aws-sdk-securityhub 1.95.0 → 1.96.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub/client.rb +463 -1
- data/lib/aws-sdk-securityhub/client_api.rb +183 -0
- data/lib/aws-sdk-securityhub/endpoint_provider.rb +1 -1
- data/lib/aws-sdk-securityhub/endpoints.rb +28 -0
- data/lib/aws-sdk-securityhub/errors.rb +21 -0
- data/lib/aws-sdk-securityhub/plugins/endpoints.rb +4 -0
- data/lib/aws-sdk-securityhub/types.rb +582 -16
- data/lib/aws-sdk-securityhub.rb +1 -1
- metadata +2 -2
@@ -4232,7 +4232,7 @@ module Aws::SecurityHub
|
|
4232
4232
|
end
|
4233
4233
|
|
4234
4234
|
# A complex type that describes the Amazon S3 bucket, HTTP server (for
|
4235
|
-
# example, a web server),
|
4235
|
+
# example, a web server), Elemental MediaStore, or other server from
|
4236
4236
|
# which CloudFront gets your files.
|
4237
4237
|
#
|
4238
4238
|
# @!attribute [rw] domain_name
|
@@ -18690,12 +18690,11 @@ module Aws::SecurityHub
|
|
18690
18690
|
include Aws::Structure
|
18691
18691
|
end
|
18692
18692
|
|
18693
|
-
# A collection of
|
18694
|
-
#
|
18695
|
-
# are included in this insight.
|
18693
|
+
# A collection of filters that are applied to all active findings
|
18694
|
+
# aggregated by Security Hub.
|
18696
18695
|
#
|
18697
|
-
# You can filter by up to
|
18698
|
-
# can provide up to 20 filter values.
|
18696
|
+
# You can filter by up to ten finding attributes. For each attribute,
|
18697
|
+
# you can provide up to 20 filter values.
|
18699
18698
|
#
|
18700
18699
|
# @!attribute [rw] product_arn
|
18701
18700
|
# The ARN generated by Security Hub that uniquely identifies a
|
@@ -19273,6 +19272,26 @@ module Aws::SecurityHub
|
|
19273
19272
|
# [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html
|
19274
19273
|
# @return [Array<Types::StringFilter>]
|
19275
19274
|
#
|
19275
|
+
# @!attribute [rw] vulnerabilities_exploit_available
|
19276
|
+
# Indicates whether a software vulnerability in your environment has a
|
19277
|
+
# known exploit. You can filter findings by this field only if you use
|
19278
|
+
# Security Hub and Amazon Inspector.
|
19279
|
+
# @return [Array<Types::StringFilter>]
|
19280
|
+
#
|
19281
|
+
# @!attribute [rw] vulnerabilities_fix_available
|
19282
|
+
# Indicates whether a vulnerability is fixed in a newer version of the
|
19283
|
+
# affected software packages. You can filter findings by this field
|
19284
|
+
# only if you use Security Hub and Amazon Inspector.
|
19285
|
+
# @return [Array<Types::StringFilter>]
|
19286
|
+
#
|
19287
|
+
# @!attribute [rw] compliance_security_control_parameters_name
|
19288
|
+
# The name of a security control parameter.
|
19289
|
+
# @return [Array<Types::StringFilter>]
|
19290
|
+
#
|
19291
|
+
# @!attribute [rw] compliance_security_control_parameters_value
|
19292
|
+
# The current value of a security control parameter.
|
19293
|
+
# @return [Array<Types::StringFilter>]
|
19294
|
+
#
|
19276
19295
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFindingFilters AWS API Documentation
|
19277
19296
|
#
|
19278
19297
|
class AwsSecurityFindingFilters < Struct.new(
|
@@ -19372,7 +19391,11 @@ module Aws::SecurityHub
|
|
19372
19391
|
:finding_provider_fields_types,
|
19373
19392
|
:sample,
|
19374
19393
|
:compliance_security_control_id,
|
19375
|
-
:compliance_associated_standards_id
|
19394
|
+
:compliance_associated_standards_id,
|
19395
|
+
:vulnerabilities_exploit_available,
|
19396
|
+
:vulnerabilities_fix_available,
|
19397
|
+
:compliance_security_control_parameters_name,
|
19398
|
+
:compliance_security_control_parameters_value)
|
19376
19399
|
SENSITIVE = []
