aws-cdk-lib 2.173.3__py3-none-any.whl → 2.174.0__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of aws-cdk-lib might be problematic. Click here for more details.
- aws_cdk/__init__.py +210 -181
- aws_cdk/_jsii/__init__.py +1 -1
- aws_cdk/_jsii/{aws-cdk-lib@2.173.3.jsii.tgz → aws-cdk-lib@2.174.0.jsii.tgz} +0 -0
- aws_cdk/aws_apigateway/__init__.py +127 -168
- aws_cdk/aws_appconfig/__init__.py +498 -1
- aws_cdk/aws_applicationautoscaling/__init__.py +4 -1
- aws_cdk/aws_appsync/__init__.py +4 -0
- aws_cdk/aws_autoscaling/__init__.py +96 -0
- aws_cdk/aws_batch/__init__.py +1084 -233
- aws_cdk/aws_bedrock/__init__.py +2119 -181
- aws_cdk/aws_cassandra/__init__.py +476 -4
- aws_cdk/aws_cleanrooms/__init__.py +543 -17
- aws_cdk/aws_cloudformation/__init__.py +172 -169
- aws_cdk/aws_cloudfront/__init__.py +773 -26
- aws_cdk/aws_cloudtrail/__init__.py +8 -2
- aws_cdk/aws_codebuild/__init__.py +83 -0
- aws_cdk/aws_codepipeline/__init__.py +2 -1
- aws_cdk/aws_cognito/__init__.py +232 -200
- aws_cdk/aws_connect/__init__.py +187 -36
- aws_cdk/aws_connectcampaignsv2/__init__.py +106 -12
- aws_cdk/aws_databrew/__init__.py +69 -1
- aws_cdk/aws_datasync/__init__.py +33 -28
- aws_cdk/aws_datazone/__init__.py +141 -41
- aws_cdk/aws_dlm/__init__.py +20 -10
- aws_cdk/aws_dms/__init__.py +722 -30
- aws_cdk/aws_dynamodb/__init__.py +76 -4
- aws_cdk/aws_ec2/__init__.py +1233 -65
- aws_cdk/aws_ecr/__init__.py +31 -0
- aws_cdk/aws_ecr_assets/__init__.py +5 -0
- aws_cdk/aws_ecs/__init__.py +88 -11
- aws_cdk/aws_efs/__init__.py +15 -8
- aws_cdk/aws_eks/__init__.py +114 -45
- aws_cdk/aws_elasticloadbalancingv2/__init__.py +2 -2
- aws_cdk/aws_emrserverless/__init__.py +143 -0
- aws_cdk/aws_events/__init__.py +50 -30
- aws_cdk/aws_fis/__init__.py +33 -33
- aws_cdk/aws_fsx/__init__.py +20 -10
- aws_cdk/aws_glue/__init__.py +34 -11
- aws_cdk/aws_greengrass/__init__.py +8 -8
- aws_cdk/aws_guardduty/__init__.py +1 -1
- aws_cdk/aws_imagebuilder/__init__.py +45 -47
- aws_cdk/aws_internetmonitor/__init__.py +3 -3
- aws_cdk/aws_invoicing/__init__.py +55 -30
- aws_cdk/aws_iot/__init__.py +1117 -4
- aws_cdk/aws_iot1click/__init__.py +17 -7
- aws_cdk/aws_kendra/__init__.py +4 -6
- aws_cdk/aws_lambda/__init__.py +15 -1
- aws_cdk/aws_logs/__init__.py +4011 -86
- aws_cdk/aws_m2/__init__.py +41 -0
- aws_cdk/aws_mediaconnect/__init__.py +202 -7
- aws_cdk/aws_memorydb/__init__.py +22 -22
- aws_cdk/aws_networkmanager/__init__.py +758 -0
- aws_cdk/aws_opensearchservice/__init__.py +222 -0
- aws_cdk/aws_organizations/__init__.py +5 -3
- aws_cdk/aws_pcs/__init__.py +3038 -0
- aws_cdk/aws_pipes/__init__.py +10 -10
- aws_cdk/aws_qbusiness/__init__.py +415 -140
- aws_cdk/aws_quicksight/__init__.py +15932 -6448
- aws_cdk/aws_ram/__init__.py +5 -11
- aws_cdk/aws_rbin/__init__.py +28 -16
- aws_cdk/aws_rds/__init__.py +184 -24
- aws_cdk/aws_redshiftserverless/__init__.py +156 -0
- aws_cdk/aws_resiliencehub/__init__.py +2 -1
- aws_cdk/aws_route53_targets/__init__.py +5 -5
- aws_cdk/aws_s3/__init__.py +25 -15
- aws_cdk/aws_s3express/__init__.py +7 -7
- aws_cdk/aws_s3tables/__init__.py +683 -0
- aws_cdk/aws_sagemaker/__init__.py +574 -189
- aws_cdk/aws_secretsmanager/__init__.py +2 -0
- aws_cdk/aws_securityhub/__init__.py +41 -165
- aws_cdk/aws_servicediscovery/__init__.py +10 -3
- aws_cdk/aws_ses/__init__.py +190 -5
- aws_cdk/aws_sns/__init__.py +7 -3
- aws_cdk/aws_synthetics/__init__.py +29 -4
- aws_cdk/aws_transfer/__init__.py +8 -0
- aws_cdk/aws_vpclattice/__init__.py +147 -77
- aws_cdk/aws_wafv2/__init__.py +20 -8
- aws_cdk/aws_wisdom/__init__.py +162 -111
- aws_cdk/aws_workspaces/__init__.py +10 -4
- aws_cdk/cloud_assembly_schema/__init__.py +22 -0
- aws_cdk/custom_resources/__init__.py +31 -0
- aws_cdk/cx_api/__init__.py +19 -0
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/LICENSE +1 -1
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/METADATA +2 -2
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/NOTICE +1 -1
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/RECORD +88 -86
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/WHEEL +0 -0
- {aws_cdk_lib-2.173.3.dist-info → aws_cdk_lib-2.174.0.dist-info}/top_level.txt +0 -0
