AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

You are viewing documentation for version 2 of the AWS SDK for Ruby. Version 3 documentation can be found here.

Class: Aws::SecurityHub::Types::AwsSecurityFinding

Inherits:
Struct
  • Object
show all
Defined in:
(unknown)

Overview

Note:

When passing AwsSecurityFinding as input to an Aws::Client method, you can use a vanilla Hash:

{
  schema_version: "NonEmptyString", # required
  id: "NonEmptyString", # required
  product_arn: "NonEmptyString", # required
  generator_id: "NonEmptyString", # required
  aws_account_id: "NonEmptyString", # required
  types: ["NonEmptyString"], # required
  first_observed_at: "NonEmptyString",
  last_observed_at: "NonEmptyString",
  created_at: "NonEmptyString", # required
  updated_at: "NonEmptyString", # required
  severity: { # required
    product: 1.0,
    label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
    normalized: 1,
    original: "NonEmptyString",
  },
  confidence: 1,
  criticality: 1,
  title: "NonEmptyString", # required
  description: "NonEmptyString", # required
  remediation: {
    recommendation: {
      text: "NonEmptyString",
      url: "NonEmptyString",
    },
  },
  source_url: "NonEmptyString",
  product_fields: {
    "NonEmptyString" => "NonEmptyString",
  },
  user_defined_fields: {
    "NonEmptyString" => "NonEmptyString",
  },
  malware: [
    {
      name: "NonEmptyString", # required
      type: "ADWARE", # accepts ADWARE, BLENDED_THREAT, BOTNET_AGENT, COIN_MINER, EXPLOIT_KIT, KEYLOGGER, MACRO, POTENTIALLY_UNWANTED, SPYWARE, RANSOMWARE, REMOTE_ACCESS, ROOTKIT, TROJAN, VIRUS, WORM
      path: "NonEmptyString",
      state: "OBSERVED", # accepts OBSERVED, REMOVAL_FAILED, REMOVED
    },
  ],
  network: {
    direction: "IN", # accepts IN, OUT
    protocol: "NonEmptyString",
    open_port_range: {
      begin: 1,
      end: 1,
    },
    source_ip_v4: "NonEmptyString",
    source_ip_v6: "NonEmptyString",
    source_port: 1,
    source_domain: "NonEmptyString",
    source_mac: "NonEmptyString",
    destination_ip_v4: "NonEmptyString",
    destination_ip_v6: "NonEmptyString",
    destination_port: 1,
    destination_domain: "NonEmptyString",
  },
  network_path: [
    {
      component_id: "NonEmptyString",
      component_type: "NonEmptyString",
      egress: {
        protocol: "NonEmptyString",
        destination: {
          address: ["NonEmptyString"],
          port_ranges: [
            {
              begin: 1,
              end: 1,
            },
          ],
        },
        source: {
          address: ["NonEmptyString"],
          port_ranges: [
            {
              begin: 1,
              end: 1,
            },
          ],
        },
      },
      ingress: {
        protocol: "NonEmptyString",
        destination: {
          address: ["NonEmptyString"],
          port_ranges: [
            {
              begin: 1,
              end: 1,
            },
          ],
        },
        source: {
          address: ["NonEmptyString"],
          port_ranges: [
            {
              begin: 1,
              end: 1,
            },
          ],
        },
      },
    },
  ],
  process: {
    name: "NonEmptyString",
    path: "NonEmptyString",
    pid: 1,
    parent_pid: 1,
    launched_at: "NonEmptyString",
    terminated_at: "NonEmptyString",
  },
  threat_intel_indicators: [
    {
      type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL
      value: "NonEmptyString",
      category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER
      last_observed_at: "NonEmptyString",
      source: "NonEmptyString",
      source_url: "NonEmptyString",
    },
  ],
  resources: [ # required
    {
      type: "NonEmptyString", # required
      id: "NonEmptyString", # required
      partition: "aws", # accepts aws, aws-cn, aws-us-gov
      region: "NonEmptyString",
      resource_role: "NonEmptyString",
      tags: {
        "NonEmptyString" => "NonEmptyString",
      },
      details: {
        aws_auto_scaling_auto_scaling_group: {
          launch_configuration_name: "NonEmptyString",
          load_balancer_names: ["NonEmptyString"],
          health_check_type: "NonEmptyString",
          health_check_grace_period: 1,
          created_time: "NonEmptyString",
        },
        aws_code_build_project: {
          encryption_key: "NonEmptyString",
          environment: {
            certificate: "NonEmptyString",
            image_pull_credentials_type: "NonEmptyString",
            registry_credential: {
              credential: "NonEmptyString",
              credential_provider: "NonEmptyString",
            },
            type: "NonEmptyString",
          },
          name: "NonEmptyString",
          source: {
            type: "NonEmptyString",
            location: "NonEmptyString",
            git_clone_depth: 1,
            insecure_ssl: false,
          },
          service_role: "NonEmptyString",
          vpc_config: {
            vpc_id: "NonEmptyString",
            subnets: ["NonEmptyString"],
            security_group_ids: ["NonEmptyString"],
          },
        },
        aws_cloud_front_distribution: {
          cache_behaviors: {
            items: [
              {
                viewer_protocol_policy: "NonEmptyString",
              },
            ],
          },
          default_cache_behavior: {
            viewer_protocol_policy: "NonEmptyString",
          },
          default_root_object: "NonEmptyString",
          domain_name: "NonEmptyString",
          etag: "NonEmptyString",
          last_modified_time: "NonEmptyString",
          logging: {
            bucket: "NonEmptyString",
            enabled: false,
            include_cookies: false,
            prefix: "NonEmptyString",
          },
          origins: {
            items: [
              {
                domain_name: "NonEmptyString",
                id: "NonEmptyString",
                origin_path: "NonEmptyString",
                s3_origin_config: {
                  origin_access_identity: "NonEmptyString",
                },
              },
            ],
          },
          origin_groups: {
            items: [
              {
                failover_criteria: {
                  status_codes: {
                    items: [1],
                    quantity: 1,
                  },
                },
              },
            ],
          },
          status: "NonEmptyString",
          web_acl_id: "NonEmptyString",
        },
        aws_ec2_instance: {
          type: "NonEmptyString",
          image_id: "NonEmptyString",
          ip_v4_addresses: ["NonEmptyString"],
          ip_v6_addresses: ["NonEmptyString"],
          key_name: "NonEmptyString",
          iam_instance_profile_arn: "NonEmptyString",
          vpc_id: "NonEmptyString",
          subnet_id: "NonEmptyString",
          launched_at: "NonEmptyString",
        },
        aws_ec2_network_interface: {
          attachment: {
            attach_time: "NonEmptyString",
            attachment_id: "NonEmptyString",
            delete_on_termination: false,
            device_index: 1,
            instance_id: "NonEmptyString",
            instance_owner_id: "NonEmptyString",
            status: "NonEmptyString",
