| Class | Description |
|---|---|
| AcceptAdministratorInvitationRequest | |
| AcceptAdministratorInvitationResult | |
| AcceptInvitationRequest | |
| AcceptInvitationResult | |
| AccountDetails |
The details of an Amazon Web Services account.
|
| Action |
Provides details about one of the following actions that affects or that was taken on a resource:
|
| ActionLocalIpDetails |
Provides information about the IP address where the scanned port is located.
|
| ActionLocalPortDetails |
For
NetworkConnectionAction and PortProbeDetails, LocalPortDetails provides
information about the local port that was involved in the action. |
| ActionRemoteIpDetails |
For
AwsApiAction, NetworkConnectionAction, and PortProbeAction,
RemoteIpDetails provides information about the remote IP address that was involved in the action. |
| ActionRemotePortDetails |
Provides information about the remote port that was involved in an attempted network connection.
|
| ActionTarget |
An
ActionTarget object. |
| Adjustment |
An adjustment to the CVSS metric.
|
| AdminAccount |
Represents a Security Hub administrator account designated by an organization management account.
|
| AssociatedStandard |
Information about an enabled security standard in which a security control is enabled.
|
| AssociationFilters |
Options for filtering the
ListConfigurationPolicyAssociations response. |
| AssociationSetDetails |
The associations between a route table and one or more subnets or a gateway.
|
| AssociationStateDetails |
Describes the state of an association between a route table and a subnet or gateway.
|
| AutomationRulesAction |
One or more actions to update finding fields if a finding matches the defined criteria of the rule.
|
| AutomationRulesConfig |
Defines the configuration of an automation rule.
|
| AutomationRulesFindingFieldsUpdate |
Identifies the finding fields that the automation rule action updates when a finding matches the defined criteria.
|
| AutomationRulesFindingFilters |
The criteria that determine which findings a rule applies to.
|
| AutomationRulesMetadata |
Metadata for automation rules in the calling account.
|
| AvailabilityZone |
Information about an Availability Zone.
|
| AwsAmazonMqBrokerDetails |
Provides details about an Amazon MQ message broker.
|
| AwsAmazonMqBrokerEncryptionOptionsDetails |
Provides details about broker encryption options.
|
| AwsAmazonMqBrokerLdapServerMetadataDetails |
The metadata of the Lightweight Directory Access Protocol (LDAP) server used to authenticate and authorize
connections to the broker.
|
| AwsAmazonMqBrokerLogsDetails |
Provides information about logs to be activated for the specified broker.
|
| AwsAmazonMqBrokerLogsPendingDetails |
Provides information about logs to be activated for the specified broker.
|
| AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails |
The scheduled time period (UTC) during which Amazon MQ begins to apply pending updates or patches to the broker.
|
| AwsAmazonMqBrokerUsersDetails |
Provides details about the broker usernames for the specified broker.
|
| AwsApiCallAction |
Provided if
ActionType is AWS_API_CALL. |
| AwsApiCallActionDomainDetails |
Provided if
CallerType is domain. |
| AwsApiGatewayAccessLogSettings |
Contains information about settings for logging access for the stage.
|
| AwsApiGatewayCanarySettings |
Contains information about settings for canary deployment in the stage.
|
| AwsApiGatewayEndpointConfiguration |
Contains information about the endpoints for the API.
|
| AwsApiGatewayMethodSettings |
Defines settings for a method for the stage.
|
| AwsApiGatewayRestApiDetails |
Contains information about a REST API in version 1 of Amazon API Gateway.
|
| AwsApiGatewayStageDetails |
Provides information about a version 1 Amazon API Gateway stage.
|
| AwsApiGatewayV2ApiDetails |
Contains information about a version 2 API in Amazon API Gateway.
|
| AwsApiGatewayV2RouteSettings |
Contains route settings for a stage.
|
| AwsApiGatewayV2StageDetails |
Contains information about a version 2 stage for Amazon API Gateway.
|
| AwsAppSyncGraphQlApiAdditionalAuthenticationProvidersDetails |
A list of additional authentication providers for the GraphqlApi API.
|
| AwsAppSyncGraphQlApiDetails |
Provides details about an AppSync Graph QL API, which lets you query multiple databases, microservices, and APIs from
a single GraphQL endpoint.
|
| AwsAppSyncGraphQlApiLambdaAuthorizerConfigDetails |
Specifies the authorization configuration for using an Lambda function with your AppSync GraphQL API endpoint.
|
| AwsAppSyncGraphQlApiLogConfigDetails |
Specifies the logging configuration when writing GraphQL operations and tracing to Amazon CloudWatch for an AppSync
GraphQL API.
|
| AwsAppSyncGraphQlApiOpenIdConnectConfigDetails |
Specifies the authorization configuration for using an OpenID Connect compliant service with your AppSync GraphQL API
endpoint.
|
| AwsAppSyncGraphQlApiUserPoolConfigDetails |
Specifies the authorization configuration for using Amazon Cognito user pools with your AppSync GraphQL API endpoint.
|
| AwsAthenaWorkGroupConfigurationDetails |
The configuration of the workgroup, which includes the location in Amazon Simple Storage Service (Amazon S3) where
query results are stored, the encryption option, if any, used for query results, whether Amazon CloudWatch metrics
are enabled for the workgroup, and the limit for the amount of bytes scanned (cutoff) per query, if it is specified.
|
| AwsAthenaWorkGroupConfigurationResultConfigurationDetails |
The location in Amazon Simple Storage Service (Amazon S3) where query and calculation results are stored and the
encryption option, if any, used for query and calculation results.
|
| AwsAthenaWorkGroupConfigurationResultConfigurationEncryptionConfigurationDetails |
Specifies the method used to encrypt the user’s data stores in the Athena workgroup.
|
| AwsAthenaWorkGroupDetails |
Provides information about an Amazon Athena workgroup.
|
| AwsAutoScalingAutoScalingGroupAvailabilityZonesListDetails |
An Availability Zone for the automatic scaling group.
|
| AwsAutoScalingAutoScalingGroupDetails |
Provides details about an auto scaling group.
|
| AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification |
Details about the launch template to use.
|
| AwsAutoScalingAutoScalingGroupMixedInstancesPolicyDetails |
The mixed instances policy for the automatic scaling group.
|
| AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails |
Information about the instances distribution.
|
| AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails |
Describes a launch template and overrides for a mixed instances policy.
|
| AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification |
Details about the launch template to use for a mixed instances policy.
|
| AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails |
Property values to use to override the values in the launch template.
|
| AwsAutoScalingLaunchConfigurationBlockDeviceMappingsDetails |
A block device for the instance.
|
| AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails |
Parameters that are used to automatically set up EBS volumes when an instance is launched.
|
| AwsAutoScalingLaunchConfigurationDetails |
Details about a launch configuration.
|
| AwsAutoScalingLaunchConfigurationInstanceMonitoringDetails |
Information about the type of monitoring for instances in the group.
|
| AwsAutoScalingLaunchConfigurationMetadataOptions |
The metadata options for the instances.
|
| AwsBackupBackupPlanAdvancedBackupSettingsDetails |
Provides a list of backup options for each resource type.
|
| AwsBackupBackupPlanBackupPlanDetails |
Provides details about an Backup backup plan and an array of
BackupRule objects, each of which specifies
a backup rule. |
| AwsBackupBackupPlanDetails |
Provides details about an Backup backup plan and an array of
BackupRule objects, each of which specifies
a backup rule. |
| AwsBackupBackupPlanLifecycleDetails |
Provides lifecycle details for the backup plan.
|
| AwsBackupBackupPlanRuleCopyActionsDetails |
An array of
CopyAction objects, each of which contains details of the copy operation. |
| AwsBackupBackupPlanRuleDetails |
Provides details about an array of
BackupRule objects, each of which specifies a scheduled task that is
used to back up a selection of resources. |
| AwsBackupBackupVaultDetails |
Provides details about an Backup backup vault.
|
| AwsBackupBackupVaultNotificationsDetails |
Provides details about the Amazon SNS event notifications for the specified backup vault.
|
| AwsBackupRecoveryPointCalculatedLifecycleDetails |
Specifies how long in days before a recovery point transitions to cold storage or is deleted.
|
| AwsBackupRecoveryPointCreatedByDetails |
Contains information about the backup plan and rule that Backup used to initiate the recovery point backup.
|
| AwsBackupRecoveryPointDetails |
Contains detailed information about the recovery points stored in an Backup backup vault.
|
| AwsBackupRecoveryPointLifecycleDetails |
Contains an array of Transition objects specifying how long in days before a recovery point transitions to cold
storage or is deleted.
|
| AwsCertificateManagerCertificateDetails |
Provides details about an Certificate Manager certificate.
|
| AwsCertificateManagerCertificateDomainValidationOption |
Contains information about one of the following:
|
| AwsCertificateManagerCertificateExtendedKeyUsage |
Contains information about an extended key usage X.509 v3 extension object.
|
| AwsCertificateManagerCertificateKeyUsage |
Contains information about a key usage X.509 v3 extension object.
|
| AwsCertificateManagerCertificateOptions |
Contains other options for the certificate.
|
| AwsCertificateManagerCertificateRenewalSummary |
Contains information about the Certificate Manager managed renewal for an
AMAZON_ISSUED certificate. |
| AwsCertificateManagerCertificateResourceRecord |
Provides details about the CNAME record that is added to the DNS database for domain validation.
|
| AwsCloudFormationStackDetails |
Nests a stack as a resource in a top-level template.
|
| AwsCloudFormationStackDriftInformationDetails |
Provides information about the stack's conformity to its expected template configuration.
|
| AwsCloudFormationStackOutputsDetails |
Provides information about the CloudFormation stack output.
|
| AwsCloudFrontDistributionCacheBehavior |
Information about a cache behavior for the distribution.
