Skip to content

Commit

Permalink
feat(client-securityhub): Added Inspector Lambda code Vulnerability s…
Browse files Browse the repository at this point in the history 
…ection to ASFF, including GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
  • Loading branch information
awstools committed Aug 18, 2023
1 parent 015cd79 commit 2cdf852
Show file tree
Hide file tree
Showing 13 changed files with 1,964 additions and 436 deletions.
6 changes: 4 additions & 2 deletions clients/client-securityhub/README.md
View file
Expand Up @@ -10,8 +10,10 @@ AWS SDK for JavaScript SecurityHub Client for Node.js, Browser and React Native.
your Amazon Web Services environment and resources. It also provides you with the readiness
status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and
integrated third-party products and helps you analyze security trends in your environment
to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">Security HubUser
Guide</a>.</p>
to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">
<i>Security Hub User
Guide</i>
</a>.</p>
<p>When you use operations in the Security Hub API, the requests are executed only in
the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change
that results from the operation is applied only to that Region. To make the same change in
Expand Down
6 changes: 4 additions & 2 deletions clients/client-securityhub/src/SecurityHub.ts
View file
Expand Up @@ -1448,8 +1448,10 @@ export interface SecurityHub {
* your Amazon Web Services environment and resources. It also provides you with the readiness
* status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and
* integrated third-party products and helps you analyze security trends in your environment
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">Security HubUser
* Guide</a>.</p>
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">
* <i>Security Hub User
* Guide</i>
* </a>.</p>
* <p>When you use operations in the Security Hub API, the requests are executed only in
* the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change
* that results from the operation is applied only to that Region. To make the same change in
Expand Down
6 changes: 4 additions & 2 deletions clients/client-securityhub/src/SecurityHubClient.ts
View file
Expand Up @@ -563,8 +563,10 @@ export interface SecurityHubClientResolvedConfig extends SecurityHubClientResolv
* your Amazon Web Services environment and resources. It also provides you with the readiness
* status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and
* integrated third-party products and helps you analyze security trends in your environment
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">Security HubUser
* Guide</a>.</p>
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">
* <i>Security Hub User
* Guide</i>
* </a>.</p>
* <p>When you use operations in the Security Hub API, the requests are executed only in
* the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change
* that results from the operation is applied only to that Region. To make the same change in
Expand Down
25 changes: 22 additions & 3 deletions clients/client-securityhub/src/commands/BatchImportFindingsCommand.ts
View file
Expand Up @@ -3921,6 +3921,22 @@ export interface BatchImportFindingsCommandOutput extends BatchImportFindingsRes
* },
* ReferenceUrls: "<StringList>",
* FixAvailable: "YES" || "NO" || "PARTIAL",
* EpssScore: Number("double"),
* ExploitAvailable: "YES" || "NO",
* CodeVulnerabilities: [ // VulnerabilityCodeVulnerabilitiesList
* { // VulnerabilityCodeVulnerabilities
* Cwes: [
* "STRING_VALUE",
* ],
* FilePath: { // CodeVulnerabilitiesFilePath
* EndLine: Number("int"),
* FileName: "STRING_VALUE",
* FilePath: "STRING_VALUE",
* StartLine: Number("int"),
* },
* SourceArn: "STRING_VALUE",
* },
* ],
* },
* ],
* PatchSummary: { // PatchSummary
Expand Down Expand Up @@ -4055,11 +4071,14 @@ export interface BatchImportFindingsCommandOutput extends BatchImportFindingsRes
* Label: "INFORMATIONAL" || "LOW" || "MEDIUM" || "HIGH" || "CRITICAL",
* Original: "STRING_VALUE",
* },
* Types: [
* "STRING_VALUE",
* ],
* Types: "<TypeList>",
* },
* Sample: true || false,
* GeneratorDetails: { // GeneratorDetails
* Name: "STRING_VALUE",
* Description: "STRING_VALUE",
* Labels: "<TypeList>",
* },
* },
* ],
* };
Expand Down
4 changes: 2 additions & 2 deletions clients/client-securityhub/src/commands/DeleteMembersCommand.ts
View file
Expand Up @@ -37,8 +37,8 @@ export interface DeleteMembersCommandOutput extends DeleteMembersResponse, __Met
/**
* @public
* <p>Deletes the specified member accounts from Security Hub.</p>
* <p>Can be used to delete member accounts that belong to an organization as well as member
* accounts that were invited manually.</p>
* <p>You can invoke this API only to delete accounts that became members through invitation. You can't invoke this
* API to delete accounts that belong to an Organizations organization.</p>
* @example
* Use a bare-bones client and the command you need to make an API call.
