class Aws::SecurityHub::Types::AwsSecurityFinding
Provides consistent format for the contents of the Security Hub-aggregated findings. `AwsSecurityFinding` format enables you to share findings between Amazon Web Services security services and third-party solutions, and security standards checks.
<note markdown=“1”> A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.
</note>
@note When making an API call, you may pass AwsSecurityFinding
data as a hash: { schema_version: "NonEmptyString", # required id: "NonEmptyString", # required product_arn: "NonEmptyString", # required product_name: "NonEmptyString", company_name: "NonEmptyString", region: "NonEmptyString", generator_id: "NonEmptyString", # required aws_account_id: "NonEmptyString", # required types: ["NonEmptyString"], first_observed_at: "NonEmptyString", last_observed_at: "NonEmptyString", created_at: "NonEmptyString", # required updated_at: "NonEmptyString", # required severity: { product: 1.0, label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL normalized: 1, original: "NonEmptyString", }, confidence: 1, criticality: 1, title: "NonEmptyString", # required description: "NonEmptyString", # required remediation: { recommendation: { text: "NonEmptyString", url: "NonEmptyString", }, }, source_url: "NonEmptyString", product_fields: { "NonEmptyString" => "NonEmptyString", }, user_defined_fields: { "NonEmptyString" => "NonEmptyString", }, malware: [ { name: "NonEmptyString", # required type: "ADWARE", # accepts ADWARE, BLENDED_THREAT, BOTNET_AGENT, COIN_MINER, EXPLOIT_KIT, KEYLOGGER, MACRO, POTENTIALLY_UNWANTED, SPYWARE, RANSOMWARE, REMOTE_ACCESS, ROOTKIT, TROJAN, VIRUS, WORM path: "NonEmptyString", state: "OBSERVED", # accepts OBSERVED, REMOVAL_FAILED, REMOVED }, ], network: { direction: "IN", # accepts IN, OUT protocol: "NonEmptyString", open_port_range: { begin: 1, end: 1, }, source_ip_v4: "NonEmptyString", source_ip_v6: "NonEmptyString", source_port: 1, source_domain: "NonEmptyString", source_mac: "NonEmptyString", destination_ip_v4: "NonEmptyString", destination_ip_v6: "NonEmptyString", destination_port: 1, destination_domain: "NonEmptyString", }, network_path: [ { component_id: "NonEmptyString", component_type: "NonEmptyString", egress: { protocol: "NonEmptyString", destination: { address: ["NonEmptyString"], port_ranges: [ { begin: 1, end: 1, }, ], }, source: { address: ["NonEmptyString"], port_ranges: [ { begin: 1, end: 1, }, ], }, }, ingress: { protocol: "NonEmptyString", destination: { address: ["NonEmptyString"], port_ranges: [ { begin: 1, end: 1, }, ], }, source: { address: ["NonEmptyString"], port_ranges: [ { begin: 1, end: 1, }, ], }, }, }, ], process: { name: "NonEmptyString", path: "NonEmptyString", pid: 1, parent_pid: 1, launched_at: "NonEmptyString", terminated_at: "NonEmptyString", }, threat_intel_indicators: [ { type: "DOMAIN", # accepts DOMAIN, EMAIL_ADDRESS, HASH_MD5, HASH_SHA1, HASH_SHA256, HASH_SHA512, IPV4_ADDRESS, IPV6_ADDRESS, MUTEX, PROCESS, URL value: "NonEmptyString", category: "BACKDOOR", # accepts BACKDOOR, CARD_STEALER, COMMAND_AND_CONTROL, DROP_SITE, EXPLOIT_SITE, KEYLOGGER last_observed_at: "NonEmptyString", source: "NonEmptyString", source_url: "NonEmptyString", }, ], resources: [ # required { type: "NonEmptyString", # required id: "NonEmptyString", # required partition: "aws", # accepts aws, aws-cn, aws-us-gov region: "NonEmptyString", resource_role: "NonEmptyString", tags: { "NonEmptyString" => "NonEmptyString", }, data_classification: { detailed_results_location: "NonEmptyString", result: { mime_type: "NonEmptyString", size_classified: 1, additional_occurrences: false, status: { code: "NonEmptyString", reason: "NonEmptyString", }, sensitive_data: [ { category: "NonEmptyString", detections: [ { count: 1, type: "NonEmptyString", occurrences: { line_ranges: [ { start: 1, end: 1, start_column: 1, }, ], offset_ranges: [ { start: 1, end: 1, start_column: 1, }, ], pages: [ { page_number: 1, line_range: { start: 1, end: 1, start_column: 1, }, offset_range: { start: 1, end: 1, start_column: 1, }, }, ], records: [ { json_path: "NonEmptyString", record_index: 1, }, ], cells: [ { column: 1, row: 1, column_name: "NonEmptyString", cell_reference: "NonEmptyString", }, ], }, }, ], total_count: 1, }, ], custom_data_identifiers: { detections: [ { count: 1, arn: "NonEmptyString", name: "NonEmptyString", occurrences: { line_ranges: [ { start: 1, end: 1, start_column: 1, }, ], offset_ranges: [ { start: 1, end: 1, start_column: 1, }, ], pages: [ { page_number: 1, line_range: { start: 1, end: 1, start_column: 1, }, offset_range: { start: 1, end: 1, start_column: 1, }, }, ], records: [ { json_path: "NonEmptyString", record_index: 1, }, ], cells: [ { column: 1, row: 1, column_name: "NonEmptyString", cell_reference: "NonEmptyString", }, ], }, }, ], total_count: 1, }, }, }, details: { aws_auto_scaling_auto_scaling_group: { launch_configuration_name: "NonEmptyString", load_balancer_names: ["NonEmptyString"], health_check_type: "NonEmptyString", health_check_grace_period: 1, created_time: "NonEmptyString", }, aws_code_build_project: { encryption_key: "NonEmptyString", environment: { certificate: "NonEmptyString", image_pull_credentials_type: "NonEmptyString", registry_credential: { credential: "NonEmptyString", credential_provider: "NonEmptyString", }, type: "NonEmptyString", }, name: "NonEmptyString", source: { type: "NonEmptyString", location: "NonEmptyString", git_clone_depth: 1, insecure_ssl: false, }, service_role: "NonEmptyString", vpc_config: { vpc_id: "NonEmptyString", subnets: ["NonEmptyString"], security_group_ids: ["NonEmptyString"], }, }, aws_cloud_front_distribution: { cache_behaviors: { items: [ { viewer_protocol_policy: "NonEmptyString", }, ], }, default_cache_behavior: { viewer_protocol_policy: "NonEmptyString", }, default_root_object: "NonEmptyString", domain_name: "NonEmptyString", etag: "NonEmptyString", last_modified_time: "NonEmptyString", logging: { bucket: "NonEmptyString", enabled: false, include_cookies: false, prefix: "NonEmptyString", }, origins: { items: [ { domain_name: "NonEmptyString", id: "NonEmptyString", origin_path: "NonEmptyString", s3_origin_config: { origin_access_identity: "NonEmptyString", }, }, ], }, origin_groups: { items: [ { failover_criteria: { status_codes: { items: [1], quantity: 1, }, }, }, ], }, status: "NonEmptyString", web_acl_id: "NonEmptyString", }, aws_ec2_instance: { type: "NonEmptyString", image_id: "NonEmptyString", ip_v4_addresses: ["NonEmptyString"], ip_v6_addresses: ["NonEmptyString"], key_name: "NonEmptyString", iam_instance_profile_arn: "NonEmptyString", vpc_id: "NonEmptyString", subnet_id: "NonEmptyString", launched_at: "NonEmptyString", network_interfaces: [ { network_interface_id: "NonEmptyString", }, ], }, aws_ec2_network_interface: { attachment: { attach_time: "NonEmptyString", attachment_id: "NonEmptyString", delete_on_termination: false, device_index: 1, instance_id: "NonEmptyString", instance_owner_id: "NonEmptyString", status: "NonEmptyString", }, network_interface_id: "NonEmptyString", security_groups: [ { group_name: "NonEmptyString", group_id: "NonEmptyString", }, ], source_dest_check: false, ip_v6_addresses: [ { ip_v6_address: "NonEmptyString", }, ], private_ip_addresses: [ { private_ip_address: "NonEmptyString", private_dns_name: "NonEmptyString", }, ], public_dns_name: "NonEmptyString", public_ip: "NonEmptyString", }, aws_ec2_security_group: { group_name: "NonEmptyString", group_id: "NonEmptyString", owner_id: "NonEmptyString", vpc_id: "NonEmptyString", ip_permissions: [ { ip_protocol: "NonEmptyString", from_port: 1, to_port: 1, user_id_group_pairs: [ { group_id: "NonEmptyString", group_name: "NonEmptyString", peering_status: "NonEmptyString", user_id: "NonEmptyString", vpc_id: "NonEmptyString", vpc_peering_connection_id: "NonEmptyString", }, ], ip_ranges: [ { cidr_ip: "NonEmptyString", }, ], ipv_6_ranges: [ { cidr_ipv_6: "NonEmptyString", }, ], prefix_list_ids: [ { prefix_list_id: "NonEmptyString", }, ], }, ], ip_permissions_egress: [ { ip_protocol: "NonEmptyString", from_port: 1, to_port: 1, user_id_group_pairs: [ { group_id: "NonEmptyString", group_name: "NonEmptyString", peering_status: "NonEmptyString", user_id: "NonEmptyString", vpc_id: "NonEmptyString", vpc_peering_connection_id: "NonEmptyString", }, ], ip_ranges: [ { cidr_ip: "NonEmptyString", }, ], ipv_6_ranges: [ { cidr_ipv_6: "NonEmptyString", }, ], prefix_list_ids: [ { prefix_list_id: "NonEmptyString", }, ], }, ], }, aws_ec2_volume: { create_time: "NonEmptyString", encrypted: false, size: 1, snapshot_id: "NonEmptyString", status: "NonEmptyString", kms_key_id: "NonEmptyString", attachments: [ { attach_time: "NonEmptyString", delete_on_termination: false, instance_id: "NonEmptyString", status: "NonEmptyString", }, ], }, aws_ec2_vpc: { cidr_block_association_set: [ { association_id: "NonEmptyString", cidr_block: "NonEmptyString", cidr_block_state: "NonEmptyString", }, ], ipv_6_cidr_block_association_set: [ { association_id: "NonEmptyString", ipv_6_cidr_block: "NonEmptyString", cidr_block_state: "NonEmptyString", }, ], dhcp_options_id: "NonEmptyString", state: "NonEmptyString", }, aws_ec2_eip: { instance_id: "NonEmptyString", public_ip: "NonEmptyString", allocation_id: "NonEmptyString", association_id: "NonEmptyString", domain: "NonEmptyString", public_ipv_4_pool: "NonEmptyString", network_border_group: "NonEmptyString", network_interface_id: "NonEmptyString", network_interface_owner_id: "NonEmptyString", private_ip_address: "NonEmptyString", }, aws_ec2_subnet: { assign_ipv_6_address_on_creation: false, availability_zone: "NonEmptyString", availability_zone_id: "NonEmptyString", available_ip_address_count: 1, cidr_block: "NonEmptyString", default_for_az: false, map_public_ip_on_launch: false, owner_id: "NonEmptyString", state: "NonEmptyString", subnet_arn: "NonEmptyString", subnet_id: "NonEmptyString", vpc_id: "NonEmptyString", ipv_6_cidr_block_association_set: [ { association_id: "NonEmptyString", ipv_6_cidr_block: "NonEmptyString", cidr_block_state: "NonEmptyString", }, ], }, aws_ec2_network_acl: { is_default: false, network_acl_id: "NonEmptyString", owner_id: "NonEmptyString", vpc_id: "NonEmptyString", associations: [ { network_acl_association_id: "NonEmptyString", network_acl_id: "NonEmptyString", subnet_id: "NonEmptyString", }, ], entries: [ { cidr_block: "NonEmptyString", egress: false, icmp_type_code: { code: 1, type: 1, }, ipv_6_cidr_block: "NonEmptyString", port_range: { from: 1, to: 1, }, protocol: "NonEmptyString", rule_action: "NonEmptyString", rule_number: 1, }, ], }, aws_elbv_2_load_balancer: { availability_zones: [ { zone_name: "NonEmptyString", subnet_id: "NonEmptyString", }, ], canonical_hosted_zone_id: "NonEmptyString", created_time: "NonEmptyString", dns_name: "NonEmptyString", ip_address_type: "NonEmptyString", scheme: "NonEmptyString", security_groups: ["NonEmptyString"], state: { code: "NonEmptyString", reason: "NonEmptyString", }, type: "NonEmptyString", vpc_id: "NonEmptyString", }, aws_elastic_beanstalk_environment: { application_name: "NonEmptyString", cname: "NonEmptyString", date_created: "NonEmptyString", date_updated: "NonEmptyString", description: "NonEmptyString", endpoint_url: "NonEmptyString", environment_arn: "NonEmptyString", environment_id: "NonEmptyString", environment_links: [ { environment_name: "NonEmptyString", link_name: "NonEmptyString", }, ], environment_name: "NonEmptyString", option_settings: [ { namespace: "NonEmptyString", option_name: "NonEmptyString", resource_name: "NonEmptyString", value: "NonEmptyString", }, ], platform_arn: "NonEmptyString", solution_stack_name: "NonEmptyString", status: "NonEmptyString", tier: { name: "NonEmptyString", type: "NonEmptyString", version: "NonEmptyString", }, version_label: "NonEmptyString", }, aws_elasticsearch_domain: { access_policies: "NonEmptyString", domain_endpoint_options: { enforce_https: false, tls_security_policy: "NonEmptyString", }, domain_id: "NonEmptyString", domain_name: "NonEmptyString", endpoint: "NonEmptyString", endpoints: { "NonEmptyString" => "NonEmptyString", }, elasticsearch_version: "NonEmptyString", elasticsearch_cluster_config: { dedicated_master_count: 1, dedicated_master_enabled: false, dedicated_master_type: "NonEmptyString", instance_count: 1, instance_type: "NonEmptyString", zone_awareness_config: { availability_zone_count: 1, }, zone_awareness_enabled: false, }, encryption_at_rest_options: { enabled: false, kms_key_id: "NonEmptyString", }, log_publishing_options: { index_slow_logs: { cloud_watch_logs_log_group_arn: "NonEmptyString", enabled: false, }, search_slow_logs: { cloud_watch_logs_log_group_arn: "NonEmptyString", enabled: false, }, audit_logs: { cloud_watch_logs_log_group_arn: "NonEmptyString", enabled: false, }, }, node_to_node_encryption_options: { enabled: false, }, service_software_options: { automated_update_date: "NonEmptyString", cancellable: false, current_version: "NonEmptyString", description: "NonEmptyString", new_version: "NonEmptyString", update_available: false, update_status: "NonEmptyString", }, vpc_options: { availability_zones: ["NonEmptyString"], security_group_ids: ["NonEmptyString"], subnet_ids: ["NonEmptyString"], vpc_id: "NonEmptyString", }, }, aws_s3_bucket: { owner_id: "NonEmptyString", owner_name: "NonEmptyString", created_at: "NonEmptyString", server_side_encryption_configuration: { rules: [ { apply_server_side_encryption_by_default: { sse_algorithm: "NonEmptyString", kms_master_key_id: "NonEmptyString", }, }, ], }, bucket_lifecycle_configuration: { rules: [ { abort_incomplete_multipart_upload: { days_after_initiation: 1, }, expiration_date: "NonEmptyString", expiration_in_days: 1, expired_object_delete_marker: false, filter: { predicate: { operands: [ { prefix: "NonEmptyString", tag: { key: "NonEmptyString", value: "NonEmptyString", }, type: "NonEmptyString", }, ], prefix: "NonEmptyString", tag: { key: "NonEmptyString", value: "NonEmptyString", }, type: "NonEmptyString", }, }, id: "NonEmptyString", noncurrent_version_expiration_in_days: 1, noncurrent_version_transitions: [ { days: 1, storage_class: "NonEmptyString", }, ], prefix: "NonEmptyString", status: "NonEmptyString", transitions: [ { date: "NonEmptyString", days: 1, storage_class: "NonEmptyString", }, ], }, ], }, public_access_block_configuration: { block_public_acls: false, block_public_policy: false, ignore_public_acls: false, restrict_public_buckets: false, }, access_control_list: "NonEmptyString", bucket_logging_configuration: { destination_bucket_name: "NonEmptyString", log_file_prefix: "NonEmptyString", }, bucket_website_configuration: { error_document: "NonEmptyString", index_document_suffix: "NonEmptyString", redirect_all_requests_to: { hostname: "NonEmptyString", protocol: "NonEmptyString", }, routing_rules: [ { condition: { http_error_code_returned_equals: "NonEmptyString", key_prefix_equals: "NonEmptyString", }, redirect: { hostname: "NonEmptyString", http_redirect_code: "NonEmptyString", protocol: "NonEmptyString", replace_key_prefix_with: "NonEmptyString", replace_key_with: "NonEmptyString", }, }, ], }, bucket_notification_configuration: { configurations: [ { events: ["NonEmptyString"], filter: { s3_key_filter: { filter_rules: [ { name: "Prefix", # accepts Prefix, Suffix value: "NonEmptyString", }, ], }, }, destination: "NonEmptyString", type: "NonEmptyString", }, ], }, }, aws_s3_account_public_access_block: { block_public_acls: false, block_public_policy: false, ignore_public_acls: false, restrict_public_buckets: false, }, aws_s3_object: { last_modified: "NonEmptyString", etag: "NonEmptyString", version_id: "NonEmptyString", content_type: "NonEmptyString", server_side_encryption: "NonEmptyString", ssekms_key_id: "NonEmptyString", }, aws_secrets_manager_secret: { rotation_rules: { automatically_after_days: 1, }, rotation_occurred_within_frequency: false, kms_key_id: "NonEmptyString", rotation_enabled: false, rotation_lambda_arn: "NonEmptyString", deleted: false, name: "NonEmptyString", description: "NonEmptyString", }, aws_iam_access_key: { user_name: "NonEmptyString", status: "Active", # accepts Active, Inactive created_at: "NonEmptyString", principal_id: "NonEmptyString", principal_type: "NonEmptyString", principal_name: "NonEmptyString", account_id: "NonEmptyString", access_key_id: "NonEmptyString", session_context: { attributes: { mfa_authenticated: false, creation_date: "NonEmptyString", }, session_issuer: { type: "NonEmptyString", principal_id: "NonEmptyString", arn: "NonEmptyString", account_id: "NonEmptyString", user_name: "NonEmptyString", }, }, }, aws_iam_user: { attached_managed_policies: [ { policy_name: "NonEmptyString", policy_arn: "NonEmptyString", }, ], create_date: "NonEmptyString", group_list: ["NonEmptyString"], path: "NonEmptyString", permissions_boundary: { permissions_boundary_arn: "NonEmptyString", permissions_boundary_type: "NonEmptyString", }, user_id: "NonEmptyString", user_name: "NonEmptyString", user_policy_list: [ { policy_name: "NonEmptyString", }, ], }, aws_iam_policy: { attachment_count: 1, create_date: "NonEmptyString", default_version_id: "NonEmptyString", description: "NonEmptyString", is_attachable: false, path: "NonEmptyString", permissions_boundary_usage_count: 1, policy_id: "NonEmptyString", policy_name: "NonEmptyString", policy_version_list: [ { version_id: "NonEmptyString", is_default_version: false, create_date: "NonEmptyString", }, ], update_date: "NonEmptyString", }, aws_api_gateway_v2_stage: { client_certificate_id: "NonEmptyString", created_date: "NonEmptyString", description: "NonEmptyString", default_route_settings: { detailed_metrics_enabled: false, logging_level: "NonEmptyString", data_trace_enabled: false, throttling_burst_limit: 1, throttling_rate_limit: 1.0, }, deployment_id: "NonEmptyString", last_updated_date: "NonEmptyString", route_settings: { detailed_metrics_enabled: false, logging_level: "NonEmptyString", data_trace_enabled: false, throttling_burst_limit: 1, throttling_rate_limit: 1.0, }, stage_name: "NonEmptyString", stage_variables: { "NonEmptyString" => "NonEmptyString", }, access_log_settings: { format: "NonEmptyString", destination_arn: "NonEmptyString", }, auto_deploy: false, last_deployment_status_message: "NonEmptyString", api_gateway_managed: false, }, aws_api_gateway_v2_api: { api_endpoint: "NonEmptyString", api_id: "NonEmptyString", api_key_selection_expression: "NonEmptyString", created_date: "NonEmptyString", description: "NonEmptyString", version: "NonEmptyString", name: "NonEmptyString", protocol_type: "NonEmptyString", route_selection_expression: "NonEmptyString", cors_configuration: { allow_origins: ["NonEmptyString"], allow_credentials: false, expose_headers: ["NonEmptyString"], max_age: 1, allow_methods: ["NonEmptyString"], allow_headers: ["NonEmptyString"], }, }, aws_dynamo_db_table: { attribute_definitions: [ { attribute_name: "NonEmptyString", attribute_type: "NonEmptyString", }, ], billing_mode_summary: { billing_mode: "NonEmptyString", last_update_to_pay_per_request_date_time: "NonEmptyString", }, creation_date_time: "NonEmptyString", global_secondary_indexes: [ { backfilling: false, index_arn: "NonEmptyString", index_name: "NonEmptyString", index_size_bytes: 1, index_status: "NonEmptyString", item_count: 1, key_schema: [ { attribute_name: "NonEmptyString", key_type: "NonEmptyString", }, ], projection: { non_key_attributes: ["NonEmptyString"], projection_type: "NonEmptyString", }, provisioned_throughput: { last_decrease_date_time: "NonEmptyString", last_increase_date_time: "NonEmptyString", number_of_decreases_today: 1, read_capacity_units: 1, write_capacity_units: 1, }, }, ], global_table_version: "NonEmptyString", item_count: 1, key_schema: [ { attribute_name: "NonEmptyString", key_type: "NonEmptyString", }, ], latest_stream_arn: "NonEmptyString", latest_stream_label: "NonEmptyString", local_secondary_indexes: [ { index_arn: "NonEmptyString", index_name: "NonEmptyString", key_schema: [ { attribute_name: "NonEmptyString", key_type: "NonEmptyString", }, ], projection: { non_key_attributes: ["NonEmptyString"], projection_type: "NonEmptyString", }, }, ], provisioned_throughput: { last_decrease_date_time: "NonEmptyString", last_increase_date_time: "NonEmptyString", number_of_decreases_today: 1, read_capacity_units: 1, write_capacity_units: 1, }, replicas: [ { global_secondary_indexes: [ { index_name: "NonEmptyString", provisioned_throughput_override: { read_capacity_units: 1, }, }, ], kms_master_key_id: "NonEmptyString", provisioned_throughput_override: { read_capacity_units: 1, }, region_name: "NonEmptyString", replica_status: "NonEmptyString", replica_status_description: "NonEmptyString", }, ], restore_summary: { source_backup_arn: "NonEmptyString", source_table_arn: "NonEmptyString", restore_date_time: "NonEmptyString", restore_in_progress: false, }, sse_description: { inaccessible_encryption_date_time: "NonEmptyString", status: "NonEmptyString", sse_type: "NonEmptyString", kms_master_key_arn: "NonEmptyString", }, stream_specification: { stream_enabled: false, stream_view_type: "NonEmptyString", }, table_id: "NonEmptyString", table_name: "NonEmptyString", table_size_bytes: 1, table_status: "NonEmptyString", }, aws_api_gateway_stage: { deployment_id: "NonEmptyString", client_certificate_id: "NonEmptyString", stage_name: "NonEmptyString", description: "NonEmptyString", cache_cluster_enabled: false, cache_cluster_size: "NonEmptyString", cache_cluster_status: "NonEmptyString", method_settings: [ { metrics_enabled: false, logging_level: "NonEmptyString", data_trace_enabled: false, throttling_burst_limit: 1, throttling_rate_limit: 1.0, caching_enabled: false, cache_ttl_in_seconds: 1, cache_data_encrypted: false, require_authorization_for_cache_control: false, unauthorized_cache_control_header_strategy: "NonEmptyString", http_method: "NonEmptyString", resource_path: "NonEmptyString", }, ], variables: { "NonEmptyString" => "NonEmptyString", }, documentation_version: "NonEmptyString", access_log_settings: { format: "NonEmptyString", destination_arn: "NonEmptyString", }, canary_settings: { percent_traffic: 1.0, deployment_id: "NonEmptyString", stage_variable_overrides: { "NonEmptyString" => "NonEmptyString", }, use_stage_cache: false, }, tracing_enabled: false, created_date: "NonEmptyString", last_updated_date: "NonEmptyString", web_acl_arn: "NonEmptyString", }, aws_api_gateway_rest_api: { id: "NonEmptyString", name: "NonEmptyString", description: "NonEmptyString", created_date: "NonEmptyString", version: "NonEmptyString", binary_media_types: ["NonEmptyString"], minimum_compression_size: 1, api_key_source: "NonEmptyString", endpoint_configuration: { types: ["NonEmptyString"], }, }, aws_cloud_trail_trail: { cloud_watch_logs_log_group_arn: "NonEmptyString", cloud_watch_logs_role_arn: "NonEmptyString", has_custom_event_selectors: false, home_region: "NonEmptyString", include_global_service_events: false, is_multi_region_trail: false, is_organization_trail: false, kms_key_id: "NonEmptyString", log_file_validation_enabled: false, name: "NonEmptyString", s3_bucket_name: "NonEmptyString", s3_key_prefix: "NonEmptyString", sns_topic_arn: "NonEmptyString", sns_topic_name: "NonEmptyString", trail_arn: "NonEmptyString", }, aws_ssm_patch_compliance: { patch: { compliance_summary: { status: "NonEmptyString", compliant_critical_count: 1, compliant_high_count: 1, compliant_medium_count: 1, execution_type: "NonEmptyString", non_compliant_critical_count: 1, compliant_informational_count: 1, non_compliant_informational_count: 1, compliant_unspecified_count: 1, non_compliant_low_count: 1, non_compliant_high_count: 1, compliant_low_count: 1, compliance_type: "NonEmptyString", patch_baseline_id: "NonEmptyString", overall_severity: "NonEmptyString", non_compliant_medium_count: 1, non_compliant_unspecified_count: 1, patch_group: "NonEmptyString", }, }, }, aws_certificate_manager_certificate: { certificate_authority_arn: "NonEmptyString", created_at: "NonEmptyString", domain_name: "NonEmptyString", domain_validation_options: [ { domain_name: "NonEmptyString", resource_record: { name: "NonEmptyString", type: "NonEmptyString", value: "NonEmptyString", }, validation_domain: "NonEmptyString", validation_emails: ["NonEmptyString"], validation_method: "NonEmptyString", validation_status: "NonEmptyString", }, ], extended_key_usages: [ { name: "NonEmptyString", o_id: "NonEmptyString", }, ], failure_reason: "NonEmptyString", imported_at: "NonEmptyString", in_use_by: ["NonEmptyString"], issued_at: "NonEmptyString", issuer: "NonEmptyString", key_algorithm: "NonEmptyString", key_usages: [ { name: "NonEmptyString", }, ], not_after: "NonEmptyString", not_before: "NonEmptyString", options: { certificate_transparency_logging_preference: "NonEmptyString", }, renewal_eligibility: "NonEmptyString", renewal_summary: { domain_validation_options: [ { domain_name: "NonEmptyString", resource_record: { name: "NonEmptyString", type: "NonEmptyString", value: "NonEmptyString", }, validation_domain: "NonEmptyString", validation_emails: ["NonEmptyString"], validation_method: "NonEmptyString", validation_status: "NonEmptyString", }, ], renewal_status: "NonEmptyString", renewal_status_reason: "NonEmptyString", updated_at: "NonEmptyString", }, serial: "NonEmptyString", signature_algorithm: "NonEmptyString", status: "NonEmptyString", subject: "NonEmptyString", subject_alternative_names: ["NonEmptyString"], type: "NonEmptyString", }, aws_redshift_cluster: { allow_version_upgrade: false, automated_snapshot_retention_period: 1, availability_zone: "NonEmptyString", cluster_availability_status: "NonEmptyString", cluster_create_time: "NonEmptyString", cluster_identifier: "NonEmptyString", cluster_nodes: [ { node_role: "NonEmptyString", private_ip_address: "NonEmptyString", public_ip_address: "NonEmptyString", }, ], cluster_parameter_groups: [ { cluster_parameter_status_list: [ { parameter_name: "NonEmptyString", parameter_apply_status: "NonEmptyString", parameter_apply_error_description: "NonEmptyString", }, ], parameter_apply_status: "NonEmptyString", parameter_group_name: "NonEmptyString", }, ], cluster_public_key: "NonEmptyString", cluster_revision_number: "NonEmptyString", cluster_security_groups: [ { cluster_security_group_name: "NonEmptyString", status: "NonEmptyString", }, ], cluster_snapshot_copy_status: { destination_region: "NonEmptyString", manual_snapshot_retention_period: 1, retention_period: 1, snapshot_copy_grant_name: "NonEmptyString", }, cluster_status: "NonEmptyString", cluster_subnet_group_name: "NonEmptyString", cluster_version: "NonEmptyString", db_name: "NonEmptyString", deferred_maintenance_windows: [ { defer_maintenance_end_time: "NonEmptyString", defer_maintenance_identifier: "NonEmptyString", defer_maintenance_start_time: "NonEmptyString", }, ], elastic_ip_status: { elastic_ip: "NonEmptyString", status: "NonEmptyString", }, elastic_resize_number_of_node_options: "NonEmptyString", encrypted: false, endpoint: { address: "NonEmptyString", port: 1, }, enhanced_vpc_routing: false, expected_next_snapshot_schedule_time: "NonEmptyString", expected_next_snapshot_schedule_time_status: "NonEmptyString", hsm_status: { hsm_client_certificate_identifier: "NonEmptyString", hsm_configuration_identifier: "NonEmptyString", status: "NonEmptyString", }, iam_roles: [ { apply_status: "NonEmptyString", iam_role_arn: "NonEmptyString", }, ], kms_key_id: "NonEmptyString", maintenance_track_name: "NonEmptyString", manual_snapshot_retention_period: 1, master_username: "NonEmptyString", next_maintenance_window_start_time: "NonEmptyString", node_type: "NonEmptyString", number_of_nodes: 1, pending_actions: ["NonEmptyString"], pending_modified_values: { automated_snapshot_retention_period: 1, cluster_identifier: "NonEmptyString", cluster_type: "NonEmptyString", cluster_version: "NonEmptyString", encryption_type: "NonEmptyString", enhanced_vpc_routing: false, maintenance_track_name: "NonEmptyString", master_user_password: "NonEmptyString", node_type: "NonEmptyString", number_of_nodes: 1, publicly_accessible: false, }, preferred_maintenance_window: "NonEmptyString", publicly_accessible: false, resize_info: { allow_cancel_resize: false, resize_type: "NonEmptyString", }, restore_status: { current_restore_rate_in_mega_bytes_per_second: 1.0, elapsed_time_in_seconds: 1, estimated_time_to_completion_in_seconds: 1, progress_in_mega_bytes: 1, snapshot_size_in_mega_bytes: 1, status: "NonEmptyString", }, snapshot_schedule_identifier: "NonEmptyString", snapshot_schedule_state: "NonEmptyString", vpc_id: "NonEmptyString", vpc_security_groups: [ { status: "NonEmptyString", vpc_security_group_id: "NonEmptyString", }, ], }, aws_elb_load_balancer: { availability_zones: ["NonEmptyString"], backend_server_descriptions: [ { instance_port: 1, policy_names: ["NonEmptyString"], }, ], canonical_hosted_zone_name: "NonEmptyString", canonical_hosted_zone_name_id: "NonEmptyString", created_time: "NonEmptyString", dns_name: "NonEmptyString", health_check: { healthy_threshold: 1, interval: 1, target: "NonEmptyString", timeout: 1, unhealthy_threshold: 1, }, instances: [ { instance_id: "NonEmptyString", }, ], listener_descriptions: [ { listener: { instance_port: 1, instance_protocol: "NonEmptyString", load_balancer_port: 1, protocol: "NonEmptyString", ssl_certificate_id: "NonEmptyString", }, policy_names: ["NonEmptyString"], }, ], load_balancer_attributes: { access_log: { emit_interval: 1, enabled: false, s3_bucket_name: "NonEmptyString", s3_bucket_prefix: "NonEmptyString", }, connection_draining: { enabled: false, timeout: 1, }, connection_settings: { idle_timeout: 1, }, cross_zone_load_balancing: { enabled: false, }, }, load_balancer_name: "NonEmptyString", policies: { app_cookie_stickiness_policies: [ { cookie_name: "NonEmptyString", policy_name: "NonEmptyString", }, ], lb_cookie_stickiness_policies: [ { cookie_expiration_period: 1, policy_name: "NonEmptyString", }, ], other_policies: ["NonEmptyString"], }, scheme: "NonEmptyString", security_groups: ["NonEmptyString"], source_security_group: { group_name: "NonEmptyString", owner_alias: "NonEmptyString", }, subnets: ["NonEmptyString"], vpc_id: "NonEmptyString", }, aws_iam_group: { attached_managed_policies: [ { policy_name: "NonEmptyString", policy_arn: "NonEmptyString", }, ], create_date: "NonEmptyString", group_id: "NonEmptyString", group_name: "NonEmptyString", group_policy_list: [ { policy_name: "NonEmptyString", }, ], path: "NonEmptyString", }, aws_iam_role: { assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument", attached_managed_policies: [ { policy_name: "NonEmptyString", policy_arn: "NonEmptyString", }, ], create_date: "NonEmptyString", instance_profile_list: [ { arn: "NonEmptyString", create_date: "NonEmptyString", instance_profile_id: "NonEmptyString", instance_profile_name: "NonEmptyString", path: "NonEmptyString", roles: [ { arn: "NonEmptyString", assume_role_policy_document: "AwsIamRoleAssumeRolePolicyDocument", create_date: "NonEmptyString", path: "NonEmptyString", role_id: "NonEmptyString", role_name: "NonEmptyString", }, ], }, ], permissions_boundary: { permissions_boundary_arn: "NonEmptyString", permissions_boundary_type: "NonEmptyString", }, role_id: "NonEmptyString", role_name: "NonEmptyString", role_policy_list: [ { policy_name: "NonEmptyString", }, ], max_session_duration: 1, path: "NonEmptyString", }, aws_kms_key: { aws_account_id: "NonEmptyString", creation_date: 1.0, key_id: "NonEmptyString", key_manager: "NonEmptyString", key_state: "NonEmptyString", origin: "NonEmptyString", description: "NonEmptyString", key_rotation_status: false, }, aws_lambda_function: { code: { s3_bucket: "NonEmptyString", s3_key: "NonEmptyString", s3_object_version: "NonEmptyString", zip_file: "NonEmptyString", }, code_sha_256: "NonEmptyString", dead_letter_config: { target_arn: "NonEmptyString", }, environment: { variables: { "NonEmptyString" => "NonEmptyString", }, error: { error_code: "NonEmptyString", message: "NonEmptyString", }, }, function_name: "NonEmptyString", handler: "NonEmptyString", kms_key_arn: "NonEmptyString", last_modified: "NonEmptyString", layers: [ { arn: "NonEmptyString", code_size: 1, }, ], master_arn: "NonEmptyString", memory_size: 1, revision_id: "NonEmptyString", role: "NonEmptyString", runtime: "NonEmptyString", timeout: 1, tracing_config: { mode: "NonEmptyString", }, vpc_config: { security_group_ids: ["NonEmptyString"], subnet_ids: ["NonEmptyString"], vpc_id: "NonEmptyString", }, version: "NonEmptyString", }, aws_lambda_layer_version: { version: 1, compatible_runtimes: ["NonEmptyString"], created_date: "NonEmptyString", }, aws_rds_db_instance: { associated_roles: [ { role_arn: "NonEmptyString", feature_name: "NonEmptyString", status: "NonEmptyString", }, ], ca_certificate_identifier: "NonEmptyString", db_cluster_identifier: "NonEmptyString", db_instance_identifier: "NonEmptyString", db_instance_class: "NonEmptyString", db_instance_port: 1, dbi_resource_id: "NonEmptyString", db_name: "NonEmptyString", deletion_protection: false, endpoint: { address: "NonEmptyString", port: 1, hosted_zone_id: "NonEmptyString", }, engine: "NonEmptyString", engine_version: "NonEmptyString", iam_database_authentication_enabled: false, instance_create_time: "NonEmptyString", kms_key_id: "NonEmptyString", publicly_accessible: false, storage_encrypted: false, tde_credential_arn: "NonEmptyString", vpc_security_groups: [ { vpc_security_group_id: "NonEmptyString", status: "NonEmptyString", }, ], multi_az: false, enhanced_monitoring_resource_arn: "NonEmptyString", db_instance_status: "NonEmptyString", master_username: "NonEmptyString", allocated_storage: 1, preferred_backup_window: "NonEmptyString", backup_retention_period: 1, db_security_groups: ["NonEmptyString"], db_parameter_groups: [ { db_parameter_group_name: "NonEmptyString", parameter_apply_status: "NonEmptyString", }, ], availability_zone: "NonEmptyString", db_subnet_group: { db_subnet_group_name: "NonEmptyString", db_subnet_group_description: "NonEmptyString", vpc_id: "NonEmptyString", subnet_group_status: "NonEmptyString", subnets: [ { subnet_identifier: "NonEmptyString", subnet_availability_zone: { name: "NonEmptyString", }, subnet_status: "NonEmptyString", }, ], db_subnet_group_arn: "NonEmptyString", }, preferred_maintenance_window: "NonEmptyString", pending_modified_values: { db_instance_class: "NonEmptyString", allocated_storage: 1, master_user_password: "NonEmptyString", port: 1, backup_retention_period: 1, multi_az: false, engine_version: "NonEmptyString", license_model: "NonEmptyString", iops: 1, db_instance_identifier: "NonEmptyString", storage_type: "NonEmptyString", ca_certificate_identifier: "NonEmptyString", db_subnet_group_name: "NonEmptyString", pending_cloud_watch_logs_exports: { log_types_to_enable: ["NonEmptyString"], log_types_to_disable: ["NonEmptyString"], }, processor_features: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], }, latest_restorable_time: "NonEmptyString", auto_minor_version_upgrade: false, read_replica_source_db_instance_identifier: "NonEmptyString", read_replica_db_instance_identifiers: ["NonEmptyString"], read_replica_db_cluster_identifiers: ["NonEmptyString"], license_model: "NonEmptyString", iops: 1, option_group_memberships: [ { option_group_name: "NonEmptyString", status: "NonEmptyString", }, ], character_set_name: "NonEmptyString", secondary_availability_zone: "NonEmptyString", status_infos: [ { status_type: "NonEmptyString", normal: false, status: "NonEmptyString", message: "NonEmptyString", }, ], storage_type: "NonEmptyString", domain_memberships: [ { domain: "NonEmptyString", status: "NonEmptyString", fqdn: "NonEmptyString", iam_role_name: "NonEmptyString", }, ], copy_tags_to_snapshot: false, monitoring_interval: 1, monitoring_role_arn: "NonEmptyString", promotion_tier: 1, timezone: "NonEmptyString", performance_insights_enabled: false, performance_insights_kms_key_id: "NonEmptyString", performance_insights_retention_period: 1, enabled_cloud_watch_logs_exports: ["NonEmptyString"], processor_features: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], listener_endpoint: { address: "NonEmptyString", port: 1, hosted_zone_id: "NonEmptyString", }, max_allocated_storage: 1, }, aws_sns_topic: { kms_master_key_id: "NonEmptyString", subscription: [ { endpoint: "NonEmptyString", protocol: "NonEmptyString", }, ], topic_name: "NonEmptyString", owner: "NonEmptyString", }, aws_sqs_queue: { kms_data_key_reuse_period_seconds: 1, kms_master_key_id: "NonEmptyString", queue_name: "NonEmptyString", dead_letter_target_arn: "NonEmptyString", }, aws_waf_web_acl: { name: "NonEmptyString", default_action: "NonEmptyString", rules: [ { action: { type: "NonEmptyString", }, excluded_rules: [ { rule_id: "NonEmptyString", }, ], override_action: { type: "NonEmptyString", }, priority: 1, rule_id: "NonEmptyString", type: "NonEmptyString", }, ], web_acl_id: "NonEmptyString", }, aws_rds_db_snapshot: { db_snapshot_identifier: "NonEmptyString", db_instance_identifier: "NonEmptyString", snapshot_create_time: "NonEmptyString", engine: "NonEmptyString", allocated_storage: 1, status: "NonEmptyString", port: 1, availability_zone: "NonEmptyString", vpc_id: "NonEmptyString", instance_create_time: "NonEmptyString", master_username: "NonEmptyString", engine_version: "NonEmptyString", license_model: "NonEmptyString", snapshot_type: "NonEmptyString", iops: 1, option_group_name: "NonEmptyString", percent_progress: 1, source_region: "NonEmptyString", source_db_snapshot_identifier: "NonEmptyString", storage_type: "NonEmptyString", tde_credential_arn: "NonEmptyString", encrypted: false, kms_key_id: "NonEmptyString", timezone: "NonEmptyString", iam_database_authentication_enabled: false, processor_features: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], dbi_resource_id: "NonEmptyString", }, aws_rds_db_cluster_snapshot: { availability_zones: ["NonEmptyString"], snapshot_create_time: "NonEmptyString", engine: "NonEmptyString", allocated_storage: 1, status: "NonEmptyString", port: 1, vpc_id: "NonEmptyString", cluster_create_time: "NonEmptyString", master_username: "NonEmptyString", engine_version: "NonEmptyString", license_model: "NonEmptyString", snapshot_type: "NonEmptyString", percent_progress: 1, storage_encrypted: false, kms_key_id: "NonEmptyString", db_cluster_identifier: "NonEmptyString", db_cluster_snapshot_identifier: "NonEmptyString", iam_database_authentication_enabled: false, }, aws_rds_db_cluster: { allocated_storage: 1, availability_zones: ["NonEmptyString"], backup_retention_period: 1, database_name: "NonEmptyString", status: "NonEmptyString", endpoint: "NonEmptyString", reader_endpoint: "NonEmptyString", custom_endpoints: ["NonEmptyString"], multi_az: false, engine: "NonEmptyString", engine_version: "NonEmptyString", port: 1, master_username: "NonEmptyString", preferred_backup_window: "NonEmptyString", preferred_maintenance_window: "NonEmptyString", read_replica_identifiers: ["NonEmptyString"], vpc_security_groups: [ { vpc_security_group_id: "NonEmptyString", status: "NonEmptyString", }, ], hosted_zone_id: "NonEmptyString", storage_encrypted: false, kms_key_id: "NonEmptyString", db_cluster_resource_id: "NonEmptyString", associated_roles: [ { role_arn: "NonEmptyString", status: "NonEmptyString", }, ], cluster_create_time: "NonEmptyString", enabled_cloud_watch_logs_exports: ["NonEmptyString"], engine_mode: "NonEmptyString", deletion_protection: false, http_endpoint_enabled: false, activity_stream_status: "NonEmptyString", copy_tags_to_snapshot: false, cross_account_clone: false, domain_memberships: [ { domain: "NonEmptyString", status: "NonEmptyString", fqdn: "NonEmptyString", iam_role_name: "NonEmptyString", }, ], db_cluster_parameter_group: "NonEmptyString", db_subnet_group: "NonEmptyString", db_cluster_option_group_memberships: [ { db_cluster_option_group_name: "NonEmptyString", status: "NonEmptyString", }, ], db_cluster_identifier: "NonEmptyString", db_cluster_members: [ { is_cluster_writer: false, promotion_tier: 1, db_instance_identifier: "NonEmptyString", db_cluster_parameter_group_status: "NonEmptyString", }, ], iam_database_authentication_enabled: false, }, aws_ecs_cluster: { capacity_providers: ["NonEmptyString"], cluster_settings: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], configuration: { execute_command_configuration: { kms_key_id: "NonEmptyString", log_configuration: { cloud_watch_encryption_enabled: false, cloud_watch_log_group_name: "NonEmptyString", s3_bucket_name: "NonEmptyString", s3_encryption_enabled: false, s3_key_prefix: "NonEmptyString", }, logging: "NonEmptyString", }, }, default_capacity_provider_strategy: [ { base: 1, capacity_provider: "NonEmptyString", weight: 1, }, ], }, aws_ecs_task_definition: { container_definitions: [ { command: ["NonEmptyString"], cpu: 1, depends_on: [ { condition: "NonEmptyString", container_name: "NonEmptyString", }, ], disable_networking: false, dns_search_domains: ["NonEmptyString"], dns_servers: ["NonEmptyString"], docker_labels: { "NonEmptyString" => "NonEmptyString", }, docker_security_options: ["NonEmptyString"], entry_point: ["NonEmptyString"], environment: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], environment_files: [ { type: "NonEmptyString", value: "NonEmptyString", }, ], essential: false, extra_hosts: [ { hostname: "NonEmptyString", ip_address: "NonEmptyString", }, ], firelens_configuration: { options: { "NonEmptyString" => "NonEmptyString", }, type: "NonEmptyString", }, health_check: { command: ["NonEmptyString"], interval: 1, retries: 1, start_period: 1, timeout: 1, }, hostname: "NonEmptyString", image: "NonEmptyString", interactive: false, links: ["NonEmptyString"], linux_parameters: { capabilities: { add: ["NonEmptyString"], drop: ["NonEmptyString"], }, devices: [ { container_path: "NonEmptyString", host_path: "NonEmptyString", permissions: ["NonEmptyString"], }, ], init_process_enabled: false, max_swap: 1, shared_memory_size: 1, swappiness: 1, tmpfs: [ { container_path: "NonEmptyString", mount_options: ["NonEmptyString"], size: 1, }, ], }, log_configuration: { log_driver: "NonEmptyString", options: { "NonEmptyString" => "NonEmptyString", }, secret_options: [ { name: "NonEmptyString", value_from: "NonEmptyString", }, ], }, memory: 1, memory_reservation: 1, mount_points: [ { container_path: "NonEmptyString", read_only: false, source_volume: "NonEmptyString", }, ], name: "NonEmptyString", port_mappings: [ { container_port: 1, host_port: 1, protocol: "NonEmptyString", }, ], privileged: false, pseudo_terminal: false, readonly_root_filesystem: false, repository_credentials: { credentials_parameter: "NonEmptyString", }, resource_requirements: [ { type: "NonEmptyString", value: "NonEmptyString", }, ], secrets: [ { name: "NonEmptyString", value_from: "NonEmptyString", }, ], start_timeout: 1, stop_timeout: 1, system_controls: [ { namespace: "NonEmptyString", value: "NonEmptyString", }, ], ulimits: [ { hard_limit: 1, name: "NonEmptyString", soft_limit: 1, }, ], user: "NonEmptyString", volumes_from: [ { read_only: false, source_container: "NonEmptyString", }, ], working_directory: "NonEmptyString", }, ], cpu: "NonEmptyString", execution_role_arn: "NonEmptyString", family: "NonEmptyString", inference_accelerators: [ { device_name: "NonEmptyString", device_type: "NonEmptyString", }, ], ipc_mode: "NonEmptyString", memory: "NonEmptyString", network_mode: "NonEmptyString", pid_mode: "NonEmptyString", placement_constraints: [ { expression: "NonEmptyString", type: "NonEmptyString", }, ], proxy_configuration: { container_name: "NonEmptyString", proxy_configuration_properties: [ { name: "NonEmptyString", value: "NonEmptyString", }, ], type: "NonEmptyString", }, requires_compatibilities: ["NonEmptyString"], task_role_arn: "NonEmptyString", volumes: [ { docker_volume_configuration: { autoprovision: false, driver: "NonEmptyString", driver_opts: { "NonEmptyString" => "NonEmptyString", }, labels: { "NonEmptyString" => "NonEmptyString", }, scope: "NonEmptyString", }, efs_volume_configuration: { authorization_config: { access_point_id: "NonEmptyString", iam: "NonEmptyString", }, filesystem_id: "NonEmptyString", root_directory: "NonEmptyString", transit_encryption: "NonEmptyString", transit_encryption_port: 1, }, host: { source_path: "NonEmptyString", }, name: "NonEmptyString", }, ], }, container: { name: "NonEmptyString", image_id: "NonEmptyString", image_name: "NonEmptyString", launched_at: "NonEmptyString", }, other: { "NonEmptyString" => "NonEmptyString", }, aws_rds_event_subscription: { cust_subscription_id: "NonEmptyString", customer_aws_id: "NonEmptyString", enabled: false, event_categories_list: ["NonEmptyString"], event_subscription_arn: "NonEmptyString", sns_topic_arn: "NonEmptyString", source_ids_list: ["NonEmptyString"], source_type: "NonEmptyString", status: "NonEmptyString", subscription_creation_time: "NonEmptyString", }, aws_ecs_service: { capacity_provider_strategy: [ { base: 1, capacity_provider: "NonEmptyString", weight: 1, }, ], cluster: "NonEmptyString", deployment_configuration: { deployment_circuit_breaker: { enable: false, rollback: false, }, maximum_percent: 1, minimum_healthy_percent: 1, }, deployment_controller: { type: "NonEmptyString", }, desired_count: 1, enable_ecs_managed_tags: false, enable_execute_command: false, health_check_grace_period_seconds: 1, launch_type: "NonEmptyString", load_balancers: [ { container_name: "NonEmptyString", container_port: 1, load_balancer_name: "NonEmptyString", target_group_arn: "NonEmptyString", }, ], name: "NonEmptyString", network_configuration: { aws_vpc_configuration: { assign_public_ip: "NonEmptyString", security_groups: ["NonEmptyString"], subnets: ["NonEmptyString"], }, }, placement_constraints: [ { expression: "NonEmptyString", type: "NonEmptyString", }, ], placement_strategies: [ { field: "NonEmptyString", type: "NonEmptyString", }, ], platform_version: "NonEmptyString", propagate_tags: "NonEmptyString", role: "NonEmptyString", scheduling_strategy: "NonEmptyString", service_arn: "NonEmptyString", service_name: "NonEmptyString", service_registries: [ { container_name: "NonEmptyString", container_port: 1, port: 1, registry_arn: "NonEmptyString", }, ], task_definition: "NonEmptyString", }, aws_auto_scaling_launch_configuration: { associate_public_ip_address: false, block_device_mappings: [ { device_name: "NonEmptyString", ebs: { delete_on_termination: false, encrypted: false, iops: 1, snapshot_id: "NonEmptyString", volume_size: 1, volume_type: "NonEmptyString", }, no_device: false, virtual_name: "NonEmptyString", }, ], classic_link_vpc_id: "NonEmptyString", classic_link_vpc_security_groups: ["NonEmptyString"], created_time: "NonEmptyString", ebs_optimized: false, iam_instance_profile: "NonEmptyString", image_id: "NonEmptyString", instance_monitoring: { enabled: false, }, instance_type: "NonEmptyString", kernel_id: "NonEmptyString", key_name: "NonEmptyString", launch_configuration_name: "NonEmptyString", placement_tenancy: "NonEmptyString", ramdisk_id: "NonEmptyString", security_groups: ["NonEmptyString"], spot_price: "NonEmptyString", user_data: "NonEmptyString", }, aws_ec2_vpn_connection: { vpn_connection_id: "NonEmptyString", state: "NonEmptyString", customer_gateway_id: "NonEmptyString", customer_gateway_configuration: "NonEmptyString", type: "NonEmptyString", vpn_gateway_id: "NonEmptyString", category: "NonEmptyString", vgw_telemetry: [ { accepted_route_count: 1, certificate_arn: "NonEmptyString", last_status_change: "NonEmptyString", outside_ip_address: "NonEmptyString", status: "NonEmptyString", status_message: "NonEmptyString", }, ], options: { static_routes_only: false, tunnel_options: [ { dpd_timeout_seconds: 1, ike_versions: ["NonEmptyString"], outside_ip_address: "NonEmptyString", phase_1_dh_group_numbers: [1], phase_1_encryption_algorithms: ["NonEmptyString"], phase_1_integrity_algorithms: ["NonEmptyString"], phase_1_lifetime_seconds: 1, phase_2_dh_group_numbers: [1], phase_2_encryption_algorithms: ["NonEmptyString"], phase_2_integrity_algorithms: ["NonEmptyString"], phase_2_lifetime_seconds: 1, pre_shared_key: "NonEmptyString", rekey_fuzz_percentage: 1, rekey_margin_time_seconds: 1, replay_window_size: 1, tunnel_inside_cidr: "NonEmptyString", }, ], }, routes: [ { destination_cidr_block: "NonEmptyString", state: "NonEmptyString", }, ], transit_gateway_id: "NonEmptyString", }, aws_ecr_container_image: { registry_id: "NonEmptyString", repository_name: "NonEmptyString", architecture: "NonEmptyString", image_digest: "NonEmptyString", image_tags: ["NonEmptyString"], image_published_at: "NonEmptyString", }, }, }, ], compliance: { status: "PASSED", # accepts PASSED, WARNING, FAILED, NOT_AVAILABLE related_requirements: ["NonEmptyString"], status_reasons: [ { reason_code: "NonEmptyString", # required description: "NonEmptyString", }, ], }, verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE workflow_state: "NEW", # accepts NEW, ASSIGNED, IN_PROGRESS, DEFERRED, RESOLVED workflow: { status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED }, record_state: "ACTIVE", # accepts ACTIVE, ARCHIVED related_findings: [ { product_arn: "NonEmptyString", # required id: "NonEmptyString", # required }, ], note: { text: "NonEmptyString", # required updated_by: "NonEmptyString", # required updated_at: "NonEmptyString", # required }, vulnerabilities: [ { id: "NonEmptyString", # required vulnerable_packages: [ { name: "NonEmptyString", version: "NonEmptyString", epoch: "NonEmptyString", release: "NonEmptyString", architecture: "NonEmptyString", package_manager: "NonEmptyString", file_path: "NonEmptyString", }, ], cvss: [ { version: "NonEmptyString", base_score: 1.0, base_vector: "NonEmptyString", source: "NonEmptyString", adjustments: [ { metric: "NonEmptyString", reason: "NonEmptyString", }, ], }, ], related_vulnerabilities: ["NonEmptyString"], vendor: { name: "NonEmptyString", # required url: "NonEmptyString", vendor_severity: "NonEmptyString", vendor_created_at: "NonEmptyString", vendor_updated_at: "NonEmptyString", }, reference_urls: ["NonEmptyString"], }, ], patch_summary: { id: "NonEmptyString", # required installed_count: 1, missing_count: 1, failed_count: 1, installed_other_count: 1, installed_rejected_count: 1, installed_pending_reboot: 1, operation_start_time: "NonEmptyString", operation_end_time: "NonEmptyString", reboot_option: "NonEmptyString", operation: "NonEmptyString", }, action: { action_type: "NonEmptyString", network_connection_action: { connection_direction: "NonEmptyString", remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, remote_port_details: { port: 1, port_name: "NonEmptyString", }, local_port_details: { port: 1, port_name: "NonEmptyString", }, protocol: "NonEmptyString", blocked: false, }, aws_api_call_action: { api: "NonEmptyString", service_name: "NonEmptyString", caller_type: "NonEmptyString", remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, domain_details: { domain: "NonEmptyString", }, affected_resources: { "NonEmptyString" => "NonEmptyString", }, first_seen: "NonEmptyString", last_seen: "NonEmptyString", }, dns_request_action: { domain: "NonEmptyString", protocol: "NonEmptyString", blocked: false, }, port_probe_action: { port_probe_details: [ { local_port_details: { port: 1, port_name: "NonEmptyString", }, local_ip_details: { ip_address_v4: "NonEmptyString", }, remote_ip_details: { ip_address_v4: "NonEmptyString", organization: { asn: 1, asn_org: "NonEmptyString", isp: "NonEmptyString", org: "NonEmptyString", }, country: { country_code: "NonEmptyString", country_name: "NonEmptyString", }, city: { city_name: "NonEmptyString", }, geo_location: { lon: 1.0, lat: 1.0, }, }, }, ], blocked: false, }, }, finding_provider_fields: { confidence: 1, criticality: 1, related_findings: [ { product_arn: "NonEmptyString", # required id: "NonEmptyString", # required }, ], severity: { label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL original: "NonEmptyString", }, types: ["NonEmptyString"], }, }
