@aws-sdk/client-securityhub 3.916.0 → 3.918.0

package/dist-types/commands/CreateAggregatorV2Command.d.ts

@@ -27,7 +27,7 @@ declare const CreateAggregatorV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Enables aggregation across Amazon Web Services Regions. This API is in private preview and subject to change.</p>
+ * <p>Enables aggregation across Amazon Web Services Regions. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/CreateAutomationRuleV2Command.d.ts

@@ -1,6 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { CreateAutomationRuleV2Request, CreateAutomationRuleV2Response } from "../models/models_2";
+import { CreateAutomationRuleV2Response } from "../models/models_2";
+import { CreateAutomationRuleV2Request } from "../models/models_3";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public
@@ -27,7 +28,7 @@ declare const CreateAutomationRuleV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Creates a V2 automation rule. This API is in private preview and subject to change.</p>
+ * <p>Creates a V2 automation rule. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -47,7 +48,7 @@ declare const CreateAutomationRuleV2Command_base: {
  *         { // CompositeFilter
  *           StringFilters: [ // OcsfStringFilterList
  *             { // OcsfStringFilter
- *               FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name",
+ *               FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
  *               Filter: { // StringFilter
  *                 Value: "STRING_VALUE",
  *                 Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
@@ -56,7 +57,7 @@ declare const CreateAutomationRuleV2Command_base: {
  *           ],
  *           DateFilters: [ // OcsfDateFilterList
  *             { // OcsfDateFilter
- *               FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt",
+ *               FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
  *               Filter: { // DateFilter
  *                 Start: "STRING_VALUE",
  *                 End: "STRING_VALUE",
@@ -77,7 +78,7 @@ declare const CreateAutomationRuleV2Command_base: {
  *           ],
  *           NumberFilters: [ // OcsfNumberFilterList
  *             { // OcsfNumberFilter
- *               FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count",
+ *               FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
  *               Filter: { // NumberFilter
  *                 Gte: Number("double"),
  *                 Lte: Number("double"),
@@ -89,7 +90,7 @@ declare const CreateAutomationRuleV2Command_base: {
  *           ],
  *           MapFilters: [ // OcsfMapFilterList
  *             { // OcsfMapFilter
- *               FieldName: "resources.tags",
+ *               FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
  *               Filter: { // MapFilter
  *                 Key: "STRING_VALUE",
  *                 Value: "STRING_VALUE",
@@ -97,6 +98,80 @@ declare const CreateAutomationRuleV2Command_base: {
  *               },
  *             },
  *           ],
+ *           IpFilters: [ // OcsfIpFilterList
+ *             { // OcsfIpFilter
+ *               FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ *               Filter: { // IpFilter
+ *                 Cidr: "STRING_VALUE",
+ *               },
+ *             },
+ *           ],
+ *           NestedCompositeFilters: [
+ *             {
+ *               StringFilters: [
+ *                 {
+ *                   FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
+ *                   Filter: {
+ *                     Value: "STRING_VALUE",
+ *                     Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
+ *                   },
+ *                 },
+ *               ],
+ *               DateFilters: [
+ *                 {
+ *                   FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
+ *                   Filter: {
+ *                     Start: "STRING_VALUE",
+ *                     End: "STRING_VALUE",
+ *                     DateRange: {
+ *                       Value: Number("int"),
+ *                       Unit: "DAYS",
+ *                     },
+ *                   },
+ *                 },
+ *               ],
+ *               BooleanFilters: [
+ *                 {
+ *                   FieldName: "compliance.assessments.meets_criteria" || "vulnerabilities.is_exploit_available" || "vulnerabilities.is_fix_available",
+ *                   Filter: {
+ *                     Value: true || false,
+ *                   },
+ *                 },
+ *               ],
+ *               NumberFilters: [
+ *                 {
+ *                   FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
+ *                   Filter: {
+ *                     Gte: Number("double"),
+ *                     Lte: Number("double"),
+ *                     Eq: Number("double"),
+ *                     Gt: Number("double"),
+ *                     Lt: Number("double"),
+ *                   },
+ *                 },
+ *               ],
+ *               MapFilters: [
+ *                 {
+ *                   FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
+ *                   Filter: {
+ *                     Key: "STRING_VALUE",
+ *                     Value: "STRING_VALUE",
+ *                     Comparison: "EQUALS" || "NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS",
+ *                   },
+ *                 },
+ *               ],
+ *               IpFilters: [
+ *                 {
+ *                   FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ *                   Filter: {
+ *                     Cidr: "STRING_VALUE",
+ *                   },
+ *                 },
+ *               ],
+ *               NestedCompositeFilters: "<CompositeFilterList>",
+ *               Operator: "AND" || "OR",
+ *             },
+ *           ],
  *           Operator: "AND" || "OR",
  *         },
  *       ],