          },
          network_interface_id: "NonEmptyString",
          security_groups: [
            {
              group_name: "NonEmptyString",
              group_id: "NonEmptyString",
            },
          ],
          source_dest_check: false,
        },
        aws_ec2_security_group: {
          group_name: "NonEmptyString",
          group_id: "NonEmptyString",
          owner_id: "NonEmptyString",
          vpc_id: "NonEmptyString",
          ip_permissions: [
            {
              ip_protocol: "NonEmptyString",
              from_port: 1,
              to_port: 1,
              user_id_group_pairs: [
                {
                  group_id: "NonEmptyString",
                  group_name: "NonEmptyString",
                  peering_status: "NonEmptyString",
                  user_id: "NonEmptyString",
                  vpc_id: "NonEmptyString",
                  vpc_peering_connection_id: "NonEmptyString",
                },
              ],
              ip_ranges: [
                {
                  cidr_ip: "NonEmptyString",
                },
              ],
              ipv_6_ranges: [
                {
                  cidr_ipv_6: "NonEmptyString",
                },
              ],
              prefix_list_ids: [
                {
                  prefix_list_id: "NonEmptyString",
                },
              ],
            },
          ],
          ip_permissions_egress: [
            {
              ip_protocol: "NonEmptyString",
              from_port: 1,
              to_port: 1,
              user_id_group_pairs: [
                {
                  group_id: "NonEmptyString",
                  group_name: "NonEmptyString",
                  peering_status: "NonEmptyString",
                  user_id: "NonEmptyString",
                  vpc_id: "NonEmptyString",
                  vpc_peering_connection_id: "NonEmptyString",
                },
              ],
              ip_ranges: [
                {
                  cidr_ip: "NonEmptyString",
                },
              ],
              ipv_6_ranges: [
                {
                  cidr_ipv_6: "NonEmptyString",
                },
              ],
              prefix_list_ids: [
                {
                  prefix_list_id: "NonEmptyString",
                },
              ],
            },
          ],
        },
        aws_ec2_volume: {
          create_time: "NonEmptyString",
          encrypted: false,
          size: 1,
          snapshot_id: "NonEmptyString",
          status: "NonEmptyString",
          kms_key_id: "NonEmptyString",
          attachments: [
            {
              attach_time: "NonEmptyString",
              delete_on_termination: false,
              instance_id: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
        },
        aws_ec2_vpc: {
          cidr_block_association_set: [
            {
              association_id: "NonEmptyString",
              cidr_block: "NonEmptyString",
              cidr_block_state: "NonEmptyString",
            },
          ],
          ipv_6_cidr_block_association_set: [
            {
              association_id: "NonEmptyString",
              ipv_6_cidr_block: "NonEmptyString",
              cidr_block_state: "NonEmptyString",
            },
          ],
          dhcp_options_id: "NonEmptyString",
          state: "NonEmptyString",
        },
        aws_ec2_eip: {
          instance_id: "NonEmptyString",
          public_ip: "NonEmptyString",
          allocation_id: "NonEmptyString",
          association_id: "NonEmptyString",
          domain: "NonEmptyString",
          public_ipv_4_pool: "NonEmptyString",
          network_border_group: "NonEmptyString",
          network_interface_id: "NonEmptyString",
          network_interface_owner_id: "NonEmptyString",
          private_ip_address: "NonEmptyString",
        },
        aws_elbv_2_load_balancer: {
          availability_zones: [
            {
              zone_name: "NonEmptyString",
              subnet_id: "NonEmptyString",
            },
          ],
          canonical_hosted_zone_id: "NonEmptyString",
          created_time: "NonEmptyString",
          dns_name: "NonEmptyString",
          ip_address_type: "NonEmptyString",
          scheme: "NonEmptyString",
          security_groups: ["NonEmptyString"],
          state: {
            code: "NonEmptyString",
            reason: "NonEmptyString",
          },
          type: "NonEmptyString",
          vpc_id: "NonEmptyString",
        },
        aws_elasticsearch_domain: {
          access_policies: "NonEmptyString",
          domain_endpoint_options: {
            enforce_https: false,
            tls_security_policy: "NonEmptyString",
          },
          domain_id: "NonEmptyString",
          domain_name: "NonEmptyString",
          endpoint: "NonEmptyString",
          endpoints: {
            "NonEmptyString" => "NonEmptyString",
          },
          elasticsearch_version: "NonEmptyString",
          encryption_at_rest_options: {
            enabled: false,
            kms_key_id: "NonEmptyString",
          },
          node_to_node_encryption_options: {
            enabled: false,
          },
          vpc_options: {
            availability_zones: ["NonEmptyString"],
            security_group_ids: ["NonEmptyString"],
            subnet_ids: ["NonEmptyString"],
            vpc_id: "NonEmptyString",
          },
        },
        aws_s3_bucket: {
          owner_id: "NonEmptyString",
          owner_name: "NonEmptyString",
          created_at: "NonEmptyString",
          server_side_encryption_configuration: {
            rules: [
              {
                apply_server_side_encryption_by_default: {
                  sse_algorithm: "NonEmptyString",
                  kms_master_key_id: "NonEmptyString",
                },
              },
            ],
          },
        },
        aws_s3_object: {
          last_modified: "NonEmptyString",
          etag: "NonEmptyString",
          version_id: "NonEmptyString",
          content_type: "NonEmptyString",
          server_side_encryption: "NonEmptyString",
          ssekms_key_id: "NonEmptyString",
        },
        aws_secrets_manager_secret: {
          rotation_rules: {
            automatically_after_days: 1,
          },
          rotation_occurred_within_frequency: false,
          kms_key_id: "NonEmptyString",
          rotation_enabled: false,
          rotation_lambda_arn: "NonEmptyString",
          deleted: false,
          name: "NonEmptyString",
          description: "NonEmptyString",
        },
        aws_iam_access_key: {
          user_name: "NonEmptyString",
          status: "Active", # accepts Active, Inactive
          created_at: "NonEmptyString",
          principal_id: "NonEmptyString",
          principal_type: "NonEmptyString",
          principal_name: "NonEmptyString",
          account_id: "NonEmptyString",
          access_key_id: "NonEmptyString",
          session_context: {
            attributes: {
              mfa_authenticated: false,
              creation_date: "NonEmptyString",
            },
            session_issuer: {
              type: "NonEmptyString",
              principal_id: "NonEmptyString",
