aws-sdk-securityhub 1.35.0 → 1.36.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +231 -30
- data/lib/aws-sdk-securityhub/client_api.rb +123 -7
- data/lib/aws-sdk-securityhub/types.rb +194 -16
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: dfd2b4dd950ff3c25ffe4aa522baa557f0e9b09f17eb33f4d8b28390d478e8e9
|
4
|
+
data.tar.gz: 86aa091badb2a21ef8ff863b04aeb46648c99e0c682923f8d5380a655c4978ed
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 3c8d78f445024a95159b48fb25c611bc089179fa9e76acba2cf14293b56f0eb354448ebf2586540b98f16420e9ba13150e6b4a9205adb574e43470e0362e77ae
|
7
|
+
data.tar.gz: 7be711077e56e1bdb730542a70eab2b5036eb5ad04ebcf707b3977608264365df7a27473a0543a21adeab03bc9a889bed5efd6705e2371d717c3d256aabe69af
|
data/lib/aws-sdk-securityhub.rb
CHANGED
@@ -330,6 +330,9 @@ module Aws::SecurityHub
|
|
330
330
|
# Accepts the invitation to be a member account and be monitored by the
|
331
331
|
# Security Hub master account that the invitation was sent from.
|
332
332
|
#
|
333
|
+
# This operation is only used by member accounts that are not added
|
334
|
+
# through Organizations.
|
335
|
+
#
|
333
336
|
# When the member account accepts the invitation, permission is granted
|
334
337
|
# to the master account to view findings generated in the member
|
335
338
|
# account.
|
@@ -2854,29 +2857,48 @@ module Aws::SecurityHub
|
|
2854
2857
|
|
2855
2858
|
# Creates a member association in Security Hub between the specified
|
2856
2859
|
# accounts and the account used to make the request, which is the master
|
2857
|
-
# account.
|
2858
|
-
#
|
2859
|
-
#
|
2860
|
+
# account. If you are integrated with Organizations, then the master
|
2861
|
+
# account is the Security Hub administrator account that is designated
|
2862
|
+
# by the organization management account.
|
2863
|
+
#
|
2864
|
+
# `CreateMembers` is always used to add accounts that are not
|
2865
|
+
# organization members.
|
2866
|
+
#
|
2867
|
+
# For accounts that are part of an organization, `CreateMembers` is only
|
2868
|
+
# used in the following cases:
|
2869
|
+
#
|
2870
|
+
# * Security Hub is not configured to automatically add new accounts in
|
2871
|
+
# an organization.
|
2872
|
+
#
|
2873
|
+
# * The account was disassociated or deleted in Security Hub.
|
2874
|
+
#
|
2875
|
+
# This action can only be used by an account that has Security Hub
|
2876
|
+
# enabled. To enable Security Hub, you can use the ` EnableSecurityHub `
|
2877
|
+
# operation.
|
2860
2878
|
#
|
2861
|
-
#
|
2862
|
-
#
|
2863
|
-
# the
|
2864
|
-
#
|
2879
|
+
# For accounts that are not organization members, you create the account
|
2880
|
+
# association and then send an invitation to the member account. To send
|
2881
|
+
# the invitation, you use the ` InviteMembers ` operation. If the
|
2882
|
+
# account owner accepts the invitation, the account becomes a member
|
2883
|
+
# account in Security Hub.
|
2865
2884
|
#
|
2866
|
-
#
|
2867
|
-
#
|
2868
|
-
#
|
2869
|
-
#
|
2870
|
-
#
|
2885
|
+
# Accounts that are part of an organization do not receive an
|
2886
|
+
# invitation. They automatically become a member account in Security
|
2887
|
+
# Hub.
|
2888
|
+
#
|
2889
|
+
# A permissions policy is added that permits the master account to view
|
2890
|
+
# the findings generated in the member account. When Security Hub is
|
2891
|
+
# enabled in a member account, findings are sent to both the member and
|
2892
|
+
# master accounts.
|
2871
2893
|
#
|
2872
2894
|
# To remove the association between the master and member accounts, use
|
2873
2895
|
# the ` DisassociateFromMasterAccount ` or ` DisassociateMembers `
|
2874
2896
|
# operation.
|
2875
2897
|
#
|
2876
|
-
# @option params [Array<Types::AccountDetails>] :account_details
|
2898
|
+
# @option params [required, Array<Types::AccountDetails>] :account_details
|
2877
2899
|
# The list of accounts to associate with the Security Hub master
|
2878
|
-
# account. For each account, the list includes the account ID and
|
2879
|
-
# email address.
|
2900
|
+
# account. For each account, the list includes the account ID and
|
2901
|
+
# optionally the email address.
|
2880
2902
|
#
|
2881
2903
|
# @return [Types::CreateMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
2882
2904
|
#
|
@@ -2885,9 +2907,9 @@ module Aws::SecurityHub
|
|
2885
2907
|
# @example Request syntax with placeholder values
|
2886
2908
|
#
|
2887
2909
|
# resp = client.create_members({
|
2888
|
-
# account_details: [
|
2910
|
+
# account_details: [ # required
|
2889
2911
|
# {
|
2890
|
-
# account_id: "AccountId",
|
2912
|
+
# account_id: "AccountId", # required
|
2891
2913
|
# email: "NonEmptyString",
|
2892
2914
|
# },
|
2893
2915
|
# ],
|
@@ -2910,6 +2932,9 @@ module Aws::SecurityHub
|
|
2910
2932
|
|
2911
2933
|
# Declines invitations to become a member account.
|
2912
2934
|
#
|
2935
|
+
# This operation is only used by accounts that are not part of an
|
2936
|
+
# organization. Organization accounts do not receive invitations.
|
2937
|
+
#
|
2913
2938
|
# @option params [required, Array<String>] :account_ids
|
2914
2939
|
# The list of account IDs for the accounts from which to decline the
|
2915
2940
|
# invitations to Security Hub.
|
@@ -3002,6 +3027,9 @@ module Aws::SecurityHub
|
|
3002
3027
|
# Deletes invitations received by the AWS account to become a member
|
3003
3028
|
# account.
|
3004
3029
|
#
|
3030
|
+
# This operation is only used by accounts that are not part of an
|
3031
|
+
# organization. Organization accounts do not receive invitations.
|
3032
|
+
#
|
3005
3033
|
# @option params [required, Array<String>] :account_ids
|
3006
3034
|
# The list of the account IDs that sent the invitations to delete.
|
3007
3035
|
#
|
@@ -3032,7 +3060,10 @@ module Aws::SecurityHub
|
|
3032
3060
|
|
3033
3061
|
# Deletes the specified member accounts from Security Hub.
|
3034
3062
|
#
|
3035
|
-
#
|
3063
|
+
# Can be used to delete member accounts that belong to an organization
|
3064
|
+
# as well as member accounts that were invited manually.
|
3065
|
+
#
|
3066
|
+
# @option params [required, Array<String>] :account_ids
|
3036
3067
|
# The list of account IDs for the member accounts to delete.
|
3037
3068
|
#
|
3038
3069
|
# @return [Types::DeleteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
@@ -3042,7 +3073,7 @@ module Aws::SecurityHub
|
|
3042
3073
|
# @example Request syntax with placeholder values
|
3043
3074
|
#
|
3044
3075
|
# resp = client.delete_members({
|
3045
|
-
# account_ids: ["NonEmptyString"],
|
3076
|
+
# account_ids: ["NonEmptyString"], # required
|
3046
3077
|
# })
|
3047
3078
|
#
|
3048
3079
|
# @example Response structure
|
@@ -3144,6 +3175,28 @@ module Aws::SecurityHub
|
|
3144
3175
|
req.send_request(options)