|
19377
19400
|
include Aws::Structure
|
19378
19401
|
end
|
@@ -21431,6 +21454,21 @@ module Aws::SecurityHub
|
|
21431
21454
|
include Aws::Structure
|
21432
21455
|
end
|
21433
21456
|
|
21457
|
+
# The options for customizing a security control parameter with a
|
21458
|
+
# boolean. For a boolean parameter, the options are `true` and `false`.
|
21459
|
+
#
|
21460
|
+
# @!attribute [rw] default_value
|
21461
|
+
# The Security Hub default value for a boolean parameter.
|
21462
|
+
# @return [Boolean]
|
21463
|
+
#
|
21464
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BooleanConfigurationOptions AWS API Documentation
|
21465
|
+
#
|
21466
|
+
class BooleanConfigurationOptions < Struct.new(
|
21467
|
+
:default_value)
|
21468
|
+
SENSITIVE = []
|
21469
|
+
include Aws::Structure
|
21470
|
+
end
|
21471
|
+
|
21434
21472
|
# Boolean filter for querying findings.
|
21435
21473
|
#
|
21436
21474
|
# @!attribute [rw] value
|
@@ -21693,6 +21731,10 @@ module Aws::SecurityHub
|
|
21693
21731
|
# currently enabled.
|
21694
21732
|
# @return [Array<Types::AssociatedStandard>]
|
21695
21733
|
#
|
21734
|
+
# @!attribute [rw] security_control_parameters
|
21735
|
+
# An object that includes security control parameter names and values.
|
21736
|
+
# @return [Array<Types::SecurityControlParameter>]
|
21737
|
+
#
|
21696
21738
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Compliance AWS API Documentation
|
21697
21739
|
#
|
21698
21740
|
class Compliance < Struct.new(
|
@@ -21700,11 +21742,84 @@ module Aws::SecurityHub
|
|
21700
21742
|
:related_requirements,
|
21701
21743
|
:status_reasons,
|
21702
21744
|
:security_control_id,
|
21703
|
-
:associated_standards
|
21745
|
+
:associated_standards,
|
21746
|
+
:security_control_parameters)
|
21704
21747
|
SENSITIVE = []
|
21705
21748
|
include Aws::Structure
|
21706
21749
|
end
|
21707
21750
|
|
21751
|
+
# The options for customizing a security control parameter.
|
21752
|
+
#
|
21753
|
+
# @note ConfigurationOptions is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of ConfigurationOptions corresponding to the set member.
|
21754
|
+
#
|
21755
|
+
# @!attribute [rw] integer
|
21756
|
+
# The options for customizing a security control parameter that is an
|
21757
|
+
# integer.
|
21758
|
+
# @return [Types::IntegerConfigurationOptions]
|
21759
|
+
#
|
21760
|
+
# @!attribute [rw] integer_list
|
21761
|
+
# The options for customizing a security control parameter that is a
|
21762
|
+
# list of integers.
|
21763
|
+
# @return [Types::IntegerListConfigurationOptions]
|
21764
|
+
#
|
21765
|
+
# @!attribute [rw] double
|
21766
|
+
# The options for customizing a security control parameter that is a
|
21767
|
+
# double.
|
21768
|
+
# @return [Types::DoubleConfigurationOptions]
|
21769
|
+
#
|
21770
|
+
# @!attribute [rw] string
|
21771
|
+
# The options for customizing a security control parameter that is a
|
21772
|
+
# string data type.
|
21773
|
+
# @return [Types::StringConfigurationOptions]
|
21774
|
+
#
|
21775
|
+
# @!attribute [rw] string_list
|
21776
|
+
# The options for customizing a security control parameter that is a
|
21777
|
+
# list of strings.
|
21778
|
+
# @return [Types::StringListConfigurationOptions]
|
21779
|
+
#
|
21780
|
+
# @!attribute [rw] boolean
|
21781
|
+
# The options for customizing a security control parameter that is a
|
21782
|
+
# boolean. For a boolean parameter, the options are `true` and
|
21783
|
+
# `false`.
|
21784
|
+
# @return [Types::BooleanConfigurationOptions]
|
21785
|
+
#
|
21786
|
+
# @!attribute [rw] enum
|
21787
|
+
# The options for customizing a security control parameter that is an
|
21788
|
+
# enum.
|
21789
|
+
# @return [Types::EnumConfigurationOptions]
|
21790
|
+
#
|
21791
|
+
# @!attribute [rw] enum_list
|
21792
|
+
# The options for customizing a security control parameter that is a
|
21793
|
+
# list of enums.
|
21794
|
+
# @return [Types::EnumListConfigurationOptions]
|
21795
|
+
#
|
21796
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ConfigurationOptions AWS API Documentation
|
21797
|
+
#
|
21798
|
+
class ConfigurationOptions < Struct.new(
|
21799
|
+
:integer,
|
21800
|
+
:integer_list,
|
21801
|
+
:double,
|
21802
|
+
:string,
|
21803
|
+
:string_list,
|
21804
|
+
:boolean,
|
21805
|
+
:enum,
|
21806
|
+
:enum_list,
|
21807
|
+
:unknown)
|
21808
|
+
SENSITIVE = []
