@aws-sdk/client-securityhub 3.338.0 → 3.342.0

package/dist-cjs/models/models_1.js

@@ -1,7 +1,6 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.ResourceConflictException = exports.ControlFindingGenerator = exports.UnprocessedErrorCode = exports.SeverityRating = exports.ControlStatus = exports.StatusReasonCode = exports.StandardsStatus = exports.MapFilterComparison = exports.DateRangeUnit = exports.StringFilterComparison = exports.WorkflowState = exports.WorkflowStatus = exports.VulnerabilityFixAvailable = exports.VerificationState = exports.ThreatIntelIndicatorType = exports.ThreatIntelIndicatorCategory = exports.Partition = exports.RecordState = exports.NetworkDirection = exports.MalwareType = exports.MalwareState = exports.SeverityLabel = exports.ComplianceStatus = exports.AwsS3BucketNotificationConfigurationS3KeyFilterRuleName = exports.AwsIamAccessKeyStatus = void 0;
-const SecurityHubServiceException_1 = require("./SecurityHubServiceException");
+exports.StatusReasonCode = exports.StandardsStatus = exports.MapFilterComparison = exports.DateRangeUnit = exports.StringFilterComparison = exports.WorkflowState = exports.WorkflowStatus = exports.VulnerabilityFixAvailable = exports.VerificationState = exports.ThreatIntelIndicatorType = exports.ThreatIntelIndicatorCategory = exports.Partition = exports.RecordState = exports.NetworkDirection = exports.MalwareType = exports.MalwareState = exports.SeverityLabel = exports.ComplianceStatus = exports.AwsS3BucketNotificationConfigurationS3KeyFilterRuleName = exports.AwsIamAccessKeyStatus = void 0;
 exports.AwsIamAccessKeyStatus = {
     ACTIVE: "Active",
     INACTIVE: "Inactive",
@@ -127,38 +126,3 @@ exports.StatusReasonCode = {
     INTERNAL_ERROR: "INTERNAL_ERROR",
     NO_AVAILABLE_CONFIGURATION_RECORDER: "NO_AVAILABLE_CONFIGURATION_RECORDER",
 };
-exports.ControlStatus = {
-    DISABLED: "DISABLED",
-    ENABLED: "ENABLED",
-};
-exports.SeverityRating = {
-    CRITICAL: "CRITICAL",
-    HIGH: "HIGH",
-    LOW: "LOW",
-    MEDIUM: "MEDIUM",
-};
-exports.UnprocessedErrorCode = {
-    ACCESS_DENIED: "ACCESS_DENIED",
-    INVALID_INPUT: "INVALID_INPUT",
-    LIMIT_EXCEEDED: "LIMIT_EXCEEDED",
-    NOT_FOUND: "NOT_FOUND",
-};
-exports.ControlFindingGenerator = {
-    SECURITY_CONTROL: "SECURITY_CONTROL",
-    STANDARD_CONTROL: "STANDARD_CONTROL",
-};
-class ResourceConflictException extends SecurityHubServiceException_1.SecurityHubServiceException {
-    constructor(opts) {
-        super({
-            name: "ResourceConflictException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "ResourceConflictException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, ResourceConflictException.prototype);
-        this.Message = opts.Message;
-        this.Code = opts.Code;
-    }
-}
-exports.ResourceConflictException = ResourceConflictException;

package/dist-cjs/models/models_2.js

@@ -1,6 +1,42 @@
 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.RegionAvailabilityStatus = exports.SortOrder = exports.FindingHistoryUpdateSourceType = exports.IntegrationType = void 0;
+exports.RegionAvailabilityStatus = exports.SortOrder = exports.FindingHistoryUpdateSourceType = exports.IntegrationType = exports.ResourceConflictException = exports.ControlFindingGenerator = exports.UnprocessedErrorCode = exports.SeverityRating = exports.ControlStatus = void 0;
+const SecurityHubServiceException_1 = require("./SecurityHubServiceException");
+exports.ControlStatus = {
+    DISABLED: "DISABLED",
+    ENABLED: "ENABLED",
+};
+exports.SeverityRating = {
+    CRITICAL: "CRITICAL",
+    HIGH: "HIGH",
+    LOW: "LOW",
+    MEDIUM: "MEDIUM",
+};
+exports.UnprocessedErrorCode = {
+    ACCESS_DENIED: "ACCESS_DENIED",
+    INVALID_INPUT: "INVALID_INPUT",
+    LIMIT_EXCEEDED: "LIMIT_EXCEEDED",
+    NOT_FOUND: "NOT_FOUND",
+};
+exports.ControlFindingGenerator = {
+    SECURITY_CONTROL: "SECURITY_CONTROL",
+    STANDARD_CONTROL: "STANDARD_CONTROL",
+};
+class ResourceConflictException extends SecurityHubServiceException_1.SecurityHubServiceException {
+    constructor(opts) {
+        super({
+            name: "ResourceConflictException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "ResourceConflictException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, ResourceConflictException.prototype);
+        this.Message = opts.Message;
+        this.Code = opts.Code;
+    }
+}
+exports.ResourceConflictException = ResourceConflictException;
 exports.IntegrationType = {
     RECEIVE_FINDINGS_FROM_SECURITY_HUB: "RECEIVE_FINDINGS_FROM_SECURITY_HUB",
     SEND_FINDINGS_TO_SECURITY_HUB: "SEND_FINDINGS_TO_SECURITY_HUB",

