AWS SDK for PHP 3.x
  • Namespace
  • Class
Did this page help you? SUBMIT FEEDBACK!

Namespaces

  • Aws
    • Acm
      • Exception
    • ACMPCA
      • Exception
    • AlexaForBusiness
      • Exception
    • Amplify
      • Exception
    • Api
      • ErrorParser
      • Parser
        • Exception
      • Serializer
    • ApiGateway
      • Exception
    • ApiGatewayManagementApi
      • Exception
    • ApiGatewayV2
      • Exception
    • ApplicationAutoScaling
      • Exception
    • ApplicationDiscoveryService
      • Exception
    • AppMesh
      • Exception
    • Appstream
      • Exception
    • AppSync
      • Exception
    • Athena
      • Exception
    • AutoScaling
      • Exception
    • AutoScalingPlans
      • Exception
    • Backup
      • Exception
    • Batch
      • Exception
    • Budgets
      • Exception
    • Chime
      • Exception
    • ClientSideMonitoring
      • Exception
    • Cloud9
      • Exception
    • CloudDirectory
      • Exception
    • CloudFormation
      • Exception
    • CloudFront
      • Exception
    • CloudHsm
      • Exception
    • CloudHSMV2
      • Exception
    • CloudSearch
      • Exception
    • CloudSearchDomain
      • Exception
    • CloudTrail
      • Exception
    • CloudWatch
      • Exception
    • CloudWatchEvents
      • Exception
    • CloudWatchLogs
      • Exception
    • CodeBuild
      • Exception
    • CodeCommit
      • Exception
    • CodeDeploy
      • Exception
    • CodePipeline
      • Exception
    • CodeStar
      • Exception
    • CognitoIdentity
      • Exception
    • CognitoIdentityProvider
      • Exception
    • CognitoSync
      • Exception
    • Comprehend
      • Exception
    • ComprehendMedical
      • Exception
    • ConfigService
      • Exception
    • Connect
      • Exception
    • CostandUsageReportService
      • Exception
    • CostExplorer
      • Exception
    • Credentials
    • Crypto
      • Cipher
    • DatabaseMigrationService
      • Exception
    • DataPipeline
      • Exception
    • DataSync
      • Exception
    • DAX
      • Exception
    • DeviceFarm
      • Exception
    • DirectConnect
      • Exception
    • DirectoryService
      • Exception
    • DLM
      • Exception
    • DocDB
      • Exception
    • DynamoDb
      • Exception
    • DynamoDbStreams
      • Exception
    • Ec2
      • Exception
    • Ecr
      • Exception
    • Ecs
      • Exception
    • Efs
      • Exception
    • EKS
      • Exception
    • ElastiCache
      • Exception
    • ElasticBeanstalk
      • Exception
    • ElasticLoadBalancing
      • Exception
    • ElasticLoadBalancingV2
      • Exception
    • ElasticsearchService
      • Exception
    • ElasticTranscoder
      • Exception
    • Emr
      • Exception
    • Endpoint
    • EndpointDiscovery
      • Exception
    • Exception
    • Firehose
      • Exception
    • FMS
      • Exception
    • FSx
      • Exception
    • GameLift
      • Exception
    • Glacier
      • Exception
    • GlobalAccelerator
      • Exception
    • Glue
      • Exception
    • Greengrass
      • Exception
    • GroundStation
      • Exception
    • GuardDuty
      • Exception
    • Handler
      • GuzzleV5
      • GuzzleV6
    • Health
      • Exception
    • Iam
      • Exception
    • ImportExport
      • Exception
    • Inspector
      • Exception
    • Iot
      • Exception
    • IoT1ClickDevicesService
      • Exception
    • IoT1ClickProjects
      • Exception
    • IoTAnalytics
      • Exception
    • IotDataPlane
      • Exception
    • IoTEvents
      • Exception
    • IoTEventsData
      • Exception
    • IoTJobsDataPlane
      • Exception
    • IoTThingsGraph
      • Exception
    • Kafka
      • Exception
    • Kinesis
      • Exception
    • KinesisAnalytics
      • Exception
    • KinesisAnalyticsV2
      • Exception
    • KinesisVideo
      • Exception
    • KinesisVideoArchivedMedia
      • Exception
    • KinesisVideoMedia
      • Exception
    • Kms
      • Exception
    • Lambda
      • Exception
    • LexModelBuildingService
      • Exception
    • LexRuntimeService
      • Exception
    • LicenseManager
      • Exception
    • Lightsail
      • Exception
    • MachineLearning
      • Exception
    • Macie
      • Exception
    • ManagedBlockchain
      • Exception
    • MarketplaceCommerceAnalytics
      • Exception
    • MarketplaceEntitlementService
      • Exception
    • MarketplaceMetering
      • Exception
    • MediaConnect
      • Exception
    • MediaConvert
      • Exception
    • MediaLive
      • Exception
    • MediaPackage
      • Exception
    • MediaPackageVod
      • Exception
    • MediaStore
      • Exception
    • MediaStoreData
      • Exception
    • MediaTailor
      • Exception
    • MigrationHub
      • Exception
    • Mobile
      • Exception
    • MQ
      • Exception
    • MTurk
      • Exception
    • Multipart
    • Neptune
      • Exception
    • OpsWorks
      • Exception
    • OpsWorksCM
      • Exception
    • Organizations
      • Exception
    • Personalize
      • Exception
    • PersonalizeEvents
      • Exception
    • PersonalizeRuntime
      • Exception
    • PI
      • Exception
    • Pinpoint
      • Exception
    • PinpointEmail
      • Exception
    • PinpointSMSVoice
      • Exception
    • Polly
      • Exception
    • Pricing
      • Exception
    • QuickSight
      • Exception
    • RAM
      • Exception
    • Rds
      • Exception
    • RDSDataService
      • Exception
    • Redshift
      • Exception
    • Rekognition
      • Exception
    • ResourceGroups
      • Exception
    • ResourceGroupsTaggingAPI
      • Exception
    • RoboMaker
      • Exception
    • Route53
      • Exception
    • Route53Domains
      • Exception
    • Route53Resolver
      • Exception
    • S3
      • Crypto
      • Exception
    • S3Control
      • Exception
    • SageMaker
      • Exception
    • SageMakerRuntime
      • Exception
    • SecretsManager
      • Exception
    • SecurityHub
      • Exception
    • ServerlessApplicationRepository
      • Exception
    • ServiceCatalog
      • Exception
    • ServiceDiscovery
      • Exception
    • Ses
      • Exception
    • Sfn
      • Exception
    • Shield
      • Exception
    • Signature
    • signer
      • Exception
    • Sms
      • Exception
    • SnowBall
      • Exception
    • Sns
      • Exception
    • Sqs
      • Exception
    • Ssm
      • Exception
    • StorageGateway
      • Exception
    • Sts
      • Exception
    • Support
      • Exception
    • Swf
      • Exception
    • Textract
      • Exception
    • TranscribeService
      • Exception
    • Transfer
      • Exception
    • Translate
      • Exception
    • Waf
      • Exception
    • WafRegional
      • Exception
    • WorkDocs
      • Exception
    • WorkLink
      • Exception
    • WorkMail
      • Exception
    • WorkSpaces
      • Exception
    • XRay
      • Exception
  • GuzzleHttp
    • Promise
    • Psr7
  • Psr
    • Http
      • Message