|
21809
|
+
include Aws::Structure
|
21810
|
+
include Aws::Structure::Union
|
21811
|
+
|
21812
|
+
class Integer < ConfigurationOptions; end
|
21813
|
+
class IntegerList < ConfigurationOptions; end
|
21814
|
+
class Double < ConfigurationOptions; end
|
21815
|
+
class String < ConfigurationOptions; end
|
21816
|
+
class StringList < ConfigurationOptions; end
|
21817
|
+
class Boolean < ConfigurationOptions; end
|
21818
|
+
class Enum < ConfigurationOptions; end
|
21819
|
+
class EnumList < ConfigurationOptions; end
|
21820
|
+
class Unknown < ConfigurationOptions; end
|
21821
|
+
end
|
21822
|
+
|
21708
21823
|
# Container details related to a finding.
|
21709
21824
|
#
|
21710
21825
|
# @!attribute [rw] container_runtime
|
@@ -22738,6 +22853,32 @@ module Aws::SecurityHub
|
|
22738
22853
|
include Aws::Structure
|
22739
22854
|
end
|
22740
22855
|
|
22856
|
+
# The options for customizing a security control parameter that is a
|
22857
|
+
# double.
|
22858
|
+
#
|
22859
|
+
# @!attribute [rw] default_value
|
22860
|
+
# The Security Hub default value for a control parameter that is a
|
22861
|
+
# double.
|
22862
|
+
# @return [Float]
|
22863
|
+
#
|
22864
|
+
# @!attribute [rw] min
|
22865
|
+
# The minimum valid value for a control parameter that is a double.
|
22866
|
+
# @return [Float]
|
22867
|
+
#
|
22868
|
+
# @!attribute [rw] max
|
22869
|
+
# The maximum valid value for a control parameter that is a double.
|
22870
|
+
# @return [Float]
|
22871
|
+
#
|
22872
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DoubleConfigurationOptions AWS API Documentation
|
22873
|
+
#
|
22874
|
+
class DoubleConfigurationOptions < Struct.new(
|
22875
|
+
:default_value,
|
22876
|
+
:min,
|
22877
|
+
:max)
|
22878
|
+
SENSITIVE = []
|
22879
|
+
include Aws::Structure
|
22880
|
+
end
|
22881
|
+
|
22741
22882
|
# @!attribute [rw] product_arn
|
22742
22883
|
# The ARN of the product to enable the integration for.
|
22743
22884
|
# @return [String]
|
@@ -22823,6 +22964,54 @@ module Aws::SecurityHub
|
|
22823
22964
|
#
|
22824
22965
|
class EnableSecurityHubResponse < Aws::EmptyStructure; end
|
22825
22966
|
|
22967
|
+
# The options for customizing a security control parameter that is an
|
22968
|
+
# enum.
|
22969
|
+
#
|
22970
|
+
# @!attribute [rw] default_value
|
22971
|
+
# The Security Hub default value for a control parameter that is an
|
22972
|
+
# enum.
|
22973
|
+
# @return [String]
|
22974
|
+
#
|
22975
|
+
# @!attribute [rw] allowed_values
|
22976
|
+
# The valid values for a control parameter that is an enum.
|
22977
|
+
# @return [Array<String>]
|
22978
|
+
#
|
22979
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnumConfigurationOptions AWS API Documentation
|
22980
|
+
#
|
22981
|
+
class EnumConfigurationOptions < Struct.new(
|
22982
|
+
:default_value,
|
22983
|
+
:allowed_values)
|
22984
|
+
SENSITIVE = []
|
22985
|
+
include Aws::Structure
|
22986
|
+
end
|
22987
|
+
|
22988
|
+
# The options for customizing a security control parameter that is a
|
22989
|
+
# list of enums.
|
22990
|
+
#
|
22991
|
+
# @!attribute [rw] default_value
|
22992
|
+
# The Security Hub default value for a control parameter that is a
|
22993
|
+
# list of enums.
|
22994
|
+
# @return [Array<String>]
|
22995
|
+
#
|
22996
|
+
# @!attribute [rw] max_items
|
22997
|
+
# The maximum number of list items that an enum list control parameter
|
22998
|
+
# can accept.
|
22999
|
+
# @return [Integer]
|
23000
|
+
#
|
23001
|
+
# @!attribute [rw] allowed_values
|
23002
|
+
# The valid values for a control parameter that is a list of enums.
|
23003
|
+
# @return [Array<String>]
|
23004
|
+
#
|
23005
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnumListConfigurationOptions AWS API Documentation
|
23006
|
+
#
|
23007
|
+
class EnumListConfigurationOptions < Struct.new(
|
23008
|
+
:default_value,
|
23009
|
+
:max_items,
|
23010
|
+
:allowed_values)
|
23011
|
+
SENSITIVE = []
