aws-sdk-securityhub 1.80.0 → 1.82.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -411,6 +411,319 @@ module Aws::SecurityHub
411
411
  include Aws::Structure
412
412
  end
413
413
 
414
+ # Provides details about an Amazon MQ message broker. A message broker
415
+ # allows software applications and components to communicate using
416
+ # various programming languages, operating systems, and formal messaging
417
+ # protocols.
418
+ #
419
+ # @!attribute [rw] authentication_strategy
420
+ # The authentication strategy used to secure the broker. The default
421
+ # is `SIMPLE`.
422
+ # @return [String]
423
+ #
424
+ # @!attribute [rw] auto_minor_version_upgrade
425
+ # Whether automatically upgrade new minor versions for brokers, as new
426
+ # versions are released and supported by Amazon MQ. Automatic upgrades
427
+ # occur during the scheduled maintenance window of the broker or after
428
+ # a manual broker reboot.
429
+ # @return [Boolean]
430
+ #
431
+ # @!attribute [rw] broker_arn
432
+ # The Amazon Resource Name (ARN) of the broker.
433
+ # @return [String]
434
+ #
435
+ # @!attribute [rw] broker_name
436
+ # The broker's name.
437
+ # @return [String]
438
+ #
439
+ # @!attribute [rw] deployment_mode
440
+ # The broker's deployment mode.
441
+ # @return [String]
442
+ #
443
+ # @!attribute [rw] encryption_options
444
+ # Encryption options for the broker. Doesn’t apply to RabbitMQ
445
+ # brokers.
446
+ # @return [Types::AwsAmazonMqBrokerEncryptionOptionsDetails]
447
+ #
448
+ # @!attribute [rw] engine_type
449
+ # The type of broker engine.
450
+ # @return [String]
451
+ #
452
+ # @!attribute [rw] engine_version
453
+ # The version of the broker engine.
454
+ # @return [String]
455
+ #
456
+ # @!attribute [rw] host_instance_type
457
+ # The broker's instance type.
458
+ # @return [String]
459
+ #
460
+ # @!attribute [rw] broker_id
461
+ # The unique ID that Amazon MQ generates for the broker.
462
+ # @return [String]
463
+ #
464
+ # @!attribute [rw] ldap_server_metadata
465
+ # The metadata of the Lightweight Directory Access Protocol (LDAP)
466
+ # server used to authenticate and authorize connections to the broker.
467
+ # This is an optional failover server.
468
+ # @return [Types::AwsAmazonMqBrokerLdapServerMetadataDetails]
469
+ #
470
+ # @!attribute [rw] logs
471
+ # Turns on Amazon CloudWatch logging for brokers.
472
+ # @return [Types::AwsAmazonMqBrokerLogsDetails]
473
+ #
474
+ # @!attribute [rw] maintenance_window_start_time
475
+ # The scheduled time period (UTC) during which Amazon MQ begins to
476
+ # apply pending updates or patches to the broker.
477
+ # @return [Types::AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails]
478
+ #
479
+ # @!attribute [rw] publicly_accessible
480
+ # Permits connections from applications outside of the VPC that hosts
481
+ # the broker's subnets.
482
+ # @return [Boolean]
483
+ #
484
+ # @!attribute [rw] security_groups
485
+ # The list of rules (one minimum, 125 maximum) that authorize
486
+ # connections to brokers.
487
+ # @return [Array<String>]
488
+ #
489
+ # @!attribute [rw] storage_type
490
+ # The broker's storage type.
491
+ # @return [String]
492
+ #
493
+ # @!attribute [rw] subnet_ids
494
+ # The list of groups that define which subnets and IP ranges the
495
+ # broker can use from different Availability Zones.
496
+ # @return [Array<String>]
497
+ #
498
+ # @!attribute [rw] users
499
+ # The list of all broker usernames for the specified broker. Doesn't
500
+ # apply to RabbitMQ brokers.
501
+ # @return [Array<Types::AwsAmazonMqBrokerUsersDetails>]
502
+ #
503
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerDetails AWS API Documentation
504
+ #
505
+ class AwsAmazonMqBrokerDetails < Struct.new(
506
+ :authentication_strategy,
507
+ :auto_minor_version_upgrade,
508
+ :broker_arn,
509
+ :broker_name,
510
+ :deployment_mode,
511
+ :encryption_options,
512
+ :engine_type,
513
+ :engine_version,
514
+ :host_instance_type,
515
+ :broker_id,
516
+ :ldap_server_metadata,
517
+ :logs,
518
+ :maintenance_window_start_time,
519
+ :publicly_accessible,
520
+ :security_groups,
521
+ :storage_type,
522
+ :subnet_ids,
523
+ :users)
524
+ SENSITIVE = []
525
+ include Aws::Structure
526
+ end
527
+
528
+ # Provides details about broker encryption options.
529
+ #
530
+ # @!attribute [rw] kms_key_id
531
+ # The KMS key that’s used to encrypt your data at rest. If not
532
+ # provided, Amazon MQ will use a default KMS key to encrypt your data.
533
+ # @return [String]
534
+ #
535
+ # @!attribute [rw] use_aws_owned_key
536
+ # Specifies that an KMS key should be used for at-rest encryption. Set
537
+ # to `true` by default if no value is provided (for example, for
538
+ # RabbitMQ brokers).
539
+ # @return [Boolean]
540
+ #
541
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerEncryptionOptionsDetails AWS API Documentation
542
+ #
543
+ class AwsAmazonMqBrokerEncryptionOptionsDetails < Struct.new(
544
+ :kms_key_id,
545
+ :use_aws_owned_key)
546
+ SENSITIVE = []
547
+ include Aws::Structure
548
+ end
549
+
550
+ # The metadata of the Lightweight Directory Access Protocol (LDAP)
551
+ # server used to authenticate and authorize connections to the broker.
552
+ # This is an optional failover server.
553
+ #
554
+ # @!attribute [rw] hosts
555
+ # Specifies the location of the LDAP server, such as Amazon Web
556
+ # Services Directory Service for Microsoft Active Directory.
557
+ # @return [Array<String>]
558
+ #
559
+ # @!attribute [rw] role_base
560
+ # The distinguished name of the node in the directory information tree
561
+ # (DIT) to search for roles or groups.
562
+ # @return [String]
563
+ #
564
+ # @!attribute [rw] role_name
565
+ # The group name attribute in a role entry whose value is the name of
566
+ # that role.
567
+ # @return [String]
568
+ #
569
+ # @!attribute [rw] role_search_matching
570
+ # The LDAP search filter used to find roles within the `roleBase`.
571
+ # @return [String]
572
+ #
573
+ # @!attribute [rw] role_search_subtree
574
+ # The directory search scope for the role. If set to `true`, the scope
575
+ # is to search the entire subtree.
576
+ # @return [Boolean]
577
+ #
578
+ # @!attribute [rw] service_account_username
579
+ # A username for the service account, which is an account in your LDAP
580
+ # server that has access to initiate a connection.
581
+ # @return [String]
582
+ #
583
+ # @!attribute [rw] user_base
584
+ # Selects a particular subtree of the directory information tree (DIT)
585
+ # to search for user entries.
586
+ # @return [String]
587
+ #
588
+ # @!attribute [rw] user_role_name
589
+ # The name of the LDAP attribute in the user's directory entry for
590
+ # the user's group membership.
591
+ # @return [String]
592
+ #
593
+ # @!attribute [rw] user_search_matching
594
+ # The LDAP search filter used to find users within the `userBase`.
595
+ # @return [String]
596
+ #
597
+ # @!attribute [rw] user_search_subtree
598
+ # The directory search scope for the user. If set to true, the scope
599
+ # is to search the entire subtree.
600
+ # @return [Boolean]
601
+ #
602
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerLdapServerMetadataDetails AWS API Documentation
603
+ #
604
+ class AwsAmazonMqBrokerLdapServerMetadataDetails < Struct.new(
605
+ :hosts,
606
+ :role_base,
607
+ :role_name,
608
+ :role_search_matching,
609
+ :role_search_subtree,
610
+ :service_account_username,
611
+ :user_base,
612
+ :user_role_name,
613
+ :user_search_matching,
614
+ :user_search_subtree)
615
+ SENSITIVE = []
616
+ include Aws::Structure
617
+ end
618
+
619
+ # Provides information about logs to be activated for the specified
620
+ # broker.
621
+ #
622
+ # @!attribute [rw] audit
623
+ # Activates audit logging. Every user management action made using JMX
624
+ # or the ActiveMQ Web Console is logged. Doesn't apply to RabbitMQ
625
+ # brokers.
626
+ # @return [Boolean]
627
+ #
628
+ # @!attribute [rw] general
629
+ # Activates general logging.
630
+ # @return [Boolean]
631
+ #
632
+ # @!attribute [rw] audit_log_group
633
+ # The location of the CloudWatch Logs log group where audit logs are
634
+ # sent.
635
+ # @return [String]
636
+ #
637
+ # @!attribute [rw] general_log_group
638
+ # The location of the CloudWatch Logs log group where general logs are
639
+ # sent.
640
+ # @return [String]
641
+ #
642
+ # @!attribute [rw] pending
643
+ # The list of information about logs that are to be turned on for the
644
+ # specified broker.
645
+ # @return [Types::AwsAmazonMqBrokerLogsPendingDetails]
646
+ #
647
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerLogsDetails AWS API Documentation
648
+ #
649
+ class AwsAmazonMqBrokerLogsDetails < Struct.new(
650
+ :audit,
651
+ :general,
652
+ :audit_log_group,
653
+ :general_log_group,
654
+ :pending)
655
+ SENSITIVE = []
656
+ include Aws::Structure
657
+ end
658
+
659
+ # Provides information about logs to be activated for the specified
660
+ # broker.
661
+ #
662
+ # @!attribute [rw] audit
663
+ # Activates audit logging. Every user management action made using JMX
664
+ # or the ActiveMQ Web Console is logged. Doesn't apply to RabbitMQ
665
+ # brokers.
666
+ # @return [Boolean]
667
+ #
668
+ # @!attribute [rw] general
669
+ # Activates general logging.
670
+ # @return [Boolean]
671
+ #
672
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerLogsPendingDetails AWS API Documentation
673
+ #
674
+ class AwsAmazonMqBrokerLogsPendingDetails < Struct.new(
675
+ :audit,
676
+ :general)
677
+ SENSITIVE = []
678
+ include Aws::Structure
679
+ end
680
+
681
+ # The scheduled time period (UTC) during which Amazon MQ begins to apply
682
+ # pending updates or patches to the broker.
683
+ #
684
+ # @!attribute [rw] day_of_week
685
+ # The day of the week on which the maintenance window falls.
686
+ # @return [String]
687
+ #
688
+ # @!attribute [rw] time_of_day
689
+ # The time, in 24-hour format, on which the maintenance window falls.
690
+ # @return [String]
691
+ #
692
+ # @!attribute [rw] time_zone
693
+ # The time zone in either the Country/City format or the UTC offset
694
+ # format. UTC is the default format.
695
+ # @return [String]
696
+ #
697
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails AWS API Documentation
698
+ #
699
+ class AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails < Struct.new(
700
+ :day_of_week,
701
+ :time_of_day,
702
+ :time_zone)
703
+ SENSITIVE = []
704
+ include Aws::Structure
705
+ end
706
+
707
+ # Provides details about the broker usernames for the specified broker.
708
+ # Doesn't apply to RabbitMQ brokers.
709
+ #
710
+ # @!attribute [rw] pending_change
711
+ # The type of change pending for the broker user.
712
+ # @return [String]
713
+ #
714
+ # @!attribute [rw] username
715
+ # The username of the broker user.
716
+ # @return [String]
717
+ #
718
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAmazonMqBrokerUsersDetails AWS API Documentation
719
+ #
720
+ class AwsAmazonMqBrokerUsersDetails < Struct.new(
721
+ :pending_change,
722
+ :username)
723
+ SENSITIVE = []
724
+ include Aws::Structure
725
+ end
726
+
414
727
  # Provided if `ActionType` is `AWS_API_CALL`. It provides details about
415
728
  # the API call that was detected.
416
729
  #
@@ -1098,6 +1411,240 @@ module Aws::SecurityHub
1098
1411
  include Aws::Structure
1099
1412
  end
1100
1413
 
1414
+ # A list of additional authentication providers for the GraphqlApi API.
1415
+ #
1416
+ # @!attribute [rw] authentication_type
1417
+ # The type of security configuration for your GraphQL API: API key,
1418
+ # Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon
1419
+ # Cognito user pools, or Lambda.
1420
+ # @return [String]
1421
+ #
1422
+ # @!attribute [rw] lambda_authorizer_config
1423
+ # The configuration for Lambda function authorization.
1424
+ # @return [Types::AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails]
1425
+ #
1426
+ # @!attribute [rw] open_id_connect_config
1427
+ # The OpenID Connect configuration.
1428
+ # @return [Types::AwsAppSyncGraphQlApiOpenIdConnectConfigDetails]
1429
+ #
1430
+ # @!attribute [rw] user_pool_config
1431
+ # The Amazon Cognito user pools configuration.
1432
+ # @return [Types::AwsAppSyncGraphQlApiUserPoolConfigDetails]
1433
+ #
1434
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails AWS API Documentation
1435
+ #
1436
+ class AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails < Struct.new(
1437
+ :authentication_type,
1438
+ :lambda_authorizer_config,
1439
+ :open_id_connect_config,
1440
+ :user_pool_config)
1441
+ SENSITIVE = []
1442
+ include Aws::Structure
1443
+ end
1444
+
1445
+ # Provides details about an AppSync Graph QL API, which lets you query
1446
+ # multiple databases, microservices, and APIs from a single GraphQL
1447
+ # endpoint.
1448
+ #
1449
+ # @!attribute [rw] api_id
1450
+ # The unique identifier for the API.
1451
+ # @return [String]
1452
+ #
1453
+ # @!attribute [rw] id
1454
+ # The unique identifier for the API.
1455
+ # @return [String]
1456
+ #
1457
+ # @!attribute [rw] open_id_connect_config
1458
+ # Specifies the authorization configuration for using an OpenID
1459
+ # Connect compliant service with an AppSync GraphQL API endpoint.
1460
+ # @return [Types::AwsAppSyncGraphQlApiOpenIdConnectConfigDetails]
1461
+ #
1462
+ # @!attribute [rw] name
1463
+ # The API name.
1464
+ # @return [String]
1465
+ #
1466
+ # @!attribute [rw] lambda_authorizer_config
1467
+ # Specifies the configuration for Lambda function authorization.
1468
+ # @return [Types::AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails]
1469
+ #
1470
+ # @!attribute [rw] xray_enabled
1471
+ # Indicates whether to use X-Ray tracing for the GraphQL API.
1472
+ # @return [Boolean]
1473
+ #
1474
+ # @!attribute [rw] arn
1475
+ # The Amazon Resource Name (ARN) of the API.
1476
+ # @return [String]
1477
+ #
1478
+ # @!attribute [rw] user_pool_config
1479
+ # The Amazon Cognito user pools configuration.
1480
+ # @return [Types::AwsAppSyncGraphQlApiUserPoolConfigDetails]
1481
+ #
1482
+ # @!attribute [rw] authentication_type
1483
+ # The type of security configuration for your GraphQL API: API key,
1484
+ # Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon
1485
+ # Cognito user pools, or Lambda.
1486
+ # @return [String]
1487
+ #
1488
+ # @!attribute [rw] log_config
1489
+ # The Amazon CloudWatch Logs configuration.
1490
+ # @return [Types::AwsAppSyncGraphQlApiLogConfigDetails]
1491
+ #
1492
+ # @!attribute [rw] additional_authentication_providers
1493
+ # A list of additional authentication providers for the GraphQL API.
1494
+ # @return [Array<Types::AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails>]
1495
+ #
1496
+ # @!attribute [rw] waf_web_acl_arn
1497
+ # The Amazon Resource Name (ARN) of the WAF web access control list
1498
+ # (web ACL) associated with this GraphQL API, if one exists.
