Amazon Connect Customer - * Profiles is a unified customer profile for your contact center that has - * pre-built connectors powered by AppFlow that make it easy to combine customer - * information from third party applications, such as Salesforce (CRM), ServiceNow - * (ITSM), and your enterprise resource planning (ERP), with contact history from - * your Amazon Connect contact center.
For more information about the
- * Amazon Connect Customer Profiles feature, see Amazon Connect Customer Profiles Amazon Connect Customer Profiles is
+ * a unified customer profile for your contact center that has pre-built connectors
+ * powered by AppFlow that make it easy to combine customer information from third
+ * party applications, such as Salesforce (CRM), ServiceNow (ITSM), and your
+ * enterprise resource planning (ERP), with contact history from your Amazon
+ * Connect contact center. For more information about the Amazon Connect
+ * Customer Profiles feature, see Use
* Customer Profiles in the Amazon Connect Administrator's Guide. The Amazon Resource Name (ARN) of the IAM role. The Integration uses this
+ * role to make Customer Profiles requests on your behalf. The Amazon Resource Name (ARN) of the IAM role. The Integration uses this
+ * role to make Customer Profiles requests on your behalf. The Amazon Resource Name (ARN) of the IAM role. The Integration uses this
+ * role to make Customer Profiles requests on your behalf. The Amazon Resource Name (ARN) of the IAM role. The Integration uses this
+ * role to make Customer Profiles requests on your behalf. Describes a personalization configuration.See Also:
AWS
+ * API Reference
Provides a summary of a refresh schedule.
Updates a personalization configuration.
Updates a refresh schedule for a dataset.
The ID of the Amazon Web Services account that contains the personalization + * configuration that the user wants described.
+ */ + inline const Aws::String& GetAwsAccountId() const{ return m_awsAccountId; } + inline bool AwsAccountIdHasBeenSet() const { return m_awsAccountIdHasBeenSet; } + inline void SetAwsAccountId(const Aws::String& value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId = value; } + inline void SetAwsAccountId(Aws::String&& value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId = std::move(value); } + inline void SetAwsAccountId(const char* value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId.assign(value); } + inline DescribeQPersonalizationConfigurationRequest& WithAwsAccountId(const Aws::String& value) { SetAwsAccountId(value); return *this;} + inline DescribeQPersonalizationConfigurationRequest& WithAwsAccountId(Aws::String&& value) { SetAwsAccountId(std::move(value)); return *this;} + inline DescribeQPersonalizationConfigurationRequest& WithAwsAccountId(const char* value) { SetAwsAccountId(value); return *this;} + ///@} + private: + + Aws::String m_awsAccountId; + bool m_awsAccountIdHasBeenSet = false; + }; + +} // namespace Model +} // namespace QuickSight +} // namespace Aws diff --git a/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/DescribeQPersonalizationConfigurationResult.h b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/DescribeQPersonalizationConfigurationResult.h new file mode 100644 index 00000000000..901d1a4b5c3 --- /dev/null +++ b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/DescribeQPersonalizationConfigurationResult.h @@ -0,0 +1,77 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#pragma once +#includeA value that indicates whether personalization is enabled or not.
+ */ + inline const PersonalizationMode& GetPersonalizationMode() const{ return m_personalizationMode; } + inline void SetPersonalizationMode(const PersonalizationMode& value) { m_personalizationMode = value; } + inline void SetPersonalizationMode(PersonalizationMode&& value) { m_personalizationMode = std::move(value); } + inline DescribeQPersonalizationConfigurationResult& WithPersonalizationMode(const PersonalizationMode& value) { SetPersonalizationMode(value); return *this;} + inline DescribeQPersonalizationConfigurationResult& WithPersonalizationMode(PersonalizationMode&& value) { SetPersonalizationMode(std::move(value)); return *this;} + ///@} + + ///@{ + + inline const Aws::String& GetRequestId() const{ return m_requestId; } + inline void SetRequestId(const Aws::String& value) { m_requestId = value; } + inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); } + inline void SetRequestId(const char* value) { m_requestId.assign(value); } + inline DescribeQPersonalizationConfigurationResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;} + inline DescribeQPersonalizationConfigurationResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;} + inline DescribeQPersonalizationConfigurationResult& WithRequestId(const char* value) { SetRequestId(value); return *this;} + ///@} + + ///@{ + /** + *The HTTP status of the request.
+ */ + inline int GetStatus() const{ return m_status; } + inline void SetStatus(int value) { m_status = value; } + inline DescribeQPersonalizationConfigurationResult& WithStatus(int value) { SetStatus(value); return *this;} + ///@} + private: + + PersonalizationMode m_personalizationMode; + + Aws::String m_requestId; + + int m_status; + }; + +} // namespace Model +} // namespace QuickSight +} // namespace Aws diff --git a/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/PersonalizationMode.h b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/PersonalizationMode.h new file mode 100644 index 00000000000..7f8df782716 --- /dev/null +++ b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/PersonalizationMode.h @@ -0,0 +1,31 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#pragma once +#includeThe ID of the Amazon Web Services account account that contains the + * personalization configuration that the user wants to update.
+ */ + inline const Aws::String& GetAwsAccountId() const{ return m_awsAccountId; } + inline bool AwsAccountIdHasBeenSet() const { return m_awsAccountIdHasBeenSet; } + inline void SetAwsAccountId(const Aws::String& value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId = value; } + inline void SetAwsAccountId(Aws::String&& value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId = std::move(value); } + inline void SetAwsAccountId(const char* value) { m_awsAccountIdHasBeenSet = true; m_awsAccountId.assign(value); } + inline UpdateQPersonalizationConfigurationRequest& WithAwsAccountId(const Aws::String& value) { SetAwsAccountId(value); return *this;} + inline UpdateQPersonalizationConfigurationRequest& WithAwsAccountId(Aws::String&& value) { SetAwsAccountId(std::move(value)); return *this;} + inline UpdateQPersonalizationConfigurationRequest& WithAwsAccountId(const char* value) { SetAwsAccountId(value); return *this;} + ///@} + + ///@{ + /** + *An option to allow Amazon QuickSight to customize data stories with user + * specific metadata, specifically location and job information, in your IAM + * Identity Center instance.
+ */ + inline const PersonalizationMode& GetPersonalizationMode() const{ return m_personalizationMode; } + inline bool PersonalizationModeHasBeenSet() const { return m_personalizationModeHasBeenSet; } + inline void SetPersonalizationMode(const PersonalizationMode& value) { m_personalizationModeHasBeenSet = true; m_personalizationMode = value; } + inline void SetPersonalizationMode(PersonalizationMode&& value) { m_personalizationModeHasBeenSet = true; m_personalizationMode = std::move(value); } + inline UpdateQPersonalizationConfigurationRequest& WithPersonalizationMode(const PersonalizationMode& value) { SetPersonalizationMode(value); return *this;} + inline UpdateQPersonalizationConfigurationRequest& WithPersonalizationMode(PersonalizationMode&& value) { SetPersonalizationMode(std::move(value)); return *this;} + ///@} + private: + + Aws::String m_awsAccountId; + bool m_awsAccountIdHasBeenSet = false; + + PersonalizationMode m_personalizationMode; + bool m_personalizationModeHasBeenSet = false; + }; + +} // namespace Model +} // namespace QuickSight +} // namespace Aws diff --git a/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/UpdateQPersonalizationConfigurationResult.h b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/UpdateQPersonalizationConfigurationResult.h new file mode 100644 index 00000000000..deff3f7d7d7 --- /dev/null +++ b/generated/src/aws-cpp-sdk-quicksight/include/aws/quicksight/model/UpdateQPersonalizationConfigurationResult.h @@ -0,0 +1,78 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#pragma once +#includeThe personalization mode that is used for the personalization + * configuration.
+ */ + inline const PersonalizationMode& GetPersonalizationMode() const{ return m_personalizationMode; } + inline void SetPersonalizationMode(const PersonalizationMode& value) { m_personalizationMode = value; } + inline void SetPersonalizationMode(PersonalizationMode&& value) { m_personalizationMode = std::move(value); } + inline UpdateQPersonalizationConfigurationResult& WithPersonalizationMode(const PersonalizationMode& value) { SetPersonalizationMode(value); return *this;} + inline UpdateQPersonalizationConfigurationResult& WithPersonalizationMode(PersonalizationMode&& value) { SetPersonalizationMode(std::move(value)); return *this;} + ///@} + + ///@{ + + inline const Aws::String& GetRequestId() const{ return m_requestId; } + inline void SetRequestId(const Aws::String& value) { m_requestId = value; } + inline void SetRequestId(Aws::String&& value) { m_requestId = std::move(value); } + inline void SetRequestId(const char* value) { m_requestId.assign(value); } + inline UpdateQPersonalizationConfigurationResult& WithRequestId(const Aws::String& value) { SetRequestId(value); return *this;} + inline UpdateQPersonalizationConfigurationResult& WithRequestId(Aws::String&& value) { SetRequestId(std::move(value)); return *this;} + inline UpdateQPersonalizationConfigurationResult& WithRequestId(const char* value) { SetRequestId(value); return *this;} + ///@} + + ///@{ + /** + *The HTTP status of the request.
+ */ + inline int GetStatus() const{ return m_status; } + inline void SetStatus(int value) { m_status = value; } + inline UpdateQPersonalizationConfigurationResult& WithStatus(int value) { SetStatus(value); return *this;} + ///@} + private: + + PersonalizationMode m_personalizationMode; + + Aws::String m_requestId; + + int m_status; + }; + +} // namespace Model +} // namespace QuickSight +} // namespace Aws diff --git a/generated/src/aws-cpp-sdk-quicksight/source/QuickSightClient.cpp b/generated/src/aws-cpp-sdk-quicksight/source/QuickSightClient.cpp index 8bb953cc903..fc5b0302a44 100644 --- a/generated/src/aws-cpp-sdk-quicksight/source/QuickSightClient.cpp +++ b/generated/src/aws-cpp-sdk-quicksight/source/QuickSightClient.cpp @@ -100,6 +100,7 @@ #includeSecurity Hub provides you with a comprehensive view of your security state in * Amazon Web Services and helps you assess your Amazon Web Services environment * against security industry standards and best practices.
Security Hub - * collects security data across Amazon Web Services accounts, Amazon Web - * Servicesservices, and supported third-party products and helps you analyze your - * security trends and identify the highest priority security issues.
To - * help you manage the security state of your organization, Security Hub supports - * multiple security standards. These include the Amazon Web Services Foundational - * Security Best Practices (FSBP) standard developed by Amazon Web Services, and - * external compliance frameworks such as the Center for Internet Security (CIS), - * the Payment Card Industry Data Security Standard (PCI DSS), and the National + * collects security data across Amazon Web Services accounts, Amazon Web Services + * services, and supported third-party products and helps you analyze your security + * trends and identify the highest priority security issues.
To help you + * manage the security state of your organization, Security Hub supports multiple + * security standards. These include the Amazon Web Services Foundational Security + * Best Practices (FSBP) standard developed by Amazon Web Services, and external + * compliance frameworks such as the Center for Internet Security (CIS), the + * Payment Card Industry Data Security Standard (PCI DSS), and the National * Institute of Standards and Technology (NIST). Each standard includes several * security controls, each of which represents a security best practice. Security * Hub runs checks against security controls and generates control findings to help * you assess your compliance against security best practices.
In addition * to generating control findings, Security Hub also receives findings from other - * Amazon Web Servicesservices, such as Amazon GuardDuty and Amazon Inspector, and + * Amazon Web Services services, such as Amazon GuardDuty and Amazon Inspector, and * supported third-party products. This gives you a single pane of glass into a * variety of security-related issues. You can also send Security Hub findings to - * other Amazon Web Servicesservices and supported third-party products.
+ * other Amazon Web Services services and supported third-party products. *Security Hub offers automation features that help you triage and remediate * security issues. For example, you can use automation rules to automatically * update critical findings when a security check fails. You can also leverage the @@ -48,15 +48,15 @@ namespace SecurityHub * Security Hub User Guide
In addition to interacting with Security Hub - * by making calls to the Security Hub API, you can use a current version of an + * Amazon Web Services services.
In addition to interacting with Security + * Hub by making calls to the Security Hub API, you can use a current version of an * Amazon Web Services command line tool or SDK. Amazon Web Services provides tools * and SDKs that consist of libraries and sample code for various languages and * platforms, such as PowerShell, Java, Go, Python, C++, and .NET. These tools and * SDKs provide convenient, programmatic access to Security Hub and other Amazon - * Web Servicesservices . They also handle tasks such as signing requests, managing - * errors, and retrying requests automatically. For information about installing - * and using the Amazon Web Services tools and SDKs, see Tools to Build on Amazon Web * Services.
With the exception of operations that are related to * central configuration, Security Hub API requests are executed only in the Amazon @@ -144,12 +144,17 @@ namespace SecurityHub virtual ~SecurityHubClient(); /** - *
Accepts the invitation to be a member account and be monitored by the - * Security Hub administrator account that the invitation was sent from.
- *This operation is only used by member accounts that are not added through - * Organizations.
When the member account accepts the invitation, permission - * is granted to the administrator account to view findings generated in the member - * account.
Accepts the invitation to be a + * member account and be monitored by the Security Hub administrator account that + * the invitation was sent from.
This operation is only used by member + * accounts that are not added through Organizations.
When the member + * account accepts the invitation, permission is granted to the administrator + * account to view findings generated in the member account.
Updates from BatchUpdateFindings do not affect the value of
+ *
Updates from BatchUpdateFindings don't affect the value of
* UpdatedAt for a finding.
Administrator and member accounts
* can use BatchUpdateFindings to update the following finding fields
* and objects.
Confidence
@@ -593,11 +598,13 @@ namespace SecurityHub } /** - *
Used to enable finding aggregation. Must be called from the aggregation - * Region.
For more details about cross-Region replication, see Configuring - * finding aggregation in the Security Hub User Guide.
Used to enable cross-Region aggregation. This + * operation can be invoked from the home Region only.
For information about + * how cross-Region aggregation works, see Understanding + * cross-Region aggregation in Security Hub in the Security Hub User + * Guide.
InviteMembers operation. If the account owner accepts the
* invitation, the account becomes a member account in Security Hub.
- * Accounts that are managed using Organizations do not receive an invitation. + *
Accounts that are managed using Organizations don't receive an invitation. * They automatically become a member account in Security Hub.
If * the organization account does not have Security Hub enabled, then Security Hub * and the default standards are automatically enabled. Note that Security Hub @@ -704,10 +711,15 @@ namespace SecurityHub } /** - *
Declines invitations to become a member account.
A prospective member - * account uses this operation to decline an invitation to become a member.
- *This operation is only called by member accounts that aren't part of an - * organization. Organization accounts don't receive invitations.
We recommend using Organizations instead of Security Hub invitations + * to manage your member accounts. For information, see Managing + * Security Hub administrator and member accounts with Organizations in the + * Security Hub User Guide.
Declines invitations to become a + * Security Hub member account.
A prospective member account uses this + * operation to decline an invitation to become a member.
Only member + * accounts that aren't part of an Amazon Web Services organization should use this + * operation. Organization accounts don't receive invitations.
Deletes a finding aggregator. When you delete the finding aggregator, you - * stop finding aggregation.
When you stop finding aggregation, findings - * that were already aggregated to the aggregation Region are still visible from - * the aggregation Region. New findings and finding updates are not aggregated. + *
The aggregation Region is now called the home + * Region.
Deletes a finding aggregator. When you delete the + * finding aggregator, you stop cross-Region aggregation. Finding replication stops + * occurring from the linked Regions to the home Region.
When you stop + * cross-Region aggregation, findings that were already replicated and sent to the + * home Region are still visible from the home Region. However, new findings and + * finding updates are no longer replicated and sent to the home Region. *
Deletes invitations received by the Amazon Web Services account to become a - * member account.
A Security Hub administrator account can use this - * operation to delete invitations sent to one or more member accounts.
This - * operation is only used to delete invitations that are sent to member accounts - * that aren't part of an organization. Organization accounts don't receive - * invitations.
Deletes invitations to become a + * Security Hub member account.
A Security Hub administrator account can use + * this operation to delete invitations sent to one or more prospective member + * accounts.
This operation is only used to delete invitations that are sent + * to prospective member accounts that aren't part of an Amazon Web Services + * organization. Organization accounts don't receive invitations.
Returns information about product integrations in Security Hub.
You * can optionally provide an integration ARN. If you provide an integration ARN, - * then the results only include that integration.
If you do not provide an + * then the results only include that integration.
If you don't provide an * integration ARN, then the results include all of the available product * integrations.
Returns the current finding aggregation configuration.
Returns the current configuration in the calling + * account for cross-Region aggregation. A finding aggregator is a resource that + * establishes the home Region and any linked Regions.
Returns a list of findings that match the specified criteria.
If
- * finding aggregation is enabled, then when you call GetFindings from
- * the aggregation Region, the results include all of the matching findings from
- * both the aggregation Region and the linked Regions.
Returns the count of all Security Hub membership invitations that were sent - * to the current member account, not including the currently accepted invitation. - *
Returns the count of all Security + * Hub membership invitations that were sent to the calling member account, not + * including the currently accepted invitation.
Invites other Amazon Web Services accounts to become member accounts for the - * Security Hub administrator account that the invitation is sent from.
This - * operation is only used to invite accounts that do not belong to an organization. - * Organization accounts do not receive invitations.
Before you can use this
- * action to invite a member, you must first use the CreateMembers
- * action to create the member account in Security Hub.
When the account - * owner enables Security Hub and accepts the invitation to become a member - * account, the administrator account can view the findings generated from the - * member account.
Invites other Amazon Web Services + * accounts to become member accounts for the Security Hub administrator account + * that the invitation is sent from.
This operation is only used to invite + * accounts that don't belong to an Amazon Web Services organization. Organization + * accounts don't receive invitations.
Before you can use this action to
+ * invite a member, you must first use the CreateMembers action to
+ * create the member account in Security Hub.
When the account owner enables + * Security Hub and accepts the invitation to become a member account, the + * administrator account can view the findings generated in the member + * account.
If finding aggregation is enabled, then ListFindingAggregators
- * returns the ARN of the finding aggregator. You can run this operation from any
+ *
If cross-Region aggregation is enabled, then
+ * ListFindingAggregators returns the Amazon Resource Name (ARN) of
+ * the finding aggregator. You can run this operation from any Amazon Web Services
* Region.
Lists all Security Hub membership invitations that were sent to the current - * Amazon Web Services account.
This operation is only used by accounts that - * are managed by invitation. Accounts that are managed using the integration with - * Organizations do not receive invitations.
Lists all Security Hub membership + * invitations that were sent to the calling account.
Only accounts that are + * managed by invitation can use this operation. Accounts that are managed using + * the integration with Organizations don't receive invitations.
Updates the finding aggregation configuration. Used to update the Region
- * linking mode and the list of included or excluded Regions. You cannot use
- * UpdateFindingAggregator to change the aggregation Region.
You must run UpdateFindingAggregator from the current
- * aggregation Region.
Updates cross-Region aggregation settings. You can + * use this operation to update the Region linking mode and the list of included or + * excluded Amazon Web Services Regions. However, you can't use this operation to + * change the home Region.
You can invoke this operation from the current + * home Region only.
One or more actions to update finding fields if a finding matches the - * defined criteria of the rule.
Specifies that the rule action should update the Types finding
- * field. The Types finding field classifies findings in the format of
- * namespace/category/classifier. For more information, see Types
- * taxonomy for ASFF in the Security Hub User Guide.
Specifies the type of action that Security Hub takes when a finding matches + * the defined criteria of a rule.
