Class: Aws::SecurityHub::Client
- Inherits:
-
Seahorse::Client::Base
- Object
- Seahorse::Client::Base
- Aws::SecurityHub::Client
- Includes:
- ClientStubs
- Defined in:
- gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb
Overview
An API client for SecurityHub. To construct a client, you need to configure a :region and :credentials.
client = Aws::SecurityHub::Client.new(
region: region_name,
credentials: credentials,
# ...
)
For details on configuring region and credentials see the developer guide.
See #initialize for a full list of supported configuration options.
Instance Attribute Summary
Attributes inherited from Seahorse::Client::Base
API Operations collapse
-
#accept_administrator_invitation(params = {}) ⇒ Struct
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#accept_invitation(params = {}) ⇒ Struct
This method is deprecated.
-
#batch_delete_automation_rules(params = {}) ⇒ Types::BatchDeleteAutomationRulesResponse
Deletes one or more automation rules.
-
#batch_disable_standards(params = {}) ⇒ Types::BatchDisableStandardsResponse
Disables the standards specified by the provided
StandardsSubscriptionArns. -
#batch_enable_standards(params = {}) ⇒ Types::BatchEnableStandardsResponse
Enables the standards specified by the provided
StandardsArn. -
#batch_get_automation_rules(params = {}) ⇒ Types::BatchGetAutomationRulesResponse
Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs).
-
#batch_get_configuration_policy_associations(params = {}) ⇒ Types::BatchGetConfigurationPolicyAssociationsResponse
Returns associations between an Security Hub CSPM configuration and a batch of target accounts, organizational units, or the root.
-
#batch_get_security_controls(params = {}) ⇒ Types::BatchGetSecurityControlsResponse
Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region.
-
#batch_get_standards_control_associations(params = {}) ⇒ Types::BatchGetStandardsControlAssociationsResponse
For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.
-
#batch_import_findings(params = {}) ⇒ Types::BatchImportFindingsResponse
Imports security findings generated by a finding provider into Security Hub CSPM.
-
#batch_update_automation_rules(params = {}) ⇒ Types::BatchUpdateAutomationRulesResponse
Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters.
-
#batch_update_findings(params = {}) ⇒ Types::BatchUpdateFindingsResponse
Used by Security Hub CSPM customers to update information about their investigation into one or more findings.
-
#batch_update_findings_v2(params = {}) ⇒ Types::BatchUpdateFindingsV2Response
Updates information about a customer's investigation into a finding.
-
#batch_update_standards_control_associations(params = {}) ⇒ Types::BatchUpdateStandardsControlAssociationsResponse
For a batch of security controls and standards, this operation updates the enablement status of a control in a standard.
-
#create_action_target(params = {}) ⇒ Types::CreateActionTargetResponse
Creates a custom action target in Security Hub CSPM.
-
#create_aggregator_v2(params = {}) ⇒ Types::CreateAggregatorV2Response
Enables aggregation across Amazon Web Services Regions.
-
#create_automation_rule(params = {}) ⇒ Types::CreateAutomationRuleResponse
Creates an automation rule based on input parameters.
-
#create_automation_rule_v2(params = {}) ⇒ Types::CreateAutomationRuleV2Response
Creates a V2 automation rule.
-
#create_configuration_policy(params = {}) ⇒ Types::CreateConfigurationPolicyResponse
Creates a configuration policy with the defined configuration.
-
#create_connector(params = {}) ⇒ Types::CreateConnectorResponse
Creates a cloud service provider management (CSPM) connector in Security Hub CSPM.
-
#create_connector_v2(params = {}) ⇒ Types::CreateConnectorV2Response
Grants permission to create a connectorV2 based on input parameters.
-
#create_finding_aggregator(params = {}) ⇒ Types::CreateFindingAggregatorResponse
The aggregation Region is now called the home Region. -
#create_insight(params = {}) ⇒ Types::CreateInsightResponse
Creates a custom insight in Security Hub CSPM.
-
#create_members(params = {}) ⇒ Types::CreateMembersResponse
Creates a member association in Security Hub CSPM between the specified accounts and the account used to make the request, which is the administrator account.
-
#create_ticket_v2(params = {}) ⇒ Types::CreateTicketV2Response
Grants permission to create a ticket in the chosen ITSM based on finding information for the provided finding metadata UID.
-
#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#delete_action_target(params = {}) ⇒ Types::DeleteActionTargetResponse
Deletes a custom action target from Security Hub CSPM.
-
#delete_aggregator_v2(params = {}) ⇒ Struct
Deletes the Aggregator V2.
-
#delete_automation_rule_v2(params = {}) ⇒ Struct
Deletes a V2 automation rule.
-
#delete_configuration_policy(params = {}) ⇒ Struct
Deletes a configuration policy.
-
#delete_connector(params = {}) ⇒ Types::DeleteConnectorResponse
Deletes a CSPM connector.
-
#delete_connector_v2(params = {}) ⇒ Types::DeleteConnectorV2Response
Grants permission to delete a connectorV2.
-
#delete_finding_aggregator(params = {}) ⇒ Struct
The aggregation Region is now called the home Region. -
#delete_insight(params = {}) ⇒ Types::DeleteInsightResponse
Deletes the insight specified by the
InsightArn. -
#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#delete_members(params = {}) ⇒ Types::DeleteMembersResponse
Deletes the specified member accounts from Security Hub CSPM.
-
#describe_action_targets(params = {}) ⇒ Types::DescribeActionTargetsResponse
Returns a list of the custom action targets in Security Hub CSPM in your account.
-
#describe_hub(params = {}) ⇒ Types::DescribeHubResponse
Returns details about the Hub resource in your account, including the
HubArnand the time when you enabled Security Hub CSPM. -
#describe_organization_configuration(params = {}) ⇒ Types::DescribeOrganizationConfigurationResponse
Returns information about the way your organization is configured in Security Hub CSPM.
-
#describe_products(params = {}) ⇒ Types::DescribeProductsResponse
Returns information about product integrations in Security Hub CSPM.
-
#describe_products_v2(params = {}) ⇒ Types::DescribeProductsV2Response
Gets information about the product integration.
-
#describe_security_hub_v2(params = {}) ⇒ Types::DescribeSecurityHubV2Response
Returns details about the service resource in your account.
-
#describe_standards(params = {}) ⇒ Types::DescribeStandardsResponse
Returns a list of the available standards in Security Hub CSPM.
-
#describe_standards_controls(params = {}) ⇒ Types::DescribeStandardsControlsResponse
Returns a list of security standards controls.
-
#disable_import_findings_for_product(params = {}) ⇒ Struct
Disables the integration of the specified product with Security Hub CSPM.
-
#disable_organization_admin_account(params = {}) ⇒ Struct
Disables a Security Hub CSPM administrator account.
-
#disable_security_hub(params = {}) ⇒ Struct
Disables Security Hub CSPM in your account only in the current Amazon Web Services Region.
-
#disable_security_hub_feature_v2(params = {}) ⇒ Struct
Disables an opt-in feature for the calling account in the current Amazon Web Services Region.
-
#disable_security_hub_v2(params = {}) ⇒ Struct
Disable the service for the current Amazon Web Services Region or specified Amazon Web Services Region.
-
#disassociate_from_administrator_account(params = {}) ⇒ Struct
Disassociates the current Security Hub CSPM member account from the associated administrator account.
-
#disassociate_from_master_account(params = {}) ⇒ Struct
This method is deprecated.
-
#disassociate_members(params = {}) ⇒ Struct
Disassociates the specified member accounts from the associated administrator account.
-
#enable_import_findings_for_product(params = {}) ⇒ Types::EnableImportFindingsForProductResponse
Enables the integration of a partner product with Security Hub CSPM.
-
#enable_organization_admin_account(params = {}) ⇒ Types::EnableOrganizationAdminAccountResponse
Designates the Security Hub CSPM administrator account for an organization.
-
#enable_security_hub(params = {}) ⇒ Struct
Enables Security Hub CSPM for your account in the current Region or the Region you specify in the request.
-
#enable_security_hub_feature_v2(params = {}) ⇒ Struct
Enables an opt-in feature for the calling account in the current Amazon Web Services Region.
-
#enable_security_hub_v2(params = {}) ⇒ Types::EnableSecurityHubV2Response
Enables the service in account for the current Amazon Web Services Region or specified Amazon Web Services Region.
