aws-sdk-securityhub 1.80.0 → 1.81.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7fe39abcc2096a495ec8a44d44453b4ff663040a34b7ca5ca89ef485add6a5f5
4
- data.tar.gz: 32f796ff5449feb8a40269707f939b7d08560419d9cb9ad6a45f968480578ba8
3
+ metadata.gz: 10e5174306380ff7035e5e04b2ff94ddda1f27f6d357480550e33e0f3e48d9b3
4
+ data.tar.gz: bec91d2ab7a03bc5174eec92ce088579a1dc04a92aed3fc7bc465c64bc4788f1
5
5
  SHA512:
6
- metadata.gz: 6d712aca3964c2779b1bbd50843cbc28afa67b698446a803ea01c7a0e79f0ff0b6dbc475b408d29ff04fe5cfb2c72d25372d983226dfe8a64f32fa4fdf7d1f1c
7
- data.tar.gz: 1b1e4eacb745dc9ea2de1f0cb40c04a59b4de56c641c33cea6961e9c40ece32500c51f1963fe1e61f71d741fe4d601b5d3c1f4beb7182a587d3439270fd9980a
6
+ metadata.gz: 2e7ead089602b31493917b75b62f5bb58d27440d47f8d5267b7ac6e4dceccadd9862c0ee6186ccfc71fbf194bd385cce3598c85f78bd1531aa8d3e274a390d33
7
+ data.tar.gz: df84f84643083f357ad14da2b8a96910d0af2cabdbad8017ef6252144ba9cf51121e7c3becedff89617a7a69a7587af1d15e473bf829af5c8b8b3e12527f5cba
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.81.0 (2023-05-04)
5
+ ------------------
6
+
7
+ * Feature - Add support for Finding History.
8
+
4
9
  1.80.0 (2023-04-19)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.80.0
1
+ 1.81.0
@@ -3392,6 +3392,158 @@ module Aws::SecurityHub
3392
3392
  req.send_request(options)
3393
3393
  end
3394
3394
 
3395
+ # Returns history for a Security Hub finding in the last 90 days. The
3396
+ # history includes changes made to any fields in the Amazon Web Services
3397
+ # Security Finding Format (ASFF).
3398
+ #
3399
+ # @option params [required, Types::AwsSecurityFindingIdentifier] :finding_identifier
3400
+ # Identifies which finding to get the finding history for.
3401
+ #
3402
+ # @option params [Time,DateTime,Date,Integer,String] :start_time
3403
+ # An ISO 8601-formatted timestamp that indicates the start time of the
3404
+ # requested finding history. A correctly formatted example is
3405
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
3406
+ # and time should be separated by `T`. For more information, see [RFC
3407
+ # 3339 section 5.6, Internet Date/Time Format][1].
3408
+ #
3409
+ # If you provide values for both `StartTime` and `EndTime`, Security Hub
3410
+ # returns finding history for the specified time period. If you provide
3411
+ # a value for `StartTime` but not for `EndTime`, Security Hub returns
3412
+ # finding history from the `StartTime` to the time at which the API is
3413
+ # called. If you provide a value for `EndTime` but not for `StartTime`,
3414
+ # Security Hub returns finding history from the [CreatedAt][2] timestamp
3415
+ # of the finding to the `EndTime`. If you provide neither `StartTime`
3416
+ # nor `EndTime`, Security Hub returns finding history from the CreatedAt
3417
+ # timestamp of the finding to the time at which the API is called. In
3418
+ # all of these scenarios, the response is limited to 100 results, and
3419
+ # the maximum time period is limited to 90 days.
3420
+ #
3421
+ #
3422
+ #
3423
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
3424
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
3425
+ #
3426
+ # @option params [Time,DateTime,Date,Integer,String] :end_time
3427
+ # An ISO 8601-formatted timestamp that indicates the end time of the
3428
+ # requested finding history. A correctly formatted example is
3429
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
3430
+ # and time should be separated by `T`. For more information, see [RFC
3431
+ # 3339 section 5.6, Internet Date/Time Format][1].
3432
+ #
3433
+ # If you provide values for both `StartTime` and `EndTime`, Security Hub
3434
+ # returns finding history for the specified time period. If you provide
3435
+ # a value for `StartTime` but not for `EndTime`, Security Hub returns
3436
+ # finding history from the `StartTime` to the time at which the API is
3437
+ # called. If you provide a value for `EndTime` but not for `StartTime`,
3438
+ # Security Hub returns finding history from the [CreatedAt][2] timestamp
3439
+ # of the finding to the `EndTime`. If you provide neither `StartTime`
3440
+ # nor `EndTime`, Security Hub returns finding history from the CreatedAt
3441
+ # timestamp of the finding to the time at which the API is called. In
3442
+ # all of these scenarios, the response is limited to 100 results, and
3443
+ # the maximum time period is limited to 90 days.