|
3145
3176
|
end
|
3146
3177
|
|
3178
|
+
# Returns information about the Organizations configuration for Security
|
3179
|
+
# Hub. Can only be called from a Security Hub administrator account.
|
3180
|
+
#
|
3181
|
+
# @return [Types::DescribeOrganizationConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
3182
|
+
#
|
3183
|
+
# * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
|
3184
|
+
# * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
|
3185
|
+
#
|
3186
|
+
# @example Response structure
|
3187
|
+
#
|
3188
|
+
# resp.auto_enable #=> Boolean
|
3189
|
+
# resp.member_account_limit_reached #=> Boolean
|
3190
|
+
#
|
3191
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
|
3192
|
+
#
|
3193
|
+
# @overload describe_organization_configuration(params = {})
|
3194
|
+
# @param [Hash] params ({})
|
3195
|
+
def describe_organization_configuration(params = {}, options = {})
|
3196
|
+
req = build_request(:describe_organization_configuration, params)
|
3197
|
+
req.send_request(options)
|
3198
|
+
end
|
3199
|
+
|
3147
3200
|
# Returns information about the available products that you can
|
3148
3201
|
# subscribe to and integrate with Security Hub in order to consolidate
|
3149
3202
|
# findings.
|
@@ -3256,7 +3309,8 @@ module Aws::SecurityHub
|
|
3256
3309
|
#
|
3257
3310
|
# @option params [required, String] :standards_subscription_arn
|
3258
3311
|
# The ARN of a resource that represents your subscription to a supported
|
3259
|
-
# standard.
|
3312
|
+
# standard. To get the subscription ARNs of the standards you have
|
3313
|
+
# enabled, use the ` GetEnabledStandards ` operation.
|
3260
3314
|
#
|
3261
3315
|
# @option params [String] :next_token
|
3262
3316
|
# The token that is required for pagination. On your first call to the
|
@@ -3334,6 +3388,29 @@ module Aws::SecurityHub
|
|
3334
3388
|
req.send_request(options)
|
3335
3389
|
end
|
3336
3390
|
|
3391
|
+
# Disables a Security Hub administrator account. Can only be called by
|
3392
|
+
# the organization management account.
|
3393
|
+
#
|
3394
|
+
# @option params [required, String] :admin_account_id
|
3395
|
+
# The AWS account identifier of the Security Hub administrator account.
|
3396
|
+
#
|
3397
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3398
|
+
#
|
3399
|
+
# @example Request syntax with placeholder values
|
3400
|
+
#
|
3401
|
+
# resp = client.disable_organization_admin_account({
|
3402
|
+
# admin_account_id: "NonEmptyString", # required
|
3403
|
+
# })
|
3404
|
+
#
|
3405
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccount AWS API Documentation
|
3406
|
+
#
|
3407
|
+
# @overload disable_organization_admin_account(params = {})
|
3408
|
+
# @param [Hash] params ({})
|
3409
|
+
def disable_organization_admin_account(params = {}, options = {})
|
3410
|
+
req = build_request(:disable_organization_admin_account, params)
|
3411
|
+
req.send_request(options)
|
3412
|
+
end
|
3413
|
+
|
3337
3414
|
# Disables Security Hub in your account only in the current Region. To
|
3338
3415
|
# disable Security Hub in all Regions, you must submit one request per
|
3339
3416
|
# Region where you have enabled Security Hub.
|
@@ -3363,6 +3440,11 @@ module Aws::SecurityHub
|
|
3363
3440
|
# Disassociates the current Security Hub member account from the
|
3364
3441
|
# associated master account.
|
3365
3442
|
#
|
3443
|
+
# This operation is only used by accounts that are not part of an
|
3444
|
+
# organization. For organization accounts, only the master account (the
|
3445
|
+
# designated Security Hub administrator) can disassociate a member
|
3446
|
+
# account.
|
3447
|
+
#
|
3366
3448
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3367
3449
|
#
|
3368
3450
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateFromMasterAccount AWS API Documentation
|
@@ -3377,7 +3459,10 @@ module Aws::SecurityHub
|
|
3377
3459
|
# Disassociates the specified member accounts from the associated master
|
3378
3460
|
# account.
|
3379
3461
|
#
|
3380
|
-
#
|
3462
|
+
# Can be used to disassociate both accounts that are in an organization
|
3463
|
+
# and accounts that were invited manually.
|
3464
|
+
#
|
3465
|
+
# @option params [required, Array<String>] :account_ids
|
3381
3466
|
# The account IDs of the member accounts to disassociate from the master
|
3382
3467
|
# account.
|
3383
3468
|
#
|
@@ -3386,7 +3471,7 @@ module Aws::SecurityHub
|
|
3386
3471
|
# @example Request syntax with placeholder values
|
3387
3472
|
#
|
3388
3473
|
# resp = client.disassociate_members({
|
3389
|
-
# account_ids: ["NonEmptyString"],
|
3474
|
+
# account_ids: ["NonEmptyString"], # required
|
3390
3475
|
# })
|
3391
3476
|
#
|
3392
3477
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisassociateMembers AWS API Documentation
|
@@ -3431,6 +3516,30 @@ module Aws::SecurityHub
|
|
3431
3516
|
req.send_request(options)
|
3432
3517
|
end
|
3433
3518
|
|
3519
|
+
# Designates the Security Hub administrator account for an organization.
|
3520
|
+
# Can only be called by the organization management account.
|
3521
|
+
#
|
3522
|
+
# @option params [required, String] :admin_account_id
|
3523
|
+
# The AWS account identifier of the account to designate as the Security
|
3524
|
+
# Hub administrator account.
|
3525
|
+
#
|
3526
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
3527
|
+
#
|
3528
|
+
# @example Request syntax with placeholder values
|
3529
|
+
#
|
3530
|
+
# resp = client.enable_organization_admin_account({
|
3531
|
+
# admin_account_id: "NonEmptyString", # required
|
3532
|
+
# })
|
3533
|
+
#
|
3534
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccount AWS API Documentation
|
3535
|
+
#
|
3536
|
+
# @overload enable_organization_admin_account(params = {})
|
3537
|
+
# @param [Hash] params ({})
|
3538
|
+
def enable_organization_admin_account(params = {}, options = {})
|
3539
|
+
req = build_request(:enable_organization_admin_account, params)
|
3540
|
+
req.send_request(options)
