@aws-sdk/client-securityhub 3.1043.0 → 3.1045.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (59) hide show
  1. package/README.md +14 -0
  2. package/dist-cjs/index.js +47 -0
  3. package/dist-cjs/schemas/schemas_0.js +72 -11
  4. package/dist-es/SecurityHub.js +6 -0
  5. package/dist-es/commands/GenerateRecommendedPolicyV2Command.js +16 -0
  6. package/dist-es/commands/GetRecommendedPolicyV2Command.js +16 -0
  7. package/dist-es/commands/index.js +2 -0
  8. package/dist-es/models/enums.js +12 -0
  9. package/dist-es/pagination/GetRecommendedPolicyV2Paginator.js +4 -0
  10. package/dist-es/pagination/index.js +1 -0
  11. package/dist-es/schemas/schemas_0.js +63 -2
  12. package/dist-types/SecurityHub.d.ts +21 -0
  13. package/dist-types/SecurityHubClient.d.ts +4 -2
  14. package/dist-types/commands/BatchGetAutomationRulesCommand.d.ts +5 -0
  15. package/dist-types/commands/BatchUpdateAutomationRulesCommand.d.ts +5 -0
  16. package/dist-types/commands/CreateAutomationRuleCommand.d.ts +5 -0
  17. package/dist-types/commands/CreateAutomationRuleV2Command.d.ts +2 -0
  18. package/dist-types/commands/CreateInsightCommand.d.ts +5 -0
  19. package/dist-types/commands/GenerateRecommendedPolicyV2Command.d.ts +96 -0
  20. package/dist-types/commands/GetAutomationRuleV2Command.d.ts +2 -0
  21. package/dist-types/commands/GetFindingStatisticsV2Command.d.ts +2 -0
  22. package/dist-types/commands/GetFindingsCommand.d.ts +5 -0
  23. package/dist-types/commands/GetFindingsV2Command.d.ts +2 -0
  24. package/dist-types/commands/GetInsightsCommand.d.ts +5 -0
  25. package/dist-types/commands/GetRecommendedPolicyV2Command.d.ts +118 -0
  26. package/dist-types/commands/GetResourcesStatisticsV2Command.d.ts +2 -0
  27. package/dist-types/commands/GetResourcesV2Command.d.ts +2 -0
  28. package/dist-types/commands/ListMembersCommand.d.ts +1 -1
  29. package/dist-types/commands/ListOrganizationAdminAccountsCommand.d.ts +1 -1
  30. package/dist-types/commands/ListSecurityControlDefinitionsCommand.d.ts +1 -1
  31. package/dist-types/commands/ListStandardsControlAssociationsCommand.d.ts +1 -2
  32. package/dist-types/commands/UpdateAutomationRuleV2Command.d.ts +2 -0
  33. package/dist-types/commands/UpdateFindingsCommand.d.ts +5 -0
  34. package/dist-types/commands/UpdateInsightCommand.d.ts +5 -0
  35. package/dist-types/commands/index.d.ts +2 -0
  36. package/dist-types/models/enums.d.ts +36 -0
  37. package/dist-types/models/models_0.d.ts +9 -4
  38. package/dist-types/models/models_2.d.ts +157 -168
  39. package/dist-types/models/models_3.d.ts +169 -3
  40. package/dist-types/pagination/GetRecommendedPolicyV2Paginator.d.ts +7 -0
  41. package/dist-types/pagination/index.d.ts +1 -0
  42. package/dist-types/schemas/schemas_0.d.ts +9 -0
  43. package/dist-types/ts3.4/SecurityHub.d.ts +41 -0
  44. package/dist-types/ts3.4/SecurityHubClient.d.ts +12 -0
  45. package/dist-types/ts3.4/commands/GenerateRecommendedPolicyV2Command.d.ts +51 -0
  46. package/dist-types/ts3.4/commands/GetRecommendedPolicyV2Command.d.ts +51 -0
  47. package/dist-types/ts3.4/commands/ListMembersCommand.d.ts +1 -1
  48. package/dist-types/ts3.4/commands/ListOrganizationAdminAccountsCommand.d.ts +1 -1
  49. package/dist-types/ts3.4/commands/ListSecurityControlDefinitionsCommand.d.ts +1 -1
  50. package/dist-types/ts3.4/commands/ListStandardsControlAssociationsCommand.d.ts +4 -2
  51. package/dist-types/ts3.4/commands/index.d.ts +2 -0
  52. package/dist-types/ts3.4/models/enums.d.ts +18 -0
  53. package/dist-types/ts3.4/models/models_0.d.ts +2 -0
  54. package/dist-types/ts3.4/models/models_2.d.ts +47 -34
  55. package/dist-types/ts3.4/models/models_3.d.ts +37 -1
  56. package/dist-types/ts3.4/pagination/GetRecommendedPolicyV2Paginator.d.ts +11 -0
  57. package/dist-types/ts3.4/pagination/index.d.ts +1 -0
  58. package/dist-types/ts3.4/schemas/schemas_0.d.ts +9 -0
  59. package/package.json +1 -1
@@ -1,6 +1,6 @@
1
1
  import type { DocumentType as __DocumentType } from "@smithy/types";
2
