Expand description
Data structures used by operation inputs/outputs.
Modules§
Structs§
- Account
Details The details of an Amazon Web Services account.
- Action
Provides details about one of the following actions that affects or that was taken on a resource:
-
A remote IP address issued an Amazon Web Services API call
-
A DNS request was received
-
A remote IP address attempted to connect to an EC2 instance
-
A remote IP address attempted a port probe on an EC2 instance
-
- Action
Local IpDetails Provides information about the IP address where the scanned port is located.
- Action
Local Port Details For
NetworkConnectionActionandPortProbeDetails,LocalPortDetailsprovides information about the local port that was involved in the action.- Action
Remote IpDetails For
AwsApiAction,NetworkConnectionAction, andPortProbeAction,RemoteIpDetailsprovides information about the remote IP address that was involved in the action.- Action
Remote Port Details Provides information about the remote port that was involved in an attempted network connection.
- Action
Target An
ActionTargetobject.- Actor
Information about the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Actor
Session Contains information about the authenticated session used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Actor
User Contains information about the credentials used by the threat actor identified in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Adjustment
An adjustment to the CVSS metric.
- Admin
Account Represents a Security Hub administrator account designated by an organization management account.
- Aggregator
V2 Specifies a cross-Region data aggregation configuration, including the aggregation Region and any linked Regions.
- Associated
Standard Information about an enabled security standard in which a security control is enabled.
- Association
Filters Options for filtering the
ListConfigurationPolicyAssociationsresponse. You can filter by the Amazon Resource Name (ARN) or universally unique identifier (UUID) of a configuration policy,AssociationType, orAssociationStatus.- Association
SetDetails The associations between a route table and one or more subnets or a gateway.
- Association
State Details Describes the state of an association between a route table and a subnet or gateway.
- Automation
Rules Action One or more actions that Security Hub takes when a finding matches the defined criteria of a rule.
- Automation
Rules Action Type Object V2 Allows you to customize security response workflows.
- Automation
Rules Action V2 Allows you to configure automated responses.
- Automation
Rules Config Defines the configuration of an automation rule.
- Automation
Rules Finding Fields Update Identifies the finding fields that the automation rule action updates when a finding matches the defined criteria.
- Automation
Rules Finding Fields Update V2 Allows you to define the structure for modifying specific fields in security findings.
- Automation
Rules Finding Filters The criteria that determine which findings a rule applies to.
- Automation
Rules Metadata Metadata for automation rules in the calling account. The response includes rules with a
RuleStatusofENABLEDandDISABLED.- Automation
Rules Metadata V2 Includes essential metadata information about automation rules.
- Availability
Zone Information about an Availability Zone.
- AwsAmazon
MqBroker Details Provides details about an Amazon MQ message broker. A message broker allows software applications and components to communicate using various programming languages, operating systems, and formal messaging protocols.
- AwsAmazon
MqBroker Encryption Options Details Provides details about broker encryption options.
- AwsAmazon
MqBroker Ldap Server Metadata Details The metadata of the Lightweight Directory Access Protocol (LDAP) server used to authenticate and authorize connections to the broker. This is an optional failover server.
- AwsAmazon
MqBroker Logs Details Provides information about logs to be activated for the specified broker.
- AwsAmazon
MqBroker Logs Pending Details Provides information about logs to be activated for the specified broker.
- AwsAmazon
MqBroker Maintenance Window Start Time Details The scheduled time period (UTC) during which Amazon MQ begins to apply pending updates or patches to the broker.
- AwsAmazon
MqBroker Users Details Provides details about the broker usernames for the specified broker. Doesn't apply to RabbitMQ brokers.
- AwsApi
Call Action Provided if
ActionTypeisAWS_API_CALL. It provides details about the API call that was detected.- AwsApi
Call Action Domain Details Provided if
CallerTypeisdomain. It provides information about the DNS domain that issued the API call.- AwsApi
Gateway Access LogSettings Contains information about settings for logging access for the stage.
- AwsApi
Gateway Canary Settings Contains information about settings for canary deployment in the stage.
- AwsApi
Gateway Endpoint Configuration Contains information about the endpoints for the API.
- AwsApi
Gateway Method Settings Defines settings for a method for the stage.
- AwsApi
Gateway Rest ApiDetails Contains information about a REST API in version 1 of Amazon API Gateway.
- AwsApi
Gateway Stage Details Provides information about a version 1 Amazon API Gateway stage.
- AwsApi
Gateway V2Api Details Contains information about a version 2 API in Amazon API Gateway.
- AwsApi
Gateway V2Route Settings Contains route settings for a stage.
- AwsApi
Gateway V2Stage Details Contains information about a version 2 stage for Amazon API Gateway.
- AwsApp
Sync Graph QlApi Additional Authentication Providers Details A list of additional authentication providers for the GraphqlApi API.
- AwsApp
Sync Graph QlApi Details Provides details about an AppSync Graph QL API, which lets you query multiple databases, microservices, and APIs from a single GraphQL endpoint.
- AwsApp
Sync Graph QlApi Lambda Authorizer Config Details Specifies the authorization configuration for using an Lambda function with your AppSync GraphQL API endpoint.
- AwsApp
Sync Graph QlApi LogConfig Details Specifies the logging configuration when writing GraphQL operations and tracing to Amazon CloudWatch for an AppSync GraphQL API.
- AwsApp
Sync Graph QlApi Open IdConnect Config Details Specifies the authorization configuration for using an OpenID Connect compliant service with your AppSync GraphQL API endpoint.
- AwsApp
Sync Graph QlApi User Pool Config Details Specifies the authorization configuration for using Amazon Cognito user pools with your AppSync GraphQL API endpoint.
- AwsAthena
Work Group Configuration Details The configuration of the workgroup, which includes the location in Amazon Simple Storage Service (Amazon S3) where query results are stored, the encryption option, if any, used for query results, whether Amazon CloudWatch metrics are enabled for the workgroup, and the limit for the amount of bytes scanned (cutoff) per query, if it is specified.
- AwsAthena
Work Group Configuration Result Configuration Details The location in Amazon Simple Storage Service (Amazon S3) where query and calculation results are stored and the encryption option, if any, used for query and calculation results. These are known as client-side settings. If workgroup settings override client-side settings, then the query uses the workgroup settings.
- AwsAthena
Work Group Configuration Result Configuration Encryption Configuration Details Specifies the method used to encrypt the user’s data stores in the Athena workgroup.
- AwsAthena
Work Group Details Provides information about an Amazon Athena workgroup.
- AwsAuto
Scaling Auto Scaling Group Availability Zones List Details An Availability Zone for the automatic scaling group.
- AwsAuto
Scaling Auto Scaling Group Details Provides details about an auto scaling group.
- AwsAuto
Scaling Auto Scaling Group Launch Template Launch Template Specification Details about the launch template to use.
- AwsAuto
Scaling Auto Scaling Group Mixed Instances Policy Details The mixed instances policy for the automatic scaling group.
- AwsAuto
Scaling Auto Scaling Group Mixed Instances Policy Instances Distribution Details Information about the instances distribution.
- AwsAuto
Scaling Auto Scaling Group Mixed Instances Policy Launch Template Details Describes a launch template and overrides for a mixed instances policy.
- AwsAuto
Scaling Auto Scaling Group Mixed Instances Policy Launch Template Launch Template Specification Details about the launch template to use for a mixed instances policy.
- AwsAuto
Scaling Auto Scaling Group Mixed Instances Policy Launch Template Overrides List Details Property values to use to override the values in the launch template.
- AwsAuto
Scaling Launch Configuration Block Device Mappings Details A block device for the instance.
- AwsAuto
Scaling Launch Configuration Block Device Mappings EbsDetails Parameters that are used to automatically set up EBS volumes when an instance is launched.
- AwsAuto
Scaling Launch Configuration Details Details about a launch configuration.
- AwsAuto
Scaling Launch Configuration Instance Monitoring Details Information about the type of monitoring for instances in the group.
- AwsAuto
Scaling Launch Configuration Metadata Options The metadata options for the instances.
- AwsBackup
Backup Plan Advanced Backup Settings Details Provides a list of backup options for each resource type.
- AwsBackup
Backup Plan Backup Plan Details Provides details about an Backup backup plan and an array of
BackupRuleobjects, each of which specifies a backup rule.- AwsBackup
Backup Plan Details Provides details about an Backup backup plan and an array of
BackupRuleobjects, each of which specifies a backup rule.- AwsBackup
Backup Plan Lifecycle Details Provides lifecycle details for the backup plan. A lifecycle defines when a backup is transitioned to cold storage and when it expires.
- AwsBackup
Backup Plan Rule Copy Actions Details An array of
CopyActionobjects, each of which contains details of the copy operation.- AwsBackup
Backup Plan Rule Details Provides details about an array of
BackupRuleobjects, each of which specifies a scheduled task that is used to back up a selection of resources.- AwsBackup
Backup Vault Details Provides details about an Backup backup vault. In Backup, a backup vault is a container that stores and organizes your backups.
- AwsBackup
Backup Vault Notifications Details Provides details about the Amazon SNS event notifications for the specified backup vault.
- AwsBackup
Recovery Point Calculated Lifecycle Details Specifies how long in days before a recovery point transitions to cold storage or is deleted.
- AwsBackup
Recovery Point Created ByDetails Contains information about the backup plan and rule that Backup used to initiate the recovery point backup.
- AwsBackup
Recovery Point Details Contains detailed information about the recovery points stored in an Backup backup vault. A backup, or recovery point, represents the content of a resource at a specified time.
- AwsBackup
Recovery Point Lifecycle Details Contains an array of Transition objects specifying how long in days before a recovery point transitions to cold storage or is deleted.
- AwsCertificate
Manager Certificate Details Provides details about an Certificate Manager certificate.
- AwsCertificate
Manager Certificate Domain Validation Option Contains information about one of the following:
-
The initial validation of each domain name that occurs as a result of the
RequestCertificaterequest -
The validation of each domain name in the certificate, as it pertains to Certificate Manager managed renewal
-
- AwsCertificate
Manager Certificate Extended KeyUsage Contains information about an extended key usage X.509 v3 extension object.
- AwsCertificate
Manager Certificate KeyUsage Contains information about a key usage X.509 v3 extension object.
- AwsCertificate
Manager Certificate Options Contains other options for the certificate.
