lib/aws-sdk-securityhub/client.rb in aws-sdk-securityhub-1.120.0 vs lib/aws-sdk-securityhub/client.rb in aws-sdk-securityhub-1.121.0

- old
+ new

@@ -445,20 +445,31 @@ super end # @!group API Operations + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. + # + # </note> + # # Accepts the invitation to be a member account and be monitored by the # Security Hub administrator account that the invitation was sent from. # # This operation is only used by member accounts that are not added # through Organizations. # # When the member account accepts the invitation, permission is granted # to the administrator account to view findings generated in the member # account. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @option params [required, String] :administrator_id # The account ID of the Security Hub administrator account that sent the # invitation. # # @option params [required, String] :invitation_id @@ -1853,11 +1864,11 @@ # investigation into a finding. Requested by administrator accounts or # member accounts. Administrator accounts can update findings for their # account and their member accounts. Member accounts can update findings # for their account. # - # Updates from `BatchUpdateFindings` do not affect the value of + # Updates from `BatchUpdateFindings` don't affect the value of # `UpdatedAt` for a finding. # # Administrator and member accounts can use `BatchUpdateFindings` to # update the following finding fields and objects. # @@ -2846,18 +2857,23 @@ def create_configuration_policy(params = {}, options = {}) req = build_request(:create_configuration_policy, params) req.send_request(options) end - # Used to enable finding aggregation. Must be called from the - # aggregation Region. + # <note markdown="1"> The *aggregation Region* is now called the *home Region*. # - # For more details about cross-Region replication, see [Configuring - # finding aggregation][1] in the *Security Hub User Guide*. + # </note> # + # Used to enable cross-Region aggregation. This operation can be invoked + # from the home Region only. # + # For information about how cross-Region aggregation works, see + # [Understanding cross-Region aggregation in Security Hub][1] in the + # *Security Hub User Guide*. # + # + # # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html # # @option params [required, String] :region_linking_mode # Indicates whether to aggregate findings from all of the available # Regions in the current partition. Also determines whether to @@ -2887,16 +2903,16 @@ # * `NO_REGIONS` - Aggregates no data because no Regions are selected as # linked Regions. # # @option params [Array<String>] :regions # If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is - # a space-separated list of Regions that do not aggregate findings to - # the aggregation Region. + # a space-separated list of Regions that don't replicate and send + # findings to the home Region. # # If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a - # space-separated list of Regions that do aggregate findings to the - # aggregation Region. + # space-separated list of Regions that do replicate and send findings to + # the home Region. # # An `InvalidInputException` error results if you populate this field # while `RegionLinkingMode` is `NO_REGIONS`. # # @return [Types::CreateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -3750,11 +3766,11 @@ # association and then send an invitation to the member account. To send # the invitation, you use the `InviteMembers` operation. If the account # owner accepts the invitation, the account becomes a member account in # Security Hub. # - # Accounts that are managed using Organizations do not receive an + # Accounts that are managed using Organizations don't receive an # invitation. They automatically become a member account in Security # Hub. # # * If the organization account does not have Security Hub enabled, then # Security Hub and the default standards are automatically enabled. @@ -3830,18 +3846,30 @@ def create_members(params = {}, options = {}) req = build_request(:create_members, params) req.send_request(options) end - # Declines invitations to become a member account. + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. # + # </note> + # + # Declines invitations to become a Security Hub member account. + # # A prospective member account uses this operation to decline an # invitation to become a member. # - # This operation is only called by member accounts that aren't part of - # an organization. Organization accounts don't receive invitations. + # Only member accounts that aren't part of an Amazon Web Services + # organization should use this operation. Organization accounts don't + # receive invitations. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @option params [required, Array<String>] :account_ids # The list of prospective member account IDs for which to decline an # invitation. # # @return [Types::DeclineInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -3970,17 +3998,22 @@ def delete_configuration_policy(params = {}, options = {}) req = build_request(:delete_configuration_policy, params) req.send_request(options) end + # <note markdown="1"> The *aggregation Region* is now called the *home Region*. + # + # </note> + # # Deletes a finding aggregator. When you delete the finding aggregator, - # you stop finding aggregation. + # you stop cross-Region aggregation. Finding replication stops occurring + # from the linked Regions to the home Region. # - # When you stop finding aggregation, findings that were already - # aggregated to the