- import type { AssociationStatus, AssociationType, AutoEnableStandards, BatchUpdateFindingsV2UnprocessedFindingErrorCode, ConfigurationPolicyAssociationStatus, ConnectorAuthStatus, ConnectorProviderName, ConnectorStatus, ControlFindingGenerator, ControlStatus, FindingHistoryUpdateSourceType, FindingsTrendsStringField, GranularityField, IntegrationType, IntegrationV2Type, OcsfBooleanField, OcsfDateField, OcsfIpField, OcsfMapField, OcsfNumberField, OcsfStringField, OrganizationConfigurationConfigurationType, OrganizationConfigurationStatus, ParameterValueType, Partition, RecordState, RegionAvailabilityStatus, ResourceCategory, ResourcesDateField, ResourcesMapField, ResourcesNumberField, ResourcesStringField, ResourcesTrendsStringField, RuleStatus, SecurityControlProperty, SecurityHubFeature, SeverityLabel, SeverityRating, SortOrder, StandardsControlsUpdatable, StandardsStatus, StatusReasonCode, TargetType, ThreatIntelIndicatorCategory, ThreatIntelIndicatorType, TicketCreationMode, UnprocessedErrorCode, UpdateStatus, VerificationState, VulnerabilityExploitAvailable, VulnerabilityFixAvailable, WorkflowState, WorkflowStatus } from "./enums";
3
- import type { AccountDetails, Action, ActionTarget, Adjustment, AdminAccount, AggregatorV2, AssociationFilters, AutomationRulesAction, AutomationRulesConfig, AutomationRulesFindingFilters, AutomationRulesMetadata, AutomationRulesMetadataV2, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAthenaWorkGroupDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDmsEndpointDetails, AwsDmsReplicationInstanceDetails, AwsDmsReplicationTaskDetails, AwsDynamoDbTableDetails, AwsEc2ClientVpnEndpointDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, DateFilter, MapFilter, NoteUpdate, NumberFilter, RelatedFinding, SeverityUpdate, StringFilter, WorkflowUpdate } from "./models_0";
2
+ import type { AssociationStatus, AssociationType, AutoEnableStandards, BatchUpdateFindingsV2UnprocessedFindingErrorCode, ConfigurationPolicyAssociationStatus, ConnectorAuthStatus, ConnectorProviderName, ConnectorStatus, ControlFindingGenerator, ControlStatus, FindingHistoryUpdateSourceType, FindingsTrendsStringField, GranularityField, IntegrationType, IntegrationV2Type, OcsfBooleanField, OcsfDateField, OcsfIpField, OcsfMapField, OcsfNumberField, OcsfStringField, OrganizationConfigurationConfigurationType, OrganizationConfigurationStatus, ParameterValueType, Partition, RecommendationStatus, RecommendationType, RecordState, RegionAvailabilityStatus, ResourceCategory, ResourcesDateField, ResourcesMapField, ResourcesNumberField, ResourcesStringField, ResourcesTrendsStringField, RuleStatus, SecurityControlProperty, SecurityHubFeature, SeverityLabel, SeverityRating, SortOrder, StandardsControlsUpdatable, StandardsStatus, StatusReasonCode, TargetType, ThreatIntelIndicatorCategory, ThreatIntelIndicatorType, TicketCreationMode, UnprocessedErrorCode, UpdateStatus, VerificationState, VulnerabilityExploitAvailable, VulnerabilityFixAvailable, WorkflowState, WorkflowStatus } from "./enums";
3
+ import type { AccountDetails, Action, ActionTarget, Adjustment, AggregatorV2, AssociationFilters, AutomationRulesAction, AutomationRulesConfig, AutomationRulesFindingFilters, AutomationRulesMetadata, AutomationRulesMetadataV2, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAthenaWorkGroupDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDmsEndpointDetails, AwsDmsReplicationInstanceDetails, AwsDmsReplicationTaskDetails, AwsDynamoDbTableDetails, AwsEc2ClientVpnEndpointDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, DateFilter, MapFilter, NoteUpdate, NumberFilter, RelatedFinding, SeverityUpdate, StringFilter, WorkflowUpdate } from "./models_0";
4
4
  import type { AwsEcsTaskDefinitionDetails, AwsEcsTaskDetails, AwsEfsAccessPointDetails, AwsEksClusterDetails, AwsElasticBeanstalkEnvironmentDetails, AwsElasticsearchDomainDetails, AwsElbLoadBalancerDetails, AwsElbv2LoadBalancerDetails, AwsEventSchemasRegistryDetails, AwsEventsEndpointDetails, AwsEventsEventbusDetails, AwsGuardDutyDetectorDetails, AwsIamAccessKeyDetails, AwsIamGroupDetails, AwsIamPolicyDetails, AwsIamRoleDetails, AwsIamUserDetails, AwsKinesisStreamDetails, AwsKmsKeyDetails, AwsLambdaFunctionDetails, AwsLambdaLayerVersionDetails, AwsMskClusterDetails, AwsNetworkFirewallFirewallDetails, AwsNetworkFirewallFirewallPolicyDetails, AwsNetworkFirewallRuleGroupDetails, AwsOpenSearchServiceDomainDetails, AwsOrganizationScope, AwsRdsDbClusterDetails, AwsRdsDbClusterSnapshotDetails, AwsRdsDbInstanceDetails, AwsRdsDbSecurityGroupDetails, AwsRdsDbSnapshotDetails, AwsRdsEventSubscriptionDetails, AwsRedshiftClusterDetails, AwsRoute53HostedZoneDetails, AwsS3AccessPointDetails, AwsS3AccountPublicAccessBlockDetails, AwsS3BucketDetails, AwsS3ObjectDetails, AwsSageMakerNotebookInstanceDetails, AwsSecretsManagerSecretDetails, AwsSnsTopicDetails, AwsSqsQueueDetails, AwsSsmPatchComplianceDetails, AwsStepFunctionStateMachineDetails, AwsWafRateBasedRuleDetails, AwsWafRegionalRateBasedRuleDetails, AwsWafRegionalRuleDetails, AwsWafRegionalRuleGroupDetails, AwsWafRegionalWebAclDetails, AwsWafRuleDetails, AwsWafRuleGroupDetails, Compliance, DataClassificationDetails, Detection, FindingProviderFields, GeneratorDetails, Malware, Network, NetworkPathComponent, Note, PatchSummary, ProcessDetails, Remediation } from "./models_1";
