aws-sdk-securityhub 1.15.0 → 1.16.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 1c05a52e7fa6f9df651af11efde048a6977ad574
-  data.tar.gz: 35c8e5d58f0c8eff8a2dc2f12d3c8d2b27ee5cd6
+  metadata.gz: fa57cc5b27c55c9b79bde6b4ebc39a5258742b75
+  data.tar.gz: ea62fa7c69af9f701278e78c8ecb395e86b0e8d1
 SHA512:
-  metadata.gz: 5efc69312ab83b36848d4bd32a1ec4f2195404f35b8f437bbac997cf64f94a71c4f49cf8c32074c4135c0b2e95b53de09d25bdd3b15dd3d211761daeebd98c8b
-  data.tar.gz: cb77197f10ea6058699efff2a50eb24c5546e4d186d718d6bbfde7b4f3c494a894ca486e4b20e12a8a56eec9164a282b4de56e637e41c6355b5bda9644045998
+  metadata.gz: 330bc8bc5fa83b0b74da588b078bff64c3fedd34c912061f7385e52e1ede57b6020bcbd20d5d658fa766a2b1a887be7dbc59784eef8dcae627fc38e4c44819b5
+  data.tar.gz: d0a137b4c87d83e1e383f3ac3807c3b03f2ff986c438d526ac878d431641c9468671c3c5a9aff4052927a7deeb4b980cd72248ab8635af877124fe86a42fd906

data/lib/aws-sdk-securityhub.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-securityhub/customizations'
 # @service
 module Aws::SecurityHub
 
-  GEM_VERSION = '1.15.0'
+  GEM_VERSION = '1.16.0'
 
 end

data/lib/aws-sdk-securityhub/client.rb

@@ -1626,6 +1626,60 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Returns a list of compliance standards controls.
+    #
+    # For each control, the results include information about whether it is
+    # currently enabled, the severity, and a link to remediation
+    # information.
+    #
+    # @option params [required, String] :standards_subscription_arn
+    #   The ARN of a resource that represents your subscription to a supported
+    #   standard.
+    #
+    # @option params [String] :next_token
+    #   For requests to get the next page of results, the pagination token
+    #   that was returned with the previous set of results. The initial
+    #   request does not include a pagination token.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of compliance standard controls to return.
+    #
+    # @return [Types::DescribeStandardsControlsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DescribeStandardsControlsResponse#controls #controls} => Array<Types::StandardsControl>
+    #   * {Types::DescribeStandardsControlsResponse#next_token #next_token} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_standards_controls({
+    #     standards_subscription_arn: "NonEmptyString", # required
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.controls #=> Array
+    #   resp.controls[0].standards_control_arn #=> String
+    #   resp.controls[0].control_status #=> String, one of "ENABLED", "DISABLED"
+    #   resp.controls[0].disabled_reason #=> String
+    #   resp.controls[0].control_status_updated_at #=> Time
+    #   resp.controls[0].control_id #=> String
+    #   resp.controls[0].title #=> String
+    #   resp.controls[0].description #=> String
+    #   resp.controls[0].remediation_url #=> String
+    #   resp.controls[0].severity_rating #=> String, one of "LOW", "MEDIUM", "HIGH", "CRITICAL"
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeStandardsControls AWS API Documentation
+    #
+    # @overload describe_standards_controls(params = {})
+    # @param [Hash] params ({})
+    def describe_standards_controls(params = {}, options = {})
+      req = build_request(:describe_standards_controls, params)
+      req.send_request(options)
+    end
+
     # Disables the integration of the specified product with Security Hub.
     # Findings from that product are no longer sent to Security Hub after
     # the integration is disabled.
@@ -4485,6 +4539,38 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Used to control whether an individual compliance standard control is
+    # enabled or disabled.
+    #
+    # @option params [required, String] :standards_control_arn
+    #   The ARN of the compliance standard control to enable or disable.
+    #
+    # @option params [String] :control_status
+    #   The updated status of the compliance standard control.
+    #
+    # @option params [String] :disabled_reason
+    #   A description of the reason why you are disabling a compliance
+    #   standard control.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_standards_control({
+    #     standards_control_arn: "NonEmptyString", # required
+    #     control_status: "ENABLED", # accepts ENABLED, DISABLED
+    #     disabled_reason: "NonEmptyString",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateStandardsControl AWS API Documentation
+    #
+    # @overload update_standards_control(params = {})
+    # @param [Hash] params ({})
+    def update_standards_control(params = {}, options = {})
+      req = build_request(:update_standards_control, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -4498,7 +4584,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.15.0'
+      context[:gem_version] = '1.16.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-securityhub/client_api.rb