|
23012
|
+
include Aws::Structure
|
23013
|
+
end
|
23014
|
+
|
22826
23015
|
# Provides information about the file paths that were affected by the
|
22827
23016
|
# threat.
|
22828
23017
|
#
|
@@ -23628,6 +23817,34 @@ module Aws::SecurityHub
|
|
23628
23817
|
include Aws::Structure
|
23629
23818
|
end
|
23630
23819
|
|
23820
|
+
# @!attribute [rw] security_control_id
|
23821
|
+
# The ID of the security control to retrieve the definition for. This
|
23822
|
+
# field doesn’t accept an Amazon Resource Name (ARN).
|
23823
|
+
# @return [String]
|
23824
|
+
#
|
23825
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinitionRequest AWS API Documentation
|
23826
|
+
#
|
23827
|
+
class GetSecurityControlDefinitionRequest < Struct.new(
|
23828
|
+
:security_control_id)
|
23829
|
+
SENSITIVE = []
|
23830
|
+
include Aws::Structure
|
23831
|
+
end
|
23832
|
+
|
23833
|
+
# @!attribute [rw] security_control_definition
|
23834
|
+
# Provides metadata for a security control, including its unique
|
23835
|
+
# standard-agnostic identifier, title, description, severity,
|
23836
|
+
# availability in Amazon Web Services Regions, and a link to
|
23837
|
+
# remediation steps.
|
23838
|
+
# @return [Types::SecurityControlDefinition]
|
23839
|
+
#
|
23840
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetSecurityControlDefinitionResponse AWS API Documentation
|
23841
|
+
#
|
23842
|
+
class GetSecurityControlDefinitionResponse < Struct.new(
|
23843
|
+
:security_control_definition)
|
23844
|
+
SENSITIVE = []
|
23845
|
+
include Aws::Structure
|
23846
|
+
end
|
23847
|
+
|
23631
23848
|
# An Internet Control Message Protocol (ICMP) type and code.
|
23632
23849
|
#
|
23633
23850
|
# @!attribute [rw] code
|
@@ -23760,6 +23977,66 @@ module Aws::SecurityHub
|
|
23760
23977
|
include Aws::Structure
|
23761
23978
|
end
|
23762
23979
|
|
23980
|
+
# The options for customizing a security control parameter that is an
|
23981
|
+
# integer.
|
23982
|
+
#
|
23983
|
+
# @!attribute [rw] default_value
|
23984
|
+
# The Security Hub default value for a control parameter that is an
|
23985
|
+
# integer.
|
23986
|
+
# @return [Integer]
|
23987
|
+
#
|
23988
|
+
# @!attribute [rw] min
|
23989
|
+
# The minimum valid value for a control parameter that is an integer.
|
23990
|
+
# @return [Integer]
|
23991
|
+
#
|
23992
|
+
# @!attribute [rw] max
|
23993
|
+
# The maximum valid value for a control parameter that is an integer.
|
23994
|
+
# @return [Integer]
|
23995
|
+
#
|
23996
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IntegerConfigurationOptions AWS API Documentation
|
23997
|
+
#
|
23998
|
+
class IntegerConfigurationOptions < Struct.new(
|
23999
|
+
:default_value,
|
24000
|
+
:min,
|
24001
|
+
:max)
|
24002
|
+
SENSITIVE = []
|
24003
|
+
include Aws::Structure
|
24004
|
+
end
|
24005
|
+
|
24006
|
+
# The options for customizing a security control parameter that is a
|
24007
|
+
# list of integers.
|
24008
|
+
#
|
24009
|
+
# @!attribute [rw] default_value
|
24010
|
+
# The Security Hub default value for a control parameter that is a
|
24011
|
+
# list of integers.
|
24012
|
+
# @return [Array<Integer>]
|
24013
|
+
#
|
24014
|
+
# @!attribute [rw] min
|
24015
|
+
# The minimum valid value for a control parameter that is a list of
|
24016
|
+
# integers.
|
24017
|
+
# @return [Integer]
|
24018
|
+
#
|
24019
|
+
# @!attribute [rw] max
|
24020
|
+
# The maximum valid value for a control parameter that is a list of
|
24021
|
+
# integers.
|
24022
|
+
# @return [Integer]
|
24023
|
+
#
|
24024
|
+
# @!attribute [rw] max_items
|
24025
|
+
# The maximum number of list items that an interger list control
|
24026
|
+
# parameter can accept.
|
24027
|
+
# @return [Integer]
|
24028
|
+
#
|
24029
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/IntegerListConfigurationOptions AWS API Documentation
|
24030
|
+
#
|
24031
|
+
class IntegerListConfigurationOptions < Struct.new(
|
24032
|
+
:default_value,
|
24033
|
+
:min,
|
24034
|
+
:max,
|
24035
|
+
:max_items)
|
24036
|
+
SENSITIVE = []