3444
+ #
3445
+ #
3446
+ #
3447
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
3448
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
3449
+ #
3450
+ # @option params [String] :next_token
3451
+ # A token for pagination purposes. Provide `NULL` as the initial value.
3452
+ # In subsequent requests, provide the token included in the response to
3453
+ # get up to an additional 100 results of finding history. If you don’t
3454
+ # provide `NextToken`, Security Hub returns up to 100 results of finding
3455
+ # history for each request.
3456
+ #
3457
+ # @option params [Integer] :max_results
3458
+ # The maximum number of results to be returned. If you don’t provide it,
3459
+ # Security Hub returns up to 100 results of finding history.
3460
+ #
3461
+ # @return [Types::GetFindingHistoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3462
+ #
3463
+ # * {Types::GetFindingHistoryResponse#records #records} => Array<Types::FindingHistoryRecord>
3464
+ # * {Types::GetFindingHistoryResponse#next_token #next_token} => String
3465
+ #
3466
+ # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
3467
+ #
3468
+ #
3469
+ # @example Example: To get finding history
3470
+ #
3471
+ # # The following example retrieves the history of the specified finding during the specified time frame. If the time frame
3472
+ # # permits, Security Hub returns finding history for the last 90 days.
3473
+ #
3474
+ # resp = client.get_finding_history({
3475
+ # end_time: Time.parse("2021-09-31T15:53:35.573Z"),
3476
+ # finding_identifier: {
3477
+ # id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3478
+ # product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
3479
+ # },
3480
+ # max_results: 2,
3481
+ # start_time: Time.parse("2021-09-30T15:53:35.573Z"),
3482
+ # })
3483
+ #
3484
+ # resp.to_h outputs the following:
3485
+ # {
3486
+ # records: [
3487
+ # {
3488
+ # finding_created: false,
3489
+ # finding_identifier: {
3490
+ # id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
3491
+ # product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default",
3492
+ # },
3493
+ # update_source: {
3494
+ # identity: "arn:aws:iam::444455556666:role/Admin",
3495
+ # type: "BATCH_UPDATE_FINDINGS",
3496
+ # },
3497
+ # update_time: Time.parse("2021-09-31T15:52:25.573Z"),
3498
+ # updates: [
3499
+ # {
3500
+ # new_value: "MEDIUM",
3501
+ # old_value: "HIGH",
3502
+ # updated_field: "Severity",
3503
+ # },
3504
+ # ],
3505
+ # },
3506
+ # ],
3507
+ # }
3508
+ #
3509
+ # @example Request syntax with placeholder values
3510
+ #
3511
+ # resp = client.get_finding_history({
3512
+ # finding_identifier: { # required
3513
+ # id: "NonEmptyString", # required
3514
+ # product_arn: "NonEmptyString", # required
3515
+ # },
3516
+ # start_time: Time.now,
3517
+ # end_time: Time.now,
3518
+ # next_token: "NextToken",
3519
+ # max_results: 1,
3520
+ # })
3521
+ #
3522
+ # @example Response structure
3523
+ #
3524
+ # resp.records #=> Array
3525
+ # resp.records[0].finding_identifier.id #=> String
3526
+ # resp.records[0].finding_identifier.product_arn #=> String
3527
+ # resp.records[0].update_time #=> Time
3528
+ # resp.records[0].finding_created #=> Boolean
3529
+ # resp.records[0].update_source.type #=> String, one of "BATCH_UPDATE_FINDINGS", "BATCH_IMPORT_FINDINGS"
3530
+ # resp.records[0].update_source.identity #=> String
3531
+ # resp.records[0].updates #=> Array
3532
+ # resp.records[0].updates[0].updated_field #=> String
3533
+ # resp.records[0].updates[0].old_value #=> String
3534
+ # resp.records[0].updates[0].new_value #=> String
3535
+ # resp.records[0].next_token #=> String
3536
+ # resp.next_token #=> String
3537
+ #
3538
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistory AWS API Documentation
3539
+ #
3540
+ # @overload get_finding_history(params = {})
3541
+ # @param [Hash] params ({})
3542
+ def get_finding_history(params = {}, options = {})
3543
+ req = build_request(:get_finding_history, params)
3544
+ req.send_request(options)
