@aws-sdk/client-securityhub 3.391.0 → 3.398.0

package/dist-types/models/models_1.d.ts

@@ -1,4 +1,4 @@
-import { Adjustment, AssociatedStandard, AvailabilityZone, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAthenaWorkGroupDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDynamoDbTableDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, AwsEcsTaskDefinitionDetails, AwsEcsTaskDetails, AwsEfsAccessPointPosixUserDetails, AwsEfsAccessPointRootDirectoryCreationInfoDetails, RelatedFinding, SeverityLabel, WorkflowStatus } from "./models_0";
+import { Adjustment, AssociatedStandard, AvailabilityZone, AwsAmazonMqBrokerDetails, AwsApiGatewayRestApiDetails, AwsApiGatewayStageDetails, AwsApiGatewayV2ApiDetails, AwsApiGatewayV2StageDetails, AwsAppSyncGraphQlApiDetails, AwsAthenaWorkGroupDetails, AwsAutoScalingAutoScalingGroupDetails, AwsAutoScalingLaunchConfigurationDetails, AwsBackupBackupPlanDetails, AwsBackupBackupVaultDetails, AwsBackupRecoveryPointDetails, AwsCertificateManagerCertificateDetails, AwsCloudFormationStackDetails, AwsCloudFrontDistributionDetails, AwsCloudTrailTrailDetails, AwsCloudWatchAlarmDetails, AwsCodeBuildProjectDetails, AwsDynamoDbTableDetails, AwsEc2EipDetails, AwsEc2InstanceDetails, AwsEc2LaunchTemplateDetails, AwsEc2NetworkAclDetails, AwsEc2NetworkInterfaceDetails, AwsEc2RouteTableDetails, AwsEc2SecurityGroupDetails, AwsEc2SubnetDetails, AwsEc2TransitGatewayDetails, AwsEc2VolumeDetails, AwsEc2VpcDetails, AwsEc2VpcEndpointServiceDetails, AwsEc2VpcPeeringConnectionDetails, AwsEc2VpnConnectionDetails, AwsEcrContainerImageDetails, AwsEcrRepositoryDetails, AwsEcsClusterDetails, AwsEcsContainerDetails, AwsEcsServiceDetails, AwsEcsTaskDefinitionDetails, AwsEcsTaskDetails, AwsEfsAccessPointPosixUserDetails, AwsEfsAccessPointRootDirectoryCreationInfoDetails, RelatedFinding, SeverityLabel } from "./models_0";
 /**
  * @public
  * <p>Provides information about the directory on the Amazon EFS file system that the access point exposes
@@ -6888,6 +6888,38 @@ export interface FindingProviderFields {
      */
     Types?: string[];
 }
+/**
+ * @public
+ * <p>
+ *                 Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to
+ *                 findings that relate to Lambda functions. Amazon Inspector identifies policy violations and
+ *                 vulnerabilities in Lambda function code based on internal detectors developed
+ *                 in collaboration with Amazon CodeGuru. Security Hub receives those findings.
+ *         </p>
+ */
+export interface GeneratorDetails {
+    /**
+     * @public
+     * <p>
+     *             The name of the detector used to identify the code vulnerability.
+     *         </p>
+     */
+    Name?: string;
+    /**
+     * @public
+     * <p>
+     *             The description of the detector used to identify the code vulnerability.
+     *         </p>
+     */
+    Description?: string;
+    /**
+     * @public
+     * <p>
+     *             An array of tags used to identify the detector associated with the finding.
+     *         </p>
+     */
+    Labels?: string[];
+}
 /**
  * @public
  * @enum
@@ -10066,6 +10098,71 @@ export interface Threat {
      */
     FilePaths?: FilePaths[];
 }
+/**
+ * @public
+ * <p>
+ *             Provides details about where a code vulnerability is located in your Lambda function.
+ *         </p>
+ */
+export interface CodeVulnerabilitiesFilePath {
+    /**
+     * @public
+     * <p>
+     *         	The line number of the last line of code in which the vulnerability is located.
+     *         </p>
+     */
+    EndLine?: number;
+    /**
+     * @public
+     * <p>
+     *             The name of the file in which the code vulnerability is located.
+     *         </p>
+     */
+    FileName?: string;
+    /**
+     * @public
+     * <p>