              arn: "NonEmptyString",
              account_id: "NonEmptyString",
              user_name: "NonEmptyString",
            },
          },
        },
        aws_iam_user: {
          attached_managed_policies: [
            {
              policy_name: "NonEmptyString",
              policy_arn: "NonEmptyString",
            },
          ],
          create_date: "NonEmptyString",
          group_list: ["NonEmptyString"],
          path: "NonEmptyString",
          permissions_boundary: {
            permissions_boundary_arn: "NonEmptyString",
            permissions_boundary_type: "NonEmptyString",
          },
          user_id: "NonEmptyString",
          user_name: "NonEmptyString",
          user_policy_list: [
            {
              policy_name: "NonEmptyString",
            },
          ],
        },
        aws_iam_policy: {
          attachment_count: 1,
          create_date: "NonEmptyString",
          default_version_id: "NonEmptyString",
          description: "NonEmptyString",
          is_attachable: false,
          path: "NonEmptyString",
          permissions_boundary_usage_count: 1,
          policy_id: "NonEmptyString",
          policy_name: "NonEmptyString",
          policy_version_list: [
            {
              version_id: "NonEmptyString",
              is_default_version: false,
              create_date: "NonEmptyString",
            },
          ],
          update_date: "NonEmptyString",
        },
        aws_api_gateway_v2_stage: {
          created_date: "NonEmptyString",
          description: "NonEmptyString",
          default_route_settings: {
            detailed_metrics_enabled: false,
            logging_level: "NonEmptyString",
            data_trace_enabled: false,
            throttling_burst_limit: 1,
            throttling_rate_limit: 1.0,
          },
          deployment_id: "NonEmptyString",
          last_updated_date: "NonEmptyString",
          route_settings: {
            detailed_metrics_enabled: false,
            logging_level: "NonEmptyString",
            data_trace_enabled: false,
            throttling_burst_limit: 1,
            throttling_rate_limit: 1.0,
          },
          stage_name: "NonEmptyString",
          stage_variables: {
            "NonEmptyString" => "NonEmptyString",
          },
          access_log_settings: {
            format: "NonEmptyString",
            destination_arn: "NonEmptyString",
          },
          auto_deploy: false,
          last_deployment_status_message: "NonEmptyString",
          api_gateway_managed: false,
        },
        aws_api_gateway_v2_api: {
          api_endpoint: "NonEmptyString",
          api_id: "NonEmptyString",
          api_key_selection_expression: "NonEmptyString",
          created_date: "NonEmptyString",
          description: "NonEmptyString",
          version: "NonEmptyString",
          name: "NonEmptyString",
          protocol_type: "NonEmptyString",
          route_selection_expression: "NonEmptyString",
          cors_configuration: {
            allow_origins: ["NonEmptyString"],
            allow_credentials: false,
            expose_headers: ["NonEmptyString"],
            max_age: 1,
            allow_methods: ["NonEmptyString"],
            allow_headers: ["NonEmptyString"],
          },
        },
        aws_dynamo_db_table: {
          attribute_definitions: [
            {
              attribute_name: "NonEmptyString",
              attribute_type: "NonEmptyString",
            },
          ],
          billing_mode_summary: {
            billing_mode: "NonEmptyString",
            last_update_to_pay_per_request_date_time: "NonEmptyString",
          },
          creation_date_time: "NonEmptyString",
          global_secondary_indexes: [
            {
              backfilling: false,
              index_arn: "NonEmptyString",
              index_name: "NonEmptyString",
              index_size_bytes: 1,
              index_status: "NonEmptyString",
              item_count: 1,
              key_schema: [
                {
                  attribute_name: "NonEmptyString",
                  key_type: "NonEmptyString",
                },
              ],
              projection: {
                non_key_attributes: ["NonEmptyString"],
                projection_type: "NonEmptyString",
              },
              provisioned_throughput: {
                last_decrease_date_time: "NonEmptyString",
                last_increase_date_time: "NonEmptyString",
                number_of_decreases_today: 1,
                read_capacity_units: 1,
                write_capacity_units: 1,
              },
            },
          ],
          global_table_version: "NonEmptyString",
          item_count: 1,
          key_schema: [
            {
              attribute_name: "NonEmptyString",
              key_type: "NonEmptyString",
            },
          ],
          latest_stream_arn: "NonEmptyString",
          latest_stream_label: "NonEmptyString",
          local_secondary_indexes: [
            {
              index_arn: "NonEmptyString",
              index_name: "NonEmptyString",
              key_schema: [
                {
                  attribute_name: "NonEmptyString",
                  key_type: "NonEmptyString",
                },
              ],
              projection: {
                non_key_attributes: ["NonEmptyString"],
                projection_type: "NonEmptyString",
              },
            },
          ],
          provisioned_throughput: {
            last_decrease_date_time: "NonEmptyString",
            last_increase_date_time: "NonEmptyString",
            number_of_decreases_today: 1,
            read_capacity_units: 1,
            write_capacity_units: 1,
          },
          replicas: [
            {
              global_secondary_indexes: [
                {
                  index_name: "NonEmptyString",
                  provisioned_throughput_override: {
                    read_capacity_units: 1,
                  },
                },
              ],
              kms_master_key_id: "NonEmptyString",
              provisioned_throughput_override: {
                read_capacity_units: 1,
              },
              region_name: "NonEmptyString",
              replica_status: "NonEmptyString",
              replica_status_description: "NonEmptyString",
            },
          ],
          restore_summary: {
            source_backup_arn: "NonEmptyString",
            source_table_arn: "NonEmptyString",
            restore_date_time: "NonEmptyString",
            restore_in_progress: false,
          },
          sse_description: {
            inaccessible_encryption_date_time: "NonEmptyString",
            status: "NonEmptyString",
            sse_type: "NonEmptyString",
            kms_master_key_arn: "NonEmptyString",
          },
          stream_specification: {
            stream_enabled: false,
            stream_view_type: "NonEmptyString",
          },
          table_id: "NonEmptyString",
          table_name: "NonEmptyString",
          table_size_bytes: 1,
          table_status: "NonEmptyString",
        },
        aws_api_gateway_stage: {
          deployment_id: "NonEmptyString",
