aws-sdk-securityhub 1.95.0 → 1.96.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +5 -0
  3. data/VERSION +1 -1
  4. data/lib/aws-sdk-securityhub/client.rb +463 -1
  5. data/lib/aws-sdk-securityhub/client_api.rb +183 -0
  6. data/lib/aws-sdk-securityhub/endpoint_provider.rb +1 -1
  7. data/lib/aws-sdk-securityhub/endpoints.rb +28 -0
  8. data/lib/aws-sdk-securityhub/errors.rb +21 -0
  9. data/lib/aws-sdk-securityhub/plugins/endpoints.rb +4 -0
  10. data/lib/aws-sdk-securityhub/types.rb +582 -16
  11. data/lib/aws-sdk-securityhub.rb +1 -1
  12. metadata +2 -2
data/lib/aws-sdk-securityhub/client.rb CHANGED
@@ -845,10 +845,14 @@ module Aws::SecurityHub
845
845
  # resp.rules[0].criteria.confidence[0].gte #=> Float
846
846
  # resp.rules[0].criteria.confidence[0].lte #=> Float
847
847
  # resp.rules[0].criteria.confidence[0].eq #=> Float
848
+ # resp.rules[0].criteria.confidence[0].gt #=> Float
849
+ # resp.rules[0].criteria.confidence[0].lt #=> Float
848
850
  # resp.rules[0].criteria.criticality #=> Array
849
851
  # resp.rules[0].criteria.criticality[0].gte #=> Float
850
852
  # resp.rules[0].criteria.criticality[0].lte #=> Float
851
853
  # resp.rules[0].criteria.criticality[0].eq #=> Float
854
+ # resp.rules[0].criteria.criticality[0].gt #=> Float
855
+ # resp.rules[0].criteria.criticality[0].lt #=> Float
852
856
  # resp.rules[0].criteria.title #=> Array
853
857
  # resp.rules[0].criteria.title[0].value #=> String
854
858
  # resp.rules[0].criteria.title[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -991,21 +995,41 @@ module Aws::SecurityHub
991
995
  # security_controls: [
992
996
  # {
993
997
  # description: "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.",
998
+ # last_update_reason: "Stayed with default value",
999
+ # parameters: {
1000
+ # "daysToExpiration" => {
1001
+ # value: {
1002
+ # integer: 30,
1003
+ # },
1004
+ # value_type: "DEFAULT",
1005
+ # },
1006
+ # },
994
1007
  # remediation_url: "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation",
995
1008
  # security_control_arn: "arn:aws:securityhub:us-west-2:123456789012:security-control/ACM.1",
996
1009
  # security_control_id: "ACM.1",
997
1010
  # security_control_status: "ENABLED",
998
1011
  # severity_rating: "MEDIUM",
999
1012
  # title: "Imported and ACM-issued certificates should be renewed after a specified time period",
1013
+ # update_status: "UPDATING",
1000
1014
  # },
1001
1015
  # {
1002
1016
  # description: "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.",
1017
+ # last_update_reason: "Updated control parameters to comply with internal requirements",
1018
+ # parameters: {
1019
+ # "loggingLevel" => {
1020
+ # value: {
1021
+ # enum: "ERROR",
1022
+ # },
1023
+ # value_type: "CUSTOM",
1024
+ # },
1025
+ # },
1003
1026
  # remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation",
1004
1027
  # security_control_arn: "arn:aws:securityhub:us-west-2:123456789012:security-control/APIGateway.1",
1005
1028
  # security_control_id: "APIGateway.1",
1006
1029
  # security_control_status: "ENABLED",
1007
1030
  # severity_rating: "MEDIUM",
1008
1031
  # title: "API Gateway REST and WebSocket API execution logging should be enabled",
1032
+ # update_status: "UPDATING",
1009
1033
  # },
1010
1034
  # ],
1011
1035
  # }
@@ -1026,6 +1050,21 @@ module Aws::SecurityHub
1026
1050
  # resp.security_controls[0].remediation_url #=> String
1027
1051
  # resp.security_controls[0].severity_rating #=> String, one of "LOW", "MEDIUM", "HIGH", "CRITICAL"
1028
1052
  # resp.security_controls[0].security_control_status #=> String, one of "ENABLED", "DISABLED"
1053
+ # resp.security_controls[0].update_status #=> String, one of "READY", "UPDATING"
1054
+ # resp.security_controls[0].parameters #=> Hash
1055
+ # resp.security_controls[0].parameters["NonEmptyString"].value_type #=> String, one of "DEFAULT", "CUSTOM"
1056
+ # resp.security_controls[0].parameters["NonEmptyString"].value.integer #=> Integer
1057
+ # resp.security_controls[0].parameters["NonEmptyString"].value.integer_list #=> Array
1058
+ # resp.security_controls[0].parameters["NonEmptyString"].value.integer_list[0] #=> Integer
1059
+ # resp.security_controls[0].parameters["NonEmptyString"].value.double #=> Float
1060
+ # resp.security_controls[0].parameters["NonEmptyString"].value.string #=> String
1061
+ # resp.security_controls[0].parameters["NonEmptyString"].value.string_list #=> Array
1062
+ # resp.security_controls[0].parameters["NonEmptyString"].value.string_list[0] #=> String
1063
+ # resp.security_controls[0].parameters["NonEmptyString"].value.boolean #=> Boolean
1064
+ # resp.security_controls[0].parameters["NonEmptyString"].value.enum #=> String
1065
+ # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list #=> Array
1066
+ # resp.security_controls[0].parameters["NonEmptyString"].value.enum_list[0] #=> String
1067
+ # resp.security_controls[0].last_update_reason #=> String
1029
1068
  # resp.unprocessed_ids #=> Array
1030
1069
  # resp.unprocessed_ids[0].security_control_id #=> String
1031
1070
  # resp.unprocessed_ids[0].error_code #=> String, one of "INVALID_INPUT", "ACCESS_DENIED", "NOT_FOUND", "LIMIT_EXCEEDED"
@@ -1403,6 +1442,8 @@ module Aws::SecurityHub
