aws-sdk-securityhub 1.95.0 → 1.96.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +463 -1
- data/lib/aws-sdk-securityhub/client_api.rb +183 -0
- data/lib/aws-sdk-securityhub/endpoint_provider.rb +1 -1
- data/lib/aws-sdk-securityhub/endpoints.rb +28 -0
- data/lib/aws-sdk-securityhub/errors.rb +21 -0
- data/lib/aws-sdk-securityhub/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-securityhub/types.rb +582 -16
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
@@ -4232,7 +4232,7 @@ module Aws::SecurityHub
|
|
4232
4232
|
end
|
4233
4233
|
|
4234
4234
|
# A complex type that describes the Amazon S3 bucket, HTTP server (for
|
4235
|
-
# example, a web server),
|
4235
|
+
# example, a web server), Elemental MediaStore, or other server from
|
4236
4236
|
# which CloudFront gets your files.
|
4237
4237
|
#
|
4238
4238
|
# @!attribute [rw] domain_name
|
@@ -18690,12 +18690,11 @@ module Aws::SecurityHub
|
|
18690
18690
|
include Aws::Structure
|
18691
18691
|
end
|
18692
18692
|
|
18693
|
-
# A collection of
|
18694
|
-
#
|
18695
|
-
# are included in this insight.
|
18693
|
+
# A collection of filters that are applied to all active findings
|
18694
|
+
# aggregated by Security Hub.
|
18696
18695
|
#
|
18697
|
-
# You can filter by up to
|
18698
|
-
# can provide up to 20 filter values.
|
18696
|
+
# You can filter by up to ten finding attributes. For each attribute,
|
18697
|
+
# you can provide up to 20 filter values.
|
18699
18698
|
#
|
18700
18699
|
# @!attribute [rw] product_arn
|
18701
18700
|
# The ARN generated by Security Hub that uniquely identifies a
|
@@ -19273,6 +19272,26 @@ module Aws::SecurityHub
|
|
19273
19272
|
# [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html
|
19274
19273
|
# @return [Array<Types::StringFilter>]
|
19275
19274
|
#
|
19275
|
+
# @!attribute [rw] vulnerabilities_exploit_available
|
19276
|
+
# Indicates whether a software vulnerability in your environment has a
|
19277
|
+
# known exploit. You can filter findings by this field only if you use
|
19278
|
+
# Security Hub and Amazon Inspector.
|
19279
|
+
# @return [Array<Types::StringFilter>]
|
19280
|
+
#
|
19281
|
+
# @!attribute [rw] vulnerabilities_fix_available
|
19282
|
+
# Indicates whether a vulnerability is fixed in a newer version of the
|
19283
|
+
# affected software packages. You can filter findings by this field
|
19284
|
+
# only if you use Security Hub and Amazon Inspector.
|
19285
|
+
# @return [Array<Types::StringFilter>]
|
19286
|
+
#
|
19287
|
+
# @!attribute [rw] compliance_security_control_parameters_name
|
19288
|
+
# The name of a security control parameter.
|
19289
|
+
# @return [Array<Types::StringFilter>]
|
19290
|
+
#
|
19291
|
+
# @!attribute [rw] compliance_security_control_parameters_value
|
19292
|
+
# The current value of a security control parameter.
|
19293
|
+
# @return [Array<Types::StringFilter>]
|
19294
|
+
#
|
19276
19295
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
|
19277
19296
|
#
|
19278
19297
|
class AwsSecurityFindingFilters < Struct.new(
|
@@ -19372,7 +19391,11 @@ module Aws::SecurityHub
|
|
19372
19391
|
:finding_provider_fields_types,
|
19373
19392
|
:sample,
|
19374
19393
|
:compliance_security_control_id,
|
19375
|
-
:compliance_associated_standards_id
|
19394
|
+
:compliance_associated_standards_id,
|
19395
|
+
:vulnerabilities_exploit_available,
|
19396
|
+
:vulnerabilities_fix_available,
|
19397
|
+
:compliance_security_control_parameters_name,
|
19398
|
+
:compliance_security_control_parameters_value)
|
19376
19399
|
SENSITIVE = []