-
#generate_recommended_policy_v2(params = {}) ⇒ Struct
Begins the recommended policy generation to remediate a Security Hub finding.
-
#get_administrator_account(params = {}) ⇒ Types::GetAdministratorAccountResponse
Provides the details for the Security Hub CSPM administrator account for the current member account.
-
#get_aggregator_v2(params = {}) ⇒ Types::GetAggregatorV2Response
Returns the configuration of the specified Aggregator V2.
-
#get_automation_rule_v2(params = {}) ⇒ Types::GetAutomationRuleV2Response
Returns an automation rule for the V2 service.
-
#get_configuration_policy(params = {}) ⇒ Types::GetConfigurationPolicyResponse
Provides information about a configuration policy.
-
#get_configuration_policy_association(params = {}) ⇒ Types::GetConfigurationPolicyAssociationResponse
Returns the association between a configuration and a target account, organizational unit, or the root.
-
#get_connector(params = {}) ⇒ Types::GetConnectorResponse
Retrieves details for a CSPM connector based on the connector ID.
-
#get_connector_v2(params = {}) ⇒ Types::GetConnectorV2Response
Grants permission to retrieve details for a connectorV2 based on connector id.
-
#get_enabled_standards(params = {}) ⇒ Types::GetEnabledStandardsResponse
Returns a list of the standards that are currently enabled.
-
#get_finding_aggregator(params = {}) ⇒ Types::GetFindingAggregatorResponse
The aggregation Region is now called the home Region. -
#get_finding_history(params = {}) ⇒ Types::GetFindingHistoryResponse
Returns the history of a Security Hub CSPM finding.
-
#get_finding_statistics_v2(params = {}) ⇒ Types::GetFindingStatisticsV2Response
Returns aggregated statistical data about findings.
-
#get_findings(params = {}) ⇒ Types::GetFindingsResponse
Returns a list of findings that match the specified criteria.
-
#get_findings_trends_v2(params = {}) ⇒ Types::GetFindingsTrendsV2Response
Returns findings trend data based on the specified criteria.
-
#get_findings_v2(params = {}) ⇒ Types::GetFindingsV2Response
Returns a list of findings that match the specified criteria.
-
#get_insight_results(params = {}) ⇒ Types::GetInsightResultsResponse
Lists the results of the Security Hub CSPM insight specified by the insight ARN.
-
#get_insights(params = {}) ⇒ Types::GetInsightsResponse
Lists and describes insights for the specified insight ARNs.
-
#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse
This method is deprecated.
-
#get_members(params = {}) ⇒ Types::GetMembersResponse
Returns the details for the Security Hub CSPM member accounts for the specified account IDs.
-
#get_recommended_policy_v2(params = {}) ⇒ Types::GetRecommendedPolicyV2Response
Retrieves the recommended policy to remediate a Security Hub finding.
-
#get_resources_statistics_v2(params = {}) ⇒ Types::GetResourcesStatisticsV2Response
Retrieves statistical information about Amazon Web Services resources and their associated security findings.
-
#get_resources_trends_v2(params = {}) ⇒ Types::GetResourcesTrendsV2Response
Returns resource trend data based on the specified criteria.
-
#get_resources_v2(params = {}) ⇒ Types::GetResourcesV2Response
Returns a list of resources.
-
#get_security_control_definition(params = {}) ⇒ Types::GetSecurityControlDefinitionResponse
Retrieves the definition of a security control.
-
#invite_members(params = {}) ⇒ Types::InviteMembersResponse
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#list_aggregators_v2(params = {}) ⇒ Types::ListAggregatorsV2Response
Retrieves a list of V2 aggregators.
-
#list_automation_rules(params = {}) ⇒ Types::ListAutomationRulesResponse
A list of automation rules and their metadata for the calling account.
-
#list_automation_rules_v2(params = {}) ⇒ Types::ListAutomationRulesV2Response
Returns a list of automation rules and metadata for the calling account.
-
#list_configuration_policies(params = {}) ⇒ Types::ListConfigurationPoliciesResponse
Lists the configuration policies that the Security Hub CSPM delegated administrator has created for your organization.
-
#list_configuration_policy_associations(params = {}) ⇒ Types::ListConfigurationPolicyAssociationsResponse
Provides information about the associations for your configuration policies and self-managed behavior.
-
#list_connectors(params = {}) ⇒ Types::ListConnectorsResponse
Lists the CSPM connectors and their metadata for the calling account.
-
#list_connectors_v2(params = {}) ⇒ Types::ListConnectorsV2Response
Grants permission to retrieve a list of connectorsV2 and their metadata for the calling account.
-
#list_enabled_products_for_import(params = {}) ⇒ Types::ListEnabledProductsForImportResponse
Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub CSPM.
-
#list_finding_aggregators(params = {}) ⇒ Types::ListFindingAggregatorsResponse
If cross-Region aggregation is enabled, then
ListFindingAggregatorsreturns the Amazon Resource Name (ARN) of the finding aggregator. -
#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse
We recommend using Organizations instead of Security Hub CSPM invitations to manage your member accounts. -
#list_members(params = {}) ⇒ Types::ListMembersResponse
Lists details about all member accounts for the current Security Hub CSPM administrator account.
-
#list_organization_admin_accounts(params = {}) ⇒ Types::ListOrganizationAdminAccountsResponse
Lists the Security Hub CSPM administrator accounts.
-
#list_security_control_definitions(params = {}) ⇒ Types::ListSecurityControlDefinitionsResponse
Lists all of the security controls that apply to a specified standard.
-
#list_standards_control_associations(params = {}) ⇒ Types::ListStandardsControlAssociationsResponse
Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account.
-
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Returns a list of tags associated with a resource.
-
#register_connector_v2(params = {}) ⇒ Types::RegisterConnectorV2Response
Grants permission to complete the authorization based on input parameters.
-
#start_configuration_policy_association(params = {}) ⇒ Types::StartConfigurationPolicyAssociationResponse
Associates a target account, organizational unit, or the root with a specified configuration.
-
#start_configuration_policy_disassociation(params = {}) ⇒ Struct
Disassociates a target account, organizational unit, or the root from a specified configuration.
-
#tag_resource(params = {}) ⇒ Struct
Adds one or more tags to a resource.
-
#untag_resource(params = {}) ⇒ Struct
Removes one or more tags from a resource.
-
#update_action_target(params = {}) ⇒ Struct
Updates the name and description of a custom action target in Security Hub CSPM.
-
#update_aggregator_v2(params = {}) ⇒ Types::UpdateAggregatorV2Response
Udpates the configuration for the Aggregator V2.
-
#update_automation_rule_v2(params = {}) ⇒ Struct
Updates a V2 automation rule.
-
#update_configuration_policy(params = {}) ⇒ Types::UpdateConfigurationPolicyResponse
Updates a configuration policy.
-
#update_connector(params = {}) ⇒ Types::UpdateConnectorResponse
Updates a CSPM connector's configuration, such as the scope or regions for the connected cloud provider.
-
#update_connector_v2(params = {}) ⇒ Types::UpdateConnectorV2Response
Grants permission to update a connectorV2 based on its id and input parameters.
-
#update_finding_aggregator(params = {}) ⇒ Types::UpdateFindingAggregatorResponse
The aggregation Region is now called the home Region. -
#update_findings(params = {}) ⇒ Struct
UpdateFindingsis a deprecated operation. -
#update_insight(params = {}) ⇒ Struct
Updates the Security Hub CSPM insight identified by the specified insight ARN.
-
#update_organization_configuration(params = {}) ⇒ Struct
Updates the configuration of your organization in Security Hub CSPM.
-
#update_security_control(params = {}) ⇒ Struct
Updates the properties of a security control.
-
#update_security_hub_configuration(params = {}) ⇒ Struct
Updates configuration options for Security Hub CSPM.
-
#update_standards_control(params = {}) ⇒ Struct
Used to control whether an individual security standard control is enabled or disabled.
Instance Method Summary collapse
-
#initialize(options) ⇒ Client
constructor
A new instance of Client.
Methods included from ClientStubs
#api_requests, #stub_data, #stub_responses
Methods inherited from Seahorse::Client::Base
add_plugin, api, clear_plugins, define, new, #operation_names, plugins, remove_plugin, set_api, set_plugins
Methods included from Seahorse::Client::HandlerBuilder
#handle, #handle_request, #handle_response
Constructor Details
#initialize(options) ⇒ Client
Returns a new instance of Client.