Classes

  • Aws\Acm\AcmClient
  • Aws\ACMPCA\ACMPCAClient
  • Aws\AlexaForBusiness\AlexaForBusinessClient
  • Aws\Amplify\AmplifyClient
  • Aws\Api\AbstractModel
  • Aws\Api\ApiProvider
  • Aws\Api\DateTimeResult
  • Aws\Api\DocModel
  • Aws\Api\ErrorParser\JsonRpcErrorParser
  • Aws\Api\ErrorParser\RestJsonErrorParser
  • Aws\Api\ErrorParser\XmlErrorParser
  • Aws\Api\ListShape
  • Aws\Api\MapShape
  • Aws\Api\Operation
  • Aws\Api\Parser\Crc32ValidatingParser
  • Aws\Api\Parser\DecodingEventStreamIterator
  • Aws\Api\Parser\EventParsingIterator
  • Aws\Api\Parser\JsonParser
  • Aws\Api\Parser\JsonRpcParser
  • Aws\Api\Parser\QueryParser
  • Aws\Api\Parser\RestJsonParser
  • Aws\Api\Parser\RestXmlParser
  • Aws\Api\Parser\XmlParser
  • Aws\Api\Serializer\XmlBody
  • Aws\Api\Service
  • Aws\Api\Shape
  • Aws\Api\ShapeMap
  • Aws\Api\StructureShape
  • Aws\Api\TimestampShape
  • Aws\Api\Validator
  • Aws\ApiGateway\ApiGatewayClient
  • Aws\ApiGatewayManagementApi\ApiGatewayManagementApiClient
  • Aws\ApiGatewayV2\ApiGatewayV2Client
  • Aws\ApplicationAutoScaling\ApplicationAutoScalingClient
  • Aws\ApplicationDiscoveryService\ApplicationDiscoveryServiceClient
  • Aws\AppMesh\AppMeshClient
  • Aws\Appstream\AppstreamClient
  • Aws\AppSync\AppSyncClient
  • Aws\Athena\AthenaClient
  • Aws\AutoScaling\AutoScalingClient
  • Aws\AutoScalingPlans\AutoScalingPlansClient
  • Aws\AwsClient
  • Aws\Backup\BackupClient
  • Aws\Batch\BatchClient
  • Aws\Budgets\BudgetsClient
  • Aws\Chime\ChimeClient
  • Aws\ClientResolver
  • Aws\ClientSideMonitoring\Configuration
  • Aws\ClientSideMonitoring\ConfigurationProvider
  • Aws\Cloud9\Cloud9Client
  • Aws\CloudDirectory\CloudDirectoryClient
  • Aws\CloudFormation\CloudFormationClient
  • Aws\CloudFront\CloudFrontClient
  • Aws\CloudFront\CookieSigner
  • Aws\CloudFront\UrlSigner
  • Aws\CloudHsm\CloudHsmClient
  • Aws\CloudHSMV2\CloudHSMV2Client
  • Aws\CloudSearch\CloudSearchClient
  • Aws\CloudSearchDomain\CloudSearchDomainClient
  • Aws\CloudTrail\CloudTrailClient
  • Aws\CloudTrail\LogFileIterator
  • Aws\CloudTrail\LogFileReader
  • Aws\CloudTrail\LogRecordIterator
  • Aws\CloudWatch\CloudWatchClient
  • Aws\CloudWatchEvents\CloudWatchEventsClient
  • Aws\CloudWatchLogs\CloudWatchLogsClient
  • Aws\CodeBuild\CodeBuildClient
  • Aws\CodeCommit\CodeCommitClient
  • Aws\CodeDeploy\CodeDeployClient
  • Aws\CodePipeline\CodePipelineClient
  • Aws\CodeStar\CodeStarClient
  • Aws\CognitoIdentity\CognitoIdentityClient
  • Aws\CognitoIdentity\CognitoIdentityProvider
  • Aws\CognitoIdentityProvider\CognitoIdentityProviderClient
  • Aws\CognitoSync\CognitoSyncClient
  • Aws\Command
  • Aws\CommandPool
  • Aws\Comprehend\ComprehendClient
  • Aws\ComprehendMedical\ComprehendMedicalClient
  • Aws\ConfigService\ConfigServiceClient
  • Aws\Connect\ConnectClient
  • Aws\CostandUsageReportService\CostandUsageReportServiceClient
  • Aws\CostExplorer\CostExplorerClient
  • Aws\Credentials\AssumeRoleCredentialProvider
  • Aws\Credentials\CredentialProvider
  • Aws\Credentials\Credentials
  • Aws\Credentials\EcsCredentialProvider
  • Aws\Credentials\InstanceProfileProvider
  • Aws\Crypto\AesDecryptingStream
  • Aws\Crypto\AesEncryptingStream
  • Aws\Crypto\AesGcmDecryptingStream
  • Aws\Crypto\AesGcmEncryptingStream
  • Aws\Crypto\Cipher\Cbc
  • Aws\Crypto\KmsMaterialsProvider
  • Aws\Crypto\MaterialsProvider
  • Aws\DatabaseMigrationService\DatabaseMigrationServiceClient
  • Aws\DataPipeline\DataPipelineClient
  • Aws\DataSync\DataSyncClient
  • Aws\DAX\DAXClient
  • Aws\DeviceFarm\DeviceFarmClient
  • Aws\DirectConnect\DirectConnectClient
  • Aws\DirectoryService\DirectoryServiceClient
  • Aws\DLM\DLMClient
  • Aws\DocDB\DocDBClient
  • Aws\DoctrineCacheAdapter
  • Aws\DynamoDb\BinaryValue
  • Aws\DynamoDb\DynamoDbClient
  • Aws\DynamoDb\LockingSessionConnection
  • Aws\DynamoDb\Marshaler
  • Aws\DynamoDb\NumberValue
  • Aws\DynamoDb\SessionHandler
  • Aws\DynamoDb\SetValue
  • Aws\DynamoDb\StandardSessionConnection
  • Aws\DynamoDb\WriteRequestBatch
  • Aws\DynamoDbStreams\DynamoDbStreamsClient
  • Aws\Ec2\Ec2Client
  • Aws\Ecr\EcrClient
  • Aws\Ecs\EcsClient
  • Aws\Efs\EfsClient
  • Aws\EKS\EKSClient
  • Aws\ElastiCache\ElastiCacheClient
  • Aws\ElasticBeanstalk\ElasticBeanstalkClient
  • Aws\ElasticLoadBalancing\ElasticLoadBalancingClient
  • Aws\ElasticLoadBalancingV2\ElasticLoadBalancingV2Client
  • Aws\ElasticsearchService\ElasticsearchServiceClient
  • Aws\ElasticTranscoder\ElasticTranscoderClient
  • Aws\Emr\EmrClient
  • Aws\Endpoint\EndpointProvider
  • Aws\Endpoint\Partition
  • Aws\Endpoint\PartitionEndpointProvider
  • Aws\Endpoint\PatternEndpointProvider
  • Aws\EndpointDiscovery\Configuration
  • Aws\EndpointDiscovery\ConfigurationProvider
  • Aws\EndpointDiscovery\EndpointDiscoveryMiddleware
  • Aws\EndpointDiscovery\EndpointList
  • Aws\Firehose\FirehoseClient
  • Aws\FMS\FMSClient
  • Aws\FSx\FSxClient
  • Aws\GameLift\GameLiftClient
  • Aws\Glacier\GlacierClient
  • Aws\Glacier\MultipartUploader
  • Aws\Glacier\TreeHash
  • Aws\GlobalAccelerator\GlobalAcceleratorClient
  • Aws\Glue\GlueClient
  • Aws\Greengrass\GreengrassClient
  • Aws\GroundStation\GroundStationClient
  • Aws\GuardDuty\GuardDutyClient
  • Aws\Handler\GuzzleV5\GuzzleHandler
  • Aws\Handler\GuzzleV5\GuzzleStream
  • Aws\Handler\GuzzleV5\PsrStream
  • Aws\Handler\GuzzleV6\GuzzleHandler
  • Aws\HandlerList
  • Aws\HashingStream
  • Aws\Health\HealthClient
  • Aws\History
  • Aws\Iam\IamClient
  • Aws\IdempotencyTokenMiddleware
  • Aws\ImportExport\ImportExportClient
  • Aws\Inspector\InspectorClient
  • Aws\IoT1ClickDevicesService\IoT1ClickDevicesServiceClient
  • Aws\IoT1ClickProjects\IoT1ClickProjectsClient
  • Aws\Iot\IotClient
  • Aws\IoTAnalytics\IoTAnalyticsClient
  • Aws\IotDataPlane\IotDataPlaneClient
  • Aws\IoTEvents\IoTEventsClient
  • Aws\IoTEventsData\IoTEventsDataClient
  • Aws\IoTJobsDataPlane\IoTJobsDataPlaneClient
  • Aws\IoTThingsGraph\IoTThingsGraphClient
  • Aws\JsonCompiler
  • Aws\Kafka\KafkaClient
  • Aws\Kinesis\KinesisClient
  • Aws\KinesisAnalytics\KinesisAnalyticsClient
  • Aws\KinesisAnalyticsV2\KinesisAnalyticsV2Client
  • Aws\KinesisVideo\KinesisVideoClient
  • Aws\KinesisVideoArchivedMedia\KinesisVideoArchivedMediaClient
  • Aws\KinesisVideoMedia\KinesisVideoMediaClient
  • Aws\Kms\KmsClient
  • Aws\Lambda\LambdaClient
  • Aws\LexModelBuildingService\LexModelBuildingServiceClient
  • Aws\LexRuntimeService\LexRuntimeServiceClient
  • Aws\LicenseManager\LicenseManagerClient
  • Aws\Lightsail\LightsailClient
  • Aws\LruArrayCache
  • Aws\MachineLearning\MachineLearningClient
  • Aws\Macie\MacieClient
  • Aws\ManagedBlockchain\ManagedBlockchainClient
  • Aws\MarketplaceCommerceAnalytics\MarketplaceCommerceAnalyticsClient
  • Aws\MarketplaceEntitlementService\MarketplaceEntitlementServiceClient
  • Aws\MarketplaceMetering\MarketplaceMeteringClient
  • Aws\MediaConnect\MediaConnectClient
  • Aws\MediaConvert\MediaConvertClient
  • Aws\MediaLive\MediaLiveClient
  • Aws\MediaPackage\MediaPackageClient
  • Aws\MediaPackageVod\MediaPackageVodClient
  • Aws\MediaStore\MediaStoreClient
  • Aws\MediaStoreData\MediaStoreDataClient
  • Aws\MediaTailor\MediaTailorClient
  • Aws\Middleware
  • Aws\MigrationHub\MigrationHubClient
  • Aws\Mobile\MobileClient
  • Aws\MockHandler
  • Aws\MQ\MQClient
  • Aws\MTurk\MTurkClient
  • Aws\Multipart\UploadState
  • Aws\MultiRegionClient
  • Aws\Neptune\NeptuneClient
  • Aws\OpsWorks\OpsWorksClient
  • Aws\OpsWorksCM\OpsWorksCMClient
  • Aws\Organizations\OrganizationsClient
  • Aws\Personalize\PersonalizeClient
  • Aws\PersonalizeEvents\PersonalizeEventsClient
  • Aws\PersonalizeRuntime\PersonalizeRuntimeClient
  • Aws\PhpHash
  • Aws\PI\PIClient
  • Aws\Pinpoint\PinpointClient
  • Aws\PinpointEmail\PinpointEmailClient
  • Aws\PinpointSMSVoice\PinpointSMSVoiceClient
  • Aws\Polly\PollyClient
  • Aws\PresignUrlMiddleware
  • Aws\Pricing\PricingClient
  • Aws\Psr16CacheAdapter
  • Aws\PsrCacheAdapter
  • Aws\QuickSight\QuickSightClient
  • Aws\RAM\RAMClient
  • Aws\Rds\AuthTokenGenerator
  • Aws\Rds\RdsClient
  • Aws\RDSDataService\RDSDataServiceClient
  • Aws\Redshift\RedshiftClient
  • Aws\Rekognition\RekognitionClient
  • Aws\ResourceGroups\ResourceGroupsClient
  • Aws\ResourceGroupsTaggingAPI\ResourceGroupsTaggingAPIClient
  • Aws\Result
  • Aws\ResultPaginator
  • Aws\RetryMiddleware
  • Aws\RoboMaker\RoboMakerClient
  • Aws\Route53\Route53Client
  • Aws\Route53Domains\Route53DomainsClient
  • Aws\Route53Resolver\Route53ResolverClient
  • Aws\S3\BatchDelete
  • Aws\S3\Crypto\HeadersMetadataStrategy
  • Aws\S3\Crypto\InstructionFileMetadataStrategy
  • Aws\S3\Crypto\S3EncryptionClient
  • Aws\S3\Crypto\S3EncryptionMultipartUploader
  • Aws\S3\GetBucketLocationParser
  • Aws\S3\MultipartUploader
  • Aws\S3\ObjectCopier
  • Aws\S3\ObjectUploader
  • Aws\S3\PostObject
  • Aws\S3\PostObjectV4
  • Aws\S3\S3Client
  • Aws\S3\S3MultiRegionClient
  • Aws\S3\S3UriParser
  • Aws\S3\StreamWrapper
  • Aws\S3\Transfer
  • Aws\S3Control\S3ControlClient
  • Aws\SageMaker\SageMakerClient
  • Aws\SageMakerRuntime\SageMakerRuntimeClient
  • Aws\Sdk
  • Aws\SecretsManager\SecretsManagerClient
  • Aws\SecurityHub\SecurityHubClient
  • Aws\ServerlessApplicationRepository\ServerlessApplicationRepositoryClient
  • Aws\ServiceCatalog\ServiceCatalogClient
  • Aws\ServiceDiscovery\ServiceDiscoveryClient
  • Aws\Ses\SesClient
  • Aws\Sfn\SfnClient
  • Aws\Shield\ShieldClient
  • Aws\Signature\AnonymousSignature
  • Aws\Signature\S3SignatureV4
  • Aws\Signature\SignatureProvider
  • Aws\Signature\SignatureV4
  • Aws\signer\signerClient
  • Aws\Sms\SmsClient
  • Aws\SnowBall\SnowBallClient
  • Aws\Sns\Message
  • Aws\Sns\MessageValidator
  • Aws\Sns\SnsClient
  • Aws\Sqs\SqsClient
  • Aws\Ssm\SsmClient
  • Aws\StorageGateway\StorageGatewayClient
  • Aws\Sts\StsClient
  • Aws\Support\SupportClient
  • Aws\Swf\SwfClient
  • Aws\Textract\TextractClient
  • Aws\TraceMiddleware
  • Aws\TranscribeService\TranscribeServiceClient
  • Aws\Transfer\TransferClient
  • Aws\Translate\TranslateClient
  • Aws\Waf\WafClient
  • Aws\WafRegional\WafRegionalClient
  • Aws\Waiter
  • Aws\WorkDocs\WorkDocsClient
  • Aws\WorkLink\WorkLinkClient
  • Aws\WorkMail\WorkMailClient
  • Aws\WorkSpaces\WorkSpacesClient
  • Aws\WrappedHttpHandler
  • Aws\XRay\XRayClient

Interfaces

  • Aws\AwsClientInterface
  • Aws\CacheInterface
  • Aws\ClientSideMonitoring\ConfigurationInterface
  • Aws\CommandInterface
  • Aws\Credentials\CredentialsInterface
  • Aws\Crypto\AesStreamInterface
  • Aws\Crypto\Cipher\CipherMethod
  • Aws\Crypto\MetadataStrategyInterface
  • Aws\DynamoDb\SessionConnectionInterface
  • Aws\Endpoint\PartitionInterface
  • Aws\EndpointDiscovery\ConfigurationInterface
  • Aws\HashInterface
  • Aws\MonitoringEventsInterface
  • Aws\ResponseContainerInterface
  • Aws\ResultInterface
  • Aws\S3\S3ClientInterface
  • Aws\Signature\SignatureInterface

Traits

  • Aws\Api\ErrorParser\JsonParserTrait
  • Aws\Api\Parser\PayloadParserTrait
  • Aws\AwsClientTrait
  • Aws\Crypto\Cipher\CipherBuilderTrait
  • Aws\Crypto\DecryptionTrait
  • Aws\Crypto\EncryptionTrait
  • Aws\DynamoDb\SessionConnectionConfigTrait
  • Aws\HasDataTrait
  • Aws\HasMonitoringEventsTrait
  • Aws\S3\Crypto\CryptoParamsTrait
  • Aws\S3\MultipartUploadingTrait
  • Aws\S3\S3ClientTrait
  • Aws\Signature\SignatureTrait

Exceptions

  • Aws\Acm\Exception\AcmException
  • Aws\ACMPCA\Exception\ACMPCAException
  • Aws\AlexaForBusiness\Exception\AlexaForBusinessException
  • Aws\Amplify\Exception\AmplifyException
  • Aws\Api\Parser\Exception\ParserException
  • Aws\ApiGateway\Exception\ApiGatewayException
  • Aws\ApiGatewayManagementApi\Exception\ApiGatewayManagementApiException
  • Aws\ApiGatewayV2\Exception\ApiGatewayV2Exception
  • Aws\ApplicationAutoScaling\Exception\ApplicationAutoScalingException
  • Aws\ApplicationDiscoveryService\Exception\ApplicationDiscoveryServiceException
  • Aws\AppMesh\Exception\AppMeshException
  • Aws\Appstream\Exception\AppstreamException
  • Aws\AppSync\Exception\AppSyncException
  • Aws\Athena\Exception\AthenaException
  • Aws\AutoScaling\Exception\AutoScalingException
  • Aws\AutoScalingPlans\Exception\AutoScalingPlansException
  • Aws\Backup\Exception\BackupException
  • Aws\Batch\Exception\BatchException
  • Aws\Budgets\Exception\BudgetsException
  • Aws\Chime\Exception\ChimeException
  • Aws\ClientSideMonitoring\Exception\ConfigurationException
  • Aws\Cloud9\Exception\Cloud9Exception
  • Aws\CloudDirectory\Exception\CloudDirectoryException
  • Aws\CloudFormation\Exception\CloudFormationException
  • Aws\CloudFront\Exception\CloudFrontException
  • Aws\CloudHsm\Exception\CloudHsmException
  • Aws\CloudHSMV2\Exception\CloudHSMV2Exception
  • Aws\CloudSearch\Exception\CloudSearchException
  • Aws\CloudSearchDomain\Exception\CloudSearchDomainException
  • Aws\CloudTrail\Exception\CloudTrailException
  • Aws\CloudWatch\Exception\CloudWatchException
  • Aws\CloudWatchEvents\Exception\CloudWatchEventsException
  • Aws\CloudWatchLogs\Exception\CloudWatchLogsException
  • Aws\CodeBuild\Exception\CodeBuildException
  • Aws\CodeCommit\Exception\CodeCommitException
  • Aws\CodeDeploy\Exception\CodeDeployException
  • Aws\CodePipeline\Exception\CodePipelineException
  • Aws\CodeStar\Exception\CodeStarException
  • Aws\CognitoIdentity\Exception\CognitoIdentityException
  • Aws\CognitoIdentityProvider\Exception\CognitoIdentityProviderException
  • Aws\CognitoSync\Exception\CognitoSyncException
  • Aws\Comprehend\Exception\ComprehendException
  • Aws\ComprehendMedical\Exception\ComprehendMedicalException
  • Aws\ConfigService\Exception\ConfigServiceException
  • Aws\Connect\Exception\ConnectException
  • Aws\CostandUsageReportService\Exception\CostandUsageReportServiceException
  • Aws\CostExplorer\Exception\CostExplorerException
  • Aws\DatabaseMigrationService\Exception\DatabaseMigrationServiceException
  • Aws\DataPipeline\Exception\DataPipelineException
  • Aws\DataSync\Exception\DataSyncException
  • Aws\DAX\Exception\DAXException
  • Aws\DeviceFarm\Exception\DeviceFarmException
  • Aws\DirectConnect\Exception\DirectConnectException
  • Aws\DirectoryService\Exception\DirectoryServiceException
  • Aws\DLM\Exception\DLMException
  • Aws\DocDB\Exception\DocDBException
  • Aws\DynamoDb\Exception\DynamoDbException
  • Aws\DynamoDbStreams\Exception\DynamoDbStreamsException
  • Aws\Ec2\Exception\Ec2Exception
  • Aws\Ecr\Exception\EcrException
  • Aws\Ecs\Exception\EcsException
  • Aws\Efs\Exception\EfsException
  • Aws\EKS\Exception\EKSException
  • Aws\ElastiCache\Exception\ElastiCacheException
  • Aws\ElasticBeanstalk\Exception\ElasticBeanstalkException
  • Aws\ElasticLoadBalancing\Exception\ElasticLoadBalancingException
  • Aws\ElasticLoadBalancingV2\Exception\ElasticLoadBalancingV2Exception
  • Aws\ElasticsearchService\Exception\ElasticsearchServiceException
  • Aws\ElasticTranscoder\Exception\ElasticTranscoderException
  • Aws\Emr\Exception\EmrException
  • Aws\EndpointDiscovery\Exception\ConfigurationException
  • Aws\Exception\AwsException
  • Aws\Exception\CouldNotCreateChecksumException
  • Aws\Exception\CredentialsException
  • Aws\Exception\EventStreamDataException
  • Aws\Exception\IncalculablePayloadException
  • Aws\Exception\MultipartUploadException
  • Aws\Exception\UnresolvedApiException
  • Aws\Exception\UnresolvedEndpointException
  • Aws\Exception\UnresolvedSignatureException
  • Aws\Firehose\Exception\FirehoseException
  • Aws\FMS\Exception\FMSException
  • Aws\FSx\Exception\FSxException
  • Aws\GameLift\Exception\GameLiftException
  • Aws\Glacier\Exception\GlacierException
  • Aws\GlobalAccelerator\Exception\GlobalAcceleratorException
  • Aws\Glue\Exception\GlueException
  • Aws\Greengrass\Exception\GreengrassException
  • Aws\GroundStation\Exception\GroundStationException
  • Aws\GuardDuty\Exception\GuardDutyException
  • Aws\Health\Exception\HealthException
  • Aws\Iam\Exception\IamException
  • Aws\ImportExport\Exception\ImportExportException
  • Aws\Inspector\Exception\InspectorException
  • Aws\IoT1ClickDevicesService\Exception\IoT1ClickDevicesServiceException
  • Aws\IoT1ClickProjects\Exception\IoT1ClickProjectsException
  • Aws\Iot\Exception\IotException
  • Aws\IoTAnalytics\Exception\IoTAnalyticsException
  • Aws\IotDataPlane\Exception\IotDataPlaneException
  • Aws\IoTEvents\Exception\IoTEventsException
  • Aws\IoTEventsData\Exception\IoTEventsDataException
  • Aws\IoTJobsDataPlane\Exception\IoTJobsDataPlaneException
  • Aws\IoTThingsGraph\Exception\IoTThingsGraphException
  • Aws\Kafka\Exception\KafkaException
  • Aws\Kinesis\Exception\KinesisException
  • Aws\KinesisAnalytics\Exception\KinesisAnalyticsException
  • Aws\KinesisAnalyticsV2\Exception\KinesisAnalyticsV2Exception
  • Aws\KinesisVideo\Exception\KinesisVideoException
  • Aws\KinesisVideoArchivedMedia\Exception\KinesisVideoArchivedMediaException
  • Aws\KinesisVideoMedia\Exception\KinesisVideoMediaException
  • Aws\Kms\Exception\KmsException
  • Aws\Lambda\Exception\LambdaException
  • Aws\LexModelBuildingService\Exception\LexModelBuildingServiceException
  • Aws\LexRuntimeService\Exception\LexRuntimeServiceException
  • Aws\LicenseManager\Exception\LicenseManagerException
  • Aws\Lightsail\Exception\LightsailException
  • Aws\MachineLearning\Exception\MachineLearningException
  • Aws\Macie\Exception\MacieException
  • Aws\ManagedBlockchain\Exception\ManagedBlockchainException
  • Aws\MarketplaceCommerceAnalytics\Exception\MarketplaceCommerceAnalyticsException
  • Aws\MarketplaceEntitlementService\Exception\MarketplaceEntitlementServiceException
  • Aws\MarketplaceMetering\Exception\MarketplaceMeteringException
  • Aws\MediaConnect\Exception\MediaConnectException
  • Aws\MediaConvert\Exception\MediaConvertException
  • Aws\MediaLive\Exception\MediaLiveException
  • Aws\MediaPackage\Exception\MediaPackageException
  • Aws\MediaPackageVod\Exception\MediaPackageVodException
  • Aws\MediaStore\Exception\MediaStoreException
  • Aws\MediaStoreData\Exception\MediaStoreDataException
  • Aws\MediaTailor\Exception\MediaTailorException
  • Aws\MigrationHub\Exception\MigrationHubException
  • Aws\Mobile\Exception\MobileException
  • Aws\MQ\Exception\MQException
  • Aws\MTurk\Exception\MTurkException
  • Aws\Neptune\Exception\NeptuneException
  • Aws\OpsWorks\Exception\OpsWorksException
  • Aws\OpsWorksCM\Exception\OpsWorksCMException
  • Aws\Organizations\Exception\OrganizationsException
  • Aws\Personalize\Exception\PersonalizeException
  • Aws\PersonalizeEvents\Exception\PersonalizeEventsException
  • Aws\PersonalizeRuntime\Exception\PersonalizeRuntimeException
  • Aws\PI\Exception\PIException
  • Aws\Pinpoint\Exception\PinpointException
  • Aws\PinpointEmail\Exception\PinpointEmailException
  • Aws\PinpointSMSVoice\Exception\PinpointSMSVoiceException
  • Aws\Polly\Exception\PollyException
  • Aws\Pricing\Exception\PricingException
  • Aws\QuickSight\Exception\QuickSightException
  • Aws\RAM\Exception\RAMException
  • Aws\Rds\Exception\RdsException
  • Aws\RDSDataService\Exception\RDSDataServiceException
  • Aws\Redshift\Exception\RedshiftException
  • Aws\Rekognition\Exception\RekognitionException
  • Aws\ResourceGroups\Exception\ResourceGroupsException
  • Aws\ResourceGroupsTaggingAPI\Exception\ResourceGroupsTaggingAPIException
  • Aws\RoboMaker\Exception\RoboMakerException
  • Aws\Route53\Exception\Route53Exception
  • Aws\Route53Domains\Exception\Route53DomainsException
  • Aws\Route53Resolver\Exception\Route53ResolverException
  • Aws\S3\Exception\DeleteMultipleObjectsException
  • Aws\S3\Exception\PermanentRedirectException
  • Aws\S3\Exception\S3Exception
  • Aws\S3\Exception\S3MultipartUploadException
  • Aws\S3Control\Exception\S3ControlException
  • Aws\SageMaker\Exception\SageMakerException
  • Aws\SageMakerRuntime\Exception\SageMakerRuntimeException
  • Aws\SecretsManager\Exception\SecretsManagerException
  • Aws\SecurityHub\Exception\SecurityHubException
  • Aws\ServerlessApplicationRepository\Exception\ServerlessApplicationRepositoryException
  • Aws\ServiceCatalog\Exception\ServiceCatalogException
  • Aws\ServiceDiscovery\Exception\ServiceDiscoveryException
  • Aws\Ses\Exception\SesException
  • Aws\Sfn\Exception\SfnException
  • Aws\Shield\Exception\ShieldException
  • Aws\signer\Exception\signerException
  • Aws\Sms\Exception\SmsException
  • Aws\SnowBall\Exception\SnowBallException
  • Aws\Sns\Exception\InvalidSnsMessageException
  • Aws\Sns\Exception\SnsException
  • Aws\Sqs\Exception\SqsException
  • Aws\Ssm\Exception\SsmException
  • Aws\StorageGateway\Exception\StorageGatewayException
  • Aws\Sts\Exception\StsException
  • Aws\Support\Exception\SupportException
  • Aws\Swf\Exception\SwfException
  • Aws\Textract\Exception\TextractException
  • Aws\TranscribeService\Exception\TranscribeServiceException
  • Aws\Transfer\Exception\TransferException
  • Aws\Translate\Exception\TranslateException
  • Aws\Waf\Exception\WafException
  • Aws\WafRegional\Exception\WafRegionalException
  • Aws\WorkDocs\Exception\WorkDocsException
  • Aws\WorkLink\Exception\WorkLinkException
  • Aws\WorkMail\Exception\WorkMailException
  • Aws\WorkSpaces\Exception\WorkSpacesException
  • Aws\XRay\Exception\XRayException

Functions

  • Aws\clear_compiled_json
  • Aws\constantly
  • Aws\default_http_handler
  • Aws\default_user_agent
  • Aws\describe_type
  • Aws\dir_iterator
  • Aws\filter
  • Aws\flatmap
  • Aws\is_valid_hostname
  • Aws\load_compiled_json
  • Aws\manifest
  • Aws\map
  • Aws\or_chain
  • Aws\parse_ini_file
  • Aws\partition
  • Aws\recursive_dir_iterator
  • Aws\serialize

AWS SecurityHub 2018-10-26

Client: Aws\SecurityHub\SecurityHubClient
Service ID: securityhub
Version: 2018-10-26

This page describes the parameters and results for the operations of the AWS SecurityHub (2018-10-26), and shows how to use the Aws\SecurityHub\SecurityHubClient object to call the described operations. This documentation is specific to the 2018-10-26 API version of the service.

Operation Summary

Each of the following operations can be created from a client using $client->getCommand('CommandName'), where "CommandName" is the name of one of the following operations. Note: a command is a value that encapsulates an operation and the parameters used to create an HTTP request.

You can also create and send a command immediately using the magic methods available on a client object: $client->commandName(/* parameters */). You can send the command asynchronously (returning a promise) by appending the word "Async" to the operation name: $client->commandNameAsync(/* parameters */).

  • AcceptInvitation ( array $params = [] )

    Accepts the invitation to be monitored by a Security Hub master account.

  • BatchDisableStandards ( array $params = [] )

    Disables the standards specified by the standards subscription ARNs.

  • BatchEnableStandards ( array $params = [] )

    Enables the standards specified by the standards ARNs.

  • BatchImportFindings ( array $params = [] )

    Imports security findings generated from an integrated third-party product into Security Hub.

  • CreateInsight ( array $params = [] )

    Creates an insight, which is a consolidation of findings that identifies a security area that requires attention or intervention.

  • CreateMembers ( array $params = [] )

    Creates Security Hub member accounts associated with the account used for this action, which becomes the Security Hub Master account.

  • DeclineInvitations ( array $params = [] )

    Declines invitations that are sent to this AWS account (invitee) from the AWS accounts (inviters) that are specified by the provided AccountIds.

  • DeleteInsight ( array $params = [] )

    Deletes the insight specified by the InsightArn.

  • DeleteInvitations ( array $params = [] )

    Deletes invitations that were sent to theis AWS account (invitee) by the AWS accounts (inviters) that are specified by their account IDs.

  • DeleteMembers ( array $params = [] )

    Deletes the Security Hub member accounts that the account IDs specify.

  • DescribeProducts ( array $params = [] )

    Returns information about the products available that you can subscribe to.

  • DisableImportFindingsForProduct ( array $params = [] )

    Cancels the subscription that allows a findings-generating solution (product) to import its findings into Security Hub.

  • DisableSecurityHub ( array $params = [] )

    Disables the Security Hub service.

  • DisassociateFromMasterAccount ( array $params = [] )

    Disassociates the current Security Hub member account from its master account.

  • DisassociateMembers ( array $params = [] )

    Disassociates the Security Hub member accounts that are specified by the account IDs from their master account.

  • EnableImportFindingsForProduct ( array $params = [] )

    Sets up the subscription that enables a findings-generating solution (product) to import its findings into Security Hub.

  • EnableSecurityHub ( array $params = [] )

    Enables the Security Hub service.

  • GetEnabledStandards ( array $params = [] )

    Lists and describes enabled standards.

  • GetFindings ( array $params = [] )

    Lists and describes Security Hub-aggregated findings that filter attributes specify.

  • GetInsightResults ( array $params = [] )

    Lists the results of the Security Hub insight that the insight ARN specifies.

  • GetInsights ( array $params = [] )

    Lists and describes insights that insight ARNs specify.

  • GetInvitationsCount ( array $params = [] )

    Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation.

  • GetMasterAccount ( array $params = [] )

    Provides the details for the Security Hub master account to the current member account.

  • GetMembers ( array $params = [] )

    Returns the details on the Security Hub member accounts that the account IDs specify.

  • InviteMembers ( array $params = [] )

    Invites other AWS accounts to enable Security Hub and become Security Hub member accounts.

  • ListEnabledProductsForImport ( array $params = [] )

    Lists all findings-generating solutions (products) whose findings you have subscribed to receive in Security Hub.

  • ListInvitations ( array $params = [] )

    Lists all Security Hub membership invitations that were sent to the current AWS account.

  • ListMembers ( array $params = [] )

    Lists details about all member accounts for the current Security Hub master account.

  • ListProductSubscribers ( array $params = [] )

    Returns a list of account IDs that are subscribed to the product.

  • UpdateFindings ( array $params = [] )

    Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify.

  • UpdateInsight ( array $params = [] )

    Updates the Security Hub insight that the insight ARN specifies.

Paginators

Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:

  • DescribeProducts
  • GetFindings
  • GetInsights
  • ListEnabledProductsForImport
  • ListProductSubscribers

Operations

AcceptInvitation 

$result = $client->acceptInvitation([/* ... */]);
$promise = $client->acceptInvitationAsync([/* ... */]);

Accepts the invitation to be monitored by a Security Hub master account.

Parameter Syntax

$result = $client->acceptInvitation([
    'InvitationId' => '<string>',
    'MasterId' => '<string>',
]);

Parameter Details

Members
InvitationId
  • Type: string

The ID of the invitation that the Security Hub master account sends to the AWS account.

MasterId
  • Type: string

The account ID of the Security Hub master account whose invitation you're accepting.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

BatchDisableStandards 

$result = $client->batchDisableStandards([/* ... */]);
$promise = $client->batchDisableStandardsAsync([/* ... */]);

Disables the standards specified by the standards subscription ARNs. In the context of Security Hub, supported standards (for example, CIS AWS Foundations) are automated and continuous checks that help determine your compliance status against security industry (including AWS) best practices.

Parameter Syntax

$result = $client->batchDisableStandards([
    'StandardsSubscriptionArns' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
StandardsSubscriptionArns
  • Required: Yes
  • Type: Array of strings

The ARNs of the standards subscriptions that you want to disable.

Result Syntax

[
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

The details of the standards subscriptions that were disabled.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

BatchEnableStandards 

$result = $client->batchEnableStandards([/* ... */]);
$promise = $client->batchEnableStandardsAsync([/* ... */]);

Enables the standards specified by the standards ARNs. In the context of Security Hub, supported standards (for example, CIS AWS Foundations) are automated and continuous checks that help determine your compliance status against security industry (including AWS) best practices.

Parameter Syntax

$result = $client->batchEnableStandards([
    'StandardsSubscriptionRequests' => [ // REQUIRED
        [
            'StandardsArn' => '<string>', // REQUIRED
            'StandardsInput' => ['<string>', ...],
        ],
        // ...
    ],
]);

Parameter Details

Members
StandardsSubscriptionRequests
  • Required: Yes
  • Type: Array of StandardsSubscriptionRequest structures

The list of standards that you want to enable.

In this release, Security Hub supports only the CIS AWS Foundations standard.

Its ARN is arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

Result Syntax

[
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

The details of the standards subscriptions that were enabled.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

BatchImportFindings 

$result = $client->batchImportFindings([/* ... */]);
$promise = $client->batchImportFindingsAsync([/* ... */]);

Imports security findings generated from an integrated third-party product into Security Hub.

Parameter Syntax

$result = $client->batchImportFindings([
    'Findings' => [ // REQUIRED
        [
            'AwsAccountId' => '<string>', // REQUIRED
            'Compliance' => [
                'Status' => 'PASSED|WARNING|FAILED|NOT_AVAILABLE',
            ],
            'Confidence' => <integer>,
            'CreatedAt' => '<string>', // REQUIRED
            'Criticality' => <integer>,
            'Description' => '<string>',
            'FirstObservedAt' => '<string>',
            'GeneratorId' => '<string>', // REQUIRED
            'Id' => '<string>', // REQUIRED
            'LastObservedAt' => '<string>',
            'Malware' => [
                [
                    'Name' => '<string>', // REQUIRED
                    'Path' => '<string>',
                    'State' => 'OBSERVED|REMOVAL_FAILED|REMOVED',
                    'Type' => 'ADWARE|BLENDED_THREAT|BOTNET_AGENT|COIN_MINER|EXPLOIT_KIT|KEYLOGGER|MACRO|POTENTIALLY_UNWANTED|SPYWARE|RANSOMWARE|REMOTE_ACCESS|ROOTKIT|TROJAN|VIRUS|WORM',
                ],
                // ...
            ],
            'Network' => [
                'DestinationDomain' => '<string>',
                'DestinationIpV4' => '<string>',
                'DestinationIpV6' => '<string>',
                'DestinationPort' => <integer>,
                'Direction' => 'IN|OUT',
                'Protocol' => '<string>',
                'SourceDomain' => '<string>',
                'SourceIpV4' => '<string>',
                'SourceIpV6' => '<string>',
                'SourceMac' => '<string>',
                'SourcePort' => <integer>,
            ],
            'Note' => [
                'Text' => '<string>', // REQUIRED
                'UpdatedAt' => '<string>', // REQUIRED
                'UpdatedBy' => '<string>', // REQUIRED
            ],
            'Process' => [
                'LaunchedAt' => '<string>',
                'Name' => '<string>',
                'ParentPid' => <integer>,
                'Path' => '<string>',
                'Pid' => <integer>,
                'TerminatedAt' => '<string>',
            ],
            'ProductArn' => '<string>', // REQUIRED
            'ProductFields' => ['<string>', ...],
            'RecordState' => 'ACTIVE|ARCHIVED',
            'RelatedFindings' => [
                [
                    'Id' => '<string>', // REQUIRED
                    'ProductArn' => '<string>', // REQUIRED
                ],
                // ...
            ],
            'Remediation' => [
                'Recommendation' => [
                    'Text' => '<string>',
                    'Url' => '<string>',
                ],
            ],
            'Resources' => [ // REQUIRED
                [
                    'Details' => [
                        'AwsEc2Instance' => [
                            'IamInstanceProfileArn' => '<string>',
                            'ImageId' => '<string>',
                            'IpV4Addresses' => ['<string>', ...],
                            'IpV6Addresses' => ['<string>', ...],
                            'KeyName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'SubnetId' => '<string>',
                            'Type' => '<string>',
                            'VpcId' => '<string>',
                        ],
                        'AwsIamAccessKey' => [
                            'CreatedAt' => '<string>',
                            'Status' => 'Active|Inactive',
                            'UserName' => '<string>',
                        ],
                        'AwsS3Bucket' => [
                            'OwnerId' => '<string>',
                            'OwnerName' => '<string>',
                        ],
                        'Container' => [
                            'ImageId' => '<string>',
                            'ImageName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'Name' => '<string>',
                        ],
                        'Other' => ['<string>', ...],
                    ],
                    'Id' => '<string>', // REQUIRED
                    'Partition' => 'aws|aws-cn|aws-us-gov',
                    'Region' => '<string>',
                    'Tags' => ['<string>', ...],
                    'Type' => '<string>', // REQUIRED
                ],
                // ...
            ],
            'SchemaVersion' => '<string>', // REQUIRED
            'Severity' => [ // REQUIRED
                'Normalized' => <integer>, // REQUIRED
                'Product' => <float>,
            ],
            'SourceUrl' => '<string>',
            'ThreatIntelIndicators' => [
                [
                    'Category' => 'BACKDOOR|CARD_STEALER|COMMAND_AND_CONTROL|DROP_SITE|EXPLOIT_SITE|KEYLOGGER',
                    'LastObservedAt' => '<string>',
                    'Source' => '<string>',
                    'SourceUrl' => '<string>',
                    'Type' => 'DOMAIN|EMAIL_ADDRESS|HASH_MD5|HASH_SHA1|HASH_SHA256|HASH_SHA512|IPV4_ADDRESS|IPV6_ADDRESS|MUTEX|PROCESS|URL',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'Title' => '<string>',
            'Types' => ['<string>', ...], // REQUIRED
            'UpdatedAt' => '<string>', // REQUIRED
            'UserDefinedFields' => ['<string>', ...],
            'VerificationState' => 'UNKNOWN|TRUE_POSITIVE|FALSE_POSITIVE|BENIGN_POSITIVE',
            'WorkflowState' => 'NEW|ASSIGNED|IN_PROGRESS|DEFERRED|RESOLVED',
        ],
        // ...
    ],
]);

