Amazon AWS Security Hub

9 min

aws security hub provides you with a comprehensive view of your security state in aws and helps you check your environment against security industry standards and best practices security hub collects security data from across aws accounts, services, and supported third party partner products and helps you analyze your security trends and identify the highest priority security issues capabilities this connector provides the following capabilities get findings get insights configurations aws security hub authenticates using aws credentials configuration parameters parameter description type required aws access key id a specific aws access key id string required aws secret access key a specific aws secret access key string required region name the aws region where you want to create new connections string required role arn arn role string required actions get findings get findings endpoint method get input argument name type required description filters object optional parameter for get findings filters awsaccountid array optional unique identifier filters awsaccountid comparison string optional unique identifier filters awsaccountid value string optional unique identifier filters companyname array optional name of the resource filters companyname comparison string optional name of the resource filters companyname value string optional name of the resource filters complianceassociatedstandardsid array optional unique identifier filters complianceassociatedstandardsid comparison string optional unique identifier filters complianceassociatedstandardsid value string optional unique identifier filters compliancesecuritycontrolid array optional unique identifier filters compliancesecuritycontrolid comparison string optional unique identifier filters compliancesecuritycontrolid value string optional unique identifier filters compliancestatus array optional status value filters compliancestatus comparison string optional status value filters compliancestatus value string optional status value filters confidence array optional unique identifier filters confidence eq number optional unique identifier filters confidence gte number optional unique identifier filters confidence lte number optional unique identifier filters createdat array optional parameter for get findings filters createdat daterange object optional parameter for get findings filters createdat daterange unit string optional parameter for get findings filters createdat daterange value number optional value for the parameter filters createdat end string optional parameter for get findings input example {"filters" {"awsaccountid" \[{"comparison" "string","value" "string"}],"companyname" \[{"comparison" "string","value" "string"}],"complianceassociatedstandardsid" \[{"comparison" "string","value" "string"}],"compliancesecuritycontrolid" \[{"comparison" "string","value" "string"}],"compliancestatus" \[{"comparison" "string","value" "string"}],"confidence" \[{"eq" 123,"gte" 123,"lte" 123}],"createdat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"criticality" \[{"eq" 123,"gte" 123,"lte" 123}],"description" \[{"comparison" "string","value" "string"}],"findingproviderfieldsconfidence" \[{"eq" 123,"gte" 123,"lte" 123}],"findingproviderfieldscriticality" \[{"eq" 123,"gte" 123,"lte" 123}],"findingproviderfieldsrelatedfindingsid" \[{"comparison" "string","value" "string"}],"findingproviderfieldsrelatedfindingsproductarn" \[{"comparison" "string","value" "string"}],"findingproviderfieldsseveritylabel" \[{"comparison" "string","value" "string"}],"findingproviderfieldsseverityoriginal" \[{"comparison" "string","value" "string"}],"findingproviderfieldstypes" \[{"comparison" "string","value" "string"}],"firstobservedat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"generatorid" \[{"comparison" "string","value" "string"}],"id" \[{"comparison" "string","value" "string"}],"keyword" \[{"value" "string"}],"lastobservedat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"malwarename" \[{"comparison" "string","value" "string"}],"malwarepath" \[{"comparison" "string","value" "string"}],"malwarestate" \[{"comparison" "string","value" "string"}],"malwaretype" \[{"comparison" "string","value" "string"}],"networkdestinationdomain" \[{"comparison" "string","value" "string"}],"networkdestinationipv4" \[{"cidr" "string"}],"networkdestinationipv6" \[{"cidr" "string"}],"networkdestinationport" \[{"eq" 123,"gte" 123,"lte" 123}],"networkdirection" \[{"comparison" "string","value" "string"}],"networkprotocol" \[{"comparison" "string","value" "string"}],"networksourcedomain" \[{"comparison" "string","value" "string"}],"networksourceipv4" \[{"cidr" "string"}],"networksourceipv6" \[{"cidr" "string"}],"networksourcemac" \[{"comparison" "string","value" "string"}],"networksourceport" \[{"eq" 123,"gte" 123,"lte" 123}],"notetext" \[{"comparison" "string","value" "string"}],"noteupdatedat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"noteupdatedby" \[{"comparison" "string","value" "string"}],"processlaunchedat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"processname" \[{"comparison" "string","value" "string"}],"processparentpid" \[{"eq" 123,"gte" 123,"lte" 123}],"processpath" \[{"comparison" "string","value" "string"}],"processpid" \[{"eq" 123,"gte" 123,"lte" 123}],"processterminatedat" \[{"daterange" {"unit" "string","value" 123},"end" "string","start" "string"}],"productarn" \[{"comparison" "string","value" "string"}],"productfields" \[{"comparison" "string","key" "string","value" "string"}],"productname" \[{"comparison" "string","value" "string"}],"recommendationtext" \[{"comparison" "string","value" "string"}],"recordstate" \[{"comparison" "string","value" "string"}]},"maxresults" 123,"nexttoken" "string","sortcriteria" \[{"field" "string","sortorder" "string"}]} get insights lists and describes insights for the specified insight arns endpoint method get input argument name type required description insightarns array optional parameter for get insights paginationconfig object optional parameter for get insights paginationconfig maxitems number optional parameter for get insights paginationconfig pagesize number optional parameter for get insights paginationconfig startingtoken string optional parameter for get insights input example {"insightarns" \["string"],"paginationconfig" {"maxitems" 123,"pagesize" 123,"startingtoken" "string"}} response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt