aws-sdk-securityhub 1.89.0 → 1.91.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +436 -436
- data/lib/aws-sdk-securityhub/client_api.rb +57 -0
- data/lib/aws-sdk-securityhub/types.rb +410 -93
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
@@ -449,10 +449,10 @@ module Aws::SecurityHub
|
|
449
449
|
# Specifies whether a rule is the last to be applied with respect to a
|
450
450
|
# finding that matches the rule criteria. This is useful when a
|
451
451
|
# finding matches the criteria for multiple rules, and each rule has
|
452
|
-
# different actions. If
|
453
|
-
# rule
|
454
|
-
#
|
455
|
-
#
|
452
|
+
# different actions. If a rule is terminal, Security Hub applies the
|
453
|
+
# rule action to a finding that matches the rule criteria and doesn't
|
454
|
+
# evaluate other rules for the finding. By default, a rule isn't
|
455
|
+
# terminal.
|
456
456
|
# @return [Boolean]
|
457
457
|
#
|
458
458
|
# @!attribute [rw] criteria
|
@@ -891,10 +891,10 @@ module Aws::SecurityHub
|
|
891
891
|
# Specifies whether a rule is the last to be applied with respect to a
|
892
892
|
# finding that matches the rule criteria. This is useful when a
|
893
893
|
# finding matches the criteria for multiple rules, and each rule has
|
894
|
-
# different actions. If
|
895
|
-
# rule
|
896
|
-
#
|
897
|
-
#
|
894
|
+
# different actions. If a rule is terminal, Security Hub applies the
|
895
|
+
# rule action to a finding that matches the rule criteria and doesn't
|
896
|
+
# evaluate other rules for the finding. By default, a rule isn't
|
897
|
+
# terminal.
|
898
898
|
# @return [Boolean]
|
899
899
|
#
|
900
900
|
# @!attribute [rw] created_at
|
@@ -2195,6 +2195,106 @@ module Aws::SecurityHub
|
|
2195
2195
|
include Aws::Structure
|
2196
2196
|
end
|
2197
2197
|
|
2198
|
+
# The configuration of the workgroup, which includes the location in
|
2199
|
+
# Amazon Simple Storage Service (Amazon S3) where query results are
|
2200
|
+
# stored, the encryption option, if any, used for query results, whether
|
2201
|
+
# Amazon CloudWatch metrics are enabled for the workgroup, and the limit
|
2202
|
+
# for the amount of bytes scanned (cutoff) per query, if it is
|
2203
|
+
# specified.
|
2204
|
+
#
|
2205
|
+
# @!attribute [rw] result_configuration
|
2206
|
+
# The location in Amazon S3 where query and calculation results are
|
2207
|
+
# stored and the encryption option, if any, used for query and
|
2208
|
+
# calculation results. These are known as client-side settings. If
|
2209
|
+
# workgroup settings override client-side settings, then the query
|
2210
|
+
# uses the workgroup settings.
|
2211
|
+
# @return [Types::AwsAthenaWorkGroupConfigurationResultConfigurationDetails]
|
2212
|
+
#
|
2213
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAthenaWorkGroupConfigurationDetails AWS API Documentation
|
2214
|
+
#
|
2215
|
+
class AwsAthenaWorkGroupConfigurationDetails < Struct.new(
|
2216
|
+
:result_configuration)
|
2217
|
+
SENSITIVE = []
|
2218
|
+
include Aws::Structure
|
2219
|
+
end
|
2220
|
+
|
2221
|
+
# The location in Amazon Simple Storage Service (Amazon S3) where query
|
2222
|
+
# and calculation results are stored and the encryption option, if any,
|
2223
|
+
# used for query and calculation results. These are known as client-side
|
2224
|
+
# settings. If workgroup settings override client-side settings, then
|
2225
|
+
# the query uses the workgroup settings.
|
2226
|
+
#
|
2227
|
+
# @!attribute [rw] encryption_configuration
|
2228
|
+
# Specifies the method used to encrypt the user’s data stores in the
|
2229
|
+
# Athena workgroup.
|
2230
|
+
# @return [Types::AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails]
|
2231
|
+
#
|
2232
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAthenaWorkGroupConfigurationResultConfigurationDetails AWS API Documentation
|
2233
|
+
#
|
2234
|
+
class AwsAthenaWorkGroupConfigurationResultConfigurationDetails < Struct.new(
|
2235
|
+
:encryption_configuration)
|
2236
|
+
SENSITIVE = []
|
2237
|
+
include Aws::Structure
|
2238
|
+
end
|
2239
|
+
|
2240
|
+
# Specifies the method used to encrypt the user’s data stores in the
|
2241
|
+
# Athena workgroup.
|
2242
|
+
#
|
2243
|
+
# @!attribute [rw] encryption_option
|
2244
|
+
# Indicates whether Amazon Simple Storage Service (Amazon S3)
|
2245
|
+
# server-side encryption with Amazon S3 managed keys (SSE\_S3),
|
2246
|
+
# server-side encryption with KMS keys (SSE\_KMS), or client-side
|
2247
|
+
# encryption with KMS customer managed keys (CSE\_KMS) is used.
|
2248
|
+
# @return [String]
|
2249
|
+
#
|
2250
|
+
# @!attribute [rw] kms_key
|
2251
|
+
# For `SSE_KMS` and `CSE_KMS`, this is the KMS key Amazon Resource
|
2252
|
+
# Name (ARN) or ID.
|
2253
|
+
# @return [String]
|
2254
|
+
#
|
2255
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails AWS API Documentation
|
2256
|
+
#
|
2257
|
+
class AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails < Struct.new(
|
2258
|
+
:encryption_option,
|
2259
|
+
:kms_key)
|
2260
|
+
SENSITIVE = []
|
2261
|
+
include Aws::Structure
|
2262
|
+
end
|
2263
|
+
|
2264
|
+
# Provides information about an Amazon Athena workgroup.
|
2265
|
+
#
|
2266
|
+
# @!attribute [rw] name
|
2267
|
+
# The workgroup name.
|
2268
|
+
# @return [String]
|
2269
|
+
#
|
2270
|
+
# @!attribute [rw] description
|
2271
|
+
# The workgroup description.
|
2272
|
+
# @return [String]
|
2273
|
+
#
|
2274
|
+
# @!attribute [rw] state
|
2275
|
+
# Whether the workgroup is enabled or disabled.
|
2276
|
+
# @return [String]
|
2277
|
+
#
|
2278
|
+
# @!attribute [rw] configuration
|
2279
|
+
# The configuration of the workgroup, which includes the location in
|
2280
|
+
# Amazon Simple Storage Service (Amazon S3) where query results are
|
2281
|
+
# stored, the encryption option, if any, used for query results,
|
2282
|
+
# whether Amazon CloudWatch metrics are enabled for the workgroup, and
|
2283
|
+
# the limit for the amount of bytes scanned (cutoff) per query, if it
|
2284
|
+
# is specified.
|
2285
|
+
# @return [Types::AwsAthenaWorkGroupConfigurationDetails]
|
2286
|
+
#
|
2287
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsAthenaWorkGroupDetails AWS API Documentation
|
2288
|
+
#
|
2289
|
+
class AwsAthenaWorkGroupDetails < Struct.new(
|
2290
|
+
:name,
|
2291
|
+
:description,
|
2292
|
+
:state,
|
2293
|
+
:configuration)
|
2294
|
+
SENSITIVE = []
|
2295
|
+
include Aws::Structure
|
2296
|
+
end
|
2297
|
+
|
2198
2298
|
# An Availability Zone for the automatic scaling group.
|
2199
2299
|
#
|
2200
2300
|
# @!attribute [rw] value
|
@@ -14129,6 +14229,35 @@ module Aws::SecurityHub
|
|
14129
14229
|
include Aws::Structure
|
14130
14230
|
end
|
14131
14231
|
|
14232
|
+
# Contains the name and values of a manual Amazon Relational Database
|
14233
|
+
# Service (RDS) DB cluster snapshot attribute.
|
14234
|
+
#
|
14235
|
+
# @!attribute [rw] attribute_name
|
14236
|
+
# The name of the manual DB cluster snapshot attribute. The attribute
|
14237
|
+
# named `restore` refers to the list of Amazon Web Services accounts
|
14238
|
+
# that have permission to copy or restore the manual DB cluster
|
14239
|
+
# snapshot.
|
14240
|
+
# @return [String]
|
14241
|
+
#
|
14242
|
+
# @!attribute [rw] attribute_values
|
14243
|
+
# The value(s) for the manual DB cluster snapshot attribute. If the
|
14244
|
+
# `AttributeName` field is set to `restore`, then this element returns
|
14245
|
+
# a list of IDs of the Amazon Web Services accounts that are
|
14246
|
+
# authorized to copy or restore the manual DB cluster snapshot. If a
|
14247
|
+
# value of `all` is in the list, then the manual DB cluster snapshot
|
14248
|
+
# is public and available for any Amazon Web Services account to copy
|
14249
|
+
# or restore.
|
14250
|
+
# @return [Array<String>]
|
14251
|
+
#
|
14252
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute AWS API Documentation
|
14253
|
+
#
|
14254
|
+
class AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute < Struct.new(
|
14255
|
+
:attribute_name,
|
14256
|
+
:attribute_values)
|
14257
|
+
SENSITIVE = []