|
19377
19400
|
include Aws::Structure
|
19378
19401
|
end
|
@@ -21431,6 +21454,21 @@ module Aws::SecurityHub
|
|
21431
21454
|
include Aws::Structure
|
21432
21455
|
end
|
21433
21456
|
|
21457
|
+
# The options for customizing a security control parameter with a
|
21458
|
+
# boolean. For a boolean parameter, the options are `true` and `false`.
|
21459
|
+
#
|
21460
|
+
# @!attribute [rw] default_value
|
21461
|
+
# The Security Hub default value for a boolean parameter.
|
21462
|
+
# @return [Boolean]
|
21463
|
+
#
|
21464
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BooleanConfigurationOptions AWS API Documentation
|
21465
|
+
#
|
21466
|
+
class BooleanConfigurationOptions < Struct.new(
|
21467
|
+
:default_value)
|
21468
|
+
SENSITIVE = []
|
21469
|
+
include Aws::Structure
|
21470
|
+
end
|
21471
|
+
|
21434
21472
|
# Boolean filter for querying findings.
|
21435
21473
|
#
|
21436
21474
|
# @!attribute [rw] value
|
@@ -21693,6 +21731,10 @@ module Aws::SecurityHub
|
|
21693
21731
|
# currently enabled.
|
21694
21732
|
# @return [Array<Types::AssociatedStandard>]
|
21695
21733
|
#
|
21734
|
+
# @!attribute [rw] security_control_parameters
|
21735
|
+
# An object that includes security control parameter names and values.
|
21736
|
+
# @return [Array<Types::SecurityControlParameter>]
|
21737
|
+
#
|
21696
21738
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Compliance AWS API Documentation
|
21697
21739
|
#
|
21698
21740
|
class Compliance < Struct.new(
|
@@ -21700,11 +21742,84 @@ module Aws::SecurityHub
|
|
21700
21742
|
:related_requirements,
|
21701
21743
|
:status_reasons,
|
21702
21744
|
:security_control_id,
|
21703
|
-
:associated_standards
|
21745
|
+
:associated_standards,
|
21746
|
+
:security_control_parameters)
|
21704
21747
|
SENSITIVE = []
|
21705
21748
|
include Aws::Structure
|
21706
21749
|
end
|
21707
21750
|
|
21751
|
+
# The options for customizing a security control parameter.
|
21752
|
+
#
|
21753
|
+
# @note ConfigurationOptions is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of ConfigurationOptions corresponding to the set member.
|
21754
|
+
#
|
21755
|
+
# @!attribute [rw] integer
|
21756
|
+
# The options for customizing a security control parameter that is an
|
21757
|
+
# integer.
|
21758
|
+
# @return [Types::IntegerConfigurationOptions]
|
21759
|
+
#
|
21760
|
+
# @!attribute [rw] integer_list
|
21761
|
+
# The options for customizing a security control parameter that is a
|
21762
|
+
# list of integers.
|
21763
|
+
# @return [Types::IntegerListConfigurationOptions]
|
21764
|
+
#
|
21765
|
+
# @!attribute [rw] double
|
21766
|
+
# The options for customizing a security control parameter that is a
|
21767
|
+
# double.
|
21768
|
+
# @return [Types::DoubleConfigurationOptions]
|
21769
|
+
#
|
21770
|
+
# @!attribute [rw] string
|
21771
|
+
# The options for customizing a security control parameter that is a
|
21772
|
+
# string data type.
|
21773
|
+
# @return [Types::StringConfigurationOptions]
|
21774
|
+
#
|
21775
|
+
# @!attribute [rw] string_list
|
21776
|
+
# The options for customizing a security control parameter that is a
|
21777
|
+
# list of strings.
|
21778
|
+
# @return [Types::StringListConfigurationOptions]
|
21779
|
+
#
|
21780
|
+
# @!attribute [rw] boolean
|
21781
|
+
# The options for customizing a security control parameter that is a
|
21782
|
+
# boolean. For a boolean parameter, the options are `true` and
|
21783
|
+
# `false`.
|
21784
|
+
# @return [Types::BooleanConfigurationOptions]
|
21785
|
+
#
|
21786
|
+
# @!attribute [rw] enum
|
21787
|
+
# The options for customizing a security control parameter that is an
|
21788
|
+
# enum.
|
21789
|
+
# @return [Types::EnumConfigurationOptions]
|
21790
|
+
#
|
21791
|
+
# @!attribute [rw] enum_list
|
21792
|
+
# The options for customizing a security control parameter that is a
|
21793
|
+
# list of enums.
|
21794
|
+
# @return [Types::EnumListConfigurationOptions]
|
21795
|
+
#
|
21796
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ConfigurationOptions AWS API Documentation
|
21797
|
+
#
|
21798
|
+
class ConfigurationOptions < Struct.new(
|
21799
|
+
:integer,
|
21800
|
+
:integer_list,
|
21801
|
+
:double,
|
21802
|
+
:string,
|
21803
|
+
:string_list,
|
21804
|
+
:boolean,
|
21805
|
+
:enum,
|
21806
|
+
:enum_list,
|
21807
|
+
:unknown)
|
21808
|
+
SENSITIVE = []
