922
  # @example Request syntax with placeholder values
3976
4923
  #
3977
4924
  # resp = client.list_enabled_products_for_import({
@@ -4013,6 +4960,23 @@ module Aws::SecurityHub
4013
4960
  #
4014
4961
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4015
4962
  #
4963
+ #
4964
+ # @example Example: To update the enablement status of a standard control
4965
+ #
4966
+ # # The following example disables the specified control in the specified security standard.
4967
+ #
4968
+ # resp = client.list_finding_aggregators({
4969
+ # })
4970
+ #
4971
+ # resp.to_h outputs the following:
4972
+ # {
4973
+ # finding_aggregators: [
4974
+ # {
4975
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:222222222222:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
4976
+ # },
4977
+ # ],
4978
+ # }
4979
+ #
4016
4980
  # @example Request syntax with placeholder values
4017
4981
  #
4018
4982
  # resp = client.list_finding_aggregators({
@@ -4061,6 +5025,27 @@ module Aws::SecurityHub
4061
5025
  #
4062
5026
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4063
5027
  #
5028
+ #
5029
+ # @example Example: To list membership invitations to calling account
5030
+ #
5031
+ # # The following example returns a list of Security Hub member invitations sent to the calling AWS account. Only accounts
5032
+ # # that are invited manually use this operation. It's not for use by accounts that are managed through AWS Organizations.
5033
+ #
5034
+ # resp = client.list_invitations({
5035
+ # })
5036
+ #
5037
+ # resp.to_h outputs the following:
5038
+ # {
5039
+ # invitations: [
5040
+ # {
5041
+ # account_id: "123456789012",
5042
+ # invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
5043
+ # invited_at: Time.parse("2020-06-01T20:21:18.042000+00:00"),
5044
+ # member_status: "ASSOCIATED",
5045
+ # },
5046
+ # ],
5047
+ # }
5048
+ #
4064
5049
  # @example Request syntax with placeholder values
4065
5050
  #
4066
5051
  # resp = client.list_invitations({
@@ -4122,6 +5107,37 @@ module Aws::SecurityHub
4122
5107
  #
4123
5108
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4124
5109
  #
5110
+ #
5111
+ # @example Example: To list member account details
5112
+ #
5113
+ # # The following example returns details about member accounts for the calling Security Hub administrator account. The
5114
+ # # response includes member accounts that are managed through AWS Organizations and those that were invited manually.
5115
+ #
5116
+ # resp = client.list_members({
5117
+ # })
5118
+ #
5119
+ # resp.to_h outputs the following:
5120
+ # {
5121
+ # members: [
5122
+ # {
5123
+ # account_id: "111122223333",
5124
+ # administrator_id: "123456789012",
5125
+ # invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
5126
+ # master_id: "123456789012",
5127
+ # member_status: "ASSOCIATED",
5128
+ # updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
5129
+ # },
5130
+ # {
5131
+ # account_id: "444455556666",
5132
+ # administrator_id: "123456789012",
5133
+ # invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
5134
+ # master_id: "123456789012",
5135
+ # member_status: "ASSOCIATED",
5136
+ # updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
5137
+ # },
5138
+ # ],
5139
+ # }
5140
+ #
4125
5141
  # @example Request syntax with placeholder values
4126
5142
  #
4127
5143
  # resp = client.list_members({
@@ -4171,6 +5187,27 @@ module Aws::SecurityHub
4171
5187
  #
4172
5188
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4173
5189
  #
5190
+ #
5191
+ # @example Example: To list administrator acccounts for an organization
5192
+ #
5193
+ # # The following example lists the Security Hub administrator accounts for an organization. Only the organization
5194
+ # # management account can call this operation.
5195
+ #
5196
+ # resp = client.list_organization_admin_accounts({
5197
+ # })
5198
+ #
5199
+ # resp.to_h outputs the following:
5200
+ # {
5201
+ # admin_accounts: [
5202
+ # {
5203
+ # account_id: "777788889999",
5204
+ # },
5205
+ # {
5206
+ # status: "ENABLED",
5207
+ # },
5208
+ # ],
5209
+ # }
5210
+ #
4174
5211
  # @example Request syntax with placeholder values
4175
5212
  #
4176
5213
  # resp = client.list_organization_admin_accounts({
@@ -4219,6 +5256,48 @@ module Aws::SecurityHub
4219
5256
  #
4220
5257
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4221
5258
  #
5259
+ #
5260
+ # @example Example: To list security controls that apply to a standard
5261
+ #
5262
+ # # The following example lists security controls that apply to a specified Security Hub standard.
