@aws-sdk/client-securityhub 3.696.0 → 3.703.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dist-cjs/index.js +140 -0
  2. package/dist-es/models/models_0.js +4 -0
  3. package/dist-es/models/models_1.js +4 -0
  4. package/dist-es/protocols/Aws_restJson1.js +136 -0
  5. package/dist-types/commands/BatchImportFindingsCommand.d.ts +81 -0
  6. package/dist-types/commands/GetFindingsCommand.d.ts +81 -0
  7. package/dist-types/models/models_0.d.ts +146 -162
  8. package/dist-types/models/models_1.d.ts +1213 -1116
  9. package/dist-types/models/models_2.d.ts +473 -1
  10. package/dist-types/ts3.4/models/models_0.d.ts +28 -20
  11. package/dist-types/ts3.4/models/models_1.d.ts +82 -87
  12. package/dist-types/ts3.4/models/models_2.d.ts +85 -7
  13. package/package.json +4 -4
package/dist-types/models/models_1.d.ts CHANGED
@@ -1,4 +1,166 @@
1
- import { AssociatedStandard, AvailabilityZone, AwsEcsContainerDetails, AwsEcsTaskDefinitionContainerDefinitionsDependsOnDetails, AwsEcsTaskDefinitionContainerDefinitionsEnvironmentDetails, AwsEcsTaskDefinitionContainerDefinitionsEnvironmentFilesDetails, AwsEcsTaskDefinitionContainerDefinitionsExtraHostsDetails, AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails, AwsEcsTaskDefinitionContainerDefinitionsHealthCheckDetails, AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDetails, AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationDetails, AwsEcsTaskDefinitionContainerDefinitionsMountPointsDetails, AwsEcsTaskDefinitionContainerDefinitionsPortMappingsDetails, AwsEcsTaskDefinitionContainerDefinitionsRepositoryCredentialsDetails, AwsEcsTaskDefinitionContainerDefinitionsResourceRequirementsDetails, AwsEcsTaskDefinitionContainerDefinitionsSecretsDetails, AwsEcsTaskDefinitionContainerDefinitionsSystemControlsDetails, AwsEcsTaskDefinitionContainerDefinitionsUlimitsDetails, RelatedFinding, SeverityLabel } from "./models_0";
1
+ import { Actor, AssociatedStandard, AvailabilityZone, AwsEcsContainerDetails, AwsEcsTaskDefinitionContainerDefinitionsDependsOnDetails, AwsEcsTaskDefinitionContainerDefinitionsEnvironmentDetails, AwsEcsTaskDefinitionContainerDefinitionsEnvironmentFilesDetails, AwsEcsTaskDefinitionContainerDefinitionsExtraHostsDetails, AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails, AwsEcsTaskDefinitionContainerDefinitionsHealthCheckDetails, AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDetails, AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationDetails, AwsEcsTaskDefinitionContainerDefinitionsMountPointsDetails, AwsEcsTaskDefinitionContainerDefinitionsPortMappingsDetails, RelatedFinding, SeverityLabel } from "./models_0";
2
+ /**
3
+ * <p>The private repository authentication credentials to use.</p>
4
+ * @public
5
+ */
6
+ export interface AwsEcsTaskDefinitionContainerDefinitionsRepositoryCredentialsDetails {
7
+ /**
8
+ * <p>The ARN of the secret that contains the private repository credentials.</p>
9
+ * @public
10
+ */
11
+ CredentialsParameter?: string | undefined;
12
+ }
13
+ /**
14
+ * <p>A resource to assign to a container.</p>
15
+ * @public
16
+ */
17
+ export interface AwsEcsTaskDefinitionContainerDefinitionsResourceRequirementsDetails {
18
+ /**
19
+ * <p>The type of resource to assign to a container. Valid values are <code>GPU</code> or <code>InferenceAccelerator</code>.</p>
20
+ * @public
21
+ */
22
+ Type?: string | undefined;
23
+ /**
24
+ * <p>The value for the specified resource type.</p>
25
+ * <p>For <code>GPU</code>, the value is the number of physical GPUs the Amazon ECS container agent
26
+ * reserves for the container.</p>
27
+ * <p>For <code>InferenceAccelerator</code>, the value should match the <code>DeviceName</code>
28
+ * attribute of an entry in <code>InferenceAccelerators</code>.</p>
29
+ * @public
30
+ */
31
+ Value?: string | undefined;
32
+ }
33
+ /**
34
+ * <p>A secret to pass to the container.</p>
35
+ * @public
36
+ */
37
+ export interface AwsEcsTaskDefinitionContainerDefinitionsSecretsDetails {
38
+ /**
39
+ * <p>The name of the secret.</p>
40
+ * @public
41
+ */
42
+ Name?: string | undefined;
43
+ /**
44
+ * <p>The secret to expose to the container. The value is either the full ARN of the Secrets Manager
45
+ * secret or the full ARN of the parameter in the Systems Manager Parameter Store.</p>
46
+ * @public
47
+ */
48
+ ValueFrom?: string | undefined;
49
+ }
50
+ /**
51
+ * <p>A namespaced kernel parameter to set in the container.</p>
52
+ * @public
53
+ */
54
+ export interface AwsEcsTaskDefinitionContainerDefinitionsSystemControlsDetails {
55
+ /**
56
+ * <p>The namespaced kernel parameter for which to set a value.</p>
57
+ * @public
58
+ */
59
+ Namespace?: string | undefined;
60
+ /**
61
+ * <p>The value of the parameter.</p>
62
+ * @public
63
+ */
64
+ Value?: string | undefined;
65
+ }
66
+ /**
67
+ * <p>A ulimit to set in the container.</p>
68
+ * @public
69
+ */
70
+ export interface AwsEcsTaskDefinitionContainerDefinitionsUlimitsDetails {
71
+ /**
72
+ * <p>The hard limit for the ulimit type.</p>
73
+ * @public
74
+ */
75
+ HardLimit?: number | undefined;
76
+ /**
77
+ * <p>The type of the ulimit. Valid values are as follows:</p>
78
+ * <ul>
79
+ * <li>
80
+ * <p>
81
+ * <code>core</code>
82
+ * </p>
83
+ * </li>
84
+ * <li>
85
+ * <p>
86
+ * <code>cpu</code>
87
+ * </p>
88
+ * </li>
89
+ * <li>
90
+ * <p>
91
+ * <code>data</code>
92
+ * </p>
93
+ * </li>
94
+ * <li>
95
+ * <p>
96
+ * <code>fsize</code>
97
+ * </p>
98
+ * </li>
99
+ * <li>
100
+ * <p>
101
+ * <code>locks</code>
102
+ * </p>
103
+ * </li>
104
+ * <li>
105
+ * <p>
106
+ * <code>memlock</code>
107
+ * </p>
108
+ * </li>
109
+ * <li>
110
+ * <p>
111
+ * <code>msgqueue</code>
112
+ * </p>
113
+ * </li>
114
+ * <li>
115
+ * <p>
116
+ * <code>nice</code>
117
+ * </p>
118
+ * </li>
119
+ * <li>
120
+ * <p>
121
+ * <code>nofile</code>
122
+ * </p>
123
+ * </li>
124
+ * <li>
125
+ * <p>
126
+ * <code>nproc</code>
127
+ * </p>
128
+ * </li>
129
+ * <li>
130
+ * <p>
131
+ * <code>rss</code>
132
+ * </p>
133
+ * </li>
134
+ * <li>
135
+ * <p>
136
+ * <code>rtprio</code>
137
+ * </p>
138
+ * </li>
139
+ * <li>
140
+ * <p>
141
+ * <code>rttime</code>
142
+ * </p>
143
+ * </li>
144
+ * <li>
145
+ * <p>
146
+ * <code>sigpending</code>
147
+ * </p>
148
+ * </li>
149
+ * <li>
150
+ * <p>
151
+ * <code>stack</code>
152
+ * </p>
153
+ * </li>
154
+ * </ul>
155
+ * @public
156
+ */
157
+ Name?: string | undefined;
158
+ /**
159
+ * <p>The soft limit for the ulimit type.</p>
160
+ * @public
161
+ */
162
+ SoftLimit?: number | undefined;
163
+ }
2
164
  /**
3
165
  * <p>A data volume to mount from another container.</p>
4
166
  * @public
@@ -8877,7 +9039,7 @@ export type ComplianceStatus = (typeof ComplianceStatus)[keyof typeof Compliance
8877
9039
  export interface StatusReason {
8878
9040
  /**
8879
9041
  * <p>A code that represents a reason for the control status. For the list of status reason
8880
- * codes and their meanings, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-results.html#securityhub-standards-results-asff">Standards-related information in the ASFF</a> in the
9042
+ * codes and their meanings, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/controls-findings-create-update.html#control-findings-asff-compliance">Compliance details for control findings</a> in the
8881
9043
  * <i>Security Hub User Guide</i>. </p>
8882
9044
  * @public
8883
9045
  */
@@ -8965,1764 +9127,1699 @@ export interface Compliance {
8965
9127
  SecurityControlParameters?: SecurityControlParameter[] | undefined;
8966
9128
  }
8967
9129
  /**
8968
- * <p>The severity assigned to a finding by the finding provider. This object may include one or more of the following
8969
- * attributes:</p>
8970
- * <ul>
8971
- * <li>
8972
- * <p>
8973
- * <code>Label</code>
8974
- * </p>
8975
- * </li>
8976
- * <li>
8977
- * <p>
8978
- * <code>Normalized</code>
8979
- * </p>
8980
- * </li>
8981
- * <li>
8982
- * <p>
8983
- * <code>Original</code>
8984
- * </p>
8985
- * </li>
8986
- * <li>
8987
- * <p>
8988
- * <code>Product</code>
8989
- * </p>
8990
- * </li>
8991
- * </ul>
8992
- * <p>If a <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
8993
- * <code>BatchImportFindings</code>
8994
- * </a> request for a
8995
- * new finding only provides <code>Label</code> or only provides <code>Normalized</code>, Security Hub
8996
- * automatically populates the value of the other field.</p>
8997
- * <p>The <code>Normalized</code> and <code>Product</code> attributes are included in the <code>FindingProviderSeverity</code>
8998
- * structure to preserve the historical information associated with the finding, even if the top-level
8999
- * <code>Severity</code> object is later modified using the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
9000
- * <code>BatchUpdateFindings</code>
9001
- * </a> operation.</p>
9002
- * <p>If the top-level <code>Finding.Severity</code> object is present, but <code>Finding.FindingProviderFields</code> isn't present,
9003
- * Security Hub creates the <code>FindingProviderFields.Severity</code> object and copies the entire <code>Finding.Severity</code> object into it.
9004
- * This ensures that the original, provider-supplied details are retained within the <code>FindingProviderFields.Severity</code>
9005
- * object, even if the top-level <code>Severity</code> object is overwritten.
9006
- * </p>
9130
+ * <p>
9131
+ * Contains information about the Autonomous System (AS) of the network
9132
+ * endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack
9133
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9134
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9135
+ * </p>
9007
9136
  * @public
9008
9137
  */
9009
- export interface FindingProviderSeverity {
9138
+ export interface NetworkAutonomousSystem {
9010
9139
  /**
9011
- * <p>The severity label assigned to the finding by the finding provider.</p>
9140
+ * <p>
9141
+ * The name associated with the AS.
9142
+ * </p>
9012
9143
  * @public
9013
9144
  */
9014
- Label?: SeverityLabel | undefined;
9145
+ Name?: string | undefined;
9015
9146
  /**
9016
- * <p>The finding provider's original value for the severity.</p>
9017
- * <p>Length Constraints: Minimum length of 1. Maximum length of 64.</p>
9147
+ * <p>
9148
+ * The unique number that identifies the AS.
9149
+ * </p>
9018
9150
  * @public
9019
9151
  */
9020
- Original?: string | undefined;
9152
+ Number?: number | undefined;
9021
9153
  }
9022
9154
  /**
9023
- * <p>In a <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
9024
- * <code>BatchImportFindings</code>
9025
- * </a> request, finding providers use <code>FindingProviderFields</code> to provide
9026
- * and update values for the following fields:</p>
9027
- * <ul>
9028
- * <li>
9029
- * <p>
9030
- * <code>Confidence</code>
9031
- * </p>
9032
- * </li>
9033
- * <li>
9034
- * <p>
9035
- * <code>Criticality</code>
9036
- * </p>
9037
- * </li>
9038
- * <li>
9039
- * <p>
9040
- * <code>RelatedFindings</code>
9041
- * </p>
9042
- * </li>
9043
- * <li>
9044
- * <p>
9045
- * <code>Severity</code>
9046
- * </p>
9047
- * </li>
9048
- * <li>
9049
- * <p>
9050
- * <code>Types</code>
9051
- * </p>
9052
- * </li>
9053
- * </ul>
9054
- * <p>The preceding fields are nested under the <code>FindingProviderFields</code> object, but also have analogues of the same name
9055
- * as top-level ASFF fields. When a new finding is sent to Security Hub by a finding provider, Security Hub populates the
9056
- * <code>FindingProviderFields</code> object automatically, if it is empty, based on the corresponding top-level fields.</p>
9057
- * <p>Finding providers can update <code>FindingProviderFields</code> only by using the <code>BatchImportFindings</code>
9058
- * operation. Finding providers can't update
9059
- * this object with the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
9060
- * <code>BatchUpdateFindings</code>
9061
- * </a> operation. Customers can update the top-level fields by using the <code>BatchUpdateFindings</code> operation. Customers can't
9062
- * update <code>FindingProviderFields</code>.</p>
9063
- * <p>For information about how Security Hub handles updates from <code>BatchImportFindings</code> to
9064
- * <code>FindingProviderFields</code> and to the corresponding top-level
9065
- * attributes, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/finding-update-batchimportfindings.html#batchimportfindings-findingproviderfields">Using <code>FindingProviderFields</code>
9066
- * </a> in the <i>Security Hub User Guide</i>.</p>
9067
- * <p></p>
9068
9155
  * @public
9156
+ * @enum
9069
9157
  */
9070
- export interface FindingProviderFields {
9158
+ export declare const ConnectionDirection: {
9159
+ readonly INBOUND: "INBOUND";
9160
+ readonly OUTBOUND: "OUTBOUND";
9161
+ };
9162
+ /**
9163
+ * @public
9164
+ */
9165
+ export type ConnectionDirection = (typeof ConnectionDirection)[keyof typeof ConnectionDirection];
9166
+ /**
9167
+ * <p>
9168
+ * Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack
9169
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9170
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9171
+ * </p>
9172
+ * @public
9173
+ */
9174
+ export interface NetworkConnection {
9071
9175
  /**
9072
- * <p>A finding's confidence. Confidence is defined as the likelihood that a finding
9073
- * accurately identifies the behavior or issue that it was intended to identify.</p>
9074
- * <p>Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
9075
- * confidence and 100 means 100 percent confidence.</p>
9176
+ * <p>
9177
+ * The direction in which the network traffic is flowing.
9178
+ * </p>
9076
9179
  * @public
9077
9180
  */
9078
- Confidence?: number | undefined;
9181
+ Direction?: ConnectionDirection | undefined;
9182
+ }
9183
+ /**
9184
+ * <p>
9185
+ * Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence.
9186
+ * GuardDuty generates an attack
9187
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9188
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9189
+ * </p>
9190
+ * @public
9191
+ */
9192
+ export interface NetworkGeoLocation {
9079
9193
  /**
9080
- * <p>The level of importance assigned to the resources associated with the finding.</p>
9081
- * <p>A score of 0 means that the underlying resources have no criticality, and a score of 100
9082
- * is reserved for the most critical resources.</p>
9194
+ * <p>
9195
+ * The name of the city.
