docs(client-securityhub): Documentation updates for AWS Security Hub

aws · Sep 27, 2024 · 2953ff4 · 2953ff4
1 parent c087759
commit 2953ff4
Show file tree

Hide file tree

Showing 23 changed files with 184 additions and 139 deletions.
diff --git a/clients/client-securityhub/README.md b/clients/client-securityhub/README.md
@@ -8,7 +8,7 @@ AWS SDK for JavaScript SecurityHub Client for Node.js, Browser and React Native.
 
 <p>Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps
 you assess your Amazon Web Services environment against security industry standards and best practices.</p>
-<p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Servicesservices, and
+<p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services services, and
 supported third-party products and helps you analyze your security trends and identify the highest priority security
 issues.</p>
 <p>To help you manage the security state of your organization, Security Hub supports multiple security standards.
@@ -17,10 +17,10 @@ and external compliance frameworks such as the Center for Internet Security (CIS
 Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes
 several security controls, each of which represents a security best practice. Security Hub runs checks against
 security controls and generates control findings to help you assess your compliance against security best practices.</p>
-<p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Servicesservices,
+<p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services services,
 such as Amazon GuardDuty and Amazon Inspector, and
 supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You
-can also send Security Hub findings to other Amazon Web Servicesservices and supported third-party products.</p>
+can also send Security Hub findings to other Amazon Web Services services and supported third-party products.</p>
 <p>Security Hub offers automation features that help you triage and remediate security issues. For example,
 you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with
 Amazon EventBridge  to trigger automatic responses to specific findings.</p>
@@ -31,12 +31,12 @@ and schemas. If you're new to Security Hub, you might find it helpful to also re
 </a>. The
 user guide explains key concepts and provides procedures
 that demonstrate how to use Security Hub features. It also provides information about topics such as
-integrating Security Hub with other Amazon Web Servicesservices.</p>
+integrating Security Hub with other Amazon Web Services services.</p>
 <p>In addition to interacting with Security Hub  by making calls to the Security Hub API, you can
 use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools
 and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell,
 Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to
-Security Hub  and other Amazon Web Servicesservices . They also handle tasks such as signing requests,
+Security Hub  and other Amazon Web Services services . They also handle tasks such as signing requests,
 managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services  tools
 and SDKs, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>.</p>
 <p>With the exception of operations that are related to central configuration, Security Hub API requests are executed only in

diff --git a/clients/client-securityhub/src/SecurityHub.ts b/clients/client-securityhub/src/SecurityHub.ts
@@ -1746,7 +1746,7 @@ export interface SecurityHub {
 /**
  * <p>Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps
  *            you assess your Amazon Web Services environment against security industry standards and best practices.</p>
- *          <p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Servicesservices, and
+ *          <p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services services, and
  *             supported third-party products and helps you analyze your security trends and identify the highest priority security
  *             issues.</p>
  *          <p>To help you manage the security state of your organization, Security Hub supports multiple security standards.
@@ -1755,10 +1755,10 @@ export interface SecurityHub {
  *             Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes
  *             several security controls, each of which represents a security best practice. Security Hub runs checks against
  *             security controls and generates control findings to help you assess your compliance against security best practices.</p>
- *          <p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Servicesservices,
+ *          <p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services services,
  *             such as Amazon GuardDuty and Amazon Inspector, and
  *             supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You
- *             can also send Security Hub findings to other Amazon Web Servicesservices and supported third-party products.</p>
+ *             can also send Security Hub findings to other Amazon Web Services services and supported third-party products.</p>
  *          <p>Security Hub offers automation features that help you triage and remediate security issues. For example,
  *            you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with
  *            Amazon EventBridge  to trigger automatic responses to specific findings.</p>
@@ -1769,12 +1769,12 @@ export interface SecurityHub {
  *             </a>. The
  *            user guide explains key concepts and provides procedures
  *            that demonstrate how to use Security Hub features. It also provides information about topics such as
- *            integrating Security Hub with other Amazon Web Servicesservices.</p>
+ *            integrating Security Hub with other Amazon Web Services services.</p>
  *          <p>In addition to interacting with Security Hub  by making calls to the Security Hub API, you can
  *            use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools
  *             and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell,
  *            Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to
- *            Security Hub  and other Amazon Web Servicesservices . They also handle tasks such as signing requests,
+ *            Security Hub  and other Amazon Web Services services . They also handle tasks such as signing requests,
  *            managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services  tools
  *            and SDKs, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>.</p>
  *          <p>With the exception of operations that are related to central configuration, Security Hub API requests are executed only in