package/dist-types/commands/DeleteAggregatorV2Command.d.ts

@@ -27,7 +27,7 @@ declare const DeleteAggregatorV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deletes the Aggregator V2. This API is in private preview and subject to change.</p>
+ * <p>Deletes the Aggregator V2. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DeleteAutomationRuleV2Command.d.ts

@@ -27,7 +27,7 @@ declare const DeleteAutomationRuleV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Deletes a V2 automation rule. This API is in private preview and subject to change.</p>
+ * <p>Deletes a V2 automation rule. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DescribeProductsV2Command.d.ts

@@ -27,7 +27,7 @@ declare const DescribeProductsV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Gets information about the product integration. This API is in private preview and subject to change.</p>
+ * <p>Gets information about the product integration. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DescribeSecurityHubV2Command.d.ts

@@ -27,7 +27,7 @@ declare const DescribeSecurityHubV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Returns details about the service resource in your account. This API is in private preview and subject to change.</p>
+ * <p>Returns details about the service resource in your account. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/DisableSecurityHubV2Command.d.ts

@@ -27,7 +27,7 @@ declare const DisableSecurityHubV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Disable the service for the current Amazon Web Services Region or specified Amazon Web Services Region. This API is in private preview and subject to change.</p>
+ * <p>Disable the service for the current Amazon Web Services Region or specified Amazon Web Services Region. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/EnableSecurityHubV2Command.d.ts

@@ -27,7 +27,7 @@ declare const EnableSecurityHubV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Enables the service in account for the current Amazon Web Services Region or specified Amazon Web Services Region. This API is in private preview and subject to change.</p>
+ * <p>Enables the service in account for the current Amazon Web Services Region or specified Amazon Web Services Region. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/GetAggregatorV2Command.d.ts

@@ -27,7 +27,7 @@ declare const GetAggregatorV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Returns the configuration of the specified Aggregator V2. This API is in private preview and subject to change.</p>
+ * <p>Returns the configuration of the specified Aggregator V2. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/GetAutomationRuleV2Command.d.ts

@@ -1,6 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { GetAutomationRuleV2Request, GetAutomationRuleV2Response } from "../models/models_2";
+import { GetAutomationRuleV2Request } from "../models/models_2";
+import { GetAutomationRuleV2Response } from "../models/models_3";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public
@@ -27,7 +28,7 @@ declare const GetAutomationRuleV2Command_base: {
     getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
 };
 /**
- * <p>Returns an automation rule for the V2 service. This API is in private preview and subject to change.</p>
+ * <p>Returns an automation rule for the V2 service. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -54,7 +55,7 @@ declare const GetAutomationRuleV2Command_base: {
  * //         { // CompositeFilter
  * //           StringFilters: [ // OcsfStringFilterList
  * //             { // OcsfStringFilter
- * //               FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name",
+ * //               FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
  * //               Filter: { // StringFilter
  * //                 Value: "STRING_VALUE",
  * //                 Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
@@ -63,7 +64,7 @@ declare const GetAutomationRuleV2Command_base: {
  * //           ],
  * //           DateFilters: [ // OcsfDateFilterList
  * //             { // OcsfDateFilter
- * //               FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt",
+ * //               FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
  * //               Filter: { // DateFilter
  * //                 Start: "STRING_VALUE",
  * //                 End: "STRING_VALUE",
@@ -84,7 +85,7 @@ declare const GetAutomationRuleV2Command_base: {
  * //           ],
  * //           NumberFilters: [ // OcsfNumberFilterList
  * //             { // OcsfNumberFilter
- * //               FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count",
+ * //               FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
  * //               Filter: { // NumberFilter
  * //                 Gte: Number("double"),
  * //                 Lte: Number("double"),
@@ -96,7 +97,7 @@ declare const GetAutomationRuleV2Command_base: {
  * //           ],
  * //           MapFilters: [ // OcsfMapFilterList
  * //             { // OcsfMapFilter
- * //               FieldName: "resources.tags",
+ * //               FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
  * //               Filter: { // MapFilter
  * //                 Key: "STRING_VALUE",
  * //                 Value: "STRING_VALUE",
@@ -104,6 +105,80 @@ declare const GetAutomationRuleV2Command_base: {
  * //               },
  * //             },
  * //           ],
+ * //           IpFilters: [ // OcsfIpFilterList
+ * //             { // OcsfIpFilter
+ * //               FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ * //               Filter: { // IpFilter
+ * //                 Cidr: "STRING_VALUE",
+ * //               },
+ * //             },
+ * //           ],
+ * //           NestedCompositeFilters: [
+ * //             {
+ * //               StringFilters: [
+ * //                 {
+ * //                   FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
+ * //                   Filter: {
+ * //                     Value: "STRING_VALUE",
+ * //                     Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               DateFilters: [
+ * //                 {
+ * //                   FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
+ * //                   Filter: {
+ * //                     Start: "STRING_VALUE",
+ * //                     End: "STRING_VALUE",
+ * //                     DateRange: {
+ * //                       Value: Number("int"),
+ * //                       Unit: "DAYS",
+ * //                     },
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               BooleanFilters: [
+ * //                 {
+ * //                   FieldName: "compliance.assessments.meets_criteria" || "vulnerabilities.is_exploit_available" || "vulnerabilities.is_fix_available",
+ * //                   Filter: {
+ * //                     Value: true || false,
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               NumberFilters: [
+ * //                 {
+ * //                   FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
+ * //                   Filter: {
+ * //                     Gte: Number("double"),
+ * //                     Lte: Number("double"),
+ * //                     Eq: Number("double"),
+ * //                     Gt: Number("double"),
+ * //                     Lt: Number("double"),
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               MapFilters: [
+ * //                 {
+ * //                   FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
+ * //                   Filter: {
+ * //                     Key: "STRING_VALUE",
+ * //                     Value: "STRING_VALUE",
+ * //                     Comparison: "EQUALS" || "NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS",
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               IpFilters: [
+ * //                 {
+ * //                   FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ * //                   Filter: {
+ * //                     Cidr: "STRING_VALUE",
+ * //                   },
+ * //                 },
+ * //               ],
+ * //               NestedCompositeFilters: "<CompositeFilterList>",
+ * //               Operator: "AND" || "OR",
+ * //             },
+ * //           ],
  * //           Operator: "AND" || "OR",
  * //         },
  * //       ],