1403
1442
  # gte: 1.0,
1404
1443
  # lte: 1.0,
1405
1444
  # eq: 1.0,
1445
+ # gt: 1.0,
1446
+ # lt: 1.0,
1406
1447
  # },
1407
1448
  # ],
1408
1449
  # criticality: [
@@ -1410,6 +1451,8 @@ module Aws::SecurityHub
1410
1451
  # gte: 1.0,
1411
1452
  # lte: 1.0,
1412
1453
  # eq: 1.0,
1454
+ # gt: 1.0,
1455
+ # lt: 1.0,
1413
1456
  # },
1414
1457
  # ],
1415
1458
  # title: [
@@ -2192,6 +2235,8 @@ module Aws::SecurityHub
2192
2235
  # gte: 1.0,
2193
2236
  # lte: 1.0,
2194
2237
  # eq: 1.0,
2238
+ # gt: 1.0,
2239
+ # lt: 1.0,
2195
2240
  # },
2196
2241
  # ],
2197
2242
  # criticality: [
@@ -2199,6 +2244,8 @@ module Aws::SecurityHub
2199
2244
  # gte: 1.0,
2200
2245
  # lte: 1.0,
2201
2246
  # eq: 1.0,
2247
+ # gt: 1.0,
2248
+ # lt: 1.0,
2202
2249
  # },
2203
2250
  # ],
2204
2251
  # title: [
@@ -2641,6 +2688,8 @@ module Aws::SecurityHub
2641
2688
  # gte: 1.0,
2642
2689
  # lte: 1.0,
2643
2690
  # eq: 1.0,
2691
+ # gt: 1.0,
2692
+ # lt: 1.0,
2644
2693
  # },
2645
2694
  # ],
2646
2695
  # severity_normalized: [
@@ -2648,6 +2697,8 @@ module Aws::SecurityHub
2648
2697
  # gte: 1.0,
2649
2698
  # lte: 1.0,
2650
2699
  # eq: 1.0,
2700
+ # gt: 1.0,
2701
+ # lt: 1.0,
2651
2702
  # },
2652
2703
  # ],
2653
2704
  # severity_label: [
@@ -2661,6 +2712,8 @@ module Aws::SecurityHub
2661
2712
  # gte: 1.0,
2662
2713
  # lte: 1.0,
2663
2714
  # eq: 1.0,
2715
+ # gt: 1.0,
2716
+ # lt: 1.0,
2664
2717
  # },
2665
2718
  # ],
2666
2719
  # criticality: [
@@ -2668,6 +2721,8 @@ module Aws::SecurityHub
2668
2721
  # gte: 1.0,
2669
2722
  # lte: 1.0,
2670
2723
  # eq: 1.0,
2724
+ # gt: 1.0,
2725
+ # lt: 1.0,
2671
2726
  # },
2672
2727
  # ],
2673
2728
  # title: [
@@ -2771,6 +2826,8 @@ module Aws::SecurityHub
2771
2826
  # gte: 1.0,
2772
2827
  # lte: 1.0,
2773
2828
  # eq: 1.0,
2829
+ # gt: 1.0,
2830
+ # lt: 1.0,
2774
2831
  # },
2775
2832
  # ],
2776
2833
  # network_source_domain: [
@@ -2800,6 +2857,8 @@ module Aws::SecurityHub
2800
2857
  # gte: 1.0,
2801
2858
  # lte: 1.0,
2802
2859
  # eq: 1.0,
2860
+ # gt: 1.0,
2861
+ # lt: 1.0,
2803
2862
  # },
2804
2863
  # ],
2805
2864
  # network_destination_domain: [
@@ -2825,6 +2884,8 @@ module Aws::SecurityHub
2825
2884
  # gte: 1.0,
2826
2885
  # lte: 1.0,
2827
2886
  # eq: 1.0,
2887
+ # gt: 1.0,
2888
+ # lt: 1.0,
2828
2889
  # },
2829
2890
  # ],
2830
2891
  # process_parent_pid: [
@@ -2832,6 +2893,8 @@ module Aws::SecurityHub
2832
2893
  # gte: 1.0,
2833
2894
  # lte: 1.0,
2834
2895
  # eq: 1.0,
2896
+ # gt: 1.0,
2897
+ # lt: 1.0,
2835
2898
  # },
2836
2899
  # ],
2837
2900
  # process_launched_at: [
@@ -3136,6 +3199,8 @@ module Aws::SecurityHub
3136
3199
  # gte: 1.0,
3137
3200
  # lte: 1.0,
3138
3201
  # eq: 1.0,
3202
+ # gt: 1.0,
3203
+ # lt: 1.0,
3139
3204
  # },
3140
3205
  # ],
3141
3206
  # finding_provider_fields_criticality: [
@@ -3143,6 +3208,8 @@ module Aws::SecurityHub
3143
3208
  # gte: 1.0,
3144
3209
  # lte: 1.0,
3145
3210
  # eq: 1.0,
3211
+ # gt: 1.0,
3212
+ # lt: 1.0,
3146
3213
  # },
3147
3214
  # ],
3148
3215
  # finding_provider_fields_related_findings_id: [
@@ -3192,6 +3259,30 @@ module Aws::SecurityHub
3192
3259
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
3193
3260
  # },
3194
3261
  # ],
3262
+ # vulnerabilities_exploit_available: [
3263
+ # {
3264
+ # value: "NonEmptyString",
3265
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
3266
+ # },
3267
+ # ],
3268
+ # vulnerabilities_fix_available: [
3269
+ # {
3270
+ # value: "NonEmptyString",
3271
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
3272
+ # },
3273
+ # ],
3274
+ # compliance_security_control_parameters_name: [
3275
+ # {
3276
+ # value: "NonEmptyString",
3277
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
3278
+ # },
3279
+ # ],
3280
+ # compliance_security_control_parameters_value: [
3281
+ # {
3282
+ # value: "NonEmptyString",
3283
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
3284
+ # },
3285
+ # ],
3195
3286
  # },
3196
3287
  # group_by_attribute: "NonEmptyString", # required
3197
3288
  # })
@@ -5009,6 +5100,8 @@ module Aws::SecurityHub
5009
5100
  # gte: 1.0,
5010
5101
  # lte: 1.0,
5011
5102
  # eq: 1.0,
5103
+ # gt: 1.0,
5104
+ # lt: 1.0,
5012
5105
  # },
5013
5106
  # ],
5014
5107
  # severity_normalized: [
@@ -5016,6 +5109,8 @@ module Aws::SecurityHub
5016
5109
  # gte: 1.0,
5017
5110
  # lte: 1.0,
5018
5111
  # eq: 1.0,
5112
+ # gt: 1.0,
5113
+ # lt: 1.0,
5019
5114
  # },
5020
5115
  # ],
5021
5116
  # severity_label: [
@@ -5029,6 +5124,8 @@ module Aws::SecurityHub
5029
5124
  # gte: 1.0,
5030
5125
  # lte: 1.0,
5031
5126
  # eq: 1.0,
5127
+ # gt: 1.0,
5128
+ # lt: 1.0,
5032
5129
  # },
5033
5130
  # ],
5034
5131
  # criticality: [
@@ -5036,6 +5133,8 @@ module Aws::SecurityHub
5036
5133
  # gte: 1.0,
5037
5134
  # lte: 1.0,
5038
5135
  # eq: 1.0,
5136
+ # gt: 1.0,
5137
+ # lt: 1.0,
5039
5138
  # },
5040
5139
  # ],
5041
5140
  # title: [
@@ -5139,6 +5238,8 @@ module Aws::SecurityHub
5139
5238
  # gte: 1.0,
5140
5239
  # lte: 1.0,
5141
5240
  # eq: 1.0,
5241
+ # gt: 1.0,
5242
+ # lt: 1.0,
5142
5243
  # },
5143
5244
  # ],
5144
5245
  # network_source_domain: [
@@ -5168,6 +5269,8 @@ module Aws::SecurityHub
5168
5269
  # gte: 1.0,
5169
5270
