Class: Aws::SecurityHub::Types::BatchUpdateFindingsRequest

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb

Overview

Note:

When making an API call, you may pass BatchUpdateFindingsRequest data as a hash:

{
  finding_identifiers: [ # required
    {
      id: "NonEmptyString", # required
      product_arn: "NonEmptyString", # required
    },
  ],
  note: {
    text: "NonEmptyString", # required
    updated_by: "NonEmptyString", # required
  },
  severity: {
    normalized: 1,
    product: 1.0,
    label: "INFORMATIONAL", # accepts INFORMATIONAL, LOW, MEDIUM, HIGH, CRITICAL
  },
  verification_state: "UNKNOWN", # accepts UNKNOWN, TRUE_POSITIVE, FALSE_POSITIVE, BENIGN_POSITIVE
  confidence: 1,
  criticality: 1,
  types: ["NonEmptyString"],
  user_defined_fields: {
    "NonEmptyString" => "NonEmptyString",
  },
  workflow: {
    status: "NEW", # accepts NEW, NOTIFIED, RESOLVED, SUPPRESSED
  },
  related_findings: [
    {
      product_arn: "NonEmptyString", # required
      id: "NonEmptyString", # required
    },
  ],
}

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#confidenceInteger

The updated value for the finding confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify.

Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

Returns:

  • (Integer)


5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#criticalityInteger

The updated value for the level of importance assigned to the resources associated with the findings.

A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Returns:

  • (Integer)


5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#finding_identifiersArray<Types::AwsSecurityFindingIdentifier>

The list of findings to update. BatchUpdateFindings can be used to update up to 100 findings at a time.

For each finding, the list provides the finding identifier and the ARN of the finding provider.



5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#noteTypes::NoteUpdate

The updated note.

Returns:



5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

A list of findings that are related to the updated findings.

Returns:



5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#severityTypes::SeverityUpdate

Used to update the finding severity.



5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#typesArray<String>

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are as follows.

  • Software and Configuration Checks

  • TTPs

  • Effects

  • Unusual Behaviors

  • Sensitive Data Identifications

Returns:

  • (Array<String>)


5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#user_defined_fieldsHash<String,String>

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

Returns:

  • (Hash<String,String>)


5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#verification_stateString

Indicates the veracity of a finding.

The available values for VerificationState are as follows.

  • UNKNOWN – The default disposition of a security finding

  • TRUE_POSITIVE – The security finding is confirmed

  • FALSE_POSITIVE – The security finding was determined to be a false alarm

  • BENIGN_POSITIVE – A special case of TRUE_POSITIVE where the finding doesn't pose any threat, is expected, or both

Returns:

  • (String)


5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end

#workflowTypes::WorkflowUpdate

Used to update the workflow status of a finding.

The workflow status indicates the progress of the investigation into the finding.



5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/types.rb', line 5787

class BatchUpdateFindingsRequest < Struct.new(
  :finding_identifiers,
  :note,
  :severity,
  :verification_state,
  :confidence,
  :criticality,
  :types,
  :user_defined_fields,
  :workflow,
  :related_findings)
  SENSITIVE = []
  include Aws::Structure
end