aws-sdk-securityhub 1.79.0 → 1.81.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +1413 -1
- data/lib/aws-sdk-securityhub/client_api.rb +58 -0
- data/lib/aws-sdk-securityhub/endpoints.rb +14 -0
- data/lib/aws-sdk-securityhub/plugins/endpoints.rb +2 -0
- data/lib/aws-sdk-securityhub/types.rb +259 -25
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
@@ -388,6 +388,18 @@ module Aws::SecurityHub
|
|
388
388
|
#
|
389
389
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
390
390
|
#
|
391
|
+
#
|
392
|
+
# @example Example: To accept an invitation be a member account
|
393
|
+
#
|
394
|
+
# # The following example demonstrates how an account can accept an invitation from the Security Hub administrator account
|
395
|
+
# # to be a member account. This operation is applicable only to member accounts that are not added through AWS
|
396
|
+
# # Organizations.
|
397
|
+
#
|
398
|
+
# resp = client.accept_administrator_invitation({
|
399
|
+
# administrator_id: "123456789012",
|
400
|
+
# invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
|
401
|
+
# })
|
402
|
+
#
|
391
403
|
# @example Request syntax with placeholder values
|
392
404
|
#
|
393
405
|
# resp = client.accept_administrator_invitation({
|
@@ -468,6 +480,30 @@ module Aws::SecurityHub
|
|
468
480
|
#
|
469
481
|
# * {Types::BatchDisableStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
|
470
482
|
#
|
483
|
+
#
|
484
|
+
# @example Example: To disable one or more security standards
|
485
|
+
#
|
486
|
+
# # The following example disables a security standard in Security Hub.
|
487
|
+
#
|
488
|
+
# resp = client.batch_disable_standards({
|
489
|
+
# standards_subscription_arns: [
|
490
|
+
# "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
491
|
+
# ],
|
492
|
+
# })
|
493
|
+
#
|
494
|
+
# resp.to_h outputs the following:
|
495
|
+
# {
|
496
|
+
# standards_subscriptions: [
|
497
|
+
# {
|
498
|
+
# standards_arn: "arn:aws:securityhub:eu-central-1::standards/pci-dss/v/3.2.1",
|
499
|
+
# standards_input: {
|
500
|
+
# },
|
501
|
+
# standards_status: "DELETING",
|
502
|
+
# standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
503
|
+
# },
|
504
|
+
# ],
|
505
|
+
# }
|
506
|
+
#
|
471
507
|
# @example Request syntax with placeholder values
|
472
508
|
#
|
473
509
|
# resp = client.batch_disable_standards({
|
@@ -510,6 +546,32 @@ module Aws::SecurityHub
|
|
510
546
|
#
|
511
547
|
# * {Types::BatchEnableStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
|
512
548
|
#
|
549
|
+
#
|
550
|
+
# @example Example: To import security findings from a third party provider to Security Hub
|
551
|
+
#
|
552
|
+
# # The following example imports findings from a third party provider to Security Hub.
|
553
|
+
#
|
554
|
+
# resp = client.batch_enable_standards({
|
555
|
+
# standards_subscription_requests: [
|
556
|
+
# {
|
557
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
|
558
|
+
# },
|
559
|
+
# ],
|
560
|
+
# })
|
561
|
+
#
|
562
|
+
# resp.to_h outputs the following:
|
563
|
+
# {
|
564
|
+
# standards_subscriptions: [
|
565
|
+
# {
|
566
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
|
567
|
+
# standards_input: {
|
568
|
+
# },
|
569
|
+
# standards_status: "PENDING",
|
570
|
+
# standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
571
|
+
# },
|
572
|
+
# ],
|
573
|
+
# }
|
574
|
+
#
|
513
575
|
# @example Request syntax with placeholder values
|
514
576
|
#
|
515
577
|
# resp = client.batch_enable_standards({
|
@@ -710,6 +772,52 @@ module Aws::SecurityHub
|
|
710
772
|
# * {Types::BatchImportFindingsResponse#success_count #success_count} => Integer
|
711
773
|
# * {Types::BatchImportFindingsResponse#failed_findings #failed_findings} => Array<Types::ImportFindingsError>
|
712
774
|
#
|
775
|
+
#
|
776
|
+
# @example Example: To import security findings from a third party provider to Security Hub
|
777
|
+
#
|
778
|
+
# # The following example imports findings from a third party provider to Security Hub.
|
779
|
+
#
|
780
|
+
# resp = client.batch_import_findings({
|
781
|
+
# findings: [
|
782
|
+
# {
|
783
|
+
# aws_account_id: "123456789012",
|
784
|
+
# created_at: "2020-05-27T17:05:54.832Z",
|
785
|
+
# description: "Vulnerability in a CloudTrail trail",
|
786
|
+
# finding_provider_fields: {
|
787
|
+
# severity: {
|
788
|
+
# label: "LOW",
|
789
|
+
# original: "10",
|
790
|
+
# },
|
791
|
+
# types: [
|
792
|
+
# "Software and Configuration Checks/Vulnerabilities/CVE",
|
793
|
+
# ],
|
794
|
+
# },
|
795
|
+
# generator_id: "TestGeneratorId",
|
796
|
+
# id: "Id1",
|
797
|
+
# product_arn: "arn:aws:securityhub:us-west-1:123456789012:product/123456789012/default",
|
798
|
+
# resources: [
|
799
|
+
# {
|
800
|
+
# id: "arn:aws:cloudtrail:us-west-1:123456789012:trail/TrailName",
|
801
|
+
# partition: "aws",
|
802
|
+
# region: "us-west-1",
|
803
|
+
# type: "AwsCloudTrailTrail",
|
804
|
+
# },
|
805
|
+
# ],
|
806
|
+
# schema_version: "2018-10-08",
|
807
|
+
# title: "CloudTrail trail vulnerability",
|
808
|
+
# updated_at: "2020-06-02T16:05:54.832Z",
|
809
|
+
# },
|
810
|
+
# ],
|
811
|
+
# })
|
812
|
+
#
|
813
|
+
# resp.to_h outputs the following:
|
814
|
+
# {
|
815
|
+
# failed_count: 123,
|
816
|
+
# failed_findings: [
|
817
|
+
# ],
|
818
|
+
# success_count: 123,
|
819
|
+
# }
|
820
|
+
#
|
713
821
|
# @example Response structure
|
714
822
|
#
|
715
823
|
# resp.failed_count #=> Integer
|
@@ -844,6 +952,66 @@ module Aws::SecurityHub
|
|
844
952
|
# * {Types::BatchUpdateFindingsResponse#processed_findings #processed_findings} => Array<Types::AwsSecurityFindingIdentifier>
|
845
953
|
# * {Types::BatchUpdateFindingsResponse#unprocessed_findings #unprocessed_findings} => Array<Types::BatchUpdateFindingsUnprocessedFinding>
|
846
954
|
#
|
955
|
+
#
|
956
|
+
# @example Example: To update Security Hub findings
|
957
|
+
#
|
958
|
+
# # The following example updates Security Hub findings. The finding identifier parameter specifies which findings to
|
959
|
+
# # update. Only specific finding fields can be updated with this operation.
|
960
|
+
#
|
961
|
+
# resp = client.batch_update_findings({
|
962
|
+
# confidence: 80,
|
963
|
+
# criticality: 80,
|
964
|
+
# finding_identifiers: [
|
965
|
+
# {
|
966
|
+
# id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
967
|
+
# product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
|
968
|
+
# },
|
969
|
+
# {
|
970
|
+
# id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
|
971
|
+
# product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
|
972
|
+
# },
|
973
|
+
# ],
|
974
|
+
# note: {
|
975
|
+
# text: "Known issue that is not a risk.",
|
976
|
+
# updated_by: "user1",
|
977
|
+
# },
|
978
|
+
# related_findings: [
|
979
|
+
# {
|
980
|
+
# id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE33333",
|
981
|
+
# product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
|
982
|
+
# },
|
983
|
+
# ],
|
984
|
+
# severity: {
|
985
|
+
# label: "LOW",
|
986
|
+
# },
|
987
|
+
# types: [
|
988
|
+
# "Software and Configuration Checks/Vulnerabilities/CVE",
|
989
|
+
# ],
|
990
|
+
# user_defined_fields: {
|
991
|
+
# "reviewedByCio" => "true",
|
992
|
+
# },
|
993
|
+
# verification_state: "TRUE_POSITIVE",
|
994
|
+
# workflow: {
|
995
|
+
# status: "RESOLVED",
|
996
|
+
# },
|
997
|
+
# })
|
998
|
+
#
|
999
|
+
# resp.to_h outputs the following:
|
1000
|
+
# {
|
1001
|
+
# processed_findings: [
|
1002
|
+
# {
|
1003
|
+
# id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
1004
|
+
# product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
|
1005
|
+
# },
|
1006
|
+
# {
|
1007
|
+
# id: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1/PCI.Lambda.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE22222",
|
1008
|
+
# product_arn: "arn:aws:securityhub:us-west-1::product/aws/securityhub",
|
1009
|
+
# },
|
1010
|
+
# ],
|
1011
|
+
# unprocessed_findings: [
|
1012
|
+
# ],
|
1013
|
+
# }
|
1014
|
+
#
|
847
1015
|
# @example Request syntax with placeholder values
|
848
1016
|
#
|
849
1017
|
# resp = client.batch_update_findings({
|
@@ -962,6 +1130,23 @@ module Aws::SecurityHub
|
|
962
1130
|
#
|
963
1131
|
# * {Types::CreateActionTargetResponse#action_target_arn #action_target_arn} => String
|
964
1132
|
#
|
1133
|
+
#
|
1134
|
+
# @example Example: To create a custom action target
|
1135
|
+
#
|
1136
|
+
# # The following example creates a custom action target in Security Hub. Custom actions on findings and insights
|
1137
|
+
# # automatically trigger actions in Amazon CloudWatch Events.
|
1138
|
+
#
|
1139
|
+
# resp = client.create_action_target({
|
1140
|
+
# description: "Action to send the finding for remediation tracking",
|
1141
|
+
# id: "Remediation",
|
1142
|
+
# name: "Send to remediation",
|
1143
|
+
# })
|
1144
|
+
#
|
1145
|
+
# resp.to_h outputs the following:
|
1146
|
+
# {
|
1147
|
+
# action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
1148
|
+
# }
|
1149
|
+
#
|
965
1150
|
# @example Request syntax with placeholder values
|
966
1151
|
#
|
967
1152
|
# resp = client.create_action_target({
|
@@ -1035,6 +1220,30 @@ module Aws::SecurityHub
|
|
1035
1220
|
# * {Types::CreateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
1036
1221
|
# * {Types::CreateFindingAggregatorResponse#regions #regions} => Array<String>
|
1037
1222
|
#
|
1223
|
+
#
|
1224
|
+
# @example Example: To enable cross-Region aggregation
|
1225
|
+
#
|
1226
|
+
# # The following example creates a finding aggregator. This is required to enable cross-Region aggregation.
|
1227
|
+
#
|
1228
|
+
# resp = client.create_finding_aggregator({
|
1229
|
+
# region_linking_mode: "SPECIFIED_REGIONS",
|
1230
|
+
# regions: [
|
1231
|
+
# "us-west-1",
|
1232
|
+
# "us-west-2",
|
1233
|
+
# ],
|
1234
|
+
# })
|
1235
|
+
#
|
1236
|
+
# resp.to_h outputs the following:
|
1237
|
+
# {
|
1238
|
+
# finding_aggregation_region: "us-east-1",
|
1239
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:222222222222:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
1240
|
+
# region_linking_mode: "SPECIFIED_REGIONS",
|
1241
|
+
# regions: [
|
1242
|
+
# "us-west-1",
|
1243
|
+
# "us-west-2",
|
1244
|
+
# ],
|
1245
|
+
# }
|
1246
|
+
#
|
1038
1247
|
# @example Request syntax with placeholder values
|
1039
1248
|
#
|
1040
1249
|
# resp = client.create_finding_aggregator({
|
@@ -1084,6 +1293,36 @@ module Aws::SecurityHub
|
|
1084
1293
|
#
|
1085
1294
|
# * {Types::CreateInsightResponse#insight_arn #insight_arn} => String
|
1086
1295
|
#
|
1296
|
+
#
|
1297
|
+
# @example Example: To create a custom insight
|
1298
|
+
#
|
1299
|
+
# # The following example creates a custom insight in Security Hub. An insight is a collection of findings that relate to a
|
1300
|
+
# # security issue.
|
1301
|
+
#
|
1302
|
+
# resp = client.create_insight({
|
1303
|
+
# filters: {
|
1304
|
+
# resource_type: [
|
1305
|
+
# {
|
1306
|
+
# comparison: "EQUALS",
|
1307
|
+
# value: "AwsIamRole",
|
1308
|
+
# },
|
1309
|
+
# ],
|
1310
|
+
# severity_label: [
|
1311
|
+
# {
|
1312
|
+
# comparison: "EQUALS",
|
1313
|
+
# value: "CRITICAL",
|
1314
|
+
# },
|
1315
|
+
# ],
|
1316
|
+
# },
|
1317
|
+
# group_by_attribute: "ResourceId",
|
1318
|
+
# name: "Critical role findings",
|
1319
|
+
# })
|
1320
|
+
#
|
1321
|
+
# resp.to_h outputs the following:
|
1322
|
+
# {
|
1323
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
1324
|
+
# }
|
1325
|
+
#
|
1087
1326
|
# @example Request syntax with placeholder values
|
1088
1327
|
#
|
1089
1328
|
# resp = client.create_insight({
|
@@ -1796,6 +2035,29 @@ module Aws::SecurityHub
|
|
1796
2035
|
#
|
1797
2036
|
# * {Types::CreateMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
1798
2037
|
#
|
2038
|
+
#
|
2039
|
+
# @example Example: To add a member account
|
2040
|
+
#
|
2041
|
+
# # The following example creates a member association between the specified accounts and the administrator account (the
|
2042
|
+
# # account that makes the request). This operation is used to add accounts that aren't part of an organization.
|
2043
|
+
#
|
2044
|
+
# resp = client.create_members({
|
2045
|
+
# account_details: [
|
2046
|
+
# {
|
2047
|
+
# account_id: "123456789012",
|
2048
|
+
# },
|
2049
|
+
# {
|
2050
|
+
# account_id: "111122223333",
|
2051
|
+
# },
|
2052
|
+
# ],
|
2053
|
+
# })
|
2054
|
+
#
|
2055
|
+
# resp.to_h outputs the following:
|
2056
|
+
# {
|
2057
|
+
# unprocessed_accounts: [
|
2058
|
+
# ],
|
2059
|
+
# }
|
2060
|
+
#
|
1799
2061
|
# @example Request syntax with placeholder values
|
1800
2062
|
#
|
1801
2063
|
# resp = client.create_members({
|
@@ -1838,6 +2100,25 @@ module Aws::SecurityHub
|
|
1838
2100
|
#
|
1839
2101
|
# * {Types::DeclineInvitationsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
1840
2102
|
#
|
2103
|
+
#
|
2104
|
+
# @example Example: To decline invitation to become a member account
|
2105
|
+
#
|
2106
|
+
# # The following example declines an invitation from the Security Hub administrator account to become a member account. The
|
2107
|
+
# # invited account makes the request.
|
2108
|
+
#
|
2109
|
+
# resp = client.decline_invitations({
|
2110
|
+
# account_ids: [
|
2111
|
+
# "123456789012",
|
2112
|
+
# "111122223333",
|
2113
|
+
# ],
|
2114
|
+
# })
|
2115
|
+
#
|
2116
|
+
# resp.to_h outputs the following:
|
2117
|
+
# {
|
2118
|
+
# unprocessed_accounts: [
|
2119
|
+
# ],
|
2120
|
+
# }
|
2121
|
+
#
|
1841
2122
|
# @example Request syntax with placeholder values
|
1842
2123
|
#
|
1843
2124
|
# resp = client.decline_invitations({
|
@@ -1872,6 +2153,22 @@ module Aws::SecurityHub
|
|
1872
2153
|
#
|
1873
2154
|
# * {Types::DeleteActionTargetResponse#action_target_arn #action_target_arn} => String
|
1874
2155
|
#
|
2156
|
+
#
|
2157
|
+
# @example Example: To delete a custom action target
|
2158
|
+
#
|
2159
|
+
# # The following example deletes a custom action target that triggers target actions in Amazon CloudWatch Events. Deleting
|
2160
|
+
# # a custom action target doesn't affect findings or insights that were already sent to CloudWatch Events based on the
|
2161
|
+
# # custom action.
|
2162
|
+
#
|
2163
|
+
# resp = client.delete_action_target({
|
2164
|
+
# action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
2165
|
+
# })
|
2166
|
+
#
|
2167
|
+
# resp.to_h outputs the following:
|
2168
|
+
# {
|
2169
|
+
# action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
2170
|
+
# }
|
2171
|
+
#
|
1875
2172
|
# @example Request syntax with placeholder values
|
1876
2173
|
#
|
1877
2174
|
# resp = client.delete_action_target({
|
@@ -1905,6 +2202,16 @@ module Aws::SecurityHub
|
|
1905
2202
|
#
|
1906
2203
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
1907
2204
|
#
|
2205
|
+
#
|
2206
|
+
# @example Example: To delete a finding aggregator
|
2207
|
+
#
|
2208
|
+
# # The following example deletes a finding aggregator in Security Hub. Deleting the finding aggregator stops cross-Region
|
2209
|
+
# # aggregation. This operation produces no output.
|
2210
|
+
#
|
2211
|
+
# resp = client.delete_finding_aggregator({
|
2212
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
2213
|
+
# })
|
2214
|
+
#
|
1908
2215
|
# @example Request syntax with placeholder values
|
1909
2216
|
#
|
1910
2217
|
# resp = client.delete_finding_aggregator({
|
@@ -1929,6 +2236,20 @@ module Aws::SecurityHub
|
|
1929
2236
|
#
|
1930
2237
|
# * {Types::DeleteInsightResponse#insight_arn #insight_arn} => String
|
1931
2238
|
#
|
2239
|
+
#
|
2240
|
+
# @example Example: To delete a custom insight
|
2241
|
+
#
|
2242
|
+
# # The following example deletes a custom insight in Security Hub.
|
2243
|
+
#
|
2244
|
+
# resp = client.delete_insight({
|
2245
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
2246
|
+
# })
|
2247
|
+
#
|
2248
|
+
# resp.to_h outputs the following:
|
2249
|
+
# {
|
2250
|
+
# insight_arn: "arn:aws:securityhub:eu-central-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
2251
|
+
# }
|
2252
|
+
#
|
1932
2253
|
# @example Request syntax with placeholder values
|
1933
2254
|
#
|
1934
2255
|
# resp = client.delete_insight({
|
@@ -1966,6 +2287,25 @@ module Aws::SecurityHub
|
|
1966
2287
|
#
|
1967
2288
|
# * {Types::DeleteInvitationsResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
1968
2289
|
#
|
2290
|
+
#
|
2291
|
+
# @example Example: To delete a custom insight
|
2292
|
+
#
|
2293
|
+
# # The following example deletes an invitation sent by the Security Hub administrator account to a prospective member
|
2294
|
+
# # account. This operation is used only for invitations sent to accounts that aren't part of an organization. Organization
