securityhub-2018-10-26 library

Classes

AcceptInvitationResponse
AccountDetails
The details of an AWS account.
ActionTarget
An ActionTarget object.
AdminAccount
Represents a Security Hub administrator account designated by an organization management account.
AvailabilityZone
Information about an Availability Zone.
AwsApiGatewayAccessLogSettings
Contains information about settings for logging access for the stage.
AwsApiGatewayCanarySettings
Contains information about settings for canary deployment in the stage.
AwsApiGatewayEndpointConfiguration
Contains information about the endpoints for the API.
AwsApiGatewayMethodSettings
Defines settings for a method for the stage.
AwsApiGatewayRestApiDetails
contains information about a REST API in version 1 of Amazon API Gateway.
AwsApiGatewayStageDetails
Provides information about a version 1 Amazon API Gateway stage.
AwsApiGatewayV2ApiDetails
Contains information about a version 2 API in Amazon API Gateway.
AwsApiGatewayV2RouteSettings
Contains route settings for a stage.
AwsApiGatewayV2StageDetails
Contains information about a version 2 stage for Amazon API Gateway.
AwsAutoScalingAutoScalingGroupDetails
Provides details about an auto scaling group.
AwsCertificateManagerCertificateDetails
Provides details about an AWS Certificate Manager certificate.
AwsCertificateManagerCertificateDomainValidationOption
Contains information about one of the following:
AwsCertificateManagerCertificateExtendedKeyUsage
Contains information about an extended key usage X.509 v3 extension object.
AwsCertificateManagerCertificateKeyUsage
Contains information about a key usage X.509 v3 extension object.
AwsCertificateManagerCertificateOptions
Contains other options for the certificate.
AwsCertificateManagerCertificateRenewalSummary
Contains information about the AWS Certificate Manager managed renewal for an AMAZON_ISSUED certificate.
AwsCertificateManagerCertificateResourceRecord
Provides details about the CNAME record that is added to the DNS database for domain validation.
AwsClientCredentials
AWS credentials.
AwsCloudFrontDistributionCacheBehavior
Information about a cache behavior for the distribution.
AwsCloudFrontDistributionCacheBehaviors
Provides information about caching for the distribution.
AwsCloudFrontDistributionDefaultCacheBehavior
Contains information about the default cache configuration for the distribution.
AwsCloudFrontDistributionDetails
A distribution configuration.
AwsCloudFrontDistributionLogging
A complex type that controls whether access logs are written for the distribution.
AwsCloudFrontDistributionOriginGroup
Information about an origin group for the distribution.
AwsCloudFrontDistributionOriginGroupFailover
Provides information about when an origin group fails over.
AwsCloudFrontDistributionOriginGroupFailoverStatusCodes
The status codes that cause an origin group to fail over.
AwsCloudFrontDistributionOriginGroups
Provides information about origin groups that are associated with the distribution.
AwsCloudFrontDistributionOriginItem
A complex type that describes the Amazon S3 bucket, HTTP server (for example, a web server), Amazon Elemental MediaStore, or other server from which CloudFront gets your files.
AwsCloudFrontDistributionOrigins
A complex type that contains information about origins and origin groups for this distribution.
AwsCloudFrontDistributionOriginS3OriginConfig
Information about an origin that is an S3 bucket that is not configured with static website hosting.
AwsCloudTrailTrailDetails
Provides details about a CloudTrail trail.
AwsCodeBuildProjectDetails
Information about an AWS CodeBuild project.
AwsCodeBuildProjectEnvironment
Information about the build environment for this build project.
AwsCodeBuildProjectEnvironmentRegistryCredential
The credentials for access to a private registry.
AwsCodeBuildProjectSource
Information about the build input source code for this build project.
AwsCodeBuildProjectVpcConfig
Information about the VPC configuration that AWS CodeBuild accesses.
AwsCorsConfiguration
Contains the cross-origin resource sharing (CORS) configuration for the API. CORS is only supported for HTTP APIs.
AwsDynamoDbTableAttributeDefinition
Contains a definition of an attribute for the table.
AwsDynamoDbTableBillingModeSummary
Provides information about the billing for read/write capacity on the table.
AwsDynamoDbTableDetails
Provides details about a DynamoDB table.
AwsDynamoDbTableGlobalSecondaryIndex
Information abut a global secondary index for the table.
AwsDynamoDbTableKeySchema
A component of the key schema for the DynamoDB table, a global secondary index, or a local secondary index.
