aws-sdk-securityhub 1.80.0 → 1.81.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7fe39abcc2096a495ec8a44d44453b4ff663040a34b7ca5ca89ef485add6a5f5
-  data.tar.gz: 32f796ff5449feb8a40269707f939b7d08560419d9cb9ad6a45f968480578ba8
+  metadata.gz: 10e5174306380ff7035e5e04b2ff94ddda1f27f6d357480550e33e0f3e48d9b3
+  data.tar.gz: bec91d2ab7a03bc5174eec92ce088579a1dc04a92aed3fc7bc465c64bc4788f1
 SHA512:
-  metadata.gz: 6d712aca3964c2779b1bbd50843cbc28afa67b698446a803ea01c7a0e79f0ff0b6dbc475b408d29ff04fe5cfb2c72d25372d983226dfe8a64f32fa4fdf7d1f1c
-  data.tar.gz: 1b1e4eacb745dc9ea2de1f0cb40c04a59b4de56c641c33cea6961e9c40ece32500c51f1963fe1e61f71d741fe4d601b5d3c1f4beb7182a587d3439270fd9980a
+  metadata.gz: 2e7ead089602b31493917b75b62f5bb58d27440d47f8d5267b7ac6e4dceccadd9862c0ee6186ccfc71fbf194bd385cce3598c85f78bd1531aa8d3e274a390d33
+  data.tar.gz: df84f84643083f357ad14da2b8a96910d0af2cabdbad8017ef6252144ba9cf51121e7c3becedff89617a7a69a7587af1d15e473bf829af5c8b8b3e12527f5cba

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.81.0 (2023-05-04)
+------------------
+
+* Feature - Add support for Finding History.
+
 1.80.0 (2023-04-19)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.80.0
+1.81.0

