From f4c2480da98a04290d3f1cf4f3b9e6f2ec82e4e4 Mon Sep 17 00:00:00 2001 From: aws-sdk-python-automation Date: Tue, 23 Jan 2024 20:36:45 +0000 Subject: [PATCH 1/2] Update to latest models --- .../api-change-inspector2-72240.json | 5 + .../2020-06-08/endpoint-rule-set-1.json | 40 +- .../inspector2/2020-06-08/paginators-1.json | 30 + .../data/inspector2/2020-06-08/service-2.json | 2016 ++++++++++++++++- 4 files changed, 2061 insertions(+), 30 deletions(-) create mode 100644 .changes/next-release/api-change-inspector2-72240.json diff --git a/.changes/next-release/api-change-inspector2-72240.json b/.changes/next-release/api-change-inspector2-72240.json new file mode 100644 index 0000000000..1b929834c6 --- /dev/null +++ b/.changes/next-release/api-change-inspector2-72240.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``inspector2``", + "description": "This release adds support for CIS scans on EC2 instances." +} diff --git a/botocore/data/inspector2/2020-06-08/endpoint-rule-set-1.json b/botocore/data/inspector2/2020-06-08/endpoint-rule-set-1.json index a8d6cdbbc6..1d9d6c07b5 100644 --- a/botocore/data/inspector2/2020-06-08/endpoint-rule-set-1.json +++ b/botocore/data/inspector2/2020-06-08/endpoint-rule-set-1.json @@ -40,7 +40,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -83,7 +82,8 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -96,7 +96,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -110,7 +109,6 @@ "assign": "PartitionResult" } ], - "type": "tree", "rules": [ { "conditions": [ @@ -133,7 +131,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -168,7 +165,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -179,14 +175,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS and DualStack are enabled, but this partition does not support one or both", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -200,14 +198,12 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ - true, { "fn": "getAttr", "argv": [ @@ -216,11 +212,11 @@ }, "supportsFIPS" ] - } + }, + true ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -231,14 +227,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS is enabled but this partition does not support FIPS", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -252,7 +250,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -272,7 +269,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -283,14 +279,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "DualStack is enabled but this partition does not support DualStack", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [], @@ -301,9 +299,11 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], diff --git a/botocore/data/inspector2/2020-06-08/paginators-1.json b/botocore/data/inspector2/2020-06-08/paginators-1.json index f6aaa6d4d0..0c1854b98c 100644 --- a/botocore/data/inspector2/2020-06-08/paginators-1.json +++ b/botocore/data/inspector2/2020-06-08/paginators-1.json @@ -57,6 +57,36 @@ "input_token": "nextToken", "output_token": "nextToken", "result_key": "vulnerabilities" + }, + "GetCisScanResultDetails": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "scanResultDetails" + }, + "ListCisScanConfigurations": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "scanConfigurations" + }, + "ListCisScanResultsAggregatedByChecks": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "checkAggregations" + }, + "ListCisScanResultsAggregatedByTargetResource": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "targetResourceAggregations" + }, + "ListCisScans": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "scans" } } } diff --git a/botocore/data/inspector2/2020-06-08/service-2.json b/botocore/data/inspector2/2020-06-08/service-2.json index 915adc197a..4b17633af2 100644 --- a/botocore/data/inspector2/2020-06-08/service-2.json +++ b/botocore/data/inspector2/2020-06-08/service-2.json @@ -170,6 +170,23 @@ "documentation":"

Cancels a software bill of materials (SBOM) report.

", "idempotent":true }, + "CreateCisScanConfiguration":{ + "name":"CreateCisScanConfiguration", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-configuration/create", + "responseCode":200 + }, + "input":{"shape":"CreateCisScanConfigurationRequest"}, + "output":{"shape":"CreateCisScanConfigurationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Creates a CIS scan configuration.

" + }, "CreateFilter":{ "name":"CreateFilter", "http":{ @@ -226,6 +243,24 @@ "documentation":"

Creates a software bill of materials (SBOM) report.

", "idempotent":true }, + "DeleteCisScanConfiguration":{ + "name":"DeleteCisScanConfiguration", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-configuration/delete", + "responseCode":200 + }, + "input":{"shape":"DeleteCisScanConfigurationRequest"}, + "output":{"shape":"DeleteCisScanConfigurationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Deletes a CIS scan configuration.

" + }, "DeleteFilter":{ "name":"DeleteFilter", "http":{ @@ -352,6 +387,40 @@ ], "documentation":"

Enables the Amazon Inspector delegated administrator for your Organizations organization.

" }, + "GetCisScanReport":{ + "name":"GetCisScanReport", + "http":{ + "method":"POST", + "requestUri":"/cis/scan/report/get", + "responseCode":200 + }, + "input":{"shape":"GetCisScanReportRequest"}, + "output":{"shape":"GetCisScanReportResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Retrieves a CIS scan report.

" + }, + "GetCisScanResultDetails":{ + "name":"GetCisScanResultDetails", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-result/details/get", + "responseCode":200 + }, + "input":{"shape":"GetCisScanResultDetailsRequest"}, + "output":{"shape":"GetCisScanResultDetailsResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ValidationException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Retrieves CIS scan result details.

" + }, "GetConfiguration":{ "name":"GetConfiguration", "http":{ @@ -493,6 +562,74 @@ ], "documentation":"

Lists the permissions an account has to configure Amazon Inspector.

" }, + "ListCisScanConfigurations":{ + "name":"ListCisScanConfigurations", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-configuration/list", + "responseCode":200 + }, + "input":{"shape":"ListCisScanConfigurationsRequest"}, + "output":{"shape":"ListCisScanConfigurationsResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ValidationException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Lists CIS scan configurations.

" + }, + "ListCisScanResultsAggregatedByChecks":{ + "name":"ListCisScanResultsAggregatedByChecks", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-result/check/list", + "responseCode":200 + }, + "input":{"shape":"ListCisScanResultsAggregatedByChecksRequest"}, + "output":{"shape":"ListCisScanResultsAggregatedByChecksResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ValidationException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Lists scan results aggregated by checks.

" + }, + "ListCisScanResultsAggregatedByTargetResource":{ + "name":"ListCisScanResultsAggregatedByTargetResource", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-result/resource/list", + "responseCode":200 + }, + "input":{"shape":"ListCisScanResultsAggregatedByTargetResourceRequest"}, + "output":{"shape":"ListCisScanResultsAggregatedByTargetResourceResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ValidationException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Lists scan results aggregated by a target resource.

" + }, + "ListCisScans":{ + "name":"ListCisScans", + "http":{ + "method":"POST", + "requestUri":"/cis/scan/list", + "responseCode":200 + }, + "input":{"shape":"ListCisScansRequest"}, + "output":{"shape":"ListCisScansResponse"}, + "errors":[ + {"shape":"AccessDeniedException"}, + {"shape":"ValidationException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Returns a CIS scan list.

" + }, "ListCoverage":{ "name":"ListCoverage", "http":{ @@ -678,6 +815,82 @@ ], "documentation":"

Lists Amazon Inspector coverage details for a specific vulnerability.