AwsDynamoDbTableLocalSecondaryIndex
Information about a local secondary index for a DynamoDB table.
AwsDynamoDbTableProjection
For global and local secondary indexes, identifies the attributes that are copied from the table into the index.
AwsDynamoDbTableProvisionedThroughput
Information about the provisioned throughput for the table or for a global secondary index.
AwsDynamoDbTableProvisionedThroughputOverride
Replica-specific configuration for the provisioned throughput.
AwsDynamoDbTableReplica
Information about a replica of a DynamoDB table.
AwsDynamoDbTableReplicaGlobalSecondaryIndex
Information about a global secondary index for a DynamoDB table replica.
AwsDynamoDbTableRestoreSummary
Information about the restore for the table.
AwsDynamoDbTableSseDescription
Information about the server-side encryption for the table.
AwsDynamoDbTableStreamSpecification
The current DynamoDB Streams configuration for the table.
AwsEc2EipDetails
Information about an Elastic IP address.
AwsEc2InstanceDetails
The details of an Amazon EC2 instance.
AwsEc2NetworkInterfaceAttachment
Information about the network interface attachment.
AwsEc2NetworkInterfaceDetails
Details about the network interface
AwsEc2NetworkInterfaceSecurityGroup
A security group associated with the network interface.
AwsEc2SecurityGroupDetails
Details about an EC2 security group.
AwsEc2SecurityGroupIpPermission
An IP permission for an EC2 security group.
AwsEc2SecurityGroupIpRange
A range of IPv4 addresses.
AwsEc2SecurityGroupIpv6Range
A range of IPv6 addresses.
AwsEc2SecurityGroupPrefixListId
A prefix list ID.
AwsEc2SecurityGroupUserIdGroupPair
A relationship between a security group and a user.
AwsEc2VolumeAttachment
An attachment to an AWS EC2 volume.
AwsEc2VolumeDetails
Details about an EC2 volume.
AwsEc2VpcDetails
Details about an EC2 VPC.
AwsElasticsearchDomainDetails
Information about an Elasticsearch domain.
AwsElasticsearchDomainDomainEndpointOptions
Additional options for the domain endpoint, such as whether to require HTTPS for all traffic.
AwsElasticsearchDomainEncryptionAtRestOptions
Details about the configuration for encryption at rest.
AwsElasticsearchDomainNodeToNodeEncryptionOptions
Details about the configuration for node-to-node encryption.
AwsElasticsearchDomainVPCOptions
Information that Amazon ES derives based on VPCOptions for the domain.
AwsElbAppCookieStickinessPolicy
Contains information about a stickiness policy that was created using CreateAppCookieStickinessPolicy.
AwsElbLbCookieStickinessPolicy
Contains information about a stickiness policy that was created using CreateLBCookieStickinessPolicy.
AwsElbLoadBalancerAccessLog
Contains information about the access log configuration for the load balancer.
AwsElbLoadBalancerAttributes
Contains attributes for the load balancer.
AwsElbLoadBalancerBackendServerDescription
Provides information about the configuration of an EC2 instance for the load balancer.
AwsElbLoadBalancerConnectionDraining
Contains information about the connection draining configuration for the load balancer.
AwsElbLoadBalancerConnectionSettings
Contains connection settings for the load balancer.
AwsElbLoadBalancerCrossZoneLoadBalancing
Contains cross-zone load balancing settings for the load balancer.
AwsElbLoadBalancerDetails
Contains details about a Classic Load Balancer.
AwsElbLoadBalancerHealthCheck
Contains information about the health checks that are conducted on the load balancer.
AwsElbLoadBalancerInstance
Provides information about an EC2 instance for a load balancer.
AwsElbLoadBalancerListener
Information about a load balancer listener.
AwsElbLoadBalancerListenerDescription
Lists the policies that are enabled for a load balancer listener.
AwsElbLoadBalancerPolicies
Contains information about the policies for a load balancer.
AwsElbLoadBalancerSourceSecurityGroup
Contains information about the security group for the load balancer.
AwsElbv2LoadBalancerDetails
Information about a load balancer.
AwsIamAccessKeyDetails
IAM access key details related to a finding.
AwsIamAccessKeySessionContext
Provides information about the session that the key was used for.
AwsIamAccessKeySessionContextAttributes
Attributes of the session that the key was used for.
AwsIamAccessKeySessionContextSessionIssuer
Information about the entity that created the session.
