aws-sdk-securityhub 1.47.0 → 1.48.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +5 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-securityhub.rb +1 -1
- data/lib/aws-sdk-securityhub/client.rb +294 -42
- data/lib/aws-sdk-securityhub/client_api.rb +135 -3
- data/lib/aws-sdk-securityhub/types.rb +1765 -308
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: dc47cdb80a24a939c35c403bdf11574e237624bb5eb00cffa7b9a30b4d6a57f3
|
|
4
|
+
data.tar.gz: 583af7ab7df0ab16fb070b924b877710743b5c3a01cd429843bfc0721c6fd17f
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c30da0b431f06ad77a9effaf9e03cffb2efbfdab0e1f045f155cdbd18612ca7272153fdd931806f63e425a7fd951487dd4506be8c66eca788cb4ebbed7b070f7
|
|
7
|
+
data.tar.gz: 3dd12588030c7e5a9110ba0ce386bf95d6ac63f72fdbb19556637ff63dfc663885f333d832071a87a8cc3a101307cd8e2cd2474d1f9207d54150d634077ebded
|
data/CHANGELOG.md
CHANGED
|
@@ -1,6 +1,11 @@
|
|
|
1
1
|
Unreleased Changes
|
|
2
2
|
------------------
|
|
3
3
|
|
|
4
|
+
1.48.0 (2021-07-23)
|
|
5
|
+
------------------
|
|
6
|
+
|
|
7
|
+
* Feature - Added product name, company name, and Region fields for security findings. Added details objects for RDS event subscriptions and AWS ECS services. Added fields to the details for AWS Elasticsearch domains.
|
|
8
|
+
|
|
4
9
|
1.47.0 (2021-06-24)
|
|
5
10
|
------------------
|
|
6
11
|
|
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
1.
|
|
1
|
+
1.48.0
|
data/lib/aws-sdk-securityhub.rb
CHANGED
|
@@ -413,8 +413,8 @@ module Aws::SecurityHub
|
|
|
413
413
|
# Disables the standards specified by the provided
|
|
414
414
|
# `StandardsSubscriptionArns`.
|
|
415
415
|
#
|
|
416
|
-
# For more information, see [Security Standards][1] section of the
|
|
417
|
-
# Security Hub User Guide*.
|
|
416
|
+
# For more information, see [Security Standards][1] section of the
|
|
417
|
+
# *Security Hub User Guide*.
|
|
418
418
|
#
|
|
419
419
|
#
|
|
420
420
|
#
|
|
@@ -452,11 +452,10 @@ module Aws::SecurityHub
|
|
|
452
452
|
end
|
|
453
453
|
|
|
454
454
|
# Enables the standards specified by the provided `StandardsArn`. To
|
|
455
|
-
# obtain the ARN for a standard, use the `
|
|
456
|
-
# operation.
|
|
455
|
+
# obtain the ARN for a standard, use the `DescribeStandards` operation.
|
|
457
456
|
#
|
|
458
457
|
# For more information, see the [Security Standards][1] section of the
|
|
459
|
-
# *
|
|
458
|
+
# *Security Hub User Guide*.
|
|
460
459
|
#
|
|
461
460
|
#
|
|
462
461
|
#
|
|
@@ -537,8 +536,8 @@ module Aws::SecurityHub
|
|
|
537
536
|
#
|
|
538
537
|
# @option params [required, Array<Types::AwsSecurityFinding>] :findings
|
|
539
538
|
# A list of findings to import. To successfully import a finding, it
|
|
540
|
-
# must follow the [
|
|
541
|
-
# findings per request.
|
|
539
|
+
# must follow the [Amazon Web Services Security Finding Format][1].
|
|
540
|
+
# Maximum of 100 findings per request.
|
|
542
541
|
#
|
|
543
542
|
#
|
|
544
543
|
#
|
|
@@ -558,6 +557,9 @@ module Aws::SecurityHub
|
|
|
558
557
|
# schema_version: "NonEmptyString", # required
|
|
559
558
|
# id: "NonEmptyString", # required
|
|
560
559
|
# product_arn: "NonEmptyString", # required
|
|
560
|
+
# product_name: "NonEmptyString",
|
|
561
|
+
# company_name: "NonEmptyString",
|
|
562
|
+
# region: "NonEmptyString",
|
|
561
563
|
# generator_id: "NonEmptyString", # required
|
|
562
564
|
# aws_account_id: "NonEmptyString", # required
|
|
563
565
|
# types: ["NonEmptyString"],
|
|
@@ -1177,6 +1179,17 @@ module Aws::SecurityHub
|
|
|
1177
1179
|
# "NonEmptyString" => "NonEmptyString",
|
|
1178
1180
|
# },
|
|
1179
1181
|
# elasticsearch_version: "NonEmptyString",
|
|
1182
|
+
# elasticsearch_cluster_config: {
|
|
1183
|
+
# dedicated_master_count: 1,
|
|
1184
|
+
# dedicated_master_enabled: false,
|
|
1185
|
+
# dedicated_master_type: "NonEmptyString",
|
|
1186
|
+
# instance_count: 1,
|
|
1187
|
+
# instance_type: "NonEmptyString",
|
|
1188
|
+
# zone_awareness_config: {
|
|
1189
|
+
# availability_zone_count: 1,
|
|
1190
|
+
# },
|
|
1191
|
+
# zone_awareness_enabled: false,
|
|
1192
|
+
# },
|
|
1180
1193
|
# encryption_at_rest_options: {
|
|
1181
1194
|
# enabled: false,
|
|
1182
1195
|
# kms_key_id: "NonEmptyString",
|
|
@@ -1190,6 +1203,10 @@ module Aws::SecurityHub
|
|
|
1190
1203
|
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
1191
1204
|
# enabled: false,
|
|
1192
1205
|
# },
|
|
1206
|
+
# audit_logs: {
|
|
1207
|
+
# cloud_watch_logs_log_group_arn: "NonEmptyString",
|
|
1208
|
+
# enabled: false,
|
|
1209
|
+
# },
|
|
1193
1210
|
# },
|
|
1194
1211
|
# node_to_node_encryption_options: {
|
|
1195
1212
|
# enabled: false,
|
|
@@ -2576,6 +2593,87 @@ module Aws::SecurityHub
|
|
|
2576
2593
|
# other: {
|
|
2577
2594
|
# "NonEmptyString" => "NonEmptyString",
|
|
2578
2595
|
# },
|
|
2596
|
+
# aws_rds_event_subscription: {
|
|
2597
|
+
# cust_subscription_id: "NonEmptyString",
|
|
2598
|
+
# customer_aws_id: "NonEmptyString",
|
|
2599
|
+
# enabled: false,
|
|
2600
|
+
# event_categories_list: ["NonEmptyString"],
|
|
2601
|
+
# event_subscription_arn: "NonEmptyString",
|
|
2602
|
+
# sns_topic_arn: "NonEmptyString",
|
