RubyGems - aws-sdk-securityhub - Versions diffs - 1.63.0 → 1.64.0 - Mend

aws-sdk-securityhub 1.63.0 → 1.64.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +5 -0
data/VERSION +1 -1
data/lib/aws-sdk-securityhub/client.rb +24 -4
data/lib/aws-sdk-securityhub/client_api.rb +3 -0
data/lib/aws-sdk-securityhub/types.rb +47 -32
data/lib/aws-sdk-securityhub.rb +1 -1
metadata +2 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 30409a3e26327b799464d00f805cab5ad57763f037cefa4a81658e50f600514a
-  data.tar.gz: 2ae4d0de46e2c981c3b627e6f0c79db215fe5b4de1993922a6e54d4ed9e56aac
+  metadata.gz: a1e44d15048a877e690e3471897d355ee64a8cbcabe58c8cdc94e5202a932210
+  data.tar.gz: b44878943ae11653b9aed5403f35732bd6a79e71d3f4b4c8e77c81bef8359f0b
 SHA512:
-  metadata.gz: 796004f36da1fced113fcce8a7204dc7013ae5d5d474b6bb07c9b704c357cd0d63925e7b6754c9701b5e133356ebcdaefb4edb34650e3f48afbac7d4f6cfca9c
-  data.tar.gz: 75e241d38b9dede170ee2cb656448774dd49ac2b51bc038c1aba5ee2b2df080af45192e2f7855d159e97bdbfd9510d29e7bc9d9103a2a2bffb31d58df27ed5bb
+  metadata.gz: dcda037db40f3fc0702b8ddd2668427e7fa05e25efb61860685c9e082b1d6a4ca263000fd65b6ee1808a3820ddc7f2dd1922f4574c4b4df8b8ab6360e4ec9e4f
+  data.tar.gz: b62d92a760a10adee50aa82a3bbd52c35f0c745366973b13655dce2d6f18cb35a36afccb5862a95e64bbace487b60c3dc735984cf7f2c884f0d8e9297cb09590

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
+1.64.0 (2022-04-25)
+------------------
+* Feature - Security Hub now lets you opt-out of auto-enabling the defaults standards (CIS and FSBP) in accounts that are auto-enabled with Security Hub via Security Hub's integration with AWS Organizations.
 1.63.0 (2022-04-05)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.63.0
1	+ 1.64.0

data/lib/aws-sdk-securityhub/client.rb CHANGED Viewed

@@ -3736,9 +3736,11 @@ module Aws::SecurityHub
     # aggregation Region.
     #
     # For more details about cross-Region replication, see [Configuring
-    # finding
-    # aggregation](securityhub/latest/userguide/finding-aggregation.html) in
-    # the *Security Hub User Guide*.
+    # finding aggregation][1] in the *Security Hub User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html
     #
     # @option params [required, String] :region_linking_mode
     #   Indicates whether to aggregate findings from all of the available
@@ -4838,11 +4840,13 @@ module Aws::SecurityHub
     #
     #   * {Types::DescribeOrganizationConfigurationResponse#auto_enable #auto_enable} => Boolean
     #   * {Types::DescribeOrganizationConfigurationResponse#member_account_limit_reached #member_account_limit_reached} => Boolean
+    #   * {Types::DescribeOrganizationConfigurationResponse#auto_enable_standards #auto_enable_standards} => String
     #
     # @example Response structure
     #
     #   resp.auto_enable #=> Boolean
     #   resp.member_account_limit_reached #=> Boolean
+    #   resp.auto_enable_standards #=> String, one of "NONE", "DEFAULT"
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfiguration AWS API Documentation
     #
@@ -10311,12 +10315,28 @@ module Aws::SecurityHub
     #   To automatically enable Security Hub for new accounts, set this to
     #   `true`.
     #
+    # @option params [String] :auto_enable_standards
+    #   Whether to automatically enable Security Hub [default standards][1]
+    #   for new member accounts in the organization.
+    #
+    #   By default, this parameter is equal to `DEFAULT`, and new member
+    #   accounts are automatically enabled with default Security Hub
+    #   standards.
+    #
+    #   To opt out of enabling default standards for new member accounts, set
+    #   this parameter equal to `NONE`.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.update_organization_configuration({
     #     auto_enable: false, # required
+    #     auto_enable_standards: "NONE", # accepts NONE, DEFAULT
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfiguration AWS API Documentation
@@ -10400,7 +10420,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.63.0'
+      context[:gem_version] = '1.64.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-securityhub/client_api.rb CHANGED Viewed

@@ -36,6 +36,7 @@ module Aws::SecurityHub
     AdminStatus = Shapes::StringShape.new(name: 'AdminStatus')
     AdminsMaxResults = Shapes::IntegerShape.new(name: 'AdminsMaxResults')
     ArnList = Shapes::ListShape.new(name: 'ArnList')
+    AutoEnableStandards = Shapes::StringShape.new(name: 'AutoEnableStandards')
     AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
     AvailabilityZones = Shapes::ListShape.new(name: 'AvailabilityZones')
     AwsApiCallAction = Shapes::StructureShape.new(name: 'AwsApiCallAction')
@@ -3614,6 +3615,7 @@ module Aws::SecurityHub
     DescribeOrganizationConfigurationResponse.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, location_name: "AutoEnable"))
     DescribeOrganizationConfigurationResponse.add_member(:member_account_limit_reached, Shapes::ShapeRef.new(shape: Boolean, location_name: "MemberAccountLimitReached"))
+    DescribeOrganizationConfigurationResponse.add_member(:auto_enable_standards, Shapes::ShapeRef.new(shape: AutoEnableStandards, location_name: "AutoEnableStandards"))
     DescribeOrganizationConfigurationResponse.struct_class = Types::DescribeOrganizationConfigurationResponse
     DescribeProductsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "NextToken"))
@@ -4497,6 +4499,7 @@ module Aws::SecurityHub
     UpdateInsightResponse.struct_class = Types::UpdateInsightResponse
     UpdateOrganizationConfigurationRequest.add_member(:auto_enable, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "AutoEnable"))
+    UpdateOrganizationConfigurationRequest.add_member(:auto_enable_standards, Shapes::ShapeRef.new(shape: AutoEnableStandards, location_name: "AutoEnableStandards"))
     UpdateOrganizationConfigurationRequest.struct_class = Types::UpdateOrganizationConfigurationRequest
     UpdateOrganizationConfigurationResponse.struct_class = Types::UpdateOrganizationConfigurationResponse