  # lte: 1.0,
5170
5271
  # eq: 1.0,
5272
+ # gt: 1.0,
5273
+ # lt: 1.0,
5171
5274
  # },
5172
5275
  # ],
5173
5276
  # network_destination_domain: [
@@ -5193,6 +5296,8 @@ module Aws::SecurityHub
5193
5296
  # gte: 1.0,
5194
5297
  # lte: 1.0,
5195
5298
  # eq: 1.0,
5299
+ # gt: 1.0,
5300
+ # lt: 1.0,
5196
5301
  # },
5197
5302
  # ],
5198
5303
  # process_parent_pid: [
@@ -5200,6 +5305,8 @@ module Aws::SecurityHub
5200
5305
  # gte: 1.0,
5201
5306
  # lte: 1.0,
5202
5307
  # eq: 1.0,
5308
+ # gt: 1.0,
5309
+ # lt: 1.0,
5203
5310
  # },
5204
5311
  # ],
5205
5312
  # process_launched_at: [
@@ -5504,6 +5611,8 @@ module Aws::SecurityHub
5504
5611
  # gte: 1.0,
5505
5612
  # lte: 1.0,
5506
5613
  # eq: 1.0,
5614
+ # gt: 1.0,
5615
+ # lt: 1.0,
5507
5616
  # },
5508
5617
  # ],
5509
5618
  # finding_provider_fields_criticality: [
@@ -5511,6 +5620,8 @@ module Aws::SecurityHub
5511
5620
  # gte: 1.0,
5512
5621
  # lte: 1.0,
5513
5622
  # eq: 1.0,
5623
+ # gt: 1.0,
5624
+ # lt: 1.0,
5514
5625
  # },
5515
5626
  # ],
5516
5627
  # finding_provider_fields_related_findings_id: [
@@ -5560,6 +5671,30 @@ module Aws::SecurityHub
5560
5671
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
5561
5672
  # },
5562
5673
  # ],
5674
+ # vulnerabilities_exploit_available: [
5675
+ # {
5676
+ # value: "NonEmptyString",
5677
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
5678
+ # },
5679
+ # ],
5680
+ # vulnerabilities_fix_available: [
5681
+ # {
5682
+ # value: "NonEmptyString",
5683
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
5684
+ # },
5685
+ # ],
5686
+ # compliance_security_control_parameters_name: [
5687
+ # {
5688
+ # value: "NonEmptyString",
5689
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
5690
+ # },
5691
+ # ],
5692
+ # compliance_security_control_parameters_value: [
5693
+ # {
5694
+ # value: "NonEmptyString",
5695
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
5696
+ # },
5697
+ # ],
5563
5698
  # },
5564
5699
  # sort_criteria: [
5565
5700
  # {
@@ -5756,10 +5891,14 @@ module Aws::SecurityHub
5756
5891
  # resp.insights[0].filters.severity_product[0].gte #=> Float
5757
5892
  # resp.insights[0].filters.severity_product[0].lte #=> Float
5758
5893
  # resp.insights[0].filters.severity_product[0].eq #=> Float
5894
+ # resp.insights[0].filters.severity_product[0].gt #=> Float
5895
+ # resp.insights[0].filters.severity_product[0].lt #=> Float
5759
5896
  # resp.insights[0].filters.severity_normalized #=> Array
5760
5897
  # resp.insights[0].filters.severity_normalized[0].gte #=> Float
5761
5898
  # resp.insights[0].filters.severity_normalized[0].lte #=> Float
5762
5899
  # resp.insights[0].filters.severity_normalized[0].eq #=> Float
5900
+ # resp.insights[0].filters.severity_normalized[0].gt #=> Float
5901
+ # resp.insights[0].filters.severity_normalized[0].lt #=> Float
5763
5902
  # resp.insights[0].filters.severity_label #=> Array
5764
5903
  # resp.insights[0].filters.severity_label[0].value #=> String
5765
5904
  # resp.insights[0].filters.severity_label[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -5767,10 +5906,14 @@ module Aws::SecurityHub
5767
5906
  # resp.insights[0].filters.confidence[0].gte #=> Float
5768
5907
  # resp.insights[0].filters.confidence[0].lte #=> Float
5769
5908
  # resp.insights[0].filters.confidence[0].eq #=> Float
5909
+ # resp.insights[0].filters.confidence[0].gt #=> Float
5910
+ # resp.insights[0].filters.confidence[0].lt #=> Float
5770
5911
  # resp.insights[0].filters.criticality #=> Array
5771
5912
  # resp.insights[0].filters.criticality[0].gte #=> Float
5772
5913
  # resp.insights[0].filters.criticality[0].lte #=> Float
5773
5914
  # resp.insights[0].filters.criticality[0].eq #=> Float
5915
+ # resp.insights[0].filters.criticality[0].gt #=> Float
5916
+ # resp.insights[0].filters.criticality[0].lt #=> Float
5774
5917
  # resp.insights[0].filters.title #=> Array
5775
5918
  # resp.insights[0].filters.title[0].value #=> String
5776
5919
  # resp.insights[0].filters.title[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -5823,6 +5966,8 @@ module Aws::SecurityHub
5823
5966
  # resp.insights[0].filters.network_source_port[0].gte #=> Float
5824
5967
  # resp.insights[0].filters.network_source_port[0].lte #=> Float
5825
5968
  # resp.insights[0].filters.network_source_port[0].eq #=> Float
5969
+ # resp.insights[0].filters.network_source_port[0].gt #=> Float
5970
+ # resp.insights[0].filters.network_source_port[0].lt #=> Float
5826
5971
  # resp.insights[0].filters.network_source_domain #=> Array
5827
5972
  # resp.insights[0].filters.network_source_domain[0].value #=> String
5828
5973
  # resp.insights[0].filters.network_source_domain[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -5837,6 +5982,8 @@ module Aws::SecurityHub
5837
5982
  # resp.insights[0].filters.network_destination_port[0].gte #=> Float
5838
5983
  # resp.insights[0].filters.network_destination_port[0].lte #=> Float
5839
5984
  # resp.insights[0].filters.network_destination_port[0].eq #=> Float
5985
+ # resp.insights[0].filters.network_destination_port[0].gt #=> Float
5986
+ # resp.insights[0].filters.network_destination_port[0].lt #=> Float
5840
5987
  # resp.insights[0].filters.network_destination_domain #=> Array
5841