aggregation Region are still visible from the - # aggregation Region. New findings and finding updates are not - # aggregated. + # When you stop cross-Region aggregation, findings that were already + # replicated and sent to the home Region are still visible from the home + # Region. However, new findings and finding updates are no longer + # replicated and sent to the home Region. # # @option params [required, String] :finding_aggregator_arn # The ARN of the finding aggregator to delete. To obtain the ARN, use # `ListFindingAggregators`. # @@ -4051,20 +4084,31 @@ def delete_insight(params = {}, options = {}) req = build_request(:delete_insight, params) req.send_request(options) end - # Deletes invitations received by the Amazon Web Services account to - # become a member account. + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. # + # </note> + # + # Deletes invitations to become a Security Hub member account. + # # A Security Hub administrator account can use this operation to delete - # invitations sent to one or more member accounts. + # invitations sent to one or more prospective member accounts. # # This operation is only used to delete invitations that are sent to - # member accounts that aren't part of an organization. Organization - # accounts don't receive invitations. + # prospective member accounts that aren't part of an Amazon Web + # Services organization. Organization accounts don't receive + # invitations. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @option params [required, Array<String>] :account_ids # The list of member account IDs that received the invitations you want # to delete. # # @return [Types::DeleteInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -4343,11 +4387,11 @@ # Returns information about product integrations in Security Hub. # # You can optionally provide an integration ARN. If you provide an # integration ARN, then the results only include that integration. # - # If you do not provide an integration ARN, then the results include all + # If you don't provide an integration ARN, then the results include all # of the available product integrations. # # @option params [String] :next_token # The token that is required for pagination. On your first call to the # `DescribeProducts` operation, set the value of this parameter to @@ -4950,11 +4994,11 @@ # @option params [Hash<String,String>] :tags # The tags to add to the hub resource when you enable Security Hub. # # @option params [Boolean] :enable_default_standards # Whether to enable the security standards that Security Hub has - # designated as automatically enabled. If you do not provide a value for + # designated as automatically enabled. If you don't provide a value for # `EnableDefaultStandards`, it is set to `true`. To not enable the # automatically enabled standards, set `EnableDefaultStandards` to # `false`. # # @option params [String] :control_finding_generator @@ -5310,12 +5354,18 @@ def get_enabled_standards(params = {}, options = {}) req = build_request(:get_enabled_standards, params) req.send_request(options) end - # Returns the current finding aggregation configuration. + # <note markdown="1"> The *aggregation Region* is now called the *home Region*. # + # </note> + # + # Returns the current configuration in the calling account for + # cross-Region aggregation. A finding aggregator is a resource that + # establishes the home Region and any linked Regions. + # # @option params [required, String] :finding_aggregator_arn # The ARN of the finding aggregator to return details for. To obtain the # ARN, use `ListFindingAggregators`. # # @return [Types::GetFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -5548,13 +5598,13 @@ req.send_request(options) end # Returns a list of findings that match the specified criteria. # - # If finding aggregation is enabled, then when you call `GetFindings` - # from the aggregation Region, the results include all of the matching - # findings from both the aggregation Region and the linked Regions. + # If cross-Region aggregation is enabled, then when you call + # `GetFindings` from the home Region, the results include all of the + # matching findings from both the home Region and linked Regions. # # @option params [Types::AwsSecurityFindingFilters] :filters # The finding attributes used to define a condition to filter the # returned findings. # @@ -6474,11 +6524,11 @@ end # Lists and describes insights for the specified insight ARNs. # # @option params [Array<String>] :insight_arns - # The ARNs of the insights to describe. If you do not provide any + # The ARNs of the insights to describe. If you don't provide any # insight ARNs, then `GetInsights` returns all of your custom insights. # It does not return any managed insights. # # @option params [String] :next_token # The token that is required for pagination. On your first call to the @@ -6917,14 +6967,25 @@ def get_insights(params = {}, options = {}) req = build_request(:get_insights, params) req.send_request(options) end + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. + # + # </note> + # # Returns the count of all Security Hub membership invitations that were - # sent to the current member account, not including the currently + # sent to the calling member account, not including the currently # accepted invitation. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @return [Types::GetInvitationsCountResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::GetInvitationsCountResponse#invitations_count #invitations_count} => Integer # # @@ -7174,25 +7235,37 @@ def get_security_control_definition(params = {}, options = {}) req = build_request(:get_security_control_definition, params) req.send_request(options) end + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. + # + # </note> + # # Invites other Amazon Web Services accounts to become member accounts # for the Security Hub administrator account that the invitation is sent # from. # - # This operation is only used to invite accounts that do not belong to - # an organization. Organization accounts do not receive invitations. + # This operation is only used to invite accounts that don't belong to + # an Amazon Web Services organization. Organization accounts don't + # receive invitations. # # Before you can use this action to invite a member, you must first use # the `CreateMembers` action to create the member account in Security # Hub. # # When the account owner enables Security Hub and accepts the invitation # to become a member account, the administrator account can view the - # findings generated from the member account. + # findings generated in the member account. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @option params [required, Array<String>] :account_ids # The list of account IDs of the Amazon Web Services accounts to invite # to Security Hub as members. # # @return [Types::InviteMembersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -7562,13 +7635,13 @@ def list_enabled_products_for_import(params = {}, options = {}) req = build_request(:list_enabled_products_for_import, params) req.send_request(options) end - # If finding aggregation is enabled, then `ListFindingAggregators` - # returns the ARN of the finding aggregator. You can run this operation - # from any Region. + # If cross-Region aggregation is enabled, then `ListFindingAggregators` + # returns the Amazon Resource Name (ARN) of the finding aggregator. You + # can run this operation from any Amazon Web Services Region. # # @option params [String] :next_token # The token returned with the previous set of results. Identifies the # next set of results to return. # @@ -7620,17 +7693,28 @@ def list_finding_aggregators(params = {}, options = {}) req = build_request(:list_finding_aggregators, params) req.send_request(options) end + # <note markdown="1"> We recommend using Organizations instead of Security Hub invitations + # to manage your member accounts. For information, see [Managing + # Security Hub administrator and member accounts with Organizations][1] + # in the *Security Hub User Guide*. + # + # </note> + # # Lists all Security Hub membership invitations that were sent to the - # current Amazon Web Services account. + # calling account. # - # This operation is only used by accounts that are managed by - # invitation. Accounts that are managed using the integration with - # Organizations do not receive invitations. + # Only accounts that are managed by invitation can use this operation. + # Accounts that are managed using the integration with Organizations + # don't receive invitations. # + # + # + # [1]: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html + # # @option params [Integer] :max_results # The maximum number of items to return in the response. # # @option params [String] :next_token # The token that is required for pagination. On your first call to the @@ -8592,17 +8676,21 @@ def update_configuration_policy(params = {}, options = {}) req = build_request(:update_configuration_policy, params) req.send_request(options) end - # Updates the finding aggregation configuration. Used to update the - # Region linking mode and the list of included or excluded Regions. You - # cannot use `UpdateFindingAggregator` to change the aggregation Region. + # <note markdown="1"> The *aggregation Region* is now called the *home Region*. # - # You must run `UpdateFindingAggregator` from the current aggregation - # Region. + # </note> # + # Updates cross-Region aggregation settings. You can use this operation + # to update the Region linking mode and the list of included or excluded + # Amazon Web Services Regions. However, you can't use this operation to + # change the home Region. + # + # You can invoke this operation from the current home Region only. + # # @option params [required, String] :finding_aggregator_arn # The ARN of the finding aggregator. To obtain the ARN, use # `ListFindingAggregators`. # # @option params [required, String] :region_linking_mode @@ -8634,16 +8722,16 @@ # * `NO_REGIONS` - Aggregates no data because no Regions are selected as # linked Regions. # # @option params [Array<String>] :regions # If `RegionLinkingMode` is `ALL_REGIONS_EXCEPT_SPECIFIED`, then this is - # a space-separated list of Regions that do not aggregate findings to - # the aggregation Region. + # a space-separated list of Regions that don't replicate and send + # findings to the home Region. # # If `RegionLinkingMode` is `SPECIFIED_REGIONS`, then this is a - # space-separated list of Regions that do aggregate findings to the - # aggregation Region. + # space-separated list of Regions that do replicate and send findings to + # the home Region. # # An `InvalidInputException` error results if you populate this field # while `RegionLinkingMode` is `NO_REGIONS`. # # @return [Types::UpdateFindingAggregatorResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods: @@ -10458,10 +10546,10 @@ params: params, config: config, tracer: tracer ) context[:gem_name] = 'aws-sdk-securityhub' - context[:gem_version] = '1.120.0' + context[:gem_version] = '1.121.0' Seahorse::Client::Request.new(handlers, context) end # @api private # @deprecated