|
24037
|
+
include Aws::Structure
|
24038
|
+
end
|
24039
|
+
|
23763
24040
|
# Internal server error.
|
23764
24041
|
#
|
23765
24042
|
# @!attribute [rw] message
|
@@ -24838,12 +25115,24 @@ module Aws::SecurityHub
|
|
24838
25115
|
# for findings.
|
24839
25116
|
# @return [Float]
|
24840
25117
|
#
|
25118
|
+
# @!attribute [rw] gt
|
25119
|
+
# The greater-than condition to be applied to a single field when
|
25120
|
+
# querying for findings.
|
25121
|
+
# @return [Float]
|
25122
|
+
#
|
25123
|
+
# @!attribute [rw] lt
|
25124
|
+
# The less-than condition to be applied to a single field when
|
25125
|
+
# querying for findings.
|
25126
|
+
# @return [Float]
|
25127
|
+
#
|
24841
25128
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/NumberFilter AWS API Documentation
|
24842
25129
|
#
|
24843
25130
|
class NumberFilter < Struct.new(
|
24844
25131
|
:gte,
|
24845
25132
|
:lte,
|
24846
|
-
:eq
|
25133
|
+
:eq,
|
25134
|
+
:gt,
|
25135
|
+
:lt)
|
24847
25136
|
SENSITIVE = []
|
24848
25137
|
include Aws::Structure
|
24849
25138
|
end
|
@@ -24915,6 +25204,114 @@ module Aws::SecurityHub
|
|
24915
25204
|
include Aws::Structure
|
24916
25205
|
end
|
24917
25206
|
|
25207
|
+
# An object that provides the current value of a security control
|
25208
|
+
# parameter and identifies whether it has been customized.
|
25209
|
+
#
|
25210
|
+
# @!attribute [rw] value_type
|
25211
|
+
# Identifies whether a control parameter uses a custom user-defined
|
25212
|
+
# value or the Security Hub default value.
|
25213
|
+
# @return [String]
|
25214
|
+
#
|
25215
|
+
# @!attribute [rw] value
|
25216
|
+
# The current value of a control parameter.
|
25217
|
+
# @return [Types::ParameterValue]
|
25218
|
+
#
|
25219
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterConfiguration AWS API Documentation
|
25220
|
+
#
|
25221
|
+
class ParameterConfiguration < Struct.new(
|
25222
|
+
:value_type,
|
25223
|
+
:value)
|
25224
|
+
SENSITIVE = []
|
25225
|
+
include Aws::Structure
|
25226
|
+
end
|
25227
|
+
|
25228
|
+
# An object that describes a security control parameter and the options
|
25229
|
+
# for customizing it.
|
25230
|
+
#
|
25231
|
+
# @!attribute [rw] description
|
25232
|
+
# Description of a control parameter.
|
25233
|
+
# @return [String]
|
25234
|
+
#
|
25235
|
+
# @!attribute [rw] configuration_options
|
25236
|
+
# The options for customizing a control parameter. Customization
|
25237
|
+
# options vary based on the data type of the parameter.
|
25238
|
+
# @return [Types::ConfigurationOptions]
|
25239
|
+
#
|
25240
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterDefinition AWS API Documentation
|
25241
|
+
#
|
25242
|
+
class ParameterDefinition < Struct.new(
|
25243
|
+
:description,
|
25244
|
+
:configuration_options)
|
25245
|
+
SENSITIVE = []
|
25246
|
+
include Aws::Structure
|
25247
|
+
end
|
25248
|
+
|
25249
|
+
# An object that includes the data type of a security control parameter
|
25250
|
+
# and its current value.
|
25251
|
+
#
|
25252
|
+
# @note ParameterValue is a union - when making an API calls you must set exactly one of the members.
|
25253
|
+
#
|
25254
|
+
# @note ParameterValue is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of ParameterValue corresponding to the set member.