data/lib/aws-sdk-securityhub/client.rb

@@ -3392,6 +3392,158 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Returns history for a Security Hub finding in the last 90 days. The
+    # history includes changes made to any fields in the Amazon Web Services
+    # Security Finding Format (ASFF).
+    #
+    # @option params [required, Types::AwsSecurityFindingIdentifier] :finding_identifier
+    #   Identifies which finding to get the finding history for.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :start_time
+    #   An ISO 8601-formatted timestamp that indicates the start time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
+    #   and time should be separated by `T`. For more information, see [RFC
+    #   3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security Hub
+    #   returns finding history for the specified time period. If you provide
+    #   a value for `StartTime` but not for `EndTime`, Security Hub returns
+    #   finding history from the `StartTime` to the time at which the API is
+    #   called. If you provide a value for `EndTime` but not for `StartTime`,
+    #   Security Hub returns finding history from the [CreatedAt][2] timestamp
+    #   of the finding to the `EndTime`. If you provide neither `StartTime`
+    #   nor `EndTime`, Security Hub returns finding history from the CreatedAt
+    #   timestamp of the finding to the time at which the API is called. In
+    #   all of these scenarios, the response is limited to 100 results, and
+    #   the maximum time period is limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :end_time
+    #   An ISO 8601-formatted timestamp that indicates the end time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
+    #   and time should be separated by `T`. For more information, see [RFC
+    #   3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security Hub
+    #   returns finding history for the specified time period. If you provide
+    #   a value for `StartTime` but not for `EndTime`, Security Hub returns
+    #   finding history from the `StartTime` to the time at which the API is
+    #   called. If you provide a value for `EndTime` but not for `StartTime`,
+    #   Security Hub returns finding history from the [CreatedAt][2] timestamp
+    #   of the finding to the `EndTime`. If you provide neither `StartTime`
+    #   nor `EndTime`, Security Hub returns finding history from the CreatedAt
+    #   timestamp of the finding to the time at which the API is called. In
+    #   all of these scenarios, the response is limited to 100 results, and
+    #   the maximum time period is limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #
+    # @option params [String] :next_token
+    #   A token for pagination purposes. Provide `NULL` as the initial value.
+    #   In subsequent requests, provide the token included in the response to
+    #   get up to an additional 100 results of finding history. If you don’t
+    #   provide `NextToken`, Security Hub returns up to 100 results of finding
+    #   history for each request.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to be returned. If you don’t provide it,
+    #   Security Hub returns up to 100 results of finding history.
+    #
+    # @return [Types::GetFindingHistoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetFindingHistoryResponse#records #records} => Array<Types::FindingHistoryRecord>
+    #   * {Types::GetFindingHistoryResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    #
+    # @example Example: To get finding history
+    #
+    #   # The following example retrieves the history of the specified finding during the specified time frame. If the time frame
+    #   # permits, Security Hub returns finding history for the last 90 days.
+    #
+    #   resp = client.get_finding_history({
+    #     end_time: Time.parse("2021-09-31T15:53:35.573Z"), 
+    #     finding_identifier: {
+    #       id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", 
+    #       product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default", 
+    #     }, 
+    #     max_results: 2, 
+    #     start_time: Time.parse("2021-09-30T15:53:35.573Z"), 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     records: [
+    #       {
+    #         finding_created: false, 
+    #         finding_identifier: {
+    #           id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", 
+    #           product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default", 
+    #         }, 
+    #         update_source: {
+    #           identity: "arn:aws:iam::444455556666:role/Admin", 
+    #           type: "BATCH_UPDATE_FINDINGS", 
+    #         }, 
+    #         update_time: Time.parse("2021-09-31T15:52:25.573Z"), 
+    #         updates: [
+    #           {
+    #             new_value: "MEDIUM", 
+    #             old_value: "HIGH", 
+    #             updated_field: "Severity", 
+    #           }, 
+    #         ], 
+    #       }, 
+    #     ], 
+    #   }
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_finding_history({
+    #     finding_identifier: { # required
+    #       id: "NonEmptyString", # required
+    #       product_arn: "NonEmptyString", # required
+    #     },
+    #     start_time: Time.now,
+    #     end_time: Time.now,
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.records #=> Array
+    #   resp.records[0].finding_identifier.id #=> String
+    #   resp.records[0].finding_identifier.product_arn #=> String
+    #   resp.records[0].update_time #=> Time
+    #   resp.records[0].finding_created #=> Boolean
+    #   resp.records[0].update_source.type #=> String, one of "BATCH_UPDATE_FINDINGS", "BATCH_IMPORT_FINDINGS"
+    #   resp.records[0].update_source.identity #=> String
+    #   resp.records[0].updates #=> Array
+    #   resp.records[0].updates[0].updated_field #=> String
+    #   resp.records[0].updates[0].old_value #=> String
+    #   resp.records[0].updates[0].new_value #=> String
+    #   resp.records[0].next_token #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistory AWS API Documentation
+    #
+    # @overload get_finding_history(params = {})
+    # @param [Hash] params ({})
+    def get_finding_history(params = {}, options = {})
+      req = build_request(:get_finding_history, params)
+      req.send_request(options)
+    end
+
     # Returns a list of findings that match the specified criteria.
     #
     # If finding aggregation is enabled, then when you call `GetFindings`
@@ -7234,7 +7386,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.80.0'
+      context[:gem_version] = '1.81.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-securityhub/client_api.rb

