aws-sdk-securityhub 1.78.0 → 1.79.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6829baf0bb94d305e9ce5ccc5fdab0a544a83dd04ea8a3c5885659bb3f22cf2a
-  data.tar.gz: b7c20716e8c7c3f74ef1bfd9bb183f14fbe9e0d5b439c5647386e07553045628
+  metadata.gz: d5ede1dc39dfee50b462b22cad2a90d8966fbbcba0c36b7de3b1ce3f5cd5f68b
+  data.tar.gz: 743c7efa8ff35fc2a7e88e433eea045d872f331023f0a1c473c475fb0f480724
 SHA512:
-  metadata.gz: ab96c7ecf1c909f510cebf766d6736c0cf1dfbbad2fe47584bff858d57564b45aaab7f871079dce2ed944a524803f1bf9aed0a7468fd55839005c07138d37081
-  data.tar.gz: 72a9cdf0acba52eb14159138a085b10a4cd247fdf65eacf9018e5f43695b2dfd219a5a5f41a2e52acfbad189fe0e88ec01c07272319291552817fd6a9d36f427
+  metadata.gz: c47a83f5f235e56b12e7fc10e5cd0024fa3b7671dc53eaf4b6da3b146cdeddcf44a286bc0be472ef048b26ace1830d4d51d73a741177fb11c94252c21a214502
+  data.tar.gz: 0e84c05d02ee3c5bc91e17d00117037215764b5d87ee71b22d485bb74b49777c2eb197ddc17949d224c662be1a2fcc9b30cbffd9567bcce6c8bea7b983c5ab2d

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.79.0 (2023-03-27)
+------------------
+
+* Feature - Added new resource detail objects to ASFF, including resources for AwsEksCluster, AWSS3Bucket, AwsEc2RouteTable and AwsEC2Instance.
+
 1.78.0 (2023-02-24)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.78.0
+1.79.0

data/lib/aws-sdk-securityhub/client.rb

@@ -1824,12 +1824,15 @@ module Aws::SecurityHub
 
     # Declines invitations to become a member account.
     #
-    # This operation is only used by accounts that are not part of an
-    # organization. Organization accounts do not receive invitations.
+    # A prospective member account uses this operation to decline an
+    # invitation to become a member.
+    #
+    # This operation is only called by member accounts that aren't part of
+    # an organization. Organization accounts don't receive invitations.
     #
     # @option params [required, Array<String>] :account_ids
-    #   The list of account IDs for the accounts from which to decline the
-    #   invitations to Security Hub.
+    #   The list of prospective member account IDs for which to decline an
+    #   invitation.
     #
     # @return [Types::DeclineInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1948,11 +1951,16 @@ module Aws::SecurityHub
     # Deletes invitations received by the Amazon Web Services account to
     # become a member account.
     #
-    # This operation is only used by accounts that are not part of an
-    # organization. Organization accounts do not receive invitations.
+    # A Security Hub administrator account can use this operation to delete
+    # invitations sent to one or more member accounts.
+    #
+    # This operation is only used to delete invitations that are sent to
+    # member accounts that aren't part of an organization. Organization
+    # accounts don't receive invitations.
     #
     # @option params [required, Array<String>] :account_ids
-    #   The list of the account IDs that sent the invitations to delete.
+    #   The list of member account IDs that received the invitations you want
+    #   to delete.
     #
     # @return [Types::DeleteInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2560,7 +2568,7 @@ module Aws::SecurityHub
     #   The value for this field in a member account matches the value in the
     #   administrator account. For accounts that aren't part of an
     #   organization, the default value of this field is `SECURITY_CONTROL` if
-    #   you enabled Security Hub on or after February 9, 2023.
+    #   you enabled Security Hub on or after February 23, 2023.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -5966,7 +5974,7 @@ module Aws::SecurityHub
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-securityhub'
-      context[:gem_version] = '1.78.0'
+      context[:gem_version] = '1.79.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-securityhub/client_api.rb