5988
  # resp.insights[0].filters.network_destination_domain[0].value #=> String
5842
5989
  # resp.insights[0].filters.network_destination_domain[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -5850,10 +5997,14 @@ module Aws::SecurityHub
5850
5997
  # resp.insights[0].filters.process_pid[0].gte #=> Float
5851
5998
  # resp.insights[0].filters.process_pid[0].lte #=> Float
5852
5999
  # resp.insights[0].filters.process_pid[0].eq #=> Float
6000
+ # resp.insights[0].filters.process_pid[0].gt #=> Float
6001
+ # resp.insights[0].filters.process_pid[0].lt #=> Float
5853
6002
  # resp.insights[0].filters.process_parent_pid #=> Array
5854
6003
  # resp.insights[0].filters.process_parent_pid[0].gte #=> Float
5855
6004
  # resp.insights[0].filters.process_parent_pid[0].lte #=> Float
5856
6005
  # resp.insights[0].filters.process_parent_pid[0].eq #=> Float
6006
+ # resp.insights[0].filters.process_parent_pid[0].gt #=> Float
6007
+ # resp.insights[0].filters.process_parent_pid[0].lt #=> Float
5857
6008
  # resp.insights[0].filters.process_launched_at #=> Array
5858
6009
  # resp.insights[0].filters.process_launched_at[0].start #=> String
5859
6010
  # resp.insights[0].filters.process_launched_at[0].end #=> String
@@ -6006,10 +6157,14 @@ module Aws::SecurityHub
6006
6157
  # resp.insights[0].filters.finding_provider_fields_confidence[0].gte #=> Float
6007
6158
  # resp.insights[0].filters.finding_provider_fields_confidence[0].lte #=> Float
6008
6159
  # resp.insights[0].filters.finding_provider_fields_confidence[0].eq #=> Float
6160
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].gt #=> Float
6161
+ # resp.insights[0].filters.finding_provider_fields_confidence[0].lt #=> Float
6009
6162
  # resp.insights[0].filters.finding_provider_fields_criticality #=> Array
6010
6163
  # resp.insights[0].filters.finding_provider_fields_criticality[0].gte #=> Float
6011
6164
  # resp.insights[0].filters.finding_provider_fields_criticality[0].lte #=> Float
6012
6165
  # resp.insights[0].filters.finding_provider_fields_criticality[0].eq #=> Float
6166
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].gt #=> Float
6167
+ # resp.insights[0].filters.finding_provider_fields_criticality[0].lt #=> Float
6013
6168
  # resp.insights[0].filters.finding_provider_fields_related_findings_id #=> Array
6014
6169
  # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].value #=> String
6015
6170
  # resp.insights[0].filters.finding_provider_fields_related_findings_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
@@ -6033,6 +6188,18 @@ module Aws::SecurityHub
6033
6188
  # resp.insights[0].filters.compliance_associated_standards_id #=> Array
6034
6189
  # resp.insights[0].filters.compliance_associated_standards_id[0].value #=> String
6035
6190
  # resp.insights[0].filters.compliance_associated_standards_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
6191
+ # resp.insights[0].filters.vulnerabilities_exploit_available #=> Array
6192
+ # resp.insights[0].filters.vulnerabilities_exploit_available[0].value #=> String
6193
+ # resp.insights[0].filters.vulnerabilities_exploit_available[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
6194
+ # resp.insights[0].filters.vulnerabilities_fix_available #=> Array
6195
+ # resp.insights[0].filters.vulnerabilities_fix_available[0].value #=> String
6196
+ # resp.insights[0].filters.vulnerabilities_fix_available[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
6197
+ # resp.insights[0].filters.compliance_security_control_parameters_name #=> Array
6198
+ # resp.insights[0].filters.compliance_security_control_parameters_name[0].value #=> String
6199
+ # resp.insights[0].filters.compliance_security_control_parameters_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
6200
+ # resp.insights[0].filters.compliance_security_control_parameters_value #=> Array
6201
+ # resp.insights[0].filters.compliance_security_control_parameters_value[0].value #=> String
6202
+ # resp.insights[0].filters.compliance_security_control_parameters_value[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS", "CONTAINS", "NOT_CONTAINS"
6036
6203
  # resp.insights[0].group_by_attribute #=> String
6037
6204
  # resp.next_token #=> String
6038
6205
  #
@@ -6201,6 +6368,107 @@ module Aws::SecurityHub
6201
6368
  req.send_request(options)
6202
6369
  end
6203
6370
 
6371
+ # Retrieves the definition of a security control. The definition
6372
+ # includes the control title, description, Region availability,
6373
+ # parameter definitions, and other details.
6374
+ #
6375
+ # @option params [required, String] :security_control_id
6376
+ # The ID of the security control to retrieve the definition for. This
6377
+ # field doesn’t accept an Amazon Resource Name (ARN).
6378
+ #
6379
+ # @return [Types::GetSecurityControlDefinitionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
6380
+ #
6381
+ # * {Types::GetSecurityControlDefinitionResponse#security_control_definition #security_control_definition} => Types::SecurityControlDefinition
6382
+ #
6383
+ #
6384
+ # @example Example: To get the definition of a security control.
6385
+ #
6386
+ # # The following example retrieves definition details for the specified security control.