@@ -710,6 +710,12 @@ module Aws::SecurityHub
     FilePaths = Shapes::StructureShape.new(name: 'FilePaths')
     FindingAggregator = Shapes::StructureShape.new(name: 'FindingAggregator')
     FindingAggregatorList = Shapes::ListShape.new(name: 'FindingAggregatorList')
+    FindingHistoryRecord = Shapes::StructureShape.new(name: 'FindingHistoryRecord')
+    FindingHistoryRecordList = Shapes::ListShape.new(name: 'FindingHistoryRecordList')
+    FindingHistoryUpdate = Shapes::StructureShape.new(name: 'FindingHistoryUpdate')
+    FindingHistoryUpdateSource = Shapes::StructureShape.new(name: 'FindingHistoryUpdateSource')
+    FindingHistoryUpdateSourceType = Shapes::StringShape.new(name: 'FindingHistoryUpdateSourceType')
+    FindingHistoryUpdatesList = Shapes::ListShape.new(name: 'FindingHistoryUpdatesList')
     FindingProviderFields = Shapes::StructureShape.new(name: 'FindingProviderFields')
     FindingProviderSeverity = Shapes::StructureShape.new(name: 'FindingProviderSeverity')
     FirewallPolicyDetails = Shapes::StructureShape.new(name: 'FirewallPolicyDetails')
@@ -726,6 +732,8 @@ module Aws::SecurityHub
     GetEnabledStandardsResponse = Shapes::StructureShape.new(name: 'GetEnabledStandardsResponse')
     GetFindingAggregatorRequest = Shapes::StructureShape.new(name: 'GetFindingAggregatorRequest')
     GetFindingAggregatorResponse = Shapes::StructureShape.new(name: 'GetFindingAggregatorResponse')
+    GetFindingHistoryRequest = Shapes::StructureShape.new(name: 'GetFindingHistoryRequest')
+    GetFindingHistoryResponse = Shapes::StructureShape.new(name: 'GetFindingHistoryResponse')
     GetFindingsRequest = Shapes::StructureShape.new(name: 'GetFindingsRequest')
     GetFindingsResponse = Shapes::StructureShape.new(name: 'GetFindingsResponse')
     GetInsightResultsRequest = Shapes::StructureShape.new(name: 'GetInsightResultsRequest')
@@ -4688,6 +4696,27 @@ module Aws::SecurityHub
 
     FindingAggregatorList.member = Shapes::ShapeRef.new(shape: FindingAggregator)
 
+    FindingHistoryRecord.add_member(:finding_identifier, Shapes::ShapeRef.new(shape: AwsSecurityFindingIdentifier, location_name: "FindingIdentifier"))
+    FindingHistoryRecord.add_member(:update_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "UpdateTime"))
+    FindingHistoryRecord.add_member(:finding_created, Shapes::ShapeRef.new(shape: Boolean, location_name: "FindingCreated"))
+    FindingHistoryRecord.add_member(:update_source, Shapes::ShapeRef.new(shape: FindingHistoryUpdateSource, location_name: "UpdateSource"))
+    FindingHistoryRecord.add_member(:updates, Shapes::ShapeRef.new(shape: FindingHistoryUpdatesList, location_name: "Updates"))
+    FindingHistoryRecord.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    FindingHistoryRecord.struct_class = Types::FindingHistoryRecord
+
+    FindingHistoryRecordList.member = Shapes::ShapeRef.new(shape: FindingHistoryRecord)
+
+    FindingHistoryUpdate.add_member(:updated_field, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "UpdatedField"))
+    FindingHistoryUpdate.add_member(:old_value, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OldValue"))
+    FindingHistoryUpdate.add_member(:new_value, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NewValue"))
+    FindingHistoryUpdate.struct_class = Types::FindingHistoryUpdate
+
+    FindingHistoryUpdateSource.add_member(:type, Shapes::ShapeRef.new(shape: FindingHistoryUpdateSourceType, location_name: "Type"))
+    FindingHistoryUpdateSource.add_member(:identity, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Identity"))
+    FindingHistoryUpdateSource.struct_class = Types::FindingHistoryUpdateSource
+
+    FindingHistoryUpdatesList.member = Shapes::ShapeRef.new(shape: FindingHistoryUpdate)
+
     FindingProviderFields.add_member(:confidence, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Confidence"))
     FindingProviderFields.add_member(:criticality, Shapes::ShapeRef.new(shape: RatioScale, location_name: "Criticality"))
     FindingProviderFields.add_member(:related_findings, Shapes::ShapeRef.new(shape: RelatedFindingList, location_name: "RelatedFindings"))
@@ -4750,6 +4779,17 @@ module Aws::SecurityHub
     GetFindingAggregatorResponse.add_member(:regions, Shapes::ShapeRef.new(shape: StringList, location_name: "Regions"))
     GetFindingAggregatorResponse.struct_class = Types::GetFindingAggregatorResponse
 
