Merge branch 'release-1.31.30' into develop

* release-1.31.30: Bumping version to 1.31.30 Update to latest partitions and endpoints Update to latest models
boto · Aug 18, 2023 · 1657c69 · 1657c69
2 parents 639134f + 3fea93a
commit 1657c69
Show file tree

Hide file tree

Showing 10 changed files with 828 additions and 1,494 deletions.
diff --git a/.changes/1.31.30.json b/.changes/1.31.30.json
@@ -0,0 +1,12 @@
+[
+  {
+    "category": "``codecommit``",
+    "description": "Add new ListFileCommitHistory operation to retrieve commits which introduced changes to a specific file.",
+    "type": "api-change"
+  },
+  {
+    "category": "``securityhub``",
+    "description": "Added Inspector Lambda code Vulnerability section to ASFF, including GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.",
+    "type": "api-change"
+  }
+]
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
@@ -2,6 +2,13 @@
 CHANGELOG
 =========
 
+1.31.30
+=======
+
+* api-change:``codecommit``: Add new ListFileCommitHistory operation to retrieve commits which introduced changes to a specific file.
+* api-change:``securityhub``: Added Inspector Lambda code Vulnerability section to ASFF, including GeneratorDetails, EpssScore, ExploitAvailable, and CodeVulnerabilities.
+
+
 1.31.29
 =======
 

diff --git a/botocore/__init__.py b/botocore/__init__.py
@@ -16,7 +16,7 @@
 import os
 import re
 
-__version__ = '1.31.29'
+__version__ = '1.31.30'
 
 
 class NullHandler(logging.Handler):

diff --git a/botocore/data/codecommit/2015-04-13/endpoint-rule-set-1.json b/botocore/data/codecommit/2015-04-13/endpoint-rule-set-1.json
diff --git a/botocore/data/codecommit/2015-04-13/service-2.json b/botocore/data/codecommit/2015-04-13/service-2.json
diff --git a/botocore/data/endpoints.json b/botocore/data/endpoints.json
@@ -23178,13 +23178,13 @@
           },
           "us-gov-east-1" : {
             "variants" : [ {
-              "hostname" : "servicediscovery-fips.us-gov-east-1.amazonaws.com",
-              "tags" : [ "dualstack", "fips" ]
-            }, {
               "hostname" : "servicediscovery-fips.us-gov-east-1.amazonaws.com",
               "tags" : [ "fips" ]
             }, {
-              "hostname" : "servicediscovery.us-gov-east-1.amazonaws.com",
+              "hostname" : "servicediscovery-fips.us-gov-east-1.api.aws",
+              "tags" : [ "dualstack", "fips" ]
+            }, {
+              "hostname" : "servicediscovery.us-gov-east-1.api.aws",
               "tags" : [ "dualstack" ]
             } ]
           },
@@ -23197,13 +23197,13 @@
           },
           "us-gov-west-1" : {
             "variants" : [ {
-              "hostname" : "servicediscovery-fips.us-gov-west-1.amazonaws.com",
-              "tags" : [ "dualstack", "fips" ]
-            }, {
               "hostname" : "servicediscovery-fips.us-gov-west-1.amazonaws.com",
               "tags" : [ "fips" ]
             }, {
-              "hostname" : "servicediscovery.us-gov-west-1.amazonaws.com",
+              "hostname" : "servicediscovery-fips.us-gov-west-1.api.aws",
+              "tags" : [ "dualstack", "fips" ]
+            }, {
+              "hostname" : "servicediscovery.us-gov-west-1.api.aws",
               "tags" : [ "dualstack" ]
             } ]
           },
@@ -24857,6 +24857,11 @@
           "us-isob-east-1" : { }
         }
       },
+      "outposts" : {
+        "endpoints" : {
+          "us-isob-east-1" : { }
+        }
+      },
       "ram" : {
         "endpoints" : {
           "us-isob-east-1" : { }