|
14258
|
+
include Aws::Structure
|
14259
|
+
end
|
14260
|
+
|
14132
14261
|
# Information about an Amazon RDS DB cluster snapshot.
|
14133
14262
|
#
|
14134
14263
|
# @!attribute [rw] availability_zones
|
@@ -14227,6 +14356,11 @@ module Aws::SecurityHub
|
|
14227
14356
|
# Whether mapping of IAM accounts to database accounts is enabled.
|
14228
14357
|
# @return [Boolean]
|
14229
14358
|
#
|
14359
|
+
# @!attribute [rw] db_cluster_snapshot_attributes
|
14360
|
+
# Contains the name and values of a manual DB cluster snapshot
|
14361
|
+
# attribute.
|
14362
|
+
# @return [Array<Types::AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute>]
|
14363
|
+
#
|
14230
14364
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsRdsDbClusterSnapshotDetails AWS API Documentation
|
14231
14365
|
#
|
14232
14366
|
class AwsRdsDbClusterSnapshotDetails < Struct.new(
|
@@ -14247,7 +14381,8 @@ module Aws::SecurityHub
|
|
14247
14381
|
:kms_key_id,
|
14248
14382
|
:db_cluster_identifier,
|
14249
14383
|
:db_cluster_snapshot_identifier,
|
14250
|
-
:iam_database_authentication_enabled
|
14384
|
+
:iam_database_authentication_enabled,
|
14385
|
+
:db_cluster_snapshot_attributes)
|
14251
14386
|
SENSITIVE = []
|
14252
14387
|
include Aws::Structure
|
14253
14388
|
end
|
@@ -17586,6 +17721,15 @@ module Aws::SecurityHub
|
|
17586
17721
|
# Indicates whether the finding is a sample finding.
|
17587
17722
|
# @return [Boolean]
|
17588
17723
|
#
|
17724
|
+
# @!attribute [rw] generator_details
|
17725
|
+
# Provides metadata for the Amazon CodeGuru detector associated with a
|
17726
|
+
# finding. This field pertains to findings that relate to Lambda
|
17727
|
+
# functions. Amazon Inspector identifies policy violations and
|
17728
|
+
# vulnerabilities in Lambda function code based on internal detectors
|
17729
|
+
# developed in collaboration with Amazon CodeGuru. Security Hub
|
17730
|
+
# receives those findings.
|
17731
|
+
# @return [Types::GeneratorDetails]
|
17732
|
+
#
|
17589
17733
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
|
17590
17734
|
#
|
17591
17735
|
class AwsSecurityFinding < Struct.new(
|
@@ -17629,7 +17773,8 @@ module Aws::SecurityHub
|
|
17629
17773
|
:patch_summary,
|
17630
17774
|
:action,
|
17631
17775
|
:finding_provider_fields,
|
17632
|
-
:sample
|
17776
|
+
:sample,
|
17777
|
+
:generator_details)
|
17633
17778
|
SENSITIVE = []
|
17634
17779
|
include Aws::Structure
|
17635
17780
|
end
|
@@ -20527,6 +20672,38 @@ module Aws::SecurityHub
|
|
20527
20672
|
include Aws::Structure
|
20528
20673
|
end
|
20529
20674
|
|
20675
|
+
# Provides details about where a code vulnerability is located in your
|
20676
|
+
# Lambda function.
|
20677
|
+
#
|
20678
|
+
# @!attribute [rw] end_line
|
20679
|
+
# The line number of the last line of code in which the vulnerability
|
20680
|
+
# is located.
|
20681
|
+
# @return [Integer]
|
20682
|
+
#
|
20683
|
+
# @!attribute [rw] file_name
|
20684
|
+
# The name of the file in which the code vulnerability is located.
|
20685
|
+
# @return [String]
|
20686
|
+
#
|
20687
|
+
# @!attribute [rw] file_path
|
20688
|
+
# The file path to the code in which the vulnerability is located.
|
20689
|
+
# @return [String]
|
20690
|
+
#
|
20691
|
+
# @!attribute [rw] start_line
|
20692
|
+
# The line number of the first line of code in which the vulnerability
|
20693
|
+
# is located.
|
20694
|
+
# @return [Integer]
|
20695
|
+
#
|
20696
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CodeVulnerabilitiesFilePath AWS API Documentation
|
20697
|
+
#
|
20698
|
+
class CodeVulnerabilitiesFilePath < Struct.new(
|
20699
|
+
:end_line,
|
20700
|
+
:file_name,
|
20701
|
+
:file_path,
|
20702
|
+
:start_line)
|
20703
|
+
SENSITIVE = []