|
@@ -95,6 +95,8 @@ secret = secretsmanager.Secret(self, "Secret", encryption_key=key)
|
|
|
95
95
|
secret.grant_read(other_account)
|
|
96
96
|
```
|
|
97
97
|
|
|
98
|
+
## Rotating a Secret
|
|
99
|
+
|
|
98
100
|
### Using a Custom Lambda Function
|
|
99
101
|
|
|
100
102
|
A rotation schedule can be added to a Secret using a custom Lambda function:
|
|
@@ -952,15 +952,15 @@ class CfnAutomationRule(
|
|
|
952
952
|
:param compliance_security_control_id: The security control ID for which a finding was generated. Security control IDs are the same across standards. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
953
953
|
:param compliance_status: The result of a security check. This field is only used for findings generated from controls. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
954
954
|
:param confidence: The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. ``Confidence`` is scored on a 0–100 basis using a ratio scale. A value of ``0`` means 0 percent confidence, and a value of ``100`` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see `Confidence <https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence>`_ in the *AWS Security Hub User Guide* . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
955
|
-
:param created_at: A timestamp that indicates when this finding record was created.
|
|
955
|
+
:param created_at: A timestamp that indicates when this finding record was created. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
956
956
|
:param criticality: The level of importance that is assigned to the resources that are associated with a finding. ``Criticality`` is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of ``0`` means that the underlying resources have no criticality, and a score of ``100`` is reserved for the most critical resources. For more information, see `Criticality <https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality>`_ in the *AWS Security Hub User Guide* . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
957
957
|
:param description: A finding's description. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
958
|
-
:param first_observed_at: A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.
|
|
958
|
+
:param first_observed_at: A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
959
959
|
:param generator_id: The identifier for the solution-specific component that generated a finding. Array Members: Minimum number of 1 item. Maximum number of 100 items.
|
|
960
960
|
:param id: The product-specific identifier for a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
961
|
-
:param last_observed_at: A timestamp that indicates when the
|
|
961
|
+
:param last_observed_at: A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
962
962
|
:param note_text: The text of a user-defined note that's added to a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
963
|
-
:param note_updated_at: The timestamp of when the note was updated.
|
|
963
|
+
:param note_updated_at: The timestamp of when the note was updated. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
964
964
|
:param note_updated_by: The principal that created a note. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
965
965
|
:param product_arn: The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
966
966
|
:param product_name: Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
@@ -977,7 +977,7 @@ class CfnAutomationRule(
|
|
|
977
977
|
:param source_url: Provides a URL that links to a page about the current finding in the finding product. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
978
978
|
:param title: A finding's title. Array Members: Minimum number of 1 item. Maximum number of 100 items.
|
|
979
979
|
:param type: One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see `Types taxonomy for ASFF <https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html>`_ in the *AWS Security Hub User Guide* . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
980
|
-
:param updated_at: A timestamp that indicates when the finding record was most recently updated.