|
3541
|
+
end
|
3542
|
+
|
3434
3543
|
# Enables Security Hub for your account in the current Region or the
|
3435
3544
|
# Region you specify in the request.
|
3436
3545
|
#
|
@@ -5586,6 +5695,9 @@ module Aws::SecurityHub
|
|
5586
5695
|
# Provides the details for the Security Hub master account for the
|
5587
5696
|
# current member account.
|
5588
5697
|
#
|
5698
|
+
# Can be used by both member accounts that are in an organization and
|
5699
|
+
# accounts that were invited manually.
|
5700
|
+
#
|
5589
5701
|
# @return [Types::GetMasterAccountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5590
5702
|
#
|
5591
5703
|
# * {Types::GetMasterAccountResponse#master #master} => Types::Invitation
|
@@ -5609,6 +5721,13 @@ module Aws::SecurityHub
|
|
5609
5721
|
# Returns the details for the Security Hub member accounts for the
|
5610
5722
|
# specified account IDs.
|
5611
5723
|
#
|
5724
|
+
# A master account can be either a delegated Security Hub administrator
|
5725
|
+
# account for an organization or a master account that enabled Security
|
5726
|
+
# Hub manually.
|
5727
|
+
#
|
5728
|
+
# The results include both member accounts that are in an organization
|
5729
|
+
# and accounts that were invited manually.
|
5730
|
+
#
|
5612
5731
|
# @option params [required, Array<String>] :account_ids
|
5613
5732
|
# The list of account IDs for the Security Hub member accounts to return
|
5614
5733
|
# the details for.
|
@@ -5649,15 +5768,18 @@ module Aws::SecurityHub
|
|
5649
5768
|
# Invites other AWS accounts to become member accounts for the Security
|
5650
5769
|
# Hub master account that the invitation is sent from.
|
5651
5770
|
#
|
5771
|
+
# This operation is only used to invite accounts that do not belong to
|
5772
|
+
# an organization. Organization accounts do not receive invitations.
|
5773
|
+
#
|
5652
5774
|
# Before you can use this action to invite a member, you must first use
|
5653
5775
|
# the ` CreateMembers ` action to create the member account in Security
|
5654
5776
|
# Hub.
|
5655
5777
|
#
|
5656
|
-
# When the account owner
|
5657
|
-
#
|
5658
|
-
#
|
5778
|
+
# When the account owner enables Security Hub and accepts the invitation
|
5779
|
+
# to become a member account, the master account can view the findings
|
5780
|
+
# generated from the member account.
|
5659
5781
|
#
|
5660
|
-
# @option params [Array<String>] :account_ids
|
5782
|
+
# @option params [required, Array<String>] :account_ids
|
5661
5783
|
# The list of account IDs of the AWS accounts to invite to Security Hub
|
5662
5784
|
# as members.
|
5663
5785
|
#
|
@@ -5668,7 +5790,7 @@ module Aws::SecurityHub
|
|
5668
5790
|
# @example Request syntax with placeholder values
|
5669
5791
|
#
|
5670
5792
|
# resp = client.invite_members({
|
5671
|
-
# account_ids: ["NonEmptyString"],
|
5793
|
+
# account_ids: ["NonEmptyString"], # required
|
5672
5794
|
# })
|
5673
5795
|
#
|
5674
5796
|
# @example Response structure
|
@@ -5733,6 +5855,9 @@ module Aws::SecurityHub
|
|
5733
5855
|
# Lists all Security Hub membership invitations that were sent to the
|
5734
5856
|
# current AWS account.
|
5735
5857
|
#
|
5858
|
+
# This operation is only used by accounts that do not belong to an
|
5859
|
+
# organization. Organization accounts do not receive invitations.
|
5860
|
+
#
|
5736
5861
|
# @option params [Integer] :max_results
|
5737
5862
|
# The maximum number of items to return in the response.
|
5738
5863
|
#
|
@@ -5780,14 +5905,17 @@ module Aws::SecurityHub
|
|
5780
5905
|
# Lists details about all member accounts for the current Security Hub
|
5781
5906
|
# master account.
|
5782
5907
|
#
|
5908
|
+
# The results include both member accounts that belong to an
|
5909
|
+
# organization and member accounts that were invited manually.
|
5910
|
+
#
|
5783
5911
|
# @option params [Boolean] :only_associated
|
5784
5912
|
# Specifies which member accounts to include in the response based on
|
5785
5913
|
# their relationship status with the master account. The default value
|
5786
5914
|
# is `TRUE`.
|
5787
5915
|
#
|
5788
5916
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
5789
|
-
# accounts whose relationship status with the master is set to
|
5790
|
-
#
|
5917
|
+
# accounts whose relationship status with the master is set to
|
5918
|
+
# `ENABLED`.
|
5791
5919
|
#
|
5792
5920
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
5793
5921
|
# existing member accounts.
|
@@ -5838,6 +5966,49 @@ module Aws::SecurityHub
|
|
5838
5966
|
req.send_request(options)
|
5839
5967
|
end
|
5840
5968
|
|
5969
|
+
# Lists the Security Hub administrator accounts. Can only be called by
|
5970
|
+
# the organization management account.
|
5971
|
+
#
|
5972
|
+
# @option params [Integer] :max_results
|
5973
|
+
# The maximum number of items to return in the response.
|
5974
|
+
#
|
5975
|
+
# @option params [String] :next_token
|
5976
|
+
# The token that is required for pagination. On your first call to the
|
5977
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
5978
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
5979
|
+
# continue listing data, set the value of this parameter to the value
|
5980
|
+
# returned from the previous response.
|
5981
|
+
#
|
5982
|
+
# @return [Types::ListOrganizationAdminAccountsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
5983
|
+
#
|
5984
|
+
# * {Types::ListOrganizationAdminAccountsResponse#admin_accounts #admin_accounts} => Array<Types::AdminAccount>
|
5985
|
+
# * {Types::ListOrganizationAdminAccountsResponse#next_token #next_token} => String
|
5986
|
+
#
|
5987
|
+
# The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
|
5988
|
+
#
|
5989
|
+
# @example Request syntax with placeholder values
|
5990
|
+
#
|
5991
|
+
# resp = client.list_organization_admin_accounts({
|
5992
|
+
# max_results: 1,
|
5993
|
+
# next_token: "NextToken",
|
5994
|
+
# })
|
5995
|
+
#
|
5996
|
+
# @example Response structure
|
5997
|
+
#
|
5998
|
+
# resp.admin_accounts #=> Array
|
5999
|
+
# resp.admin_accounts[0].account_id #=> String
|
6000
|
+
# resp.admin_accounts[0].status #=> String, one of "ENABLED", "DISABLE_IN_PROGRESS"
|
6001
|
+
# resp.next_token #=> String
|
6002
|
+
#
|
6003
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccounts AWS API Documentation
|
6004
|
+
#
|
6005
|
+
# @overload list_organization_admin_accounts(params = {})
|
6006
|
+
# @param [Hash] params ({})
|
6007
|
+
def list_organization_admin_accounts(params = {}, options = {})
|
6008
|
+
req = build_request(:list_organization_admin_accounts, params)
|
6009
|
+
req.send_request(options)
|
6010
|
+
end
|
6011
|
+
|
5841
6012
|
# Returns a list of tags associated with a resource.
|
5842
6013
|
#
|
5843
6014
|
# @option params [required, String] :resource_arn
|
@@ -7134,6 +7305,36 @@ module Aws::SecurityHub
|
|
7134
7305
|
req.send_request(options)
|
7135
7306
|
end
|
7136
7307
|
|
7308
|
+
# Used to update the configuration related to Organizations. Can only be
|
7309
|
+
# called from a Security Hub administrator account.
|
7310
|
+
#
|
7311
|
+
# @option params [required, Boolean] :auto_enable
|
7312
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
7313
|
+
# organization.
|
7314
|
+
#
|
7315
|
+
# By default, this is `false`, and new accounts are not added
|
7316
|
+
# automatically.
|
7317
|
+
#
|
7318
|
+
# To automatically enable Security Hub for new accounts, set this to
|
7319
|
+
# `true`.
|
7320
|
+
#
|
7321
|
+
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
7322
|
+
#
|
7323
|
+
# @example Request syntax with placeholder values
|
7324
|
+
#
|
7325
|
+
# resp = client.update_organization_configuration({
|
7326
|
+
# auto_enable: false, # required
|
7327
|
+
# })
|
7328
|
+
#
|
7329
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
|
7330
|
+
#
|
7331
|
+
# @overload update_organization_configuration(params = {})
|
7332
|
+
# @param [Hash] params ({})
|
7333
|
+
def update_organization_configuration(params = {}, options = {})
|
7334
|
+
req = build_request(:update_organization_configuration, params)
|
7335
|
+
req.send_request(options)
|
7336
|
+
end
|
7337
|
+
|
7137
7338
|
# Updates configuration options for Security Hub.
|
7138
7339
|
#
|
7139
7340
|
# @option params [Boolean] :auto_enable_controls
|
@@ -7206,7 +7407,7 @@ module Aws::SecurityHub
|
|
7206
7407
|
params: params,
|
7207
7408
|
config: config)
|
7208
7409
|
context[:gem_name] = 'aws-sdk-securityhub'
|
7209
|
-
context[:gem_version] = '1.