- AwsCertificate
Manager Certificate Renewal Summary Contains information about the Certificate Manager managed renewal for an
AMAZON_ISSUEDcertificate.- AwsCertificate
Manager Certificate Resource Record Provides details about the CNAME record that is added to the DNS database for domain validation.
- AwsCloud
Formation Stack Details Nests a stack as a resource in a top-level template. Nested stacks are stacks created as resources for another stack.
- AwsCloud
Formation Stack Drift Information Details Provides information about the stack's conformity to its expected template configuration.
- AwsCloud
Formation Stack Outputs Details Provides information about the CloudFormation stack output.
- AwsCloud
Front Distribution Cache Behavior Information about a cache behavior for the distribution.
- AwsCloud
Front Distribution Cache Behaviors Provides information about caching for the CloudFront distribution.
- AwsCloud
Front Distribution Default Cache Behavior Contains information about the default cache configuration for the CloudFront distribution.
- AwsCloud
Front Distribution Details A CloudFront distribution configuration.
- AwsCloud
Front Distribution Logging A complex type that controls whether access logs are written for the CloudFront distribution.
- AwsCloud
Front Distribution Origin Custom Origin Config A custom origin. A custom origin is any origin that is not an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is configured with static website hosting is a custom origin.
- AwsCloud
Front Distribution Origin Group Information about an origin group for the CloudFront distribution.
- AwsCloud
Front Distribution Origin Group Failover Provides information about when an origin group fails over.
- AwsCloud
Front Distribution Origin Group Failover Status Codes The status codes that cause an origin group to fail over.
- AwsCloud
Front Distribution Origin Groups Provides information about origin groups that are associated with the CloudFront distribution.
- AwsCloud
Front Distribution Origin Item A complex type that describes the Amazon S3 bucket, HTTP server (for example, a web server), Elemental MediaStore, or other server from which CloudFront gets your files.
- AwsCloud
Front Distribution Origin S3Origin Config Information about an origin that is an Amazon S3 bucket that is not configured with static website hosting.
- AwsCloud
Front Distribution Origin SslProtocols A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an HTTPS connection with your origin.
- AwsCloud
Front Distribution Origins A complex type that contains information about origins and origin groups for this CloudFront distribution.
- AwsCloud
Front Distribution Viewer Certificate Provides information about the TLS/SSL configuration that the CloudFront distribution uses to communicate with viewers.
- AwsCloud
Trail Trail Details Provides details about a CloudTrail trail.
- AwsCloud
Watch Alarm Details Specifies an alarm and associates it with the specified metric or metric math expression.
- AwsCloud
Watch Alarm Dimensions Details Details about the dimensions for the metric associated with the alarm.
- AwsCode
Build Project Artifacts Details Information about the build artifacts for the CodeBuild project.
- AwsCode
Build Project Details Information about an CodeBuild project.
- AwsCode
Build Project Environment Information about the build environment for this build project.
- AwsCode
Build Project Environment Environment Variables Details Information about an environment variable that is available to builds for the build project.
- AwsCode
Build Project Environment Registry Credential The credentials for access to a private registry.
- AwsCode
Build Project Logs Config Cloud Watch Logs Details Information about CloudWatch Logs for the build project.
- AwsCode
Build Project Logs Config Details Information about logs for the build project.
- AwsCode
Build Project Logs Config S3Logs Details Information about logs built to an S3 bucket for a build project.
- AwsCode
Build Project Source Information about the build input source code for this build project.
- AwsCode
Build Project VpcConfig Information about the VPC configuration that CodeBuild accesses.
- AwsCors
Configuration Contains the cross-origin resource sharing (CORS) configuration for the API. CORS is only supported for HTTP APIs.
- AwsDms
Endpoint Details Provides details about an Database Migration Service (DMS) endpoint. An endpoint provides connection, data store type, and location information about your data store.
- AwsDms
Replication Instance Details Provides details about an Database Migration Service (DMS) replication instance. DMS uses a replication instance to connect to your source data store, read the source data, and format the data for consumption by the target data store.
- AwsDms
Replication Instance Replication Subnet Group Details Provides details about the replication subnet group.
- AwsDms
Replication Instance VpcSecurity Groups Details Provides details about the virtual private cloud (VPC) security group that’s associated with the replication instance.
- AwsDms
Replication Task Details Provides details about an Database Migration Service (DMS) replication task. A replication task moves a set of data from the source endpoint to the target endpoint.
- AwsDynamo
DbTable Attribute Definition Contains a definition of an attribute for the table.
- AwsDynamo
DbTable Billing Mode Summary Provides information about the billing for read/write capacity on the table.
- AwsDynamo
DbTable Details Provides details about a DynamoDB table.
- AwsDynamo
DbTable Global Secondary Index Information abut a global secondary index for the table.
- AwsDynamo
DbTable KeySchema A component of the key schema for the DynamoDB table, a global secondary index, or a local secondary index.
- AwsDynamo
DbTable Local Secondary Index Information about a local secondary index for a DynamoDB table.
- AwsDynamo
DbTable Projection For global and local secondary indexes, identifies the attributes that are copied from the table into the index.
- AwsDynamo
DbTable Provisioned Throughput Information about the provisioned throughput for the table or for a global secondary index.
- AwsDynamo
DbTable Provisioned Throughput Override Replica-specific configuration for the provisioned throughput.
- AwsDynamo
DbTable Replica Information about a replica of a DynamoDB table.
- AwsDynamo
DbTable Replica Global Secondary Index Information about a global secondary index for a DynamoDB table replica.
- AwsDynamo
DbTable Restore Summary Information about the restore for the table.
- AwsDynamo
DbTable SseDescription Information about the server-side encryption for the table.
- AwsDynamo
DbTable Stream Specification The current DynamoDB Streams configuration for the table.
- AwsEc2
Client VpnEndpoint Authentication Options Active Directory Details Provides details about an Active Directory that’s used to authenticate an Client VPN endpoint.
- AwsEc2
Client VpnEndpoint Authentication Options Details Information about the authentication method used by the Client VPN endpoint.
- AwsEc2
Client VpnEndpoint Authentication Options Federated Authentication Details Describes the IAM SAML identity providers used for federated authentication.
- AwsEc2
Client VpnEndpoint Authentication Options Mutual Authentication Details Information about the client certificate used for authentication.
- AwsEc2
Client VpnEndpoint Client Connect Options Details The options for managing connection authorization for new client connections.
- AwsEc2
Client VpnEndpoint Client Connect Options Status Details Describes the status of the Client VPN endpoint attribute.
- AwsEc2
Client VpnEndpoint Client Login Banner Options Details Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
- AwsEc2
Client VpnEndpoint Connection LogOptions Details Information about the client connection logging options for the Client VPN endpoint.
- AwsEc2
Client VpnEndpoint Details Describes an Client VPN endpoint. A Client VPN endpoint is the resource that you create and configure to enable and manage client VPN sessions. It's the termination point for all client VPN sessions.
- AwsEc2
EipDetails Information about an Elastic IP address.
- AwsEc2
Instance Details The details of an Amazon EC2 instance.
- AwsEc2
Instance Metadata Options Metadata options that allow you to configure and secure the Amazon EC2 instance.
- AwsEc2
Instance Monitoring Details The type of monitoring that’s turned on for an Amazon EC2 instance.
- AwsEc2
Instance Network Interfaces Details Identifies a network interface for the Amazon EC2 instance.
- AwsEc2
Launch Template Data Block Device Mapping SetDetails Information about a block device mapping for an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
- AwsEc2
Launch Template Data Block Device Mapping SetEbs Details Parameters for a block device for an Amazon Elastic Block Store (Amazon EBS) volume in an Amazon EC2 launch template.
- AwsEc2
Launch Template Data Capacity Reservation Specification Capacity Reservation Target Details Information about the target Capacity Reservation or Capacity Reservation group in which to run an Amazon EC2 instance.
- AwsEc2
Launch Template Data Capacity Reservation Specification Details Specifies the Capacity Reservation targeting option of an Amazon EC2 instance.
- AwsEc2
Launch Template Data CpuOptions Details Specifies the CPU options for an Amazon EC2 instance. For more information, see Optimize CPU options in the Amazon Elastic Compute Cloud User Guide.
- AwsEc2
Launch Template Data Credit Specification Details Specifies the credit option for CPU usage of a T2, T3, or T3a Amazon EC2 instance.
- AwsEc2
Launch Template Data Details The information to include in an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
- AwsEc2
Launch Template Data Elastic GpuSpecification SetDetails Provides details about an Elastic Graphics specification for an Amazon EC2 launch template.
- AwsEc2
Launch Template Data Elastic Inference Accelerator SetDetails Provides details for an Amazon Elastic Inference accelerator.
- AwsEc2
Launch Template Data Enclave Options Details Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.
- AwsEc2
Launch Template Data Hibernation Options Details Specifies whether your Amazon EC2 instance is configured for hibernation.
- AwsEc2
Launch Template Data IamInstance Profile Details Provides details for an Identity and Access Management (IAM) instance profile, which is a container for an IAM role for your instance.
- AwsEc2
Launch Template Data Instance Market Options Details Provides details about the market (purchasing) option for an Amazon EC2 instance.
- AwsEc2
Launch Template Data Instance Market Options Spot Options Details Provides details about the market (purchasing) options for Spot Instances.
- AwsEc2
Launch Template Data Instance Requirements Accelerator Count Details The minimum and maximum number of accelerators (GPUs, FPGAs, or Amazon Web Services Inferentia chips) on an Amazon EC2 instance.
- AwsEc2
Launch Template Data Instance Requirements Accelerator Total Memory MiBDetails The minimum and maximum amount of memory, in MiB, for the accelerators on an Amazon EC2 instance.
- AwsEc2
Launch Template Data Instance Requirements Baseline EbsBandwidth Mbps Details The minimum and maximum baseline bandwidth to Amazon Elastic Block Store (Amazon EBS), in Mbps. For more information, see Amazon EBS–optimized instances in the Amazon EC2 User Guide.
- AwsEc2
Launch Template Data Instance Requirements Details The attributes for the Amazon EC2 instance types.
- AwsEc2
Launch Template Data Instance Requirements Memory GiBPerV CpuDetails The minimum and maximum amount of memory per vCPU, in GiB.
- AwsEc2
Launch Template Data Instance Requirements Memory MiBDetails The minimum and maximum amount of memory, in MiB, for an Amazon EC2 instance.
- AwsEc2
Launch Template Data Instance Requirements Network Interface Count Details The minimum and maximum number of network interfaces to be attached to an Amazon EC2 instance.