package/dist-cjs/protocols/Aws_restJson1.js

@@ -6,7 +6,7 @@ exports.de_UpdateStandardsControlCommand = exports.de_UpdateSecurityHubConfigura
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const protocol_http_1 = require("@smithy/protocol-http");
 const models_0_1 = require("../models/models_0");
-const models_1_1 = require("../models/models_1");
+const models_2_1 = require("../models/models_2");
 const SecurityHubServiceException_1 = require("../models/SecurityHubServiceException");
 const se_AcceptAdministratorInvitationCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
@@ -4109,7 +4109,7 @@ const de_ResourceConflictExceptionRes = async (parsedOutput, context) => {
         Message: smithy_client_1.expectString,
     });
     Object.assign(contents, doc);
-    const exception = new models_1_1.ResourceConflictException({
+    const exception = new models_2_1.ResourceConflictException({
         $metadata: deserializeMetadata(parsedOutput),
         ...contents,
     });
@@ -4656,10 +4656,12 @@ const se_Resource = (input, context) => {
 };
 const se_ResourceDetails = (input, context) => {
     return (0, smithy_client_1.take)(input, {
+        AwsAmazonMqBroker: smithy_client_1._json,
         AwsApiGatewayRestApi: smithy_client_1._json,
         AwsApiGatewayStage: (_) => se_AwsApiGatewayStageDetails(_, context),
         AwsApiGatewayV2Api: smithy_client_1._json,
         AwsApiGatewayV2Stage: (_) => se_AwsApiGatewayV2StageDetails(_, context),
+        AwsAppSyncGraphQlApi: smithy_client_1._json,
         AwsAutoScalingAutoScalingGroup: smithy_client_1._json,
         AwsAutoScalingLaunchConfiguration: smithy_client_1._json,
         AwsBackupBackupPlan: smithy_client_1._json,
@@ -4699,6 +4701,8 @@ const se_ResourceDetails = (input, context) => {
         AwsElasticsearchDomain: smithy_client_1._json,
         AwsElbLoadBalancer: smithy_client_1._json,
         AwsElbv2LoadBalancer: smithy_client_1._json,
+        AwsEventSchemasRegistry: smithy_client_1._json,
+        AwsGuardDutyDetector: smithy_client_1._json,
         AwsIamAccessKey: smithy_client_1._json,
         AwsIamGroup: smithy_client_1._json,
         AwsIamPolicy: smithy_client_1._json,
@@ -4727,6 +4731,7 @@ const se_ResourceDetails = (input, context) => {
         AwsSnsTopic: smithy_client_1._json,
         AwsSqsQueue: smithy_client_1._json,
         AwsSsmPatchCompliance: smithy_client_1._json,
+        AwsStepFunctionStateMachine: smithy_client_1._json,
         AwsWafRateBasedRule: smithy_client_1._json,
         AwsWafRegionalRateBasedRule: smithy_client_1._json,
         AwsWafRegionalRule: smithy_client_1._json,
@@ -5383,10 +5388,12 @@ const de_Resource = (output, context) => {
 };
 const de_ResourceDetails = (output, context) => {
     return (0, smithy_client_1.take)(output, {
+        AwsAmazonMqBroker: smithy_client_1._json,
         AwsApiGatewayRestApi: smithy_client_1._json,
         AwsApiGatewayStage: (_) => de_AwsApiGatewayStageDetails(_, context),
         AwsApiGatewayV2Api: smithy_client_1._json,
         AwsApiGatewayV2Stage: (_) => de_AwsApiGatewayV2StageDetails(_, context),
+        AwsAppSyncGraphQlApi: smithy_client_1._json,
         AwsAutoScalingAutoScalingGroup: smithy_client_1._json,
         AwsAutoScalingLaunchConfiguration: smithy_client_1._json,
         AwsBackupBackupPlan: smithy_client_1._json,
@@ -5426,6 +5433,8 @@ const de_ResourceDetails = (output, context) => {
         AwsElasticsearchDomain: smithy_client_1._json,
         AwsElbLoadBalancer: smithy_client_1._json,
         AwsElbv2LoadBalancer: smithy_client_1._json,
+        AwsEventSchemasRegistry: smithy_client_1._json,
+        AwsGuardDutyDetector: smithy_client_1._json,
         AwsIamAccessKey: smithy_client_1._json,
         AwsIamGroup: smithy_client_1._json,
         AwsIamPolicy: smithy_client_1._json,
@@ -5454,6 +5463,7 @@ const de_ResourceDetails = (output, context) => {
         AwsSnsTopic: smithy_client_1._json,
         AwsSqsQueue: smithy_client_1._json,
         AwsSsmPatchCompliance: smithy_client_1._json,
+        AwsStepFunctionStateMachine: smithy_client_1._json,
         AwsWafRateBasedRule: smithy_client_1._json,
         AwsWafRegionalRateBasedRule: smithy_client_1._json,
         AwsWafRegionalRule: smithy_client_1._json,

