@aws-sdk/client-securityhub 3.326.0 → 3.327.0

package/dist-types/commands/GetFindingHistoryCommand.d.ts

@@ -0,0 +1,157 @@
+import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
+import { GetFindingHistoryRequest, GetFindingHistoryResponse } from "../models/models_2";
+import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
+/**
+ * @public
+ *
+ * The input for {@link GetFindingHistoryCommand}.
+ */
+export interface GetFindingHistoryCommandInput extends GetFindingHistoryRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link GetFindingHistoryCommand}.
+ */
+export interface GetFindingHistoryCommandOutput extends GetFindingHistoryResponse, __MetadataBearer {
+}
+/**
+ * @public
+ * <p>
+ *          Returns history for a Security Hub finding in the last 90 days. The history includes changes made to any fields in
+ *          the Amazon Web Services Security Finding Format (ASFF).
+ *       </p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { SecurityHubClient, GetFindingHistoryCommand } from "@aws-sdk/client-securityhub"; // ES Modules import
+ * // const { SecurityHubClient, GetFindingHistoryCommand } = require("@aws-sdk/client-securityhub"); // CommonJS import
+ * const client = new SecurityHubClient(config);
+ * const input = { // GetFindingHistoryRequest
+ *   FindingIdentifier: { // AwsSecurityFindingIdentifier
+ *     Id: "STRING_VALUE", // required
+ *     ProductArn: "STRING_VALUE", // required
+ *   },
+ *   StartTime: new Date("TIMESTAMP"),
+ *   EndTime: new Date("TIMESTAMP"),
+ *   NextToken: "STRING_VALUE",
+ *   MaxResults: Number("int"),
+ * };
+ * const command = new GetFindingHistoryCommand(input);
+ * const response = await client.send(command);
+ * // { // GetFindingHistoryResponse
+ * //   Records: [ // FindingHistoryRecordList
+ * //     { // FindingHistoryRecord
+ * //       FindingIdentifier: { // AwsSecurityFindingIdentifier
+ * //         Id: "STRING_VALUE", // required
+ * //         ProductArn: "STRING_VALUE", // required
+ * //       },
+ * //       UpdateTime: new Date("TIMESTAMP"),
+ * //       FindingCreated: true || false,
+ * //       UpdateSource: { // FindingHistoryUpdateSource
+ * //         Type: "BATCH_UPDATE_FINDINGS" || "BATCH_IMPORT_FINDINGS",
+ * //         Identity: "STRING_VALUE",
+ * //       },
+ * //       Updates: [ // FindingHistoryUpdatesList
+ * //         { // FindingHistoryUpdate
+ * //           UpdatedField: "STRING_VALUE",
+ * //           OldValue: "STRING_VALUE",
+ * //           NewValue: "STRING_VALUE",
+ * //         },
+ * //       ],
+ * //       NextToken: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * //   NextToken: "STRING_VALUE",
+ * // };
+ *
+ * ```
+ *
+ * @param GetFindingHistoryCommandInput - {@link GetFindingHistoryCommandInput}
+ * @returns {@link GetFindingHistoryCommandOutput}
+ * @see {@link GetFindingHistoryCommandInput} for command's `input` shape.
+ * @see {@link GetFindingHistoryCommandOutput} for command's `response` shape.