- AwsEc2
Launch Template Data Instance Requirements Total Local Storage GbDetails The minimum and maximum amount of total local storage, in GB, that an Amazon EC2 instance uses.
- AwsEc2
Launch Template Data Instance RequirementsV CpuCount Details The minimum and maximum number of vCPUs for an Amazon EC2 instance.
- AwsEc2
Launch Template Data License SetDetails Provides details about the license configuration for an Amazon EC2 instance.
- AwsEc2
Launch Template Data Maintenance Options Details The maintenance options of an Amazon EC2 instance.
- AwsEc2
Launch Template Data Metadata Options Details Specifies the metadata options for an Amazon EC2 instance.
- AwsEc2
Launch Template Data Monitoring Details The monitoring for an Amazon EC2 instance.
- AwsEc2
Launch Template Data Network Interface SetDetails One or more network interfaces to attach to an Amazon EC2 instance. If you specify a network interface, you must specify security groups and subnets as part of the network interface.
- AwsEc2
Launch Template Data Network Interface SetIpv4 Prefixes Details Provides details on one or more IPv4 prefixes for a network interface.
- AwsEc2
Launch Template Data Network Interface SetIpv6 Addresses Details Specifies an IPv6 address in an Amazon EC2 launch template.
- AwsEc2
Launch Template Data Network Interface SetIpv6 Prefixes Details Provides details on one or more IPv6 prefixes to be assigned to the network interface.
- AwsEc2
Launch Template Data Network Interface SetPrivate IpAddresses Details One or more private IPv4 addresses.
- AwsEc2
Launch Template Data Placement Details Provides details about the placement of an Amazon EC2 instance.
- AwsEc2
Launch Template Data Private DnsName Options Details Describes the options for Amazon EC2 instance hostnames.
- AwsEc2
Launch Template Details Specifies the properties for creating an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
- AwsEc2
Network AclAssociation An association between the network ACL and a subnet.
- AwsEc2
Network AclDetails Contains details about an Amazon EC2 network access control list (ACL).
- AwsEc2
Network AclEntry A rule for the network ACL. Each rule allows or denies access based on the IP address, traffic direction, port, and protocol.
- AwsEc2
Network Interface Attachment Information about the network interface attachment.
- AwsEc2
Network Interface Details Details about the network interface
- AwsEc2
Network Interface IpV6 Address Detail Provides information about an IPV6 address that is associated with the network interface.
- AwsEc2
Network Interface Private IpAddress Detail Provides information about a private IPv4 address that is with the network interface.
- AwsEc2
Network Interface Security Group A security group associated with the network interface.
- AwsEc2
Route Table Details Provides details about a route table for the specified VPC.
- AwsEc2
Security Group Details Details about an Amazon EC2 security group.
- AwsEc2
Security Group IpPermission An IP permission for an EC2 security group.
- AwsEc2
Security Group IpRange A range of IPv4 addresses.
- AwsEc2
Security Group Ipv6 Range A range of IPv6 addresses.
- AwsEc2
Security Group Prefix List Id A prefix list ID.
- AwsEc2
Security Group User IdGroup Pair A relationship between a security group and a user.
- AwsEc2
Subnet Details Contains information about a subnet in Amazon EC2.
- AwsEc2
Transit Gateway Details Information about an Amazon Web Services Amazon EC2 Transit Gateway that interconnects virtual private clouds (VPCs) and on-premises networks.
- AwsEc2
Volume Attachment An attachment to an Amazon EC2 volume.
- AwsEc2
Volume Details Details about an EC2 volume.
- AwsEc2
VpcDetails Details about an EC2 VPC.
- AwsEc2
VpcEndpoint Service Details Contains details about the service configuration for a VPC endpoint service.
- AwsEc2
VpcEndpoint Service Service Type Details The service type information for a VPC endpoint service.
- AwsEc2
VpcPeering Connection Details Provides information about a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection.
- AwsEc2
VpcPeering Connection Status Details Details about the status of the VPC peering connection.
- AwsEc2
VpcPeering Connection VpcInfo Details Describes a VPC in a VPC peering connection.
- AwsEc2
VpnConnection Details Details about an Amazon EC2 VPN connection.
- AwsEc2
VpnConnection Options Details VPN connection options.
- AwsEc2
VpnConnection Options Tunnel Options Details The VPN tunnel options.
- AwsEc2
VpnConnection Routes Details A static routes associated with the VPN connection.
- AwsEc2
VpnConnection VgwTelemetry Details Information about the VPN tunnel.
- AwsEcr
Container Image Details Information about an Amazon ECR image.
- AwsEcr
Repository Details Provides information about an Amazon Elastic Container Registry repository.
- AwsEcr
Repository Image Scanning Configuration Details The image scanning configuration for a repository.
- AwsEcr
Repository Lifecycle Policy Details Information about the lifecycle policy for the repository.
- AwsEcs
Cluster Cluster Settings Details Indicates whether to enable CloudWatch Container Insights for the ECS cluster.
- AwsEcs
Cluster Configuration Details The run command configuration for the cluster.
- AwsEcs
Cluster Configuration Execute Command Configuration Details Contains the run command configuration for the cluster.
- AwsEcs
Cluster Configuration Execute Command Configuration LogConfiguration Details The log configuration for the results of the run command actions.
- AwsEcs
Cluster Default Capacity Provider Strategy Details The default capacity provider strategy for the cluster. The default capacity provider strategy is used when services or tasks are run without a specified launch type or capacity provider strategy.
- AwsEcs
Cluster Details Provides details about an Amazon ECS cluster.
- AwsEcs
Container Details Provides information about an Amazon ECS container.
- AwsEcs
Service Capacity Provider Strategy Details Strategy item for the capacity provider strategy that the service uses.
- AwsEcs
Service Deployment Configuration Deployment Circuit Breaker Details Determines whether a service deployment fails if a service cannot reach a steady state.
- AwsEcs
Service Deployment Configuration Details Optional deployment parameters for the service.
- AwsEcs
Service Deployment Controller Details Information about the deployment controller type that the service uses.
- AwsEcs
Service Details Provides details about a service within an ECS cluster.
- AwsEcs
Service Load Balancers Details Information about a load balancer that the service uses.
- AwsEcs
Service Network Configuration AwsVpc Configuration Details For tasks that use the
awsvpcnetworking mode, the VPC subnet and security group configuration.- AwsEcs
Service Network Configuration Details For tasks that use the
awsvpcnetworking mode, the VPC subnet and security group configuration.- AwsEcs
Service Placement Constraints Details A placement constraint for the tasks in the service.
- AwsEcs
Service Placement Strategies Details A placement strategy that determines how to place the tasks for the service.
- AwsEcs
Service Service Registries Details Information about a service discovery registry to assign to the service.
- AwsEcs
Task Definition Container Definitions Depends OnDetails A dependency that is defined for container startup and shutdown.
- AwsEcs
Task Definition Container Definitions Details A container definition that describes a container in the task.
- AwsEcs
Task Definition Container Definitions Environment Details An environment variable to pass to the container.
- AwsEcs
Task Definition Container Definitions Environment Files Details A file that contain environment variables to pass to a container.
- AwsEcs
Task Definition Container Definitions Extra Hosts Details A hostname and IP address mapping to append to the /etc/hosts file on the container.
- AwsEcs
Task Definition Container Definitions Firelens Configuration Details The FireLens configuration for the container. The configuration specifies and configures a log router for container logs.
- AwsEcs
Task Definition Container Definitions Health Check Details The container health check command and associated configuration parameters for the container.
- AwsEcs
Task Definition Container Definitions Linux Parameters Capabilities Details The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker.
- AwsEcs
Task Definition Container Definitions Linux Parameters Details >Linux-specific modifications that are applied to the container, such as Linux kernel capabilities.
- AwsEcs
Task Definition Container Definitions Linux Parameters Devices Details A host device to expose to the container.
- AwsEcs
Task Definition Container Definitions Linux Parameters Tmpfs Details The container path, mount options, and size (in MiB) of a tmpfs mount.
- AwsEcs
Task Definition Container Definitions LogConfiguration Details The log configuration specification for the container.
- AwsEcs
Task Definition Container Definitions LogConfiguration Secret Options Details A secret to pass to the log configuration.
- AwsEcs
Task Definition Container Definitions Mount Points Details A mount point for the data volumes in the container.
- AwsEcs
Task Definition Container Definitions Port Mappings Details A port mapping for the container.
- AwsEcs
Task Definition Container Definitions Repository Credentials Details The private repository authentication credentials to use.
- AwsEcs
Task Definition Container Definitions Resource Requirements Details A resource to assign to a container.
- AwsEcs
Task Definition Container Definitions Secrets Details A secret to pass to the container.
- AwsEcs
Task Definition Container Definitions System Controls Details A namespaced kernel parameter to set in the container.
- AwsEcs
Task Definition Container Definitions Ulimits Details A ulimit to set in the container.
- AwsEcs
Task Definition Container Definitions Volumes From Details A data volume to mount from another container.
- AwsEcs
Task Definition Details Details about a task definition. A task definition describes the container and volume definitions of an Amazon Elastic Container Service task.
- AwsEcs
Task Definition Inference Accelerators Details An Elastic Inference accelerator to use for the containers in the task.
- AwsEcs
Task Definition Placement Constraints Details A placement constraint object to use for tasks.
- AwsEcs
Task Definition Proxy Configuration Details The configuration details for the App Mesh proxy.
- AwsEcs
Task Definition Proxy Configuration Proxy Configuration Properties Details A network configuration parameter to provide to the Container Network Interface (CNI) plugin.
- AwsEcs
Task Definition Volumes Details A data volume to mount from another container.
- AwsEcs
Task Definition Volumes Docker Volume Configuration Details Information about a Docker volume.
- AwsEcs
Task Definition Volumes EfsVolume Configuration Authorization Config Details - AwsEcs
Task Definition Volumes EfsVolume Configuration Details Information about the Amazon Elastic File System file system that is used for task storage.
- AwsEcs
Task Definition Volumes Host Details Information about a bind mount host volume.
- AwsEcs
Task Details Provides details about a task in a cluster.
- AwsEcs
Task Volume Details Provides information about a data volume that's used in a task definition.
- AwsEcs
Task Volume Host Details Provides details on a container instance bind mount host volume.
- AwsEfs
Access Point Details Provides information about an Amazon EFS access point.
- AwsEfs
Access Point Posix User Details Provides details for all file system operations using this Amazon EFS access point.