|
2603
|
+
# source_ids_list: ["NonEmptyString"],
|
|
2604
|
+
# source_type: "NonEmptyString",
|
|
2605
|
+
# status: "NonEmptyString",
|
|
2606
|
+
# subscription_creation_time: "NonEmptyString",
|
|
2607
|
+
# },
|
|
2608
|
+
# aws_ecs_service: {
|
|
2609
|
+
# capacity_provider_strategy: [
|
|
2610
|
+
# {
|
|
2611
|
+
# base: 1,
|
|
2612
|
+
# capacity_provider: "NonEmptyString",
|
|
2613
|
+
# weight: 1,
|
|
2614
|
+
# },
|
|
2615
|
+
# ],
|
|
2616
|
+
# cluster: "NonEmptyString",
|
|
2617
|
+
# deployment_configuration: {
|
|
2618
|
+
# deployment_circuit_breaker: {
|
|
2619
|
+
# enable: false,
|
|
2620
|
+
# rollback: false,
|
|
2621
|
+
# },
|
|
2622
|
+
# maximum_percent: 1,
|
|
2623
|
+
# minimum_healthy_percent: 1,
|
|
2624
|
+
# },
|
|
2625
|
+
# deployment_controller: {
|
|
2626
|
+
# type: "NonEmptyString",
|
|
2627
|
+
# },
|
|
2628
|
+
# desired_count: 1,
|
|
2629
|
+
# enable_ecs_managed_tags: false,
|
|
2630
|
+
# enable_execute_command: false,
|
|
2631
|
+
# health_check_grace_period_seconds: 1,
|
|
2632
|
+
# launch_type: "NonEmptyString",
|
|
2633
|
+
# load_balancers: [
|
|
2634
|
+
# {
|
|
2635
|
+
# container_name: "NonEmptyString",
|
|
2636
|
+
# container_port: 1,
|
|
2637
|
+
# load_balancer_name: "NonEmptyString",
|
|
2638
|
+
# target_group_arn: "NonEmptyString",
|
|
2639
|
+
# },
|
|
2640
|
+
# ],
|
|
2641
|
+
# name: "NonEmptyString",
|
|
2642
|
+
# network_configuration: {
|
|
2643
|
+
# aws_vpc_configuration: {
|
|
2644
|
+
# assign_public_ip: "NonEmptyString",
|
|
2645
|
+
# security_groups: ["NonEmptyString"],
|
|
2646
|
+
# subnets: ["NonEmptyString"],
|
|
2647
|
+
# },
|
|
2648
|
+
# },
|
|
2649
|
+
# placement_constraints: [
|
|
2650
|
+
# {
|
|
2651
|
+
# expression: "NonEmptyString",
|
|
2652
|
+
# type: "NonEmptyString",
|
|
2653
|
+
# },
|
|
2654
|
+
# ],
|
|
2655
|
+
# placement_strategies: [
|
|
2656
|
+
# {
|
|
2657
|
+
# field: "NonEmptyString",
|
|
2658
|
+
# type: "NonEmptyString",
|
|
2659
|
+
# },
|
|
2660
|
+
# ],
|
|
2661
|
+
# platform_version: "NonEmptyString",
|
|
2662
|
+
# propagate_tags: "NonEmptyString",
|
|
2663
|
+
# role: "NonEmptyString",
|
|
2664
|
+
# scheduling_strategy: "NonEmptyString",
|
|
2665
|
+
# service_arn: "NonEmptyString",
|
|
2666
|
+
# service_name: "NonEmptyString",
|
|
2667
|
+
# service_registries: [
|
|
2668
|
+
# {
|
|
2669
|
+
# container_name: "NonEmptyString",
|
|
2670
|
+
# container_port: 1,
|
|
2671
|
+
# port: 1,
|
|
2672
|
+
# registry_arn: "NonEmptyString",
|
|
2673
|
+
# },
|
|
2674
|
+
# ],
|
|
2675
|
+
# task_definition: "NonEmptyString",
|
|
2676
|
+
# },
|
|
2579
2677
|
# },
|
|
2580
2678
|
# },
|
|
2581
2679
|
# ],
|
|
@@ -2827,8 +2925,7 @@ module Aws::SecurityHub
|
|
|
2827
2925
|
# You can configure IAM policies to restrict access to fields and field
|
|
2828
2926
|
# values. For example, you might not want member accounts to be able to
|
|
2829
2927
|
# suppress findings or change the finding severity. See [Configuring
|
|
2830
|
-
# access to BatchUpdateFindings][1] in the *
|
|
2831
|
-
# Guide*.
|
|
2928
|
+
# access to BatchUpdateFindings][1] in the *Security Hub User Guide*.
|
|
2832
2929
|
#
|
|
2833
2930
|
#
|
|
2834
2931
|
#
|
|
@@ -3061,6 +3158,12 @@ module Aws::SecurityHub
|
|
|
3061
3158
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3062
3159
|
# },
|
|
3063
3160
|
# ],
|
|
3161
|
+
# region: [
|
|
3162
|
+
# {
|
|
3163
|
+
# value: "NonEmptyString",
|
|
3164
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3165
|
+
# },
|
|
3166
|
+
# ],
|
|
3064
3167
|
# type: [
|
|
3065
3168
|
# {
|
|
3066
3169
|
# value: "NonEmptyString",
|
|
@@ -3470,6 +3573,12 @@ module Aws::SecurityHub
|
|
|
3470
3573
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3471
3574
|
# },
|
|
3472
3575
|
# ],
|
|
3576
|
+
# resource_aws_iam_access_key_principal_name: [
|
|
3577
|
+
# {
|
|
3578
|
+
# value: "NonEmptyString",
|
|
3579
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3580
|
+
# },
|
|
3581
|
+
# ],
|
|
3473
3582
|
# resource_aws_iam_access_key_status: [
|
|
3474
3583
|
# {
|
|
3475
3584
|
# value: "NonEmptyString",
|
|
@@ -3486,6 +3595,12 @@ module Aws::SecurityHub
|
|
|
3486
3595
|
# },
|
|
3487
3596
|
# },
|
|
3488
3597
|
# ],
|
|
3598
|
+
# resource_aws_iam_user_user_name: [
|
|
3599
|
+
# {
|
|
3600
|
+
# value: "NonEmptyString",
|
|
3601
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
3602
|
+
# },
|
|
3603
|
+
# ],
|
|
3489
3604
|
# resource_container_name: [
|
|
3490
3605
|
# {
|
|
3491
3606
|
# value: "NonEmptyString",
|
|
@@ -3660,27 +3775,31 @@ module Aws::SecurityHub
|
|
|
3660
3775
|
# `CreateMembers` is always used to add accounts that are not
|
|
3661
3776
|
# organization members.
|
|
3662
3777
|
#
|
|
3663
|
-
# For accounts that are
|
|
3664
|
-
# used in the following cases:
|
|
3778
|
+
# For accounts that are managed using Organizations, `CreateMembers` is
|
|
3779
|
+
# only used in the following cases:
|
|
3665
3780
|
#
|
|
3666
|
-
# * Security Hub is not configured to automatically add new
|
|
3667
|
-
#
|
|
3781
|
+
# * Security Hub is not configured to automatically add new organization
|
|
3782
|
+
# accounts.
|
|
3668
3783
|
#
|
|
3669
3784
|
# * The account was disassociated or deleted in Security Hub.
|
|
3670
3785
|
#
|
|
3671
3786
|
# This action can only be used by an account that has Security Hub
|
|
3672
|
-
# enabled. To enable Security Hub, you can use the `
|
|
3787
|
+
# enabled. To enable Security Hub, you can use the `EnableSecurityHub`
|
|
3673
3788
|
# operation.
|
|
3674
3789
|
#
|
|
3675
3790
|
# For accounts that are not organization members, you create the account
|
|
3676
3791
|
# association and then send an invitation to the member account. To send
|
|
3677
|
-
# the invitation, you use the `
|
|
3678
|
-
#
|
|
3679
|
-
#
|
|
3792
|
+
# the invitation, you use the `InviteMembers` operation. If the account
|
|
3793
|
+
# owner accepts the invitation, the account becomes a member account in
|
|
3794
|
+
# Security Hub.
|
|
3680
3795
|
#
|
|
3681
|
-
# Accounts that are
|
|
3796
|
+
# Accounts that are managed using Organizations do not receive an
|
|
3682
3797
|
# invitation. They automatically become a member account in Security
|
|
3683
|
-
# Hub.
|
|
3798
|
+
# Hub, and Security Hub is automatically enabled for those accounts.
|
|
3799
|
+
# Note that Security Hub cannot be enabled automatically for the
|
|
3800
|
+
# organization management account. The organization management account
|
|
3801
|
+
# must enable Security Hub before the administrator account enables it
|
|
3802
|
+
# as a member account.
|
|
3684
3803
|
#
|
|
3685
3804
|
# A permissions policy is added that permits the administrator account
|
|
3686
3805
|
# to view the findings generated in the member account. When Security
|
|
@@ -3688,8 +3807,8 @@ module Aws::SecurityHub
|
|
|
3688
3807
|
# also visible to the administrator account.
|
|
3689
3808
|
#
|
|
3690
3809
|
# To remove the association between the administrator and member
|
|
3691
|
-
# accounts, use the `
|
|
3692
|
-
# DisassociateMembers
|
|
3810
|
+
# accounts, use the `DisassociateFromMasterAccount` or
|
|
3811
|
+
# `DisassociateMembers` operation.
|
|
3693
3812
|
#
|
|
3694
3813
|
# @option params [required, Array<Types::AccountDetails>] :account_details
|
|
3695
3814
|
# The list of accounts to associate with the Security Hub administrator
|
|
@@ -3820,8 +3939,8 @@ module Aws::SecurityHub
|
|
|
3820
3939
|
req.send_request(options)