3545
+ end
3546
+
3395
3547
  # Returns a list of findings that match the specified criteria.
3396
3548
  #
3397
3549
  # If finding aggregation is enabled, then when you call `GetFindings`
@@ -7234,7 +7386,7 @@ module Aws::SecurityHub
7234
7386
  params: params,
7235
7387
  config: config)
7236
7388
  context[:gem_name] = 'aws-sdk-securityhub'
7237
- context[:gem_version] = '1.80.0'
7389
+ context[:gem_version] = '1.81.0'
7238
7390
  Seahorse::Client::Request.new(handlers, context)
7239
7391
  end
7240
7392
 
@@ -710,6 +710,12 @@ module Aws::SecurityHub
710
710
  FilePaths = Shapes::StructureShape.new(name: 'FilePaths')
711
711
  FindingAggregator = Shapes::StructureShape.new(name: 'FindingAggregator')
712
712
  FindingAggregatorList = Shapes::ListShape.new(name: 'FindingAggregatorList')
713
+ FindingHistoryRecord = Shapes::StructureShape.new(name: 'FindingHistoryRecord')
714
+ FindingHistoryRecordList = Shapes::ListShape.new(name: 'FindingHistoryRecordList')
715
+ FindingHistoryUpdate = Shapes::StructureShape.new(name: 'FindingHistoryUpdate')
716
+ FindingHistoryUpdateSource = Shapes::StructureShape.new(name: 'FindingHistoryUpdateSource')
717
+ FindingHistoryUpdateSourceType = Shapes::StringShape.new(name: 'FindingHistoryUpdateSourceType')
718
+ FindingHistoryUpdatesList = Shapes::ListShape.new(name: 'FindingHistoryUpdatesList')
713
719
  FindingProviderFields = Shapes::StructureShape.new(name: 'FindingProviderFields')
714
720
  FindingProviderSeverity = Shapes::StructureShape.new(name: 'FindingProviderSeverity')
715
721
  FirewallPolicyDetails = Shapes::StructureShape.new(name: 'FirewallPolicyDetails')
@@ -726,6 +732,8 @@ module Aws::SecurityHub
726
732
  GetEnabledStandardsResponse = Shapes::StructureShape.new(name: 'GetEnabledStandardsResponse')
727
733
  GetFindingAggregatorRequest = Shapes::StructureShape.new(name: 'GetFindingAggregatorRequest')
728
734
  GetFindingAggregatorResponse = Shapes::StructureShape.new(name: 'GetFindingAggregatorResponse')
735
+ GetFindingHistoryRequest = Shapes::StructureShape.new(name: 'GetFindingHistoryRequest')
736
+ GetFindingHistoryResponse = Shapes::StructureShape.new(name: 'GetFindingHistoryResponse')
729
737
  GetFindingsRequest = Shapes::StructureShape.new(name: 'GetFindingsRequest')
730
738
  GetFindingsResponse = Shapes::StructureShape.new(name: 'GetFindingsResponse')
731
739
  GetInsightResultsRequest = Shapes::StructureShape.new(name: 'GetInsightResultsRequest')
@@ -4688,6 +4696,27 @@ module Aws::SecurityHub
4688
4696
 
4689
4697
  FindingAggregatorList.member = Shapes::ShapeRef.new(shape: FindingAggregator)
4690
4698
 
4699
+ FindingHistoryRecord.add_member(:finding_identifier, Shapes::ShapeRef.new(shape: AwsSecurityFindingIdentifier, location_name: "FindingIdentifier"))
4700
+ FindingHistoryRecord.add_member(:update_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "UpdateTime"))
4701
+ FindingHistoryRecord.add_member(:finding_created, Shapes::ShapeRef.new(shape: Boolean, location_name: "FindingCreated"))
4702
+ FindingHistoryRecord.add_member(:update_source, Shapes::ShapeRef.new(shape: FindingHistoryUpdateSource, location_name: "UpdateSource"))
4703
+ FindingHistoryRecord.add_member(:updates, Shapes::ShapeRef.new(shape: FindingHistoryUpdatesList, location_name: "Updates"))
4704
+ FindingHistoryRecord.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
4705
+ FindingHistoryRecord.struct_class = Types::FindingHistoryRecord
4706
+
4707
+ FindingHistoryRecordList.member = Shapes::ShapeRef.new(shape: FindingHistoryRecord)
4708
+
4709
+ FindingHistoryUpdate.add_member(:updated_field, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "UpdatedField"))
4710
+ FindingHistoryUpdate.add_member(:old_value, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OldValue"))
4711
+ FindingHistoryUpdate.add_member(:new_value, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NewValue"))
4712
+ FindingHistoryUpdate.struct_class = Types::FindingHistoryUpdate
4713
+
4714
+ FindingHistoryUpdateSource.add_member(:type, Shapes::ShapeRef.new(shape: FindingHistoryUpdateSourceType, location_name: "Type"))
4715
+ FindingHistoryUpdateSource.add_member(:identity, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Identity"))