package/dist-es/models/models_1.js

@@ -1,4 +1,3 @@
-import { SecurityHubServiceException as __BaseException } from "./SecurityHubServiceException";
 export const AwsIamAccessKeyStatus = {
     ACTIVE: "Active",
     INACTIVE: "Inactive",
@@ -124,37 +123,3 @@ export const StatusReasonCode = {
     INTERNAL_ERROR: "INTERNAL_ERROR",
     NO_AVAILABLE_CONFIGURATION_RECORDER: "NO_AVAILABLE_CONFIGURATION_RECORDER",
 };
-export const ControlStatus = {
-    DISABLED: "DISABLED",
-    ENABLED: "ENABLED",
-};
-export const SeverityRating = {
-    CRITICAL: "CRITICAL",
-    HIGH: "HIGH",
-    LOW: "LOW",
-    MEDIUM: "MEDIUM",
-};
-export const UnprocessedErrorCode = {
-    ACCESS_DENIED: "ACCESS_DENIED",
-    INVALID_INPUT: "INVALID_INPUT",
-    LIMIT_EXCEEDED: "LIMIT_EXCEEDED",
-    NOT_FOUND: "NOT_FOUND",
-};
-export const ControlFindingGenerator = {
-    SECURITY_CONTROL: "SECURITY_CONTROL",
-    STANDARD_CONTROL: "STANDARD_CONTROL",
-};
-export class ResourceConflictException extends __BaseException {
-    constructor(opts) {
-        super({
-            name: "ResourceConflictException",
-            $fault: "client",
-            ...opts,
-        });
-        this.name = "ResourceConflictException";
-        this.$fault = "client";
-        Object.setPrototypeOf(this, ResourceConflictException.prototype);
-        this.Message = opts.Message;
-        this.Code = opts.Code;
-    }
-}

package/dist-es/models/models_2.js

@@ -1,3 +1,38 @@
+import { SecurityHubServiceException as __BaseException } from "./SecurityHubServiceException";
+export const ControlStatus = {
+    DISABLED: "DISABLED",
+    ENABLED: "ENABLED",
+};
+export const SeverityRating = {
+    CRITICAL: "CRITICAL",
+    HIGH: "HIGH",
+    LOW: "LOW",
+    MEDIUM: "MEDIUM",
+};
+export const UnprocessedErrorCode = {
+    ACCESS_DENIED: "ACCESS_DENIED",
+    INVALID_INPUT: "INVALID_INPUT",
+    LIMIT_EXCEEDED: "LIMIT_EXCEEDED",
+    NOT_FOUND: "NOT_FOUND",
+};
+export const ControlFindingGenerator = {
+    SECURITY_CONTROL: "SECURITY_CONTROL",
+    STANDARD_CONTROL: "STANDARD_CONTROL",
+};
+export class ResourceConflictException extends __BaseException {
+    constructor(opts) {
+        super({
+            name: "ResourceConflictException",
+            $fault: "client",
+            ...opts,
+        });
+        this.name = "ResourceConflictException";
+        this.$fault = "client";
+        Object.setPrototypeOf(this, ResourceConflictException.prototype);
+        this.Message = opts.Message;
+        this.Code = opts.Code;
+    }
+}
 export const IntegrationType = {
     RECEIVE_FINDINGS_FROM_SECURITY_HUB: "RECEIVE_FINDINGS_FROM_SECURITY_HUB",
     SEND_FINDINGS_TO_SECURITY_HUB: "SEND_FINDINGS_TO_SECURITY_HUB",