|
21809
|
+
include Aws::Structure
|
21810
|
+
include Aws::Structure::Union
|
21811
|
+
|
21812
|
+
class Integer < ConfigurationOptions; end
|
21813
|
+
class IntegerList < ConfigurationOptions; end
|
21814
|
+
class Double < ConfigurationOptions; end
|
21815
|
+
class String < ConfigurationOptions; end
|
21816
|
+
class StringList < ConfigurationOptions; end
|
21817
|
+
class Boolean < ConfigurationOptions; end
|
21818
|
+
class Enum < ConfigurationOptions; end
|
21819
|
+
class EnumList < ConfigurationOptions; end
|
21820
|
+
class Unknown < ConfigurationOptions; end
|
21821
|
+
end
|
21822
|
+
|
21708
21823
|
# Container details related to a finding.
|
21709
21824
|
#
|
21710
21825
|
# @!attribute [rw] container_runtime
|
@@ -22738,6 +22853,32 @@ module Aws::SecurityHub
|
|
22738
22853
|
include Aws::Structure
|
22739
22854
|
end
|
22740
22855
|
|
22856
|
+
# The options for customizing a security control parameter that is a
|
22857
|
+
# double.
|
22858
|
+
#
|
22859
|
+
# @!attribute [rw] default_value
|
22860
|
+
# The Security Hub default value for a control parameter that is a
|
22861
|
+
# double.
|
22862
|
+
# @return [Float]
|
22863
|
+
#
|
22864
|
+
# @!attribute [rw] min
|
22865
|
+
# The minimum valid value for a control parameter that is a double.
|
22866
|
+
# @return [Float]
|
22867
|
+
#
|
22868
|
+
# @!attribute [rw] max
|
22869
|
+
# The maximum valid value for a control parameter that is a double.
|
22870
|
+
# @return [Float]
|
22871
|
+
#
|
22872
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DoubleConfigurationOptions AWS API Documentation
|
22873
|
+
#
|
22874
|
+
class DoubleConfigurationOptions < Struct.new(
|
22875
|
+
:default_value,
|
22876
|
+
:min,
|
22877
|
+
:max)
|
22878
|
+
SENSITIVE = []
|
22879
|
+
include Aws::Structure
|
22880
|
+
end
|
22881
|
+
|
22741
22882
|
# @!attribute [rw] product_arn
|
22742
22883
|
# The ARN of the product to enable the integration for.
|
22743
22884
|
# @return [String]
|
@@ -22823,6 +22964,54 @@ module Aws::SecurityHub
|
|
22823
22964
|
#
|
22824
22965
|
class EnableSecurityHubResponse < Aws::EmptyStructure; end
|
22825
22966
|
|
22967
|
+
# The options for customizing a security control parameter that is an
|
22968
|
+
# enum.
|
22969
|
+
#
|
22970
|
+
# @!attribute [rw] default_value
|
22971
|
+
# The Security Hub default value for a control parameter that is an
|
22972
|
+
# enum.
|
22973
|
+
# @return [String]
|
22974
|
+
#
|
22975
|
+
# @!attribute [rw] allowed_values
|
22976
|
+
# The valid values for a control parameter that is an enum.
|
22977
|
+
# @return [Array<String>]
|
22978
|
+
#
|
22979
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnumConfigurationOptions AWS API Documentation
|
22980
|
+
#
|
22981
|
+
class EnumConfigurationOptions < Struct.new(
|
22982
|
+
:default_value,
|
22983
|
+
:allowed_values)
|
22984
|
+
SENSITIVE = []
|
22985
|
+
include Aws::Structure
|
22986
|
+
end
|
22987
|
+
|
22988
|
+
# The options for customizing a security control parameter that is a
|
22989
|
+
# list of enums.
|
22990
|
+
#
|
22991
|
+
# @!attribute [rw] default_value
|
22992
|
+
# The Security Hub default value for a control parameter that is a
|
22993
|
+
# list of enums.
|
22994
|
+
# @return [Array<String>]
|
22995
|
+
#
|
22996
|
+
# @!attribute [rw] max_items
|
22997
|
+
# The maximum number of list items that an enum list control parameter
|
22998
|
+
# can accept.
|
22999
|
+
# @return [Integer]
|
23000
|
+
#
|
23001
|
+
# @!attribute [rw] allowed_values
|
23002
|
+
# The valid values for a control parameter that is a list of enums.
|
23003
|
+
# @return [Array<String>]
|
23004
|
+
#
|
23005
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnumListConfigurationOptions AWS API Documentation
|
23006
|
+
#
|
23007
|
+
class EnumListConfigurationOptions < Struct.new(
|
23008
|
+
:default_value,
|
23009
|
+
:max_items,
|
23010
|
+
:allowed_values)
|
23011
|
+
SENSITIVE = []