+     *             The file path to the code in which the vulnerability is located.
+     *         </p>
+     */
+    FilePath?: string;
+    /**
+     * @public
+     * <p>
+     *             The line number of the first line of code in which the vulnerability is located.
+     *         </p>
+     */
+    StartLine?: number;
+}
+/**
+ * @public
+ * <p>Provides details about the vulnerabilities found in your Lambda function code. This field pertains to findings that
+ *             Security Hub receives from Amazon Inspector.
+ *         </p>
+ */
+export interface VulnerabilityCodeVulnerabilities {
+    /**
+     * @public
+     * <p>
+     *             The Common Weakness Enumeration (CWE) item associated with the detected code vulnerability.
+     *         </p>
+     */
+    Cwes?: string[];
+    /**
+     * @public
+     * <p>
+     *             Provides details about where a code vulnerability is located in your Lambda function.
+     *         </p>
+     */
+    FilePath?: CodeVulnerabilitiesFilePath;
+    /**
+     * @public
+     * <p>
+     *             The Amazon Resource Name (ARN) of the Lambda layer in which the code vulnerability is located.
+     *         </p>
+     */
+    SourceArn?: string;
+}
 /**
  * @public
  * <p>CVSS scores from the advisory related to the vulnerability.</p>
@@ -10097,6 +10194,18 @@ export interface Cvss {
      */
     Adjustments?: Adjustment[];
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const VulnerabilityExploitAvailable: {
+    readonly NO: "NO";
+    readonly YES: "YES";
+};
+/**
+ * @public
+ */
+export type VulnerabilityExploitAvailable = (typeof VulnerabilityExploitAvailable)[keyof typeof VulnerabilityExploitAvailable];
 /**
  * @public
  * @enum
@@ -10147,191 +10256,3 @@ export interface VulnerabilityVendor {
      */
     VendorUpdatedAt?: string;
 }
-/**
- * @public
- * <p>Information about a software package.</p>
- */
-export interface SoftwarePackage {
-    /**
-     * @public
-     * <p>The name of the software package.</p>
-     */
-    Name?: string;
-    /**
-     * @public
-     * <p>The version of the software package.</p>
-     */
-    Version?: string;
-    /**
-     * @public
-     * <p>The epoch of the software package.</p>
-     */
-    Epoch?: string;
-    /**
-     * @public
-     * <p>The release of the software package.</p>
-     */
-    Release?: string;
-    /**
-     * @public
-     * <p>The architecture used for the software package.</p>
-     */
-    Architecture?: string;
-    /**
-     * @public
-     * <p>The source of the package.</p>
-     */
-    PackageManager?: string;
-    /**
-     * @public
-     * <p>The file system path to the package manager inventory file.</p>
-     */
-    FilePath?: string;
-    /**
-     * @public
-     * <p>The version of the software package in which the vulnerability has been resolved.
-     *       </p>
-     */
-    FixedInVersion?: string;
-    /**
-     * @public
-     * <p>Describes the actions a customer can take to resolve the vulnerability in the software package.
-     *       </p>
-     */
-    Remediation?: string;
-    /**
-     * @public
-     * <p>The source layer hash of the vulnerable package.
-     *       </p>
-     */
-    SourceLayerHash?: string;
-    /**
-     * @public
-     * <p>The Amazon Resource Name (ARN) of the source layer.
-     *       </p>
-     */
-    SourceLayerArn?: string;
-}
-/**
- * @public
- * <p>A vulnerability associated with a finding.</p>
- */
-export interface Vulnerability {
-    /**
-     * @public
-     * <p>The identifier of the vulnerability.</p>
-     */
-    Id: string | undefined;
-    /**
-     * @public
-     * <p>List of software packages that have the vulnerability.</p>
-     */
-    VulnerablePackages?: SoftwarePackage[];
-    /**
-     * @public
-     * <p>CVSS scores from the advisory related to the vulnerability.</p>
-     */
-    Cvss?: Cvss[];
-    /**
-     * @public
-     * <p>List of vulnerabilities that are related to this vulnerability.</p>
-     */
-    RelatedVulnerabilities?: string[];
-    /**
-     * @public
-     * <p>Information about the vendor that generates the vulnerability report.</p>
-     */
-    Vendor?: VulnerabilityVendor;
-    /**
-     * @public
-     * <p>A list of URLs that provide additional information about the vulnerability.</p>
-     */
-    ReferenceUrls?: string[];
-    /**
-     * @public
-     * <p>Specifies if all vulnerable packages in a finding have a value for <code>FixedInVersion</code>
-     * and <code>Remediation</code>.
-     * This field is evaluated for each vulnerability <code>Id</code> based on the number of vulnerable packages that have a value for both
-     * <code>FixedInVersion</code> and <code>Remediation</code>. Valid values are as follows:</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>YES</code> if all vulnerable packages have a value for both <code>FixedInVersion</code> and <code>Remediation</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>NO</code> if no vulnerable packages have a value for <code>FixedInVersion</code> and <code>Remediation</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>PARTIAL</code> otherwise</p>
-     *             </li>
-     *          </ul>
-     */
-    FixAvailable?: VulnerabilityFixAvailable | string;
-}
-/**
- * @public
- * <p>Provides information about the status of the investigation into a finding.</p>
- */
-export interface Workflow {
-    /**
-     * @public
-     * <p>The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to <code>SUPPRESSED</code> or <code>RESOLVED</code> does not prevent a new finding for the same issue.</p>
-     *          <p>The allowed values are the following.</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>NEW</code> - The initial state of a finding, before it is reviewed.</p>
-     *                <p>Security Hub also resets the workflow status from <code>NOTIFIED</code> or
-     *                   <code>RESOLVED</code> to <code>NEW</code> in the following cases:</p>
-     *                <ul>
-     *                   <li>
-     *                      <p>
-     *                         <code>RecordState</code> changes from <code>ARCHIVED</code> to
-     *                         <code>ACTIVE</code>.</p>
-     *                   </li>
-     *                   <li>
-     *                      <p>
-     *                         <code>ComplianceStatus</code> changes from <code>PASSED</code> to either
-     *                         <code>WARNING</code>, <code>FAILED</code>, or
-     *                      <code>NOT_AVAILABLE</code>.</p>
-     *                   </li>
-     *                </ul>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>NOTIFIED</code> - Indicates that you notified the resource owner about the
-     *                security issue. Used when the initial reviewer is not the resource owner, and needs
-     *                intervention from the resource owner.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>SUPPRESSED</code> - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.</p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>RESOLVED</code> - The finding was reviewed and remediated and is now
-     *                considered resolved. </p>
-     *             </li>
-     *          </ul>
-     */
-    Status?: WorkflowStatus | string;
-}
-/**
- * @public
- * @enum
- */
-export declare const WorkflowState: {
-    readonly ASSIGNED: "ASSIGNED";
-    readonly DEFERRED: "DEFERRED";
-    readonly IN_PROGRESS: "IN_PROGRESS";
-    readonly NEW: "NEW";
-    readonly RESOLVED: "RESOLVED";
-};
-/**
- * @public
- */
-export type WorkflowState = (typeof WorkflowState)[keyof typeof WorkflowState];