|
| AwsCloudFrontDistributionCacheBehaviors |
Provides information about caching for the CloudFront distribution.
|
| AwsCloudFrontDistributionDefaultCacheBehavior |
Contains information about the default cache configuration for the CloudFront distribution.
|
| AwsCloudFrontDistributionDetails |
A CloudFront distribution configuration.
|
| AwsCloudFrontDistributionLogging |
A complex type that controls whether access logs are written for the CloudFront distribution.
|
| AwsCloudFrontDistributionOriginCustomOriginConfig |
A custom origin.
|
| AwsCloudFrontDistributionOriginGroup |
Information about an origin group for the CloudFront distribution.
|
| AwsCloudFrontDistributionOriginGroupFailover |
Provides information about when an origin group fails over.
|
| AwsCloudFrontDistributionOriginGroupFailoverStatusCodes |
The status codes that cause an origin group to fail over.
|
| AwsCloudFrontDistributionOriginGroups |
Provides information about origin groups that are associated with the CloudFront distribution.
|
| AwsCloudFrontDistributionOriginItem |
A complex type that describes the Amazon S3 bucket, HTTP server (for example, a web server), Elemental MediaStore, or
other server from which CloudFront gets your files.
|
| AwsCloudFrontDistributionOrigins |
A complex type that contains information about origins and origin groups for this CloudFront distribution.
|
| AwsCloudFrontDistributionOriginS3OriginConfig |
Information about an origin that is an Amazon S3 bucket that is not configured with static website hosting.
|
| AwsCloudFrontDistributionOriginSslProtocols |
A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an
HTTPS connection with your origin.
|
| AwsCloudFrontDistributionViewerCertificate |
Provides information about the TLS/SSL configuration that the CloudFront distribution uses to communicate with
viewers.
|
| AwsCloudTrailTrailDetails |
Provides details about a CloudTrail trail.
|
| AwsCloudWatchAlarmDetails |
Specifies an alarm and associates it with the specified metric or metric math expression.
|
| AwsCloudWatchAlarmDimensionsDetails |
Details about the dimensions for the metric associated with the alarm.
|
| AwsCodeBuildProjectArtifactsDetails |
Information about the build artifacts for the CodeBuild project.
|
| AwsCodeBuildProjectDetails |
Information about an CodeBuild project.
|
| AwsCodeBuildProjectEnvironment |
Information about the build environment for this build project.
|
| AwsCodeBuildProjectEnvironmentEnvironmentVariablesDetails |
Information about an environment variable that is available to builds for the build project.
|
| AwsCodeBuildProjectEnvironmentRegistryCredential |
The credentials for access to a private registry.
|
| AwsCodeBuildProjectLogsConfigCloudWatchLogsDetails |
Information about CloudWatch Logs for the build project.
|
| AwsCodeBuildProjectLogsConfigDetails |
Information about logs for the build project.
|
| AwsCodeBuildProjectLogsConfigS3LogsDetails |
Information about logs built to an S3 bucket for a build project.
|
| AwsCodeBuildProjectSource |
Information about the build input source code for this build project.
|
| AwsCodeBuildProjectVpcConfig |
Information about the VPC configuration that CodeBuild accesses.
|
| AwsCorsConfiguration |
Contains the cross-origin resource sharing (CORS) configuration for the API.
|
| AwsDmsEndpointDetails |
Provides details about an Database Migration Service (DMS) endpoint.
|
| AwsDmsReplicationInstanceDetails |
Provides details about an Database Migration Service (DMS) replication instance.
|
| AwsDmsReplicationInstanceReplicationSubnetGroupDetails |
Provides details about the replication subnet group.
|
| AwsDmsReplicationInstanceVpcSecurityGroupsDetails |
Provides details about the virtual private cloud (VPC) security group that’s associated with the replication
instance.
|
| AwsDmsReplicationTaskDetails |
Provides details about an Database Migration Service (DMS) replication task.
|
| AwsDynamoDbTableAttributeDefinition |
Contains a definition of an attribute for the table.
|
| AwsDynamoDbTableBillingModeSummary |
Provides information about the billing for read/write capacity on the table.
|
| AwsDynamoDbTableDetails |
Provides details about a DynamoDB table.
|
| AwsDynamoDbTableGlobalSecondaryIndex |
Information abut a global secondary index for the table.
|
| AwsDynamoDbTableKeySchema |
A component of the key schema for the DynamoDB table, a global secondary index, or a local secondary index.
|
| AwsDynamoDbTableLocalSecondaryIndex |
Information about a local secondary index for a DynamoDB table.
|
| AwsDynamoDbTableProjection |
For global and local secondary indexes, identifies the attributes that are copied from the table into the index.
|
| AwsDynamoDbTableProvisionedThroughput |
Information about the provisioned throughput for the table or for a global secondary index.
|
| AwsDynamoDbTableProvisionedThroughputOverride |
Replica-specific configuration for the provisioned throughput.
|
| AwsDynamoDbTableReplica |
Information about a replica of a DynamoDB table.
|
| AwsDynamoDbTableReplicaGlobalSecondaryIndex |
Information about a global secondary index for a DynamoDB table replica.
|
| AwsDynamoDbTableRestoreSummary |
Information about the restore for the table.
|
| AwsDynamoDbTableSseDescription |
Information about the server-side encryption for the table.
|
| AwsDynamoDbTableStreamSpecification |
The current DynamoDB Streams configuration for the table.
|
| AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails |
Provides details about an Active Directory that’s used to authenticate an Client VPN endpoint.
|
| AwsEc2ClientVpnEndpointAuthenticationOptionsDetails |
Information about the authentication method used by the Client VPN endpoint.
|
| AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails |
Describes the IAM SAML identity providers used for federated authentication.
|
| AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails |
Information about the client certificate used for authentication.
|
| AwsEc2ClientVpnEndpointClientConnectOptionsDetails |
The options for managing connection authorization for new client connections.
|
| AwsEc2ClientVpnEndpointClientConnectOptionsStatusDetails |
Describes the status of the Client VPN endpoint attribute.
|
| AwsEc2ClientVpnEndpointClientLoginBannerOptionsDetails |
Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a
VPN session is established.
|
| AwsEc2ClientVpnEndpointConnectionLogOptionsDetails |
Information about the client connection logging options for the Client VPN endpoint.
|
| AwsEc2ClientVpnEndpointDetails |
Describes an Client VPN endpoint.
|
| AwsEc2EipDetails |
Information about an Elastic IP address.
|
| AwsEc2InstanceDetails |
The details of an Amazon EC2 instance.
|
| AwsEc2InstanceMetadataOptions |
Metadata options that allow you to configure and secure the Amazon EC2 instance.
|
| AwsEc2InstanceMonitoringDetails |
The type of monitoring that’s turned on for an Amazon EC2 instance.
|
| AwsEc2InstanceNetworkInterfacesDetails |
Identifies a network interface for the Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataBlockDeviceMappingSetDetails |
Information about a block device mapping for an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
|
| AwsEc2LaunchTemplateDataBlockDeviceMappingSetEbsDetails |
Parameters for a block device for an Amazon Elastic Block Store (Amazon EBS) volume in an Amazon EC2 launch template.
|
| AwsEc2LaunchTemplateDataCapacityReservationSpecificationCapacityReservationTargetDetails |
Information about the target Capacity Reservation or Capacity Reservation group in which to run an Amazon EC2
instance.
|
| AwsEc2LaunchTemplateDataCapacityReservationSpecificationDetails |
Specifies the Capacity Reservation targeting option of an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataCpuOptionsDetails |
Specifies the CPU options for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataCreditSpecificationDetails |
Specifies the credit option for CPU usage of a T2, T3, or T3a Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataDetails |
The information to include in an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
|
| AwsEc2LaunchTemplateDataElasticGpuSpecificationSetDetails |
Provides details about an Elastic Graphics specification for an Amazon EC2 launch template.
|
| AwsEc2LaunchTemplateDataElasticInferenceAcceleratorSetDetails |
Provides details for an Amazon Elastic Inference accelerator.
|
| AwsEc2LaunchTemplateDataEnclaveOptionsDetails |
Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves.
|
| AwsEc2LaunchTemplateDataHibernationOptionsDetails |
Specifies whether your Amazon EC2 instance is configured for hibernation.
|
| AwsEc2LaunchTemplateDataIamInstanceProfileDetails |
Provides details for an Identity and Access Management (IAM) instance profile, which is a container for an IAM role
for your instance.
|
| AwsEc2LaunchTemplateDataInstanceMarketOptionsDetails |
Provides details about the market (purchasing) option for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataInstanceMarketOptionsSpotOptionsDetails |
Provides details about the market (purchasing) options for Spot Instances.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorCountDetails |
The minimum and maximum number of accelerators (GPUs, FPGAs, or Amazon Web Services Inferentia chips) on an Amazon
EC2 instance.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorTotalMemoryMiBDetails |
The minimum and maximum amount of memory, in MiB, for the accelerators on an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsBaselineEbsBandwidthMbpsDetails |
The minimum and maximum baseline bandwidth to Amazon Elastic Block Store (Amazon EBS), in Mbps.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsDetails |
The attributes for the Amazon EC2 instance types.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsMemoryGiBPerVCpuDetails |
The minimum and maximum amount of memory per vCPU, in GiB.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsMemoryMiBDetails |
The minimum and maximum amount of memory, in MiB, for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsNetworkInterfaceCountDetails |
The minimum and maximum number of network interfaces to be attached to an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsTotalLocalStorageGBDetails |
The minimum and maximum amount of total local storage, in GB, that an Amazon EC2 instance uses.