Parameter Details

Members
Findings
  • Required: Yes
  • Type: Array of AwsSecurityFinding structures

A list of findings to import. You must submit them in the AwsSecurityFinding format.

Result Syntax

[
    'FailedCount' => <integer>,
    'FailedFindings' => [
        [
            'ErrorCode' => '<string>',
            'ErrorMessage' => '<string>',
            'Id' => '<string>',
        ],
        // ...
    ],
    'SuccessCount' => <integer>,
]

Result Details

Members
FailedCount
  • Required: Yes
  • Type: int

The number of findings that failed to import.

FailedFindings
  • Type: Array of ImportFindingsError structures

The list of the findings that failed to import.

SuccessCount
  • Required: Yes
  • Type: int

The number of findings that were successfully imported

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

CreateInsight 

$result = $client->createInsight([/* ... */]);
$promise = $client->createInsightAsync([/* ... */]);

Creates an insight, which is a consolidation of findings that identifies a security area that requires attention or intervention.

Parameter Syntax

$result = $client->createInsight([
    'Filters' => [ // REQUIRED
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'GroupByAttribute' => '<string>', // REQUIRED
    'Name' => '<string>', // REQUIRED
]);

Parameter Details

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

A collection of attributes that are applied to all of the active findings aggregated by Security Hub, and that result in a subset of findings that are included in this insight.

GroupByAttribute
  • Required: Yes
  • Type: string

The attribute by which the insight's findings are grouped. This attribute is used as a findings aggregator for the purposes of viewing and managing multiple related findings under a single operand.

Name
  • Required: Yes
  • Type: string

The user-defined name that identifies the insight to create.

Result Syntax

[
    'InsightArn' => '<string>',
]

Result Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight created.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

CreateMembers 

$result = $client->createMembers([/* ... */]);
$promise = $client->createMembersAsync([/* ... */]);

Creates Security Hub member accounts associated with the account used for this action, which becomes the Security Hub Master account. Security Hub must be enabled in the account used to make this request.

Parameter Syntax

$result = $client->createMembers([
    'AccountDetails' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
        ],
        // ...
    ],
]);

Parameter Details

Members
AccountDetails
  • Type: Array of AccountDetails structures

A list of account ID and email address pairs of the accounts to associate with the Security Hub master account.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

DeclineInvitations 

$result = $client->declineInvitations([/* ... */]);
$promise = $client->declineInvitationsAsync([/* ... */]);

Declines invitations that are sent to this AWS account (invitee) from the AWS accounts (inviters) that are specified by the provided AccountIds.

Parameter Syntax

$result = $client->declineInvitations([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of account IDs that specify the accounts from which invitations to Security Hub are declined.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DeleteInsight 

$result = $client->deleteInsight([/* ... */]);
$promise = $client->deleteInsightAsync([/* ... */]);

Deletes the insight specified by the InsightArn.

Parameter Syntax

$result = $client->deleteInsight([
    'InsightArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight to delete.

Result Syntax

[
    'InsightArn' => '<string>',
]

Result Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight that was deleted.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DeleteInvitations 

$result = $client->deleteInvitations([/* ... */]);
$promise = $client->deleteInvitationsAsync([/* ... */]);

Deletes invitations that were sent to theis AWS account (invitee) by the AWS accounts (inviters) that are specified by their account IDs.

Parameter Syntax

$result = $client->deleteInvitations([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of account IDs that specify accounts whose invitations to Security Hub you want to delete.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

DeleteMembers 

$result = $client->deleteMembers([/* ... */]);
$promise = $client->deleteMembersAsync([/* ... */]);

Deletes the Security Hub member accounts that the account IDs specify.

Parameter Syntax

$result = $client->deleteMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of account IDs of the Security Hub member accounts that you want to delete.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DescribeProducts 

$result = $client->describeProducts([/* ... */]);
$promise = $client->describeProductsAsync([/* ... */]);

Returns information about the products available that you can subscribe to.

Parameter Syntax

$result = $client->describeProducts([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of results to return.

NextToken
  • Type: string

The token that is required for pagination.

Result Syntax

[
    'NextToken' => '<string>',
    'Products' => [
        [
            'ActivationUrl' => '<string>',
            'Categories' => ['<string>', ...],
            'CompanyName' => '<string>',
            'Description' => '<string>',
            'MarketplaceUrl' => '<string>',
            'ProductArn' => '<string>',
            'ProductName' => '<string>',
            'ProductSubscriptionResourcePolicy' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

Products
  • Required: Yes
  • Type: Array of Product structures

A list of products.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

DisableImportFindingsForProduct 

$result = $client->disableImportFindingsForProduct([/* ... */]);
$promise = $client->disableImportFindingsForProductAsync([/* ... */]);

Cancels the subscription that allows a findings-generating solution (product) to import its findings into Security Hub.

Parameter Syntax

$result = $client->disableImportFindingsForProduct([
    'ProductSubscriptionArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ProductSubscriptionArn
  • Required: Yes
  • Type: string

The ARN of a resource that represents your subscription to a supported product.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

DisableSecurityHub 

$result = $client->disableSecurityHub([/* ... */]);
$promise = $client->disableSecurityHubAsync([/* ... */]);

Disables the Security Hub service.

Parameter Syntax

$result = $client->disableSecurityHub([
]);

Parameter Details

Members

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DisassociateFromMasterAccount 

$result = $client->disassociateFromMasterAccount([/* ... */]);
$promise = $client->disassociateFromMasterAccountAsync([/* ... */]);

Disassociates the current Security Hub member account from its master account.

Parameter Syntax

$result = $client->disassociateFromMasterAccount([
]);

Parameter Details

Members

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DisassociateMembers 

$result = $client->disassociateMembers([/* ... */]);
$promise = $client->disassociateMembersAsync([/* ... */]);

Disassociates the Security Hub member accounts that are specified by the account IDs from their master account.

Parameter Syntax

$result = $client->disassociateMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

The account IDs of the member accounts that you want to disassociate from the master account.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

EnableImportFindingsForProduct 

$result = $client->enableImportFindingsForProduct([/* ... */]);
$promise = $client->enableImportFindingsForProductAsync([/* ... */]);

Sets up the subscription that enables a findings-generating solution (product) to import its findings into Security Hub.

Parameter Syntax

$result = $client->enableImportFindingsForProduct([
    'ProductArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ProductArn
  • Required: Yes
  • Type: string

The ARN of the product that generates findings that you want to import into Security Hub.

Result Syntax

[
    'ProductSubscriptionArn' => '<string>',
]

Result Details

Members
ProductSubscriptionArn
  • Type: string

The ARN of a resource that represents your subscription to the product that generates the findings that you want to import into Security Hub.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

EnableSecurityHub 

$result = $client->enableSecurityHub([/* ... */]);
$promise = $client->enableSecurityHubAsync([/* ... */]);

Enables the Security Hub service.

Parameter Syntax

$result = $client->enableSecurityHub([
]);

Parameter Details

Members

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

  • AccessDeniedException:

    You don't have permission to perform the action specified in the request.

GetEnabledStandards 

$result = $client->getEnabledStandards([/* ... */]);
$promise = $client->getEnabledStandardsAsync([/* ... */]);

Lists and describes enabled standards.

Parameter Syntax

$result = $client->getEnabledStandards([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'StandardsSubscriptionArns' => ['<string>', ...],
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the GetEnabledStandards operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

StandardsSubscriptionArns
  • Type: Array of strings

The list of standards subscription ARNS that you want to list and describe.

Result Syntax

[
    'NextToken' => '<string>',
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

The standards subscription details returned by the operation.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetFindings 

$result = $client->getFindings([/* ... */]);
$promise = $client->getFindingsAsync([/* ... */]);

Lists and describes Security Hub-aggregated findings that filter attributes specify.

Parameter Syntax

$result = $client->getFindings([
    'Filters' => [
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'SortCriteria' => [
        [
            'Field' => '<string>',
            'SortOrder' => 'asc|desc',
        ],
        // ...
    ],
]);

Parameter Details

Members
Filters
  • Type: AwsSecurityFindingFilters structure

A collection of attributes that is used for querying findings.

MaxResults
  • Type: int

Indicates the maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the GetFindings operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

SortCriteria
  • Type: Array of SortCriterion structures

A collection of attributes used for sorting findings.