|
2295
|
+
# # accounts don't receive invitations.
|
2296
|
+
#
|
2297
|
+
# resp = client.delete_invitations({
|
2298
|
+
# account_ids: [
|
2299
|
+
# "123456789012",
|
2300
|
+
# ],
|
2301
|
+
# })
|
2302
|
+
#
|
2303
|
+
# resp.to_h outputs the following:
|
2304
|
+
# {
|
2305
|
+
# unprocessed_accounts: [
|
2306
|
+
# ],
|
2307
|
+
# }
|
2308
|
+
#
|
1969
2309
|
# @example Request syntax with placeholder values
|
1970
2310
|
#
|
1971
2311
|
# resp = client.delete_invitations({
|
@@ -1999,6 +2339,25 @@ module Aws::SecurityHub
|
|
1999
2339
|
#
|
2000
2340
|
# * {Types::DeleteMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
2001
2341
|
#
|
2342
|
+
#
|
2343
|
+
# @example Example: To delete a member account
|
2344
|
+
#
|
2345
|
+
# # The following example deletes the specified member account from Security Hub. This operation can be used to delete
|
2346
|
+
# # member accounts that are part of an organization or that were invited manually.
|
2347
|
+
#
|
2348
|
+
# resp = client.delete_members({
|
2349
|
+
# account_ids: [
|
2350
|
+
# "123456789111",
|
2351
|
+
# "123456789222",
|
2352
|
+
# ],
|
2353
|
+
# })
|
2354
|
+
#
|
2355
|
+
# resp.to_h outputs the following:
|
2356
|
+
# {
|
2357
|
+
# unprocessed_accounts: [
|
2358
|
+
# ],
|
2359
|
+
# }
|
2360
|
+
#
|
2002
2361
|
# @example Request syntax with placeholder values
|
2003
2362
|
#
|
2004
2363
|
# resp = client.delete_members({
|
@@ -2046,6 +2405,29 @@ module Aws::SecurityHub
|
|
2046
2405
|
#
|
2047
2406
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2048
2407
|
#
|
2408
|
+
#
|
2409
|
+
# @example Example: To return custom action targets
|
2410
|
+
#
|
2411
|
+
# # The following example returns a list of custom action targets. You use custom actions on findings and insights in
|
2412
|
+
# # Security Hub to trigger target actions in Amazon CloudWatch Events.
|
2413
|
+
#
|
2414
|
+
# resp = client.describe_action_targets({
|
2415
|
+
# action_target_arns: [
|
2416
|
+
# "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
2417
|
+
# ],
|
2418
|
+
# })
|
2419
|
+
#
|
2420
|
+
# resp.to_h outputs the following:
|
2421
|
+
# {
|
2422
|
+
# action_targets: [
|
2423
|
+
# {
|
2424
|
+
# action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
2425
|
+
# description: "Action to send the finding for remediation tracking",
|
2426
|
+
# name: "Send to remediation",
|
2427
|
+
# },
|
2428
|
+
# ],
|
2429
|
+
# }
|
2430
|
+
#
|
2049
2431
|
# @example Request syntax with placeholder values
|
2050
2432
|
#
|
2051
2433
|
# resp = client.describe_action_targets({
|
@@ -2084,6 +2466,24 @@ module Aws::SecurityHub
|
|
2084
2466
|
# * {Types::DescribeHubResponse#auto_enable_controls #auto_enable_controls} => Boolean
|
2085
2467
|
# * {Types::DescribeHubResponse#control_finding_generator #control_finding_generator} => String
|
2086
2468
|
#
|
2469
|
+
#
|
2470
|
+
# @example Example: To return details about Hub resource
|
2471
|
+
#
|
2472
|
+
# # The following example returns details about the Hub resource in the calling account. The Hub resource represents the
|
2473
|
+
# # implementation of the AWS Security Hub service in the calling account.
|
2474
|
+
#
|
2475
|
+
# resp = client.describe_hub({
|
2476
|
+
# hub_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
|
2477
|
+
# })
|
2478
|
+
#
|
2479
|
+
# resp.to_h outputs the following:
|
2480
|
+
# {
|
2481
|
+
# auto_enable_controls: true,
|
2482
|
+
# control_finding_generator: "SECURITY_CONTROL",
|
2483
|
+
# hub_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
|
2484
|
+
# subscribed_at: "2019-11-19T23:15:10.046Z",
|
2485
|
+
# }
|
2486
|
+
#
|
2087
2487
|
# @example Request syntax with placeholder values
|
2088
2488
|
#
|
2089
2489
|
# resp = client.describe_hub({
|
@@ -2115,6 +2515,22 @@ module Aws::SecurityHub
|
|
2115
2515
|
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
2116
2516
|
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable_standards #auto_enable_standards} => String
|
2117
2517
|
#
|
2518
|
+
#
|
2519
|
+
# @example Example: To get information about Organizations configuration
|
2520
|
+
#
|
2521
|
+
# # The following example returns details about the way in which AWS Organizations is configured for a Security Hub account
|
2522
|
+
# # that belongs to an organization. Only a Security Hub administrator account can call this operation.
|
2523
|
+
#
|
2524
|
+
# resp = client.describe_organization_configuration({
|
2525
|
+
# })
|
2526
|
+
#
|
2527
|
+
# resp.to_h outputs the following:
|
2528
|
+
# {
|
2529
|
+
# auto_enable: true,
|
2530
|
+
# auto_enable_standards: "DEFAULT",
|
2531
|
+
# member_account_limit_reached: true,
|
2532
|
+
# }
|
2533
|
+
#
|
2118
2534
|
# @example Response structure
|
2119
2535
|
#
|
2120
2536
|
# resp.auto_enable #=> Boolean
|
@@ -2160,6 +2576,43 @@ module Aws::SecurityHub
|
|
2160
2576
|
#
|
2161
2577
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2162
2578
|
#
|
2579
|
+
#
|
2580
|
+
# @example Example: To get information about Security Hub integrations
|
2581
|
+
#
|
2582
|
+
# # The following example returns details about AWS services and third-party products that Security Hub integrates with.
|
2583
|
+
#
|
2584
|
+
# resp = client.describe_products({
|
2585
|
+
# max_results: 1,
|
2586
|
+
# next_token: "NULL",
|
2587
|
+
# product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
|
2588
|
+
# })
|
2589
|
+
#
|
2590
|
+
# resp.to_h outputs the following:
|
2591
|
+
# {
|
2592
|
+
# next_token: "U2FsdGVkX18vvPlOqb7RDrWRWVFBJI46MOIAb+nZmRJmR15NoRi2gm13sdQEn3O/pq/78dGs+bKpgA+7HMPHO0qX33/zoRI+uIG/F9yLNhcOrOWzFUdy36JcXLQji3Rpnn/cD1SVkGA98qI3zPOSDg==",
|
2593
|
+
# products: [
|
2594
|
+
# {
|
2595
|
+
# activation_url: "https://falcon.crowdstrike.com/support/documentation",
|
2596
|
+
# categories: [
|
2597
|
+
# "Endpoint Detection and Response (EDR)",
|
2598
|
+
# "AV Scanning and Sandboxing",
|
2599
|
+
# "Threat Intelligence Feeds and Reports",
|
2600
|
+
# "Endpoint Forensics",
|
2601
|
+
# "Network Forensics",
|
2602
|
+
# ],
|
2603
|
+
# company_name: "CrowdStrike",
|
2604
|
+
# description: "CrowdStrike Falcon's single lightweight sensor unifies next-gen antivirus, endpoint detection and response, and 24/7 managed hunting, via the cloud.",
|
2605
|
+
# integration_types: [
|
2606
|
+
# "SEND_FINDINGS_TO_SECURITY_HUB",
|
2607
|
+
# ],
|
2608
|
+
# marketplace_url: "https://aws.amazon.com/marketplace/seller-profile?id=a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
2609
|
+
# product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
|
2610
|
+
# product_name: "CrowdStrike Falcon",
|
2611
|
+
# product_subscription_resource_policy: "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789333\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789012:product-subscription/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}},{\"Effect\":\"Allow\",\"Principal\":{\"AWS\":\"123456789012\"},\"Action\":[\"securityhub:BatchImportFindings\"],\"Resource\":\"arn:aws:securityhub:us-west-1:123456789333:product/crowdstrike/crowdstrike-falcon\",\"Condition\":{\"StringEquals\":{\"securityhub:TargetAccount\":\"123456789012\"}}}]}",
|
2612
|
+
# },
|
2613
|
+
# ],
|
2614
|
+
# }
|
2615
|
+
#
|
2163
2616
|
# @example Request syntax with placeholder values
|
2164
2617
|
#
|
2165
2618
|
# resp = client.describe_products({
|
@@ -2217,6 +2670,44 @@ module Aws::SecurityHub
|
|
2217
2670
|
#
|
2218
2671
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2219
2672
|
#
|
2673
|
+
#
|
2674
|
+
# @example Example: To get available Security Hub standards
|
2675
|
+
#
|
2676
|
+
# # The following example returns a list of available security standards in Security Hub.
|
2677
|
+
#
|
2678
|
+
# resp = client.describe_standards({
|
2679
|
+
# })
|
2680
|
+
#
|
2681
|
+
# resp.to_h outputs the following:
|
2682
|
+
# {
|
2683
|
+
# standards: [
|
2684
|
+
# {
|
2685
|
+
# description: "The AWS Foundational Security Best Practices standard is a set of automated security checks that detect when AWS accounts and deployed resources do not align to security best practices. The standard is defined by AWS security experts. This curated set of controls helps improve your security posture in AWS, and cover AWS's most popular and foundational services.",
|
2686
|
+
# enabled_by_default: true,
|
2687
|
+
# name: "AWS Foundational Security Best Practices v1.0.0",
|
2688
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::standards/aws-foundational-security-best-practices/v/1.0.0",
|
2689
|
+
# },
|
2690
|
+
# {
|
2691
|
+
# description: "The Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 is a set of security configuration best practices for AWS. This Security Hub standard automatically checks for your compliance readiness against a subset of CIS requirements.",
|
2692
|
+
# enabled_by_default: true,
|
2693
|
+
# name: "CIS AWS Foundations Benchmark v1.2.0",
|
2694
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
|
2695
|
+
# },
|
2696
|
+
# {
|
2697
|
+
# description: "The Center for Internet Security (CIS) AWS Foundations Benchmark v1.4.0 is a set of security configuration best practices for AWS. This Security Hub standard automatically checks for your compliance readiness against a subset of CIS requirements.",
|
2698
|
+
# enabled_by_default: false,
|
2699
|
+
# name: "CIS AWS Foundations Benchmark v1.4.0",
|
2700
|
+
# standards_arn: "arn:aws::securityhub:us-west-1::standards/cis-aws-foundations-benchmark/v/1.4.0",
|
2701
|
+
# },
|
2702
|
+
# {
|
2703
|
+
# description: "The Payment Card Industry Data Security Standard (PCI DSS) v3.2.1 is an information security standard for entities that store, process, and/or transmit cardholder data. This Security Hub standard automatically checks for your compliance readiness against a subset of PCI DSS requirements.",
|
2704
|
+
# enabled_by_default: false,
|
2705
|
+
# name: "PCI DSS v3.2.1",
|
2706
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
|
2707
|
+
# },
|
2708
|
+
# ],
|
2709
|
+
# }
|
2710
|
+
#
|
2220
2711
|
# @example Request syntax with placeholder values
|
2221
2712
|
#
|
2222
2713
|
# resp = client.describe_standards({
|
@@ -2274,6 +2765,51 @@ module Aws::SecurityHub
|
|
2274
2765
|
#
|
2275
2766
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2276
2767
|
#
|
2768
|
+
#
|
2769
|
+
# @example Example: To get a list of controls for a security standard
|
2770
|
+
#
|
2771
|
+
# # The following example returns a list of security controls and control details that apply to a specified security
|
2772
|
+
# # standard. The list includes controls that are enabled and disabled in the standard.
|
2773
|
+
#
|
2774
|
+
# resp = client.describe_standards_controls({
|
2775
|
+
# max_results: 2,
|
2776
|
+
# next_token: "NULL",
|
2777
|
+
# standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
2778
|
+
# })
|
2779
|
+
#
|
2780
|
+
# resp.to_h outputs the following:
|
2781
|
+
# {
|
2782
|
+
# controls: [
|
2783
|
+
# {
|
2784
|
+
# control_id: "PCI.AutoScaling.1",
|
2785
|
+
# control_status: "ENABLED",
|
2786
|
+
# control_status_updated_at: Time.parse("2020-05-15T18:49:04.473000+00:00"),
|
2787
|
+
# description: "This AWS control checks whether your Auto Scaling groups that are associated with a load balancer are using Elastic Load Balancing health checks.",
|
2788
|
+
# related_requirements: [
|
2789
|
+
# "PCI DSS 2.2",
|
2790
|
+
# ],
|
2791
|
+
# remediation_url: "https://docs.aws.amazon.com/console/securityhub/PCI.AutoScaling.1/remediation",
|
2792
|
+
# severity_rating: "LOW",
|
2793
|
+
# standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.AutoScaling.1",
|
2794
|
+
# title: "Auto scaling groups associated with a load balancer should use health checks",
|
2795
|
+
# },
|
2796
|
+
# {
|
2797
|
+
# control_id: "PCI.CW.1",
|
2798
|
+
# control_status: "ENABLED",
|
2799
|
+
# control_status_updated_at: Time.parse("2020-05-15T18:49:04.498000+00:00"),
|
2800
|
+
# description: "This control checks for the CloudWatch metric filters using the following pattern { $.userIdentity.type = \"Root\" && $.userIdentity.invokedBy NOT EXISTS && $.eventType != \"AwsServiceEvent\" } It checks that the log group name is configured for use with active multi-region CloudTrail, that there is at least one Event Selector for a Trail with IncludeManagementEvents set to true and ReadWriteType set to All, and that there is at least one active subscriber to an SNS topic associated with the alarm.",
|
2801
|
+
# related_requirements: [
|
2802
|
+
# "PCI DSS 7.2.1",
|
2803
|
+
# ],
|
2804
|
+
# remediation_url: "https://docs.aws.amazon.com/console/securityhub/PCI.CW.1/remediation",
|
2805
|
+
# severity_rating: "MEDIUM",
|
2806
|
+
# standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.CW.1",
|
2807
|
+
# title: "A log metric filter and alarm should exist for usage of the \"root\" user",
|
2808
|
+
# },
|
2809
|
+
# ],
|
2810
|
+
# next_token: "U2FsdGVkX1+eNkPoZHVl11ip5HUYQPWSWZGmftcmJiHL8JoKEsCDuaKayiPDyLK+LiTkShveoOdvfxXCkOBaGhohIXhsIedN+LSjQV/l7kfCfJcq4PziNC1N9xe9aq2pjlLVZnznTfSImrodT5bRNHe4fELCQq/z+5ka+5Lzmc11axcwTd5lKgQyQqmUVoeriHZhyIiBgWKf7oNYdBVG8OEortVWvSkoUTt+B2ThcnC7l43kI0UNxlkZ6sc64AsW",
|
2811
|
+
# }
|
2812
|
+
#
|
2277
2813
|
# @example Request syntax with placeholder values
|
2278
2814
|
#
|
2279
2815
|
# resp = client.describe_standards_controls({
|
@@ -2316,6 +2852,16 @@ module Aws::SecurityHub
|
|
2316
2852
|
#
|
2317
2853
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2318
2854
|
#
|
2855
|
+
#
|
2856
|
+
# @example Example: To end a Security Hub integration
|
2857
|
+
#
|
2858
|
+
# # The following example ends an integration between Security Hub and the specified product that sends findings to Security
|
2859
|
+
# # Hub. After the integration ends, the product no longer sends findings to Security Hub.
|
2860
|
+
#
|
2861
|
+
# resp = client.disable_import_findings_for_product({
|
2862
|
+
# product_subscription_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
|
2863
|
+
# })
|
2864
|
+
#
|
2319
2865
|
# @example Request syntax with placeholder values
|
2320
2866
|
#
|
2321
2867
|
# resp = client.disable_import_findings_for_product({
|
@@ -2340,6 +2886,16 @@ module Aws::SecurityHub
|
|
2340
2886
|
#
|
2341
2887
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2342
2888
|
#
|
2889
|
+
#
|
2890
|
+
# @example Example: To remove a Security Hub administrator account
|
2891
|
+
#
|
2892
|
+
# # The following example removes the Security Hub administrator account in the Region from which the operation was
|
2893
|
+
# # executed. This operation doesn't remove the delegated administrator account in AWS Organizations.
|
2894
|
+
#
|
2895
|
+
# resp = client.disable_organization_admin_account({
|
2896
|
+
# admin_account_id: "123456789012",
|
2897
|
+
# })
|
2898
|
+
#
|
2343
2899
|
# @example Request syntax with placeholder values
|
2344
2900
|
#
|
2345
2901
|
# resp = client.disable_organization_admin_account({
|
@@ -2372,6 +2928,14 @@ module Aws::SecurityHub
|
|
2372
2928
|
#
|
2373
2929
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2374
2930
|
#
|
2931
|
+
#
|
2932
|
+
# @example Example: To deactivate Security Hub
|
2933
|
+
#
|
2934
|
+
# # The following example deactivates Security Hub for the current account and Region.
|
2935
|
+
#
|
2936
|
+
# resp = client.disable_security_hub({
|
2937
|
+
# })
|
2938
|
+
#
|
2375
2939
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHub AWS API Documentation
|
2376
2940
|
#
|
2377
2941
|
# @overload disable_security_hub(params = {})
|
@@ -2390,6 +2954,14 @@ module Aws::SecurityHub
|
|
2390
2954
|
#
|
2391
2955
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2392
2956
|
#
|
2957
|
+
#
|
2958
|
+
# @example Example: To disassociate requesting account from administrator account
|
2959
|
+
#
|
2960
|
+
# # The following example dissociates the requesting account from its associated administrator account.
|
2961
|
+
#
|
2962
|
+
# resp = client.disassociate_from_administrator_account({
|
2963
|
+
# })
|
2964
|
+
#
|
2393
2965
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromAdministratorAccount AWS API Documentation
|
2394
2966
|
#
|
2395
2967
|
# @overload disassociate_from_administrator_account(params = {})
|
@@ -2441,6 +3013,18 @@ module Aws::SecurityHub
|
|
2441
3013
|
#
|
2442
3014
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2443
3015
|
#
|
3016
|
+
#
|
3017
|
+
# @example Example: To disassociate member accounts from administrator account
|
3018
|
+
#
|
3019
|
+
# # The following example dissociates the specified member accounts from the associated administrator account.
|
3020
|
+
#
|
3021
|
+
# resp = client.disassociate_members({
|
3022
|
+
# account_ids: [
|
3023
|
+
# "123456789012",
|
3024
|
+
# "111122223333",
|
3025
|
+
# ],
|
3026
|
+
# })
|
3027
|
+
#
|
2444
3028
|
# @example Request syntax with placeholder values
|
2445
3029
|
#
|
2446
3030
|
# resp = client.disassociate_members({
|
@@ -2470,6 +3054,21 @@ module Aws::SecurityHub
|
|
2470
3054
|
#
|
2471
3055
|
# * {Types::EnableImportFindingsForProductResponse#product_subscription_arn #product_subscription_arn} => String
|
2472
3056
|
#
|
3057
|
+
#
|
3058
|
+
# @example Example: To activate an integration
|
3059
|
+
#
|
3060
|
+
# # The following example activates an integration between Security Hub and a third party partner product that sends
|
3061
|
+
# # findings to Security Hub.
|
3062
|
+
#
|
3063
|
+
# resp = client.enable_import_findings_for_product({
|
3064
|
+
# product_arn: "arn:aws:securityhub:us-east-1:517716713836:product/crowdstrike/crowdstrike-falcon",
|
3065
|
+
# })
|
3066
|
+
#
|
3067
|
+
# resp.to_h outputs the following:
|
3068
|
+
# {
|
3069
|
+
# product_subscription_arn: "arn:aws:securityhub:us-east-1:517716713836:product-subscription/crowdstrike/crowdstrike-falcon",
|
3070
|
+
# }
|
3071
|
+
#
|
2473
3072
|
# @example Request syntax with placeholder values
|
2474
3073
|
#
|
2475
3074
|
# resp = client.enable_import_findings_for_product({
|
@@ -2498,6 +3097,16 @@ module Aws::SecurityHub
|
|
2498
3097
|
#
|
2499
3098
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2500
3099
|
#
|
3100
|
+
#
|
3101
|
+
# @example Example: To designate a Security Hub administrator
|
3102
|
+
#
|
3103
|
+
# # The following example designates the specified account as the Security Hub administrator account. The requesting account
|
3104
|
+
# # must be the organization management account.
|
3105
|
+
#
|
3106
|
+
# resp = client.enable_organization_admin_account({
|
3107
|
+
# admin_account_id: "123456789012",
|
3108
|
+
# })
|
3109
|
+
#
|
2501
3110
|
# @example Request syntax with placeholder values
|
2502
3111
|
#
|
2503
3112
|
# resp = client.enable_organization_admin_account({
|
@@ -2572,6 +3181,21 @@ module Aws::SecurityHub
|
|
2572
3181
|
#
|
2573
3182
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
2574
3183
|
#
|
3184
|
+
#
|
3185
|
+
# @example Example: To activate Security Hub
|
3186
|
+
#
|
3187
|
+
# # The following example activates the Security Hub service in the requesting AWS account. The service is activated in the
|
3188
|
+
# # current AWS Region or the Region that you specify in the request. Some standards are automatically turned on in your
|
3189
|
+
# # account unless you opt out. To determine which standards are automatically turned on, see the Security Hub
|
3190
|
+
# # documentation.
|
3191
|
+
#
|
3192
|
+
# resp = client.enable_security_hub({
|
3193
|
+
# enable_default_standards: true,
|
3194
|
+
# tags: {
|
3195
|
+
# "Department" => "Security",
|
3196
|
+
# },
|
3197
|
+
# })
|
3198
|
+
#
|
2575
3199
|
# @example Request syntax with placeholder values
|
2576
3200
|
#
|
2577
3201
|
# resp = client.enable_security_hub({
|
@@ -2601,6 +3225,24 @@ module Aws::SecurityHub
|
|
2601
3225
|
#
|
2602
3226
|
# * {Types::GetAdministratorAccountResponse#administrator #administrator} => Types::Invitation
|
2603
3227
|
#
|
3228
|
+
#
|
3229
|
+
# @example Example: To get details about the Security Hub administrator account
|
3230
|
+
#
|
3231
|
+
# # The following example provides details about the Security Hub administrator account for the requesting member account.
|
3232
|
+
#
|
3233
|
+
# resp = client.get_administrator_account({
|
3234
|
+
# })
|
3235
|
+
#
|
3236
|
+
# resp.to_h outputs the following:
|
3237
|
+
# {
|
3238
|
+
# administrator: {
|
3239
|
+
# account_id: "123456789012",
|
3240
|
+
# invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
|
3241
|
+
# invited_at: Time.parse("2020-06-01T20:21:18.042000+00:00"),
|
3242
|
+
# member_status: "ASSOCIATED",
|
3243
|
+
# },
|
3244
|
+
# }
|
3245
|
+
#
|
2604
3246
|
# @example Response structure
|
2605
3247
|
#
|
2606
3248
|
# resp.administrator.account_id #=> String
|
@@ -2642,6 +3284,30 @@ module Aws::SecurityHub
|
|
2642
3284
|
#
|
2643
3285
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2644
3286
|
#
|
3287
|
+
#
|
3288
|
+
# @example Example: To return a list of enabled standards
|
3289
|
+
#
|
3290
|
+
# # The following example returns a list of Security Hub standards that are currently enabled in your account.
|
3291
|
+
#
|
3292
|
+
# resp = client.get_enabled_standards({
|
3293
|
+
# standards_subscription_arns: [
|
3294
|
+
# "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
3295
|
+
# ],
|
3296
|
+
# })
|
3297
|
+
#
|
3298
|
+
# resp.to_h outputs the following:
|
3299
|
+
# {
|
3300
|
+
# standards_subscriptions: [
|
3301
|
+
# {
|
3302
|
+
# standards_arn: "arn:aws:securityhub:us-west-1::standards/pci-dss/v/3.2.1",
|
3303
|
+
# standards_input: {
|
3304
|
+
# },
|
3305
|
+
# standards_status: "READY",
|
3306
|
+
# standards_subscription_arn: "arn:aws:securityhub:us-west-1:123456789012:subscription/pci-dss/v/3.2.1",
|
3307
|
+
# },
|
3308
|
+
# ],
|
3309
|
+
# }
|
3310
|
+
#
|
2645
3311
|
# @example Request syntax with placeholder values
|
2646
3312
|
#
|
2647
3313
|
# resp = client.get_enabled_standards({
|
@@ -2683,6 +3349,26 @@ module Aws::SecurityHub
|
|
2683
3349
|
# * {Types::GetFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
2684
3350
|
# * {Types::GetFindingAggregatorResponse#regions #regions} => Array<String>
|
2685
3351
|
#
|
3352
|
+
#
|
3353
|
+
# @example Example: To get cross-Region aggregation details
|
3354
|
+
#
|
3355
|
+
# # The following example returns cross-Region aggregation details for the requesting account.
|
3356
|
+
#
|
3357
|
+
# resp = client.get_finding_aggregator({
|
3358
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3359
|
+
# })
|
3360
|
+
#
|
3361
|
+
# resp.to_h outputs the following:
|
3362
|
+
# {
|
3363
|
+
# finding_aggregation_region: "us-east-1",
|
3364
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3365
|
+
# region_linking_mode: "SPECIFIED_REGIONS",
|
3366
|
+
# regions: [
|
3367
|
+
# "us-west-1",
|
3368
|
+
# "us-west-2",
|
3369
|
+
# ],
|
3370
|
+
# }
|
3371
|
+
#
|
2686
3372
|
# @example Request syntax with placeholder values
|
2687
3373
|
#
|
2688
3374
|
# resp = client.get_finding_aggregator({
|
@@ -2706,6 +3392,158 @@ module Aws::SecurityHub
|
|
2706
3392
|
req.send_request(options)
|
2707
3393
|
end
|
2708
3394
|
|
3395
|
+
# Returns history for a Security Hub finding in the last 90 days. The
|
3396
|
+
# history includes changes made to any fields in the Amazon Web Services
|
3397
|
+
# Security Finding Format (ASFF).
|
3398
|
+
#
|
3399
|
+
# @option params [required, Types::AwsSecurityFindingIdentifier] :finding_identifier
|
3400
|
+
# Identifies which finding to get the finding history for.
|
3401
|
+
#
|
3402
|
+
# @option params [Time,DateTime,Date,Integer,String] :start_time
|
3403
|
+
# An ISO 8601-formatted timestamp that indicates the start time of the
|
3404
|
+
# requested finding history. A correctly formatted example is
|
3405
|
+
# `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
|
3406
|
+
# and time should be separated by `T`. For more information, see [RFC
|
3407
|
+
# 3339 section 5.6, Internet Date/Time Format][1].
|
3408
|
+
#
|
3409
|
+
# If you provide values for both `StartTime` and `EndTime`, Security Hub
|
3410
|
+
# returns finding history for the specified time period. If you provide
|
3411
|
+
# a value for `StartTime` but not for `EndTime`, Security Hub returns
|
3412
|
+
# finding history from the `StartTime` to the time at which the API is
|
3413
|
+
# called. If you provide a value for `EndTime` but not for `StartTime`,
|
3414
|
+
# Security Hub returns finding history from the [CreatedAt][2] timestamp
|
3415
|
+
# of the finding to the `EndTime`. If you provide neither `StartTime`
|
3416
|
+
# nor `EndTime`, Security Hub returns finding history from the CreatedAt
|
3417
|
+
# timestamp of the finding to the time at which the API is called. In
|
3418
|
+
# all of these scenarios, the response is limited to 100 results, and
|
3419
|
+
# the maximum time period is limited to 90 days.
|
3420
|
+
#
|
3421
|
+
#
|
3422
|
+
#
|
3423
|
+
# [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
|
3424
|
+
# [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
|
3425
|
+
#
|
3426
|
+
# @option params [Time,DateTime,Date,Integer,String] :end_time
|
3427
|
+
# An ISO 8601-formatted timestamp that indicates the end time of the
|
3428
|
+
# requested finding history. A correctly formatted example is
|
3429
|
+
# `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
|
3430
|
+
# and time should be separated by `T`. For more information, see [RFC
|
3431
|
+
# 3339 section 5.6, Internet Date/Time Format][1].
|
3432
|
+
#
|
3433
|
+
# If you provide values for both `StartTime` and `EndTime`, Security Hub
|
3434
|
+
# returns finding history for the specified time period. If you provide
|
3435
|
+
# a value for `StartTime` but not for `EndTime`, Security Hub returns
|
3436
|
+
# finding history from the `StartTime` to the time at which the API is
|
3437
|
+
# called. If you provide a value for `EndTime` but not for `StartTime`,
|
3438
|
+
# Security Hub returns finding history from the [CreatedAt][2] timestamp
|
3439
|
+
# of the finding to the `EndTime`. If you provide neither `StartTime`
|
3440
|
+
# nor `EndTime`, Security Hub returns finding history from the CreatedAt
|
3441
|
+
# timestamp of the finding to the time at which the API is called. In
|
3442
|
+
# all of these scenarios, the response is limited to 100 results, and
|
3443
|
+
# the maximum time period is limited to 90 days.
|
3444
|
+
#
|
3445
|
+
#
|
3446
|
+
#
|
3447
|
+
# [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
|
3448
|
+
# [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
|
3449
|
+
#
|
3450
|
+
# @option params [String] :next_token
|
3451
|
+
# A token for pagination purposes. Provide `NULL` as the initial value.
|
3452
|
+
# In subsequent requests, provide the token included in the response to
|
3453
|
+
# get up to an additional 100 results of finding history. If you don’t
|
3454
|
+
# provide `NextToken`, Security Hub returns up to 100 results of finding
|
3455
|
+
# history for each request.
|
3456
|
+
#
|
3457
|
+
# @option params [Integer] :max_results
|
3458
|
+
# The maximum number of results to be returned. If you don’t provide it,
|
3459
|
+
# Security Hub returns up to 100 results of finding history.
|
3460
|
+
#
|
3461
|
+
# @return [Types::GetFindingHistoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3462
|
+
#
|
3463
|
+
# * {Types::GetFindingHistoryResponse#records #records} => Array<Types::FindingHistoryRecord>
|
3464
|
+
# * {Types::GetFindingHistoryResponse#next_token #next_token} => String
|
3465
|
+
#
|
3466
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
3467
|
+
#
|
3468
|
+
#
|
3469
|
+
# @example Example: To get finding history
|
3470
|
+
#
|
3471
|
+
# # The following example retrieves the history of the specified finding during the specified time frame. If the time frame
|
3472
|
+
# # permits, Security Hub returns finding history for the last 90 days.
|
3473
|
+
#
|
3474
|
+
# resp = client.get_finding_history({
|
3475
|
+
# end_time: Time.parse("2021-09-31T15:53:35.573Z"),
|
3476
|
+
# finding_identifier: {
|
3477
|
+
# id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3478
|
+
# product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
|
3479
|
+
# },
|
3480
|
+
# max_results: 2,
|
3481
|
+
# start_time: Time.parse("2021-09-30T15:53:35.573Z"),
|
3482
|
+
# })
|
3483
|
+
#
|
3484
|
+
# resp.to_h outputs the following:
|
3485
|
+
# {
|
3486
|
+
# records: [
|
3487
|
+
# {
|
3488
|
+
# finding_created: false,
|
3489
|
+
# finding_identifier: {
|
3490
|
+
# id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3491
|
+
# product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
|
3492
|
+
# },
|
3493
|
+
# update_source: {
|
3494
|
+
# identity: "arn:aws:iam::444455556666:role/Admin",
|
3495
|
+
# type: "BATCH_UPDATE_FINDINGS",
|
3496
|
+
# },
|
3497
|
+
# update_time: Time.parse("2021-09-31T15:52:25.573Z"),
|
3498
|
+
# updates: [
|
3499
|
+
# {
|
3500
|
+
# new_value: "MEDIUM",
|
3501
|
+
# old_value: "HIGH",
|
3502
|
+
# updated_field: "Severity",
|
3503
|
+
# },
|
3504
|
+
# ],
|
3505
|
+
# },
|
3506
|
+
# ],
|
3507
|
+
# }
|
3508
|
+
#
|
3509
|
+
# @example Request syntax with placeholder values
|
3510
|
+
#
|
3511
|
+
# resp = client.get_finding_history({
|
3512
|
+
# finding_identifier: { # required
|
3513
|
+
# id: "NonEmptyString", # required
|
3514
|
+
# product_arn: "NonEmptyString", # required
|
3515
|
+
# },
|
3516
|
+
# start_time: Time.now,
|
3517
|
+
# end_time: Time.now,
|
3518
|
+
# next_token: "NextToken",
|
3519
|
+
# max_results: 1,
|
3520
|
+
# })
|
3521
|
+
#
|
3522
|
+
# @example Response structure
|
3523
|
+
#
|
3524
|
+
# resp.records #=> Array
|
3525
|
+
# resp.records[0].finding_identifier.id #=> String
|
3526
|
+
# resp.records[0].finding_identifier.product_arn #=> String
|
3527
|
+
# resp.records[0].update_time #=> Time
|
3528
|
+
# resp.records[0].finding_created #=> Boolean
|
3529
|
+
# resp.records[0].update_source.type #=> String, one of "BATCH_UPDATE_FINDINGS", "BATCH_IMPORT_FINDINGS"
|
3530
|
+
# resp.records[0].update_source.identity #=> String
|
3531
|
+
# resp.records[0].updates #=> Array
|
3532
|
+
# resp.records[0].updates[0].updated_field #=> String
|
3533
|
+
# resp.records[0].updates[0].old_value #=> String
|
3534
|
+
# resp.records[0].updates[0].new_value #=> String
|
3535
|
+
# resp.records[0].next_token #=> String
|
3536
|
+
# resp.next_token #=> String
|
3537
|
+
#
|
3538
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistory AWS API Documentation
|
3539
|
+
#
|
3540
|
+
# @overload get_finding_history(params = {})
|
3541
|
+
# @param [Hash] params ({})
|
3542
|
+
def get_finding_history(params = {}, options = {})
|
3543
|
+
req = build_request(:get_finding_history, params)
|
3544
|
+
req.send_request(options)
|
3545
|
+
end
|
3546
|
+
|
2709
3547
|
# Returns a list of findings that match the specified criteria.
|
2710
3548
|
#
|
2711
3549
|
# If finding aggregation is enabled, then when you call `GetFindings`
|
@@ -2744,6 +3582,115 @@ module Aws::SecurityHub
|
|
2744
3582
|
#
|
2745
3583
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
2746
3584
|
#
|
3585
|
+
#
|
3586
|
+
# @example Example: To get a list of findings
|
3587
|
+
#
|
3588
|
+
# # The following example returns a filtered and sorted list of Security Hub findings.
|
3589
|
+
#
|
3590
|
+
# resp = client.get_findings({
|
3591
|
+
# filters: {
|
3592
|
+
# aws_account_id: [
|
3593
|
+
# {
|
3594
|
+
# comparison: "PREFIX",
|
3595
|
+
# value: "123456789012",
|
3596
|
+
# },
|
3597
|
+
# ],
|
3598
|
+
# },
|
3599
|
+
# max_results: 1,
|
3600
|
+
# })
|
3601
|
+
#
|
3602
|
+
# resp.to_h outputs the following:
|
3603
|
+
# {
|
3604
|
+
# findings: [
|
3605
|
+
# {
|
3606
|
+
# aws_account_id: "123456789012",
|
3607
|
+
# company_name: "AWS",
|
3608
|
+
# compliance: {
|
3609
|
+
# associated_standards: [
|
3610
|
+
# {
|
3611
|
+
# standards_id: "standards/aws-foundational-security-best-practices/v/1.0.0",
|
3612
|
+
# },
|
3613
|
+
# {
|
3614
|
+
# standards_id: "standards/pci-dss/v/3.2.1",
|
3615
|
+
# },
|
3616
|
+
# {
|
3617
|
+
# standards_id: "ruleset/cis-aws-foundations-benchmark/v/1.2.0",
|
3618
|
+
# },
|
3619
|
+
# {
|
3620
|
+
# standards_id: "standards/cis-aws-foundations-benchmark/v/1.4.0",
|
3621
|
+
# },
|
3622
|
+
# {
|
3623
|
+
# standards_id: "standards/service-managed-aws-control-tower/v/1.0.0",
|
3624
|
+
# },
|
3625
|
+
# ],
|
3626
|
+
# related_requirements: [
|
3627
|
+
# "PCI DSS v3.2.1/3.4",
|
3628
|
+
# "CIS AWS Foundations Benchmark v1.2.0/2.7",
|
3629
|
+
# "CIS AWS Foundations Benchmark v1.4.0/3.7",
|
3630
|
+
# ],
|
3631
|
+
# security_control_id: "CloudTrail.2",
|
3632
|
+
# status: "FAILED",
|
3633
|
+
# },
|
3634
|
+
# created_at: "2022-10-06T02:18:23.076Z",
|
3635
|
+
# description: "This AWS control checks whether AWS CloudTrail is configured to use the server side encryption (SSE) AWS Key Management Service (AWS KMS) customer master key (CMK) encryption. The check will pass if the KmsKeyId is defined.",
|
3636
|
+
# finding_provider_fields: {
|
3637
|
+
# severity: {
|
3638
|
+
# label: "MEDIUM",
|
3639
|
+
# original: "MEDIUM",
|
3640
|
+
# },
|
3641
|
+
# types: [
|
3642
|
+
# "Software and Configuration Checks/Industry and Regulatory Standards",
|
3643
|
+
# ],
|
3644
|
+
# },
|
3645
|
+
# first_observed_at: "2022-10-06T02:18:23.076Z",
|
3646
|
+
# generator_id: "security-control/CloudTrail.2",
|
3647
|
+
# id: "arn:aws:securityhub:us-east-2:123456789012:security-control/CloudTrail.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3648
|
+
# last_observed_at: "2022-10-28T16:10:06.956Z",
|
3649
|
+
# product_arn: "arn:aws:securityhub:us-east-2::product/aws/securityhub",
|
3650
|
+
# product_fields: {
|
3651
|
+
# "RelatedAWSResources:0/name" => "securityhub-cloud-trail-encryption-enabled-fe95bf3f",
|
3652
|
+
# "RelatedAWSResources:0/type" => "AWS::Config::ConfigRule",
|
3653
|
+
# "Resources:0/Id" => "arn:aws:cloudtrail:us-east-2:123456789012:trail/AWSMacieTrail-DO-NOT-EDIT",
|
3654
|
+
# "aws/securityhub/CompanyName" => "AWS",
|
3655
|
+
# "aws/securityhub/FindingId" => "arn:aws:securityhub:us-east-2::product/aws/securityhub/arn:aws:securityhub:us-east-2:123456789012:security-control/CloudTrail.2/finding/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
3656
|
+
# "aws/securityhub/ProductName" => "Security Hub",
|
3657
|
+
# },
|
3658
|
+
# product_name: "Security Hub",
|
3659
|
+
# record_state: "ACTIVE",
|
3660
|
+
# region: "us-east-2",
|
3661
|
+
# remediation: {
|
3662
|
+
# recommendation: {
|
3663
|
+
# text: "For directions on how to correct this issue, consult the AWS Security Hub controls documentation.",
|
3664
|
+
# url: "https://docs.aws.amazon.com/console/securityhub/CloudTrail.2/remediation",
|
3665
|
+
# },
|
3666
|
+
# },
|
3667
|
+
# resources: [
|
3668
|
+
# {
|
3669
|
+
# id: "arn:aws:cloudtrail:us-east-2:123456789012:trail/AWSMacieTrail-DO-NOT-EDIT",
|
3670
|
+
# partition: "aws",
|
3671
|
+
# region: "us-east-2",
|
3672
|
+
# type: "AwsCloudTrailTrail",
|
3673
|
+
# },
|
3674
|
+
# ],
|
3675
|
+
# schema_version: "2018-10-08",
|
3676
|
+
# severity: {
|
3677
|
+
# label: "MEDIUM",
|
3678
|
+
# normalized: 40,
|
3679
|
+
# original: "MEDIUM",
|
3680
|
+
# },
|
3681
|
+
# title: "CloudTrail should have encryption at-rest enabled",
|
3682
|
+
# types: [
|
3683
|
+
# "Software and Configuration Checks/Industry and Regulatory Standards",
|
3684
|
+
# ],
|
3685
|
+
# updated_at: "2022-10-28T16:10:00.093Z",
|
3686
|
+
# workflow: {
|
3687
|
+
# status: "NEW",
|
3688
|
+
# },
|
3689
|
+
# workflow_state: "NEW",
|
3690
|
+
# },
|
3691
|
+
# ],
|
3692
|
+
# }
|
3693
|
+
#
|
2747
3694
|
# @example Request syntax with placeholder values
|
2748
3695
|
#
|
2749
3696
|
# resp = client.get_findings({
|
@@ -3410,6 +4357,33 @@ module Aws::SecurityHub
|
|
3410
4357
|
#
|
3411
4358
|
# * {Types::GetInsightResultsResponse#insight_results #insight_results} => Types::InsightResults
|
3412
4359
|
#
|
4360
|
+
#
|
4361
|
+
# @example Example: To get the results of a Security Hub insight
|
4362
|
+
#
|
4363
|
+
# # The following example returns the results of the Security Hub insight specified by the insight ARN.
|
4364
|
+
#
|
4365
|
+
# resp = client.get_insight_results({
|
4366
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
4367
|
+
# })
|
4368
|
+
#
|
4369
|
+
# resp.to_h outputs the following:
|
4370
|
+
# {
|
4371
|
+
# insight_results: {
|
4372
|
+
# group_by_attribute: "ResourceId",
|
4373
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
4374
|
+
# result_values: [
|
4375
|
+
# {
|
4376
|
+
# count: 10,
|
4377
|
+
# group_by_attribute_value: "AWS::::Account:111122223333",
|
4378
|
+
# },
|
4379
|
+
# {
|
4380
|
+
# count: 3,
|
4381
|
+
# group_by_attribute_value: "AWS::::Account:444455556666",
|
4382
|
+
# },
|
4383
|
+
# ],
|
4384
|
+
# },
|
4385
|
+
# }
|
4386
|
+
#
|
3413
4387
|
# @example Request syntax with placeholder values
|
3414
4388
|
#
|
3415
4389
|
# resp = client.get_insight_results({
|
@@ -3458,6 +4432,42 @@ module Aws::SecurityHub
|
|
3458
4432
|
#
|
3459
4433
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
3460
4434
|
#
|
4435
|
+
#
|
4436
|
+
# @example Example: To get details of a Security Hub insight
|
4437
|
+
#
|
4438
|
+
# # The following example returns details of the Security Hub insight with the specified ARN.
|
4439
|
+
#
|
4440
|
+
# resp = client.get_insights({
|
4441
|
+
# insight_arns: [
|
4442
|
+
# "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
4443
|
+
# ],
|
4444
|
+
# })
|
4445
|
+
#
|
4446
|
+
# resp.to_h outputs the following:
|
4447
|
+
# {
|
4448
|
+
# insights: [
|
4449
|
+
# {
|
4450
|
+
# filters: {
|
4451
|
+
# resource_type: [
|
4452
|
+
# {
|
4453
|
+
# comparison: "EQUALS",
|
4454
|
+
# value: "AwsIamRole",
|
4455
|
+
# },
|
4456
|
+
# ],
|
4457
|
+
# severity_label: [
|
4458
|
+
# {
|
4459
|
+
# comparison: "EQUALS",
|
4460
|
+
# value: "CRITICAL",
|
4461
|
+
# },
|
4462
|
+
# ],
|
4463
|
+
# },
|
4464
|
+
# group_by_attribute: "ResourceId",
|
4465
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
4466
|
+
# name: "Critical role findings",
|
4467
|
+
# },
|
4468
|
+
# ],
|
4469
|
+
# }
|
4470
|
+
#
|
3461
4471
|
# @example Request syntax with placeholder values
|
3462
4472
|
#
|
3463
4473
|
# resp = client.get_insights({
|
@@ -3810,6 +4820,20 @@ module Aws::SecurityHub
|
|
3810
4820
|
#
|
3811
4821
|
# * {Types::GetInvitationsCountResponse#invitations_count #invitations_count} => Integer
|
3812
4822
|
#
|
4823
|
+
#
|
4824
|
+
# @example Example: To get a count of membership invitations
|
4825
|
+
#
|
4826
|
+
# # The following example returns a count of invitations that the Security Hub administrator sent to the current member
|
4827
|
+
# # account, not including the currently accepted invitation.
|
4828
|
+
#
|
4829
|
+
# resp = client.get_invitations_count({
|
4830
|
+
# })
|
4831
|
+
#
|
4832
|
+
# resp.to_h outputs the following:
|
4833
|
+
# {
|
4834
|
+
# invitations_count: 3,
|
4835
|
+
# }
|
4836
|
+
#
|
3813
4837
|
# @example Response structure
|
3814
4838
|
#
|
3815
4839
|
# resp.invitations_count #=> Integer
|
@@ -3877,6 +4901,44 @@ module Aws::SecurityHub
|
|
3877
4901
|
# * {Types::GetMembersResponse#members #members} => Array<Types::Member>
|
3878
4902
|
# * {Types::GetMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
3879
4903
|
#
|
4904
|
+
#
|
4905
|
+
# @example Example: To get member account details
|
4906
|
+
#
|
4907
|
+
# # The following example returns details for the Security Hub member accounts with the specified AWS account IDs. An
|
4908
|
+
# # administrator account may be the delegated Security Hub administrator account for an organization or an administrator
|
4909
|
+
# # account that enabled Security Hub manually. The Security Hub administrator must call this operation.
|
4910
|
+
#
|
4911
|
+
# resp = client.get_members({
|
4912
|
+
# account_ids: [
|
4913
|
+
# "444455556666",
|
4914
|
+
# "777788889999",
|
4915
|
+
# ],
|
4916
|
+
# })
|
4917
|
+
#
|
4918
|
+
# resp.to_h outputs the following:
|
4919
|
+
# {
|
4920
|
+
# members: [
|
4921
|
+
# {
|
4922
|
+
# account_id: "444455556666",
|
4923
|
+
# administrator_id: "123456789012",
|
4924
|
+
# invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
4925
|
+
# master_id: "123456789012",
|
4926
|
+
# member_status: "ASSOCIATED",
|
4927
|
+
# updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
4928
|
+
# },
|
4929
|
+
# {
|
4930
|
+
# account_id: "777788889999",
|
4931
|
+
# administrator_id: "123456789012",
|
4932
|
+
# invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
4933
|
+
# master_id: "123456789012",
|
4934
|
+
# member_status: "ASSOCIATED",
|
4935
|
+
# updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
4936
|
+
# },
|
4937
|
+
# ],
|
4938
|
+
# unprocessed_accounts: [
|
4939
|
+
# ],
|
4940
|
+
# }
|
4941
|
+
#
|
3880
4942
|
# @example Request syntax with placeholder values
|
3881
4943
|
#
|
3882
4944
|
# resp = client.get_members({
|
@@ -3929,6 +4991,26 @@ module Aws::SecurityHub
|
|
3929
4991
|
#
|
3930
4992
|
# * {Types::InviteMembersResponse#unprocessed_accounts #unprocessed_accounts} => Array<Types::Result>
|
3931
4993
|
#
|
4994
|
+
#
|
4995
|
+
# @example Example: To invite accounts to become members
|
4996
|
+
#
|
4997
|
+
# # The following example invites the specified AWS accounts to become member accounts associated with the calling Security
|
4998
|
+
# # Hub administrator account. You only use this operation to invite accounts that don't belong to an AWS Organizations
|
4999
|
+
# # organization.
|
5000
|
+
#
|
5001
|
+
# resp = client.invite_members({
|
5002
|
+
# account_ids: [
|
5003
|
+
# "111122223333",
|
5004
|
+
# "444455556666",
|
5005
|
+
# ],
|
5006
|
+
# })
|
5007
|
+
#
|
5008
|
+
# resp.to_h outputs the following:
|
5009
|
+
# {
|
5010
|
+
# unprocessed_accounts: [
|
5011
|
+
# ],
|
5012
|
+
# }
|
5013
|
+
#
|
3932
5014
|
# @example Request syntax with placeholder values
|
3933
5015
|
#
|
3934
5016
|
# resp = client.invite_members({
|
@@ -3972,6 +5054,23 @@ module Aws::SecurityHub
|
|
3972
5054
|
#
|
3973
5055
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
3974
5056
|
#
|
5057
|
+
#
|
5058
|
+
# @example Example: To list ARNs for enabled integrations
|
5059
|
+
#
|
5060
|
+
# # The following example returns a list of subscription Amazon Resource Names (ARNs) for the product integrations that you
|
5061
|
+
# # have currently enabled in Security Hub.
|
5062
|
+
#
|
5063
|
+
# resp = client.list_enabled_products_for_import({
|
5064
|
+
# })
|
5065
|
+
#
|
5066
|
+
# resp.to_h outputs the following:
|
5067
|
+
# {
|
5068
|
+
# product_subscriptions: [
|
5069
|
+
# "arn:aws:securityhub:us-east-1:517716713836:product-subscription/crowdstrike/crowdstrike-falcon",
|
5070
|
+
# "arn:aws:securityhub:us-east-1::product/3coresec/3coresec",
|
5071
|
+
# ],
|
5072
|
+
# }
|
5073
|
+
#
|
3975
5074
|
# @example Request syntax with placeholder values
|
3976
5075
|
#
|
3977
5076
|
# resp = client.list_enabled_products_for_import({
|
@@ -4013,6 +5112,23 @@ module Aws::SecurityHub
|
|
4013
5112
|
#
|
4014
5113
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4015
5114
|
#
|
5115
|
+
#
|
5116
|
+
# @example Example: To update the enablement status of a standard control
|
5117
|
+
#
|
5118
|
+
# # The following example disables the specified control in the specified security standard.
|
5119
|
+
#
|
5120
|
+
# resp = client.list_finding_aggregators({
|
5121
|
+
# })
|
5122
|
+
#
|
5123
|
+
# resp.to_h outputs the following:
|
5124
|
+
# {
|
5125
|
+
# finding_aggregators: [
|
5126
|
+
# {
|
5127
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:222222222222:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
5128
|
+
# },
|
5129
|
+
# ],
|
5130
|
+
# }
|
5131
|
+
#
|
4016
5132
|
# @example Request syntax with placeholder values
|
4017
5133
|
#
|
4018
5134
|
# resp = client.list_finding_aggregators({
|
@@ -4061,6 +5177,27 @@ module Aws::SecurityHub
|
|
4061
5177
|
#
|
4062
5178
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4063
5179
|
#
|
5180
|
+
#
|
5181
|
+
# @example Example: To list membership invitations to calling account
|
5182
|
+
#
|
5183
|
+
# # The following example returns a list of Security Hub member invitations sent to the calling AWS account. Only accounts
|
5184
|
+
# # that are invited manually use this operation. It's not for use by accounts that are managed through AWS Organizations.
|
5185
|
+
#
|
5186
|
+
# resp = client.list_invitations({
|
5187
|
+
# })
|
5188
|
+
#
|
5189
|
+
# resp.to_h outputs the following:
|
5190
|
+
# {
|
5191
|
+
# invitations: [
|
5192
|
+
# {
|
5193
|
+
# account_id: "123456789012",
|
5194
|
+
# invitation_id: "7ab938c5d52d7904ad09f9e7c20cc4eb",
|
5195
|
+
# invited_at: Time.parse("2020-06-01T20:21:18.042000+00:00"),
|
5196
|
+
# member_status: "ASSOCIATED",
|
5197
|
+
# },
|
5198
|
+
# ],
|
5199
|
+
# }
|
5200
|
+
#
|
4064
5201
|
# @example Request syntax with placeholder values
|
4065
5202
|
#
|
4066
5203
|
# resp = client.list_invitations({
|
@@ -4122,6 +5259,37 @@ module Aws::SecurityHub
|
|
4122
5259
|
#
|
4123
5260
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4124
5261
|
#
|
5262
|
+
#
|
5263
|
+
# @example Example: To list member account details
|
5264
|
+
#
|
5265
|
+
# # The following example returns details about member accounts for the calling Security Hub administrator account. The
|
5266
|
+
# # response includes member accounts that are managed through AWS Organizations and those that were invited manually.
|
5267
|
+
#
|
5268
|
+
# resp = client.list_members({
|
5269
|
+
# })
|
5270
|
+
#
|
5271
|
+
# resp.to_h outputs the following:
|
5272
|
+
# {
|
5273
|
+
# members: [
|
5274
|
+
# {
|
5275
|
+
# account_id: "111122223333",
|
5276
|
+
# administrator_id: "123456789012",
|
5277
|
+
# invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
5278
|
+
# master_id: "123456789012",
|
5279
|
+
# member_status: "ASSOCIATED",
|
5280
|
+
# updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
5281
|
+
# },
|
5282
|
+
# {
|
5283
|
+
# account_id: "444455556666",
|
5284
|
+
# administrator_id: "123456789012",
|
5285
|
+
# invited_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
5286
|
+
# master_id: "123456789012",
|
5287
|
+
# member_status: "ASSOCIATED",
|
5288
|
+
# updated_at: Time.parse("2020-06-01T20:15:15.289000+00:00"),
|
5289
|
+
# },
|
5290
|
+
# ],
|
5291
|
+
# }
|
5292
|
+
#
|
4125
5293
|
# @example Request syntax with placeholder values
|
4126
5294
|
#
|
4127
5295
|
# resp = client.list_members({
|
@@ -4171,6 +5339,27 @@ module Aws::SecurityHub
|
|
4171
5339
|
#
|
4172
5340
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4173
5341
|
#
|
5342
|
+
#
|
5343
|
+
# @example Example: To list administrator acccounts for an organization
|
5344
|
+
#
|
5345
|
+
# # The following example lists the Security Hub administrator accounts for an organization. Only the organization
|
5346
|
+
# # management account can call this operation.
|
5347
|
+
#
|
5348
|
+
# resp = client.list_organization_admin_accounts({
|
5349
|
+
# })
|
5350
|
+
#
|
5351
|
+
# resp.to_h outputs the following:
|
5352
|
+
# {
|
5353
|
+
# admin_accounts: [
|
5354
|
+
# {
|
5355
|
+
# account_id: "777788889999",
|
5356
|
+
# },
|
5357
|
+
# {
|
5358
|
+
# status: "ENABLED",
|
5359
|
+
# },
|
5360
|
+
# ],
|
5361
|
+
# }
|
5362
|
+
#
|
4174
5363
|
# @example Request syntax with placeholder values
|
4175
5364
|
#
|
4176
5365
|
# resp = client.list_organization_admin_accounts({
|
@@ -4219,6 +5408,48 @@ module Aws::SecurityHub
|
|
4219
5408
|
#
|
4220
5409
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4221
5410
|
#
|
5411
|
+
#
|
5412
|
+
# @example Example: To list security controls that apply to a standard
|
5413
|
+
#
|
5414
|
+
# # The following example lists security controls that apply to a specified Security Hub standard.
|
5415
|
+
#
|
5416
|
+
# resp = client.list_security_control_definitions({
|
5417
|
+
# max_results: 3,
|
5418
|
+
# next_token: "NULL",
|
5419
|
+
# standards_arn: "arn:aws:securityhub:::standards/aws-foundational-security-best-practices/v/1.0.0",
|
5420
|
+
# })
|
5421
|
+
#
|
5422
|
+
# resp.to_h outputs the following:
|
5423
|
+
# {
|
5424
|
+
# next_token: "U2FsdGVkX1...",
|
5425
|
+
# security_control_definitions: [
|
5426
|
+
# {
|
5427
|
+
# current_region_availability: "AVAILABLE",
|
5428
|
+
# description: "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.",
|
5429
|
+
# remediation_url: "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation",
|
5430
|
+
# security_control_id: "ACM.1",
|
5431
|
+
# severity_rating: "MEDIUM",
|
5432
|
+
# title: "Imported and ACM-issued certificates should be renewed after a specified time period",
|
5433
|
+
# },
|
5434
|
+
# {
|
5435
|
+
# current_region_availability: "AVAILABLE",
|
5436
|
+
# description: "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.",
|
5437
|
+
# remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation",
|
5438
|
+
# security_control_id: "APIGateway.1",
|
5439
|
+
# severity_rating: "MEDIUM",
|
5440
|
+
# title: "API Gateway REST and WebSocket API execution logging should be enabled",
|
5441
|
+
# },
|
5442
|
+
# {
|
5443
|
+
# current_region_availability: "AVAILABLE",
|
5444
|
+
# description: "This control checks whether Amazon API Gateway REST API stages have SSL certificates configured that backend systems can use to authenticate that incoming requests are from the API Gateway.",