AwsIamAttachedManagedPolicy
A managed policy that is attached to an IAM principal.
AwsIamGroupDetails
Contains details about an IAM group.
AwsIamGroupPolicy
A managed policy that is attached to the IAM group.
AwsIamInstanceProfile
Information about an instance profile.
AwsIamInstanceProfileRole
Information about a role associated with an instance profile.
AwsIamPermissionsBoundary
Information about the policy used to set the permissions boundary for an IAM principal.
AwsIamPolicyDetails
Represents an IAM permissions policy.
AwsIamPolicyVersion
A version of an IAM policy.
AwsIamRoleDetails
Contains information about an IAM role, including all of the role's policies.
AwsIamRolePolicy
An inline policy that is embedded in the role.
AwsIamUserDetails
Information about an IAM user.
AwsIamUserPolicy
Information about an inline policy that is embedded in the user.
AwsKmsKeyDetails
Contains metadata about a customer master key (CMK).
AwsLambdaFunctionCode
The code for the Lambda function. You can specify either an object in Amazon S3, or upload a deployment package directly.
AwsLambdaFunctionDeadLetterConfig
The dead-letter queue for failed asynchronous invocations.
AwsLambdaFunctionDetails
Details about a function's configuration.
AwsLambdaFunctionEnvironment
A function's environment variable settings.
AwsLambdaFunctionEnvironmentError
Error messages for environment variables that couldn't be applied.
AwsLambdaFunctionLayer
An AWS Lambda layer.
AwsLambdaFunctionTracingConfig
The function's AWS X-Ray tracing configuration.
AwsLambdaFunctionVpcConfig
The VPC security groups and subnets that are attached to a Lambda function. For more information, see VPC Settings.
AwsLambdaLayerVersionDetails
Details about a Lambda layer version.
AwsRdsDbClusterAssociatedRole
An IAM role that is associated with the Amazon RDS DB cluster.
AwsRdsDbClusterDetails
Information about an Amazon RDS DB cluster.
AwsRdsDbClusterMember
Information about an instance in the DB cluster.
AwsRdsDbClusterOptionGroupMembership
Information about an option group membership for a DB cluster.
AwsRdsDbClusterSnapshotDetails
Information about an Amazon RDS DB cluster snapshot.
AwsRdsDbDomainMembership
Information about an Active Directory domain membership record associated with the DB instance.
AwsRdsDbInstanceAssociatedRole
An AWS Identity and Access Management (IAM) role associated with the DB instance.
AwsRdsDbInstanceDetails
Contains the details of an Amazon RDS DB instance.
AwsRdsDbInstanceEndpoint
Specifies the connection endpoint.
AwsRdsDbInstanceVpcSecurityGroup
A VPC security groups that the DB instance belongs to.
AwsRdsDbOptionGroupMembership
AwsRdsDbParameterGroup
AwsRdsDbPendingModifiedValues
AwsRdsDbProcessorFeature
AwsRdsDbSnapshotDetails
AwsRdsDbStatusInfo
Information about the status of a read replica.
AwsRdsDbSubnetGroup
Information about the subnet group for the database instance.
AwsRdsDbSubnetGroupSubnet
Information about a subnet in a subnet group.
AwsRdsDbSubnetGroupSubnetAvailabilityZone
An Availability Zone for a subnet in a subnet group.
AwsRdsPendingCloudWatchLogsExports
Identifies the log types to enable and disable.
AwsRedshiftClusterClusterNode
A node in an Amazon Redshift cluster.
AwsRedshiftClusterClusterParameterGroup
A cluster parameter group that is associated with an Amazon Redshift cluster.
AwsRedshiftClusterClusterParameterStatus
The status of a parameter in a cluster parameter group for an Amazon Redshift cluster.
AwsRedshiftClusterClusterSecurityGroup
A security group that is associated with the cluster.
AwsRedshiftClusterClusterSnapshotCopyStatus
Information about a cross-Region snapshot copy.
AwsRedshiftClusterDeferredMaintenanceWindow
A time windows during which maintenance was deferred for an Amazon Redshift cluster.
AwsRedshiftClusterDetails
Details about an Amazon Redshift cluster.
AwsRedshiftClusterElasticIpStatus
The status of the elastic IP (EIP) address for an Amazon Redshift cluster.
AwsRedshiftClusterEndpoint
The connection endpoint for an Amazon Redshift cluster.
