Struct rusoto_securityhub::AwsSecurityFinding [−][src]
pub struct AwsSecurityFinding {}Show fields
pub action: Option<Action>, pub aws_account_id: String, pub compliance: Option<Compliance>, pub confidence: Option<i64>, pub created_at: String, pub criticality: Option<i64>, pub description: String, pub finding_provider_fields: Option<FindingProviderFields>, pub first_observed_at: Option<String>, pub generator_id: String, pub id: String, pub last_observed_at: Option<String>, pub malware: Option<Vec<Malware>>, pub network: Option<Network>, pub network_path: Option<Vec<NetworkPathComponent>>, pub note: Option<Note>, pub patch_summary: Option<PatchSummary>, pub process: Option<ProcessDetails>, pub product_arn: String, pub product_fields: Option<HashMap<String, String>>, pub record_state: Option<String>, pub related_findings: Option<Vec<RelatedFinding>>, pub remediation: Option<Remediation>, pub resources: Vec<Resource>, pub schema_version: String, pub severity: Option<Severity>, pub source_url: Option<String>, pub threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>, pub title: String, pub types: Option<Vec<String>>, pub updated_at: String, pub user_defined_fields: Option<HashMap<String, String>>, pub verification_state: Option<String>, pub vulnerabilities: Option<Vec<Vulnerability>>, pub workflow: Option<Workflow>, pub workflow_state: Option<String>,
Expand description
Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding
format enables you to share findings between AWS security services and third-party solutions, and security standards checks.
A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and standards checks.
Fields
action: Option<Action>
Provides details about an action that affects or that was taken on a resource.
aws_account_id: String
The AWS account ID that a finding is generated in.
compliance: Option<Compliance>
This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported security standard, such as CIS AWS Foundations. Contains security standard-related finding details.
confidence: Option<i64>
A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.
Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.
created_at: String
Indicates when the security-findings provider created the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z
.
criticality: Option<i64>
The level of importance assigned to the resources associated with the finding.
A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.
description: String
A finding's description.
In this release, Description
is a required property.
finding_provider_fields: Option<FindingProviderFields>
In a BatchImportFindings
request, finding providers use FindingProviderFields
to provide and update their own values for confidence, criticality, related findings, severity, and types.
first_observed_at: Option<String>
Indicates when the security-findings provider first observed the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z
.
generator_id: String
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
id: String
The security findings provider-specific identifier for a finding.
last_observed_at: Option<String>
Indicates when the security-findings provider most recently observed the potential security issue that a finding captured.
Uses the date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z
.
malware: Option<Vec<Malware>>
A list of malware related to a finding.
network: Option<Network>
The details of network-related information about a finding.
network_path: Option<Vec<NetworkPathComponent>>
Provides information about a network path that is relevant to a finding. Each entry under NetworkPath
represents a component of that path.
note: Option<Note>
A user-defined note added to a finding.
patch_summary: Option<PatchSummary>
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
process: Option<ProcessDetails>
The details of process-related information about a finding.
product_arn: String
The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
product_fields: Option<HashMap<String, String>>
A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding
format.
record_state: Option<String>
The record state of a finding.
A list of related findings.
remediation: Option<Remediation>
A data type that describes the remediation options for a finding.
resources: Vec<Resource>
A set of resource data types that describe the resources that the finding refers to.
schema_version: String
The schema version that a finding is formatted for.
severity: Option<Severity>
A finding's severity.
source_url: Option<String>
A URL that links to a page about the current finding in the security-findings provider's solution.
threat_intel_indicators: Option<Vec<ThreatIntelIndicator>>
Threat intelligence details related to a finding.
title: String
A finding's title.
In this release, Title
is a required property.
types: Option<Vec<String>>
One or more finding types in the format of namespace/category/classifier
that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
updated_at: String
Indicates when the security-findings provider last updated the finding record.
Uses the date-time
format specified in RFC 3339 section 5.6, Internet Date/Time Format. The value cannot contain spaces. For example, 2020-03-22T13:22:13.933Z
.
user_defined_fields: Option<HashMap<String, String>>
A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
verification_state: Option<String>
Indicates the veracity of a finding.
vulnerabilities: Option<Vec<Vulnerability>>
Provides a list of vulnerabilities associated with the findings.
workflow: Option<Workflow>
Provides information about the status of the investigation into a finding.
workflow_state: Option<String>
The workflow state of a finding.
Trait Implementations
Returns the “default value” for a type. Read more
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
impl RefUnwindSafe for AwsSecurityFinding
impl Send for AwsSecurityFinding
impl Sync for AwsSecurityFinding
impl Unpin for AwsSecurityFinding
impl UnwindSafe for AwsSecurityFinding
Blanket Implementations
Mutably borrows from an owned value. Read more
Instruments this type with the provided Span
, returning an
Instrumented
wrapper. Read more
type Output = T
type Output = T
Should always be Self