*/ inline const AutomationRulesActionType& GetType() const{ return m_type; } inline bool TypeHasBeenSet() const { return m_typeHasBeenSet; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AutomationRulesFindingFilters.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AutomationRulesFindingFilters.h index 092017140d8..36763be37cf 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AutomationRulesFindingFilters.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AutomationRulesFindingFilters.h @@ -399,7 +399,7 @@ namespace Model *The identifier for the given resource type. For Amazon Web Services * resources that are identified by Amazon Resource Names (ARNs), this is the ARN. * For Amazon Web Services resources that lack ARNs, this is the identifier as - * defined by the Amazon Web Servicesservice that created the resource. For + * defined by the Amazon Web Services service that created the resource. For * non-Amazon Web Services resources, this is a unique identifier that is * associated with the resource.
Array Members: Minimum number of 1 item. * Maximum number of 100 items.
diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleCopyActionsDetails.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleCopyActionsDetails.h index 52c00b5aa7c..5a5e86112da 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleCopyActionsDetails.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleCopyActionsDetails.h @@ -58,7 +58,7 @@ namespace Model /** *Defines when a protected resource is transitioned to cold storage and when it * expires. Backup transitions and expires backups automatically according to the - * lifecycle that you define. If you do not specify a lifecycle, Backup applies the + * lifecycle that you define. If you don't specify a lifecycle, Backup applies the * lifecycle policy of the source backup to the destination backup.
Backups * transitioned to cold storage must be stored in cold storage for a minimum of 90 * days.
diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleDetails.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleDetails.h index 0cee52866ee..3200487c91c 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleDetails.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupPlanRuleDetails.h @@ -155,7 +155,7 @@ namespace Model /** *Defines when a protected resource is transitioned to cold storage and when it * expires. Backup transitions and expires backups automatically according to the - * lifecycle that you define. If you do not specify a lifecycle, Backup applies the + * lifecycle that you define. If you don't specify a lifecycle, Backup applies the * lifecycle policy of the source backup to the destination backup.
Backups * transitioned to cold storage must be stored in cold storage for a minimum of 90 * days.
diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupVaultDetails.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupVaultDetails.h index 78a4ada4f59..1124844523b 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupVaultDetails.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsBackupBackupVaultDetails.h @@ -74,7 +74,7 @@ namespace Model /** *The unique ARN associated with the server-side encryption key. You can * specify a key to encrypt your backups from services that support full Backup - * management. If you do not specify a key, Backup creates an KMS key for you by + * management. If you don't specify a key, Backup creates an KMS key for you by * default.
*/ inline const Aws::String& GetEncryptionKeyArn() const{ return m_encryptionKeyArn; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsEcsServiceDetails.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsEcsServiceDetails.h index 75d17659d1b..b012e33d607 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsEcsServiceDetails.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsEcsServiceDetails.h @@ -286,7 +286,7 @@ namespace Model * strategy deploys exactly one task on each active container instance that meets * all of the task placement constraints that are specified in the cluster. The * service scheduler also evaluates the task placement constraints for running - * tasks and stops tasks that do not meet the placement constraints.Valid + * tasks and stops tasks that don't meet the placement constraints.
Valid
* values: REPLICA | DAEMON
Oracle
Contains * the Oracle System ID (SID) of the created DB instance. Not shown when the - * returned parameters do not apply to an Oracle DB instance.
+ * returned parameters don't apply to an Oracle DB instance. */ inline const Aws::String& GetDBName() const{ return m_dBName; } inline bool DBNameHasBeenSet() const { return m_dBNameHasBeenSet; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsSecurityFindingFilters.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsSecurityFindingFilters.h index a16fca94230..d5500e8c14c 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsSecurityFindingFilters.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/AwsSecurityFindingFilters.h @@ -1257,7 +1257,7 @@ namespace Model *ACTIVE. Compliance.Status changes
* from PASSED to FAILED, WARNING, or
* NOT_AVAILABLE.
- * SUPPRESSED - Indicates that you reviewed the finding and do not
+ * SUPPRESSED - Indicates that you reviewed the finding and don't
* believe that any action is needed.
The workflow status of a
* SUPPRESSED finding does not change if RecordState
* changes from ARCHIVED to ACTIVE.
@@ -1494,7 +1494,7 @@ namespace Model ///@{ /** *
The unique identifier of a control across standards. Values for this field - * typically consist of an Amazon Web Servicesservice and a number, such as + * typically consist of an Amazon Web Services service and a number, such as * APIGateway.5.
*/ inline const Aws::Vector
* ActivatedRule|OverrideAction applies only when
- * updating or adding a RuleGroup to a web ACL. In this case you do
- * not use ActivatedRule Action. For all other update
+ * updating or adding a RuleGroup to a web ACL. In this case you don't
+ * use ActivatedRule Action. For all other update
* requests, ActivatedRule Action is used instead of
* ActivatedRule OverrideAction.
Specifies the order in which the rules in a web ACL are evaluated. Rules with
* a lower value for Priority are evaluated before rules with a higher
* value. The value must be a unique integer. If you add multiple rules to a web
- * ACL, the values do not need to be consecutive.
Typically provides the unique identifier of a control across standards. For
- * Security Hub controls, this field consists of an Amazon Web Servicesservice and
+ * Security Hub controls, this field consists of an Amazon Web Services service and
* a unique number, such as APIGateway.5.
If RegionLinkingMode is
* ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list
- * of Regions that do not aggregate findings to the aggregation Region.
If + * of Regions that don't replicate and send findings to the home Region.
If
* RegionLinkingMode is SPECIFIED_REGIONS, then this is a
- * space-separated list of Regions that do aggregate findings to the aggregation
+ * space-separated list of Regions that do replicate and send findings to the home
* Region.
An InvalidInputException error results if you
* populate this field while RegionLinkingMode is
* NO_REGIONS.
The ARN of the finding aggregator. You use the finding aggregator ARN to - * retrieve details for, update, and stop finding aggregation.
+ * retrieve details for, update, and stop cross-Region aggregation. */ inline const Aws::String& GetFindingAggregatorArn() const{ return m_findingAggregatorArn; } inline void SetFindingAggregatorArn(const Aws::String& value) { m_findingAggregatorArn = value; } @@ -49,7 +49,8 @@ namespace Model ///@{ /** - *The aggregation Region.
+ *The home Region. Findings generated in linked Regions are replicated and sent + * to the home Region.
*/ inline const Aws::String& GetFindingAggregationRegion() const{ return m_findingAggregationRegion; } inline void SetFindingAggregationRegion(const Aws::String& value) { m_findingAggregationRegion = value; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/EnableSecurityHubRequest.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/EnableSecurityHubRequest.h index 32395bcae16..102e2ffda2d 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/EnableSecurityHubRequest.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/EnableSecurityHubRequest.h @@ -56,7 +56,7 @@ namespace Model ///@{ /** *Whether to enable the security standards that Security Hub has designated as
- * automatically enabled. If you do not provide a value for
+ * automatically enabled. If you don't provide a value for
* EnableDefaultStandards, it is set to true. To not
* enable the automatically enabled standards, set
* EnableDefaultStandards to false.
A finding aggregator. A finding aggregator contains the configuration for - * finding aggregation.
Identifies the source of the event that changed the finding. For example, an
- * integrated Amazon Web Servicesservice or third-party partner integration may
+ * integrated Amazon Web Services service or third-party partner integration may
* call
* BatchImportFindings , or an Security Hub customer may call Describes the type of finding change event, such as a call to
- * BatchImportFindings (by an integrated Amazon Web
- * Servicesservice or third party partner integration) or BatchImportFindings (by an integrated Amazon Web Services
+ * service or third party partner integration) or
* BatchUpdateFindings (by a Security Hub customer).
The aggregation Region.
+ *The home Region. Findings generated in linked Regions are replicated and sent + * to the home Region.
*/ inline const Aws::String& GetFindingAggregationRegion() const{ return m_findingAggregationRegion; } inline void SetFindingAggregationRegion(const Aws::String& value) { m_findingAggregationRegion = value; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/GetInsightsRequest.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/GetInsightsRequest.h index adf5b64c26d..8f8bf529bc9 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/GetInsightsRequest.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/GetInsightsRequest.h @@ -35,7 +35,7 @@ namespace Model ///@{ /** - *The ARNs of the insights to describe. If you do not provide any insight ARNs, + *
The ARNs of the insights to describe. If you don't provide any insight ARNs,
* then GetInsights returns all of your custom insights. It does not
* return any managed insights.
The Amazon Web Servicesservice that the configuration policy applies to. + *
The Amazon Web Services service that the configuration policy applies to. *
*/ inline const SecurityHubPolicy& GetSecurityHub() const{ return m_securityHub; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/RouteSetDetails.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/RouteSetDetails.h index 8ab2478edc4..8be602418b7 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/RouteSetDetails.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/RouteSetDetails.h @@ -96,7 +96,7 @@ namespace Model ///@{ /** - *The prefix of the destination Amazon Web Servicesservice.
+ *The prefix of the destination Amazon Web Services service.
*/ inline const Aws::String& GetDestinationPrefixListId() const{ return m_destinationPrefixListId; } inline bool DestinationPrefixListIdHasBeenSet() const { return m_destinationPrefixListIdHasBeenSet; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControl.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControl.h index 04f08853351..72e9e8b52fb 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControl.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControl.h @@ -46,8 +46,8 @@ namespace Model ///@{ /** *The unique identifier of a security control across standards. Values for - * this field typically consist of an Amazon Web Servicesservice name and a number, - * such as APIGateway.3.
+ * this field typically consist of an Amazon Web Services service name and a + * number, such as APIGateway.3. */ inline const Aws::String& GetSecurityControlId() const{ return m_securityControlId; } inline bool SecurityControlIdHasBeenSet() const { return m_securityControlIdHasBeenSet; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControlDefinition.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControlDefinition.h index b0309f326a8..5e71278be94 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControlDefinition.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/SecurityControlDefinition.h @@ -49,7 +49,7 @@ namespace Model ///@{ /** * The unique identifier of a security control across standards. Values for
- * this field typically consist of an Amazon Web Servicesservice name and a number
+ * this field typically consist of an Amazon Web Services service name and a number
* (for example, APIGateway.3). This parameter differs from
* SecurityControlArn, which is a unique Amazon Resource Name (ARN)
* assigned to a control. The ARN references the security control ID (for example,
diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Severity.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Severity.h
index f16b9c5f702..8e8963ae780 100644
--- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Severity.h
+++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Severity.h
@@ -66,7 +66,7 @@ namespace Model
*
HIGH - The issue must be addressed as a
* priority.