- AwsEfs
Access Point Root Directory Creation Info Details Provides information about the settings that Amazon EFS uses to create the root directory when a client connects to an access point.
- AwsEfs
Access Point Root Directory Details Provides information about the directory on the Amazon EFS file system that the access point exposes as the root directory to NFS clients using the access point.
- AwsEks
Cluster Details Provides details about an Amazon EKS cluster.
- AwsEks
Cluster Logging Cluster Logging Details Details for a cluster logging configuration.
- AwsEks
Cluster Logging Details The logging configuration for an Amazon EKS cluster.
- AwsEks
Cluster Resources VpcConfig Details Information about the VPC configuration used by the cluster control plane.
- AwsElastic
Beanstalk Environment Details Contains details about an Elastic Beanstalk environment.
- AwsElastic
Beanstalk Environment Environment Link Contains information about a link to another environment that is in the same group.
- AwsElastic
Beanstalk Environment Option Setting A configuration option setting for the environment.
- AwsElastic
Beanstalk Environment Tier Contains information about the tier of the environment.
- AwsElasticsearch
Domain Details Information about an Elasticsearch domain.
- AwsElasticsearch
Domain Domain Endpoint Options Additional options for the domain endpoint, such as whether to require HTTPS for all traffic.
- AwsElasticsearch
Domain Elasticsearch Cluster Config Details details about the configuration of an OpenSearch cluster.
- AwsElasticsearch
Domain Elasticsearch Cluster Config Zone Awareness Config Details Configuration options for zone awareness.
- AwsElasticsearch
Domain Encryption AtRest Options Details about the configuration for encryption at rest.
- AwsElasticsearch
Domain LogPublishing Options configures the CloudWatch Logs to publish for the Elasticsearch domain.
- AwsElasticsearch
Domain LogPublishing Options LogConfig The log configuration.
- AwsElasticsearch
Domain Node ToNode Encryption Options Details about the configuration for node-to-node encryption.
- AwsElasticsearch
Domain Service Software Options Information about the state of the domain relative to the latest service software.
- AwsElasticsearch
Domain VpcOptions Information that OpenSearch derives based on
VPCOptionsfor the domain.- AwsElb
AppCookie Stickiness Policy Contains information about a stickiness policy that was created using
CreateAppCookieStickinessPolicy.- AwsElb
LbCookie Stickiness Policy Contains information about a stickiness policy that was created using
CreateLBCookieStickinessPolicy.- AwsElb
Load Balancer Access Log Contains information about the access log configuration for the load balancer.
- AwsElb
Load Balancer Additional Attribute Provides information about additional attributes for the load balancer.
- AwsElb
Load Balancer Attributes Contains attributes for the load balancer.
- AwsElb
Load Balancer Backend Server Description Provides information about the configuration of an EC2 instance for the load balancer.
- AwsElb
Load Balancer Connection Draining Contains information about the connection draining configuration for the load balancer.
- AwsElb
Load Balancer Connection Settings Contains connection settings for the load balancer.
- AwsElb
Load Balancer Cross Zone Load Balancing Contains cross-zone load balancing settings for the load balancer.
- AwsElb
Load Balancer Details Contains details about a Classic Load Balancer.
- AwsElb
Load Balancer Health Check Contains information about the health checks that are conducted on the load balancer.
- AwsElb
Load Balancer Instance Provides information about an EC2 instance for a load balancer.
- AwsElb
Load Balancer Listener Information about a load balancer listener.
- AwsElb
Load Balancer Listener Description Lists the policies that are enabled for a load balancer listener.
- AwsElb
Load Balancer Policies Contains information about the policies for a load balancer.
- AwsElb
Load Balancer Source Security Group Contains information about the security group for the load balancer.
- AwsElbv2
Load Balancer Attribute A load balancer attribute.
- AwsElbv2
Load Balancer Details Information about a load balancer.
- AwsEvent
Schemas Registry Details A schema defines the structure of events that are sent to Amazon EventBridge. Schema registries are containers for schemas. They collect and organize schemas so that your schemas are in logical groups.
- AwsEvents
Endpoint Details Provides details about an Amazon EventBridge global endpoint. The endpoint can improve your application’s availability by making it Regional-fault tolerant.
- AwsEvents
Endpoint Event Buses Details Provides details about the Amazon EventBridge event buses that the endpoint is associated with.
- AwsEvents
Endpoint Replication Config Details Indicates whether replication is enabled or disabled for the endpoint. If enabled, the endpoint can replicate all events to a secondary Amazon Web Services Region.
- AwsEvents
Endpoint Routing Config Details Provides details about the routing configuration of the endpoint.
- AwsEvents
Endpoint Routing Config Failover Config Details The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered.
- AwsEvents
Endpoint Routing Config Failover Config Primary Details Provides details about the primary Amazon Web Services Region of the endpoint.
- AwsEvents
Endpoint Routing Config Failover Config Secondary Details The Amazon Web Services Region that events are routed to when failover is triggered or event replication is enabled.
- AwsEvents
Eventbus Details Provides details about Amazon EventBridge event bus. An event bus is a router that receives events and delivers them to zero or more destinations, or targets. This can be a custom event bus which you can use to receive events from your custom applications and services, or it can be a partner event bus which can be matched to a partner event source.
- AwsGuard
Duty Detector Data Sources Cloud Trail Details An object that contains information on the status of CloudTrail as a data source for the detector.
- AwsGuard
Duty Detector Data Sources Details Describes which data sources are activated for the detector.
- AwsGuard
Duty Detector Data Sources DnsLogs Details An object that contains information on the status of DNS logs as a data source for the detector.
- AwsGuard
Duty Detector Data Sources Flow Logs Details An object that contains information on the status of VPC Flow Logs as a data source for the detector.
- AwsGuard
Duty Detector Data Sources Kubernetes Audit Logs Details An object that contains information on the status of Kubernetes audit logs as a data source for the detector.
- AwsGuard
Duty Detector Data Sources Kubernetes Details An object that contains information on the status of Kubernetes data sources for the detector.
- AwsGuard
Duty Detector Data Sources Malware Protection Details An object that contains information on the status of Malware Protection as a data source for the detector.
- AwsGuard
Duty Detector Data Sources Malware Protection Scan Ec2Instance With Findings Details Describes the configuration of Malware Protection for EC2 instances with findings.
- AwsGuard
Duty Detector Data Sources Malware Protection Scan Ec2Instance With Findings EbsVolumes Details Describes the configuration of scanning EBS volumes (Malware Protection) as a data source.
- AwsGuard
Duty Detector Data Sources S3Logs Details An object that contains information on the status of S3 data event logs as a data source for the detector.
- AwsGuard
Duty Detector Details Provides details about an Amazon GuardDuty detector. A detector is an object that represents the GuardDuty service. A detector is required for GuardDuty to become operational.
- AwsGuard
Duty Detector Features Details Describes which features are activated for the detector.
- AwsIam
Access KeyDetails IAM access key details related to a finding.
- AwsIam
Access KeySession Context Provides information about the session that the key was used for.
- AwsIam
Access KeySession Context Attributes Attributes of the session that the key was used for.
- AwsIam
Access KeySession Context Session Issuer Information about the entity that created the session.
- AwsIam
Attached Managed Policy A managed policy that is attached to an IAM principal.
- AwsIam
Group Details Contains details about an IAM group.
- AwsIam
Group Policy A managed policy that is attached to the IAM group.
- AwsIam
Instance Profile Information about an instance profile.
- AwsIam
Instance Profile Role Information about a role associated with an instance profile.
- AwsIam
Permissions Boundary Information about the policy used to set the permissions boundary for an IAM principal.
- AwsIam
Policy Details Represents an IAM permissions policy.
- AwsIam
Policy Version A version of an IAM policy.
- AwsIam
Role Details Contains information about an IAM role, including all of the role's policies.
- AwsIam
Role Policy An inline policy that is embedded in the role.
- AwsIam
User Details Information about an IAM user.
- AwsIam
User Policy Information about an inline policy that is embedded in the user.
- AwsKinesis
Stream Details Provides information about an Amazon Kinesis data stream.
- AwsKinesis
Stream Stream Encryption Details Provides information about stream encryption.
- AwsKms
KeyDetails Contains metadata about an KMS key.
- AwsLambda
Function Code The code for the Lambda function. You can specify either an object in Amazon S3, or upload a deployment package directly.
- AwsLambda
Function Dead Letter Config The dead-letter queue for failed asynchronous invocations.
- AwsLambda
Function Details Details about an Lambda function's configuration.
- AwsLambda
Function Environment A function's environment variable settings.
- AwsLambda
Function Environment Error Error messages for environment variables that could not be applied.
- AwsLambda
Function Layer An Lambda layer.
- AwsLambda
Function Tracing Config The function's X-Ray tracing configuration.
- AwsLambda
Function VpcConfig The VPC security groups and subnets that are attached to a Lambda function.
- AwsLambda
Layer Version Details Details about a Lambda layer version.
- AwsMount
Point Details for a volume mount point that's used in a container definition.
- AwsMsk
Cluster Cluster Info Client Authentication Details Provides details about different modes of client authentication.
- AwsMsk
Cluster Cluster Info Client Authentication Sasl Details Provides details for client authentication using SASL.
- AwsMsk
Cluster Cluster Info Client Authentication Sasl IamDetails Details for SASL/IAM client authentication.
- AwsMsk
Cluster Cluster Info Client Authentication Sasl Scram Details Details for SASL/SCRAM client authentication.
- AwsMsk
Cluster Cluster Info Client Authentication TlsDetails Provides details for client authentication using TLS.
- AwsMsk
Cluster Cluster Info Client Authentication Unauthenticated Details Provides details for allowing no client authentication.
- AwsMsk
Cluster Cluster Info Details Provide details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
- AwsMsk
Cluster Cluster Info Encryption Info Details Includes encryption-related information, such as the KMS key used for encrypting data at rest and whether you want MSK to encrypt your data in transit.
- AwsMsk
Cluster Cluster Info Encryption Info Encryption AtRest Details The data-volume encryption details. You can't update encryption at rest settings for existing clusters.
- AwsMsk
Cluster Cluster Info Encryption Info Encryption InTransit Details The settings for encrypting data in transit.
- AwsMsk
Cluster Details Provides details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
- AwsNetwork
Firewall Firewall Details Details about an Network Firewall firewall.
