npm - @aws-sdk/client-securityhub - Versions diffs - 3.370.0 → 3.377.0 - Mend

@aws-sdk/client-securityhub 3.370.0 → 3.377.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (20) hide show

package/dist-cjs/models/models_0.js +4 -0
package/dist-cjs/protocols/Aws_restJson1.js +2 -0
package/dist-es/models/models_0.js +4 -0
package/dist-es/protocols/Aws_restJson1.js +2 -0
package/dist-types/commands/BatchGetAutomationRulesCommand.d.ts +8 -8
package/dist-types/commands/BatchImportFindingsCommand.d.ts +19 -0
package/dist-types/commands/BatchUpdateAutomationRulesCommand.d.ts +8 -8
package/dist-types/commands/CreateAutomationRuleCommand.d.ts +8 -8
package/dist-types/commands/CreateInsightCommand.d.ts +9 -9
package/dist-types/commands/GetFindingsCommand.d.ts +28 -9
package/dist-types/commands/GetInsightsCommand.d.ts +9 -9
package/dist-types/commands/UpdateFindingsCommand.d.ts +9 -9
package/dist-types/commands/UpdateInsightCommand.d.ts +9 -9
package/dist-types/models/models_0.d.ts +199 -183
package/dist-types/models/models_1.d.ts +147 -779
package/dist-types/models/models_2.d.ts +785 -10
package/dist-types/ts3.4/models/models_0.d.ts +20 -19
package/dist-types/ts3.4/models/models_1.d.ts +28 -159
package/dist-types/ts3.4/models/models_2.d.ts +172 -2
package/package.json +2 -2

package/dist-types/models/models_1.d.ts CHANGED Viewed

@@ -1,4 +1,113 @@
-import { Action, Adjustment, AssociatedStandard, AvailabilityZone, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDynamoDbTableDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, AwsEcsTaskDefinitionDetails, AwsEcsTaskDetails, AwsEfsAccessPointDetails, AwsEksClusterLoggingDetails, DateFilter, MapFilter, NumberFilter, RelatedFinding, SeverityLabel, StringFilter, VerificationState, WorkflowStatus } from "./models_0";
+import { Adjustment, AssociatedStandard, AvailabilityZone, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAthenaWorkGroupDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDynamoDbTableDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, AwsEcsTaskDefinitionDetails, AwsEcsTaskDetails, AwsEfsAccessPointPosixUserDetails, AwsEfsAccessPointRootDirectoryCreationInfoDetails, RelatedFinding, SeverityLabel, WorkflowStatus } from "./models_0";
+/**
+ * @public
+ * <p>Provides information about the directory on the Amazon EFS file system that the access point exposes
+ * as the root directory to NFS clients using the access point.
+ *       </p>
+ */
+export interface AwsEfsAccessPointRootDirectoryDetails {
+    /**
+     * <p>Specifies the POSIX IDs and permissions to apply to the access point's root directory.
+     *       </p>
+     */
+    CreationInfo?: AwsEfsAccessPointRootDirectoryCreationInfoDetails;
+    /**
+     * <p>Specifies the path on the Amazon EFS file system to expose as the root directory to NFS clients
+     * using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified
+     * path does not exist, you are required to provide <code>CreationInfo</code>.
+     *       </p>
+     */
+    Path?: string;
+}
+/**
+ * @public
+ * <p>Provides information about an Amazon EFS access point.
+ *       </p>
+ */
+export interface AwsEfsAccessPointDetails {
+    /**
+     * <p>The ID of the Amazon EFS access point.
+     *       </p>
+     */
+    AccessPointId?: string;
+    /**
+     * <p>The Amazon Resource Name (ARN) of the Amazon EFS access point. </p>
+     */
+    Arn?: string;
+    /**
+     * <p>The opaque string specified in the request to ensure idempotent creation.
+     *       </p>
+     */
+    ClientToken?: string;
+    /**
+     * <p>The ID of the Amazon EFS file system that the access point applies to.
+     *       </p>
+     */
+    FileSystemId?: string;
+    /**
+     * <p>The full POSIX identity, including the user ID, group ID, and secondary group IDs on the access point,
+     * that is used for all file operations by NFS clients using the access point.
+     *       </p>
+     */
+    PosixUser?: AwsEfsAccessPointPosixUserDetails;
+    /**
+     * <p>The directory on the Amazon EFS file system that the access point exposes as the root
+     * directory to NFS clients using the access point.