|
23012
|
+
include Aws::Structure
|
23013
|
+
end
|
23014
|
+
|
22826
23015
|
# Provides information about the file paths that were affected by the
|
22827
23016
|
# threat.
|
22828
23017
|
#
|
@@ -23628,6 +23817,34 @@ module Aws::SecurityHub
|
|
23628
23817
|
include Aws::Structure
|
23629
23818
|
end
|
23630
23819
|
|
23820
|
+
# @!attribute [rw] security_control_id
|
23821
|
+
# The ID of the security control to retrieve the definition for. This
|
23822
|
+
# field doesn’t accept an Amazon Resource Name (ARN).
|
23823
|
+
# @return [String]
|
23824
|
+
#
|
23825
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinitionRequest AWS API Documentation
|
23826
|
+
#
|
23827
|
+
class GetSecurityControlDefinitionRequest < Struct.new(
|
23828
|
+
:security_control_id)
|
23829
|
+
SENSITIVE = []
|
23830
|
+
include Aws::Structure
|
23831
|
+
end
|
23832
|
+
|
23833
|
+
# @!attribute [rw] security_control_definition
|
23834
|
+
# Provides metadata for a security control, including its unique
|
23835
|
+
# standard-agnostic identifier, title, description, severity,
|
23836
|
+
# availability in Amazon Web Services Regions, and a link to
|
23837
|
+
# remediation steps.
|
23838
|
+
# @return [Types::SecurityControlDefinition]
|
23839
|
+
#
|
23840
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinitionResponse AWS API Documentation
|
23841
|
+
#
|
23842
|
+
class GetSecurityControlDefinitionResponse < Struct.new(
|
23843
|
+
:security_control_definition)
|
23844
|
+
SENSITIVE = []
|
23845
|
+
include Aws::Structure
|
23846
|
+
end
|
23847
|
+
|
23631
23848
|
# An Internet Control Message Protocol (ICMP) type and code.
|
23632
23849
|
#
|
23633
23850
|
# @!attribute [rw] code
|
@@ -23760,6 +23977,66 @@ module Aws::SecurityHub
|
|
23760
23977
|
include Aws::Structure
|
23761
23978
|
end
|
23762
23979
|
|
23980
|
+
# The options for customizing a security control parameter that is an
|
23981
|
+
# integer.
|
23982
|
+
#
|
23983
|
+
# @!attribute [rw] default_value
|
23984
|
+
# The Security Hub default value for a control parameter that is an
|
23985
|
+
# integer.
|
23986
|
+
# @return [Integer]
|
23987
|
+
#
|
23988
|
+
# @!attribute [rw] min
|
23989
|
+
# The minimum valid value for a control parameter that is an integer.
|
23990
|
+
# @return [Integer]
|
23991
|
+
#
|
23992
|
+
# @!attribute [rw] max
|
23993
|
+
# The maximum valid value for a control parameter that is an integer.
|
23994
|
+
# @return [Integer]
|
23995
|
+
#
|
23996
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IntegerConfigurationOptions AWS API Documentation
|
23997
|
+
#
|
23998
|
+
class IntegerConfigurationOptions < Struct.new(
|
23999
|
+
:default_value,
|
24000
|
+
:min,
|
24001
|
+
:max)
|
24002
|
+
SENSITIVE = []
|
24003
|
+
include Aws::Structure
|
24004
|
+
end
|
24005
|
+
|
24006
|
+
# The options for customizing a security control parameter that is a
|
24007
|
+
# list of integers.
|
24008
|
+
#
|
24009
|
+
# @!attribute [rw] default_value
|
24010
|
+
# The Security Hub default value for a control parameter that is a
|
24011
|
+
# list of integers.
|
24012
|
+
# @return [Array<Integer>]
|
24013
|
+
#
|
24014
|
+
# @!attribute [rw] min
|
24015
|
+
# The minimum valid value for a control parameter that is a list of
|
24016
|
+
# integers.
|
24017
|
+
# @return [Integer]
|
24018
|
+
#
|
24019
|
+
# @!attribute [rw] max
|
24020
|
+
# The maximum valid value for a control parameter that is a list of
|
24021
|
+
# integers.
|
24022
|
+
# @return [Integer]
|
24023
|
+
#
|
24024
|
+
# @!attribute [rw] max_items
|
24025
|
+
# The maximum number of list items that an interger list control
|
24026
|
+
# parameter can accept.
|
24027
|
+
# @return [Integer]
|
24028
|
+
#
|
24029
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IntegerListConfigurationOptions AWS API Documentation
|
24030
|
+
#
|
24031
|
+
class IntegerListConfigurationOptions < Struct.new(
|
24032
|
+
:default_value,
|
24033
|
+
:min,
|
24034
|
+
:max,
|
24035
|
+
:max_items)
|
24036
|
+
SENSITIVE = []