- AwsNetwork
Firewall Firewall Policy Details Details about a firewall policy. A firewall policy defines the behavior of a network firewall.
- AwsNetwork
Firewall Firewall Subnet Mappings Details A public subnet that Network Firewall uses for the firewall.
- AwsNetwork
Firewall Rule Group Details Details about an Network Firewall rule group. Rule groups are used to inspect and control network traffic. Stateless rule groups apply to individual packets. Stateful rule groups apply to packets in the context of their traffic flow.
Rule groups are referenced in firewall policies.
- AwsOpen
Search Service Domain Advanced Security Options Details Provides information about domain access control options.
- AwsOpen
Search Service Domain Cluster Config Details Details about the configuration of an OpenSearch cluster.
- AwsOpen
Search Service Domain Cluster Config Zone Awareness Config Details Configuration options for zone awareness.
- AwsOpen
Search Service Domain Details Information about an Amazon OpenSearch Service domain.
- AwsOpen
Search Service Domain Domain Endpoint Options Details Information about additional options for the domain endpoint.
- AwsOpen
Search Service Domain Encryption AtRest Options Details Details about the configuration for encryption at rest for the OpenSearch domain.
- AwsOpen
Search Service Domain LogPublishing Option Configuration details for a log publishing option.
- AwsOpen
Search Service Domain LogPublishing Options Details Configures the CloudWatch Logs to publish for the OpenSearch domain.
- AwsOpen
Search Service Domain Master User Options Details Specifies information about the master user of the domain.
- AwsOpen
Search Service Domain Node ToNode Encryption Options Details Provides details about the configuration for node-to-node encryption.
- AwsOpen
Search Service Domain Service Software Options Details Provides information about the state of the domain relative to the latest service software.
- AwsOpen
Search Service Domain VpcOptions Details Contains information that OpenSearch Service derives based on the
VPCOptionsfor the domain.- AwsRds
DbCluster Associated Role An IAM role that is associated with the Amazon RDS DB cluster.
- AwsRds
DbCluster Details Information about an Amazon RDS DB cluster.
- AwsRds
DbCluster Member Information about an instance in the DB cluster.
- AwsRds
DbCluster Option Group Membership Information about an option group membership for a DB cluster.
- AwsRds
DbCluster Snapshot DbCluster Snapshot Attribute Contains the name and values of a manual Amazon Relational Database Service (RDS) DB cluster snapshot attribute.
- AwsRds
DbCluster Snapshot Details Information about an Amazon RDS DB cluster snapshot.
- AwsRds
DbDomain Membership Information about an Active Directory domain membership record associated with the DB instance.
- AwsRds
DbInstance Associated Role An IAM role associated with the DB instance.
- AwsRds
DbInstance Details Contains the details of an Amazon RDS DB instance.
- AwsRds
DbInstance Endpoint Specifies the connection endpoint.
- AwsRds
DbInstance VpcSecurity Group A VPC security groups that the DB instance belongs to.
- AwsRds
DbOption Group Membership An option group membership.
- AwsRds
DbParameter Group Provides information about a parameter group for a DB instance.
- AwsRds
DbPending Modified Values Changes to a DB instance that are currently pending.
- AwsRds
DbProcessor Feature A processor feature.
- AwsRds
DbSecurity Group Details Provides information about an Amazon RDS DB security group.
- AwsRds
DbSecurity Group Ec2Security Group EC2 security group information for an RDS DB security group.
- AwsRds
DbSecurity Group IpRange IP range information for an RDS DB security group.
- AwsRds
DbSnapshot Details Provides details about an Amazon RDS DB cluster snapshot.
- AwsRds
DbStatus Info Information about the status of a read replica.
- AwsRds
DbSubnet Group Information about the subnet group for the database instance.
- AwsRds
DbSubnet Group Subnet Information about a subnet in a subnet group.
- AwsRds
DbSubnet Group Subnet Availability Zone An Availability Zone for a subnet in a subnet group.
- AwsRds
Event Subscription Details Details about an Amazon RDS event notification subscription. The subscription allows Amazon RDS to post events to an SNS topic.
- AwsRds
Pending Cloud Watch Logs Exports Identifies the log types to enable and disable.
- AwsRedshift
Cluster Cluster Node A node in an Amazon Redshift cluster.
- AwsRedshift
Cluster Cluster Parameter Group A cluster parameter group that is associated with an Amazon Redshift cluster.
- AwsRedshift
Cluster Cluster Parameter Status The status of a parameter in a cluster parameter group for an Amazon Redshift cluster.
- AwsRedshift
Cluster Cluster Security Group A security group that is associated with the cluster.
- AwsRedshift
Cluster Cluster Snapshot Copy Status You can configure Amazon Redshift to copy snapshots for a cluster to another Amazon Web Services Region. This parameter provides information about a cross-Region snapshot copy.
- AwsRedshift
Cluster Deferred Maintenance Window A time windows during which maintenance was deferred for an Amazon Redshift cluster.
- AwsRedshift
Cluster Details Details about an Amazon Redshift cluster.
- AwsRedshift
Cluster Elastic IpStatus The status of the elastic IP (EIP) address for an Amazon Redshift cluster.
- AwsRedshift
Cluster Endpoint The connection endpoint for an Amazon Redshift cluster.
- AwsRedshift
Cluster HsmStatus Information about whether an Amazon Redshift cluster finished applying any hardware changes to security module (HSM) settings that were specified in a modify cluster command.
- AwsRedshift
Cluster IamRole An IAM role that the cluster can use to access other Amazon Web Services services.
- AwsRedshift
Cluster Logging Status Provides information about the logging status of the cluster.
- AwsRedshift
Cluster Pending Modified Values Changes to the Amazon Redshift cluster that are currently pending.
- AwsRedshift
Cluster Resize Info Information about the resize operation for the cluster.
- AwsRedshift
Cluster Restore Status Information about the status of a cluster restore action. It only applies if the cluster was created by restoring a snapshot.
- AwsRedshift
Cluster VpcSecurity Group A VPC security group that the cluster belongs to, if the cluster is in a VPC.
- AwsRoute53
Hosted Zone Config Details An object that contains an optional comment about your Amazon Route 53 hosted zone.
- AwsRoute53
Hosted Zone Details Provides details about a specified Amazon Route 53 hosted zone, including the four name servers assigned to the hosted zone. A hosted zone represents a collection of records that can be managed together, belonging to a single parent domain name.
- AwsRoute53
Hosted Zone Object Details An object that contains information about an Amazon Route 53 hosted zone.
- AwsRoute53
Hosted Zone VpcDetails For private hosted zones, this is a complex type that contains information about an Amazon VPC.
- AwsRoute53
Query Logging Config Details Provides details about a specified Amazon Route 53 configuration for DNS query logging.
- AwsS3
Access Point Details Returns configuration information about the specified Amazon S3 access point. S3 access points are named network endpoints that are attached to buckets that you can use to perform S3 object operations.
- AwsS3
Access Point VpcConfiguration Details The virtual private cloud (VPC) configuration for an Amazon S3 access point.
- AwsS3
Account Public Access Block Details provides information about the Amazon S3 Public Access Block configuration for accounts.
- AwsS3
Bucket Bucket Lifecycle Configuration Details The lifecycle configuration for the objects in the S3 bucket.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Abort Incomplete Multipart Upload Details Information about what Amazon S3 does when a multipart upload is incomplete.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Details Configuration for a lifecycle rule.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Filter Details Identifies the objects that a rule applies to.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Filter Predicate Details The configuration for the filter.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Filter Predicate Operands Details A value to use for the filter.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Filter Predicate Operands TagDetails A tag that is assigned to matching objects.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Filter Predicate TagDetails A tag filter.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Noncurrent Version Transitions Details A transition rule that describes when noncurrent objects transition to a specified storage class.
- AwsS3
Bucket Bucket Lifecycle Configuration Rules Transitions Details A rule for when objects transition to specific storage classes.
- AwsS3
Bucket Bucket Versioning Configuration Describes the versioning state of an S3 bucket.
- AwsS3
Bucket Details The details of an Amazon Simple Storage Service (Amazon S3) bucket.
- AwsS3
Bucket Logging Configuration Information about logging for the S3 bucket
- AwsS3
Bucket Notification Configuration The notification configuration for the S3 bucket.
- AwsS3
Bucket Notification Configuration Detail Details for an S3 bucket notification configuration.
- AwsS3
Bucket Notification Configuration Filter Filtering information for the notifications. The filtering is based on Amazon S3 key names.
- AwsS3
Bucket Notification Configuration S3Key Filter Details for an Amazon S3 filter.
- AwsS3
Bucket Notification Configuration S3Key Filter Rule Details for a filter rule.
- AwsS3
Bucket Object Lock Configuration The container element for S3 Object Lock configuration parameters. In Amazon S3, Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.
- AwsS3
Bucket Object Lock Configuration Rule Default Retention Details The default S3 Object Lock retention mode and period that you want to apply to new objects placed in the specified Amazon S3 bucket.
- AwsS3
Bucket Object Lock Configuration Rule Details Specifies the S3 Object Lock rule for the specified object. In Amazon S3, Object Lock can help prevent objects from being deleted or overwritten for a fixed amount of time or indefinitely.
- AwsS3
Bucket Server Side Encryption ByDefault Specifies the default server-side encryption to apply to new objects in the bucket.
- AwsS3
Bucket Server Side Encryption Configuration The encryption configuration for the S3 bucket.
- AwsS3
Bucket Server Side Encryption Rule An encryption rule to apply to the S3 bucket.
- AwsS3
Bucket Website Configuration Website parameters for the S3 bucket.
- AwsS3
Bucket Website Configuration Redirect To The redirect behavior for requests to the website.
- AwsS3
Bucket Website Configuration Routing Rule A rule for redirecting requests to the website.
- AwsS3
Bucket Website Configuration Routing Rule Condition The condition that must be met in order to apply the routing rule.
- AwsS3
Bucket Website Configuration Routing Rule Redirect The rules to redirect the request if the condition in
Conditionis met.- AwsS3
Object Details Details about an Amazon S3 object.
- AwsSage
Maker Notebook Instance Details Provides details about an Amazon SageMaker AI notebook instance.
- AwsSage
Maker Notebook Instance Metadata Service Configuration Details Information on the instance metadata service (IMDS) configuration of the notebook instance.
- AwsSecrets
Manager Secret Details Details about an Secrets Manager secret.
- AwsSecrets
Manager Secret Rotation Rules Defines the rotation schedule for the secret.
