class Aws::SecurityHub::Types::Action

Provides details about one of the following actions that affects or that was taken on a resource:

@note When making an API call, you may pass Action

data as a hash:

    {
      action_type: "NonEmptyString",
      network_connection_action: {
        connection_direction: "NonEmptyString",
        remote_ip_details: {
          ip_address_v4: "NonEmptyString",
          organization: {
            asn: 1,
            asn_org: "NonEmptyString",
            isp: "NonEmptyString",
            org: "NonEmptyString",
          },
          country: {
            country_code: "NonEmptyString",
            country_name: "NonEmptyString",
          },
          city: {
            city_name: "NonEmptyString",
          },
          geo_location: {
            lon: 1.0,
            lat: 1.0,
          },
        },
        remote_port_details: {
          port: 1,
          port_name: "NonEmptyString",
        },
        local_port_details: {
          port: 1,
          port_name: "NonEmptyString",
        },
        protocol: "NonEmptyString",
        blocked: false,
      },
      aws_api_call_action: {
        api: "NonEmptyString",
        service_name: "NonEmptyString",
        caller_type: "NonEmptyString",
        remote_ip_details: {
          ip_address_v4: "NonEmptyString",
          organization: {
            asn: 1,
            asn_org: "NonEmptyString",
            isp: "NonEmptyString",
            org: "NonEmptyString",
          },
          country: {
            country_code: "NonEmptyString",
            country_name: "NonEmptyString",
          },
          city: {
            city_name: "NonEmptyString",
          },
          geo_location: {
            lon: 1.0,
            lat: 1.0,
          },
        },
        domain_details: {
          domain: "NonEmptyString",
        },
        affected_resources: {
          "NonEmptyString" => "NonEmptyString",
        },
        first_seen: "NonEmptyString",
        last_seen: "NonEmptyString",
      },
      dns_request_action: {
        domain: "NonEmptyString",
        protocol: "NonEmptyString",
        blocked: false,
      },
      port_probe_action: {
        port_probe_details: [
          {
            local_port_details: {
              port: 1,
              port_name: "NonEmptyString",
            },
            local_ip_details: {
              ip_address_v4: "NonEmptyString",
            },
            remote_ip_details: {
              ip_address_v4: "NonEmptyString",
              organization: {
                asn: 1,
                asn_org: "NonEmptyString",
                isp: "NonEmptyString",
                org: "NonEmptyString",
              },
              country: {
                country_code: "NonEmptyString",
                country_name: "NonEmptyString",
              },
              city: {
                city_name: "NonEmptyString",
              },
              geo_location: {
                lon: 1.0,
                lat: 1.0,
              },
            },
          },
        ],
        blocked: false,
      },
    }

@!attribute [rw] action_type

The type of action that was detected. The possible action types are:

* `NETWORK_CONNECTION`

* `AWS_API_CALL`

* `DNS_REQUEST`

* `PORT_PROBE`
@return [String]

@!attribute [rw] network_connection_action

Included if `ActionType` is `NETWORK_CONNECTION`. Provides details
about the network connection that was detected.
@return [Types::NetworkConnectionAction]

@!attribute [rw] aws_api_call_action

Included if `ActionType` is `AWS_API_CALL`. Provides details about
the API call that was detected.
@return [Types::AwsApiCallAction]

@!attribute [rw] dns_request_action

Included if `ActionType` is `DNS_REQUEST`. Provides details about
the DNS request that was detected.
@return [Types::DnsRequestAction]

@!attribute [rw] port_probe_action

Included if `ActionType` is `PORT_PROBE`. Provides details about the
port probe that was detected.
@return [Types::PortProbeAction]

@see docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/Action AWS API Documentation

Constants

SENSITIVE