package/dist-types/commands/GetFindingStatisticsV2Command.d.ts

@@ -29,7 +29,7 @@ declare const GetFindingStatisticsV2Command_base: {
 /**
  * <p>Returns aggregated statistical data about findings.
  *          <code>GetFindingStatisticsV2</code> use <code>securityhub:GetAdhocInsightResults</code> in the <code>Action</code> element of an IAM policy statement.
- *          You must have permission to perform the <code>s</code> action. This API is in private preview and subject to change.</p>
+ *          You must have permission to perform the <code>s</code> action. This API is in public preview and subject to change.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript
@@ -46,7 +46,7 @@ declare const GetFindingStatisticsV2Command_base: {
  *           { // CompositeFilter
  *             StringFilters: [ // OcsfStringFilterList
  *               { // OcsfStringFilter
- *                 FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name",
+ *                 FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
  *                 Filter: { // StringFilter
  *                   Value: "STRING_VALUE",
  *                   Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
@@ -55,7 +55,7 @@ declare const GetFindingStatisticsV2Command_base: {
  *             ],
  *             DateFilters: [ // OcsfDateFilterList
  *               { // OcsfDateFilter
- *                 FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt",
+ *                 FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
  *                 Filter: { // DateFilter
  *                   Start: "STRING_VALUE",
  *                   End: "STRING_VALUE",
@@ -76,7 +76,7 @@ declare const GetFindingStatisticsV2Command_base: {
  *             ],
  *             NumberFilters: [ // OcsfNumberFilterList
  *               { // OcsfNumberFilter
- *                 FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count",
+ *                 FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
  *                 Filter: { // NumberFilter
  *                   Gte: Number("double"),
  *                   Lte: Number("double"),
@@ -88,7 +88,7 @@ declare const GetFindingStatisticsV2Command_base: {
  *             ],
  *             MapFilters: [ // OcsfMapFilterList
  *               { // OcsfMapFilter
- *                 FieldName: "resources.tags",
+ *                 FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
  *                 Filter: { // MapFilter
  *                   Key: "STRING_VALUE",
  *                   Value: "STRING_VALUE",
@@ -96,12 +96,86 @@ declare const GetFindingStatisticsV2Command_base: {
  *                 },
  *               },
  *             ],
+ *             IpFilters: [ // OcsfIpFilterList
+ *               { // OcsfIpFilter
+ *                 FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ *                 Filter: { // IpFilter
+ *                   Cidr: "STRING_VALUE",
+ *                 },
+ *               },
+ *             ],
+ *             NestedCompositeFilters: [
+ *               {
+ *                 StringFilters: [
+ *                   {
+ *                     FieldName: "metadata.uid" || "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.category" || "compliance.assessments.name" || "compliance.control" || "compliance.status" || "compliance.standards" || "finding_info.desc" || "finding_info.src_url" || "finding_info.title" || "finding_info.types" || "finding_info.uid" || "finding_info.related_events.uid" || "finding_info.related_events.product.uid" || "finding_info.related_events.title" || "metadata.product.name" || "metadata.product.uid" || "metadata.product.vendor_name" || "remediation.desc" || "remediation.references" || "resources.cloud_partition" || "resources.region" || "resources.type" || "resources.uid" || "severity" || "status" || "comment" || "vulnerabilities.fix_coverage" || "class_name" || "databucket.encryption_details.algorithm" || "databucket.encryption_details.key_uid" || "databucket.file.data_classifications.classifier_details.type" || "evidences.actor.user.account.uid" || "evidences.api.operation" || "evidences.api.response.error_message" || "evidences.api.service.name" || "evidences.connection_info.direction" || "evidences.connection_info.protocol_name" || "evidences.dst_endpoint.autonomous_system.name" || "evidences.dst_endpoint.location.city" || "evidences.dst_endpoint.location.country" || "evidences.src_endpoint.autonomous_system.name" || "evidences.src_endpoint.hostname" || "evidences.src_endpoint.location.city" || "evidences.src_endpoint.location.country" || "finding_info.analytic.name" || "malware.name" || "malware_scan_info.uid" || "malware.severity" || "resources.cloud_function.layers.uid_alt" || "resources.cloud_function.runtime" || "resources.cloud_function.user.uid" || "resources.device.encryption_details.key_uid" || "resources.device.image.uid" || "resources.image.architecture" || "resources.image.registry_uid" || "resources.image.repository_name" || "resources.image.uid" || "resources.subnet_info.uid" || "resources.vpc_uid" || "vulnerabilities.affected_code.file.path" || "vulnerabilities.affected_packages.name" || "vulnerabilities.cve.epss.score" || "vulnerabilities.cve.uid" || "vulnerabilities.related_vulnerabilities" || "cloud.account.name",