diff --git a/clients/client-securityhub/src/SecurityHubClient.ts b/clients/client-securityhub/src/SecurityHubClient.ts
@@ -638,7 +638,7 @@ export interface SecurityHubClientResolvedConfig extends SecurityHubClientResolv
 /**
  * <p>Security Hub provides you with a comprehensive view of your security state in Amazon Web Services and helps
  *            you assess your Amazon Web Services environment against security industry standards and best practices.</p>
- *          <p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Servicesservices, and
+ *          <p>Security Hub collects security data across Amazon Web Services accounts, Amazon Web Services services, and
  *             supported third-party products and helps you analyze your security trends and identify the highest priority security
  *             issues.</p>
  *          <p>To help you manage the security state of your organization, Security Hub supports multiple security standards.
@@ -647,10 +647,10 @@ export interface SecurityHubClientResolvedConfig extends SecurityHubClientResolv
  *             Security Standard (PCI DSS), and the National Institute of Standards and Technology (NIST). Each standard includes
  *             several security controls, each of which represents a security best practice. Security Hub runs checks against
  *             security controls and generates control findings to help you assess your compliance against security best practices.</p>
- *          <p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Servicesservices,
+ *          <p>In addition to generating control findings, Security Hub also receives findings from other Amazon Web Services services,
  *             such as Amazon GuardDuty and Amazon Inspector, and
  *             supported third-party products. This gives you a single pane of glass into a variety of security-related issues. You
- *             can also send Security Hub findings to other Amazon Web Servicesservices and supported third-party products.</p>
+ *             can also send Security Hub findings to other Amazon Web Services services and supported third-party products.</p>
  *          <p>Security Hub offers automation features that help you triage and remediate security issues. For example,
  *            you can use automation rules to automatically update critical findings when a security check fails. You can also leverage the integration with
  *            Amazon EventBridge  to trigger automatic responses to specific findings.</p>
@@ -661,12 +661,12 @@ export interface SecurityHubClientResolvedConfig extends SecurityHubClientResolv
  *             </a>. The
  *            user guide explains key concepts and provides procedures
  *            that demonstrate how to use Security Hub features. It also provides information about topics such as
- *            integrating Security Hub with other Amazon Web Servicesservices.</p>
+ *            integrating Security Hub with other Amazon Web Services services.</p>
  *          <p>In addition to interacting with Security Hub  by making calls to the Security Hub API, you can
  *            use a current version of an Amazon Web Services command line tool or SDK. Amazon Web Services provides tools
  *             and SDKs that consist of libraries and sample code for various languages and platforms, such as PowerShell,
  *            Java, Go, Python, C++, and .NET. These tools and SDKs provide convenient, programmatic access to
- *            Security Hub  and other Amazon Web Servicesservices . They also handle tasks such as signing requests,
+ *            Security Hub  and other Amazon Web Services services . They also handle tasks such as signing requests,
  *            managing errors, and retrying requests automatically. For information about installing and using the Amazon Web Services  tools
  *            and SDKs, see <a href="http://aws.amazon.com/developer/tools/">Tools to Build on Amazon Web Services</a>.</p>
  *          <p>With the exception of operations that are related to central configuration, Security Hub API requests are executed only in

diff --git a/clients/client-securityhub/src/commands/AcceptAdministratorInvitationCommand.ts b/clients/client-securityhub/src/commands/AcceptAdministratorInvitationCommand.ts
@@ -33,7 +33,12 @@ export interface AcceptAdministratorInvitationCommandOutput
     __MetadataBearer {}
 