1499
+ # @return [String]
1500
+ #
1501
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiDetails AWS API Documentation
1502
+ #
1503
+ class AwsAppSyncGraphQlApiDetails < Struct.new(
1504
+ :api_id,
1505
+ :id,
1506
+ :open_id_connect_config,
1507
+ :name,
1508
+ :lambda_authorizer_config,
1509
+ :xray_enabled,
1510
+ :arn,
1511
+ :user_pool_config,
1512
+ :authentication_type,
1513
+ :log_config,
1514
+ :additional_authentication_providers,
1515
+ :waf_web_acl_arn)
1516
+ SENSITIVE = []
1517
+ include Aws::Structure
1518
+ end
1519
+
1520
+ # Specifies the authorization configuration for using an Lambda function
1521
+ # with your AppSync GraphQL API endpoint.
1522
+ #
1523
+ # @!attribute [rw] authorizer_result_ttl_in_seconds
1524
+ # The number of seconds a response should be cached for. The default
1525
+ # is 5 minutes (300 seconds).
1526
+ # @return [Integer]
1527
+ #
1528
+ # @!attribute [rw] authorizer_uri
1529
+ # The Amazon Resource Name (ARN) of the Lambda function to be called
1530
+ # for authorization. This can be a standard Lambda ARN, a version ARN
1531
+ # (.../v3), or an alias ARN.
1532
+ # @return [String]
1533
+ #
1534
+ # @!attribute [rw] identity_validation_expression
1535
+ # A regular expression for validation of tokens before the Lambda
1536
+ # function is called.
1537
+ # @return [String]
1538
+ #
1539
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails AWS API Documentation
1540
+ #
1541
+ class AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails < Struct.new(
1542
+ :authorizer_result_ttl_in_seconds,
1543
+ :authorizer_uri,
1544
+ :identity_validation_expression)
1545
+ SENSITIVE = []
1546
+ include Aws::Structure
1547
+ end
1548
+
1549
+ # Specifies the logging configuration when writing GraphQL operations
1550
+ # and tracing to Amazon CloudWatch for an AppSync GraphQL API.
1551
+ #
1552
+ # @!attribute [rw] cloud_watch_logs_role_arn
1553
+ # The Amazon Resource Name (ARN) of the service role that AppSync
1554
+ # assumes to publish to CloudWatch Logs in your account.
1555
+ # @return [String]
1556
+ #
1557
+ # @!attribute [rw] exclude_verbose_content
1558
+ # Set to `TRUE` to exclude sections that contain information such as
1559
+ # headers, context, and evaluated mapping templates, regardless of
1560
+ # logging level.
1561
+ # @return [Boolean]
1562
+ #
1563
+ # @!attribute [rw] field_log_level
1564
+ # The field logging level.
1565
+ # @return [String]
1566
+ #
1567
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiLogConfigDetails AWS API Documentation
1568
+ #
1569
+ class AwsAppSyncGraphQlApiLogConfigDetails < Struct.new(
1570
+ :cloud_watch_logs_role_arn,
1571
+ :exclude_verbose_content,
1572
+ :field_log_level)
1573
+ SENSITIVE = []
1574
+ include Aws::Structure
1575
+ end
1576
+
1577
+ # Specifies the authorization configuration for using an OpenID Connect
1578
+ # compliant service with your AppSync GraphQL API endpoint.
1579
+ #
1580
+ # @!attribute [rw] auth_tt_l
1581
+ # The number of milliseconds that a token is valid after being
1582
+ # authenticated.
1583
+ # @return [Integer]
1584
+ #
1585
+ # @!attribute [rw] client_id
1586
+ # The client identifier of the relying party at the OpenID identity
1587
+ # provider. This identifier is typically obtained when the relying
1588
+ # party is registered with the OpenID identity provider. You can
1589
+ # specify a regular expression so that AppSync can validate against
1590
+ # multiple client identifiers at a time.
1591
+ # @return [String]
1592
+ #
1593
+ # @!attribute [rw] iat_tt_l
1594
+ # The number of milliseconds that a token is valid after it's issued
1595
+ # to a user.
1596
+ # @return [Integer]
1597
+ #
1598
+ # @!attribute [rw] issuer
1599
+ # The issuer for the OIDC configuration. The issuer returned by
1600
+ # discovery must exactly match the value of `iss` in the ID token.
1601
+ # @return [String]
1602
+ #
1603
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiOpenIdConnectConfigDetails AWS API Documentation
1604
+ #
1605
+ class AwsAppSyncGraphQlApiOpenIdConnectConfigDetails < Struct.new(
1606
+ :auth_tt_l,
1607
+ :client_id,
1608
+ :iat_tt_l,
1609
+ :issuer)
1610
+ SENSITIVE = []
1611
+ include Aws::Structure
1612
+ end
1613
+
1614
+ # Specifies the authorization configuration for using Amazon Cognito
1615
+ # user pools with your AppSync GraphQL API endpoint.
1616
+ #
1617
+ # @!attribute [rw] app_id_client_regex
1618
+ # A regular expression for validating the incoming Amazon Cognito user
1619
+ # pools app client ID. If this value isn't set, no filtering is
1620
+ # applied.
1621
+ # @return [String]
1622
+ #
1623
+ # @!attribute [rw] aws_region
1624
+ # The Amazon Web Services Region in which the user pool was created.
1625
+ # @return [String]
1626
+ #
1627
+ # @!attribute [rw] default_action
1628
+ # The action that you want your GraphQL API to take when a request
1629
+ # that uses Amazon Cognito user pools authentication doesn't match
1630
+ # the Amazon Cognito user pools configuration.
1631
+ # @return [String]
1632
+ #
1633
+ # @!attribute [rw] user_pool_id
1634
+ # The user pool ID.
1635
+ # @return [String]
1636
+ #
1637
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAppSyncGraphQlApiUserPoolConfigDetails AWS API Documentation
1638
+ #
1639
+ class AwsAppSyncGraphQlApiUserPoolConfigDetails < Struct.new(
1640
+ :app_id_client_regex,
1641
+ :aws_region,
1642
+ :default_action,
1643
+ :user_pool_id)
1644
+ SENSITIVE = []
1645
+ include Aws::Structure
1646
+ end
1647
+
1101
1648
  # An Availability Zone for the automatic scaling group.
1102
1649
  #
1103
1650
  # @!attribute [rw] value
@@ -10663,68 +11210,352 @@ module Aws::SecurityHub
10663
11210
  # balancer.
10664
11211
  # @return [String]
10665
11212
  #
10666
- # @!attribute [rw] created_time
10667
- # Indicates when the load balancer was created.
11213
+ # @!attribute [rw] created_time
11214
+ # Indicates when the load balancer was created.
11215
+ #
11216
+ # Uses the `date-time` format specified in [RFC 3339 section 5.6,
11217
+ # Internet Date/Time Format][1]. The value cannot contain spaces, and
11218
+ # date and time should be separated by `T`. For example,
11219
+ # `2020-03-22T13:22:13.933Z`.
11220
+ #
11221
+ #
11222
+ #
11223
+ # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
11224
+ # @return [String]
11225
+ #
11226
+ # @!attribute [rw] dns_name
11227
+ # The public DNS name of the load balancer.
11228
+ # @return [String]
11229
+ #
11230
+ # @!attribute [rw] ip_address_type
11231
+ # The type of IP addresses used by the subnets for your load balancer.
11232
+ # The possible values are `ipv4` (for IPv4 addresses) and `dualstack`
11233
+ # (for IPv4 and IPv6 addresses).
11234
+ # @return [String]
11235
+ #
11236
+ # @!attribute [rw] scheme
11237
+ # The nodes of an Internet-facing load balancer have public IP
11238
+ # addresses.
11239
+ # @return [String]
11240
+ #
11241
+ # @!attribute [rw] security_groups
11242
+ # The IDs of the security groups for the load balancer.
11243
+ # @return [Array<String>]
11244
+ #
11245
+ # @!attribute [rw] state
11246
+ # The state of the load balancer.
11247
+ # @return [Types::LoadBalancerState]
11248
+ #
11249
+ # @!attribute [rw] type
11250
+ # The type of load balancer.
11251
+ # @return [String]
11252
+ #
11253
+ # @!attribute [rw] vpc_id
11254
+ # The ID of the VPC for the load balancer.