AwsRedshiftClusterHsmStatus
Information about whether an Amazon Redshift cluster finished applying any hardware changes to security module (HSM) settings that were specified in a modify cluster command.
AwsRedshiftClusterIamRole
An IAM role that the cluster can use to access other AWS services.
AwsRedshiftClusterPendingModifiedValues
Changes to the Amazon Redshift cluster that are currently pending.
AwsRedshiftClusterResizeInfo
Information about the resize operation for the cluster.
AwsRedshiftClusterRestoreStatus
Information about the status of a cluster restore action. It only applies if the cluster was created by restoring a snapshot.
AwsRedshiftClusterVpcSecurityGroup
A VPC security group that the cluster belongs to, if the cluster is in a VPC.
AwsS3BucketDetails
The details of an Amazon S3 bucket.
AwsS3BucketServerSideEncryptionByDefault
Specifies the default server-side encryption to apply to new objects in the bucket.
AwsS3BucketServerSideEncryptionConfiguration
The encryption configuration for the S3 bucket.
AwsS3BucketServerSideEncryptionRule
An encryption rule to apply to the S3 bucket.
AwsS3ObjectDetails
Details about an Amazon S3 object.
AwsSecretsManagerSecretDetails
Details about an AWS Secrets Manager secret.
AwsSecretsManagerSecretRotationRules
Defines the rotation schedule for the secret.
AwsSecurityFinding
Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and security standards checks.
AwsSecurityFindingFilters
A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.
AwsSecurityFindingIdentifier
Identifies a finding to update using BatchUpdateFindings.
AwsSnsTopicDetails
A wrapper type for the topic's Amazon Resource Name (ARN).
AwsSnsTopicSubscription
A wrapper type for the attributes of an Amazon SNS subscription.
AwsSqsQueueDetails
Data about a queue.
AwsWafWebAclDetails
Details about a WAF WebACL.
AwsWafWebAclRule
Details for a rule in a WAF WebACL.
BatchDisableStandardsResponse
BatchEnableStandardsResponse
BatchImportFindingsResponse
BatchUpdateFindingsResponse
BatchUpdateFindingsUnprocessedFinding
A finding from a BatchUpdateFindings request that Security Hub was unable to update.
CidrBlockAssociation
An IPv4 CIDR block association.
Compliance
Contains finding details that are specific to control-based findings. Only returned for findings generated from controls.
ContainerDetails
Container details related to a finding.
CreateActionTargetResponse
CreateInsightResponse
CreateMembersResponse
Cvss
CVSS scores from the advisory related to the vulnerability.
DateFilter
A date filter for querying findings.
DateRange
A date range for the date filter.
DeclineInvitationsResponse
DeleteActionTargetResponse
DeleteInsightResponse
DeleteInvitationsResponse
DeleteMembersResponse
DescribeActionTargetsResponse
DescribeHubResponse
DescribeOrganizationConfigurationResponse
DescribeProductsResponse
DescribeStandardsControlsResponse
DescribeStandardsResponse
DisableImportFindingsForProductResponse
DisableOrganizationAdminAccountResponse
DisableSecurityHubResponse
DisassociateFromMasterAccountResponse
DisassociateMembersResponse
EnableImportFindingsForProductResponse
EnableOrganizationAdminAccountResponse
EnableSecurityHubResponse
GetEnabledStandardsResponse
GetFindingsResponse
GetInsightResultsResponse
GetInsightsResponse
GetInvitationsCountResponse
GetMasterAccountResponse
GetMembersResponse
ImportFindingsError
The list of the findings that cannot be imported. For each finding, the list provides the error.
Insight
Contains information about a Security Hub insight.
InsightResults
The insight results returned by the GetInsightResults operation.
InsightResultValue
The insight result values returned by the GetInsightResults operation.
Invitation
Details about an invitation.
InviteMembersResponse
IpFilter
The IP filter for querying findings.
Ipv6CidrBlockAssociation
An IPV6 CIDR block association.
KeywordFilter
A keyword filter for querying findings.
ListEnabledProductsForImportResponse
ListInvitationsResponse
ListMembersResponse
ListOrganizationAdminAccountsResponse
ListTagsForResourceResponse
LoadBalancerState
Information about the state of the load balancer.
Malware
A list of malware related to a finding.
MapFilter
A map filter for querying findings. Each map filter provides the field to check, the value to look for, and the comparison operator.
Member
The details about a member account.