@@ -38,6 +38,9 @@ module Aws::SecurityHub
     ArnList = Shapes::ListShape.new(name: 'ArnList')
     AssociatedStandard = Shapes::StructureShape.new(name: 'AssociatedStandard')
     AssociatedStandardsList = Shapes::ListShape.new(name: 'AssociatedStandardsList')
+    AssociationSetDetails = Shapes::StructureShape.new(name: 'AssociationSetDetails')
+    AssociationSetList = Shapes::ListShape.new(name: 'AssociationSetList')
+    AssociationStateDetails = Shapes::StructureShape.new(name: 'AssociationStateDetails')
     AssociationStatus = Shapes::StringShape.new(name: 'AssociationStatus')
     AutoEnableStandards = Shapes::StringShape.new(name: 'AutoEnableStandards')
     AvailabilityZone = Shapes::StructureShape.new(name: 'AvailabilityZone')
@@ -158,6 +161,7 @@ module Aws::SecurityHub
     AwsEc2EipDetails = Shapes::StructureShape.new(name: 'AwsEc2EipDetails')
     AwsEc2InstanceDetails = Shapes::StructureShape.new(name: 'AwsEc2InstanceDetails')
     AwsEc2InstanceMetadataOptions = Shapes::StructureShape.new(name: 'AwsEc2InstanceMetadataOptions')
+    AwsEc2InstanceMonitoringDetails = Shapes::StructureShape.new(name: 'AwsEc2InstanceMonitoringDetails')
     AwsEc2InstanceNetworkInterfacesDetails = Shapes::StructureShape.new(name: 'AwsEc2InstanceNetworkInterfacesDetails')
     AwsEc2InstanceNetworkInterfacesList = Shapes::ListShape.new(name: 'AwsEc2InstanceNetworkInterfacesList')
     AwsEc2LaunchTemplateDataBlockDeviceMappingSetDetails = Shapes::StructureShape.new(name: 'AwsEc2LaunchTemplateDataBlockDeviceMappingSetDetails')
@@ -217,6 +221,7 @@ module Aws::SecurityHub
     AwsEc2NetworkInterfacePrivateIpAddressList = Shapes::ListShape.new(name: 'AwsEc2NetworkInterfacePrivateIpAddressList')
     AwsEc2NetworkInterfaceSecurityGroup = Shapes::StructureShape.new(name: 'AwsEc2NetworkInterfaceSecurityGroup')
     AwsEc2NetworkInterfaceSecurityGroupList = Shapes::ListShape.new(name: 'AwsEc2NetworkInterfaceSecurityGroupList')
+    AwsEc2RouteTableDetails = Shapes::StructureShape.new(name: 'AwsEc2RouteTableDetails')
     AwsEc2SecurityGroupDetails = Shapes::StructureShape.new(name: 'AwsEc2SecurityGroupDetails')
     AwsEc2SecurityGroupIpPermission = Shapes::StructureShape.new(name: 'AwsEc2SecurityGroupIpPermission')
     AwsEc2SecurityGroupIpPermissionList = Shapes::ListShape.new(name: 'AwsEc2SecurityGroupIpPermissionList')
@@ -527,6 +532,9 @@ module Aws::SecurityHub
     AwsS3BucketNotificationConfigurationS3KeyFilterRule = Shapes::StructureShape.new(name: 'AwsS3BucketNotificationConfigurationS3KeyFilterRule')
     AwsS3BucketNotificationConfigurationS3KeyFilterRuleName = Shapes::StringShape.new(name: 'AwsS3BucketNotificationConfigurationS3KeyFilterRuleName')
     AwsS3BucketNotificationConfigurationS3KeyFilterRules = Shapes::ListShape.new(name: 'AwsS3BucketNotificationConfigurationS3KeyFilterRules')
+    AwsS3BucketObjectLockConfiguration = Shapes::StructureShape.new(name: 'AwsS3BucketObjectLockConfiguration')
+    AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails = Shapes::StructureShape.new(name: 'AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails')
+    AwsS3BucketObjectLockConfigurationRuleDetails = Shapes::StructureShape.new(name: 'AwsS3BucketObjectLockConfigurationRuleDetails')
     AwsS3BucketServerSideEncryptionByDefault = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionByDefault')
     AwsS3BucketServerSideEncryptionConfiguration = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionConfiguration')
     AwsS3BucketServerSideEncryptionRule = Shapes::StructureShape.new(name: 'AwsS3BucketServerSideEncryptionRule')
@@ -814,6 +822,8 @@ module Aws::SecurityHub
     Product = Shapes::StructureShape.new(name: 'Product')
     ProductSubscriptionArnList = Shapes::ListShape.new(name: 'ProductSubscriptionArnList')
     ProductsList = Shapes::ListShape.new(name: 'ProductsList')
+    PropagatingVgwSetDetails = Shapes::StructureShape.new(name: 'PropagatingVgwSetDetails')
+    PropagatingVgwSetList = Shapes::ListShape.new(name: 'PropagatingVgwSetList')
     Range = Shapes::StructureShape.new(name: 'Range')
     Ranges = Shapes::ListShape.new(name: 'Ranges')
     RatioScale = Shapes::IntegerShape.new(name: 'RatioScale')
@@ -834,6 +844,8 @@ module Aws::SecurityHub
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     Result = Shapes::StructureShape.new(name: 'Result')
     ResultList = Shapes::ListShape.new(name: 'ResultList')
+    RouteSetDetails = Shapes::StructureShape.new(name: 'RouteSetDetails')
+    RouteSetList = Shapes::ListShape.new(name: 'RouteSetList')
     RuleGroupDetails = Shapes::StructureShape.new(name: 'RuleGroupDetails')
     RuleGroupSource = Shapes::StructureShape.new(name: 'RuleGroupSource')
     RuleGroupSourceCustomActionsDetails = Shapes::StructureShape.new(name: 'RuleGroupSourceCustomActionsDetails')
@@ -1049,6 +1061,20 @@ module Aws::SecurityHub
 