471 472 473 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 471 def initialize(*args) super end |
Instance Method Details
#accept_administrator_invitation(params = {}) ⇒ Struct
Accepts the invitation to be a member account and be monitored by the Security Hub CSPM administrator account that the invitation was sent from.
This operation is only used by member accounts that are not added through Organizations.
When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.
532 533 534 535 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 532 def accept_administrator_invitation(params = {}, = {}) req = build_request(:accept_administrator_invitation, params) req.send_request() end |
#accept_invitation(params = {}) ⇒ Struct
This method is deprecated. Instead, use
AcceptAdministratorInvitation.
The Security Hub CSPM console continues to use AcceptInvitation. It
will eventually change to use AcceptAdministratorInvitation. Any IAM
policies that specifically control access to this function must
continue to use AcceptInvitation. You should also add
AcceptAdministratorInvitation to your policies to ensure that the
correct permissions are in place after the console begins to use
AcceptAdministratorInvitation.
Accepts the invitation to be a member account and be monitored by the Security Hub CSPM administrator account that the invitation was sent from.
This operation is only used by member accounts that are not added through Organizations.
When the member account accepts the invitation, permission is granted to the administrator account to view findings generated in the member account.
580 581 582 583 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 580 def accept_invitation(params = {}, = {}) req = build_request(:accept_invitation, params) req.send_request() end |
#batch_delete_automation_rules(params = {}) ⇒ Types::BatchDeleteAutomationRulesResponse
Deletes one or more automation rules.
641 642 643 644 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 641 def batch_delete_automation_rules(params = {}, = {}) req = build_request(:batch_delete_automation_rules, params) req.send_request() end |
#batch_disable_standards(params = {}) ⇒ Types::BatchDisableStandardsResponse
Disables the standards specified by the provided
StandardsSubscriptionArns.
For more information, see Security Standards section of the Security Hub CSPM User Guide.
709 710 711 712 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 709 def batch_disable_standards(params = {}, = {}) req = build_request(:batch_disable_standards, params) req.send_request() end |
#batch_enable_standards(params = {}) ⇒ Types::BatchEnableStandardsResponse
Enables the standards specified by the provided StandardsArn. To
obtain the ARN for a standard, use the DescribeStandards operation.
For more information, see the Security Standards section of the Security Hub CSPM User Guide.
787 788 789 790 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 787 def batch_enable_standards(params = {}, = {}) req = build_request(:batch_enable_standards, params) req.send_request() end |
#batch_get_automation_rules(params = {}) ⇒ Types::BatchGetAutomationRulesResponse
Retrieves a list of details for automation rules based on rule Amazon Resource Names (ARNs).
1089 1090 1091 1092 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1089 def batch_get_automation_rules(params = {}, = {}) req = build_request(:batch_get_automation_rules, params) req.send_request() end |
#batch_get_configuration_policy_associations(params = {}) ⇒ Types::BatchGetConfigurationPolicyAssociationsResponse
Returns associations between an Security Hub CSPM configuration and a batch of target accounts, organizational units, or the root. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region. A configuration can refer to a configuration policy or to a self-managed configuration.
1191 1192 1193 1194 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1191 def batch_get_configuration_policy_associations(params = {}, = {}) req = build_request(:batch_get_configuration_policy_associations, params) req.send_request() end |
#batch_get_security_controls(params = {}) ⇒ Types::BatchGetSecurityControlsResponse
Provides details about a batch of security controls for the current Amazon Web Services account and Amazon Web Services Region.
1306 1307 1308 1309 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1306 def batch_get_security_controls(params = {}, = {}) req = build_request(:batch_get_security_controls, params) req.send_request() end |
#batch_get_standards_control_associations(params = {}) ⇒ Types::BatchGetStandardsControlAssociationsResponse
For a batch of security controls and standards, identifies whether each control is currently enabled or disabled in a standard.
Calls to this operation return a RESOURCE_NOT_FOUND_EXCEPTION error
when the standard subscription for the association has a
NOT_READY_FOR_UPDATES value for StandardsControlsUpdatable.
1415 1416 1417 1418 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1415 def batch_get_standards_control_associations(params = {}, = {}) req = build_request(:batch_get_standards_control_associations, params) req.send_request() end |
#batch_import_findings(params = {}) ⇒ Types::BatchImportFindingsResponse
Imports security findings generated by a finding provider into Security Hub CSPM. This action is requested by the finding provider to import its findings into Security Hub CSPM.
BatchImportFindings must be called by one of the following:
The Amazon Web Services account that is associated with a finding if you are using the default product ARN or are a partner sending findings from within a customer's Amazon Web Services account. In these cases, the identifier of the account that you are calling
BatchImportFindingsfrom needs to be the same as theAwsAccountIdattribute for the finding.An Amazon Web Services account that Security Hub CSPM has allow-listed for an official partner integration. In this case, you can call
BatchImportFindingsfrom the allow-listed account and send findings from different customer accounts in the same batch.
The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
After a finding is created, BatchImportFindings cannot be used to
update the following finding fields and objects, which Security Hub
CSPM customers use to manage their investigation workflow.
NoteUserDefinedFieldsVerificationStateWorkflow
Finding providers also should not use BatchImportFindings to update
the following attributes.
ConfidenceCriticalityRelatedFindingsSeverityTypes
Instead, finding providers use FindingProviderFields to provide
values for these attributes.
1547 1548 1549 1550 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1547 def batch_import_findings(params = {}, = {}) req = build_request(:batch_import_findings, params) req.send_request() end |
#batch_update_automation_rules(params = {}) ⇒ Types::BatchUpdateAutomationRulesResponse
Updates one or more automation rules based on rule Amazon Resource Names (ARNs) and input parameters.
1933 1934 1935 1936 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 1933 def batch_update_automation_rules(params = {}, = {}) req = build_request(:batch_update_automation_rules, params) req.send_request() end |
#batch_update_findings(params = {}) ⇒ Types::BatchUpdateFindingsResponse
Used by Security Hub CSPM customers to update information about their investigation into one or more findings. Requested by administrator accounts or member accounts. Administrator accounts can update findings for their account and their member accounts. A member account can update findings only for their own account. Administrator and member accounts can use this operation to update the following fields and objects for one or more findings:
ConfidenceCriticalityNoteRelatedFindingsSeverityTypesUserDefinedFieldsVerificationStateWorkflow
If you use this operation to update a finding, your updates don’t
affect the value for the UpdatedAt field of the finding. Also note
that it can take several minutes for Security Hub CSPM to process your
request and update each finding specified in the request.
You can configure IAM policies to restrict access to fields and field values. For example, you might not want member accounts to be able to suppress findings or change the finding severity. For more information see Configuring access to BatchUpdateFindings in the Security Hub CSPM User Guide.
2167 2168 2169 2170 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2167 def batch_update_findings(params = {}, = {}) req = build_request(:batch_update_findings, params) req.send_request() end |
#batch_update_findings_v2(params = {}) ⇒ Types::BatchUpdateFindingsV2Response
Updates information about a customer's investigation into a finding. Delegated administrator accounts can update findings for their account and their member accounts. Member accounts can update findings for their own account.
BatchUpdateFindings and BatchUpdateFindingsV2 both use
securityhub:BatchUpdateFindings in the Action element of an IAM
policy statement. You must have permission to perform the
securityhub:BatchUpdateFindings action. You can configure IAM
policies to restrict access to specific finding fields or field values
by using the securityhub:OCSFSyntaxPath/<fieldName> condition key,
where <fieldName> is one of the following supported fields:
SeverityId, StatusId, or Comment.
To prevent a user from updating a specific field, use a Null
condition with securityhub:OCSFSyntaxPath/<fieldName> set to
"false". To prevent a user from setting a field to a specific value,
use a StringEquals condition with
securityhub:OCSFSyntaxPath/<fieldName> set to the disallowed value
or list of values.
Updates from BatchUpdateFindingsV2 don't affect the value of
finding_info.modified_time, finding_info.modified_time_dt, time,
or time_dt for a finding.
2262 2263 2264 2265 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2262 def batch_update_findings_v2(params = {}, = {}) req = build_request(:batch_update_findings_v2, params) req.send_request() end |
#batch_update_standards_control_associations(params = {}) ⇒ Types::BatchUpdateStandardsControlAssociationsResponse
For a batch of security controls and standards, this operation updates the enablement status of a control in a standard.