package/dist-es/protocols/Aws_restJson1.js

@@ -1,7 +1,7 @@
 import { _json, decorateServiceException as __decorateServiceException, expectBoolean as __expectBoolean, expectInt32 as __expectInt32, expectLong as __expectLong, expectNonNull as __expectNonNull, expectObject as __expectObject, expectString as __expectString, limitedParseDouble as __limitedParseDouble, map, parseRfc3339DateTimeWithOffset as __parseRfc3339DateTimeWithOffset, resolvedPath as __resolvedPath, serializeFloat as __serializeFloat, take, withBaseException, } from "@aws-sdk/smithy-client";
 import { HttpRequest as __HttpRequest } from "@smithy/protocol-http";
 import { AccessDeniedException, InternalException, InvalidAccessException, InvalidInputException, LimitExceededException, ResourceNotFoundException, } from "../models/models_0";
-import { ResourceConflictException, } from "../models/models_1";
+import { ResourceConflictException, } from "../models/models_2";
 import { SecurityHubServiceException as __BaseException } from "../models/SecurityHubServiceException";
 export const se_AcceptAdministratorInvitationCommand = async (input, context) => {
     const { hostname, protocol = "https", port, path: basePath } = await context.endpoint();
@@ -4527,10 +4527,12 @@ const se_Resource = (input, context) => {
 };
 const se_ResourceDetails = (input, context) => {
     return take(input, {
+        AwsAmazonMqBroker: _json,
         AwsApiGatewayRestApi: _json,
         AwsApiGatewayStage: (_) => se_AwsApiGatewayStageDetails(_, context),
         AwsApiGatewayV2Api: _json,
         AwsApiGatewayV2Stage: (_) => se_AwsApiGatewayV2StageDetails(_, context),
+        AwsAppSyncGraphQlApi: _json,
         AwsAutoScalingAutoScalingGroup: _json,
         AwsAutoScalingLaunchConfiguration: _json,
         AwsBackupBackupPlan: _json,
@@ -4570,6 +4572,8 @@ const se_ResourceDetails = (input, context) => {
         AwsElasticsearchDomain: _json,
         AwsElbLoadBalancer: _json,
         AwsElbv2LoadBalancer: _json,
+        AwsEventSchemasRegistry: _json,
+        AwsGuardDutyDetector: _json,
         AwsIamAccessKey: _json,
         AwsIamGroup: _json,
         AwsIamPolicy: _json,
@@ -4598,6 +4602,7 @@ const se_ResourceDetails = (input, context) => {
         AwsSnsTopic: _json,
         AwsSqsQueue: _json,
         AwsSsmPatchCompliance: _json,
+        AwsStepFunctionStateMachine: _json,
         AwsWafRateBasedRule: _json,
         AwsWafRegionalRateBasedRule: _json,
         AwsWafRegionalRule: _json,
@@ -5254,10 +5259,12 @@ const de_Resource = (output, context) => {
 };
 const de_ResourceDetails = (output, context) => {
     return take(output, {
+        AwsAmazonMqBroker: _json,
         AwsApiGatewayRestApi: _json,
         AwsApiGatewayStage: (_) => de_AwsApiGatewayStageDetails(_, context),
         AwsApiGatewayV2Api: _json,
         AwsApiGatewayV2Stage: (_) => de_AwsApiGatewayV2StageDetails(_, context),
+        AwsAppSyncGraphQlApi: _json,
         AwsAutoScalingAutoScalingGroup: _json,
         AwsAutoScalingLaunchConfiguration: _json,
         AwsBackupBackupPlan: _json,
@@ -5297,6 +5304,8 @@ const de_ResourceDetails = (output, context) => {
         AwsElasticsearchDomain: _json,
         AwsElbLoadBalancer: _json,
         AwsElbv2LoadBalancer: _json,
+        AwsEventSchemasRegistry: _json,
+        AwsGuardDutyDetector: _json,
         AwsIamAccessKey: _json,
         AwsIamGroup: _json,
         AwsIamPolicy: _json,
@@ -5325,6 +5334,7 @@ const de_ResourceDetails = (output, context) => {
         AwsSnsTopic: _json,
         AwsSqsQueue: _json,
         AwsSsmPatchCompliance: _json,
+        AwsStepFunctionStateMachine: _json,
         AwsWafRateBasedRule: _json,
         AwsWafRegionalRateBasedRule: _json,
         AwsWafRegionalRule: _json,

