aws-sdk-securityhub 1.29.0 → 1.30.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5b1c213116fd58753462c0bff98e78e5b74383a849ac2eda8fd6c4b05f62eb3f
-  data.tar.gz: aa722846c14b23622e42ecdfd3942dbcfeac1ccd362b3280989df7e3d7da510a
+  metadata.gz: e113e432d072a8784177a2a631a9a01910de8fd81d8ec2bb2d4b80058abc9a93
+  data.tar.gz: c6f41f7d6a1081ac9184c9d4a05c193a4a235fd41f9e4c6ebaf0ec0366041db3
 SHA512:
-  metadata.gz: 1252127a234fc0da8796a2fe30430cfa4fb4660da81bd0f6e562e58cd02d51c9ec46280b9349cf554ab1ded5cb58422e06f8ad0d069b67a929213ff414905b1a
-  data.tar.gz: 1b3ccba2e4bc1851d468281d5cb955703f6e9672a0b7585c96a6b3709641ed5f9654febcb3a39912aa02c0aa0c52f219053777fd60677a88d30629f1c87d9d2a
+  metadata.gz: b97269742a9ab024e24b45ffe9546edb0ccc71e3cd283c3a306081794c3212b7fded050fb1168adabfe6d0002f256bc5f160f1a666e9e502f4645cbfc740a65c
+  data.tar.gz: 5afbfd120e4ede0825db6a175134b26003363f8d153cab2e26bece813bbd820fdeb872e6dfb313b481d89f42bd938ec20e4982ef0b4bdb11f17a4d3cd591d590

data/lib/aws-sdk-securityhub.rb

@@ -47,6 +47,6 @@ require_relative 'aws-sdk-securityhub/customizations'
 # @service
 module Aws::SecurityHub
 
-  GEM_VERSION = '1.29.0'
+  GEM_VERSION = '1.30.0'
 
 end

data/lib/aws-sdk-securityhub/client.rb

@@ -2191,6 +2191,7 @@ module Aws::SecurityHub
     #
     #   * {Types::DescribeHubResponse#hub_arn #hub_arn} => String
     #   * {Types::DescribeHubResponse#subscribed_at #subscribed_at} => String
+    #   * {Types::DescribeHubResponse#auto_enable_controls #auto_enable_controls} => Boolean
     #
     # @example Request syntax with placeholder values
     #
@@ -2202,6 +2203,7 @@ module Aws::SecurityHub
     #
     #   resp.hub_arn #=> String
     #   resp.subscribed_at #=> String
+    #   resp.auto_enable_controls #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeHub AWS API Documentation
     #
@@ -2618,6 +2620,10 @@ module Aws::SecurityHub
     #   The finding attributes used to define a condition to filter the
     #   returned findings.
     #
+    #   Note that in the available filter fields, `WorkflowState` is
+    #   deprecated. To search for a finding based on its workflow status, use
+    #   `WorkflowStatus`.
+    #
     # @option params [Array<Types::SortCriterion>] :sort_criteria
     #   The finding attributes used to sort the list of returned findings.
     #
@@ -5549,6 +5555,33 @@ module Aws::SecurityHub
       req.send_request(options)
     end
 
+    # Updates configuration options for Security Hub.
+    #
+    # @option params [Boolean] :auto_enable_controls
+    #   Whether to automatically enable new controls when they are added to
+    #   standards that are enabled.
+    #
+    #   By default, this is set to `true`, and new controls are enabled
+    #   automatically. To not automatically enable new controls, set this to
+    #   `false`.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_security_hub_configuration({
+    #     auto_enable_controls: false,
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityHubConfiguration AWS API Documentation
+    #
+    # @overload update_security_hub_configuration(params = {})
+    # @param [Hash] params ({})
+    def update_security_hub_configuration(params = {}, options = {})
+      req = build_request(:update_security_hub_configuration, params)
+      req.send_request(options)
+    end
+
     # Used to control whether an individual security standard control is
     # enabled or disabled.
     #
@@ -5594,7 +5627,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.29.0'
+      context[:gem_version] = '1.30.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-securityhub/client_api.rb