          client_certificate_id: "NonEmptyString",
          stage_name: "NonEmptyString",
          description: "NonEmptyString",
          cache_cluster_enabled: false,
          cache_cluster_size: "NonEmptyString",
          cache_cluster_status: "NonEmptyString",
          method_settings: [
            {
              metrics_enabled: false,
              logging_level: "NonEmptyString",
              data_trace_enabled: false,
              throttling_burst_limit: 1,
              throttling_rate_limit: 1.0,
              caching_enabled: false,
              cache_ttl_in_seconds: 1,
              cache_data_encrypted: false,
              require_authorization_for_cache_control: false,
              unauthorized_cache_control_header_strategy: "NonEmptyString",
              http_method: "NonEmptyString",
              resource_path: "NonEmptyString",
            },
          ],
          variables: {
            "NonEmptyString" => "NonEmptyString",
          },
          documentation_version: "NonEmptyString",
          access_log_settings: {
            format: "NonEmptyString",
            destination_arn: "NonEmptyString",
          },
          canary_settings: {
            percent_traffic: 1.0,
            deployment_id: "NonEmptyString",
            stage_variable_overrides: {
              "NonEmptyString" => "NonEmptyString",
            },
            use_stage_cache: false,
          },
          tracing_enabled: false,
          created_date: "NonEmptyString",
          last_updated_date: "NonEmptyString",
          web_acl_arn: "NonEmptyString",
        },
        aws_api_gateway_rest_api: {
          id: "NonEmptyString",
          name: "NonEmptyString",
          description: "NonEmptyString",
          created_date: "NonEmptyString",
          version: "NonEmptyString",
          binary_media_types: ["NonEmptyString"],
          minimum_compression_size: 1,
          api_key_source: "NonEmptyString",
          endpoint_configuration: {
            types: ["NonEmptyString"],
          },
        },
        aws_cloud_trail_trail: {
          cloud_watch_logs_log_group_arn: "NonEmptyString",
          cloud_watch_logs_role_arn: "NonEmptyString",
          has_custom_event_selectors: false,
          home_region: "NonEmptyString",
          include_global_service_events: false,
          is_multi_region_trail: false,
          is_organization_trail: false,
          kms_key_id: "NonEmptyString",
          log_file_validation_enabled: false,
          name: "NonEmptyString",
          s3_bucket_name: "NonEmptyString",
          s3_key_prefix: "NonEmptyString",
          sns_topic_arn: "NonEmptyString",
          sns_topic_name: "NonEmptyString",
          trail_arn: "NonEmptyString",
        },
        aws_certificate_manager_certificate: {
          certificate_authority_arn: "NonEmptyString",
          created_at: "NonEmptyString",
          domain_name: "NonEmptyString",
          domain_validation_options: [
            {
              domain_name: "NonEmptyString",
              resource_record: {
                name: "NonEmptyString",
                type: "NonEmptyString",
                value: "NonEmptyString",
              },
              validation_domain: "NonEmptyString",
              validation_emails: ["NonEmptyString"],
              validation_method: "NonEmptyString",
              validation_status: "NonEmptyString",
            },
          ],
          extended_key_usages: [
            {
              name: "NonEmptyString",
              o_id: "NonEmptyString",
            },
          ],
          failure_reason: "NonEmptyString",
          imported_at: "NonEmptyString",
          in_use_by: ["NonEmptyString"],
          issued_at: "NonEmptyString",
          issuer: "NonEmptyString",
          key_algorithm: "NonEmptyString",
          key_usages: [
            {
              name: "NonEmptyString",
            },
          ],
          not_after: "NonEmptyString",
          not_before: "NonEmptyString",
          options: {
            certificate_transparency_logging_preference: "NonEmptyString",
          },
          renewal_eligibility: "NonEmptyString",
          renewal_summary: {
            domain_validation_options: [
              {
                domain_name: "NonEmptyString",
                resource_record: {
                  name: "NonEmptyString",
                  type: "NonEmptyString",
                  value: "NonEmptyString",
                },
                validation_domain: "NonEmptyString",
                validation_emails: ["NonEmptyString"],
                validation_method: "NonEmptyString",
                validation_status: "NonEmptyString",
              },
            ],
            renewal_status: "NonEmptyString",
            renewal_status_reason: "NonEmptyString",
            updated_at: "NonEmptyString",
          },
          serial: "NonEmptyString",
          signature_algorithm: "NonEmptyString",
          status: "NonEmptyString",
          subject: "NonEmptyString",
          subject_alternative_names: ["NonEmptyString"],
          type: "NonEmptyString",
        },
        aws_redshift_cluster: {
          allow_version_upgrade: false,
          automated_snapshot_retention_period: 1,
          availability_zone: "NonEmptyString",
          cluster_availability_status: "NonEmptyString",
          cluster_create_time: "NonEmptyString",
          cluster_identifier: "NonEmptyString",
          cluster_nodes: [
            {
              node_role: "NonEmptyString",
              private_ip_address: "NonEmptyString",
              public_ip_address: "NonEmptyString",
            },
          ],
          cluster_parameter_groups: [
            {
              cluster_parameter_status_list: [
                {
                  parameter_name: "NonEmptyString",
                  parameter_apply_status: "NonEmptyString",
                  parameter_apply_error_description: "NonEmptyString",
                },
              ],
              parameter_apply_status: "NonEmptyString",
              parameter_group_name: "NonEmptyString",
            },
          ],
          cluster_public_key: "NonEmptyString",
          cluster_revision_number: "NonEmptyString",
          cluster_security_groups: [
            {
              cluster_security_group_name: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          cluster_snapshot_copy_status: {
            destination_region: "NonEmptyString",
            manual_snapshot_retention_period: 1,
            retention_period: 1,
            snapshot_copy_grant_name: "NonEmptyString",
          },
          cluster_status: "NonEmptyString",
          cluster_subnet_group_name: "NonEmptyString",
          cluster_version: "NonEmptyString",
          db_name: "NonEmptyString",
          deferred_maintenance_windows: [
            {
              defer_maintenance_end_time: "NonEmptyString",
              defer_maintenance_identifier: "NonEmptyString",
              defer_maintenance_start_time: "NonEmptyString",
            },
          ],
          elastic_ip_status: {
            elastic_ip: "NonEmptyString",
            status: "NonEmptyString",
          },
          elastic_resize_number_of_node_options: "NonEmptyString",