|
24037
|
+
include Aws::Structure
|
24038
|
+
end
|
24039
|
+
|
23763
24040
|
# Internal server error.
|
23764
24041
|
#
|
23765
24042
|
# @!attribute [rw] message
|
@@ -24838,12 +25115,24 @@ module Aws::SecurityHub
|
|
24838
25115
|
# for findings.
|
24839
25116
|
# @return [Float]
|
24840
25117
|
#
|
25118
|
+
# @!attribute [rw] gt
|
25119
|
+
# The greater-than condition to be applied to a single field when
|
25120
|
+
# querying for findings.
|
25121
|
+
# @return [Float]
|
25122
|
+
#
|
25123
|
+
# @!attribute [rw] lt
|
25124
|
+
# The less-than condition to be applied to a single field when
|
25125
|
+
# querying for findings.
|
25126
|
+
# @return [Float]
|
25127
|
+
#
|
24841
25128
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NumberFilter AWS API Documentation
|
24842
25129
|
#
|
24843
25130
|
class NumberFilter < Struct.new(
|
24844
25131
|
:gte,
|
24845
25132
|
:lte,
|
24846
|
-
:eq
|
25133
|
+
:eq,
|
25134
|
+
:gt,
|
25135
|
+
:lt)
|
24847
25136
|
SENSITIVE = []
|
24848
25137
|
include Aws::Structure
|
24849
25138
|
end
|
@@ -24915,6 +25204,114 @@ module Aws::SecurityHub
|
|
24915
25204
|
include Aws::Structure
|
24916
25205
|
end
|
24917
25206
|
|
25207
|
+
# An object that provides the current value of a security control
|
25208
|
+
# parameter and identifies whether it has been customized.
|
25209
|
+
#
|
25210
|
+
# @!attribute [rw] value_type
|
25211
|
+
# Identifies whether a control parameter uses a custom user-defined
|
25212
|
+
# value or the Security Hub default value.
|
25213
|
+
# @return [String]
|
25214
|
+
#
|
25215
|
+
# @!attribute [rw] value
|
25216
|
+
# The current value of a control parameter.
|
25217
|
+
# @return [Types::ParameterValue]
|
25218
|
+
#
|
25219
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterConfiguration AWS API Documentation
|
25220
|
+
#
|
25221
|
+
class ParameterConfiguration < Struct.new(
|
25222
|
+
:value_type,
|
25223
|
+
:value)
|
25224
|
+
SENSITIVE = []
|
25225
|
+
include Aws::Structure
|
25226
|
+
end
|
25227
|
+
|
25228
|
+
# An object that describes a security control parameter and the options
|
25229
|
+
# for customizing it.
|
25230
|
+
#
|
25231
|
+
# @!attribute [rw] description
|
25232
|
+
# Description of a control parameter.
|
25233
|
+
# @return [String]
|
25234
|
+
#
|
25235
|
+
# @!attribute [rw] configuration_options
|
25236
|
+
# The options for customizing a control parameter. Customization
|
25237
|
+
# options vary based on the data type of the parameter.
|
25238
|
+
# @return [Types::ConfigurationOptions]
|
25239
|
+
#
|
25240
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterDefinition AWS API Documentation
|
25241
|
+
#
|
25242
|
+
class ParameterDefinition < Struct.new(
|
25243
|
+
:description,
|
25244
|
+
:configuration_options)
|
25245
|
+
SENSITIVE = []
|
25246
|
+
include Aws::Structure
|
25247
|
+
end
|
25248
|
+
|
25249
|
+
# An object that includes the data type of a security control parameter
|
25250
|
+
# and its current value.
|
25251
|
+
#
|
25252
|
+
# @note ParameterValue is a union - when making an API calls you must set exactly one of the members.
|
25253
|
+
#
|
25254
|
+
# @note ParameterValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of ParameterValue corresponding to the set member.