+    GetFindingHistoryRequest.add_member(:finding_identifier, Shapes::ShapeRef.new(shape: AwsSecurityFindingIdentifier, required: true, location_name: "FindingIdentifier"))
+    GetFindingHistoryRequest.add_member(:start_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "StartTime"))
+    GetFindingHistoryRequest.add_member(:end_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "EndTime"))
+    GetFindingHistoryRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    GetFindingHistoryRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location_name: "MaxResults"))
+    GetFindingHistoryRequest.struct_class = Types::GetFindingHistoryRequest
+
+    GetFindingHistoryResponse.add_member(:records, Shapes::ShapeRef.new(shape: FindingHistoryRecordList, location_name: "Records"))
+    GetFindingHistoryResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    GetFindingHistoryResponse.struct_class = Types::GetFindingHistoryResponse
+
     GetFindingsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: AwsSecurityFindingFilters, location_name: "Filters"))
     GetFindingsRequest.add_member(:sort_criteria, Shapes::ShapeRef.new(shape: SortCriteria, location_name: "SortCriteria"))
     GetFindingsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
@@ -6240,6 +6280,24 @@ module Aws::SecurityHub
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
       end)
 
+      api.add_operation(:get_finding_history, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetFindingHistory"
+        o.http_method = "POST"
+        o.http_request_uri = "/findingHistory/get"
+        o.input = Shapes::ShapeRef.new(shape: GetFindingHistoryRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetFindingHistoryResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
+
       api.add_operation(:get_findings, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetFindings"
         o.http_method = "POST"

data/lib/aws-sdk-securityhub/endpoints.rb

@@ -529,6 +529,20 @@ module Aws::SecurityHub
       end
     end
 
+    class GetFindingHistory
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::SecurityHub::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class GetFindings
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-securityhub/plugins/endpoints.rb

@@ -130,6 +130,8 @@ module Aws::SecurityHub
             Aws::SecurityHub::Endpoints::GetEnabledStandards.build(context)
           when :get_finding_aggregator
             Aws::SecurityHub::Endpoints::GetFindingAggregator.build(context)
+          when :get_finding_history
+            Aws::SecurityHub::Endpoints::GetFindingHistory.build(context)
           when :get_findings
             Aws::SecurityHub::Endpoints::GetFindings.build(context)
           when :get_insight_results