diff --git a/botocore/data/securityhub/2018-10-26/endpoint-rule-set-1.json b/botocore/data/securityhub/2018-10-26/endpoint-rule-set-1.json
diff --git a/botocore/data/securityhub/2018-10-26/service-2.json b/botocore/data/securityhub/2018-10-26/service-2.json
@@ -396,7 +396,7 @@
         {"shape":"LimitExceededException"},
         {"shape":"ResourceNotFoundException"}
       ],
-      "documentation":"<p>Deletes the specified member accounts from Security Hub.</p> <p>Can be used to delete member accounts that belong to an organization as well as member accounts that were invited manually.</p>"
+      "documentation":"<p>Deletes the specified member accounts from Security Hub.</p> <p>You can invoke this API only to delete accounts that became members through invitation. You can't invoke this API to delete accounts that belong to an Organizations organization.</p>"
     },
     "DescribeActionTargets":{
       "name":"DescribeActionTargets",
@@ -541,7 +541,7 @@
         {"shape":"InvalidAccessException"},
         {"shape":"ResourceNotFoundException"}
       ],
-      "documentation":"<p>Disables Security Hub in your account only in the current Region. To disable Security Hub in all Regions, you must submit one request per Region where you have enabled Security Hub.</p> <p>When you disable Security Hub for an administrator account, it doesn't disable Security Hub for any associated member accounts.</p> <p>When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your administrator and member account associations are removed.</p> <p>If you want to save your existing findings, you must export them before you disable Security Hub.</p>"
+      "documentation":"<p>Disables Security Hub in your account only in the current Amazon Web Services Region. To disable Security Hub in all Regions, you must submit one request per Region where you have enabled Security Hub.</p> <p>You can't disable Security Hub in an account that is currently the Security Hub administrator.</p> <p>When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your administrator and member account associations are removed.</p> <p>If you want to save your existing findings, you must export them before you disable Security Hub.</p>"
     },
     "DisassociateFromAdministratorAccount":{
       "name":"DisassociateFromAdministratorAccount",
@@ -12768,6 +12768,10 @@
         "Sample":{
           "shape":"Boolean",
           "documentation":"<p>Indicates whether the finding is a sample finding.</p>"
+        },
+        "GeneratorDetails":{
+          "shape":"GeneratorDetails",
+          "documentation":"<p>Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings. </p>"
         }
       },
       "documentation":"<p>Provides a consistent format for Security Hub findings. <code>AwsSecurityFinding</code> format allows you to share findings between Amazon Web Services security services and third-party solutions.</p> <note> <p>A finding is a potential security issue generated either by Amazon Web Services services or by the integrated third-party solutions and standards checks.</p> </note>"
@@ -14629,6 +14633,28 @@
       },
       "documentation":"<p>Provides details about the current status of the sensitive data detection.</p>"
     },
+    "CodeVulnerabilitiesFilePath":{
+      "type":"structure",
+      "members":{
+        "EndLine":{
+          "shape":"Integer",
+          "documentation":"<p> The line number of the last line of code in which the vulnerability is located. </p>"
+        },
+        "FileName":{
+          "shape":"NonEmptyString",
+          "documentation":"<p> The name of the file in which the code vulnerability is located. </p>"
+        },
+        "FilePath":{
+          "shape":"NonEmptyString",
+          "documentation":"<p> The file path to the code in which the vulnerability is located. </p>"
+        },
+        "StartLine":{
+          "shape":"Integer",
+          "documentation":"<p> The line number of the first line of code in which the vulnerability is located. </p>"
+        }
+      },
+      "documentation":"<p> Provides details about where a code vulnerability is located in your Lambda function. </p>"
+    },
     "Compliance":{
       "type":"structure",
       "members":{
@@ -15720,6 +15746,24 @@
       "type":"list",
       "member":{"shape":"FirewallPolicyStatelessRuleGroupReferencesDetails"}
     },
+    "GeneratorDetails":{
+      "type":"structure",
+      "members":{
+        "Name":{
+          "shape":"NonEmptyString",
+          "documentation":"<p> The name of the detector used to identify the code vulnerability. </p>"
+        },
+        "Description":{
+          "shape":"NonEmptyString",
+          "documentation":"<p> The description of the detector used to identify the code vulnerability. </p>"