11255
+ # @return [String]
11256
+ #
11257
+ # @!attribute [rw] load_balancer_attributes
11258
+ # Attributes of the load balancer.
11259
+ # @return [Array<Types::AwsElbv2LoadBalancerAttribute>]
11260
+ #
11261
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbv2LoadBalancerDetails AWS API Documentation
11262
+ #
11263
+ class AwsElbv2LoadBalancerDetails < Struct.new(
11264
+ :availability_zones,
11265
+ :canonical_hosted_zone_id,
11266
+ :created_time,
11267
+ :dns_name,
11268
+ :ip_address_type,
11269
+ :scheme,
11270
+ :security_groups,
11271
+ :state,
11272
+ :type,
11273
+ :vpc_id,
11274
+ :load_balancer_attributes)
11275
+ SENSITIVE = []
11276
+ include Aws::Structure
11277
+ end
11278
+
11279
+ # A schema defines the structure of events that are sent to Amazon
11280
+ # EventBridge. Schema registries are containers for schemas. They
11281
+ # collect and organize schemas so that your schemas are in logical
11282
+ # groups.
11283
+ #
11284
+ # @!attribute [rw] description
11285
+ # A description of the registry to be created.
11286
+ # @return [String]
11287
+ #
11288
+ # @!attribute [rw] registry_arn
11289
+ # The Amazon Resource Name (ARN) of the registry.
11290
+ # @return [String]
11291
+ #
11292
+ # @!attribute [rw] registry_name
11293
+ # The name of the schema registry.
11294
+ # @return [String]
11295
+ #
11296
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEventSchemasRegistryDetails AWS API Documentation
11297
+ #
11298
+ class AwsEventSchemasRegistryDetails < Struct.new(
11299
+ :description,
11300
+ :registry_arn,
11301
+ :registry_name)
11302
+ SENSITIVE = []
11303
+ include Aws::Structure
11304
+ end
11305
+
11306
+ # An object that contains information on the status of CloudTrail as a
11307
+ # data source for the detector.
11308
+ #
11309
+ # @!attribute [rw] status
11310
+ # Specifies whether CloudTrail is activated as a data source for the
11311
+ # detector.
11312
+ # @return [String]
11313
+ #
11314
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesCloudTrailDetails AWS API Documentation
11315
+ #
11316
+ class AwsGuardDutyDetectorDataSourcesCloudTrailDetails < Struct.new(
11317
+ :status)
11318
+ SENSITIVE = []
11319
+ include Aws::Structure
11320
+ end
11321
+
11322
+ # Describes which data sources are activated for the detector.
11323
+ #
11324
+ # @!attribute [rw] cloud_trail
11325
+ # An object that contains information on the status of CloudTrail as a
11326
+ # data source for the detector.
11327
+ # @return [Types::AwsGuardDutyDetectorDataSourcesCloudTrailDetails]
11328
+ #
11329
+ # @!attribute [rw] dns_logs
11330
+ # An object that contains information on the status of DNS logs as a
11331
+ # data source for the detector.
11332
+ # @return [Types::AwsGuardDutyDetectorDataSourcesDnsLogsDetails]
11333
+ #
11334
+ # @!attribute [rw] flow_logs
11335
+ # An object that contains information on the status of VPC Flow Logs
11336
+ # as a data source for the detector.
11337
+ # @return [Types::AwsGuardDutyDetectorDataSourcesFlowLogsDetails]
11338
+ #
11339
+ # @!attribute [rw] kubernetes
11340
+ # An object that contains information on the status of Kubernetes data
11341
+ # sources for the detector.
11342
+ # @return [Types::AwsGuardDutyDetectorDataSourcesKubernetesDetails]
11343
+ #
11344
+ # @!attribute [rw] malware_protection
11345
+ # An object that contains information on the status of Malware
11346
+ # Protection as a data source for the detector.
11347
+ # @return [Types::AwsGuardDutyDetectorDataSourcesMalwareProtectionDetails]
11348
+ #
11349
+ # @!attribute [rw] s3_logs
11350
+ # An object that contains information on the status of S3 Data event
11351
+ # logs as a data source for the detector.
11352
+ # @return [Types::AwsGuardDutyDetectorDataSourcesS3LogsDetails]
11353
+ #
11354
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesDetails AWS API Documentation
11355
+ #
11356
+ class AwsGuardDutyDetectorDataSourcesDetails < Struct.new(
11357
+ :cloud_trail,
11358
+ :dns_logs,
11359
+ :flow_logs,
11360
+ :kubernetes,
11361
+ :malware_protection,
11362
+ :s3_logs)
11363
+ SENSITIVE = []
11364
+ include Aws::Structure
11365
+ end
11366
+
11367
+ # An object that contains information on the status of DNS logs as a
11368
+ # data source for the detector.
11369
+ #
11370
+ # @!attribute [rw] status
11371
+ # Describes whether DNS logs is enabled as a data source for the
11372
+ # detector.
11373
+ # @return [String]
11374
+ #
11375
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesDnsLogsDetails AWS API Documentation
11376
+ #
11377
+ class AwsGuardDutyDetectorDataSourcesDnsLogsDetails < Struct.new(
11378
+ :status)
11379
+ SENSITIVE = []
11380
+ include Aws::Structure
11381
+ end
11382
+
11383
+ # An object that contains information on the status of VPC Flow Logs as
11384
+ # a data source for the detector.
11385
+ #
11386
+ # @!attribute [rw] status
11387
+ # Describes whether VPC Flow Logs are activated as a data source for
11388
+ # the detector.
11389
+ # @return [String]
11390
+ #
11391
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesFlowLogsDetails AWS API Documentation
11392
+ #
11393
+ class AwsGuardDutyDetectorDataSourcesFlowLogsDetails < Struct.new(
11394
+ :status)
11395
+ SENSITIVE = []
11396
+ include Aws::Structure
11397
+ end
11398
+
11399
+ # An object that contains information on the status of Kubernetes audit
11400
+ # logs as a data source for the detector.
11401
+ #
11402
+ # @!attribute [rw] status
11403
+ # Describes whether Kubernetes audit logs are activated as a data
11404
+ # source for the detector.
11405
+ # @return [String]
11406
+ #
11407
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesKubernetesAuditLogsDetails AWS API Documentation
11408
+ #
11409
+ class AwsGuardDutyDetectorDataSourcesKubernetesAuditLogsDetails < Struct.new(
11410
+ :status)
11411
+ SENSITIVE = []
11412
+ include Aws::Structure
11413
+ end
11414
+
11415
+ # An object that contains information on the status of Kubernetes data
11416
+ # sources for the detector.
11417
+ #
11418
+ # @!attribute [rw] audit_logs
11419
+ # Describes whether Kubernetes audit logs are activated as a data
11420
+ # source for the detector.
11421
+ # @return [Types::AwsGuardDutyDetectorDataSourcesKubernetesAuditLogsDetails]
11422
+ #
11423
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesKubernetesDetails AWS API Documentation
11424
+ #
11425
+ class AwsGuardDutyDetectorDataSourcesKubernetesDetails < Struct.new(
11426
+ :audit_logs)
11427
+ SENSITIVE = []
11428
+ include Aws::Structure
11429
+ end
11430
+
11431
+ # An object that contains information on the status of Malware
11432
+ # Protection as a data source for the detector.
11433
+ #
11434
+ # @!attribute [rw] scan_ec2_instance_with_findings
11435
+ # Describes the configuration of Malware Protection for EC2 instances
11436
+ # with findings.
11437
+ # @return [Types::AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsDetails]
11438
+ #
11439
+ # @!attribute [rw] service_role
11440
+ # The GuardDuty Malware Protection service role.
11441
+ # @return [String]
11442
+ #
11443
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesMalwareProtectionDetails AWS API Documentation
11444
+ #
11445
+ class AwsGuardDutyDetectorDataSourcesMalwareProtectionDetails < Struct.new(
11446
+ :scan_ec2_instance_with_findings,
11447
+ :service_role)
11448
+ SENSITIVE = []
11449
+ include Aws::Structure
11450
+ end
11451
+
11452
+ # Describes the configuration of Malware Protection for EC2 instances
11453
+ # with findings.