+ *                     Filter: {
+ *                       Value: "STRING_VALUE",
+ *                       Comparison: "EQUALS" || "PREFIX" || "NOT_EQUALS" || "PREFIX_NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS" || "CONTAINS_WORD",
+ *                     },
+ *                   },
+ *                 ],
+ *                 DateFilters: [
+ *                   {
+ *                     FieldName: "finding_info.created_time_dt" || "finding_info.first_seen_time_dt" || "finding_info.last_seen_time_dt" || "finding_info.modified_time_dt" || "resources.image.created_time_dt" || "resources.image.last_used_time_dt" || "resources.modified_time_dt",
+ *                     Filter: {
+ *                       Start: "STRING_VALUE",
+ *                       End: "STRING_VALUE",
+ *                       DateRange: {
+ *                         Value: Number("int"),
+ *                         Unit: "DAYS",
+ *                       },
+ *                     },
+ *                   },
+ *                 ],
+ *                 BooleanFilters: [
+ *                   {
+ *                     FieldName: "compliance.assessments.meets_criteria" || "vulnerabilities.is_exploit_available" || "vulnerabilities.is_fix_available",
+ *                     Filter: {
+ *                       Value: true || false,
+ *                     },
+ *                   },
+ *                 ],
+ *                 NumberFilters: [
+ *                   {
+ *                     FieldName: "activity_id" || "compliance.status_id" || "confidence_score" || "severity_id" || "status_id" || "finding_info.related_events_count" || "evidences.api.response.code" || "evidences.dst_endpoint.autonomous_system.number" || "evidences.dst_endpoint.port" || "evidences.src_endpoint.autonomous_system.number" || "evidences.src_endpoint.port" || "resources.image.in_use_count",
+ *                     Filter: {
+ *                       Gte: Number("double"),
+ *                       Lte: Number("double"),
+ *                       Eq: Number("double"),
+ *                       Gt: Number("double"),
+ *                       Lt: Number("double"),
+ *                     },
+ *                   },
+ *                 ],
+ *                 MapFilters: [
+ *                   {
+ *                     FieldName: "resources.tags" || "compliance.control_parameters" || "databucket.tags" || "finding_info.tags",
+ *                     Filter: {
+ *                       Key: "STRING_VALUE",
+ *                       Value: "STRING_VALUE",
+ *                       Comparison: "EQUALS" || "NOT_EQUALS" || "CONTAINS" || "NOT_CONTAINS",
+ *                     },
+ *                   },
+ *                 ],
+ *                 IpFilters: [
+ *                   {
+ *                     FieldName: "evidences.dst_endpoint.ip" || "evidences.src_endpoint.ip",
+ *                     Filter: {
+ *                       Cidr: "STRING_VALUE",
+ *                     },
+ *                   },
+ *                 ],
+ *                 NestedCompositeFilters: "<CompositeFilterList>",
+ *                 Operator: "AND" || "OR",
+ *               },
+ *             ],
  *             Operator: "AND" || "OR",
  *           },
  *         ],
  *         CompositeOperator: "AND" || "OR",
  *       },
- *       GroupByField: "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.name" || "compliance.status" || "compliance.control" || "finding_info.title" || "finding_info.types" || "metadata.product.name" || "metadata.product.uid" || "resources.type" || "resources.uid" || "severity" || "status" || "vulnerabilities.fix_coverage" || "class_name", // required
+ *       GroupByField: "activity_name" || "cloud.account.uid" || "cloud.provider" || "cloud.region" || "compliance.assessments.name" || "compliance.status" || "compliance.control" || "finding_info.title" || "finding_info.types" || "metadata.product.name" || "metadata.product.uid" || "resources.type" || "resources.uid" || "severity" || "status" || "vulnerabilities.fix_coverage" || "class_name" || "vulnerabilities.affected_packages.name" || "finding_info.analytic.name" || "compliance.standards" || "cloud.account.name", // required
  *     },
  *   ],
  *   SortOrder: "asc" || "desc",

package/dist-types/commands/GetFindingsCommand.d.ts

@@ -1,6 +1,6 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
-import { GetFindingsRequest, GetFindingsResponse } from "../models/models_3";
+import { GetFindingsRequest, GetFindingsResponse } from "../models/models_2";
 import { SecurityHubClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../SecurityHubClient";
 /**
  * @public