|
|
980
|
+
:param updated_at: A timestamp that indicates when the finding record was most recently updated. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ . Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
981
981
|
:param user_defined_fields: A list of user-defined name and value string pairs added to a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
982
982
|
:param verification_state: Provides the veracity of a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
983
983
|
:param workflow_status: Provides information about the status of the investigation into a finding. Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
@@ -1358,15 +1358,7 @@ class CfnAutomationRule(
|
|
|
1358
1358
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAutomationRule.DateFilterProperty"]]]]:
|
|
1359
1359
|
'''A timestamp that indicates when this finding record was created.
|
|
1360
1360
|
|
|
1361
|
-
|
|
1362
|
-
|
|
1363
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1364
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1365
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1366
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1367
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1368
|
-
|
|
1369
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1361
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1370
1362
|
|
|
1371
1363
|
Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
1372
1364
|
|
|
@@ -1409,15 +1401,7 @@ class CfnAutomationRule(
|
|
|
1409
1401
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAutomationRule.DateFilterProperty"]]]]:
|
|
1410
1402
|
'''A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.
|
|
1411
1403
|
|
|
1412
|
-
|
|
1413
|
-
|
|
1414
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1415
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1416
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1417
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1418
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1419
|
-
|
|
1420
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1404
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1421
1405
|
|
|
1422
1406
|
Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
1423
1407
|
|
|
@@ -1456,17 +1440,9 @@ class CfnAutomationRule(
|
|
|
1456
1440
|
def last_observed_at(
|
|
1457
1441
|
self,
|
|
1458
1442
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAutomationRule.DateFilterProperty"]]]]:
|
|
1459
|
-
'''A timestamp that indicates when the
|
|
1460
|
-
|
|
1461
|
-
This field accepts only the specified formats. Timestamps can end with ``Z`` or ``("+" / "-") time-hour [":" time-minute]`` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:
|
|
1443
|
+
'''A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.
|
|
1462
1444
|
|
|
1463
|
-
|
|
1464
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1465
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1466
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1467
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1468
|
-
|
|
1469
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1445
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1470
1446
|
|
|
1471
1447
|
Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
1472
1448
|
|
|
@@ -1494,15 +1470,7 @@ class CfnAutomationRule(
|
|
|
1494
1470
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAutomationRule.DateFilterProperty"]]]]:
|
|
1495
1471
|
'''The timestamp of when the note was updated.
|
|
1496
1472
|
|
|
1497
|
-
|
|
1498
|
-
|
|
1499
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1500
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1501
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1502
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1503
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1504
|
-
|
|
1505
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1473
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1506
1474
|
|
|
1507
1475
|
Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
1508
1476
|
|
|
@@ -1731,15 +1699,7 @@ class CfnAutomationRule(
|
|
|
1731
1699
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnAutomationRule.DateFilterProperty"]]]]:
|
|
1732
1700
|
'''A timestamp that indicates when the finding record was most recently updated.
|
|
1733
1701
|
|
|
1734
|
-
|
|
1735
|
-
|
|
1736
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1737
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1738
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1739
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1740
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1741
|
-
|
|
1742
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1702
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1743
1703
|
|
|
1744
1704
|
Array Members: Minimum number of 1 item. Maximum number of 20 items.
|
|
1745
1705
|
|
|
@@ -1814,8 +1774,8 @@ class CfnAutomationRule(
|
|
|
1814
1774
|
'''A date filter for querying findings.
|
|
1815
1775
|
|
|
1816
1776
|
:param date_range: A date range for the date filter.
|
|
1817
|
-
:param end: A timestamp that provides the end date for the date filter.
|
|
1818
|
-
:param start: A timestamp that provides the start date for the date filter.
|
|
1777
|
+
:param end: A timestamp that provides the end date for the date filter. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1778
|
+
:param start: A timestamp that provides the start date for the date filter. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1819
1779
|
|
|
1820
1780
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html
|
|
1821
1781
|
:exampleMetadata: fixture=_generated
|
|
@@ -1863,15 +1823,7 @@ class CfnAutomationRule(
|
|
|
1863
1823
|
def end(self) -> typing.Optional[builtins.str]:
|
|
1864
1824
|
'''A timestamp that provides the end date for the date filter.