CRITICAL - The issue must be
* remediated immediately to avoid it escalating.
If you provide
- * Normalized and do not provide Label, then
+ * Normalized and don't provide Label, then
* Label is set automatically as follows.
0 -
* INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
@@ -85,7 +85,7 @@ namespace Model
*
Deprecated. The normalized severity of a finding. Instead of providing
* Normalized, provide Label.
The value of
* Normalized can be an integer between 0 and
- * 100.
If you provide Label and do not provide
+ * 100.
If you provide Label and don't provide
* Normalized, then Normalized is set automatically as
* follows.
INFORMATIONAL - 0
* LOW - 1
MEDIUM - 40
The normalized severity for the finding. This attribute is to be deprecated
* in favor of Label.
If you provide Normalized
- * and do not provide Label, Label is set automatically
- * as follows.
0 - INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 -
+ * and don't provide Label, Label is set automatically as
+ * follows.
0 - INFORMATIONAL
1–39
+ * - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 -
* CRITICAL
The unique identifier of a security control across standards. Values for - * this field typically consist of an Amazon Web Servicesservice name and a number, - * such as APIGateway.3.
+ * this field typically consist of an Amazon Web Services service name and a + * number, such as APIGateway.3. */ inline const Aws::String& GetSecurityControlId() const{ return m_securityControlId; } inline bool SecurityControlIdHasBeenSet() const { return m_securityControlIdHasBeenSet; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/StandardsControlAssociationSummary.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/StandardsControlAssociationSummary.h index 279eabb263b..c64556c7dc1 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/StandardsControlAssociationSummary.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/StandardsControlAssociationSummary.h @@ -58,7 +58,7 @@ namespace Model ///@{ /** *A unique standard-agnostic identifier for a control. Values for this field - * typically consist of an Amazon Web Servicesservice and a number, such as + * typically consist of an Amazon Web Services service and a number, such as * APIGateway.5. This field doesn't reference a specific standard.
*/ inline const Aws::String& GetSecurityControlId() const{ return m_securityControlId; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/UpdateFindingAggregatorRequest.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/UpdateFindingAggregatorRequest.h index 9c7ec49331f..1b5a82e18f1 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/UpdateFindingAggregatorRequest.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/UpdateFindingAggregatorRequest.h @@ -83,9 +83,9 @@ namespace Model /** *If RegionLinkingMode is
* ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list
- * of Regions that do not aggregate findings to the aggregation Region.
If + * of Regions that don't replicate and send findings to the home Region.
If
* RegionLinkingMode is SPECIFIED_REGIONS, then this is a
- * space-separated list of Regions that do aggregate findings to the aggregation
+ * space-separated list of Regions that do replicate and send findings to the home
* Region.
An InvalidInputException error results if you
* populate this field while RegionLinkingMode is
* NO_REGIONS.
The aggregation Region.
+ *The home Region. Findings generated in linked Regions are replicated and sent + * to the home Region.
*/ inline const Aws::String& GetFindingAggregationRegion() const{ return m_findingAggregationRegion; } inline void SetFindingAggregationRegion(const Aws::String& value) { m_findingAggregationRegion = value; } diff --git a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Workflow.h b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Workflow.h index 6a031f21a4b..c083667c30d 100644 --- a/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Workflow.h +++ b/generated/src/aws-cpp-sdk-securityhub/include/aws/securityhub/model/Workflow.h @@ -55,7 +55,7 @@ namespace Model * - Indicates that you notified the resource owner about the security issue. Used * when the initial reviewer is not the resource owner, and needs intervention from * the resource owner. SUPPRESSED - Indicates that
- * you reviewed the finding and do not believe that any action is needed. The
+ * you reviewed the finding and don't believe that any action is needed. The
* finding is no longer updated.
RESOLVED - The
* finding was reviewed and remediated and is now considered resolved.
RESOLVED - The finding was
* reviewed and remediated and is now considered resolved.
- * SUPPRESSED - Indicates that you reviewed the finding and do not
+ * SUPPRESSED - Indicates that you reviewed the finding and don't
* believe that any action is needed. The finding is no longer updated.
The https policy to use for tracking open and click events.
+ */ + inline const HttpsPolicy& GetHttpsPolicy() const{ return m_httpsPolicy; } + inline bool HttpsPolicyHasBeenSet() const { return m_httpsPolicyHasBeenSet; } + inline void SetHttpsPolicy(const HttpsPolicy& value) { m_httpsPolicyHasBeenSet = true; m_httpsPolicy = value; } + inline void SetHttpsPolicy(HttpsPolicy&& value) { m_httpsPolicyHasBeenSet = true; m_httpsPolicy = std::move(value); } + inline TrackingOptions& WithHttpsPolicy(const HttpsPolicy& value) { SetHttpsPolicy(value); return *this;} + inline TrackingOptions& WithHttpsPolicy(HttpsPolicy&& value) { SetHttpsPolicy(std::move(value)); return *this;} + ///@} private: Aws::String m_customRedirectDomain; bool m_customRedirectDomainHasBeenSet = false; + + HttpsPolicy m_httpsPolicy; + bool m_httpsPolicyHasBeenSet = false; }; } // namespace Model diff --git a/generated/src/aws-cpp-sdk-sesv2/source/model/HttpsPolicy.cpp b/generated/src/aws-cpp-sdk-sesv2/source/model/HttpsPolicy.cpp new file mode 100644 index 00000000000..b7598116217 --- /dev/null +++ b/generated/src/aws-cpp-sdk-sesv2/source/model/HttpsPolicy.cpp @@ -0,0 +1,79 @@ +/** + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0. + */ + +#includeBoolean that shows if the Flow that's associated with the Integration is created in Amazon Appflow, or with ObjectTypeName equals _unstructured via API/CLI in flowDefinition.
" + }, + "RoleArn":{ + "shape":"RoleArn", + "documentation":"The Amazon Resource Name (ARN) of the IAM role. The Integration uses this role to make Customer Profiles requests on your behalf.
" } } }, @@ -3710,6 +3714,10 @@ "IsUnstructured":{ "shape":"optionalBoolean", "documentation":"Boolean that shows if the Flow that's associated with the Integration is created in Amazon Appflow, or with ObjectTypeName equals _unstructured via API/CLI in flowDefinition.
" + }, + "RoleArn":{ + "shape":"RoleArn", + "documentation":"The Amazon Resource Name (ARN) of the IAM role. The Integration uses this role to make Customer Profiles requests on your behalf.
" } }, "documentation":"An integration in list of integrations.
" @@ -4579,6 +4587,10 @@ "ObjectTypeNames":{ "shape":"ObjectTypeNames", "documentation":"A map in which each key is an event type from an external application such as Segment or Shopify, and each value is an ObjectTypeName (template) used to ingest the event. It supports the following event types: SegmentIdentify, ShopifyCreateCustomers, ShopifyUpdateCustomers, ShopifyCreateDraftOrders, ShopifyUpdateDraftOrders, ShopifyCreateOrders, and ShopifyUpdatedOrders.
The Amazon Resource Name (ARN) of the IAM role. The Integration uses this role to make Customer Profiles requests on your behalf.
" } } }, @@ -4626,6 +4638,10 @@ "IsUnstructured":{ "shape":"optionalBoolean", "documentation":"Boolean that shows if the Flow that's associated with the Integration is created in Amazon Appflow, or with ObjectTypeName equals _unstructured via API/CLI in flowDefinition.
" + }, + "RoleArn":{ + "shape":"RoleArn", + "documentation":"The Amazon Resource Name (ARN) of the IAM role. The Integration uses this role to make Customer Profiles requests on your behalf.
" } } }, @@ -6030,5 +6046,5 @@ "pattern":"[a-f0-9]{32}" } }, - "documentation":"Amazon Connect Customer Profiles is a unified customer profile for your contact center that has pre-built connectors powered by AppFlow that make it easy to combine customer information from third party applications, such as Salesforce (CRM), ServiceNow (ITSM), and your enterprise resource planning (ERP), with contact history from your Amazon Connect contact center.
For more information about the Amazon Connect Customer Profiles feature, see Use Customer Profiles in the Amazon Connect Administrator's Guide.
" + "documentation":"Amazon Connect Customer Profiles is a unified customer profile for your contact center that has pre-built connectors powered by AppFlow that make it easy to combine customer information from third party applications, such as Salesforce (CRM), ServiceNow (ITSM), and your enterprise resource planning (ERP), with contact history from your Amazon Connect contact center.
For more information about the Amazon Connect Customer Profiles feature, see Use Customer Profiles in the Amazon Connect Administrator's Guide.
" } diff --git a/tools/code-generation/api-descriptions/quicksight-2018-04-01.normal.json b/tools/code-generation/api-descriptions/quicksight-2018-04-01.normal.json index a4ccd6ae7db..ee1235c5321 100644 --- a/tools/code-generation/api-descriptions/quicksight-2018-04-01.normal.json +++ b/tools/code-generation/api-descriptions/quicksight-2018-04-01.normal.json @@ -1492,6 +1492,24 @@ ], "documentation":"Describes the current namespace.
" }, + "DescribeQPersonalizationConfiguration":{ + "name":"DescribeQPersonalizationConfiguration", + "http":{ + "method":"GET", + "requestUri":"/accounts/{AwsAccountId}/q-personalization-configuration" + }, + "input":{"shape":"DescribeQPersonalizationConfigurationRequest"}, + "output":{"shape":"DescribeQPersonalizationConfigurationResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ThrottlingException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"InternalFailureException"} + ], + "documentation":"Describes a personalization configuration.
