aws-sdk-securityhub 1.80.0 → 1.82.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 7fe39abcc2096a495ec8a44d44453b4ff663040a34b7ca5ca89ef485add6a5f5
-  data.tar.gz: 32f796ff5449feb8a40269707f939b7d08560419d9cb9ad6a45f968480578ba8
+  metadata.gz: 5d27ed4d7665d3add4f2c19cf9120ec8d2002c3e1f6418c88696d691ec01355f
+  data.tar.gz: d93f50cf335002ee567f0afc8b4205882515c2f2719d0b1bcc598caa48802d58
 SHA512:
-  metadata.gz: 6d712aca3964c2779b1bbd50843cbc28afa67b698446a803ea01c7a0e79f0ff0b6dbc475b408d29ff04fe5cfb2c72d25372d983226dfe8a64f32fa4fdf7d1f1c
-  data.tar.gz: 1b1e4eacb745dc9ea2de1f0cb40c04a59b4de56c641c33cea6961e9c40ece32500c51f1963fe1e61f71d741fe4d601b5d3c1f4beb7182a587d3439270fd9980a
+  metadata.gz: 1068b75b7131d88ae7123c7af60e3a054159efb22b83e0695ecf4dd2a44ead984641f4e7968662296efccad8f9486ee4f5db450af2db4626d80588336618eaba
+  data.tar.gz: ec3b6d8d01fb19636fefb92935c411db90b636eeabddc9a577bf866f6d2fca9fa9e51b163b4231b23c602d83d85c3913d6edbc4d23d41b8652e81f7331a4b22c

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.82.0 (2023-05-30)
+------------------
+
+* Feature - Added new resource detail objects to ASFF, including resources for AwsGuardDutyDetector, AwsAmazonMqBroker, AwsEventSchemasRegistry, AwsAppSyncGraphQlApi and AwsStepFunctionStateMachine.
+
+1.81.0 (2023-05-04)
+------------------
+
+* Feature - Add support for Finding History.
+
 1.80.0 (2023-04-19)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.80.0
+1.82.0

data/lib/aws-sdk-securityhub/client.rb

@@ -547,9 +547,10 @@ module Aws::SecurityHub
     #   * {Types::BatchEnableStandardsResponse#standards_subscriptions #standards_subscriptions} => Array<Types::StandardsSubscription>
     #
     #
-    # @example Example: To import security findings from a third party provider to Security Hub
+    # @example Example: To enable security standards
     #
-    #   # The following example imports findings from a third party provider to Security Hub.
+    #   # The following example enables the security standard specified by the StandardArn. You can use this operation to enable
+    #   # one or more Security Hub standards.
     #
     #   resp = client.batch_enable_standards({
     #     standards_subscription_requests: [
@@ -617,6 +618,42 @@ module Aws::SecurityHub
     #   * {Types::BatchGetSecurityControlsResponse#security_controls #security_controls} => Array<Types::SecurityControl>
     #   * {Types::BatchGetSecurityControlsResponse#unprocessed_ids #unprocessed_ids} => Array<Types::UnprocessedSecurityControl>
     #
+    #
+    # @example Example: To get security control details 
+    #
+    #   # The following example gets details for the specified controls in the current AWS account and AWS Region.
+    #
+    #   resp = client.batch_get_security_controls({
+    #     security_control_ids: [
+    #       "ACM.1", 
+    #       "APIGateway.1", 
+    #     ], 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     security_controls: [
+    #       {
+    #         description: "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.", 
+    #         remediation_url: "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation", 
+    #         security_control_arn: "arn:aws:securityhub:us-west-2:123456789012:security-control/ACM.1", 
+    #         security_control_id: "ACM.1", 
+    #         security_control_status: "ENABLED", 
+    #         severity_rating: "MEDIUM", 
+    #         title: "Imported and ACM-issued certificates should be renewed after a specified time period", 
+    #       }, 
+    #       {
+    #         description: "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.", 
+    #         remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation", 
+    #         security_control_arn: "arn:aws:securityhub:us-west-2:123456789012:security-control/APIGateway.1", 
+    #         security_control_id: "APIGateway.1", 
+    #         security_control_status: "ENABLED", 
+    #         severity_rating: "MEDIUM", 
+    #         title: "API Gateway REST and WebSocket API execution logging should be enabled", 
+    #       }, 
+    #     ], 
+    #   }
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.batch_get_security_controls({
@@ -663,6 +700,54 @@ module Aws::SecurityHub
     #   * {Types::BatchGetStandardsControlAssociationsResponse#standards_control_association_details #standards_control_association_details} => Array<Types::StandardsControlAssociationDetail>
     #   * {Types::BatchGetStandardsControlAssociationsResponse#unprocessed_associations #unprocessed_associations} => Array<Types::UnprocessedStandardsControlAssociation>
     #
+    #
+    # @example Example: To get enablement status of a batch of controls
+    #
+    #   # The following example retrieves the enablement status of the specified controls in the specified standards.
+    #
+    #   resp = client.batch_get_standards_control_associations({
+    #     standards_control_association_ids: [
+    #       {
+    #         security_control_id: "CloudTrail.1", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", 
+    #       }, 
+    #       {
+    #         security_control_id: "CloudWatch.12", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", 
+    #       }, 
+    #     ], 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     standards_control_association_details: [
+    #       {
+    #         association_status: "ENABLED", 
+    #         related_requirements: [
+    #           "CIS AWS Foundations 2.1", 
+    #         ], 
+    #         security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/CloudTrail.1", 
+    #         security_control_id: "CloudTrail.1", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", 
+    #         standards_control_description: "AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.", 
+    #         standards_control_title: "Ensure CloudTrail is enabled in all regions", 
+    #         updated_at: Time.parse("2022-01-13T18:52:29.539000+00:00"), 
+    #       }, 
+    #       {
+    #         association_status: "ENABLED", 
+    #         related_requirements: [
+    #           "CIS AWS Foundations 3.12", 
+    #         ], 
+    #         security_control_arn: "arn:aws:securityhub:us-west-2:110479873537:security-control/CloudWatch.12", 
+    #         security_control_id: "CloudWatch.12", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", 
+    #         standards_control_description: "Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. Network gateways are required to send/receive traffic to a destination outside of a VPC. It is recommended that a metric filter and alarm be established for changes to network gateways.", 
+    #         standards_control_title: "Ensure a log metric filter and alarm exist for changes to network gateways", 
+    #         updated_at: Time.parse("2022-01-13T18:52:29.686000+00:00"), 
+    #       }, 
+    #     ], 
+    #   }
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.batch_get_standards_control_associations({
@@ -1079,6 +1164,45 @@ module Aws::SecurityHub
     #
     #   * {Types::BatchUpdateStandardsControlAssociationsResponse#unprocessed_association_updates #unprocessed_association_updates} => Array<Types::UnprocessedStandardsControlAssociationUpdate>
     #
+    #
+    # @example Example: To update enablement status of a batch of controls
+    #
+    #   # The following example disables CloudWatch.12 in CIS AWS Foundations Benchmark v1.2.0. The example returns an error for
+    #   # CloudTrail.1 because an invalid standard ARN is provided.
+    #
+    #   resp = client.batch_update_standards_control_associations({
+    #     standards_control_association_updates: [
+    #       {
+    #         association_status: "DISABLED", 
+    #         security_control_id: "CloudTrail.1", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/sample-standard/v/1.1.0", 
+    #         updated_reason: "Not relevant to environment", 
+    #       }, 
+    #       {
+    #         association_status: "DISABLED", 
+    #         security_control_id: "CloudWatch.12", 
+    #         standards_arn: "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0", 
+    #         updated_reason: "Not relevant to environment", 
+    #       }, 
+    #     ], 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     unprocessed_association_updates: [
+    #       {
+    #         error_code: "INVALID_INPUT", 
+    #         error_reason: "Invalid Standards Arn: 'arn:aws:securityhub:::ruleset/sample-standard/v/1.1.0'", 
+    #         standards_control_association_update: {
+    #           association_status: "DISABLED", 
+    #           security_control_id: "CloudTrail.1", 
+    #           standards_arn: "arn:aws:securityhub:::ruleset/sample-standard/v/1.1.0", 
+    #           updated_reason: "Test Reason", 
+    #         }, 
+    #       }, 
+    #     ], 
+    #   }
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.batch_update_standards_control_associations({
@@ -3392,6 +3516,158 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Returns history for a Security Hub finding in the last 90 days. The
+    # history includes changes made to any fields in the Amazon Web Services
+    # Security Finding Format (ASFF).
+    #
+    # @option params [required, Types::AwsSecurityFindingIdentifier] :finding_identifier
+    #   Identifies which finding to get the finding history for.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :start_time
+    #   An ISO 8601-formatted timestamp that indicates the start time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
+    #   and time should be separated by `T`. For more information, see [RFC
+    #   3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security Hub
+    #   returns finding history for the specified time period. If you provide
+    #   a value for `StartTime` but not for `EndTime`, Security Hub returns
+    #   finding history from the `StartTime` to the time at which the API is
+    #   called. If you provide a value for `EndTime` but not for `StartTime`,
+    #   Security Hub returns finding history from the [CreatedAt][2] timestamp
+    #   of the finding to the `EndTime`. If you provide neither `StartTime`
+    #   nor `EndTime`, Security Hub returns finding history from the CreatedAt
+    #   timestamp of the finding to the time at which the API is called. In
+    #   all of these scenarios, the response is limited to 100 results, and
+    #   the maximum time period is limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :end_time
+    #   An ISO 8601-formatted timestamp that indicates the end time of the
+    #   requested finding history. A correctly formatted example is
+    #   `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and date
+    #   and time should be separated by `T`. For more information, see [RFC
+    #   3339 section 5.6, Internet Date/Time Format][1].
+    #
+    #   If you provide values for both `StartTime` and `EndTime`, Security Hub
+    #   returns finding history for the specified time period. If you provide
+    #   a value for `StartTime` but not for `EndTime`, Security Hub returns
+    #   finding history from the `StartTime` to the time at which the API is
+    #   called. If you provide a value for `EndTime` but not for `StartTime`,
+    #   Security Hub returns finding history from the [CreatedAt][2] timestamp
+    #   of the finding to the `EndTime`. If you provide neither `StartTime`
+    #   nor `EndTime`, Security Hub returns finding history from the CreatedAt
+    #   timestamp of the finding to the time at which the API is called. In
+    #   all of these scenarios, the response is limited to 100 results, and
+    #   the maximum time period is limited to 90 days.
+    #
+    #
+    #
+    #   [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
+    #   [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
+    #
+    # @option params [String] :next_token
+    #   A token for pagination purposes. Provide `NULL` as the initial value.
+    #   In subsequent requests, provide the token included in the response to
+    #   get up to an additional 100 results of finding history. If you don’t
+    #   provide `NextToken`, Security Hub returns up to 100 results of finding
+    #   history for each request.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of results to be returned. If you don’t provide it,
+    #   Security Hub returns up to 100 results of finding history.
+    #
+    # @return [Types::GetFindingHistoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetFindingHistoryResponse#records #records} => Array<Types::FindingHistoryRecord>
+    #   * {Types::GetFindingHistoryResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    #
+    # @example Example: To get finding history
+    #
+    #   # The following example retrieves the history of the specified finding during the specified time frame. If the time frame
+    #   # permits, Security Hub returns finding history for the last 90 days.
+    #
+    #   resp = client.get_finding_history({
+    #     end_time: Time.parse("2021-09-31T15:53:35.573Z"), 
+    #     finding_identifier: {
+    #       id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", 
+    #       product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default", 
+    #     }, 
+    #     max_results: 2, 
+    #     start_time: Time.parse("2021-09-30T15:53:35.573Z"), 
+    #   })
+    #
+    #   resp.to_h outputs the following:
+    #   {
+    #     records: [
+    #       {
+    #         finding_created: false, 
+    #         finding_identifier: {
+    #           id: "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111", 
+    #           product_arn: "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default", 
+    #         }, 
+    #         update_source: {
+    #           identity: "arn:aws:iam::444455556666:role/Admin", 
+    #           type: "BATCH_UPDATE_FINDINGS", 
+    #         }, 
+    #         update_time: Time.parse("2021-09-31T15:52:25.573Z"), 
+    #         updates: [
+    #           {
+    #             new_value: "MEDIUM", 
+    #             old_value: "HIGH", 
+    #             updated_field: "Severity", 
+    #           }, 
+    #         ], 
+    #       }, 
+    #     ], 
+    #   }
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_finding_history({
+    #     finding_identifier: { # required
+    #       id: "NonEmptyString", # required
+    #       product_arn: "NonEmptyString", # required
+    #     },
+    #     start_time: Time.now,
+    #     end_time: Time.now,
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.records #=> Array
+    #   resp.records[0].finding_identifier.id #=> String
+    #   resp.records[0].finding_identifier.product_arn #=> String
+    #   resp.records[0].update_time #=> Time
+    #   resp.records[0].finding_created #=> Boolean
+    #   resp.records[0].update_source.type #=> String, one of "BATCH_UPDATE_FINDINGS", "BATCH_IMPORT_FINDINGS"
+    #   resp.records[0].update_source.identity #=> String
+    #   resp.records[0].updates #=> Array
+    #   resp.records[0].updates[0].updated_field #=> String
+    #   resp.records[0].updates[0].old_value #=> String
+    #   resp.records[0].updates[0].new_value #=> String
+    #   resp.records[0].next_token #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistory AWS API Documentation
+    #
+    # @overload get_finding_history(params = {})
+    # @param [Hash] params ({})
+    def get_finding_history(params = {}, options = {})
+      req = build_request(:get_finding_history, params)
+      req.send_request(options)
+    end
+
     # Returns a list of findings that match the specified criteria.
     #
     # If finding aggregation is enabled, then when you call `GetFindings`
@@ -7234,7 +7510,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.80.0'
+      context[:gem_version] = '1.82.0'
       Seahorse::Client::Request.new(handlers, context)
     end