Network
The details of network-related information about a finding.
NetworkHeader
Details about a network path component that occurs before or after the current component.
NetworkPathComponent
Information about a network path component.
NetworkPathComponentDetails
Information about the destination of the next component in the network path.
Note
A user-defined note added to a finding.
NoteUpdate
The updated note.
NumberFilter
A number filter for querying findings.
PatchSummary
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
PortRange
A range of ports.
ProcessDetails
The details of process-related information about a finding.
Product
Contains details about a product.
Recommendation
A recommendation on how to remediate the issue identified in a finding.
RelatedFinding
Details about a related finding.
Remediation
Details about the remediation steps for a finding.
Resource
A resource related to a finding.
ResourceDetails
Additional details about a resource related to a finding.
Result
Details about the account that was not processed.
SecurityHub
Security Hub provides you with a comprehensive view of the security state of your AWS environment and resources. It also provides you with the readiness status of your environment based on controls from supported security standards. Security Hub collects security data from AWS accounts, services, and integrated third-party products and helps you analyze security trends in your environment to identify the highest priority security issues. For more information about Security Hub, see the AWS Security Hub User Guide .
Severity
The severity of the finding.
SeverityUpdate
Updates to the severity information for a finding.
SoftwarePackage
Information about a software package.
SortCriterion
A collection of finding attributes used to sort findings.
Standard
Provides information about a specific standard.
StandardsControl
Details for an individual security standard control.
StandardsSubscription
A resource that represents your subscription to a supported standard.
StandardsSubscriptionRequest
The standard that you want to enable.
StatusReason
Provides additional context for the value of Compliance.Status.
StringFilter
A string filter for querying findings.
TagResourceResponse
ThreatIntelIndicator
Details about the threat intelligence related to a finding.
UntagResourceResponse
UpdateActionTargetResponse
UpdateFindingsResponse
UpdateInsightResponse
UpdateOrganizationConfigurationResponse
UpdateSecurityHubConfigurationResponse
UpdateStandardsControlResponse
Vulnerability
A vulnerability associated with a finding.
VulnerabilityVendor
A vendor that generates a vulnerability report.
WafAction
Details about the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule.
WafExcludedRule
Details about a rule to exclude from a rule group.
WafOverrideAction
Details about an override action for a rule.
Workflow
Provides information about the status of the investigation into a finding.
WorkflowUpdate
Used to update information about the investigation into the finding.

Extensions

AdminStatusFromString on String
AdminStatusValueExtension on AdminStatus
AwsIamAccessKeyStatusFromString on String
AwsIamAccessKeyStatusValueExtension on AwsIamAccessKeyStatus
ComplianceStatusFromString on String
ComplianceStatusValueExtension on ComplianceStatus
ControlStatusFromString on String
ControlStatusValueExtension on ControlStatus
DateRangeUnitFromString on String
DateRangeUnitValueExtension on DateRangeUnit
IntegrationTypeFromString on String
IntegrationTypeValueExtension on IntegrationType
MalwareStateFromString on String
MalwareStateValueExtension on MalwareState
MalwareTypeFromString on String
MalwareTypeValueExtension on MalwareType
MapFilterComparisonFromString on String
MapFilterComparisonValueExtension on MapFilterComparison
NetworkDirectionFromString on String
NetworkDirectionValueExtension on NetworkDirection
PartitionFromString on String
PartitionValueExtension on Partition
RecordStateFromString on String
RecordStateValueExtension on RecordState
SeverityLabelFromString on String
SeverityLabelValueExtension on SeverityLabel
SeverityRatingFromString on String
SeverityRatingValueExtension on SeverityRating
SortOrderFromString on String
SortOrderValueExtension on SortOrder
StandardsStatusFromString on String
StandardsStatusValueExtension on StandardsStatus
StringFilterComparisonFromString on String
StringFilterComparisonValueExtension on StringFilterComparison
ThreatIntelIndicatorCategoryFromString on String
ThreatIntelIndicatorCategoryValueExtension on ThreatIntelIndicatorCategory
ThreatIntelIndicatorTypeFromString on String
ThreatIntelIndicatorTypeValueExtension on ThreatIntelIndicatorType
VerificationStateFromString on String
VerificationStateValueExtension on VerificationState
WorkflowStateFromString on String
WorkflowStateValueExtension on WorkflowState
WorkflowStatusFromString on String
WorkflowStatusValueExtension on WorkflowStatus