" + }, "DescribeRefreshSchedule":{ "name":"DescribeRefreshSchedule", "http":{ @@ -3073,6 +3091,25 @@ ], "documentation":"Use the UpdatePublicSharingSettings operation to turn on or turn off the public sharing settings of an Amazon QuickSight dashboard.
To use this operation, turn on session capacity pricing for your Amazon QuickSight account.
Before you can turn on public sharing on your account, make sure to give public sharing permissions to an administrative user in the Identity and Access Management (IAM) console. For more information on using IAM with Amazon QuickSight, see Using Amazon QuickSight with IAM in the Amazon QuickSight User Guide.
" }, + "UpdateQPersonalizationConfiguration":{ + "name":"UpdateQPersonalizationConfiguration", + "http":{ + "method":"PUT", + "requestUri":"/accounts/{AwsAccountId}/q-personalization-configuration" + }, + "input":{"shape":"UpdateQPersonalizationConfigurationRequest"}, + "output":{"shape":"UpdateQPersonalizationConfigurationResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ConflictException"}, + {"shape":"InvalidParameterValueException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalFailureException"}, + {"shape":"ResourceUnavailableException"} + ], + "documentation":"Updates a personalization configuration.
" + }, "UpdateRefreshSchedule":{ "name":"UpdateRefreshSchedule", "http":{ @@ -14520,6 +14557,36 @@ } } }, + "DescribeQPersonalizationConfigurationRequest":{ + "type":"structure", + "required":["AwsAccountId"], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "documentation":"The ID of the Amazon Web Services account that contains the personalization configuration that the user wants described.
", + "location":"uri", + "locationName":"AwsAccountId" + } + } + }, + "DescribeQPersonalizationConfigurationResponse":{ + "type":"structure", + "members":{ + "PersonalizationMode":{ + "shape":"PersonalizationMode", + "documentation":"A value that indicates whether personalization is enabled or not.
" + }, + "RequestId":{ + "shape":"String", + "documentation":"The Amazon Web Services request ID for this operation.
" + }, + "Status":{ + "shape":"StatusCode", + "documentation":"The HTTP status of the request.
", + "location":"statusCode" + } + } + }, "DescribeRefreshScheduleRequest":{ "type":"structure", "required":[ @@ -23390,6 +23457,13 @@ "max":1000, "min":1 }, + "PersonalizationMode":{ + "type":"string", + "enum":[ + "ENABLED", + "DISABLED" + ] + }, "PhysicalTable":{ "type":"structure", "members":{ @@ -32461,6 +32535,43 @@ } } }, + "UpdateQPersonalizationConfigurationRequest":{ + "type":"structure", + "required":[ + "AwsAccountId", + "PersonalizationMode" + ], + "members":{ + "AwsAccountId":{ + "shape":"AwsAccountId", + "documentation":"The ID of the Amazon Web Services account account that contains the personalization configuration that the user wants to update.
", + "location":"uri", + "locationName":"AwsAccountId" + }, + "PersonalizationMode":{ + "shape":"PersonalizationMode", + "documentation":"An option to allow Amazon QuickSight to customize data stories with user specific metadata, specifically location and job information, in your IAM Identity Center instance.
" + } + } + }, + "UpdateQPersonalizationConfigurationResponse":{ + "type":"structure", + "members":{ + "PersonalizationMode":{ + "shape":"PersonalizationMode", + "documentation":"The personalization mode that is used for the personalization configuration.
" + }, + "RequestId":{ + "shape":"String", + "documentation":"The Amazon Web Services request ID for this operation.
" + }, + "Status":{ + "shape":"StatusCode", + "documentation":"The HTTP status of the request.
", + "location":"statusCode" + } + } + }, "UpdateRefreshScheduleRequest":{ "type":"structure", "required":[ diff --git a/tools/code-generation/api-descriptions/securityhub-2018-10-26.normal.json b/tools/code-generation/api-descriptions/securityhub-2018-10-26.normal.json index c24a2fb4507..de3aa366fdc 100644 --- a/tools/code-generation/api-descriptions/securityhub-2018-10-26.normal.json +++ b/tools/code-generation/api-descriptions/securityhub-2018-10-26.normal.json @@ -29,7 +29,7 @@ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidAccessException"} ], - "documentation":"Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from.
This operation is only used by member accounts that are not added through Organizations.
When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Accepts the invitation to be a member account and be monitored by the Security Hub administrator account that the invitation was sent from.
This operation is only used by member accounts that are not added through Organizations.
When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.
" }, "AcceptInvitation":{ "name":"AcceptInvitation", @@ -216,7 +216,7 @@ {"shape":"LimitExceededException"}, {"shape":"InvalidAccessException"} ], - "documentation":"Used by Security Hub customers to update information about their investigation into a finding. Requested by administrator accounts or member accounts. Administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their account.
Updates from BatchUpdateFindings do not affect the value of UpdatedAt for a finding.
Administrator and member accounts can use BatchUpdateFindings to update the following finding fields and objects.
Confidence
Criticality
Note
RelatedFindings
Severity
Types
UserDefinedFields
VerificationState
Workflow
You can configure IAM policies to restrict access to fields and field values. For example, you might not want member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide.
" + "documentation":"Used by Security Hub customers to update information about their investigation into a finding. Requested by administrator accounts or member accounts. Administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their account.
Updates from BatchUpdateFindings don't affect the value of UpdatedAt for a finding.
Administrator and member accounts can use BatchUpdateFindings to update the following finding fields and objects.
Confidence
Criticality
Note
RelatedFindings
Severity
Types
UserDefinedFields
VerificationState
Workflow
You can configure IAM policies to restrict access to fields and field values. For example, you might not want member accounts to be able to suppress findings or change the finding severity. See Configuring access to BatchUpdateFindings in the Security Hub User Guide.
" }, "BatchUpdateStandardsControlAssociations":{ "name":"BatchUpdateStandardsControlAssociations", @@ -302,7 +302,7 @@ {"shape":"AccessDeniedException"}, {"shape":"InvalidInputException"} ], - "documentation":"Used to enable finding aggregation. Must be called from the aggregation Region.
For more details about cross-Region replication, see Configuring finding aggregation in the Security Hub User Guide.
" + "documentation":"The aggregation Region is now called the home Region.
Used to enable cross-Region aggregation. This operation can be invoked from the home Region only.
For information about how cross-Region aggregation works, see Understanding cross-Region aggregation in Security Hub in the Security Hub User Guide.
" }, "CreateInsight":{ "name":"CreateInsight", @@ -337,7 +337,7 @@ {"shape":"ResourceConflictException"}, {"shape":"AccessDeniedException"} ], - "documentation":"Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account. If you are integrated with Organizations, then the administrator account is designated by the organization management account.
CreateMembers is always used to add accounts that are not organization members.
For accounts that are managed using Organizations, CreateMembers is only used in the following cases:
Security Hub is not configured to automatically add new organization accounts.
The account was disassociated or deleted in Security Hub.
This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the EnableSecurityHub operation.
For accounts that are not organization members, you create the account association and then send an invitation to the member account. To send the invitation, you use the InviteMembers operation. If the account owner accepts the invitation, the account becomes a member account in Security Hub.
Accounts that are managed using Organizations do not receive an invitation. They automatically become a member account in Security Hub.
If the organization account does not have Security Hub enabled, then Security Hub and the default standards are automatically enabled. Note that Security Hub cannot be enabled automatically for the organization management account. The organization management account must enable Security Hub before the administrator account enables it as a member account.
For organization accounts that already have Security Hub enabled, Security Hub does not make any other changes to those accounts. It does not change their enabled standards or controls.
A permissions policy is added that permits the administrator account to view the findings generated in the member account.
To remove the association between the administrator and member accounts, use the DisassociateFromMasterAccount or DisassociateMembers operation.
Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the administrator account. If you are integrated with Organizations, then the administrator account is designated by the organization management account.
CreateMembers is always used to add accounts that are not organization members.
For accounts that are managed using Organizations, CreateMembers is only used in the following cases:
Security Hub is not configured to automatically add new organization accounts.
The account was disassociated or deleted in Security Hub.
This action can only be used by an account that has Security Hub enabled. To enable Security Hub, you can use the EnableSecurityHub operation.
For accounts that are not organization members, you create the account association and then send an invitation to the member account. To send the invitation, you use the InviteMembers operation. If the account owner accepts the invitation, the account becomes a member account in Security Hub.
Accounts that are managed using Organizations don't receive an invitation. They automatically become a member account in Security Hub.
If the organization account does not have Security Hub enabled, then Security Hub and the default standards are automatically enabled. Note that Security Hub cannot be enabled automatically for the organization management account. The organization management account must enable Security Hub before the administrator account enables it as a member account.
For organization accounts that already have Security Hub enabled, Security Hub does not make any other changes to those accounts. It does not change their enabled standards or controls.
A permissions policy is added that permits the administrator account to view the findings generated in the member account.
To remove the association between the administrator and member accounts, use the DisassociateFromMasterAccount or DisassociateMembers operation.
Declines invitations to become a member account.
A prospective member account uses this operation to decline an invitation to become a member.
This operation is only called by member accounts that aren't part of an organization. Organization accounts don't receive invitations.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Declines invitations to become a Security Hub member account.
A prospective member account uses this operation to decline an invitation to become a member.
Only member accounts that aren't part of an Amazon Web Services organization should use this operation. Organization accounts don't receive invitations.
" }, "DeleteActionTarget":{ "name":"DeleteActionTarget", @@ -406,7 +406,7 @@ {"shape":"InvalidInputException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Deletes a finding aggregator. When you delete the finding aggregator, you stop finding aggregation.
When you stop finding aggregation, findings that were already aggregated to the aggregation Region are still visible from the aggregation Region. New findings and finding updates are not aggregated.
" + "documentation":"The aggregation Region is now called the home Region.
Deletes a finding aggregator. When you delete the finding aggregator, you stop cross-Region aggregation. Finding replication stops occurring from the linked Regions to the home Region.