|
7410
|
+
context[:gem_version] = '1.36.0'
|
7210
7411
|
Seahorse::Client::Request.new(handlers, context)
|
7211
7412
|
end
|
7212
7413
|
|
@@ -22,6 +22,10 @@ module Aws::SecurityHub
|
|
22
22
|
AccountIdList = Shapes::ListShape.new(name: 'AccountIdList')
|
23
23
|
ActionTarget = Shapes::StructureShape.new(name: 'ActionTarget')
|
24
24
|
ActionTargetList = Shapes::ListShape.new(name: 'ActionTargetList')
|
25
|
+
AdminAccount = Shapes::StructureShape.new(name: 'AdminAccount')
|
26
|
+
AdminAccounts = Shapes::ListShape.new(name: 'AdminAccounts')
|
27
|
+
AdminStatus = Shapes::StringShape.new(name: 'AdminStatus')
|
28
|
+
AdminsMaxResults = Shapes::IntegerShape.new(name: 'AdminsMaxResults')
|
25
29
|
ArnList = Shapes::ListShape.new(name: 'ArnList')
|
26
30
|
AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
|
27
31
|
AvailabilityZones = Shapes::ListShape.new(name: 'AvailabilityZones')
|
@@ -270,6 +274,7 @@ module Aws::SecurityHub
|
|
270
274
|
CreateInsightResponse = Shapes::StructureShape.new(name: 'CreateInsightResponse')
|
271
275
|
CreateMembersRequest = Shapes::StructureShape.new(name: 'CreateMembersRequest')
|
272
276
|
CreateMembersResponse = Shapes::StructureShape.new(name: 'CreateMembersResponse')
|
277
|
+
CrossAccountMaxResults = Shapes::IntegerShape.new(name: 'CrossAccountMaxResults')
|
273
278
|
Cvss = Shapes::StructureShape.new(name: 'Cvss')
|
274
279
|
CvssList = Shapes::ListShape.new(name: 'CvssList')
|
275
280
|
DateFilter = Shapes::StructureShape.new(name: 'DateFilter')
|
@@ -290,6 +295,8 @@ module Aws::SecurityHub
|
|
290
295
|
DescribeActionTargetsResponse = Shapes::StructureShape.new(name: 'DescribeActionTargetsResponse')
|
291
296
|
DescribeHubRequest = Shapes::StructureShape.new(name: 'DescribeHubRequest')
|
292
297
|
DescribeHubResponse = Shapes::StructureShape.new(name: 'DescribeHubResponse')
|
298
|
+
DescribeOrganizationConfigurationRequest = Shapes::StructureShape.new(name: 'DescribeOrganizationConfigurationRequest')
|
299
|
+
DescribeOrganizationConfigurationResponse = Shapes::StructureShape.new(name: 'DescribeOrganizationConfigurationResponse')
|
293
300
|
DescribeProductsRequest = Shapes::StructureShape.new(name: 'DescribeProductsRequest')
|
294
301
|
DescribeProductsResponse = Shapes::StructureShape.new(name: 'DescribeProductsResponse')
|
295
302
|
DescribeStandardsControlsRequest = Shapes::StructureShape.new(name: 'DescribeStandardsControlsRequest')
|
@@ -298,6 +305,8 @@ module Aws::SecurityHub
|
|
298
305
|
DescribeStandardsResponse = Shapes::StructureShape.new(name: 'DescribeStandardsResponse')
|
299
306
|
DisableImportFindingsForProductRequest = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductRequest')
|
300
307
|
DisableImportFindingsForProductResponse = Shapes::StructureShape.new(name: 'DisableImportFindingsForProductResponse')
|
308
|
+
DisableOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'DisableOrganizationAdminAccountRequest')
|
309
|
+
DisableOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'DisableOrganizationAdminAccountResponse')
|
301
310
|
DisableSecurityHubRequest = Shapes::StructureShape.new(name: 'DisableSecurityHubRequest')
|
302
311
|
DisableSecurityHubResponse = Shapes::StructureShape.new(name: 'DisableSecurityHubResponse')
|
303
312
|
DisassociateFromMasterAccountRequest = Shapes::StructureShape.new(name: 'DisassociateFromMasterAccountRequest')
|
@@ -307,6 +316,8 @@ module Aws::SecurityHub
|
|
307
316
|
Double = Shapes::FloatShape.new(name: 'Double')
|
308
317
|
EnableImportFindingsForProductRequest = Shapes::StructureShape.new(name: 'EnableImportFindingsForProductRequest')
|
309
318
|
EnableImportFindingsForProductResponse = Shapes::StructureShape.new(name: 'EnableImportFindingsForProductResponse')
|
319
|
+
EnableOrganizationAdminAccountRequest = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountRequest')
|
320
|
+
EnableOrganizationAdminAccountResponse = Shapes::StructureShape.new(name: 'EnableOrganizationAdminAccountResponse')
|
310
321
|
EnableSecurityHubRequest = Shapes::StructureShape.new(name: 'EnableSecurityHubRequest')
|
311
322
|
EnableSecurityHubResponse = Shapes::StructureShape.new(name: 'EnableSecurityHubResponse')
|
312
323
|
FieldMap = Shapes::MapShape.new(name: 'FieldMap')
|
@@ -354,6 +365,8 @@ module Aws::SecurityHub
|
|
354
365
|
ListInvitationsResponse = Shapes::StructureShape.new(name: 'ListInvitationsResponse')
|
355
366
|
ListMembersRequest = Shapes::StructureShape.new(name: 'ListMembersRequest')
|
356
367
|
ListMembersResponse = Shapes::StructureShape.new(name: 'ListMembersResponse')
|
368
|
+
ListOrganizationAdminAccountsRequest = Shapes::StructureShape.new(name: 'ListOrganizationAdminAccountsRequest')
|
369
|
+
ListOrganizationAdminAccountsResponse = Shapes::StructureShape.new(name: 'ListOrganizationAdminAccountsResponse')
|
357
370
|
ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
|
358
371
|
ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
|
359
372
|
LoadBalancerState = Shapes::StructureShape.new(name: 'LoadBalancerState')
|
@@ -452,6 +465,8 @@ module Aws::SecurityHub
|
|
452
465
|
UpdateFindingsResponse = Shapes::StructureShape.new(name: 'UpdateFindingsResponse')
|
453
466
|
UpdateInsightRequest = Shapes::StructureShape.new(name: 'UpdateInsightRequest')
|
454
467
|
UpdateInsightResponse = Shapes::StructureShape.new(name: 'UpdateInsightResponse')
|
468
|
+
UpdateOrganizationConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateOrganizationConfigurationRequest')
|
469
|
+
UpdateOrganizationConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateOrganizationConfigurationResponse')
|
455
470
|
UpdateSecurityHubConfigurationRequest = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationRequest')
|
456
471
|
UpdateSecurityHubConfigurationResponse = Shapes::StructureShape.new(name: 'UpdateSecurityHubConfigurationResponse')
|
457
472
|
UpdateStandardsControlRequest = Shapes::StructureShape.new(name: 'UpdateStandardsControlRequest')
|
@@ -479,7 +494,7 @@ module Aws::SecurityHub
|
|
479
494
|
AccessDeniedException.add_member(:code, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Code"))
|
480
495
|
AccessDeniedException.struct_class = Types::AccessDeniedException
|
481
496
|
|
482
|
-
AccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, location_name: "AccountId"))
|
497
|
+
AccountDetails.add_member(:account_id, Shapes::ShapeRef.new(shape: AccountId, required: true, location_name: "AccountId"))
|
483
498
|
AccountDetails.add_member(:email, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Email"))
|
484
499
|
AccountDetails.struct_class = Types::AccountDetails
|
485
500
|
|
@@ -494,6 +509,12 @@ module Aws::SecurityHub
|
|
494
509
|
|
495
510
|
ActionTargetList.member = Shapes::ShapeRef.new(shape: ActionTarget)
|
496
511
|
|
512
|
+
AdminAccount.add_member(:account_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "AccountId"))
|
513
|
+
AdminAccount.add_member(:status, Shapes::ShapeRef.new(shape: AdminStatus, location_name: "Status"))
|
514
|
+
AdminAccount.struct_class = Types::AdminAccount
|
515
|
+
|
516
|
+
AdminAccounts.member = Shapes::ShapeRef.new(shape: AdminAccount)