data/lib/aws-sdk-securityhub/types.rb

@@ -15981,7 +15981,7 @@ module Aws::SecurityHub
     #
     # @!attribute [rw] generator_id
     #   The identifier for the solution-specific component (a discrete unit
-    #   of logic) that generated a finding. In various security-findings
+    #   of logic) that generated a finding. In various security findings
     #   providers' solutions, this generator can be called a rule, a check,
     #   a detector, a plugin, etc.
     #   @return [String]
@@ -16000,7 +16000,7 @@ module Aws::SecurityHub
     #   @return [Array<String>]
     #
     # @!attribute [rw] first_observed_at
-    #   Indicates when the security-findings provider first observed the
+    #   Indicates when the security findings provider first observed the
     #   potential security issue that a finding captured.
     #
     #   Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16014,7 +16014,7 @@ module Aws::SecurityHub
     #   @return [String]
     #
     # @!attribute [rw] last_observed_at
-    #   Indicates when the security-findings provider most recently observed
+    #   Indicates when the security findings provider most recently observed
     #   the potential security issue that a finding captured.
     #
     #   Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16028,7 +16028,7 @@ module Aws::SecurityHub
     #   @return [String]
     #
     # @!attribute [rw] created_at
-    #   Indicates when the security-findings provider created the potential
+    #   Indicates when the security findings provider created the potential
     #   security issue that a finding captured.
     #
     #   Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16042,7 +16042,7 @@ module Aws::SecurityHub
     #   @return [String]
     #
     # @!attribute [rw] updated_at
-    #   Indicates when the security-findings provider last updated the
+    #   Indicates when the security findings provider last updated the
     #   finding record.
     #
     #   Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16098,12 +16098,12 @@ module Aws::SecurityHub
     #   @return [Types::Remediation]
     #
     # @!attribute [rw] source_url
-    #   A URL that links to a page about the current finding in the
-    #   security-findings provider's solution.
+    #   A URL that links to a page about the current finding in the security
+    #   findings provider's solution.
     #   @return [String]
     #
     # @!attribute [rw] product_fields
-    #   A data type where security-findings providers can include additional
+    #   A data type where security findings providers can include additional
     #   solution-specific details that aren't part of the defined
     #   `AwsSecurityFinding` format.
     #
@@ -16277,7 +16277,7 @@ module Aws::SecurityHub
     #
     # @!attribute [rw] generator_id
     #   The identifier for the solution-specific component (a discrete unit
-    #   of logic) that generated a finding. In various security-findings
+    #   of logic) that generated a finding. In various security findings
     #   providers' solutions, this generator can be called a rule, a check,
     #   a detector, a plugin, etc.
     #   @return [Array<Types::StringFilter>]
@@ -16292,9 +16292,9 @@ module Aws::SecurityHub
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] first_observed_at
-    #   An ISO8601-formatted timestamp that indicates when the
-    #   security-findings provider first observed the potential security
-    #   issue that a finding captured.
+    #   An ISO8601-formatted timestamp that indicates when the security
+    #   findings provider first observed the potential security issue that a
+    #   finding captured.
     #
     #   A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
     #   value cannot contain spaces, and date and time should be separated
@@ -16307,9 +16307,9 @@ module Aws::SecurityHub
     #   @return [Array<Types::DateFilter>]
     #
     # @!attribute [rw] last_observed_at
-    #   An ISO8601-formatted timestamp that indicates when the
-    #   security-findings provider most recently observed the potential
-    #   security issue that a finding captured.
+    #   An ISO8601-formatted timestamp that indicates when the security
+    #   findings provider most recently observed the potential security
+    #   issue that a finding captured.
     #
     #   A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
     #   value cannot contain spaces, and date and time should be separated
@@ -16322,9 +16322,9 @@ module Aws::SecurityHub
     #   @return [Array<Types::DateFilter>]
     #
     # @!attribute [rw] created_at
-    #   An ISO8601-formatted timestamp that indicates when the
-    #   security-findings provider captured the potential security issue
-    #   that a finding captured.
+    #   An ISO8601-formatted timestamp that indicates when the security
+    #   findings provider captured the potential security issue that a
+    #   finding captured.
     #
     #   A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
     #   value cannot contain spaces, and date and time should be separated
@@ -16337,8 +16337,8 @@ module Aws::SecurityHub
     #   @return [Array<Types::DateFilter>]
     #
     # @!attribute [rw] updated_at
-    #   An ISO8601-formatted timestamp that indicates when the
-    #   security-findings provider last updated the finding record.
+    #   An ISO8601-formatted timestamp that indicates when the security
+    #   findings provider last updated the finding record.
     #