@@ -305,6 +305,8 @@ module Aws::SecurityHub
     UpdateFindingsResponse = Shapes::StructureShape.new(name: 'UpdateFindingsResponse')
     UpdateInsightRequest = Shapes::StructureShape.new(name: 'UpdateInsightRequest')
     UpdateInsightResponse = Shapes::StructureShape.new(name: 'UpdateInsightResponse')
+    UpdateSecurityHubConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationRequest')
+    UpdateSecurityHubConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationResponse')
     UpdateStandardsControlRequest = Shapes::StructureShape.new(name: 'UpdateStandardsControlRequest')
     UpdateStandardsControlResponse = Shapes::StructureShape.new(name: 'UpdateStandardsControlResponse')
     VerificationState = Shapes::StringShape.new(name: 'VerificationState')
@@ -1009,6 +1011,7 @@ module Aws::SecurityHub
 
     DescribeHubResponse.add_member(:hub_arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "HubArn"))
     DescribeHubResponse.add_member(:subscribed_at, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SubscribedAt"))
+    DescribeHubResponse.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
     DescribeHubResponse.struct_class = Types::DescribeHubResponse
 
     DescribeProductsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
@@ -1531,6 +1534,11 @@ module Aws::SecurityHub
 
     UpdateInsightResponse.struct_class = Types::UpdateInsightResponse
 
+    UpdateSecurityHubConfigurationRequest.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
+    UpdateSecurityHubConfigurationRequest.struct_class = Types::UpdateSecurityHubConfigurationRequest
+
+    UpdateSecurityHubConfigurationResponse.struct_class = Types::UpdateSecurityHubConfigurationResponse
+
     UpdateStandardsControlRequest.add_member(:standards_control_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location: "uri", location_name: "StandardsControlArn"))
     UpdateStandardsControlRequest.add_member(:control_status, Shapes::ShapeRef.new(shape: ControlStatus, location_name: "ControlStatus"))
     UpdateStandardsControlRequest.add_member(:disabled_reason, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DisabledReason"))
@@ -2158,6 +2166,19 @@ module Aws::SecurityHub
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
       end)
 
+      api.add_operation(:update_security_hub_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "UpdateSecurityHubConfiguration"
+        o.http_method = "PATCH"
+        o.http_request_uri = "/accounts"
+        o.input = Shapes::ShapeRef.new(shape: UpdateSecurityHubConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: UpdateSecurityHubConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: InternalException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+      end)
+
       api.add_operation(:update_standards_control, Seahorse::Model::Operation.new.tap do |o|
         o.name = "UpdateStandardsControl"
         o.http_method = "PATCH"

data/lib/aws-sdk-securityhub/types.rb

@@ -4501,6 +4501,9 @@ module Aws::SecurityHub
     #
     # @!attribute [rw] workflow_state
     #   The workflow state of a finding.
+    #
+    #   Note that this field is deprecated. To search for a finding based on
+    #   its workflow status, use `WorkflowStatus`.
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] workflow_status
@@ -7002,11 +7005,21 @@ module Aws::SecurityHub
     #   The date and time when Security Hub was enabled in the account.
     #   @return [String]
     #
+    # @!attribute [rw] auto_enable_controls
+    #   Whether to automatically enable new controls when they are added to
+    #   standards that are enabled.
+    #
+    #   If set to `true`, then new controls for enabled standards are
+    #   enabled automatically. If set to `false`, then new controls are not
+    #   enabled.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeHubResponse AWS API Documentation
     #
     class DescribeHubResponse < Struct.new(
       :hub_arn,
-      :subscribed_at)
+      :subscribed_at,
+      :auto_enable_controls)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7924,6 +7937,10 @@ module Aws::SecurityHub
     # @!attribute [rw] filters
     #   The finding attributes used to define a condition to filter the
     #   returned findings.
+    #
+    #   Note that in the available filter fields, `WorkflowState` is
+    #   deprecated. To search for a finding based on its workflow status,
+    #   use `WorkflowStatus`.
     #   @return [Types::AwsSecurityFindingFilters]
     #
     # @!attribute [rw] sort_criteria
@@ -10478,6 +10495,16 @@ module Aws::SecurityHub
 