|
| AwsEc2LaunchTemplateDataInstanceRequirementsVCpuCountDetails |
The minimum and maximum number of vCPUs for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataLicenseSetDetails |
Provides details about the license configuration for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataMaintenanceOptionsDetails |
The maintenance options of an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataMetadataOptionsDetails |
Specifies the metadata options for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataMonitoringDetails |
The monitoring for an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataNetworkInterfaceSetDetails |
One or more network interfaces to attach to an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv4PrefixesDetails |
Provides details on one or more IPv4 prefixes for a network interface.
|
| AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6AddressesDetails |
Specifies an IPv6 address in an Amazon EC2 launch template.
|
| AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6PrefixesDetails |
Provides details on one or more IPv6 prefixes to be assigned to the network interface.
|
| AwsEc2LaunchTemplateDataNetworkInterfaceSetPrivateIpAddressesDetails |
One or more private IPv4 addresses.
|
| AwsEc2LaunchTemplateDataPlacementDetails |
Provides details about the placement of an Amazon EC2 instance.
|
| AwsEc2LaunchTemplateDataPrivateDnsNameOptionsDetails |
Describes the options for Amazon EC2 instance hostnames.
|
| AwsEc2LaunchTemplateDetails |
Specifies the properties for creating an Amazon Elastic Compute Cloud (Amazon EC2) launch template.
|
| AwsEc2NetworkAclAssociation |
An association between the network ACL and a subnet.
|
| AwsEc2NetworkAclDetails |
Contains details about an Amazon EC2 network access control list (ACL).
|
| AwsEc2NetworkAclEntry |
A rule for the network ACL.
|
| AwsEc2NetworkInterfaceAttachment |
Information about the network interface attachment.
|
| AwsEc2NetworkInterfaceDetails |
Details about the network interface
|
| AwsEc2NetworkInterfaceIpV6AddressDetail |
Provides information about an IPV6 address that is associated with the network interface.
|
| AwsEc2NetworkInterfacePrivateIpAddressDetail |
Provides information about a private IPv4 address that is with the network interface.
|
| AwsEc2NetworkInterfaceSecurityGroup |
A security group associated with the network interface.
|
| AwsEc2RouteTableDetails |
Provides details about a route table for the specified VPC.
|
| AwsEc2SecurityGroupDetails |
Details about an Amazon EC2 security group.
|
| AwsEc2SecurityGroupIpPermission |
An IP permission for an EC2 security group.
|
| AwsEc2SecurityGroupIpRange |
A range of IPv4 addresses.
|
| AwsEc2SecurityGroupIpv6Range |
A range of IPv6 addresses.
|
| AwsEc2SecurityGroupPrefixListId |
A prefix list ID.
|
| AwsEc2SecurityGroupUserIdGroupPair |
A relationship between a security group and a user.
|
| AwsEc2SubnetDetails |
Contains information about a subnet in Amazon EC2.
|
| AwsEc2TransitGatewayDetails |
Information about an Amazon Web Services Amazon EC2 Transit Gateway that interconnects virtual private clouds (VPCs)
and on-premises networks.
|
| AwsEc2VolumeAttachment |
An attachment to an Amazon EC2 volume.
|
| AwsEc2VolumeDetails |
Details about an EC2 volume.
|
| AwsEc2VpcDetails |
Details about an EC2 VPC.
|
| AwsEc2VpcEndpointServiceDetails |
Contains details about the service configuration for a VPC endpoint service.
|
| AwsEc2VpcEndpointServiceServiceTypeDetails |
The service type information for a VPC endpoint service.
|
| AwsEc2VpcPeeringConnectionDetails |
Provides information about a VPC peering connection between two VPCs: a requester VPC that you own and an accepter
VPC with which to create the connection.
|
| AwsEc2VpcPeeringConnectionStatusDetails |
Details about the status of the VPC peering connection.
|
| AwsEc2VpcPeeringConnectionVpcInfoDetails |
Describes a VPC in a VPC peering connection.
|
| AwsEc2VpnConnectionDetails |
Details about an Amazon EC2 VPN connection.
|
| AwsEc2VpnConnectionOptionsDetails |
VPN connection options.
|
| AwsEc2VpnConnectionOptionsTunnelOptionsDetails |
The VPN tunnel options.
|
| AwsEc2VpnConnectionRoutesDetails |
A static routes associated with the VPN connection.
|
| AwsEc2VpnConnectionVgwTelemetryDetails |
Information about the VPN tunnel.
|
| AwsEcrContainerImageDetails |
Information about an Amazon ECR image.
|
| AwsEcrRepositoryDetails |
Provides information about an Amazon Elastic Container Registry repository.
|
| AwsEcrRepositoryImageScanningConfigurationDetails |
The image scanning configuration for a repository.
|
| AwsEcrRepositoryLifecyclePolicyDetails |
Information about the lifecycle policy for the repository.
|
| AwsEcsClusterClusterSettingsDetails |
Indicates whether to enable CloudWatch Container Insights for the ECS cluster.
|
| AwsEcsClusterConfigurationDetails |
The run command configuration for the cluster.
|
| AwsEcsClusterConfigurationExecuteCommandConfigurationDetails |
Contains the run command configuration for the cluster.
|
| AwsEcsClusterConfigurationExecuteCommandConfigurationLogConfigurationDetails |
The log configuration for the results of the run command actions.
|
| AwsEcsClusterDefaultCapacityProviderStrategyDetails |
The default capacity provider strategy for the cluster.
|
| AwsEcsClusterDetails |
Provides details about an Amazon ECS cluster.
|
| AwsEcsContainerDetails |
Provides information about an Amazon ECS container.
|
| AwsEcsServiceCapacityProviderStrategyDetails |
Strategy item for the capacity provider strategy that the service uses.
|
| AwsEcsServiceDeploymentConfigurationDeploymentCircuitBreakerDetails |
Determines whether a service deployment fails if a service cannot reach a steady state.
|
| AwsEcsServiceDeploymentConfigurationDetails |
Optional deployment parameters for the service.
|
| AwsEcsServiceDeploymentControllerDetails |
Information about the deployment controller type that the service uses.
|
| AwsEcsServiceDetails |
Provides details about a service within an ECS cluster.
|
| AwsEcsServiceLoadBalancersDetails |
Information about a load balancer that the service uses.
|
| AwsEcsServiceNetworkConfigurationAwsVpcConfigurationDetails |
For tasks that use the
awsvpc networking mode, the VPC subnet and security group configuration. |
| AwsEcsServiceNetworkConfigurationDetails |
For tasks that use the
awsvpc networking mode, the VPC subnet and security group configuration. |
| AwsEcsServicePlacementConstraintsDetails |
A placement constraint for the tasks in the service.
|
| AwsEcsServicePlacementStrategiesDetails |
A placement strategy that determines how to place the tasks for the service.
|
| AwsEcsServiceServiceRegistriesDetails |
Information about a service discovery registry to assign to the service.
|
| AwsEcsTaskDefinitionContainerDefinitionsDependsOnDetails |
A dependency that is defined for container startup and shutdown.
|
| AwsEcsTaskDefinitionContainerDefinitionsDetails |
A container definition that describes a container in the task.
|
| AwsEcsTaskDefinitionContainerDefinitionsEnvironmentDetails |
An environment variable to pass to the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsEnvironmentFilesDetails |
A file that contain environment variables to pass to a container.
|
| AwsEcsTaskDefinitionContainerDefinitionsExtraHostsDetails |
A hostname and IP address mapping to append to the /etc/hosts file on the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails |
The FireLens configuration for the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsHealthCheckDetails |
The container health check command and associated configuration parameters for the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersCapabilitiesDetails |
The Linux capabilities for the container that are added to or dropped from the default configuration provided by
Docker.
|
| AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDetails |
>Linux-specific modifications that are applied to the container, such as Linux kernel capabilities.
|
| AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDevicesDetails |
A host device to expose to the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersTmpfsDetails |
The container path, mount options, and size (in MiB) of a tmpfs mount.
|
| AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationDetails |
The log configuration specification for the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationSecretOptionsDetails |
A secret to pass to the log configuration.
|
| AwsEcsTaskDefinitionContainerDefinitionsMountPointsDetails |
A mount point for the data volumes in the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsPortMappingsDetails |
A port mapping for the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsRepositoryCredentialsDetails |
The private repository authentication credentials to use.
|
| AwsEcsTaskDefinitionContainerDefinitionsResourceRequirementsDetails |
A resource to assign to a container.
|
| AwsEcsTaskDefinitionContainerDefinitionsSecretsDetails |
A secret to pass to the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsSystemControlsDetails |
A namespaced kernel parameter to set in the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsUlimitsDetails |
A ulimit to set in the container.
|
| AwsEcsTaskDefinitionContainerDefinitionsVolumesFromDetails |
A data volume to mount from another container.
|
| AwsEcsTaskDefinitionDetails |
Details about a task definition.
|
| AwsEcsTaskDefinitionInferenceAcceleratorsDetails |
An Elastic Inference accelerator to use for the containers in the task.
|
| AwsEcsTaskDefinitionPlacementConstraintsDetails |
A placement constraint object to use for tasks.
|
| AwsEcsTaskDefinitionProxyConfigurationDetails |
The configuration details for the App Mesh proxy.
|
| AwsEcsTaskDefinitionProxyConfigurationProxyConfigurationPropertiesDetails |
A network configuration parameter to provide to the Container Network Interface (CNI) plugin.
|
| AwsEcsTaskDefinitionVolumesDetails |
A data volume to mount from another container.
|
| AwsEcsTaskDefinitionVolumesDockerVolumeConfigurationDetails |
Information about a Docker volume.
|
| AwsEcsTaskDefinitionVolumesEfsVolumeConfigurationAuthorizationConfigDetails |
|
| AwsEcsTaskDefinitionVolumesEfsVolumeConfigurationDetails |
Information about the Amazon Elastic File System file system that is used for task storage.
|
| AwsEcsTaskDefinitionVolumesHostDetails |
Information about a bind mount host volume.