@@ -63,6 +63,7 @@ module Aws::SecurityHub
     Compliance = Shapes::StructureShape.new(name: 'Compliance')
     ComplianceStatus = Shapes::StringShape.new(name: 'ComplianceStatus')
     ContainerDetails = Shapes::StructureShape.new(name: 'ContainerDetails')
+    ControlStatus = Shapes::StringShape.new(name: 'ControlStatus')
     CreateActionTargetRequest = Shapes::StructureShape.new(name: 'CreateActionTargetRequest')
     CreateActionTargetResponse = Shapes::StructureShape.new(name: 'CreateActionTargetResponse')
     CreateInsightRequest = Shapes::StructureShape.new(name: 'CreateInsightRequest')
@@ -89,6 +90,8 @@ module Aws::SecurityHub
     DescribeHubResponse = Shapes::StructureShape.new(name: 'DescribeHubResponse')
     DescribeProductsRequest = Shapes::StructureShape.new(name: 'DescribeProductsRequest')
     DescribeProductsResponse = Shapes::StructureShape.new(name: 'DescribeProductsResponse')
+    DescribeStandardsControlsRequest = Shapes::StructureShape.new(name: 'DescribeStandardsControlsRequest')
+    DescribeStandardsControlsResponse = Shapes::StructureShape.new(name: 'DescribeStandardsControlsResponse')
     DisableImportFindingsForProductRequest = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductRequest')
     DisableImportFindingsForProductResponse = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductResponse')
     DisableSecurityHubRequest = Shapes::StructureShape.new(name: 'DisableSecurityHubRequest')
@@ -185,9 +188,12 @@ module Aws::SecurityHub
     ResultList = Shapes::ListShape.new(name: 'ResultList')
     SecurityGroups = Shapes::ListShape.new(name: 'SecurityGroups')
     Severity = Shapes::StructureShape.new(name: 'Severity')
+    SeverityRating = Shapes::StringShape.new(name: 'SeverityRating')
     SortCriteria = Shapes::ListShape.new(name: 'SortCriteria')
     SortCriterion = Shapes::StructureShape.new(name: 'SortCriterion')
     SortOrder = Shapes::StringShape.new(name: 'SortOrder')
+    StandardsControl = Shapes::StructureShape.new(name: 'StandardsControl')
+    StandardsControls = Shapes::ListShape.new(name: 'StandardsControls')
     StandardsInputParameterMap = Shapes::MapShape.new(name: 'StandardsInputParameterMap')
     StandardsStatus = Shapes::StringShape.new(name: 'StandardsStatus')
     StandardsSubscription = Shapes::StructureShape.new(name: 'StandardsSubscription')
@@ -219,6 +225,8 @@ module Aws::SecurityHub
     UpdateFindingsResponse = Shapes::StructureShape.new(name: 'UpdateFindingsResponse')
     UpdateInsightRequest = Shapes::StructureShape.new(name: 'UpdateInsightRequest')
     UpdateInsightResponse = Shapes::StructureShape.new(name: 'UpdateInsightResponse')
+    UpdateStandardsControlRequest = Shapes::StructureShape.new(name: 'UpdateStandardsControlRequest')
+    UpdateStandardsControlResponse = Shapes::StructureShape.new(name: 'UpdateStandardsControlResponse')
     VerificationState = Shapes::StringShape.new(name: 'VerificationState')
     WorkflowState = Shapes::StringShape.new(name: 'WorkflowState')
 
@@ -637,6 +645,15 @@ module Aws::SecurityHub
     DescribeProductsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
     DescribeProductsResponse.struct_class = Types::DescribeProductsResponse
 
+    DescribeStandardsControlsRequest.add_member(:standards_subscription_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location: "uri", location_name: "StandardsSubscriptionArn"))
+    DescribeStandardsControlsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
+    DescribeStandardsControlsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "MaxResults"))
+    DescribeStandardsControlsRequest.struct_class = Types::DescribeStandardsControlsRequest
+
+    DescribeStandardsControlsResponse.add_member(:controls, Shapes::ShapeRef.new(shape: StandardsControls, location_name: "Controls"))
+    DescribeStandardsControlsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
+    DescribeStandardsControlsResponse.struct_class = Types::DescribeStandardsControlsResponse
+
     DisableImportFindingsForProductRequest.add_member(:product_subscription_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location: "uri", location_name: "ProductSubscriptionArn"))
     DisableImportFindingsForProductRequest.struct_class = Types::DisableImportFindingsForProductRequest
 
@@ -962,6 +979,19 @@ module Aws::SecurityHub
     SortCriterion.add_member(:sort_order, Shapes::ShapeRef.new(shape: SortOrder, location_name: "SortOrder"))
     SortCriterion.struct_class = Types::SortCriterion
 
+    StandardsControl.add_member(:standards_control_arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "StandardsControlArn"))
+    StandardsControl.add_member(:control_status, Shapes::ShapeRef.new(shape: ControlStatus, location_name: "ControlStatus"))
+    StandardsControl.add_member(:disabled_reason, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DisabledReason"))
+    StandardsControl.add_member(:control_status_updated_at, Shapes::ShapeRef.new(shape: Timestamp, location_name: "ControlStatusUpdatedAt"))
+    StandardsControl.add_member(:control_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ControlId"))
+    StandardsControl.add_member(:title, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Title"))
+    StandardsControl.add_member(:description, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Description"))
+    StandardsControl.add_member(:remediation_url, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "RemediationUrl"))
+    StandardsControl.add_member(:severity_rating, Shapes::ShapeRef.new(shape: SeverityRating, location_name: "SeverityRating"))
+    StandardsControl.struct_class = Types::StandardsControl
+
+    StandardsControls.member = Shapes::ShapeRef.new(shape: StandardsControl)
+
     StandardsInputParameterMap.key = Shapes::ShapeRef.new(shape: NonEmptyString)
     StandardsInputParameterMap.value = Shapes::ShapeRef.new(shape: NonEmptyString)
 
@@ -1040,6 +1070,13 @@ module Aws::SecurityHub
 
     UpdateInsightResponse.struct_class = Types::UpdateInsightResponse
 
+    UpdateStandardsControlRequest.add_member(:standards_control_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location: "uri", location_name: "StandardsControlArn"))
+    UpdateStandardsControlRequest.add_member(:control_status, Shapes::ShapeRef.new(shape: ControlStatus, location_name: "ControlStatus"))
+    UpdateStandardsControlRequest.add_member(:disabled_reason, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DisabledReason"))
+    UpdateStandardsControlRequest.struct_class = Types::UpdateStandardsControlRequest
+
+    UpdateStandardsControlResponse.struct_class = Types::UpdateStandardsControlResponse
+
 
     # @api private
     API = Seahorse::Model::Api.new.tap do |api|
@@ -1258,6 +1295,18 @@ module Aws::SecurityHub
         )
       end)
 
+      api.add_operation(:describe_standards_controls, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DescribeStandardsControls"
+        o.http_method = "GET"
+        o.http_request_uri = "/standards/controls/{StandardsSubscriptionArn+}"
+        o.input = Shapes::ShapeRef.new(shape: DescribeStandardsControlsRequest)
+        o.output = Shapes::ShapeRef.new(shape: DescribeStandardsControlsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+      end)
+
       api.add_operation(:disable_import_findings_for_product, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DisableImportFindingsForProduct"
         o.http_method = "DELETE"
@@ -1560,6 +1609,18 @@ module Aws::SecurityHub
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
       end)
+
+      api.add_operation(:update_standards_control, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "UpdateStandardsControl"
+        o.http_method = "PATCH"
+        o.http_request_uri = "/standards/control/{StandardsControlArn+}"
+        o.input = Shapes::ShapeRef.new(shape: UpdateStandardsControlRequest)
+        o.output = Shapes::ShapeRef.new(shape: UpdateStandardsControlResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+      end)
     end
 
   end

data/lib/aws-sdk-securityhub/types.rb

@@ -4050,6 +4050,57 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DescribeStandardsControlsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         standards_subscription_arn: "NonEmptyString", # required
+    #         next_token: "NextToken",
+    #         max_results: 1,
+    #       }
+    #
+    # @!attribute [rw] standards_subscription_arn
+    #   The ARN of a resource that represents your subscription to a
+    #   supported standard.
+    #   @return [String]
+    #
+    # @!attribute [rw] next_token
+    #   For requests to get the next page of results, the pagination token
+    #   that was returned with the previous set of results. The initial
+    #   request does not include a pagination token.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of compliance standard controls to return.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeStandardsControlsRequest AWS API Documentation
+    #
+    class DescribeStandardsControlsRequest < Struct.new(
+      :standards_subscription_arn,
+      :next_token,
+      :max_results)
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] controls
+    #   A list of compliance standards controls.
+    #   @return [Array<Types::StandardsControl>]
+    #
+    # @!attribute [rw] next_token
+    #   If there are more compliance standards control remaining in the
+    #   results, then this is the pagination token to use to request the
+    #   next page of compliance standard controls.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeStandardsControlsResponse AWS API Documentation
+    #
+    class DescribeStandardsControlsResponse < Struct.new(
+      :controls,
+      :next_token)
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DisableImportFindingsForProductRequest
     #   data as a hash:
     #
@@ -6467,6 +6518,69 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # Details for an individual compliance standard control.
+    #
+    # @!attribute [rw] standards_control_arn
+    #   The ARN of the compliance standard control.
+    #   @return [String]
+    #
+    # @!attribute [rw] control_status
+    #   The current status of the compliance standard control. Indicates
+    #   whether the control is enabled or disabled. Security Hub does not
+    #   check against disabled controls.
+    #   @return [String]
+    #
+    # @!attribute [rw] disabled_reason
+    #   The reason provided for the most recent change in status for the
+    #   control.
+    #   @return [String]
+    #
+    # @!attribute [rw] control_status_updated_at
+    #   The date and time that the status of the compliance standard control
+    #   was most recently updated.
+    #   @return [Time]
+    #
+    # @!attribute [rw] control_id
+    #   The identifier of the compliance standard control.
+    #   @return [String]
+    #
+    # @!attribute [rw] title
+    #   The title of the compliance standard control.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The longer description of the compliance standard control. Provides
+    #   information about what the control is checking for.
+    #   @return [String]
+    #
+    # @!attribute [rw] remediation_url
+    #   A link to remediation information for the control in the Security
+    #   Hub user documentation
+    #   @return [String]
+    #
+    # @!attribute [rw] severity_rating
+    #   The severity of findings generated from this compliance standard
+    #   control.
+    #
+    #   The finding severity is based on an assessment of how easy it would
+    #   be to compromise AWS resources if the compliance issue is detected.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/StandardsControl AWS API Documentation
+    #
+    class StandardsControl < Struct.new(
+      :standards_control_arn,
+      :control_status,
+      :disabled_reason,
+      :control_status_updated_at,
+      :control_id,
+      :title,
+      :description,
+      :remediation_url,
+      :severity_rating)
+      include Aws::Structure
+    end
+
     # A resource that represents your subscription to a supported standard.
     #
     # @!attribute [rw] standards_subscription_arn
@@ -7879,5 +7993,40 @@ module Aws::SecurityHub
     #
     class UpdateInsightResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass UpdateStandardsControlRequest
+    #   data as a hash:
+    #
+    #       {
+    #         standards_control_arn: "NonEmptyString", # required
+    #         control_status: "ENABLED", # accepts ENABLED, DISABLED
+    #         disabled_reason: "NonEmptyString",
+    #       }
+    #
+    # @!attribute [rw] standards_control_arn
+    #   The ARN of the compliance standard control to enable or disable.
+    #   @return [String]
+    #
+    # @!attribute [rw] control_status
+    #   The updated status of the compliance standard control.
+    #   @return [String]
+    #
+    # @!attribute [rw] disabled_reason
+    #   A description of the reason why you are disabling a compliance
+    #   standard control.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateStandardsControlRequest AWS API Documentation
+    #
+    class UpdateStandardsControlRequest < Struct.new(
+      :standards_control_arn,
+      :control_status,
+      :disabled_reason)
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateStandardsControlResponse AWS API Documentation
+    #
+    class UpdateStandardsControlResponse < Aws::EmptyStructure; end
+
   end
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securityhub
 version: !ruby/object:Gem::Version
-  version: 1.15.0
+  version: 1.16.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-20 00:00:00.000000000 Z
+date: 2020-01-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core