     # The severity of the finding.
     #
+    # The finding provider can provide the initial severity, but cannot
+    # update it after that. The severity can only be updated by a master
+    # account. It cannot be updated by a member account.
+    #
+    # The finding must have either `Label` or `Normalized` populated. If
+    # only one of these attributes is populated, then Security Hub
+    # automatically populates the other one. If neither attribute is
+    # populated, then the finding is invalid. `Label` is the preferred
+    # attribute.
+    #
     # @note When making an API call, you may pass Severity
     #   data as a hash:
     #
@@ -10510,14 +10537,9 @@ module Aws::SecurityHub
     #
     #   * `CRITICAL` - The issue must be remediated immediately to avoid it
     #     escalating.
-    #   @return [String]
     #
-    # @!attribute [rw] normalized
-    #   Deprecated. This attribute is being deprecated. Instead of providing
-    #   `Normalized`, provide `Label`.
-    #
-    #   If you provide `Normalized` and do not provide `Label`, `Label` is
-    #   set automatically as follows.
+    #   If you provide `Normalized` and do not provide `Label`, then `Label`
+    #   is set automatically as follows.
     #
     #   * 0 - `INFORMATIONAL`
     #
@@ -10528,6 +10550,25 @@ module Aws::SecurityHub
     #   * 70–89 - `HIGH`
     #
     #   * 90–100 - `CRITICAL`
+    #   @return [String]
+    #
+    # @!attribute [rw] normalized
+    #   Deprecated. The normalized severity of a finding. This attribute is
+    #   being deprecated. Instead of providing `Normalized`, provide
+    #   `Label`.
+    #
+    #   If you provide `Label` and do not provide `Normalized`, then
+    #   `Normalized` is set automatically as follows.
+    #
+    #   * `INFORMATIONAL` - 0
+    #
+    #   * `LOW` - 1
+    #
+    #   * `MEDIUM` - 40
+    #
+    #   * `HIGH` - 70
+    #
+    #   * `CRITICAL` - 90
     #   @return [Integer]
     #
     # @!attribute [rw] original
@@ -12240,6 +12281,34 @@ module Aws::SecurityHub
     #
     class UpdateInsightResponse < Aws::EmptyStructure; end
 
+    # @note When making an API call, you may pass UpdateSecurityHubConfigurationRequest
+    #   data as a hash:
+    #
+    #       {
+    #         auto_enable_controls: false,
+    #       }
+    #
+    # @!attribute [rw] auto_enable_controls
+    #   Whether to automatically enable new controls when they are added to
+    #   standards that are enabled.
+    #
+    #   By default, this is set to `true`, and new controls are enabled
+    #   automatically. To not automatically enable new controls, set this to
+    #   `false`.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityHubConfigurationRequest AWS API Documentation
+    #
+    class UpdateSecurityHubConfigurationRequest < Struct.new(
+      :auto_enable_controls)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateSecurityHubConfigurationResponse AWS API Documentation
+    #
+    class UpdateSecurityHubConfigurationResponse < Aws::EmptyStructure; end
+
     # @note When making an API call, you may pass UpdateStandardsControlRequest
     #   data as a hash:
     #

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securityhub
 version: !ruby/object:Gem::Version
-  version: 1.29.0
+  version: 1.30.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-07-01 00:00:00.000000000 Z
+date: 2020-07-28 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core