2348 2349 2350 2351 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2348 def batch_update_standards_control_associations(params = {}, = {}) req = build_request(:batch_update_standards_control_associations, params) req.send_request() end |
#create_action_target(params = {}) ⇒ Types::CreateActionTargetResponse
Creates a custom action target in Security Hub CSPM.
You can use custom actions on findings and insights in Security Hub CSPM to trigger target actions in Amazon CloudWatch Events.
2405 2406 2407 2408 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2405 def create_action_target(params = {}, = {}) req = build_request(:create_action_target, params) req.send_request() end |
#create_aggregator_v2(params = {}) ⇒ Types::CreateAggregatorV2Response
Enables aggregation across Amazon Web Services Regions.
2457 2458 2459 2460 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2457 def create_aggregator_v2(params = {}, = {}) req = build_request(:create_aggregator_v2, params) req.send_request() end |
#create_automation_rule(params = {}) ⇒ Types::CreateAutomationRuleResponse
Creates an automation rule based on input parameters.
2914 2915 2916 2917 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 2914 def create_automation_rule(params = {}, = {}) req = build_request(:create_automation_rule, params) req.send_request() end |
#create_automation_rule_v2(params = {}) ⇒ Types::CreateAutomationRuleV2Response
Creates a V2 automation rule.
3062 3063 3064 3065 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 3062 def create_automation_rule_v2(params = {}, = {}) req = build_request(:create_automation_rule_v2, params) req.send_request() end |
#create_configuration_policy(params = {}) ⇒ Types::CreateConfigurationPolicyResponse
Creates a configuration policy with the defined configuration. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
3258 3259 3260 3261 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 3258 def create_configuration_policy(params = {}, = {}) req = build_request(:create_configuration_policy, params) req.send_request() end |
#create_connector(params = {}) ⇒ Types::CreateConnectorResponse
Creates a cloud service provider management (CSPM) connector in Security Hub CSPM. A connector establishes a connection between Security Hub CSPM and a third-party cloud provider, enabling Security Hub CSPM to ingest security findings and resource data from the connected environment.
3356 3357 3358 3359 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 3356 def create_connector(params = {}, = {}) req = build_request(:create_connector, params) req.send_request() end |
#create_connector_v2(params = {}) ⇒ Types::CreateConnectorV2Response
Grants permission to create a connectorV2 based on input parameters.
3434 3435 3436 3437 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 3434 def create_connector_v2(params = {}, = {}) req = build_request(:create_connector_v2, params) req.send_request() end |
#create_finding_aggregator(params = {}) ⇒ Types::CreateFindingAggregatorResponse
Used to enable cross-Region aggregation. This operation can be invoked from the home Region only.
For information about how cross-Region aggregation works, see Understanding cross-Region aggregation in Security Hub CSPM in the Security Hub CSPM User Guide.
3545 3546 3547 3548 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 3545 def create_finding_aggregator(params = {}, = {}) req = build_request(:create_finding_aggregator, params) req.send_request() end |
#create_insight(params = {}) ⇒ Types::CreateInsightResponse
Creates a custom insight in Security Hub CSPM. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
To group the related findings in the insight, use the
GroupByAttribute.
4345 4346 4347 4348 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4345 def create_insight(params = {}, = {}) req = build_request(:create_insight, params) req.send_request() end |
#create_members(params = {}) ⇒ Types::CreateMembersResponse
Creates a member association in Security Hub CSPM between the specified accounts and the account used to make the request, which is the administrator account. If you are integrated with Organizations, then the administrator account is designated by the organization management account.
CreateMembers is always used to add accounts that are not
organization members.
For accounts that are managed using Organizations, CreateMembers is
only used in the following cases:
Security Hub CSPM is not configured to automatically add new organization accounts.
The account was disassociated or deleted in Security Hub CSPM.
This action can only be used by an account that has Security Hub CSPM
enabled. To enable Security Hub CSPM, you can use the
EnableSecurityHub operation.
For accounts that are not organization members, you create the account
association and then send an invitation to the member account. To send
the invitation, you use the InviteMembers operation. If the account
owner accepts the invitation, the account becomes a member account in
Security Hub CSPM.
Accounts that are managed using Organizations don't receive an invitation. They automatically become a member account in Security Hub CSPM.
If the organization account does not have Security Hub CSPM enabled, then Security Hub CSPM and the default standards are automatically enabled. Note that Security Hub CSPM cannot be enabled automatically for the organization management account. The organization management account must enable Security Hub CSPM before the administrator account enables it as a member account.
For organization accounts that already have Security Hub CSPM enabled, Security Hub CSPM does not make any other changes to those accounts. It does not change their enabled standards or controls.
A permissions policy is added that permits the administrator account to view the findings generated in the member account.
To remove the association between the administrator and member
accounts, use the DisassociateFromMasterAccount or
DisassociateMembers operation.
4452 4453 4454 4455 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4452 def create_members(params = {}, = {}) req = build_request(:create_members, params) req.send_request() end |
#create_ticket_v2(params = {}) ⇒ Types::CreateTicketV2Response
Grants permission to create a ticket in the chosen ITSM based on finding information for the provided finding metadata UID.
4500 4501 4502 4503 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4500 def create_ticket_v2(params = {}, = {}) req = build_request(:create_ticket_v2, params) req.send_request() end |
#decline_invitations(params = {}) ⇒ Types::DeclineInvitationsResponse
Declines invitations to become a Security Hub CSPM member account.
A prospective member account uses this operation to decline an invitation to become a member.
Only member accounts that aren't part of an Amazon Web Services organization should use this operation. Organization accounts don't receive invitations.
4568 4569 4570 4571 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4568 def decline_invitations(params = {}, = {}) req = build_request(:decline_invitations, params) req.send_request() end |
#delete_action_target(params = {}) ⇒ Types::DeleteActionTargetResponse
Deletes a custom action target from Security Hub CSPM.
Deleting a custom action target does not affect any findings or insights that were already sent to Amazon CloudWatch Events using the custom action.
4616 4617 4618 4619 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4616 def delete_action_target(params = {}, = {}) req = build_request(:delete_action_target, params) req.send_request() end |
#delete_aggregator_v2(params = {}) ⇒ Struct
Deletes the Aggregator V2.
4638 4639 4640 4641 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4638 def delete_aggregator_v2(params = {}, = {}) req = build_request(:delete_aggregator_v2, params) req.send_request() end |
#delete_automation_rule_v2(params = {}) ⇒ Struct
Deletes a V2 automation rule.
4660 4661 4662 4663 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4660 def delete_automation_rule_v2(params = {}, = {}) req = build_request(:delete_automation_rule_v2, params) req.send_request() end |
#delete_configuration_policy(params = {}) ⇒ Struct
Deletes a configuration policy. Only the Security Hub CSPM delegated
administrator can invoke this operation from the home Region. For the
deletion to succeed, you must first disassociate a configuration
policy from target accounts, organizational units, or the root by
invoking the StartConfigurationPolicyDisassociation operation.
4696 4697 4698 4699 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4696 def delete_configuration_policy(params = {}, = {}) req = build_request(:delete_configuration_policy, params) req.send_request() end |
#delete_connector(params = {}) ⇒ Types::DeleteConnectorResponse
Deletes a CSPM connector. When you delete a connector, Security Hub CSPM stops ingesting findings and resource data from the connected cloud provider environment.
4740 4741 4742 4743 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4740 def delete_connector(params = {}, = {}) req = build_request(:delete_connector, params) req.send_request() end |
#delete_connector_v2(params = {}) ⇒ Types::DeleteConnectorV2Response
Grants permission to delete a connectorV2.
4768 4769 4770 4771 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4768 def delete_connector_v2(params = {}, = {}) req = build_request(:delete_connector_v2, params) req.send_request() end |
#delete_finding_aggregator(params = {}) ⇒ Struct
Deletes a finding aggregator. When you delete the finding aggregator, you stop cross-Region aggregation. Finding replication stops occurring from the linked Regions to the home Region.
When you stop cross-Region aggregation, findings that were already replicated and sent to the home Region are still visible from the home Region. However, new findings and finding updates are no longer replicated and sent to the home Region.
4812 4813 4814 4815 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4812 def delete_finding_aggregator(params = {}, = {}) req = build_request(:delete_finding_aggregator, params) req.send_request() end |
#delete_insight(params = {}) ⇒ Types::DeleteInsightResponse
Deletes the insight specified by the InsightArn.