+     *       </p>
+     */
+    RootDirectory?: AwsEfsAccessPointRootDirectoryDetails;
+}
+/**
+ * @public
+ * <p>Details for a cluster logging configuration.</p>
+ */
+export interface AwsEksClusterLoggingClusterLoggingDetails {
+    /**
+     * <p>Whether the logging types that are listed in <code>Types</code> are enabled.</p>
+     */
+    Enabled?: boolean;
+    /**
+     * <p>A list of logging types. Valid values are as follows:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>api</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>audit</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>authenticator</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>controllerManager</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>scheduler</code>
+     *                </p>
+     *             </li>
+     *          </ul>
+     */
+    Types?: string[];
+}
+/**
+ * @public
+ * <p>The logging configuration for an Amazon EKS cluster.</p>
+ */
+export interface AwsEksClusterLoggingDetails {
+    /**
+     * <p>Cluster logging configurations.</p>
+     */
+    ClusterLogging?: AwsEksClusterLoggingClusterLoggingDetails[];
+}
 /**
  * @public
  * <p>Information about the VPC configuration used by the cluster control plane.</p>
@@ -3259,6 +3368,30 @@ export interface AwsRdsDbClusterDetails {
      */
     IamDatabaseAuthenticationEnabled?: boolean;
 }
+/**
+ * @public
+ * <p>
+ *             Contains the name and values of a manual Amazon Relational Database Service (RDS) DB cluster snapshot attribute.
+ *         </p>
+ */
+export interface AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute {
+    /**
+     * <p>
+     *             The name of the manual DB cluster snapshot attribute. The attribute named <code>restore</code> refers to the list of
+     *             Amazon Web Services accounts that have permission to copy or restore the manual DB cluster snapshot.
+     *         </p>
+     */
+    AttributeName?: string;
+    /**
+     * <p>
+     *             The value(s) for the manual DB cluster snapshot attribute. If the <code>AttributeName</code> field is set to
+     *             <code>restore</code>, then this element returns a list of IDs of the Amazon Web Services accounts that are authorized
+     *             to copy or restore the manual DB cluster snapshot. If a value of <code>all</code> is in the list, then the manual
+     *             DB cluster snapshot is public and available for any Amazon Web Services account to copy or restore.
+     *         </p>
+     */
+    AttributeValues?: string[];
+}
 /**
  * @public
  * <p>Information about an Amazon RDS DB cluster snapshot.</p>
@@ -3343,6 +3476,12 @@ export interface AwsRdsDbClusterSnapshotDetails {
      * <p>Whether mapping of IAM accounts to database accounts is enabled.</p>
      */
     IamDatabaseAuthenticationEnabled?: boolean;
+    /**
+     * <p>
+     *             Contains the name and values of a manual DB cluster snapshot attribute.
+     *         </p>
+     */
+    DbClusterSnapshotAttributes?: AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute[];
 }
 /**
  * @public
@@ -8338,6 +8477,13 @@ export interface ResourceDetails {
      *         </p>
      */
     AwsStepFunctionStateMachine?: AwsStepFunctionStateMachineDetails;
+    /**
+     * <p>
+     *             Provides information about an Amazon Athena workgroup. A workgroup helps you separate users, teams,
+     *             applications, or workloads. It also helps you set limits on data processing and track costs.
+     *         </p>
+     */
+    AwsAthenaWorkGroup?: AwsAthenaWorkGroupDetails;
 }
 /**
  * @public
@@ -8865,781 +9011,3 @@ export declare const WorkflowState: {
  * @public
  */
 export type WorkflowState = (typeof WorkflowState)[keyof typeof WorkflowState];
-/**
- * @public
- * <p>Provides a consistent format for Security Hub findings.
- *          <code>AwsSecurityFinding</code> format allows you to share findings between Amazon Web Services
- *          security services and third-party solutions.</p>
- *          <note>
- *             <p>A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party
- *             solutions and standards checks.</p>
- *          </note>
- */
-export interface AwsSecurityFinding {
-    /**
-     * <p>The schema version that a finding is formatted for.</p>
-     */
-    SchemaVersion: string | undefined;
-    /**
-     * <p>The security findings provider-specific identifier for a finding.</p>
-     */
-    Id: string | undefined;
-    /**
-     * <p>The ARN generated by Security Hub that uniquely identifies a product that generates findings.
-     *          This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for
-     *          a custom integration.</p>
-     */
-    ProductArn: string | undefined;
-    /**
-     * <p>The name of the product that generated the finding.</p>
-     *          <p>Security Hub populates this attribute automatically for each finding. You cannot update this attribute with <code>BatchImportFindings</code> or <code>BatchUpdateFindings</code>. The exception to this is a custom integration.</p>
-     *          <p>When you use the Security Hub console or API to filter findings by product name, you use this attribute.</p>
-     */
-    ProductName?: string;
-    /**
-     * <p>The name of the company for the product that generated the finding.</p>
-     *          <p>Security Hub populates this attribute automatically for each finding. You cannot update this attribute with <code>BatchImportFindings</code> or <code>BatchUpdateFindings</code>. The exception to this is a custom integration.</p>
-     *          <p>When you use the Security Hub console or API to filter findings by company name, you use this attribute.</p>
-     */
-    CompanyName?: string;
-    /**
-     * <p>The Region from which the finding was generated.</p>
-     *          <p>Security Hub populates this attribute automatically for each finding. You cannot update it using <code>BatchImportFindings</code> or <code>BatchUpdateFindings</code>.</p>
-     */
-    Region?: string;
-    /**
-     * <p>The identifier for the solution-specific component (a discrete unit of logic) that
-     *          generated a finding. In various security findings providers' solutions, this generator can
-     *          be called a rule, a check, a detector, a plugin, etc. </p>
-     */
-    GeneratorId: string | undefined;
-    /**
-     * <p>The Amazon Web Services account ID that a finding is generated in.</p>
-     */
-    AwsAccountId: string | undefined;
-    /**
-     * <p>One or more finding types in the format of <code>namespace/category/classifier</code>
-     *          that classify a finding.</p>
-     *          <p>Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual
-     *          Behaviors | Sensitive Data Identifications</p>
-     */
-    Types?: string[];
-    /**
-     * <p>Indicates when the security findings provider first observed the potential security
-     *          issue that a finding captured.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    FirstObservedAt?: string;
-    /**
-     * <p>Indicates when the security findings provider most recently observed the potential
-     *          security issue that a finding captured.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    LastObservedAt?: string;
-    /**
-     * <p>Indicates when the security findings provider created the potential security issue that
-     *          a finding captured.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    CreatedAt: string | undefined;
-    /**
-     * <p>Indicates when the security findings provider last updated the finding record.</p>
-     *          <p>Uses the <code>date-time</code> format specified in <a href="https://tools.ietf.org/html/rfc3339#section-5.6">RFC 3339 section 5.6, Internet
-     *             Date/Time Format</a>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For example,
-     *             <code>2020-03-22T13:22:13.933Z</code>.</p>
-     */
-    UpdatedAt: string | undefined;
-    /**
-     * <p>A finding's severity.</p>
-     */
-    Severity?: Severity;
-    /**
-     * <p>A finding's confidence. Confidence is defined as the likelihood that a finding
-     *          accurately identifies the behavior or issue that it was intended to identify.</p>
-     *          <p>Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
-     *          confidence and 100 means 100 percent confidence.</p>
-     */
-    Confidence?: number;
-    /**
-     * <p>The level of importance assigned to the resources associated with the finding.</p>
-     *          <p>A score of 0 means that the underlying resources have no criticality, and a score of 100
-     *          is reserved for the most critical resources.</p>
-     */
-    Criticality?: number;
-    /**
-     * <p>A finding's title.</p>
-     *          <note>
-     *             <p>In this release, <code>Title</code> is a required property.</p>
-     *          </note>
-     */
-    Title: string | undefined;
-    /**
-     * <p>A finding's description.</p>
-     *          <note>
-     *             <p>In this release, <code>Description</code> is a required property.</p>
-     *          </note>
-     */
-    Description: string | undefined;
-    /**
-     * <p>A data type that describes the remediation options for a finding.</p>
-     */
-    Remediation?: Remediation;
-    /**
-     * <p>A URL that links to a page about the current finding in the security findings provider's
-     *          solution.</p>
-     */
-    SourceUrl?: string;
-    /**
-     * <p>A data type where security findings providers can include additional solution-specific
-     *          details that aren't part of the defined <code>AwsSecurityFinding</code> format.</p>
-     *          <p>Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.</p>
-     */
-    ProductFields?: Record<string, string>;
-    /**
-     * <p>A list of name/value string pairs associated with the finding. These are custom,
-     *          user-defined fields added to a finding. </p>
-     */
-    UserDefinedFields?: Record<string, string>;
-    /**
-     * <p>A list of malware related to a finding.</p>
-     */
-    Malware?: Malware[];
-    /**
-     * <p>The details of network-related information about a finding.</p>
-     */
-    Network?: Network;
-    /**
-     * <p>Provides information about a network path that is relevant to a finding. Each entry
-     *          under <code>NetworkPath</code> represents a component of that path.</p>
-     */
-    NetworkPath?: NetworkPathComponent[];
-    /**
-     * <p>The details of process-related information about a finding.</p>
-     */
-    Process?: ProcessDetails;
-    /**
-     * <p>Details about the threat detected in a security finding and the file paths that were affected by the threat.
-     *       </p>
-     */
-    Threats?: Threat[];
-    /**
-     * <p>Threat intelligence details related to a finding.</p>
-     */
-    ThreatIntelIndicators?: ThreatIntelIndicator[];
-    /**
-     * <p>A set of resource data types that describe the resources that the finding refers
-     *          to.</p>
-     */
-    Resources: Resource[] | undefined;
-    /**
-     * <p>This data type is exclusive to findings that are generated as the result of a check run
-     *          against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations.
-     *          Contains security standard-related finding details.</p>
-     */
-    Compliance?: Compliance;
-    /**
-     * <p>Indicates the veracity of a finding. </p>
-     */
-    VerificationState?: VerificationState | string;
-    /**
-     * @deprecated
-     *
-     * <p>The workflow state of a finding. </p>
-     */
-    WorkflowState?: WorkflowState | string;
-    /**
-     * <p>Provides information about the status of the investigation into a finding.</p>
-     */
-    Workflow?: Workflow;
-    /**
-     * <p>The record state of a finding.</p>
-     */
-    RecordState?: RecordState | string;
-    /**
-     * <p>A list of related findings.</p>
-     */
-    RelatedFindings?: RelatedFinding[];
-    /**
-     * <p>A user-defined note added to a finding.</p>
-     */
-    Note?: Note;
-    /**
-     * <p>Provides a list of vulnerabilities associated with the findings.</p>
-     */
-    Vulnerabilities?: Vulnerability[];
-    /**
-     * <p>Provides an overview of the patch compliance status for an instance against a selected
-     *          compliance standard.</p>
-     */
-    PatchSummary?: PatchSummary;
-    /**
-     * <p>Provides details about an action that affects or that was taken on a resource.</p>
-     */
-    Action?: Action;
-    /**
-     * <p>In a <code>BatchImportFindings</code> request, finding providers use <code>FindingProviderFields</code> to provide and update their own values for confidence, criticality, related findings, severity, and types.</p>
-     */
-    FindingProviderFields?: FindingProviderFields;
-    /**
-     * <p>Indicates whether the finding is a sample finding.</p>
-     */
-    Sample?: boolean;
-}
-/**
- * @public
- * <p>A keyword filter for querying findings.</p>
- */
-export interface KeywordFilter {
-    /**
-     * <p>A value for the keyword.</p>
-     */
-    Value?: string;
-}
-/**
- * @public
- * <p>The IP filter for querying findings.</p>
- */
-export interface IpFilter {
-    /**
-     * <p>A finding's CIDR value.</p>
-     */
-    Cidr?: string;
-}
-/**
- * @public
- * <p>Boolean filter for querying findings.</p>
- */
-export interface BooleanFilter {
-    /**
-     * <p>The value of the boolean.</p>
-     */
-    Value?: boolean;
-}
-/**
- * @public
- * <p>A collection of attributes that are applied to all active Security Hub-aggregated findings and
- *          that result in a subset of findings that are included in this insight.</p>
- *          <p>You can filter by up to 10 finding attributes. For each attribute, you can provide up to
- *          20 filter values.</p>
- */
-export interface AwsSecurityFindingFilters {
-    /**
-     * <p>The ARN generated by Security Hub that uniquely identifies a third-party company
-     *          (security findings provider) after this provider's product (solution that generates
-     *          findings) is registered with Security Hub.</p>
-     */
-    ProductArn?: StringFilter[];
-    /**
-     * <p>The Amazon Web Services account ID that a finding is generated in.</p>
-     */
-    AwsAccountId?: StringFilter[];
-    /**
-     * <p>The security findings provider-specific identifier for a finding.</p>
-     */
-    Id?: StringFilter[];
-    /**
-     * <p>The identifier for the solution-specific component (a discrete unit of logic) that
-     *          generated a finding. In various security findings providers' solutions, this generator can
-     *          be called a rule, a check, a detector, a plugin, etc.</p>
-     */
-    GeneratorId?: StringFilter[];
-    /**
-     * <p>The Region from which the finding was generated.</p>
-     */
-    Region?: StringFilter[];
-    /**
-     * <p>A finding type in the format of <code>namespace/category/classifier</code> that
-     *          classifies a finding.</p>
-     */
-    Type?: StringFilter[];
-    /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider first
-     *          observed the potential security issue that a finding captured.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    FirstObservedAt?: DateFilter[];
-    /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider most
-     *          recently observed the potential security issue that a finding captured.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    LastObservedAt?: DateFilter[];
-    /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider
-     *          captured the potential security issue that a finding captured.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    CreatedAt?: DateFilter[];
-    /**
-     * <p>An ISO8601-formatted timestamp that indicates when the security findings provider last
-     *          updated the finding record. </p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    UpdatedAt?: DateFilter[];
-    /**
-     * @deprecated
-     *
-     * <p>The native severity as defined by the security findings provider's solution that
-     *          generated the finding.</p>
-     */
-    SeverityProduct?: NumberFilter[];
-    /**
-     * @deprecated
-     *
-     * <p>The normalized severity of a finding.</p>
-     */
-    SeverityNormalized?: NumberFilter[];
-    /**
-     * <p>The label of a finding's severity.</p>
-     */
-    SeverityLabel?: StringFilter[];
-    /**
-     * <p>A finding's confidence. Confidence is defined as the likelihood that a finding
-     *          accurately identifies the behavior or issue that it was intended to identify.</p>
-     *          <p>Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
-     *          confidence and 100 means 100 percent confidence.</p>
-     */
-    Confidence?: NumberFilter[];
-    /**
-     * <p>The level of importance assigned to the resources associated with the finding.</p>
-     *          <p>A score of 0 means that the underlying resources have no criticality, and a score of 100
-     *          is reserved for the most critical resources.</p>
-     */
-    Criticality?: NumberFilter[];
-    /**
-     * <p>A finding's title.</p>
-     */
-    Title?: StringFilter[];
-    /**
-     * <p>A finding's description.</p>
-     */
-    Description?: StringFilter[];
-    /**
-     * <p>The recommendation of what to do about the issue described in a finding.</p>
-     */
-    RecommendationText?: StringFilter[];
-    /**
-     * <p>A URL that links to a page about the current finding in the security findings provider's
-     *          solution.</p>
-     */
-    SourceUrl?: StringFilter[];
-    /**
-     * <p>A data type where security findings providers can include additional solution-specific
-     *          details that aren't part of the defined <code>AwsSecurityFinding</code> format.</p>
-     */
-    ProductFields?: MapFilter[];
-    /**
-     * <p>The name of the solution (product) that generates findings.</p>
-     */
-    ProductName?: StringFilter[];
-    /**
-     * <p>The name of the findings provider (company) that owns the solution (product) that
-     *          generates findings.</p>
-     */
-    CompanyName?: StringFilter[];
-    /**
-     * <p>A list of name/value string pairs associated with the finding. These are custom,
-     *          user-defined fields added to a finding. </p>
-     */
-    UserDefinedFields?: MapFilter[];
-    /**
-     * <p>The name of the malware that was observed.</p>
-     */
-    MalwareName?: StringFilter[];
-    /**
-     * <p>The type of the malware that was observed.</p>
-     */
-    MalwareType?: StringFilter[];
-    /**
-     * <p>The filesystem path of the malware that was observed.</p>
-     */
-    MalwarePath?: StringFilter[];
-    /**
-     * <p>The state of the malware that was observed.</p>
-     */
-    MalwareState?: StringFilter[];
-    /**
-     * <p>Indicates the direction of network traffic associated with a finding.</p>
-     */
-    NetworkDirection?: StringFilter[];
-    /**
-     * <p>The protocol of network-related information about a finding.</p>
-     */
-    NetworkProtocol?: StringFilter[];
-    /**
-     * <p>The source IPv4 address of network-related information about a finding.</p>
-     */
-    NetworkSourceIpV4?: IpFilter[];
-    /**
-     * <p>The source IPv6 address of network-related information about a finding.</p>
-     */
-    NetworkSourceIpV6?: IpFilter[];
-    /**
-     * <p>The source port of network-related information about a finding.</p>
-     */
-    NetworkSourcePort?: NumberFilter[];
-    /**
-     * <p>The source domain of network-related information about a finding.</p>
-     */
-    NetworkSourceDomain?: StringFilter[];
-    /**
-     * <p>The source media access control (MAC) address of network-related information about a
-     *          finding.</p>
-     */
-    NetworkSourceMac?: StringFilter[];
-    /**
-     * <p>The destination IPv4 address of network-related information about a finding.</p>
-     */
-    NetworkDestinationIpV4?: IpFilter[];
-    /**