|
20704
|
+
include Aws::Structure
|
20705
|
+
end
|
20706
|
+
|
20530
20707
|
# Contains finding details that are specific to control-based findings.
|
20531
20708
|
# Only returned for findings generated from controls.
|
20532
20709
|
#
|
@@ -20734,10 +20911,10 @@ module Aws::SecurityHub
|
|
20734
20911
|
# Specifies whether a rule is the last to be applied with respect to a
|
20735
20912
|
# finding that matches the rule criteria. This is useful when a
|
20736
20913
|
# finding matches the criteria for multiple rules, and each rule has
|
20737
|
-
# different actions. If
|
20738
|
-
# rule
|
20739
|
-
#
|
20740
|
-
#
|
20914
|
+
# different actions. If a rule is terminal, Security Hub applies the
|
20915
|
+
# rule action to a finding that matches the rule criteria and doesn't
|
20916
|
+
# evaluate other rules for the finding. By default, a rule isn't
|
20917
|
+
# terminal.
|
20741
20918
|
# @return [Boolean]
|
20742
20919
|
#
|
20743
20920
|
# @!attribute [rw] criteria
|
@@ -22058,6 +22235,37 @@ module Aws::SecurityHub
|
|
22058
22235
|
include Aws::Structure
|
22059
22236
|
end
|
22060
22237
|
|
22238
|
+
# Provides metadata for the Amazon CodeGuru detector associated with a
|
22239
|
+
# finding. This field pertains to findings that relate to Lambda
|
22240
|
+
# functions. Amazon Inspector identifies policy violations and
|
22241
|
+
# vulnerabilities in Lambda function code based on internal detectors
|
22242
|
+
# developed in collaboration with Amazon CodeGuru. Security Hub receives
|
22243
|
+
# those findings.
|
22244
|
+
#
|
22245
|
+
# @!attribute [rw] name
|
22246
|
+
# The name of the detector used to identify the code vulnerability.
|
22247
|
+
# @return [String]
|
22248
|
+
#
|
22249
|
+
# @!attribute [rw] description
|
22250
|
+
# The description of the detector used to identify the code
|
22251
|
+
# vulnerability.
|
22252
|
+
# @return [String]
|
22253
|
+
#
|
22254
|
+
# @!attribute [rw] labels
|
22255
|
+
# An array of tags used to identify the detector associated with the
|
22256
|
+
# finding.
|
22257
|
+
# @return [Array<String>]
|
22258
|
+
#
|
22259
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GeneratorDetails AWS API Documentation
|
22260
|
+
#
|
22261
|
+
class GeneratorDetails < Struct.new(
|
22262
|
+
:name,
|
22263
|
+
:description,
|
22264
|
+
:labels)
|
22265
|
+
SENSITIVE = []