9196
+ * </p>
9083
9197
  * @public
9084
9198
  */
9085
- Criticality?: number | undefined;
9199
+ City?: string | undefined;
9086
9200
  /**
9087
- * <p>A list of findings that are related to the current finding.</p>
9201
+ * <p>
9202
+ * The name of the country.
9203
+ * </p>
9088
9204
  * @public
9089
9205
  */
9090
- RelatedFindings?: RelatedFinding[] | undefined;
9206
+ Country?: string | undefined;
9091
9207
  /**
9092
- * <p>The severity of a finding.</p>
9208
+ * <p>
9209
+ * The latitude information of the endpoint location.
9210
+ * </p>
9093
9211
  * @public
9094
9212
  */
9095
- Severity?: FindingProviderSeverity | undefined;
9213
+ Lat?: number | undefined;
9096
9214
  /**
9097
- * <p>One or more finding types in the format of <code>namespace/category/classifier</code>
9098
- * that classify a finding.</p>
9099
- * <p>Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual
9100
- * Behaviors | Sensitive Data Identifications</p>
9215
+ * <p>
9216
+ * The longitude information of the endpoint location.
9217
+ * </p>
9101
9218
  * @public
9102
9219
  */
9103
- Types?: string[] | undefined;
9220
+ Lon?: number | undefined;
9104
9221
  }
9105
9222
  /**
9106
9223
  * <p>
9107
- * Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to
9108
- * findings that relate to Lambda functions. Amazon Inspector identifies policy violations and
9109
- * vulnerabilities in Lambda function code based on internal detectors developed
9110
- * in collaboration with Amazon CodeGuru. Security Hub receives those findings.
9224
+ * Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack
9225
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9226
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9111
9227
  * </p>
9228
+ * <p>This field can provide information about the network endpoints associated with the resource in the attack sequence finding,
9229
+ * or about a specific network endpoint used for the attack.</p>
9112
9230
  * @public
9113
9231
  */
9114
- export interface GeneratorDetails {
9232
+ export interface NetworkEndpoint {
9115
9233
  /**
9116
9234
  * <p>
9117
- * The name of the detector used to identify the code vulnerability.
9235
+ * The identifier of the network endpoint involved in the attack sequence.
9118
9236
  * </p>
9119
9237
  * @public
9120
9238
  */
9121
- Name?: string | undefined;
9239
+ Id?: string | undefined;
9122
9240
  /**
9123
9241
  * <p>
9124
- * The description of the detector used to identify the code vulnerability.
9242
+ * The IP address used in the network endpoint.
9125
9243
  * </p>
9126
9244
  * @public
9127
9245
  */
9128
- Description?: string | undefined;
9246
+ Ip?: string | undefined;
9129
9247
  /**
9130
9248
  * <p>
9131
- * An array of tags used to identify the detector associated with the finding.
9249
+ * The domain information for the network endpoint.
9132
9250
  * </p>
9133
- * <p>Array Members: Minimum number of 0 items. Maximum number of 10 items.</p>
9134
9251
  * @public
9135
9252
  */
9136
- Labels?: string[] | undefined;
9137
- }
9138
- /**
9139
- * @public
9140
- * @enum
9141
- */
9142
- export declare const MalwareState: {
9143
- readonly OBSERVED: "OBSERVED";
9144
- readonly REMOVAL_FAILED: "REMOVAL_FAILED";
9145
- readonly REMOVED: "REMOVED";
9146
- };
9147
- /**
9148
- * @public
9149
- */
9150
- export type MalwareState = (typeof MalwareState)[keyof typeof MalwareState];
9151
- /**
9152
- * @public
9153
- * @enum
9154
- */
9155
- export declare const MalwareType: {
9156
- readonly ADWARE: "ADWARE";
9157
- readonly BLENDED_THREAT: "BLENDED_THREAT";
9158
- readonly BOTNET_AGENT: "BOTNET_AGENT";
9159
- readonly COIN_MINER: "COIN_MINER";
9160
- readonly EXPLOIT_KIT: "EXPLOIT_KIT";
9161
- readonly KEYLOGGER: "KEYLOGGER";
9162
- readonly MACRO: "MACRO";
9163
- readonly POTENTIALLY_UNWANTED: "POTENTIALLY_UNWANTED";
9164
- readonly RANSOMWARE: "RANSOMWARE";
9165
- readonly REMOTE_ACCESS: "REMOTE_ACCESS";
9166
- readonly ROOTKIT: "ROOTKIT";
9167
- readonly SPYWARE: "SPYWARE";
9168
- readonly TROJAN: "TROJAN";
9169
- readonly VIRUS: "VIRUS";
9170
- readonly WORM: "WORM";
9171
- };
9172
- /**
9173
- * @public
9174
- */
9175
- export type MalwareType = (typeof MalwareType)[keyof typeof MalwareType];
9176
- /**
9177
- * <p>A list of malware related to a finding.</p>
9178
- * @public
9179
- */
9180
- export interface Malware {
9253
+ Domain?: string | undefined;
9181
9254
  /**
9182
- * <p>The name of the malware that was observed.</p>
9183
- * <p>Length Constraints: Minimum of 1. Maximum of 64.</p>
9255
+ * <p>
9256
+ * The port number associated with the network endpoint.
9257
+ * </p>
9184
9258
  * @public
9185
9259
  */
9186
- Name: string | undefined;
9260
+ Port?: number | undefined;
9187
9261
  /**
9188
- * <p>The type of the malware that was observed.</p>
9262
+ * <p>
9263
+ * Information about the location of the network endpoint.
9264
+ * </p>
9189
9265
  * @public
9190
9266
  */
9191
- Type?: MalwareType | undefined;
9267
+ Location?: NetworkGeoLocation | undefined;
9192
9268
  /**
9193
- * <p>The file system path of the malware that was observed.</p>
9194
- * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9269
+ * <p>
9270
+ * The Autonomous System Number (ASN) of the network endpoint.
9271
+ * </p>
9195
9272
  * @public
9196
9273
  */
9197
- Path?: string | undefined;
9274
+ AutonomousSystem?: NetworkAutonomousSystem | undefined;
9198
9275
  /**
9199
- * <p>The state of the malware that was observed.</p>
9276
+ * <p>
9277
+ * Information about the network connection.
9278
+ * </p>
9200
9279
  * @public
9201
9280
  */
9202
- State?: MalwareState | undefined;
9281
+ Connection?: NetworkConnection | undefined;
9203
9282
  }
9204
9283
  /**
9205
- * @public
9206
- * @enum
9207
- */
9208
- export declare const NetworkDirection: {
9209
- readonly IN: "IN";
9210
- readonly OUT: "OUT";
9211
- };
9212
- /**
9213
- * @public
9214
- */
9215
- export type NetworkDirection = (typeof NetworkDirection)[keyof typeof NetworkDirection];
9216
- /**
9217
- * <p>A range of ports.</p>
9284
+ * <p>
9285
+ * Contains information about the indicators observed in an Amazon GuardDuty Extended Threat Detection attack sequence.
9286
+ * Indicators include a set of signals, which can be API activities or findings that GuardDuty uses to detect an attack sequence finding. GuardDuty
9287
+ * generates an attack sequence finding when multiple signals align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9288
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9289
+ * </p>
9218
9290
  * @public
9219
9291
  */
9220
- export interface PortRange {
9292
+ export interface Indicator {
9221
9293
  /**
9222
- * <p>The first port in the port range.</p>
9294
+ * <p>
9295
+ * The name of the indicator that’s present in the attack sequence finding.
9296
+ * </p>
9223
9297
  * @public
9224
9298
  */
9225
- Begin?: number | undefined;
9299
+ Key?: string | undefined;
9226
9300
  /**
9227
- * <p>The last port in the port range.</p>
9301
+ * <p>Values associated with each indicator key. For example, if the indicator key is
9302
+ * <code>SUSPICIOUS_NETWORK</code>, then the value will be the name of the network. If
9303
+ * the indicator key is <code>ATTACK_TACTIC</code>, then the value will be one of the MITRE tactics.</p>
9228
9304
  * @public
9229
9305
  */
9230
- End?: number | undefined;
9231
- }
9232
- /**
9233
- * <p>The details of network-related information about a finding.</p>
9234
- * @public
9235
- */
9236
- export interface Network {
9306
+ Values?: string[] | undefined;
9237
9307
  /**
9238
- * <p>The direction of network traffic associated with a finding.</p>
9308
+ * <p>
9309
+ * The title describing the indicator.
9310
+ * </p>
9239
9311
  * @public
9240
9312
  */
9241
- Direction?: NetworkDirection | undefined;
9313
+ Title?: string | undefined;
9242
9314
  /**
9243
- * <p>The protocol of network-related information about a finding.</p>
9244
- * <p>Length Constraints: Minimum of 1. Maximum of 16.</p>
9315
+ * <p>
9316
+ * The type of indicator.
9317
+ * </p>
9245
9318
  * @public
9246
9319
  */
9247
- Protocol?: string | undefined;
9320
+ Type?: string | undefined;
9321
+ }
9322
+ /**
9323
+ * <p>
9324
+ * Contains information about the signals involved in an Amazon GuardDuty Extended Threat Detection attack sequence. An attack sequence is a
9325
+ * type of threat detected by GuardDuty. GuardDuty generates an attack sequence finding when multiple events, or
9326
+ * signals, align to a potentially suspicious activity. When GuardDuty and Security Hub are integrated, GuardDuty
9327
+ * sends attack sequence findings to Security Hub.</p>
9328
+ * <p>A signal can be an API activity or a finding that GuardDuty uses to detect an attack sequence finding.</p>
9329
+ * @public
9330
+ */
9331
+ export interface Signal {
9248
9332
  /**
9249
- * <p>The range of open ports that is present on the network.</p>
9333
+ * <p>
9334
+ * The type of the signal used to identify an attack sequence.
9335
+ * </p>
9336
+ * <p>Signals can be GuardDuty findings or activities observed in data sources that GuardDuty monitors.
9337
+ * For
9338
+ * more information, see
9339
+ * <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_data-sources.html">GuardDuty foundational data sources</a> in the
9340
+ * <i>Amazon GuardDuty User Guide</i>.</p>
9341
+ * <p>A signal type can be one of the following values. Here are the related descriptions:</p>
9342
+ * <ul>
9343
+ * <li>
9344
+ * <p>
9345
+ * <code>FINDING</code> - Individually generated GuardDuty finding.</p>
9346
+ * </li>
9347
+ * <li>
9348
+ * <p>
9349
+ * <code>CLOUD_TRAIL</code> - Activity observed from CloudTrail logs</p>
9350
+ * </li>
9351
+ * <li>
9352
+ * <p>
9353
+ * <code>S3_DATA_EVENTS</code> - Activity observed from CloudTrail data events for Amazon Simple Storage Service (S3).
9354
+ * Activities associated
9355
+ * with this type will show up only when
9356
+ * you have enabled GuardDuty S3 Protection feature in your account. For more information about
9357
+ * S3 Protection and the
9358
+ * steps to enable it, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/s3-protection.html">S3 Protection</a> in the
9359
+ * <i>Amazon GuardDuty User Guide</i>.</p>
9360
+ * </li>
9361
+ * </ul>
9250
9362
  * @public
9251
9363
  */
9252
- OpenPortRange?: PortRange | undefined;
9364
+ Type?: string | undefined;
9253
9365
  /**
9254
- * <p>The source IPv4 address of network-related information about a finding.</p>
9366
+ * <p>
9367
+ * The identifier of the signal.
9368
+ * </p>
9255
9369
  * @public
9256
9370
  */
9257
- SourceIpV4?: string | undefined;
9371
+ Id?: string | undefined;
9258
9372
  /**
9259
- * <p>The source IPv6 address of network-related information about a finding.</p>
9373
+ * <p>
9374
+ * The description of the GuardDuty finding.
9375
+ * </p>
9260
9376
  * @public
9261
9377
  */
9262
- SourceIpV6?: string | undefined;
9378
+ Title?: string | undefined;
9263
9379
  /**
9264
- * <p>The source port of network-related information about a finding.</p>
9380
+ * <p>
9381
+ * The Amazon Resource Name (ARN) of the product that generated the signal.
9382
+ * </p>
9265
9383
  * @public
9266
9384
  */
9267
- SourcePort?: number | undefined;
9385
+ ProductArn?: string | undefined;
9268
9386
  /**
9269
- * <p>The source domain of network-related information about a finding.</p>
9270
- * <p>Length Constraints: Minimum of 1. Maximum of 128.</p>
9387
+ * <p>
9388
+ * The ARN or ID of the Amazon Web Services resource associated with the signal.
9389
+ * </p>
9271
9390
  * @public
9272
9391
  */
9273
- SourceDomain?: string | undefined;
9392
+ ResourceIds?: string[] | undefined;
9274
9393
  /**
9275
- * <p>The source media access control (MAC) address of network-related information about a
9276
- * finding.</p>
9394
+ * <p>
9395
+ * Contains information about the indicators associated with the signals in this attack sequence finding. The values for
9396
+ * <code>SignalIndicators</code> are a subset of the values for <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Sequence.html">SequenceIndicators</a>, but the values for
9397
+ * these fields don't always match 1:1.
9398
+ * </p>
9277
9399
  * @public
9278
9400
  */
9279
- SourceMac?: string | undefined;
9401
+ SignalIndicators?: Indicator[] | undefined;
9280
9402
  /**
9281
- * <p>The destination IPv4 address of network-related information about a finding.</p>
9403
+ * <p>
9404
+ * The name of the GuardDuty signal. For example, when signal type is <code>FINDING</code>,
9405
+ * the signal name is the name of the finding.
9406
+ * </p>
9282
9407
  * @public
9283
9408
  */
9284
- DestinationIpV4?: string | undefined;
9409
+ Name?: string | undefined;
9285
9410
  /**
9286
- * <p>The destination IPv6 address of network-related information about a finding.</p>
9411
+ * <p>
9412
+ * The timestamp when the first finding or activity related to this signal was observed.
9413
+ * </p>
9287
9414
  * @public
9288
9415
  */
9289
- DestinationIpV6?: string | undefined;
9416
+ CreatedAt?: number | undefined;
9290
9417
  /**
9291
- * <p>The destination port of network-related information about a finding.</p>
9418
+ * <p>
9419
+ * The timestamp when this signal was last observed.
9420
+ * </p>
9292
9421
  * @public
9293
9422
  */
9294
- DestinationPort?: number | undefined;
9423
+ UpdatedAt?: number | undefined;
9295
9424
  /**
9296
- * <p>The destination domain of network-related information about a finding.</p>
9297
- * <p>Length Constraints: Minimum of 1. Maximum of 128.</p>
9425
+ * <p>
9426
+ * The timestamp when the first finding or activity related to this signal was observed.
9427
+ * </p>
9298
9428
  * @public
9299
9429
  */
9300
- DestinationDomain?: string | undefined;
9301
- }
9302
- /**
9303
- * <p>Information about the destination of the next component in the network path.</p>
9304
- * @public
9305
- */
9306
- export interface NetworkPathComponentDetails {
9430
+ FirstSeenAt?: number | undefined;
9307
9431
  /**
9308
- * <p>The IP addresses of the destination.</p>
9432
+ * <p>
9433
+ * The timestamp when the last finding or activity related to this signal was observed.