* ```javascript
Expand Down
5 changes: 2 additions & 3 deletions clients/client-securityhub/src/commands/DisableSecurityHubCommand.ts
View file
Expand Up @@ -36,10 +36,9 @@ export interface DisableSecurityHubCommandOutput extends DisableSecurityHubRespo

/**
* @public
* <p>Disables Security Hub in your account only in the current Region. To disable Security Hub in all
* <p>Disables Security Hub in your account only in the current Amazon Web Services Region. To disable Security Hub in all
* Regions, you must submit one request per Region where you have enabled Security Hub.</p>
* <p>When you disable Security Hub for an administrator account, it doesn't disable Security Hub for any associated
* member accounts.</p>
* <p>You can't disable Security Hub in an account that is currently the Security Hub administrator.</p>
* <p>When you disable Security Hub, your existing findings and insights and any Security Hub configuration
* settings are deleted after 90 days and cannot be recovered. Any standards that were enabled
* are disabled, and your administrator and member account associations are removed.</p>
Expand Down
25 changes: 22 additions & 3 deletions clients/client-securityhub/src/commands/GetFindingsCommand.ts
View file
Expand Up @@ -4111,6 +4111,22 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
* // },
* // ReferenceUrls: "<StringList>",
* // FixAvailable: "YES" || "NO" || "PARTIAL",
* // EpssScore: Number("double"),
* // ExploitAvailable: "YES" || "NO",
* // CodeVulnerabilities: [ // VulnerabilityCodeVulnerabilitiesList
* // { // VulnerabilityCodeVulnerabilities
* // Cwes: [
* // "STRING_VALUE",
* // ],
* // FilePath: { // CodeVulnerabilitiesFilePath
* // EndLine: Number("int"),
* // FileName: "STRING_VALUE",
* // FilePath: "STRING_VALUE",
* // StartLine: Number("int"),
* // },
* // SourceArn: "STRING_VALUE",
* // },
* // ],
* // },
* // ],
* // PatchSummary: { // PatchSummary
Expand Down Expand Up @@ -4245,11 +4261,14 @@ export interface GetFindingsCommandOutput extends GetFindingsResponse, __Metadat
* // Label: "INFORMATIONAL" || "LOW" || "MEDIUM" || "HIGH" || "CRITICAL",
* // Original: "STRING_VALUE",
* // },
* // Types: [
* // "STRING_VALUE",
* // ],
* // Types: "<TypeList>",
* // },
* // Sample: true || false,
* // GeneratorDetails: { // GeneratorDetails
* // Name: "STRING_VALUE",
* // Description: "STRING_VALUE",
* // Labels: "<TypeList>",
* // },
* // },
* // ],
* // NextToken: "STRING_VALUE",
Expand Down
2 changes: 1 addition & 1 deletion clients/client-securityhub/src/endpoint/ruleset.ts
View file
Expand Up @@ -26,5 +26,5 @@ m={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:e},"supportsDualStack"
n=[i],
o=[j],
p=[{[t]:"Region"}];
const _data={version:"1.0",parameters:{Region:f,UseDualStack:g,UseFIPS:g,Endpoint:f},rules:[{conditions:[{[r]:a,[s]:[h]}],type:b,rules:[{conditions:n,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:c},{type:b,rules:[{conditions:o,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:c},{endpoint:{url:h,properties:k,headers:k},type:d}]}]},{type:b,rules:[{conditions:[{[r]:a,[s]:p}],type:b,rules:[{conditions:[{[r]:"aws.partition",[s]:p,assign:e}],type:b,rules:[{conditions:[i,j],type:b,rules:[{conditions:[l,m],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://securityhub-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:c}]},{conditions:n,type:b,rules:[{conditions:[l],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://securityhub-fips.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:c}]},{conditions:o,type:b,rules:[{conditions:[m],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://securityhub.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"DualStack is enabled but this partition does not support DualStack",type:c}]},{type:b,rules:[{endpoint:{url:"https://securityhub.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]}]}]},{error:"Invalid Configuration: Missing Region",type:c}]}]};
const _data={version:"1.0",parameters:{Region:f,UseDualStack:g,UseFIPS:g,Endpoint:f},rules:[{conditions:[{[r]:a,[s]:[h]}],type:b,rules:[{conditions:n,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:c},{conditions:o,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:c},{endpoint:{url:h,properties:k,headers:k},type:d}]},{conditions:[{[r]:a,[s]:p}],type:b,rules:[{conditions:[{[r]:"aws.partition",[s]:p,assign:e}],type:b,rules:[{conditions:[i,j],type:b,rules:[{conditions:[l,m],type:b,rules:[{endpoint:{url:"https://securityhub-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:c}]},{conditions:n,type:b,rules:[{conditions:[l],type:b,rules:[{endpoint:{url:"https://securityhub-fips.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]},{error:"FIPS is enabled but this partition does not support FIPS",type:c}]},{conditions:o,type:b,rules:[{conditions:[m],type:b,rules:[{endpoint:{url:"https://securityhub.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]},{error:"DualStack is enabled but this partition does not support DualStack",type:c}]},{endpoint:{url:"https://securityhub.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"Invalid Configuration: Missing Region",type:c}]};
export const ruleSet: RuleSetObject = _data;
6 changes: 4 additions & 2 deletions clients/client-securityhub/src/index.ts
View file
Expand Up @@ -5,8 +5,10 @@
* your Amazon Web Services environment and resources. It also provides you with the readiness
* status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and
* integrated third-party products and helps you analyze security trends in your environment
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">Security HubUser
* Guide</a>.</p>
* to identify the highest priority security issues. For more information about Security Hub, see the <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html">
* <i>Security Hub User
* Guide</i>
* </a>.</p>
* <p>When you use operations in the Security Hub API, the requests are executed only in
* the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change
* that results from the operation is applied only to that Region. To make the same change in
Expand Down

0 comments on commit 2cdf852

Please sign in to comment.