+ * @see {@link SecurityHubClientResolvedConfig | config} for SecurityHubClient's `config` shape.
+ *
+ * @throws {@link InternalException} (server fault)
+ *  <p>Internal server error.</p>
+ *
+ * @throws {@link InvalidAccessException} (client fault)
+ *  <p>The account doesn't have permission to perform this action.</p>
+ *
+ * @throws {@link InvalidInputException} (client fault)
+ *  <p>The request was rejected because you supplied an invalid or out-of-range value for an
+ *          input parameter.</p>
+ *
+ * @throws {@link LimitExceededException} (client fault)
+ *  <p>The request was rejected because it attempted to create resources beyond the current Amazon Web Services
+ *          account or throttling limits. The error code describes the limit exceeded.</p>
+ *
+ * @throws {@link SecurityHubServiceException}
+ * <p>Base exception class for all service exceptions from SecurityHub service.</p>
+ *
+ * @example To get finding history
+ * ```javascript
+ * // The following example retrieves the history of the specified finding during the specified time frame. If the time frame permits, Security Hub returns finding history for the last 90 days.
+ * const input = {
+ *   "EndTime": "2021-09-31T15:53:35.573Z",
+ *   "FindingIdentifier": {
+ *     "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+ *     "ProductArn": "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"
+ *   },
+ *   "MaxResults": 2,
+ *   "StartTime": "2021-09-30T15:53:35.573Z"
+ * };
+ * const command = new GetFindingHistoryCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Records": [
+ *     {
+ *       "FindingCreated": false,
+ *       "FindingIdentifier": {
+ *         "Id": "a1b2c3d4-5678-90ab-cdef-EXAMPLE11111",
+ *         "ProductArn": "arn:aws:securityhub:us-west-2:123456789012:product/123456789012/default"
+ *       },
+ *       "UpdateSource": {
+ *         "Identity": "arn:aws:iam::444455556666:role/Admin",
+ *         "Type": "BATCH_UPDATE_FINDINGS"
+ *       },
+ *       "UpdateTime": "2021-09-31T15:52:25.573Z",
+ *       "Updates": [
+ *         {
+ *           "NewValue": "MEDIUM",
+ *           "OldValue": "HIGH",
+ *           "UpdatedField": "Severity"
+ *         }
+ *       ]
+ *     }
+ *   ]
+ * }
+ * *\/
+ * // example id: to-get-finding-history-1680270012186
+ * ```
+ *
+ */
+export declare class GetFindingHistoryCommand extends $Command<GetFindingHistoryCommandInput, GetFindingHistoryCommandOutput, SecurityHubClientResolvedConfig> {
+    readonly input: GetFindingHistoryCommandInput;
+    static getEndpointParameterInstructions(): EndpointParameterInstructions;
+    /**
+     * @public
+     */
+    constructor(input: GetFindingHistoryCommandInput);
+    /**
+     * @internal
+     */
+    resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: SecurityHubClientResolvedConfig, options?: __HttpHandlerOptions): Handler<GetFindingHistoryCommandInput, GetFindingHistoryCommandOutput>;
+    /**
+     * @internal
+     */
+    private serialize;
+    /**
+     * @internal
+     */
+    private deserialize;
+}