package/dist-types/commands/BatchEnableStandardsCommand.d.ts

@@ -87,9 +87,9 @@ export interface BatchEnableStandardsCommandOutput extends BatchEnableStandardsR
  * @throws {@link SecurityHubServiceException}
  * <p>Base exception class for all service exceptions from SecurityHub service.</p>
  *
- * @example To import security findings from a third party provider to Security Hub
+ * @example To enable security standards
  * ```javascript
- * // The following example imports findings from a third party provider to Security Hub.
+ * // The following example enables the security standard specified by the StandardArn. You can use this operation to enable one or more Security Hub standards.
  * const input = {
  *   "StandardsSubscriptionRequests": [
  *     {
@@ -111,7 +111,7 @@ export interface BatchEnableStandardsCommandOutput extends BatchEnableStandardsR
  *   ]
  * }
  * *\/
- * // example id: to-import-security-findings-from-a-third-party-provider-to-security-hub-1675090935260
+ * // example id: to-enable-security-standards-1683233792239
  * ```
  *
  */

package/dist-types/commands/BatchGetSecurityControlsCommand.d.ts

@@ -1,7 +1,7 @@
 import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
-import { BatchGetSecurityControlsRequest, BatchGetSecurityControlsResponse } from "../models/models_1";
+import { BatchGetSecurityControlsRequest, BatchGetSecurityControlsResponse } from "../models/models_2";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public
@@ -85,6 +85,44 @@ export interface BatchGetSecurityControlsCommandOutput extends BatchGetSecurityC
  * @throws {@link SecurityHubServiceException}
  * <p>Base exception class for all service exceptions from SecurityHub service.</p>
  *
+ * @example To get security control details
+ * ```javascript
+ * // The following example gets details for the specified controls in the current AWS account and AWS Region.
+ * const input = {
+ *   "SecurityControlIds": [
+ *     "ACM.1",
+ *     "APIGateway.1"
+ *   ]
+ * };
+ * const command = new BatchGetSecurityControlsCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "SecurityControls": [
+ *     {
+ *       "Description": "This AWS control checks whether ACM Certificates in your account are marked for expiration within a specified time period. Certificates provided by ACM are automatically renewed. ACM does not automatically renew certificates that you import.",
+ *       "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/ACM.1/remediation",
+ *       "SecurityControlArn": "arn:aws:securityhub:us-west-2:123456789012:security-control/ACM.1",
+ *       "SecurityControlId": "ACM.1",
+ *       "SecurityControlStatus": "ENABLED",
+ *       "SeverityRating": "MEDIUM",
+ *       "Title": "Imported and ACM-issued certificates should be renewed after a specified time period"
+ *     },
+ *     {
+ *       "Description": "This control checks whether all stages of Amazon API Gateway REST and WebSocket APIs have logging enabled. The control fails if logging is not enabled for all methods of a stage or if loggingLevel is neither ERROR nor INFO.",
+ *       "RemediationUrl": "https://docs.aws.amazon.com/console/securityhub/APIGateway.1/remediation",
+ *       "SecurityControlArn": "arn:aws:securityhub:us-west-2:123456789012:security-control/APIGateway.1",
+ *       "SecurityControlId": "APIGateway.1",
+ *       "SecurityControlStatus": "ENABLED",
+ *       "SeverityRating": "MEDIUM",
+ *       "Title": "API Gateway REST and WebSocket API execution logging should be enabled"
+ *     }
+ *   ]
+ * }
+ * *\/
+ * // example id: to-get-security-control-details--1683234478355
+ * ```
+ *
  */
 export declare class BatchGetSecurityControlsCommand extends $Command<BatchGetSecurityControlsCommandInput, BatchGetSecurityControlsCommandOutput, SecurityHubClientResolvedConfig> {
     readonly input: BatchGetSecurityControlsCommandInput;