" }, + "SendCisSessionHealth":{ + "name":"SendCisSessionHealth", + "http":{ + "method":"PUT", + "requestUri":"/cissession/health/send", + "responseCode":200 + }, + "input":{"shape":"SendCisSessionHealthRequest"}, + "output":{"shape":"SendCisSessionHealthResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Sends a CIS session health. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

", + "idempotent":true + }, + "SendCisSessionTelemetry":{ + "name":"SendCisSessionTelemetry", + "http":{ + "method":"PUT", + "requestUri":"/cissession/telemetry/send", + "responseCode":200 + }, + "input":{"shape":"SendCisSessionTelemetryRequest"}, + "output":{"shape":"SendCisSessionTelemetryResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Sends a CIS session telemetry. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

", + "idempotent":true + }, + "StartCisSession":{ + "name":"StartCisSession", + "http":{ + "method":"PUT", + "requestUri":"/cissession/start", + "responseCode":200 + }, + "input":{"shape":"StartCisSessionRequest"}, + "output":{"shape":"StartCisSessionResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Starts a CIS session. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

", + "idempotent":true + }, + "StopCisSession":{ + "name":"StopCisSession", + "http":{ + "method":"PUT", + "requestUri":"/cissession/stop", + "responseCode":200 + }, + "input":{"shape":"StopCisSessionRequest"}, + "output":{"shape":"StopCisSessionResponse"}, + "errors":[ + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Stops a CIS session. This API is used by the Amazon Inspector SSM plugin to communicate with the Amazon Inspector service. The Amazon Inspector SSM plugin calls this API to start a CIS scan session for the scan ID supplied by the service.

", + "idempotent":true + }, "TagResource":{ "name":"TagResource", "http":{ @@ -714,6 +927,24 @@ ], "documentation":"

Removes tags from a resource.

" }, + "UpdateCisScanConfiguration":{ + "name":"UpdateCisScanConfiguration", + "http":{ + "method":"POST", + "requestUri":"/cis/scan-configuration/update", + "responseCode":200 + }, + "input":{"shape":"UpdateCisScanConfigurationRequest"}, + "output":{"shape":"UpdateCisScanConfigurationResponse"}, + "errors":[ + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServerException"} + ], + "documentation":"

Updates a CIS scan configuration.

" + }, "UpdateConfiguration":{ "name":"UpdateConfiguration", "http":{ @@ -899,6 +1130,12 @@ "min":12, "pattern":"^\\d{12}$" }, + "AccountIdFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, "AccountIdSet":{ "type":"list", "member":{"shape":"AccountId"}, @@ -1610,6 +1847,16 @@ } } }, + "BenchmarkProfile":{ + "type":"string", + "max":128, + "min":0 + }, + "BenchmarkVersion":{ + "type":"string", + "max":8, + "min":0 + }, "Boolean":{ "type":"boolean", "box":true @@ -1638,20 +1885,821 @@ "type":"structure", "required":["reportId"], "members":{ - "reportId":{ - "shape":"ReportId", - "documentation":"

The report ID of the SBOM export to cancel.

" + "reportId":{ + "shape":"ReportId", + "documentation":"

The report ID of the SBOM export to cancel.

" + } + } + }, + "CancelSbomExportResponse":{ + "type":"structure", + "members":{ + "reportId":{ + "shape":"ReportId", + "documentation":"

The report ID of the canceled SBOM export.

" + } + } + }, + "CheckCount":{ + "type":"integer", + "max":65536, + "min":0 + }, + "CheckIdFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisAccountIdList":{ + "type":"list", + "member":{"shape":"AccountId"}, + "max":10000, + "min":1 + }, + "CisCheckAggregation":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "accountId":{ + "shape":"AccountId", + "documentation":"

The account ID for the CIS check.

" + }, + "checkDescription":{ + "shape":"String", + "documentation":"

The description for the CIS check.

" + }, + "checkId":{ + "shape":"String", + "documentation":"

The check ID for the CIS check.

" + }, + "level":{ + "shape":"CisSecurityLevel", + "documentation":"

The CIS check level.

" + }, + "platform":{ + "shape":"String", + "documentation":"

The CIS check platform.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN for the CIS check scan ARN.

" + }, + "statusCounts":{ + "shape":"StatusCounts", + "documentation":"

The CIS check status counts.

" + }, + "title":{ + "shape":"String", + "documentation":"

The CIS check title.

" + } + }, + "documentation":"

A CIS check.

" + }, + "CisCheckAggregationList":{ + "type":"list", + "member":{"shape":"CisCheckAggregation"}, + "max":1000, + "min":1 + }, + "CisDateFilter":{ + "type":"structure", + "members":{ + "earliestScanStartTime":{ + "shape":"Timestamp", + "documentation":"

The CIS date filter's earliest scan start time.

" + }, + "latestScanStartTime":{ + "shape":"Timestamp", + "documentation":"

The CIS date filter's latest scan start time.

" + } + }, + "documentation":"

The CIS date filter.

" + }, + "CisFindingArn":{ + "type":"string", + "pattern":"^arn:aws(-gov|-cn)?:inspector2:[-.a-z0-9]{0,20}:\\d{12}:owner/\\d{12}/cis-finding/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$" + }, + "CisFindingArnFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisFindingStatus":{ + "type":"string", + "enum":[ + "PASSED", + "FAILED", + "SKIPPED" + ] + }, + "CisFindingStatusComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "CisFindingStatusFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisFindingStatusComparison", + "documentation":"

The comparison value of the CIS finding status filter.

" + }, + "value":{ + "shape":"CisFindingStatus", + "documentation":"

The value of the CIS finding status filter.

" + } + }, + "documentation":"

The CIS finding status filter.

" + }, + "CisFindingStatusFilterList":{ + "type":"list", + "member":{"shape":"CisFindingStatusFilter"}, + "max":10, + "min":1 + }, + "CisNumberFilter":{ + "type":"structure", + "members":{ + "lowerInclusive":{ + "shape":"Integer", + "documentation":"

The CIS number filter's lower inclusive.

" + }, + "upperInclusive":{ + "shape":"Integer", + "documentation":"

The CIS number filter's upper inclusive.

" + } + }, + "documentation":"

The CIS number filter.

" + }, + "CisNumberFilterList":{ + "type":"list", + "member":{"shape":"CisNumberFilter"}, + "max":10, + "min":1 + }, + "CisOwnerId":{ + "type":"string", + "pattern":"^\\d{12}|o-[a-z0-9]{10,32}$" + }, + "CisReportStatus":{ + "type":"string", + "enum":[ + "SUCCEEDED", + "FAILED", + "IN_PROGRESS" + ] + }, + "CisResultStatus":{ + "type":"string", + "enum":[ + "PASSED", + "FAILED", + "SKIPPED" + ] + }, + "CisResultStatusComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "CisResultStatusFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisResultStatusComparison", + "documentation":"

The comparison value of the CIS result status filter.

" + }, + "value":{ + "shape":"CisResultStatus", + "documentation":"

The value of the CIS result status filter.

" + } + }, + "documentation":"

The CIS result status filter.