4854 4855 4856 4857 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4854 def delete_insight(params = {}, = {}) req = build_request(:delete_insight, params) req.send_request() end |
#delete_invitations(params = {}) ⇒ Types::DeleteInvitationsResponse
Deletes invitations to become a Security Hub CSPM member account.
A Security Hub CSPM administrator account can use this operation to delete invitations sent to one or more prospective member accounts.
This operation is only used to delete invitations that are sent to prospective member accounts that aren't part of an Amazon Web Services organization. Organization accounts don't receive invitations.
4923 4924 4925 4926 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4923 def delete_invitations(params = {}, = {}) req = build_request(:delete_invitations, params) req.send_request() end |
#delete_members(params = {}) ⇒ Types::DeleteMembersResponse
Deletes the specified member accounts from Security Hub CSPM.
You can invoke this API only to delete accounts that became members through invitation. You can't invoke this API to delete accounts that belong to an Organizations organization.
4976 4977 4978 4979 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 4976 def delete_members(params = {}, = {}) req = build_request(:delete_members, params) req.send_request() end |
#describe_action_targets(params = {}) ⇒ Types::DescribeActionTargetsResponse
Returns a list of the custom action targets in Security Hub CSPM in your account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
5050 5051 5052 5053 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5050 def describe_action_targets(params = {}, = {}) req = build_request(:describe_action_targets, params) req.send_request() end |
#describe_hub(params = {}) ⇒ Types::DescribeHubResponse
Returns details about the Hub resource in your account, including the
HubArn and the time when you enabled Security Hub CSPM.
5103 5104 5105 5106 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5103 def describe_hub(params = {}, = {}) req = build_request(:describe_hub, params) req.send_request() end |
#describe_organization_configuration(params = {}) ⇒ Types::DescribeOrganizationConfigurationResponse
Returns information about the way your organization is configured in Security Hub CSPM. Only the Security Hub CSPM administrator account can invoke this operation.
5152 5153 5154 5155 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5152 def describe_organization_configuration(params = {}, = {}) req = build_request(:describe_organization_configuration, params) req.send_request() end |
#describe_products(params = {}) ⇒ Types::DescribeProductsResponse
Returns information about product integrations in Security Hub CSPM.
You can optionally provide an integration ARN. If you provide an integration ARN, then the results only include that integration.
If you don't provide an integration ARN, then the results include all of the available product integrations.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
5252 5253 5254 5255 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5252 def describe_products(params = {}, = {}) req = build_request(:describe_products, params) req.send_request() end |
#describe_products_v2(params = {}) ⇒ Types::DescribeProductsV2Response
Gets information about the product integration.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
5301 5302 5303 5304 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5301 def describe_products_v2(params = {}, = {}) req = build_request(:describe_products_v2, params) req.send_request() end |
#describe_security_hub_v2(params = {}) ⇒ Types::DescribeSecurityHubV2Response
Returns details about the service resource in your account.
5326 5327 5328 5329 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5326 def describe_security_hub_v2(params = {}, = {}) req = build_request(:describe_security_hub_v2, params) req.send_request() end |
#describe_standards(params = {}) ⇒ Types::DescribeStandardsResponse
Returns a list of the available standards in Security Hub CSPM.
For each standard, the results include the standard ARN, the name, and a description.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
5422 5423 5424 5425 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5422 def describe_standards(params = {}, = {}) req = build_request(:describe_standards, params) req.send_request() end |
#describe_standards_controls(params = {}) ⇒ Types::DescribeStandardsControlsResponse
Returns a list of security standards controls.
For each control, the results include information about whether it is currently enabled, the severity, and a link to remediation information.
This operation returns an empty list for standard subscriptions where
StandardsControlsUpdatable has value NOT_READY_FOR_UPDATES.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
5533 5534 5535 5536 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5533 def describe_standards_controls(params = {}, = {}) req = build_request(:describe_standards_controls, params) req.send_request() end |
#disable_import_findings_for_product(params = {}) ⇒ Struct
Disables the integration of the specified product with Security Hub CSPM. After the integration is disabled, findings from that product are no longer sent to Security Hub CSPM.
5567 5568 5569 5570 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5567 def disable_import_findings_for_product(params = {}, = {}) req = build_request(:disable_import_findings_for_product, params) req.send_request() end |
#disable_organization_admin_account(params = {}) ⇒ Struct
Disables a Security Hub CSPM administrator account. Can only be called by the organization management account.
5606 5607 5608 5609 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5606 def disable_organization_admin_account(params = {}, = {}) req = build_request(:disable_organization_admin_account, params) req.send_request() end |
#disable_security_hub(params = {}) ⇒ Struct
Disables Security Hub CSPM in your account only in the current Amazon Web Services Region. To disable Security Hub CSPM in all Regions, you must submit one request per Region where you have enabled Security Hub CSPM.
You can't disable Security Hub CSPM in an account that is currently the Security Hub CSPM administrator.
When you disable Security Hub CSPM, your existing findings and insights and any Security Hub CSPM configuration settings are deleted after 90 days and cannot be recovered. Any standards that were enabled are disabled, and your administrator and member account associations are removed.
If you want to save your existing findings, you must export them before you disable Security Hub CSPM.
5642 5643 5644 5645 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5642 def disable_security_hub(params = {}, = {}) req = build_request(:disable_security_hub, params) req.send_request() end |
#disable_security_hub_feature_v2(params = {}) ⇒ Struct
Disables an opt-in feature for the calling account in the current Amazon Web Services Region. The operation is idempotent. If the feature is already disabled, no changes are made. You cannot disable a feature that is managed by an organization policy.
5667 5668 5669 5670 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5667 def disable_security_hub_feature_v2(params = {}, = {}) req = build_request(:disable_security_hub_feature_v2, params) req.send_request() end |
#disable_security_hub_v2(params = {}) ⇒ Struct
Disable the service for the current Amazon Web Services Region or specified Amazon Web Services Region. Disabling the service also disables all opt-in features that are currently enabled in that Region.
5683 5684 5685 5686 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5683 def disable_security_hub_v2(params = {}, = {}) req = build_request(:disable_security_hub_v2, params) req.send_request() end |
#disassociate_from_administrator_account(params = {}) ⇒ Struct
Disassociates the current Security Hub CSPM member account from the associated administrator account.
This operation is only used by accounts that are not part of an organization. For organization accounts, only the administrator account can disassociate a member account.
5709 5710 5711 5712 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5709 def disassociate_from_administrator_account(params = {}, = {}) req = build_request(:disassociate_from_administrator_account, params) req.send_request() end |
#disassociate_from_master_account(params = {}) ⇒ Struct
This method is deprecated. Instead, use
DisassociateFromAdministratorAccount.
The Security Hub CSPM console continues to use
DisassociateFromMasterAccount. It will eventually change to use
DisassociateFromAdministratorAccount. Any IAM policies that
specifically control access to this function must continue to use
DisassociateFromMasterAccount. You should also add
DisassociateFromAdministratorAccount to your policies to ensure that
the correct permissions are in place after the console begins to use
DisassociateFromAdministratorAccount.
Disassociates the current Security Hub CSPM member account from the associated administrator account.
This operation is only used by accounts that are not part of an organization. For organization accounts, only the administrator account can disassociate a member account.
5739 5740 5741 5742 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5739 def disassociate_from_master_account(params = {}, = {}) req = build_request(:disassociate_from_master_account, params) req.send_request() end |
#disassociate_members(params = {}) ⇒ Struct
Disassociates the specified member accounts from the associated administrator account.
Can be used to disassociate both accounts that are managed using Organizations and accounts that were invited manually.
5778 5779 5780 5781 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5778 def disassociate_members(params = {}, = {}) req = build_request(:disassociate_members, params) req.send_request() end |
#enable_import_findings_for_product(params = {}) ⇒ Types::EnableImportFindingsForProductResponse
Enables the integration of a partner product with Security Hub CSPM. Integrated products send findings to Security Hub CSPM.
When you enable a product integration, a permissions policy that grants permission for the product to send findings to Security Hub CSPM is applied.
5826 5827 5828 5829 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5826 def enable_import_findings_for_product(params = {}, = {}) req = build_request(:enable_import_findings_for_product, params) req.send_request() end |
#enable_organization_admin_account(params = {}) ⇒ Types::EnableOrganizationAdminAccountResponse
Designates the Security Hub CSPM administrator account for an organization. Can only be called by the organization management account.
