When you create a custom action in AWS Security Hub, you specify its name, description, and a unique identifier.
A custom action specifies which actions to take when an EventBridge event matches an EventBridge rule. Security Hub sends each finding to EventBridge as an event.
Choose your preferred method, and follow the steps to create a custom action.
To create a custom action in Security Hub (console)
Open the AWS Security Hub console at https://console.aws.amazon.com/securityhub/
. -
In the navigation pane, choose Settings and then choose Custom actions.
-
Choose Create custom action.
-
Provide a Name, Description, and Custom action ID for the action.
The Name must be fewer than 20 characters.
The Custom action ID must be unique for each AWS account.
-
Choose Create custom action.
-
Make a note of the Custom action ARN. You need to use the ARN when you create a rule to associate with this action in EventBridge.