 /**
- * <p>Accepts the invitation to be a member account and be monitored by the Security Hub administrator
+ * <note>
+ *             <p>We recommend using Organizations instead of Security Hub invitations to manage your member accounts.
+ *            For information, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html">Managing Security Hub administrator and member accounts with Organizations</a>
+ *            in the <i>Security Hub User Guide</i>.</p>
+ *          </note>
+ *          <p>Accepts the invitation to be a member account and be monitored by the Security Hub administrator
  *          account that the invitation was sent from.</p>
  *          <p>This operation is only used by member accounts that are not added through
  *          Organizations.</p>

diff --git a/clients/client-securityhub/src/commands/BatchUpdateFindingsCommand.ts b/clients/client-securityhub/src/commands/BatchUpdateFindingsCommand.ts
@@ -32,7 +32,7 @@ export interface BatchUpdateFindingsCommandOutput extends BatchUpdateFindingsRes
  *          Requested by administrator accounts or member accounts. Administrator accounts can update findings for
  *          their account and their member accounts. Member accounts can update findings for their
  *          account.</p>
- *          <p>Updates from <code>BatchUpdateFindings</code> do not affect the value of
+ *          <p>Updates from <code>BatchUpdateFindings</code> don't affect the value of
  *             <code>UpdatedAt</code> for a finding.</p>
  *          <p>Administrator and member accounts can use <code>BatchUpdateFindings</code> to update the
  *          following finding fields and objects.</p>

diff --git a/clients/client-securityhub/src/commands/CreateFindingAggregatorCommand.ts b/clients/client-securityhub/src/commands/CreateFindingAggregatorCommand.ts
@@ -28,8 +28,11 @@ export interface CreateFindingAggregatorCommandInput extends CreateFindingAggreg
 export interface CreateFindingAggregatorCommandOutput extends CreateFindingAggregatorResponse, __MetadataBearer {}
 
 /**
- * <p>Used to enable finding aggregation. Must be called from the aggregation Region.</p>
- *          <p>For more details about cross-Region replication, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html">Configuring finding aggregation</a> in the <i>Security Hub User Guide</i>.
+ * <note>
+ *             <p>The <i>aggregation Region</i> is now called the <i>home Region</i>.</p>
+ *          </note>
+ *          <p>Used to enable cross-Region aggregation. This operation can be invoked from the home Region only.</p>
+ *          <p>For information about how cross-Region aggregation works, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/finding-aggregation.html">Understanding cross-Region aggregation in Security Hub</a> in the <i>Security Hub User Guide</i>.
  *       </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

diff --git a/clients/client-securityhub/src/commands/CreateMembersCommand.ts b/clients/client-securityhub/src/commands/CreateMembersCommand.ts
@@ -50,7 +50,7 @@ export interface CreateMembersCommandOutput extends CreateMembersResponse, __Met
  *          then send an invitation to the member account. To send the invitation, you use the
  *                <code>InviteMembers</code> operation. If the account owner accepts
  *          the invitation, the account becomes a member account in Security Hub.</p>
- *          <p>Accounts that are managed using Organizations do not receive an invitation. They
+ *          <p>Accounts that are managed using Organizations don't receive an invitation. They
  *          automatically become a member account in Security Hub.</p>
  *          <ul>
  *             <li>

diff --git a/clients/client-securityhub/src/commands/DeclineInvitationsCommand.ts b/clients/client-securityhub/src/commands/DeclineInvitationsCommand.ts
@@ -28,9 +28,14 @@ export interface DeclineInvitationsCommandInput extends DeclineInvitationsReques
 export interface DeclineInvitationsCommandOutput extends DeclineInvitationsResponse, __MetadataBearer {}
 