5
5
  /**
6
6
  * <p>
@@ -6894,6 +6894,21 @@ export interface FindingsTrendsStringFilter {
6894
6894
  */
6895
6895
  Filter?: StringFilter | undefined;
6896
6896
  }
6897
+ /**
6898
+ * @public
6899
+ */
6900
+ export interface GenerateRecommendedPolicyV2Request {
6901
+ /**
6902
+ * <p>The unique identifier (ID) of Security Hub OCSF findings found under the <code>metadata.uid</code> field of the finding.</p>
6903
+ * @public
6904
+ */
6905
+ MetadataUid: string | undefined;
6906
+ }
6907
+ /**
6908
+ * @public
6909
+ */
6910
+ export interface GenerateRecommendedPolicyV2Response {
6911
+ }
6897
6912
  /**
6898
6913
  * @public
6899
6914
  */
@@ -7937,6 +7952,146 @@ export interface GetMembersResponse {
7937
7952
  */
7938
7953
  UnprocessedAccounts?: Result[] | undefined;
7939
7954
  }
7955
+ /**
7956
+ * @public
7957
+ */
7958
+ export interface GetRecommendedPolicyV2Request {
7959
+ /**
7960
+ * <p>The unique identifier (ID) of Security Hub OCSF findings found under the <code>metadata.uid</code> field of the finding.</p>
7961
+ * @public
7962
+ */
7963
+ MetadataUid: string | undefined;
7964
+ /**
7965
+ * <p>The token used to paginate the <code>RecommendationSteps</code> list returned.
7966
+ * On your first call to <code>GetRecommendedPolicyV2</code>, omit this parameter or set it
7967
+ * to <code>NULL</code>. For subsequent calls, use the <code>NextToken</code> value returned in
7968
+ * the previous response to retrieve the next page of results.</p>
7969
+ * @public
7970
+ */
7971
+ NextToken?: string | undefined;
7972
+ /**
7973
+ * <p>The maximum number of recommendation steps to return.</p>
7974
+ * @public
7975
+ */
7976
+ MaxResults?: number | undefined;
7977
+ }
7978
+ /**
7979
+ * <p>Contains information about the reason that the retrieval of a recommended policy for a finding failed.</p>
7980
+ * @public
7981
+ */
7982
+ export interface RecommendationError {
7983
+ /**
7984
+ * <p>The error code for a failed retrieval of a recommended policy for a finding.</p>
7985
+ * @public
7986
+ */
7987
+ Code?: string | undefined;
7988
+ /**
7989
+ * <p>The error message for a failed retrieval of a recommended policy for a finding.</p>
7990
+ * @public
7991
+ */
7992
+ Message?: string | undefined;
7993
+ }
7994
+ /**
7995
+ * <p>Contains information about the action to take for a policy in an unused permissions finding.</p>
7996
+ * @public
7997
+ */
7998
+ export interface UnusedPermissionsRecommendationStep {
7999
+ /**
8000
+ * <p>A recommendation of whether to create or detach a policy for an unused permissions finding.</p>
8001
+ * @public
8002
+ */
8003
+ RecommendedAction?: string | undefined;
8004
+ /**
8005
+ * <p>The contents of the existing policy identified by <code>ExistingPolicyId</code> which needs to be replaced,
8006
+ * when the <code>RecommendedAction</code> is <code>CREATE_POLICY</code>.</p>
8007
+ * @public
8008
+ */
8009
+ ExistingPolicy?: string | undefined;
8010
+ /**
8011
+ * <p>The ID of an existing policy to be replaced or detached.</p>
8012
+ * @public
8013
+ */
8014
+ ExistingPolicyId?: string | undefined;
8015
+ /**
8016
+ * <p>The time at which the existing policy for the unused permissions finding was last updated.</p>
8017
+ * @public
8018
+ */
8019
+ PolicyUpdatedAt?: Date | undefined;
8020
+ /**
8021
+ * <p>The contents of the least-privileged recommended replacement for <code>ExistingPolicyId</code>,
8022
+ * when the <code>RecommendedAction</code> is <code>CREATE_POLICY</code>.</p>
8023
+ * @public
8024
+ */
8025
+ RecommendedPolicy?: string | undefined;
8026
+ }
8027
+ /**
8028
+ * <p>Contains information about a recommended step to remediate a Security Hub finding.</p>
8029
+ * @public
8030
+ */
8031
+ export type RecommendationStep = RecommendationStep.UnusedPermissionsMember | RecommendationStep.$UnknownMember;
8032
+ /**
8033
+ * @public
8034
+ */
8035
+ export declare namespace RecommendationStep {
8036
+ /**
8037
+ * <p>A recommended step to remediate an unused permissions finding.</p>
8038
+ * @public
8039
+ */
8040
+ interface UnusedPermissionsMember {
8041
+ UnusedPermissions: UnusedPermissionsRecommendationStep;
8042
+ $unknown?: never;
8043
+ }
8044
+ /**
8045
+ * @public
8046
+ */
8047
+ interface $UnknownMember {
8048
+ UnusedPermissions?: never;
8049
+ $unknown: [string, any];
8050
+ }
8051
+ /**
8052
+ * @deprecated unused in schema-serde mode.