4716
+ FindingHistoryUpdateSource.struct_class = Types::FindingHistoryUpdateSource
4717
+
4718
+ FindingHistoryUpdatesList.member = Shapes::ShapeRef.new(shape: FindingHistoryUpdate)
4719
+
4691
4720
  FindingProviderFields.add_member(:confidence, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Confidence"))
4692
4721
  FindingProviderFields.add_member(:criticality, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Criticality"))
4693
4722
  FindingProviderFields.add_member(:related_findings, Shapes::ShapeRef.new(shape: RelatedFindingList, location_name: "RelatedFindings"))
@@ -4750,6 +4779,17 @@ module Aws::SecurityHub
4750
4779
  GetFindingAggregatorResponse.add_member(:regions, Shapes::ShapeRef.new(shape: StringList, location_name: "Regions"))
4751
4780
  GetFindingAggregatorResponse.struct_class = Types::GetFindingAggregatorResponse
4752
4781
 
4782
+ GetFindingHistoryRequest.add_member(:finding_identifier, Shapes::ShapeRef.new(shape: AwsSecurityFindingIdentifier, required: true, location_name: "FindingIdentifier"))
4783
+ GetFindingHistoryRequest.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "StartTime"))
4784
+ GetFindingHistoryRequest.add_member(:end_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "EndTime"))
4785
+ GetFindingHistoryRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
4786
+ GetFindingHistoryRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
4787
+ GetFindingHistoryRequest.struct_class = Types::GetFindingHistoryRequest
4788
+
4789
+ GetFindingHistoryResponse.add_member(:records, Shapes::ShapeRef.new(shape: FindingHistoryRecordList, location_name: "Records"))
4790
+ GetFindingHistoryResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
4791
+ GetFindingHistoryResponse.struct_class = Types::GetFindingHistoryResponse
4792
+
4753
4793
  GetFindingsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: AwsSecurityFindingFilters, location_name: "Filters"))
4754
4794
  GetFindingsRequest.add_member(:sort_criteria, Shapes::ShapeRef.new(shape: SortCriteria, location_name: "SortCriteria"))
4755
4795
  GetFindingsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -6240,6 +6280,24 @@ module Aws::SecurityHub
6240
6280
  o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
6241
6281
  end)
6242
6282
 
6283
+ api.add_operation(:get_finding_history, Seahorse::Model::Operation.new.tap do |o|
6284
+ o.name = "GetFindingHistory"
6285
+ o.http_method = "POST"
6286
+ o.http_request_uri = "/findingHistory/get"
6287
+ o.input = Shapes::ShapeRef.new(shape: GetFindingHistoryRequest)
6288
+ o.output = Shapes::ShapeRef.new(shape: GetFindingHistoryResponse)
6289
+ o.errors << Shapes::ShapeRef.new(shape: InternalException)
6290
+ o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
6291
+ o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
6292
+ o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
6293
+ o[:pager] = Aws::Pager.new(
6294
+ limit_key: "max_results",
6295
+ tokens: {
6296
+ "next_token" => "next_token"
6297
+ }
6298
+ )
6299
+ end)
6300
+
6243
6301
  api.add_operation(:get_findings, Seahorse::Model::Operation.new.tap do |o|
6244
6302
  o.name = "GetFindings"
6245
6303
  o.http_method = "POST"
@@ -529,6 +529,20 @@ module Aws::SecurityHub
529
529
  end
530
530
  end
531
531
 
532
+ class GetFindingHistory
533
+ def self.build(context)
534
+ unless context.config.regional_endpoint
535
+ endpoint = context.config.endpoint.to_s
536
+ end
537
+ Aws::SecurityHub::EndpointParameters.new(
538
+ region: context.config.region,
539
+ use_dual_stack: context.config.use_dualstack_endpoint,
540
+ use_fips: context.config.use_fips_endpoint,
541
+ endpoint: endpoint,
542
+ )
543
+ end
544
+ end
545
+
532
546
  class GetFindings
533
547
  def self.build(context)
534
548
  unless context.config.regional_endpoint
@@ -130,6 +130,8 @@ module Aws::SecurityHub
130
130
  Aws::SecurityHub::Endpoints::GetEnabledStandards.build(context)
131
131
  when :get_finding_aggregator
132
132
  Aws::SecurityHub::Endpoints::GetFindingAggregator.build(context)
133
+ when :get_finding_history
134
+ Aws::SecurityHub::Endpoints::GetFindingHistory.build(context)
133
135
  when :get_findings
134
136
  Aws::SecurityHub::Endpoints::GetFindings.build(context)