|
517
|
+
|
497
518
|
ArnList.member = Shapes::ShapeRef.new(shape: NonEmptyString)
|
498
519
|
|
499
520
|
AvailabilityZone.add_member(:zone_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ZoneName"))
|
@@ -1985,7 +2006,7 @@ module Aws::SecurityHub
|
|
1985
2006
|
CreateInsightResponse.add_member(:insight_arn, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "InsightArn"))
|
1986
2007
|
CreateInsightResponse.struct_class = Types::CreateInsightResponse
|
1987
2008
|
|
1988
|
-
CreateMembersRequest.add_member(:account_details, Shapes::ShapeRef.new(shape: AccountDetailsList, location_name: "AccountDetails"))
|
2009
|
+
CreateMembersRequest.add_member(:account_details, Shapes::ShapeRef.new(shape: AccountDetailsList, required: true, location_name: "AccountDetails"))
|
1989
2010
|
CreateMembersRequest.struct_class = Types::CreateMembersRequest
|
1990
2011
|
|
1991
2012
|
CreateMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2033,7 +2054,7 @@ module Aws::SecurityHub
|
|
2033
2054
|
DeleteInvitationsResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
2034
2055
|
DeleteInvitationsResponse.struct_class = Types::DeleteInvitationsResponse
|
2035
2056
|
|
2036
|
-
DeleteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2057
|
+
DeleteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2037
2058
|
DeleteMembersRequest.struct_class = Types::DeleteMembersRequest
|
2038
2059
|
|
2039
2060
|
DeleteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2056,6 +2077,12 @@ module Aws::SecurityHub
|
|
2056
2077
|
DescribeHubResponse.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
|
2057
2078
|
DescribeHubResponse.struct_class = Types::DescribeHubResponse
|
2058
2079
|
|
2080
|
+
DescribeOrganizationConfigurationRequest.struct_class = Types::DescribeOrganizationConfigurationRequest
|
2081
|
+
|
2082
|
+
DescribeOrganizationConfigurationResponse.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnable"))
|
2083
|
+
DescribeOrganizationConfigurationResponse.add_member(:member_account_limit_reached, Shapes::ShapeRef.new(shape: Boolean, location_name: "MemberAccountLimitReached"))
|
2084
|
+
DescribeOrganizationConfigurationResponse.struct_class = Types::DescribeOrganizationConfigurationResponse
|
2085
|
+
|
2059
2086
|
DescribeProductsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2060
2087
|
DescribeProductsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: MaxResults, location: "querystring", location_name: "MaxResults"))
|
2061
2088
|
DescribeProductsRequest.struct_class = Types::DescribeProductsRequest
|
@@ -2086,6 +2113,11 @@ module Aws::SecurityHub
|
|
2086
2113
|
|
2087
2114
|
DisableImportFindingsForProductResponse.struct_class = Types::DisableImportFindingsForProductResponse
|
2088
2115
|
|
2116
|
+
DisableOrganizationAdminAccountRequest.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AdminAccountId"))
|
2117
|
+
DisableOrganizationAdminAccountRequest.struct_class = Types::DisableOrganizationAdminAccountRequest
|
2118
|
+
|
2119
|
+
DisableOrganizationAdminAccountResponse.struct_class = Types::DisableOrganizationAdminAccountResponse
|
2120
|
+
|
2089
2121
|
DisableSecurityHubRequest.struct_class = Types::DisableSecurityHubRequest
|
2090
2122
|
|
2091
2123
|
DisableSecurityHubResponse.struct_class = Types::DisableSecurityHubResponse
|
@@ -2094,7 +2126,7 @@ module Aws::SecurityHub
|
|
2094
2126
|
|
2095
2127
|
DisassociateFromMasterAccountResponse.struct_class = Types::DisassociateFromMasterAccountResponse
|
2096
2128
|
|
2097
|
-
DisassociateMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2129
|
+
DisassociateMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2098
2130
|
DisassociateMembersRequest.struct_class = Types::DisassociateMembersRequest
|
2099
2131
|
|
2100
2132
|
DisassociateMembersResponse.struct_class = Types::DisassociateMembersResponse
|
@@ -2105,6 +2137,11 @@ module Aws::SecurityHub
|
|
2105
2137
|
EnableImportFindingsForProductResponse.add_member(:product_subscription_arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ProductSubscriptionArn"))
|
2106
2138
|
EnableImportFindingsForProductResponse.struct_class = Types::EnableImportFindingsForProductResponse
|
2107
2139
|
|
2140
|
+
EnableOrganizationAdminAccountRequest.add_member(:admin_account_id, Shapes::ShapeRef.new(shape: NonEmptyString, required: true, location_name: "AdminAccountId"))
|
2141
|
+
EnableOrganizationAdminAccountRequest.struct_class = Types::EnableOrganizationAdminAccountRequest
|
2142
|
+
|
2143
|
+
EnableOrganizationAdminAccountResponse.struct_class = Types::EnableOrganizationAdminAccountResponse
|
2144
|
+
|
2108
2145
|
EnableSecurityHubRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "Tags"))
|
2109
2146
|
EnableSecurityHubRequest.add_member(:enable_default_standards, Shapes::ShapeRef.new(shape: Boolean, location_name: "EnableDefaultStandards"))
|
2110
2147
|
EnableSecurityHubRequest.struct_class = Types::EnableSecurityHubRequest
|
@@ -2213,7 +2250,7 @@ module Aws::SecurityHub
|
|
2213
2250
|
|
2214
2251
|
InvitationList.member = Shapes::ShapeRef.new(shape: Invitation)
|
2215
2252
|
|
2216
|
-
InviteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, location_name: "AccountIds"))
|
2253
|
+
InviteMembersRequest.add_member(:account_ids, Shapes::ShapeRef.new(shape: AccountIdList, required: true, location_name: "AccountIds"))
|
2217
2254
|
InviteMembersRequest.struct_class = Types::InviteMembersRequest
|
2218
2255
|
|
2219
2256
|
InviteMembersResponse.add_member(:unprocessed_accounts, Shapes::ShapeRef.new(shape: ResultList, location_name: "UnprocessedAccounts"))
|
@@ -2248,7 +2285,7 @@ module Aws::SecurityHub
|
|
2248
2285
|
ListEnabledProductsForImportResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
2249
2286
|
ListEnabledProductsForImportResponse.struct_class = Types::ListEnabledProductsForImportResponse
|
2250
2287
|
|
2251
|
-
ListInvitationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape:
|
2288
|
+
ListInvitationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: CrossAccountMaxResults, location: "querystring", location_name: "MaxResults"))
|
2252
2289
|
ListInvitationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2253
2290
|
ListInvitationsRequest.struct_class = Types::ListInvitationsRequest
|
2254
2291
|
|
@@ -2257,7 +2294,7 @@ module Aws::SecurityHub
|
|
2257
2294
|
ListInvitationsResponse.struct_class = Types::ListInvitationsResponse
|
2258
2295
|
|
2259
2296
|
ListMembersRequest.add_member(:only_associated, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "OnlyAssociated"))
|
2260
|
-
ListMembersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape:
|
2297
|
+
ListMembersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: CrossAccountMaxResults, location: "querystring", location_name: "MaxResults"))
|
2261
2298
|
ListMembersRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2262
2299
|
ListMembersRequest.struct_class = Types::ListMembersRequest
|
2263
2300
|
|
@@ -2265,6 +2302,14 @@ module Aws::SecurityHub
|
|
2265
2302
|
ListMembersResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NextToken"))