package/dist-types/models/models_2.d.ts

@@ -1,7 +1,214 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
-import { AccountDetails, Action, ActionTarget, AdminAccount, AssociationStatus, AutoEnableStandards, AutomationRulesAction, AutomationRulesConfig, AutomationRulesFindingFilters, AutomationRulesMetadata, DateFilter, MapFilter, NoteUpdate, NumberFilter, RelatedFinding, RuleStatus, SeverityUpdate, StringFilter, VerificationState, WorkflowUpdate } from "./models_0";
-import { Compliance, FindingProviderFields, Malware, Network, NetworkPathComponent, Note, PatchSummary, ProcessDetails, RecordState, Remediation, Resource, Severity, Threat, ThreatIntelIndicator, Vulnerability, Workflow, WorkflowState } from "./models_1";
+import { AccountDetails, Action, ActionTarget, AdminAccount, AssociationStatus, AutoEnableStandards, AutomationRulesAction, AutomationRulesConfig, AutomationRulesFindingFilters, AutomationRulesMetadata, DateFilter, MapFilter, NoteUpdate, NumberFilter, RelatedFinding, RuleStatus, SeverityUpdate, StringFilter, VerificationState, WorkflowStatus, WorkflowUpdate } from "./models_0";
+import { Compliance, Cvss, FindingProviderFields, GeneratorDetails, Malware, Network, NetworkPathComponent, Note, PatchSummary, ProcessDetails, RecordState, Remediation, Resource, Severity, Threat, ThreatIntelIndicator, VulnerabilityCodeVulnerabilities, VulnerabilityExploitAvailable, VulnerabilityFixAvailable, VulnerabilityVendor } from "./models_1";
 import { SecurityHubServiceException as __BaseException } from "./SecurityHubServiceException";
+/**
+ * @public
+ * <p>Information about a software package.</p>
+ */
+export interface SoftwarePackage {
+    /**
+     * @public
+     * <p>The name of the software package.</p>
+     */
+    Name?: string;
+    /**
+     * @public
+     * <p>The version of the software package.</p>
+     */
+    Version?: string;
+    /**
+     * @public
+     * <p>The epoch of the software package.</p>
+     */
+    Epoch?: string;
+    /**
+     * @public
+     * <p>The release of the software package.</p>
+     */
+    Release?: string;
+    /**
+     * @public
+     * <p>The architecture used for the software package.</p>
+     */
+    Architecture?: string;
+    /**
+     * @public
+     * <p>The source of the package.</p>
+     */
+    PackageManager?: string;
+    /**
+     * @public
+     * <p>The file system path to the package manager inventory file.</p>
+     */
+    FilePath?: string;
+    /**
+     * @public
+     * <p>The version of the software package in which the vulnerability has been resolved.
+     *       </p>
+     */
+    FixedInVersion?: string;
+    /**
+     * @public
+     * <p>Describes the actions a customer can take to resolve the vulnerability in the software package.
+     *       </p>
+     */
+    Remediation?: string;
+    /**
+     * @public
+     * <p>The source layer hash of the vulnerable package.
+     *       </p>
+     */
+    SourceLayerHash?: string;
+    /**
+     * @public
+     * <p>The Amazon Resource Name (ARN) of the source layer.
+     *       </p>
+     */
+    SourceLayerArn?: string;
+}
+/**
+ * @public
+ * <p>A vulnerability associated with a finding.</p>
+ */
+export interface Vulnerability {
+    /**
+     * @public
+     * <p>The identifier of the vulnerability.</p>
+     */
+    Id: string | undefined;
+    /**
+     * @public
+     * <p>List of software packages that have the vulnerability.</p>
+     */
+    VulnerablePackages?: SoftwarePackage[];
+    /**
+     * @public
+     * <p>CVSS scores from the advisory related to the vulnerability.</p>
+     */
+    Cvss?: Cvss[];
+    /**
+     * @public
+     * <p>List of vulnerabilities that are related to this vulnerability.</p>
+     */
+    RelatedVulnerabilities?: string[];
+    /**
+     * @public
+     * <p>Information about the vendor that generates the vulnerability report.</p>
+     */
+    Vendor?: VulnerabilityVendor;
+    /**
+     * @public
+     * <p>A list of URLs that provide additional information about the vulnerability.</p>
+     */
+    ReferenceUrls?: string[];
+    /**
+     * @public
+     * <p>Specifies if all vulnerable packages in a finding have a value for <code>FixedInVersion</code>
+     * and <code>Remediation</code>.
+     * This field is evaluated for each vulnerability <code>Id</code> based on the number of vulnerable packages that have a value for both