|
|
3821
3940
|
end
|
|
3822
3941
|
|
|
3823
|
-
# Deletes invitations received by the
|
|
3824
|
-
# account.
|
|
3942
|
+
# Deletes invitations received by the Amazon Web Services account to
|
|
3943
|
+
# become a member account.
|
|
3825
3944
|
#
|
|
3826
3945
|
# This operation is only used by accounts that are not part of an
|
|
3827
3946
|
# organization. Organization accounts do not receive invitations.
|
|
@@ -4114,7 +4233,7 @@ module Aws::SecurityHub
|
|
|
4114
4233
|
# @option params [required, String] :standards_subscription_arn
|
|
4115
4234
|
# The ARN of a resource that represents your subscription to a supported
|
|
4116
4235
|
# standard. To get the subscription ARNs of the standards you have
|
|
4117
|
-
# enabled, use the `
|
|
4236
|
+
# enabled, use the `GetEnabledStandards` operation.
|
|
4118
4237
|
#
|
|
4119
4238
|
# @option params [String] :next_token
|
|
4120
4239
|
# The token that is required for pagination. On your first call to the
|
|
@@ -4196,7 +4315,8 @@ module Aws::SecurityHub
|
|
|
4196
4315
|
# the organization management account.
|
|
4197
4316
|
#
|
|
4198
4317
|
# @option params [required, String] :admin_account_id
|
|
4199
|
-
# The
|
|
4318
|
+
# The Amazon Web Services account identifier of the Security Hub
|
|
4319
|
+
# administrator account.
|
|
4200
4320
|
#
|
|
4201
4321
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
4202
4322
|
#
|
|
@@ -4353,8 +4473,8 @@ module Aws::SecurityHub
|
|
|
4353
4473
|
# Can only be called by the organization management account.
|
|
4354
4474
|
#
|
|
4355
4475
|
# @option params [required, String] :admin_account_id
|
|
4356
|
-
# The
|
|
4357
|
-
# Hub administrator account.
|
|
4476
|
+
# The Amazon Web Services account identifier of the account to designate
|
|
4477
|
+
# as the Security Hub administrator account.
|
|
4358
4478
|
#
|
|
4359
4479
|
# @return [Struct] Returns an empty {Seahorse::Client::Response response}.
|
|
4360
4480
|
#
|
|
@@ -4383,9 +4503,9 @@ module Aws::SecurityHub
|
|
|
4383
4503
|
# When you use the `EnableSecurityHub` operation to enable Security Hub,
|
|
4384
4504
|
# you also automatically enable the following standards.
|
|
4385
4505
|
#
|
|
4386
|
-
# * CIS
|
|
4506
|
+
# * CIS Amazon Web Services Foundations
|
|
4387
4507
|
#
|
|
4388
|
-
# *
|
|
4508
|
+
# * Amazon Web Services Foundational Security Best Practices
|
|
4389
4509
|
#
|
|
4390
4510
|
# You do not enable the Payment Card Industry Data Security Standard
|
|
4391
4511
|
# (PCI DSS) standard.
|
|
@@ -4393,12 +4513,12 @@ module Aws::SecurityHub
|
|
|
4393
4513
|
# To not enable the automatically enabled standards, set
|
|
4394
4514
|
# `EnableDefaultStandards` to `false`.
|
|
4395
4515
|
#
|
|
4396
|
-
# After you enable Security Hub, to enable a standard, use the
|
|
4397
|
-
# BatchEnableStandards
|
|
4398
|
-
# BatchDisableStandards
|
|
4516
|
+
# After you enable Security Hub, to enable a standard, use the
|
|
4517
|
+
# `BatchEnableStandards` operation. To disable a standard, use the
|
|
4518
|
+
# `BatchDisableStandards` operation.
|
|
4399
4519
|
#
|
|
4400
|
-
# To learn more, see [
|
|
4401
|
-
#
|
|
4520
|
+
# To learn more, see the [setup information][1] in the *Security Hub
|
|
4521
|
+
# User Guide*.
|
|
4402
4522
|
#
|
|
4403
4523
|
#
|
|
4404
4524
|
#
|
|
@@ -4574,6 +4694,12 @@ module Aws::SecurityHub
|
|
|
4574
4694
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
4575
4695
|
# },
|
|
4576
4696
|
# ],
|
|
4697
|
+
# region: [
|
|
4698
|
+
# {
|
|
4699
|
+
# value: "NonEmptyString",
|
|
4700
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
4701
|
+
# },
|
|
4702
|
+
# ],
|
|
4577
4703
|
# type: [
|
|
4578
4704
|
# {
|
|
4579
4705
|
# value: "NonEmptyString",
|
|
@@ -4983,6 +5109,12 @@ module Aws::SecurityHub
|
|
|
4983
5109
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
4984
5110
|
# },
|
|
4985
5111
|
# ],
|
|
5112
|
+
# resource_aws_iam_access_key_principal_name: [
|
|
5113
|
+
# {
|
|
5114
|
+
# value: "NonEmptyString",
|
|
5115
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
5116
|
+
# },
|
|
5117
|
+
# ],
|
|
4986
5118
|
# resource_aws_iam_access_key_status: [
|
|
4987
5119
|
# {
|
|
4988
5120
|
# value: "NonEmptyString",
|
|
@@ -4999,6 +5131,12 @@ module Aws::SecurityHub
|
|
|
4999
5131
|
# },
|
|
5000
5132
|
# },
|
|
5001
5133
|
# ],
|
|
5134
|
+
# resource_aws_iam_user_user_name: [
|
|
5135
|
+
# {
|
|
5136
|
+
# value: "NonEmptyString",
|
|
5137
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
5138
|
+
# },
|
|
5139
|
+
# ],
|
|
5002
5140
|
# resource_container_name: [
|
|
5003
5141
|
# {
|
|
5004
5142
|
# value: "NonEmptyString",
|
|
@@ -5164,6 +5302,9 @@ module Aws::SecurityHub
|
|
|
5164
5302
|
# resp.findings[0].schema_version #=> String
|
|
5165
5303
|
# resp.findings[0].id #=> String
|
|
5166
5304
|
# resp.findings[0].product_arn #=> String
|
|
5305
|
+
# resp.findings[0].product_name #=> String
|
|
5306
|
+
# resp.findings[0].company_name #=> String
|
|
5307
|
+
# resp.findings[0].region #=> String
|
|
5167
5308
|
# resp.findings[0].generator_id #=> String
|
|
5168
5309
|
# resp.findings[0].aws_account_id #=> String
|
|
5169
5310
|
# resp.findings[0].types #=> Array
|
|
@@ -5544,12 +5685,21 @@ module Aws::SecurityHub
|
|
|
5544
5685
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.endpoints #=> Hash
|
|
5545
5686
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.endpoints["NonEmptyString"] #=> String
|
|
5546
5687
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_version #=> String
|