- AwsSecurity
Finding Provides a consistent format for Security Hub findings.
AwsSecurityFindingformat allows you to share findings between Amazon Web Services security services and third-party solutions.A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.
- AwsSecurity
Finding Filters A collection of filters that are applied to all active findings aggregated by Security Hub.
You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
- AwsSecurity
Finding Identifier Identifies which finding to get the finding history for.
- AwsSns
Topic Details Provides information about an Amazon SNS topic to which notifications can be published.
- AwsSns
Topic Subscription A wrapper type for the attributes of an Amazon SNS subscription.
- AwsSqs
Queue Details Data about a queue.
- AwsSsm
Compliance Summary Provides the details about the compliance status for a patch.
- AwsSsm
Patch Provides details about the compliance for a patch.
- AwsSsm
Patch Compliance Details Provides information about the state of a patch on an instance based on the patch baseline that was used to patch the instance.
- AwsStep
Function State Machine Details Provides details about an Step Functions state machine, which is a workflow consisting of a series of event- driven steps.
- AwsStep
Function State Machine Logging Configuration Destinations Cloud Watch Logs LogGroup Details An object describing a CloudWatch log group. For more information, see Amazon Web Services::Logs::LogGroup in the CloudFormation User Guide.
- AwsStep
Function State Machine Logging Configuration Destinations Details An array of objects that describes where your execution history events will be logged.
- AwsStep
Function State Machine Logging Configuration Details The
LoggingConfigurationdata type is used to set CloudWatch Logs options.- AwsStep
Function State Machine Tracing Configuration Details Specifies whether X-Ray tracing is enabled.
- AwsWaf
Rate Based Rule Details Details about a rate-based rule for global resources. A rate-based rule provides settings to indicate when to allow, block, or count a request. Rate-based rules include the number of requests that arrive over a specified period of time.
- AwsWaf
Rate Based Rule Match Predicate A match predicate. A predicate might look for characteristics such as specific IP addresses, geographic locations, or sizes.
- AwsWaf
Regional Rate Based Rule Details contains details about a rate-based rule for Regional resources. A rate-based rule provides settings to indicate when to allow, block, or count a request. Rate-based rules include the number of requests that arrive over a specified period of time.
- AwsWaf
Regional Rate Based Rule Match Predicate Details for a match predicate. A predicate might look for characteristics such as specific IP addresses, geographic locations, or sizes.
- AwsWaf
Regional Rule Details Provides information about an WAF Regional rule. This rule identifies the web requests that you want to allow, block, or count.
- AwsWaf
Regional Rule Group Details Provides information about an WAF Regional rule group. The rule group is a collection of rules for inspecting and controlling web requests.
- AwsWaf
Regional Rule Group Rules Action Details Describes the action that WAF should take on a web request when it matches the criteria defined in the rule.
- AwsWaf
Regional Rule Group Rules Details Provides information about the rules attached to a rule group
- AwsWaf
Regional Rule Predicate List Details Provides details about the
ByteMatchSet,IPSet,SqlInjectionMatchSet,XssMatchSet,RegexMatchSet,GeoMatchSet, andSizeConstraintSetobjects that you want to add to a rule and, for each object, indicates whether you want to negate the settings.- AwsWaf
Regional WebAcl Details Provides information about the web access control list (web ACL). The web ACL contains the rules that identify the requests that you want to allow, block, or count.
- AwsWaf
Regional WebAcl Rules List Action Details The action that WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the request.
- AwsWaf
Regional WebAcl Rules List Details A combination of
ByteMatchSet,IPSet, and/orSqlInjectionMatchSetobjects that identify the web requests that you want to allow, block, or count.- AwsWaf
Regional WebAcl Rules List Override Action Details Provides details about the action to use in the place of the action that results from the rule group evaluation.
- AwsWaf
Rule Details Provides information about a WAF rule. This rule specifies the web requests that you want to allow, block, or count.
- AwsWaf
Rule Group Details Provides information about an WAF rule group. A rule group is a collection of rules for inspecting and controlling web requests.
- AwsWaf
Rule Group Rules Action Details Provides information about what action WAF should take on a web request when it matches the criteria defined in the rule.
- AwsWaf
Rule Group Rules Details Provides information about the rules attached to the rule group. These rules identify the web requests that you want to allow, block, or count.
- AwsWaf
Rule Predicate List Details Provides details about the
ByteMatchSet,IPSet,SqlInjectionMatchSet,XssMatchSet,RegexMatchSet,GeoMatchSet, andSizeConstraintSetobjects that you want to add to a rule and, for each object, indicates whether you want to negate the settings.- AwsWaf
WebAcl Details Provides information about an WAF web access control list (web ACL).
- AwsWaf
WebAcl Rule Details for a rule in an WAF web ACL.
- AwsWafv2
Action Allow Details Specifies that WAF should allow the request and optionally defines additional custom handling for the request.
- AwsWafv2
Action Block Details Specifies that WAF should block the request and optionally defines additional custom handling for the response to the web request.
- AwsWafv2
Custom Http Header A custom header for custom request and response handling.
- AwsWafv2
Custom Request Handling Details Custom request handling behavior that inserts custom headers into a web request. WAF uses custom request handling when the rule action doesn't block the request.
- AwsWafv2
Custom Response Details A custom response to send to the client. You can define a custom response for rule actions and default web ACL actions that are set to block.
- AwsWafv2
Rule Group Details Details about an WAFv2 rule group.
- AwsWafv2
Rules Action Captcha Details Specifies that WAF should run a CAPTCHA check against the request.
- AwsWafv2
Rules Action Count Details Specifies that WAF should count the request.
- AwsWafv2
Rules Action Details The action that WAF should take on a web request when it matches a rule's statement. Settings at the web ACL level can override the rule action setting.
- AwsWafv2
Rules Details Provides details about rules in a rule group. A rule identifies web requests that you want to allow, block, or count. Each rule includes one top-level Statement that WAF uses to identify matching web requests, and parameters that govern how WAF handles them.
- AwsWafv2
Visibility Config Details Defines and enables Amazon CloudWatch metrics and web request sample collection.
- AwsWafv2
WebAcl Action Details Specifies the action that Amazon CloudFront or WAF takes when a web request matches the conditions in the rule.
- AwsWafv2
WebAcl Captcha Config Details Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own
CaptchaConfigsettings.- AwsWafv2
WebAcl Captcha Config Immunity Time Property Details Used for CAPTCHA and challenge token settings. Determines how long a CAPTCHA or challenge timestamp remains valid after WAF updates it for a successful CAPTCHA or challenge response.
- AwsWafv2
WebAcl Details Details about an WAFv2 web Access Control List (ACL).
- AwsXray
Encryption Config Details Information about the encryption configuration for X-Ray.
- Batch
Update Findings Unprocessed Finding A finding from a
BatchUpdateFindingsrequest that Security Hub was unable to update.- Batch
Update Findings V2Processed Finding The list of findings that were updated.
- Batch
Update Findings V2Unprocessed Finding The list of findings that were not updated.
- Boolean
Configuration Options The options for customizing a security control parameter with a boolean. For a boolean parameter, the options are
trueandfalse.- Boolean
Filter Boolean filter for querying findings.
- Cell
An occurrence of sensitive data detected in a Microsoft Excel workbook, comma-separated value (CSV) file, or tab-separated value (TSV) file.
- Cidr
Block Association An IPv4 CIDR block association.
- City
Information about a city.
- Classification
Result Details about the sensitive data that was detected on the resource.
- Classification
Status Provides details about the current status of the sensitive data detection.
- Cloud
Watch Logs LogGroup ArnConfig Details The Amazon Resource Name (ARN) and other details of the Amazon CloudWatch Logs log group that Amazon Route 53 is publishing logs to.
- Code
Vulnerabilities File Path Provides details about where a code vulnerability is located in your Lambda function.
- Compliance
This object typically provides details about a control finding, such as applicable standards and the status of control checks. While finding providers can add custom content in
Complianceobject fields, they are typically used to review details of Security Hub control findings.- Composite
Filter Enables the creation of filtering criteria for security findings.
- Configuration
Policy Association Provides details about the association between an Security Hub configuration and a target account, organizational unit, or the root. An association can exist between a target and a configuration policy, or between a target and self-managed behavior.
- Configuration
Policy Association Summary An object that contains the details of a configuration policy association that’s returned in a
ListConfigurationPolicyAssociationsrequest.- Configuration
Policy Summary An object that contains the details of an Security Hub configuration policy that’s returned in a
ListConfigurationPoliciesrequest.- Connector
Summary A condensed overview of the connectorV2..
- Container
Details Container details related to a finding.
- Country
Information about a country.
- Custom
Data Identifiers Detections The list of detected instances of sensitive data.
- Custom
Data Identifiers Result Contains an instance of sensitive data that was detected by a customer-defined identifier.
- Cvss
CVSS scores from the advisory related to the vulnerability.
- Data
Classification Details Provides details about sensitive data that was detected on a resource.
- Date
Filter A date filter for querying findings.
- Date
Range A date range for the date filter.
- Detection
A top-level object field that provides details about an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- DnsRequest
Action Provided if
ActionTypeisDNS_REQUEST. It provides details about the DNS request that was detected.- Double
Configuration Options The options for customizing a security control parameter that is a double.
- Enum
Configuration Options The options for customizing a security control parameter that is an enum.
- Enum
List Configuration Options The options for customizing a security control parameter that is a list of enums.
- External
Integration Configuration Defines the settings and parameters required for integrating external security tools and services.
- File
Paths Provides information about the file paths that were affected by the threat.
- Finding
Aggregator A finding aggregator is a Security Hub resource that specifies cross-Region aggregation settings, including the home Region and any linked Regions.
- Finding
History Record A list of events that changed the specified finding during the specified time period. Each record represents a single finding change event.
- Finding
History Update An array of objects that provides details about a change to a finding, including the Amazon Web Services Security Finding Format (ASFF) field that changed, the value of the field before the change, and the value of the field after the change.
- Finding
History Update Source Identifies the source of the finding change event.