|
25255
|
+
#
|
25256
|
+
# @!attribute [rw] integer
|
25257
|
+
# A control parameter that is an integer.
|
25258
|
+
# @return [Integer]
|
25259
|
+
#
|
25260
|
+
# @!attribute [rw] integer_list
|
25261
|
+
# A control parameter that is a list of integers.
|
25262
|
+
# @return [Array<Integer>]
|
25263
|
+
#
|
25264
|
+
# @!attribute [rw] double
|
25265
|
+
# A control parameter that is a double.
|
25266
|
+
# @return [Float]
|
25267
|
+
#
|
25268
|
+
# @!attribute [rw] string
|
25269
|
+
# A control parameter that is a string.
|
25270
|
+
# @return [String]
|
25271
|
+
#
|
25272
|
+
# @!attribute [rw] string_list
|
25273
|
+
# A control parameter that is a list of strings.
|
25274
|
+
# @return [Array<String>]
|
25275
|
+
#
|
25276
|
+
# @!attribute [rw] boolean
|
25277
|
+
# A control parameter that is a boolean.
|
25278
|
+
# @return [Boolean]
|
25279
|
+
#
|
25280
|
+
# @!attribute [rw] enum
|
25281
|
+
# A control parameter that is an enum.
|
25282
|
+
# @return [String]
|
25283
|
+
#
|
25284
|
+
# @!attribute [rw] enum_list
|
25285
|
+
# A control parameter that is a list of enums.
|
25286
|
+
# @return [Array<String>]
|
25287
|
+
#
|
25288
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterValue AWS API Documentation
|
25289
|
+
#
|
25290
|
+
class ParameterValue < Struct.new(
|
25291
|
+
:integer,
|
25292
|
+
:integer_list,
|
25293
|
+
:double,
|
25294
|
+
:string,
|
25295
|
+
:string_list,
|
25296
|
+
:boolean,
|
25297
|
+
:enum,
|
25298
|
+
:enum_list,
|
25299
|
+
:unknown)
|
25300
|
+
SENSITIVE = []
|
25301
|
+
include Aws::Structure
|
25302
|
+
include Aws::Structure::Union
|
25303
|
+
|
25304
|
+
class Integer < ParameterValue; end
|
25305
|
+
class IntegerList < ParameterValue; end
|
25306
|
+
class Double < ParameterValue; end
|
25307
|
+
class String < ParameterValue; end
|
25308
|
+
class StringList < ParameterValue; end
|
25309
|
+
class Boolean < ParameterValue; end
|
25310
|
+
class Enum < ParameterValue; end
|
25311
|
+
class EnumList < ParameterValue; end
|
25312
|
+
class Unknown < ParameterValue; end
|
25313
|
+
end
|
25314
|
+
|
24918
25315
|
# Provides an overview of the patch compliance status for an instance
|
24919
25316
|
# against a selected compliance standard.
|
24920
25317
|
#
|
@@ -25985,6 +26382,25 @@ module Aws::SecurityHub
|
|
25985
26382
|
include Aws::Structure
|
25986
26383
|
end
|
25987
26384
|
|
26385
|
+
# The request was rejected because it conflicts with the resource's
|
26386
|
+
# availability. For example, you tried to update a security control
|
26387
|
+
# that's currently in the `UPDATING` state.
|
26388
|
+
#
|
26389
|
+
# @!attribute [rw] message
|
26390
|
+
# @return [String]
|
26391
|
+
#
|
26392
|
+
# @!attribute [rw] code
|
26393
|
+
# @return [String]
|
26394
|
+
#
|
26395
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceInUseException AWS API Documentation
|
26396
|
+
#
|
26397
|
+
class ResourceInUseException < Struct.new(
|
26398
|
+
:message,
|
26399
|
+
:code)
|
26400
|
+
SENSITIVE = []