|
22266
|
+
include Aws::Structure
|
22267
|
+
end
|
22268
|
+
|
22061
22269
|
# Provides the latitude and longitude coordinates of a location.
|
22062
22270
|
#
|
22063
22271
|
# @!attribute [rw] lon
|
@@ -23264,8 +23472,9 @@ module Aws::SecurityHub
|
|
23264
23472
|
include Aws::Structure
|
23265
23473
|
end
|
23266
23474
|
|
23267
|
-
# A map filter for
|
23268
|
-
# to check, the value to
|
23475
|
+
# A map filter for filtering Security Hub findings. Each map filter
|
23476
|
+
# provides the field to check for, the value to check for, and the
|
23477
|
+
# comparison operator.
|
23269
23478
|
#
|
23270
23479
|
# @!attribute [rw] key
|
23271
23480
|
# The key of the map filter. For example, for `ResourceTags`, `Key`
|
@@ -23277,31 +23486,69 @@ module Aws::SecurityHub
|
|
23277
23486
|
# The value for the key in the map filter. Filter values are case
|
23278
23487
|
# sensitive. For example, one of the values for a tag called
|
23279
23488
|
# `Department` might be `Security`. If you provide `security` as the
|
23280
|
-
# filter value, then there
|
23489
|
+
# filter value, then there's no match.
|
23281
23490
|
# @return [String]
|
23282
23491
|
#
|
23283
23492
|
# @!attribute [rw] comparison
|
23284
|
-
# The condition to apply to the key value when
|
23285
|
-
# with a map filter.
|
23493
|
+
# The condition to apply to the key value when filtering Security Hub
|
23494
|
+
# findings with a map filter.
|
23286
23495
|
#
|
23287
|
-
# To search for values that
|
23288
|
-
#
|
23289
|
-
# `Department EQUALS Security` matches findings that have the value
|
23290
|
-
# `Security` for the tag `Department`.
|
23496
|
+
# To search for values that have the filter value, use one of the
|
23497
|
+
# following comparison operators:
|
23291
23498
|
#
|
23292
|
-
# To search for values
|
23293
|
-
#
|
23294
|
-
#
|
23295
|
-
#
|
23499
|
+
# * To search for values that include the filter value, use
|
23500
|
+
# `CONTAINS`. For example, for the `ResourceTags` field, the filter
|
23501
|
+
# `Department CONTAINS Security` matches findings that include the
|
23502
|
+
# value `Security` for the `Department` tag. In the same example, a
|
23503
|
+
# finding with a value of `Security team` for the `Department` tag
|
23504
|
+
# is a match.
|
23296
23505
|
#
|
23297
|
-
#
|
23298
|
-
#
|
23506
|
+
# * To search for values that exactly match the filter value, use
|
23507
|
+
# `EQUALS`. For example, for the `ResourceTags` field, the filter
|
23508
|
+
# `Department EQUALS Security` matches findings that have the value
|
23509
|
+
# `Security` for the `Department` tag.
|
23510
|
+
#
|
23511
|
+
# `CONTAINS` and `EQUALS` filters on the same field are joined by
|
23512
|
+
# `OR`. A finding matches if it matches any one of those filters. For
|
23513
|
+
# example, the filters `Department CONTAINS Security OR Department
|
23514
|
+
# CONTAINS Finance` match a finding that includes either `Security`,
|
23515
|
+
# `Finance`, or both values.
|
23516
|
+
#
|
23517
|
+
# To search for values that don't have the filter value, use one of
|
23518
|
+
# the following comparison operators:
|
23519
|
+
#
|
23520
|
+
# * To search for values that exclude the filter value, use
|
23521
|
+
# `NOT_CONTAINS`. For example, for the `ResourceTags` field, the
|
23522
|
+
# filter `Department NOT_CONTAINS Finance` matches findings that
|
23523
|
+
# exclude the value `Finance` for the `Department` tag.
|
23524
|
+
#
|
23525
|
+
# * To search for values other than the filter value, use
|
23526
|
+
# `NOT_EQUALS`. For example, for the `ResourceTags` field, the
|
23527
|
+
# filter `Department NOT_EQUALS Finance` matches findings that don’t
|
23528
|
+
# have the value `Finance` for the `Department` tag.
|
23529
|
+
#
|
23530
|
+
# `NOT_CONTAINS` and `NOT_EQUALS` filters on the same field are joined
|
23531
|
+
# by `AND`. A finding matches only if it matches all of those filters.
|
23532
|
+
# For example, the filters `Department NOT_CONTAINS Security AND
|
23533
|
+
# Department NOT_CONTAINS Finance` match a finding that excludes both
|
23534
|
+
# the `Security` and `Finance` values.
|
23535
|
+
#
|
23536
|
+
# `CONTAINS` filters can only be used with other `CONTAINS` filters.
|
23537
|
+
# `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS`
|
23538
|
+
# filters.
|
23539
|
+
#
|
23540
|
+
# You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter
|
23541
|
+
# on the same field. Similarly, you can’t have both an `EQUALS` filter
|
23542
|
+
# and a `NOT_EQUALS` filter on the same field. Combining filters in
|
23543
|
+
# this way returns an error.
|
23544
|
+
#
|
23545
|
+
# `CONTAINS` and `NOT_CONTAINS` operators can be used only with
|
23546
|
+
# automation rules. For more information, see [Automation rules][1] in
|
23547
|
+
# the *Security Hub User Guide*.
|
23299
23548
|
#
|
23300
|
-
# `NOT_EQUALS` filters on the same field are joined by `AND`. A
|
23301
|
-
# finding matches only if it matches all of those filters.
|
23302
23549
|
#
|
23303
|
-
#
|
23304
|
-
#
|
23550
|
+
#
|
23551
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html
|
23305
23552
|
# @return [String]
|
23306
23553
|
#
|
23307
23554
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/MapFilter AWS API Documentation