5263
+ #
5264
+ # resp = client.list_security_control_definitions({
5265
+ # max_results: 3,
5266
+ # next_token: "NULL",
5267
+ # standards_arn: "arn:aws:securityhub:::standards/aws-foundational-security-best-practices/v/1.0.0",
5268
+ # })
5269
+ #
5270
+ # resp.to_h outputs the following:
5271
+ # {
5272
+ # next_token: "U2FsdGVkX1...",
5273
+ # security_control_definitions: [
5274
+ # {
5275
+ # current_region_availability: "AVAILABLE",
5276
+ # description: "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.",
5277
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation",
5278
+ # security_control_id: "ACM.1",
5279
+ # severity_rating: "MEDIUM",
5280
+ # title: "Imported and ACM-issued certificates should be renewed after a specified time period",
5281
+ # },
5282
+ # {
5283
+ # current_region_availability: "AVAILABLE",
5284
+ # description: "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.",
5285
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation",
5286
+ # security_control_id: "APIGateway.1",
5287
+ # severity_rating: "MEDIUM",
5288
+ # title: "API Gateway REST and WebSocket API execution logging should be enabled",
5289
+ # },
5290
+ # {
5291
+ # current_region_availability: "AVAILABLE",
5292
+ # description: "This control checks whether Amazon API Gateway REST API stages have SSL certificates configured that backend systems can use to authenticate that incoming requests are from the API Gateway.",
5293
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.2/remediation",
5294
+ # security_control_id: "APIGateway.2",
5295
+ # severity_rating: "MEDIUM",
5296
+ # title: "API Gateway REST API stages should be configured to use SSL certificates for backend authentication",
5297
+ # },
5298
+ # ],
5299
+ # }
5300
+ #
4222
5301
  # @example Request syntax with placeholder values
4223
5302
  #
4224
5303
  # resp = client.list_security_control_definitions({
@@ -4275,6 +5354,50 @@ module Aws::SecurityHub
4275
5354
  #
4276
5355
  # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
4277
5356
  #
5357
+ #
5358
+ # @example Example: To say whether standard
5359
+ #
5360
+ # # The following example specifies whether a control is currently enabled or disabled in each enabled standard in the
5361
+ # # calling account. The response also provides other details about the control.
5362
+ #
5363
+ # resp = client.list_standards_control_associations({
5364
+ # security_control_id: "S3.1",
5365
+ # })
5366
+ #
5367
+ # resp.to_h outputs the following:
5368
+ # {
5369
+ # standards_control_association_summaries: [
5370
+ # {
5371
+ # association_status: "ENABLED",
5372
+ # related_requirements: [
5373
+ # "PCI DSS 1.2.1",
5374
+ # "PCI DSS 1.3.1",
5375
+ # "PCI DSS 1.3.2",
5376
+ # "PCI DSS 1.3.4",
5377
+ # "PCI DSS 1.3.6",
5378
+ # ],
5379
+ # security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/S3.1",
5380
+ # security_control_id: "S3.1",
5381
+ # standards_arn: "arn:aws:securityhub:us-west-2::standards/pci-dss/v/3.2.1",
5382
+ # standards_control_description: "This AWS control checks whether the following public access block settings are configured from account level: ignorePublicAcls: True, blockPublicPolicy: True, blockPublicAcls: True, restrictPublicBuckets: True.",
5383
+ # standards_control_title: "S3 Block Public Access setting should be enabled",
5384
+ # updated_at: Time.parse("2022-01-13T23:03:46.648000+00:00"),
5385
+ # },
5386
+ # {
5387
+ # association_status: "DISABLED",
5388
+ # related_requirements: [
5389
+ # ],
5390
+ # security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/S3.1",
5391
+ # security_control_id: "S3.1",
5392
+ # standards_arn: "arn:aws:securityhub:us-west-2::standards/aws-foundational-security-best-practices/v/1.0.0",
5393
+ # standards_control_description: "This AWS control checks whether the following public access block settings are configured from account level: ignorePublicAcls: True, blockPublicPolicy: True, blockPublicAcls: True, restrictPublicBuckets: True.",
5394
+ # standards_control_title: "S3 Block Public Access setting should be enabled",
5395
+ # updated_at: Time.parse("2022-08-12T22:59:04.924000+00:00"),
5396
+ # updated_reason: "Not relevant to environment",
5397
+ # },
5398
+ # ],
5399
+ # }
5400
+ #
4278
5401
  # @example Request syntax with placeholder values
4279
5402
  #
4280
5403
  # resp = client.list_standards_control_associations({
@@ -4316,6 +5439,23 @@ module Aws::SecurityHub
4316
5439
  #
4317
5440
  # * {Types::ListTagsForResourceResponse#tags #tags} => Hash<String,String>
4318
5441
  #
5442
+ #
5443
+ # @example Example: To get a list of tags for a resource
5444
+ #
5445
+ # # The following example returns a list of tags associated with the specified resource.