package/dist-types/commands/BatchGetStandardsControlAssociationsCommand.d.ts

@@ -1,7 +1,7 @@
 import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
-import { BatchGetStandardsControlAssociationsRequest, BatchGetStandardsControlAssociationsResponse } from "../models/models_1";
+import { BatchGetStandardsControlAssociationsRequest, BatchGetStandardsControlAssociationsResponse } from "../models/models_2";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public
@@ -98,6 +98,56 @@ export interface BatchGetStandardsControlAssociationsCommandOutput extends Batch
  * @throws {@link SecurityHubServiceException}
  * <p>Base exception class for all service exceptions from SecurityHub service.</p>
  *
+ * @example To get enablement status of a batch of controls
+ * ```javascript
+ * // The following example retrieves the enablement status of the specified controls in the specified standards.
+ * const input = {
+ *   "StandardsControlAssociationIds": [
+ *     {
+ *       "SecurityControlId": "CloudTrail.1",
+ *       "StandardsArn": "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
+ *     },
+ *     {
+ *       "SecurityControlId": "CloudWatch.12",
+ *       "StandardsArn": "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0"
+ *     }
+ *   ]
+ * };
+ * const command = new BatchGetStandardsControlAssociationsCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "StandardsControlAssociationDetails": [
+ *     {
+ *       "AssociationStatus": "ENABLED",
+ *       "RelatedRequirements": [
+ *         "CIS AWS Foundations 2.1"
+ *       ],
+ *       "SecurityControlArn": "arn:aws:securityhub:us-west-2:110479873537:security-control/CloudTrail.1",
+ *       "SecurityControlId": "CloudTrail.1",
+ *       "StandardsArn": "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
+ *       "StandardsControlDescription": "AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you. The recorded information includes the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.",
+ *       "StandardsControlTitle": "Ensure CloudTrail is enabled in all regions",
+ *       "UpdatedAt": "2022-01-13T18:52:29.539000+00:00"
+ *     },
+ *     {
+ *       "AssociationStatus": "ENABLED",
+ *       "RelatedRequirements": [
+ *         "CIS AWS Foundations 3.12"
+ *       ],
+ *       "SecurityControlArn": "arn:aws:securityhub:us-west-2:110479873537:security-control/CloudWatch.12",
+ *       "SecurityControlId": "CloudWatch.12",
+ *       "StandardsArn": "arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0",
+ *       "StandardsControlDescription": "Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs and establishing corresponding metric filters and alarms. Network gateways are required to send/receive traffic to a destination outside of a VPC. It is recommended that a metric filter and alarm be established for changes to network gateways.",
+ *       "StandardsControlTitle": "Ensure a log metric filter and alarm exist for changes to network gateways",
+ *       "UpdatedAt": "2022-01-13T18:52:29.686000+00:00"
+ *     }
+ *   ]
+ * }
+ * *\/
+ * // example id: to-get-enablement-status-of-a-batch-of-controls-1683301618357
+ * ```
+ *
  */
 export declare class BatchGetStandardsControlAssociationsCommand extends $Command<BatchGetStandardsControlAssociationsCommandInput, BatchGetStandardsControlAssociationsCommandOutput, SecurityHubClientResolvedConfig> {
     readonly input: BatchGetStandardsControlAssociationsCommandInput;