5874 5875 5876 5877 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5874 def enable_organization_admin_account(params = {}, = {}) req = build_request(:enable_organization_admin_account, params) req.send_request() end |
#enable_security_hub(params = {}) ⇒ Struct
Enables Security Hub CSPM for your account in the current Region or the Region you specify in the request.
When you enable Security Hub CSPM, you grant to Security Hub CSPM the permissions necessary to gather findings from other services that are integrated with Security Hub CSPM.
When you use the EnableSecurityHub operation to enable Security Hub
CSPM, you also automatically enable the following standards:
Center for Internet Security (CIS) Amazon Web Services Foundations Benchmark v1.2.0
Amazon Web Services Foundational Security Best Practices
Other standards are not automatically enabled.
To opt out of automatically enabled standards, set
EnableDefaultStandards to false.
After you enable Security Hub CSPM, to enable a standard, use the
BatchEnableStandards operation. To disable a standard, use the
BatchDisableStandards operation.
To learn more, see the setup information in the Security Hub CSPM User Guide.
5967 5968 5969 5970 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5967 def enable_security_hub(params = {}, = {}) req = build_request(:enable_security_hub, params) req.send_request() end |
#enable_security_hub_feature_v2(params = {}) ⇒ Struct
Enables an opt-in feature for the calling account in the current Amazon Web Services Region. The service must be enabled before you can enable a feature. The operation is idempotent. If the feature is already enabled, no changes are made. You cannot enable a feature that is managed by an organization policy.
5993 5994 5995 5996 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 5993 def enable_security_hub_feature_v2(params = {}, = {}) req = build_request(:enable_security_hub_feature_v2, params) req.send_request() end |
#enable_security_hub_v2(params = {}) ⇒ Types::EnableSecurityHubV2Response
Enables the service in account for the current Amazon Web Services Region or specified Amazon Web Services Region.
6024 6025 6026 6027 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6024 def enable_security_hub_v2(params = {}, = {}) req = build_request(:enable_security_hub_v2, params) req.send_request() end |
#generate_recommended_policy_v2(params = {}) ⇒ Struct
Begins the recommended policy generation to remediate a Security Hub
finding. GenerateRecommendedPolicyV2 only supports findings for
unused permissions.
6049 6050 6051 6052 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6049 def generate_recommended_policy_v2(params = {}, = {}) req = build_request(:generate_recommended_policy_v2, params) req.send_request() end |
#get_administrator_account(params = {}) ⇒ Types::GetAdministratorAccountResponse
Provides the details for the Security Hub CSPM administrator account for the current member account.
Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
6093 6094 6095 6096 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6093 def get_administrator_account(params = {}, = {}) req = build_request(:get_administrator_account, params) req.send_request() end |
#get_aggregator_v2(params = {}) ⇒ Types::GetAggregatorV2Response
Returns the configuration of the specified Aggregator V2.
6128 6129 6130 6131 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6128 def get_aggregator_v2(params = {}, = {}) req = build_request(:get_aggregator_v2, params) req.send_request() end |
#get_automation_rule_v2(params = {}) ⇒ Types::GetAutomationRuleV2Response
Returns an automation rule for the V2 service.
6211 6212 6213 6214 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6211 def get_automation_rule_v2(params = {}, = {}) req = build_request(:get_automation_rule_v2, params) req.send_request() end |
#get_configuration_policy(params = {}) ⇒ Types::GetConfigurationPolicyResponse
Provides information about a configuration policy. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
6321 6322 6323 6324 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6321 def get_configuration_policy(params = {}, = {}) req = build_request(:get_configuration_policy, params) req.send_request() end |
#get_configuration_policy_association(params = {}) ⇒ Types::GetConfigurationPolicyAssociationResponse
Returns the association between a configuration and a target account, organizational unit, or the root. The configuration can be a configuration policy or self-managed behavior. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
6393 6394 6395 6396 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6393 def get_configuration_policy_association(params = {}, = {}) req = build_request(:get_configuration_policy_association, params) req.send_request() end |
#get_connector(params = {}) ⇒ Types::GetConnectorResponse
Retrieves details for a CSPM connector based on the connector ID.
6485 6486 6487 6488 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6485 def get_connector(params = {}, = {}) req = build_request(:get_connector, params) req.send_request() end |
#get_connector_v2(params = {}) ⇒ Types::GetConnectorV2Response
Grants permission to retrieve details for a connectorV2 based on connector id.
6552 6553 6554 6555 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6552 def get_connector_v2(params = {}, = {}) req = build_request(:get_connector_v2, params) req.send_request() end |
#get_enabled_standards(params = {}) ⇒ Types::GetEnabledStandardsResponse
Returns a list of the standards that are currently enabled.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
6637 6638 6639 6640 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6637 def get_enabled_standards(params = {}, = {}) req = build_request(:get_enabled_standards, params) req.send_request() end |
#get_finding_aggregator(params = {}) ⇒ Types::GetFindingAggregatorResponse
Returns the current configuration in the calling account for cross-Region aggregation. A finding aggregator is a resource that establishes the home Region and any linked Regions.
6699 6700 6701 6702 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6699 def get_finding_aggregator(params = {}, = {}) req = build_request(:get_finding_aggregator, params) req.send_request() end |
#get_finding_history(params = {}) ⇒ Types::GetFindingHistoryResponse
Returns the history of a Security Hub CSPM finding. The history
includes changes made to any fields in the Amazon Web Services
Security Finding Format (ASFF) except top-level timestamp fields, such
as the CreatedAt and UpdatedAt fields.
This operation might return fewer results than the maximum number of
results (MaxResults) specified in a request, even when more results
are available. If this occurs, the response includes a NextToken
value, which you should use to retrieve the next set of results in the
response. The presence of a NextToken value in a response doesn't
necessarily indicate that the results are incomplete. However, you
should continue to specify a NextToken value until you receive a
response that doesn't include this value.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
6861 6862 6863 6864 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 6861 def get_finding_history(params = {}, = {}) req = build_request(:get_finding_history, params) req.send_request() end |
#get_finding_statistics_v2(params = {}) ⇒ Types::GetFindingStatisticsV2Response
Returns aggregated statistical data about findings.
You can use the Scopes parameter to define the data boundary for the
query. Currently, Scopes supports AwsOrganizations, which lets you
aggregate findings from your entire organization or from specific
organizational units. Only the delegated administrator account can use
Scopes.
GetFindingStatisticsV2 uses securityhub:GetAdhocInsightResults in
the Action element of an IAM policy statement. You must have
permission to perform the securityhub:GetAdhocInsightResults action.
7013 7014 7015 7016 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 7013 def get_finding_statistics_v2(params = {}, = {}) req = build_request(:get_finding_statistics_v2, params) req.send_request() end |
#get_findings(params = {}) ⇒ Types::GetFindingsResponse
Returns a list of findings that match the specified criteria.
If cross-Region aggregation is enabled, then when you call
GetFindings from the home Region, the results include all of the
matching findings from both the home Region and linked Regions.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
7907 7908 7909 7910 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 7907 def get_findings(params = {}, = {}) req = build_request(:get_findings, params) req.send_request() end |
#get_findings_trends_v2(params = {}) ⇒ Types::GetFindingsTrendsV2Response
Returns findings trend data based on the specified criteria. This operation helps you analyze patterns and changes in findings over time.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
7991 7992 7993 7994 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 7991 def get_findings_trends_v2(params = {}, = {}) req = build_request(:get_findings_trends_v2, params) req.send_request() end |
#get_findings_v2(params = {}) ⇒ Types::GetFindingsV2Response
Returns a list of findings that match the specified criteria.
You can use the Scopes parameter to define the data boundary for the
query. Currently, Scopes supports AwsOrganizations, which lets you
retrieve findings from your entire organization or from specific
organizational units. Only the delegated administrator account can use
Scopes.
You can use the Filters parameter to refine results based on finding
attributes. You can use Scopes and Filters independently or
together. When both are provided, Scopes narrows the data set first,
and then Filters refines results within that scoped data set.