6387
+ #
6388
+ # resp = client.get_security_control_definition({
6389
+ # security_control_id: "EC2.4",
6390
+ # })
6391
+ #
6392
+ # resp.to_h outputs the following:
6393
+ # {
6394
+ # security_control_definition: {
6395
+ # current_region_availability: "AVAILABLE",
6396
+ # description: "This control checks whether an Amazon EC2 instance has been stopped for longer than the allowed number of days. The control fails if an EC2 instance is stopped for longer than the maximum allowed time period. Unless you provide a custom parameter value for the maximum allowed time period, Security Hub uses a default value of 30 days.",
6397
+ # parameter_definitions: {
6398
+ # "AllowedDays" => {
6399
+ # configuration_options: {
6400
+ # integer: {
6401
+ # default_value: 30,
6402
+ # max: 365,
6403
+ # min: 1,
6404
+ # },
6405
+ # },
6406
+ # description: "Number of days the EC2 instance is allowed to be in a stopped state before generating a failed finding",
6407
+ # },
6408
+ # },
6409
+ # remediation_url: "https://docs.aws.amazon.com/console/securityhub/EC2.4/remediation",
6410
+ # security_control_id: "EC2.4",
6411
+ # severity_rating: "MEDIUM",
6412
+ # title: "Stopped Amazon EC2 instances should be removed after a specified time period",
6413
+ # },
6414
+ # }
6415
+ #
6416
+ # @example Request syntax with placeholder values
6417
+ #
6418
+ # resp = client.get_security_control_definition({
6419
+ # security_control_id: "NonEmptyString", # required
6420
+ # })
6421
+ #
6422
+ # @example Response structure
6423
+ #
6424
+ # resp.security_control_definition.security_control_id #=> String
6425
+ # resp.security_control_definition.title #=> String
6426
+ # resp.security_control_definition.description #=> String
6427
+ # resp.security_control_definition.remediation_url #=> String
6428
+ # resp.security_control_definition.severity_rating #=> String, one of "LOW", "MEDIUM", "HIGH", "CRITICAL"
6429
+ # resp.security_control_definition.current_region_availability #=> String, one of "AVAILABLE", "UNAVAILABLE"
6430
+ # resp.security_control_definition.customizable_properties #=> Array
6431
+ # resp.security_control_definition.customizable_properties[0] #=> String, one of "Parameters"
6432
+ # resp.security_control_definition.parameter_definitions #=> Hash
6433
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].description #=> String
6434
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer.default_value #=> Integer
6435
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer.min #=> Integer
6436
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer.max #=> Integer
6437
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer_list.default_value #=> Array
6438
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer_list.default_value[0] #=> Integer
6439
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer_list.min #=> Integer
6440
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer_list.max #=> Integer
6441
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.integer_list.max_items #=> Integer
6442
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.double.default_value #=> Float
6443
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.double.min #=> Float
6444
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.double.max #=> Float
6445
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string.default_value #=> String
6446
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string.re_2_expression #=> String
6447
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string.expression_description #=> String
6448
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string_list.default_value #=> Array
6449
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string_list.default_value[0] #=> String
6450
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string_list.re_2_expression #=> String
6451
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string_list.max_items #=> Integer
6452
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.string_list.expression_description #=> String
6453
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.boolean.default_value #=> Boolean
6454
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum.default_value #=> String
6455
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum.allowed_values #=> Array
6456
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum.allowed_values[0] #=> String
6457
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.default_value #=> Array
6458
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.default_value[0] #=> String
6459
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
6460
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
6461
+ # resp.security_control_definition.parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
6462
+ #
6463
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinition AWS API Documentation
6464
+ #
6465
+ # @overload get_security_control_definition(params = {})
6466
+ # @param [Hash] params ({})
6467
+ def get_security_control_definition(params = {}, options = {})
6468
+ req = build_request(:get_security_control_definition, params)
6469
+ req.send_request(options)