When you stop cross-Region aggregation, findings that were already replicated and sent to the home Region are still visible from the home Region. However, new findings and finding updates are no longer replicated and sent to the home Region.
" }, "DeleteInsight":{ "name":"DeleteInsight", @@ -440,7 +440,7 @@ {"shape":"ResourceNotFoundException"}, {"shape":"InvalidAccessException"} ], - "documentation":"Deletes invitations received by the Amazon Web Services account to become a member account.
A Security Hub administrator account can use this operation to delete invitations sent to one or more member accounts.
This operation is only used to delete invitations that are sent to member accounts that aren't part of an organization. Organization accounts don't receive invitations.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Deletes invitations to become a Security Hub member account.
A Security Hub administrator account can use this operation to delete invitations sent to one or more prospective member accounts.
This operation is only used to delete invitations that are sent to prospective member accounts that aren't part of an Amazon Web Services organization. Organization accounts don't receive invitations.
" }, "DeleteMembers":{ "name":"DeleteMembers", @@ -522,7 +522,7 @@ {"shape":"InvalidAccessException"}, {"shape":"InvalidInputException"} ], - "documentation":"Returns information about product integrations in Security Hub.
You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include that integration.
If you do not provide an integration ARN, then the results include all of the available product integrations.
" + "documentation":"Returns information about product integrations in Security Hub.
You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include that integration.
If you don't provide an integration ARN, then the results include all of the available product integrations.
" }, "DescribeStandards":{ "name":"DescribeStandards", @@ -796,7 +796,7 @@ {"shape":"InvalidInputException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Returns the current finding aggregation configuration.
" + "documentation":"The aggregation Region is now called the home Region.
Returns the current configuration in the calling account for cross-Region aggregation. A finding aggregator is a resource that establishes the home Region and any linked Regions.
" }, "GetFindingHistory":{ "name":"GetFindingHistory", @@ -828,7 +828,7 @@ {"shape":"InvalidAccessException"}, {"shape":"LimitExceededException"} ], - "documentation":"Returns a list of findings that match the specified criteria.
If finding aggregation is enabled, then when you call GetFindings from the aggregation Region, the results include all of the matching findings from both the aggregation Region and the linked Regions.
Returns a list of findings that match the specified criteria.
If cross-Region aggregation is enabled, then when you call GetFindings from the home Region, the results include all of the matching findings from both the home Region and linked Regions.
Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Returns the count of all Security Hub membership invitations that were sent to the calling member account, not including the currently accepted invitation.
" }, "GetMasterAccount":{ "name":"GetMasterAccount", @@ -948,7 +948,7 @@ {"shape":"LimitExceededException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from.
This operation is only used to invite accounts that do not belong to an organization. Organization accounts do not receive invitations.
Before you can use this action to invite a member, you must first use the CreateMembers action to create the member account in Security Hub.
When the account owner enables Security Hub and accepts the invitation to become a member account, the administrator account can view the findings generated from the member account.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Invites other Amazon Web Services accounts to become member accounts for the Security Hub administrator account that the invitation is sent from.
This operation is only used to invite accounts that don't belong to an Amazon Web Services organization. Organization accounts don't receive invitations.
Before you can use this action to invite a member, you must first use the CreateMembers action to create the member account in Security Hub.
When the account owner enables Security Hub and accepts the invitation to become a member account, the administrator account can view the findings generated in the member account.
" }, "ListAutomationRules":{ "name":"ListAutomationRules", @@ -1032,7 +1032,7 @@ {"shape":"AccessDeniedException"}, {"shape":"InvalidInputException"} ], - "documentation":"If finding aggregation is enabled, then ListFindingAggregators returns the ARN of the finding aggregator. You can run this operation from any Region.
If cross-Region aggregation is enabled, then ListFindingAggregators returns the Amazon Resource Name (ARN) of the finding aggregator. You can run this operation from any Amazon Web Services Region.
Lists all Security Hub membership invitations that were sent to the current Amazon Web Services account.
This operation is only used by accounts that are managed by invitation. Accounts that are managed using the integration with Organizations do not receive invitations.
" + "documentation":"We recommend using Organizations instead of Security Hub invitations to manage your member accounts. For information, see Managing Security Hub administrator and member accounts with Organizations in the Security Hub User Guide.
Lists all Security Hub membership invitations that were sent to the calling account.
Only accounts that are managed by invitation can use this operation. Accounts that are managed using the integration with Organizations don't receive invitations.
" }, "ListMembers":{ "name":"ListMembers", @@ -1247,7 +1247,7 @@ {"shape":"InvalidInputException"}, {"shape":"ResourceNotFoundException"} ], - "documentation":"Updates the finding aggregation configuration. Used to update the Region linking mode and the list of included or excluded Regions. You cannot use UpdateFindingAggregator to change the aggregation Region.
You must run UpdateFindingAggregator from the current aggregation Region.
The aggregation Region is now called the home Region.
Updates cross-Region aggregation settings. You can use this operation to update the Region linking mode and the list of included or excluded Amazon Web Services Regions. However, you can't use this operation to change the home Region.
You can invoke this operation from the current home Region only.
" }, "UpdateFindings":{ "name":"UpdateFindings", @@ -1725,14 +1725,14 @@ "members":{ "Type":{ "shape":"AutomationRulesActionType", - "documentation":" Specifies that the rule action should update the Types finding field. The Types finding field classifies findings in the format of namespace/category/classifier. For more information, see Types taxonomy for ASFF in the Security Hub User Guide.
Specifies the type of action that Security Hub takes when a finding matches the defined criteria of a rule.
" }, "FindingFieldsUpdate":{ "shape":"AutomationRulesFindingFieldsUpdate", "documentation":"Specifies that the automation rule action is an update to a finding field.
" } }, - "documentation":"One or more actions to update finding fields if a finding matches the defined criteria of the rule.
" + "documentation":"One or more actions that Security Hub takes when a finding matches the defined criteria of a rule.
" }, "AutomationRulesActionType":{ "type":"string", @@ -1908,7 +1908,7 @@ }, "ResourceId":{ "shape":"StringFilterList", - "documentation":"The identifier for the given resource type. For Amazon Web Services resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For Amazon Web Services resources that lack ARNs, this is the identifier as defined by the Amazon Web Servicesservice that created the resource. For non-Amazon Web Services resources, this is a unique identifier that is associated with the resource.
Array Members: Minimum number of 1 item. Maximum number of 100 items.
" + "documentation":"The identifier for the given resource type. For Amazon Web Services resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For Amazon Web Services resources that lack ARNs, this is the identifier as defined by the Amazon Web Services service that created the resource. For non-Amazon Web Services resources, this is a unique identifier that is associated with the resource.
Array Members: Minimum number of 1 item. Maximum number of 100 items.
" }, "ResourcePartition":{ "shape":"StringFilterList", @@ -3292,7 +3292,7 @@ }, "Lifecycle":{ "shape":"AwsBackupBackupPlanLifecycleDetails", - "documentation":"Defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, Backup applies the lifecycle policy of the source backup to the destination backup.
Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.
" + "documentation":"Defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define. If you don't specify a lifecycle, Backup applies the lifecycle policy of the source backup to the destination backup.
Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.
" } }, "documentation":"An array of CopyAction objects, each of which contains details of the copy operation.
Defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, Backup applies the lifecycle policy of the source backup to the destination backup.
Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.
" + "documentation":"Defines when a protected resource is transitioned to cold storage and when it expires. Backup transitions and expires backups automatically according to the lifecycle that you define. If you don't specify a lifecycle, Backup applies the lifecycle policy of the source backup to the destination backup.
Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days.
" } }, "documentation":"Provides details about an array of BackupRule objects, each of which specifies a scheduled task that is used to back up a selection of resources.
The unique ARN associated with the server-side encryption key. You can specify a key to encrypt your backups from services that support full Backup management. If you do not specify a key, Backup creates an KMS key for you by default.
" + "documentation":"The unique ARN associated with the server-side encryption key. You can specify a key to encrypt your backups from services that support full Backup management. If you don't specify a key, Backup creates an KMS key for you by default.
" }, "Notifications":{ "shape":"AwsBackupBackupVaultNotificationsDetails", @@ -7636,7 +7636,7 @@ }, "SchedulingStrategy":{ "shape":"NonEmptyString", - "documentation":"The scheduling strategy to use for the service.
The REPLICA scheduling strategy places and maintains the desired number of tasks across the cluster. By default, the service scheduler spreads tasks across Availability Zones. Task placement strategies and constraints are used to customize task placement decisions.
The DAEMON scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that are specified in the cluster. The service scheduler also evaluates the task placement constraints for running tasks and stops tasks that do not meet the placement constraints.
Valid values: REPLICA | DAEMON
The scheduling strategy to use for the service.
The REPLICA scheduling strategy places and maintains the desired number of tasks across the cluster. By default, the service scheduler spreads tasks across Availability Zones. Task placement strategies and constraints are used to customize task placement decisions.
The DAEMON scheduling strategy deploys exactly one task on each active container instance that meets all of the task placement constraints that are specified in the cluster. The service scheduler also evaluates the task placement constraints for running tasks and stops tasks that don't meet the placement constraints.
Valid values: REPLICA | DAEMON
The meaning of this parameter differs according to the database engine you use.
MySQL, MariaDB, SQL Server, PostgreSQL
Contains the name of the initial database of this instance that was provided at create time, if one was specified when the DB instance was created. This same name is returned for the life of the DB instance.
Oracle
Contains the Oracle System ID (SID) of the created DB instance. Not shown when the returned parameters do not apply to an Oracle DB instance.
" + "documentation":"The meaning of this parameter differs according to the database engine you use.
MySQL, MariaDB, SQL Server, PostgreSQL
Contains the name of the initial database of this instance that was provided at create time, if one was specified when the DB instance was created. This same name is returned for the life of the DB instance.
Oracle
Contains the Oracle System ID (SID) of the created DB instance. Not shown when the returned parameters don't apply to an Oracle DB instance.