" + }, + "CisResultStatusFilterList":{ + "type":"list", + "member":{"shape":"CisResultStatusFilter"}, + "max":10, + "min":1 + }, + "CisRuleDetails":{ + "type":"blob", + "max":1000, + "min":0 + }, + "CisRuleStatus":{ + "type":"string", + "enum":[ + "FAILED", + "PASSED", + "NOT_EVALUATED", + "INFORMATIONAL", + "UNKNOWN", + "NOT_APPLICABLE", + "ERROR" + ] + }, + "CisScan":{ + "type":"structure", + "required":[ + "scanArn", + "scanConfigurationArn" + ], + "members":{ + "failedChecks":{ + "shape":"Integer", + "documentation":"

The CIS scan's failed checks.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The CIS scan's ARN.

" + }, + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The CIS scan's configuration ARN.

" + }, + "scanDate":{ + "shape":"Timestamp", + "documentation":"

The CIS scan's date.

" + }, + "scanName":{ + "shape":"CisScanName", + "documentation":"

The the name of the scan configuration that's associated with this scan.

" + }, + "scheduledBy":{ + "shape":"String", + "documentation":"

The account or organization that schedules the CIS scan.

" + }, + "securityLevel":{ + "shape":"CisSecurityLevel", + "documentation":"

The security level for the CIS scan. Security level refers to the Benchmark levels that CIS assigns to a profile.

" + }, + "status":{ + "shape":"CisScanStatus", + "documentation":"

The CIS scan's status.

" + }, + "targets":{ + "shape":"CisTargets", + "documentation":"

The CIS scan's targets.

" + }, + "totalChecks":{ + "shape":"Integer", + "documentation":"

The CIS scan's total checks.

" + } + }, + "documentation":"

The CIS scan.

" + }, + "CisScanArn":{ + "type":"string", + "pattern":"^arn:aws(-us-gov|-cn)?:inspector2:[-.a-z0-9]{0,20}:\\d{12}:owner/(\\d{12}|o-[a-z0-9]{10,32})/cis-scan/[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12}$" + }, + "CisScanArnFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisScanConfiguration":{ + "type":"structure", + "required":["scanConfigurationArn"], + "members":{ + "ownerId":{ + "shape":"CisOwnerId", + "documentation":"

The CIS scan configuration's owner ID.

" + }, + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The CIS scan configuration's scan configuration ARN.

" + }, + "scanName":{ + "shape":"CisScanName", + "documentation":"

The name of the CIS scan configuration.

" + }, + "schedule":{ + "shape":"Schedule", + "documentation":"

The CIS scan configuration's schedule.

" + }, + "securityLevel":{ + "shape":"CisSecurityLevel", + "documentation":"

The CIS scan configuration's security level.

" + }, + "tags":{ + "shape":"CisTagMap", + "documentation":"

The CIS scan configuration's tags.

" + }, + "targets":{ + "shape":"CisTargets", + "documentation":"

The CIS scan configuration's targets.

" + } + }, + "documentation":"

The CIS scan configuration.

" + }, + "CisScanConfigurationArn":{ + "type":"string", + "pattern":"^arn:aws(-us-gov|-cn)?:inspector2:[a-z]{2}(-gov)?-[a-z]+-[0-9]{1}:[0-9]{12}:owner/(o-[a-z0-9]+|[0-9]{12})/cis-configuration/[0-9a-fA-F-]+$" + }, + "CisScanConfigurationArnFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisScanConfigurationList":{ + "type":"list", + "member":{"shape":"CisScanConfiguration"}, + "max":100, + "min":0 + }, + "CisScanConfigurationsSortBy":{ + "type":"string", + "enum":[ + "SCAN_NAME", + "SCAN_CONFIGURATION_ARN" + ] + }, + "CisScanDateFilterList":{ + "type":"list", + "member":{"shape":"CisDateFilter"}, + "max":1, + "min":1 + }, + "CisScanList":{ + "type":"list", + "member":{"shape":"CisScan"}, + "max":50, + "min":0 + }, + "CisScanName":{ + "type":"string", + "max":128, + "min":1 + }, + "CisScanNameFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisScanResultDetails":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "accountId":{ + "shape":"AccountId", + "documentation":"

The CIS scan result details' account ID.

" + }, + "checkDescription":{ + "shape":"String", + "documentation":"

The account ID that's associated with the CIS scan result details.

" + }, + "checkId":{ + "shape":"String", + "documentation":"

The CIS scan result details' check ID.

" + }, + "findingArn":{ + "shape":"CisFindingArn", + "documentation":"

The CIS scan result details' finding ARN.

" + }, + "level":{ + "shape":"CisSecurityLevel", + "documentation":"

The CIS scan result details' level.

" + }, + "platform":{ + "shape":"String", + "documentation":"

The CIS scan result details' platform.

" + }, + "remediation":{ + "shape":"String", + "documentation":"

The CIS scan result details' remediation.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The CIS scan result details' scan ARN.

" + }, + "status":{ + "shape":"CisFindingStatus", + "documentation":"

The CIS scan result details' status.

" + }, + "statusReason":{ + "shape":"String", + "documentation":"

The CIS scan result details' status reason.

" + }, + "targetResourceId":{ + "shape":"ResourceId", + "documentation":"

The CIS scan result details' target resource ID.

" + }, + "title":{ + "shape":"String", + "documentation":"

The CIS scan result details' title.

" + } + }, + "documentation":"

The CIS scan result details.

" + }, + "CisScanResultDetailsFilterCriteria":{ + "type":"structure", + "members":{ + "checkIdFilters":{ + "shape":"CheckIdFilterList", + "documentation":"

The criteria's check ID filters.

" + }, + "findingArnFilters":{ + "shape":"CisFindingArnFilterList", + "documentation":"

The criteria's finding ARN filters.

" + }, + "findingStatusFilters":{ + "shape":"CisFindingStatusFilterList", + "documentation":"

The criteria's finding status filters.

" + }, + "securityLevelFilters":{ + "shape":"CisSecurityLevelFilterList", + "documentation":"

The criteria's security level filters. . Security level refers to the Benchmark levels that CIS assigns to a profile.

" + }, + "titleFilters":{ + "shape":"TitleFilterList", + "documentation":"

The criteria's title filters.

" + } + }, + "documentation":"

The CIS scan result details filter criteria.

" + }, + "CisScanResultDetailsList":{ + "type":"list", + "member":{"shape":"CisScanResultDetails"}, + "max":1000, + "min":1 + }, + "CisScanResultDetailsSortBy":{ + "type":"string", + "enum":[ + "CHECK_ID", + "STATUS" + ] + }, + "CisScanResultsAggregatedByChecksFilterCriteria":{ + "type":"structure", + "members":{ + "accountIdFilters":{ + "shape":"OneAccountIdFilterList", + "documentation":"

The criteria's account ID filters.

" + }, + "checkIdFilters":{ + "shape":"CheckIdFilterList", + "documentation":"

The criteria's check ID filters.

" + }, + "failedResourcesFilters":{ + "shape":"CisNumberFilterList", + "documentation":"

The criteria's failed resources filters.

" + }, + "platformFilters":{ + "shape":"PlatformFilterList", + "documentation":"

The criteria's platform filters.

" + }, + "securityLevelFilters":{ + "shape":"CisSecurityLevelFilterList", + "documentation":"

The criteria's security level filters.

" + }, + "titleFilters":{ + "shape":"TitleFilterList", + "documentation":"

The criteria's title filters.

" + } + }, + "documentation":"

The scan results aggregated by checks filter criteria.

" + }, + "CisScanResultsAggregatedByChecksSortBy":{ + "type":"string", + "enum":[ + "CHECK_ID", + "TITLE", + "PLATFORM", + "FAILED_COUNTS", + "SECURITY_LEVEL" + ] + }, + "CisScanResultsAggregatedByTargetResourceFilterCriteria":{ + "type":"structure", + "members":{ + "accountIdFilters":{ + "shape":"AccountIdFilterList", + "documentation":"

The criteria's account ID filters.

" + }, + "checkIdFilters":{ + "shape":"CheckIdFilterList", + "documentation":"

The criteria's check ID filters.

" + }, + "failedChecksFilters":{ + "shape":"CisNumberFilterList", + "documentation":"

The criteria's failed checks filters.

" + }, + "platformFilters":{ + "shape":"PlatformFilterList", + "documentation":"

The criteria's platform filters.

" + }, + "statusFilters":{ + "shape":"CisResultStatusFilterList", + "documentation":"

The criteria's status filter.

" + }, + "targetResourceIdFilters":{ + "shape":"ResourceIdFilterList", + "documentation":"

The criteria's target resource ID filters.

" + }, + "targetResourceTagFilters":{ + "shape":"ResourceTagFilterList", + "documentation":"

The criteria's target resource tag filters.

" + }, + "targetStatusFilters":{ + "shape":"TargetStatusFilterList", + "documentation":"

The criteria's target status filters.

" + }, + "targetStatusReasonFilters":{ + "shape":"TargetStatusReasonFilterList", + "documentation":"

The criteria's target status reason filters.

" + } + }, + "documentation":"

The scan results aggregated by target resource filter criteria.

" + }, + "CisScanResultsAggregatedByTargetResourceSortBy":{ + "type":"string", + "enum":[ + "RESOURCE_ID", + "FAILED_COUNTS", + "ACCOUNT_ID", + "PLATFORM", + "TARGET_STATUS", + "TARGET_STATUS_REASON" + ] + }, + "CisScanResultsMaxResults":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "CisScanStatus":{ + "type":"string", + "enum":[ + "FAILED", + "COMPLETED", + "CANCELLED", + "IN_PROGRESS" + ] + }, + "CisScanStatusComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "CisScanStatusFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisScanStatusComparison", + "documentation":"

The filter comparison value.

" + }, + "value":{ + "shape":"CisScanStatus", + "documentation":"

The filter value.

" + } + }, + "documentation":"

The CIS scan status filter.

" + }, + "CisScanStatusFilterList":{ + "type":"list", + "member":{"shape":"CisScanStatusFilter"}, + "max":10, + "min":1 + }, + "CisScheduledByFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "CisSecurityLevel":{ + "type":"string", + "enum":[ + "LEVEL_1", + "LEVEL_2" + ] + }, + "CisSecurityLevelComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "CisSecurityLevelFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisSecurityLevelComparison", + "documentation":"

The CIS security filter comparison value.

" + }, + "value":{ + "shape":"CisSecurityLevel", + "documentation":"

The CIS security filter value.

" + } + }, + "documentation":"

The CIS security level filter. Security level refers to the Benchmark levels that CIS assigns to a profile.

" + }, + "CisSecurityLevelFilterList":{ + "type":"list", + "member":{"shape":"CisSecurityLevelFilter"}, + "max":10, + "min":1 + }, + "CisSessionMessage":{ + "type":"structure", + "required":[ + "cisRuleDetails", + "ruleId", + "status" + ], + "members":{ + "cisRuleDetails":{ + "shape":"CisRuleDetails", + "documentation":"

The CIS rule details for the CIS session message.

" + }, + "ruleId":{ + "shape":"RuleId", + "documentation":"

The rule ID for the CIS session message.

" + }, + "status":{ + "shape":"CisRuleStatus", + "documentation":"

The status of the CIS session message.

" + } + }, + "documentation":"

The CIS session message.

" + }, + "CisSessionMessages":{ + "type":"list", + "member":{"shape":"CisSessionMessage"}, + "max":50, + "min":1 + }, + "CisSortOrder":{ + "type":"string", + "enum":[ + "ASC", + "DESC" + ] + }, + "CisStringComparison":{ + "type":"string", + "enum":[ + "EQUALS", + "PREFIX", + "NOT_EQUALS" + ] + }, + "CisStringFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisStringComparison", + "documentation":"

The comparison value of the CIS string filter.

" + }, + "value":{ + "shape":"String", + "documentation":"

The value of the CIS string filter.

" + } + }, + "documentation":"

The CIS string filter.

" + }, + "CisTagMap":{ + "type":"map", + "key":{"shape":"MapKey"}, + "value":{"shape":"MapValue"} + }, + "CisTargetResourceAggregation":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "accountId":{ + "shape":"AccountId", + "documentation":"

The account ID for the CIS target resource.

" + }, + "platform":{ + "shape":"String", + "documentation":"

The platform for the CIS target resource.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN for the CIS target resource.

" + }, + "statusCounts":{ + "shape":"StatusCounts", + "documentation":"

The target resource status counts.

" + }, + "targetResourceId":{ + "shape":"ResourceId", + "documentation":"

The ID of the target resource.

" + }, + "targetResourceTags":{ + "shape":"TargetResourceTags", + "documentation":"

The tag for the target resource.

" + }, + "targetStatus":{ + "shape":"CisTargetStatus", + "documentation":"

The status of the target resource.

" + }, + "targetStatusReason":{ + "shape":"CisTargetStatusReason", + "documentation":"

The reason for the target resource.

" + } + }, + "documentation":"

The CIS target resource aggregation.

" + }, + "CisTargetResourceAggregationList":{ + "type":"list", + "member":{"shape":"CisTargetResourceAggregation"}, + "max":1000, + "min":1 + }, + "CisTargetStatus":{ + "type":"string", + "enum":[ + "TIMED_OUT", + "CANCELLED", + "COMPLETED" + ] + }, + "CisTargetStatusComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "CisTargetStatusFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisTargetStatusComparison", + "documentation":"

The comparison value of the CIS target status filter.

" + }, + "value":{ + "shape":"CisTargetStatus", + "documentation":"

The value of the CIS target status filter.

" + } + }, + "documentation":"

The CIS target status filter.

" + }, + "CisTargetStatusReason":{ + "type":"string", + "enum":[ + "SCAN_IN_PROGRESS", + "UNSUPPORTED_OS", + "SSM_UNMANAGED" + ] + }, + "CisTargetStatusReasonFilter":{ + "type":"structure", + "required":[ + "comparison", + "value" + ], + "members":{ + "comparison":{ + "shape":"CisTargetStatusComparison", + "documentation":"

The comparison value of the CIS target status reason filter.

" + }, + "value":{ + "shape":"CisTargetStatusReason", + "documentation":"

The value of the CIS target status reason filter.

" } - } + }, + "documentation":"

The CIS target status reason filter.

" }, - "CancelSbomExportResponse":{ + "CisTargets":{ "type":"structure", "members":{ - "reportId":{ - "shape":"ReportId", - "documentation":"

The report ID of the canceled SBOM export.

" + "accountIds":{ + "shape":"CisAccountIdList", + "documentation":"

The CIS target account ids.

" + }, + "targetResourceTags":{ + "shape":"TargetResourceTags", + "documentation":"

The CIS target resource tags.