8053
+ *
8054
+ */
8055
+ interface Visitor<T> {
8056
+ UnusedPermissions: (value: UnusedPermissionsRecommendationStep) => T;
8057
+ _: (name: string, value: any) => T;
8058
+ }
8059
+ }
8060
+ /**
8061
+ * @public
8062
+ */
8063
+ export interface GetRecommendedPolicyV2Response {
8064
+ /**
8065
+ * <p>The pagination token to use to request the next page of results.</p>
8066
+ * @public
8067
+ */
8068
+ NextToken?: string | undefined;
8069
+ /**
8070
+ * <p>The type of recommendation for the finding.</p>
8071
+ * @public
8072
+ */
8073
+ RecommendationType?: RecommendationType | undefined;
8074
+ /**
8075
+ * <p>The recommended steps to take to resolve the finding.</p>
8076
+ * @public
8077
+ */
8078
+ RecommendationSteps?: RecommendationStep[] | undefined;
8079
+ /**
8080
+ * <p>Detailed information for a <code>FAILED</code> retrieval status.</p>
8081
+ * @public
8082
+ */
8083
+ Error?: RecommendationError | undefined;
8084
+ /**
8085
+ * <p>The current status of the recommended policy retrieval.</p>
8086
+ * @public
8087
+ */
8088
+ Status?: RecommendationStatus | undefined;
8089
+ /**
8090
+ * <p>The ARN of the resource of the finding.</p>
8091
+ * @public
8092
+ */
8093
+ ResourceArn?: string | undefined;
8094
+ }
7940
8095
  /**
7941
8096
  * <p>Enables the filtering of Amazon Web Services resources based on date and timestamp attributes.</p>
7942
8097
  * @public
@@ -8769,169 +8924,3 @@ export interface ListInvitationsResponse {
8769
8924
  */
8770
8925
  NextToken?: string | undefined;
8771
8926
  }
8772
- /**
8773
- * @public
8774
- */
8775
- export interface ListMembersRequest {
8776
- /**
8777
- * <p>Specifies which member accounts to include in the response based on their relationship
8778
- * status with the administrator account. The default value is <code>TRUE</code>.</p>
8779
- * <p>If <code>OnlyAssociated</code> is set to <code>TRUE</code>, the response includes member
8780
- * accounts whose relationship status with the administrator account is set to <code>ENABLED</code>.</p>
8781
- * <p>If <code>OnlyAssociated</code> is set to <code>FALSE</code>, the response includes all
8782
- * existing member accounts. </p>
8783
- * @public
8784
- */
8785
- OnlyAssociated?: boolean | undefined;
8786
- /**
8787
- * <p>The maximum number of items to return in the response. </p>
8788
- * @public
8789
- */
8790
- MaxResults?: number | undefined;
8791
- /**
8792
- * <p>The token that is required for pagination. On your first call to the
8793
- * <code>ListMembers</code> operation, set the value of this parameter to
8794
- * <code>NULL</code>.</p>
8795
- * <p>For subsequent calls to the operation, to continue listing data, set the value of this
8796
- * parameter to the value returned from the previous response.</p>
8797
- * @public
8798
- */
8799
- NextToken?: string | undefined;
8800
- }
8801
- /**
8802
- * @public
8803
- */
8804
- export interface ListMembersResponse {
8805
- /**
8806
- * <p>Member details returned by the operation.</p>
8807
- * @public
8808
- */
8809
- Members?: Member[] | undefined;
8810
- /**
8811
- * <p>The pagination token to use to request the next page of results.</p>
8812
- * @public
8813
- */
8814
- NextToken?: string | undefined;
8815
- }
8816
- /**
8817
- * @public
8818
- */
8819
- export interface ListOrganizationAdminAccountsRequest {
8820
- /**
8821
- * <p>The maximum number of items to return in the response.</p>
8822
- * @public
8823
- */
8824
- MaxResults?: number | undefined;
8825
- /**
8826
- * <p>The token that is required for pagination. On your first call to the
8827
- * <code>ListOrganizationAdminAccounts</code> operation, set the value of this parameter to
8828
- * <code>NULL</code>. For subsequent calls to the operation, to continue listing data, set
8829
- * the value of this parameter to the value returned from the previous response. </p>
8830
- * @public
8831
- */
8832
- NextToken?: string | undefined;
8833
- /**
8834
- * <p>The feature where the delegated administrator account is listed.
8835
- * Defaults to Security Hub CSPM if not specified.</p>
8836
- * @public
8837
- */
8838
- Feature?: SecurityHubFeature | undefined;
8839
- }
8840
- /**
8841
- * @public
8842
- */
8843
- export interface ListOrganizationAdminAccountsResponse {
8844
- /**
8845
- * <p>The list of Security Hub CSPM administrator accounts.</p>
8846
- * @public
8847
- */
8848
- AdminAccounts?: AdminAccount[] | undefined;
8849
- /**
8850
- * <p>The pagination token to use to request the next page of results.</p>
8851
- * @public
8852
- */
8853
- NextToken?: string | undefined;
8854
- /**
8855
- * <p>The feature where the delegated administrator account is listed.
8856
- * Defaults to Security Hub CSPM CSPM if not specified.</p>
8857
- * @public
8858
- */
8859
- Feature?: SecurityHubFeature | undefined;
8860
- }
8861
- /**
8862
- * @public
8863
- */
8864
- export interface ListSecurityControlDefinitionsRequest {
8865
- /**
8866
- * <p>
8867
- * The Amazon Resource Name (ARN) of the standard that you want to view controls for.
8868
- * </p>
8869
- * @public
8870
- */
8871
- StandardsArn?: string | undefined;
8872
- /**
8873
- * <p>
8874
- * Optional pagination parameter.
8875
- * </p>
8876
- * @public
8877
- */
8878
- NextToken?: string | undefined;
8879
- /**
8880
- * <p> An optional parameter that limits the total results of the API response to the
8881
- * specified number. If this parameter isn't provided in the request, the results include the
8882
- * first 25 security controls that apply to the specified standard. The results also include a
8883
- * <code>NextToken</code> parameter that you can use in a subsequent API call to get the
8884
- * next 25 controls. This repeats until all controls for the standard are returned. </p>
8885
- * @public
8886
- */
8887
- MaxResults?: number | undefined;
8888
- }
8889
- /**
8890
- * @public
8891
- */
8892
- export interface ListSecurityControlDefinitionsResponse {
8893
- /**
8894
- * <p>
8895
- * An array of controls that apply to the specified standard.
8896
- * </p>
8897
- * @public
8898
- */
8899
- SecurityControlDefinitions: SecurityControlDefinition[] | undefined;
8900
- /**
8901
- * <p> A pagination parameter that's included in the response only if it was included in the
8902
- * request. </p>
8903
- * @public
8904
- */
8905
- NextToken?: string | undefined;
8906
- }
8907
- /**
8908
- * @public
8909
- */
8910
- export interface ListStandardsControlAssociationsRequest {
8911
- /**
8912
- * <p>
8913
- * The identifier of the control (identified with <code>SecurityControlId</code>, <code>SecurityControlArn</code>, or a mix of both parameters) that you
8914
- * want to determine the enablement status of in each enabled standard.
8915
- * </p>
8916
- * @public
8917
- */
8918
- SecurityControlId: string | undefined;
8919
- /**
8920
- * <p>
8921
- * Optional pagination parameter.
8922
- * </p>
8923
- * @public
8924
- */
8925
- NextToken?: string | undefined;
8926
- /**
8927
- * <p> An optional parameter that limits the total results of the API response to the
8928
- * specified number. If this parameter isn't provided in the request, the results include the
8929
- * first 25 standard and control associations. The results also include a
8930
- * <code>NextToken</code> parameter that you can use in a subsequent API call to get the
8931
- * next 25 associations. This repeats until all associations for the specified control are
8932
- * returned. The number of results is limited by the number of supported Security Hub CSPM
8933
- * standards that you've enabled in the calling account. </p>
8934
- * @public
8935
- */
8936
- MaxResults?: number | undefined;
8937
- }
@@ -1,6 +1,172 @@
1
- import type { AllowedOperators, AssociationStatus, AssociationType, AutoEnableStandards, ConfigurationPolicyAssociationStatus, ControlFindingGenerator, ControlStatus, GroupByField, RecordState, ResourceGroupByField, RuleStatusV2, SortOrder, TargetType } from "./enums";
2
- import type { AutomationRulesActionV2, NoteUpdate } from "./models_0";
3
- import type { AwsSecurityFindingFilters, FindingScopes, FindingsTrendsStringFilter, JiraCloudUpdateConfiguration, OcsfBooleanFilter, OcsfDateFilter, OcsfIpFilter, OcsfMapFilter, OcsfNumberFilter, OcsfStringFilter, OrganizationConfiguration, ParameterConfiguration, Policy, ResourceScopes, ResourcesDateFilter, ResourcesMapFilter, ResourcesNumberFilter, ResourcesStringFilter, ResourcesTrendsStringFilter, SortCriterion, Target } from "./models_2";
1
+ import type { AllowedOperators, AssociationStatus, AssociationType, AutoEnableStandards, ConfigurationPolicyAssociationStatus, ControlFindingGenerator, ControlStatus, GroupByField, RecordState, ResourceGroupByField, RuleStatusV2, SecurityHubFeature, SortOrder, TargetType } from "./enums";
2
+ import type { AdminAccount, AutomationRulesActionV2, NoteUpdate } from "./models_0";
3
+ import type { AwsSecurityFindingFilters, FindingScopes, FindingsTrendsStringFilter, JiraCloudUpdateConfiguration, Member, OcsfBooleanFilter, OcsfDateFilter, OcsfIpFilter, OcsfMapFilter, OcsfNumberFilter, OcsfStringFilter, OrganizationConfiguration, ParameterConfiguration, Policy, ResourceScopes, ResourcesDateFilter, ResourcesMapFilter, ResourcesNumberFilter, ResourcesStringFilter, ResourcesTrendsStringFilter, SecurityControlDefinition, SortCriterion, Target } from "./models_2";
4
+ /**
5
+ * @public
6
+ */
7
+ export interface ListMembersRequest {
8
+ /**
9
+ * <p>Specifies which member accounts to include in the response based on their relationship
10
+ * status with the administrator account. The default value is <code>TRUE</code>.</p>
11
+ * <p>If <code>OnlyAssociated</code> is set to <code>TRUE</code>, the response includes member
12
+ * accounts whose relationship status with the administrator account is set to <code>ENABLED</code>.</p>
13
+ * <p>If <code>OnlyAssociated</code> is set to <code>FALSE</code>, the response includes all
14
+ * existing member accounts. </p>
15
+ * @public
16
+ */
17
+ OnlyAssociated?: boolean | undefined;
18
+ /**
19
+ * <p>The maximum number of items to return in the response. </p>
20
+ * @public
21
+ */
22
+ MaxResults?: number | undefined;
23
+ /**
24
+ * <p>The token that is required for pagination. On your first call to the
25
+ * <code>ListMembers</code> operation, set the value of this parameter to
26
+ * <code>NULL</code>.</p>
27
+ * <p>For subsequent calls to the operation, to continue listing data, set the value of this
28
+ * parameter to the value returned from the previous response.</p>
29
+ * @public
30
+ */
31
+ NextToken?: string | undefined;
32
+ }
33
+ /**
34
+ * @public
35
+ */
36
+ export interface ListMembersResponse {
37
+ /**
38
+ * <p>Member details returned by the operation.</p>
39
+ * @public
40
+ */
41
+ Members?: Member[] | undefined;
42
+ /**
43
+ * <p>The pagination token to use to request the next page of results.</p>
44
+ * @public
45
+ */
46
+ NextToken?: string | undefined;
47
+ }
48
+ /**
49
+ * @public
50
+ */
51
+ export interface ListOrganizationAdminAccountsRequest {
52
+ /**
53
+ * <p>The maximum number of items to return in the response.</p>
54
+ * @public
55
+ */
56
+ MaxResults?: number | undefined;
57
+ /**
58
+ * <p>The token that is required for pagination. On your first call to the
59
+ * <code>ListOrganizationAdminAccounts</code> operation, set the value of this parameter to
60
+ * <code>NULL</code>. For subsequent calls to the operation, to continue listing data, set
61
+ * the value of this parameter to the value returned from the previous response. </p>
62
+ * @public
63
+ */
64
+ NextToken?: string | undefined;
65
+ /**
66
+ * <p>The feature where the delegated administrator account is listed.
67
+ * Defaults to Security Hub CSPM if not specified.</p>
68
+ * @public
69
+ */
70
+ Feature?: SecurityHubFeature | undefined;
71
+ }
72
+ /**
73
+ * @public
74
+ */
75
+ export interface ListOrganizationAdminAccountsResponse {
76
+ /**
77
+ * <p>The list of Security Hub CSPM administrator accounts.</p>
78
+ * @public
79
+ */
80
+ AdminAccounts?: AdminAccount[] | undefined;
81
+ /**
82
+ * <p>The pagination token to use to request the next page of results.</p>
83
+ * @public
84
+ */
85
+ NextToken?: string | undefined;
86
+ /**
87
+ * <p>The feature where the delegated administrator account is listed.
88
+ * Defaults to Security Hub CSPM CSPM if not specified.</p>
89
+ * @public
90
+ */
91
+ Feature?: SecurityHubFeature | undefined;
92
+ }
93
+ /**
94
+ * @public
95
+ */
96
+ export interface ListSecurityControlDefinitionsRequest {
97
+ /**
98
+ * <p>
99
+ * The Amazon Resource Name (ARN) of the standard that you want to view controls for.
100
+ * </p>
101
+ * @public
102
+ */
103
+ StandardsArn?: string | undefined;
104
+ /**
105
+ * <p>
106
+ * Optional pagination parameter.
107
+ * </p>
108
+ * @public
109
+ */
110
+ NextToken?: string | undefined;
111
+ /**
112
+ * <p> An optional parameter that limits the total results of the API response to the
113
+ * specified number. If this parameter isn't provided in the request, the results include the
114
+ * first 25 security controls that apply to the specified standard. The results also include a
115
+ * <code>NextToken</code> parameter that you can use in a subsequent API call to get the
116
+ * next 25 controls. This repeats until all controls for the standard are returned. </p>
117
+ * @public
118
+ */
119
+ MaxResults?: number | undefined;
120
+ }
121
+ /**
122
+ * @public
123
+ */
124
+ export interface ListSecurityControlDefinitionsResponse {
125
+ /**
126
+ * <p>
127
+ * An array of controls that apply to the specified standard.
128
+ * </p>
129
+ * @public
130
+ */
131
+ SecurityControlDefinitions: SecurityControlDefinition[] | undefined;
132
+ /**
133
+ * <p> A pagination parameter that's included in the response only if it was included in the
134
+ * request. </p>
135
+ * @public
136
+ */
137
+ NextToken?: string | undefined;
138
+ }
139
+ /**
140
+ * @public
141
+ */
142
+ export interface ListStandardsControlAssociationsRequest {
143
+ /**
144
+ * <p>
145
+ * The identifier of the control (identified with <code>SecurityControlId</code>, <code>SecurityControlArn</code>, or a mix of both parameters) that you
146
+ * want to determine the enablement status of in each enabled standard.
147
+ * </p>
148
+ * @public
149
+ */
150
+ SecurityControlId: string | undefined;
151
+ /**
152
+ * <p>
153
+ * Optional pagination parameter.
154
+ * </p>
155
+ * @public
156
+ */
157
+ NextToken?: string | undefined;
158
+ /**
159
+ * <p> An optional parameter that limits the total results of the API response to the
160
+ * specified number. If this parameter isn't provided in the request, the results include the
161
+ * first 25 standard and control associations. The results also include a
162
+ * <code>NextToken</code> parameter that you can use in a subsequent API call to get the
163
+ * next 25 associations. This repeats until all associations for the specified control are
164
+ * returned. The number of results is limited by the number of supported Security Hub CSPM
165
+ * standards that you've enabled in the calling account. </p>
166
+ * @public
167
+ */
168
+ MaxResults?: number | undefined;
169
+ }
4
170
  /**
5
171
  * <p> An array that provides the enablement status and other details for each control that
6
172
  * applies to each enabled standard. </p>
@@ -0,0 +1,7 @@
1
+ import type { Paginator } from "@smithy/types";
2
+ import { GetRecommendedPolicyV2CommandInput, GetRecommendedPolicyV2CommandOutput } from "../commands/GetRecommendedPolicyV2Command";
3
+ import type { SecurityHubPaginationConfiguration } from "./Interfaces";
4
+ /**
5
+ * @public
6
+ */
7
+ export declare const paginateGetRecommendedPolicyV2: (config: SecurityHubPaginationConfiguration, input: GetRecommendedPolicyV2CommandInput, ...rest: any[]) => Paginator<GetRecommendedPolicyV2CommandOutput>;
@@ -10,6 +10,7 @@ export * from "./GetFindingsPaginator";
10
10
  export * from "./GetFindingsTrendsV2Paginator";
11
11
  export * from "./GetFindingsV2Paginator";
12
12
  export * from "./GetInsightsPaginator";
13
+ export * from "./GetRecommendedPolicyV2Paginator";
13
14
  export * from "./GetResourcesTrendsV2Paginator";
14
15
  export * from "./GetResourcesV2Paginator";
15
16
  export * from "./ListAggregatorsV2Paginator";
@@ -700,6 +700,8 @@ export declare var FirewallPolicyDetails$: StaticStructureSchema;
700
700
  export declare var FirewallPolicyStatefulRuleGroupReferencesDetails$: StaticStructureSchema;
701
701
  export declare var FirewallPolicyStatelessCustomActionsDetails$: StaticStructureSchema;
702
702
  export declare var FirewallPolicyStatelessRuleGroupReferencesDetails$: StaticStructureSchema;
703
+ export declare var GenerateRecommendedPolicyV2Request$: StaticStructureSchema;
704
+ export declare var GenerateRecommendedPolicyV2Response$: StaticStructureSchema;
703
705
  export declare var GeneratorDetails$: StaticStructureSchema;
704
706
  export declare var GeoLocation$: StaticStructureSchema;
705
707
  export declare var GetAdministratorAccountRequest$: StaticStructureSchema;
@@ -738,6 +740,8 @@ export declare var GetMasterAccountRequest$: StaticStructureSchema;
738
740
  export declare var GetMasterAccountResponse$: StaticStructureSchema;
739
741
  export declare var GetMembersRequest$: StaticStructureSchema;
740
742
  export declare var GetMembersResponse$: StaticStructureSchema;
743
+ export declare var GetRecommendedPolicyV2Request$: StaticStructureSchema;
744
+ export declare var GetRecommendedPolicyV2Response$: StaticStructureSchema;
741
745
  export declare var GetResourcesStatisticsV2Request$: StaticStructureSchema;
742
746
  export declare var GetResourcesStatisticsV2Response$: StaticStructureSchema;
743
747
  export declare var GetResourcesTrendsV2Request$: StaticStructureSchema;
@@ -837,6 +841,7 @@ export declare var PropagatingVgwSetDetails$: StaticStructureSchema;
837
841
  export declare var ProviderSummary$: StaticStructureSchema;
838
842
  export declare var Range$: StaticStructureSchema;
839
843
  export declare var Recommendation$: StaticStructureSchema;
844
+ export declare var RecommendationError$: StaticStructureSchema;
840
845
  export declare var _Record$: StaticStructureSchema;
841
846
  export declare var RegisterConnectorV2Request$: StaticStructureSchema;
842
847
  export declare var RegisterConnectorV2Response$: StaticStructureSchema;
@@ -935,6 +940,7 @@ export declare var UnprocessedStandardsControlAssociation$: StaticStructureSchem
935
940
  export declare var UnprocessedStandardsControlAssociationUpdate$: StaticStructureSchema;
936
941
  export declare var UntagResourceRequest$: StaticStructureSchema;
937
942
  export declare var UntagResourceResponse$: StaticStructureSchema;
943
+ export declare var UnusedPermissionsRecommendationStep$: StaticStructureSchema;
938
944
  export declare var UpdateActionTargetRequest$: StaticStructureSchema;
939
945
  export declare var UpdateActionTargetResponse$: StaticStructureSchema;
940
946
  export declare var UpdateAggregatorV2Request$: StaticStructureSchema;
@@ -980,6 +986,7 @@ export declare var Policy$: StaticUnionSchema;
980
986
  export declare var ProviderConfiguration$: StaticUnionSchema;
981
987
  export declare var ProviderDetail$: StaticUnionSchema;
982
988