          encrypted: false,
          endpoint: {
            address: "NonEmptyString",
            port: 1,
          },
          enhanced_vpc_routing: false,
          expected_next_snapshot_schedule_time: "NonEmptyString",
          expected_next_snapshot_schedule_time_status: "NonEmptyString",
          hsm_status: {
            hsm_client_certificate_identifier: "NonEmptyString",
            hsm_configuration_identifier: "NonEmptyString",
            status: "NonEmptyString",
          },
          iam_roles: [
            {
              apply_status: "NonEmptyString",
              iam_role_arn: "NonEmptyString",
            },
          ],
          kms_key_id: "NonEmptyString",
          maintenance_track_name: "NonEmptyString",
          manual_snapshot_retention_period: 1,
          master_username: "NonEmptyString",
          next_maintenance_window_start_time: "NonEmptyString",
          node_type: "NonEmptyString",
          number_of_nodes: 1,
          pending_actions: ["NonEmptyString"],
          pending_modified_values: {
            automated_snapshot_retention_period: 1,
            cluster_identifier: "NonEmptyString",
            cluster_type: "NonEmptyString",
            cluster_version: "NonEmptyString",
            encryption_type: "NonEmptyString",
            enhanced_vpc_routing: false,
            maintenance_track_name: "NonEmptyString",
            master_user_password: "NonEmptyString",
            node_type: "NonEmptyString",
            number_of_nodes: 1,
            publicly_accessible: false,
          },
          preferred_maintenance_window: "NonEmptyString",
          publicly_accessible: false,
          resize_info: {
            allow_cancel_resize: false,
            resize_type: "NonEmptyString",
          },
          restore_status: {
            current_restore_rate_in_mega_bytes_per_second: 1.0,
            elapsed_time_in_seconds: 1,
            estimated_time_to_completion_in_seconds: 1,
            progress_in_mega_bytes: 1,
            snapshot_size_in_mega_bytes: 1,
            status: "NonEmptyString",
          },
          snapshot_schedule_identifier: "NonEmptyString",
          snapshot_schedule_state: "NonEmptyString",
          vpc_id: "NonEmptyString",
          vpc_security_groups: [
            {
              status: "NonEmptyString",
              vpc_security_group_id: "NonEmptyString",
            },
          ],
        },
        aws_elb_load_balancer: {
          availability_zones: ["NonEmptyString"],
          backend_server_descriptions: [
            {
              instance_port: 1,
              policy_names: ["NonEmptyString"],
            },
          ],
          canonical_hosted_zone_name: "NonEmptyString",
          canonical_hosted_zone_name_id: "NonEmptyString",
          created_time: "NonEmptyString",
          dns_name: "NonEmptyString",
          health_check: {
            healthy_threshold: 1,
            interval: 1,
            target: "NonEmptyString",
            timeout: 1,
            unhealthy_threshold: 1,
          },
          instances: [
            {
              instance_id: "NonEmptyString",
            },
          ],
          listener_descriptions: [
            {
              listener: {
                instance_port: 1,
                instance_protocol: "NonEmptyString",
                load_balancer_port: 1,
                protocol: "NonEmptyString",
                ssl_certificate_id: "NonEmptyString",
              },
              policy_names: ["NonEmptyString"],
            },
          ],
          load_balancer_attributes: {
            access_log: {
              emit_interval: 1,
              enabled: false,
              s3_bucket_name: "NonEmptyString",
              s3_bucket_prefix: "NonEmptyString",
            },
            connection_draining: {
              enabled: false,
              timeout: 1,
            },
            connection_settings: {
              idle_timeout: 1,
            },
            cross_zone_load_balancing: {
              enabled: false,
            },
          },
          load_balancer_name: "NonEmptyString",
          policies: {
            app_cookie_stickiness_policies: [
              {
                cookie_name: "NonEmptyString",
                policy_name: "NonEmptyString",
              },
            ],
            lb_cookie_stickiness_policies: [
              {
                cookie_expiration_period: 1,
                policy_name: "NonEmptyString",
              },
            ],
            other_policies: ["NonEmptyString"],
          },
          scheme: "NonEmptyString",
          security_groups: ["NonEmptyString"],
          source_security_group: {
            group_name: "NonEmptyString",
            owner_alias: "NonEmptyString",
          },
          subnets: ["NonEmptyString"],
          vpc_id: "NonEmptyString",
        },
        aws_iam_group: {
          attached_managed_policies: [
            {
              policy_name: "NonEmptyString",
              policy_arn: "NonEmptyString",
            },
          ],
          create_date: "NonEmptyString",
          group_id: "NonEmptyString",
          group_name: "NonEmptyString",
          group_policy_list: [
            {
              policy_name: "NonEmptyString",
            },
          ],
          path: "NonEmptyString",
        },
        aws_iam_role: {
          assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument",
          attached_managed_policies: [
            {
              policy_name: "NonEmptyString",
              policy_arn: "NonEmptyString",
            },
          ],
          create_date: "NonEmptyString",
          instance_profile_list: [
            {
              arn: "NonEmptyString",
              create_date: "NonEmptyString",
              instance_profile_id: "NonEmptyString",
              instance_profile_name: "NonEmptyString",
              path: "NonEmptyString",
              roles: [
                {
                  arn: "NonEmptyString",
                  assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument",
                  create_date: "NonEmptyString",
                  path: "NonEmptyString",
                  role_id: "NonEmptyString",
                  role_name: "NonEmptyString",
                },
              ],
            },
          ],
          permissions_boundary: {
            permissions_boundary_arn: "NonEmptyString",
            permissions_boundary_type: "NonEmptyString",
          },
          role_id: "NonEmptyString",
          role_name: "NonEmptyString",
          role_policy_list: [
            {
              policy_name: "NonEmptyString",
            },
          ],
          max_session_duration: 1,
          path: "NonEmptyString",
        },
        aws_kms_key: {
          aws_account_id: "NonEmptyString",
          creation_date: 1.0,
          key_id: "NonEmptyString",
          key_manager: "NonEmptyString",
          key_state: "NonEmptyString",
          origin: "NonEmptyString",
          description: "NonEmptyString",
        },
        aws_lambda_function: {
          code: {
            s3_bucket: "NonEmptyString",
            s3_key: "NonEmptyString",