package/dist-types/commands/BatchImportFindingsCommand.d.ts

@@ -1,7 +1,7 @@
 import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
-import { BatchImportFindingsRequest, BatchImportFindingsResponse } from "../models/models_1";
+import { BatchImportFindingsRequest, BatchImportFindingsResponse } from "../models/models_2";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public
@@ -3638,6 +3638,177 @@ export interface BatchImportFindingsCommandOutput extends BatchImportFindingsRes
  *               ],
  *               VpcId: "STRING_VALUE",
  *             },
+ *             AwsAmazonMqBroker: { // AwsAmazonMqBrokerDetails
+ *               AuthenticationStrategy: "STRING_VALUE",
+ *               AutoMinorVersionUpgrade: true || false,
+ *               BrokerArn: "STRING_VALUE",
+ *               BrokerName: "STRING_VALUE",
+ *               DeploymentMode: "STRING_VALUE",
+ *               EncryptionOptions: { // AwsAmazonMqBrokerEncryptionOptionsDetails
+ *                 KmsKeyId: "STRING_VALUE",
+ *                 UseAwsOwnedKey: true || false,
+ *               },
+ *               EngineType: "STRING_VALUE",
+ *               EngineVersion: "STRING_VALUE",
+ *               HostInstanceType: "STRING_VALUE",
+ *               BrokerId: "STRING_VALUE",
+ *               LdapServerMetadata: { // AwsAmazonMqBrokerLdapServerMetadataDetails
+ *                 Hosts: "<StringList>",
+ *                 RoleBase: "STRING_VALUE",
+ *                 RoleName: "STRING_VALUE",
+ *                 RoleSearchMatching: "STRING_VALUE",
+ *                 RoleSearchSubtree: true || false,
+ *                 ServiceAccountUsername: "STRING_VALUE",
+ *                 UserBase: "STRING_VALUE",
+ *                 UserRoleName: "STRING_VALUE",
+ *                 UserSearchMatching: "STRING_VALUE",
+ *                 UserSearchSubtree: true || false,
+ *               },
+ *               Logs: { // AwsAmazonMqBrokerLogsDetails
+ *                 Audit: true || false,
+ *                 General: true || false,
+ *                 AuditLogGroup: "STRING_VALUE",
+ *                 GeneralLogGroup: "STRING_VALUE",
+ *                 Pending: { // AwsAmazonMqBrokerLogsPendingDetails
+ *                   Audit: true || false,
+ *                   General: true || false,
+ *                 },
+ *               },
+ *               MaintenanceWindowStartTime: { // AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails
+ *                 DayOfWeek: "STRING_VALUE",
+ *                 TimeOfDay: "STRING_VALUE",
+ *                 TimeZone: "STRING_VALUE",
+ *               },
+ *               PubliclyAccessible: true || false,
+ *               SecurityGroups: "<StringList>",
+ *               StorageType: "STRING_VALUE",
+ *               SubnetIds: "<StringList>",
+ *               Users: [ // AwsAmazonMqBrokerUsersList
+ *                 { // AwsAmazonMqBrokerUsersDetails
+ *                   PendingChange: "STRING_VALUE",
+ *                   Username: "STRING_VALUE",
+ *                 },
+ *               ],
+ *             },
+ *             AwsAppSyncGraphQlApi: { // AwsAppSyncGraphQlApiDetails
+ *               ApiId: "STRING_VALUE",
+ *               Id: "STRING_VALUE",
+ *               OpenIdConnectConfig: { // AwsAppSyncGraphQlApiOpenIdConnectConfigDetails
+ *                 AuthTtL: Number("long"),
+ *                 ClientId: "STRING_VALUE",
+ *                 IatTtL: Number("long"),
+ *                 Issuer: "STRING_VALUE",
+ *               },
+ *               Name: "STRING_VALUE",
+ *               LambdaAuthorizerConfig: { // AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails
+ *                 AuthorizerResultTtlInSeconds: Number("int"),
+ *                 AuthorizerUri: "STRING_VALUE",
+ *                 IdentityValidationExpression: "STRING_VALUE",
+ *               },
+ *               XrayEnabled: true || false,
+ *               Arn: "STRING_VALUE",
+ *               UserPoolConfig: { // AwsAppSyncGraphQlApiUserPoolConfigDetails
+ *                 AppIdClientRegex: "STRING_VALUE",
+ *                 AwsRegion: "STRING_VALUE",
+ *                 DefaultAction: "STRING_VALUE",
+ *                 UserPoolId: "STRING_VALUE",
+ *               },
+ *               AuthenticationType: "STRING_VALUE",
+ *               LogConfig: { // AwsAppSyncGraphQlApiLogConfigDetails
+ *                 CloudWatchLogsRoleArn: "STRING_VALUE",
+ *                 ExcludeVerboseContent: true || false,
+ *                 FieldLogLevel: "STRING_VALUE",
+ *               },
+ *               AdditionalAuthenticationProviders: [ // AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersList
+ *                 { // AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails
+ *                   AuthenticationType: "STRING_VALUE",
+ *                   LambdaAuthorizerConfig: {