|
25255
|
+
#
|
25256
|
+
# @!attribute [rw] integer
|
25257
|
+
# A control parameter that is an integer.
|
25258
|
+
# @return [Integer]
|
25259
|
+
#
|
25260
|
+
# @!attribute [rw] integer_list
|
25261
|
+
# A control parameter that is a list of integers.
|
25262
|
+
# @return [Array<Integer>]
|
25263
|
+
#
|
25264
|
+
# @!attribute [rw] double
|
25265
|
+
# A control parameter that is a double.
|
25266
|
+
# @return [Float]
|
25267
|
+
#
|
25268
|
+
# @!attribute [rw] string
|
25269
|
+
# A control parameter that is a string.
|
25270
|
+
# @return [String]
|
25271
|
+
#
|
25272
|
+
# @!attribute [rw] string_list
|
25273
|
+
# A control parameter that is a list of strings.
|
25274
|
+
# @return [Array<String>]
|
25275
|
+
#
|
25276
|
+
# @!attribute [rw] boolean
|
25277
|
+
# A control parameter that is a boolean.
|
25278
|
+
# @return [Boolean]
|
25279
|
+
#
|
25280
|
+
# @!attribute [rw] enum
|
25281
|
+
# A control parameter that is an enum.
|
25282
|
+
# @return [String]
|
25283
|
+
#
|
25284
|
+
# @!attribute [rw] enum_list
|
25285
|
+
# A control parameter that is a list of enums.
|
25286
|
+
# @return [Array<String>]
|
25287
|
+
#
|
25288
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ParameterValue AWS API Documentation
|
25289
|
+
#
|
25290
|
+
class ParameterValue < Struct.new(
|
25291
|
+
:integer,
|
25292
|
+
:integer_list,
|
25293
|
+
:double,
|
25294
|
+
:string,
|
25295
|
+
:string_list,
|
25296
|
+
:boolean,
|
25297
|
+
:enum,
|
25298
|
+
:enum_list,
|
25299
|
+
:unknown)
|
25300
|
+
SENSITIVE = []
|
25301
|
+
include Aws::Structure
|
25302
|
+
include Aws::Structure::Union
|
25303
|
+
|
25304
|
+
class Integer < ParameterValue; end
|
25305
|
+
class IntegerList < ParameterValue; end
|
25306
|
+
class Double < ParameterValue; end
|
25307
|
+
class String < ParameterValue; end
|
25308
|
+
class StringList < ParameterValue; end
|
25309
|
+
class Boolean < ParameterValue; end
|
25310
|
+
class Enum < ParameterValue; end
|
25311
|
+
class EnumList < ParameterValue; end
|
25312
|
+
class Unknown < ParameterValue; end
|
25313
|
+
end
|
25314
|
+
|
24918
25315
|
# Provides an overview of the patch compliance status for an instance
|
24919
25316
|
# against a selected compliance standard.
|
24920
25317
|
#
|
@@ -25985,6 +26382,25 @@ module Aws::SecurityHub
|
|
25985
26382
|
include Aws::Structure
|
25986
26383
|
end
|
25987
26384
|
|
26385
|
+
# The request was rejected because it conflicts with the resource's
|
26386
|
+
# availability. For example, you tried to update a security control
|
26387
|
+
# that's currently in the `UPDATING` state.
|
26388
|
+
#
|
26389
|
+
# @!attribute [rw] message
|
26390
|
+
# @return [String]
|
26391
|
+
#
|
26392
|
+
# @!attribute [rw] code
|
26393
|
+
# @return [String]
|
26394
|
+
#
|
26395
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceInUseException AWS API Documentation
|
26396
|
+
#
|
26397
|
+
class ResourceInUseException < Struct.new(
|
26398
|
+
:message,
|
26399
|
+
:code)
|
26400
|
+
SENSITIVE = []