package/dist-types/commands/index.d.ts

@@ -35,6 +35,7 @@ export * from "./EnableSecurityHubCommand";
 export * from "./GetAdministratorAccountCommand";
 export * from "./GetEnabledStandardsCommand";
 export * from "./GetFindingAggregatorCommand";
+export * from "./GetFindingHistoryCommand";
 export * from "./GetFindingsCommand";
 export * from "./GetInsightResultsCommand";
 export * from "./GetInsightsCommand";

package/dist-types/models/models_1.d.ts

@@ -7528,7 +7528,7 @@ export interface AwsSecurityFinding {
     Region?: string;
     /**
      * <p>The identifier for the solution-specific component (a discrete unit of logic) that
-     *          generated a finding. In various security-findings providers' solutions, this generator can
+     *          generated a finding. In various security findings providers' solutions, this generator can
      *          be called a rule, a check, a detector, a plugin, etc. </p>
      */
     GeneratorId: string | undefined;
@@ -7544,7 +7544,7 @@ export interface AwsSecurityFinding {
      */
     Types?: string[];
     /**
-     * <p>Indicates when the security-findings provider first observed the potential security
+     * <p>Indicates when the security findings provider first observed the potential security
      *          issue that a finding captured.</p>
      *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
      *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
@@ -7552,7 +7552,7 @@ export interface AwsSecurityFinding {
      */
     FirstObservedAt?: string;
     /**
-     * <p>Indicates when the security-findings provider most recently observed the potential
+     * <p>Indicates when the security findings provider most recently observed the potential
      *          security issue that a finding captured.</p>
      *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
      *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
@@ -7560,7 +7560,7 @@ export interface AwsSecurityFinding {
      */
     LastObservedAt?: string;
     /**
-     * <p>Indicates when the security-findings provider created the potential security issue that
+     * <p>Indicates when the security findings provider created the potential security issue that
      *          a finding captured.</p>
      *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
      *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
@@ -7568,7 +7568,7 @@ export interface AwsSecurityFinding {
      */
     CreatedAt: string | undefined;
     /**
-     * <p>Indicates when the security-findings provider last updated the finding record.</p>
+     * <p>Indicates when the security findings provider last updated the finding record.</p>
      *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
      *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
      *             <code>2020-03-22T13:22:13.933Z</code>.</p>
@@ -7610,12 +7610,12 @@ export interface AwsSecurityFinding {
      */
     Remediation?: Remediation;
     /**
-     * <p>A URL that links to a page about the current finding in the security-findings provider's
+     * <p>A URL that links to a page about the current finding in the security findings provider's
      *          solution.</p>
      */
     SourceUrl?: string;
     /**
-     * <p>A data type where security-findings providers can include additional solution-specific
+     * <p>A data type where security findings providers can include additional solution-specific
      *          details that aren't part of the defined <code>AwsSecurityFinding</code> format.</p>
      *          <p>Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.</p>
      */
@@ -7992,7 +7992,7 @@ export interface AwsSecurityFindingFilters {
     Id?: StringFilter[];
     /**
      * <p>The identifier for the solution-specific component (a discrete unit of logic) that
-     *          generated a finding. In various security-findings providers' solutions, this generator can
+     *          generated a finding. In various security findings providers' solutions, this generator can
      *          be called a rule, a check, a detector, a plugin, etc.</p>
      */
     GeneratorId?: StringFilter[];
@@ -8006,25 +8006,25 @@ export interface AwsSecurityFindingFilters {
      */
     Type?: StringFilter[];
     /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security-findings provider first
+     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider first
      *          observed the potential security issue that a finding captured.</p>
      *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
      */
     FirstObservedAt?: DateFilter[];
     /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security-findings provider most
+     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider most
      *          recently observed the potential security issue that a finding captured.</p>
      *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
      */
     LastObservedAt?: DateFilter[];
     /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security-findings provider
+     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider
      *          captured the potential security issue that a finding captured.</p>
      *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
      */
     CreatedAt?: DateFilter[];
     /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security-findings provider last
+     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider last
      *          updated the finding record. </p>
      *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
      */
@@ -8032,7 +8032,7 @@ export interface AwsSecurityFindingFilters {
     /**
      * @deprecated
      *
-     * <p>The native severity as defined by the security-findings provider's solution that
+     * <p>The native severity as defined by the security findings provider's solution that
      *          generated the finding.</p>
      */
     SeverityProduct?: NumberFilter[];
@@ -8072,12 +8072,12 @@ export interface AwsSecurityFindingFilters {
      */
     RecommendationText?: StringFilter[];
     /**
-     * <p>A URL that links to a page about the current finding in the security-findings provider's
+     * <p>A URL that links to a page about the current finding in the security findings provider's
      *          solution.</p>
      */
     SourceUrl?: StringFilter[];
     /**
-     * <p>A data type where security-findings providers can include additional solution-specific
+     * <p>A data type where security findings providers can include additional solution-specific
      *          details that aren't part of the defined <code>AwsSecurityFinding</code> format.</p>
      */
     ProductFields?: MapFilter[];
@@ -8492,7 +8492,7 @@ export interface AwsSecurityFindingFilters {
 }
 /**
  * @public
- * <p>Identifies a finding to update using <code>BatchUpdateFindings</code>.</p>
+ * <p>Identifies which finding to get the finding history for.</p>
  */
 export interface AwsSecurityFindingIdentifier {
     /**