9434
+ * </p>
9309
9435
  * @public
9310
9436
  */
9311
- Address?: string[] | undefined;
9437
+ LastSeenAt?: number | undefined;
9312
9438
  /**
9313
- * <p>A list of port ranges for the destination.</p>
9439
+ * <p>The severity associated with the signal. For more information about severity, see
9440
+ * <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings-severity.html">Findings severity levels</a>
9441
+ * in the <i>Amazon GuardDuty User Guide</i>.</p>
9314
9442
  * @public
9315
9443
  */
9316
- PortRanges?: PortRange[] | undefined;
9317
- }
9318
- /**
9319
- * <p>Details about a network path component that occurs before or after the current
9320
- * component.</p>
9321
- * @public
9322
- */
9323
- export interface NetworkHeader {
9444
+ Severity?: number | undefined;
9324
9445
  /**
9325
- * <p>The protocol used for the component.</p>
9326
- * <p>Length Constraints: Minimum of 1. Maximum of 16.</p>
9446
+ * <p>
9447
+ * The number of times this signal was observed.
9448
+ * </p>
9327
9449
  * @public
9328
9450
  */
9329
- Protocol?: string | undefined;
9451
+ Count?: number | undefined;
9330
9452
  /**
9331
- * <p>Information about the destination of the component.</p>
9453
+ * <p>
9454
+ * The IDs of the threat actors involved in the signal.
9455
+ * </p>
9332
9456
  * @public
9333
9457
  */
9334
- Destination?: NetworkPathComponentDetails | undefined;
9458
+ ActorIds?: string[] | undefined;
9335
9459
  /**
9336
- * <p>Information about the origin of the component.</p>
9460
+ * <p>Information about the endpoint IDs associated with this signal.</p>
9337
9461
  * @public
9338
9462
  */
9339
- Source?: NetworkPathComponentDetails | undefined;
9463
+ EndpointIds?: string[] | undefined;
9340
9464
  }
9341
9465
  /**
9342
- * <p>Information about a network path component.</p>
9466
+ * <p>
9467
+ * Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack
9468
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9469
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.
9470
+ * </p>
9343
9471
  * @public
9344
9472
  */
9345
- export interface NetworkPathComponent {
9473
+ export interface Sequence {
9346
9474
  /**
9347
- * <p>The identifier of a component in the network path.</p>
9348
- * <p>Length Constraints: Minimum of 1. Maximum of 32.</p>
9475
+ * <p>
9476
+ * Unique identifier of the attack sequence.
9477
+ * </p>
9349
9478
  * @public
9350
9479
  */
9351
- ComponentId?: string | undefined;
9480
+ Uid?: string | undefined;
9352
9481
  /**
9353
- * <p>The type of component.</p>
9354
- * <p>Length Constraints: Minimum of 1. Maximum of 32.</p>
9482
+ * <p>
9483
+ * Provides information about the actors involved in the attack sequence.
9484
+ * </p>
9355
9485
  * @public
9356
9486
  */
9357
- ComponentType?: string | undefined;
9487
+ Actors?: Actor[] | undefined;
9358
9488
  /**
9359
- * <p>Information about the component that comes after the current component in the network
9360
- * path.</p>
9489
+ * <p>
9490
+ * Contains information about the network endpoints that were used in the attack sequence.
9491
+ * </p>
9361
9492
  * @public
9362
9493
  */
9363
- Egress?: NetworkHeader | undefined;
9494
+ Endpoints?: NetworkEndpoint[] | undefined;
9364
9495
  /**
9365
- * <p>Information about the component that comes before the current node in the network
9366
- * path.</p>
9496
+ * <p>
9497
+ * Contains information about the signals involved in the attack sequence.
9498
+ * </p>
9367
9499
  * @public
9368
9500
  */
9369
- Ingress?: NetworkHeader | undefined;
9501
+ Signals?: Signal[] | undefined;
9502
+ /**
9503
+ * <p>
9504
+ * Contains information about the indicators observed in the attack sequence. The values for
9505
+ * <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_Signal.html">SignalIndicators</a> are a subset of the values for <code>SequenceIndicators</code>, but the values for
9506
+ * these fields don't always match 1:1.</p>
9507
+ * @public
9508
+ */
9509
+ SequenceIndicators?: Indicator[] | undefined;
9370
9510
  }
9371
9511
  /**
9372
- * <p>A user-defined note added to a finding.</p>
9512
+ * <p>
9513
+ * A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack
9514
+ * sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you
9515
+ * must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see <a href="https://docs.aws.amazon.com/guardduty/latest/ug/guardduty-extended-threat-detection.html">GuardDuty Extended Threat Detection </a> in the <i>Amazon GuardDuty User Guide</i>.</p>
9373
9516
  * @public
9374
9517
  */
9375
- export interface Note {
9376
- /**
9377
- * <p>The text of a note.</p>
9378
- * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9379
- * @public
9380
- */
9381
- Text: string | undefined;
9518
+ export interface Detection {
9382
9519
  /**
9383
- * <p>The principal that created a note.</p>
9520
+ * <p>
9521
+ * Provides details about an attack sequence.
9522
+ * </p>
9384
9523
  * @public
9385
9524
  */
9386
- UpdatedBy: string | undefined;
9387
- /**
9388
- * <p>A timestamp that indicates when the note was updated.</p>
9389
- * <p>This field accepts only the specified formats. Timestamps
9390
- * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9391
- * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9392
- * <ul>
9393
- * <li>
9394
- * <p>
9395
- * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9396
- * </li>
9397
- * <li>
9398
- * <p>
9399
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9400
- * </li>
9401
- * <li>
9402
- * <p>
9403
- * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9404
- * </li>
9405
- * <li>
9406
- * <p>
9407
- * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9408
- * </li>
9409
- * <li>
9410
- * <p>
9411
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9412
- * </li>
9413
- * </ul>
9414
- * @public
9415
- */
9416
- UpdatedAt: string | undefined;
9525
+ Sequence?: Sequence | undefined;
9417
9526
  }
9418
9527
  /**
9419
- * <p>Provides an overview of the patch compliance status for an instance against a selected
9420
- * compliance standard.</p>
9528
+ * <p>The severity assigned to a finding by the finding provider. This object may include one or more of the following
9529
+ * attributes:</p>
9530
+ * <ul>
9531
+ * <li>
9532
+ * <p>
9533
+ * <code>Label</code>
9534
+ * </p>
9535
+ * </li>
9536
+ * <li>
9537
+ * <p>
9538
+ * <code>Normalized</code>
9539
+ * </p>
9540
+ * </li>
9541
+ * <li>
9542
+ * <p>
9543
+ * <code>Original</code>
9544
+ * </p>
9545
+ * </li>
9546
+ * <li>
9547
+ * <p>
9548
+ * <code>Product</code>
9549
+ * </p>
9550
+ * </li>
9551
+ * </ul>
9552
+ * <p>If a <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
9553
+ * <code>BatchImportFindings</code>
9554
+ * </a> request for a
9555
+ * new finding only provides <code>Label</code> or only provides <code>Normalized</code>, Security Hub
9556
+ * automatically populates the value of the other field.</p>
9557
+ * <p>The <code>Normalized</code> and <code>Product</code> attributes are included in the <code>FindingProviderSeverity</code>
9558
+ * structure to preserve the historical information associated with the finding, even if the top-level
9559
+ * <code>Severity</code> object is later modified using the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
9560
+ * <code>BatchUpdateFindings</code>
9561
+ * </a> operation.</p>
9562
+ * <p>If the top-level <code>Finding.Severity</code> object is present, but <code>Finding.FindingProviderFields</code> isn't present,
9563
+ * Security Hub creates the <code>FindingProviderFields.Severity</code> object and copies the entire <code>Finding.Severity</code> object into it.
9564
+ * This ensures that the original, provider-supplied details are retained within the <code>FindingProviderFields.Severity</code>
9565
+ * object, even if the top-level <code>Severity</code> object is overwritten.
9566
+ * </p>
9421
9567
  * @public
9422
9568
  */
9423
- export interface PatchSummary {
9424
- /**
9425
- * <p>The identifier of the compliance standard that was used to determine the patch
9426
- * compliance status.</p>
9427
- * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9428
- * @public
9429
- */
9430
- Id: string | undefined;
9431
- /**
9432
- * <p>The number of patches from the compliance standard that were installed
9433
- * successfully.</p>
9434
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9435
- * @public
9436
- */
9437
- InstalledCount?: number | undefined;
9438
- /**
9439
- * <p>The number of patches that are part of the compliance standard but are not installed.
9440
- * The count includes patches that failed to install.</p>
9441
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9442
- * @public
9443
- */
9444
- MissingCount?: number | undefined;
9445
- /**
9446
- * <p>The number of patches from the compliance standard that failed to install.</p>
9447
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9448
- * @public
9449
- */
9450
- FailedCount?: number | undefined;
9569
+ export interface FindingProviderSeverity {
9451
9570
  /**
9452
- * <p>The number of installed patches that are not part of the compliance standard.</p>
9453
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9571
+ * <p>The severity label assigned to the finding by the finding provider.</p>
9454
9572
  * @public
9455
9573
  */
9456
- InstalledOtherCount?: number | undefined;
9574
+ Label?: SeverityLabel | undefined;
9457
9575
  /**
9458
- * <p>The number of patches that are installed but are also on a list of patches that the
9459
- * customer rejected.</p>
9460
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9576
+ * <p>The finding provider's original value for the severity.</p>
9577
+ * <p>Length Constraints: Minimum length of 1. Maximum length of 64.</p>
9461
9578
  * @public
9462
9579
  */
9463
- InstalledRejectedCount?: number | undefined;
9580
+ Original?: string | undefined;
9581
+ }
9582
+ /**
9583
+ * <p>In a <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchImportFindings.html">
9584
+ * <code>BatchImportFindings</code>
9585
+ * </a> request, finding providers use <code>FindingProviderFields</code> to provide
9586
+ * and update values for the following fields:</p>
9587
+ * <ul>
9588
+ * <li>
9589
+ * <p>
9590
+ * <code>Confidence</code>
9591
+ * </p>
9592
+ * </li>
9593
+ * <li>
9594
+ * <p>
9595
+ * <code>Criticality</code>
9596
+ * </p>
9597
+ * </li>
9598
+ * <li>
9599
+ * <p>
9600
+ * <code>RelatedFindings</code>
9601
+ * </p>
9602
+ * </li>
9603
+ * <li>
9604
+ * <p>
9605
+ * <code>Severity</code>
9606
+ * </p>
9607
+ * </li>
9608
+ * <li>
9609
+ * <p>
9610
+ * <code>Types</code>
9611
+ * </p>
9612
+ * </li>
9613
+ * </ul>
9614
+ * <p>The preceding fields are nested under the <code>FindingProviderFields</code> object, but also have analogues of the same name
9615
+ * as top-level ASFF fields. When a new finding is sent to Security Hub by a finding provider, Security Hub populates the
9616
+ * <code>FindingProviderFields</code> object automatically, if it is empty, based on the corresponding top-level fields.</p>
9617
+ * <p>Finding providers can update <code>FindingProviderFields</code> only by using the <code>BatchImportFindings</code>
9618
+ * operation. Finding providers can't update
9619
+ * this object with the <a href="https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_BatchUpdateFindings.html">
9620
+ * <code>BatchUpdateFindings</code>
9621
+ * </a> operation. Customers can update the top-level fields by using the <code>BatchUpdateFindings</code> operation. Customers can't
9622
+ * update <code>FindingProviderFields</code>.</p>
9623
+ * <p>For information about how Security Hub handles updates from <code>BatchImportFindings</code> to
9624
+ * <code>FindingProviderFields</code> and to the corresponding top-level
9625
+ * attributes, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/finding-update-batchimportfindings.html#batchimportfindings-findingproviderfields">Using <code>FindingProviderFields</code>
9626
+ * </a> in the <i>Security Hub User Guide</i>.</p>
9627
+ * <p></p>
9628
+ * @public
9629
+ */
9630
+ export interface FindingProviderFields {
9464
9631
  /**
9465
- * <p>The number of patches that were applied, but that require the instance to be rebooted in
9466
- * order to be marked as installed.</p>
9467
- * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9632
+ * <p>A finding's confidence. Confidence is defined as the likelihood that a finding
9633
+ * accurately identifies the behavior or issue that it was intended to identify.</p>
9634
+ * <p>Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent
9635
+ * confidence and 100 means 100 percent confidence.</p>
9468
9636
  * @public
9469
9637
  */
9470
- InstalledPendingReboot?: number | undefined;
9638
+ Confidence?: number | undefined;
9471
9639
  /**
9472
- * <p>Indicates when the operation started.</p>
9473
- * <p>This field accepts only the specified formats. Timestamps
9474
- * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9475
- * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9476
- * <ul>
9477
- * <li>
9478
- * <p>
9479
- * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9480
- * </li>
9481
- * <li>
9482
- * <p>
9483
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9484
- * </li>
9485
- * <li>
9486
- * <p>
9487
- * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9488
- * </li>
9489
- * <li>
9490
- * <p>
9491
- * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9492
- * </li>
9493
- * <li>
9494
- * <p>
9495
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9496
- * </li>
9497
- * </ul>
9640
+ * <p>The level of importance assigned to the resources associated with the finding.</p>
9641
+ * <p>A score of 0 means that the underlying resources have no criticality, and a score of 100
9642
+ * is reserved for the most critical resources.</p>
9498
9643
  * @public
9499
9644
  */
9500
- OperationStartTime?: string | undefined;
9645
+ Criticality?: number | undefined;
9501
9646
  /**
9502
- * <p>Indicates when the operation completed.</p>
9503
- * <p>This field accepts only the specified formats. Timestamps
9504
- * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9505
- * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9506
- * <ul>
9507
- * <li>
9508
- * <p>
9509
- * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9510
- * </li>
9511
- * <li>
9512
- * <p>
9513
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9514
- * </li>
9515
- * <li>
9516
- * <p>
9517
- * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9518
- * </li>
9519
- * <li>
9520
- * <p>
9521
- * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9522
- * </li>
9523
- * <li>
9524
- * <p>
9525
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9526
- * </li>
9527
- * </ul>
9647
+ * <p>A list of findings that are related to the current finding.</p>
9528
9648
  * @public
9529
9649
  */
9530
- OperationEndTime?: string | undefined;
9650
+ RelatedFindings?: RelatedFinding[] | undefined;
9531
9651
  /**
9532
- * <p>The reboot option specified for the instance.</p>
9533
- * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9652
+ * <p>The severity of a finding.</p>
9534
9653
  * @public
9535
9654
  */
9536
- RebootOption?: string | undefined;
9655
+ Severity?: FindingProviderSeverity | undefined;
9537
9656
  /**
9538
- * <p>The type of patch operation performed. For Patch Manager, the values are
9539
- * <code>SCAN</code> and <code>INSTALL</code>.</p>
9540
- * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9657
+ * <p>One or more finding types in the format of <code>namespace/category/classifier</code>
9658
+ * that classify a finding.</p>
9659
+ * <p>Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual
9660
+ * Behaviors | Sensitive Data Identifications</p>
9541
9661
  * @public
9542
9662
  */
9543
- Operation?: string | undefined;
9663
+ Types?: string[] | undefined;
9544
9664
  }
9545
9665
  /**
9546
- * <p>The details of process-related information about a finding.</p>
9666
+ * <p>
9667
+ * Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to
9668
+ * findings that relate to Lambda functions. Amazon Inspector identifies policy violations and
9669
+ * vulnerabilities in Lambda function code based on internal detectors developed
9670
+ * in collaboration with Amazon CodeGuru. Security Hub receives those findings.
9671
+ * </p>
9547
9672
  * @public
9548
9673
  */
9549
- export interface ProcessDetails {
9674
+ export interface GeneratorDetails {
9550
9675
  /**
9551
- * <p>The name of the process.</p>
9552
- * <p>Length Constraints: Minimum of 1. Maximum of 64.</p>
9676
+ * <p>
9677
+ * The name of the detector used to identify the code vulnerability.