@!attribute [rw] schema_version
The schema version that a finding is formatted for. @return [String]
@!attribute [rw] id
The security findings provider-specific identifier for a finding. @return [String]
@!attribute [rw] product_arn
The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration. @return [String]
@!attribute [rw] product_name
The name of the product that generated the finding. Security Hub populates this attribute automatically for each finding. You cannot update it using `BatchImportFindings` or `BatchUpdateFindings`. The exception to this is when you use a custom integration. When you use the Security Hub console to filter findings by product name, you use this attribute. When you use the Security Hub API to filter findings by product name, you use the `aws/securityhub/ProductName` attribute under `ProductFields`. Security Hub does not synchronize those two attributes. @return [String]
@!attribute [rw] company_name
The name of the company for the product that generated the finding. Security Hub populates this attribute automatically for each finding. You cannot be updated using `BatchImportFindings` or `BatchUpdateFindings`. The exception to this is when you use a custom integration. When you use the Security Hub console to filter findings by company name, you use this attribute. When you use the Security Hub API to filter findings by company name, you use the `aws/securityhub/CompanyName` attribute under `ProductFields`. Security Hub does not synchronize those two attributes. @return [String]
@!attribute [rw] region
The Region from which the finding was generated. Security Hub populates this attribute automatically for each finding. You cannot update it using `BatchImportFindings` or `BatchUpdateFindings`. @return [String]
@!attribute [rw] generator_id
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc. @return [String]
@!attribute [rw] aws_account_id
The Amazon Web Services account ID that a finding is generated in. @return [String]
@!attribute [rw] types
One or more finding types in the format of `namespace/category/classifier` that classify a finding. Valid namespace values are: Software and Configuration Checks \| TTPs \| Effects \| Unusual Behaviors \| Sensitive Data Identifications @return [Array<String>]
@!attribute [rw] first_observed_at
Indicates when the security-findings provider first observed the potential security issue that a finding captured. Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format][1]. The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z`. [1]: https://tools.ietf.org/html/rfc3339#section-5.6 @return [String]
@!attribute [rw] last_observed_at
Indicates when the security-findings provider most recently observed the potential security issue that a finding captured. Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format][1]. The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z`. [1]: https://tools.ietf.org/html/rfc3339#section-5.6 @return [String]
@!attribute [rw] created_at
Indicates when the security-findings provider created the potential security issue that a finding captured. Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format][1]. The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z`. [1]: https://tools.ietf.org/html/rfc3339#section-5.6 @return [String]
@!attribute [rw] updated_at
Indicates when the security-findings provider last updated the finding record. Uses the `date-time` format specified in [RFC 3339 section 5.6, Internet Date/Time Format][1]. The value cannot contain spaces. For example, `2020-03-22T13:22:13.933Z`. [1]: https://tools.ietf.org/html/rfc3339#section-5.6 @return [String]
@!attribute [rw] severity
A finding's severity. @return [Types::Severity]
@!attribute [rw] confidence
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence. @return [Integer]
@!attribute [rw] criticality
The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources. @return [Integer]
@!attribute [rw] title
A finding's title. <note markdown="1"> In this release, `Title` is a required property. </note> @return [String]
@!attribute [rw] description
A finding's description. <note markdown="1"> In this release, `Description` is a required property. </note> @return [String]
@!attribute [rw] remediation
A data type that describes the remediation options for a finding. @return [Types::Remediation]
@!attribute [rw] source_url
A URL that links to a page about the current finding in the security-findings provider's solution. @return [String]
@!attribute [rw] product_fields
A data type where security-findings providers can include additional solution-specific details that aren't part of the defined `AwsSecurityFinding` format. Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters. @return [Hash<String,String>]
@!attribute [rw] user_defined_fields
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding. @return [Hash<String,String>]
@!attribute [rw] malware
A list of malware related to a finding. @return [Array<Types::Malware>]
@!attribute [rw] network
The details of network-related information about a finding. @return [Types::Network]
@!attribute [rw] network_path
Provides information about a network path that is relevant to a finding. Each entry under `NetworkPath` represents a component of that path. @return [Array<Types::NetworkPathComponent>]
@!attribute [rw] process
The details of process-related information about a finding. @return [Types::ProcessDetails]
@!attribute [rw] threat_intel_indicators
Threat intelligence details related to a finding. @return [Array<Types::ThreatIntelIndicator>]
@!attribute [rw] resources
A set of resource data types that describe the resources that the finding refers to. @return [Array<Types::Resource>]
@!attribute [rw] compliance
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS Amazon Web Services Foundations. Contains security standard-related finding details. @return [Types::Compliance]
@!attribute [rw] verification_state
Indicates the veracity of a finding. @return [String]
@!attribute [rw] workflow_state
The workflow state of a finding. @return [String]
@!attribute [rw] workflow
Provides information about the status of the investigation into a finding. @return [Types::Workflow]
@!attribute [rw] record_state
The record state of a finding. @return [String]
@!attribute [rw] related_findings
A list of related findings. @return [Array<Types::RelatedFinding>]
@!attribute [rw] note
A user-defined note added to a finding. @return [Types::Note]
@!attribute [rw] vulnerabilities
Provides a list of vulnerabilities associated with the findings. @return [Array<Types::Vulnerability>]
@!attribute [rw] patch_summary
Provides an overview of the patch compliance status for an instance against a selected compliance standard. @return [Types::PatchSummary]
@!attribute [rw] action
Provides details about an action that affects or that was taken on a resource. @return [Types::Action]
@!attribute [rw] finding_provider_fields
In a `BatchImportFindings` request, finding providers use `FindingProviderFields` to provide and update their own values for confidence, criticality, related findings, severity, and types. @return [Types::FindingProviderFields]
@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/AwsSecurityFinding AWS API Documentation
Constants
- SENSITIVE