|
2266
2303
|
ListMembersResponse.struct_class = Types::ListMembersResponse
|
2267
2304
|
|
2305
|
+
ListOrganizationAdminAccountsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: AdminsMaxResults, location: "querystring", location_name: "MaxResults"))
|
2306
|
+
ListOrganizationAdminAccountsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
|
2307
|
+
ListOrganizationAdminAccountsRequest.struct_class = Types::ListOrganizationAdminAccountsRequest
|
2308
|
+
|
2309
|
+
ListOrganizationAdminAccountsResponse.add_member(:admin_accounts, Shapes::ShapeRef.new(shape: AdminAccounts, location_name: "AdminAccounts"))
|
2310
|
+
ListOrganizationAdminAccountsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "NextToken"))
|
2311
|
+
ListOrganizationAdminAccountsResponse.struct_class = Types::ListOrganizationAdminAccountsResponse
|
2312
|
+
|
2268
2313
|
ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: ResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
|
2269
2314
|
ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
|
2270
2315
|
|
@@ -2607,6 +2652,11 @@ module Aws::SecurityHub
|
|
2607
2652
|
|
2608
2653
|
UpdateInsightResponse.struct_class = Types::UpdateInsightResponse
|
2609
2654
|
|
2655
|
+
UpdateOrganizationConfigurationRequest.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "AutoEnable"))
|
2656
|
+
UpdateOrganizationConfigurationRequest.struct_class = Types::UpdateOrganizationConfigurationRequest
|
2657
|
+
|
2658
|
+
UpdateOrganizationConfigurationResponse.struct_class = Types::UpdateOrganizationConfigurationResponse
|
2659
|
+
|
2610
2660
|
UpdateSecurityHubConfigurationRequest.add_member(:auto_enable_controls, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnableControls"))
|
2611
2661
|
UpdateSecurityHubConfigurationRequest.struct_class = Types::UpdateSecurityHubConfigurationRequest
|
2612
2662
|
|
@@ -2865,6 +2915,18 @@ module Aws::SecurityHub
|
|
2865
2915
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
2866
2916
|
end)
|
2867
2917
|
|
2918
|
+
api.add_operation(:describe_organization_configuration, Seahorse::Model::Operation.new.tap do |o|
|
2919
|
+
o.name = "DescribeOrganizationConfiguration"
|
2920
|
+
o.http_method = "GET"
|
2921
|
+
o.http_request_uri = "/organization/configuration"
|
2922
|
+
o.input = Shapes::ShapeRef.new(shape: DescribeOrganizationConfigurationRequest)
|
2923
|
+
o.output = Shapes::ShapeRef.new(shape: DescribeOrganizationConfigurationResponse)
|
2924
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
2925
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
2926
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
2927
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2928
|
+
end)
|
2929
|
+
|
2868
2930
|
api.add_operation(:describe_products, Seahorse::Model::Operation.new.tap do |o|
|
2869
2931
|
o.name = "DescribeProducts"
|
2870
2932
|
o.http_method = "GET"
|
@@ -2931,6 +2993,18 @@ module Aws::SecurityHub
|
|
2931
2993
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2932
2994
|
end)
|
2933
2995
|
|
2996
|
+
api.add_operation(:disable_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
2997
|
+
o.name = "DisableOrganizationAdminAccount"
|
2998
|
+
o.http_method = "POST"
|
2999
|
+
o.http_request_uri = "/organization/admin/disable"
|
3000
|
+
o.input = Shapes::ShapeRef.new(shape: DisableOrganizationAdminAccountRequest)
|
3001
|
+
o.output = Shapes::ShapeRef.new(shape: DisableOrganizationAdminAccountResponse)
|
3002
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3003
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3004
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3005
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3006
|
+
end)
|
3007
|
+
|
2934
3008
|
api.add_operation(:disable_security_hub, Seahorse::Model::Operation.new.tap do |o|
|
2935
3009
|
o.name = "DisableSecurityHub"
|
2936
3010
|
o.http_method = "DELETE"
|
@@ -2982,6 +3056,18 @@ module Aws::SecurityHub
|
|
2982
3056
|
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
2983
3057
|
end)
|
2984
3058
|
|
3059
|
+
api.add_operation(:enable_organization_admin_account, Seahorse::Model::Operation.new.tap do |o|
|
3060
|
+
o.name = "EnableOrganizationAdminAccount"
|
3061
|
+
o.http_method = "POST"
|
3062
|
+
o.http_request_uri = "/organization/admin/enable"
|
3063
|
+
o.input = Shapes::ShapeRef.new(shape: EnableOrganizationAdminAccountRequest)
|
3064
|
+
o.output = Shapes::ShapeRef.new(shape: EnableOrganizationAdminAccountResponse)
|
3065
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3066
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3067
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3068
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3069
|
+
end)
|
3070
|
+
|
2985
3071
|
api.add_operation(:enable_security_hub, Seahorse::Model::Operation.new.tap do |o|
|
2986
3072
|
o.name = "EnableSecurityHub"
|
2987
3073
|
o.http_method = "POST"
|
@@ -3167,6 +3253,24 @@ module Aws::SecurityHub
|
|
3167
3253
|
)
|
3168
3254
|
end)
|
3169
3255
|
|
3256
|
+
api.add_operation(:list_organization_admin_accounts, Seahorse::Model::Operation.new.tap do |o|
|
3257
|
+
o.name = "ListOrganizationAdminAccounts"
|
3258
|
+
o.http_method = "GET"
|
3259
|
+
o.http_request_uri = "/organization/admin"
|
3260
|
+
o.input = Shapes::ShapeRef.new(shape: ListOrganizationAdminAccountsRequest)
|
3261
|
+
o.output = Shapes::ShapeRef.new(shape: ListOrganizationAdminAccountsResponse)
|
3262
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3263
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3264
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3265
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3266
|
+
o[:pager] = Aws::Pager.new(
|
3267
|
+
limit_key: "max_results",
|
3268
|
+
tokens: {
|
3269
|
+
"next_token" => "next_token"
|
3270
|
+
}
|
3271
|
+
)
|
3272
|
+
end)
|
3273
|
+
|
3170
3274
|
api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
|
3171
3275
|
o.name = "ListTagsForResource"
|
3172
3276
|
o.http_method = "GET"
|
@@ -3239,6 +3343,18 @@ module Aws::SecurityHub
|
|
3239
3343
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
3240
3344
|
end)
|
3241
3345
|
|
3346
|
+
api.add_operation(:update_organization_configuration, Seahorse::Model::Operation.new.tap do |o|
|
3347
|
+
o.name = "UpdateOrganizationConfiguration"
|
3348
|
+
o.http_method = "POST"
|
3349
|
+
o.http_request_uri = "/organization/configuration"
|
3350
|
+
o.input = Shapes::ShapeRef.new(shape: UpdateOrganizationConfigurationRequest)
|
3351
|
+
o.output = Shapes::ShapeRef.new(shape: UpdateOrganizationConfigurationResponse)
|
3352
|
+
o.errors << Shapes::ShapeRef.new(shape: InternalException)
|
3353
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidInputException)
|
3354
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidAccessException)
|
3355
|
+
o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
|
3356
|
+
end)
|
3357
|
+
|
3242
3358
|
api.add_operation(:update_security_hub_configuration, Seahorse::Model::Operation.new.tap do |o|
|
3243
3359
|
o.name = "UpdateSecurityHubConfiguration"
|
3244
3360
|
o.http_method = "PATCH"