|
26401
|
+
include Aws::Structure
|
26402
|
+
end
|
26403
|
+
|
25988
26404
|
# The request was rejected because we can't find the specified
|
25989
26405
|
# resource.
|
25990
26406
|
#
|
@@ -26598,6 +27014,32 @@ module Aws::SecurityHub
|
|
26598
27014
|
# The enablement status of a security control in a specific standard.
|
26599
27015
|
# @return [String]
|
26600
27016
|
#
|
27017
|
+
# @!attribute [rw] update_status
|
27018
|
+
# Identifies whether customizable properties of a security control are
|
27019
|
+
# reflected in Security Hub findings. A status of `READY` indicates
|
27020
|
+
# findings include the current parameter values. A status of
|
27021
|
+
# `UPDATING` indicates that all findings may not include the current
|
27022
|
+
# parameter values.
|
27023
|
+
# @return [String]
|
27024
|
+
#
|
27025
|
+
# @!attribute [rw] parameters
|
27026
|
+
# An object that identifies the name of a control parameter, its
|
27027
|
+
# current value, and whether it has been customized.
|
27028
|
+
# @return [Hash<String,Types::ParameterConfiguration>]
|
27029
|
+
#
|
27030
|
+
# @!attribute [rw] last_update_reason
|
27031
|
+
# The most recent reason for updating the customizable properties of a
|
27032
|
+
# security control. This differs from the `UpdateReason` field of the
|
27033
|
+
# [ `BatchUpdateStandardsControlAssociations` ][1] API, which tracks
|
27034
|
+
# the reason for updating the enablement status of a control. This
|
27035
|
+
# field accepts alphanumeric characters in addition to white spaces,
|
27036
|
+
# dashes, and underscores.
|
27037
|
+
#
|
27038
|
+
#
|
27039
|
+
#
|
27040
|
+
# [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html
|
27041
|
+
# @return [String]
|
27042
|
+
#
|
26601
27043
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControl AWS API Documentation
|
26602
27044
|
#
|
26603
27045
|
class SecurityControl < Struct.new(
|
@@ -26607,7 +27049,10 @@ module Aws::SecurityHub
|
|
26607
27049
|
:description,
|
26608
27050
|
:remediation_url,
|
26609
27051
|
:severity_rating,
|
26610
|
-
:security_control_status
|
27052
|
+
:security_control_status,
|
27053
|
+
:update_status,
|
27054
|
+
:parameters,
|
27055
|
+
:last_update_reason)
|
26611
27056
|
SENSITIVE = []
|
26612
27057
|
include Aws::Structure
|
26613
27058
|
end
|
@@ -26658,6 +27103,18 @@ module Aws::SecurityHub
|
|
26658
27103
|
# Amazon Web Services Region.
|
26659
27104
|
# @return [String]
|
26660
27105
|
#
|
27106
|
+
# @!attribute [rw] customizable_properties
|
27107
|
+
# Security control properties that you can customize. Currently, only
|
27108
|
+
# parameter customization is supported for select controls. An empty
|
27109
|
+
# array is returned for controls that don’t support custom properties.
|
27110
|
+
# @return [Array<String>]
|
27111
|
+
#
|
27112
|
+
# @!attribute [rw] parameter_definitions
|
27113
|
+
# An object that provides a security control parameter name,
|
27114
|
+
# description, and the options for customizing it. This object is
|
27115
|
+
# excluded for a control that doesn't support custom parameters.
|
27116
|
+
# @return [Hash<String,Types::ParameterDefinition>]
|
27117
|
+
#
|
26661
27118
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControlDefinition AWS API Documentation
|
26662
27119
|
#
|
26663
27120
|
class SecurityControlDefinition < Struct.new(
|
@@ -26666,7 +27123,28 @@ module Aws::SecurityHub
|
|
26666
27123
|
:description,
|
26667
27124
|
:remediation_url,
|
26668
27125
|
:severity_rating,
|
26669
|
-
:current_region_availability
|
27126
|
+
:current_region_availability,
|
27127
|
+
:customizable_properties,
|
27128
|
+
:parameter_definitions)
|
27129
|
+
SENSITIVE = []
|
27130
|
+
include Aws::Structure
|
27131
|
+
end
|
27132
|
+
|
27133
|
+
# A parameter that a security control accepts.
|
27134
|
+
#
|
27135
|
+
# @!attribute [rw] name
|
27136
|
+
# The name of a
|
27137
|
+
# @return [String]
|
27138
|
+
#
|
27139
|
+
# @!attribute [rw] value
|
27140
|
+
# The current value of a control parameter.
|
27141
|
+
# @return [Array<String>]
|
27142
|
+
#
|
27143
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControlParameter AWS API Documentation
|
27144
|
+
#
|
27145
|
+
class SecurityControlParameter < Struct.new(
|
27146
|
+
:name,
|
27147
|
+
:value)
|
26670
27148
|
SENSITIVE = []