|
|
1865
1825
|
|
|
1866
|
-
|
|
1867
|
-
|
|
1868
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1869
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1870
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1871
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1872
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1873
|
-
|
|
1874
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1826
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1875
1827
|
|
|
1876
1828
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html#cfn-securityhub-automationrule-datefilter-end
|
|
1877
1829
|
'''
|
|
@@ -1882,15 +1834,7 @@ class CfnAutomationRule(
|
|
|
1882
1834
|
def start(self) -> typing.Optional[builtins.str]:
|
|
1883
1835
|
'''A timestamp that provides the start date for the date filter.
|
|
1884
1836
|
|
|
1885
|
-
|
|
1886
|
-
|
|
1887
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
1888
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
1889
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
1890
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
1891
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
1892
|
-
|
|
1893
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
1837
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
1894
1838
|
|
|
1895
1839
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-automationrule-datefilter.html#cfn-securityhub-automationrule-datefilter-start
|
|
1896
1840
|
'''
|
|
@@ -4484,7 +4428,7 @@ class CfnHub(
|
|
|
4484
4428
|
'''
|
|
4485
4429
|
:param scope: Scope in which this resource is defined.
|
|
4486
4430
|
:param id: Construct identifier for this resource (unique in its scope).
|
|
4487
|
-
:param auto_enable_controls: Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to ``true`` , and new controls are enabled automatically. To not automatically enable new controls, set this to ``false`` .
|
|
4431
|
+
:param auto_enable_controls: Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to ``true`` , and new controls are enabled automatically. To not automatically enable new controls, set this to ``false`` . When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of ``DISABLED`` . It can take up to several days for Security Hub to process the control release and designate the control as ``ENABLED`` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have ``AutoEnableControls`` set to ``true`` .
|
|
4488
4432
|
:param control_finding_generator: Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to ``SECURITY_CONTROL`` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to ``STANDARD_CONTROL`` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. The value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is ``SECURITY_CONTROL`` if you enabled Security Hub on or after February 23, 2023.
|
|
4489
4433
|
:param enable_default_standards: Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for ``EnableDefaultStandards`` , it is set to ``true`` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set ``EnableDefaultStandards`` to ``false`` . Currently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).
|
|
4490
4434
|
:param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
|
|
@@ -4645,7 +4589,7 @@ class CfnHubProps:
|
|
|
4645
4589
|
) -> None:
|
|
4646
4590
|
'''Properties for defining a ``CfnHub``.
|
|
4647
4591
|
|
|
4648
|
-
:param auto_enable_controls: Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to ``true`` , and new controls are enabled automatically. To not automatically enable new controls, set this to ``false`` .
|
|
4592
|
+
:param auto_enable_controls: Whether to automatically enable new controls when they are added to standards that are enabled. By default, this is set to ``true`` , and new controls are enabled automatically. To not automatically enable new controls, set this to ``false`` . When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of ``DISABLED`` . It can take up to several days for Security Hub to process the control release and designate the control as ``ENABLED`` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have ``AutoEnableControls`` set to ``true`` .
|
|
4649
4593
|
:param control_finding_generator: Specifies whether an account has consolidated control findings turned on or off. If the value for this field is set to ``SECURITY_CONTROL`` , Security Hub generates a single finding for a control check even when the check applies to multiple enabled standards. If the value for this field is set to ``STANDARD_CONTROL`` , Security Hub generates separate findings for a control check when the check applies to multiple enabled standards. The value for this field in a member account matches the value in the administrator account. For accounts that aren't part of an organization, the default value of this field is ``SECURITY_CONTROL`` if you enabled Security Hub on or after February 23, 2023.
|
|
4650
4594
|
:param enable_default_standards: Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for ``EnableDefaultStandards`` , it is set to ``true`` , and the designated standards are automatically enabled in each AWS Region where you enable Security Hub . If you don't want to enable the designated standards, set ``EnableDefaultStandards`` to ``false`` . Currently, the automatically enabled standards are the Center for Internet Security (CIS) AWS Foundations Benchmark v1.2.0 and AWS Foundational Security Best Practices (FSBP).
|
|
4651
4595
|
:param tags: An array of key-value pairs to apply to this resource. For more information, see `Tag <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html>`_ .
|
|
@@ -4692,6 +4636,8 @@ class CfnHubProps:
|
|
|
4692
4636
|
|
|
4693
4637
|
By default, this is set to ``true`` , and new controls are enabled automatically. To not automatically enable new controls, set this to ``false`` .