6470
+ end
6471
+
6204
6472
  # Invites other Amazon Web Services accounts to become member accounts
6205
6473
  # for the Security Hub administrator account that the invitation is sent
6206
6474
  # from.
@@ -6742,6 +7010,9 @@ module Aws::SecurityHub
6742
7010
  # security_control_definitions: [
6743
7011
  # {
6744
7012
  # current_region_availability: "AVAILABLE",
7013
+ # customizable_properties: [
7014
+ # "Parameters",
7015
+ # ],
6745
7016
  # description: "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.",
6746
7017
  # remediation_url: "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation",
6747
7018
  # security_control_id: "ACM.1",
@@ -6750,6 +7021,9 @@ module Aws::SecurityHub
6750
7021
  # },
6751
7022
  # {
6752
7023
  # current_region_availability: "AVAILABLE",
7024
+ # customizable_properties: [
7025
+ # "Parameters",
7026
+ # ],
6753
7027
  # description: "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.",
6754
7028
  # remediation_url: "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation",
6755
7029
  # security_control_id: "APIGateway.1",
@@ -6784,6 +7058,38 @@ module Aws::SecurityHub
6784
7058
  # resp.security_control_definitions[0].remediation_url #=> String
6785
7059
  # resp.security_control_definitions[0].severity_rating #=> String, one of "LOW", "MEDIUM", "HIGH", "CRITICAL"
6786
7060
  # resp.security_control_definitions[0].current_region_availability #=> String, one of "AVAILABLE", "UNAVAILABLE"
7061
+ # resp.security_control_definitions[0].customizable_properties #=> Array
7062
+ # resp.security_control_definitions[0].customizable_properties[0] #=> String, one of "Parameters"
7063
+ # resp.security_control_definitions[0].parameter_definitions #=> Hash
7064
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].description #=> String
7065
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer.default_value #=> Integer
7066
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer.min #=> Integer
7067
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer.max #=> Integer
7068
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer_list.default_value #=> Array
7069
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer_list.default_value[0] #=> Integer
7070
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer_list.min #=> Integer
7071
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer_list.max #=> Integer
7072
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.integer_list.max_items #=> Integer
7073
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.double.default_value #=> Float
7074
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.double.min #=> Float
7075
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.double.max #=> Float
7076
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string.default_value #=> String
7077
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string.re_2_expression #=> String
7078
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string.expression_description #=> String
7079
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string_list.default_value #=> Array
7080
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string_list.default_value[0] #=> String
7081
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string_list.re_2_expression #=> String
7082
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string_list.max_items #=> Integer
7083
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.string_list.expression_description #=> String
7084
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.boolean.default_value #=> Boolean
7085
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum.default_value #=> String
7086
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum.allowed_values #=> Array
7087
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum.allowed_values[0] #=> String
7088
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.default_value #=> Array
7089
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.default_value[0] #=> String
7090
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.max_items #=> Integer
7091
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values #=> Array
7092
+ # resp.security_control_definitions[0].parameter_definitions["NonEmptyString"].configuration_options.enum_list.allowed_values[0] #=> String
6787
7093
  # resp.next_token #=> String
6788
7094
  #
6789
7095
  # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListSecurityControlDefinitions AWS API Documentation
@@ -7279,6 +7585,8 @@ module Aws::SecurityHub
7279
7585
  # gte: 1.0,
7280
7586
  # lte: 1.0,
7281
7587
  # eq: 1.0,
7588