data/lib/aws-sdk-securityhub/types.rb CHANGED Viewed

@@ -20757,36 +20757,24 @@ module Aws::SecurityHub
     #   The name of the product that generated the finding.
     #
     #   Security Hub populates this attribute automatically for each
-    #   finding. You cannot update it using `BatchImportFindings` or
-    #   `BatchUpdateFindings`. The exception to this is when you use a
-    #   custom integration.
-    #
-    #   When you use the Security Hub console to filter findings by product
-    #   name, you use this attribute.
-    #
-    #   When you use the Security Hub API to filter findings by product
-    #   name, you use the `aws/securityhub/ProductName` attribute under
-    #   `ProductFields`.
+    #   finding. You cannot update this attribute with `BatchImportFindings`
+    #   or `BatchUpdateFindings`. The exception to this is a custom
+    #   integration.
     #
-    #   Security Hub does not synchronize those two attributes.
+    #   When you use the Security Hub console or API to filter findings by
+    #   product name, you use this attribute.
     #   @return [String]
     #
     # @!attribute [rw] company_name
     #   The name of the company for the product that generated the finding.
     #
     #   Security Hub populates this attribute automatically for each
-    #   finding. You cannot be updated using `BatchImportFindings` or
-    #   `BatchUpdateFindings`. The exception to this is when you use a
-    #   custom integration.
-    #
-    #   When you use the Security Hub console to filter findings by company
-    #   name, you use this attribute.
-    #
-    #   When you use the Security Hub API to filter findings by company
-    #   name, you use the `aws/securityhub/CompanyName` attribute under
-    #   `ProductFields`.
+    #   finding. You cannot update this attribute with `BatchImportFindings`
+    #   or `BatchUpdateFindings`. The exception to this is a custom
+    #   integration.
     #
-    #   Security Hub does not synchronize those two attributes.
+    #   When you use the Security Hub console or API to filter findings by
+    #   company name, you use this attribute.
     #   @return [String]
     #
     # @!attribute [rw] region
@@ -21805,19 +21793,11 @@ module Aws::SecurityHub
     #
     # @!attribute [rw] product_name
     #   The name of the solution (product) that generates findings.
-    #
-    #   Note that this is a filter against the `aws/securityhub/ProductName`
-    #   field in `ProductFields`. It is not a filter for the top-level
-    #   `ProductName` field.
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] company_name
     #   The name of the findings provider (company) that owns the solution
     #   (product) that generates findings.
-    #
-    #   Note that this is a filter against the `aws/securityhub/CompanyName`
-    #   field in `ProductFields`. It is not a filter for the top-level
-    #   `CompanyName` field.
     #   @return [Array<Types::StringFilter>]
     #
     # @!attribute [rw] user_defined_fields
@@ -28296,11 +28276,28 @@ module Aws::SecurityHub
     #   associated with the Security Hub administrator account.
     #   @return [Boolean]
     #
+    # @!attribute [rw] auto_enable_standards
+    #   Whether to automatically enable Security Hub [default standards][1]
+    #   for new member accounts in the organization.
+    #
+    #   The default value of this parameter is equal to `DEFAULT`.
+    #
+    #   If equal to `DEFAULT`, then Security Hub default standards are
+    #   automatically enabled for new member accounts. If equal to `NONE`,
+    #   then default standards are not automatically enabled for new member
+    #   accounts.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeOrganizationConfigurationResponse AWS API Documentation
     #
     class DescribeOrganizationConfigurationResponse < Struct.new(
       :auto_enable,
-      :member_account_limit_reached)
+      :member_account_limit_reached,
+      :auto_enable_standards)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -40801,6 +40798,7 @@ module Aws::SecurityHub
     #
     #       {
     #         auto_enable: false, # required
+    #         auto_enable_standards: "NONE", # accepts NONE, DEFAULT
     #       }
     #
     # @!attribute [rw] auto_enable
@@ -40814,10 +40812,27 @@ module Aws::SecurityHub
     #   `true`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] auto_enable_standards
+    #   Whether to automatically enable Security Hub [default standards][1]
+    #   for new member accounts in the organization.
+    #
+    #   By default, this parameter is equal to `DEFAULT`, and new member
+    #   accounts are automatically enabled with default Security Hub
+    #   standards.
+    #
+    #   To opt out of enabling default standards for new member accounts,
+    #   set this parameter equal to `NONE`.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-enable-disable.html
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateOrganizationConfigurationRequest AWS API Documentation
     #
     class UpdateOrganizationConfigurationRequest < Struct.new(
-      :auto_enable)
+      :auto_enable,
+      :auto_enable_standards)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-securityhub.rb CHANGED Viewed

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-securityhub/customizations'
 # @!group service
 module Aws::SecurityHub
-  GEM_VERSION = '1.63.0'
+  GEM_VERSION = '1.64.0'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securityhub
 version: !ruby/object:Gem::Version
-  version: 1.63.0
+  version: 1.64.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-04-05 00:00:00.000000000 Z
+date: 2022-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core