11454
+ #
11455
+ # @!attribute [rw] ebs_volumes
11456
+ # Describes the configuration of scanning EBS volumes (Malware
11457
+ # Protection) as a data source.
11458
+ # @return [Types::AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesDetails]
11459
+ #
11460
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsDetails AWS API Documentation
11461
+ #
11462
+ class AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsDetails < Struct.new(
11463
+ :ebs_volumes)
11464
+ SENSITIVE = []
11465
+ include Aws::Structure
11466
+ end
11467
+
11468
+ # Describes the configuration of scanning EBS volumes (Malware
11469
+ # Protection) as a data source.
11470
+ #
11471
+ # @!attribute [rw] reason
11472
+ # Specifies the reason why scanning EBS volumes (Malware Protection)
11473
+ # isn’t activated as a data source.
11474
+ # @return [String]
11475
+ #
11476
+ # @!attribute [rw] status
11477
+ # Describes whether scanning EBS volumes is activated as a data source
11478
+ # for the detector.
11479
+ # @return [String]
11480
+ #
11481
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesDetails AWS API Documentation
10668
11482
  #
10669
- # Uses the `date-time` format specified in [RFC 3339 section 5.6,
10670
- # Internet Date/Time Format][1]. The value cannot contain spaces, and
10671
- # date and time should be separated by `T`. For example,
10672
- # `2020-03-22T13:22:13.933Z`.
11483
+ class AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesDetails < Struct.new(
11484
+ :reason,
11485
+ :status)
11486
+ SENSITIVE = []
11487
+ include Aws::Structure
11488
+ end
11489
+
11490
+ # An object that contains information on the status of S3 data event
11491
+ # logs as a data source for the detector.
10673
11492
  #
11493
+ # @!attribute [rw] status
11494
+ # A value that describes whether S3 data event logs are automatically
11495
+ # enabled for new members of an organization.
11496
+ # @return [String]
10674
11497
  #
11498
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDataSourcesS3LogsDetails AWS API Documentation
10675
11499
  #
10676
- # [1]: https://tools.ietf.org/html/rfc3339#section-5.6
10677
- # @return [String]
11500
+ class AwsGuardDutyDetectorDataSourcesS3LogsDetails < Struct.new(
11501
+ :status)
11502
+ SENSITIVE = []
11503
+ include Aws::Structure
11504
+ end
11505
+
11506
+ # Provides details about an Amazon GuardDuty detector. A detector is an
11507
+ # object that represents the GuardDuty service. A detector is required
11508
+ # for GuardDuty to become operational.
10678
11509
  #
10679
- # @!attribute [rw] dns_name
10680
- # The public DNS name of the load balancer.
11510
+ # @!attribute [rw] data_sources
11511
+ # Describes which data sources are activated for the detector.
11512
+ # @return [Types::AwsGuardDutyDetectorDataSourcesDetails]
11513
+ #
11514
+ # @!attribute [rw] features
11515
+ # Describes which features are activated for the detector.
11516
+ # @return [Array<Types::AwsGuardDutyDetectorFeaturesDetails>]
11517
+ #
11518
+ # @!attribute [rw] finding_publishing_frequency
11519
+ # The publishing frequency of the finding.
10681
11520
  # @return [String]
10682
11521
  #
10683
- # @!attribute [rw] ip_address_type
10684
- # The type of IP addresses used by the subnets for your load balancer.
10685
- # The possible values are `ipv4` (for IPv4 addresses) and `dualstack`
10686
- # (for IPv4 and IPv6 addresses).
11522
+ # @!attribute [rw] service_role
11523
+ # The GuardDuty service role.
10687
11524
  # @return [String]
10688
11525
  #
10689
- # @!attribute [rw] scheme
10690
- # The nodes of an Internet-facing load balancer have public IP
10691
- # addresses.
11526
+ # @!attribute [rw] status
11527
+ # The activation status of the detector.
10692
11528
  # @return [String]
10693
11529
  #
10694
- # @!attribute [rw] security_groups
10695
- # The IDs of the security groups for the load balancer.
10696
- # @return [Array<String>]
11530
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorDetails AWS API Documentation
10697
11531
  #
10698
- # @!attribute [rw] state
10699
- # The state of the load balancer.
10700
- # @return [Types::LoadBalancerState]
11532
+ class AwsGuardDutyDetectorDetails < Struct.new(
11533
+ :data_sources,
11534
+ :features,
11535
+ :finding_publishing_frequency,
11536
+ :service_role,
11537
+ :status)
11538
+ SENSITIVE = []
11539
+ include Aws::Structure
11540
+ end
11541
+
11542
+ # Describes which features are activated for the detector.
10701
11543
  #
10702
- # @!attribute [rw] type
10703
- # The type of load balancer.
11544
+ # @!attribute [rw] name
11545
+ # Indicates the name of the feature that is activated for the
11546
+ # detector.
10704
11547
  # @return [String]
10705
11548
  #
10706
- # @!attribute [rw] vpc_id
10707
- # The ID of the VPC for the load balancer.
11549
+ # @!attribute [rw] status
11550
+ # Indicates the status of the feature that is activated for the
11551
+ # detector.
10708
11552
  # @return [String]
10709
11553
  #
10710
- # @!attribute [rw] load_balancer_attributes
10711
- # Attributes of the load balancer.
10712
- # @return [Array<Types::AwsElbv2LoadBalancerAttribute>]
10713
- #
10714
- # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsElbv2LoadBalancerDetails AWS API Documentation
11554
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsGuardDutyDetectorFeaturesDetails AWS API Documentation
10715
11555
  #
10716
- class AwsElbv2LoadBalancerDetails < Struct.new(
10717
- :availability_zones,
10718
- :canonical_hosted_zone_id,
10719
- :created_time,
10720
- :dns_name,
10721
- :ip_address_type,
10722
- :scheme,
10723
- :security_groups,
10724
- :state,
10725
- :type,
10726
- :vpc_id,
10727
- :load_balancer_attributes)
11556
+ class AwsGuardDutyDetectorFeaturesDetails < Struct.new(
11557
+ :name,
11558
+ :status)
10728
11559
  SENSITIVE = []
10729
11560
  include Aws::Structure
10730
11561
  end
@@ -15981,7 +16812,7 @@ module Aws::SecurityHub
15981
16812
  #
15982
16813
  # @!attribute [rw] generator_id
15983
16814
  # The identifier for the solution-specific component (a discrete unit
15984
- # of logic) that generated a finding. In various security-findings
16815
+ # of logic) that generated a finding. In various security findings
15985
16816
  # providers' solutions, this generator can be called a rule, a check,
15986
16817
  # a detector, a plugin, etc.
15987
16818
  # @return [String]
@@ -16000,7 +16831,7 @@ module Aws::SecurityHub
16000
16831
  # @return [Array<String>]
16001
16832
  #
16002
16833
  # @!attribute [rw] first_observed_at
16003
- # Indicates when the security-findings provider first observed the
16834
+ # Indicates when the security findings provider first observed the
16004
16835
  # potential security issue that a finding captured.
16005
16836
  #
16006
16837
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16014,7 +16845,7 @@ module Aws::SecurityHub
16014
16845
  # @return [String]
16015
16846
  #
16016
16847
  # @!attribute [rw] last_observed_at
16017
- # Indicates when the security-findings provider most recently observed
16848
+ # Indicates when the security findings provider most recently observed
16018
16849
  # the potential security issue that a finding captured.
16019
16850
  #
16020
16851
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16028,7 +16859,7 @@ module Aws::SecurityHub
16028
16859
  # @return [String]
16029
16860
  #
16030
16861
  # @!attribute [rw] created_at
16031
- # Indicates when the security-findings provider created the potential
16862
+ # Indicates when the security findings provider created the potential
16032
16863
  # security issue that a finding captured.
16033
16864
  #
16034
16865
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16042,7 +16873,7 @@ module Aws::SecurityHub
16042
16873
  # @return [String]
16043
16874
  #
16044
16875
  # @!attribute [rw] updated_at
16045
- # Indicates when the security-findings provider last updated the
16876
+ # Indicates when the security findings provider last updated the
16046
16877
  # finding record.
16047
16878
  #
16048
16879
  # Uses the `date-time` format specified in [RFC 3339 section 5.6,
@@ -16098,12 +16929,12 @@ module Aws::SecurityHub
16098
16929
  # @return [Types::Remediation]
16099
16930
  #
16100
16931
  # @!attribute [rw] source_url
16101
- # A URL that links to a page about the current finding in the
16102
- # security-findings provider's solution.