|
5688
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.dedicated_master_count #=> Integer
|
|
5689
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.dedicated_master_enabled #=> Boolean
|
|
5690
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.dedicated_master_type #=> String
|
|
5691
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.instance_count #=> Integer
|
|
5692
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.instance_type #=> String
|
|
5693
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.zone_awareness_config.availability_zone_count #=> Integer
|
|
5694
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.elasticsearch_cluster_config.zone_awareness_enabled #=> Boolean
|
|
5547
5695
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.encryption_at_rest_options.enabled #=> Boolean
|
|
5548
5696
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.encryption_at_rest_options.kms_key_id #=> String
|
|
5549
5697
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.index_slow_logs.cloud_watch_logs_log_group_arn #=> String
|
|
5550
5698
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.index_slow_logs.enabled #=> Boolean
|
|
5551
5699
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.search_slow_logs.cloud_watch_logs_log_group_arn #=> String
|
|
5552
5700
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.search_slow_logs.enabled #=> Boolean
|
|
5701
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.audit_logs.cloud_watch_logs_log_group_arn #=> String
|
|
5702
|
+
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.log_publishing_options.audit_logs.enabled #=> Boolean
|
|
5553
5703
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.node_to_node_encryption_options.enabled #=> Boolean
|
|
5554
5704
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.service_software_options.automated_update_date #=> String
|
|
5555
5705
|
# resp.findings[0].resources[0].details.aws_elasticsearch_domain.service_software_options.cancellable #=> Boolean
|
|
@@ -6503,6 +6653,62 @@ module Aws::SecurityHub
|
|
|
6503
6653
|
# resp.findings[0].resources[0].details.container.launched_at #=> String
|
|
6504
6654
|
# resp.findings[0].resources[0].details.other #=> Hash
|
|
6505
6655
|
# resp.findings[0].resources[0].details.other["NonEmptyString"] #=> String
|
|
6656
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.cust_subscription_id #=> String
|
|
6657
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.customer_aws_id #=> String
|
|
6658
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.enabled #=> Boolean
|
|
6659
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.event_categories_list #=> Array
|
|
6660
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.event_categories_list[0] #=> String
|
|
6661
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.event_subscription_arn #=> String
|
|
6662
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.sns_topic_arn #=> String
|
|
6663
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.source_ids_list #=> Array
|
|
6664
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.source_ids_list[0] #=> String
|
|
6665
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.source_type #=> String
|
|
6666
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.status #=> String
|
|
6667
|
+
# resp.findings[0].resources[0].details.aws_rds_event_subscription.subscription_creation_time #=> String
|
|
6668
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.capacity_provider_strategy #=> Array
|
|
6669
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.capacity_provider_strategy[0].base #=> Integer
|
|
6670
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.capacity_provider_strategy[0].capacity_provider #=> String
|
|
6671
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.capacity_provider_strategy[0].weight #=> Integer
|
|
6672
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.cluster #=> String
|
|
6673
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.deployment_configuration.deployment_circuit_breaker.enable #=> Boolean
|
|
6674
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.deployment_configuration.deployment_circuit_breaker.rollback #=> Boolean
|
|
6675
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.deployment_configuration.maximum_percent #=> Integer
|
|
6676
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.deployment_configuration.minimum_healthy_percent #=> Integer
|
|
6677
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.deployment_controller.type #=> String
|
|
6678
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.desired_count #=> Integer
|
|
6679
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.enable_ecs_managed_tags #=> Boolean
|
|
6680
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.enable_execute_command #=> Boolean
|
|
6681
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.health_check_grace_period_seconds #=> Integer
|
|
6682
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.launch_type #=> String
|
|
6683
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.load_balancers #=> Array
|
|
6684
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.load_balancers[0].container_name #=> String
|
|
6685
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.load_balancers[0].container_port #=> Integer
|
|
6686
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.load_balancers[0].load_balancer_name #=> String
|
|
6687