" }, "DeletionProtection":{ "shape":"Boolean", @@ -14209,7 +14209,7 @@ }, "WorkflowStatus":{ "shape":"StringFilterList", - "documentation":"The status of the investigation into a finding. Allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
If one of the following occurs, the workflow status is changed automatically from NOTIFIED to NEW:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.
SUPPRESSED - Indicates that you reviewed the finding and do not believe that any action is needed.
The workflow status of a SUPPRESSED finding does not change if RecordState changes from ARCHIVED to ACTIVE.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
The finding remains RESOLVED unless one of the following occurs:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.
In those cases, the workflow status is automatically reset to NEW.
For findings from controls, if Compliance.Status is PASSED, then Security Hub automatically sets the workflow status to RESOLVED.
The status of the investigation into a finding. Allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that the resource owner has been notified about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
If one of the following occurs, the workflow status is changed automatically from NOTIFIED to NEW:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.
SUPPRESSED - Indicates that you reviewed the finding and don't believe that any action is needed.
The workflow status of a SUPPRESSED finding does not change if RecordState changes from ARCHIVED to ACTIVE.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
The finding remains RESOLVED unless one of the following occurs:
RecordState changes from ARCHIVED to ACTIVE.
Compliance.Status changes from PASSED to FAILED, WARNING, or NOT_AVAILABLE.
In those cases, the workflow status is automatically reset to NEW.
For findings from controls, if Compliance.Status is PASSED, then Security Hub automatically sets the workflow status to RESOLVED.
The unique identifier of a control across standards. Values for this field typically consist of an Amazon Web Servicesservice and a number, such as APIGateway.5.
" + "documentation":"The unique identifier of a control across standards. Values for this field typically consist of an Amazon Web Services service and a number, such as APIGateway.5.
" }, "ComplianceAssociatedStandardsId":{ "shape":"StringFilterList", @@ -15035,11 +15035,11 @@ }, "OverrideAction":{ "shape":"WafOverrideAction", - "documentation":"Use the OverrideAction to test your RuleGroup.
Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction to None, the RuleGroup blocks a request if any individual rule in the RuleGroup matches the request and is configured to block that request.
However, if you first want to test the RuleGroup, set the OverrideAction to Count. The RuleGroup then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.
ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a web ACL. In this case you do not use ActivatedRule Action. For all other update requests, ActivatedRule Action is used instead of ActivatedRule OverrideAction.
Use the OverrideAction to test your RuleGroup.
Any rule in a RuleGroup can potentially block a request. If you set the OverrideAction to None, the RuleGroup blocks a request if any individual rule in the RuleGroup matches the request and is configured to block that request.
However, if you first want to test the RuleGroup, set the OverrideAction to Count. The RuleGroup then overrides any block action specified by individual rules contained within the group. Instead of blocking matching requests, those requests are counted.
ActivatedRule|OverrideAction applies only when updating or adding a RuleGroup to a web ACL. In this case you don't use ActivatedRule Action. For all other update requests, ActivatedRule Action is used instead of ActivatedRule OverrideAction.
Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for Priority are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values do not need to be consecutive.
Specifies the order in which the rules in a web ACL are evaluated. Rules with a lower value for Priority are evaluated before rules with a higher value. The value must be a unique integer. If you add multiple rules to a web ACL, the values don't need to be consecutive.
Typically provides the unique identifier of a control across standards. For Security Hub controls, this field consists of an Amazon Web Servicesservice and a unique number, such as APIGateway.5.
Typically provides the unique identifier of a control across standards. For Security Hub controls, this field consists of an Amazon Web Services service and a unique number, such as APIGateway.5.
If RegionLinkingMode is ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.
If RegionLinkingMode is SPECIFIED_REGIONS, then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.
An InvalidInputException error results if you populate this field while RegionLinkingMode is NO_REGIONS.
If RegionLinkingMode is ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list of Regions that don't replicate and send findings to the home Region.
If RegionLinkingMode is SPECIFIED_REGIONS, then this is a space-separated list of Regions that do replicate and send findings to the home Region.
An InvalidInputException error results if you populate this field while RegionLinkingMode is NO_REGIONS.
The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and stop finding aggregation.
" + "documentation":"The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and stop cross-Region aggregation.
" }, "FindingAggregationRegion":{ "shape":"NonEmptyString", - "documentation":"The aggregation Region.
" + "documentation":"The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
" }, "RegionLinkingMode":{ "shape":"NonEmptyString", @@ -16926,7 +16926,7 @@ }, "EnableDefaultStandards":{ "shape":"Boolean", - "documentation":"Whether to enable the security standards that Security Hub has designated as automatically enabled. If you do not provide a value for EnableDefaultStandards, it is set to true. To not enable the automatically enabled standards, set EnableDefaultStandards to false.
Whether to enable the security standards that Security Hub has designated as automatically enabled. If you don't provide a value for EnableDefaultStandards, it is set to true. To not enable the automatically enabled standards, set EnableDefaultStandards to false.
The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
" } }, - "documentation":"A finding aggregator. A finding aggregator contains the configuration for finding aggregation.
" + "documentation":"A finding aggregator is a Security Hub resource that specifies cross-Region aggregation settings, including the home Region and any linked Regions.
" }, "FindingAggregatorList":{ "type":"list", @@ -17038,7 +17038,7 @@ }, "UpdateSource":{ "shape":"FindingHistoryUpdateSource", - "documentation":" Identifies the source of the event that changed the finding. For example, an integrated Amazon Web Servicesservice or third-party partner integration may call BatchImportFindings , or an Security Hub customer may call BatchUpdateFindings .
Identifies the source of the event that changed the finding. For example, an integrated Amazon Web Services service or third-party partner integration may call BatchImportFindings , or an Security Hub customer may call BatchUpdateFindings .
Describes the type of finding change event, such as a call to BatchImportFindings (by an integrated Amazon Web Servicesservice or third party partner integration) or BatchUpdateFindings (by a Security Hub customer).
Describes the type of finding change event, such as a call to BatchImportFindings (by an integrated Amazon Web Services service or third party partner integration) or BatchUpdateFindings (by a Security Hub customer).
The aggregation Region.
" + "documentation":"The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
" }, "RegionLinkingMode":{ "shape":"NonEmptyString", @@ -17506,7 +17506,7 @@ "members":{ "InsightArns":{ "shape":"ArnList", - "documentation":"The ARNs of the insights to describe. If you do not provide any insight ARNs, then GetInsights returns all of your custom insights. It does not return any managed insights.
The ARNs of the insights to describe. If you don't provide any insight ARNs, then GetInsights returns all of your custom insights. It does not return any managed insights.
The Amazon Web Servicesservice that the configuration policy applies to.
" + "documentation":"The Amazon Web Services service that the configuration policy applies to.
" } }, "documentation":"An object that defines how Security Hub is configured. It includes whether Security Hub is enabled or disabled, a list of enabled security standards, a list of enabled or disabled security controls, and a list of custom parameter values for specified controls. If you provide a list of security controls that are enabled in the configuration policy, Security Hub disables all other controls (including newly released controls). If you provide a list of security controls that are disabled in the configuration policy, Security Hub enables all other controls (including newly released controls).
", @@ -19680,7 +19680,7 @@ }, "DestinationPrefixListId":{ "shape":"NonEmptyString", - "documentation":"The prefix of the destination Amazon Web Servicesservice.
" + "documentation":"The prefix of the destination Amazon Web Services service.
" }, "EgressOnlyInternetGatewayId":{ "shape":"NonEmptyString", @@ -20101,7 +20101,7 @@ "members":{ "SecurityControlId":{ "shape":"NonEmptyString", - "documentation":"The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Servicesservice name and a number, such as APIGateway.3.
" + "documentation":"The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.
" }, "SecurityControlArn":{ "shape":"NonEmptyString", @@ -20173,7 +20173,7 @@ "members":{ "SecurityControlId":{ "shape":"NonEmptyString", - "documentation":" The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Servicesservice name and a number (for example, APIGateway.3). This parameter differs from SecurityControlArn, which is a unique Amazon Resource Name (ARN) assigned to a control. The ARN references the security control ID (for example, arn:aws:securityhub:eu-central-1:123456789012:security-control/APIGateway.3).
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number (for example, APIGateway.3). This parameter differs from SecurityControlArn, which is a unique Amazon Resource Name (ARN) assigned to a control. The ARN references the security control ID (for example, arn:aws:securityhub:eu-central-1:123456789012:security-control/APIGateway.3).
The severity value of the finding. The allowed values are the following.
INFORMATIONAL - No issue was found.
LOW - The issue does not require action on its own.
MEDIUM - The issue must be addressed but not urgently.
HIGH - The issue must be addressed as a priority.
CRITICAL - The issue must be remediated immediately to avoid it escalating.
If you provide Normalized and do not provide Label, then Label is set automatically as follows.
0 - INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 - CRITICAL
The severity value of the finding. The allowed values are the following.
INFORMATIONAL - No issue was found.
LOW - The issue does not require action on its own.
MEDIUM - The issue must be addressed but not urgently.
HIGH - The issue must be addressed as a priority.
CRITICAL - The issue must be remediated immediately to avoid it escalating.
If you provide Normalized and don't provide Label, then Label is set automatically as follows.
0 - INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 - CRITICAL
Deprecated. The normalized severity of a finding. Instead of providing Normalized, provide Label.
The value of Normalized can be an integer between 0 and 100.
If you provide Label and do not provide Normalized, then Normalized is set automatically as follows.
INFORMATIONAL - 0
LOW - 1
MEDIUM - 40
HIGH - 70
CRITICAL - 90
Deprecated. The normalized severity of a finding. Instead of providing Normalized, provide Label.
The value of Normalized can be an integer between 0 and 100.
If you provide Label and don't provide Normalized, then Normalized is set automatically as follows.
INFORMATIONAL - 0
LOW - 1
MEDIUM - 40
HIGH - 70
CRITICAL - 90
The normalized severity for the finding. This attribute is to be deprecated in favor of Label.
If you provide Normalized and do not provide Label, Label is set automatically as follows.