     AssociatedStandardsList.member = Shapes::ShapeRef.new(shape: AssociatedStandard)
 
+    AssociationSetDetails.add_member(:association_state, Shapes::ShapeRef.new(shape: AssociationStateDetails, location_name: "AssociationState"))
+    AssociationSetDetails.add_member(:gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "GatewayId"))
+    AssociationSetDetails.add_member(:main, Shapes::ShapeRef.new(shape: Boolean, location_name: "Main"))
+    AssociationSetDetails.add_member(:route_table_association_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "RouteTableAssociationId"))
+    AssociationSetDetails.add_member(:route_table_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "RouteTableId"))
+    AssociationSetDetails.add_member(:subnet_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SubnetId"))
+    AssociationSetDetails.struct_class = Types::AssociationSetDetails
+
+    AssociationSetList.member = Shapes::ShapeRef.new(shape: AssociationSetDetails)
+
+    AssociationStateDetails.add_member(:state, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "State"))
+    AssociationStateDetails.add_member(:status_message, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "StatusMessage"))
+    AssociationStateDetails.struct_class = Types::AssociationStateDetails
+
     AvailabilityZone.add_member(:zone_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ZoneName"))
     AvailabilityZone.add_member(:subnet_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SubnetId"))
     AvailabilityZone.struct_class = Types::AvailabilityZone
@@ -1761,6 +1787,7 @@ module Aws::SecurityHub
     AwsEc2InstanceDetails.add_member(:network_interfaces, Shapes::ShapeRef.new(shape: AwsEc2InstanceNetworkInterfacesList, location_name: "NetworkInterfaces"))
     AwsEc2InstanceDetails.add_member(:virtualization_type, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "VirtualizationType"))
     AwsEc2InstanceDetails.add_member(:metadata_options, Shapes::ShapeRef.new(shape: AwsEc2InstanceMetadataOptions, location_name: "MetadataOptions"))
+    AwsEc2InstanceDetails.add_member(:monitoring, Shapes::ShapeRef.new(shape: AwsEc2InstanceMonitoringDetails, location_name: "Monitoring"))
     AwsEc2InstanceDetails.struct_class = Types::AwsEc2InstanceDetails
 
     AwsEc2InstanceMetadataOptions.add_member(:http_endpoint, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "HttpEndpoint"))
@@ -1770,6 +1797,9 @@ module Aws::SecurityHub
     AwsEc2InstanceMetadataOptions.add_member(:instance_metadata_tags, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "InstanceMetadataTags"))
     AwsEc2InstanceMetadataOptions.struct_class = Types::AwsEc2InstanceMetadataOptions
 
+    AwsEc2InstanceMonitoringDetails.add_member(:state, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "State"))
+    AwsEc2InstanceMonitoringDetails.struct_class = Types::AwsEc2InstanceMonitoringDetails
+
     AwsEc2InstanceNetworkInterfacesDetails.add_member(:network_interface_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NetworkInterfaceId"))
     AwsEc2InstanceNetworkInterfacesDetails.struct_class = Types::AwsEc2InstanceNetworkInterfacesDetails
 
@@ -2074,6 +2104,14 @@ module Aws::SecurityHub
 
     AwsEc2NetworkInterfaceSecurityGroupList.member = Shapes::ShapeRef.new(shape: AwsEc2NetworkInterfaceSecurityGroup)
 