|
@@ -24648,6 +24895,12 @@ module Aws::SecurityHub
|
|
24648
24895
|
# workflow consisting of a series of event-driven steps.
|
24649
24896
|
# @return [Types::AwsStepFunctionStateMachineDetails]
|
24650
24897
|
#
|
24898
|
+
# @!attribute [rw] aws_athena_work_group
|
24899
|
+
# Provides information about an Amazon Athena workgroup. A workgroup
|
24900
|
+
# helps you separate users, teams, applications, or workloads. It also
|
24901
|
+
# helps you set limits on data processing and track costs.
|
24902
|
+
# @return [Types::AwsAthenaWorkGroupDetails]
|
24903
|
+
#
|
24651
24904
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
|
24652
24905
|
#
|
24653
24906
|
class ResourceDetails < Struct.new(
|
@@ -24739,7 +24992,8 @@ module Aws::SecurityHub
|
|
24739
24992
|
:aws_app_sync_graph_ql_api,
|
24740
24993
|
:aws_event_schemas_registry,
|
24741
24994
|
:aws_guard_duty_detector,
|
24742
|
-
:aws_step_function_state_machine
|
24995
|
+
:aws_step_function_state_machine,
|
24996
|
+
:aws_athena_work_group)
|
24743
24997
|
SENSITIVE = []