            s3_object_version: "NonEmptyString",
            zip_file: "NonEmptyString",
          },
          code_sha_256: "NonEmptyString",
          dead_letter_config: {
            target_arn: "NonEmptyString",
          },
          environment: {
            variables: {
              "NonEmptyString" => "NonEmptyString",
            },
            error: {
              error_code: "NonEmptyString",
              message: "NonEmptyString",
            },
          },
          function_name: "NonEmptyString",
          handler: "NonEmptyString",
          kms_key_arn: "NonEmptyString",
          last_modified: "NonEmptyString",
          layers: [
            {
              arn: "NonEmptyString",
              code_size: 1,
            },
          ],
          master_arn: "NonEmptyString",
          memory_size: 1,
          revision_id: "NonEmptyString",
          role: "NonEmptyString",
          runtime: "NonEmptyString",
          timeout: 1,
          tracing_config: {
            mode: "NonEmptyString",
          },
          vpc_config: {
            security_group_ids: ["NonEmptyString"],
            subnet_ids: ["NonEmptyString"],
            vpc_id: "NonEmptyString",
          },
          version: "NonEmptyString",
        },
        aws_lambda_layer_version: {
          version: 1,
          compatible_runtimes: ["NonEmptyString"],
          created_date: "NonEmptyString",
        },
        aws_rds_db_instance: {
          associated_roles: [
            {
              role_arn: "NonEmptyString",
              feature_name: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          ca_certificate_identifier: "NonEmptyString",
          db_cluster_identifier: "NonEmptyString",
          db_instance_identifier: "NonEmptyString",
          db_instance_class: "NonEmptyString",
          db_instance_port: 1,
          dbi_resource_id: "NonEmptyString",
          db_name: "NonEmptyString",
          deletion_protection: false,
          endpoint: {
            address: "NonEmptyString",
            port: 1,
            hosted_zone_id: "NonEmptyString",
          },
          engine: "NonEmptyString",
          engine_version: "NonEmptyString",
          iam_database_authentication_enabled: false,
          instance_create_time: "NonEmptyString",
          kms_key_id: "NonEmptyString",
          publicly_accessible: false,
          storage_encrypted: false,
          tde_credential_arn: "NonEmptyString",
          vpc_security_groups: [
            {
              vpc_security_group_id: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          multi_az: false,
          enhanced_monitoring_resource_arn: "NonEmptyString",
          db_instance_status: "NonEmptyString",
          master_username: "NonEmptyString",
          allocated_storage: 1,
          preferred_backup_window: "NonEmptyString",
          backup_retention_period: 1,
          db_security_groups: ["NonEmptyString"],
          db_parameter_groups: [
            {
              db_parameter_group_name: "NonEmptyString",
              parameter_apply_status: "NonEmptyString",
            },
          ],
          availability_zone: "NonEmptyString",
          db_subnet_group: {
            db_subnet_group_name: "NonEmptyString",
            db_subnet_group_description: "NonEmptyString",
            vpc_id: "NonEmptyString",
            subnet_group_status: "NonEmptyString",
            subnets: [
              {
                subnet_identifier: "NonEmptyString",
                subnet_availability_zone: {
                  name: "NonEmptyString",
                },
                subnet_status: "NonEmptyString",
              },
            ],
            db_subnet_group_arn: "NonEmptyString",
          },
          preferred_maintenance_window: "NonEmptyString",
          pending_modified_values: {
            db_instance_class: "NonEmptyString",
            allocated_storage: 1,
            master_user_password: "NonEmptyString",
            port: 1,
            backup_retention_period: 1,
            multi_az: false,
            engine_version: "NonEmptyString",
            license_model: "NonEmptyString",
            iops: 1,
            db_instance_identifier: "NonEmptyString",
            storage_type: "NonEmptyString",
            ca_certificate_identifier: "NonEmptyString",
            db_subnet_group_name: "NonEmptyString",
            pending_cloud_watch_logs_exports: {
              log_types_to_enable: ["NonEmptyString"],
              log_types_to_disable: ["NonEmptyString"],
            },
            processor_features: [
              {
                name: "NonEmptyString",
                value: "NonEmptyString",
              },
            ],
          },
          latest_restorable_time: "NonEmptyString",
          auto_minor_version_upgrade: false,
          read_replica_source_db_instance_identifier: "NonEmptyString",
          read_replica_db_instance_identifiers: ["NonEmptyString"],
          read_replica_db_cluster_identifiers: ["NonEmptyString"],
          license_model: "NonEmptyString",
          iops: 1,
          option_group_memberships: [
            {
              option_group_name: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          character_set_name: "NonEmptyString",
          secondary_availability_zone: "NonEmptyString",
          status_infos: [
            {
              status_type: "NonEmptyString",
              normal: false,
              status: "NonEmptyString",
              message: "NonEmptyString",
            },
          ],
          storage_type: "NonEmptyString",
          domain_memberships: [
            {
              domain: "NonEmptyString",
              status: "NonEmptyString",
              fqdn: "NonEmptyString",
              iam_role_name: "NonEmptyString",
            },
          ],
          copy_tags_to_snapshot: false,
          monitoring_interval: 1,
          monitoring_role_arn: "NonEmptyString",
          promotion_tier: 1,
          timezone: "NonEmptyString",
          performance_insights_enabled: false,
          performance_insights_kms_key_id: "NonEmptyString",
          performance_insights_retention_period: 1,
          enabled_cloud_watch_logs_exports: ["NonEmptyString"],
          processor_features: [
            {
              name: "NonEmptyString",
              value: "NonEmptyString",
            },
          ],
          listener_endpoint: {
            address: "NonEmptyString",
            port: 1,
            hosted_zone_id: "NonEmptyString",
          },
          max_allocated_storage: 1,
        },
        aws_sns_topic: {
          kms_master_key_id: "NonEmptyString",
          subscription: [
            {
              endpoint: "NonEmptyString",
              protocol: "NonEmptyString",
            },
          ],
          topic_name: "NonEmptyString",
          owner: "NonEmptyString",
        },
        aws_sqs_queue: {
          kms_data_key_reuse_period_seconds: 1,
          kms_master_key_id: "NonEmptyString",
          queue_name: "NonEmptyString",
          dead_letter_target_arn: "NonEmptyString",
        },
        aws_waf_web_acl: {
          name: "NonEmptyString",
          default_action: "NonEmptyString",
          rules: [