+    AwsEc2RouteTableDetails.add_member(:association_set, Shapes::ShapeRef.new(shape: AssociationSetList, location_name: "AssociationSet"))
+    AwsEc2RouteTableDetails.add_member(:owner_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerId"))
+    AwsEc2RouteTableDetails.add_member(:propagating_vgw_set, Shapes::ShapeRef.new(shape: PropagatingVgwSetList, location_name: "PropagatingVgwSet"))
+    AwsEc2RouteTableDetails.add_member(:route_table_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "RouteTableId"))
+    AwsEc2RouteTableDetails.add_member(:route_set, Shapes::ShapeRef.new(shape: RouteSetList, location_name: "RouteSet"))
+    AwsEc2RouteTableDetails.add_member(:vpc_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "VpcId"))
+    AwsEc2RouteTableDetails.struct_class = Types::AwsEc2RouteTableDetails
+
     AwsEc2SecurityGroupDetails.add_member(:group_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "GroupName"))
     AwsEc2SecurityGroupDetails.add_member(:group_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "GroupId"))
     AwsEc2SecurityGroupDetails.add_member(:owner_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "OwnerId"))
@@ -2711,6 +2749,7 @@ module Aws::SecurityHub
 
     AwsEksClusterResourcesVpcConfigDetails.add_member(:security_group_ids, Shapes::ShapeRef.new(shape: NonEmptyStringList, location_name: "SecurityGroupIds"))
     AwsEksClusterResourcesVpcConfigDetails.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: NonEmptyStringList, location_name: "SubnetIds"))
+    AwsEksClusterResourcesVpcConfigDetails.add_member(:endpoint_public_access, Shapes::ShapeRef.new(shape: Boolean, location_name: "EndpointPublicAccess"))
     AwsEksClusterResourcesVpcConfigDetails.struct_class = Types::AwsEksClusterResourcesVpcConfigDetails
 
     AwsElasticBeanstalkEnvironmentDetails.add_member(:application_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ApplicationName"))
@@ -3766,6 +3805,7 @@ module Aws::SecurityHub
     AwsS3BucketDetails.add_member(:bucket_website_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketWebsiteConfiguration, location_name: "BucketWebsiteConfiguration"))
     AwsS3BucketDetails.add_member(:bucket_notification_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketNotificationConfiguration, location_name: "BucketNotificationConfiguration"))
     AwsS3BucketDetails.add_member(:bucket_versioning_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketBucketVersioningConfiguration, location_name: "BucketVersioningConfiguration"))
+    AwsS3BucketDetails.add_member(:object_lock_configuration, Shapes::ShapeRef.new(shape: AwsS3BucketObjectLockConfiguration, location_name: "ObjectLockConfiguration"))
     AwsS3BucketDetails.struct_class = Types::AwsS3BucketDetails
 
     AwsS3BucketLoggingConfiguration.add_member(:destination_bucket_name, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DestinationBucketName"))
@@ -3797,6 +3837,18 @@ module Aws::SecurityHub
 
     AwsS3BucketNotificationConfigurationS3KeyFilterRules.member = Shapes::ShapeRef.new(shape: AwsS3BucketNotificationConfigurationS3KeyFilterRule)
 
+    AwsS3BucketObjectLockConfiguration.add_member(:object_lock_enabled, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "ObjectLockEnabled"))
+    AwsS3BucketObjectLockConfiguration.add_member(:rule, Shapes::ShapeRef.new(shape: AwsS3BucketObjectLockConfigurationRuleDetails, location_name: "Rule"))
+    AwsS3BucketObjectLockConfiguration.struct_class = Types::AwsS3BucketObjectLockConfiguration
+
+    AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails.add_member(:days, Shapes::ShapeRef.new(shape: Integer, location_name: "Days"))
+    AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails.add_member(:mode, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Mode"))
+    AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails.add_member(:years, Shapes::ShapeRef.new(shape: Integer, location_name: "Years"))
+    AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails.struct_class = Types::AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails
+
+    AwsS3BucketObjectLockConfigurationRuleDetails.add_member(:default_retention, Shapes::ShapeRef.new(shape: AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails, location_name: "DefaultRetention"))
+    AwsS3BucketObjectLockConfigurationRuleDetails.struct_class = Types::AwsS3BucketObjectLockConfigurationRuleDetails
+
     AwsS3BucketServerSideEncryptionByDefault.add_member(:sse_algorithm, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "SSEAlgorithm"))
     AwsS3BucketServerSideEncryptionByDefault.add_member(:kms_master_key_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "KMSMasterKeyID"))
     AwsS3BucketServerSideEncryptionByDefault.struct_class = Types::AwsS3BucketServerSideEncryptionByDefault
@@ -5050,6 +5102,11 @@ module Aws::SecurityHub
 
     ProductsList.member = Shapes::ShapeRef.new(shape: Product)
 