9678
+ * </p>
9553
9679
  * @public
9554
9680
  */
9555
9681
  Name?: string | undefined;
9556
9682
  /**
9557
- * <p>The path to the process executable.</p>
9558
- * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9559
- * @public
9560
- */
9561
- Path?: string | undefined;
9562
- /**
9563
- * <p>The process ID.</p>
9564
- * @public
9565
- */
9566
- Pid?: number | undefined;
9567
- /**
9568
- * <p>The parent process ID. This field accepts positive integers between <code>O</code> and <code>2147483647</code>.</p>
9569
- * @public
9570
- */
9571
- ParentPid?: number | undefined;
9572
- /**
9573
- * <p>Indicates when the process was launched.</p>
9574
- * <p>This field accepts only the specified formats. Timestamps
9575
- * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9576
- * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9577
- * <ul>
9578
- * <li>
9579
- * <p>
9580
- * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9581
- * </li>
9582
- * <li>
9583
- * <p>
9584
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9585
- * </li>
9586
- * <li>
9587
- * <p>
9588
- * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9589
- * </li>
9590
- * <li>
9591
- * <p>
9592
- * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9593
- * </li>
9594
- * <li>
9595
- * <p>
9596
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9597
- * </li>
9598
- * </ul>
9683
+ * <p>
9684
+ * The description of the detector used to identify the code vulnerability.
9685
+ * </p>
9599
9686
  * @public
9600
9687
  */
9601
- LaunchedAt?: string | undefined;
9688
+ Description?: string | undefined;
9602
9689
  /**
9603
- * <p>Indicates when the process was terminated.</p>
9604
- * <p>This field accepts only the specified formats. Timestamps
9605
- * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9606
- * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9607
- * <ul>
9608
- * <li>
9609
- * <p>
9610
- * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9611
- * </li>
9612
- * <li>
9613
- * <p>
9614
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9615
- * </li>
9616
- * <li>
9617
- * <p>
9618
- * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9619
- * </li>
9620
- * <li>
9621
- * <p>
9622
- * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9623
- * </li>
9624
- * <li>
9625
- * <p>
9626
- * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9627
- * </li>
9628
- * </ul>
9690
+ * <p>
9691
+ * An array of tags used to identify the detector associated with the finding.
9692
+ * </p>
9693
+ * <p>Array Members: Minimum number of 0 items. Maximum number of 10 items.</p>
9629
9694
  * @public
9630
9695
  */
9631
- TerminatedAt?: string | undefined;
9696
+ Labels?: string[] | undefined;
9632
9697
  }
9633
9698
  /**
9634
9699
  * @public
9635
9700
  * @enum
9636
9701
  */
9637
- export declare const RecordState: {
9638
- readonly ACTIVE: "ACTIVE";
9639
- readonly ARCHIVED: "ARCHIVED";
9702
+ export declare const MalwareState: {
9703
+ readonly OBSERVED: "OBSERVED";
9704
+ readonly REMOVAL_FAILED: "REMOVAL_FAILED";
9705
+ readonly REMOVED: "REMOVED";
9640
9706
  };
9641
9707
  /**
9642
9708
  * @public
9643
9709
  */
9644
- export type RecordState = (typeof RecordState)[keyof typeof RecordState];
9710
+ export type MalwareState = (typeof MalwareState)[keyof typeof MalwareState];
9645
9711
  /**
9646
- * <p>A recommendation on how to remediate the issue identified in a finding.</p>
9647
9712
  * @public
9713
+ * @enum
9648
9714
  */
9649
- export interface Recommendation {
9650
- /**
9651
- * <p>Describes the recommended steps to take to remediate an issue identified in a finding.</p>
9652
- * <p>Length Constraints: Minimum of 1 length. Maximum of 512 length.</p>
9653
- * @public
9654
- */
9655
- Text?: string | undefined;
9656
- /**
9657
- * <p>A URL to a page or site that contains information about how to remediate a finding.</p>
9658
- * @public
9659
- */
9660
- Url?: string | undefined;
9661
- }
9715
+ export declare const MalwareType: {
9716
+ readonly ADWARE: "ADWARE";
9717
+ readonly BLENDED_THREAT: "BLENDED_THREAT";
9718
+ readonly BOTNET_AGENT: "BOTNET_AGENT";
9719
+ readonly COIN_MINER: "COIN_MINER";
9720
+ readonly EXPLOIT_KIT: "EXPLOIT_KIT";
9721
+ readonly KEYLOGGER: "KEYLOGGER";
9722
+ readonly MACRO: "MACRO";
9723
+ readonly POTENTIALLY_UNWANTED: "POTENTIALLY_UNWANTED";
9724
+ readonly RANSOMWARE: "RANSOMWARE";
9725
+ readonly REMOTE_ACCESS: "REMOTE_ACCESS";
9726
+ readonly ROOTKIT: "ROOTKIT";
9727
+ readonly SPYWARE: "SPYWARE";
9728
+ readonly TROJAN: "TROJAN";
9729
+ readonly VIRUS: "VIRUS";
9730
+ readonly WORM: "WORM";
9731
+ };
9662
9732
  /**
9663
- * <p>Details about the remediation steps for a finding.</p>
9664
9733
  * @public
9665
9734
  */
9666
- export interface Remediation {
9667
- /**
9668
- * <p>A recommendation on the steps to take to remediate the issue identified by a finding.</p>
9669
- * @public
9670
- */
9671
- Recommendation?: Recommendation | undefined;
9672
- }
9735
+ export type MalwareType = (typeof MalwareType)[keyof typeof MalwareType];
9673
9736
  /**
9674
- * <p>An occurrence of sensitive data detected in a Microsoft Excel workbook, comma-separated value (CSV) file, or tab-separated value (TSV) file.</p>
9737
+ * <p>A list of malware related to a finding.</p>
9675
9738
  * @public
9676
9739
  */
9677
- export interface Cell {
9740
+ export interface Malware {
9678
9741
  /**
9679
- * <p>The column number of the column that contains the data. For a Microsoft Excel workbook, the column number corresponds to the alphabetical column identifiers. For example, a value of 1 for Column corresponds to the A column in the workbook.</p>
9742
+ * <p>The name of the malware that was observed.</p>
9743
+ * <p>Length Constraints: Minimum of 1. Maximum of 64.</p>
9680
9744
  * @public
9681
9745
  */
9682
- Column?: number | undefined;
9746
+ Name: string | undefined;
9683
9747
  /**
9684
- * <p>The row number of the row that contains the data.</p>
9748
+ * <p>The type of the malware that was observed.</p>
9685
9749
  * @public
9686
9750
  */
9687
- Row?: number | undefined;
9751
+ Type?: MalwareType | undefined;
9688
9752
  /**
9689
- * <p>The name of the column that contains the data.</p>
9753
+ * <p>The file system path of the malware that was observed.</p>
9754
+ * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9690
9755
  * @public
9691
9756
  */
9692
- ColumnName?: string | undefined;
9757
+ Path?: string | undefined;
9693
9758
  /**
9694
- * <p>For a Microsoft Excel workbook, provides the location of the cell, as an absolute cell reference, that contains the data. For example, Sheet2!C5 for cell C5 on Sheet2.</p>
9759
+ * <p>The state of the malware that was observed.</p>
9695
9760
  * @public
9696
9761
  */
9697
- CellReference?: string | undefined;
9762
+ State?: MalwareState | undefined;
9698
9763
  }
9699
9764
  /**
9700
- * <p>Identifies where the sensitive data begins and ends.</p>
9701
9765
  * @public
9766
+ * @enum
9702
9767
  */
9703
- export interface Range {
9704
- /**
9705
- * <p>The number of lines (for a line range) or characters (for an offset range) from the beginning of the file to the end of the sensitive data.</p>
9706
- * @public
9707
- */
9708
- Start?: number | undefined;
9709
- /**
9710
- * <p>The number of lines (for a line range) or characters (for an offset range) from the beginning of the file to the end of the sensitive data.</p>
9711
- * @public
9712
- */
9713
- End?: number | undefined;
9714
- /**
9715
- * <p>In the line where the sensitive data starts, the column within the line where the sensitive data starts.</p>
9716
- * @public
9717
- */
9718
- StartColumn?: number | undefined;
9719
- }
9768
+ export declare const NetworkDirection: {
9769
+ readonly IN: "IN";
9770
+ readonly OUT: "OUT";
9771
+ };
9720
9772
  /**
9721
- * <p>An occurrence of sensitive data in an Adobe Portable Document Format (PDF) file.</p>
9722
9773
  * @public
9723
9774
  */
9724
- export interface Page {
9725
- /**
9726
- * <p>The page number of the page that contains the sensitive data.</p>
9727
- * @public
9728
- */
9729
- PageNumber?: number | undefined;
9775
+ export type NetworkDirection = (typeof NetworkDirection)[keyof typeof NetworkDirection];
9776
+ /**
9777
+ * <p>A range of ports.</p>
9778
+ * @public
9779
+ */
9780
+ export interface PortRange {
9730
9781
  /**
9731
- * <p>An occurrence of sensitive data detected in a non-binary text file or a Microsoft Word file. Non-binary text files include files such as HTML, XML, JSON, and TXT files.</p>
9782
+ * <p>The first port in the port range.</p>
9732
9783
  * @public
9733
9784
  */
9734
- LineRange?: Range | undefined;
9785
+ Begin?: number | undefined;
9735
9786
  /**
9736
- * <p>An occurrence of sensitive data detected in a binary text file.</p>
9787
+ * <p>The last port in the port range.</p>
9737
9788
  * @public
9738
9789
  */
9739
- OffsetRange?: Range | undefined;
9790
+ End?: number | undefined;
9740
9791
  }
9741
9792
  /**
9742
- * <p>An occurrence of sensitive data in an Apache Avro object container or an Apache Parquet file.</p>
9793
+ * <p>The details of network-related information about a finding.</p>
9743
9794
  * @public
9744
9795
  */
9745
- export interface _Record {
9796
+ export interface Network {
9746
9797
  /**
9747
- * <p>The path, as a JSONPath expression, to the field in the record that contains the data. If the field name is longer than 20 characters, it is truncated. If the path is longer than 250 characters, it is truncated.</p>
9798
+ * <p>The direction of network traffic associated with a finding.</p>
9748
9799
  * @public
9749
9800
  */
9750
- JsonPath?: string | undefined;
9801
+ Direction?: NetworkDirection | undefined;
9751
9802
  /**
9752
- * <p>The record index, starting from 0, for the record that contains the data.</p>
9803
+ * <p>The protocol of network-related information about a finding.</p>
9804
+ * <p>Length Constraints: Minimum of 1. Maximum of 16.</p>
9753
9805
  * @public
9754
9806
  */
9755
- RecordIndex?: number | undefined;
9756
- }
9757
- /**
9758
- * <p>The detected occurrences of sensitive data.</p>
9759
- * @public
9760
- */
9761
- export interface Occurrences {
9807
+ Protocol?: string | undefined;
9808
+ /**
9809
+ * <p>The range of open ports that is present on the network.</p>
9810
+ * @public
9811
+ */
9812
+ OpenPortRange?: PortRange | undefined;
9762
9813
  /**
9763
- * <p>Occurrences of sensitive data detected in a non-binary text file or a Microsoft Word file. Non-binary text files include files such as HTML, XML, JSON, and TXT files.</p>
9814
+ * <p>The source IPv4 address of network-related information about a finding.</p>
9764
9815
  * @public
9765
9816
  */
9766
- LineRanges?: Range[] | undefined;
9817
+ SourceIpV4?: string | undefined;
9767
9818
  /**
9768
- * <p>Occurrences of sensitive data detected in a binary text file.</p>
9819
+ * <p>The source IPv6 address of network-related information about a finding.</p>
9769
9820
  * @public
9770
9821
  */
9771
- OffsetRanges?: Range[] | undefined;
9822
+ SourceIpV6?: string | undefined;
9772
9823
  /**
9773
- * <p>Occurrences of sensitive data in an Adobe Portable Document Format (PDF) file.</p>
9824
+ * <p>The source port of network-related information about a finding.</p>
9774
9825
  * @public
9775
9826
  */
9776
- Pages?: Page[] | undefined;
9827
+ SourcePort?: number | undefined;
9777
9828
  /**
9778
- * <p>Occurrences of sensitive data in an Apache Avro object container or an Apache Parquet file.</p>
9829
+ * <p>The source domain of network-related information about a finding.</p>
9830
+ * <p>Length Constraints: Minimum of 1. Maximum of 128.</p>
9779
9831
  * @public
9780
9832
  */
9781
- Records?: _Record[] | undefined;
9833
+ SourceDomain?: string | undefined;
9782
9834
  /**
9783
- * <p>Occurrences of sensitive data detected in Microsoft Excel workbooks, comma-separated value (CSV) files, or tab-separated value (TSV) files.</p>
9835
+ * <p>The source media access control (MAC) address of network-related information about a
9836
+ * finding.</p>
9784
9837
  * @public
9785
9838
  */
9786
- Cells?: Cell[] | undefined;
9787
- }
9788
- /**
9789
- * <p>The list of detected instances of sensitive data.</p>
9790
- * @public
9791
- */
9792
- export interface CustomDataIdentifiersDetections {
9839
+ SourceMac?: string | undefined;
9793
9840
  /**
9794
- * <p>The total number of occurrences of sensitive data that were detected.</p>
9841
+ * <p>The destination IPv4 address of network-related information about a finding.</p>
9795
9842
  * @public
9796
9843
  */
9797
- Count?: number | undefined;
9844
+ DestinationIpV4?: string | undefined;
9798
9845
  /**
9799
- * <p>The ARN of the custom identifier that was used to detect the sensitive data.</p>
9846
+ * <p>The destination IPv6 address of network-related information about a finding.</p>
9800
9847
  * @public
9801
9848
  */
9802
- Arn?: string | undefined;
9849
+ DestinationIpV6?: string | undefined;
9803
9850
  /**
9804
- * <p>he name of the custom identifier that detected the sensitive data.</p>
9851
+ * <p>The destination port of network-related information about a finding.</p>
9805
9852
  * @public
9806
9853
  */
9807
- Name?: string | undefined;
9854
+ DestinationPort?: number | undefined;
9808
9855
  /**
9809
- * <p>Details about the sensitive data that was detected.</p>
9856
+ * <p>The destination domain of network-related information about a finding.</p>
9857
+ * <p>Length Constraints: Minimum of 1. Maximum of 128.</p>
9810
9858
  * @public
9811
9859
  */
9812
- Occurrences?: Occurrences | undefined;
9860
+ DestinationDomain?: string | undefined;
9813
9861
  }
9814
9862
  /**
9815
- * <p>Contains an instance of sensitive data that was detected by a customer-defined identifier.</p>
9863
+ * <p>Information about the destination of the next component in the network path.</p>
9816
9864