package/dist-types/models/models_2.d.ts

@@ -1,5 +1,5 @@
 import { AccountDetails, ActionTarget, AdminAccount, AssociationStatus, AutoEnableStandards } from "./models_0";
-import { AwsSecurityFinding, AwsSecurityFindingFilters, ControlFindingGenerator, ControlStatus, NoteUpdate, RecordState, SeverityRating, StandardsSubscription } from "./models_1";
+import { AwsSecurityFinding, AwsSecurityFindingFilters, AwsSecurityFindingIdentifier, ControlFindingGenerator, ControlStatus, NoteUpdate, RecordState, SeverityRating, StandardsSubscription } from "./models_1";
 /**
  * @public
  */
@@ -700,6 +700,126 @@ export interface FindingAggregator {
      */
     FindingAggregatorArn?: string;
 }
+/**
+ * @public
+ * <p> An array of objects that provides details about a change to a finding, including the
+ *                 Amazon Web Services Security Finding Format (ASFF) field that changed, the value of
+ *             the field before the change, and the value of the field after the change. </p>
+ */
+export interface FindingHistoryUpdate {
+    /**
+     * <p>
+     *          The ASFF field that changed during the finding change event.
+     *       </p>
+     */
+    UpdatedField?: string;
+    /**
+     * <p>
+     *          The value of the ASFF field before the finding change event.
+     *       </p>
+     */
+    OldValue?: string;
+    /**
+     * <p>
+     *          The value of the ASFF field after the finding change event. To preserve storage and readability, Security Hub omits this value
+     *           if <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_FindingHistoryRecord.html">
+     *                <code>FindingHistoryRecord</code>
+     *             </a> exceeds database limits.
+     *       </p>
+     */
+    NewValue?: string;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const FindingHistoryUpdateSourceType: {
+    readonly BATCH_IMPORT_FINDINGS: "BATCH_IMPORT_FINDINGS";
+    readonly BATCH_UPDATE_FINDINGS: "BATCH_UPDATE_FINDINGS";
+};
+/**
+ * @public
+ */
+export type FindingHistoryUpdateSourceType = (typeof FindingHistoryUpdateSourceType)[keyof typeof FindingHistoryUpdateSourceType];
+/**
+ * @public
+ * <p>
+ *          Identifies the source of the finding change event.
+ *       </p>
+ */
+export interface FindingHistoryUpdateSource {
+    /**
+     * <p>
+     *          Describes the type of finding change event, such as a call to <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
+     *                <code>BatchImportFindings</code>
+     *             </a> (by an integrated Amazon Web Service or third party partner integration) or <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
+     *                <code>BatchUpdateFindings</code>
+     *             </a> (by a Security Hub customer).
+     *       </p>
+     */
+    Type?: FindingHistoryUpdateSourceType | string;
+    /**
+     * <p>
+     *          The identity of the source that initiated the finding change event. For example, the Amazon Resource Name (ARN) of a partner that calls BatchImportFindings or of a customer that calls BatchUpdateFindings.
+     *       </p>
+     */
+    Identity?: string;
+}
+/**
+ * @public
+ * <p>
+ *          A list of events that changed the specified finding during the specified time period. Each record represents a single
+ *          finding change event.
+ *       </p>
+ */
+export interface FindingHistoryRecord {
+    /**
+     * <p>Identifies which finding to get the finding history for.</p>
+     */
+    FindingIdentifier?: AwsSecurityFindingIdentifier;
+    /**
+     * <p> An ISO 8601-formatted timestamp that indicates when the security findings provider last
+     *             updated the finding record. A correctly formatted example is
+     *                 <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and
+     *             time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6,
+     *                 Internet Date/Time Format</a>. </p>
+     */
+    UpdateTime?: Date;
+    /**
+     * <p>
+     *          Identifies whether the event marks the creation of a new finding. A value of <code>True</code> means that the finding is
+     *          newly created. A value of <code>False</code> means that the finding isn’t newly created.
+     *       </p>
+     */
+    FindingCreated?: boolean;
+    /**
+     * <p> Identifies the source of the event that changed the finding. For example, an integrated
+     *                 Amazon Web Service or third-party partner integration may call <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
+     *                <code>BatchImportFindings</code>
+     *             </a>, or an Security Hub customer
+     *             may call <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
+     *                <code>BatchUpdateFindings</code>
+     *             </a>. </p>
+     */
+    UpdateSource?: FindingHistoryUpdateSource;
+    /**
+     * <p>
+     *          An array of objects that provides details about the finding change event, including the Amazon Web Services Security
+     *          Finding Format (ASFF) field that changed, the value of the field before the change, and the value of the field after
+     *          the change.