     #   A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
     #   value cannot contain spaces, and date and time should be separated
@@ -16351,7 +16351,7 @@ module Aws::SecurityHub
     #   @return [Array<Types::DateFilter>]
     #
     # @!attribute [rw] severity_product
-    #   The native severity as defined by the security-findings provider's
+    #   The native severity as defined by the security findings provider's
     #   solution that generated the finding.
     #   @return [Array<Types::NumberFilter>]
     #
@@ -16395,12 +16395,12 @@ module Aws::SecurityHub
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] source_url
-    #   A URL that links to a page about the current finding in the
-    #   security-findings provider's solution.
+    #   A URL that links to a page about the current finding in the security
+    #   findings provider's solution.
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] product_fields
-    #   A data type where security-findings providers can include additional
+    #   A data type where security findings providers can include additional
     #   solution-specific details that aren't part of the defined
     #   `AwsSecurityFinding` format.
     #   @return [Array<Types::MapFilter>]
@@ -16940,7 +16940,7 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
-    # Identifies a finding to update using `BatchUpdateFindings`.
+    # Identifies which finding to get the finding history for.
     #
     # @!attribute [rw] id
     #   The identifier of the finding that was specified by the finding
@@ -20066,6 +20066,138 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # A list of events that changed the specified finding during the
+    # specified time period. Each record represents a single finding change
+    # event.
+    #
+    # @!attribute [rw] finding_identifier
+    #   Identifies which finding to get the finding history for.
+    #   @return [Types::AwsSecurityFindingIdentifier]
+    #
+    # @!attribute [rw] update_time
+    #   An ISO 8601-formatted timestamp that indicates when the security
+    #   findings provider last updated the finding record. A correctly
+    #   formatted example is `2020-05-21T20:16:34.724Z`. The value cannot
+    #   contain spaces, and date and time should be separated by `T`. For
+    #   more information, see [RFC 3339 section 5.6, Internet Date/Time
+    #   Format][1].
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   @return [Time]
+    #
+    # @!attribute [rw] finding_created
+    #   Identifies whether the event marks the creation of a new finding. A
+    #   value of `True` means that the finding is newly created. A value of
+    #   `False` means that the finding isn’t newly created.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] update_source
+    #   Identifies the source of the event that changed the finding. For
+    #   example, an integrated Amazon Web Service or third-party partner
+    #   integration may call [ `BatchImportFindings` ][1], or an Security
+    #   Hub customer may call [ `BatchUpdateFindings` ][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
+    #   @return [Types::FindingHistoryUpdateSource]
+    #
+    # @!attribute [rw] updates
+    #   An array of objects that provides details about the finding change
+    #   event, including the Amazon Web Services Security Finding Format
+    #   (ASFF) field that changed, the value of the field before the change,
+    #   and the value of the field after the change.
+    #   @return [Array<Types::FindingHistoryUpdate>]
+    #
+    # @!attribute [rw] next_token
+    #   A token for pagination purposes. Provide this token in the
+    #   subsequent request to [ `GetFindingsHistory` ][1] to get up to an
+    #   additional 100 results of history for the same finding that you
+    #   specified in your initial request.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsHistory.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryRecord AWS API Documentation
+    #
+    class FindingHistoryRecord < Struct.new(
+      :finding_identifier,
+      :update_time,
+      :finding_created,
+      :update_source,
+      :updates,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # An array of objects that provides details about a change to a finding,
+    # including the Amazon Web Services Security Finding Format (ASFF) field
+    # that changed, the value of the field before the change, and the value
+    # of the field after the change.
+    #
+    # @!attribute [rw] updated_field
+    #   The ASFF field that changed during the finding change event.
+    #   @return [String]
+    #
+    # @!attribute [rw] old_value
+    #   The value of the ASFF field before the finding change event.
+    #   @return [String]
+    #
+    # @!attribute [rw] new_value
+    #   The value of the ASFF field after the finding change event. To
+    #   preserve storage and readability, Security Hub omits this value if [
+    #   `FindingHistoryRecord` ][1] exceeds database limits.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_FindingHistoryRecord.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdate AWS API Documentation
+    #
+    class FindingHistoryUpdate < Struct.new(
+      :updated_field,
+      :old_value,
+      :new_value)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Identifies the source of the finding change event.
+    #
+    # @!attribute [rw] type
+    #   Describes the type of finding change event, such as a call to [
+    #   `BatchImportFindings` ][1] (by an integrated Amazon Web Service or
+    #   third party partner integration) or [ `BatchUpdateFindings` ][2] (by
+    #   a Security Hub customer).
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
+    #   @return [String]
+    #
+    # @!attribute [rw] identity
+    #   The identity of the source that initiated the finding change event.
+    #   For example, the Amazon Resource Name (ARN) of a partner that calls
+    #   BatchImportFindings or of a customer that calls BatchUpdateFindings.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdateSource AWS API Documentation
+    #
+    class FindingHistoryUpdateSource < Struct.new(
+      :type,
+      :identity)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # In a `BatchImportFindings` request, finding providers use
     # `FindingProviderFields` to provide and update values for confidence,
     # criticality, related findings, severity, and types.
@@ -20358,6 +20490,108 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # @!attribute [rw] finding_identifier
+    #   Identifies which finding to get the finding history for.
+    #   @return [Types::AwsSecurityFindingIdentifier]
+    #
+    # @!attribute [rw] start_time
+    #   An ISO 8601-formatted timestamp that indicates the start time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
+    #   date and time should be separated by `T`. For more information, see
+    #   [RFC 3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security
+    #   Hub returns finding history for the specified time period. If you
+    #   provide a value for `StartTime` but not for `EndTime`, Security Hub
+    #   returns finding history from the `StartTime` to the time at which
+    #   the API is called. If you provide a value for `EndTime` but not for
+    #   `StartTime`, Security Hub returns finding history from the
+    #   [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
+    #   provide neither `StartTime` nor `EndTime`, Security Hub returns
+    #   finding history from the CreatedAt timestamp of the finding to the
+    #   time at which the API is called. In all of these scenarios, the
+    #   response is limited to 100 results, and the maximum time period is
+    #   limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #   @return [Time]
+    #
+    # @!attribute [rw] end_time
+    #   An ISO 8601-formatted timestamp that indicates the end time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
+    #   date and time should be separated by `T`. For more information, see
+    #   [RFC 3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security
+    #   Hub returns finding history for the specified time period. If you
+    #   provide a value for `StartTime` but not for `EndTime`, Security Hub
+    #   returns finding history from the `StartTime` to the time at which
+    #   the API is called. If you provide a value for `EndTime` but not for
+    #   `StartTime`, Security Hub returns finding history from the
+    #   [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
+    #   provide neither `StartTime` nor `EndTime`, Security Hub returns
+    #   finding history from the CreatedAt timestamp of the finding to the
+    #   time at which the API is called. In all of these scenarios, the
+    #   response is limited to 100 results, and the maximum time period is
+    #   limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #   @return [Time]
+    #
+    # @!attribute [rw] next_token
+    #   A token for pagination purposes. Provide `NULL` as the initial
+    #   value. In subsequent requests, provide the token included in the
+    #   response to get up to an additional 100 results of finding history.
+    #   If you don’t provide `NextToken`, Security Hub returns up to 100
+    #   results of finding history for each request.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to be returned. If you don’t provide
+    #   it, Security Hub returns up to 100 results of finding history.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryRequest AWS API Documentation
+    #
+    class GetFindingHistoryRequest < Struct.new(
+      :finding_identifier,
+      :start_time,
+      :end_time,
+      :next_token,
+      :max_results)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] records
+    #   A list of events that altered the specified finding during the
+    #   specified time period.
+    #   @return [Array<Types::FindingHistoryRecord>]
+    #
+    # @!attribute [rw] next_token
+    #   A token for pagination purposes. Provide this token in the
+    #   subsequent request to `GetFindingsHistory` to get up to an
+    #   additional 100 results of history for the same finding that you
+    #   specified in your initial request.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryResponse AWS API Documentation
+    #
+    class GetFindingHistoryResponse < Struct.new(
+      :records,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] filters
     #   The finding attributes used to define a condition to filter the
     #   returned findings.

data/lib/aws-sdk-securityhub.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-securityhub/customizations'
 # @!group service
 module Aws::SecurityHub
 
-  GEM_VERSION = '1.80.0'
+  GEM_VERSION = '1.81.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securityhub
 version: !ruby/object:Gem::Version
-  version: 1.80.0
+  version: 1.81.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-19 00:00:00.000000000 Z
+date: 2023-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core