Result Syntax

[
    'Findings' => [
        [
            'AwsAccountId' => '<string>',
            'Compliance' => [
                'Status' => 'PASSED|WARNING|FAILED|NOT_AVAILABLE',
            ],
            'Confidence' => <integer>,
            'CreatedAt' => '<string>',
            'Criticality' => <integer>,
            'Description' => '<string>',
            'FirstObservedAt' => '<string>',
            'GeneratorId' => '<string>',
            'Id' => '<string>',
            'LastObservedAt' => '<string>',
            'Malware' => [
                [
                    'Name' => '<string>',
                    'Path' => '<string>',
                    'State' => 'OBSERVED|REMOVAL_FAILED|REMOVED',
                    'Type' => 'ADWARE|BLENDED_THREAT|BOTNET_AGENT|COIN_MINER|EXPLOIT_KIT|KEYLOGGER|MACRO|POTENTIALLY_UNWANTED|SPYWARE|RANSOMWARE|REMOTE_ACCESS|ROOTKIT|TROJAN|VIRUS|WORM',
                ],
                // ...
            ],
            'Network' => [
                'DestinationDomain' => '<string>',
                'DestinationIpV4' => '<string>',
                'DestinationIpV6' => '<string>',
                'DestinationPort' => <integer>,
                'Direction' => 'IN|OUT',
                'Protocol' => '<string>',
                'SourceDomain' => '<string>',
                'SourceIpV4' => '<string>',
                'SourceIpV6' => '<string>',
                'SourceMac' => '<string>',
                'SourcePort' => <integer>,
            ],
            'Note' => [
                'Text' => '<string>',
                'UpdatedAt' => '<string>',
                'UpdatedBy' => '<string>',
            ],
            'Process' => [
                'LaunchedAt' => '<string>',
                'Name' => '<string>',
                'ParentPid' => <integer>,
                'Path' => '<string>',
                'Pid' => <integer>,
                'TerminatedAt' => '<string>',
            ],
            'ProductArn' => '<string>',
            'ProductFields' => ['<string>', ...],
            'RecordState' => 'ACTIVE|ARCHIVED',
            'RelatedFindings' => [
                [
                    'Id' => '<string>',
                    'ProductArn' => '<string>',
                ],
                // ...
            ],
            'Remediation' => [
                'Recommendation' => [
                    'Text' => '<string>',
                    'Url' => '<string>',
                ],
            ],
            'Resources' => [
                [
                    'Details' => [
                        'AwsEc2Instance' => [
                            'IamInstanceProfileArn' => '<string>',
                            'ImageId' => '<string>',
                            'IpV4Addresses' => ['<string>', ...],
                            'IpV6Addresses' => ['<string>', ...],
                            'KeyName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'SubnetId' => '<string>',
                            'Type' => '<string>',
                            'VpcId' => '<string>',
                        ],
                        'AwsIamAccessKey' => [
                            'CreatedAt' => '<string>',
                            'Status' => 'Active|Inactive',
                            'UserName' => '<string>',
                        ],
                        'AwsS3Bucket' => [
                            'OwnerId' => '<string>',
                            'OwnerName' => '<string>',
                        ],
                        'Container' => [
                            'ImageId' => '<string>',
                            'ImageName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'Name' => '<string>',
                        ],
                        'Other' => ['<string>', ...],
                    ],
                    'Id' => '<string>',
                    'Partition' => 'aws|aws-cn|aws-us-gov',
                    'Region' => '<string>',
                    'Tags' => ['<string>', ...],
                    'Type' => '<string>',
                ],
                // ...
            ],
            'SchemaVersion' => '<string>',
            'Severity' => [
                'Normalized' => <integer>,
                'Product' => <float>,
            ],
            'SourceUrl' => '<string>',
            'ThreatIntelIndicators' => [
                [
                    'Category' => 'BACKDOOR|CARD_STEALER|COMMAND_AND_CONTROL|DROP_SITE|EXPLOIT_SITE|KEYLOGGER',
                    'LastObservedAt' => '<string>',
                    'Source' => '<string>',
                    'SourceUrl' => '<string>',
                    'Type' => 'DOMAIN|EMAIL_ADDRESS|HASH_MD5|HASH_SHA1|HASH_SHA256|HASH_SHA512|IPV4_ADDRESS|IPV6_ADDRESS|MUTEX|PROCESS|URL',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'Title' => '<string>',
            'Types' => ['<string>', ...],
            'UpdatedAt' => '<string>',
            'UserDefinedFields' => ['<string>', ...],
            'VerificationState' => 'UNKNOWN|TRUE_POSITIVE|FALSE_POSITIVE|BENIGN_POSITIVE',
            'WorkflowState' => 'NEW|ASSIGNED|IN_PROGRESS|DEFERRED|RESOLVED',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Findings
  • Required: Yes
  • Type: Array of AwsSecurityFinding structures

Findings details returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetInsightResults 

$result = $client->getInsightResults([/* ... */]);
$promise = $client->getInsightResultsAsync([/* ... */]);

Lists the results of the Security Hub insight that the insight ARN specifies.

Parameter Syntax

$result = $client->getInsightResults([
    'InsightArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight whose results you want to see.

Result Syntax

[
    'InsightResults' => [
        'GroupByAttribute' => '<string>',
        'InsightArn' => '<string>',
        'ResultValues' => [
            [
                'Count' => <integer>,
                'GroupByAttributeValue' => '<string>',
            ],
            // ...
        ],
    ],
]

Result Details

Members
InsightResults
  • Required: Yes
  • Type: InsightResults structure

The insight results returned by the operation.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetInsights 

$result = $client->getInsights([/* ... */]);
$promise = $client->getInsightsAsync([/* ... */]);

Lists and describes insights that insight ARNs specify.

Parameter Syntax

$result = $client->getInsights([
    'InsightArns' => ['<string>', ...],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
InsightArns
  • Type: Array of strings

The ARNs of the insights that you want to describe.

MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the GetInsights operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

Result Syntax

[
    'Insights' => [
        [
            'Filters' => [
                'AwsAccountId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'CompanyName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ComplianceStatus' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Confidence' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'CreatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'Criticality' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'Description' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'FirstObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'GeneratorId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Id' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Keyword' => [
                    [
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'LastObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'MalwareName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwarePath' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwareState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwareType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationDomain' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationIpV4' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationIpV6' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationPort' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'NetworkDirection' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkProtocol' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceDomain' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceIpV4' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceIpV6' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceMac' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourcePort' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'NoteText' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NoteUpdatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'NoteUpdatedBy' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ProcessName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessParentPid' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'ProcessPath' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessPid' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'ProcessTerminatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ProductArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProductFields' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProductName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RecommendationText' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RecordState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RelatedFindingsId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RelatedFindingsProductArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceImageId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIpV4Addresses' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIpV6Addresses' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceKeyName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceSubnetId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceVpcId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyCreatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyStatus' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyUserName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsS3BucketOwnerId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsS3BucketOwnerName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerImageId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerImageName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceDetailsOther' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourcePartition' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceRegion' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceTags' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'SeverityLabel' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'SeverityNormalized' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'SeverityProduct' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'SourceUrl' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorCategory' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorLastObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorSource' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorSourceUrl' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorValue' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Title' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Type' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'UpdatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'UserDefinedFields' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'VerificationState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'WorkflowState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
            ],
            'GroupByAttribute' => '<string>',
            'InsightArn' => '<string>',
            'Name' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Insights
  • Required: Yes
  • Type: Array of Insight structures

The insights returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetInvitationsCount 

$result = $client->getInvitationsCount([/* ... */]);
$promise = $client->getInvitationsCountAsync([/* ... */]);

Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation.

Parameter Syntax

$result = $client->getInvitationsCount([
]);

Parameter Details

Members

Result Syntax

[
    'InvitationsCount' => <integer>,
]

Result Details

Members
InvitationsCount
  • Type: int

The number of all membership invitations sent to this Security Hub member account, not including the currently accepted invitation.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetMasterAccount 

$result = $client->getMasterAccount([/* ... */]);
$promise = $client->getMasterAccountAsync([/* ... */]);

Provides the details for the Security Hub master account to the current member account.

Parameter Syntax

$result = $client->getMasterAccount([
]);

Parameter Details

Members

Result Syntax

[
    'Master' => [
        'AccountId' => '<string>',
        'InvitationId' => '<string>',
        'InvitedAt' => <DateTime>,
        'MemberStatus' => '<string>',
    ],
]

Result Details

Members
Master
  • Type: Invitation structure

A list of details about the Security Hub master account for the current member account.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetMembers 

$result = $client->getMembers([/* ... */]);
$promise = $client->getMembersAsync([/* ... */]);

Returns the details on the Security Hub member accounts that the account IDs specify.

Parameter Syntax

$result = $client->getMembers([
    'AccountIds' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
AccountIds
  • Required: Yes
  • Type: Array of strings

A list of account IDs for the Security Hub member accounts that you want to return the details for.

Result Syntax

[
    'Members' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
            'InvitedAt' => <DateTime>,
            'MasterId' => '<string>',
            'MemberStatus' => '<string>',
            'UpdatedAt' => <DateTime>,
        ],
        // ...
    ],
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
Members
  • Type: Array of Member structures

A list of details about the Security Hub member accounts.

UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

InviteMembers 

$result = $client->inviteMembers([/* ... */]);
$promise = $client->inviteMembersAsync([/* ... */]);

Invites other AWS accounts to enable Security Hub and become Security Hub member accounts. When an account accepts the invitation and becomes a member account, the master account can view Security Hub findings of the member account.

Parameter Syntax

$result = $client->inviteMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of IDs of the AWS accounts that you want to invite to Security Hub as members.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

ListEnabledProductsForImport 

$result = $client->listEnabledProductsForImport([/* ... */]);
$promise = $client->listEnabledProductsForImportAsync([/* ... */]);

Lists all findings-generating solutions (products) whose findings you have subscribed to receive in Security Hub.

Parameter Syntax

$result = $client->listEnabledProductsForImport([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the ListEnabledProductsForImport operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

Result Syntax

[
    'NextToken' => '<string>',
    'ProductSubscriptions' => ['<string>', ...],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

ProductSubscriptions
  • Type: Array of strings

A list of ARNs for the resources that represent your subscriptions to products.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

ListInvitations 

$result = $client->listInvitations([/* ... */]);
$promise = $client->listInvitationsAsync([/* ... */]);

Lists all Security Hub membership invitations that were sent to the current AWS account.

Parameter Syntax

$result = $client->listInvitations([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the ListInvitations operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

Result Syntax

[
    'Invitations' => [
        [
            'AccountId' => '<string>',
            'InvitationId' => '<string>',
            'InvitedAt' => <DateTime>,
            'MemberStatus' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Invitations
  • Type: Array of Invitation structures

The details of the invitations returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

ListMembers 

$result = $client->listMembers([/* ... */]);
$promise = $client->listMembersAsync([/* ... */]);

Lists details about all member accounts for the current Security Hub master account.

Parameter Syntax

$result = $client->listMembers([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'OnlyAssociated' => true || false,
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. Set the value of this parameter to NULL on your first call to the ListMembers operation. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

OnlyAssociated
  • Type: boolean

Specifies which member accounts the response includes based on their relationship status with the master account. The default value is TRUE. If onlyAssociated is set to TRUE, the response includes member accounts whose relationship status with the master is set to ENABLED or DISABLED. If onlyAssociated is set to FALSE, the response includes all existing member accounts.

Result Syntax

[
    'Members' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
            'InvitedAt' => <DateTime>,
            'MasterId' => '<string>',
            'MemberStatus' => '<string>',
            'UpdatedAt' => <DateTime>,
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Members
  • Type: Array of Member structures

Member details returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

ListProductSubscribers 

$result = $client->listProductSubscribers([/* ... */]);
$promise = $client->listProductSubscribersAsync([/* ... */]);

Returns a list of account IDs that are subscribed to the product.

Parameter Syntax

$result = $client->listProductSubscribers([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'ProductArn' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of results to return.

NextToken
  • Type: string

The token that is required for pagination.

ProductArn
  • Type: string

The ARN of the product.

Result Syntax

[
    'NextToken' => '<string>',
    'ProductSubscribers' => ['<string>', ...],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

ProductSubscribers
  • Type: Array of strings

A list of account IDs that are subscribed to the product.

Errors

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

UpdateFindings 

$result = $client->updateFindings([/* ... */]);
$promise = $client->updateFindingsAsync([/* ... */]);

Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify. Any member account that can view the finding also sees the update to the finding.

Parameter Syntax

$result = $client->updateFindings([
    'Filters' => [ // REQUIRED
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'Note' => [
        'Text' => '<string>', // REQUIRED
        'UpdatedBy' => '<string>', // REQUIRED
    ],
    'RecordState' => 'ACTIVE|ARCHIVED',
]);

Parameter Details

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

A collection of attributes that specify which findings you want to update.

Note
  • Type: NoteUpdate structure

The updated note for the finding.

RecordState
  • Type: string

The updated record state for the finding.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

UpdateInsight 

$result = $client->updateInsight([/* ... */]);
$promise = $client->updateInsightAsync([/* ... */]);

Updates the Security Hub insight that the insight ARN specifies.