|
|
4694
4638
|
|
|
4639
|
+
When you automatically enable new controls, you can interact with the controls in the console and programmatically immediately after release. However, automatically enabled controls have a temporary default status of ``DISABLED`` . It can take up to several days for Security Hub to process the control release and designate the control as ``ENABLED`` in your account. During the processing period, you can manually enable or disable a control, and Security Hub will maintain that designation regardless of whether you have ``AutoEnableControls`` set to ``true`` .
|
|
4640
|
+
|
|
4695
4641
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-securityhub-hub.html#cfn-securityhub-hub-autoenablecontrols
|
|
4696
4642
|
'''
|
|
4697
4643
|
result = self._values.get("auto_enable_controls")
|
|
@@ -5592,7 +5538,7 @@ class CfnInsight(
|
|
|
5592
5538
|
:param compliance_security_control_parameters_value: The current value of a security control parameter.
|
|
5593
5539
|
:param compliance_status: Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard, such as CIS AWS Foundations. Contains security standard-related finding details.
|
|
5594
5540
|
:param confidence: A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
|
|
5595
|
-
:param created_at: A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.
|
|
5541
|
+
:param created_at: A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5596
5542
|
:param criticality: The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
|
|
5597
5543
|
:param description: A finding's description.
|
|
5598
5544
|
:param finding_provider_fields_confidence: The finding provider value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
|
|
@@ -5602,11 +5548,11 @@ class CfnInsight(
|
|
|
5602
5548
|
:param finding_provider_fields_severity_label: The finding provider value for the severity label.
|
|
5603
5549
|
:param finding_provider_fields_severity_original: The finding provider's original value for the severity.
|
|
5604
5550
|
:param finding_provider_fields_types: One or more finding types that the finding provider assigned to the finding. Uses the format of ``namespace/category/classifier`` that classify a finding. Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
|
|
5605
|
-
:param first_observed_at: A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.
|
|
5551
|
+
:param first_observed_at: A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5606
5552
|
:param generator_id: The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
|
|
5607
5553
|
:param id: The security findings provider-specific identifier for a finding.
|
|
5608
5554
|
:param keyword: This field is deprecated. A keyword for a finding.
|
|
5609
|
-
:param last_observed_at: A timestamp that indicates when the security findings provider most recently observed
|
|
5555
|
+
:param last_observed_at: A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5610
5556
|
:param malware_name: The name of the malware that was observed.
|
|
5611
5557
|
:param malware_path: The filesystem path of the malware that was observed.
|
|
5612
5558
|
:param malware_state: The state of the malware that was observed.
|
|
@@ -5625,12 +5571,12 @@ class CfnInsight(
|
|
|
5625
5571
|
:param note_text: The text of a note.
|
|
5626
5572
|
:param note_updated_at: The timestamp of when the note was updated.
|
|
5627
5573
|
:param note_updated_by: The principal that created a note.
|
|
5628
|
-
:param process_launched_at: A timestamp that identifies when the process was launched.
|
|
5574
|
+
:param process_launched_at: A timestamp that identifies when the process was launched. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5629
5575
|
:param process_name: The name of the process.
|
|
5630
5576
|
:param process_parent_pid: The parent process ID. This field accepts positive integers between ``O`` and ``2147483647`` .
|
|
5631
5577
|
:param process_path: The path to the process executable.
|
|
5632
5578
|
:param process_pid: The process ID.
|
|
5633
|
-
:param process_terminated_at: A timestamp that identifies when the process was terminated.
|
|
5579
|
+
:param process_terminated_at: A timestamp that identifies when the process was terminated. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5634
5580
|
:param product_arn: The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.
|
|
5635
5581
|
:param product_fields: A data type where security findings providers can include additional solution-specific details that aren't part of the defined ``AwsSecurityFinding`` format.
|
|
5636
5582
|
:param product_name: The name of the solution (product) that generates findings.
|
|
@@ -5659,7 +5605,7 @@ class CfnInsight(
|
|
|
5659
5605
|
:param resource_aws_s3_bucket_owner_name: The display name of the owner of the S3 bucket.
|
|
5660
5606
|
:param resource_container_image_id: The identifier of the image related to a finding.
|
|
5661
5607
|
:param resource_container_image_name: The name of the image related to a finding.
|
|
5662
|
-
:param resource_container_launched_at: A timestamp that identifies when the container was started.
|
|
5608
|
+
:param resource_container_launched_at: A timestamp that identifies when the container was started. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5663
5609
|
:param resource_container_name: The name of the container related to a finding.