-     * <p>The destination IPv6 address of network-related information about a finding.</p>
-     */
-    NetworkDestinationIpV6?: IpFilter[];
-    /**
-     * <p>The destination port of network-related information about a finding.</p>
-     */
-    NetworkDestinationPort?: NumberFilter[];
-    /**
-     * <p>The destination domain of network-related information about a finding.</p>
-     */
-    NetworkDestinationDomain?: StringFilter[];
-    /**
-     * <p>The name of the process.</p>
-     */
-    ProcessName?: StringFilter[];
-    /**
-     * <p>The path to the process executable.</p>
-     */
-    ProcessPath?: StringFilter[];
-    /**
-     * <p>The process ID.</p>
-     */
-    ProcessPid?: NumberFilter[];
-    /**
-     * <p>The parent process ID. This field accepts positive integers between <code>O</code> and <code>2147483647</code>.</p>
-     */
-    ProcessParentPid?: NumberFilter[];
-    /**
-     * <p>A timestamp that identifies when the process was launched.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    ProcessLaunchedAt?: DateFilter[];
-    /**
-     * <p>A timestamp that identifies when the process was terminated.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    ProcessTerminatedAt?: DateFilter[];
-    /**
-     * <p>The type of a threat intelligence indicator.</p>
-     */
-    ThreatIntelIndicatorType?: StringFilter[];
-    /**
-     * <p>The value of a threat intelligence indicator.</p>
-     */
-    ThreatIntelIndicatorValue?: StringFilter[];
-    /**
-     * <p>The category of a threat intelligence indicator.</p>
-     */
-    ThreatIntelIndicatorCategory?: StringFilter[];
-    /**
-     * <p>A timestamp that identifies the last observation of a threat intelligence indicator.</p>
-     */
-    ThreatIntelIndicatorLastObservedAt?: DateFilter[];
-    /**
-     * <p>The source of the threat intelligence.</p>
-     */
-    ThreatIntelIndicatorSource?: StringFilter[];
-    /**
-     * <p>The URL for more details from the source of the threat intelligence.</p>
-     */
-    ThreatIntelIndicatorSourceUrl?: StringFilter[];
-    /**
-     * <p>Specifies the type of the resource that details are provided for.</p>
-     */
-    ResourceType?: StringFilter[];
-    /**
-     * <p>The canonical identifier for the given resource type.</p>
-     */
-    ResourceId?: StringFilter[];
-    /**
-     * <p>The canonical Amazon Web Services partition name that the Region is assigned to.</p>
-     */
-    ResourcePartition?: StringFilter[];
-    /**
-     * <p>The canonical Amazon Web Services external Region name where this resource is located.</p>
-     */
-    ResourceRegion?: StringFilter[];
-    /**
-     * <p>A list of Amazon Web Services tags associated with a resource at the time the finding was
-     *          processed.</p>
-     */
-    ResourceTags?: MapFilter[];
-    /**
-     * <p>The instance type of the instance.</p>
-     */
-    ResourceAwsEc2InstanceType?: StringFilter[];
-    /**
-     * <p>The Amazon Machine Image (AMI) ID of the instance.</p>
-     */
-    ResourceAwsEc2InstanceImageId?: StringFilter[];
-    /**
-     * <p>The IPv4 addresses associated with the instance.</p>
-     */
-    ResourceAwsEc2InstanceIpV4Addresses?: IpFilter[];
-    /**
-     * <p>The IPv6 addresses associated with the instance.</p>
-     */
-    ResourceAwsEc2InstanceIpV6Addresses?: IpFilter[];
-    /**
-     * <p>The key name associated with the instance.</p>
-     */
-    ResourceAwsEc2InstanceKeyName?: StringFilter[];
-    /**
-     * <p>The IAM profile ARN of the instance.</p>
-     */
-    ResourceAwsEc2InstanceIamInstanceProfileArn?: StringFilter[];
-    /**
-     * <p>The identifier of the VPC that the instance was launched in.</p>
-     */
-    ResourceAwsEc2InstanceVpcId?: StringFilter[];
-    /**
-     * <p>The identifier of the subnet that the instance was launched in.</p>
-     */
-    ResourceAwsEc2InstanceSubnetId?: StringFilter[];
-    /**
-     * <p>The date and time the instance was launched.</p>
-     */
-    ResourceAwsEc2InstanceLaunchedAt?: DateFilter[];
-    /**
-     * <p>The canonical user ID of the owner of the S3 bucket.</p>
-     */
-    ResourceAwsS3BucketOwnerId?: StringFilter[];
-    /**
-     * <p>The display name of the owner of the S3 bucket.</p>
-     */
-    ResourceAwsS3BucketOwnerName?: StringFilter[];
-    /**
-     * @deprecated
-     *
-     * <p>The user associated with the IAM access key related to a finding.</p>
-     */
-    ResourceAwsIamAccessKeyUserName?: StringFilter[];
-    /**
-     * <p>The name of the principal that is associated with an IAM access key.</p>
-     */
-    ResourceAwsIamAccessKeyPrincipalName?: StringFilter[];
-    /**
-     * <p>The status of the IAM access key related to a finding.</p>
-     */
-    ResourceAwsIamAccessKeyStatus?: StringFilter[];
-    /**
-     * <p>The creation date/time of the IAM access key related to a finding.</p>
-     */
-    ResourceAwsIamAccessKeyCreatedAt?: DateFilter[];
-    /**
-     * <p>The name of an IAM user.</p>
-     */
-    ResourceAwsIamUserUserName?: StringFilter[];
-    /**
-     * <p>The name of the container related to a finding.</p>
-     */
-    ResourceContainerName?: StringFilter[];
-    /**
-     * <p>The identifier of the image related to a finding.</p>
-     */
-    ResourceContainerImageId?: StringFilter[];
-    /**
-     * <p>The name of the image related to a finding.</p>
-     */
-    ResourceContainerImageName?: StringFilter[];
-    /**
-     * <p>A timestamp that identifies when the container was started.</p>
-     *          <p>A correctly formatted example is <code>2020-05-21T20:16:34.724Z</code>. The value cannot contain spaces, and date and time should be separated by <code>T</code>. For more information, see <a href="https://www.rfc-editor.org/rfc/rfc3339#section-5.6">RFC 3339 section 5.6, Internet Date/Time Format</a>.</p>
-     */
-    ResourceContainerLaunchedAt?: DateFilter[];
-    /**
-     * <p>The details of a resource that doesn't have a specific subfield for the resource type
-     *          defined.</p>
-     */
-    ResourceDetailsOther?: MapFilter[];
-    /**
-     * <p>Exclusive to findings that are generated as the result of a check run against a specific
-     *          rule in a supported standard, such as CIS Amazon Web Services Foundations. Contains security
-     *          standard-related finding details.</p>
-     */
-    ComplianceStatus?: StringFilter[];
-    /**
-     * <p>The veracity of a finding.</p>
-     */
-    VerificationState?: StringFilter[];
-    /**
-     * <p>The workflow state of a finding.</p>
-     *          <p>Note that this field is deprecated. To search for a finding based on its workflow
-     *          status, use <code>WorkflowStatus</code>.</p>
-     */
-    WorkflowState?: StringFilter[];
-    /**
-     * <p>The status of the investigation into a finding. Allowed values are the following.</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>NEW</code> - The initial state of a finding, before it is reviewed.</p>
-     *                <p>Security Hub also resets the workflow status from <code>NOTIFIED</code> or
-     *                   <code>RESOLVED</code> to <code>NEW</code> in the following cases:</p>
-     *                <ul>
-     *                   <li>
-     *                      <p>
-     *                         <code>RecordState</code> changes from <code>ARCHIVED</code> to <code>ACTIVE</code>.</p>
-     *                   </li>
-     *                   <li>
-     *                      <p>
-     *                         <code>Compliance.Status</code> changes from <code>PASSED</code> to either <code>WARNING</code>,
-     *                         <code>FAILED</code>, or <code>NOT_AVAILABLE</code>.</p>
-     *                   </li>
-     *                </ul>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>NOTIFIED</code> - Indicates that the resource owner has been notified about
-     *                the security issue. Used when the initial reviewer is not the resource owner, and
-     *                needs intervention from the resource owner.</p>
-     *                <p>If one of the following occurs, the workflow status is changed automatically from
-     *                <code>NOTIFIED</code> to <code>NEW</code>:</p>
-     *                <ul>
-     *                   <li>
-     *                      <p>
-     *                         <code>RecordState</code> changes from <code>ARCHIVED</code> to
-     *                      <code>ACTIVE</code>.</p>
-     *                   </li>
-     *                   <li>
-     *                      <p>
-     *                         <code>Compliance.Status</code> changes from <code>PASSED</code> to <code>FAILED</code>,
-     *                      <code>WARNING</code>, or <code>NOT_AVAILABLE</code>.</p>
-     *                   </li>
-     *                </ul>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>SUPPRESSED</code> - Indicates that you reviewed the finding and do not believe that any action is
-     *                needed.</p>
-     *                <p>The workflow status of a <code>SUPPRESSED</code> finding does not change if
-     *                <code>RecordState</code> changes from <code>ARCHIVED</code> to
-     *                <code>ACTIVE</code>.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>RESOLVED</code> - The finding was reviewed and remediated and is now
-     *                considered resolved. </p>
-     *                <p>The finding remains <code>RESOLVED</code> unless one of the following occurs:</p>
-     *                <ul>
-     *                   <li>
-     *                      <p>
-     *                         <code>RecordState</code> changes from <code>ARCHIVED</code> to
-     *                      <code>ACTIVE</code>.</p>
-     *                   </li>
-     *                   <li>
-     *                      <p>
-     *                         <code>Compliance.Status</code> changes from <code>PASSED</code> to <code>FAILED</code>,
-     *                      <code>WARNING</code>, or <code>NOT_AVAILABLE</code>.</p>
-     *                   </li>
-     *                </ul>
-     *                <p>In those cases, the workflow status is automatically reset to <code>NEW</code>.</p>
-     *                <p>For findings from controls, if <code>Compliance.Status</code> is <code>PASSED</code>,
-     *                then Security Hub automatically sets the workflow status to <code>RESOLVED</code>.</p>
-     *             </li>
-     *          </ul>
-     */
-    WorkflowStatus?: StringFilter[];
-    /**
-     * <p>The updated record state for the finding.</p>
-     */
-    RecordState?: StringFilter[];
-    /**
-     * <p>The ARN of the solution that generated a related finding.</p>
-     */
-    RelatedFindingsProductArn?: StringFilter[];
-    /**
-     * <p>The solution-generated identifier for a related finding.</p>
-     */
-    RelatedFindingsId?: StringFilter[];
-    /**
-     * <p>The text of a note.</p>
-     */
-    NoteText?: StringFilter[];
-    /**
-     * <p>The timestamp of when the note was updated.</p>
-     */
-    NoteUpdatedAt?: DateFilter[];
-    /**
-     * <p>The principal that created a note.</p>
-     */
-    NoteUpdatedBy?: StringFilter[];
-    /**
-     * @deprecated
-     *
-     * <p>A keyword for a finding.</p>
-     */
-    Keyword?: KeywordFilter[];
-    /**
-     * <p>The finding provider value for the finding confidence. Confidence is defined as the likelihood
-     *          that a finding accurately identifies the behavior or issue that it was intended to
-     *          identify.</p>
-     *          <p>Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
-     *          confidence and 100 means 100 percent confidence.</p>
-     */
-    FindingProviderFieldsConfidence?: NumberFilter[];
-    /**
-     * <p>The finding provider value for the level of importance assigned to the resources associated with
-     *          the findings.</p>
-     *          <p>A score of 0 means that the underlying resources have no criticality, and a score of 100
-     *          is reserved for the most critical resources. </p>
-     */
-    FindingProviderFieldsCriticality?: NumberFilter[];
-    /**
-     * <p>The finding identifier of a related finding that is identified by the finding provider.</p>
-     */
-    FindingProviderFieldsRelatedFindingsId?: StringFilter[];
-    /**
-     * <p>The ARN of the solution that generated a related finding that is identified by the finding provider.</p>
-     */
-    FindingProviderFieldsRelatedFindingsProductArn?: StringFilter[];
-    /**
-     * <p>The finding provider value for the severity label.</p>
-     */
-    FindingProviderFieldsSeverityLabel?: StringFilter[];
-    /**
-     * <p>The finding provider's original value for the severity.</p>
-     */
-    FindingProviderFieldsSeverityOriginal?: StringFilter[];
-    /**
-     * <p>One or more finding types that the finding provider assigned to the finding. Uses the format of <code>namespace/category/classifier</code>
-     *          that classify a finding.</p>
-     *          <p>Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual
-     *          Behaviors | Sensitive Data Identifications</p>
-     */
-    FindingProviderFieldsTypes?: StringFilter[];
-    /**
-     * <p>Indicates whether or not sample findings are included in the filter results.</p>
-     */
-    Sample?: BooleanFilter[];
-    /**
-     * <p>
-     *          The unique identifier of a control across standards. Values for this field typically consist of an
-     *          Amazon Web Service and a number, such as APIGateway.5.
-     *       </p>
-     */
-    ComplianceSecurityControlId?: StringFilter[];
-    /**
-     * <p>
-     *          The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the
-     *          Amazon Resource Name (ARN) returned for a standard in the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html">DescribeStandards</a> API response.
-     *       </p>
-     */
-    ComplianceAssociatedStandardsId?: StringFilter[];
-}