|
26401
|
+
include Aws::Structure
|
26402
|
+
end
|
26403
|
+
|
25988
26404
|
# The request was rejected because we can't find the specified
|
25989
26405
|
# resource.
|
25990
26406
|
#
|
@@ -26598,6 +27014,32 @@ module Aws::SecurityHub
|
|
26598
27014
|
# The enablement status of a security control in a specific standard.
|
26599
27015
|
# @return [String]
|
26600
27016
|
#
|
27017
|
+
# @!attribute [rw] update_status
|
27018
|
+
# Identifies whether customizable properties of a security control are
|
27019
|
+
# reflected in Security Hub findings. A status of `READY` indicates
|
27020
|
+
# findings include the current parameter values. A status of
|
27021
|
+
# `UPDATING` indicates that all findings may not include the current
|
27022
|
+
# parameter values.
|
27023
|
+
# @return [String]
|
27024
|
+
#
|
27025
|
+
# @!attribute [rw] parameters
|
27026
|
+
# An object that identifies the name of a control parameter, its
|
27027
|
+
# current value, and whether it has been customized.
|
27028
|
+
# @return [Hash<String,Types::ParameterConfiguration>]
|
27029
|
+
#
|
27030
|
+
# @!attribute [rw] last_update_reason
|
27031
|
+
# The most recent reason for updating the customizable properties of a
|
27032
|
+
# security control. This differs from the `UpdateReason` field of the
|
27033
|
+
# [ `BatchUpdateStandardsControlAssociations` ][1] API, which tracks
|
27034
|
+
# the reason for updating the enablement status of a control. This
|
27035
|
+
# field accepts alphanumeric characters in addition to white spaces,
|
27036
|
+
# dashes, and underscores.
|
27037
|
+
#
|
27038
|
+
#
|
27039
|
+
#
|
27040
|
+
# [1]: https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateStandardsControlAssociations.html
|
27041
|
+
# @return [String]
|
27042
|
+
#
|
26601
27043
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControl AWS API Documentation
|
26602
27044
|
#
|
26603
27045
|
class SecurityControl < Struct.new(
|
@@ -26607,7 +27049,10 @@ module Aws::SecurityHub
|
|
26607
27049
|
:description,
|
26608
27050
|
:remediation_url,
|
26609
27051
|
:severity_rating,
|
26610
|
-
:security_control_status
|
27052
|
+
:security_control_status,
|
27053
|
+
:update_status,
|
27054
|
+
:parameters,
|
27055
|
+
:last_update_reason)
|
26611
27056
|
SENSITIVE = []
|
26612
27057
|
include Aws::Structure
|
26613
27058
|
end
|
@@ -26658,6 +27103,18 @@ module Aws::SecurityHub
|
|
26658
27103
|
# Amazon Web Services Region.
|
26659
27104
|
# @return [String]
|
26660
27105
|
#
|
27106
|
+
# @!attribute [rw] customizable_properties
|
27107
|
+
# Security control properties that you can customize. Currently, only
|
27108
|
+
# parameter customization is supported for select controls. An empty
|
27109
|
+
# array is returned for controls that don’t support custom properties.
|
27110
|
+
# @return [Array<String>]
|
27111
|
+
#
|
27112
|
+
# @!attribute [rw] parameter_definitions
|
27113
|
+
# An object that provides a security control parameter name,
|
27114
|
+
# description, and the options for customizing it. This object is
|
27115
|
+
# excluded for a control that doesn't support custom parameters.
|
27116
|
+
# @return [Hash<String,Types::ParameterDefinition>]
|
27117
|
+
#
|
26661
27118
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControlDefinition AWS API Documentation
|
26662
27119
|
#
|
26663
27120
|
class SecurityControlDefinition < Struct.new(
|
@@ -26666,7 +27123,28 @@ module Aws::SecurityHub
|
|
26666
27123
|
:description,
|
26667
27124
|
:remediation_url,
|
26668
27125
|
:severity_rating,
|
26669
|
-
:current_region_availability
|
27126
|
+
:current_region_availability,
|
27127
|
+
:customizable_properties,
|
27128
|
+
:parameter_definitions)
|
27129
|
+
SENSITIVE = []
|
27130
|
+
include Aws::Structure
|
27131
|
+
end
|
27132
|
+
|
27133
|
+
# A parameter that a security control accepts.
|
27134
|
+
#
|
27135
|
+
# @!attribute [rw] name
|
27136
|
+
# The name of a
|
27137
|
+
# @return [String]
|
27138
|
+
#
|
27139
|
+
# @!attribute [rw] value
|
27140
|
+
# The current value of a control parameter.
|
27141
|
+
# @return [Array<String>]
|
27142
|
+
#
|
27143
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/SecurityControlParameter AWS API Documentation
|
27144
|
+
#
|
27145
|
+
class SecurityControlParameter < Struct.new(
|
27146
|
+
:name,
|
27147
|
+
:value)
|
26670
27148
|
SENSITIVE = []