+        },
+        "Labels":{
+          "shape":"TypeList",
+          "documentation":"<p> An array of tags used to identify the detector associated with the finding. </p>"
+        }
+      },
+      "documentation":"<p> Provides metadata for the Amazon CodeGuru detector associated with a finding. This field pertains to findings that relate to Lambda functions. Amazon Inspector identifies policy violations and vulnerabilities in Lambda function code based on internal detectors developed in collaboration with Amazon CodeGuru. Security Hub receives those findings. </p>"
+    },
     "GeoLocation":{
       "type":"structure",
       "members":{
@@ -19497,10 +19541,51 @@
         "FixAvailable":{
           "shape":"VulnerabilityFixAvailable",
           "documentation":"<p>Specifies if all vulnerable packages in a finding have a value for <code>FixedInVersion</code> and <code>Remediation</code>. This field is evaluated for each vulnerability <code>Id</code> based on the number of vulnerable packages that have a value for both <code>FixedInVersion</code> and <code>Remediation</code>. Valid values are as follows:</p> <ul> <li> <p> <code>YES</code> if all vulnerable packages have a value for both <code>FixedInVersion</code> and <code>Remediation</code> </p> </li> <li> <p> <code>NO</code> if no vulnerable packages have a value for <code>FixedInVersion</code> and <code>Remediation</code> </p> </li> <li> <p> <code>PARTIAL</code> otherwise</p> </li> </ul>"
+        },
+        "EpssScore":{
+          "shape":"Double",
+          "documentation":"<p>The Exploit Prediction Scoring System (EPSS) score for a finding. </p>"
+        },
+        "ExploitAvailable":{
+          "shape":"VulnerabilityExploitAvailable",
+          "documentation":"<p>Whether an exploit is available for a finding. </p>"
+        },
+        "CodeVulnerabilities":{
+          "shape":"VulnerabilityCodeVulnerabilitiesList",
+          "documentation":"<p>The vulnerabilities found in your Lambda function code. This field pertains to findings that Security Hub receives from Amazon Inspector. </p>"
         }
       },
       "documentation":"<p>A vulnerability associated with a finding.</p>"
     },
+    "VulnerabilityCodeVulnerabilities":{
+      "type":"structure",
+      "members":{
+        "Cwes":{
+          "shape":"TypeList",
+          "documentation":"<p> The Common Weakness Enumeration (CWE) item associated with the detected code vulnerability. </p>"
+        },
+        "FilePath":{
+          "shape":"CodeVulnerabilitiesFilePath",
+          "documentation":"<p> Provides details about where a code vulnerability is located in your Lambda function. </p>"
+        },
+        "SourceArn":{
+          "shape":"NonEmptyString",
+          "documentation":"<p> The Amazon Resource Name (ARN) of the Lambda layer in which the code vulnerability is located. </p>"
+        }
+      },
+      "documentation":"<p>Provides details about the vulnerabilities found in your Lambda function code. This field pertains to findings that Security Hub receives from Amazon Inspector. </p>"
+    },
+    "VulnerabilityCodeVulnerabilitiesList":{
+      "type":"list",
+      "member":{"shape":"VulnerabilityCodeVulnerabilities"}
+    },
+    "VulnerabilityExploitAvailable":{
+      "type":"string",
+      "enum":[
+        "YES",
+        "NO"
+      ]
+    },
     "VulnerabilityFixAvailable":{
       "type":"string",
       "enum":[
@@ -19582,7 +19667,7 @@
           "documentation":"<p>The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to <code>SUPPRESSED</code> or <code>RESOLVED</code> does not prevent a new finding for the same issue.</p> <p>The allowed values are the following.</p> <ul> <li> <p> <code>NEW</code> - The initial state of a finding, before it is reviewed.</p> <p>Security Hub also resets the workflow status from <code>NOTIFIED</code> or <code>RESOLVED</code> to <code>NEW</code> in the following cases:</p> <ul> <li> <p> <code>RecordState</code> changes from <code>ARCHIVED</code> to <code>ACTIVE</code>.</p> </li> <li> <p> <code>ComplianceStatus</code> changes from <code>PASSED</code> to either <code>WARNING</code>, <code>FAILED</code>, or <code>NOT_AVAILABLE</code>.</p> </li> </ul> </li> <li> <p> <code>NOTIFIED</code> - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner.</p> </li> <li> <p> <code>SUPPRESSED</code> - Indicates that you reviewed the finding and do not believe that any action is needed. The finding is no longer updated.</p> </li> <li> <p> <code>RESOLVED</code> - The finding was reviewed and remediated and is now considered resolved. </p> </li> </ul>"
         }
       },
-      "documentation":"<p>Provides information about the status of the investigation into a finding.</p>"