+     *       </p>
+     */
+    Updates?: FindingHistoryUpdate[];
+    /**
+     * <p>
+     *          A token for pagination purposes. Provide this token in the subsequent request to <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_GetFindingsHistory.html">
+     *                <code>GetFindingsHistory</code>
+     *             </a> to get
+     *          up to an additional 100 results of history for the same finding that you specified in your initial request.
+     *       </p>
+     */
+    NextToken?: string;
+}
 /**
  * @public
  */
@@ -801,6 +921,81 @@ export interface GetFindingAggregatorResponse {
      */
     Regions?: string[];
 }
+/**
+ * @public
+ */
+export interface GetFindingHistoryRequest {
+    /**
+     * <p>Identifies which finding to get the finding history for.</p>
+     */
+    FindingIdentifier: AwsSecurityFindingIdentifier | undefined;
+    /**
+     * <p>
+     *          An ISO 8601-formatted timestamp that indicates the start time of the requested finding history. A correctly formatted
+     *          example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated
+     *          by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339
+     *             section 5.6, Internet Date/Time Format</a>.</p>
+     *          <p>If you provide values for both <code>StartTime</code> and <code>EndTime</code>,
+     *                 Security Hub returns finding history for the specified time period. If you
+     *             provide a value for <code>StartTime</code> but not for <code>EndTime</code>, Security Hub returns finding history from the <code>StartTime</code> to the time at
+     *             which the API is called. If you provide a value for <code>EndTime</code> but not for
+     *                 <code>StartTime</code>, Security Hub returns finding history from the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt">CreatedAt</a> timestamp of the finding to the <code>EndTime</code>. If you
+     *             provide neither <code>StartTime</code> nor <code>EndTime</code>, Security Hub
+     *             returns finding history from the CreatedAt timestamp of the finding to the time at which
+     *             the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is
+     *             limited to 90 days. </p>
+     */
+    StartTime?: Date;
+    /**
+     * <p>
+     *          An ISO 8601-formatted timestamp that indicates the end time of the requested finding history. A correctly formatted
+     *          example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated
+     *          by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339
+     *             section 5.6, Internet Date/Time Format</a>.</p>
+     *          <p>If you provide values for both <code>StartTime</code> and <code>EndTime</code>,
+     *                 Security Hub returns finding history for the specified time period. If you
+     *             provide a value for <code>StartTime</code> but not for <code>EndTime</code>, Security Hub returns finding history from the <code>StartTime</code> to the time at
+     *             which the API is called. If you provide a value for <code>EndTime</code> but not for
+     *                 <code>StartTime</code>, Security Hub returns finding history from the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_AwsSecurityFindingFilters.html#securityhub-Type-AwsSecurityFindingFilters-CreatedAt">CreatedAt</a> timestamp of the finding to the <code>EndTime</code>. If you
+     *             provide neither <code>StartTime</code> nor <code>EndTime</code>, Security Hub
+     *             returns finding history from the CreatedAt timestamp of the finding to the time at which
+     *             the API is called. In all of these scenarios, the response is limited to 100 results, and the maximum time period is
+     *             limited to 90 days.</p>
+     */
+    EndTime?: Date;
+    /**
+     * <p>
+     *          A token for pagination purposes. Provide <code>NULL</code> as the initial value. In subsequent requests, provide the
+     *          token included in the response to get up to an additional 100 results of finding history. If you don’t provide
+     *          <code>NextToken</code>, Security Hub returns up to 100 results of finding history for each request.
+     *       </p>
+     */
+    NextToken?: string;
+    /**
+     * <p>
+     *          The maximum number of results to be returned. If you don’t provide it, Security Hub returns up to 100 results of finding history.
+     *       </p>
+     */
+    MaxResults?: number;
+}
+/**
+ * @public
+ */
+export interface GetFindingHistoryResponse {
+    /**
+     * <p>
+     *          A list of events that altered the specified finding during the specified time period.
+     *       </p>
+     */
+    Records?: FindingHistoryRecord[];
+    /**
+     * <p>
+     *          A token for pagination purposes. Provide this token in the subsequent request to <code>GetFindingsHistory</code> to
+     *          get up to an additional 100 results of history for the same finding that you specified in your initial request.
+     *       </p>
+     */
+    NextToken?: string;
+}
 /**
  * @public
  * @enum

