class Aws::SecurityHub::Types::Action
Provides details about one of the following actions that affects or that was taken on a resource:
-
A remote IP address issued an Amazon Web Services API call
-
A DNS request was received
-
A remote IP address attempted to connect to an EC2 instance
-
A remote IP address attempted a port probe on an EC2 instance
@note When making an API call, you may pass Action
data as a hash: { action_type: "NonEmptyString", network_connection_action: { connection_direction: "NonEmptyString", remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, remote_port_details: { port: 1, port_name: "NonEmptyString", }, local_port_details: { port: 1, port_name: "NonEmptyString", }, protocol: "NonEmptyString", blocked: false, }, aws_api_call_action: { api: "NonEmptyString", service_name: "NonEmptyString", caller_type: "NonEmptyString", remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, domain_details: { domain: "NonEmptyString", }, affected_resources: { "NonEmptyString" => "NonEmptyString", }, first_seen: "NonEmptyString", last_seen: "NonEmptyString", }, dns_request_action: { domain: "NonEmptyString", protocol: "NonEmptyString", blocked: false, }, port_probe_action: { port_probe_details: [ { local_port_details: { port: 1, port_name: "NonEmptyString", }, local_ip_details: { ip_address_v4: "NonEmptyString", }, remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, }, ], blocked: false, }, }
@!attribute [rw] action_type
The type of action that was detected. The possible action types are: * `NETWORK_CONNECTION` * `AWS_API_CALL` * `DNS_REQUEST` * `PORT_PROBE` @return [String]
@!attribute [rw] network_connection_action
Included if `ActionType` is `NETWORK_CONNECTION`. Provides details about the network connection that was detected. @return [Types::NetworkConnectionAction]
@!attribute [rw] aws_api_call_action
Included if `ActionType` is `AWS_API_CALL`. Provides details about the API call that was detected. @return [Types::AwsApiCallAction]
@!attribute [rw] dns_request_action
Included if `ActionType` is `DNS_REQUEST`. Provides details about the DNS request that was detected. @return [Types::DnsRequestAction]
@!attribute [rw] port_probe_action
Included if `ActionType` is `PORT_PROBE`. Provides details about the port probe that was detected. @return [Types::PortProbeAction]
@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation
Constants
- SENSITIVE