5446
+ #
5447
+ # resp = client.list_tags_for_resource({
5448
+ # resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
5449
+ # })
5450
+ #
5451
+ # resp.to_h outputs the following:
5452
+ # {
5453
+ # tags: {
5454
+ # "Area" => "USMidwest",
5455
+ # "Department" => "Operations",
5456
+ # },
5457
+ # }
5458
+ #
4319
5459
  # @example Request syntax with placeholder values
4320
5460
  #
4321
5461
  # resp = client.list_tags_for_resource({
@@ -4348,6 +5488,19 @@ module Aws::SecurityHub
4348
5488
  #
4349
5489
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4350
5490
  #
5491
+ #
5492
+ # @example Example: To tag a resource
5493
+ #
5494
+ # # The following example adds the 'Department' and 'Area' tags to the specified resource.
5495
+ #
5496
+ # resp = client.tag_resource({
5497
+ # resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
5498
+ # tags: {
5499
+ # "Area" => "USMidwest",
5500
+ # "Department" => "Operations",
5501
+ # },
5502
+ # })
5503
+ #
4351
5504
  # @example Request syntax with placeholder values
4352
5505
  #
4353
5506
  # resp = client.tag_resource({
@@ -4377,6 +5530,18 @@ module Aws::SecurityHub
4377
5530
  #
4378
5531
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4379
5532
  #
5533
+ #
5534
+ # @example Example: To remove tags from a resource
5535
+ #
5536
+ # # The following example removes the 'Department' tag from the specified resource.
5537
+ #
5538
+ # resp = client.untag_resource({
5539
+ # resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
5540
+ # tag_keys: [
5541
+ # "Department",
5542
+ # ],
5543
+ # })
5544
+ #
4380
5545
  # @example Request syntax with placeholder values
4381
5546
  #
4382
5547
  # resp = client.untag_resource({
@@ -4407,6 +5572,18 @@ module Aws::SecurityHub
4407
5572
  #
4408
5573
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
4409
5574
  #
5575
+ #
5576
+ # @example Example: To update the name and description of a custom action target
5577
+ #
5578
+ # # The following example updates the name and description of a custom action target in Security Hub. You can create custom
5579
+ # # actions to automatically respond to Security Hub findings using Amazon EventBridge.
5580
+ #
5581
+ # resp = client.update_action_target({
5582
+ # action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
5583
+ # description: "Sends specified findings to customer service chat",
5584
+ # name: "Chat custom action",
5585
+ # })
5586
+ #
4410
5587
  # @example Request syntax with placeholder values
4411
5588
  #
4412
5589
  # resp = client.update_action_target({
@@ -4477,6 +5654,33 @@ module Aws::SecurityHub
4477
5654
  # * {Types::UpdateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
4478
5655
  # * {Types::UpdateFindingAggregatorResponse#regions #regions} => Array<String>
4479
5656
  #
5657
+ #
5658
+ # @example Example: To update cross-Region aggregation settings
5659
+ #
5660
+ # # The following example updates the cross-Region aggregation configuration. You use this operation to change the list of
5661
+ # # linked Regions and the treatment of new Regions. However, you cannot use this operation to change the aggregation
5662
+ # # Region.