|
| AwsEcsTaskDetails |
Provides details about a task in a cluster.
|
| AwsEcsTaskVolumeDetails |
Provides information about a data volume that's used in a task definition.
|
| AwsEcsTaskVolumeHostDetails |
Provides details on a container instance bind mount host volume.
|
| AwsEfsAccessPointDetails |
Provides information about an Amazon EFS access point.
|
| AwsEfsAccessPointPosixUserDetails |
Provides details for all file system operations using this Amazon EFS access point.
|
| AwsEfsAccessPointRootDirectoryCreationInfoDetails |
Provides information about the settings that Amazon EFS uses to create the root directory when a client connects to
an access point.
|
| AwsEfsAccessPointRootDirectoryDetails |
Provides information about the directory on the Amazon EFS file system that the access point exposes as the root
directory to NFS clients using the access point.
|
| AwsEksClusterDetails |
Provides details about an Amazon EKS cluster.
|
| AwsEksClusterLoggingClusterLoggingDetails |
Details for a cluster logging configuration.
|
| AwsEksClusterLoggingDetails |
The logging configuration for an Amazon EKS cluster.
|
| AwsEksClusterResourcesVpcConfigDetails |
Information about the VPC configuration used by the cluster control plane.
|
| AwsElasticBeanstalkEnvironmentDetails |
Contains details about an Elastic Beanstalk environment.
|
| AwsElasticBeanstalkEnvironmentEnvironmentLink |
Contains information about a link to another environment that is in the same group.
|
| AwsElasticBeanstalkEnvironmentOptionSetting |
A configuration option setting for the environment.
|
| AwsElasticBeanstalkEnvironmentTier |
Contains information about the tier of the environment.
|
| AwsElasticsearchDomainDetails |
Information about an Elasticsearch domain.
|
| AwsElasticsearchDomainDomainEndpointOptions |
Additional options for the domain endpoint, such as whether to require HTTPS for all traffic.
|
| AwsElasticsearchDomainElasticsearchClusterConfigDetails |
details about the configuration of an OpenSearch cluster.
|
| AwsElasticsearchDomainElasticsearchClusterConfigZoneAwarenessConfigDetails |
Configuration options for zone awareness.
|
| AwsElasticsearchDomainEncryptionAtRestOptions |
Details about the configuration for encryption at rest.
|
| AwsElasticsearchDomainLogPublishingOptions |
configures the CloudWatch Logs to publish for the Elasticsearch domain.
|
| AwsElasticsearchDomainLogPublishingOptionsLogConfig |
The log configuration.
|
| AwsElasticsearchDomainNodeToNodeEncryptionOptions |
Details about the configuration for node-to-node encryption.
|
| AwsElasticsearchDomainServiceSoftwareOptions |
Information about the state of the domain relative to the latest service software.
|
| AwsElasticsearchDomainVPCOptions |
Information that OpenSearch derives based on
VPCOptions for the domain. |
| AwsElbAppCookieStickinessPolicy |
Contains information about a stickiness policy that was created using
CreateAppCookieStickinessPolicy. |
| AwsElbLbCookieStickinessPolicy |
Contains information about a stickiness policy that was created using
CreateLBCookieStickinessPolicy. |
| AwsElbLoadBalancerAccessLog |
Contains information about the access log configuration for the load balancer.
|
| AwsElbLoadBalancerAdditionalAttribute |
Provides information about additional attributes for the load balancer.
|
| AwsElbLoadBalancerAttributes |
Contains attributes for the load balancer.
|
| AwsElbLoadBalancerBackendServerDescription |
Provides information about the configuration of an EC2 instance for the load balancer.
|
| AwsElbLoadBalancerConnectionDraining |
Contains information about the connection draining configuration for the load balancer.
|
| AwsElbLoadBalancerConnectionSettings |
Contains connection settings for the load balancer.
|
| AwsElbLoadBalancerCrossZoneLoadBalancing |
Contains cross-zone load balancing settings for the load balancer.
|
| AwsElbLoadBalancerDetails |
Contains details about a Classic Load Balancer.
|
| AwsElbLoadBalancerHealthCheck |
Contains information about the health checks that are conducted on the load balancer.
|
| AwsElbLoadBalancerInstance |
Provides information about an EC2 instance for a load balancer.
|
| AwsElbLoadBalancerListener |
Information about a load balancer listener.
|
| AwsElbLoadBalancerListenerDescription |
Lists the policies that are enabled for a load balancer listener.
|
| AwsElbLoadBalancerPolicies |
Contains information about the policies for a load balancer.
|
| AwsElbLoadBalancerSourceSecurityGroup |
Contains information about the security group for the load balancer.
|
| AwsElbv2LoadBalancerAttribute |
A load balancer attribute.
|
| AwsElbv2LoadBalancerDetails |
Information about a load balancer.
|
| AwsEventSchemasRegistryDetails |
A schema defines the structure of events that are sent to Amazon EventBridge.
|
| AwsEventsEndpointDetails |
Provides details about an Amazon EventBridge global endpoint.
|
| AwsEventsEndpointEventBusesDetails |
Provides details about the Amazon EventBridge event buses that the endpoint is associated with.
|
| AwsEventsEndpointReplicationConfigDetails |
Indicates whether replication is enabled or disabled for the endpoint.
|
| AwsEventsEndpointRoutingConfigDetails |
Provides details about the routing configuration of the endpoint.
|
| AwsEventsEndpointRoutingConfigFailoverConfigDetails |
The failover configuration for an endpoint.
|
| AwsEventsEndpointRoutingConfigFailoverConfigPrimaryDetails |
Provides details about the primary Amazon Web Services Region of the endpoint.
|
| AwsEventsEndpointRoutingConfigFailoverConfigSecondaryDetails |
The Amazon Web Services Region that events are routed to when failover is triggered or event replication is enabled.
|
| AwsEventsEventbusDetails |
Provides details about Amazon EventBridge event bus.
|
| AwsGuardDutyDetectorDataSourcesCloudTrailDetails |
An object that contains information on the status of CloudTrail as a data source for the detector.
|
| AwsGuardDutyDetectorDataSourcesDetails |
Describes which data sources are activated for the detector.
|
| AwsGuardDutyDetectorDataSourcesDnsLogsDetails |
An object that contains information on the status of DNS logs as a data source for the detector.
|
| AwsGuardDutyDetectorDataSourcesFlowLogsDetails |
An object that contains information on the status of VPC Flow Logs as a data source for the detector.
|
| AwsGuardDutyDetectorDataSourcesKubernetesAuditLogsDetails |
An object that contains information on the status of Kubernetes audit logs as a data source for the detector.
|
| AwsGuardDutyDetectorDataSourcesKubernetesDetails |
An object that contains information on the status of Kubernetes data sources for the detector.
|
| AwsGuardDutyDetectorDataSourcesMalwareProtectionDetails |
An object that contains information on the status of Malware Protection as a data source for the detector.
|
| AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsDetails |
Describes the configuration of Malware Protection for EC2 instances with findings.
|
| AwsGuardDutyDetectorDataSourcesMalwareProtectionScanEc2InstanceWithFindingsEbsVolumesDetails |
Describes the configuration of scanning EBS volumes (Malware Protection) as a data source.
|
| AwsGuardDutyDetectorDataSourcesS3LogsDetails |
An object that contains information on the status of S3 data event logs as a data source for the detector.
|
| AwsGuardDutyDetectorDetails |
Provides details about an Amazon GuardDuty detector.
|
| AwsGuardDutyDetectorFeaturesDetails |
Describes which features are activated for the detector.
|
| AwsIamAccessKeyDetails |
IAM access key details related to a finding.
|
| AwsIamAccessKeySessionContext |
Provides information about the session that the key was used for.
|
| AwsIamAccessKeySessionContextAttributes |
Attributes of the session that the key was used for.
|
| AwsIamAccessKeySessionContextSessionIssuer |
Information about the entity that created the session.
|
| AwsIamAttachedManagedPolicy |
A managed policy that is attached to an IAM principal.
|
| AwsIamGroupDetails |
Contains details about an IAM group.
|
| AwsIamGroupPolicy |
A managed policy that is attached to the IAM group.
|
| AwsIamInstanceProfile |
Information about an instance profile.
|
| AwsIamInstanceProfileRole |
Information about a role associated with an instance profile.
|
| AwsIamPermissionsBoundary |
Information about the policy used to set the permissions boundary for an IAM principal.
|
| AwsIamPolicyDetails |
Represents an IAM permissions policy.
|
| AwsIamPolicyVersion |
A version of an IAM policy.
|
| AwsIamRoleDetails |
Contains information about an IAM role, including all of the role's policies.
|
| AwsIamRolePolicy |
An inline policy that is embedded in the role.
|
| AwsIamUserDetails |
Information about an IAM user.
|
| AwsIamUserPolicy |
Information about an inline policy that is embedded in the user.
|
| AwsKinesisStreamDetails |
Provides information about an Amazon Kinesis data stream.
|
| AwsKinesisStreamStreamEncryptionDetails |
Provides information about stream encryption.
|
| AwsKmsKeyDetails |
Contains metadata about an KMS key.
|
| AwsLambdaFunctionCode |
The code for the Lambda function.
|
| AwsLambdaFunctionDeadLetterConfig |
The dead-letter queue for failed asynchronous invocations.
|
| AwsLambdaFunctionDetails |
Details about an Lambda function's configuration.
|
| AwsLambdaFunctionEnvironment |
A function's environment variable settings.
|
| AwsLambdaFunctionEnvironmentError |
Error messages for environment variables that could not be applied.
|
| AwsLambdaFunctionLayer |
An Lambda layer.
|
| AwsLambdaFunctionTracingConfig |
The function's X-Ray tracing configuration.
|
| AwsLambdaFunctionVpcConfig |
The VPC security groups and subnets that are attached to a Lambda function.
|
| AwsLambdaLayerVersionDetails |
Details about a Lambda layer version.
|
| AwsMountPoint |
Details for a volume mount point that's used in a container definition.
|
| AwsMskClusterClusterInfoClientAuthenticationDetails |
Provides details about different modes of client authentication.
|
| AwsMskClusterClusterInfoClientAuthenticationSaslDetails |
Provides details for client authentication using SASL.
|
| AwsMskClusterClusterInfoClientAuthenticationSaslIamDetails |
Details for SASL/IAM client authentication.
|
| AwsMskClusterClusterInfoClientAuthenticationSaslScramDetails |
Details for SASL/SCRAM client authentication.
|
| AwsMskClusterClusterInfoClientAuthenticationTlsDetails |
Provides details for client authentication using TLS.
|
| AwsMskClusterClusterInfoClientAuthenticationUnauthenticatedDetails |
Provides details for allowing no client authentication.
|
| AwsMskClusterClusterInfoDetails |
Provide details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
|
| AwsMskClusterClusterInfoEncryptionInfoDetails |
Includes encryption-related information, such as the KMS key used for encrypting data at rest and whether you want
MSK to encrypt your data in transit.
|
| AwsMskClusterClusterInfoEncryptionInfoEncryptionAtRestDetails |
The data-volume encryption details.
|
| AwsMskClusterClusterInfoEncryptionInfoEncryptionInTransitDetails |
The settings for encrypting data in transit.
|
| AwsMskClusterDetails |
Provides details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
|
| AwsNetworkFirewallFirewallDetails |
Details about an Network Firewall firewall.
|
| AwsNetworkFirewallFirewallPolicyDetails |
Details about a firewall policy.
|
| AwsNetworkFirewallFirewallSubnetMappingsDetails |
A public subnet that Network Firewall uses for the firewall.
|
| AwsNetworkFirewallRuleGroupDetails |
Details about an Network Firewall rule group.
|
| AwsOpenSearchServiceDomainAdvancedSecurityOptionsDetails |
Provides information about domain access control options.
|
| AwsOpenSearchServiceDomainClusterConfigDetails |
Details about the configuration of an OpenSearch cluster.
|
| AwsOpenSearchServiceDomainClusterConfigZoneAwarenessConfigDetails |
Configuration options for zone awareness.
|
| AwsOpenSearchServiceDomainDetails |
Information about an Amazon OpenSearch Service domain.
|
| AwsOpenSearchServiceDomainDomainEndpointOptionsDetails |
Information about additional options for the domain endpoint.
|
| AwsOpenSearchServiceDomainEncryptionAtRestOptionsDetails |
Details about the configuration for encryption at rest for the OpenSearch domain.
|
| AwsOpenSearchServiceDomainLogPublishingOption |
Configuration details for a log publishing option.
|
| AwsOpenSearchServiceDomainLogPublishingOptionsDetails |
Configures the CloudWatch Logs to publish for the OpenSearch domain.
|
| AwsOpenSearchServiceDomainMasterUserOptionsDetails |
Specifies information about the master user of the domain.
|
| AwsOpenSearchServiceDomainNodeToNodeEncryptionOptionsDetails |
Provides details about the configuration for node-to-node encryption.
|
| AwsOpenSearchServiceDomainServiceSoftwareOptionsDetails |
Provides information about the state of the domain relative to the latest service software.
|
| AwsOpenSearchServiceDomainVpcOptionsDetails |
Contains information that OpenSearch Service derives based on the
VPCOptions for the domain. |
| AwsRdsDbClusterAssociatedRole |
An IAM role that is associated with the Amazon RDS DB cluster.
|
| AwsRdsDbClusterDetails |
Information about an Amazon RDS DB cluster.
|
| AwsRdsDbClusterMember |
Information about an instance in the DB cluster.
|
| AwsRdsDbClusterOptionGroupMembership |
Information about an option group membership for a DB cluster.
|
| AwsRdsDbClusterSnapshotDbClusterSnapshotAttribute |
Contains the name and values of a manual Amazon Relational Database Service (RDS) DB cluster snapshot attribute.
|
| AwsRdsDbClusterSnapshotDetails |
Information about an Amazon RDS DB cluster snapshot.
|
| AwsRdsDbDomainMembership |
Information about an Active Directory domain membership record associated with the DB instance.
|
| AwsRdsDbInstanceAssociatedRole |
An IAM role associated with the DB instance.
|
| AwsRdsDbInstanceDetails |
Contains the details of an Amazon RDS DB instance.
|
| AwsRdsDbInstanceEndpoint |
Specifies the connection endpoint.
|
| AwsRdsDbInstanceVpcSecurityGroup |
A VPC security groups that the DB instance belongs to.
|
| AwsRdsDbOptionGroupMembership |
An option group membership.
|
| AwsRdsDbParameterGroup |
Provides information about a parameter group for a DB instance.
|
| AwsRdsDbPendingModifiedValues |
Changes to a DB instance that are currently pending.
|
| AwsRdsDbProcessorFeature |
A processor feature.
|
| AwsRdsDbSecurityGroupDetails |
Provides information about an Amazon RDS DB security group.
|
| AwsRdsDbSecurityGroupEc2SecurityGroup |
EC2 security group information for an RDS DB security group.
|
| AwsRdsDbSecurityGroupIpRange |
IP range information for an RDS DB security group.
|
| AwsRdsDbSnapshotDetails |
Provides details about an Amazon RDS DB cluster snapshot.
|
| AwsRdsDbStatusInfo |
Information about the status of a read replica.
|
| AwsRdsDbSubnetGroup |
Information about the subnet group for the database instance.
|
| AwsRdsDbSubnetGroupSubnet |
Information about a subnet in a subnet group.
|
| AwsRdsDbSubnetGroupSubnetAvailabilityZone |
An Availability Zone for a subnet in a subnet group.
|
| AwsRdsEventSubscriptionDetails |
Details about an Amazon RDS event notification subscription.
|
| AwsRdsPendingCloudWatchLogsExports |
Identifies the log types to enable and disable.
|
| AwsRedshiftClusterClusterNode |
A node in an Amazon Redshift cluster.
|
| AwsRedshiftClusterClusterParameterGroup |
A cluster parameter group that is associated with an Amazon Redshift cluster.
|
| AwsRedshiftClusterClusterParameterStatus |
The status of a parameter in a cluster parameter group for an Amazon Redshift cluster.
|
| AwsRedshiftClusterClusterSecurityGroup |
A security group that is associated with the cluster.
|
| AwsRedshiftClusterClusterSnapshotCopyStatus |
You can configure Amazon Redshift to copy snapshots for a cluster to another Amazon Web Services Region.
|
| AwsRedshiftClusterDeferredMaintenanceWindow |
A time windows during which maintenance was deferred for an Amazon Redshift cluster.
|
| AwsRedshiftClusterDetails |
Details about an Amazon Redshift cluster.
|
| AwsRedshiftClusterElasticIpStatus |
The status of the elastic IP (EIP) address for an Amazon Redshift cluster.
|
| AwsRedshiftClusterEndpoint |
The connection endpoint for an Amazon Redshift cluster.
|
| AwsRedshiftClusterHsmStatus |
Information about whether an Amazon Redshift cluster finished applying any hardware changes to security module (HSM)
settings that were specified in a modify cluster command.
|
| AwsRedshiftClusterIamRole |
An IAM role that the cluster can use to access other Amazon Web Services services.
|
| AwsRedshiftClusterLoggingStatus |
Provides information about the logging status of the cluster.
|
| AwsRedshiftClusterPendingModifiedValues |
Changes to the Amazon Redshift cluster that are currently pending.
|
| AwsRedshiftClusterResizeInfo |
Information about the resize operation for the cluster.
|
| AwsRedshiftClusterRestoreStatus |
Information about the status of a cluster restore action.
|
| AwsRedshiftClusterVpcSecurityGroup |
A VPC security group that the cluster belongs to, if the cluster is in a VPC.
|
| AwsRoute53HostedZoneConfigDetails |
An object that contains an optional comment about your Amazon Route 53 hosted zone.
|
| AwsRoute53HostedZoneDetails |
Provides details about a specified Amazon Route 53 hosted zone, including the four name servers assigned to the
hosted zone.
|
| AwsRoute53HostedZoneObjectDetails |
An object that contains information about an Amazon Route 53 hosted zone.
|
| AwsRoute53HostedZoneVpcDetails |
For private hosted zones, this is a complex type that contains information about an Amazon VPC.
|
| AwsRoute53QueryLoggingConfigDetails |
Provides details about a specified Amazon Route 53 configuration for DNS query logging.
|
| AwsS3AccessPointDetails |
Returns configuration information about the specified Amazon S3 access point.
|
| AwsS3AccessPointVpcConfigurationDetails |
The virtual private cloud (VPC) configuration for an Amazon S3 access point.
|
| AwsS3AccountPublicAccessBlockDetails |
provides information about the Amazon S3 Public Access Block configuration for accounts.
|
| AwsS3BucketBucketLifecycleConfigurationDetails |
The lifecycle configuration for the objects in the S3 bucket.
|
| AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails |
Information about what Amazon S3 does when a multipart upload is incomplete.
|
| AwsS3BucketBucketLifecycleConfigurationRulesDetails |
Configuration for a lifecycle rule.
|
| AwsS3BucketBucketLifecycleConfigurationRulesFilterDetails |
Identifies the objects that a rule applies to.
|
| AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails |
The configuration for the filter.
|
| AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails |
A value to use for the filter.
|
| AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails |
A tag that is assigned to matching objects.
|
| AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails |
A tag filter.
|
| AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails |
A transition rule that describes when noncurrent objects transition to a specified storage class.
|
| AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails |
A rule for when objects transition to specific storage classes.
|
| AwsS3BucketBucketVersioningConfiguration |
Describes the versioning state of an S3 bucket.
|
| AwsS3BucketDetails |
The details of an Amazon Simple Storage Service (Amazon S3) bucket.
|
| AwsS3BucketLoggingConfiguration |
Information about logging for the S3 bucket
|
| AwsS3BucketNotificationConfiguration |
The notification configuration for the S3 bucket.
|
| AwsS3BucketNotificationConfigurationDetail |
Details for an S3 bucket notification configuration.
|
| AwsS3BucketNotificationConfigurationFilter |
Filtering information for the notifications.
|
| AwsS3BucketNotificationConfigurationS3KeyFilter |
Details for an Amazon S3 filter.
|
| AwsS3BucketNotificationConfigurationS3KeyFilterRule |
Details for a filter rule.
|
| AwsS3BucketObjectLockConfiguration |
The container element for S3 Object Lock configuration parameters.
|
| AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails |
The default S3 Object Lock retention mode and period that you want to apply to new objects placed in the specified
Amazon S3 bucket.
|
| AwsS3BucketObjectLockConfigurationRuleDetails |
Specifies the S3 Object Lock rule for the specified object.
|
| AwsS3BucketServerSideEncryptionByDefault |
Specifies the default server-side encryption to apply to new objects in the bucket.
|
| AwsS3BucketServerSideEncryptionConfiguration |
The encryption configuration for the S3 bucket.
|
| AwsS3BucketServerSideEncryptionRule |
An encryption rule to apply to the S3 bucket.
|
| AwsS3BucketWebsiteConfiguration |
Website parameters for the S3 bucket.
|
| AwsS3BucketWebsiteConfigurationRedirectTo |
The redirect behavior for requests to the website.
|
| AwsS3BucketWebsiteConfigurationRoutingRule |
A rule for redirecting requests to the website.
|
| AwsS3BucketWebsiteConfigurationRoutingRuleCondition |
The condition that must be met in order to apply the routing rule.
|
| AwsS3BucketWebsiteConfigurationRoutingRuleRedirect |
The rules to redirect the request if the condition in
Condition is met. |
| AwsS3ObjectDetails |
Details about an Amazon S3 object.
|
| AwsSageMakerNotebookInstanceDetails |
Provides details about an Amazon SageMaker notebook instance.
|
| AwsSageMakerNotebookInstanceMetadataServiceConfigurationDetails |
Information on the instance metadata service (IMDS) configuration of the notebook instance.
|
| AwsSecretsManagerSecretDetails |
Details about an Secrets Manager secret.
|
| AwsSecretsManagerSecretRotationRules |
Defines the rotation schedule for the secret.
|
| AwsSecurityFinding |
Provides a consistent format for Security Hub findings.
|
| AwsSecurityFindingFilters |
A collection of filters that are applied to all active findings aggregated by Security Hub.
|
| AwsSecurityFindingIdentifier |
Identifies which finding to get the finding history for.
|
| AwsSnsTopicDetails |
Provides information about an Amazon SNS topic to which notifications can be published.
|
| AwsSnsTopicSubscription |
A wrapper type for the attributes of an Amazon SNS subscription.
|
| AwsSqsQueueDetails |
Data about a queue.
|
| AwsSsmComplianceSummary |
Provides the details about the compliance status for a patch.
|
| AwsSsmPatch |
Provides details about the compliance for a patch.
|
| AwsSsmPatchComplianceDetails |
Provides information about the state of a patch on an instance based on the patch baseline that was used to patch the
instance.
|
| AwsStepFunctionStateMachineDetails |
Provides details about an Step Functions state machine, which is a workflow consisting of a series of event- driven
steps.
|
| AwsStepFunctionStateMachineLoggingConfigurationDestinationsCloudWatchLogsLogGroupDetails |
An object describing a CloudWatch log group.
|
| AwsStepFunctionStateMachineLoggingConfigurationDestinationsDetails |
An array of objects that describes where your execution history events will be logged.
|
| AwsStepFunctionStateMachineLoggingConfigurationDetails |
The
LoggingConfiguration data type is used to set CloudWatch Logs options. |
| AwsStepFunctionStateMachineTracingConfigurationDetails |
Specifies whether X-Ray tracing is enabled.
|
| AwsWafRateBasedRuleDetails |
Details about a rate-based rule for global resources.
|
| AwsWafRateBasedRuleMatchPredicate |
A match predicate.
|
| AwsWafRegionalRateBasedRuleDetails |
contains details about a rate-based rule for Regional resources.
|
| AwsWafRegionalRateBasedRuleMatchPredicate |
Details for a match predicate.
|
| AwsWafRegionalRuleDetails |
Provides information about an WAF Regional rule.
|
| AwsWafRegionalRuleGroupDetails |
Provides information about an WAF Regional rule group.
|
| AwsWafRegionalRuleGroupRulesActionDetails |
Describes the action that WAF should take on a web request when it matches the criteria defined in the rule.
|
| AwsWafRegionalRuleGroupRulesDetails |
Provides information about the rules attached to a rule group
|
| AwsWafRegionalRulePredicateListDetails |
Provides details about the
ByteMatchSet, IPSet, SqlInjectionMatchSet,
XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet
objects that you want to add to a rule and, for each object, indicates whether you want to negate the settings. |
| AwsWafRegionalWebAclDetails |
Provides information about the web access control list (web ACL).
|
| AwsWafRegionalWebAclRulesListActionDetails |
The action that WAF takes when a web request matches all conditions in the rule, such as allow, block, or count the
request.
|
| AwsWafRegionalWebAclRulesListDetails |
A combination of
ByteMatchSet, IPSet, and/or SqlInjectionMatchSet objects that
identify the web requests that you want to allow, block, or count. |
| AwsWafRegionalWebAclRulesListOverrideActionDetails |
Provides details about the action to use in the place of the action that results from the rule group evaluation.
|
| AwsWafRuleDetails |
Provides information about a WAF rule.
|
| AwsWafRuleGroupDetails |
Provides information about an WAF rule group.
|
| AwsWafRuleGroupRulesActionDetails |
Provides information about what action WAF should take on a web request when it matches the criteria defined in the
rule.
|
| AwsWafRuleGroupRulesDetails |
Provides information about the rules attached to the rule group.
|
| AwsWafRulePredicateListDetails |
Provides details about the
ByteMatchSet, IPSet, SqlInjectionMatchSet,
XssMatchSet, RegexMatchSet, GeoMatchSet, and SizeConstraintSet
objects that you want to add to a rule and, for each object, indicates whether you want to negate the settings. |
| AwsWafv2ActionAllowDetails |
Specifies that WAF should allow the request and optionally defines additional custom handling for the request.
|
| AwsWafv2ActionBlockDetails |
Specifies that WAF should block the request and optionally defines additional custom handling for the response to the
web request.
|
| AwsWafv2CustomHttpHeader |
A custom header for custom request and response handling.
|
| AwsWafv2CustomRequestHandlingDetails |
Custom request handling behavior that inserts custom headers into a web request.
|
| AwsWafv2CustomResponseDetails |
A custom response to send to the client.
|
| AwsWafv2RuleGroupDetails |
Details about an WAFv2 rule group.
|
| AwsWafv2RulesActionCaptchaDetails |
Specifies that WAF should run a CAPTCHA check against the request.
|
| AwsWafv2RulesActionCountDetails |
Specifies that WAF should count the request.
|
| AwsWafv2RulesActionDetails |
The action that WAF should take on a web request when it matches a rule's statement.
|
| AwsWafv2RulesDetails |
Provides details about rules in a rule group.
|
| AwsWafv2VisibilityConfigDetails |
Defines and enables Amazon CloudWatch metrics and web request sample collection.
|
| AwsWafv2WebAclActionDetails |
Specifies the action that Amazon CloudFront or WAF takes when a web request matches the conditions in the rule.
|
| AwsWafv2WebAclCaptchaConfigDetails |
Specifies how WAF should handle CAPTCHA evaluations for rules that don't have their own
CaptchaConfig
settings. |
| AwsWafv2WebAclCaptchaConfigImmunityTimePropertyDetails |
Used for CAPTCHA and challenge token settings.
|
| AwsWafv2WebAclDetails |
Details about an WAFv2 web Access Control List (ACL).
|
| AwsWafWebAclDetails |
Provides information about an WAF web access control list (web ACL).
|
| AwsWafWebAclRule |
Details for a rule in an WAF web ACL.
|
| AwsXrayEncryptionConfigDetails |
Information about the encryption configuration for X-Ray.
|
| BatchDeleteAutomationRulesRequest | |
| BatchDeleteAutomationRulesResult | |
| BatchDisableStandardsRequest | |
| BatchDisableStandardsResult | |
| BatchEnableStandardsRequest | |
| BatchEnableStandardsResult | |
| BatchGetAutomationRulesRequest | |
| BatchGetAutomationRulesResult | |
| BatchGetConfigurationPolicyAssociationsRequest | |
| BatchGetConfigurationPolicyAssociationsResult | |
| BatchGetSecurityControlsRequest | |
| BatchGetSecurityControlsResult | |
| BatchGetStandardsControlAssociationsRequest | |
| BatchGetStandardsControlAssociationsResult | |
| BatchImportFindingsRequest | |
| BatchImportFindingsResult | |
| BatchUpdateAutomationRulesRequest | |
| BatchUpdateAutomationRulesResult | |
| BatchUpdateFindingsRequest | |
| BatchUpdateFindingsResult | |
| BatchUpdateFindingsUnprocessedFinding |
A finding from a
BatchUpdateFindings request that Security Hub was unable to update. |
| BatchUpdateStandardsControlAssociationsRequest | |
| BatchUpdateStandardsControlAssociationsResult | |
| BooleanConfigurationOptions |
The options for customizing a security control parameter with a boolean.
|
| BooleanFilter |
Boolean filter for querying findings.
|
| Cell |
An occurrence of sensitive data detected in a Microsoft Excel workbook, comma-separated value (CSV) file, or
tab-separated value (TSV) file.
|
| CidrBlockAssociation |
An IPv4 CIDR block association.
|
| City |
Information about a city.
|
| ClassificationResult |
Details about the sensitive data that was detected on the resource.
|
| ClassificationStatus |
Provides details about the current status of the sensitive data detection.
|
| CloudWatchLogsLogGroupArnConfigDetails |
The Amazon Resource Name (ARN) and other details of the Amazon CloudWatch Logs log group that Amazon Route 53 is
publishing logs to.
|
| CodeVulnerabilitiesFilePath |
Provides details about where a code vulnerability is located in your Lambda function.
|
| Compliance |
Contains finding details that are specific to control-based findings.
|
| ConfigurationOptions |
The options for customizing a security control parameter.
|
| ConfigurationPolicyAssociation |
Provides details about the association between an Security Hub configuration and a target account, organizational
unit, or the root.
|
| ConfigurationPolicyAssociationSummary |
An object that contains the details of a configuration policy association that’s returned in a
ListConfigurationPolicyAssociations request. |
| ConfigurationPolicySummary |
An object that contains the details of an Security Hub configuration policy that’s returned in a
ListConfigurationPolicies request. |
| ContainerDetails |
Container details related to a finding.
|
| Country |
Information about a country.
|
| CreateActionTargetRequest | |
| CreateActionTargetResult | |
| CreateAutomationRuleRequest | |
| CreateAutomationRuleResult | |
| CreateConfigurationPolicyRequest | |
| CreateConfigurationPolicyResult | |
| CreateFindingAggregatorRequest | |
| CreateFindingAggregatorResult | |
| CreateInsightRequest | |
| CreateInsightResult | |
| CreateMembersRequest | |
| CreateMembersResult | |
| CustomDataIdentifiersDetections |
The list of detected instances of sensitive data.
|
| CustomDataIdentifiersResult |
Contains an instance of sensitive data that was detected by a customer-defined identifier.
|
| Cvss |
CVSS scores from the advisory related to the vulnerability.
|
| DataClassificationDetails |
Provides details about sensitive data that was detected on a resource.
|
| DateFilter |
A date filter for querying findings.
|
| DateRange |
A date range for the date filter.
|
| DeclineInvitationsRequest | |
| DeclineInvitationsResult | |
| DeleteActionTargetRequest | |
| DeleteActionTargetResult | |
| DeleteConfigurationPolicyRequest | |
| DeleteConfigurationPolicyResult | |
| DeleteFindingAggregatorRequest | |
| DeleteFindingAggregatorResult | |
| DeleteInsightRequest | |
| DeleteInsightResult | |
| DeleteInvitationsRequest | |
| DeleteInvitationsResult | |
| DeleteMembersRequest | |
| DeleteMembersResult | |
| DescribeActionTargetsRequest | |
| DescribeActionTargetsResult | |
| DescribeHubRequest | |
| DescribeHubResult | |
| DescribeOrganizationConfigurationRequest | |
| DescribeOrganizationConfigurationResult | |
| DescribeProductsRequest | |
| DescribeProductsResult | |
| DescribeStandardsControlsRequest | |
| DescribeStandardsControlsResult | |
| DescribeStandardsRequest | |
| DescribeStandardsResult | |
| DisableImportFindingsForProductRequest | |
| DisableImportFindingsForProductResult | |
| DisableOrganizationAdminAccountRequest | |
| DisableOrganizationAdminAccountResult | |
| DisableSecurityHubRequest | |
| DisableSecurityHubResult | |
| DisassociateFromAdministratorAccountRequest | |
| DisassociateFromAdministratorAccountResult | |
| DisassociateFromMasterAccountRequest | |
| DisassociateFromMasterAccountResult | |
| DisassociateMembersRequest | |
| DisassociateMembersResult | |
| DnsRequestAction |
Provided if
ActionType is DNS_REQUEST. |
| DoubleConfigurationOptions |
The options for customizing a security control parameter that is a double.
|
| EnableImportFindingsForProductRequest | |
| EnableImportFindingsForProductResult | |
| EnableOrganizationAdminAccountRequest | |
| EnableOrganizationAdminAccountResult | |
| EnableSecurityHubRequest | |
| EnableSecurityHubResult | |
| EnumConfigurationOptions |
The options for customizing a security control parameter that is an enum.
|
| EnumListConfigurationOptions |
The options for customizing a security control parameter that is a list of enums.
|
| FilePaths |
Provides information about the file paths that were affected by the threat.
|
| FindingAggregator |
A finding aggregator.
|
| FindingHistoryRecord |
A list of events that changed the specified finding during the specified time period.
|
| FindingHistoryUpdate |
An array of objects that provides details about a change to a finding, including the Amazon Web Services Security
Finding Format (ASFF) field that changed, the value of the field before the change, and the value of the field after
the change.
|
| FindingHistoryUpdateSource |
Identifies the source of the finding change event.
|
| FindingProviderFields |
In a
BatchImportFindings request, finding providers use FindingProviderFields to provide
and update values for the following fields: |
| FindingProviderSeverity |
The severity assigned to a finding by the finding provider.
|
| FirewallPolicyDetails |
Defines the behavior of the firewall.
|
| FirewallPolicyStatefulRuleGroupReferencesDetails |
A stateful rule group that is used by the firewall policy.
|
| FirewallPolicyStatelessCustomActionsDetails |
A custom action that can be used for stateless packet handling.
|
| FirewallPolicyStatelessRuleGroupReferencesDetails |
A stateless rule group that is used by the firewall policy.
|
| GeneratorDetails |
Provides metadata for the Amazon CodeGuru detector associated with a finding.
|
| GeoLocation |
Provides the latitude and longitude coordinates of a location.
|
| GetAdministratorAccountRequest | |
| GetAdministratorAccountResult | |
| GetConfigurationPolicyAssociationRequest | |
| GetConfigurationPolicyAssociationResult | |
| GetConfigurationPolicyRequest | |
| GetConfigurationPolicyResult | |
| GetEnabledStandardsRequest | |
| GetEnabledStandardsResult | |
| GetFindingAggregatorRequest | |
| GetFindingAggregatorResult | |
| GetFindingHistoryRequest | |
| GetFindingHistoryResult | |
| GetFindingsRequest | |
| GetFindingsResult | |
| GetInsightResultsRequest | |
| GetInsightResultsResult | |
| GetInsightsRequest | |
| GetInsightsResult | |
| GetInvitationsCountRequest | |
| GetInvitationsCountResult | |
| GetMasterAccountRequest | |
| GetMasterAccountResult | |
| GetMembersRequest | |
| GetMembersResult | |
| GetSecurityControlDefinitionRequest | |
| GetSecurityControlDefinitionResult | |
| IcmpTypeCode |
An Internet Control Message Protocol (ICMP) type and code.
|
| ImportFindingsError |
The list of the findings that cannot be imported.
|
| Insight |
Contains information about a Security Hub insight.
|
| InsightResults |
The insight results returned by the
GetInsightResults operation. |
| InsightResultValue |
The insight result values returned by the
GetInsightResults operation. |
| IntegerConfigurationOptions |
The options for customizing a security control parameter that is an integer.
|
| IntegerListConfigurationOptions |
The options for customizing a security control parameter that is a list of integers.
|
| Invitation |
Details about an invitation.
|
| InviteMembersRequest | |
| InviteMembersResult | |
| IpFilter |
The IP filter for querying findings.
|
| IpOrganizationDetails |
Provides information about an internet provider.
|
| Ipv6CidrBlockAssociation |
An IPV6 CIDR block association.
|
| KeywordFilter |
A keyword filter for querying findings.
|
| ListAutomationRulesRequest | |
| ListAutomationRulesResult | |
| ListConfigurationPoliciesRequest | |
| ListConfigurationPoliciesResult | |
| ListConfigurationPolicyAssociationsRequest | |
| ListConfigurationPolicyAssociationsResult | |
| ListEnabledProductsForImportRequest | |
| ListEnabledProductsForImportResult | |
| ListFindingAggregatorsRequest | |
| ListFindingAggregatorsResult | |
| ListInvitationsRequest | |
| ListInvitationsResult | |
| ListMembersRequest | |
| ListMembersResult | |
| ListOrganizationAdminAccountsRequest | |
| ListOrganizationAdminAccountsResult | |
| ListSecurityControlDefinitionsRequest | |
| ListSecurityControlDefinitionsResult | |
| ListStandardsControlAssociationsRequest | |
| ListStandardsControlAssociationsResult | |
| ListTagsForResourceRequest | |
| ListTagsForResourceResult | |
| LoadBalancerState |
Information about the state of the load balancer.
|
| Malware |
A list of malware related to a finding.
|
| MapFilter |
A map filter for filtering Security Hub findings.
|
| Member |
The details about a member account.
|
| Network |
The details of network-related information about a finding.
|
| NetworkConnectionAction |
Provided if
ActionType is NETWORK_CONNECTION. |
| NetworkHeader |
Details about a network path component that occurs before or after the current component.
|
| NetworkPathComponent |
Information about a network path component.
|
| NetworkPathComponentDetails |
Information about the destination of the next component in the network path.
|
| Note |
A user-defined note added to a finding.
|
| NoteUpdate |
The updated note.
|
| NumberFilter |
A number filter for querying findings.
|
| Occurrences |
The detected occurrences of sensitive data.
|
| OrganizationConfiguration |
Provides information about the way an organization is configured in Security Hub.
|
| Page |
An occurrence of sensitive data in an Adobe Portable Document Format (PDF) file.
|
| ParameterConfiguration |
An object that provides the current value of a security control parameter and identifies whether it has been
customized.
|
| ParameterDefinition |
An object that describes a security control parameter and the options for customizing it.
|
| ParameterValue |
An object that includes the data type of a security control parameter and its current value.
|
| PatchSummary |
Provides an overview of the patch compliance status for an instance against a selected compliance standard.
|
| Policy |
An object that defines how Security Hub is configured.
|
| PortProbeAction |
Provided if
ActionType is PORT_PROBE. |
| PortProbeDetail |
A port scan that was part of the port probe.
|
| PortRange |
A range of ports.
|
| PortRangeFromTo |
A range of ports.
|
| ProcessDetails |
The details of process-related information about a finding.
|
| Product |
Contains details about a product.
|
| PropagatingVgwSetDetails |
Describes a virtual private gateway propagating route.
|
| Range |
Identifies where the sensitive data begins and ends.
|
| Recommendation |
A recommendation on how to remediate the issue identified in a finding.
|
| Record |
An occurrence of sensitive data in an Apache Avro object container or an Apache Parquet file.
|
| RelatedFinding |
Details about a related finding.
|
| Remediation |
Details about the remediation steps for a finding.
|
| Resource |
A resource related to a finding.
|
| ResourceDetails |
Additional details about a resource related to a finding.
|
| Result |
Details about the account that was not processed.
|
| RouteSetDetails |
Provides details about the routes in the route table.
|
| RuleGroupDetails |
Details about the rule group.
|
| RuleGroupSource |
The rules and actions for the rule group.
|
| RuleGroupSourceCustomActionsDetails |
A custom action definition.
|
| RuleGroupSourceListDetails |
Stateful inspection criteria for a domain list rule group.
|
| RuleGroupSourceStatefulRulesDetails |
A Suricata rule specification.
|
| RuleGroupSourceStatefulRulesHeaderDetails |
The inspection criteria for a stateful rule.
|
| RuleGroupSourceStatefulRulesOptionsDetails |
A rule option for a stateful rule.
|
| RuleGroupSourceStatelessRuleDefinition |
The definition of the stateless rule.
|
| RuleGroupSourceStatelessRuleMatchAttributes |
Criteria for the stateless rule.
|
| RuleGroupSourceStatelessRuleMatchAttributesDestinationPorts |
A port range to specify the destination ports to inspect for.
|
| RuleGroupSourceStatelessRuleMatchAttributesDestinations |
A destination IP address or range.
|
| RuleGroupSourceStatelessRuleMatchAttributesSourcePorts |
A port range to specify the source ports to inspect for.
|
| RuleGroupSourceStatelessRuleMatchAttributesSources |
A source IP addresses and address range to inspect for.
|
| RuleGroupSourceStatelessRuleMatchAttributesTcpFlags |
A set of TCP flags and masks to inspect for.
|
| RuleGroupSourceStatelessRulesAndCustomActionsDetails |
Stateless rules and custom actions for a stateless rule group.
|
| RuleGroupSourceStatelessRulesDetails |
A stateless rule in the rule group.
|
| RuleGroupVariables |
Additional settings to use in the specified rules.
|
| RuleGroupVariablesIpSetsDetails |
A list of IP addresses and address ranges, in CIDR notation.
|
| RuleGroupVariablesPortSetsDetails |
A list of port ranges.
|
| SecurityControl |
A security control in Security Hub describes a security best practice related to a specific resource.
|
| SecurityControlCustomParameter |
A list of security controls and control parameter values that are included in a configuration policy.
|
| SecurityControlDefinition |
Provides metadata for a security control, including its unique standard-agnostic identifier, title, description,
severity, availability in Amazon Web Services Regions, and a link to remediation steps.
|
| SecurityControlParameter |
A parameter that a security control accepts.
|
| SecurityControlsConfiguration |
An object that defines which security controls are enabled in an Security Hub configuration policy.
|
| SecurityHubPolicy |
An object that defines how Security Hub is configured.
|
| SensitiveDataDetections |
The list of detected instances of sensitive data.
|
| SensitiveDataResult |
Contains a detected instance of sensitive data that are based on built-in identifiers.
|
| Severity |
The severity of the finding.
|
| SeverityUpdate |
Updates to the severity information for a finding.
|
| SoftwarePackage |
Information about a software package.
|
| SortCriterion |
A collection of finding attributes used to sort findings.
|
| Standard |
Provides information about a specific security standard.
|
| StandardsControl |
Details for an individual security standard control.
|
| StandardsControlAssociationDetail |
Provides details about a control's enablement status in a specified standard.
|
| StandardsControlAssociationId |
An array with one or more objects that includes a security control (identified with
SecurityControlId,
SecurityControlArn, or a mix of both parameters) and the Amazon Resource Name (ARN) of a standard. |
| StandardsControlAssociationSummary |
An array that provides the enablement status and other details for each control that applies to each enabled
standard.
|
| StandardsControlAssociationUpdate |
An array of requested updates to the enablement status of controls in specified standards.
|
| StandardsManagedBy |
Provides details about the management of a security standard.
|
| StandardsStatusReason |
The reason for the current status of a standard subscription.
|
| StandardsSubscription |
A resource that represents your subscription to a supported standard.
|
| StandardsSubscriptionRequest |
The standard that you want to enable.
|
| StartConfigurationPolicyAssociationRequest | |
| StartConfigurationPolicyAssociationResult | |
| StartConfigurationPolicyDisassociationRequest | |
| StartConfigurationPolicyDisassociationResult | |
| StatelessCustomActionDefinition |
The definition of a custom action that can be used for stateless packet handling.
|
| StatelessCustomPublishMetricAction |
Information about metrics to publish to CloudWatch.
|
| StatelessCustomPublishMetricActionDimension |
Defines a CloudWatch dimension value to publish.
|
| StatusReason |
Provides additional context for the value of
Compliance.Status. |
| StringConfigurationOptions |
The options for customizing a security control parameter that is a string.
|
| StringFilter |
A string filter for filtering Security Hub findings.
|
| StringListConfigurationOptions |
The options for customizing a security control parameter that is a list of strings.
|
| TagResourceRequest | |
| TagResourceResult | |
| Target |
The target account, organizational unit, or the root that is associated with an Security Hub configuration.
|
| Threat |
Provides information about the threat detected in a security finding and the file paths that were affected by the
threat.
|
| ThreatIntelIndicator |
Details about the threat intelligence related to a finding.
|
| UnprocessedAutomationRule |
A list of objects containing
RuleArn, ErrorCode, and ErrorMessage. |
| UnprocessedConfigurationPolicyAssociation |
An array of configuration policy associations, one for each configuration policy association identifier, that was
specified in a
BatchGetConfigurationPolicyAssociations request but couldn’t be processed due to an
error. |
| UnprocessedSecurityControl |
Provides details about a security control for which a response couldn't be returned.
|
| UnprocessedStandardsControlAssociation |
Provides details about which control's enablement status couldn't be retrieved in a specified standard when calling
BatchUpdateStandardsControlAssociations.
|
| UnprocessedStandardsControlAssociationUpdate |
Provides details about which control's enablement status could not be updated in a specified standard when calling
the BatchUpdateStandardsControlAssociations API.
|
| UntagResourceRequest | |
| UntagResourceResult | |
| UpdateActionTargetRequest | |
| UpdateActionTargetResult | |
| UpdateAutomationRulesRequestItem |
Specifies the parameters to update in an existing automation rule.
|
| UpdateConfigurationPolicyRequest | |
| UpdateConfigurationPolicyResult | |
| UpdateFindingAggregatorRequest | |
| UpdateFindingAggregatorResult | |
| UpdateFindingsRequest | |
| UpdateFindingsResult | |
| UpdateInsightRequest | |
| UpdateInsightResult | |
| UpdateOrganizationConfigurationRequest | |
| UpdateOrganizationConfigurationResult | |
| UpdateSecurityControlRequest | |
| UpdateSecurityControlResult | |
| UpdateSecurityHubConfigurationRequest | |
| UpdateSecurityHubConfigurationResult | |
| UpdateStandardsControlRequest | |
| UpdateStandardsControlResult | |
| VolumeMount |
Describes the mounting of a volume in a container.
|
| VpcInfoCidrBlockSetDetails |
Provides details about the IPv4 CIDR blocks for the VPC.
|
| VpcInfoIpv6CidrBlockSetDetails |
Provides details about the IPv6 CIDR blocks for the VPC.
|
| VpcInfoPeeringOptionsDetails |
Provides information about the VPC peering connection options for the accepter or requester VPC.
|
| Vulnerability |
A vulnerability associated with a finding.
|
| VulnerabilityCodeVulnerabilities |
Provides details about the vulnerabilities found in your Lambda function code.
|
| VulnerabilityVendor |
A vendor that generates a vulnerability report.
|
| WafAction |
Details about the action that CloudFront or WAF takes when a web request matches the conditions in the rule.
|
| WafExcludedRule |
Details about a rule to exclude from a rule group.
|
| WafOverrideAction |
Details about an override action for a rule.
|
| Workflow |
Provides details about the status of the investigation into a finding.
|
| WorkflowUpdate |
Used to update information about the investigation into the finding.
|
| Exception | Description |
|---|---|
| AccessDeniedException |
You don't have permission to perform the action specified in the request.
|
| AWSSecurityHubException |
Base exception for all service exceptions thrown by AWS SecurityHub
|
| InternalException |
Internal server error.
|
| InvalidAccessException |
The account doesn't have permission to perform this action.
|
| InvalidInputException |
The request was rejected because you supplied an invalid or out-of-range value for an input parameter.
|
| LimitExceededException |
The request was rejected because it attempted to create resources beyond the current Amazon Web Services account or
throttling limits.
|
| ResourceConflictException |
The resource specified in the request conflicts with an existing resource.
|
| ResourceInUseException |
The request was rejected because it conflicts with the resource's availability.
|
| ResourceNotFoundException |
The request was rejected because we can't find the specified resource.
|