135
137
  when :get_insight_results
@@ -15981,7 +15981,7 @@ module Aws::SecurityHub
15981
15981
  #
15982
15982
  # @!attribute [rw] generator_id
15983
15983
  # The identifier for the solution-specific component (a discrete unit
15984
- # of logic) that generated a finding. In various security-findings
15984
+ # of logic) that generated a finding. In various security findings
15985
15985
  # providers' solutions, this generator can be called a rule, a check,
15986
15986
  # a detector, a plugin, etc.
15987
15987
  # @return [String]
@@ -16000,7 +16000,7 @@ module Aws::SecurityHub
16000
16000
  # @return [Array<String>]
16001
16001
  #
16002
16002
  # @!attribute [rw] first_observed_at
16003
- # Indicates when the security-findings provider first observed the
16003
+ # Indicates when the security findings provider first observed the
16004
16004
  # potential security issue that a finding captured.
16005
16005
  #
16006
16006
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16014,7 +16014,7 @@ module Aws::SecurityHub
16014
16014
  # @return [String]
16015
16015
  #
16016
16016
  # @!attribute [rw] last_observed_at
16017
- # Indicates when the security-findings provider most recently observed
16017
+ # Indicates when the security findings provider most recently observed
16018
16018
  # the potential security issue that a finding captured.
16019
16019
  #
16020
16020
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16028,7 +16028,7 @@ module Aws::SecurityHub
16028
16028
  # @return [String]
16029
16029
  #
16030
16030
  # @!attribute [rw] created_at
16031
- # Indicates when the security-findings provider created the potential
16031
+ # Indicates when the security findings provider created the potential
16032
16032
  # security issue that a finding captured.
16033
16033
  #
16034
16034
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16042,7 +16042,7 @@ module Aws::SecurityHub
16042
16042
  # @return [String]
16043
16043
  #
16044
16044
  # @!attribute [rw] updated_at
16045
- # Indicates when the security-findings provider last updated the
16045
+ # Indicates when the security findings provider last updated the
16046
16046
  # finding record.
16047
16047
  #
16048
16048
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16098,12 +16098,12 @@ module Aws::SecurityHub
16098
16098
  # @return [Types::Remediation]
16099
16099
  #
16100
16100
  # @!attribute [rw] source_url
16101
- # A URL that links to a page about the current finding in the
16102
- # security-findings provider's solution.
16101
+ # A URL that links to a page about the current finding in the security
16102
+ # findings provider's solution.
16103
16103
  # @return [String]
16104
16104
  #
16105
16105
  # @!attribute [rw] product_fields
16106
- # A data type where security-findings providers can include additional
16106
+ # A data type where security findings providers can include additional
16107
16107
  # solution-specific details that aren't part of the defined
16108
16108
  # `AwsSecurityFinding` format.
16109
16109
  #
@@ -16277,7 +16277,7 @@ module Aws::SecurityHub
16277
16277
  #
16278
16278
  # @!attribute [rw] generator_id
16279
16279
  # The identifier for the solution-specific component (a discrete unit
16280
- # of logic) that generated a finding. In various security-findings
16280
+ # of logic) that generated a finding. In various security findings
16281
16281
  # providers' solutions, this generator can be called a rule, a check,
16282
16282
  # a detector, a plugin, etc.
16283
16283
  # @return [Array<Types::StringFilter>]
@@ -16292,9 +16292,9 @@ module Aws::SecurityHub
16292
16292
  # @return [Array<Types::StringFilter>]
16293
16293
  #
16294
16294
  # @!attribute [rw] first_observed_at
16295
- # An ISO8601-formatted timestamp that indicates when the
16296
- # security-findings provider first observed the potential security
16297
- # issue that a finding captured.
16295
+ # An ISO8601-formatted timestamp that indicates when the security
16296
+ # findings provider first observed the potential security issue that a
16297
+ # finding captured.
16298
16298
  #
16299
16299
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16300
16300
  # value cannot contain spaces, and date and time should be separated
@@ -16307,9 +16307,9 @@ module Aws::SecurityHub
16307
16307
  # @return [Array<Types::DateFilter>]
16308
16308
  #
16309
16309
  # @!attribute [rw] last_observed_at
16310
- # An ISO8601-formatted timestamp that indicates when the
16311
- # security-findings provider most recently observed the potential
16312
- # security issue that a finding captured.
16310
+ # An ISO8601-formatted timestamp that indicates when the security
16311
+ # findings provider most recently observed the potential security
16312
+ # issue that a finding captured.