|
@@ -64,7 +64,7 @@ module Aws::SecurityHub
|
|
64
64
|
# data as a hash:
|
65
65
|
#
|
66
66
|
# {
|
67
|
-
# account_id: "AccountId",
|
67
|
+
# account_id: "AccountId", # required
|
68
68
|
# email: "NonEmptyString",
|
69
69
|
# }
|
70
70
|
#
|
@@ -109,6 +109,29 @@ module Aws::SecurityHub
|
|
109
109
|
include Aws::Structure
|
110
110
|
end
|
111
111
|
|
112
|
+
# Represents a Security Hub administrator account designated by an
|
113
|
+
# organization management account.
|
114
|
+
#
|
115
|
+
# @!attribute [rw] account_id
|
116
|
+
# The AWS account identifier of the Security Hub administrator
|
117
|
+
# account.
|
118
|
+
# @return [String]
|
119
|
+
#
|
120
|
+
# @!attribute [rw] status
|
121
|
+
# The current status of the Security Hub administrator account.
|
122
|
+
# Indicates whether the account is currently enabled as a Security Hub
|
123
|
+
# administrator.
|
124
|
+
# @return [String]
|
125
|
+
#
|
126
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AdminAccount AWS API Documentation
|
127
|
+
#
|
128
|
+
class AdminAccount < Struct.new(
|
129
|
+
:account_id,
|
130
|
+
:status)
|
131
|
+
SENSITIVE = []
|
132
|
+
include Aws::Structure
|
133
|
+
end
|
134
|
+
|
112
135
|
# Information about an Availability Zone.
|
113
136
|
#
|
114
137
|
# @note When making an API call, you may pass AvailabilityZone
|
@@ -15207,9 +15230,9 @@ module Aws::SecurityHub
|
|
15207
15230
|
# data as a hash:
|
15208
15231
|
#
|
15209
15232
|
# {
|
15210
|
-
# account_details: [
|
15233
|
+
# account_details: [ # required
|
15211
15234
|
# {
|
15212
|
-
# account_id: "AccountId",
|
15235
|
+
# account_id: "AccountId", # required
|
15213
15236
|
# email: "NonEmptyString",
|
15214
15237
|
# },
|
15215
15238
|
# ],
|
@@ -15217,8 +15240,8 @@ module Aws::SecurityHub
|
|
15217
15240
|
#
|
15218
15241
|
# @!attribute [rw] account_details
|
15219
15242
|
# The list of accounts to associate with the Security Hub master
|
15220
|
-
# account. For each account, the list includes the account ID and
|
15221
|
-
# email address.
|
15243
|
+
# account. For each account, the list includes the account ID and
|
15244
|
+
# optionally the email address.
|
15222
15245
|
# @return [Array<Types::AccountDetails>]
|
15223
15246
|
#
|
15224
15247
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateMembersRequest AWS API Documentation
|
@@ -15470,7 +15493,7 @@ module Aws::SecurityHub
|
|
15470
15493
|
# data as a hash:
|
15471
15494
|
#
|
15472
15495
|
# {
|
15473
|
-
# account_ids: ["NonEmptyString"],
|
15496
|
+
# account_ids: ["NonEmptyString"], # required
|
15474
15497
|
# }
|
15475
15498
|
#
|
15476
15499
|
# @!attribute [rw] account_ids
|
@@ -15601,6 +15624,34 @@ module Aws::SecurityHub
|
|
15601
15624
|
include Aws::Structure
|
15602
15625
|
end
|
15603
15626
|
|
15627
|
+
# @api private
|
15628
|
+
#
|
15629
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationRequest AWS API Documentation
|
15630
|
+
#
|
15631
|
+
class DescribeOrganizationConfigurationRequest < Aws::EmptyStructure; end
|
15632
|
+
|
15633
|
+
# @!attribute [rw] auto_enable
|
15634
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
15635
|
+
# organization.
|
15636
|
+
#
|
15637
|
+
# If set to `true`, then Security Hub is enabled for new accounts. If
|
15638
|
+
# set to false, then new accounts are not added automatically.
|
15639
|
+
# @return [Boolean]
|
15640
|
+
#
|
15641
|
+
# @!attribute [rw] member_account_limit_reached
|
15642
|
+
# Whether the maximum number of allowed member accounts are already
|
15643
|
+
# associated with the Security Hub administrator account.
|
15644
|
+
# @return [Boolean]
|
15645
|
+
#
|
15646
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
|
15647
|
+
#
|
15648
|
+
class DescribeOrganizationConfigurationResponse < Struct.new(
|
15649
|
+
:auto_enable,
|
15650
|
+
:member_account_limit_reached)
|
15651
|
+
SENSITIVE = []
|
15652
|
+
include Aws::Structure
|
15653
|
+
end
|
15654
|
+
|
15604
15655
|
# @note When making an API call, you may pass DescribeProductsRequest
|
15605
15656
|
# data as a hash:
|
15606
15657
|
#
|
@@ -15660,7 +15711,8 @@ module Aws::SecurityHub
|
|
15660
15711
|
#
|
15661
15712
|
# @!attribute [rw] standards_subscription_arn
|
15662
15713
|
# The ARN of a resource that represents your subscription to a
|
15663
|
-
# supported standard.
|
15714
|
+
# supported standard. To get the subscription ARNs of the standards
|
15715
|
+
# you have enabled, use the ` GetEnabledStandards ` operation.
|
15664
15716
|
# @return [String]
|
15665
15717
|
#
|
15666
15718
|
# @!attribute [rw] next_token
|
@@ -15775,6 +15827,30 @@ module Aws::SecurityHub
|
|
15775
15827
|
#
|
15776
15828
|
class DisableImportFindingsForProductResponse < Aws::EmptyStructure; end
|
15777
15829
|
|
15830
|
+
# @note When making an API call, you may pass DisableOrganizationAdminAccountRequest
|
15831
|
+
# data as a hash:
|
15832
|
+
#
|
15833
|
+
# {
|
15834
|
+
# admin_account_id: "NonEmptyString", # required
|
15835
|
+
# }
|
15836
|
+
#
|
15837
|
+
# @!attribute [rw] admin_account_id
|
15838
|
+
# The AWS account identifier of the Security Hub administrator
|
15839
|
+
# account.
|
15840
|
+
# @return [String]
|
15841
|
+
#
|
15842
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountRequest AWS API Documentation
|
15843
|
+
#
|
15844
|
+
class DisableOrganizationAdminAccountRequest < Struct.new(
|
15845
|
+
:admin_account_id)
|
15846
|
+
SENSITIVE = []
|
15847
|
+
include Aws::Structure
|
15848
|
+
end
|
15849
|
+
|
15850
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableOrganizationAdminAccountResponse AWS API Documentation
|
15851
|
+
#
|
15852
|
+
class DisableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
15853
|
+
|
15778
15854
|
# @api private
|
15779
15855
|
#
|
15780
15856
|
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DisableSecurityHubRequest AWS API Documentation