16932
+ # A URL that links to a page about the current finding in the security
16933
+ # findings provider's solution.
16103
16934
  # @return [String]
16104
16935
  #
16105
16936
  # @!attribute [rw] product_fields
16106
- # A data type where security-findings providers can include additional
16937
+ # A data type where security findings providers can include additional
16107
16938
  # solution-specific details that aren't part of the defined
16108
16939
  # `AwsSecurityFinding` format.
16109
16940
  #
@@ -16277,7 +17108,7 @@ module Aws::SecurityHub
16277
17108
  #
16278
17109
  # @!attribute [rw] generator_id
16279
17110
  # The identifier for the solution-specific component (a discrete unit
16280
- # of logic) that generated a finding. In various security-findings
17111
+ # of logic) that generated a finding. In various security findings
16281
17112
  # providers' solutions, this generator can be called a rule, a check,
16282
17113
  # a detector, a plugin, etc.
16283
17114
  # @return [Array<Types::StringFilter>]
@@ -16292,9 +17123,9 @@ module Aws::SecurityHub
16292
17123
  # @return [Array<Types::StringFilter>]
16293
17124
  #
16294
17125
  # @!attribute [rw] first_observed_at
16295
- # An ISO8601-formatted timestamp that indicates when the
16296
- # security-findings provider first observed the potential security
16297
- # issue that a finding captured.
17126
+ # An ISO8601-formatted timestamp that indicates when the security
17127
+ # findings provider first observed the potential security issue that a
17128
+ # finding captured.
16298
17129
  #
16299
17130
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16300
17131
  # value cannot contain spaces, and date and time should be separated
@@ -16307,9 +17138,9 @@ module Aws::SecurityHub
16307
17138
  # @return [Array<Types::DateFilter>]
16308
17139
  #
16309
17140
  # @!attribute [rw] last_observed_at
16310
- # An ISO8601-formatted timestamp that indicates when the
16311
- # security-findings provider most recently observed the potential
16312
- # security issue that a finding captured.
17141
+ # An ISO8601-formatted timestamp that indicates when the security
17142
+ # findings provider most recently observed the potential security
17143
+ # issue that a finding captured.
16313
17144
  #
16314
17145
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16315
17146
  # value cannot contain spaces, and date and time should be separated
@@ -16322,9 +17153,9 @@ module Aws::SecurityHub
16322
17153
  # @return [Array<Types::DateFilter>]
16323
17154
  #
16324
17155
  # @!attribute [rw] created_at
16325
- # An ISO8601-formatted timestamp that indicates when the
16326
- # security-findings provider captured the potential security issue
16327
- # that a finding captured.
17156
+ # An ISO8601-formatted timestamp that indicates when the security
17157
+ # findings provider captured the potential security issue that a
17158
+ # finding captured.
16328
17159
  #
16329
17160
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16330
17161
  # value cannot contain spaces, and date and time should be separated
@@ -16337,8 +17168,8 @@ module Aws::SecurityHub
16337
17168
  # @return [Array<Types::DateFilter>]
16338
17169
  #
16339
17170
  # @!attribute [rw] updated_at
16340
- # An ISO8601-formatted timestamp that indicates when the
16341
- # security-findings provider last updated the finding record.
17171
+ # An ISO8601-formatted timestamp that indicates when the security
17172
+ # findings provider last updated the finding record.
16342
17173
  #
16343
17174
  # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
16344
17175
  # value cannot contain spaces, and date and time should be separated
@@ -16351,7 +17182,7 @@ module Aws::SecurityHub
16351
17182
  # @return [Array<Types::DateFilter>]
16352
17183
  #
16353
17184
  # @!attribute [rw] severity_product
16354
- # The native severity as defined by the security-findings provider's
17185
+ # The native severity as defined by the security findings provider's
16355
17186
  # solution that generated the finding.
16356
17187
  # @return [Array<Types::NumberFilter>]
16357
17188
  #
@@ -16395,12 +17226,12 @@ module Aws::SecurityHub
16395
17226
  # @return [Array<Types::StringFilter>]
16396
17227
  #
16397
17228
  # @!attribute [rw] source_url
16398
- # A URL that links to a page about the current finding in the
16399
- # security-findings provider's solution.
17229
+ # A URL that links to a page about the current finding in the security
17230
+ # findings provider's solution.
16400
17231
  # @return [Array<Types::StringFilter>]
16401
17232
  #
16402
17233
  # @!attribute [rw] product_fields
16403
- # A data type where security-findings providers can include additional
17234
+ # A data type where security findings providers can include additional
16404
17235
  # solution-specific details that aren't part of the defined
16405
17236
  # `AwsSecurityFinding` format.
16406
17237
  # @return [Array<Types::MapFilter>]
@@ -16940,7 +17771,7 @@ module Aws::SecurityHub
16940
17771
  include Aws::Structure
16941
17772
  end
16942
17773
 
16943
- # Identifies a finding to update using `BatchUpdateFindings`.
17774
+ # Identifies which finding to get the finding history for.
16944
17775
  #
16945
17776
  # @!attribute [rw] id
16946
17777
  # The identifier of the finding that was specified by the finding
@@ -17250,6 +18081,142 @@ module Aws::SecurityHub
17250
18081
  include Aws::Structure
17251
18082
  end
17252
18083
 
18084
+ # Provides details about an Step Functions state machine, which is a
18085
+ # workflow consisting of a series of event- driven steps.
18086
+ #
18087
+ # @!attribute [rw] label
18088
+ # A user-defined or an auto-generated string that identifies a `Map`
18089
+ # state. This parameter is present only if the `stateMachineArn`
18090
+ # specified in input is a qualified state machine ARN.
18091
+ # @return [String]
18092
+ #
18093
+ # @!attribute [rw] logging_configuration
18094
+ # Used to set CloudWatch Logs options.
18095
+ # @return [Types::AwsStepFunctionStateMachineLoggingConfigurationDetails]
18096
+ #
18097
+ # @!attribute [rw] name
18098
+ # The name of the state machine.
18099
+ # @return [String]
18100
+ #
18101
+ # @!attribute [rw] role_arn
18102
+ # The Amazon Resource Name (ARN) of the IAM role used when creating
18103
+ # this state machine.
18104
+ # @return [String]
18105
+ #
18106
+ # @!attribute [rw] state_machine_arn
18107
+ # The ARN that identifies the state machine.
18108
+ # @return [String]
18109
+ #
18110
+ # @!attribute [rw] status
18111
+ # The current status of the state machine.
18112
+ # @return [String]
18113
+ #
18114
+ # @!attribute [rw] tracing_configuration
18115
+ # Specifies whether X-Ray tracing is enabled.
18116
+ # @return [Types::AwsStepFunctionStateMachineTracingConfigurationDetails]
18117
+ #
18118
+ # @!attribute [rw] type
18119
+ # The type of the state machine (STANDARD or EXPRESS).
18120
+ # @return [String]
18121
+ #
18122
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsStepFunctionStateMachineDetails AWS API Documentation
18123
+ #
18124
+ class AwsStepFunctionStateMachineDetails < Struct.new(
18125
+ :label,
18126
+ :logging_configuration,
18127
+ :name,
18128
+ :role_arn,
18129
+ :state_machine_arn,
18130
+ :status,
18131
+ :tracing_configuration,
18132
+ :type)
18133
+ SENSITIVE = []
18134
+ include Aws::Structure
18135
+ end
18136
+
18137
+ # An object describing a CloudWatch log group. For more information, see
18138
+ # [ Amazon Web Services::Logs::LogGroup][1] in the *CloudFormation User
18139
+ # Guide*.
18140
+ #
18141
+ #
18142
+ #
18143
+ # [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html
18144
+ #
18145
+ # @!attribute [rw] log_group_arn
18146
+ # The ARN (ends with `:*`) of the CloudWatch Logs log group to which
18147
+ # you want your logs emitted.