- Finding
Provider Fields In a
BatchImportFindingsrequest, finding providers useFindingProviderFieldsto provide and update values for the following fields:-
Confidence -
Criticality -
RelatedFindings -
Severity -
Types
The preceding fields are nested under the
FindingProviderFieldsobject, but also have analogues of the same name as top-level ASFF fields. When a new finding is sent to Security Hub by a finding provider, Security Hub populates theFindingProviderFieldsobject automatically, if it is empty, based on the corresponding top-level fields.Finding providers can update
FindingProviderFieldsonly by using theBatchImportFindingsoperation. Finding providers can't update this object with theBatchUpdateFindingsoperation. Customers can update the top-level fields by using theBatchUpdateFindingsoperation. Customers can't updateFindingProviderFields.For information about how Security Hub handles updates from
BatchImportFindingstoFindingProviderFieldsand to the corresponding top-level attributes, see UsingFindingProviderFieldsin the Security Hub User Guide.-
- Finding
Provider Severity The severity assigned to a finding by the finding provider. This object may include one or more of the following attributes:
-
Label -
Normalized -
Original -
Product
If a
BatchImportFindingsrequest for a new finding only providesLabelor only providesNormalized, Security Hub automatically populates the value of the other field.The
NormalizedandProductattributes are included in theFindingProviderSeveritystructure to preserve the historical information associated with the finding, even if the top-levelSeverityobject is later modified using theBatchUpdateFindingsoperation.If the top-level
Finding.Severityobject is present, butFinding.FindingProviderFieldsisn't present, Security Hub creates theFindingProviderFields.Severityobject and copies the entireFinding.Severityobject into it. This ensures that the original, provider-supplied details are retained within theFindingProviderFields.Severityobject, even if the top-levelSeverityobject is overwritten.-
- Firewall
Policy Details Defines the behavior of the firewall.
- Firewall
Policy Stateful Rule Group References Details A stateful rule group that is used by the firewall policy.
- Firewall
Policy Stateless Custom Actions Details A custom action that can be used for stateless packet handling.
- Firewall
Policy Stateless Rule Group References Details A stateless rule group that is used by the firewall policy.
- Generator
Details Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings.
- GeoLocation
Provides the latitude and longitude coordinates of a location.
- Group
ByResult Represents finding statistics grouped by
GroupedByField.- Group
ByRule Defines the how the finding attribute should be grouped.
- Group
ByValue Represents individual aggregated results when grouping security findings for each
GroupByField.- Health
Check Information about the operational status and health of a connectorV2.
- Icmp
Type Code An Internet Control Message Protocol (ICMP) type and code.
- Import
Findings Error The list of the findings that cannot be imported. For each finding, the list provides the error.
- Indicator
Contains information about the indicators observed in an Amazon GuardDuty Extended Threat Detection attack sequence. Indicators include a set of signals, which can be API activities or findings that GuardDuty uses to detect an attack sequence finding. GuardDuty generates an attack sequence finding when multiple signals align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty and GuardDuty S3 Protection enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Insight
Contains information about a Security Hub insight.
- Insight
Result Value The insight result values returned by the
GetInsightResultsoperation.- Insight
Results The insight results returned by the
GetInsightResultsoperation.- Integer
Configuration Options The options for customizing a security control parameter that is an integer.
- Integer
List Configuration Options The options for customizing a security control parameter that is a list of integers.
- Invitation
Details about an invitation.
- IpFilter
The IP filter for querying findings.
- IpOrganization
Details Provides information about an internet provider.
- Ipv6
Cidr Block Association An IPV6 CIDR block association.
- Jira
Cloud Detail Information about the configuration and status of a Jira Cloud integration.
- Jira
Cloud Provider Configuration The initial configuration settings required to establish an integration between Security Hub and Jira Cloud.
- Jira
Cloud Update Configuration The parameters used to modify an existing Jira Cloud integration.
- Keyword
Filter A keyword filter for querying findings.
- Load
Balancer State Information about the state of the load balancer.
- Malware
A list of malware related to a finding.
- MapFilter
A map filter for filtering Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
- Member
The details about a member account.
- Network
The details of network-related information about a finding.
- Network
Autonomous System Contains information about the Autonomous System (AS) of the network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Network
Connection Contains information about the network connection involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Network
Connection Action Provided if
ActionTypeisNETWORK_CONNECTION. It provides details about the attempted network connection that was detected.- Network
Endpoint Contains information about network endpoints involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
This field can provide information about the network endpoints associated with the resource in the attack sequence finding, or about a specific network endpoint used for the attack.
- Network
GeoLocation Contains information about the location of a network endpoint involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Network
Header Details about a network path component that occurs before or after the current component.
- Network
Path Component Information about a network path component.
- Network
Path Component Details Information about the destination of the next component in the network path.
- Note
A user-defined note added to a finding.
- Note
Update The updated note.
- Number
Filter A number filter for querying findings.
- Occurrences
The detected occurrences of sensitive data.
- Ocsf
Boolean Filter Enables filtering of security findings based on boolean field values in OCSF.
- Ocsf
Date Filter Enables filtering of security findings based on date and timestamp fields in OCSF.
- Ocsf
Finding Filters Specifies the filtering criteria for security findings using OCSF.
- Ocsf
Finding Identifier Provides a standard to identify security findings using OCSF.
- Ocsf
MapFilter Enables filtering of security findings based on map field values in OCSF.
- Ocsf
Number Filter Enables filtering of security findings based on numerical field values in OCSF.
- Ocsf
String Filter Enables filtering of security findings based on string field values in OCSF.
- Organization
Configuration Provides information about the way an organization is configured in Security Hub.
- Page
An occurrence of sensitive data in an Adobe Portable Document Format (PDF) file.
- Parameter
Configuration An object that provides the current value of a security control parameter and identifies whether it has been customized.
- Parameter
Definition An object that describes a security control parameter and the options for customizing it.
- Patch
Summary Provides an overview of the patch compliance status for an instance against a selected compliance standard.
- Port
Probe Action Provided if
ActionTypeisPORT_PROBE. It provides details about the attempted port probe that was detected.- Port
Probe Detail A port scan that was part of the port probe. For each scan, PortProbeDetails provides information about the local IP address and port that were scanned, and the remote IP address that the scan originated from.
- Port
Range A range of ports.
- Port
Range From To A range of ports.
- Process
Details The details of process-related information about a finding.
- Product
Contains details about a product.
- Product
V2 Defines the structure for the productV2.
- Propagating
VgwSet Details Describes a virtual private gateway propagating route.
- Provider
Summary The connectorV2 third-party provider configuration summary.
- Range
Identifies where the sensitive data begins and ends.
- Recommendation
A recommendation on how to remediate the issue identified in a finding.
- Record
An occurrence of sensitive data in an Apache Avro object container or an Apache Parquet file.
- Related
Finding Details about a related finding.
- Remediation
Details about the remediation steps for a finding.
- Resource
A resource related to a finding.
- Resource
Details Additional details about a resource related to a finding.
To provide the details, use the object that corresponds to the resource type. For example, if the resource type is
AwsEc2Instance, then you use theAwsEc2Instanceobject to provide the details.If the type-specific object does not contain all of the fields you want to populate, then you use the
Otherobject to populate those additional fields.You also use the
Otherobject to populate the details when the selected type does not have a corresponding object.- Resource
Findings Summary A list of summaries for all finding types on a resource.
- Resource
Group ByRule Defines the configuration for organizing and categorizing Amazon Web Services resources based on associated security findings.
- Resource
Result Provides comprehensive details about an Amazon Web Services resource and its associated security findings.
- Resource
Severity Breakdown A comprehensive distribution of security findings by severity level for Amazon Web Services resources.
- Resource
Tag Represents tag information associated with Amazon Web Services resources.
- Resources
Composite Filter Enables the creation of criteria for Amazon Web Services resources in Security Hub.
- Resources
Date Filter Enables the filtering of Amazon Web Services resources based on date and timestamp attributes.
- Resources
Filters Enables filtering of Amazon Web Services resources based on data.
- Resources
MapFilter Enables filtering of Amazon Web Services resources based on key-value map attributes.
- Resources
Number Filter Enables filtering of Amazon Web Services resources based on numerical values.
- Resources
String Filter Enables filtering of Amazon Web Services resources based on string field values.
- Result
Details about the account that was not processed.
- Route
SetDetails Provides details about the routes in the route table.
- Rule
Group Details Details about the rule group.
- Rule
Group Source The rules and actions for the rule group.
- Rule
Group Source Custom Actions Details A custom action definition. A custom action is an optional, non-standard action to use for stateless packet handling.
- Rule
Group Source List Details Stateful inspection criteria for a domain list rule group.
- Rule
Group Source Stateful Rules Details A Suricata rule specification.
- Rule
Group Source Stateful Rules Header Details The inspection criteria for a stateful rule.
- Rule
Group Source Stateful Rules Options Details A rule option for a stateful rule.
- Rule
Group Source Stateless Rule Definition The definition of the stateless rule.
- Rule
Group Source Stateless Rule Match Attributes Criteria for the stateless rule.
- Rule
Group Source Stateless Rule Match Attributes Destination Ports A port range to specify the destination ports to inspect for.
- Rule
Group Source Stateless Rule Match Attributes Destinations A destination IP address or range.
- Rule
Group Source Stateless Rule Match Attributes Source Ports A port range to specify the source ports to inspect for.
- Rule
Group Source Stateless Rule Match Attributes Sources A source IP addresses and address range to inspect for.
- Rule
Group Source Stateless Rule Match Attributes TcpFlags A set of TCP flags and masks to inspect for.
- Rule
Group Source Stateless Rules AndCustom Actions Details Stateless rules and custom actions for a stateless rule group.
- Rule
Group Source Stateless Rules Details A stateless rule in the rule group.
- Rule
Group Variables Additional settings to use in the specified rules.
- Rule
Group Variables IpSets Details A list of IP addresses and address ranges, in CIDR notation.
- Rule
Group Variables Port Sets Details A list of port ranges.
- Security
Control A security control in Security Hub describes a security best practice related to a specific resource.
- Security
Control Custom Parameter A list of security controls and control parameter values that are included in a configuration policy.
- Security
Control Definition Provides metadata for a security control, including its unique standard-agnostic identifier, title, description, severity, availability in Amazon Web Services Regions, and a link to remediation steps.
- Security
Control Parameter A parameter that a security control accepts.
- Security
Controls Configuration An object that defines which security controls are enabled in an Security Hub configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account.
- Security
HubPolicy An object that defines how Security Hub is configured. The configuration policy includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
- Sensitive
Data Detections The list of detected instances of sensitive data.
- Sensitive
Data Result Contains a detected instance of sensitive data that are based on built-in identifiers.
- Sequence
Contains information about an Amazon GuardDuty Extended Threat Detection attack sequence finding. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Service
NowDetail Information about a ServiceNow ITSM integration.
