Class: Aws::SecurityHub::Types::AutomationRulesFindingFilters

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

The criteria that determine which findings a rule applies to.

See Also:

Constant Summary collapse

SENSITIVE = 
[]

Instance Attribute Summary collapse

Instance Attribute Details

#aws_account_idArray<Types::StringFilter>

The Amazon Web Services account ID in which a finding was generated.

Array Members: Minimum number of 1 item. Maximum number of 100 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#aws_account_nameArray<Types::StringFilter>

The name of the Amazon Web Services account in which a finding was generated.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#company_nameArray<Types::StringFilter>

The name of the company for the product that generated the finding. For control-based findings, the company is Amazon Web Services.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#compliance_associated_standards_idArray<Types::StringFilter>

The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the DescribeStandards API response.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#compliance_security_control_idArray<Types::StringFilter>

The security control ID for which a finding was generated. Security control IDs are the same across standards.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#compliance_statusArray<Types::StringFilter>

The result of a security check. This field is only used for findings generated from controls.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#confidenceArray<Types::NumberFilter>

The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0–100 basis using a ratio scale. A value of 0 means 0 percent confidence, and a value of 100 means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see Confidence in the Security Hub User Guide.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#created_atArray<Types::DateFilter>

A timestamp that indicates when this finding record was created.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

  • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

  • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#criticalityArray<Types::NumberFilter>

The level of importance that is assigned to the resources that are associated with a finding. Criticality is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. For more information, see Criticality in the Security Hub User Guide.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#descriptionArray<Types::StringFilter>

A finding's description.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#first_observed_atArray<Types::DateFilter>

A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

  • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

  • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#generator_idArray<Types::StringFilter>

The identifier for the solution-specific component that generated a finding.

Array Members: Minimum number of 1 item. Maximum number of 100 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#idArray<Types::StringFilter>

The product-specific identifier for a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#last_observed_atArray<Types::DateFilter>

A timestamp that indicates when the potential security issue captured by a finding was most recently observed by the security findings product.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

  • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

  • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#note_textArray<Types::StringFilter>

The text of a user-defined note that's added to a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_atArray<Types::DateFilter>

The timestamp of when the note was updated.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

  • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

  • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#note_updated_byArray<Types::StringFilter>

The principal that created a note.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_arnArray<Types::StringFilter>

The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#product_nameArray<Types::StringFilter>

Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#record_stateArray<Types::StringFilter>

Provides the current state of a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#related_findings_idArray<Types::StringFilter>

The product-generated identifier for a related finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#related_findings_product_arnArray<Types::StringFilter>

The ARN for the product that generated a related finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_application_arnArray<Types::StringFilter>

The Amazon Resource Name (ARN) of the application that is related to a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_application_nameArray<Types::StringFilter>

The name of the application that is related to a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_details_otherArray<Types::MapFilter>

Custom fields and values about the resource that a finding pertains to.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_idArray<Types::StringFilter>

The identifier for the given resource type. For Amazon Web Services resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For Amazon Web Services resources that lack ARNs, this is the identifier as defined by the Amazon Web Service that created the resource. For non-Amazon Web Services resources, this is a unique identifier that is associated with the resource.

Array Members: Minimum number of 1 item. Maximum number of 100 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_partitionArray<Types::StringFilter>

The partition in which the resource that the finding pertains to is located. A partition is a group of Amazon Web Services Regions. Each Amazon Web Services account is scoped to one partition.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_regionArray<Types::StringFilter>

The Amazon Web Services Region where the resource that a finding pertains to is located.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_tagsArray<Types::MapFilter>

A list of Amazon Web Services tags associated with a resource at the time the finding was processed.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#resource_typeArray<Types::StringFilter>

The type of resource that the finding pertains to.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#severity_labelArray<Types::StringFilter>

The severity value of the finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#source_urlArray<Types::StringFilter>

Provides a URL that links to a page about the current finding in the finding product.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#titleArray<Types::StringFilter>

A finding's title.

Array Members: Minimum number of 1 item. Maximum number of 100 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#typeArray<Types::StringFilter>

One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see Types taxonomy for ASFF in the Security Hub User Guide.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#updated_atArray<Types::DateFilter>

A timestamp that indicates when the finding record was most recently updated.

This field accepts only the specified formats. Timestamps can end with Z or ("+" / "-") time-hour [":" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:

  • YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)

  • YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)

  • YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)

  • YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#user_defined_fieldsArray<Types::MapFilter>

A list of user-defined name and value string pairs added to a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#verification_stateArray<Types::StringFilter>

Provides the veracity of a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end

#workflow_statusArray<Types::StringFilter>

Provides information about the status of the investigation into a finding.

Array Members: Minimum number of 1 item. Maximum number of 20 items.

Returns:



1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
 
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 1026

class AutomationRulesFindingFilters < Struct.new(
  :product_arn,
  :aws_account_id,
  :id,
  :generator_id,
  :type,
  :first_observed_at,
  :last_observed_at,
  :created_at,
  :updated_at,
  :confidence,
  :criticality,
  :title,
  :description,
  :source_url,
  :product_name,
  :company_name,
  :severity_label,
  :resource_type,
  :resource_id,
  :resource_partition,
  :resource_region,
  :resource_tags,
  :resource_details_other,
  :compliance_status,
  :compliance_security_control_id,
  :compliance_associated_standards_id,
  :verification_state,
  :workflow_status,
  :record_state,
  :related_findings_product_arn,
  :related_findings_id,
  :note_text,
  :note_updated_at,
  :note_updated_by,
  :user_defined_fields,
  :resource_application_arn,
  :resource_application_name,
  :aws_account_name)
  SENSITIVE = []
  include Aws::Structure
end