+    PropagatingVgwSetDetails.add_member(:gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "GatewayId"))
+    PropagatingVgwSetDetails.struct_class = Types::PropagatingVgwSetDetails
+
+    PropagatingVgwSetList.member = Shapes::ShapeRef.new(shape: PropagatingVgwSetDetails)
+
     Range.add_member(:start, Shapes::ShapeRef.new(shape: Long, location_name: "Start"))
     Range.add_member(:end, Shapes::ShapeRef.new(shape: Long, location_name: "End"))
     Range.add_member(:start_column, Shapes::ShapeRef.new(shape: Long, location_name: "StartColumn"))
@@ -5175,6 +5232,7 @@ module Aws::SecurityHub
     ResourceDetails.add_member(:aws_sage_maker_notebook_instance, Shapes::ShapeRef.new(shape: AwsSageMakerNotebookInstanceDetails, location_name: "AwsSageMakerNotebookInstance"))
     ResourceDetails.add_member(:aws_wafv_2_web_acl, Shapes::ShapeRef.new(shape: AwsWafv2WebAclDetails, location_name: "AwsWafv2WebAcl"))
     ResourceDetails.add_member(:aws_wafv_2_rule_group, Shapes::ShapeRef.new(shape: AwsWafv2RuleGroupDetails, location_name: "AwsWafv2RuleGroup"))
+    ResourceDetails.add_member(:aws_ec2_route_table, Shapes::ShapeRef.new(shape: AwsEc2RouteTableDetails, location_name: "AwsEc2RouteTable"))
     ResourceDetails.struct_class = Types::ResourceDetails
 
     ResourceList.member = Shapes::ShapeRef.new(shape: Resource)
@@ -5189,6 +5247,26 @@ module Aws::SecurityHub
 
     ResultList.member = Shapes::ShapeRef.new(shape: Result)
 
+    RouteSetDetails.add_member(:carrier_gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CarrierGatewayId"))
+    RouteSetDetails.add_member(:core_network_arn, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "CoreNetworkArn"))
+    RouteSetDetails.add_member(:destination_cidr_block, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DestinationCidrBlock"))
+    RouteSetDetails.add_member(:destination_ipv_6_cidr_block, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DestinationIpv6CidrBlock"))
+    RouteSetDetails.add_member(:destination_prefix_list_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "DestinationPrefixListId"))
+    RouteSetDetails.add_member(:egress_only_internet_gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "EgressOnlyInternetGatewayId"))
+    RouteSetDetails.add_member(:gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "GatewayId"))
+    RouteSetDetails.add_member(:instance_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "InstanceId"))
+    RouteSetDetails.add_member(:instance_owner_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "InstanceOwnerId"))
+    RouteSetDetails.add_member(:local_gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "LocalGatewayId"))
+    RouteSetDetails.add_member(:nat_gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NatGatewayId"))
+    RouteSetDetails.add_member(:network_interface_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "NetworkInterfaceId"))
+    RouteSetDetails.add_member(:origin, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "Origin"))
+    RouteSetDetails.add_member(:state, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "State"))
+    RouteSetDetails.add_member(:transit_gateway_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "TransitGatewayId"))
+    RouteSetDetails.add_member(:vpc_peering_connection_id, Shapes::ShapeRef.new(shape: NonEmptyString, location_name: "VpcPeeringConnectionId"))
+    RouteSetDetails.struct_class = Types::RouteSetDetails
+
+    RouteSetList.member = Shapes::ShapeRef.new(shape: RouteSetDetails)
+
     RuleGroupDetails.add_member(:rule_variables, Shapes::ShapeRef.new(shape: RuleGroupVariables, location_name: "RuleVariables"))
     RuleGroupDetails.add_member(:rules_source, Shapes::ShapeRef.new(shape: RuleGroupSource, location_name: "RulesSource"))
     RuleGroupDetails.struct_class = Types::RuleGroupDetails

data/lib/aws-sdk-securityhub/types.rb

@@ -329,6 +329,68 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # The associations between a route table and one or more subnets or a
+    # gateway.
+    #
+    # @!attribute [rw] association_state
+    #   The state of the association between a route table and a subnet or
+    #   gateway.
+    #   @return [Types::AssociationStateDetails]
+    #
+    # @!attribute [rw] gateway_id
+    #   The ID of the internet gateway or virtual private gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] main
+    #   Indicates whether this is the main route table.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] route_table_association_id
+    #   The ID of the association.
+    #   @return [String]
+    #
+    # @!attribute [rw] route_table_id
+    #   The ID of the route table.
+    #   @return [String]
+    #
+    # @!attribute [rw] subnet_id
+    #   The ID of the subnet. A subnet ID is not returned for an implicit
+    #   association.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AssociationSetDetails AWS API Documentation
+    #
+    class AssociationSetDetails < Struct.new(
+      :association_state,
+      :gateway_id,
+      :main,
+      :route_table_association_id,
+      :route_table_id,
+      :subnet_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes the state of an association between a route table and a
+    # subnet or gateway.
+    #
+    # @!attribute [rw] state
+    #   The state of the association.
+    #   @return [String]
+    #
+    # @!attribute [rw] status_message
+    #   The status message, if applicable.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AssociationStateDetails AWS API Documentation
+    #
+    class AssociationStateDetails < Struct.new(
+      :state,
+      :status_message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Information about an Availability Zone.
     #
     # @!attribute [rw] zone_name
@@ -4459,6 +4521,10 @@ module Aws::SecurityHub
     #   Details about the metadata options for the Amazon EC2 instance.
     #   @return [Types::AwsEc2InstanceMetadataOptions]
     #
+    # @!attribute [rw] monitoring
+    #   Describes the type of monitoring that’s turned on for an instance.
+    #   @return [Types::AwsEc2InstanceMonitoringDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2InstanceDetails AWS API Documentation
     #
     class AwsEc2InstanceDetails < Struct.new(
@@ -4473,7 +4539,8 @@ module Aws::SecurityHub
       :launched_at,
       :network_interfaces,
       :virtualization_type,
-      :metadata_options)
+      :metadata_options,
+      :monitoring)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4517,6 +4584,21 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # The type of monitoring that’s turned on for an Amazon EC2 instance.
+    #
+    # @!attribute [rw] state
+    #   Indicates whether detailed monitoring is turned on. Otherwise, basic
+    #   monitoring is turned on.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2InstanceMonitoringDetails AWS API Documentation
+    #
+    class AwsEc2InstanceMonitoringDetails < Struct.new(
+      :state)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Identifies a network interface for the Amazon EC2 instance.
     #
     # @!attribute [rw] network_interface_id
@@ -6075,6 +6157,46 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # Provides details about a route table for the specified VPC.
+    #
+    # @!attribute [rw] association_set
+    #   The associations between a route table and one or more subnets or a
+    #   gateway.
+    #   @return [Array<Types::AssociationSetDetails>]
+    #
+    # @!attribute [rw] owner_id
+    #   The ID of the Amazon Web Services account that owns the route table.
+    #   @return [String]
+    #
+    # @!attribute [rw] propagating_vgw_set
+    #   Describes a virtual private gateway propagating route.
+    #   @return [Array<Types::PropagatingVgwSetDetails>]
+    #
+    # @!attribute [rw] route_table_id
+    #   The ID of the route table.
+    #   @return [String]
+    #
+    # @!attribute [rw] route_set
+    #   The routes in the route table.
+    #   @return [Array<Types::RouteSetDetails>]
+    #
+    # @!attribute [rw] vpc_id
+    #   The ID of the virtual private cloud (VPC).
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEc2RouteTableDetails AWS API Documentation
+    #
+    class AwsEc2RouteTableDetails < Struct.new(
+      :association_set,
+      :owner_id,
+      :propagating_vgw_set,
+      :route_table_id,
+      :route_set,
+      :vpc_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Details about an Amazon EC2 security group.
     #
     # @!attribute [rw] group_name
@@ -8091,15 +8213,15 @@ module Aws::SecurityHub
     #
     #   * ` user `
     #
-    #   * ` user `\:` group `
+    #   * ` user `:` group `
     #
     #   * ` uid `
     #
-    #   * ` uid `\:` gid `
+    #   * ` uid `:` gid `
     #
-    #   * ` user `\:` gid `
+    #   * ` user `:` gid `
     #
-    #   * ` uid `\:` group `
+    #   * ` uid `:` group `
     #   @return [String]
     #
     # @!attribute [rw] volumes_from
@@ -9426,11 +9548,19 @@ module Aws::SecurityHub
     #   The subnets that are associated with the cluster.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] endpoint_public_access
+    #   Indicates whether the Amazon EKS public API server endpoint is
+    #   turned on. If the Amazon EKS public API server endpoint is turned
+    #   off, your cluster's Kubernetes API server can only receive requests
+    #   that originate from within the cluster VPC.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsEksClusterResourcesVpcConfigDetails AWS API Documentation
     #
     class AwsEksClusterResourcesVpcConfigDetails < Struct.new(
       :security_group_ids,
-      :subnet_ids)
+      :subnet_ids,
+      :endpoint_public_access)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -15108,6 +15238,11 @@ module Aws::SecurityHub
     #   The versioning state of an S3 bucket.
     #   @return [Types::AwsS3BucketBucketVersioningConfiguration]
     #
+    # @!attribute [rw] object_lock_configuration
+    #   Specifies which rule Amazon S3 applies by default to every new
+    #   object placed in the specified bucket.
+    #   @return [Types::AwsS3BucketObjectLockConfiguration]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketDetails AWS API Documentation
     #
     class AwsS3BucketDetails < Struct.new(
@@ -15122,7 +15257,8 @@ module Aws::SecurityHub
       :bucket_logging_configuration,
       :bucket_website_configuration,
       :bucket_notification_configuration,
-      :bucket_versioning_configuration)
+      :bucket_versioning_configuration,
+      :object_lock_configuration)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -15248,6 +15384,73 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # The container element for S3 Object Lock configuration parameters. In
+    # Amazon S3, Object Lock can help prevent objects from being deleted or
+    # overwritten for a fixed amount of time or indefinitely.
+    #
+    # @!attribute [rw] object_lock_enabled
+    #   Indicates whether the bucket has an Object Lock configuration
+    #   enabled.
+    #   @return [String]
+    #
+    # @!attribute [rw] rule
+    #   Specifies the Object Lock rule for the specified object.
+    #   @return [Types::AwsS3BucketObjectLockConfigurationRuleDetails]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketObjectLockConfiguration AWS API Documentation
+    #
+    class AwsS3BucketObjectLockConfiguration < Struct.new(
+      :object_lock_enabled,
+      :rule)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The default S3 Object Lock retention mode and period that you want to
+    # apply to new objects placed in the specified Amazon S3 bucket.
+    #
+    # @!attribute [rw] days
+    #   The number of days that you want to specify for the default
+    #   retention period.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] mode
+    #   The default Object Lock retention mode you want to apply to new
+    #   objects placed in the specified bucket.
+    #   @return [String]
+    #
+    # @!attribute [rw] years
+    #   The number of years that you want to specify for the default
+    #   retention period.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails AWS API Documentation
+    #
+    class AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails < Struct.new(
+      :days,
+      :mode,
+      :years)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Specifies the S3 Object Lock rule for the specified object. In Amazon
+    # S3, Object Lock can help prevent objects from being deleted or
+    # overwritten for a fixed amount of time or indefinitely.
+    #
+    # @!attribute [rw] default_retention
+    #   The default Object Lock retention mode and period that you want to
+    #   apply to new objects placed in the specified bucket.
+    #   @return [Types::AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsS3BucketObjectLockConfigurationRuleDetails AWS API Documentation
+    #
+    class AwsS3BucketObjectLockConfigurationRuleDetails < Struct.new(
+      :default_retention)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Specifies the default server-side encryption to apply to new objects
     # in the bucket.
     #
@@ -16296,7 +16499,8 @@ module Aws::SecurityHub
     #   @return [Array<Types::NumberFilter>]
     #
     # @!attribute [rw] process_parent_pid
-    #   The parent process ID.
+    #   The parent process ID. This field accepts positive integers between
+    #   `O` and `2147483647`.
     #   @return [Array<Types::NumberFilter>]
     #
     # @!attribute [rw] process_launched_at
@@ -16505,7 +16709,7 @@ module Aws::SecurityHub
     #     owner.
     #
     #     If one of the following occurs, the workflow status is changed
-    #     automatically from `NOTIFIED` to `NEW`\:
+    #     automatically from `NOTIFIED` to `NEW`:
     #
     #     * `RecordState` changes from `ARCHIVED` to `ACTIVE`.
     #
@@ -19195,8 +19399,8 @@ module Aws::SecurityHub
     end
 