|
|
5664
5610
|
:param resource_details_other: The details of a resource that doesn't have a specific subfield for the resource type defined.
|
|
5665
5611
|
:param resource_id: The canonical identifier for the given resource type.
|
|
@@ -5673,14 +5619,14 @@ class CfnInsight(
|
|
|
5673
5619
|
:param severity_product: Deprecated. This attribute isn't included in findings. Instead of providing ``Product`` , provide ``Original`` . The native severity as defined by the AWS service or integrated partner product that generated the finding.
|
|
5674
5620
|
:param source_url: A URL that links to a page about the current finding in the security findings provider's solution.
|
|
5675
5621
|
:param threat_intel_indicator_category: The category of a threat intelligence indicator.
|
|
5676
|
-
:param threat_intel_indicator_last_observed_at: A timestamp that identifies the last observation of a threat intelligence indicator.
|
|
5622
|
+
:param threat_intel_indicator_last_observed_at: A timestamp that identifies the last observation of a threat intelligence indicator. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5677
5623
|
:param threat_intel_indicator_source: The source of the threat intelligence.
|
|
5678
5624
|
:param threat_intel_indicator_source_url: The URL for more details from the source of the threat intelligence.
|
|
5679
5625
|
:param threat_intel_indicator_type: The type of a threat intelligence indicator.
|
|
5680
5626
|
:param threat_intel_indicator_value: The value of a threat intelligence indicator.
|
|
5681
5627
|
:param title: A finding's title.
|
|
5682
5628
|
:param type: A finding type in the format of ``namespace/category/classifier`` that classifies a finding.
|
|
5683
|
-
:param updated_at: A timestamp that indicates when the security findings provider last updated the finding record.
|
|
5629
|
+
:param updated_at: A timestamp that indicates when the security findings provider last updated the finding record. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
5684
5630
|
:param user_defined_fields: A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
|
|
5685
5631
|
:param verification_state: The veracity of a finding.
|
|
5686
5632
|
:param vulnerabilities_exploit_available: Indicates whether a software vulnerability in your environment has a known exploit. You can filter findings by this field only if you use Security Hub and Amazon Inspector.
|
|
@@ -6597,15 +6543,7 @@ class CfnInsight(
|
|
|
6597
6543
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
6598
6544
|
'''A timestamp that indicates when the security findings provider created the potential security issue that a finding reflects.
|
|
6599
6545
|
|
|
6600
|
-
|
|
6601
|
-
|
|
6602
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
6603
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
6604
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
6605
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
6606
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
6607
|
-
|
|
6608
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
6546
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
6609
6547
|
|
|
6610
6548
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-createdat
|
|
6611
6549
|
'''
|
|
@@ -6729,15 +6667,7 @@ class CfnInsight(
|
|
|
6729
6667
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
6730
6668
|
'''A timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured.
|
|
6731
6669
|
|
|
6732
|
-
|
|
6733
|
-
|
|
6734
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
6735
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
6736
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
6737
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
6738
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
6739
|
-
|
|
6740
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
6670
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
6741
6671
|
|
|
6742
6672
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-firstobservedat
|
|
6743
6673
|
'''
|
|
@@ -6785,17 +6715,9 @@ class CfnInsight(
|
|
|
6785
6715
|
def last_observed_at(
|
|
6786
6716
|
self,
|
|
6787
6717
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
6788
|
-
'''A timestamp that indicates when the security findings provider most recently observed
|
|
6789
|
-
|
|
6790
|
-
This field accepts only the specified formats. Timestamps can end with ``Z`` or ``("+" / "-") time-hour [":" time-minute]`` . The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats that you can send to Security Hub:
|
|
6718
|
+
'''A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding.
|
|
6791
6719
|
|
|
6792
|
-
|
|
6793
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
6794
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
6795
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
6796
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
6797
|
-
|
|
6798
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
6720
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
6799
6721
|
|
|
6800
6722
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-lastobservedat
|
|
6801
6723
|
'''
|
|
@@ -7006,15 +6928,7 @@ class CfnInsight(
|
|
|
7006
6928
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
7007
6929
|
'''A timestamp that identifies when the process was launched.
|
|
7008
6930
|
|
|
7009
|
-
|
|
7010
|
-
|
|
7011
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7012
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7013
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7014
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7015
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7016
|
-
|
|
7017
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
6931
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7018
6932
|
|
|
7019
6933
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processlaunchedat
|
|
7020
6934
|
'''
|
|
@@ -7073,15 +6987,7 @@ class CfnInsight(
|
|
|
7073
6987
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
7074
6988
|
'''A timestamp that identifies when the process was terminated.