|
26671
27149
|
include Aws::Structure
|
26672
27150
|
end
|
@@ -26737,8 +27215,8 @@ module Aws::SecurityHub
|
|
26737
27215
|
# attribute.
|
26738
27216
|
#
|
26739
27217
|
# @!attribute [rw] product
|
26740
|
-
# Deprecated. This attribute
|
26741
|
-
# `Product`, provide `Original`.
|
27218
|
+
# Deprecated. This attribute isn't included in findings. Instead of
|
27219
|
+
# providing `Product`, provide `Original`.
|
26742
27220
|
#
|
26743
27221
|
# The native severity as defined by the Amazon Web Services service or
|
26744
27222
|
# integrated partner product that generated the finding.
|
@@ -26774,9 +27252,8 @@ module Aws::SecurityHub
|
|
26774
27252
|
# @return [String]
|
26775
27253
|
#
|
26776
27254
|
# @!attribute [rw] normalized
|
26777
|
-
# Deprecated. The normalized severity of a finding.
|
26778
|
-
#
|
26779
|
-
# `Label`.
|
27255
|
+
# Deprecated. The normalized severity of a finding. Instead of
|
27256
|
+
# providing `Normalized`, provide `Label`.
|
26780
27257
|
#
|
26781
27258
|
# If you provide `Label` and do not provide `Normalized`, then
|
26782
27259
|
# `Normalized` is set automatically as follows.
|
@@ -27430,6 +27907,33 @@ module Aws::SecurityHub
|
|
27430
27907
|
include Aws::Structure
|
27431
27908
|
end
|
27432
27909
|
|
27910
|
+
# The options for customizing a security control parameter that is a
|
27911
|
+
# string.
|
27912
|
+
#
|
27913
|
+
# @!attribute [rw] default_value
|
27914
|
+
# The Security Hub default value for a control parameter that is a
|
27915
|
+
# string.
|
27916
|
+
# @return [String]
|
27917
|
+
#
|
27918
|
+
# @!attribute [rw] re_2_expression
|
27919
|
+
# An RE2 regular expression that Security Hub uses to validate a
|
27920
|
+
# user-provided control parameter string.
|
27921
|
+
# @return [String]
|
27922
|
+
#
|
27923
|
+
# @!attribute [rw] expression_description
|
27924
|
+
# The description of the RE2 regular expression.
|
27925
|
+
# @return [String]
|
27926
|
+
#
|
27927
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StringConfigurationOptions AWS API Documentation
|
27928
|
+
#
|
27929
|
+
class StringConfigurationOptions < Struct.new(
|
27930
|
+
:default_value,
|
27931
|
+
:re_2_expression,
|
27932
|
+
:expression_description)
|
27933
|
+
SENSITIVE = []
|
27934
|
+
include Aws::Structure
|
27935
|
+
end
|
27936
|
+
|
27433
27937
|
# A string filter for filtering Security Hub findings.
|
27434
27938
|
#
|
27435
27939
|
# @!attribute [rw] value
|
@@ -27537,6 +28041,39 @@ module Aws::SecurityHub
|
|
27537
28041
|
include Aws::Structure
|
27538
28042
|
end
|
27539
28043
|
|
28044
|
+
# The options for customizing a security control parameter that is a
|
28045
|
+
# list of strings.
|
28046
|
+
#
|
28047
|
+
# @!attribute [rw] default_value
|
28048
|
+
# The Security Hub default value for a control parameter that is a
|
28049
|
+
# list of strings.
|
28050
|
+
# @return [Array<String>]
|
28051
|
+
#
|
28052
|
+
# @!attribute [rw] re_2_expression
|
28053
|
+
# An RE2 regular expression that Security Hub uses to validate a
|
28054
|
+
# user-provided list of strings for a control parameter.
|
28055
|
+
# @return [String]
|
28056
|
+
#
|
28057
|
+
# @!attribute [rw] max_items
|
28058
|
+
# The maximum number of list items that a string list control
|
28059
|
+
# parameter can accept.
|
28060
|
+
# @return [Integer]
|
28061
|
+
#
|
28062
|
+
# @!attribute [rw] expression_description
|
28063
|
+
# The description of the RE2 regular expression.
|
28064
|
+
# @return [String]
|
28065
|
+
#
|
28066
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StringListConfigurationOptions AWS API Documentation
|
28067
|
+
#
|
28068
|
+
class StringListConfigurationOptions < Struct.new(
|
28069
|
+
:default_value,
|
28070
|
+
:re_2_expression,
|
28071
|
+
:max_items,
|
28072
|
+
:expression_description)
|
28073
|
+
SENSITIVE = []
|
28074
|
+
include Aws::Structure
|
28075
|
+
end
|
28076
|
+
|
27540
28077
|
# @!attribute [rw] resource_arn
|
27541
28078
|
# The ARN of the resource to apply the tags to.
|
27542
28079
|
# @return [String]
|
@@ -28069,6 +28606,35 @@ module Aws::SecurityHub
|
|
28069
28606
|
#
|
28070
28607
|
class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
|
28071
28608
|
|
28609
|
+
# @!attribute [rw] security_control_id
|
28610
|
+
# The Amazon Resource Name (ARN) or ID of the control to update.
|
28611
|
+
# @return [String]
|
28612
|
+
#
|
28613
|
+
# @!attribute [rw] parameters
|
28614
|
+
# An object that specifies which security control parameters to
|
28615
|
+
# update.
|
28616
|
+
# @return [Hash<String,Types::ParameterConfiguration>]
|
28617
|
+
#
|
28618
|
+
# @!attribute [rw] last_update_reason
|
28619
|
+
# The most recent reason for updating the properties of the security
|
28620
|
+
# control. This field accepts alphanumeric characters in addition to
|
28621
|
+
# white spaces, dashes, and underscores.
|
28622
|
+
# @return [String]
|
28623
|
+
#
|
28624
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityControlRequest AWS API Documentation
|
28625
|
+
#
|
28626
|
+
class UpdateSecurityControlRequest < Struct.new(
|
28627
|
+
:security_control_id,
|
28628
|
+
:parameters,
|
28629
|
+
:last_update_reason)
|
28630
|
+
SENSITIVE = []
|
28631
|
+
include Aws::Structure
|
28632
|
+
end
|
28633
|
+
|
28634
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityControlResponse AWS API Documentation
|
28635
|
+
#
|
28636
|
+
class UpdateSecurityControlResponse < Aws::EmptyStructure; end
|
28637
|
+
|
28072
28638
|
# @!attribute [rw] auto_enable_controls
|
28073
28639
|
# Whether to automatically enable new controls when they are added to
|
28074
28640
|
# standards that are enabled.
|