+ # gt: 1.0,
7589
+ # lt: 1.0,
7282
7590
  # },
7283
7591
  # ],
7284
7592
  # severity_normalized: [
@@ -7286,6 +7594,8 @@ module Aws::SecurityHub
7286
7594
  # gte: 1.0,
7287
7595
  # lte: 1.0,
7288
7596
  # eq: 1.0,
7597
+ # gt: 1.0,
7598
+ # lt: 1.0,
7289
7599
  # },
7290
7600
  # ],
7291
7601
  # severity_label: [
@@ -7299,6 +7609,8 @@ module Aws::SecurityHub
7299
7609
  # gte: 1.0,
7300
7610
  # lte: 1.0,
7301
7611
  # eq: 1.0,
7612
+ # gt: 1.0,
7613
+ # lt: 1.0,
7302
7614
  # },
7303
7615
  # ],
7304
7616
  # criticality: [
@@ -7306,6 +7618,8 @@ module Aws::SecurityHub
7306
7618
  # gte: 1.0,
7307
7619
  # lte: 1.0,
7308
7620
  # eq: 1.0,
7621
+ # gt: 1.0,
7622
+ # lt: 1.0,
7309
7623
  # },
7310
7624
  # ],
7311
7625
  # title: [
@@ -7409,6 +7723,8 @@ module Aws::SecurityHub
7409
7723
  # gte: 1.0,
7410
7724
  # lte: 1.0,
7411
7725
  # eq: 1.0,
7726
+ # gt: 1.0,
7727
+ # lt: 1.0,
7412
7728
  # },
7413
7729
  # ],
7414
7730
  # network_source_domain: [
@@ -7438,6 +7754,8 @@ module Aws::SecurityHub
7438
7754
  # gte: 1.0,
7439
7755
  # lte: 1.0,
7440
7756
  # eq: 1.0,
7757
+ # gt: 1.0,
7758
+ # lt: 1.0,
7441
7759
  # },
7442
7760
  # ],
7443
7761
  # network_destination_domain: [
@@ -7463,6 +7781,8 @@ module Aws::SecurityHub
7463
7781
  # gte: 1.0,
7464
7782
  # lte: 1.0,
7465
7783
  # eq: 1.0,
7784
+ # gt: 1.0,
7785
+ # lt: 1.0,
7466
7786
  # },
7467
7787
  # ],
7468
7788
  # process_parent_pid: [
@@ -7470,6 +7790,8 @@ module Aws::SecurityHub
7470
7790
  # gte: 1.0,
7471
7791
  # lte: 1.0,
7472
7792
  # eq: 1.0,
7793
+ # gt: 1.0,
7794
+ # lt: 1.0,
7473
7795
  # },
7474
7796
  # ],
7475
7797
  # process_launched_at: [
@@ -7774,6 +8096,8 @@ module Aws::SecurityHub
7774
8096
  # gte: 1.0,
7775
8097
  # lte: 1.0,
7776
8098
  # eq: 1.0,
8099
+ # gt: 1.0,
8100
+ # lt: 1.0,
7777
8101
  # },
7778
8102
  # ],
7779
8103
  # finding_provider_fields_criticality: [
@@ -7781,6 +8105,8 @@ module Aws::SecurityHub
7781
8105
  # gte: 1.0,
7782
8106
  # lte: 1.0,
7783
8107
  # eq: 1.0,
8108
+ # gt: 1.0,
8109
+ # lt: 1.0,
7784
8110
  # },
7785
8111
  # ],
7786
8112
  # finding_provider_fields_related_findings_id: [
@@ -7830,6 +8156,30 @@ module Aws::SecurityHub
7830
8156
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
7831
8157
  # },
7832
8158
  # ],
8159
+ # vulnerabilities_exploit_available: [
8160
+ # {
8161
+ # value: "NonEmptyString",
8162
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8163
+ # },
8164
+ # ],
8165
+ # vulnerabilities_fix_available: [
8166
+ # {
8167
+ # value: "NonEmptyString",
8168
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8169
+ # },
8170
+ # ],
8171
+ # compliance_security_control_parameters_name: [
8172
+ # {
8173
+ # value: "NonEmptyString",
8174
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8175
+ # },
8176
+ # ],
8177
+ # compliance_security_control_parameters_value: [
8178
+ # {
8179
+ # value: "NonEmptyString",
8180
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8181
+ # },
8182
+ # ],
7833
8183
  # },
7834
8184
  # note: {
7835
8185
  # text: "NonEmptyString", # required
@@ -7975,6 +8325,8 @@ module Aws::SecurityHub
7975
8325
  # gte: 1.0,
7976
8326
  # lte: 1.0,
7977
8327
  # eq: 1.0,
8328
+ # gt: 1.0,
8329
+ # lt: 1.0,
7978
8330
  # },
7979
8331
  # ],
7980
8332
  # severity_normalized: [
@@ -7982,6 +8334,8 @@ module Aws::SecurityHub
7982
8334
  # gte: 1.0,
7983
8335
  # lte: 1.0,
7984
8336
  # eq: 1.0,
8337
+ # gt: 1.0,
8338
+ # lt: 1.0,
7985
8339
  # },
7986
8340
  # ],
7987
8341
  # severity_label: [
@@ -7995,6 +8349,8 @@ module Aws::SecurityHub
7995
8349
  # gte: 1.0,
7996
8350
  # lte: 1.0,
7997
8351
  # eq: 1.0,
8352
+ # gt: 1.0,
8353
+ # lt: 1.0,
7998
8354
  # },
7999
8355
  # ],
8000
8356
  # criticality: [
@@ -8002,6 +8358,8 @@ module Aws::SecurityHub
8002
8358
  # gte: 1.0,
8003
8359
  # lte: 1.0,
8004
8360
  # eq: 1.0,
8361
+ # gt: 1.0,
8362
+ # lt: 1.0,
8005
8363
  # },
8006
8364
  # ],
8007
8365
  # title: [
@@ -8105,6 +8463,8 @@ module Aws::SecurityHub
8105
8463
  # gte: 1.0,
8106
8464
  # lte: 1.0,
8107
8465
  # eq: 1.0,
8466
+ # gt: 1.0,
8467
+ # lt: 1.0,
8108
8468
  # },
8109
8469
  # ],
8110
8470
  # network_source_domain: [
@@ -8134,6 +8494,8 @@ module Aws::SecurityHub
8134
8494
  # gte: 1.0,
8135
8495
  # lte: 1.0,
8136
8496
  # eq: 1.0,
8497
+ # gt: 1.0,
8498
+ # lt: 1.0,
8137
8499
  # },
8138
8500
  # ],
8139
8501
  # network_destination_domain: [
@@ -8159,6 +8521,8 @@ module Aws::SecurityHub
8159
8521
  # gte: 1.0,
8160
8522
  # lte: 1.0,
8161
8523
  # eq: 1.0,
8524
+ # gt: 1.0,
8525
+ # lt: 1.0,
8162
8526
  # },
8163
8527
  # ],
8164
8528
  # process_parent_pid: [
@@ -8166,6 +8530,8 @@ module Aws::SecurityHub