" } - } + }, + "documentation":"

The CIS targets.

" }, "CisaAction":{ "type":"string", @@ -1851,6 +2899,24 @@ }, "Component":{"type":"string"}, "ComponentType":{"type":"string"}, + "ComputePlatform":{ + "type":"structure", + "members":{ + "product":{ + "shape":"Product", + "documentation":"

The compute platform product.

" + }, + "vendor":{ + "shape":"Vendor", + "documentation":"

The compute platform vendor.

" + }, + "version":{ + "shape":"PlatformVersion", + "documentation":"

The compute platform version.

" + } + }, + "documentation":"

A compute platform.

" + }, "ConflictException":{ "type":"structure", "required":[ @@ -1957,7 +3023,7 @@ }, "resourceType":{ "shape":"CoverageStringFilterList", - "documentation":"

An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION or AWS_ECR_REPOSITORY.

" + "documentation":"

An array of Amazon Web Services resource types to return coverage statistics for. The values can be AWS_EC2_INSTANCE, AWS_LAMBDA_FUNCTION, AWS_ECR_CONTAINER_IMAGE, AWS_ECR_REPOSITORY or AWS_ACCOUNT.

" }, "scanStatusCode":{ "shape":"CoverageStringFilterList", @@ -2095,6 +3161,64 @@ "type":"list", "member":{"shape":"CoveredResource"} }, + "CreateCisScanConfigurationRequest":{ + "type":"structure", + "required":[ + "scanName", + "schedule", + "securityLevel", + "targets" + ], + "members":{ + "scanName":{ + "shape":"CisScanName", + "documentation":"

The scan name for the CIS scan configuration.

" + }, + "schedule":{ + "shape":"Schedule", + "documentation":"

The schedule for the CIS scan configuration.

" + }, + "securityLevel":{ + "shape":"CisSecurityLevel", + "documentation":"

The security level for the CIS scan configuration. Security level refers to the Benchmark levels that CIS assigns to a profile.

" + }, + "tags":{ + "shape":"CisTagMap", + "documentation":"

The tags for the CIS scan configuration.

" + }, + "targets":{ + "shape":"CreateCisTargets", + "documentation":"

The targets for the CIS scan configuration.

" + } + } + }, + "CreateCisScanConfigurationResponse":{ + "type":"structure", + "members":{ + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The scan configuration ARN for the CIS scan configuration.

" + } + } + }, + "CreateCisTargets":{ + "type":"structure", + "required":[ + "accountIds", + "targetResourceTags" + ], + "members":{ + "accountIds":{ + "shape":"TargetAccountList", + "documentation":"

The CIS target account ids.

" + }, + "targetResourceTags":{ + "shape":"TargetResourceTags", + "documentation":"

The CIS target resource tags.

" + } + }, + "documentation":"

Creates CIS targets.

" + }, "CreateFilterRequest":{ "type":"structure", "required":[ @@ -2343,6 +3467,17 @@ "member":{"shape":"Cwe"}, "min":0 }, + "DailySchedule":{ + "type":"structure", + "required":["startTime"], + "members":{ + "startTime":{ + "shape":"Time", + "documentation":"

The schedule start time.

" + } + }, + "documentation":"

A daily schedule.

" + }, "DateFilter":{ "type":"structure", "members":{ @@ -2364,6 +3499,24 @@ "min":1 }, "DateTimeTimestamp":{"type":"timestamp"}, + "Day":{ + "type":"string", + "enum":[ + "SUN", + "MON", + "TUE", + "WED", + "THU", + "FRI", + "SAT" + ] + }, + "DaysList":{ + "type":"list", + "member":{"shape":"Day"}, + "max":7, + "min":1 + }, "DelegatedAdmin":{ "type":"structure", "members":{ @@ -2405,6 +3558,26 @@ "DISABLE_IN_PROGRESS" ] }, + "DeleteCisScanConfigurationRequest":{ + "type":"structure", + "required":["scanConfigurationArn"], + "members":{ + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The ARN of the CIS scan configuration.

" + } + } + }, + "DeleteCisScanConfigurationResponse":{ + "type":"structure", + "required":["scanConfigurationArn"], + "members":{ + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The ARN of the CIS scan configuration.

" + } + } + }, "DeleteFilterRequest":{ "type":"structure", "required":["arn"], @@ -3658,6 +4831,94 @@ "type":"string", "pattern":"^[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$" }, + "GetCisScanReportRequest":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN.

" + }, + "targetAccounts":{ + "shape":"ReportTargetAccounts", + "documentation":"

The target accounts.

" + } + } + }, + "GetCisScanReportResponse":{ + "type":"structure", + "members":{ + "status":{ + "shape":"CisReportStatus", + "documentation":"

The status.

" + }, + "url":{ + "shape":"String", + "documentation":"

The URL where the CIS scan report PDF can be downloaded.

" + } + } + }, + "GetCisScanResultDetailsMaxResults":{ + "type":"integer", + "box":true, + "max":1000, + "min":1 + }, + "GetCisScanResultDetailsRequest":{ + "type":"structure", + "required":[ + "accountId", + "scanArn", + "targetResourceId" + ], + "members":{ + "accountId":{ + "shape":"AccountId", + "documentation":"

The account ID.

" + }, + "filterCriteria":{ + "shape":"CisScanResultDetailsFilterCriteria", + "documentation":"

The filter criteria.

" + }, + "maxResults":{ + "shape":"GetCisScanResultDetailsMaxResults", + "documentation":"

The maximum number of CIS scan result details to be returned in a single page of results.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN.

" + }, + "sortBy":{ + "shape":"CisScanResultDetailsSortBy", + "documentation":"

The sort by order.

" + }, + "sortOrder":{ + "shape":"CisSortOrder", + "documentation":"

The sort order.

" + }, + "targetResourceId":{ + "shape":"ResourceId", + "documentation":"

The target resource ID.

" + } + } + }, + "GetCisScanResultDetailsResponse":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scanResultDetails":{ + "shape":"CisScanResultDetailsList", + "documentation":"

The scan result details.

" + } + } + }, "GetConfigurationRequest":{ "type":"structure", "members":{ @@ -4208,6 +5469,264 @@ } } }, + "ListCisScanConfigurationsFilterCriteria":{ + "type":"structure", + "members":{ + "scanConfigurationArnFilters":{ + "shape":"CisScanConfigurationArnFilterList", + "documentation":"

The list of scan configuration ARN filters.

" + }, + "scanNameFilters":{ + "shape":"CisScanNameFilterList", + "documentation":"

The list of scan name filters.

" + }, + "targetResourceTagFilters":{ + "shape":"ResourceTagFilterList", + "documentation":"

The list of target resource tag filters.

" + } + }, + "documentation":"

A list of CIS scan configurations filter criteria.

" + }, + "ListCisScanConfigurationsMaxResults":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListCisScanConfigurationsRequest":{ + "type":"structure", + "members":{ + "filterCriteria":{ + "shape":"ListCisScanConfigurationsFilterCriteria", + "documentation":"

The CIS scan configuration filter criteria.

" + }, + "maxResults":{ + "shape":"ListCisScanConfigurationsMaxResults", + "documentation":"

The maximum number of CIS scan configurations to be returned in a single page of results.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "sortBy":{ + "shape":"CisScanConfigurationsSortBy", + "documentation":"

The CIS scan configuration sort by order.