+     * <code>FixedInVersion</code> and <code>Remediation</code>. Valid values are as follows:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>YES</code> if all vulnerable packages have a value for both <code>FixedInVersion</code> and <code>Remediation</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>NO</code> if no vulnerable packages have a value for <code>FixedInVersion</code> and <code>Remediation</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>PARTIAL</code> otherwise</p>
+     *             </li>
+     *          </ul>
+     */
+    FixAvailable?: VulnerabilityFixAvailable | string;
+    /**
+     * @public
+     * <p>The Exploit Prediction Scoring System (EPSS) score for a finding.
+     * 		</p>
+     */
+    EpssScore?: number;
+    /**
+     * @public
+     * <p>Whether an exploit is available for a finding.
+     * 		</p>
+     */
+    ExploitAvailable?: VulnerabilityExploitAvailable | string;
+    /**
+     * @public
+     * <p>The vulnerabilities found in your Lambda function code. This field pertains to findings that
+     * Security Hub receives from Amazon Inspector.
+     *         </p>
+     */
+    CodeVulnerabilities?: VulnerabilityCodeVulnerabilities[];
+}
+/**
+ * @public
+ * <p>Provides details about the status of the investigation into a finding.</p>
+ */
+export interface Workflow {
+    /**
+     * @public
+     * <p>The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to <code>SUPPRESSED</code> or <code>RESOLVED</code> does not prevent a new finding for the same issue.</p>
+     *          <p>The allowed values are the following.</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>NEW</code> - The initial state of a finding, before it is reviewed.</p>
+     *                <p>Security Hub also resets the workflow status from <code>NOTIFIED</code> or
+     *                   <code>RESOLVED</code> to <code>NEW</code> in the following cases:</p>
+     *                <ul>
+     *                   <li>
+     *                      <p>
+     *                         <code>RecordState</code> changes from <code>ARCHIVED</code> to
+     *                         <code>ACTIVE</code>.</p>
+     *                   </li>
+     *                   <li>
+     *                      <p>
+     *                         <code>ComplianceStatus</code> changes from <code>PASSED</code> to either
+     *                         <code>WARNING</code>, <code>FAILED</code>, or
+     *                      <code>NOT_AVAILABLE</code>.</p>
+     *                   </li>
+     *                </ul>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>NOTIFIED</code> - Indicates that you notified the resource owner about the
+     *                security issue. Used when the initial reviewer is not the resource owner, and needs
+     *                intervention from the resource owner.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>SUPPRESSED</code> - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>RESOLVED</code> - The finding was reviewed and remediated and is now
+     *                considered resolved. </p>
+     *             </li>
+     *          </ul>
+     */
+    Status?: WorkflowStatus | string;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const WorkflowState: {
+    readonly ASSIGNED: "ASSIGNED";
+    readonly DEFERRED: "DEFERRED";
+    readonly IN_PROGRESS: "IN_PROGRESS";
+    readonly NEW: "NEW";
+    readonly RESOLVED: "RESOLVED";
+};
+/**
+ * @public
+ */
+export type WorkflowState = (typeof WorkflowState)[keyof typeof WorkflowState];
 /**
  * @public
  * <p>Provides a consistent format for Security Hub findings.
@@ -268,6 +475,15 @@ export interface AwsSecurityFinding {
      * <p>Indicates whether the finding is a sample finding.</p>
      */
     Sample?: boolean;
+    /**
+     * @public
+     * <p>Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to
+     * findings that relate to Lambda functions. Amazon Inspector identifies policy violations and
+     * vulnerabilities in Lambda function code based on internal detectors developed
+     * in collaboration with Amazon CodeGuru. Security Hub receives those findings.
+     *         </p>
+     */
+    GeneratorDetails?: GeneratorDetails;
 }
 /**
  * @public

package/dist-types/runtimeConfig.browser.d.ts

@@ -26,6 +26,7 @@ export declare const getRuntimeConfig: (config: SecurityHubClientConfig) => {
     disableHostPrefix: boolean;
     serviceId: string;
     logger: import("@smithy/types").Logger;
+    extensions: import("./runtimeExtensions").RuntimeExtension[];
     endpoint?: ((string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>) & (string | import("@smithy/types").Provider<string> | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>)) | undefined;
     endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger | undefined;

package/dist-types/runtimeConfig.d.ts

@@ -26,6 +26,7 @@ export declare const getRuntimeConfig: (config: SecurityHubClientConfig) => {
     disableHostPrefix: boolean;
     serviceId: string;
     logger: import("@smithy/types").Logger;
+    extensions: import("./runtimeExtensions").RuntimeExtension[];
     endpoint?: ((string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>) & (string | import("@smithy/types").Provider<string> | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2>)) | undefined;
     endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger | undefined;

package/dist-types/runtimeConfig.native.d.ts

@@ -24,6 +24,7 @@ export declare const getRuntimeConfig: (config: SecurityHubClientConfig) => {
     maxAttempts: number | import("@smithy/types").Provider<number>;
     retryMode: string | import("@smithy/types").Provider<string>;
     logger: import("@smithy/types").Logger;
+    extensions: import("./runtimeExtensions").RuntimeExtension[];
     defaultsMode: import("@smithy/smithy-client").DefaultsMode | import("@smithy/types").Provider<import("@smithy/smithy-client").DefaultsMode>;
     endpoint?: string | import("@smithy/types").Endpoint | import("@smithy/types").Provider<import("@smithy/types").Endpoint> | import("@smithy/types").EndpointV2 | import("@smithy/types").Provider<import("@smithy/types").EndpointV2> | undefined;
     endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {

package/dist-types/runtimeConfig.shared.d.ts

@@ -10,6 +10,7 @@ export declare const getRuntimeConfig: (config: SecurityHubClientConfig) => {
     endpointProvider: (endpointParams: import("./endpoint/EndpointParameters").EndpointParameters, context?: {
         logger?: import("@smithy/types").Logger | undefined;
     }) => import("@smithy/types").EndpointV2;
+    extensions: import("./runtimeExtensions").RuntimeExtension[];
     logger: import("@smithy/types").Logger;
     serviceId: string;
     urlParser: import("@smithy/types").UrlParser;

package/dist-types/runtimeExtensions.d.ts

@@ -0,0 +1,17 @@
+import { SecurityHubExtensionConfiguration } from "./extensionConfiguration";
+/**
+ * @public
+ */
+export interface RuntimeExtension {
+    configure(clientConfiguration: SecurityHubExtensionConfiguration): void;
+}
+/**
+ * @public
+ */
+export interface RuntimeExtensionsConfig {
+    extensions: RuntimeExtension[];
+}
+/**
+ * @internal
+ */
+export declare const resolveRuntimeExtensions: (runtimeConfig: any, extensions: RuntimeExtension[]) => any;

package/dist-types/ts3.4/SecurityHubClient.d.ts

@@ -318,6 +318,7 @@ import {
   ClientResolvedEndpointParameters,
   EndpointParameters,
 } from "./endpoint/EndpointParameters";
+import { RuntimeExtension, RuntimeExtensionsConfig } from "./runtimeExtensions";
 export { __Client };
 export type ServiceInputTypes =
   | AcceptAdministratorInvitationCommandInput
@@ -477,6 +478,7 @@ export interface ClientDefaults
   maxAttempts?: number | __Provider<number>;
   retryMode?: string | __Provider<string>;
   logger?: __Logger;
+  extensions?: RuntimeExtension[];
   defaultsMode?: __DefaultsMode | __Provider<__DefaultsMode>;
 }
 export type SecurityHubClientConfigType = Partial<
@@ -494,6 +496,7 @@ export interface SecurityHubClientConfig extends SecurityHubClientConfigType {}
 export type SecurityHubClientResolvedConfigType =
   __SmithyResolvedConfiguration<__HttpHandlerOptions> &
     Required<ClientDefaults> &
+    RuntimeExtensionsConfig &
     RegionResolvedConfig &
     EndpointResolvedConfig<EndpointParameters> &
     RetryResolvedConfig &

package/dist-types/ts3.4/extensionConfiguration.d.ts

@@ -0,0 +1,3 @@
+import { DefaultExtensionConfiguration } from "@smithy/types";
+export interface SecurityHubExtensionConfiguration
+  extends DefaultExtensionConfiguration {}