|
26671
27149
|
include Aws::Structure
|
26672
27150
|
end
|
@@ -26737,8 +27215,8 @@ module Aws::SecurityHub
|
|
26737
27215
|
# attribute.
|
26738
27216
|
#
|
26739
27217
|
# @!attribute [rw] product
|
26740
|
-
# Deprecated. This attribute
|
26741
|
-
# `Product`, provide `Original`.
|
27218
|
+
# Deprecated. This attribute isn't included in findings. Instead of
|
27219
|
+
# providing `Product`, provide `Original`.
|
26742
27220
|
#
|
26743
27221
|
# The native severity as defined by the Amazon Web Services service or
|
26744
27222
|
# integrated partner product that generated the finding.
|
@@ -26774,9 +27252,8 @@ module Aws::SecurityHub
|
|
26774
27252
|
# @return [String]
|
26775
27253
|
#
|
26776
27254
|
# @!attribute [rw] normalized
|
26777
|
-
# Deprecated. The normalized severity of a finding.
|
26778
|
-
#
|
26779
|
-
# `Label`.
|
27255
|
+
# Deprecated. The normalized severity of a finding. Instead of
|
27256
|
+
# providing `Normalized`, provide `Label`.
|
26780
27257
|
#
|
26781
27258
|
# If you provide `Label` and do not provide `Normalized`, then
|
26782
27259
|
# `Normalized` is set automatically as follows.
|
@@ -27430,6 +27907,33 @@ module Aws::SecurityHub
|
|
27430
27907
|
include Aws::Structure
|
27431
27908
|
end
|
27432
27909
|
|
27910
|
+
# The options for customizing a security control parameter that is a
|
27911
|
+
# string.
|
27912
|
+
#
|
27913
|
+
# @!attribute [rw] default_value
|
27914
|
+
# The Security Hub default value for a control parameter that is a
|
27915
|
+
# string.
|
27916
|
+
# @return [String]
|
27917
|
+
#
|
27918
|
+
# @!attribute [rw] re_2_expression
|
27919
|
+
# An RE2 regular expression that Security Hub uses to validate a
|
27920
|
+
# user-provided control parameter string.
|
27921
|
+
# @return [String]
|
27922
|
+
#
|
27923
|
+
# @!attribute [rw] expression_description
|
27924
|
+
# The description of the RE2 regular expression.
|
27925
|
+
# @return [String]
|
27926
|
+
#
|
27927
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StringConfigurationOptions AWS API Documentation
|
27928
|
+
#
|
27929
|
+
class StringConfigurationOptions < Struct.new(
|
27930
|
+
:default_value,
|
27931
|
+
:re_2_expression,
|
27932
|
+
:expression_description)
|
27933
|
+
SENSITIVE = []
|
27934
|
+
include Aws::Structure
|
27935
|
+
end
|
27936
|
+
|
27433
27937
|
# A string filter for filtering Security Hub findings.
|
27434
27938
|
#
|
27435
27939
|
# @!attribute [rw] value
|
@@ -27537,6 +28041,39 @@ module Aws::SecurityHub
|
|
27537
28041
|
include Aws::Structure
|
27538
28042
|
end
|
27539
28043
|
|
28044
|
+
# The options for customizing a security control parameter that is a
|
28045
|
+
# list of strings.
|
28046
|
+
#
|
28047
|
+
# @!attribute [rw] default_value
|
28048
|
+
# The Security Hub default value for a control parameter that is a
|
28049
|
+
# list of strings.
|
28050
|
+
# @return [Array<String>]
|
28051
|
+
#
|
28052
|
+
# @!attribute [rw] re_2_expression
|
28053
|
+
# An RE2 regular expression that Security Hub uses to validate a
|
28054
|
+
# user-provided list of strings for a control parameter.
|
28055
|
+
# @return [String]
|
28056
|
+
#
|
28057
|
+
# @!attribute [rw] max_items
|
28058
|
+
# The maximum number of list items that a string list control
|
28059
|
+
# parameter can accept.
|
28060
|
+
# @return [Integer]
|
28061
|
+
#
|
28062
|
+
# @!attribute [rw] expression_description
|
28063
|
+
# The description of the RE2 regular expression.
|
28064
|
+
# @return [String]
|
28065
|
+
#
|
28066
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StringListConfigurationOptions AWS API Documentation
|
28067
|
+
#
|
28068
|
+
class StringListConfigurationOptions < Struct.new(
|
28069
|
+
:default_value,
|
28070
|
+
:re_2_expression,
|
28071
|
+
:max_items,
|
28072
|
+
:expression_description)
|
28073
|
+
SENSITIVE = []
|
28074
|
+
include Aws::Structure
|
28075
|
+
end
|
28076
|
+
|
27540
28077
|
# @!attribute [rw] resource_arn
|
27541
28078
|
# The ARN of the resource to apply the tags to.
|
27542
28079
|
# @return [String]
|
@@ -28069,6 +28606,35 @@ module Aws::SecurityHub
|
|
28069
28606
|
#
|
28070
28607
|
class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
|
28071
28608
|
|
28609
|
+
# @!attribute [rw] security_control_id
|
28610
|
+
# The Amazon Resource Name (ARN) or ID of the control to update.
|
28611
|
+
# @return [String]
|
28612
|
+
#
|
28613
|
+
# @!attribute [rw] parameters
|
28614
|
+
# An object that specifies which security control parameters to
|
28615
|
+
# update.
|
28616
|
+
# @return [Hash<String,Types::ParameterConfiguration>]
|
28617
|
+
#
|
28618
|
+
# @!attribute [rw] last_update_reason
|
28619
|
+
# The most recent reason for updating the properties of the security
|
28620
|
+
# control. This field accepts alphanumeric characters in addition to
|
28621
|
+
# white spaces, dashes, and underscores.
|
28622
|
+
# @return [String]
|
28623
|
+
#
|
28624
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityControlRequest AWS API Documentation
|
28625
|
+
#
|
28626
|
+
class UpdateSecurityControlRequest < Struct.new(
|
28627
|
+
:security_control_id,
|
28628
|
+
:parameters,
|
28629
|
+
:last_update_reason)
|
28630
|
+
SENSITIVE = []
|
28631
|
+
include Aws::Structure
|
28632
|
+
end
|
28633
|
+
|
28634
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityControlResponse AWS API Documentation
|
28635
|
+
#
|
28636
|
+
class UpdateSecurityControlResponse < Aws::EmptyStructure; end
|
28637
|
+
|
28072
28638
|
# @!attribute [rw] auto_enable_controls
|
28073
28639
|
# Whether to automatically enable new controls when they are added to
|
28074
28640
|
# standards that are enabled.
|