|
24744
24998
|
include Aws::Structure
|
24745
24999
|
end
|
@@ -26189,75 +26443,85 @@ module Aws::SecurityHub
|
|
26189
26443
|
include Aws::Structure
|
26190
26444
|
end
|
26191
26445
|
|
26192
|
-
# A string filter for
|
26446
|
+
# A string filter for filtering Security Hub findings.
|
26193
26447
|
#
|
26194
26448
|
# @!attribute [rw] value
|
26195
26449
|
# The string filter value. Filter values are case sensitive. For
|
26196
26450
|
# example, the product name for control-based findings is `Security
|
26197
|
-
# Hub`. If you provide `security hub` as the filter
|
26198
|
-
#
|
26451
|
+
# Hub`. If you provide `security hub` as the filter value, there's no
|
26452
|
+
# match.
|
26199
26453
|
# @return [String]
|
26200
26454
|
#
|
26201
26455
|
# @!attribute [rw] comparison
|
26202
|
-
# The condition to apply to a string value when
|
26203
|
-
#
|
26204
|
-
# of the following comparison operators:
|
26456
|
+
# The condition to apply to a string value when filtering Security Hub
|
26457
|
+
# findings.
|
26205
26458
|
#
|
26206
|
-
#
|
26207
|
-
#
|
26459
|
+
# To search for values that have the filter value, use one of the
|
26460
|
+
# following comparison operators:
|
26208
26461
|
#
|
26209
|
-
#
|
26210
|
-
#
|
26211
|
-
# `
|
26462
|
+
# * To search for values that include the filter value, use
|
26463
|
+
# `CONTAINS`. For example, the filter `Title CONTAINS CloudFront`
|
26464
|
+
# matches findings that have a `Title` that includes the string
|
26465
|
+
# CloudFront.
|
26212
26466
|
#
|
26213
|
-
# * To search for values that
|
26214
|
-
# `
|
26215
|
-
#
|
26216
|
-
#
|
26217
|
-
# findings that have a resource type that starts with `AwsIam`.
|
26218
|
-
# Findings with a resource type of `AwsIamPolicy`, `AwsIamRole`, or
|
26219
|
-
# `AwsIamUser` would all match.
|
26220
|
-
#
|
26221
|
-
# `EQUALS` and `PREFIX` filters on the same field are joined by `OR`.
|
26222
|
-
# A finding matches if it matches any one of those filters.
|
26223
|
-
#
|
26224
|
-
# To search for values that do not contain the filter criteria value,
|
26225
|
-
# use one of the following comparison operators:
|
26226
|
-
#
|
26227
|
-
# * To search for values that do not exactly match the filter value,
|
26228
|
-
# use `NOT_EQUALS`.
|
26229
|
-
#
|
26230
|
-
# For example, the filter `ResourceType NOT_EQUALS AwsIamPolicy`
|
26231
|
-
# matches findings that have a resource type other than
|
26232
|
-
# `AwsIamPolicy`.
|
26233
|
-
#
|
26234
|
-
# * To search for values that do not start with the filter value, use
|
26235
|
-
# `PREFIX_NOT_EQUALS`.
|
26236
|
-
#
|
26237
|
-
# For example, the filter `ResourceType PREFIX_NOT_EQUALS AwsIam`
|
26238
|
-
# matches findings that have a resource type that does not start
|
26239
|
-
# with `AwsIam`. Findings with a resource type of `AwsIamPolicy`,
|
26240
|
-
# `AwsIamRole`, or `AwsIamUser` would all be excluded from the
|
26241
|
-
# results.
|
26467
|
+
# * To search for values that exactly match the filter value, use
|
26468
|
+
# `EQUALS`. For example, the filter `AwsAccountId EQUALS
|
26469
|
+
# 123456789012` only matches findings that have an account ID of
|
26470
|
+
# `123456789012`.
|
26242
26471
|
#
|
26243
|
-
#
|
26244
|
-
#
|
26472
|
+
# * To search for values that start with the filter value, use
|
26473
|
+
# `PREFIX`. For example, the filter `ResourceRegion PREFIX us`
|
26474
|
+
# matches findings that have a `ResourceRegion` that starts with
|
26475
|
+
# `us`. A `ResourceRegion` that starts with a different value, such
|
26476
|
+
# as `af`, `ap`, or `ca`, doesn't match.
|
26477
|
+
#
|
26478
|
+
# `CONTAINS`, `EQUALS`, and `PREFIX` filters on the same field are
|
26479
|
+
# joined by `OR`. A finding matches if it matches any one of those
|
26480
|
+
# filters. For example, the filters `Title CONTAINS CloudFront OR
|
26481
|
+
# Title CONTAINS CloudWatch` match a finding that includes either
|
26482
|
+
# `CloudFront`, `CloudWatch`, or both strings in the title.
|
26483
|
+
#
|
26484
|
+
# To search for values that don’t have the filter value, use one of
|
26485
|
+
# the following comparison operators:
|
26486
|
+
#
|
26487
|
+
# * To search for values that exclude the filter value, use
|
26488
|
+
# `NOT_CONTAINS`. For example, the filter `Title NOT_CONTAINS
|
26489
|
+
# CloudFront` matches findings that have a `Title` that excludes the
|
26490
|
+
# string CloudFront.
|
26491
|
+
#
|
26492
|
+
# * To search for values other than the filter value, use
|
26493
|
+
# `NOT_EQUALS`. For example, the filter `AwsAccountId NOT_EQUALS
|
26494
|
+
# 123456789012` only matches findings that have an account ID other
|
26495
|
+
# than `123456789012`.
|
26496
|
+
#
|
26497
|
+
# * To search for values that don't start with the filter value, use
|
26498
|
+
# `PREFIX_NOT_EQUALS`. For example, the filter `ResourceRegion
|
26499
|
+
# PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion`
|
26500
|
+
# that starts with a value other than `us`.
|
26501
|
+
#
|
26502
|
+
# `NOT_CONTAINS`, `NOT_EQUALS`, and `PREFIX_NOT_EQUALS` filters on the
|
26503
|
+
# same field are joined by `AND`. A finding matches only if it matches
|
26504
|
+
# all of those filters. For example, the filters `Title NOT_CONTAINS
|
26505
|
+
# CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that
|
26506
|
+
# excludes both `CloudFront` and `CloudWatch` in the title.
|
26507
|
+
#
|
26508
|
+
# You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter
|
26509
|
+
# on the same field. Similarly, you can't provide both an `EQUALS`
|
26510
|
+
# filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same
|
26511
|
+
# field. Combining filters in this way returns an error. `CONTAINS`
|
26512
|
+
# filters can only be used with other `CONTAINS` filters.
|
26513
|
+
# `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS`
|