 /**
- * <p>Declines invitations to become a member account.</p>
+ * <note>
+ *             <p>We recommend using Organizations instead of Security Hub invitations to manage your member accounts.
+ *            For information, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html">Managing Security Hub administrator and member accounts with Organizations</a>
+ *            in the <i>Security Hub User Guide</i>.</p>
+ *          </note>
+ *          <p>Declines invitations to become a Security Hub member account.</p>
  *          <p>A prospective member account uses this operation to decline an invitation to become a member.</p>
- *          <p>This operation is only called by member accounts that aren't part of an organization.
+ *          <p>Only member accounts that aren't part of an Amazon Web Services organization should use this operation.
  *          Organization accounts don't receive invitations.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

diff --git a/clients/client-securityhub/src/commands/DeleteFindingAggregatorCommand.ts b/clients/client-securityhub/src/commands/DeleteFindingAggregatorCommand.ts
@@ -28,8 +28,13 @@ export interface DeleteFindingAggregatorCommandInput extends DeleteFindingAggreg
 export interface DeleteFindingAggregatorCommandOutput extends DeleteFindingAggregatorResponse, __MetadataBearer {}
 
 /**
- * <p>Deletes a finding aggregator. When you delete the finding aggregator, you stop finding aggregation.</p>
- *          <p>When you stop finding aggregation, findings that were already aggregated to the aggregation Region are still visible from the aggregation Region. New findings and finding updates are not aggregated.
+ * <note>
+ *             <p>The <i>aggregation Region</i> is now called the <i>home Region</i>.</p>
+ *          </note>
+ *          <p>Deletes a finding aggregator. When you delete the finding aggregator, you stop cross-Region aggregation. Finding replication stops
+ * occurring from the linked Regions to the home Region.</p>
+ *          <p>When you stop cross-Region aggregation, findings that were already replicated and sent to the home Region are still visible from
+ *         the home Region. However, new findings and finding updates are no longer replicated and sent to the home Region.
  *       </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

diff --git a/clients/client-securityhub/src/commands/DeleteInvitationsCommand.ts b/clients/client-securityhub/src/commands/DeleteInvitationsCommand.ts
@@ -28,9 +28,14 @@ export interface DeleteInvitationsCommandInput extends DeleteInvitationsRequest
 export interface DeleteInvitationsCommandOutput extends DeleteInvitationsResponse, __MetadataBearer {}
 
 /**
- * <p>Deletes invitations received by the Amazon Web Services account to become a member account.</p>
- *          <p>A Security Hub administrator account can use this operation to delete invitations sent to one or more member accounts.</p>
- *          <p>This operation is only used to delete invitations that are sent to member accounts that aren't part of an organization.
+ * <note>
+ *             <p>We recommend using Organizations instead of Security Hub invitations to manage your member accounts.
+ *            For information, see <a href="https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-accounts-orgs.html">Managing Security Hub administrator and member accounts with Organizations</a>
+ *            in the <i>Security Hub User Guide</i>.</p>
+ *          </note>
+ *          <p>Deletes invitations to become a Security Hub member account.</p>
+ *          <p>A Security Hub administrator account can use this operation to delete invitations sent to one or more prospective member accounts.</p>
+ *          <p>This operation is only used to delete invitations that are sent to prospective member accounts that aren't part of an Amazon Web Services organization.
  *          Organization accounts don't receive invitations.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.

diff --git a/clients/client-securityhub/src/commands/DescribeProductsCommand.ts b/clients/client-securityhub/src/commands/DescribeProductsCommand.ts
@@ -31,7 +31,7 @@ export interface DescribeProductsCommandOutput extends DescribeProductsResponse,
  * <p>Returns information about product integrations in Security Hub.</p>
  *          <p>You can optionally provide an integration ARN. If you provide an integration ARN, then
  *          the results only include that integration.</p>
- *          <p>If you do not provide an integration ARN, then the results include all of the available
+ *          <p>If you don't provide an integration ARN, then the results include all of the available
  *          product integrations. </p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.