GetFindings and GetFindingsV2 both use securityhub:GetFindings
in the Action element of an IAM policy statement. You must have
permission to perform the securityhub:GetFindings action.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
8154 8155 8156 8157 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8154 def get_findings_v2(params = {}, = {}) req = build_request(:get_findings_v2, params) req.send_request() end |
#get_insight_results(params = {}) ⇒ Types::GetInsightResultsResponse
Lists the results of the Security Hub CSPM insight specified by the insight ARN.
8214 8215 8216 8217 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8214 def get_insight_results(params = {}, = {}) req = build_request(:get_insight_results, params) req.send_request() end |
#get_insights(params = {}) ⇒ Types::GetInsightsResponse
Lists and describes insights for the specified insight ARNs.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
8680 8681 8682 8683 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8680 def get_insights(params = {}, = {}) req = build_request(:get_insights, params) req.send_request() end |
#get_invitations_count(params = {}) ⇒ Types::GetInvitationsCountResponse
Returns the count of all Security Hub CSPM membership invitations that were sent to the calling member account, not including the currently accepted invitation.
8726 8727 8728 8729 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8726 def get_invitations_count(params = {}, = {}) req = build_request(:get_invitations_count, params) req.send_request() end |
#get_master_account(params = {}) ⇒ Types::GetMasterAccountResponse
This method is deprecated. Instead, use GetAdministratorAccount.
The Security Hub CSPM console continues to use GetMasterAccount. It
will eventually change to use GetAdministratorAccount. Any IAM
policies that specifically control access to this function must
continue to use GetMasterAccount. You should also add
GetAdministratorAccount to your policies to ensure that the correct
permissions are in place after the console begins to use
GetAdministratorAccount.
Provides the details for the Security Hub CSPM administrator account for the current member account.
Can be used by both member accounts that are managed using Organizations and accounts that were invited manually.
8762 8763 8764 8765 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8762 def get_master_account(params = {}, = {}) req = build_request(:get_master_account, params) req.send_request() end |
#get_members(params = {}) ⇒ Types::GetMembersResponse
Returns the details for the Security Hub CSPM member accounts for the specified account IDs.
An administrator account can be either the delegated Security Hub CSPM administrator account for an organization or an administrator account that enabled Security Hub CSPM manually.
The results include both member accounts that are managed using Organizations and accounts that were invited manually.
8848 8849 8850 8851 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8848 def get_members(params = {}, = {}) req = build_request(:get_members, params) req.send_request() end |
#get_recommended_policy_v2(params = {}) ⇒ Types::GetRecommendedPolicyV2Response
Retrieves the recommended policy to remediate a Security Hub finding.
GetRecommendedPolicyV2 only supports findings for unused
permissions.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
8909 8910 8911 8912 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 8909 def get_recommended_policy_v2(params = {}, = {}) req = build_request(:get_recommended_policy_v2, params) req.send_request() end |
#get_resources_statistics_v2(params = {}) ⇒ Types::GetResourcesStatisticsV2Response
Retrieves statistical information about Amazon Web Services resources and their associated security findings.
You can use the Scopes parameter to define the data boundary for the
query. Currently, Scopes supports AwsOrganizations, which lets you
aggregate resources from your entire organization or from specific
organizational units. Only the delegated administrator account can use
Scopes.
9040 9041 9042 9043 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9040 def get_resources_statistics_v2(params = {}, = {}) req = build_request(:get_resources_statistics_v2, params) req.send_request() end |
#get_resources_trends_v2(params = {}) ⇒ Types::GetResourcesTrendsV2Response
Returns resource trend data based on the specified criteria. This operation helps you analyze patterns and changes in resource compliance over time.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
9117 9118 9119 9120 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9117 def get_resources_trends_v2(params = {}, = {}) req = build_request(:get_resources_trends_v2, params) req.send_request() end |
#get_resources_v2(params = {}) ⇒ Types::GetResourcesV2Response
Returns a list of resources.
You can use the Scopes parameter to define the data boundary for the
query. Currently, Scopes supports AwsOrganizations, which lets you
retrieve resources from your entire organization or from specific
organizational units. Only the delegated administrator account can use
Scopes.
You can use the Filters parameter to refine results based on
resource attributes. You can use Scopes and Filters independently
or together. When both are provided, Scopes narrows the data set
first, and then Filters refines results within that scoped data set.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
9287 9288 9289 9290 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9287 def get_resources_v2(params = {}, = {}) req = build_request(:get_resources_v2, params) req.send_request() end |
#get_security_control_definition(params = {}) ⇒ Types::GetSecurityControlDefinitionResponse
Retrieves the definition of a security control. The definition includes the control title, description, Region availability, parameter definitions, and other details.
9389 9390 9391 9392 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9389 def get_security_control_definition(params = {}, = {}) req = build_request(:get_security_control_definition, params) req.send_request() end |
#invite_members(params = {}) ⇒ Types::InviteMembersResponse
Invites other Amazon Web Services accounts to become member accounts for the Security Hub CSPM administrator account that the invitation is sent from.
This operation is only used to invite accounts that don't belong to an Amazon Web Services organization. Organization accounts don't receive invitations.
Before you can use this action to invite a member, you must first use
the CreateMembers action to create the member account in Security
Hub CSPM.
When the account owner enables Security Hub CSPM and accepts the invitation to become a member account, the administrator account can view the findings generated in the member account.
9465 9466 9467 9468 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9465 def invite_members(params = {}, = {}) req = build_request(:invite_members, params) req.send_request() end |
#list_aggregators_v2(params = {}) ⇒ Types::ListAggregatorsV2Response
Retrieves a list of V2 aggregators.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
9505 9506 9507 9508 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9505 def list_aggregators_v2(params = {}, = {}) req = build_request(:list_aggregators_v2, params) req.send_request() end |
#list_automation_rules(params = {}) ⇒ Types::ListAutomationRulesResponse
A list of automation rules and their metadata for the calling account.
9589 9590 9591 9592 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9589 def list_automation_rules(params = {}, = {}) req = build_request(:list_automation_rules, params) req.send_request() end |
#list_automation_rules_v2(params = {}) ⇒ Types::ListAutomationRulesV2Response
Returns a list of automation rules and metadata for the calling account.
9637 9638 9639 9640 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9637 def list_automation_rules_v2(params = {}, = {}) req = build_request(:list_automation_rules_v2, params) req.send_request() end |
#list_configuration_policies(params = {}) ⇒ Types::ListConfigurationPoliciesResponse
Lists the configuration policies that the Security Hub CSPM delegated administrator has created for your organization. Only the delegated administrator can invoke this operation from the home Region.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
9719 9720 9721 9722 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9719 def list_configuration_policies(params = {}, = {}) req = build_request(:list_configuration_policies, params) req.send_request() end |
#list_configuration_policy_associations(params = {}) ⇒ Types::ListConfigurationPolicyAssociationsResponse
Provides information about the associations for your configuration policies and self-managed behavior. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
9817 9818 9819 9820 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9817 def list_configuration_policy_associations(params = {}, = {}) req = build_request(:list_configuration_policy_associations, params) req.send_request() end |
#list_connectors(params = {}) ⇒ Types::ListConnectorsResponse
Lists the CSPM connectors and their metadata for the calling account.
9903 9904 9905 9906 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9903 def list_connectors(params = {}, = {}) req = build_request(:list_connectors, params) req.send_request() end |
#list_connectors_v2(params = {}) ⇒ Types::ListConnectorsV2Response
Grants permission to retrieve a list of connectorsV2 and their metadata for the calling account.
9973 9974 9975 9976 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 9973 def list_connectors_v2(params = {}, = {}) req = build_request(:list_connectors_v2, params) req.send_request() end |
#list_enabled_products_for_import(params = {}) ⇒ Types::ListEnabledProductsForImportResponse
Lists all findings-generating solutions (products) that you are subscribed to receive findings from in Security Hub CSPM.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10034 10035 10036 10037 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10034 def list_enabled_products_for_import(params = {}, = {}) req = build_request(:list_enabled_products_for_import, params) req.send_request() end |
#list_finding_aggregators(params = {}) ⇒ Types::ListFindingAggregatorsResponse
If cross-Region aggregation is enabled, then ListFindingAggregators
returns the Amazon Resource Name (ARN) of the finding aggregator. You
can run this operation from any Amazon Web Services Region.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10092 10093 10094 10095 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10092 def list_finding_aggregators(params = {}, = {}) req = build_request(:list_finding_aggregators, params) req.send_request() end |
#list_invitations(params = {}) ⇒ Types::ListInvitationsResponse
Lists all Security Hub CSPM membership invitations that were sent to the calling account.