  * @public
9817
9865
  */
9818
- export interface CustomDataIdentifiersResult {
9866
+ export interface NetworkPathComponentDetails {
9819
9867
  /**
9820
- * <p>The list of detected instances of sensitive data.</p>
9868
+ * <p>The IP addresses of the destination.</p>
9821
9869
  * @public
9822
9870
  */
9823
- Detections?: CustomDataIdentifiersDetections[] | undefined;
9871
+ Address?: string[] | undefined;
9824
9872
  /**
9825
- * <p>The total number of occurrences of sensitive data.</p>
9873
+ * <p>A list of port ranges for the destination.</p>
9826
9874
  * @public
9827
9875
  */
9828
- TotalCount?: number | undefined;
9876
+ PortRanges?: PortRange[] | undefined;
9829
9877
  }
9830
9878
  /**
9831
- * <p>The list of detected instances of sensitive data.</p>
9879
+ * <p>Details about a network path component that occurs before or after the current
9880
+ * component.</p>
9832
9881
  * @public
9833
9882
  */
9834
- export interface SensitiveDataDetections {
9883
+ export interface NetworkHeader {
9835
9884
  /**
9836
- * <p>The total number of occurrences of sensitive data that were detected.</p>
9885
+ * <p>The protocol used for the component.</p>
9886
+ * <p>Length Constraints: Minimum of 1. Maximum of 16.</p>
9837
9887
  * @public
9838
9888
  */
9839
- Count?: number | undefined;
9889
+ Protocol?: string | undefined;
9840
9890
  /**
9841
- * <p>The type of sensitive data that was detected. For example, the type might indicate that the data is an email address.</p>
9891
+ * <p>Information about the destination of the component.</p>
9842
9892
  * @public
9843
9893
  */
9844
- Type?: string | undefined;
9894
+ Destination?: NetworkPathComponentDetails | undefined;
9845
9895
  /**
9846
- * <p>Details about the sensitive data that was detected.</p>
9896
+ * <p>Information about the origin of the component.</p>
9847
9897
  * @public
9848
9898
  */
9849
- Occurrences?: Occurrences | undefined;
9899
+ Source?: NetworkPathComponentDetails | undefined;
9850
9900
  }
9851
9901
  /**
9852
- * <p>Contains a detected instance of sensitive data that are based on built-in identifiers.</p>
9902
+ * <p>Information about a network path component.</p>
9853
9903
  * @public
9854
9904
  */
9855
- export interface SensitiveDataResult {
9905
+ export interface NetworkPathComponent {
9856
9906
  /**
9857
- * <p>The category of sensitive data that was detected. For example, the category can indicate that the sensitive data involved credentials, financial information, or personal information.</p>
9907
+ * <p>The identifier of a component in the network path.</p>
9908
+ * <p>Length Constraints: Minimum of 1. Maximum of 32.</p>
9858
9909
  * @public
9859
9910
  */
9860
- Category?: string | undefined;
9911
+ ComponentId?: string | undefined;
9861
9912
  /**
9862
- * <p>The list of detected instances of sensitive data.</p>
9913
+ * <p>The type of component.</p>
9914
+ * <p>Length Constraints: Minimum of 1. Maximum of 32.</p>
9863
9915
  * @public
9864
9916
  */
9865
- Detections?: SensitiveDataDetections[] | undefined;
9917
+ ComponentType?: string | undefined;
9866
9918
  /**
9867
- * <p>The total number of occurrences of sensitive data.</p>
9919
+ * <p>Information about the component that comes after the current component in the network
9920
+ * path.</p>
9868
9921
  * @public
9869
9922
  */
9870
- TotalCount?: number | undefined;
9923
+ Egress?: NetworkHeader | undefined;
9924
+ /**
9925
+ * <p>Information about the component that comes before the current node in the network
9926
+ * path.</p>
9927
+ * @public
9928
+ */
9929
+ Ingress?: NetworkHeader | undefined;
9871
9930
  }
9872
9931
  /**
9873
- * <p>Provides details about the current status of the sensitive data detection.</p>
9932
+ * <p>A user-defined note added to a finding.</p>
9874
9933
  * @public
9875
9934
  */
9876
- export interface ClassificationStatus {
9935
+ export interface Note {
9877
9936
  /**
9878
- * <p>The code that represents the status of the sensitive data detection.</p>
9937
+ * <p>The text of a note.</p>
9938
+ * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9879
9939
  * @public
9880
9940
  */
9881
- Code?: string | undefined;
9941
+ Text: string | undefined;
9882
9942
  /**
9883
- * <p>A longer description of the current status of the sensitive data detection.</p>
9943
+ * <p>The principal that created a note.</p>
9884
9944
  * @public
9885
9945
  */
9886
- Reason?: string | undefined;
9946
+ UpdatedBy: string | undefined;
9947
+ /**
9948
+ * <p>A timestamp that indicates when the note was updated.</p>
9949
+ * <p>This field accepts only the specified formats. Timestamps
9950
+ * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
9951
+ * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
9952
+ * <ul>
9953
+ * <li>
9954
+ * <p>
9955
+ * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
9956
+ * </li>
9957
+ * <li>
9958
+ * <p>
9959
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
9960
+ * </li>
9961
+ * <li>
9962
+ * <p>
9963
+ * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
9964
+ * </li>
9965
+ * <li>
9966
+ * <p>
9967
+ * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
9968
+ * </li>
9969
+ * <li>
9970
+ * <p>
9971
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
9972
+ * </li>
9973
+ * </ul>
9974
+ * @public
9975
+ */
9976
+ UpdatedAt: string | undefined;
9887
9977
  }
9888
9978
  /**
9889
- * <p>Details about the sensitive data that was detected on the resource.</p>
9979
+ * <p>Provides an overview of the patch compliance status for an instance against a selected
9980
+ * compliance standard.</p>
9890
9981
  * @public
9891
9982
  */
9892
- export interface ClassificationResult {
9983
+ export interface PatchSummary {
9893
9984
  /**
9894
- * <p>The type of content that the finding applies to.</p>
9985
+ * <p>The identifier of the compliance standard that was used to determine the patch
9986
+ * compliance status.</p>
9987
+ * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9895
9988
  * @public
9896
9989
  */
9897
- MimeType?: string | undefined;
9990
+ Id: string | undefined;
9898
9991
  /**
9899
- * <p>The total size in bytes of the affected data.</p>
9992
+ * <p>The number of patches from the compliance standard that were installed
9993
+ * successfully.</p>
9994
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9900
9995
  * @public
9901
9996
  */
9902
- SizeClassified?: number | undefined;
9997
+ InstalledCount?: number | undefined;
9903
9998
  /**
9904
- * <p>Indicates whether there are additional occurrences of sensitive data that are not included in the finding. This occurs when the number of occurrences exceeds the maximum that can be included.</p>
9999
+ * <p>The number of patches that are part of the compliance standard but are not installed.
10000
+ * The count includes patches that failed to install.</p>
10001
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9905
10002
  * @public
9906
10003
  */
9907
- AdditionalOccurrences?: boolean | undefined;
10004
+ MissingCount?: number | undefined;
9908
10005
  /**
9909
- * <p>The current status of the sensitive data detection.</p>
10006
+ * <p>The number of patches from the compliance standard that failed to install.</p>
10007
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9910
10008
  * @public
9911
10009
  */
9912
- Status?: ClassificationStatus | undefined;
10010
+ FailedCount?: number | undefined;
9913
10011
  /**
9914
- * <p>Provides details about sensitive data that was identified based on built-in configuration.</p>
10012
+ * <p>The number of installed patches that are not part of the compliance standard.</p>
10013
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9915
10014
  * @public
9916
10015
  */
9917
- SensitiveData?: SensitiveDataResult[] | undefined;
10016
+ InstalledOtherCount?: number | undefined;
9918
10017
  /**
9919
- * <p>Provides details about sensitive data that was identified based on customer-defined configuration.</p>
10018
+ * <p>The number of patches that are installed but are also on a list of patches that the
10019
+ * customer rejected.</p>
10020
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9920
10021
  * @public
9921
10022
  */
9922
- CustomDataIdentifiers?: CustomDataIdentifiersResult | undefined;
9923
- }
9924
- /**
9925
- * <p>Provides details about sensitive data that was detected on a resource.</p>
9926
- * @public
9927
- */
9928
- export interface DataClassificationDetails {
10023
+ InstalledRejectedCount?: number | undefined;
9929
10024
  /**
9930
- * <p>The path to the folder or file that contains the sensitive data.</p>
10025
+ * <p>The number of patches that were applied, but that require the instance to be rebooted in
10026
+ * order to be marked as installed.</p>
10027
+ * <p>The value can be an integer from <code>0</code> to <code>100000</code>.</p>
9931
10028
  * @public
9932
10029
  */
9933
- DetailedResultsLocation?: string | undefined;
10030
+ InstalledPendingReboot?: number | undefined;
9934
10031
  /**
9935
- * <p>The details about the sensitive data that was detected on the resource.</p>
10032
+ * <p>Indicates when the operation started.</p>
10033
+ * <p>This field accepts only the specified formats. Timestamps
10034
+ * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
10035
+ * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
10036
+ * <ul>
10037
+ * <li>
10038
+ * <p>
10039
+ * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
10040
+ * </li>
10041
+ * <li>
10042
+ * <p>
10043
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
10044
+ * </li>
10045
+ * <li>
10046
+ * <p>
10047
+ * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
10048
+ * </li>
10049
+ * <li>
10050
+ * <p>
10051
+ * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
10052
+ * </li>
10053
+ * <li>
10054
+ * <p>
10055
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
10056
+ * </li>
10057
+ * </ul>
9936
10058
  * @public
9937
10059
  */
9938
- Result?: ClassificationResult | undefined;
9939
- }
9940
- /**
9941
- * <p>A wrapper type for the attributes of an Amazon SNS subscription.</p>
9942
- * @public
9943
- */
9944
- export interface AwsSnsTopicSubscription {
10060
+ OperationStartTime?: string | undefined;
10061
+ /**
10062
+ * <p>Indicates when the operation completed.</p>
10063
+ * <p>This field accepts only the specified formats. Timestamps
10064
+ * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
10065
+ * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
10066
+ * <ul>
10067
+ * <li>
10068
+ * <p>
10069
+ * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
10070
+ * </li>
10071
+ * <li>
10072
+ * <p>
10073
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
10074
+ * </li>
10075
+ * <li>
10076
+ * <p>
10077
+ * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
10078
+ * </li>
10079
+ * <li>
10080
+ * <p>
10081
+ * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
10082
+ * </li>
10083
+ * <li>
10084
+ * <p>
10085
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
10086
+ * </li>
10087
+ * </ul>
10088
+ * @public
10089
+ */
10090
+ OperationEndTime?: string | undefined;
9945
10091
  /**
9946
- * <p>The subscription's endpoint (format depends on the protocol).</p>
10092
+ * <p>The reboot option specified for the instance.</p>
10093
+ * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9947
10094
  * @public
9948
10095
  */
9949
- Endpoint?: string | undefined;
10096
+ RebootOption?: string | undefined;
9950
10097
  /**
9951
- * <p>The subscription's protocol.</p>
10098
+ * <p>The type of patch operation performed. For Patch Manager, the values are
10099
+ * <code>SCAN</code> and <code>INSTALL</code>.</p>
10100
+ * <p>Length Constraints: Minimum length of 1. Maximum length of 256.</p>
9952
10101
  * @public
9953
10102
  */
9954
- Protocol?: string | undefined;
10103
+ Operation?: string | undefined;
9955
10104
  }
9956
10105
  /**
9957
- * <p>Provides information about an Amazon SNS topic to which notifications can be published.</p>
10106
+ * <p>The details of process-related information about a finding.</p>
9958
10107
  * @public
9959
10108
  */
9960
- export interface AwsSnsTopicDetails {
9961
- /**
9962
- * <p>The ID of an Amazon Web Services managed key for Amazon SNS or a customer managed key.</p>
9963
- * @public
9964
- */
9965
- KmsMasterKeyId?: string | undefined;
9966
- /**
9967
- * <p>Subscription is an embedded property that describes the subscription endpoints of an Amazon SNS topic.</p>
9968
- * @public
9969
- */
9970
- Subscription?: AwsSnsTopicSubscription[] | undefined;
10109
+ export interface ProcessDetails {
9971
10110
  /**
9972
- * <p>The name of the Amazon SNS topic.</p>
10111
+ * <p>The name of the process.</p>
10112
+ * <p>Length Constraints: Minimum of 1. Maximum of 64.</p>
9973
10113
  * @public
9974
10114
  */
9975
- TopicName?: string | undefined;
10115
+ Name?: string | undefined;
9976
10116
  /**
9977
- * <p>The subscription's owner.</p>
10117
+ * <p>The path to the process executable.</p>
10118
+ * <p>Length Constraints: Minimum of 1. Maximum of 512.</p>
9978
10119
  * @public
9979
10120
  */
9980
- Owner?: string | undefined;
10121
+ Path?: string | undefined;
9981
10122
  /**
9982
- * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
9983
- * </p>
10123
+ * <p>The process ID.</p>
9984
10124
  * @public
9985
10125
  */
9986
- SqsSuccessFeedbackRoleArn?: string | undefined;
10126
+ Pid?: number | undefined;
9987
10127
  /**
9988
- * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
9989
- * </p>
10128
+ * <p>The parent process ID. This field accepts positive integers between <code>O</code> and <code>2147483647</code>.</p>
9990
10129
  * @public
9991
10130
  */
9992
- SqsFailureFeedbackRoleArn?: string | undefined;
10131
+ ParentPid?: number | undefined;
9993
10132
  /**
9994
- * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to a platform application endpoint.
9995
- * </p>
10133
+ * <p>Indicates when the process was launched.</p>
10134
+ * <p>This field accepts only the specified formats. Timestamps
10135
+ * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
10136
+ * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
10137
+ * <ul>
10138
+ * <li>
10139
+ * <p>
10140
+ * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
10141
+ * </li>
10142
+ * <li>
10143
+ * <p>
10144
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
10145
+ * </li>
10146
+ * <li>
10147
+ * <p>
10148
+ * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
10149
+ * </li>
10150
+ * <li>
10151
+ * <p>
10152
+ * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
10153
+ * </li>
10154
+ * <li>
10155
+ * <p>
10156
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
10157
+ * </li>
10158
+ * </ul>
9996
10159
  * @public
9997
10160
  */
9998
- ApplicationSuccessFeedbackRoleArn?: string | undefined;
10161
+ LaunchedAt?: string | undefined;
9999
10162
  /**
10000
- * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
10001
- * </p>
10163
+ * <p>Indicates when the process was terminated.</p>
10164
+ * <p>This field accepts only the specified formats. Timestamps
10165
+ * can end with <code>Z</code> or <code>("+" / "-") time-hour [":" time-minute]</code>. The time-secfrac after seconds is limited
10166
+ * to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:</p>
10167
+ * <ul>
10168
+ * <li>
10169
+ * <p>
10170
+ * <code>YYYY-MM-DDTHH:MM:SSZ</code> (for example, <code>2019-01-31T23:00:00Z</code>)</p>
10171
+ * </li>
10172
+ * <li>
10173
+ * <p>
10174
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ</code> (for example, <code>2019-01-31T23:00:00.123456789Z</code>)</p>
10175
+ * </li>
10176
+ * <li>
10177
+ * <p>
10178
+ * <code>YYYY-MM-DDTHH:MM:SS+HH:MM</code> (for example, <code>2024-01-04T15:25:10+17:59</code>)</p>
10179
+ * </li>
10180
+ * <li>
10181
+ * <p>
10182
+ * <code>YYYY-MM-DDTHH:MM:SS-HHMM</code> (for example, <code>2024-01-04T15:25:10-1759</code>)</p>
10183
+ * </li>
10184
+ * <li>
10185
+ * <p>
10186
+ * <code>YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM</code> (for example, <code>2024-01-04T15:25:10.123456789+17:59</code>)</p>
10187
+ * </li>
10188
+ * </ul>
10002
10189
  * @public
10003
10190
  */
10004
- FirehoseSuccessFeedbackRoleArn?: string | undefined;
10191
+ TerminatedAt?: string | undefined;
10192
+ }
10193
+ /**
10194
+ * @public
10195
+ * @enum
10196
+ */
10197
+ export declare const RecordState: {
10198
+ readonly ACTIVE: "ACTIVE";
10199
+ readonly ARCHIVED: "ARCHIVED";
10200
+ };
10201
+ /**
10202
+ * @public
10203
+ */
10204
+ export type RecordState = (typeof RecordState)[keyof typeof RecordState];
10205
+ /**
10206
+ * <p>A recommendation on how to remediate the issue identified in a finding.</p>
10207
+ * @public
10208
+ */
10209
+ export interface Recommendation {
10005
10210
  /**
10006
- * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
10007
- * </p>
10211
+ * <p>Describes the recommended steps to take to remediate an issue identified in a finding.</p>
10212
+ * <p>Length Constraints: Minimum of 1 length. Maximum of 512 length.</p>
10008
10213
  * @public
10009
10214
  */
10010
- FirehoseFailureFeedbackRoleArn?: string | undefined;
10215
+ Text?: string | undefined;
10011
10216
  /**
10012
- * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
10013
- * </p>
10217
+ * <p>A URL to a page or site that contains information about how to remediate a finding.</p>
10014
10218
  * @public
10015
10219
  */
10016
- HttpSuccessFeedbackRoleArn?: string | undefined;
10220
+ Url?: string | undefined;
10221
+ }
10222
+ /**
10223
+ * <p>Details about the remediation steps for a finding.</p>
10224
+ * @public
10225
+ */
10226
+ export interface Remediation {
10017
10227
  /**
10018
- * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint. </p>
10228
+ * <p>A recommendation on the steps to take to remediate the issue identified by a finding.</p>
10019
10229
  * @public
10020
10230
  */
10021
- HttpFailureFeedbackRoleArn?: string | undefined;
10231
+ Recommendation?: Recommendation | undefined;
10022
10232
  }
10023
10233
  /**
10024
- * <p>Data about a queue.</p>
10234
+ * <p>An occurrence of sensitive data detected in a Microsoft Excel workbook, comma-separated value (CSV) file, or tab-separated value (TSV) file.</p>
10025
10235
  * @public
10026
10236
  */
10027
- export interface AwsSqsQueueDetails {
10237
+ export interface Cell {
10028
10238
  /**
10029
- * <p>The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling KMS again.</p>
10239
+ * <p>The column number of the column that contains the data. For a Microsoft Excel workbook, the column number corresponds to the alphabetical column identifiers. For example, a value of 1 for Column corresponds to the A column in the workbook.</p>
10030
10240
  * @public
10031
10241
  */
10032
- KmsDataKeyReusePeriodSeconds?: number | undefined;
10242
+ Column?: number | undefined;
10033
10243
  /**
10034
- * <p>The ID of an Amazon Web Services managed key for Amazon SQS or a custom
10035
- * KMS key.</p>
10244
+ * <p>The row number of the row that contains the data.</p>
10036
10245
  * @public
10037
10246
  */
10038
- KmsMasterKeyId?: string | undefined;
10247
+ Row?: number | undefined;
10039
10248
  /**
10040
- * <p>The name of the new queue.</p>
10249
+ * <p>The name of the column that contains the data.</p>
10041
10250
  * @public
10042
10251
  */
10043
- QueueName?: string | undefined;
10252
+ ColumnName?: string | undefined;
10044
10253
  /**
10045
- * <p>The ARN of the dead-letter queue to which Amazon SQS moves
10046
- * messages after the value of <code>maxReceiveCount</code> is exceeded. </p>
10254
+ * <p>For a Microsoft Excel workbook, provides the location of the cell, as an absolute cell reference, that contains the data. For example, Sheet2!C5 for cell C5 on Sheet2.</p>
10047
10255
  * @public
10048
10256
  */
10049
- DeadLetterTargetArn?: string | undefined;
10257
+ CellReference?: string | undefined;
10050
10258
  }
10051
10259
  /**
10052
- * <p>Provides the details about the compliance status for a patch.</p>
10260
+ * <p>Identifies where the sensitive data begins and ends.</p>
10053
10261
  * @public
10054
10262
  */
10055
- export interface AwsSsmComplianceSummary {
10056
- /**
10057
- * <p>The current patch compliance status. Valid values are as follows:</p>
10058
- * <ul>
10059
- * <li>
10060
- * <p>
10061
- * <code>COMPLIANT</code>
10062
- * </p>
10063
- * </li>
10064
- * <li>
10065
- * <p>
10066
- * <code>NON_COMPLIANT</code>
10067
- * </p>
10068
- * </li>
10069
- * <li>
10070
- * <p>
10071
- * <code>UNSPECIFIED_DATA</code>
10072
- * </p>
10073
- * </li>
10074
- * </ul>
10075
- * @public
10076
- */
10077
- Status?: string | undefined;
10263
+ export interface Range {
10078
10264
  /**
10079
- * <p>For the patches that are compliant, the number that have a severity of
10080
- * <code>CRITICAL</code>.</p>
10265
+ * <p>The number of lines (for a line range) or characters (for an offset range) from the beginning of the file to the end of the sensitive data.</p>
10081
10266
  * @public
10082
10267
  */
10083
- CompliantCriticalCount?: number | undefined;
10268
+ Start?: number | undefined;
10084
10269
  /**
10085
- * <p>For the patches that are compliant, the number that have a severity of
10086
- * <code>HIGH</code>.</p>
10270
+ * <p>The number of lines (for a line range) or characters (for an offset range) from the beginning of the file to the end of the sensitive data.</p>
10087
10271
  * @public
10088
10272
  */
10089
- CompliantHighCount?: number | undefined;
10273
+ End?: number | undefined;
10090
10274
  /**
10091
- * <p>For the patches that are compliant, the number that have a severity of
10092
- * <code>MEDIUM</code>.</p>
10275
+ * <p>In the line where the sensitive data starts, the column within the line where the sensitive data starts.</p>
10093
10276
  * @public
10094
10277
  */
10095
- CompliantMediumCount?: number | undefined;
10278
+ StartColumn?: number | undefined;
10279
+ }
10280
+ /**
10281
+ * <p>An occurrence of sensitive data in an Adobe Portable Document Format (PDF) file.</p>
10282
+ * @public
10283
+ */
10284
+ export interface Page {
10096
10285
  /**
10097
- * <p>The type of execution that was used determine compliance.</p>
10286
+ * <p>The page number of the page that contains the sensitive data.</p>
10098
10287
  * @public
10099
10288
  */
10100
- ExecutionType?: string | undefined;
10289
+ PageNumber?: number | undefined;
10101
10290
  /**
10102
- * <p>For the patch items that are noncompliant, the number of items that have a severity of
10103
- * <code>CRITICAL</code>.</p>
10291
+ * <p>An occurrence of sensitive data detected in a non-binary text file or a Microsoft Word file. Non-binary text files include files such as HTML, XML, JSON, and TXT files.</p>
10104
10292
  * @public
10105
10293
  */
10106
- NonCompliantCriticalCount?: number | undefined;
10294
+ LineRange?: Range | undefined;
10107
10295
  /**
10108
- * <p>For the patches that are compliant, the number that have a severity of
10109
- * <code>INFORMATIONAL</code>.</p>
10296
+ * <p>An occurrence of sensitive data detected in a binary text file.</p>
10110
10297
  * @public
10111
10298
  */
10112
- CompliantInformationalCount?: number | undefined;
10299
+ OffsetRange?: Range | undefined;
10300
+ }
10301
+ /**
10302
+ * <p>An occurrence of sensitive data in an Apache Avro object container or an Apache Parquet file.</p>
10303
+ * @public
10304
+ */
10305
+ export interface _Record {
10113
10306
  /**
10114
- * <p>For the patches that are noncompliant, the number that have a severity of
10115
- * <code>INFORMATIONAL</code>.</p>
10307
+ * <p>The path, as a JSONPath expression, to the field in the record that contains the data. If the field name is longer than 20 characters, it is truncated. If the path is longer than 250 characters, it is truncated.</p>
10116
10308
  * @public
10117
10309
  */
10118
- NonCompliantInformationalCount?: number | undefined;
10310
+ JsonPath?: string | undefined;
10119
10311
  /**
10120
- * <p>For the patches that are compliant, the number that have a severity of
10121
- * <code>UNSPECIFIED</code>.</p>
10312
+ * <p>The record index, starting from 0, for the record that contains the data.</p>
10122
10313
  * @public
10123
10314
  */
10124
- CompliantUnspecifiedCount?: number | undefined;
10315
+ RecordIndex?: number | undefined;
10316
+ }
10317
+ /**
10318
+ * <p>The detected occurrences of sensitive data.</p>
10319
+ * @public
10320
+ */
10321
+ export interface Occurrences {
10125
10322
  /**
10126
- * <p>For the patches that are noncompliant, the number that have a severity of
10127
- * <code>LOW</code>.</p>
10323
+ * <p>Occurrences of sensitive data detected in a non-binary text file or a Microsoft Word file. Non-binary text files include files such as HTML, XML, JSON, and TXT files.</p>
10128
10324
  * @public
10129
10325
  */
10130
- NonCompliantLowCount?: number | undefined;
10326
+ LineRanges?: Range[] | undefined;
10131
10327
  /**
10132
- * <p>For the patches that are noncompliant, the number that have a severity of
10133
- * <code>HIGH</code>.</p>
10328
+ * <p>Occurrences of sensitive data detected in a binary text file.</p>
10134
10329
  * @public
10135
10330
  */
10136
- NonCompliantHighCount?: number | undefined;
10331
+ OffsetRanges?: Range[] | undefined;
10137
10332
  /**
10138
- * <p>For the patches that are compliant, the number that have a severity of
10139
- * <code>LOW</code>.</p>
10333
+ * <p>Occurrences of sensitive data in an Adobe Portable Document Format (PDF) file.</p>
10140
10334
  * @public
10141
10335
  */
10142
- CompliantLowCount?: number | undefined;
10336
+ Pages?: Page[] | undefined;
10143
10337
  /**
10144
- * <p>The type of resource for which the compliance was determined. For
10145
- * <code>AwsSsmPatchCompliance</code>, <code>ComplianceType</code> is <code>Patch</code>. </p>
10338
+ * <p>Occurrences of sensitive data in an Apache Avro object container or an Apache Parquet file.</p>
10146
10339
  * @public
10147
10340
  */
10148
- ComplianceType?: string | undefined;
10341
+ Records?: _Record[] | undefined;
10149
10342
  /**
10150
- * <p>The identifier of the patch baseline. The patch baseline lists the patches that are
10151
- * approved for installation.</p>
10343
+ * <p>Occurrences of sensitive data detected in Microsoft Excel workbooks, comma-separated value (CSV) files, or tab-separated value (TSV) files.</p>
10152
10344
  * @public
10153
10345
  */
10154
- PatchBaselineId?: string | undefined;
10346
+ Cells?: Cell[] | undefined;
10347
+ }
10348
+ /**
10349
+ * <p>The list of detected instances of sensitive data.</p>
10350
+ * @public
10351
+ */
10352
+ export interface CustomDataIdentifiersDetections {
10155
10353
  /**
10156
- * <p>The highest severity for the patches. Valid values are as follows:</p>
10157
- * <ul>
10158
- * <li>
10159
- * <p>
10160
- * <code>CRITICAL</code>
10161
- * </p>
10162
- * </li>
10163
- * <li>
10164
- * <p>
10165
- * <code>HIGH</code>
10166
- * </p>
10167
- * </li>
10168
- * <li>
10169
- * <p>
10170
- * <code>MEDIUM</code>
10171
- * </p>
10172
- * </li>
10173
- * <li>
10174
- * <p>
10175
- * <code>LOW</code>
10176
- * </p>
10177
- * </li>
10178
- * <li>
10179
- * <p>
10180
- * <code>INFORMATIONAL</code>
10181
- * </p>
10182
- * </li>
10183
- * <li>
10184
- * <p>
10185
- * <code>UNSPECIFIED</code>
10186
- * </p>
10187
- * </li>
10188
- * </ul>
10354
+ * <p>The total number of occurrences of sensitive data that were detected.</p>
10189
10355
  * @public
10190
10356
  */
10191
- OverallSeverity?: string | undefined;
10357
+ Count?: number | undefined;
10192
10358
  /**
10193
- * <p>For the patches that are noncompliant, the number that have a severity of
10194
- * <code>MEDIUM</code>.</p>
10359
+ * <p>The ARN of the custom identifier that was used to detect the sensitive data.</p>
10195
10360
  * @public
10196
10361
  */
10197
- NonCompliantMediumCount?: number | undefined;
10362
+ Arn?: string | undefined;
10198
10363
  /**
10199
- * <p>For the patches that are noncompliant, the number that have a severity of
10200
- * <code>UNSPECIFIED</code>.</p>
10364
+ * <p>he name of the custom identifier that detected the sensitive data.</p>
10201
10365
  * @public
10202
10366
  */
10203
- NonCompliantUnspecifiedCount?: number | undefined;
10367
+ Name?: string | undefined;
10204
10368
  /**
10205
- * <p>The identifier of the patch group for which compliance was determined. A patch group
10206
- * uses tags to group EC2 instances that should have the same patch compliance.</p>
10369
+ * <p>Details about the sensitive data that was detected.</p>
10207
10370
  * @public
10208
10371
  */
10209
- PatchGroup?: string | undefined;
10372
+ Occurrences?: Occurrences | undefined;
10210
10373
  }
10211
10374
  /**
10212
- * <p>Provides details about the compliance for a patch.</p>
10375
+ * <p>Contains an instance of sensitive data that was detected by a customer-defined identifier.</p>
10213
10376
  * @public
10214
10377
  */
10215
- export interface AwsSsmPatch {
10378
+ export interface CustomDataIdentifiersResult {
10216
10379
  /**
10217
- * <p>The compliance status details for the patch.</p>
10380
+ * <p>The list of detected instances of sensitive data.</p>
10218
10381
  * @public
10219
10382
  */
10220
- ComplianceSummary?: AwsSsmComplianceSummary | undefined;
10221
- }
10222
- /**
10223
- * <p>Provides information about the state of a patch on an instance based on the patch
10224
- * baseline that was used to patch the instance.</p>
10225
- * @public
10226
- */
10227
- export interface AwsSsmPatchComplianceDetails {
10383
+ Detections?: CustomDataIdentifiersDetections[] | undefined;
10228
10384
  /**
10229
- * <p>Information about the status of a patch.</p>
10385
+ * <p>The total number of occurrences of sensitive data.</p>
10230
10386
  * @public
10231
10387
  */
10232
- Patch?: AwsSsmPatch | undefined;
10388
+ TotalCount?: number | undefined;
10233
10389
  }
10234
10390
  /**
10235
- * <p>
10236
- * An object describing a CloudWatch log group. For more information, see
10237
- * <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html">
10238
- * Amazon Web Services::Logs::LogGroup</a> in the <i>CloudFormation User Guide</i>.
10239
- * </p>
10391
+ * <p>The list of detected instances of sensitive data.</p>
10240
10392
  * @public
10241
10393
  */
10242
- export interface AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails {
10394
+ export interface SensitiveDataDetections {
10243
10395
  /**
10244
- * <p>The ARN (ends with <code>:*</code>) of the CloudWatch Logs log group to which you want your logs emitted.</p>
10396
+ * <p>The total number of occurrences of sensitive data that were detected.</p>
10245
10397
  * @public
10246
10398
  */
10247
- LogGroupArn?: string | undefined;
10248
- }
10249
- /**
10250
- * <p>
10251
- * An array of objects that describes where your execution history events will be logged.
10252
- * </p>
10253
- * @public
10254
- */
10255
- export interface AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails {
10399
+ Count?: number | undefined;
10256
10400
  /**
10257
- * <p>
10258
- * An object describing a CloudWatch Logs log group. For more information, see
10259
- * <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html">
10260
- * Amazon Web Services::Logs::LogGroup</a> in the <i>CloudFormation User Guide</i>.
10261
- * </p>
10401
+ * <p>The type of sensitive data that was detected. For example, the type might indicate that the data is an email address.</p>
10262
10402
  * @public
10263
10403
  */
10264
- CloudWatchLogsLogGroup?: AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails | undefined;
10404
+ Type?: string | undefined;
10405
+ /**
10406
+ * <p>Details about the sensitive data that was detected.</p>
10407
+ * @public
10408
+ */
10409
+ Occurrences?: Occurrences | undefined;
10265
10410
  }
10266
10411
  /**
10267
- * <p>
10268
- * The <code>LoggingConfiguration</code> data type is used to set CloudWatch Logs options.
10269
- * </p>
10412
+ * <p>Contains a detected instance of sensitive data that are based on built-in identifiers.</p>
10270
10413
  * @public
10271
10414
  */
10272
- export interface AwsStepFunctionStateMachineLoggingConfigurationDetails {
10415
+ export interface SensitiveDataResult {
10273
10416
  /**
10274
- * <p>
10275
- * An array of objects that describes where your execution history events will be logged.
10276
- * </p>
10417
+ * <p>The category of sensitive data that was detected. For example, the category can indicate that the sensitive data involved credentials, financial information, or personal information.</p>
10277
10418
  * @public
10278
10419
  */
10279
- Destinations?: AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails[] | undefined;
10420
+ Category?: string | undefined;
10280
10421
  /**
10281
- * <p>
10282
- * Determines whether execution data is included in your log. When set to false, data is excluded.
10283
- * </p>
10422
+ * <p>The list of detected instances of sensitive data.</p>
10284
10423
  * @public
10285
10424
  */
10286
- IncludeExecutionData?: boolean | undefined;
10425
+ Detections?: SensitiveDataDetections[] | undefined;
10287
10426
  /**
10288
- * <p>
10289
- * Defines which category of execution history events are logged.
10290
- * </p>
10427
+ * <p>The total number of occurrences of sensitive data.</p>
10291
10428
  * @public
10292
10429
  */
10293
- Level?: string | undefined;
10430
+ TotalCount?: number | undefined;
10294
10431
  }
10295
10432
  /**
10296
- * <p>
10297
- * Specifies whether X-Ray tracing is enabled.
10298
- * </p>
10433
+ * <p>Provides details about the current status of the sensitive data detection.</p>
10299
10434
  * @public
10300
10435
  */
10301
- export interface AwsStepFunctionStateMachineTracingConfigurationDetails {
10436
+ export interface ClassificationStatus {
10302
10437
  /**
10303
- * <p>
10304
- * When set to true, X-Ray tracing is enabled.
10305
- * </p>
10438
+ * <p>The code that represents the status of the sensitive data detection.</p>
10306
10439
  * @public
10307
10440
  */
10308
- Enabled?: boolean | undefined;
10441
+ Code?: string | undefined;
10442
+ /**
10443
+ * <p>A longer description of the current status of the sensitive data detection.</p>
10444
+ * @public
10445
+ */
10446
+ Reason?: string | undefined;
10309
10447
  }
10310
10448
  /**
10311
- * <p>
10312
- * Provides details about an Step Functions state machine, which is a workflow consisting of a series of event-
10313
- * driven steps.
10314
- * </p>
10449
+ * <p>Details about the sensitive data that was detected on the resource.</p>
10315
10450
  * @public
10316
10451
  */
10317
- export interface AwsStepFunctionStateMachineDetails {
10452
+ export interface ClassificationResult {
10318
10453
  /**
10319
- * <p>
10320
- * A user-defined or an auto-generated string that identifies a <code>Map</code> state. This parameter is present only if
10321
- * the <code>stateMachineArn</code> specified in input is a qualified state machine ARN.
10322
- * </p>
10454
+ * <p>The type of content that the finding applies to.</p>
10323
10455
  * @public
10324
10456
  */
10325
- Label?: string | undefined;
10457
+ MimeType?: string | undefined;
10326
10458
  /**
10327
- * <p>
10328
- * Used to set CloudWatch Logs options.
10329
- * </p>
10459
+ * <p>The total size in bytes of the affected data.</p>
10330
10460
  * @public
10331
10461
  */
10332
- LoggingConfiguration?: AwsStepFunctionStateMachineLoggingConfigurationDetails | undefined;
10462
+ SizeClassified?: number | undefined;
10333
10463
  /**
10334
- * <p>
10335
- * The name of the state machine.
10336
- * </p>
10464
+ * <p>Indicates whether there are additional occurrences of sensitive data that are not included in the finding. This occurs when the number of occurrences exceeds the maximum that can be included.</p>
10337
10465
  * @public
10338
10466
  */
10339
- Name?: string | undefined;
10467
+ AdditionalOccurrences?: boolean | undefined;
10340
10468
  /**
10341
- * <p>
10342
- * The Amazon Resource Name (ARN) of the IAM role used when creating this state machine.
10343
- * </p>
10469
+ * <p>The current status of the sensitive data detection.</p>
10344
10470
  * @public
10345
10471
  */
10346
- RoleArn?: string | undefined;
10472
+ Status?: ClassificationStatus | undefined;
10347
10473
  /**
10348
- * <p>
10349
- * The ARN that identifies the state machine.
10350
- * </p>
10474
+ * <p>Provides details about sensitive data that was identified based on built-in configuration.</p>
10351
10475
  * @public
10352
10476
  */
10353
- StateMachineArn?: string | undefined;
10477
+ SensitiveData?: SensitiveDataResult[] | undefined;
10354
10478
  /**
10355
- * <p>
10356
- * The current status of the state machine.
10357
- * </p>
10479
+ * <p>Provides details about sensitive data that was identified based on customer-defined configuration.</p>
10358
10480
  * @public
10359
10481
  */
10360
- Status?: string | undefined;
10482
+ CustomDataIdentifiers?: CustomDataIdentifiersResult | undefined;
10483
+ }
10484
+ /**
10485
+ * <p>Provides details about sensitive data that was detected on a resource.</p>
10486
+ * @public
10487
+ */
10488
+ export interface DataClassificationDetails {
10361
10489
  /**
10362
- * <p>
10363
- * Specifies whether X-Ray tracing is enabled.
10364
- * </p>
10490
+ * <p>The path to the folder or file that contains the sensitive data.</p>
10365
10491
  * @public
10366
10492
  */
10367
- TracingConfiguration?: AwsStepFunctionStateMachineTracingConfigurationDetails | undefined;
10493
+ DetailedResultsLocation?: string | undefined;
10368
10494
  /**
10369
- * <p>
10370
- * The type of the state machine (STANDARD or EXPRESS).
10371
- * </p>
10495
+ * <p>The details about the sensitive data that was detected on the resource.</p>
10372
10496
  * @public
10373
10497
  */
10374
- Type?: string | undefined;
10498
+ Result?: ClassificationResult | undefined;
10375
10499
  }
10376
10500
  /**
10377
- * <p>A match predicate. A predicate might look for characteristics such as specific IP addresses, geographic locations, or sizes.</p>
10501
+ * <p>A wrapper type for the attributes of an Amazon SNS subscription.</p>
10378
10502
  * @public
10379
10503
  */
10380
- export interface AwsWafRateBasedRuleMatchPredicate {
10504
+ export interface AwsSnsTopicSubscription {
10381
10505
  /**
10382
- * <p>The unique identifier for the predicate.</p>
10506
+ * <p>The subscription's endpoint (format depends on the protocol).</p>
10383
10507
  * @public
10384
10508
  */
10385
- DataId?: string | undefined;
10509
+ Endpoint?: string | undefined;
10386
10510
  /**
10387
- * <p>If set to <code>true</code>, then the rule actions are performed on requests that match the predicate settings.</p>
10388
- * <p>If set to <code>false</code>, then the rule actions are performed on all requests except those that match the predicate settings.
10389
- * </p>
10511
+ * <p>The subscription's protocol.</p>
10390
10512
  * @public
10391
10513
  */
10392
- Negated?: boolean | undefined;
10514
+ Protocol?: string | undefined;
10515
+ }
10516
+ /**
10517
+ * <p>Provides information about an Amazon SNS topic to which notifications can be published.</p>
10518
+ * @public
10519
+ */
10520
+ export interface AwsSnsTopicDetails {
10393
10521
  /**
10394
- * <p>The type of predicate. Valid values are as follows:</p>
10395
- * <ul>
10396
- * <li>
10397
- * <p>
10398
- * <code>ByteMatch</code>
10399
- * </p>
10400
- * </li>
10401
- * <li>
10402
- * <p>
10403
- * <code>GeoMatch</code>
10404
- * </p>
10405
- * </li>
10406
- * <li>
10407
- * <p>
10408
- * <code>IPMatch</code>
10409
- * </p>
10410
- * </li>
10411
- * <li>
10412
- * <p>
10413
- * <code>RegexMatch</code>
10414
- * </p>
10415
- * </li>
10416
- * <li>
10417
- * <p>
10418
- * <code>SizeConstraint</code>
10419
- * </p>
10420
- * </li>
10421
- * <li>
10422
- * <p>
10423
- * <code>SqlInjectionMatch</code>
10424
- * </p>
10425
- * </li>
10426
- * <li>
10427
- * <p>
10428
- * <code>XssMatch</code>
10429
- * </p>
10430
- * </li>
10431
- * </ul>
10522
+ * <p>The ID of an Amazon Web Services managed key for Amazon SNS or a customer managed key.</p>
10523
+ * @public
10524
+ */
10525
+ KmsMasterKeyId?: string | undefined;
10526
+ /**
10527
+ * <p>Subscription is an embedded property that describes the subscription endpoints of an Amazon SNS topic.</p>
10432
10528
  * @public
10433
10529
  */
10434
- Type?: string | undefined;
10435
- }
10436
- /**
10437
- * <p>Details about a rate-based rule for global resources. A rate-based rule provides settings to indicate when to allow, block, or count a request. Rate-based rules include the number of requests that arrive over a specified period of time.</p>
10438
- * @public
10439
- */
10440
- export interface AwsWafRateBasedRuleDetails {
10530
+ Subscription?: AwsSnsTopicSubscription[] | undefined;
10441
10531
  /**
10442
- * <p>The name of the metrics for the rate-based rule.</p>
10532
+ * <p>The name of the Amazon SNS topic.</p>
10443
10533
  * @public
10444
10534
  */
10445
- MetricName?: string | undefined;
10535
+ TopicName?: string | undefined;
10446
10536
  /**
10447
- * <p>The name of the rate-based rule.</p>
10537
+ * <p>The subscription's owner.</p>
10448
10538
  * @public
10449
10539
  */
10450
- Name?: string | undefined;
10540
+ Owner?: string | undefined;
10541
+ /**
10542
+ * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
10543
+ * </p>
10544
+ * @public
10545
+ */
10546
+ SqsSuccessFeedbackRoleArn?: string | undefined;
10547
+ /**
10548
+ * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon SQS endpoint.
10549
+ * </p>
10550
+ * @public
10551
+ */
10552
+ SqsFailureFeedbackRoleArn?: string | undefined;
10451
10553
  /**
10452
- * <p>The field that WAF uses to determine whether requests are likely arriving from single source and are subject to rate monitoring.</p>
10554
+ * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to a platform application endpoint.
10555
+ * </p>
10556
+ * @public
10557
+ */
10558
+ ApplicationSuccessFeedbackRoleArn?: string | undefined;
10559
+ /**
10560
+ * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
10561
+ * </p>
10453
10562
  * @public
10454
10563
  */
10455
- RateKey?: string | undefined;
10564
+ FirehoseSuccessFeedbackRoleArn?: string | undefined;
10456
10565
  /**
10457
- * <p>The maximum number of requests that have an identical value for the field specified in <code>RateKey</code> that are allowed within a five-minute period. If the number of requests exceeds <code>RateLimit</code> and the other predicates specified in the rule are met, WAF triggers the action for the rule.</p>
10566
+ * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an Amazon Kinesis Data Firehose endpoint.
10567
+ * </p>
10458
10568
  * @public
10459
10569
  */
10460
- RateLimit?: number | undefined;
10570
+ FirehoseFailureFeedbackRoleArn?: string | undefined;
10461
10571
  /**
10462
- * <p>The unique identifier for the rate-based rule.</p>
10572
+ * <p>Indicates successful message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint.
10573
+ * </p>
10463
10574
  * @public
10464
10575
  */
10465
- RuleId?: string | undefined;
10576
+ HttpSuccessFeedbackRoleArn?: string | undefined;
10466
10577
  /**
10467
- * <p>The predicates to include in the rate-based rule.</p>
10578
+ * <p>Indicates failed message delivery status for an Amazon SNS topic that is subscribed to an HTTP endpoint. </p>
10468
10579
  * @public
10469
10580
  */
10470
- MatchPredicates?: AwsWafRateBasedRuleMatchPredicate[] | undefined;
10581
+ HttpFailureFeedbackRoleArn?: string | undefined;
10471
10582
  }
10472
10583
  /**
10473
- * <p>Details for a match predicate. A predicate might look for characteristics such as specific IP addresses, geographic locations, or sizes.</p>
10584
+ * <p>Data about a queue.</p>
10474
10585
  * @public
10475
10586
  */
10476
- export interface AwsWafRegionalRateBasedRuleMatchPredicate {
10587
+ export interface AwsSqsQueueDetails {
10588
+ /**
10589
+ * <p>The length of time, in seconds, for which Amazon SQS can reuse a data key to encrypt or decrypt messages before calling KMS again.</p>
10590
+ * @public
10591
+ */
10592
+ KmsDataKeyReusePeriodSeconds?: number | undefined;
10477
10593
  /**
10478
- * <p>The unique identifier for the predicate.</p>
10594
+ * <p>The ID of an Amazon Web Services managed key for Amazon SQS or a custom
10595
+ * KMS key.</p>
10596
+ * @public
10597
+ */
10598
+ KmsMasterKeyId?: string | undefined;
10599
+ /**
10600
+ * <p>The name of the new queue.</p>
10479
10601
  * @public
10480
10602
  */
10481
- DataId?: string | undefined;
10603
+ QueueName?: string | undefined;
10482
10604
  /**
10483
- * <p>If set to <code>true</code>, then the rule actions are performed on requests that match the predicate settings.</p>
10484
- * <p>If set to <code>false</code>, then the rule actions are performed on all requests except those that match the predicate settings.</p>
10605
+ * <p>The ARN of the dead-letter queue to which Amazon SQS moves
10606
+ * messages after the value of <code>maxReceiveCount</code> is exceeded. </p>
10485
10607
  * @public
10486
10608
  */
10487
- Negated?: boolean | undefined;
10609
+ DeadLetterTargetArn?: string | undefined;
10610
+ }
10611
+ /**
10612
+ * <p>Provides the details about the compliance status for a patch.</p>
10613
+ * @public
10614
+ */
10615
+ export interface AwsSsmComplianceSummary {
10488
10616
  /**
10489
- * <p>The type of predicate. Valid values are as follows:</p>
10617
+ * <p>The current patch compliance status. Valid values are as follows:</p>
10490
10618
  * <ul>
10491
10619
  * <li>
10492
10620
  * <p>
10493
- * <code>ByteMatch</code>
10494
- * </p>
10495
- * </li>
10496
- * <li>
10497
- * <p>
10498
- * <code>GeoMatch</code>
10499
- * </p>
10500
- * </li>
10501
- * <li>
10502
- * <p>
10503
- * <code>IPMatch</code>
10504
- * </p>
10505
- * </li>
10506
- * <li>
10507
- * <p>
10508
- * <code>RegexMatch</code>
10509
- * </p>
10510
- * </li>
10511
- * <li>
10512
- * <p>
10513
- * <code>SizeConstraint</code>
10621
+ * <code>COMPLIANT</code>
10514
10622
  * </p>
10515
10623
  * </li>
10516
10624
  * <li>
10517
10625
  * <p>
10518
- * <code>SqlInjectionMatch</code>
10626
+ * <code>NON_COMPLIANT</code>
10519
10627
  * </p>
10520
10628
  * </li>
10521
10629
  * <li>
10522
10630
  * <p>
10523
- * <code>XssMatch</code>
10631
+ * <code>UNSPECIFIED_DATA</code>
10524
10632
  * </p>
10525
10633
  * </li>
10526
10634
  * </ul>
10527
10635
  * @public
10528
10636
  */
10529
- Type?: string | undefined;
10530
- }
10531
- /**
10532
- * <p>contains details about a rate-based rule for Regional resources. A rate-based rule provides settings to indicate when to allow, block, or count a request. Rate-based rules include the number of requests that arrive over a specified period of time.</p>
10533
- * @public
10534
- */
10535
- export interface AwsWafRegionalRateBasedRuleDetails {
10536
- /**
10537
- * <p>The name of the metrics for the rate-based rule.</p>
10538
- * @public
10539
- */
10540
- MetricName?: string | undefined;
10637
+ Status?: string | undefined;
10541
10638
  /**
10542
- * <p>The name of the rate-based rule.</p>
10639
+ * <p>For the patches that are compliant, the number that have a severity of
10640
+ * <code>CRITICAL</code>.</p>
10543
10641
  * @public
10544
10642
  */
10545
- Name?: string | undefined;
10643
+ CompliantCriticalCount?: number | undefined;
10546
10644
  /**
10547
- * <p>The field that WAF uses to determine whether requests are likely arriving from single source and are subject to rate monitoring.</p>
10645
+ * <p>For the patches that are compliant, the number that have a severity of
10646
+ * <code>HIGH</code>.</p>
10548
10647
  * @public
10549
10648
  */
10550
- RateKey?: string | undefined;
10649
+ CompliantHighCount?: number | undefined;
10551
10650
  /**
10552
- * <p>The maximum number of requests that have an identical value for the field specified in <code>RateKey</code> that are allowed within a five-minute period. If the number of requests exceeds <code>RateLimit</code> and the other predicates specified in the rule are met, WAF triggers the action for the rule.</p>
10651
+ * <p>For the patches that are compliant, the number that have a severity of
10652
+ * <code>MEDIUM</code>.</p>
10553
10653
  * @public
10554
10654
  */
10555
- RateLimit?: number | undefined;
10655
+ CompliantMediumCount?: number | undefined;
10556
10656
  /**
10557
- * <p>The unique identifier for the rate-based rule.</p>
10657
+ * <p>The type of execution that was used determine compliance.</p>
10558
10658
  * @public
10559
10659
  */
10560
- RuleId?: string | undefined;
10660
+ ExecutionType?: string | undefined;
10561
10661
  /**
10562
- * <p>The predicates to include in the rate-based rule.</p>
10662
+ * <p>For the patch items that are noncompliant, the number of items that have a severity of
10663
+ * <code>CRITICAL</code>.</p>
10563
10664
  * @public
10564
10665
  */
10565
- MatchPredicates?: AwsWafRegionalRateBasedRuleMatchPredicate[] | undefined;
10566
- }
10567
- /**
10568
- * <p>Provides details about the <code>ByteMatchSet</code>, <code>IPSet</code>, <code>SqlInjectionMatchSet</code>, <code>XssMatchSet</code>,
10569
- * <code>RegexMatchSet</code>, <code>GeoMatchSet</code>, and <code>SizeConstraintSet</code> objects that you want to add to a rule and, for each object, indicates whether you want to negate the settings.
10570
- * </p>
10571
- * @public
10572
- */
10573
- export interface AwsWafRegionalRulePredicateListDetails {
10666
+ NonCompliantCriticalCount?: number | undefined;
10574
10667
  /**
10575
- * <p>A unique identifier for a predicate in a rule, such as <code>ByteMatchSetId</code> or <code>IPSetId</code>.
10576
- * </p>
10668
+ * <p>For the patches that are compliant, the number that have a severity of
10669
+ * <code>INFORMATIONAL</code>.</p>
10577
10670
  * @public
10578
10671
  */
10579
- DataId?: string | undefined;
10672
+ CompliantInformationalCount?: number | undefined;
10580
10673
  /**
10581
- * <p>Specifies if you want WAF to allow, block, or count requests based on the settings in the
10582
- * <code>ByteMatchSet</code>, <code>IPSet</code>, <code>SqlInjectionMatchSet</code>, <code>XssMatchSet</code>,
10583
- * <code>RegexMatchSet</code>, <code>GeoMatchSet</code>, or <code>SizeConstraintSet</code>.
10584
- * </p>
10674
+ * <p>For the patches that are noncompliant, the number that have a severity of
10675
+ * <code>INFORMATIONAL</code>.</p>
10585
10676
  * @public
10586
10677
  */
10587
- Negated?: boolean | undefined;
10678
+ NonCompliantInformationalCount?: number | undefined;
10588
10679
  /**
10589
- * <p>The type of predicate in a rule, such as <code>ByteMatch</code> or <code>IPSet</code>.
10590
- * </p>
10680
+ * <p>For the patches that are compliant, the number that have a severity of
10681
+ * <code>UNSPECIFIED</code>.</p>
10591
10682
  * @public
10592
10683
  */
10593
- Type?: string | undefined;
10594
- }
10595
- /**
10596
- * <p>Provides information about an WAF Regional rule. This rule identifies the web requests that you want to allow, block, or count. </p>
10597
- * @public
10598
- */
10599
- export interface AwsWafRegionalRuleDetails {
10684
+ CompliantUnspecifiedCount?: number | undefined;
10600
10685
  /**
10601
- * <p>A name for the metrics for the rule.
10602
- * </p>
10686
+ * <p>For the patches that are noncompliant, the number that have a severity of
10687
+ * <code>LOW</code>.</p>
10603
10688
  * @public
10604
10689
  */
10605
- MetricName?: string | undefined;
10690
+ NonCompliantLowCount?: number | undefined;
10606
10691
  /**
10607
- * <p>A descriptive name for the rule.
10608
- * </p>
10692
+ * <p>For the patches that are noncompliant, the number that have a severity of
10693
+ * <code>HIGH</code>.</p>
10609
10694
  * @public
10610
10695
  */
10611
- Name?: string | undefined;
10696
+ NonCompliantHighCount?: number | undefined;
10612
10697
  /**
10613
- * <p>Specifies the <code>ByteMatchSet</code>, <code>IPSet</code>,
10614
- * <code>SqlInjectionMatchSet</code>, <code>XssMatchSet</code>, <code>RegexMatchSet</code>,
10615
- * <code>GeoMatchSet</code>, and <code>SizeConstraintSet</code> objects that you want to
10616
- * add to a rule and, for each object, indicates whether you want to negate the settings. </p>
10698
+ * <p>For the patches that are compliant, the number that have a severity of
10699
+ * <code>LOW</code>.</p>
10617
10700
  * @public
10618
10701
  */
10619
- PredicateList?: AwsWafRegionalRulePredicateListDetails[] | undefined;
10702
+ CompliantLowCount?: number | undefined;
10620
10703
  /**
10621
- * <p>The ID of the rule.
10622
- * </p>
10704
+ * <p>The type of resource for which the compliance was determined. For
10705
+ * <code>AwsSsmPatchCompliance</code>, <code>ComplianceType</code> is <code>Patch</code>. </p>
10623
10706
  * @public
10624
10707
  */
10625
- RuleId?: string | undefined;
10626
- }
10627
- /**
10628
- * <p>Describes the action that WAF should take on a web request when it matches the criteria defined in the rule.
10629
- * </p>
10630
- * @public
10631
- */
10632
- export interface AwsWafRegionalRuleGroupRulesActionDetails {
10708
+ ComplianceType?: string | undefined;
10633
10709
  /**
10634
- * <p>Specifies the <code>ByteMatchSet</code>, <code>IPSet</code>, <code>SqlInjectionMatchSet</code>, <code>XssMatchSet</code>, <code>RegexMatchSet</code>,
10635
- * <code>GeoMatchSet</code>, and <code>SizeConstraintSet</code> objects that you want to add to a rule and, for each object, indicates whether you want to negate the settings.</p>
10710
+ * <p>The identifier of the patch baseline. The patch baseline lists the patches that are
10711
+ * approved for installation.</p>
10636
10712
  * @public
10637
10713
  */
10638
- Type?: string | undefined;
10639
- }
10640
- /**
10641
- * <p>Provides information about the rules attached to a rule group
10642
- * </p>
10643
- * @public
10644
- */
10645
- export interface AwsWafRegionalRuleGroupRulesDetails {
10714
+ PatchBaselineId?: string | undefined;
10646
10715
  /**
10647
- * <p>The action that WAF should take on a web request when it matches the criteria defined in the rule. </p>
10716
+ * <p>The highest severity for the patches. Valid values are as follows:</p>
10717
+ * <ul>
10718
+ * <li>
10719
+ * <p>
10720
+ * <code>CRITICAL</code>
10721
+ * </p>
10722
+ * </li>
10723
+ * <li>
10724
+ * <p>
10725
+ * <code>HIGH</code>
10726
+ * </p>
10727
+ * </li>
10728
+ * <li>
10729
+ * <p>
10730
+ * <code>MEDIUM</code>
10731
+ * </p>
10732
+ * </li>
10733
+ * <li>
10734
+ * <p>
10735
+ * <code>LOW</code>
10736
+ * </p>
10737
+ * </li>
10738
+ * <li>
10739
+ * <p>
10740
+ * <code>INFORMATIONAL</code>
10741
+ * </p>
10742
+ * </li>
10743
+ * <li>
10744
+ * <p>
10745
+ * <code>UNSPECIFIED</code>
10746
+ * </p>
10747
+ * </li>
10748
+ * </ul>
10648
10749
  * @public
10649
10750
  */
10650
- Action?: AwsWafRegionalRuleGroupRulesActionDetails | undefined;
10751
+ OverallSeverity?: string | undefined;
10651
10752
  /**
10652
- * <p>If you define more than one rule in a web ACL, WAF evaluates each request against the rules in
10653
- * order based on the value of <code>Priority</code>. </p>
10753
+ * <p>For the patches that are noncompliant, the number that have a severity of
10754
+ * <code>MEDIUM</code>.</p>
10654
10755
  * @public
10655
10756
  */
10656
- Priority?: number | undefined;
10757
+ NonCompliantMediumCount?: number | undefined;
10657
10758
  /**
10658
- * <p>The ID for a rule.
10659
- * </p>
10759
+ * <p>For the patches that are noncompliant, the number that have a severity of
10760
+ * <code>UNSPECIFIED</code>.</p>
10660
10761
  * @public
10661
10762
  */
10662
- RuleId?: string | undefined;
10763
+ NonCompliantUnspecifiedCount?: number | undefined;
10663
10764
  /**
10664
- * <p>The type of rule in the rule group.
10665
- * </p>
10765
+ * <p>The identifier of the patch group for which compliance was determined. A patch group
10766
+ * uses tags to group EC2 instances that should have the same patch compliance.</p>
10666
10767
  * @public
10667
10768
  */
10668
- Type?: string | undefined;
10769
+ PatchGroup?: string | undefined;
10669
10770
  }
10670
10771
  /**
10671
- * <p>Provides information about an WAF Regional rule group. The rule group is a collection of rules for inspecting and controlling web
10672
- * requests. </p>
10772
+ * <p>Provides details about the compliance for a patch.</p>
10673
10773
  * @public
10674
10774
  */
10675
- export interface AwsWafRegionalRuleGroupDetails {
10676
- /**
10677
- * <p>A name for the metrics for this rule group.
10678
- * </p>
10679
- * @public
10680
- */
10681
- MetricName?: string | undefined;
10682
- /**
10683
- * <p>The descriptive name of the rule group.
10684
- * </p>
10685
- * @public
10686
- */
10687
- Name?: string | undefined;
10775
+ export interface AwsSsmPatch {
10688
10776
  /**
10689
- * <p>The ID of the rule group.
10690
- * </p>
10777
+ * <p>The compliance status details for the patch.</p>
10691
10778
  * @public
10692
10779
  */
10693
- RuleGroupId?: string | undefined;
10780
+ ComplianceSummary?: AwsSsmComplianceSummary | undefined;
10781
+ }
10782
+ /**
10783
+ * <p>Provides information about the state of a patch on an instance based on the patch
10784
+ * baseline that was used to patch the instance.</p>
10785
+ * @public
10786
+ */
10787
+ export interface AwsSsmPatchComplianceDetails {
10694
10788
  /**
10695
- * <p>Provides information about the rule statements used to identify the web requests that you want to allow, block, or
10696
- * count.
10697
- * </p>
10789
+ * <p>Information about the status of a patch.</p>
10698
10790
  * @public
10699
10791
  */
10700
- Rules?: AwsWafRegionalRuleGroupRulesDetails[] | undefined;
10792
+ Patch?: AwsSsmPatch | undefined;
10701
10793
  }
10702
10794
  /**
10703
- * <p>The action that WAF takes when a web request matches all conditions in the
10704
- * rule, such as allow, block, or count the request. </p>
10795
+ * <p>
10796
+ * An object describing a CloudWatch log group. For more information, see
10797
+ * <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html">
10798
+ * Amazon Web Services::Logs::LogGroup</a> in the <i>CloudFormation User Guide</i>.
10799
+ * </p>
10705
10800
  * @public
10706
10801
  */
10707
- export interface AwsWafRegionalWebAclRulesListActionDetails {
10802
+ export interface AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails {
10708
10803
  /**
10709
- * <p>For actions that are associated with a rule, the action that WAF takes when a web request matches all conditions in a rule.
10710
- * </p>
10804
+ * <p>The ARN (ends with <code>:*</code>) of the CloudWatch Logs log group to which you want your logs emitted.</p>
10711
10805
  * @public
10712
10806
  */
10713
- Type?: string | undefined;
10807
+ LogGroupArn?: string | undefined;
10714
10808
  }
10715
10809
  /**
10716
- * <p>Provides details about the action to use in the place of the action that results from the rule group
10717
- * evaluation.
10718
- * </p>
10810
+ * <p>
10811
+ * An array of objects that describes where your execution history events will be logged.
10812
+ * </p>
10719
10813
  * @public
10720
10814
  */
10721
- export interface AwsWafRegionalWebAclRulesListOverrideActionDetails {
10815
+ export interface AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails {
10722
10816
  /**
10723
- * <p>Overrides the rule evaluation result in the rule group.
10724
- * </p>
10817
+ * <p>
10818
+ * An object describing a CloudWatch Logs log group. For more information, see
10819
+ * <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html">
10820
+ * Amazon Web Services::Logs::LogGroup</a> in the <i>CloudFormation User Guide</i>.
10821
+ * </p>
10725
10822
  * @public
10726
10823
  */
10727
- Type?: string | undefined;
10824
+ CloudWatchLogsLogGroup?: AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails | undefined;
10728
10825
  }