" + }, + "sortOrder":{ + "shape":"CisSortOrder", + "documentation":"

The CIS scan configuration sort order order.

" + } + } + }, + "ListCisScanConfigurationsResponse":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scanConfigurations":{ + "shape":"CisScanConfigurationList", + "documentation":"

The CIS scan configuration scan configurations.

" + } + } + }, + "ListCisScanResultsAggregatedByChecksRequest":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "filterCriteria":{ + "shape":"CisScanResultsAggregatedByChecksFilterCriteria", + "documentation":"

The filter criteria.

" + }, + "maxResults":{ + "shape":"CisScanResultsMaxResults", + "documentation":"

The maximum number of scan results aggregated by checks to be returned in a single page of results.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN.

" + }, + "sortBy":{ + "shape":"CisScanResultsAggregatedByChecksSortBy", + "documentation":"

The sort by order.

" + }, + "sortOrder":{ + "shape":"CisSortOrder", + "documentation":"

The sort order.

" + } + } + }, + "ListCisScanResultsAggregatedByChecksResponse":{ + "type":"structure", + "members":{ + "checkAggregations":{ + "shape":"CisCheckAggregationList", + "documentation":"

The check aggregations.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + } + } + }, + "ListCisScanResultsAggregatedByTargetResourceRequest":{ + "type":"structure", + "required":["scanArn"], + "members":{ + "filterCriteria":{ + "shape":"CisScanResultsAggregatedByTargetResourceFilterCriteria", + "documentation":"

The filter criteria.

" + }, + "maxResults":{ + "shape":"CisScanResultsMaxResults", + "documentation":"

The maximum number of scan results aggregated by a target resource to be returned in a single page of results.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scanArn":{ + "shape":"CisScanArn", + "documentation":"

The scan ARN.

" + }, + "sortBy":{ + "shape":"CisScanResultsAggregatedByTargetResourceSortBy", + "documentation":"

The sort by order.

" + }, + "sortOrder":{ + "shape":"CisSortOrder", + "documentation":"

The sort order.

" + } + } + }, + "ListCisScanResultsAggregatedByTargetResourceResponse":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "targetResourceAggregations":{ + "shape":"CisTargetResourceAggregationList", + "documentation":"

The resource aggregations.

" + } + } + }, + "ListCisScansDetailLevel":{ + "type":"string", + "enum":[ + "ORGANIZATION", + "MEMBER" + ] + }, + "ListCisScansFilterCriteria":{ + "type":"structure", + "members":{ + "failedChecksFilters":{ + "shape":"CisNumberFilterList", + "documentation":"

The list of failed checks filters.

" + }, + "scanArnFilters":{ + "shape":"CisScanArnFilterList", + "documentation":"

The list of scan ARN filters.

" + }, + "scanAtFilters":{ + "shape":"CisScanDateFilterList", + "documentation":"

The list of scan at filters.

" + }, + "scanConfigurationArnFilters":{ + "shape":"CisScanConfigurationArnFilterList", + "documentation":"

The list of scan configuration ARN filters.

" + }, + "scanNameFilters":{ + "shape":"CisScanNameFilterList", + "documentation":"

The list of scan name filters.

" + }, + "scanStatusFilters":{ + "shape":"CisScanStatusFilterList", + "documentation":"

The list of scan status filters.

" + }, + "scheduledByFilters":{ + "shape":"CisScheduledByFilterList", + "documentation":"

The list of scheduled by filters.

" + }, + "targetAccountIdFilters":{ + "shape":"AccountIdFilterList", + "documentation":"

The list of target account ID filters.

" + }, + "targetResourceIdFilters":{ + "shape":"ResourceIdFilterList", + "documentation":"

The list of target resource ID filters.

" + }, + "targetResourceTagFilters":{ + "shape":"ResourceTagFilterList", + "documentation":"

The list of target resource tag filters.

" + } + }, + "documentation":"

A list of CIS scans filter criteria.

" + }, + "ListCisScansMaxResults":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListCisScansRequest":{ + "type":"structure", + "members":{ + "detailLevel":{ + "shape":"ListCisScansDetailLevel", + "documentation":"

The detail applied to the CIS scan.

" + }, + "filterCriteria":{ + "shape":"ListCisScansFilterCriteria", + "documentation":"

The CIS scan filter criteria.

" + }, + "maxResults":{ + "shape":"ListCisScansMaxResults", + "documentation":"

The maximum number of results to be returned.

" + }, + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "sortBy":{ + "shape":"ListCisScansSortBy", + "documentation":"

The CIS scans sort by order.

" + }, + "sortOrder":{ + "shape":"CisSortOrder", + "documentation":"

The CIS scans sort order.

" + } + } + }, + "ListCisScansResponse":{ + "type":"structure", + "members":{ + "nextToken":{ + "shape":"NextToken", + "documentation":"

The pagination token from a previous request that's used to retrieve the next page of results.

" + }, + "scans":{ + "shape":"CisScanList", + "documentation":"

The CIS scans.

" + } + } + }, + "ListCisScansSortBy":{ + "type":"string", + "enum":[ + "STATUS", + "SCHEDULED_BY", + "SCAN_START_DATE", + "FAILED_CHECKS" + ] + }, "ListCoverageMaxResults":{ "type":"integer", "box":true, @@ -4670,6 +6189,24 @@ "type":"double", "min":0 }, + "MonthlySchedule":{ + "type":"structure", + "required":[ + "day", + "startTime" + ], + "members":{ + "day":{ + "shape":"Day", + "documentation":"

The monthly schedule's day.

" + }, + "startTime":{ + "shape":"Time", + "documentation":"

The monthly schedule's start time.

" + } + }, + "documentation":"

A monthly schedule.

" + }, "NetworkPath":{ "type":"structure", "members":{ @@ -4743,6 +6280,18 @@ "max":10, "min":1 }, + "OneAccountIdFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":1, + "min":1 + }, + "OneTimeSchedule":{ + "type":"structure", + "members":{ + }, + "documentation":"

A one time schedule.

" + }, "Operation":{ "type":"string", "enum":[ @@ -4981,6 +6530,17 @@ "max":1024, "min":1 }, + "PlatformFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, + "PlatformVersion":{ + "type":"string", + "max":8, + "min":0 + }, "Port":{ "type":"integer", "box":true, @@ -5025,6 +6585,16 @@ "max":10, "min":1 }, + "Product":{ + "type":"string", + "max":32, + "min":0 + }, + "Reason":{ + "type":"string", + "max":1024, + "min":0 + }, "Recommendation":{ "type":"structure", "members":{ @@ -5093,6 +6663,12 @@ "type":"string", "pattern":"\\b[a-f0-9]{8}\\b-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-\\b[a-f0-9]{12}\\b" }, + "ReportTargetAccounts":{ + "type":"list", + "member":{"shape":"AccountId"}, + "max":1, + "min":0 + }, "ReportingErrorCode":{ "type":"string", "enum":[ @@ -5272,6 +6848,12 @@ "min":10, "pattern":"(^arn:.*:ecr:.*:\\d{12}:repository\\/(?:[a-z0-9]+(?:[._-][a-z0-9]+)*\\/)*[a-z0-9]+(?:[._-][a-z0-9]+)*(\\/sha256:[a-z0-9]{64})?$)|(^i-([a-z0-9]{8}|[a-z0-9]{17}|\\\\*)$|(^arn:(aws[a-zA-Z-]*)?:lambda:[a-z]{2}(-gov)?-[a-z]+-\\d{1}:\\d{12}:function:[a-zA-Z0-9-_\\.]+(:(\\$LATEST|[a-zA-Z0-9-_]+))?$))" }, + "ResourceIdFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, "ResourceList":{ "type":"list", "member":{"shape":"Resource"}, @@ -5436,6 +7018,12 @@ "max":1024, "min":1 }, + "ResourceTagFilterList":{ + "type":"list", + "member":{"shape":"TagFilter"}, + "max":10, + "min":1 + }, "ResourceType":{ "type":"string", "enum":[ @@ -5449,6 +7037,11 @@ "type":"integer", "box":true }, + "RuleId":{ + "type":"string", + "max":500, + "min":1 + }, "Runtime":{ "type":"string", "enum":[ @@ -5538,6 +7131,29 @@ "CODE" ] }, + "Schedule":{ + "type":"structure", + "members":{ + "daily":{ + "shape":"DailySchedule", + "documentation":"