Only accounts that are managed by invitation can use this operation. Accounts that are managed using the integration with Organizations don't receive invitations.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10175 10176 10177 10178 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10175 def list_invitations(params = {}, = {}) req = build_request(:list_invitations, params) req.send_request() end |
#list_members(params = {}) ⇒ Types::ListMembersResponse
Lists details about all member accounts for the current Security Hub CSPM administrator account.
The results include both member accounts that belong to an organization and member accounts that were invited manually.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10271 10272 10273 10274 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10271 def list_members(params = {}, = {}) req = build_request(:list_members, params) req.send_request() end |
#list_organization_admin_accounts(params = {}) ⇒ Types::ListOrganizationAdminAccountsResponse
Lists the Security Hub CSPM administrator accounts. Can only be called by the organization management account.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10342 10343 10344 10345 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10342 def list_organization_admin_accounts(params = {}, = {}) req = build_request(:list_organization_admin_accounts, params) req.send_request() end |
#list_security_control_definitions(params = {}) ⇒ Types::ListSecurityControlDefinitionsResponse
Lists all of the security controls that apply to a specified standard.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10482 10483 10484 10485 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10482 def list_security_control_definitions(params = {}, = {}) req = build_request(:list_security_control_definitions, params) req.send_request() end |
#list_standards_control_associations(params = {}) ⇒ Types::ListStandardsControlAssociationsResponse
Specifies whether a control is currently enabled or disabled in each enabled standard in the calling account.
This operation omits standards control associations for standard
subscriptions where StandardsControlsUpdatable has value
NOT_READY_FOR_UPDATES.
The returned response is a pageable response and is Enumerable. For details on usage see PageableResponse.
10591 10592 10593 10594 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10591 def list_standards_control_associations(params = {}, = {}) req = build_request(:list_standards_control_associations, params) req.send_request() end |
#list_tags_for_resource(params = {}) ⇒ Types::ListTagsForResourceResponse
Returns a list of tags associated with a resource.
10637 10638 10639 10640 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10637 def (params = {}, = {}) req = build_request(:list_tags_for_resource, params) req.send_request() end |
#register_connector_v2(params = {}) ⇒ Types::RegisterConnectorV2Response
Grants permission to complete the authorization based on input parameters.
10674 10675 10676 10677 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10674 def register_connector_v2(params = {}, = {}) req = build_request(:register_connector_v2, params) req.send_request() end |
#start_configuration_policy_association(params = {}) ⇒ Types::StartConfigurationPolicyAssociationResponse
Associates a target account, organizational unit, or the root with a specified configuration. The target can be associated with a configuration policy or self-managed behavior. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
10753 10754 10755 10756 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10753 def start_configuration_policy_association(params = {}, = {}) req = build_request(:start_configuration_policy_association, params) req.send_request() end |
#start_configuration_policy_disassociation(params = {}) ⇒ Struct
Disassociates a target account, organizational unit, or the root from a specified configuration. When you disassociate a configuration from its target, the target inherits the configuration of the closest parent. If there’s no configuration to inherit, the target retains its settings but becomes a self-managed account. A target can be disassociated from a configuration policy or self-managed behavior. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
10806 10807 10808 10809 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10806 def start_configuration_policy_disassociation(params = {}, = {}) req = build_request(:start_configuration_policy_disassociation, params) req.send_request() end |
#tag_resource(params = {}) ⇒ Struct
Adds one or more tags to a resource.
10849 10850 10851 10852 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10849 def tag_resource(params = {}, = {}) req = build_request(:tag_resource, params) req.send_request() end |
#untag_resource(params = {}) ⇒ Struct
Removes one or more tags from a resource.
10888 10889 10890 10891 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10888 def untag_resource(params = {}, = {}) req = build_request(:untag_resource, params) req.send_request() end |
#update_action_target(params = {}) ⇒ Struct
Updates the name and description of a custom action target in Security Hub CSPM.
10931 10932 10933 10934 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10931 def update_action_target(params = {}, = {}) req = build_request(:update_action_target, params) req.send_request() end |
#update_aggregator_v2(params = {}) ⇒ Types::UpdateAggregatorV2Response
Udpates the configuration for the Aggregator V2.
10975 10976 10977 10978 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 10975 def update_aggregator_v2(params = {}, = {}) req = build_request(:update_aggregator_v2, params) req.send_request() end |
#update_automation_rule_v2(params = {}) ⇒ Struct
Updates a V2 automation rule.
11106 11107 11108 11109 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 11106 def update_automation_rule_v2(params = {}, = {}) req = build_request(:update_automation_rule_v2, params) req.send_request() end |
#update_configuration_policy(params = {}) ⇒ Types::UpdateConfigurationPolicyResponse
Updates a configuration policy. Only the Security Hub CSPM delegated administrator can invoke this operation from the home Region.
11307 11308 11309 11310 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 11307 def update_configuration_policy(params = {}, = {}) req = build_request(:update_configuration_policy, params) req.send_request() end |
#update_connector(params = {}) ⇒ Types::UpdateConnectorResponse
Updates a CSPM connector's configuration, such as the scope or regions for the connected cloud provider.
11386 11387 11388 11389 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 11386 def update_connector(params = {}, = {}) req = build_request(:update_connector, params) req.send_request() end |
#update_connector_v2(params = {}) ⇒ Types::UpdateConnectorV2Response
Grants permission to update a connectorV2 based on its id and input parameters.
11439 11440 11441 11442 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 11439 def update_connector_v2(params = {}, = {}) req = build_request(:update_connector_v2, params) req.send_request() end |
#update_finding_aggregator(params = {}) ⇒ Types::UpdateFindingAggregatorResponse
Updates cross-Region aggregation settings. You can use this operation to update the Region linking mode and the list of included or excluded Amazon Web Services Regions. However, you can't use this operation to change the home Region.
You can invoke this operation from the current home Region only.
11554 11555 11556 11557 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 11554 def update_finding_aggregator(params = {}, = {}) req = build_request(:update_finding_aggregator, params) req.send_request() end |
#update_findings(params = {}) ⇒ Struct
UpdateFindings is a deprecated operation. Instead of
UpdateFindings, use the BatchUpdateFindings operation.
The UpdateFindings operation updates the Note and RecordState of
the Security Hub CSPM aggregated findings that the filter attributes
specify. Any member account that can view the finding can also see the
update to the finding.
Finding updates made with UpdateFindings aren't persisted if the
same finding is later updated by the finding provider through the
BatchImportFindings operation. In addition, Security Hub CSPM
doesn't record updates made with UpdateFindings in the finding
history.
12324 12325 12326 12327 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 12324 def update_findings(params = {}, = {}) req = build_request(:update_findings, params) req.send_request() end |
#update_insight(params = {}) ⇒ Struct
Updates the Security Hub CSPM insight identified by the specified insight ARN.
13107 13108 13109 13110 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 13107 def update_insight(params = {}, = {}) req = build_request(:update_insight, params) req.send_request() end |
#update_organization_configuration(params = {}) ⇒ Struct
Updates the configuration of your organization in Security Hub CSPM. Only the Security Hub CSPM administrator account can invoke this operation.
13189 13190 13191 13192 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 13189 def update_organization_configuration(params = {}, = {}) req = build_request(:update_organization_configuration, params) req.send_request() end |
#update_security_control(params = {}) ⇒ Struct
Updates the properties of a security control.
13257 13258 13259 13260 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 13257 def update_security_control(params = {}, = {}) req = build_request(:update_security_control, params) req.send_request() end |
#update_security_hub_configuration(params = {}) ⇒ Struct
Updates configuration options for Security Hub CSPM.
13319 13320 13321 13322 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 13319 def update_security_hub_configuration(params = {}, = {}) req = build_request(:update_security_hub_configuration, params) req.send_request() end |
#update_standards_control(params = {}) ⇒ Struct
Used to control whether an individual security standard control is enabled or disabled.
Calls to this operation return a RESOURCE_NOT_FOUND_EXCEPTION error
when the standard subscription for the control has
StandardsControlsUpdatable value NOT_READY_FOR_UPDATES.
13366 13367 13368 13369 |
# File 'gems/aws-sdk-securityhub/lib/aws-sdk-securityhub/client.rb', line 13366 def update_standards_control(params = {}, = {}) req = build_request(:update_standards_control, params) req.send_request() end |