|
|
7075
6989
|
|
|
7076
|
-
|
|
7077
|
-
|
|
7078
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7079
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7080
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7081
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7082
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7083
|
-
|
|
7084
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
6990
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7085
6991
|
|
|
7086
6992
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-processterminatedat
|
|
7087
6993
|
'''
|
|
@@ -7404,15 +7310,7 @@ class CfnInsight(
|
|
|
7404
7310
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
7405
7311
|
'''A timestamp that identifies when the container was started.
|
|
7406
7312
|
|
|
7407
|
-
|
|
7408
|
-
|
|
7409
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7410
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7411
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7412
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7413
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7414
|
-
|
|
7415
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
7313
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7416
7314
|
|
|
7417
7315
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-resourcecontainerlaunchedat
|
|
7418
7316
|
'''
|
|
@@ -7580,6 +7478,8 @@ class CfnInsight(
|
|
|
7580
7478
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
7581
7479
|
'''A timestamp that identifies the last observation of a threat intelligence indicator.
|
|
7582
7480
|
|
|
7481
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7482
|
+
|
|
7583
7483
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-threatintelindicatorlastobservedat
|
|
7584
7484
|
'''
|
|
7585
7485
|
result = self._values.get("threat_intel_indicator_last_observed_at")
|
|
@@ -7657,15 +7557,7 @@ class CfnInsight(
|
|
|
7657
7557
|
) -> typing.Optional[typing.Union[_IResolvable_da3f097b, typing.List[typing.Union[_IResolvable_da3f097b, "CfnInsight.DateFilterProperty"]]]]:
|
|
7658
7558
|
'''A timestamp that indicates when the security findings provider last updated the finding record.
|
|
7659
7559
|
|
|
7660
|
-
|
|
7661
|
-
|
|
7662
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7663
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7664
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7665
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7666
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7667
|
-
|
|
7668
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
7560
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7669
7561
|
|
|
7670
7562
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-awssecurityfindingfilters.html#cfn-securityhub-insight-awssecurityfindingfilters-updatedat
|
|
7671
7563
|
'''
|
|
@@ -7856,8 +7748,8 @@ class CfnInsight(
|
|
|
7856
7748
|
'''A date filter for querying findings.
|
|
7857
7749
|
|
|
7858
7750
|
:param date_range: A date range for the date filter.
|
|
7859
|
-
:param end: A timestamp that provides the end date for the date filter.
|
|
7860
|
-
:param start: A timestamp that provides the start date for the date filter.
|
|
7751
|
+
:param end: A timestamp that provides the end date for the date filter. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7752
|
+
:param start: A timestamp that provides the start date for the date filter. For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7861
7753
|
|
|
7862
7754
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html
|
|
7863
7755
|
:exampleMetadata: fixture=_generated
|
|
@@ -7905,15 +7797,7 @@ class CfnInsight(
|
|
|
7905
7797
|
def end(self) -> typing.Optional[builtins.str]:
|
|
7906
7798
|
'''A timestamp that provides the end date for the date filter.
|
|
7907
7799
|
|
|
7908
|
-
|
|
7909
|
-
|
|
7910
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7911
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7912
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7913
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7914
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7915
|
-
|
|
7916
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
7800
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7917
7801
|
|
|
7918
7802
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html#cfn-securityhub-insight-datefilter-end
|
|
7919
7803
|
'''
|
|
@@ -7924,15 +7808,7 @@ class CfnInsight(
|
|
|
7924
7808
|
def start(self) -> typing.Optional[builtins.str]:
|
|
7925
7809
|
'''A timestamp that provides the start date for the date filter.
|
|
7926
7810
|
|
|
7927
|
-
|
|
7928
|
-
|
|
7929
|
-
- ``YYYY-MM-DDTHH:MM:SSZ`` (for example, ``2019-01-31T23:00:00Z`` )
|
|
7930
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ`` (for example, ``2019-01-31T23:00:00.123456789Z`` )
|
|
7931
|
-
- ``YYYY-MM-DDTHH:MM:SS+HH:MM`` (for example, ``2024-01-04T15:25:10+17:59`` )
|
|
7932
|
-
- ``YYYY-MM-DDTHH:MM:SS-HHMM`` (for example, ``2024-01-04T15:25:10-1759`` )
|
|
7933
|
-
- ``YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM`` (for example, ``2024-01-04T15:25:10.123456789+17:59`` )
|
|
7934
|
-
|
|
7935
|
-
If a finding provider sends a finding to Security Hub that contains a timestamp in nanoseconds, we round it to milliseconds. For example, we round ``2024-10-31T23:00:00.123456789Z`` to ``2024-10-31T23:00:00.123Z`` .