            {
              action: {
                type: "NonEmptyString",
              },
              excluded_rules: [
                {
                  rule_id: "NonEmptyString",
                },
              ],
              override_action: {
                type: "NonEmptyString",
              },
              priority: 1,
              rule_id: "NonEmptyString",
              type: "NonEmptyString",
            },
          ],
          web_acl_id: "NonEmptyString",
        },
        aws_rds_db_snapshot: {
          db_snapshot_identifier: "NonEmptyString",
          db_instance_identifier: "NonEmptyString",
          snapshot_create_time: "NonEmptyString",
          engine: "NonEmptyString",
          allocated_storage: 1,
          status: "NonEmptyString",
          port: 1,
          availability_zone: "NonEmptyString",
          vpc_id: "NonEmptyString",
          instance_create_time: "NonEmptyString",
          master_username: "NonEmptyString",
          engine_version: "NonEmptyString",
          license_model: "NonEmptyString",
          snapshot_type: "NonEmptyString",
          iops: 1,
          option_group_name: "NonEmptyString",
          percent_progress: 1,
          source_region: "NonEmptyString",
          source_db_snapshot_identifier: "NonEmptyString",
          storage_type: "NonEmptyString",
          tde_credential_arn: "NonEmptyString",
          encrypted: false,
          kms_key_id: "NonEmptyString",
          timezone: "NonEmptyString",
          iam_database_authentication_enabled: false,
          processor_features: [
            {
              name: "NonEmptyString",
              value: "NonEmptyString",
            },
          ],
          dbi_resource_id: "NonEmptyString",
        },
        aws_rds_db_cluster_snapshot: {
          availability_zones: ["NonEmptyString"],
          snapshot_create_time: "NonEmptyString",
          engine: "NonEmptyString",
          allocated_storage: 1,
          status: "NonEmptyString",
          port: 1,
          vpc_id: "NonEmptyString",
          cluster_create_time: "NonEmptyString",
          master_username: "NonEmptyString",
          engine_version: "NonEmptyString",
          license_model: "NonEmptyString",
          snapshot_type: "NonEmptyString",
          percent_progress: 1,
          storage_encrypted: false,
          kms_key_id: "NonEmptyString",
          db_cluster_identifier: "NonEmptyString",
          db_cluster_snapshot_identifier: "NonEmptyString",
          iam_database_authentication_enabled: false,
        },
        aws_rds_db_cluster: {
          allocated_storage: 1,
          availability_zones: ["NonEmptyString"],
          backup_retention_period: 1,
          database_name: "NonEmptyString",
          status: "NonEmptyString",
          endpoint: "NonEmptyString",
          reader_endpoint: "NonEmptyString",
          custom_endpoints: ["NonEmptyString"],
          multi_az: false,
          engine: "NonEmptyString",
          engine_version: "NonEmptyString",
          port: 1,
          master_username: "NonEmptyString",
          preferred_backup_window: "NonEmptyString",
          preferred_maintenance_window: "NonEmptyString",
          read_replica_identifiers: ["NonEmptyString"],
          vpc_security_groups: [
            {
              vpc_security_group_id: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          hosted_zone_id: "NonEmptyString",
          storage_encrypted: false,
          kms_key_id: "NonEmptyString",
          db_cluster_resource_id: "NonEmptyString",
          associated_roles: [
            {
              role_arn: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          cluster_create_time: "NonEmptyString",
          enabled_cloud_watch_logs_exports: ["NonEmptyString"],
          engine_mode: "NonEmptyString",
          deletion_protection: false,
          http_endpoint_enabled: false,
          activity_stream_status: "NonEmptyString",
          copy_tags_to_snapshot: false,
          cross_account_clone: false,
          domain_memberships: [
            {
              domain: "NonEmptyString",
              status: "NonEmptyString",
              fqdn: "NonEmptyString",
              iam_role_name: "NonEmptyString",
            },
          ],
          db_cluster_parameter_group: "NonEmptyString",
          db_subnet_group: "NonEmptyString",
          db_cluster_option_group_memberships: [
            {
              db_cluster_option_group_name: "NonEmptyString",
              status: "NonEmptyString",
            },
          ],
          db_cluster_identifier: "NonEmptyString",
          db_cluster_members: [
            {
              is_cluster_writer: false,
              promotion_tier: 1,
              db_instance_identifier: "NonEmptyString",
              db_cluster_parameter_group_status: "NonEmptyString",
            },
          ],
          iam_database_authentication_enabled: false,
        },
        container: {
          name: "NonEmptyString",
          image_id: "NonEmptyString",
          image_name: "NonEmptyString",
          launched_at: "NonEmptyString",
        },
        other: {
          "NonEmptyString" => "NonEmptyString",
        },
      },
    },
  ],
  compliance: {
    status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE
    related_requirements: ["NonEmptyString"],
    status_reasons: [
      {
        reason_code: "NonEmptyString", # required
        description: "NonEmptyString",
      },
    ],
  },
  verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE
  workflow_state: "NEW", # accepts NEW, ASSIGNED, IN_PROGRESS, DEFERRED, RESOLVED
  workflow: {
    status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED
  },
  record_state: "ACTIVE", # accepts ACTIVE, ARCHIVED
  related_findings: [
    {
      product_arn: "NonEmptyString", # required
      id: "NonEmptyString", # required
    },
  ],
  note: {
    text: "NonEmptyString", # required
    updated_by: "NonEmptyString", # required
    updated_at: "NonEmptyString", # required
  },
  vulnerabilities: [
    {
      id: "NonEmptyString", # required
      vulnerable_packages: [
        {
          name: "NonEmptyString",
          version: "NonEmptyString",
          epoch: "NonEmptyString",
          release: "NonEmptyString",
          architecture: "NonEmptyString",
        },
      ],
      cvss: [
        {
          version: "NonEmptyString",
          base_score: 1.0,
          base_vector: "NonEmptyString",
        },
      ],
      related_vulnerabilities: ["NonEmptyString"],
      vendor: {
        name: "NonEmptyString", # required
        url: "NonEmptyString",
        vendor_severity: "NonEmptyString",
        vendor_created_at: "NonEmptyString",
        vendor_updated_at: "NonEmptyString",
      },
      reference_urls: ["NonEmptyString"],
    },
  ],
  patch_summary: {
    id: "NonEmptyString", # required
    installed_count: 1,
    missing_count: 1,
    failed_count: 1,
    installed_other_count: 1,
    installed_rejected_count: 1,
    installed_pending_reboot: 1,
    operation_start_time: "NonEmptyString",
    operation_end_time: "NonEmptyString",
    reboot_option: "NonEmptyString",
    operation: "NonEmptyString",
  },
}

Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and security standards checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.

Instance Attribute Summary collapse

Instance Attribute Details

#aws_account_idString

The AWS account ID that a finding is generated in.

Returns:

  • (String)

    The AWS account ID that a finding is generated in.

#complianceTypes::Compliance

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.

Returns:

  • (Types::Compliance)

    This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations.

#confidenceInteger

A finding\'s confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:

  • (Integer)

    A finding\'s confidence.

#created_atString

Indicates when the security-findings provider created the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)

    Indicates when the security-findings provider created the potential security issue that a finding captured.

#criticalityInteger

The level of importance assigned to the resources associated with the finding.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:

  • (Integer)

    The level of importance assigned to the resources associated with the finding.

#descriptionString

A finding\'s description.

In this release, Description is a required property.

Returns:

  • (String)

    A finding\'s description.

#first_observed_atString

Indicates when the security-findings provider first observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)

    Indicates when the security-findings provider first observed the potential security issue that a finding captured.

#generator_idString

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers\' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.

Returns:

  • (String)

    The identifier for the solution-specific component (a discrete unit of logic) that generated a finding.

#idString

The security findings provider-specific identifier for a finding.

Returns:

  • (String)

    The security findings provider-specific identifier for a finding.

#last_observed_atString

Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)

    Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

#malwareArray<Types::Malware>

A list of malware related to a finding.

Returns:

#networkTypes::Network

The details of network-related information about a finding.

Returns:

  • (Types::Network)

    The details of network-related information about a finding.

#network_pathArray<Types::NetworkPathComponent>

Provides information about a network path that is relevant to a finding. Each entry under NetworkPath represents a component of that path.

Returns:

#noteTypes::Note

A user-defined note added to a finding.

Returns:

  • (Types::Note)

    A user-defined note added to a finding.

#patch_summaryTypes::PatchSummary

Provides an overview of the patch compliance status for an instance against a selected compliance standard.

Returns:

  • (Types::PatchSummary)

    Provides an overview of the patch compliance status for an instance against a selected compliance standard.

#processTypes::ProcessDetails

The details of process-related information about a finding.

Returns:

#product_arnString

The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.

Returns:

  • (String)

    The ARN generated by Security Hub that uniquely identifies a product that generates findings.

#product_fieldsHash<String,String>

A data type where security-findings providers can include additional solution-specific details that aren\'t part of the defined AwsSecurityFinding format.

Returns:

  • (Hash<String,String>)

    A data type where security-findings providers can include additional solution-specific details that aren\'t part of the defined AwsSecurityFinding format.

#record_stateString

The record state of a finding.

Possible values:

  • ACTIVE
  • ARCHIVED

Returns:

  • (String)

    The record state of a finding.

A list of related findings.

Returns:

#remediationTypes::Remediation

A data type that describes the remediation options for a finding.

Returns:

  • (Types::Remediation)

    A data type that describes the remediation options for a finding.

#resourcesArray<Types::Resource>

A set of resource data types that describe the resources that the finding refers to.

Returns:

  • (Array<Types::Resource>)

    A set of resource data types that describe the resources that the finding refers to.

#schema_versionString

The schema version that a finding is formatted for.

Returns:

  • (String)

    The schema version that a finding is formatted for.

#severityTypes::Severity

A finding\'s severity.

Returns:

#source_urlString

A URL that links to a page about the current finding in the security-findings provider\'s solution.

Returns:

  • (String)

    A URL that links to a page about the current finding in the security-findings provider\'s solution.

#threat_intel_indicatorsArray<Types::ThreatIntelIndicator>

Threat intelligence details related to a finding.

Returns:

#titleString

A finding\'s title.

In this release, Title is a required property.

Returns:

  • (String)

    A finding\'s title.

#typesArray<String>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

Returns:

  • (Array<String>)

    One or more finding types in the format of namespace/category/classifier that classify a finding.

#updated_atString

Indicates when the security-findings provider last updated the finding record.

Uses the date-time format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z.

Returns:

  • (String)

    Indicates when the security-findings provider last updated the finding record.

#user_defined_fieldsHash<String,String>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Returns:

  • (Hash<String,String>)

    A list of name/value string pairs associated with the finding.

#verification_stateString

Indicates the veracity of a finding.

Possible values:

  • UNKNOWN
  • TRUE_POSITIVE
  • FALSE_POSITIVE
  • BENIGN_POSITIVE

Returns:

  • (String)

    Indicates the veracity of a finding.

#vulnerabilitiesArray<Types::Vulnerability>

Provides a list of vulnerabilities associated with the findings.

Returns:

  • (Array<Types::Vulnerability>)

    Provides a list of vulnerabilities associated with the findings.

#workflowTypes::Workflow

Provides information about the status of the investigation into a finding.

Returns:

  • (Types::Workflow)

    Provides information about the status of the investigation into a finding.

#workflow_stateString

The workflow state of a finding.

Possible values:

  • NEW
  • ASSIGNED
  • IN_PROGRESS
  • DEFERRED
  • RESOLVED

Returns:

  • (String)

    The workflow state of a finding.