26245
26514
|
# filters.
|
26246
26515
|
#
|
26247
|
-
# For filters on the same field, you cannot provide both an `EQUALS`
|
26248
|
-
# filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter. Combining
|
26249
|
-
# filters in this way always returns an error, even if the provided
|
26250
|
-
# filter values would return valid results.
|
26251
|
-
#
|
26252
26516
|
# You can combine `PREFIX` filters with `NOT_EQUALS` or
|
26253
26517
|
# `PREFIX_NOT_EQUALS` filters for the same field. Security Hub first
|
26254
|
-
# processes the `PREFIX` filters, then the `NOT_EQUALS` or
|
26518
|
+
# processes the `PREFIX` filters, and then the `NOT_EQUALS` or
|
26255
26519
|
# `PREFIX_NOT_EQUALS` filters.
|
26256
26520
|
#
|
26257
|
-
# For example, for the following
|
26258
|
-
# findings that have resource types that start with either
|
26259
|
-
# `AwsEc2`. It then excludes findings that have a resource
|
26260
|
-
# `AwsIamPolicy` and findings that have a resource type of
|
26521
|
+
# For example, for the following filters, Security Hub first
|
26522
|
+
# identifies findings that have resource types that start with either
|
26523
|
+
# `AwsIam` or `AwsEc2`. It then excludes findings that have a resource
|
26524
|
+
# type of `AwsIamPolicy` and findings that have a resource type of
|
26261
26525
|
# `AwsEc2NetworkInterface`.
|
26262
26526
|
#
|
26263
26527
|
# * `ResourceType PREFIX AwsIam`
|
@@ -26267,6 +26531,14 @@ module Aws::SecurityHub
|
|
26267
26531
|
# * `ResourceType NOT_EQUALS AwsIamPolicy`
|
26268
26532
|
#
|
26269
26533
|
# * `ResourceType NOT_EQUALS AwsEc2NetworkInterface`
|
26534
|
+
#
|
26535
|
+
# `CONTAINS` and `NOT_CONTAINS` operators can be used only with
|
26536
|
+
# automation rules. For more information, see [Automation rules][1] in
|
26537
|
+
# the *Security Hub User Guide*.
|
26538
|
+
#
|
26539
|
+
#
|
26540
|
+
#
|
26541
|
+
# [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html
|
26270
26542
|
# @return [String]
|
26271
26543
|
#
|
26272
26544
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StringFilter AWS API Documentation
|
@@ -26598,10 +26870,10 @@ module Aws::SecurityHub
|
|
26598
26870
|
# Specifies whether a rule is the last to be applied with respect to a
|
26599
26871
|
# finding that matches the rule criteria. This is useful when a
|
26600
26872
|
# finding matches the criteria for multiple rules, and each rule has
|
26601
|
-
# different actions. If
|
26602
|
-
# rule
|
26603
|
-
#
|
26604
|
-
#
|
26873
|
+
# different actions. If a rule is terminal, Security Hub applies the
|
26874
|
+
# rule action to a finding that matches the rule criteria and doesn't
|
26875
|
+
# evaluate other rules for the finding. By default, a rule isn't
|
26876
|
+
# terminal.
|
26605
26877
|
# @return [Boolean]
|
26606
26878
|
#
|
26607
26879
|
# @!attribute [rw] criteria
|
@@ -26994,6 +27266,20 @@ module Aws::SecurityHub
|
|
26994
27266
|
# * `PARTIAL` otherwise
|
26995
27267
|
# @return [String]
|
26996
27268
|
#
|
27269
|
+
# @!attribute [rw] epss_score
|
27270
|
+
# The Exploit Prediction Scoring System (EPSS) score for a finding.
|
27271
|
+
# @return [Float]
|
27272
|
+
#
|
27273
|
+
# @!attribute [rw] exploit_available
|
27274
|
+
# Whether an exploit is available for a finding.
|
27275
|
+
# @return [String]
|
27276
|
+
#
|
27277
|
+
# @!attribute [rw] code_vulnerabilities
|
27278
|
+
# The vulnerabilities found in your Lambda function code. This field
|
27279
|
+
# pertains to findings that Security Hub receives from Amazon
|
27280
|
+
# Inspector.
|
27281
|
+
# @return [Array<Types::VulnerabilityCodeVulnerabilities>]
|
27282
|
+
#
|
26997
27283
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Vulnerability AWS API Documentation
|
26998
27284
|
#
|
26999
27285
|
class Vulnerability < Struct.new(
|
@@ -27003,7 +27289,39 @@ module Aws::SecurityHub
|
|
27003
27289
|
:related_vulnerabilities,
|
27004
27290
|
:vendor,
|
27005
27291
|
:reference_urls,
|
27006
|
-
:fix_available
|
27292
|
+
:fix_available,
|
27293
|
+
:epss_score,
|
27294
|
+
:exploit_available,
|
27295
|
+
:code_vulnerabilities)
|
27296
|
+
SENSITIVE = []
|
27297
|
+
include Aws::Structure
|
27298
|
+
end
|
27299
|
+
|
27300
|
+
# Provides details about the vulnerabilities found in your Lambda
|
27301
|
+
# function code. This field pertains to findings that Security Hub
|
27302
|
+
# receives from Amazon Inspector.
|
27303
|
+
#
|
27304
|
+
# @!attribute [rw] cwes
|
27305
|
+
# The Common Weakness Enumeration (CWE) item associated with the
|
27306
|
+
# detected code vulnerability.
|
27307
|
+
# @return [Array<String>]
|
27308
|
+
#
|
27309
|
+
# @!attribute [rw] file_path
|
27310
|
+
# Provides details about where a code vulnerability is located in your
|
27311
|
+
# Lambda function.
|
27312
|
+
# @return [Types::CodeVulnerabilitiesFilePath]
|
27313
|
+
#
|
27314
|
+
# @!attribute [rw] source_arn
|
27315
|
+
# The Amazon Resource Name (ARN) of the Lambda layer in which the code
|
27316
|
+
# vulnerability is located.
|
27317
|
+
# @return [String]
|
27318
|
+
#
|
27319
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/VulnerabilityCodeVulnerabilities AWS API Documentation
|
27320
|
+
#
|
27321
|
+
class VulnerabilityCodeVulnerabilities < Struct.new(
|
27322
|
+
:cwes,
|
27323
|
+
:file_path,
|
27324
|
+
:source_arn)
|
27007
27325
|
SENSITIVE = []
|
27008
27326
|
include Aws::Structure
|
27009
27327
|
end
|
@@ -27118,8 +27436,7 @@ module Aws::SecurityHub
|
|
27118
27436
|
include Aws::Structure
|
27119
27437
|
end
|
27120
27438
|
|
27121
|
-
# Provides
|
27122
|
-
# finding.
|
27439
|
+
# Provides details about the status of the investigation into a finding.
|
27123
27440
|
#
|
27124
27441
|
# @!attribute [rw] status
|
27125
27442
|
# The status of the investigation into the finding. The workflow
|