16313
16313
  #
16314
16314
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16315
16315
  # value cannot contain spaces, and date and time should be separated
@@ -16322,9 +16322,9 @@ module Aws::SecurityHub
16322
16322
  # @return [Array<Types::DateFilter>]
16323
16323
  #
16324
16324
  # @!attribute [rw] created_at
16325
- # An ISO8601-formatted timestamp that indicates when the
16326
- # security-findings provider captured the potential security issue
16327
- # that a finding captured.
16325
+ # An ISO8601-formatted timestamp that indicates when the security
16326
+ # findings provider captured the potential security issue that a
16327
+ # finding captured.
16328
16328
  #
16329
16329
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16330
16330
  # value cannot contain spaces, and date and time should be separated
@@ -16337,8 +16337,8 @@ module Aws::SecurityHub
16337
16337
  # @return [Array<Types::DateFilter>]
16338
16338
  #
16339
16339
  # @!attribute [rw] updated_at
16340
- # An ISO8601-formatted timestamp that indicates when the
16341
- # security-findings provider last updated the finding record.
16340
+ # An ISO8601-formatted timestamp that indicates when the security
16341
+ # findings provider last updated the finding record.
16342
16342
  #
16343
16343
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16344
16344
  # value cannot contain spaces, and date and time should be separated
@@ -16351,7 +16351,7 @@ module Aws::SecurityHub
16351
16351
  # @return [Array<Types::DateFilter>]
16352
16352
  #
16353
16353
  # @!attribute [rw] severity_product
16354
- # The native severity as defined by the security-findings provider's
16354
+ # The native severity as defined by the security findings provider's
16355
16355
  # solution that generated the finding.
16356
16356
  # @return [Array<Types::NumberFilter>]
16357
16357
  #
@@ -16395,12 +16395,12 @@ module Aws::SecurityHub
16395
16395
  # @return [Array<Types::StringFilter>]
16396
16396
  #
16397
16397
  # @!attribute [rw] source_url
16398
- # A URL that links to a page about the current finding in the
16399
- # security-findings provider's solution.
16398
+ # A URL that links to a page about the current finding in the security
16399
+ # findings provider's solution.
16400
16400
  # @return [Array<Types::StringFilter>]
16401
16401
  #
16402
16402
  # @!attribute [rw] product_fields
16403
- # A data type where security-findings providers can include additional
16403
+ # A data type where security findings providers can include additional
16404
16404
  # solution-specific details that aren't part of the defined
16405
16405
  # `AwsSecurityFinding` format.
16406
16406
  # @return [Array<Types::MapFilter>]
@@ -16940,7 +16940,7 @@ module Aws::SecurityHub
16940
16940
  include Aws::Structure
16941
16941
  end
16942
16942
 
16943
- # Identifies a finding to update using `BatchUpdateFindings`.
16943
+ # Identifies which finding to get the finding history for.
16944
16944
  #
16945
16945
  # @!attribute [rw] id
16946
16946
  # The identifier of the finding that was specified by the finding
@@ -20066,6 +20066,138 @@ module Aws::SecurityHub
20066
20066
  include Aws::Structure
20067
20067
  end
20068
20068
 
20069
+ # A list of events that changed the specified finding during the
20070
+ # specified time period. Each record represents a single finding change
20071
+ # event.
20072
+ #
20073
+ # @!attribute [rw] finding_identifier
20074
+ # Identifies which finding to get the finding history for.
20075
+ # @return [Types::AwsSecurityFindingIdentifier]
20076
+ #
20077
+ # @!attribute [rw] update_time
20078
+ # An ISO 8601-formatted timestamp that indicates when the security
20079
+ # findings provider last updated the finding record. A correctly
20080
+ # formatted example is `2020-05-21T20:16:34.724Z`. The value cannot
20081
+ # contain spaces, and date and time should be separated by `T`. For
20082
+ # more information, see [RFC 3339 section 5.6, Internet Date/Time
20083
+ # Format][1].
20084
+ #
20085
+ #
20086
+ #
20087
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
20088
+ # @return [Time]
20089
+ #
20090
+ # @!attribute [rw] finding_created
20091
+ # Identifies whether the event marks the creation of a new finding. A
20092
+ # value of `True` means that the finding is newly created. A value of
20093
+ # `False` means that the finding isn’t newly created.
20094
+ # @return [Boolean]
20095
+ #
20096
+ # @!attribute [rw] update_source
20097
+ # Identifies the source of the event that changed the finding. For
20098
+ # example, an integrated Amazon Web Service or third-party partner
20099
+ # integration may call [ `BatchImportFindings` ][1], or an Security
20100
+ # Hub customer may call [ `BatchUpdateFindings` ][2].