18148
+ # @return [String]
18149
+ #
18150
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails AWS API Documentation
18151
+ #
18152
+ class AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails < Struct.new(
18153
+ :log_group_arn)
18154
+ SENSITIVE = []
18155
+ include Aws::Structure
18156
+ end
18157
+
18158
+ # An array of objects that describes where your execution history events
18159
+ # will be logged.
18160
+ #
18161
+ # @!attribute [rw] cloud_watch_logs_log_group
18162
+ # An object describing a CloudWatch Logs log group. For more
18163
+ # information, see [ Amazon Web Services::Logs::LogGroup][1] in the
18164
+ # *CloudFormation User Guide*.
18165
+ #
18166
+ #
18167
+ #
18168
+ # [1]: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html
18169
+ # @return [Types::AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails]
18170
+ #
18171
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails AWS API Documentation
18172
+ #
18173
+ class AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails < Struct.new(
18174
+ :cloud_watch_logs_log_group)
18175
+ SENSITIVE = []
18176
+ include Aws::Structure
18177
+ end
18178
+
18179
+ # The `LoggingConfiguration` data type is used to set CloudWatch Logs
18180
+ # options.
18181
+ #
18182
+ # @!attribute [rw] destinations
18183
+ # An array of objects that describes where your execution history
18184
+ # events will be logged.
18185
+ # @return [Array<Types::AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails>]
18186
+ #
18187
+ # @!attribute [rw] include_execution_data
18188
+ # Determines whether execution data is included in your log. When set
18189
+ # to false, data is excluded.
18190
+ # @return [Boolean]
18191
+ #
18192
+ # @!attribute [rw] level
18193
+ # Defines which category of execution history events are logged.
18194
+ # @return [String]
18195
+ #
18196
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsStepFunctionStateMachineLoggingConfigurationDetails AWS API Documentation
18197
+ #
18198
+ class AwsStepFunctionStateMachineLoggingConfigurationDetails < Struct.new(
18199
+ :destinations,
18200
+ :include_execution_data,
18201
+ :level)
18202
+ SENSITIVE = []
18203
+ include Aws::Structure
18204
+ end
18205
+
18206
+ # Specifies whether X-Ray tracing is enabled.
18207
+ #
18208
+ # @!attribute [rw] enabled
18209
+ # When set to true, X-Ray tracing is enabled.
18210
+ # @return [Boolean]
18211
+ #
18212
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsStepFunctionStateMachineTracingConfigurationDetails AWS API Documentation
18213
+ #
18214
+ class AwsStepFunctionStateMachineTracingConfigurationDetails < Struct.new(
18215
+ :enabled)
18216
+ SENSITIVE = []
18217
+ include Aws::Structure
18218
+ end
18219
+
17253
18220
  # Details about a rate-based rule for global resources. A rate-based
17254
18221
  # rule provides settings to indicate when to allow, block, or count a
17255
18222
  # request. Rate-based rules include the number of requests that arrive
@@ -20066,6 +21033,139 @@ module Aws::SecurityHub
20066
21033
  include Aws::Structure
20067
21034
  end
20068
21035
 
21036
+ # A list of events that changed the specified finding during the
21037
+ # specified time period. Each record represents a single finding change
21038
+ # event.
21039
+ #
21040
+ # @!attribute [rw] finding_identifier
21041
+ # Identifies which finding to get the finding history for.
21042
+ # @return [Types::AwsSecurityFindingIdentifier]
21043
+ #
21044
+ # @!attribute [rw] update_time
21045
+ # An ISO 8601-formatted timestamp that indicates when Security Hub
21046
+ # processed the updated finding record.
21047
+ #
21048
+ # A correctly formatted example is `2020-05-21T20:16:34.724Z`. The
21049
+ # value cannot contain spaces, and date and time should be separated
21050
+ # by `T`. For more information, see [RFC 3339 section 5.6, Internet
21051
+ # Date/Time Format][1].
21052
+ #
21053
+ #
21054
+ #
21055
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
21056
+ # @return [Time]
21057
+ #
21058
+ # @!attribute [rw] finding_created
21059
+ # Identifies whether the event marks the creation of a new finding. A
21060
+ # value of `True` means that the finding is newly created. A value of
21061
+ # `False` means that the finding isn’t newly created.
21062
+ # @return [Boolean]
21063
+ #
21064
+ # @!attribute [rw] update_source
21065
+ # Identifies the source of the event that changed the finding. For
21066
+ # example, an integrated Amazon Web Service or third-party partner
21067
+ # integration may call [ `BatchImportFindings` ][1], or an Security
21068
+ # Hub customer may call [ `BatchUpdateFindings` ][2].
21069
+ #
21070
+ #
21071
+ #
21072
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
21073
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
21074
+ # @return [Types::FindingHistoryUpdateSource]
21075
+ #
21076
+ # @!attribute [rw] updates
21077
+ # An array of objects that provides details about the finding change
21078
+ # event, including the Amazon Web Services Security Finding Format
21079
+ # (ASFF) field that changed, the value of the field before the change,
21080
+ # and the value of the field after the change.
21081
+ # @return [Array<Types::FindingHistoryUpdate>]
21082
+ #
21083
+ # @!attribute [rw] next_token
21084
+ # A token for pagination purposes. Provide this token in the
21085
+ # subsequent request to [ `GetFindingsHistory` ][1] to get up to an
21086
+ # additional 100 results of history for the same finding that you
21087
+ # specified in your initial request.
21088
+ #
21089
+ #
21090
+ #
21091
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsHistory.html
21092
+ # @return [String]
21093
+ #
21094
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryRecord AWS API Documentation
21095
+ #
21096
+ class FindingHistoryRecord < Struct.new(
21097
+ :finding_identifier,
21098
+ :update_time,
21099
+ :finding_created,
21100
+ :update_source,
21101
+ :updates,
21102
+ :next_token)
21103
+ SENSITIVE = []
21104
+ include Aws::Structure
21105
+ end
21106
+
21107
+ # An array of objects that provides details about a change to a finding,
21108
+ # including the Amazon Web Services Security Finding Format (ASFF) field
21109
+ # that changed, the value of the field before the change, and the value
21110
+ # of the field after the change.
21111
+ #
21112
+ # @!attribute [rw] updated_field
21113
+ # The ASFF field that changed during the finding change event.
21114
+ # @return [String]
21115
+ #
21116
+ # @!attribute [rw] old_value
21117
+ # The value of the ASFF field before the finding change event.
21118
+ # @return [String]
21119
+ #
21120
+ # @!attribute [rw] new_value
21121
+ # The value of the ASFF field after the finding change event. To
21122
+ # preserve storage and readability, Security Hub omits this value if [
21123
+ # `FindingHistoryRecord` ][1] exceeds database limits.
21124
+ #
21125
+ #
21126
+ #
21127
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_FindingHistoryRecord.html
21128
+ # @return [String]
21129
+ #
21130
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdate AWS API Documentation
21131
+ #
21132
+ class FindingHistoryUpdate < Struct.new(
21133
+ :updated_field,
21134
+ :old_value,
21135
+ :new_value)
21136
+ SENSITIVE = []
21137
+ include Aws::Structure
21138
+ end
21139
+
21140
+ # Identifies the source of the finding change event.
21141
+ #
21142
+ # @!attribute [rw] type
21143
+ # Describes the type of finding change event, such as a call to [
21144
+ # `BatchImportFindings` ][1] (by an integrated Amazon Web Service or
21145
+ # third party partner integration) or [ `BatchUpdateFindings` ][2] (by
21146
+ # a Security Hub customer).
21147
+ #
21148
+ #
21149
+ #
21150
+ # [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html
21151
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html
21152
+ # @return [String]
21153
+ #
21154
+ # @!attribute [rw] identity
21155
+ # The identity of the source that initiated the finding change event.
21156
+ # For example, the Amazon Resource Name (ARN) of a partner that calls
21157
+ # BatchImportFindings or of a customer that calls BatchUpdateFindings.