+ *                     AuthorizerResultTtlInSeconds: Number("int"),
+ *                     AuthorizerUri: "STRING_VALUE",
+ *                     IdentityValidationExpression: "STRING_VALUE",
+ *                   },
+ *                   OpenIdConnectConfig: {
+ *                     AuthTtL: Number("long"),
+ *                     ClientId: "STRING_VALUE",
+ *                     IatTtL: Number("long"),
+ *                     Issuer: "STRING_VALUE",
+ *                   },
+ *                   UserPoolConfig: {
+ *                     AppIdClientRegex: "STRING_VALUE",
+ *                     AwsRegion: "STRING_VALUE",
+ *                     DefaultAction: "STRING_VALUE",
+ *                     UserPoolId: "STRING_VALUE",
+ *                   },
+ *                 },
+ *               ],
+ *               WafWebAclArn: "STRING_VALUE",
+ *             },
+ *             AwsEventSchemasRegistry: { // AwsEventSchemasRegistryDetails
+ *               Description: "STRING_VALUE",
+ *               RegistryArn: "STRING_VALUE",
+ *               RegistryName: "STRING_VALUE",
+ *             },
+ *             AwsGuardDutyDetector: { // AwsGuardDutyDetectorDetails
+ *               DataSources: { // AwsGuardDutyDetectorDataSourcesDetails
+ *                 CloudTrail: { // AwsGuardDutyDetectorDataSourcesCloudTrailDetails
+ *                   Status: "STRING_VALUE",
+ *                 },
+ *                 DnsLogs: { // AwsGuardDutyDetectorDataSourcesDnsLogsDetails
+ *                   Status: "STRING_VALUE",
+ *                 },
+ *                 FlowLogs: { // AwsGuardDutyDetectorDataSourcesFlowLogsDetails
+ *                   Status: "STRING_VALUE",
+ *                 },
+ *                 Kubernetes: { // AwsGuardDutyDetectorDataSourcesKubernetesDetails
+ *                   AuditLogs: { // AwsGuardDutyDetectorDataSourcesKubernetesAuditLogsDetails
+ *                     Status: "STRING_VALUE",
+ *                   },
+ *                 },
+ *                 MalwareProtection: { // AwsGuardDutyDetectorDataSourcesMalwareProtectionDetails
+ *                   ScanEc2InstanceWithFindings: { // AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsDetails
+ *                     EbsVolumes: { // AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesDetails
+ *                       Reason: "STRING_VALUE",
+ *                       Status: "STRING_VALUE",
+ *                     },
+ *                   },
+ *                   ServiceRole: "STRING_VALUE",
+ *                 },
+ *                 S3Logs: { // AwsGuardDutyDetectorDataSourcesS3LogsDetails
+ *                   Status: "STRING_VALUE",
+ *                 },
+ *               },
+ *               Features: [ // AwsGuardDutyDetectorFeaturesList
+ *                 { // AwsGuardDutyDetectorFeaturesDetails
+ *                   Name: "STRING_VALUE",
+ *                   Status: "STRING_VALUE",
+ *                 },
+ *               ],
+ *               FindingPublishingFrequency: "STRING_VALUE",
+ *               ServiceRole: "STRING_VALUE",
+ *               Status: "STRING_VALUE",
+ *             },
+ *             AwsStepFunctionStateMachine: { // AwsStepFunctionStateMachineDetails
+ *               Label: "STRING_VALUE",
+ *               LoggingConfiguration: { // AwsStepFunctionStateMachineLoggingConfigurationDetails
+ *                 Destinations: [ // AwsStepFunctionStateMachineLoggingConfigurationDestinationsList
+ *                   { // AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails
+ *                     CloudWatchLogsLogGroup: { // AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails
+ *                       LogGroupArn: "STRING_VALUE",
+ *                     },
+ *                   },
+ *                 ],
+ *                 IncludeExecutionData: true || false,
+ *                 Level: "STRING_VALUE",
+ *               },
+ *               Name: "STRING_VALUE",
+ *               RoleArn: "STRING_VALUE",
+ *               StateMachineArn: "STRING_VALUE",
+ *               Status: "STRING_VALUE",
+ *               TracingConfiguration: { // AwsStepFunctionStateMachineTracingConfigurationDetails
+ *                 Enabled: true || false,
+ *               },
+ *               Type: "STRING_VALUE",
+ *             },
  *           },
  *         },
  *       ],

package/dist-types/commands/BatchUpdateFindingsCommand.d.ts

@@ -1,7 +1,7 @@
 import { EndpointParameterInstructions } from "@aws-sdk/middleware-endpoint";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 import { Handler, HttpHandlerOptions as __HttpHandlerOptions, MetadataBearer as __MetadataBearer, MiddlewareStack } from "@aws-sdk/types";
-import { BatchUpdateFindingsRequest, BatchUpdateFindingsResponse } from "../models/models_1";
+import { BatchUpdateFindingsRequest, BatchUpdateFindingsResponse } from "../models/models_2";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public