     # @!attribute [rw] account_ids
-    #   The list of account IDs for the accounts from which to decline the
-    #   invitations to Security Hub.
+    #   The list of prospective member account IDs for which to decline an
+    #   invitation.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeclineInvitationsRequest AWS API Documentation
@@ -19288,7 +19492,8 @@ module Aws::SecurityHub
     end
 
     # @!attribute [rw] account_ids
-    #   The list of the account IDs that sent the invitations to delete.
+    #   The list of member account IDs that received the invitations you
+    #   want to delete.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DeleteInvitationsRequest AWS API Documentation
@@ -19430,7 +19635,7 @@ module Aws::SecurityHub
     #   The value for this field in a member account matches the value in
     #   the administrator account. For accounts that aren't part of an
     #   organization, the default value of this field is `SECURITY_CONTROL`
-    #   if you enabled Security Hub on or after February 9, 2023.
+    #   if you enabled Security Hub on or after February 23, 2023.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/DescribeHubResponse AWS API Documentation
@@ -19794,7 +19999,7 @@ module Aws::SecurityHub
     #   The value for this field in a member account matches the value in
     #   the administrator account. For accounts that aren't part of an
     #   organization, the default value of this field is `SECURITY_CONTROL`
-    #   if you enabled Security Hub on or after February 9, 2023.
+    #   if you enabled Security Hub on or after February 23, 2023.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/EnableSecurityHubRequest AWS API Documentation
@@ -21753,7 +21958,8 @@ module Aws::SecurityHub
     #   @return [Integer]
     #
     # @!attribute [rw] parent_pid
-    #   The parent process ID.
+    #   The parent process ID. This field accepts positive integers between
+    #   `O` and `2147483647`.
     #   @return [Integer]
     #
     # @!attribute [rw] launched_at
@@ -21866,6 +22072,20 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # Describes a virtual private gateway propagating route.
+    #
+    # @!attribute [rw] gateway_id
+    #   The ID of the virtual private gateway.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/PropagatingVgwSetDetails AWS API Documentation
+    #
+    class PropagatingVgwSetDetails < Struct.new(
+      :gateway_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Identifies where the sensitive data begins and ends.
     #
     # @!attribute [rw] start
@@ -22425,6 +22645,12 @@ module Aws::SecurityHub
     #   Details about an WAFv2 rule group.
     #   @return [Types::AwsWafv2RuleGroupDetails]
     #
+    # @!attribute [rw] aws_ec2_route_table
+    #   Provides details about a route table. A route table contains a set
+    #   of rules, called routes, that determine where to direct network
+    #   traffic from your subnet or gateway.
+    #   @return [Types::AwsEc2RouteTableDetails]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/ResourceDetails AWS API Documentation
     #
     class ResourceDetails < Struct.new(
@@ -22510,7 +22736,8 @@ module Aws::SecurityHub
       :aws_ec2_launch_template,
       :aws_sage_maker_notebook_instance,
       :aws_wafv_2_web_acl,
-      :aws_wafv_2_rule_group)
+      :aws_wafv_2_rule_group,
+      :aws_ec2_route_table)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -22553,6 +22780,95 @@ module Aws::SecurityHub
       include Aws::Structure
     end
 
+    # Provides details about the routes in the route table.
+    #
+    # @!attribute [rw] carrier_gateway_id
+    #   The ID of the carrier gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] core_network_arn
+    #   The Amazon Resource Name (ARN) of the core network.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_cidr_block
+    #   The IPv4 CIDR block used for the destination match.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_ipv_6_cidr_block
+    #   The IPv6 CIDR block used for the destination match.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_prefix_list_id
+    #   The prefix of the destination Amazon Web Service.
+    #   @return [String]
+    #
+    # @!attribute [rw] egress_only_internet_gateway_id
+    #   The ID of the egress-only internet gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] gateway_id
+    #   The ID of a gateway attached to your VPC.
+    #   @return [String]
+    #
+    # @!attribute [rw] instance_id
+    #   The ID of a NAT instance in your VPC.
+    #   @return [String]
+    #
+    # @!attribute [rw] instance_owner_id
+    #   The ID of the Amazon Web Services account that owns the instance.
+    #   @return [String]
+    #
+    # @!attribute [rw] local_gateway_id
+    #   The ID of the local gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] nat_gateway_id
+    #   The ID of a NAT gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] network_interface_id
+    #   The ID of the network interface.
+    #   @return [String]
+    #
+    # @!attribute [rw] origin
+    #   Describes how the route was created.
+    #   @return [String]
+    #
+    # @!attribute [rw] state
+    #   The state of the route.
+    #   @return [String]
+    #
+    # @!attribute [rw] transit_gateway_id
+    #   The ID of a transit gateway.
+    #   @return [String]
+    #
+    # @!attribute [rw] vpc_peering_connection_id
+    #   The ID of a VPC peering connection.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/RouteSetDetails AWS API Documentation
+    #
+    class RouteSetDetails < Struct.new(
+      :carrier_gateway_id,
+      :core_network_arn,
+      :destination_cidr_block,
+      :destination_ipv_6_cidr_block,
+      :destination_prefix_list_id,
+      :egress_only_internet_gateway_id,
+      :gateway_id,
+      :instance_id,
+      :instance_owner_id,
+      :local_gateway_id,
+      :nat_gateway_id,
+      :network_interface_id,
+      :origin,
+      :state,
+      :transit_gateway_id,
+      :vpc_peering_connection_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Details about the rule group.
     #
     # @!attribute [rw] rule_variables

data/lib/aws-sdk-securityhub.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-securityhub/customizations'
 # @!group service
 module Aws::SecurityHub
 
-  GEM_VERSION = '1.78.0'
+  GEM_VERSION = '1.79.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-securityhub
 version: !ruby/object:Gem::Version
-  version: 1.78.0
+  version: 1.79.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-02-24 00:00:00.000000000 Z
+date: 2023-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core