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.load_balancers[0].target_group_arn #=> String
|
|
6688
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.name #=> String
|
|
6689
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.network_configuration.aws_vpc_configuration.assign_public_ip #=> String
|
|
6690
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.network_configuration.aws_vpc_configuration.security_groups #=> Array
|
|
6691
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.network_configuration.aws_vpc_configuration.security_groups[0] #=> String
|
|
6692
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.network_configuration.aws_vpc_configuration.subnets #=> Array
|
|
6693
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.network_configuration.aws_vpc_configuration.subnets[0] #=> String
|
|
6694
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_constraints #=> Array
|
|
6695
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_constraints[0].expression #=> String
|
|
6696
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_constraints[0].type #=> String
|
|
6697
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_strategies #=> Array
|
|
6698
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_strategies[0].field #=> String
|
|
6699
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.placement_strategies[0].type #=> String
|
|
6700
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.platform_version #=> String
|
|
6701
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.propagate_tags #=> String
|
|
6702
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.role #=> String
|
|
6703
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.scheduling_strategy #=> String
|
|
6704
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_arn #=> String
|
|
6705
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_name #=> String
|
|
6706
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries #=> Array
|
|
6707
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].container_name #=> String
|
|
6708
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].container_port #=> Integer
|
|
6709
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].port #=> Integer
|
|
6710
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.service_registries[0].registry_arn #=> String
|
|
6711
|
+
# resp.findings[0].resources[0].details.aws_ecs_service.task_definition #=> String
|
|
6506
6712
|
# resp.findings[0].compliance.status #=> String, one of "PASSED", "WARNING", "FAILED", "NOT_AVAILABLE"
|
|
6507
6713
|
# resp.findings[0].compliance.related_requirements #=> Array
|
|
6508
6714
|
# resp.findings[0].compliance.related_requirements[0] #=> String
|
|
@@ -6708,6 +6914,9 @@ module Aws::SecurityHub
|
|
|
6708
6914
|
# resp.insights[0].filters.generator_id #=> Array
|
|
6709
6915
|
# resp.insights[0].filters.generator_id[0].value #=> String
|
|
6710
6916
|
# resp.insights[0].filters.generator_id[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
6917
|
+
# resp.insights[0].filters.region #=> Array
|
|
6918
|
+
# resp.insights[0].filters.region[0].value #=> String
|
|
6919
|
+
# resp.insights[0].filters.region[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
6711
6920
|
# resp.insights[0].filters.type #=> Array
|
|
6712
6921
|
# resp.insights[0].filters.type[0].value #=> String
|
|
6713
6922
|
# resp.insights[0].filters.type[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
@@ -6915,6 +7124,9 @@ module Aws::SecurityHub
|
|
|
6915
7124
|
# resp.insights[0].filters.resource_aws_iam_access_key_user_name #=> Array
|
|
6916
7125
|
# resp.insights[0].filters.resource_aws_iam_access_key_user_name[0].value #=> String
|
|
6917
7126
|
# resp.insights[0].filters.resource_aws_iam_access_key_user_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
7127
|
+
# resp.insights[0].filters.resource_aws_iam_access_key_principal_name #=> Array
|
|
7128
|
+
# resp.insights[0].filters.resource_aws_iam_access_key_principal_name[0].value #=> String
|
|
7129
|
+
# resp.insights[0].filters.resource_aws_iam_access_key_principal_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
6918
7130
|
# resp.insights[0].filters.resource_aws_iam_access_key_status #=> Array
|
|
6919
7131
|
# resp.insights[0].filters.resource_aws_iam_access_key_status[0].value #=> String
|
|
6920
7132
|
# resp.insights[0].filters.resource_aws_iam_access_key_status[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
@@ -6923,6 +7135,9 @@ module Aws::SecurityHub
|
|
|
6923
7135
|
# resp.insights[0].filters.resource_aws_iam_access_key_created_at[0].end #=> String
|
|
6924
7136
|
# resp.insights[0].filters.resource_aws_iam_access_key_created_at[0].date_range.value #=> Integer
|
|
6925
7137
|
# resp.insights[0].filters.resource_aws_iam_access_key_created_at[0].date_range.unit #=> String, one of "DAYS"
|
|
7138
|
+
# resp.insights[0].filters.resource_aws_iam_user_user_name #=> Array
|
|
7139
|
+
# resp.insights[0].filters.resource_aws_iam_user_user_name[0].value #=> String
|
|
7140
|
+
# resp.insights[0].filters.resource_aws_iam_user_user_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
6926
7141
|
# resp.insights[0].filters.resource_container_name #=> Array
|
|
6927
7142
|
# resp.insights[0].filters.resource_container_name[0].value #=> String
|
|
6928
7143
|
# resp.insights[0].filters.resource_container_name[0].comparison #=> String, one of "EQUALS", "PREFIX", "NOT_EQUALS", "PREFIX_NOT_EQUALS"
|
|
@@ -7114,14 +7329,15 @@ module Aws::SecurityHub
|
|
|
7114
7329
|
req.send_request(options)