0 - INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 - CRITICAL
The normalized severity for the finding. This attribute is to be deprecated in favor of Label.
If you provide Normalized and don't provide Label, Label is set automatically as follows.
0 - INFORMATIONAL
1–39 - LOW
40–69 - MEDIUM
70–89 - HIGH
90–100 - CRITICAL
The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Servicesservice name and a number, such as APIGateway.3.
" + "documentation":"The unique identifier of a security control across standards. Values for this field typically consist of an Amazon Web Services service name and a number, such as APIGateway.3.
" }, "SecurityControlArn":{ "shape":"NonEmptyString", @@ -20636,7 +20636,7 @@ }, "SecurityControlId":{ "shape":"NonEmptyString", - "documentation":"A unique standard-agnostic identifier for a control. Values for this field typically consist of an Amazon Web Servicesservice and a number, such as APIGateway.5. This field doesn't reference a specific standard.
" + "documentation":"A unique standard-agnostic identifier for a control. Values for this field typically consist of an Amazon Web Services service and a number, such as APIGateway.5. This field doesn't reference a specific standard.
" }, "SecurityControlArn":{ "shape":"NonEmptyString", @@ -21483,7 +21483,7 @@ }, "Regions":{ "shape":"StringList", - "documentation":"If RegionLinkingMode is ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list of Regions that do not aggregate findings to the aggregation Region.
If RegionLinkingMode is SPECIFIED_REGIONS, then this is a space-separated list of Regions that do aggregate findings to the aggregation Region.
An InvalidInputException error results if you populate this field while RegionLinkingMode is NO_REGIONS.
If RegionLinkingMode is ALL_REGIONS_EXCEPT_SPECIFIED, then this is a space-separated list of Regions that don't replicate and send findings to the home Region.
If RegionLinkingMode is SPECIFIED_REGIONS, then this is a space-separated list of Regions that do replicate and send findings to the home Region.
An InvalidInputException error results if you populate this field while RegionLinkingMode is NO_REGIONS.
The aggregation Region.
" + "documentation":"The home Region. Findings generated in linked Regions are replicated and sent to the home Region.
" }, "RegionLinkingMode":{ "shape":"NonEmptyString", @@ -21887,7 +21887,7 @@ "members":{ "Status":{ "shape":"WorkflowStatus", - "documentation":"The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to SUPPRESSED or RESOLVED does not prevent a new finding for the same issue.
The allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:
RecordState changes from ARCHIVED to ACTIVE.
ComplianceStatus changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
SUPPRESSED - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to SUPPRESSED or RESOLVED does not prevent a new finding for the same issue.
The allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets the workflow status from NOTIFIED or RESOLVED to NEW in the following cases:
RecordState changes from ARCHIVED to ACTIVE.
ComplianceStatus changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
SUPPRESSED - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
Provides details about the status of the investigation into a finding.
" @@ -21918,11 +21918,11 @@ "members":{ "Status":{ "shape":"WorkflowStatus", - "documentation":"The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to SUPPRESSED or RESOLVED does not prevent a new finding for the same issue.
The allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets WorkFlowStatus from NOTIFIED or RESOLVED to NEW in the following cases:
The record state changes from ARCHIVED to ACTIVE.
The compliance status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
SUPPRESSED - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.
The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to SUPPRESSED or RESOLVED does not prevent a new finding for the same issue.
The allowed values are the following.
NEW - The initial state of a finding, before it is reviewed.
Security Hub also resets WorkFlowStatus from NOTIFIED or RESOLVED to NEW in the following cases:
The record state changes from ARCHIVED to ACTIVE.
The compliance status changes from PASSED to either WARNING, FAILED, or NOT_AVAILABLE.
NOTIFIED - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.
RESOLVED - The finding was reviewed and remediated and is now considered resolved.
SUPPRESSED - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated.
Used to update information about the investigation into the finding.
" } }, - "documentation":"Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps you assess your Amazon Web Services environment against security industry standards and best practices.
Security Hub collects security data across Amazon Web Services accounts, Amazon Web Servicesservices, and supported third-party products and helps you analyze your security trends and identify the highest priority security issues.
To help you manage the security state of your organization, Security Hub supports multiple security standards. These include the Amazon Web Services Foundational Security Best Practices (FSBP) standard developed by Amazon Web Services, and external compliance frameworks such as the Center for Internet Security (CIS), the Payment Card Industry Data Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes several security controls, each of which represents a security best practice. Security Hub runs checks against security controls and generates control findings to help you assess your compliance against security best practices.
In addition to generating control findings, Security Hub also receives findings from other Amazon Web Servicesservices, such as Amazon GuardDuty and Amazon Inspector, and supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You can also send Security Hub findings to other Amazon Web Servicesservices and supported third-party products.
Security Hub offers automation features that help you triage and remediate security issues. For example, you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with Amazon EventBridge to trigger automatic responses to specific findings.
This guide, the Security Hub API Reference, provides information about the Security Hub API. This includes supported resources, HTTP methods, parameters, and schemas. If you're new to Security Hub, you might find it helpful to also review the Security Hub User Guide . The user guide explains key concepts and provides procedures that demonstrate how to use Security Hub features. It also provides information about topics such as integrating Security Hub with other Amazon Web Servicesservices.
In addition to interacting with Security Hub by making calls to the Security Hub API, you can use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell, Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to Security Hub and other Amazon Web Servicesservices . They also handle tasks such as signing requests, managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services tools and SDKs, see Tools to Build on Amazon Web Services.
With the exception of operations that are related to central configuration, Security Hub API requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, call the same API operation in each Region in which you want to apply the change. When you use central configuration, API requests for enabling Security Hub, standards, and controls are executed in the home Region and all linked Regions. For a list of central configuration operations, see the Central configuration terms and concepts section of the Security Hub User Guide.
The following throttling limits apply to Security Hub API operations.
BatchEnableStandards - RateLimit of 1 request per second. BurstLimit of 1 request per second.
GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests per second.
BatchImportFindings - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
BatchUpdateFindings - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
UpdateStandardsControl - RateLimit of 1 request per second. BurstLimit of 5 requests per second.
All other operations - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps you assess your Amazon Web Services environment against security industry standards and best practices.
Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services services, and supported third-party products and helps you analyze your security trends and identify the highest priority security issues.
To help you manage the security state of your organization, Security Hub supports multiple security standards. These include the Amazon Web Services Foundational Security Best Practices (FSBP) standard developed by Amazon Web Services, and external compliance frameworks such as the Center for Internet Security (CIS), the Payment Card Industry Data Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes several security controls, each of which represents a security best practice. Security Hub runs checks against security controls and generates control findings to help you assess your compliance against security best practices.
In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services services, such as Amazon GuardDuty and Amazon Inspector, and supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You can also send Security Hub findings to other Amazon Web Services services and supported third-party products.
Security Hub offers automation features that help you triage and remediate security issues. For example, you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with Amazon EventBridge to trigger automatic responses to specific findings.
This guide, the Security Hub API Reference, provides information about the Security Hub API. This includes supported resources, HTTP methods, parameters, and schemas. If you're new to Security Hub, you might find it helpful to also review the Security Hub User Guide . The user guide explains key concepts and provides procedures that demonstrate how to use Security Hub features. It also provides information about topics such as integrating Security Hub with other Amazon Web Services services.
In addition to interacting with Security Hub by making calls to the Security Hub API, you can use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell, Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to Security Hub and other Amazon Web Services services . They also handle tasks such as signing requests, managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services tools and SDKs, see Tools to Build on Amazon Web Services.
With the exception of operations that are related to central configuration, Security Hub API requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, call the same API operation in each Region in which you want to apply the change. When you use central configuration, API requests for enabling Security Hub, standards, and controls are executed in the home Region and all linked Regions. For a list of central configuration operations, see the Central configuration terms and concepts section of the Security Hub User Guide.
The following throttling limits apply to Security Hub API operations.
BatchEnableStandards - RateLimit of 1 request per second. BurstLimit of 1 request per second.
GetFindings - RateLimit of 3 requests per second. BurstLimit of 6 requests per second.
BatchImportFindings - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
BatchUpdateFindings - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
UpdateStandardsControl - RateLimit of 1 request per second. BurstLimit of 5 requests per second.
All other operations - RateLimit of 10 requests per second. BurstLimit of 30 requests per second.
An object containing additional settings for your VDM configuration as applicable to the Guardian.
" }, + "HttpsPolicy":{ + "type":"string", + "documentation":"The https policy to use for tracking open and click events. If the value is OPTIONAL or HttpsPolicy is not specified, the open trackers use HTTP and click tracker use the original protocol of the link. If the value is REQUIRE, both open and click tracker uses HTTPS and if the value is REQUIRE_OPEN_ONLY open tracker uses HTTPS and link tracker is same as original protocol of the link.
", + "enum":[ + "REQUIRE", + "REQUIRE_OPEN_ONLY", + "OPTIONAL" + ] + }, "Identity":{ "type":"string", "min":1 @@ -5702,7 +5711,8 @@ "CustomRedirectDomain":{ "shape":"CustomRedirectDomain", "documentation":"The domain to use to track open and click events.
" - } + }, + "HttpsPolicy":{"shape":"HttpsPolicy"} }, "documentation":"A request to add a custom domain for tracking open and click events to a configuration set.
" }, @@ -6724,6 +6734,10 @@ "CustomRedirectDomain":{ "shape":"CustomRedirectDomain", "documentation":"The domain to use for tracking open and click events.
" + }, + "HttpsPolicy":{ + "shape":"HttpsPolicy", + "documentation":"The https policy to use for tracking open and click events.
" } }, "documentation":"An object that defines the tracking options for a configuration set. When you use the Amazon SES API v2 to send an email, it contains an invisible image that's used to track when recipients open your email. If your email contains links, those links are changed slightly in order to track when recipients click them.
These images and links include references to a domain operated by Amazon Web Services. You can optionally configure the Amazon SES to use a domain that you operate for these images and links.
"