|
@@ -15799,7 +15875,7 @@ module Aws::SecurityHub
|
|
15799
15875
|
# data as a hash:
|
15800
15876
|
#
|
15801
15877
|
# {
|
15802
|
-
# account_ids: ["NonEmptyString"],
|
15878
|
+
# account_ids: ["NonEmptyString"], # required
|
15803
15879
|
# }
|
15804
15880
|
#
|
15805
15881
|
# @!attribute [rw] account_ids
|
@@ -15851,6 +15927,30 @@ module Aws::SecurityHub
|
|
15851
15927
|
include Aws::Structure
|
15852
15928
|
end
|
15853
15929
|
|
15930
|
+
# @note When making an API call, you may pass EnableOrganizationAdminAccountRequest
|
15931
|
+
# data as a hash:
|
15932
|
+
#
|
15933
|
+
# {
|
15934
|
+
# admin_account_id: "NonEmptyString", # required
|
15935
|
+
# }
|
15936
|
+
#
|
15937
|
+
# @!attribute [rw] admin_account_id
|
15938
|
+
# The AWS account identifier of the account to designate as the
|
15939
|
+
# Security Hub administrator account.
|
15940
|
+
# @return [String]
|
15941
|
+
#
|
15942
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountRequest AWS API Documentation
|
15943
|
+
#
|
15944
|
+
class EnableOrganizationAdminAccountRequest < Struct.new(
|
15945
|
+
:admin_account_id)
|
15946
|
+
SENSITIVE = []
|
15947
|
+
include Aws::Structure
|
15948
|
+
end
|
15949
|
+
|
15950
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableOrganizationAdminAccountResponse AWS API Documentation
|
15951
|
+
#
|
15952
|
+
class EnableOrganizationAdminAccountResponse < Aws::EmptyStructure; end
|
15953
|
+
|
15854
15954
|
# @note When making an API call, you may pass EnableSecurityHubRequest
|
15855
15955
|
# data as a hash:
|
15856
15956
|
#
|
@@ -16858,8 +16958,9 @@ module Aws::SecurityHub
|
|
16858
16958
|
include Aws::Structure
|
16859
16959
|
end
|
16860
16960
|
|
16861
|
-
#
|
16862
|
-
#
|
16961
|
+
# There is an issue with the account used to make the request. Either
|
16962
|
+
# Security Hub is not enabled for the account, or the account does not
|
16963
|
+
# have permission to perform this action.
|
16863
16964
|
#
|
16864
16965
|
# @!attribute [rw] message
|
16865
16966
|
# @return [String]
|
@@ -16929,7 +17030,7 @@ module Aws::SecurityHub
|
|
16929
17030
|
# data as a hash:
|
16930
17031
|
#
|
16931
17032
|
# {
|
16932
|
-
# account_ids: ["NonEmptyString"],
|
17033
|
+
# account_ids: ["NonEmptyString"], # required
|
16933
17034
|
# }
|
16934
17035
|
#
|
16935
17036
|
# @!attribute [rw] account_ids
|
@@ -17034,8 +17135,8 @@ module Aws::SecurityHub
|
|
17034
17135
|
end
|
17035
17136
|
|
17036
17137
|
# The request was rejected because it attempted to create resources
|
17037
|
-
# beyond the current AWS account limits. The error code
|
17038
|
-
# limit exceeded.
|
17138
|
+
# beyond the current AWS account or throttling limits. The error code
|
17139
|
+
# describes the limit exceeded.
|
17039
17140
|
#
|
17040
17141
|
# @!attribute [rw] message
|
17041
17142
|
# @return [String]
|
@@ -17165,7 +17266,7 @@ module Aws::SecurityHub
|
|
17165
17266
|
#
|
17166
17267
|
# If `OnlyAssociated` is set to `TRUE`, the response includes member
|
17167
17268
|
# accounts whose relationship status with the master is set to
|
17168
|
-
# `ENABLED
|
17269
|
+
# `ENABLED`.
|
17169
17270
|
#
|
17170
17271
|
# If `OnlyAssociated` is set to `FALSE`, the response includes all
|
17171
17272
|
# existing member accounts.
|
@@ -17211,6 +17312,52 @@ module Aws::SecurityHub
|
|
17211
17312
|
include Aws::Structure
|
17212
17313
|
end
|
17213
17314
|
|
17315
|
+
# @note When making an API call, you may pass ListOrganizationAdminAccountsRequest
|
17316
|
+
# data as a hash:
|
17317
|
+
#
|
17318
|
+
# {
|
17319
|
+
# max_results: 1,
|
17320
|
+
# next_token: "NextToken",
|
17321
|
+
# }
|
17322
|
+
#
|
17323
|
+
# @!attribute [rw] max_results
|
17324
|
+
# The maximum number of items to return in the response.
|
17325
|
+
# @return [Integer]
|
17326
|
+
#
|
17327
|
+
# @!attribute [rw] next_token
|
17328
|
+
# The token that is required for pagination. On your first call to the
|
17329
|
+
# `ListOrganizationAdminAccounts` operation, set the value of this
|
17330
|
+
# parameter to `NULL`. For subsequent calls to the operation, to
|
17331
|
+
# continue listing data, set the value of this parameter to the value
|
17332
|
+
# returned from the previous response.
|
17333
|
+
# @return [String]
|
17334
|
+
#
|
17335
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsRequest AWS API Documentation
|
17336
|
+
#
|
17337
|
+
class ListOrganizationAdminAccountsRequest < Struct.new(
|
17338
|
+
:max_results,
|
17339
|
+
:next_token)
|
17340
|
+
SENSITIVE = []
|
17341
|
+
include Aws::Structure
|
17342
|
+
end
|
17343
|
+
|
17344
|
+
# @!attribute [rw] admin_accounts
|
17345
|
+
# The list of Security Hub administrator accounts.
|
17346
|
+
# @return [Array<Types::AdminAccount>]
|
17347
|
+
#
|
17348
|
+
# @!attribute [rw] next_token
|
17349
|
+
# The pagination token to use to request the next page of results.
|
17350
|
+
# @return [String]
|
17351
|
+
#
|
17352
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ListOrganizationAdminAccountsResponse AWS API Documentation
|
17353
|
+
#
|
17354
|
+
class ListOrganizationAdminAccountsResponse < Struct.new(
|
17355
|
+
:admin_accounts,
|
17356
|
+
:next_token)
|
17357
|
+
SENSITIVE = []
|
17358
|
+
include Aws::Structure
|
17359
|
+
end
|
17360
|
+
|
17214
17361
|
# @note When making an API call, you may pass ListTagsForResourceRequest
|
17215
17362
|
# data as a hash:
|
17216
17363
|
#
|
@@ -17401,8 +17548,9 @@ module Aws::SecurityHub
|
|
17401
17548
|
# account. The member account has not yet responded to the
|
17402
17549
|
# invitation.
|
17403
17550
|
#
|
17404
|
-
# * `
|
17405
|
-
#
|
17551
|
+
# * `ENABLED` - Indicates that the member account is currently active.
|
17552
|
+
# For manually invited member accounts, indicates that the member
|
17553
|
+
# account accepted the invitation.
|
17406
17554
|
#
|
17407
17555
|
# * `REMOVED` - Indicates that the master account disassociated the
|
17408
17556
|
# member account.
|
@@ -22984,6 +23132,36 @@ module Aws::SecurityHub
|
|
22984
23132
|
#
|
22985
23133
|
class UpdateInsightResponse < Aws::EmptyStructure; end
|
22986
23134
|
|
23135
|
+
# @note When making an API call, you may pass UpdateOrganizationConfigurationRequest
|
23136
|
+
# data as a hash:
|
23137
|
+
#
|
23138
|
+
# {
|
23139
|
+
# auto_enable: false, # required
|
23140
|
+
# }
|
23141
|
+
#
|
23142
|
+
# @!attribute [rw] auto_enable
|
23143
|
+
# Whether to automatically enable Security Hub for new accounts in the
|
23144
|
+
# organization.
|
23145
|
+
#
|
23146
|
+
# By default, this is `false`, and new accounts are not added
|
23147
|
+
# automatically.
|
23148
|
+
#
|
23149
|
+
# To automatically enable Security Hub for new accounts, set this to
|
23150
|
+
# `true`.
|
23151
|
+
# @return [Boolean]
|
23152
|
+
#
|
23153
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
|
23154
|
+
#
|
23155
|
+
class UpdateOrganizationConfigurationRequest < Struct.new(
|
23156
|
+
:auto_enable)
|
23157
|
+
SENSITIVE = []
|
23158
|
+
include Aws::Structure
|
23159
|
+
end
|
23160
|
+
|
23161
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationResponse AWS API Documentation
|
23162
|
+
#
|
23163
|
+
class UpdateOrganizationConfigurationResponse < Aws::EmptyStructure; end
|
23164
|
+
|
22987
23165
|
# @note When making an API call, you may pass UpdateSecurityHubConfigurationRequest
|
22988
23166
|
# data as a hash:
|
22989
23167
|
#
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: aws-sdk-securityhub
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.36.0
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Amazon Web Services
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-11-23 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-core
|