|
|
7115
7330
|
end
|
|
7116
7331
|
|
|
7117
|
-
# Invites other
|
|
7118
|
-
# Hub administrator account that the invitation is sent
|
|
7332
|
+
# Invites other Amazon Web Services accounts to become member accounts
|
|
7333
|
+
# for the Security Hub administrator account that the invitation is sent
|
|
7334
|
+
# from.
|
|
7119
7335
|
#
|
|
7120
7336
|
# This operation is only used to invite accounts that do not belong to
|
|
7121
7337
|
# an organization. Organization accounts do not receive invitations.
|
|
7122
7338
|
#
|
|
7123
7339
|
# Before you can use this action to invite a member, you must first use
|
|
7124
|
-
# the `
|
|
7340
|
+
# the `CreateMembers` action to create the member account in Security
|
|
7125
7341
|
# Hub.
|
|
7126
7342
|
#
|
|
7127
7343
|
# When the account owner enables Security Hub and accepts the invitation
|
|
@@ -7129,8 +7345,8 @@ module Aws::SecurityHub
|
|
|
7129
7345
|
# findings generated from the member account.
|
|
7130
7346
|
#
|
|
7131
7347
|
# @option params [required, Array<String>] :account_ids
|
|
7132
|
-
# The list of account IDs of the
|
|
7133
|
-
# as members.
|
|
7348
|
+
# The list of account IDs of the Amazon Web Services accounts to invite
|
|
7349
|
+
# to Security Hub as members.
|
|
7134
7350
|
#
|
|
7135
7351
|
# @return [Types::InviteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
|
|
7136
7352
|
#
|
|
@@ -7202,10 +7418,10 @@ module Aws::SecurityHub
|
|
|
7202
7418
|
end
|
|
7203
7419
|
|
|
7204
7420
|
# Lists all Security Hub membership invitations that were sent to the
|
|
7205
|
-
# current
|
|
7421
|
+
# current Amazon Web Services account.
|
|
7206
7422
|
#
|
|
7207
7423
|
# This operation is only used by accounts that are managed by
|
|
7208
|
-
# invitation. Accounts that are managed using the integration with
|
|
7424
|
+
# invitation. Accounts that are managed using the integration with
|
|
7209
7425
|
# Organizations do not receive invitations.
|
|
7210
7426
|
#
|
|
7211
7427
|
# @option params [Integer] :max_results
|
|
@@ -7524,6 +7740,12 @@ module Aws::SecurityHub
|
|
|
7524
7740
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
7525
7741
|
# },
|
|
7526
7742
|
# ],
|
|
7743
|
+
# region: [
|
|
7744
|
+
# {
|
|
7745
|
+
# value: "NonEmptyString",
|
|
7746
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
7747
|
+
# },
|
|
7748
|
+
# ],
|
|
7527
7749
|
# type: [
|
|
7528
7750
|
# {
|
|
7529
7751
|
# value: "NonEmptyString",
|
|
@@ -7933,6 +8155,12 @@ module Aws::SecurityHub
|
|
|
7933
8155
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
7934
8156
|
# },
|
|
7935
8157
|
# ],
|
|
8158
|
+
# resource_aws_iam_access_key_principal_name: [
|
|
8159
|
+
# {
|
|
8160
|
+
# value: "NonEmptyString",
|
|
8161
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8162
|
+
# },
|
|
8163
|
+
# ],
|
|
7936
8164
|
# resource_aws_iam_access_key_status: [
|
|
7937
8165
|
# {
|
|
7938
8166
|
# value: "NonEmptyString",
|
|
@@ -7949,6 +8177,12 @@ module Aws::SecurityHub
|
|
|
7949
8177
|
# },
|
|
7950
8178
|
# },
|
|
7951
8179
|
# ],
|
|
8180
|
+
# resource_aws_iam_user_user_name: [
|
|
8181
|
+
# {
|
|
8182
|
+
# value: "NonEmptyString",
|
|
8183
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8184
|
+
# },
|
|
8185
|
+
# ],
|
|
7952
8186
|
# resource_container_name: [
|
|
7953
8187
|
# {
|
|
7954
8188
|
# value: "NonEmptyString",
|
|
@@ -8161,6 +8395,12 @@ module Aws::SecurityHub
|
|
|
8161
8395
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8162
8396
|
# },
|
|
8163
8397
|
# ],
|
|
8398
|
+
# region: [
|
|
8399
|
+
# {
|
|
8400
|
+
# value: "NonEmptyString",
|
|
8401
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8402
|
+
# },
|
|
8403
|
+
# ],
|
|
8164
8404
|
# type: [
|
|
8165
8405
|
# {
|
|
8166
8406
|
# value: "NonEmptyString",
|
|
@@ -8570,6 +8810,12 @@ module Aws::SecurityHub
|
|
|
8570
8810
|
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8571
8811
|
# },
|
|
8572
8812
|
# ],
|
|
8813
|
+
# resource_aws_iam_access_key_principal_name: [
|
|
8814
|
+
# {
|
|
8815
|
+
# value: "NonEmptyString",
|
|
8816
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8817
|
+
# },
|
|
8818
|
+
# ],
|
|
8573
8819
|
# resource_aws_iam_access_key_status: [
|
|
8574
8820
|
# {
|
|
8575
8821
|
# value: "NonEmptyString",
|
|
@@ -8586,6 +8832,12 @@ module Aws::SecurityHub
|
|
|
8586
8832
|
# },
|
|
8587
8833
|
# },
|
|
8588
8834
|
# ],
|
|
8835
|
+
# resource_aws_iam_user_user_name: [
|
|
8836
|
+
# {
|
|
8837
|
+
# value: "NonEmptyString",
|
|
8838
|
+
# comparison: "EQUALS", # accepts EQUALS, PREFIX, NOT_EQUALS, PREFIX_NOT_EQUALS
|
|
8839
|
+
# },
|
|
8840
|
+
# ],
|
|
8589
8841
|
# resource_container_name: [
|
|
8590
8842
|
# {
|
|
8591
8843
|
# value: "NonEmptyString",
|
|
@@ -8849,7 +9101,7 @@ module Aws::SecurityHub
|
|
|
8849
9101
|
params: params,
|
|
8850
9102
|
config: config)
|
|
8851
9103
|
context[:gem_name] = 'aws-sdk-securityhub'
|
|
8852
|
-
context[:gem_version] = '1.
|
|
9104
|
+
context[:gem_version] = '1.48.0'
|
|
8853
9105
|
Seahorse::Client::Request.new(handlers, context)
|
|
8854
9106
|
end
|
|
8855
9107
|
|