Parameter Syntax

$result = $client->updateInsight([
    'Filters' => [
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'GroupByAttribute' => '<string>',
    'InsightArn' => '<string>', // REQUIRED
    'Name' => '<string>',
]);

Parameter Details

Members
Filters
  • Type: AwsSecurityFindingFilters structure

The updated filters that define this insight.

GroupByAttribute
  • Type: string

The updated GroupBy attribute that defines this insight.

InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight that you want to update.

Name
  • Type: string

The updated name for the insight.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

Shapes

AccessDeniedException

Description

You don't have permission to perform the action specified in the request.

Members
Code
  • Type: string
Message
  • Type: string

AccountDetails

Description

The details of an AWS account.

Members
AccountId
  • Type: string

The ID of an AWS account.

Email
  • Type: string

The email of an AWS account.

AwsEc2InstanceDetails

Description

The details of an Amazon EC2 instance.

Members
IamInstanceProfileArn
  • Type: string

The IAM profile ARN of the instance.

ImageId
  • Type: string

The Amazon Machine Image (AMI) ID of the instance.

IpV4Addresses
  • Type: Array of strings

The IPv4 addresses associated with the instance.

IpV6Addresses
  • Type: Array of strings

The IPv6 addresses associated with the instance.

KeyName
  • Type: string

The key name associated with the instance.

LaunchedAt
  • Type: string

The date/time the instance was launched.

SubnetId
  • Type: string

The identifier of the subnet that the instance was launched in.

Type
  • Type: string

The instance type of the instance.

VpcId
  • Type: string

The identifier of the VPC that the instance was launched in.

AwsIamAccessKeyDetails

Description

IAM access key details related to a finding.

Members
CreatedAt
  • Type: string

The creation date/time of the IAM access key related to a finding.

Status
  • Type: string

The status of the IAM access key related to a finding.

UserName
  • Type: string

The user associated with the IAM access key related to a finding.

AwsS3BucketDetails

Description

The details of an Amazon S3 bucket.

Members
OwnerId
  • Type: string

The canonical user ID of the owner of the S3 bucket.

OwnerName
  • Type: string

The display name of the owner of the S3 bucket.

AwsSecurityFinding

Description

Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and compliance checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and compliance checks.

Members
AwsAccountId
  • Required: Yes
  • Type: string

The AWS account ID that a finding is generated in.

Compliance
  • Type: Compliance structure

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Confidence
  • Type: int

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

CreatedAt
  • Required: Yes
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider created the potential security issue that a finding captured.

Criticality
  • Type: int

The level of importance assigned to the resources associated with the finding. A score of 0 means the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Description
  • Type: string

A finding's description.

In this release, Description is a required property.

FirstObservedAt
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

GeneratorId
  • Required: Yes
  • Type: string

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plug-in, etc.

Id
  • Required: Yes
  • Type: string

The security findings provider-specific identifier for a finding.

LastObservedAt
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Malware
  • Type: Array of Malware structures

A list of malware related to a finding.

Network
  • Type: Network structure

The details of network-related information about a finding.

Note
  • Type: Note structure

A user-defined note added to a finding.

Process
  • Type: ProcessDetails structure

The details of process-related information about a finding.

ProductArn
  • Required: Yes
  • Type: string

The ARN generated by Security Hub that uniquely identifies a third-party company (security-findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

ProductFields
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

RecordState
  • Type: string

The record state of a finding.

RelatedFindings
  • Type: Array of RelatedFinding structures

A list of related findings.

Remediation
  • Type: Remediation structure

An data type that describes the remediation options for a finding.

Resources
  • Required: Yes
  • Type: Array of Resource structures

A set of resource data types that describe the resources that the finding refers to.

SchemaVersion
  • Required: Yes
  • Type: string

The schema version that a finding is formatted for.

Severity
  • Required: Yes
  • Type: Severity structure

A finding's severity.

SourceUrl
  • Type: string

A URL that links to a page about the current finding in the security-findings provider's solution.

ThreatIntelIndicators
  • Type: Array of ThreatIntelIndicator structures

Threat intel details related to a finding.

Title
  • Type: string

A finding's title.

In this release, Title is a required property.

Types
  • Required: Yes
  • Type: Array of strings

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

UpdatedAt
  • Required: Yes
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

UserDefinedFields
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

VerificationState
  • Type: string

Indicates the veracity of a finding.

WorkflowState
  • Type: string

The workflow state of a finding.

AwsSecurityFindingFilters

Description

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

Members
AwsAccountId
  • Type: Array of StringFilter structures

The AWS account ID that a finding is generated in.

CompanyName
  • Type: Array of StringFilter structures

The name of the findings provider (company) that owns the solution (product) that generates findings.

ComplianceStatus
  • Type: Array of StringFilter structures

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Confidence
  • Type: Array of NumberFilter structures

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

CreatedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.

Criticality
  • Type: Array of NumberFilter structures

The level of importance assigned to the resources associated with the finding. A score of 0 means the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Description
  • Type: Array of StringFilter structures

A finding's description.

FirstObservedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

GeneratorId
  • Type: Array of StringFilter structures

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plug-in, etc.

Id
  • Type: Array of StringFilter structures

The security findings provider-specific identifier for a finding.

Keyword
  • Type: Array of KeywordFilter structures

A keyword for a finding.

LastObservedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

MalwareName
  • Type: Array of StringFilter structures

The name of the malware that was observed.

MalwarePath
  • Type: Array of StringFilter structures

The filesystem path of the malware that was observed.

MalwareState
  • Type: Array of StringFilter structures

The state of the malware that was observed.

MalwareType
  • Type: Array of StringFilter structures

The type of the malware that was observed.

NetworkDestinationDomain
  • Type: Array of StringFilter structures

The destination domain of network-related information about a finding.

NetworkDestinationIpV4
  • Type: Array of IpFilter structures

The destination IPv4 address of network-related information about a finding.

NetworkDestinationIpV6
  • Type: Array of IpFilter structures

The destination IPv6 address of network-related information about a finding.

NetworkDestinationPort
  • Type: Array of NumberFilter structures

The destination port of network-related information about a finding.

NetworkDirection
  • Type: Array of StringFilter structures

Indicates the direction of network traffic associated with a finding.

NetworkProtocol
  • Type: Array of StringFilter structures

The protocol of network-related information about a finding.

NetworkSourceDomain
  • Type: Array of StringFilter structures

The source domain of network-related information about a finding.

NetworkSourceIpV4
  • Type: Array of IpFilter structures

The source IPv4 address of network-related information about a finding.

NetworkSourceIpV6
  • Type: Array of IpFilter structures

The source IPv6 address of network-related information about a finding.

NetworkSourceMac
  • Type: Array of StringFilter structures

The source media access control (MAC) address of network-related information about a finding.

NetworkSourcePort
  • Type: Array of NumberFilter structures

The source port of network-related information about a finding.

NoteText
  • Type: Array of StringFilter structures

The text of a note.

NoteUpdatedAt
  • Type: Array of DateFilter structures

The timestamp of when the note was updated.

NoteUpdatedBy
  • Type: Array of StringFilter structures

The principal that created a note.

ProcessLaunchedAt
  • Type: Array of DateFilter structures

The date/time that the process was launched.

ProcessName
  • Type: Array of StringFilter structures

The name of the process.

ProcessParentPid
  • Type: Array of NumberFilter structures

The parent process ID.

ProcessPath
  • Type: Array of StringFilter structures

The path to the process executable.

ProcessPid
  • Type: Array of NumberFilter structures

The process ID.

ProcessTerminatedAt
  • Type: Array of DateFilter structures

The date/time that the process was terminated.

ProductArn
  • Type: Array of StringFilter structures

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

ProductFields
  • Type: Array of MapFilter structures

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

ProductName
  • Type: Array of StringFilter structures

The name of the solution (product) that generates findings.

RecommendationText
  • Type: Array of StringFilter structures

The recommendation of what to do about the issue described in a finding.

RecordState
  • Type: Array of StringFilter structures

The updated record state for the finding.

RelatedFindingsId
  • Type: Array of StringFilter structures

The solution-generated identifier for a related finding.

RelatedFindingsProductArn
  • Type: Array of StringFilter structures

The ARN of the solution that generated a related finding.

ResourceAwsEc2InstanceIamInstanceProfileArn
  • Type: Array of StringFilter structures

The IAM profile ARN of the instance.

ResourceAwsEc2InstanceImageId
  • Type: Array of StringFilter structures

The Amazon Machine Image (AMI) ID of the instance.

ResourceAwsEc2InstanceIpV4Addresses
  • Type: Array of IpFilter structures

The IPv4 addresses associated with the instance.

ResourceAwsEc2InstanceIpV6Addresses
  • Type: Array of IpFilter structures

The IPv6 addresses associated with the instance.

ResourceAwsEc2InstanceKeyName
  • Type: Array of StringFilter structures

The key name associated with the instance.

ResourceAwsEc2InstanceLaunchedAt
  • Type: Array of DateFilter structures

The date/time the instance was launched.

ResourceAwsEc2InstanceSubnetId
  • Type: Array of StringFilter structures

The identifier of the subnet that the instance was launched in.

ResourceAwsEc2InstanceType
  • Type: Array of StringFilter structures

The instance type of the instance.

ResourceAwsEc2InstanceVpcId
  • Type: Array of StringFilter structures

The identifier of the VPC that the instance was launched in.

ResourceAwsIamAccessKeyCreatedAt
  • Type: Array of DateFilter structures

The creation date/time of the IAM access key related to a finding.

ResourceAwsIamAccessKeyStatus
  • Type: Array of StringFilter structures

The status of the IAM access key related to a finding.

ResourceAwsIamAccessKeyUserName
  • Type: Array of StringFilter structures

The user associated with the IAM access key related to a finding.

ResourceAwsS3BucketOwnerId
  • Type: Array of StringFilter structures

The canonical user ID of the owner of the S3 bucket.

ResourceAwsS3BucketOwnerName
  • Type: Array of StringFilter structures

The display name of the owner of the S3 bucket.

ResourceContainerImageId
  • Type: Array of StringFilter structures

The identifier of the image related to a finding.

ResourceContainerImageName
  • Type: Array of StringFilter structures

The name of the image related to a finding.

ResourceContainerLaunchedAt
  • Type: Array of DateFilter structures

The date/time that the container was started.

ResourceContainerName
  • Type: Array of StringFilter structures

The name of the container related to a finding.

ResourceDetailsOther
  • Type: Array of MapFilter structures

The details of a resource that doesn't have a specific subfield for the resource type defined.

ResourceId
  • Type: Array of StringFilter structures

The canonical identifier for the given resource type.

ResourcePartition
  • Type: Array of StringFilter structures

The canonical AWS partition name that the Region is assigned to.

ResourceRegion
  • Type: Array of StringFilter structures

The canonical AWS external Region name where this resource is located.

ResourceTags
  • Type: Array of MapFilter structures

A list of AWS tags associated with a resource at the time the finding was processed.

ResourceType
  • Type: Array of StringFilter structures

Specifies the type of the resource that details are provided for.

SeverityLabel
  • Type: Array of StringFilter structures

The label of a finding's severity.

SeverityNormalized
  • Type: Array of NumberFilter structures

The normalized severity of a finding.

SeverityProduct
  • Type: Array of NumberFilter structures

The native severity as defined by the security-findings provider's solution that generated the finding.

SourceUrl
  • Type: Array of StringFilter structures

A URL that links to a page about the current finding in the security-findings provider's solution.

ThreatIntelIndicatorCategory
  • Type: Array of StringFilter structures

The category of a threat intel indicator.

ThreatIntelIndicatorLastObservedAt
  • Type: Array of DateFilter structures

The date/time of the last observation of a threat intel indicator.

ThreatIntelIndicatorSource
  • Type: Array of StringFilter structures

The source of the threat intel.

ThreatIntelIndicatorSourceUrl
  • Type: Array of StringFilter structures

The URL for more details from the source of the threat intel.

ThreatIntelIndicatorType
  • Type: Array of StringFilter structures

The type of a threat intel indicator.

ThreatIntelIndicatorValue
  • Type: Array of StringFilter structures

The value of a threat intel indicator.

Title
  • Type: Array of StringFilter structures

A finding's title.

Type
  • Type: Array of StringFilter structures

A finding type in the format of namespace/category/classifier that classifies a finding.

UpdatedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

UserDefinedFields
  • Type: Array of MapFilter structures

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

VerificationState
  • Type: Array of StringFilter structures

The veracity of a finding.

WorkflowState
  • Type: Array of StringFilter structures

The workflow state of a finding.

Compliance

Description

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Members
Status
  • Type: string

The result of a compliance check.

ContainerDetails

Description

Container details related to a finding.

Members
ImageId
  • Type: string

The identifier of the image related to a finding.

ImageName
  • Type: string

The name of the image related to a finding.

LaunchedAt
  • Type: string

The date/time that the container was started.

Name
  • Type: string

The name of the container related to a finding.

DateFilter

Description

A date filter for querying findings.

Members
DateRange
  • Type: DateRange structure

A date range for the date filter.

End
  • Type: string

An end date for the date filter.

Start
  • Type: string

A start date for the date filter.

DateRange

Description

A date range for the date filter.

Members
Unit
  • Type: string

A date range unit for the date filter.

Value
  • Type: int

A date range value for the date filter.

ImportFindingsError

Description

Includes details of the list of the findings that can't be imported.

Members
ErrorCode
  • Required: Yes
  • Type: string

The code of the error made during the BatchImportFindings operation.

ErrorMessage
  • Required: Yes
  • Type: string

The message of the error made during the BatchImportFindings operation.

Id
  • Required: Yes
  • Type: string

The ID of the error made during the BatchImportFindings operation.

Insight

Description

Contains information about a Security Hub insight.

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

GroupByAttribute
  • Required: Yes
  • Type: string

The attribute that the insight's findings are grouped by. This attribute is used as a findings aggregator for the purposes of viewing and managing multiple related findings under a single operand.

InsightArn
  • Required: Yes
  • Type: string

The ARN of a Security Hub insight.

Name
  • Required: Yes
  • Type: string

The name of a Security Hub insight.

InsightResultValue

Description

The insight result values returned by the GetInsightResults operation.

Members
Count
  • Required: Yes
  • Type: int

The number of findings returned for each GroupByAttributeValue.

GroupByAttributeValue
  • Required: Yes
  • Type: string

The value of the attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.

InsightResults

Description

The insight results returned by the GetInsightResults operation.

Members
GroupByAttribute
  • Required: Yes
  • Type: string

The attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.

InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight whose results are returned by the GetInsightResults operation.

ResultValues
  • Required: Yes
  • Type: Array of InsightResultValue structures

The list of insight result values returned by the GetInsightResults operation.

InternalException

Description

Internal server error.

Members
Code
  • Type: string
Message
  • Type: string

InvalidAccessException

Description

AWS Security Hub isn't enabled for the account used to make this request.

Members
Code
  • Type: string
Message
  • Type: string

InvalidInputException

Description

The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

Members
Code
  • Type: string
Message
  • Type: string

Invitation

Description

The details of an invitation that the Security Hub master account sent to an AWS account.

Members
AccountId
  • Type: string

The account ID of the Security Hub master account that sent the invitation.

InvitationId
  • Type: string

The ID of the invitation that the Security Hub master account sent.

InvitedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp of when the invitation was sent.

MemberStatus
  • Type: string

The current relationship status between the inviter and invitee accounts.

IpFilter

Description

The IP filter for querying findings.>

Members
Cidr
  • Type: string

A finding's CIDR value.

KeywordFilter

Description

A keyword filter for querying findings.

Members
Value
  • Type: string

A value for the keyword.

LimitExceededException

Description

The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

Members
Code
  • Type: string
Message
  • Type: string

Malware

Description

A list of malware related to a finding.

Members
Name
  • Required: Yes
  • Type: string

The name of the malware that was observed.

Path
  • Type: string

The file system path of the malware that was observed.

State
  • Type: string

The state of the malware that was observed.

Type
  • Type: string

The type of the malware that was observed.

MapFilter

Description

The map filter for querying findings.

Members
Comparison
  • Type: string

The condition to be applied to a key value when querying for findings with a map filter.

Key
  • Type: string

The key of the map filter.

Value
  • Type: string

The value for the key in the map filter.

Member

Description

The details for a Security Hub member account.

Members
AccountId
  • Type: string

The AWS account ID of a Security Hub member account.

Email
  • Type: string

The email of a Security Hub member account.

InvitedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp of when the member account was invited to Security Hub.

MasterId
  • Type: string

The AWS account ID of the Security Hub master account to this member account.

MemberStatus
  • Type: string

The status of the relationship between the member account and its master account.

UpdatedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp of when this member account was updated.

Network

Description

The details of network-related information about a finding.

Members
DestinationDomain
  • Type: string

The destination domain of network-related information about a finding.

DestinationIpV4
  • Type: string

The destination IPv4 address of network-related information about a finding.

DestinationIpV6
  • Type: string

The destination IPv6 address of network-related information about a finding.

DestinationPort
  • Type: int

The destination port of network-related information about a finding.

Direction
  • Type: string

The direction of network traffic associated with a finding.

Protocol
  • Type: string

The protocol of network-related information about a finding.

SourceDomain
  • Type: string

The source domain of network-related information about a finding.

SourceIpV4
  • Type: string

The source IPv4 address of network-related information about a finding.

SourceIpV6
  • Type: string

The source IPv6 address of network-related information about a finding.

SourceMac
  • Type: string

The source media access control (MAC) address of network-related information about a finding.

SourcePort
  • Type: int

The source port of network-related information about a finding.

Note

Description

A user-defined note added to a finding.

Members
Text
  • Required: Yes
  • Type: string

The text of a note.

UpdatedAt
  • Required: Yes
  • Type: string

The timestamp of when the note was updated.

UpdatedBy
  • Required: Yes
  • Type: string

The principal that created a note.

NoteUpdate

Description

The updated note.

Members
Text
  • Required: Yes
  • Type: string

The updated note text.

UpdatedBy
  • Required: Yes
  • Type: string

The principal that updated the note.

NumberFilter

Description

A number filter for querying findings.

Members
Eq
  • Type: double

The equal-to condition to be applied to a single field when querying for findings.

Gte
  • Type: double

The greater-than-equal condition to be applied to a single field when querying for findings.

Lte
  • Type: double

The less-than-equal condition to be applied to a single field when querying for findings.

ProcessDetails

Description

The details of process-related information about a finding.

Members
LaunchedAt
  • Type: string

The date/time that the process was launched.

Name
  • Type: string

The name of the process.

ParentPid
  • Type: int

The parent process ID.

Path
  • Type: string

The path to the process executable.

Pid
  • Type: int

The process ID.

TerminatedAt
  • Type: string

The date/time that the process was terminated.

Product

Description

Contains details about a product.

Members
ActivationUrl
  • Type: string

The URL used to activate the product.

Categories
  • Type: Array of strings

The categories assigned to the product.

CompanyName
  • Type: string

The name of the company that provides the product.

Description
  • Type: string

A description of the product.

MarketplaceUrl
  • Type: string

The URL for the page that contains more information about the product.

ProductArn
  • Required: Yes
  • Type: string

The ARN assigned to the product.

ProductName
  • Type: string

The name of the product.

ProductSubscriptionResourcePolicy
  • Type: string

The resource policy asasociated with the product.

Recommendation

Description

A recommendation on how to remediate the issue identified in a finding.

Members
Text
  • Type: string

The recommendation of what to do about the issue described in a finding.

Url
  • Type: string

A URL to link to general remediation information for the finding type of a finding.

RelatedFinding

Description

A related finding's details.

Members
Id
  • Required: Yes
  • Type: string

The solution-generated identifier for a related finding.

ProductArn
  • Required: Yes
  • Type: string

The ARN of the solution that generated a related finding.

Remediation

Description

The remediation options for a finding.

Members
Recommendation
  • Type: Recommendation structure

A recommendation on how to remediate the issue identified within a finding.

Resource

Description

A resource data type that describes a resource that the finding refers to.

Members
Details
  • Type: ResourceDetails structure

Additional details about the resource.

Id
  • Required: Yes
  • Type: string

The canonical identifier for the given resource type.

Partition
  • Type: string

The canonical AWS partition name that the Region is assigned to.

Region
  • Type: string

The canonical AWS external Region name where this resource is located.

Tags
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A list of AWS tags associated with a resource at the time the finding was processed.

Type
  • Required: Yes
  • Type: string

The type of the resource that details are provided for.

ResourceConflictException

Description

The resource specified in the request conflicts with an existing resource.

Members
Code
  • Type: string
Message
  • Type: string

ResourceDetails

Description

Additional details about the resource.

Members
AwsEc2Instance
  • Type: AwsEc2InstanceDetails structure

The details of an Amazon EC2 instance.

AwsIamAccessKey
  • Type: AwsIamAccessKeyDetails structure

IAM access key details related to a finding.

AwsS3Bucket
  • Type: AwsS3BucketDetails structure

The details of an Amazon S3 Bucket.

Container
  • Type: ContainerDetails structure

Container details related to a finding.

Other
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

The details of a resource that doesn't have a specific subfield for the resource type defined.

ResourceNotFoundException

Description

The request was rejected because we can't find the specified resource.

Members
Code
  • Type: string
Message
  • Type: string

Result

Description

The account details that couldn't be processed.

Members
AccountId
  • Type: string

An ID of the AWS account that couldn't be processed.

ProcessingResult
  • Type: string

The reason for why an account couldn't be processed.

Severity

Description

A finding's severity.

Members
Normalized
  • Required: Yes
  • Type: int

The normalized severity of a finding.

Product
  • Type: double

The native severity as defined by the security-findings provider's solution that generated the finding.

SortCriterion

Description

A collection of attributes used for sorting findings.

Members
Field
  • Type: string

The finding attribute used for sorting findings.

SortOrder
  • Type: string

The order used for sorting findings.

StandardsSubscription

Description

A resource that represents your subscription to a supported standard.

Members
StandardsArn
  • Required: Yes
  • Type: string

The ARN of a standard.

In this release, Security Hub supports only the CIS AWS Foundations standard.

Its ARN is arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

StandardsInput
  • Required: Yes
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

StandardsStatus
  • Required: Yes
  • Type: string

The standard's status.

StandardsSubscriptionArn
  • Required: Yes
  • Type: string

The ARN of a resource that represents your subscription to a supported standard.

StandardsSubscriptionRequest

Description

The standard that you want to enable.

Members
StandardsArn
  • Required: Yes
  • Type: string

The ARN of the standard that you want to enable.

In this release, Security Hub only supports the CIS AWS Foundations standard.

Its ARN is arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

StandardsInput
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

StringFilter

Description

A string filter for querying findings.

Members
Comparison
  • Type: string

The condition to be applied to a string value when querying for findings.

Value
  • Type: string

The string filter value.

ThreatIntelIndicator

Description

Threat intel details related to a finding.

Members
Category
  • Type: string

The category of a threat intel indicator.

LastObservedAt
  • Type: string

The date/time of the last observation of a threat intel indicator.

Source
  • Type: string

The source of the threat intel.

SourceUrl
  • Type: string

The URL for more details from the source of the threat intel.

Type
  • Type: string

The type of a threat intel indicator.

Value
  • Type: string

The value of a threat intel indicator.

AWS SDK for PHP 3.x API documentation generated by ApiGen