8166
8530
  # gte: 1.0,
8167
8531
  # lte: 1.0,
8168
8532
  # eq: 1.0,
8533
+ # gt: 1.0,
8534
+ # lt: 1.0,
8169
8535
  # },
8170
8536
  # ],
8171
8537
  # process_launched_at: [
@@ -8470,6 +8836,8 @@ module Aws::SecurityHub
8470
8836
  # gte: 1.0,
8471
8837
  # lte: 1.0,
8472
8838
  # eq: 1.0,
8839
+ # gt: 1.0,
8840
+ # lt: 1.0,
8473
8841
  # },
8474
8842
  # ],
8475
8843
  # finding_provider_fields_criticality: [
@@ -8477,6 +8845,8 @@ module Aws::SecurityHub
8477
8845
  # gte: 1.0,
8478
8846
  # lte: 1.0,
8479
8847
  # eq: 1.0,
8848
+ # gt: 1.0,
8849
+ # lt: 1.0,
8480
8850
  # },
8481
8851
  # ],
8482
8852
  # finding_provider_fields_related_findings_id: [
@@ -8526,6 +8896,30 @@ module Aws::SecurityHub
8526
8896
  # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8527
8897
  # },
8528
8898
  # ],
8899
+ # vulnerabilities_exploit_available: [
8900
+ # {
8901
+ # value: "NonEmptyString",
8902
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8903
+ # },
8904
+ # ],
8905
+ # vulnerabilities_fix_available: [
8906
+ # {
8907
+ # value: "NonEmptyString",
8908
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8909
+ # },
8910
+ # ],
8911
+ # compliance_security_control_parameters_name: [
8912
+ # {
8913
+ # value: "NonEmptyString",
8914
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8915
+ # },
8916
+ # ],
8917
+ # compliance_security_control_parameters_value: [
8918
+ # {
8919
+ # value: "NonEmptyString",
8920
+ # comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS, CONTAINS, NOT_CONTAINS
8921
+ # },
8922
+ # ],
8529
8923
  # },
8530
8924
  # group_by_attribute: "NonEmptyString",
8531
8925
  # })
@@ -8595,6 +8989,74 @@ module Aws::SecurityHub
8595
8989
  req.send_request(options)
8596
8990
  end
8597
8991
 
8992
+ # Updates the properties of a security control.
8993
+ #
8994
+ # @option params [required, String] :security_control_id
8995
+ # The Amazon Resource Name (ARN) or ID of the control to update.
8996
+ #
8997
+ # @option params [required, Hash<String,Types::ParameterConfiguration>] :parameters
8998
+ # An object that specifies which security control parameters to update.
8999
+ #
9000
+ # @option params [String] :last_update_reason
9001
+ # The most recent reason for updating the properties of the security
9002
+ # control. This field accepts alphanumeric characters in addition to
9003
+ # white spaces, dashes, and underscores.
9004
+ #
9005
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
9006
+ #
9007
+ #
9008
+ # @example Example: To update security control properties
9009
+ #
9010
+ # # The following example updates the specified security control. Specifically, this example updates control parameters.
9011
+ #
9012
+ # resp = client.update_security_control({
9013
+ # last_update_reason: "Comply with internal requirements",
9014
+ # parameters: {
9015
+ # "maxCredentialUsageAge" => {
9016
+ # value: {
9017
+ # integer: 15,
9018
+ # },
9019
+ # value_type: "CUSTOM",
9020
+ # },
9021
+ # },
9022
+ # security_control_id: "ACM.1",
9023
+ # })
9024
+ #
9025
+ # resp.to_h outputs the following:
9026
+ # {
9027
+ # }
9028
+ #
9029
+ # @example Request syntax with placeholder values
9030
+ #
9031
+ # resp = client.update_security_control({
9032
+ # security_control_id: "NonEmptyString", # required
9033
+ # parameters: { # required
9034
+ # "NonEmptyString" => {
9035
+ # value_type: "DEFAULT", # required, accepts DEFAULT, CUSTOM
9036
+ # value: {
9037
+ # integer: 1,
9038
+ # integer_list: [1],
9039
+ # double: 1.0,
9040
+ # string: "NonEmptyString",
9041
+ # string_list: ["NonEmptyString"],
9042
+ # boolean: false,
9043
+ # enum: "NonEmptyString",
9044
+ # enum_list: ["NonEmptyString"],
9045
+ # },
9046
+ # },
9047
+ # },
9048
+ # last_update_reason: "AlphaNumericNonEmptyString",
9049
+ # })
9050
+ #
9051
+ # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityControl AWS API Documentation
9052
+ #
9053
+ # @overload update_security_control(params = {})
9054
+ # @param [Hash] params ({})
9055
+ def update_security_control(params = {}, options = {})
9056
+ req = build_request(:update_security_control, params)
9057
+ req.send_request(options)
9058
+ end
9059
+
8598
9060
  # Updates configuration options for Security Hub.
8599
9061
  #
8600
9062
  # @option params [Boolean] :auto_enable_controls
@@ -8703,7 +9165,7 @@ module Aws::SecurityHub
8703
9165
  params: params,
8704
9166
  config: config)
8705
9167
  context[:gem_name] = 'aws-sdk-securityhub'
8706
- context[:gem_version] = '1.95.0'
9168
+ context[:gem_version] = '1.96.0'
8707
9169
  Seahorse::Client::Request.new(handlers, context)
8708
9170
  end
8709
9171