The schedule's daily.

" + }, + "monthly":{ + "shape":"MonthlySchedule", + "documentation":"

The schedule's monthly.

" + }, + "oneTime":{ + "shape":"OneTimeSchedule", + "documentation":"

The schedule's one time.

" + }, + "weekly":{ + "shape":"WeeklySchedule", + "documentation":"

The schedule's weekly.

" + } + }, + "documentation":"

A schedule.

", + "union":true + }, "SearchVulnerabilitiesFilterCriteria":{ "type":"structure", "required":["vulnerabilityIds"], @@ -5587,6 +7203,55 @@ "max":5, "min":0 }, + "SendCisSessionHealthRequest":{ + "type":"structure", + "required":[ + "scanJobId", + "sessionToken" + ], + "members":{ + "scanJobId":{ + "shape":"UUID", + "documentation":"

A unique identifier for the scan job.

" + }, + "sessionToken":{ + "shape":"UUID", + "documentation":"

The unique token that identifies the CIS session.

" + } + } + }, + "SendCisSessionHealthResponse":{ + "type":"structure", + "members":{ + } + }, + "SendCisSessionTelemetryRequest":{ + "type":"structure", + "required":[ + "messages", + "scanJobId", + "sessionToken" + ], + "members":{ + "messages":{ + "shape":"CisSessionMessages", + "documentation":"

The CIS session telemetry messages.

" + }, + "scanJobId":{ + "shape":"UUID", + "documentation":"

A unique identifier for the scan job.

" + }, + "sessionToken":{ + "shape":"UUID", + "documentation":"

The unique token that identifies the CIS session.

" + } + } + }, + "SendCisSessionTelemetryResponse":{ + "type":"structure", + "members":{ + } + }, "Service":{ "type":"string", "enum":[ @@ -5701,6 +7366,39 @@ "min":71, "pattern":"^sha256:[a-z0-9]{64}$" }, + "StartCisSessionMessage":{ + "type":"structure", + "required":["sessionToken"], + "members":{ + "sessionToken":{ + "shape":"UUID", + "documentation":"

The unique token that identifies the CIS session.

" + } + }, + "documentation":"

The start CIS session message.

" + }, + "StartCisSessionRequest":{ + "type":"structure", + "required":[ + "message", + "scanJobId" + ], + "members":{ + "message":{ + "shape":"StartCisSessionMessage", + "documentation":"

The start CIS session message.

" + }, + "scanJobId":{ + "shape":"UUID", + "documentation":"

A unique identifier for the scan job.

" + } + } + }, + "StartCisSessionResponse":{ + "type":"structure", + "members":{ + } + }, "State":{ "type":"structure", "required":[ @@ -5735,6 +7433,24 @@ "SUSPENDED" ] }, + "StatusCounts":{ + "type":"structure", + "members":{ + "failed":{ + "shape":"Integer", + "documentation":"

The number of checks that failed.

" + }, + "passed":{ + "shape":"Integer", + "documentation":"

The number of checks that passed.

" + }, + "skipped":{ + "shape":"Integer", + "documentation":"

The number of checks that were skipped.

" + } + }, + "documentation":"

The status counts.

" + }, "Step":{ "type":"structure", "required":[ @@ -5759,6 +7475,114 @@ "max":30, "min":1 }, + "StopCisMessageProgress":{ + "type":"structure", + "members":{ + "errorChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' error checks.

" + }, + "failedChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' failed checks.

" + }, + "informationalChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' informational checks.

" + }, + "notApplicableChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' not applicable checks.

" + }, + "notEvaluatedChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' not evaluated checks.

" + }, + "successfulChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' successful checks.

" + }, + "totalChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' total checks.

" + }, + "unknownChecks":{ + "shape":"CheckCount", + "documentation":"

The progress' unknown checks.

" + } + }, + "documentation":"

The stop CIS message progress.

" + }, + "StopCisSessionMessage":{ + "type":"structure", + "required":[ + "progress", + "status" + ], + "members":{ + "benchmarkProfile":{ + "shape":"BenchmarkProfile", + "documentation":"

The message benchmark profile.

" + }, + "benchmarkVersion":{ + "shape":"BenchmarkVersion", + "documentation":"

The message benchmark version.

" + }, + "computePlatform":{ + "shape":"ComputePlatform", + "documentation":"

The message compute platform.

" + }, + "progress":{ + "shape":"StopCisMessageProgress", + "documentation":"

The progress of the message.

" + }, + "reason":{ + "shape":"Reason", + "documentation":"

The reason for the message.

" + }, + "status":{ + "shape":"StopCisSessionStatus", + "documentation":"

The status of the message.

" + } + }, + "documentation":"

The stop CIS session message.

" + }, + "StopCisSessionRequest":{ + "type":"structure", + "required":[ + "message", + "scanJobId", + "sessionToken" + ], + "members":{ + "message":{ + "shape":"StopCisSessionMessage", + "documentation":"

The stop CIS session message.

" + }, + "scanJobId":{ + "shape":"UUID", + "documentation":"

A unique identifier for the scan job.

" + }, + "sessionToken":{ + "shape":"UUID", + "documentation":"

The unique token that identifies the CIS session.

" + } + } + }, + "StopCisSessionResponse":{ + "type":"structure", + "members":{ + } + }, + "StopCisSessionStatus":{ + "type":"string", + "enum":[ + "SUCCESS", + "FAILED", + "INTERRUPTED", + "UNSUPPORTED_OS" + ] + }, "String":{"type":"string"}, "StringComparison":{ "type":"string", @@ -5841,6 +7665,33 @@ "max":5, "min":1 }, + "TagComparison":{ + "type":"string", + "enum":["EQUALS"] + }, + "TagFilter":{ + "type":"structure", + "required":[ + "comparison", + "key", + "value" + ], + "members":{ + "comparison":{ + "shape":"TagComparison", + "documentation":"

The tag filter comparison value.

" + }, + "key":{ + "shape":"NonEmptyString", + "documentation":"

The tag filter key.

" + }, + "value":{ + "shape":"NonEmptyString", + "documentation":"

The tag filter value.