package/dist-types/pagination/GetFindingHistoryPaginator.d.ts

@@ -0,0 +1,7 @@
+import { Paginator } from "@aws-sdk/types";
+import { GetFindingHistoryCommandInput, GetFindingHistoryCommandOutput } from "../commands/GetFindingHistoryCommand";
+import { SecurityHubPaginationConfiguration } from "./Interfaces";
+/**
+ * @public
+ */
+export declare function paginateGetFindingHistory(config: SecurityHubPaginationConfiguration, input: GetFindingHistoryCommandInput, ...additionalArguments: any): Paginator<GetFindingHistoryCommandOutput>;

package/dist-types/pagination/index.d.ts

@@ -3,6 +3,7 @@ export * from "./DescribeProductsPaginator";
 export * from "./DescribeStandardsControlsPaginator";
 export * from "./DescribeStandardsPaginator";
 export * from "./GetEnabledStandardsPaginator";
+export * from "./GetFindingHistoryPaginator";
 export * from "./GetFindingsPaginator";
 export * from "./GetInsightsPaginator";
 export * from "./Interfaces";

package/dist-types/protocols/Aws_restJson1.d.ts

@@ -37,6 +37,7 @@ import { EnableSecurityHubCommandInput, EnableSecurityHubCommandOutput } from ".
 import { GetAdministratorAccountCommandInput, GetAdministratorAccountCommandOutput } from "../commands/GetAdministratorAccountCommand";
 import { GetEnabledStandardsCommandInput, GetEnabledStandardsCommandOutput } from "../commands/GetEnabledStandardsCommand";
 import { GetFindingAggregatorCommandInput, GetFindingAggregatorCommandOutput } from "../commands/GetFindingAggregatorCommand";
+import { GetFindingHistoryCommandInput, GetFindingHistoryCommandOutput } from "../commands/GetFindingHistoryCommand";
 import { GetFindingsCommandInput, GetFindingsCommandOutput } from "../commands/GetFindingsCommand";
 import { GetInsightResultsCommandInput, GetInsightResultsCommandOutput } from "../commands/GetInsightResultsCommand";
 import { GetInsightsCommandInput, GetInsightsCommandOutput } from "../commands/GetInsightsCommand";
@@ -209,6 +210,10 @@ export declare const se_GetEnabledStandardsCommand: (input: GetEnabledStandardsC
  * serializeAws_restJson1GetFindingAggregatorCommand
  */
 export declare const se_GetFindingAggregatorCommand: (input: GetFindingAggregatorCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
+/**
+ * serializeAws_restJson1GetFindingHistoryCommand
+ */
+export declare const se_GetFindingHistoryCommand: (input: GetFindingHistoryCommandInput, context: __SerdeContext) => Promise<__HttpRequest>;
 /**
  * serializeAws_restJson1GetFindingsCommand
  */
@@ -453,6 +458,10 @@ export declare const de_GetEnabledStandardsCommand: (output: __HttpResponse, con
  * deserializeAws_restJson1GetFindingAggregatorCommand
  */
 export declare const de_GetFindingAggregatorCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetFindingAggregatorCommandOutput>;
+/**
+ * deserializeAws_restJson1GetFindingHistoryCommand
+ */
+export declare const de_GetFindingHistoryCommand: (output: __HttpResponse, context: __SerdeContext) => Promise<GetFindingHistoryCommandOutput>;
 /**
  * deserializeAws_restJson1GetFindingsCommand
  */

package/dist-types/ts3.4/SecurityHub.d.ts

@@ -147,6 +147,10 @@ import {
   GetFindingAggregatorCommandInput,
   GetFindingAggregatorCommandOutput,
 } from "./commands/GetFindingAggregatorCommand";
+import {
+  GetFindingHistoryCommandInput,
+  GetFindingHistoryCommandOutput,
+} from "./commands/GetFindingHistoryCommand";
 import {
   GetFindingsCommandInput,
   GetFindingsCommandOutput,
@@ -750,6 +754,19 @@ export interface SecurityHub {
     options: __HttpHandlerOptions,
     cb: (err: any, data?: GetFindingAggregatorCommandOutput) => void
   ): void;
+  getFindingHistory(
+    args: GetFindingHistoryCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<GetFindingHistoryCommandOutput>;
+  getFindingHistory(
+    args: GetFindingHistoryCommandInput,
+    cb: (err: any, data?: GetFindingHistoryCommandOutput) => void
+  ): void;
+  getFindingHistory(
+    args: GetFindingHistoryCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: GetFindingHistoryCommandOutput) => void
+  ): void;
   getFindings(
     args: GetFindingsCommandInput,
     options?: __HttpHandlerOptions

package/dist-types/ts3.4/SecurityHubClient.d.ts

@@ -192,6 +192,10 @@ import {
   GetFindingAggregatorCommandInput,
   GetFindingAggregatorCommandOutput,
 } from "./commands/GetFindingAggregatorCommand";
+import {
+  GetFindingHistoryCommandInput,
+  GetFindingHistoryCommandOutput,
+} from "./commands/GetFindingHistoryCommand";
 import {
   GetFindingsCommandInput,
   GetFindingsCommandOutput,
@@ -331,6 +335,7 @@ export type ServiceInputTypes =
   | GetAdministratorAccountCommandInput
   | GetEnabledStandardsCommandInput
   | GetFindingAggregatorCommandInput
+  | GetFindingHistoryCommandInput
   | GetFindingsCommandInput
   | GetInsightResultsCommandInput
   | GetInsightsCommandInput
@@ -393,6 +398,7 @@ export type ServiceOutputTypes =
   | GetAdministratorAccountCommandOutput
   | GetEnabledStandardsCommandOutput
   | GetFindingAggregatorCommandOutput
+  | GetFindingHistoryCommandOutput
   | GetFindingsCommandOutput
   | GetInsightResultsCommandOutput
   | GetInsightsCommandOutput

package/dist-types/ts3.4/commands/GetFindingHistoryCommand.d.ts

@@ -0,0 +1,38 @@
+import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import {
+  Handler,
+  HttpHandlerOptions as __HttpHandlerOptions,
+  MetadataBearer as __MetadataBearer,
+  MiddlewareStack,
+} from "@aws-sdk/types";
+import {
+  GetFindingHistoryRequest,
+  GetFindingHistoryResponse,
+} from "../models/models_2";
+import {
+  SecurityHubClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../SecurityHubClient";
+export interface GetFindingHistoryCommandInput
+  extends GetFindingHistoryRequest {}
+export interface GetFindingHistoryCommandOutput
+  extends GetFindingHistoryResponse,
+    __MetadataBearer {}
+export declare class GetFindingHistoryCommand extends $Command<
+  GetFindingHistoryCommandInput,
+  GetFindingHistoryCommandOutput,
+  SecurityHubClientResolvedConfig
+> {
+  readonly input: GetFindingHistoryCommandInput;
+  static getEndpointParameterInstructions(): EndpointParameterInstructions;
+  constructor(input: GetFindingHistoryCommandInput);
+  resolveMiddleware(
+    clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>,
+    configuration: SecurityHubClientResolvedConfig,
+    options?: __HttpHandlerOptions
+  ): Handler<GetFindingHistoryCommandInput, GetFindingHistoryCommandOutput>;
+  private serialize;
+  private deserialize;
+}