20101
+ #
20102
+ #
20103
+ #
20104
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
20105
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
20106
+ # @return [Types::FindingHistoryUpdateSource]
20107
+ #
20108
+ # @!attribute [rw] updates
20109
+ # An array of objects that provides details about the finding change
20110
+ # event, including the Amazon Web Services Security Finding Format
20111
+ # (ASFF) field that changed, the value of the field before the change,
20112
+ # and the value of the field after the change.
20113
+ # @return [Array<Types::FindingHistoryUpdate>]
20114
+ #
20115
+ # @!attribute [rw] next_token
20116
+ # A token for pagination purposes. Provide this token in the
20117
+ # subsequent request to [ `GetFindingsHistory` ][1] to get up to an
20118
+ # additional 100 results of history for the same finding that you
20119
+ # specified in your initial request.
20120
+ #
20121
+ #
20122
+ #
20123
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsHistory.html
20124
+ # @return [String]
20125
+ #
20126
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryRecord AWS API Documentation
20127
+ #
20128
+ class FindingHistoryRecord < Struct.new(
20129
+ :finding_identifier,
20130
+ :update_time,
20131
+ :finding_created,
20132
+ :update_source,
20133
+ :updates,
20134
+ :next_token)
20135
+ SENSITIVE = []
20136
+ include Aws::Structure
20137
+ end
20138
+
20139
+ # An array of objects that provides details about a change to a finding,
20140
+ # including the Amazon Web Services Security Finding Format (ASFF) field
20141
+ # that changed, the value of the field before the change, and the value
20142
+ # of the field after the change.
20143
+ #
20144
+ # @!attribute [rw] updated_field
20145
+ # The ASFF field that changed during the finding change event.
20146
+ # @return [String]
20147
+ #
20148
+ # @!attribute [rw] old_value
20149
+ # The value of the ASFF field before the finding change event.
20150
+ # @return [String]
20151
+ #
20152
+ # @!attribute [rw] new_value
20153
+ # The value of the ASFF field after the finding change event. To
20154
+ # preserve storage and readability, Security Hub omits this value if [
20155
+ # `FindingHistoryRecord` ][1] exceeds database limits.
20156
+ #
20157
+ #
20158
+ #
20159
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_FindingHistoryRecord.html
20160
+ # @return [String]
20161
+ #
20162
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdate AWS API Documentation
20163
+ #
20164
+ class FindingHistoryUpdate < Struct.new(
20165
+ :updated_field,
20166
+ :old_value,
20167
+ :new_value)
20168
+ SENSITIVE = []
20169
+ include Aws::Structure
20170
+ end
20171
+
20172
+ # Identifies the source of the finding change event.
20173
+ #
20174
+ # @!attribute [rw] type
20175
+ # Describes the type of finding change event, such as a call to [
20176
+ # `BatchImportFindings` ][1] (by an integrated Amazon Web Service or
20177
+ # third party partner integration) or [ `BatchUpdateFindings` ][2] (by
20178
+ # a Security Hub customer).
20179
+ #
20180
+ #
20181
+ #
20182
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
20183
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
20184
+ # @return [String]
20185
+ #
20186
+ # @!attribute [rw] identity
20187
+ # The identity of the source that initiated the finding change event.
20188
+ # For example, the Amazon Resource Name (ARN) of a partner that calls
20189
+ # BatchImportFindings or of a customer that calls BatchUpdateFindings.
20190
+ # @return [String]
20191
+ #
20192
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdateSource AWS API Documentation
20193
+ #
20194
+ class FindingHistoryUpdateSource < Struct.new(
20195
+ :type,
20196
+ :identity)
20197
+ SENSITIVE = []
20198
+ include Aws::Structure
20199
+ end
20200
+
20069
20201
  # In a `BatchImportFindings` request, finding providers use
20070
20202
  # `FindingProviderFields` to provide and update values for confidence,
20071
20203
  # criticality, related findings, severity, and types.
@@ -20358,6 +20490,108 @@ module Aws::SecurityHub
20358
20490
  include Aws::Structure
20359
20491
  end
20360
20492
 
20493
+ # @!attribute [rw] finding_identifier
20494
+ # Identifies which finding to get the finding history for.
20495
+ # @return [Types::AwsSecurityFindingIdentifier]
20496
+ #
20497
+ # @!attribute [rw] start_time
20498
+ # An ISO 8601-formatted timestamp that indicates the start time of the
20499
+ # requested finding history. A correctly formatted example is
20500
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
20501
+ # date and time should be separated by `T`. For more information, see
20502
+ # [RFC 3339 section 5.6, Internet Date/Time Format][1].
20503
+ #
20504
+ # If you provide values for both `StartTime` and `EndTime`, Security
20505
+ # Hub returns finding history for the specified time period. If you
20506
+ # provide a value for `StartTime` but not for `EndTime`, Security Hub
20507
+ # returns finding history from the `StartTime` to the time at which
20508
+ # the API is called. If you provide a value for `EndTime` but not for
20509
+ # `StartTime`, Security Hub returns finding history from the
20510
+ # [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
20511
+ # provide neither `StartTime` nor `EndTime`, Security Hub returns
20512
+ # finding history from the CreatedAt timestamp of the finding to the
20513
+ # time at which the API is called. In all of these scenarios, the
20514
+ # response is limited to 100 results, and the maximum time period is
20515
+ # limited to 90 days.
20516
+ #
20517
+ #
20518
+ #
20519
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
20520
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
20521
+ # @return [Time]
20522
+ #
20523
+ # @!attribute [rw] end_time
20524
+ # An ISO 8601-formatted timestamp that indicates the end time of the
20525
+ # requested finding history. A correctly formatted example is
20526
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
20527
+ # date and time should be separated by `T`. For more information, see
20528
+ # [RFC 3339 section 5.6, Internet Date/Time Format][1].
20529
+ #
20530
+ # If you provide values for both `StartTime` and `EndTime`, Security
20531
+ # Hub returns finding history for the specified time period. If you
20532
+ # provide a value for `StartTime` but not for `EndTime`, Security Hub
20533
+ # returns finding history from the `StartTime` to the time at which
20534
+ # the API is called. If you provide a value for `EndTime` but not for
20535
+ # `StartTime`, Security Hub returns finding history from the
20536
+ # [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
20537
+ # provide neither `StartTime` nor `EndTime`, Security Hub returns
20538
+ # finding history from the CreatedAt timestamp of the finding to the
20539
+ # time at which the API is called. In all of these scenarios, the
20540
+ # response is limited to 100 results, and the maximum time period is
20541
+ # limited to 90 days.
20542
+ #
20543
+ #
20544
+ #
20545
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
20546
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
20547
+ # @return [Time]
20548
+ #
20549
+ # @!attribute [rw] next_token
20550
+ # A token for pagination purposes. Provide `NULL` as the initial
20551
+ # value. In subsequent requests, provide the token included in the
20552
+ # response to get up to an additional 100 results of finding history.
20553
+ # If you don’t provide `NextToken`, Security Hub returns up to 100
20554
+ # results of finding history for each request.
20555
+ # @return [String]
20556
+ #
20557
+ # @!attribute [rw] max_results
20558
+ # The maximum number of results to be returned. If you don’t provide
20559
+ # it, Security Hub returns up to 100 results of finding history.
20560
+ # @return [Integer]
20561
+ #
20562
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryRequest AWS API Documentation
20563
+ #
20564
+ class GetFindingHistoryRequest < Struct.new(
20565
+ :finding_identifier,
20566
+ :start_time,
20567
+ :end_time,
20568
+ :next_token,
20569
+ :max_results)
20570
+ SENSITIVE = []
20571
+ include Aws::Structure
20572
+ end
20573
+
20574
+ # @!attribute [rw] records
20575
+ # A list of events that altered the specified finding during the
20576
+ # specified time period.
20577
+ # @return [Array<Types::FindingHistoryRecord>]
20578
+ #
20579
+ # @!attribute [rw] next_token
20580
+ # A token for pagination purposes. Provide this token in the
20581
+ # subsequent request to `GetFindingsHistory` to get up to an
20582
+ # additional 100 results of history for the same finding that you
20583
+ # specified in your initial request.
20584
+ # @return [String]
20585
+ #
20586
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryResponse AWS API Documentation
20587
+ #
20588
+ class GetFindingHistoryResponse < Struct.new(
20589
+ :records,
20590
+ :next_token)
20591
+ SENSITIVE = []
20592
+ include Aws::Structure
20593
+ end
20594
+
20361
20595
  # @!attribute [rw] filters
20362
20596
  # The finding attributes used to define a condition to filter the
20363
20597
  # returned findings.
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-securityhub/customizations'
52
52
  # @!group service
53
53
  module Aws::SecurityHub
54
54
 
55
- GEM_VERSION = '1.80.0'
55
+ GEM_VERSION = '1.81.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-securityhub
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.80.0
4
+ version: 1.81.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-04-19 00:00:00.000000000 Z
11
+ date: 2023-05-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core