21158
+ # @return [String]
21159
+ #
21160
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/FindingHistoryUpdateSource AWS API Documentation
21161
+ #
21162
+ class FindingHistoryUpdateSource < Struct.new(
21163
+ :type,
21164
+ :identity)
21165
+ SENSITIVE = []
21166
+ include Aws::Structure
21167
+ end
21168
+
20069
21169
  # In a `BatchImportFindings` request, finding providers use
20070
21170
  # `FindingProviderFields` to provide and update values for confidence,
20071
21171
  # criticality, related findings, severity, and types.
@@ -20358,6 +21458,108 @@ module Aws::SecurityHub
20358
21458
  include Aws::Structure
20359
21459
  end
20360
21460
 
21461
+ # @!attribute [rw] finding_identifier
21462
+ # Identifies which finding to get the finding history for.
21463
+ # @return [Types::AwsSecurityFindingIdentifier]
21464
+ #
21465
+ # @!attribute [rw] start_time
21466
+ # An ISO 8601-formatted timestamp that indicates the start time of the
21467
+ # requested finding history. A correctly formatted example is
21468
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
21469
+ # date and time should be separated by `T`. For more information, see
21470
+ # [RFC 3339 section 5.6, Internet Date/Time Format][1].
21471
+ #
21472
+ # If you provide values for both `StartTime` and `EndTime`, Security
21473
+ # Hub returns finding history for the specified time period. If you
21474
+ # provide a value for `StartTime` but not for `EndTime`, Security Hub
21475
+ # returns finding history from the `StartTime` to the time at which
21476
+ # the API is called. If you provide a value for `EndTime` but not for
21477
+ # `StartTime`, Security Hub returns finding history from the
21478
+ # [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
21479
+ # provide neither `StartTime` nor `EndTime`, Security Hub returns
21480
+ # finding history from the CreatedAt timestamp of the finding to the
21481
+ # time at which the API is called. In all of these scenarios, the
21482
+ # response is limited to 100 results, and the maximum time period is
21483
+ # limited to 90 days.
21484
+ #
21485
+ #
21486
+ #
21487
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
21488
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
21489
+ # @return [Time]
21490
+ #
21491
+ # @!attribute [rw] end_time
21492
+ # An ISO 8601-formatted timestamp that indicates the end time of the
21493
+ # requested finding history. A correctly formatted example is
21494
+ # `2020-05-21T20:16:34.724Z`. The value cannot contain spaces, and
21495
+ # date and time should be separated by `T`. For more information, see
21496
+ # [RFC 3339 section 5.6, Internet Date/Time Format][1].
21497
+ #
21498
+ # If you provide values for both `StartTime` and `EndTime`, Security
21499
+ # Hub returns finding history for the specified time period. If you
21500
+ # provide a value for `StartTime` but not for `EndTime`, Security Hub
21501
+ # returns finding history from the `StartTime` to the time at which
21502
+ # the API is called. If you provide a value for `EndTime` but not for
21503
+ # `StartTime`, Security Hub returns finding history from the
21504
+ # [CreatedAt][2] timestamp of the finding to the `EndTime`. If you
21505
+ # provide neither `StartTime` nor `EndTime`, Security Hub returns
21506
+ # finding history from the CreatedAt timestamp of the finding to the
21507
+ # time at which the API is called. In all of these scenarios, the
21508
+ # response is limited to 100 results, and the maximum time period is
21509
+ # limited to 90 days.
21510
+ #
21511
+ #
21512
+ #
21513
+ # [1]: https://www.rfc-editor.org/rfc/rfc3339#section-5.6
21514
+ # [2]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt
21515
+ # @return [Time]
21516
+ #
21517
+ # @!attribute [rw] next_token
21518
+ # A token for pagination purposes. Provide `NULL` as the initial
21519
+ # value. In subsequent requests, provide the token included in the
21520
+ # response to get up to an additional 100 results of finding history.
21521
+ # If you don’t provide `NextToken`, Security Hub returns up to 100
21522
+ # results of finding history for each request.
21523
+ # @return [String]
21524
+ #
21525
+ # @!attribute [rw] max_results
21526
+ # The maximum number of results to be returned. If you don’t provide
21527
+ # it, Security Hub returns up to 100 results of finding history.
21528
+ # @return [Integer]
21529
+ #
21530
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryRequest AWS API Documentation
21531
+ #
21532
+ class GetFindingHistoryRequest < Struct.new(
21533
+ :finding_identifier,
21534
+ :start_time,
21535
+ :end_time,
21536
+ :next_token,
21537
+ :max_results)
21538
+ SENSITIVE = []
21539
+ include Aws::Structure
21540
+ end
21541
+
21542
+ # @!attribute [rw] records
21543
+ # A list of events that altered the specified finding during the
21544
+ # specified time period.
21545
+ # @return [Array<Types::FindingHistoryRecord>]
21546
+ #
21547
+ # @!attribute [rw] next_token
21548
+ # A token for pagination purposes. Provide this token in the
21549
+ # subsequent request to `GetFindingsHistory` to get up to an
21550
+ # additional 100 results of history for the same finding that you
21551
+ # specified in your initial request.
21552
+ # @return [String]
21553
+ #
21554
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindingHistoryResponse AWS API Documentation
21555
+ #
21556
+ class GetFindingHistoryResponse < Struct.new(
21557
+ :records,
21558
+ :next_token)
21559
+ SENSITIVE = []
21560
+ include Aws::Structure
21561
+ end
21562
+
20361
21563
  # @!attribute [rw] filters
20362
21564
  # The finding attributes used to define a condition to filter the
20363
21565
  # returned findings.
@@ -22651,6 +23853,37 @@ module Aws::SecurityHub
22651
23853
  # traffic from your subnet or gateway.
22652
23854
  # @return [Types::AwsEc2RouteTableDetails]
22653
23855
  #
23856
+ # @!attribute [rw] aws_amazon_mq_broker
23857
+ # Provides details about AppSync message broker. A message broker
23858
+ # allows software applications and components to communicate using
23859
+ # various programming languages, operating systems, and formal
23860
+ # messaging protocols.
23861
+ # @return [Types::AwsAmazonMqBrokerDetails]
23862
+ #
23863
+ # @!attribute [rw] aws_app_sync_graph_ql_api
23864
+ # Provides details about an AppSync Graph QL API, which lets you query
23865
+ # multiple databases, microservices, and APIs from a single GraphQL
23866
+ # endpoint.
23867
+ # @return [Types::AwsAppSyncGraphQlApiDetails]
23868
+ #
23869
+ # @!attribute [rw] aws_event_schemas_registry
23870
+ # A schema defines the structure of events that are sent to Amazon
23871
+ # EventBridge. Schema registries are containers for schemas. They
23872
+ # collect and organize schemas so that your schemas are in logical
23873
+ # groups.
23874
+ # @return [Types::AwsEventSchemasRegistryDetails]
23875
+ #
23876
+ # @!attribute [rw] aws_guard_duty_detector
23877
+ # Provides details about an Amazon GuardDuty detector. A detector is
23878
+ # an object that represents the GuardDuty service. A detector is
23879
+ # required for GuardDuty to become operational.
23880
+ # @return [Types::AwsGuardDutyDetectorDetails]
23881
+ #
23882
+ # @!attribute [rw] aws_step_function_state_machine
23883
+ # Provides details about an Step Functions state machine, which is a
23884
+ # workflow consisting of a series of event-driven steps.
23885
+ # @return [Types::AwsStepFunctionStateMachineDetails]
23886
+ #
22654
23887
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
22655
23888
  #
22656
23889
  class ResourceDetails < Struct.new(
@@ -22737,7 +23970,12 @@ module Aws::SecurityHub
22737
23970
  :aws_sage_maker_notebook_instance,
22738
23971
  :aws_wafv_2_web_acl,
22739
23972
  :aws_wafv_2_rule_group,
22740
- :aws_ec2_route_table)
23973
+ :aws_ec2_route_table,
23974
+ :aws_amazon_mq_broker,
23975
+ :aws_app_sync_graph_ql_api,
23976
+ :aws_event_schemas_registry,
23977
+ :aws_guard_duty_detector,
23978
+ :aws_step_function_state_machine)
22741
23979
  SENSITIVE = []
22742
23980
  include Aws::Structure
22743
23981
  end