- Service
NowProvider Configuration The initial configuration settings required to establish an integration between Security Hub and ServiceNow ITSM.
- Severity
The severity of the finding.
The finding provider can provide the initial severity. The finding provider can only update the severity if it hasn't been updated using
BatchUpdateFindings.The finding must have either
LabelorNormalizedpopulated. If only one of these attributes is populated, then Security Hub automatically populates the other one. If neither attribute is populated, then the finding is invalid.Labelis the preferred attribute.- Severity
Update Updates to the severity information for a finding.
- Signal
Contains information about the signals involved in an Amazon GuardDuty Extended Threat Detection attack sequence. An attack sequence is a type of threat detected by GuardDuty. GuardDuty generates an attack sequence finding when multiple events, or signals, align to a potentially suspicious activity. When GuardDuty and Security Hub are integrated, GuardDuty sends attack sequence findings to Security Hub.
A signal can be an API activity or a finding that GuardDuty uses to detect an attack sequence finding.
- Software
Package Information about a software package.
- Sort
Criterion A collection of finding attributes used to sort findings.
- Standard
Provides information about a specific security standard.
- Standards
Control Details for an individual security standard control.
- Standards
Control Association Detail Provides details about a control's enablement status in a specified standard.
- Standards
Control Association Id An array with one or more objects that includes a security control (identified with
SecurityControlId,SecurityControlArn, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. The security control ID or ARN is the same across standards.- Standards
Control Association Summary An array that provides the enablement status and other details for each control that applies to each enabled standard.
- Standards
Control Association Update An array of requested updates to the enablement status of controls in specified standards. The objects in the array include a security control ID, the Amazon Resource Name (ARN) of the standard, the requested enablement status, and the reason for updating the enablement status.
- Standards
Managed By Provides details about the management of a security standard.
- Standards
Status Reason The reason for the current status of your subscription to the standard.
- Standards
Subscription A resource that represents your subscription to a supported standard.
- Standards
Subscription Request The standard that you want to enable.
- Stateless
Custom Action Definition The definition of a custom action that can be used for stateless packet handling.
- Stateless
Custom Publish Metric Action Information about metrics to publish to CloudWatch.
- Stateless
Custom Publish Metric Action Dimension Defines a CloudWatch dimension value to publish.
- Status
Reason Provides additional context for the value of
Compliance.Status.- String
Configuration Options The options for customizing a security control parameter that is a string.
- String
Filter A string filter for filtering Security Hub findings.
- String
List Configuration Options The options for customizing a security control parameter that is a list of strings.
- Threat
Provides information about the threat detected in a security finding and the file paths that were affected by the threat.
- Threat
Intel Indicator Details about the threat intelligence related to a finding.
- Unprocessed
Automation Rule A list of objects containing
RuleArn,ErrorCode, andErrorMessage. This parameter tells you which automation rules the request didn't process and why.- Unprocessed
Configuration Policy Association An array of configuration policy associations, one for each configuration policy association identifier, that was specified in a
BatchGetConfigurationPolicyAssociationsrequest but couldn’t be processed due to an error.- Unprocessed
Security Control Provides details about a security control for which a response couldn't be returned.
- Unprocessed
Standards Control Association Provides details about which control's enablement status couldn't be retrieved in a specified standard when calling BatchUpdateStandardsControlAssociations. This parameter also provides details about why the request was unprocessed.
- Unprocessed
Standards Control Association Update Provides details about which control's enablement status could not be updated in a specified standard when calling the BatchUpdateStandardsControlAssociations API. This parameter also provides details about why the request was unprocessed.
- Update
Automation Rules Request Item Specifies the parameters to update in an existing automation rule.
- User
Account Provides Amazon Web Services account information of the user involved in an Amazon GuardDuty Extended Threat Detection attack sequence. GuardDuty generates an attack sequence finding when multiple events align to a potentially suspicious activity. To receive GuardDuty attack sequence findings in Security Hub, you must have GuardDuty enabled. For more information, see GuardDuty Extended Threat Detection in the Amazon GuardDuty User Guide.
- Volume
Mount Describes the mounting of a volume in a container.
- VpcInfo
Cidr Block SetDetails Provides details about the IPv4 CIDR blocks for the VPC.
- VpcInfo
Ipv6 Cidr Block SetDetails Provides details about the IPv6 CIDR blocks for the VPC.
- VpcInfo
Peering Options Details Provides information about the VPC peering connection options for the accepter or requester VPC.
- Vulnerability
A vulnerability associated with a finding.
- Vulnerability
Code Vulnerabilities Provides details about the vulnerabilities found in your Lambda function code. This field pertains to findings that Security Hub receives from Amazon Inspector.
- Vulnerability
Vendor A vendor that generates a vulnerability report.
- WafAction
Details about the action that CloudFront or WAF takes when a web request matches the conditions in the rule.
- WafExcluded
Rule Details about a rule to exclude from a rule group.
- WafOverride
Action Details about an override action for a rule.
- Workflow
Provides details about the status of the investigation into a finding.
- Workflow
Update Used to update information about the investigation into the finding.
Enums§
- Actor
Session MfaStatus - When writing a match expression against
ActorSessionMfaStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Admin
Status - When writing a match expression against
AdminStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Allowed
Operators - When writing a match expression against
AllowedOperators, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Association
Status - When writing a match expression against
AssociationStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Association
Type - When writing a match expression against
AssociationType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Auto
Enable Standards - When writing a match expression against
AutoEnableStandards, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Automation
Rules Action Type - When writing a match expression against
AutomationRulesActionType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Automation
Rules Action Type V2 - When writing a match expression against
AutomationRulesActionTypeV2, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - AwsIam
Access KeyStatus - When writing a match expression against
AwsIamAccessKeyStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - AwsS3
Bucket Notification Configuration S3Key Filter Rule Name - When writing a match expression against
AwsS3BucketNotificationConfigurationS3KeyFilterRuleName, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Batch
Update Findings V2Unprocessed Finding Error Code - When writing a match expression against
BatchUpdateFindingsV2UnprocessedFindingErrorCode, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Compliance
Status - When writing a match expression against
ComplianceStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Configuration
Options The options for customizing a security control parameter.
- Configuration
Policy Association Status - When writing a match expression against
ConfigurationPolicyAssociationStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Connection
Direction - When writing a match expression against
ConnectionDirection, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Connector
Auth Status - When writing a match expression against
ConnectorAuthStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Connector
Provider Name - When writing a match expression against
ConnectorProviderName, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Connector
Status - When writing a match expression against
ConnectorStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Control
Finding Generator - When writing a match expression against
ControlFindingGenerator, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Control
Status - When writing a match expression against
ControlStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Criteria
Defines the parameters and conditions used to evaluate and filter security findings.
- Date
Range Unit - When writing a match expression against
DateRangeUnit, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Finding
History Update Source Type - When writing a match expression against
FindingHistoryUpdateSourceType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Group
ByField - When writing a match expression against
GroupByField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Integration
Type - When writing a match expression against
IntegrationType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Integration
V2Type - When writing a match expression against
IntegrationV2Type, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Malware
State - When writing a match expression against
MalwareState, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Malware
Type - When writing a match expression against
MalwareType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - MapFilter
Comparison - When writing a match expression against
MapFilterComparison, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Network
Direction - When writing a match expression against
NetworkDirection, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Ocsf
Boolean Field - When writing a match expression against
OcsfBooleanField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Ocsf
Date Field - When writing a match expression against
OcsfDateField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Ocsf
MapField - When writing a match expression against
OcsfMapField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Ocsf
Number Field - When writing a match expression against
OcsfNumberField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Ocsf
String Field - When writing a match expression against
OcsfStringField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Organization
Configuration Configuration Type - When writing a match expression against
OrganizationConfigurationConfigurationType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Organization
Configuration Status - When writing a match expression against
OrganizationConfigurationStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Parameter
Value An object that includes the data type of a security control parameter and its current value.
- Parameter
Value Type - When writing a match expression against
ParameterValueType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Partition
- When writing a match expression against
Partition, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Policy
An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
- Provider
Configuration The initial configuration settings required to establish an integration between Security Hub and third-party provider.
- Provider
Detail The third-party provider detail for a service configuration.
- Provider
Update Configuration The parameters required to update the configuration of an integration provider.
- Record
State - When writing a match expression against
RecordState, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Region
Availability Status - When writing a match expression against
RegionAvailabilityStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resource
Category - When writing a match expression against
ResourceCategory, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resource
Group ByField - When writing a match expression against
ResourceGroupByField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resources
Date Field - When writing a match expression against
ResourcesDateField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resources
MapField - When writing a match expression against
ResourcesMapField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resources
Number Field - When writing a match expression against
ResourcesNumberField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Resources
String Field - When writing a match expression against
ResourcesStringField, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Rule
Status - When writing a match expression against
RuleStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Rule
Status V2 - When writing a match expression against
RuleStatusV2, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Security
Control Property - When writing a match expression against
SecurityControlProperty, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Security
HubFeature - When writing a match expression against
SecurityHubFeature, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Severity
Label - When writing a match expression against
SeverityLabel, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Severity
Rating - When writing a match expression against
SeverityRating, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Sort
Order - When writing a match expression against
SortOrder, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Standards
Controls Updatable - When writing a match expression against
StandardsControlsUpdatable, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Standards
Status - When writing a match expression against
StandardsStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Status
Reason Code - When writing a match expression against
StatusReasonCode, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - String
Filter Comparison - When writing a match expression against
StringFilterComparison, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Target
The target account, organizational unit, or the root that is associated with an Security Hub configuration. The configuration can be a configuration policy or self-managed behavior.
- Target
Type - When writing a match expression against
TargetType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Threat
Intel Indicator Category - When writing a match expression against
ThreatIntelIndicatorCategory, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Threat
Intel Indicator Type - When writing a match expression against
ThreatIntelIndicatorType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Unprocessed
Error Code - When writing a match expression against
UnprocessedErrorCode, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Update
Status - When writing a match expression against
UpdateStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Verification
State - When writing a match expression against
VerificationState, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Vulnerability
Exploit Available - When writing a match expression against
VulnerabilityExploitAvailable, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Vulnerability
FixAvailable - When writing a match expression against
VulnerabilityFixAvailable, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Workflow
State Deprecated - When writing a match expression against
WorkflowState, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature. - Workflow
Status - When writing a match expression against
WorkflowStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.