|
5445
|
+
# remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.2/remediation",
|
5446
|
+
# security_control_id: "APIGateway.2",
|
5447
|
+
# severity_rating: "MEDIUM",
|
5448
|
+
# title: "API Gateway REST API stages should be configured to use SSL certificates for backend authentication",
|
5449
|
+
# },
|
5450
|
+
# ],
|
5451
|
+
# }
|
5452
|
+
#
|
4222
5453
|
# @example Request syntax with placeholder values
|
4223
5454
|
#
|
4224
5455
|
# resp = client.list_security_control_definitions({
|
@@ -4275,6 +5506,50 @@ module Aws::SecurityHub
|
|
4275
5506
|
#
|
4276
5507
|
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
4277
5508
|
#
|
5509
|
+
#
|
5510
|
+
# @example Example: To say whether standard
|
5511
|
+
#
|
5512
|
+
# # The following example specifies whether a control is currently enabled or disabled in each enabled standard in the
|
5513
|
+
# # calling account. The response also provides other details about the control.
|
5514
|
+
#
|
5515
|
+
# resp = client.list_standards_control_associations({
|
5516
|
+
# security_control_id: "S3.1",
|
5517
|
+
# })
|
5518
|
+
#
|
5519
|
+
# resp.to_h outputs the following:
|
5520
|
+
# {
|
5521
|
+
# standards_control_association_summaries: [
|
5522
|
+
# {
|
5523
|
+
# association_status: "ENABLED",
|
5524
|
+
# related_requirements: [
|
5525
|
+
# "PCI DSS 1.2.1",
|
5526
|
+
# "PCI DSS 1.3.1",
|
5527
|
+
# "PCI DSS 1.3.2",
|
5528
|
+
# "PCI DSS 1.3.4",
|
5529
|
+
# "PCI DSS 1.3.6",
|
5530
|
+
# ],
|
5531
|
+
# security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/S3.1",
|
5532
|
+
# security_control_id: "S3.1",
|
5533
|
+
# standards_arn: "arn:aws:securityhub:us-west-2::standards/pci-dss/v/3.2.1",
|
5534
|
+
# standards_control_description: "This AWS control checks whether the following public access block settings are configured from account level: ignorePublicAcls: True, blockPublicPolicy: True, blockPublicAcls: True, restrictPublicBuckets: True.",
|
5535
|
+
# standards_control_title: "S3 Block Public Access setting should be enabled",
|
5536
|
+
# updated_at: Time.parse("2022-01-13T23:03:46.648000+00:00"),
|
5537
|
+
# },
|
5538
|
+
# {
|
5539
|
+
# association_status: "DISABLED",
|
5540
|
+
# related_requirements: [
|
5541
|
+
# ],
|
5542
|
+
# security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/S3.1",
|
5543
|
+
# security_control_id: "S3.1",
|
5544
|
+
# standards_arn: "arn:aws:securityhub:us-west-2::standards/aws-foundational-security-best-practices/v/1.0.0",
|
5545
|
+
# standards_control_description: "This AWS control checks whether the following public access block settings are configured from account level: ignorePublicAcls: True, blockPublicPolicy: True, blockPublicAcls: True, restrictPublicBuckets: True.",
|
5546
|
+
# standards_control_title: "S3 Block Public Access setting should be enabled",
|
5547
|
+
# updated_at: Time.parse("2022-08-12T22:59:04.924000+00:00"),
|
5548
|
+
# updated_reason: "Not relevant to environment",
|
5549
|
+
# },
|
5550
|
+
# ],
|
5551
|
+
# }
|
5552
|
+
#
|
4278
5553
|
# @example Request syntax with placeholder values
|
4279
5554
|
#
|
4280
5555
|
# resp = client.list_standards_control_associations({
|
@@ -4316,6 +5591,23 @@ module Aws::SecurityHub
|
|
4316
5591
|
#
|
4317
5592
|
# * {Types::ListTagsForResourceResponse#tags #tags} => Hash<String,String>
|
4318
5593
|
#
|
5594
|
+
#
|
5595
|
+
# @example Example: To get a list of tags for a resource
|
5596
|
+
#
|
5597
|
+
# # The following example returns a list of tags associated with the specified resource.
|
5598
|
+
#
|
5599
|
+
# resp = client.list_tags_for_resource({
|
5600
|
+
# resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
|
5601
|
+
# })
|
5602
|
+
#
|
5603
|
+
# resp.to_h outputs the following:
|
5604
|
+
# {
|
5605
|
+
# tags: {
|
5606
|
+
# "Area" => "USMidwest",
|
5607
|
+
# "Department" => "Operations",
|
5608
|
+
# },
|
5609
|
+
# }
|
5610
|
+
#
|
4319
5611
|
# @example Request syntax with placeholder values
|
4320
5612
|
#
|
4321
5613
|
# resp = client.list_tags_for_resource({
|
@@ -4348,6 +5640,19 @@ module Aws::SecurityHub
|
|
4348
5640
|
#
|
4349
5641
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4350
5642
|
#
|
5643
|
+
#
|
5644
|
+
# @example Example: To tag a resource
|
5645
|
+
#
|
5646
|
+
# # The following example adds the 'Department' and 'Area' tags to the specified resource.
|
5647
|
+
#
|
5648
|
+
# resp = client.tag_resource({
|
5649
|
+
# resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
|
5650
|
+
# tags: {
|
5651
|
+
# "Area" => "USMidwest",
|
5652
|
+
# "Department" => "Operations",
|
5653
|
+
# },
|
5654
|
+
# })
|
5655
|
+
#
|
4351
5656
|
# @example Request syntax with placeholder values
|
4352
5657
|
#
|
4353
5658
|
# resp = client.tag_resource({
|
@@ -4377,6 +5682,18 @@ module Aws::SecurityHub
|
|
4377
5682
|
#
|
4378
5683
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4379
5684
|
#
|
5685
|
+
#
|
5686
|
+
# @example Example: To remove tags from a resource
|
5687
|
+
#
|
5688
|
+
# # The following example removes the 'Department' tag from the specified resource.
|
5689
|
+
#
|
5690
|
+
# resp = client.untag_resource({
|
5691
|
+
# resource_arn: "arn:aws:securityhub:us-west-1:123456789012:hub/default",
|
5692
|
+
# tag_keys: [
|
5693
|
+
# "Department",
|
5694
|
+
# ],
|
5695
|
+
# })
|
5696
|
+
#
|
4380
5697
|
# @example Request syntax with placeholder values
|
4381
5698
|
#
|
4382
5699
|
# resp = client.untag_resource({
|
@@ -4407,6 +5724,18 @@ module Aws::SecurityHub
|
|
4407
5724
|
#
|
4408
5725
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
4409
5726
|
#
|
5727
|
+
#
|
5728
|
+
# @example Example: To update the name and description of a custom action target
|
5729
|
+
#
|
5730
|
+
# # The following example updates the name and description of a custom action target in Security Hub. You can create custom
|
5731
|
+
# # actions to automatically respond to Security Hub findings using Amazon EventBridge.
|
5732
|
+
#
|
5733
|
+
# resp = client.update_action_target({
|
5734
|
+
# action_target_arn: "arn:aws:securityhub:us-west-1:123456789012:action/custom/Remediation",
|
5735
|
+
# description: "Sends specified findings to customer service chat",
|
5736
|
+
# name: "Chat custom action",
|
5737
|
+
# })
|
5738
|
+
#
|
4410
5739
|
# @example Request syntax with placeholder values
|
4411
5740
|
#
|
4412
5741
|
# resp = client.update_action_target({
|
@@ -4477,6 +5806,33 @@ module Aws::SecurityHub
|
|
4477
5806
|
# * {Types::UpdateFindingAggregatorResponse#region_linking_mode #region_linking_mode} => String
|
4478
5807
|
# * {Types::UpdateFindingAggregatorResponse#regions #regions} => Array<String>
|
4479
5808
|
#
|
5809
|
+
#
|
5810
|
+
# @example Example: To update cross-Region aggregation settings
|
5811
|
+
#
|
5812
|
+
# # The following example updates the cross-Region aggregation configuration. You use this operation to change the list of
|
5813
|
+
# # linked Regions and the treatment of new Regions. However, you cannot use this operation to change the aggregation
|
5814
|
+
# # Region.
|
5815
|
+
#
|
5816
|
+
# resp = client.update_finding_aggregator({
|
5817
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
5818
|
+
# region_linking_mode: "SPECIFIED_REGIONS",
|
5819
|
+
# regions: [
|
5820
|
+
# "us-west-1",
|
5821
|
+
# "us-west-2",
|
5822
|
+
# ],
|
5823
|
+
# })
|
5824
|
+
#
|
5825
|
+
# resp.to_h outputs the following:
|
5826
|
+
# {
|
5827
|
+
# finding_aggregation_region: "us-east-1",
|
5828
|
+
# finding_aggregator_arn: "arn:aws:securityhub:us-east-1:123456789012:finding-aggregator/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
5829
|
+
# region_linking_mode: "SPECIFIED_REGIONS",
|
5830
|
+
# regions: [
|
5831
|
+
# "us-west-1",
|
5832
|
+
# "us-west-2",
|
5833
|
+
# ],
|
5834
|
+
# }
|
5835
|
+
#
|
4480
5836
|
# @example Request syntax with placeholder values
|
4481
5837
|
#
|
4482
5838
|
# resp = client.update_finding_aggregator({
|
@@ -5191,6 +6547,30 @@ module Aws::SecurityHub
|
|
5191
6547
|
#
|
5192
6548
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5193
6549
|
#
|
6550
|
+
#
|
6551
|
+
# @example Example: To update an insight
|
6552
|
+
#
|
6553
|
+
# # The following example updates the specified Security Hub insight.
|
6554
|
+
#
|
6555
|
+
# resp = client.update_insight({
|
6556
|
+
# filters: {
|
6557
|
+
# resource_type: [
|
6558
|
+
# {
|
6559
|
+
# comparison: "EQUALS",
|
6560
|
+
# value: "AwsIamRole",
|
6561
|
+
# },
|
6562
|
+
# ],
|
6563
|
+
# severity_label: [
|
6564
|
+
# {
|
6565
|
+
# comparison: "EQUALS",
|
6566
|
+
# value: "HIGH",
|
6567
|
+
# },
|
6568
|
+
# ],
|
6569
|
+
# },
|
6570
|
+
# insight_arn: "arn:aws:securityhub:us-west-1:123456789012:insight/123456789012/custom/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
|
6571
|
+
# name: "High severity role findings",
|
6572
|
+
# })
|
6573
|
+
#
|
5194
6574
|
# @example Request syntax with placeholder values
|
5195
6575
|
#
|
5196
6576
|
# resp = client.update_insight({
|
@@ -5872,6 +7252,16 @@ module Aws::SecurityHub
|
|
5872
7252
|
#
|
5873
7253
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5874
7254
|
#
|
7255
|
+
#
|
7256
|
+
# @example Example: To update organization configuration
|
7257
|
+
#
|
7258
|
+
# # The following example updates the configuration for an organization so that Security Hub is automatically activated for
|
7259
|
+
# # new member accounts. Only the Security Hub administrator account can call this operation.
|
7260
|
+
#
|
7261
|
+
# resp = client.update_organization_configuration({
|
7262
|
+
# auto_enable: true,
|
7263
|
+
# })
|
7264
|
+
#
|
5875
7265
|
# @example Request syntax with placeholder values
|
5876
7266
|
#
|
5877
7267
|
# resp = client.update_organization_configuration({
|
@@ -5913,6 +7303,17 @@ module Aws::SecurityHub
|
|
5913
7303
|
#
|
5914
7304
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5915
7305
|
#
|
7306
|
+
#
|
7307
|
+
# @example Example: To update Security Hub settings
|
7308
|
+
#
|
7309
|
+
# # The following example updates Security Hub settings to turn on consolidated control findings, and to automatically
|
7310
|
+
# # enable new controls in enabled standards.
|
7311
|
+
#
|
7312
|
+
# resp = client.update_security_hub_configuration({
|
7313
|
+
# auto_enable_controls: true,
|
7314
|
+
# control_finding_generator: "SECURITY_CONTROL",
|
7315
|
+
# })
|
7316
|
+
#
|
5916
7317
|
# @example Request syntax with placeholder values
|
5917
7318
|
#
|
5918
7319
|
# resp = client.update_security_hub_configuration({
|
@@ -5944,6 +7345,17 @@ module Aws::SecurityHub
|
|
5944
7345
|
#
|
5945
7346
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
5946
7347
|
#
|
7348
|
+
#
|
7349
|
+
# @example Example: To update the enablement status of a standard control
|
7350
|
+
#
|
7351
|
+
# # The following example disables the specified control in the specified security standard.
|
7352
|
+
#
|
7353
|
+
# resp = client.update_standards_control({
|
7354
|
+
# control_status: "DISABLED",
|
7355
|
+
# disabled_reason: "Not applicable to my service",
|
7356
|
+
# standards_control_arn: "arn:aws:securityhub:us-west-1:123456789012:control/pci-dss/v/3.2.1/PCI.AutoScaling.1",
|
7357
|
+
# })
|
7358
|
+
#
|
5947
7359
|
# @example Request syntax with placeholder values
|
5948
7360
|
#
|
5949
7361
|
# resp = client.update_standards_control({
|
@@ -5974,7 +7386,7 @@ module Aws::SecurityHub
|
|
5974
7386
|
params: params,
|
5975
7387
|
config: config)
|
5976
7388
|
context[:gem_name] = 'aws-sdk-securityhub'
|
5977
|
-
context[:gem_version] = '1.
|
7389
|
+
context[:gem_version] = '1.81.0'
|
5978
7390
|
Seahorse::Client::Request.new(handlers, context)
|
5979
7391
|
end
|
5980
7392
|
|