  export declare var ProviderUpdateConfiguration$: StaticUnionSchema;
989
+ export declare var RecommendationStep$: StaticUnionSchema;
983
990
  export declare var Target$: StaticUnionSchema;
984
991
  export declare var AcceptAdministratorInvitation$: StaticOperationSchema;
985
992
  export declare var AcceptInvitation$: StaticOperationSchema;
@@ -1034,6 +1041,7 @@ export declare var EnableImportFindingsForProduct$: StaticOperationSchema;
1034
1041
  export declare var EnableOrganizationAdminAccount$: StaticOperationSchema;
1035
1042
  export declare var EnableSecurityHub$: StaticOperationSchema;
1036
1043
  export declare var EnableSecurityHubV2$: StaticOperationSchema;
1044
+ export declare var GenerateRecommendedPolicyV2$: StaticOperationSchema;
1037
1045
  export declare var GetAdministratorAccount$: StaticOperationSchema;
1038
1046
  export declare var GetAggregatorV2$: StaticOperationSchema;
1039
1047
  export declare var GetAutomationRuleV2$: StaticOperationSchema;
@@ -1052,6 +1060,7 @@ export declare var GetInsights$: StaticOperationSchema;
1052
1060
  export declare var GetInvitationsCount$: StaticOperationSchema;
1053
1061
  export declare var GetMasterAccount$: StaticOperationSchema;
1054
1062
  export declare var GetMembers$: StaticOperationSchema;
1063
+ export declare var GetRecommendedPolicyV2$: StaticOperationSchema;
1055
1064
  export declare var GetResourcesStatisticsV2$: StaticOperationSchema;
1056
1065
  export declare var GetResourcesTrendsV2$: StaticOperationSchema;
1057
1066
  export declare var GetResourcesV2$: StaticOperationSchema;
@@ -215,6 +215,10 @@ import {
215
215
  EnableSecurityHubV2CommandInput,
216
216
  EnableSecurityHubV2CommandOutput,
217
217
  } from "./commands/EnableSecurityHubV2Command";
218
+ import {
219
+ GenerateRecommendedPolicyV2CommandInput,
220
+ GenerateRecommendedPolicyV2CommandOutput,
221
+ } from "./commands/GenerateRecommendedPolicyV2Command";
218
222
  import {
219
223
  GetAdministratorAccountCommandInput,
220
224
  GetAdministratorAccountCommandOutput,
@@ -287,6 +291,10 @@ import {
287
291
  GetMembersCommandInput,
288
292
  GetMembersCommandOutput,
289
293
  } from "./commands/GetMembersCommand";
294
+ import {
295
+ GetRecommendedPolicyV2CommandInput,
296
+ GetRecommendedPolicyV2CommandOutput,
297
+ } from "./commands/GetRecommendedPolicyV2Command";
290
298
  import {
291
299
  GetResourcesStatisticsV2CommandInput,
292
300
  GetResourcesStatisticsV2CommandOutput,
@@ -1166,6 +1174,19 @@ export interface SecurityHub {
1166
1174
  options: __HttpHandlerOptions,
1167
1175
  cb: (err: any, data?: EnableSecurityHubV2CommandOutput) => void
1168
1176
  ): void;
1177
+ generateRecommendedPolicyV2(
1178
+ args: GenerateRecommendedPolicyV2CommandInput,
1179
+ options?: __HttpHandlerOptions
1180
+ ): Promise<GenerateRecommendedPolicyV2CommandOutput>;
1181
+ generateRecommendedPolicyV2(
1182
+ args: GenerateRecommendedPolicyV2CommandInput,
1183
+ cb: (err: any, data?: GenerateRecommendedPolicyV2CommandOutput) => void
1184
+ ): void;
1185
+ generateRecommendedPolicyV2(
1186
+ args: GenerateRecommendedPolicyV2CommandInput,
1187
+ options: __HttpHandlerOptions,
1188
+ cb: (err: any, data?: GenerateRecommendedPolicyV2CommandOutput) => void
1189
+ ): void;
1169
1190
  getAdministratorAccount(): Promise<GetAdministratorAccountCommandOutput>;
1170
1191
  getAdministratorAccount(
1171
1192
  args: GetAdministratorAccountCommandInput,
@@ -1413,6 +1434,19 @@ export interface SecurityHub {
1413
1434
  options: __HttpHandlerOptions,
1414
1435
  cb: (err: any, data?: GetMembersCommandOutput) => void
1415
1436
  ): void;
1437
+ getRecommendedPolicyV2(
1438
+ args: GetRecommendedPolicyV2CommandInput,
1439
+ options?: __HttpHandlerOptions
1440
+ ): Promise<GetRecommendedPolicyV2CommandOutput>;
1441
+ getRecommendedPolicyV2(
1442
+ args: GetRecommendedPolicyV2CommandInput,
1443
+ cb: (err: any, data?: GetRecommendedPolicyV2CommandOutput) => void
1444
+ ): void;
1445
+ getRecommendedPolicyV2(
1446
+ args: GetRecommendedPolicyV2CommandInput,
1447
+ options: __HttpHandlerOptions,
1448
+ cb: (err: any, data?: GetRecommendedPolicyV2CommandOutput) => void
1449
+ ): void;
1416
1450
  getResourcesStatisticsV2(
1417
1451
  args: GetResourcesStatisticsV2CommandInput,
1418
1452
  options?: __HttpHandlerOptions
@@ -1990,6 +2024,13 @@ export interface SecurityHub {
1990
2024
  Exclude<keyof PaginationConfiguration, "client">
1991
2025
  >
1992
2026
  ): Paginator<GetInsightsCommandOutput>;
2027
+ paginateGetRecommendedPolicyV2(
2028
+ args: GetRecommendedPolicyV2CommandInput,
2029
+ paginationConfig?: Pick<
2030
+ PaginationConfiguration,
2031
+ Exclude<keyof PaginationConfiguration, "client">
2032
+ >
2033
+ ): Paginator<GetRecommendedPolicyV2CommandOutput>;
1993
2034
  paginateGetResourcesTrendsV2(
1994
2035
  args: GetResourcesTrendsV2CommandInput,
1995
2036
  paginationConfig?: Pick<