|
|
7811
|
+
For more information about the validation and formatting of timestamp fields in AWS Security Hub , see `Timestamps <https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps>`_ .
|
|
7936
7812
|
|
|
7937
7813
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-securityhub-insight-datefilter.html#cfn-securityhub-insight-datefilter-start
|
|
7938
7814
|
'''
|
|
@@ -2126,7 +2126,7 @@ class CfnService(
|
|
|
2126
2126
|
:param health_check_custom_config: A complex type that contains information about an optional custom health check. .. epigraph:: If you specify a health check configuration, you can specify either ``HealthCheckCustomConfig`` or ``HealthCheckConfig`` but not both.
|
|
2127
2127
|
:param name: The name of the service.
|
|
2128
2128
|
:param namespace_id: The ID of the namespace that was used to create the service. .. epigraph:: You must specify a value for ``NamespaceId`` either for the service properties or for `DnsConfig <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html>`_ . Don't specify a value in both places.
|
|
2129
|
-
:param service_attributes:
|
|
2129
|
+
:param service_attributes: A string map that contains the following information for the service:. - The attributes that apply to the service - For each attribute, the applicable value. You can specify a total of 30 attributes.
|
|
2130
2130
|
:param tags: The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
|
|
2131
2131
|
:param type: If present, specifies that the service instances are only discoverable using the ``DiscoverInstances`` API operation. No DNS records is registered for the service instances. The only valid value is ``HTTP`` .
|
|
2132
2132
|
'''
|
|
@@ -2312,6 +2312,7 @@ class CfnService(
|
|
|
2312
2312
|
@builtins.property
|
|
2313
2313
|
@jsii.member(jsii_name="serviceAttributes")
|
|
2314
2314
|
def service_attributes(self) -> typing.Any:
|
|
2315
|
+
'''A string map that contains the following information for the service:.'''
|
|
2315
2316
|
return typing.cast(typing.Any, jsii.get(self, "serviceAttributes"))
|
|
2316
2317
|
|
|
2317
2318
|
@service_attributes.setter
|
|
@@ -2844,7 +2845,7 @@ class CfnServiceProps:
|
|
|
2844
2845
|
:param health_check_custom_config: A complex type that contains information about an optional custom health check. .. epigraph:: If you specify a health check configuration, you can specify either ``HealthCheckCustomConfig`` or ``HealthCheckConfig`` but not both.
|
|
2845
2846
|
:param name: The name of the service.
|
|
2846
2847
|
:param namespace_id: The ID of the namespace that was used to create the service. .. epigraph:: You must specify a value for ``NamespaceId`` either for the service properties or for `DnsConfig <https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-servicediscovery-service-dnsconfig.html>`_ . Don't specify a value in both places.
|
|
2847
|
-
:param service_attributes:
|
|
2848
|
+
:param service_attributes: A string map that contains the following information for the service:. - The attributes that apply to the service - For each attribute, the applicable value. You can specify a total of 30 attributes.
|
|
2848
2849
|
:param tags: The tags for the service. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
|
|
2849
2850
|
:param type: If present, specifies that the service instances are only discoverable using the ``DiscoverInstances`` API operation. No DNS records is registered for the service instances. The only valid value is ``HTTP`` .
|
|
2850
2851
|
|
|
@@ -2998,7 +2999,13 @@ class CfnServiceProps:
|
|
|
2998
2999
|
|
|
2999
3000
|
@builtins.property
|
|
3000
3001
|
def service_attributes(self) -> typing.Any:
|
|
3001
|
-
'''
|
|
3002
|
+
'''A string map that contains the following information for the service:.
|
|
3003
|
+
|
|
3004
|
+
- The attributes that apply to the service
|
|
3005
|
+
- For each attribute, the applicable value.
|
|
3006
|
+
|
|
3007
|
+
You can specify a total of 30 attributes.
|
|
3008
|
+
|
|
3002
3009
|
:see: http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-servicediscovery-service.html#cfn-servicediscovery-service-serviceattributes
|
|
3003
3010
|
'''
|
|
3004
3011
|
result = self._values.get("service_attributes")
|