5663
+ #
5664
+ # resp = client.update_finding_aggregator({
5665
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
5666
+ # region_linking_mode: "SPECIFIED_REGIONS",
5667
+ # regions: [
5668
+ # "us-west-1",
5669
+ # "us-west-2",
5670
+ # ],
5671
+ # })
5672
+ #
5673
+ # resp.to_h outputs the following:
5674
+ # {
5675
+ # finding_aggregation_region: "us-east-1",
5676
+ # finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
5677
+ # region_linking_mode: "SPECIFIED_REGIONS",
5678
+ # regions: [
5679
+ # "us-west-1",
5680
+ # "us-west-2",
5681
+ # ],
5682
+ # }
5683
+ #
4480
5684
  # @example Request syntax with placeholder values
4481
5685
  #
4482
5686
  # resp = client.update_finding_aggregator({
@@ -5191,6 +6395,30 @@ module Aws::SecurityHub
5191
6395
  #
5192
6396
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5193
6397
  #
6398
+ #
6399
+ # @example Example: To update an insight
6400
+ #
6401
+ # # The following example updates the specified Security Hub insight.
6402
+ #
6403
+ # resp = client.update_insight({
6404
+ # filters: {
6405
+ # resource_type: [
6406
+ # {
6407
+ # comparison: "EQUALS",
6408
+ # value: "AwsIamRole",
6409
+ # },
6410
+ # ],
6411
+ # severity_label: [
6412
+ # {
6413
+ # comparison: "EQUALS",
6414
+ # value: "HIGH",
6415
+ # },
6416
+ # ],
6417
+ # },
6418
+ # insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
6419
+ # name: "High severity role findings",
6420
+ # })
6421
+ #
5194
6422
  # @example Request syntax with placeholder values
5195
6423
  #
5196
6424
  # resp = client.update_insight({
@@ -5872,6 +7100,16 @@ module Aws::SecurityHub
5872
7100
  #
5873
7101
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5874
7102
  #
7103
+ #
7104
+ # @example Example: To update organization configuration
7105
+ #
7106
+ # # The following example updates the configuration for an organization so that Security Hub is automatically activated for
7107
+ # # new member accounts. Only the Security Hub administrator account can call this operation.
7108
+ #
7109
+ # resp = client.update_organization_configuration({
7110
+ # auto_enable: true,
7111
+ # })
7112
+ #
5875
7113
  # @example Request syntax with placeholder values
5876
7114
  #
5877
7115
  # resp = client.update_organization_configuration({
@@ -5913,6 +7151,17 @@ module Aws::SecurityHub
5913
7151
  #
5914
7152
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5915
7153
  #
7154
+ #
7155
+ # @example Example: To update Security Hub settings
7156
+ #
7157
+ # # The following example updates Security Hub settings to turn on consolidated control findings, and to automatically
7158
+ # # enable new controls in enabled standards.
7159
+ #
7160
+ # resp = client.update_security_hub_configuration({
7161
+ # auto_enable_controls: true,
7162
+ # control_finding_generator: "SECURITY_CONTROL",
7163
+ # })
7164
+ #
5916
7165
  # @example Request syntax with placeholder values
5917
7166
  #
5918
7167
  # resp = client.update_security_hub_configuration({
@@ -5944,6 +7193,17 @@ module Aws::SecurityHub
5944
7193
  #
5945
7194
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
5946
7195
  #
7196
+ #
7197
+ # @example Example: To update the enablement status of a standard control
7198
+ #
7199
+ # # The following example disables the specified control in the specified security standard.
7200
+ #
7201
+ # resp = client.update_standards_control({
7202
+ # control_status: "DISABLED",
7203
+ # disabled_reason: "Not applicable to my service",
7204
+ # standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.AutoScaling.1",
7205
+ # })
7206
+ #
5947
7207
  # @example Request syntax with placeholder values
5948
7208
  #
5949
7209
  # resp = client.update_standards_control({
@@ -5974,7 +7234,7 @@ module Aws::SecurityHub
5974
7234
  params: params,
5975
7235
  config: config)
5976
7236
  context[:gem_name] = 'aws-sdk-securityhub'
5977
- context[:gem_version] = '1.79.0'
7237
+ context[:gem_version] = '1.80.0'
5978
7238
  Seahorse::Client::Request.new(handlers, context)
5979
7239
  end
5980
7240