+      "documentation":"<p>Provides details about the status of the investigation into a finding.</p>"
     },
     "WorkflowState":{
       "type":"string",
@@ -19616,5 +19701,5 @@
       "documentation":"<p>Used to update information about the investigation into the finding.</p>"
     }
   },
-  "documentation":"<p>Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and resources. It also provides you with the readiness status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated third-party products and helps you analyze security trends in your environment to identify the highest priority security issues. For more information about Security Hub, see the <a href=\"https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html\">Security HubUser Guide</a>.</p> <p>When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, run the same command for each Region in which you want to apply the change.</p> <p>For example, if your Region is set to <code>us-west-2</code>, when you use <code>CreateMembers</code> to add a member account to Security Hub, the association of the member account with the administrator account is created only in the <code>us-west-2</code> Region. Security Hub must be enabled for the member account in the same Region that the invitation was sent from.</p> <p>The following throttling limits apply to using Security Hub API operations.</p> <ul> <li> <p> <code>BatchEnableStandards</code> - <code>RateLimit</code> of 1 request per second. <code>BurstLimit</code> of 1 request per second.</p> </li> <li> <p> <code>GetFindings</code> - <code>RateLimit</code> of 3 requests per second. <code>BurstLimit</code> of 6 requests per second.</p> </li> <li> <p> <code>BatchImportFindings</code> - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> <li> <p> <code>BatchUpdateFindings</code> - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> <li> <p> <code>UpdateStandardsControl</code> - <code>RateLimit</code> of 1 request per second. <code>BurstLimit</code> of 5 requests per second.</p> </li> <li> <p>All other operations - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> </ul>"
+  "documentation":"<p>Security Hub provides you with a comprehensive view of the security state of your Amazon Web Services environment and resources. It also provides you with the readiness status of your environment based on controls from supported security standards. Security Hub collects security data from Amazon Web Services accounts, services, and integrated third-party products and helps you analyze security trends in your environment to identify the highest priority security issues. For more information about Security Hub, see the <a href=\"https://docs.aws.amazon.com/securityhub/latest/userguide/what-is-securityhub.html\"> <i>Security Hub User Guide</i> </a>.</p> <p>When you use operations in the Security Hub API, the requests are executed only in the Amazon Web Services Region that is currently active or in the specific Amazon Web Services Region that you specify in your request. Any configuration or settings change that results from the operation is applied only to that Region. To make the same change in other Regions, run the same command for each Region in which you want to apply the change.</p> <p>For example, if your Region is set to <code>us-west-2</code>, when you use <code>CreateMembers</code> to add a member account to Security Hub, the association of the member account with the administrator account is created only in the <code>us-west-2</code> Region. Security Hub must be enabled for the member account in the same Region that the invitation was sent from.</p> <p>The following throttling limits apply to using Security Hub API operations.</p> <ul> <li> <p> <code>BatchEnableStandards</code> - <code>RateLimit</code> of 1 request per second. <code>BurstLimit</code> of 1 request per second.</p> </li> <li> <p> <code>GetFindings</code> - <code>RateLimit</code> of 3 requests per second. <code>BurstLimit</code> of 6 requests per second.</p> </li> <li> <p> <code>BatchImportFindings</code> - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> <li> <p> <code>BatchUpdateFindings</code> - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> <li> <p> <code>UpdateStandardsControl</code> - <code>RateLimit</code> of 1 request per second. <code>BurstLimit</code> of 5 requests per second.</p> </li> <li> <p>All other operations - <code>RateLimit</code> of 10 requests per second. <code>BurstLimit</code> of 30 requests per second.</p> </li> </ul>"
 }
diff --git a/docs/source/conf.py b/docs/source/conf.py
@@ -59,7 +59,7 @@
 # The short X.Y version.
 version = '1.31.'
 # The full version, including alpha/beta/rc tags.
-release = '1.31.29'
+release = '1.31.30'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.