" + } + }, + "documentation":"

The tag filter.

" + }, "TagKey":{ "type":"string", "max":128, @@ -5886,11 +7737,46 @@ "members":{ } }, + "TagValueList":{ + "type":"list", + "member":{"shape":"String"}, + "max":5, + "min":1 + }, "Target":{ "type":"string", "max":50, "min":0 }, + "TargetAccount":{ + "type":"string", + "pattern":"^\\d{12}|ALL_ACCOUNTS|SELF$" + }, + "TargetAccountList":{ + "type":"list", + "member":{"shape":"TargetAccount"}, + "max":10000, + "min":1 + }, + "TargetResourceTags":{ + "type":"map", + "key":{"shape":"NonEmptyString"}, + "value":{"shape":"TagValueList"}, + "max":5, + "min":1 + }, + "TargetStatusFilterList":{ + "type":"list", + "member":{"shape":"CisTargetStatusFilter"}, + "max":10, + "min":1 + }, + "TargetStatusReasonFilterList":{ + "type":"list", + "member":{"shape":"CisTargetStatusReasonFilter"}, + "max":10, + "min":1 + }, "Targets":{ "type":"list", "member":{"shape":"Target"}, @@ -5916,7 +7802,34 @@ "exception":true, "retryable":{"throttling":true} }, + "Time":{ + "type":"structure", + "required":[ + "timeOfDay", + "timezone" + ], + "members":{ + "timeOfDay":{ + "shape":"TimeOfDay", + "documentation":"

The time of day in 24-hour format (00:00).

" + }, + "timezone":{ + "shape":"Timezone", + "documentation":"

The timezone.

" + } + }, + "documentation":"

The time.

" + }, + "TimeOfDay":{ + "type":"string", + "pattern":"^([0-1]?[0-9]|2[0-3]):[0-5][0-9]$" + }, "Timestamp":{"type":"timestamp"}, + "Timezone":{ + "type":"string", + "max":50, + "min":1 + }, "TitleAggregation":{ "type":"structure", "members":{ @@ -5970,6 +7883,12 @@ }, "documentation":"

A response that contains details on the results of a finding aggregation by title.

" }, + "TitleFilterList":{ + "type":"list", + "member":{"shape":"CisStringFilter"}, + "max":10, + "min":1 + }, "TitleSortBy":{ "type":"string", "enum":[ @@ -5996,6 +7915,10 @@ "member":{"shape":"Ttp"}, "min":0 }, + "UUID":{ + "type":"string", + "pattern":"^[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}$" + }, "UntagResourceRequest":{ "type":"structure", "required":[ @@ -6022,6 +7945,56 @@ "members":{ } }, + "UpdateCisScanConfigurationRequest":{ + "type":"structure", + "required":["scanConfigurationArn"], + "members":{ + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The CIS scan configuration ARN.

" + }, + "scanName":{ + "shape":"CisScanName", + "documentation":"

The scan name for the CIS scan configuration.

" + }, + "schedule":{ + "shape":"Schedule", + "documentation":"

The schedule for the CIS scan configuration.

" + }, + "securityLevel":{ + "shape":"CisSecurityLevel", + "documentation":"

The security level for the CIS scan configuration. Security level refers to the Benchmark levels that CIS assigns to a profile.

" + }, + "targets":{ + "shape":"UpdateCisTargets", + "documentation":"

The targets for the CIS scan configuration.

" + } + } + }, + "UpdateCisScanConfigurationResponse":{ + "type":"structure", + "required":["scanConfigurationArn"], + "members":{ + "scanConfigurationArn":{ + "shape":"CisScanConfigurationArn", + "documentation":"

The CIS scan configuration ARN.

" + } + } + }, + "UpdateCisTargets":{ + "type":"structure", + "members":{ + "accountIds":{ + "shape":"TargetAccountList", + "documentation":"

The target account ids.

" + }, + "targetResourceTags":{ + "shape":"TargetResourceTags", + "documentation":"

The target resource tags.

" + } + }, + "documentation":"

Updates CIS targets.

" + }, "UpdateConfigurationRequest":{ "type":"structure", "required":["ecrConfiguration"], @@ -6295,6 +8268,11 @@ "OTHER" ] }, + "Vendor":{ + "type":"string", + "max":16, + "min":0 + }, "VendorCreatedAt":{"type":"timestamp"}, "VendorSeverity":{ "type":"string", @@ -6491,6 +8469,24 @@ "type":"string", "max":1024, "min":1 + }, + "WeeklySchedule":{ + "type":"structure", + "required":[ + "days", + "startTime" + ], + "members":{ + "days":{ + "shape":"DaysList", + "documentation":"

The weekly schedule's days.

" + }, + "startTime":{ + "shape":"Time", + "documentation":"

The weekly schedule's start time.

" + } + }, + "documentation":"

A weekly schedule.

" } }, "documentation":"

Amazon Inspector is a vulnerability discovery service that automates continuous scanning for security vulnerabilities within your Amazon EC2, Amazon ECR, and Amazon Web Services Lambda environments.

" From 35c8d7bf8594da5a15abcd2fc14515ef8fde4c82 Mon Sep 17 00:00:00 2001 From: aws-sdk-python-automation Date: Tue, 23 Jan 2024 20:36:55 +0000 Subject: [PATCH 2/2] Bumping version to 1.34.26 --- .changes/1.34.26.json | 7 +++++++ .changes/next-release/api-change-inspector2-72240.json | 5 ----- CHANGELOG.rst | 6 ++++++ botocore/__init__.py | 2 +- docs/source/conf.py | 2 +- 5 files changed, 15 insertions(+), 7 deletions(-) create mode 100644 .changes/1.34.26.json delete mode 100644 .changes/next-release/api-change-inspector2-72240.json diff --git a/.changes/1.34.26.json b/.changes/1.34.26.json new file mode 100644 index 0000000000..61f95c5f29 --- /dev/null +++ b/.changes/1.34.26.json @@ -0,0 +1,7 @@ +[ + { + "category": "``inspector2``", + "description": "This release adds support for CIS scans on EC2 instances.", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/next-release/api-change-inspector2-72240.json b/.changes/next-release/api-change-inspector2-72240.json deleted file mode 100644 index 1b929834c6..0000000000 --- a/.changes/next-release/api-change-inspector2-72240.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``inspector2``", - "description": "This release adds support for CIS scans on EC2 instances." -} diff --git a/CHANGELOG.rst b/CHANGELOG.rst index a59067d29a..c9299bf769 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,6 +2,12 @@ CHANGELOG ========= +1.34.26 +======= + +* api-change:``inspector2``: This release adds support for CIS scans on EC2 instances. + + 1.34.25 ======= diff --git a/botocore/__init__.py b/botocore/__init__.py index f3c661f951..28cad4e0e2 100644 --- a/botocore/__init__.py +++ b/botocore/__init__.py @@ -16,7 +16,7 @@ import os import re -__version__ = '1.34.25' +__version__ = '1.34.26' class NullHandler(logging.Handler): diff --git a/docs/source/conf.py b/docs/source/conf.py index b62bcbbfe7..95d4374c8b 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -59,7 +59,7 @@ # The short X.Y version. version = '1.34.' # The full version, including alpha/beta/rc tags. -release = '1.34.25' +release = '1.34.26' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages.