AWS SDK for PHP 3.x
  • Namespace
  • Class
Did this page help you? SUBMIT FEEDBACK!

Namespaces

  • Aws
    • Acm
      • Exception
    • ACMPCA
      • Exception
    • AlexaForBusiness
      • Exception
    • Amplify
      • Exception
    • Api
      • ErrorParser
      • Parser
        • Exception
      • Serializer
    • ApiGateway
      • Exception
    • ApiGatewayManagementApi
      • Exception
    • ApiGatewayV2
      • Exception
    • ApplicationAutoScaling
      • Exception
    • ApplicationDiscoveryService
      • Exception
    • ApplicationInsights
      • Exception
    • AppMesh
      • Exception
    • Appstream
      • Exception
    • AppSync
      • Exception
    • Athena
      • Exception
    • AutoScaling
      • Exception
    • AutoScalingPlans
      • Exception
    • Backup
      • Exception
    • Batch
      • Exception
    • Budgets
      • Exception
    • Chime
      • Exception
    • ClientSideMonitoring
      • Exception
    • Cloud9
      • Exception
    • CloudDirectory
      • Exception
    • CloudFormation
      • Exception
    • CloudFront
      • Exception
    • CloudHsm
      • Exception
    • CloudHSMV2
      • Exception
    • CloudSearch
      • Exception
    • CloudSearchDomain
      • Exception
    • CloudTrail
      • Exception
    • CloudWatch
      • Exception
    • CloudWatchEvents
      • Exception
    • CloudWatchLogs
      • Exception
    • CodeBuild
      • Exception
    • CodeCommit
      • Exception
    • CodeDeploy
      • Exception
    • CodePipeline
      • Exception
    • CodeStar
      • Exception
    • CognitoIdentity
      • Exception
    • CognitoIdentityProvider
      • Exception
    • CognitoSync
      • Exception
    • Comprehend
      • Exception
    • ComprehendMedical
      • Exception
    • ConfigService
      • Exception
    • Connect
      • Exception
    • CostandUsageReportService
      • Exception
    • CostExplorer
      • Exception
    • Credentials
    • Crypto
      • Cipher
    • DatabaseMigrationService
      • Exception
    • DataPipeline
      • Exception
    • DataSync
      • Exception
    • DAX
      • Exception
    • DeviceFarm
      • Exception
    • DirectConnect
      • Exception
    • DirectoryService
      • Exception
    • DLM
      • Exception
    • DocDB
      • Exception
    • DynamoDb
      • Exception
    • DynamoDbStreams
      • Exception
    • Ec2
      • Exception
    • EC2InstanceConnect
      • Exception
    • Ecr
      • Exception
    • Ecs
      • Exception
    • Efs
      • Exception
    • EKS
      • Exception
    • ElastiCache
      • Exception
    • ElasticBeanstalk
      • Exception
    • ElasticLoadBalancing
      • Exception
    • ElasticLoadBalancingV2
      • Exception
    • ElasticsearchService
      • Exception
    • ElasticTranscoder
      • Exception
    • Emr
      • Exception
    • Endpoint
    • EndpointDiscovery
      • Exception
    • EventBridge
      • Exception
    • Exception
    • Firehose
      • Exception
    • FMS
      • Exception
    • ForecastQueryService
      • Exception
    • ForecastService
      • Exception
    • FSx
      • Exception
    • GameLift
      • Exception
    • Glacier
      • Exception
    • GlobalAccelerator
      • Exception
    • Glue
      • Exception
    • Greengrass
      • Exception
    • GroundStation
      • Exception
    • GuardDuty
      • Exception
    • Handler
      • GuzzleV5
      • GuzzleV6
    • Health
      • Exception
    • Iam
      • Exception
    • ImportExport
      • Exception
    • Inspector
      • Exception
    • Iot
      • Exception
    • IoT1ClickDevicesService
      • Exception
    • IoT1ClickProjects
      • Exception
    • IoTAnalytics
      • Exception
    • IotDataPlane
      • Exception
    • IoTEvents
      • Exception
    • IoTEventsData
      • Exception
    • IoTJobsDataPlane
      • Exception
    • IoTThingsGraph
      • Exception
    • Kafka
      • Exception
    • Kinesis
      • Exception
    • KinesisAnalytics
      • Exception
    • KinesisAnalyticsV2
      • Exception
    • KinesisVideo
      • Exception
    • KinesisVideoArchivedMedia
      • Exception
    • KinesisVideoMedia
      • Exception
    • Kms
      • Exception
    • LakeFormation
      • Exception
    • Lambda
      • Exception
    • LexModelBuildingService
      • Exception
    • LexRuntimeService
      • Exception
    • LicenseManager
      • Exception
    • Lightsail
      • Exception
    • MachineLearning
      • Exception
    • Macie
      • Exception
    • ManagedBlockchain
      • Exception
    • MarketplaceCommerceAnalytics
      • Exception
    • MarketplaceEntitlementService
      • Exception
    • MarketplaceMetering
      • Exception
    • MediaConnect
      • Exception
    • MediaConvert
      • Exception
    • MediaLive
      • Exception
    • MediaPackage
      • Exception
    • MediaPackageVod
      • Exception
    • MediaStore
      • Exception
    • MediaStoreData
      • Exception
    • MediaTailor
      • Exception
    • MigrationHub
      • Exception
    • Mobile
      • Exception
    • MQ
      • Exception
    • MTurk
      • Exception
    • Multipart
    • Neptune
      • Exception
    • OpsWorks
      • Exception
    • OpsWorksCM
      • Exception
    • Organizations
      • Exception
    • Personalize
      • Exception
    • PersonalizeEvents
      • Exception
    • PersonalizeRuntime
      • Exception
    • PI
      • Exception
    • Pinpoint
      • Exception
    • PinpointEmail
      • Exception
    • PinpointSMSVoice
      • Exception
    • Polly
      • Exception
    • Pricing
      • Exception
    • QuickSight
      • Exception
    • RAM
      • Exception
    • Rds
      • Exception
    • RDSDataService
      • Exception
    • Redshift
      • Exception
    • Rekognition
      • Exception
    • ResourceGroups
      • Exception
    • ResourceGroupsTaggingAPI
      • Exception
    • RoboMaker
      • Exception
    • Route53
      • Exception
    • Route53Domains
      • Exception
    • Route53Resolver
      • Exception
    • S3
      • Crypto
      • Exception
    • S3Control
      • Exception
    • SageMaker
      • Exception
    • SageMakerRuntime
      • Exception
    • SecretsManager
      • Exception
    • SecurityHub
      • Exception
    • ServerlessApplicationRepository
      • Exception
    • ServiceCatalog
      • Exception
    • ServiceDiscovery
      • Exception
    • ServiceQuotas
      • Exception
    • Ses
      • Exception
    • Sfn
      • Exception
    • Shield
      • Exception
    • Signature
    • signer
      • Exception
    • Sms
      • Exception
    • SnowBall
      • Exception
    • Sns
      • Exception
    • Sqs
      • Exception
    • Ssm
      • Exception
    • StorageGateway
      • Exception
    • Sts
      • Exception
      • RegionalEndpoints
        • Exception
    • Support
      • Exception
    • Swf
      • Exception
    • Textract
      • Exception
    • TranscribeService
      • Exception
    • Transfer
      • Exception
    • Translate
      • Exception
    • Waf
      • Exception
    • WafRegional
      • Exception
    • WorkDocs
      • Exception
    • WorkLink
      • Exception
    • WorkMail
      • Exception
    • WorkSpaces
      • Exception
    • XRay
      • Exception
  • GuzzleHttp
    • Promise
    • Psr7
  • Psr
    • Http
      • Message

Classes

  • Aws\Acm\AcmClient
  • Aws\ACMPCA\ACMPCAClient
  • Aws\AlexaForBusiness\AlexaForBusinessClient
  • Aws\Amplify\AmplifyClient
  • Aws\Api\AbstractModel
  • Aws\Api\ApiProvider
  • Aws\Api\DateTimeResult
  • Aws\Api\DocModel
  • Aws\Api\ErrorParser\AbstractErrorParser
  • Aws\Api\ErrorParser\JsonRpcErrorParser
  • Aws\Api\ErrorParser\RestJsonErrorParser
  • Aws\Api\ErrorParser\XmlErrorParser
  • Aws\Api\ListShape
  • Aws\Api\MapShape
  • Aws\Api\Operation
  • Aws\Api\Parser\Crc32ValidatingParser
  • Aws\Api\Parser\DecodingEventStreamIterator
  • Aws\Api\Parser\EventParsingIterator
  • Aws\Api\Parser\JsonParser
  • Aws\Api\Parser\JsonRpcParser
  • Aws\Api\Parser\QueryParser
  • Aws\Api\Parser\RestJsonParser
  • Aws\Api\Parser\RestXmlParser
  • Aws\Api\Parser\XmlParser
  • Aws\Api\Serializer\XmlBody
  • Aws\Api\Service
  • Aws\Api\Shape
  • Aws\Api\ShapeMap
  • Aws\Api\StructureShape
  • Aws\Api\TimestampShape
  • Aws\Api\Validator
  • Aws\ApiGateway\ApiGatewayClient
  • Aws\ApiGatewayManagementApi\ApiGatewayManagementApiClient
  • Aws\ApiGatewayV2\ApiGatewayV2Client
  • Aws\ApplicationAutoScaling\ApplicationAutoScalingClient
  • Aws\ApplicationDiscoveryService\ApplicationDiscoveryServiceClient
  • Aws\ApplicationInsights\ApplicationInsightsClient
  • Aws\AppMesh\AppMeshClient
  • Aws\Appstream\AppstreamClient
  • Aws\AppSync\AppSyncClient
  • Aws\Athena\AthenaClient
  • Aws\AutoScaling\AutoScalingClient
  • Aws\AutoScalingPlans\AutoScalingPlansClient
  • Aws\AwsClient
  • Aws\Backup\BackupClient
  • Aws\Batch\BatchClient
  • Aws\Budgets\BudgetsClient
  • Aws\Chime\ChimeClient
  • Aws\ClientResolver
  • Aws\ClientSideMonitoring\Configuration
  • Aws\ClientSideMonitoring\ConfigurationProvider
  • Aws\Cloud9\Cloud9Client
  • Aws\CloudDirectory\CloudDirectoryClient
  • Aws\CloudFormation\CloudFormationClient
  • Aws\CloudFront\CloudFrontClient
  • Aws\CloudFront\CookieSigner
  • Aws\CloudFront\UrlSigner
  • Aws\CloudHsm\CloudHsmClient
  • Aws\CloudHSMV2\CloudHSMV2Client
  • Aws\CloudSearch\CloudSearchClient
  • Aws\CloudSearchDomain\CloudSearchDomainClient
  • Aws\CloudTrail\CloudTrailClient
  • Aws\CloudTrail\LogFileIterator
  • Aws\CloudTrail\LogFileReader
  • Aws\CloudTrail\LogRecordIterator
  • Aws\CloudWatch\CloudWatchClient
  • Aws\CloudWatchEvents\CloudWatchEventsClient
  • Aws\CloudWatchLogs\CloudWatchLogsClient
  • Aws\CodeBuild\CodeBuildClient
  • Aws\CodeCommit\CodeCommitClient
  • Aws\CodeDeploy\CodeDeployClient
  • Aws\CodePipeline\CodePipelineClient
  • Aws\CodeStar\CodeStarClient
  • Aws\CognitoIdentity\CognitoIdentityClient
  • Aws\CognitoIdentity\CognitoIdentityProvider
  • Aws\CognitoIdentityProvider\CognitoIdentityProviderClient
  • Aws\CognitoSync\CognitoSyncClient
  • Aws\Command
  • Aws\CommandPool
  • Aws\Comprehend\ComprehendClient
  • Aws\ComprehendMedical\ComprehendMedicalClient
  • Aws\ConfigService\ConfigServiceClient
  • Aws\Connect\ConnectClient
  • Aws\CostandUsageReportService\CostandUsageReportServiceClient
  • Aws\CostExplorer\CostExplorerClient
  • Aws\Credentials\AssumeRoleCredentialProvider
  • Aws\Credentials\AssumeRoleWithWebIdentityCredentialProvider
  • Aws\Credentials\CredentialProvider
  • Aws\Credentials\Credentials
  • Aws\Credentials\EcsCredentialProvider
  • Aws\Credentials\InstanceProfileProvider
  • Aws\Crypto\AesDecryptingStream
  • Aws\Crypto\AesEncryptingStream
  • Aws\Crypto\AesGcmDecryptingStream
  • Aws\Crypto\AesGcmEncryptingStream
  • Aws\Crypto\Cipher\Cbc
  • Aws\Crypto\KmsMaterialsProvider
  • Aws\Crypto\MaterialsProvider
  • Aws\DatabaseMigrationService\DatabaseMigrationServiceClient
  • Aws\DataPipeline\DataPipelineClient
  • Aws\DataSync\DataSyncClient
  • Aws\DAX\DAXClient
  • Aws\DeviceFarm\DeviceFarmClient
  • Aws\DirectConnect\DirectConnectClient
  • Aws\DirectoryService\DirectoryServiceClient
  • Aws\DLM\DLMClient
  • Aws\DocDB\DocDBClient
  • Aws\DoctrineCacheAdapter
  • Aws\DynamoDb\BinaryValue
  • Aws\DynamoDb\DynamoDbClient
  • Aws\DynamoDb\LockingSessionConnection
  • Aws\DynamoDb\Marshaler
  • Aws\DynamoDb\NumberValue
  • Aws\DynamoDb\SessionHandler
  • Aws\DynamoDb\SetValue
  • Aws\DynamoDb\StandardSessionConnection
  • Aws\DynamoDb\WriteRequestBatch
  • Aws\DynamoDbStreams\DynamoDbStreamsClient
  • Aws\Ec2\Ec2Client
  • Aws\EC2InstanceConnect\EC2InstanceConnectClient
  • Aws\Ecr\EcrClient
  • Aws\Ecs\EcsClient
  • Aws\Efs\EfsClient
  • Aws\EKS\EKSClient
  • Aws\ElastiCache\ElastiCacheClient
  • Aws\ElasticBeanstalk\ElasticBeanstalkClient
  • Aws\ElasticLoadBalancing\ElasticLoadBalancingClient
  • Aws\ElasticLoadBalancingV2\ElasticLoadBalancingV2Client
  • Aws\ElasticsearchService\ElasticsearchServiceClient
  • Aws\ElasticTranscoder\ElasticTranscoderClient
  • Aws\Emr\EmrClient
  • Aws\Endpoint\EndpointProvider
  • Aws\Endpoint\Partition
  • Aws\Endpoint\PartitionEndpointProvider
  • Aws\Endpoint\PatternEndpointProvider
  • Aws\EndpointDiscovery\Configuration
  • Aws\EndpointDiscovery\ConfigurationProvider
  • Aws\EndpointDiscovery\EndpointDiscoveryMiddleware
  • Aws\EndpointDiscovery\EndpointList
  • Aws\EventBridge\EventBridgeClient
  • Aws\Firehose\FirehoseClient
  • Aws\FMS\FMSClient
  • Aws\ForecastQueryService\ForecastQueryServiceClient
  • Aws\ForecastService\ForecastServiceClient
  • Aws\FSx\FSxClient
  • Aws\GameLift\GameLiftClient
  • Aws\Glacier\GlacierClient
  • Aws\Glacier\MultipartUploader
  • Aws\Glacier\TreeHash
  • Aws\GlobalAccelerator\GlobalAcceleratorClient
  • Aws\Glue\GlueClient
  • Aws\Greengrass\GreengrassClient
  • Aws\GroundStation\GroundStationClient
  • Aws\GuardDuty\GuardDutyClient
  • Aws\Handler\GuzzleV5\GuzzleHandler
  • Aws\Handler\GuzzleV5\GuzzleStream
  • Aws\Handler\GuzzleV5\PsrStream
  • Aws\Handler\GuzzleV6\GuzzleHandler
  • Aws\HandlerList
  • Aws\HashingStream
  • Aws\Health\HealthClient
  • Aws\History
  • Aws\Iam\IamClient
  • Aws\IdempotencyTokenMiddleware
  • Aws\ImportExport\ImportExportClient
  • Aws\Inspector\InspectorClient
  • Aws\IoT1ClickDevicesService\IoT1ClickDevicesServiceClient
  • Aws\IoT1ClickProjects\IoT1ClickProjectsClient
  • Aws\Iot\IotClient
  • Aws\IoTAnalytics\IoTAnalyticsClient
  • Aws\IotDataPlane\IotDataPlaneClient
  • Aws\IoTEvents\IoTEventsClient
  • Aws\IoTEventsData\IoTEventsDataClient
  • Aws\IoTJobsDataPlane\IoTJobsDataPlaneClient
  • Aws\IoTThingsGraph\IoTThingsGraphClient
  • Aws\JsonCompiler
  • Aws\Kafka\KafkaClient
  • Aws\Kinesis\KinesisClient
  • Aws\KinesisAnalytics\KinesisAnalyticsClient
  • Aws\KinesisAnalyticsV2\KinesisAnalyticsV2Client
  • Aws\KinesisVideo\KinesisVideoClient
  • Aws\KinesisVideoArchivedMedia\KinesisVideoArchivedMediaClient
  • Aws\KinesisVideoMedia\KinesisVideoMediaClient
  • Aws\Kms\KmsClient
  • Aws\LakeFormation\LakeFormationClient
  • Aws\Lambda\LambdaClient
  • Aws\LexModelBuildingService\LexModelBuildingServiceClient
  • Aws\LexRuntimeService\LexRuntimeServiceClient
  • Aws\LicenseManager\LicenseManagerClient
  • Aws\Lightsail\LightsailClient
  • Aws\LruArrayCache
  • Aws\MachineLearning\MachineLearningClient
  • Aws\Macie\MacieClient
  • Aws\ManagedBlockchain\ManagedBlockchainClient
  • Aws\MarketplaceCommerceAnalytics\MarketplaceCommerceAnalyticsClient
  • Aws\MarketplaceEntitlementService\MarketplaceEntitlementServiceClient
  • Aws\MarketplaceMetering\MarketplaceMeteringClient
  • Aws\MediaConnect\MediaConnectClient
  • Aws\MediaConvert\MediaConvertClient
  • Aws\MediaLive\MediaLiveClient
  • Aws\MediaPackage\MediaPackageClient
  • Aws\MediaPackageVod\MediaPackageVodClient
  • Aws\MediaStore\MediaStoreClient
  • Aws\MediaStoreData\MediaStoreDataClient
  • Aws\MediaTailor\MediaTailorClient
  • Aws\Middleware
  • Aws\MigrationHub\MigrationHubClient
  • Aws\Mobile\MobileClient
  • Aws\MockHandler
  • Aws\MQ\MQClient
  • Aws\MTurk\MTurkClient
  • Aws\Multipart\UploadState
  • Aws\MultiRegionClient
  • Aws\Neptune\NeptuneClient
  • Aws\OpsWorks\OpsWorksClient
  • Aws\OpsWorksCM\OpsWorksCMClient
  • Aws\Organizations\OrganizationsClient
  • Aws\Personalize\PersonalizeClient
  • Aws\PersonalizeEvents\PersonalizeEventsClient
  • Aws\PersonalizeRuntime\PersonalizeRuntimeClient
  • Aws\PhpHash
  • Aws\PI\PIClient
  • Aws\Pinpoint\PinpointClient
  • Aws\PinpointEmail\PinpointEmailClient
  • Aws\PinpointSMSVoice\PinpointSMSVoiceClient
  • Aws\Polly\PollyClient
  • Aws\PresignUrlMiddleware
  • Aws\Pricing\PricingClient
  • Aws\Psr16CacheAdapter
  • Aws\PsrCacheAdapter
  • Aws\QuickSight\QuickSightClient
  • Aws\RAM\RAMClient
  • Aws\Rds\AuthTokenGenerator
  • Aws\Rds\RdsClient
  • Aws\RDSDataService\RDSDataServiceClient
  • Aws\Redshift\RedshiftClient
  • Aws\Rekognition\RekognitionClient
  • Aws\ResourceGroups\ResourceGroupsClient
  • Aws\ResourceGroupsTaggingAPI\ResourceGroupsTaggingAPIClient
  • Aws\Result
  • Aws\ResultPaginator
  • Aws\RetryMiddleware
  • Aws\RoboMaker\RoboMakerClient
  • Aws\Route53\Route53Client
  • Aws\Route53Domains\Route53DomainsClient
  • Aws\Route53Resolver\Route53ResolverClient
  • Aws\S3\BatchDelete
  • Aws\S3\Crypto\HeadersMetadataStrategy
  • Aws\S3\Crypto\InstructionFileMetadataStrategy
  • Aws\S3\Crypto\S3EncryptionClient
  • Aws\S3\Crypto\S3EncryptionMultipartUploader
  • Aws\S3\GetBucketLocationParser
  • Aws\S3\MultipartUploader
  • Aws\S3\ObjectCopier
  • Aws\S3\ObjectUploader
  • Aws\S3\PostObject
  • Aws\S3\PostObjectV4
  • Aws\S3\S3Client
  • Aws\S3\S3MultiRegionClient
  • Aws\S3\S3UriParser
  • Aws\S3\StreamWrapper
  • Aws\S3\Transfer
  • Aws\S3Control\S3ControlClient
  • Aws\SageMaker\SageMakerClient
  • Aws\SageMakerRuntime\SageMakerRuntimeClient
  • Aws\Sdk
  • Aws\SecretsManager\SecretsManagerClient
  • Aws\SecurityHub\SecurityHubClient
  • Aws\ServerlessApplicationRepository\ServerlessApplicationRepositoryClient
  • Aws\ServiceCatalog\ServiceCatalogClient
  • Aws\ServiceDiscovery\ServiceDiscoveryClient
  • Aws\ServiceQuotas\ServiceQuotasClient
  • Aws\Ses\SesClient
  • Aws\Sfn\SfnClient
  • Aws\Shield\ShieldClient
  • Aws\Signature\AnonymousSignature
  • Aws\Signature\S3SignatureV4
  • Aws\Signature\SignatureProvider
  • Aws\Signature\SignatureV4
  • Aws\signer\signerClient
  • Aws\Sms\SmsClient
  • Aws\SnowBall\SnowBallClient
  • Aws\Sns\Message
  • Aws\Sns\MessageValidator
  • Aws\Sns\SnsClient
  • Aws\Sqs\SqsClient
  • Aws\Ssm\SsmClient
  • Aws\StorageGateway\StorageGatewayClient
  • Aws\Sts\RegionalEndpoints\Configuration
  • Aws\Sts\RegionalEndpoints\ConfigurationProvider
  • Aws\Sts\StsClient
  • Aws\Support\SupportClient
  • Aws\Swf\SwfClient
  • Aws\Textract\TextractClient
  • Aws\TraceMiddleware
  • Aws\TranscribeService\TranscribeServiceClient
  • Aws\Transfer\TransferClient
  • Aws\Translate\TranslateClient
  • Aws\Waf\WafClient
  • Aws\WafRegional\WafRegionalClient
  • Aws\Waiter
  • Aws\WorkDocs\WorkDocsClient
  • Aws\WorkLink\WorkLinkClient
  • Aws\WorkMail\WorkMailClient
  • Aws\WorkSpaces\WorkSpacesClient
  • Aws\WrappedHttpHandler
  • Aws\XRay\XRayClient

Interfaces

  • Aws\AwsClientInterface
  • Aws\CacheInterface
  • Aws\ClientSideMonitoring\ConfigurationInterface
  • Aws\CommandInterface
  • Aws\Credentials\CredentialsInterface
  • Aws\Crypto\AesStreamInterface
  • Aws\Crypto\Cipher\CipherMethod
  • Aws\Crypto\MetadataStrategyInterface
  • Aws\DynamoDb\SessionConnectionInterface
  • Aws\Endpoint\PartitionInterface
  • Aws\EndpointDiscovery\ConfigurationInterface
  • Aws\HashInterface
  • Aws\MonitoringEventsInterface
  • Aws\ResponseContainerInterface
  • Aws\ResultInterface
  • Aws\S3\S3ClientInterface
  • Aws\Signature\SignatureInterface
  • Aws\Sts\RegionalEndpoints\ConfigurationInterface

Traits

  • Aws\Api\ErrorParser\JsonParserTrait
  • Aws\Api\Parser\MetadataParserTrait
  • Aws\Api\Parser\PayloadParserTrait
  • Aws\AwsClientTrait
  • Aws\Crypto\Cipher\CipherBuilderTrait
  • Aws\Crypto\DecryptionTrait
  • Aws\Crypto\EncryptionTrait
  • Aws\DynamoDb\SessionConnectionConfigTrait
  • Aws\HasDataTrait
  • Aws\HasMonitoringEventsTrait
  • Aws\S3\Crypto\CryptoParamsTrait
  • Aws\S3\MultipartUploadingTrait
  • Aws\S3\S3ClientTrait
  • Aws\Signature\SignatureTrait

Exceptions

  • Aws\Acm\Exception\AcmException
  • Aws\ACMPCA\Exception\ACMPCAException
  • Aws\AlexaForBusiness\Exception\AlexaForBusinessException
  • Aws\Amplify\Exception\AmplifyException
  • Aws\Api\Parser\Exception\ParserException
  • Aws\ApiGateway\Exception\ApiGatewayException
  • Aws\ApiGatewayManagementApi\Exception\ApiGatewayManagementApiException
  • Aws\ApiGatewayV2\Exception\ApiGatewayV2Exception
  • Aws\ApplicationAutoScaling\Exception\ApplicationAutoScalingException
  • Aws\ApplicationDiscoveryService\Exception\ApplicationDiscoveryServiceException
  • Aws\ApplicationInsights\Exception\ApplicationInsightsException
  • Aws\AppMesh\Exception\AppMeshException
  • Aws\Appstream\Exception\AppstreamException
  • Aws\AppSync\Exception\AppSyncException
  • Aws\Athena\Exception\AthenaException
  • Aws\AutoScaling\Exception\AutoScalingException
  • Aws\AutoScalingPlans\Exception\AutoScalingPlansException
  • Aws\Backup\Exception\BackupException
  • Aws\Batch\Exception\BatchException
  • Aws\Budgets\Exception\BudgetsException
  • Aws\Chime\Exception\ChimeException
  • Aws\ClientSideMonitoring\Exception\ConfigurationException
  • Aws\Cloud9\Exception\Cloud9Exception
  • Aws\CloudDirectory\Exception\CloudDirectoryException
  • Aws\CloudFormation\Exception\CloudFormationException
  • Aws\CloudFront\Exception\CloudFrontException
  • Aws\CloudHsm\Exception\CloudHsmException
  • Aws\CloudHSMV2\Exception\CloudHSMV2Exception
  • Aws\CloudSearch\Exception\CloudSearchException
  • Aws\CloudSearchDomain\Exception\CloudSearchDomainException
  • Aws\CloudTrail\Exception\CloudTrailException
  • Aws\CloudWatch\Exception\CloudWatchException
  • Aws\CloudWatchEvents\Exception\CloudWatchEventsException
  • Aws\CloudWatchLogs\Exception\CloudWatchLogsException
  • Aws\CodeBuild\Exception\CodeBuildException
  • Aws\CodeCommit\Exception\CodeCommitException
  • Aws\CodeDeploy\Exception\CodeDeployException
  • Aws\CodePipeline\Exception\CodePipelineException
  • Aws\CodeStar\Exception\CodeStarException
  • Aws\CognitoIdentity\Exception\CognitoIdentityException
  • Aws\CognitoIdentityProvider\Exception\CognitoIdentityProviderException
  • Aws\CognitoSync\Exception\CognitoSyncException
  • Aws\Comprehend\Exception\ComprehendException
  • Aws\ComprehendMedical\Exception\ComprehendMedicalException
  • Aws\ConfigService\Exception\ConfigServiceException
  • Aws\Connect\Exception\ConnectException
  • Aws\CostandUsageReportService\Exception\CostandUsageReportServiceException
  • Aws\CostExplorer\Exception\CostExplorerException
  • Aws\DatabaseMigrationService\Exception\DatabaseMigrationServiceException
  • Aws\DataPipeline\Exception\DataPipelineException
  • Aws\DataSync\Exception\DataSyncException
  • Aws\DAX\Exception\DAXException
  • Aws\DeviceFarm\Exception\DeviceFarmException
  • Aws\DirectConnect\Exception\DirectConnectException
  • Aws\DirectoryService\Exception\DirectoryServiceException
  • Aws\DLM\Exception\DLMException
  • Aws\DocDB\Exception\DocDBException
  • Aws\DynamoDb\Exception\DynamoDbException
  • Aws\DynamoDbStreams\Exception\DynamoDbStreamsException
  • Aws\Ec2\Exception\Ec2Exception
  • Aws\EC2InstanceConnect\Exception\EC2InstanceConnectException
  • Aws\Ecr\Exception\EcrException
  • Aws\Ecs\Exception\EcsException
  • Aws\Efs\Exception\EfsException
  • Aws\EKS\Exception\EKSException
  • Aws\ElastiCache\Exception\ElastiCacheException
  • Aws\ElasticBeanstalk\Exception\ElasticBeanstalkException
  • Aws\ElasticLoadBalancing\Exception\ElasticLoadBalancingException
  • Aws\ElasticLoadBalancingV2\Exception\ElasticLoadBalancingV2Exception
  • Aws\ElasticsearchService\Exception\ElasticsearchServiceException
  • Aws\ElasticTranscoder\Exception\ElasticTranscoderException
  • Aws\Emr\Exception\EmrException
  • Aws\EndpointDiscovery\Exception\ConfigurationException
  • Aws\EventBridge\Exception\EventBridgeException
  • Aws\Exception\AwsException
  • Aws\Exception\CouldNotCreateChecksumException
  • Aws\Exception\CredentialsException
  • Aws\Exception\EventStreamDataException
  • Aws\Exception\IncalculablePayloadException
  • Aws\Exception\InvalidJsonException
  • Aws\Exception\MultipartUploadException
  • Aws\Exception\UnresolvedApiException
  • Aws\Exception\UnresolvedEndpointException
  • Aws\Exception\UnresolvedSignatureException
  • Aws\Firehose\Exception\FirehoseException
  • Aws\FMS\Exception\FMSException
  • Aws\ForecastQueryService\Exception\ForecastQueryServiceException
  • Aws\ForecastService\Exception\ForecastServiceException
  • Aws\FSx\Exception\FSxException
  • Aws\GameLift\Exception\GameLiftException
  • Aws\Glacier\Exception\GlacierException
  • Aws\GlobalAccelerator\Exception\GlobalAcceleratorException
  • Aws\Glue\Exception\GlueException
  • Aws\Greengrass\Exception\GreengrassException
  • Aws\GroundStation\Exception\GroundStationException
  • Aws\GuardDuty\Exception\GuardDutyException
  • Aws\Health\Exception\HealthException
  • Aws\Iam\Exception\IamException
  • Aws\ImportExport\Exception\ImportExportException
  • Aws\Inspector\Exception\InspectorException
  • Aws\IoT1ClickDevicesService\Exception\IoT1ClickDevicesServiceException
  • Aws\IoT1ClickProjects\Exception\IoT1ClickProjectsException
  • Aws\Iot\Exception\IotException
  • Aws\IoTAnalytics\Exception\IoTAnalyticsException
  • Aws\IotDataPlane\Exception\IotDataPlaneException
  • Aws\IoTEvents\Exception\IoTEventsException
  • Aws\IoTEventsData\Exception\IoTEventsDataException
  • Aws\IoTJobsDataPlane\Exception\IoTJobsDataPlaneException
  • Aws\IoTThingsGraph\Exception\IoTThingsGraphException
  • Aws\Kafka\Exception\KafkaException
  • Aws\Kinesis\Exception\KinesisException
  • Aws\KinesisAnalytics\Exception\KinesisAnalyticsException
  • Aws\KinesisAnalyticsV2\Exception\KinesisAnalyticsV2Exception
  • Aws\KinesisVideo\Exception\KinesisVideoException
  • Aws\KinesisVideoArchivedMedia\Exception\KinesisVideoArchivedMediaException
  • Aws\KinesisVideoMedia\Exception\KinesisVideoMediaException
  • Aws\Kms\Exception\KmsException
  • Aws\LakeFormation\Exception\LakeFormationException
  • Aws\Lambda\Exception\LambdaException
  • Aws\LexModelBuildingService\Exception\LexModelBuildingServiceException
  • Aws\LexRuntimeService\Exception\LexRuntimeServiceException
  • Aws\LicenseManager\Exception\LicenseManagerException
  • Aws\Lightsail\Exception\LightsailException
  • Aws\MachineLearning\Exception\MachineLearningException
  • Aws\Macie\Exception\MacieException
  • Aws\ManagedBlockchain\Exception\ManagedBlockchainException
  • Aws\MarketplaceCommerceAnalytics\Exception\MarketplaceCommerceAnalyticsException
  • Aws\MarketplaceEntitlementService\Exception\MarketplaceEntitlementServiceException
  • Aws\MarketplaceMetering\Exception\MarketplaceMeteringException
  • Aws\MediaConnect\Exception\MediaConnectException
  • Aws\MediaConvert\Exception\MediaConvertException
  • Aws\MediaLive\Exception\MediaLiveException
  • Aws\MediaPackage\Exception\MediaPackageException
  • Aws\MediaPackageVod\Exception\MediaPackageVodException
  • Aws\MediaStore\Exception\MediaStoreException
  • Aws\MediaStoreData\Exception\MediaStoreDataException
  • Aws\MediaTailor\Exception\MediaTailorException
  • Aws\MigrationHub\Exception\MigrationHubException
  • Aws\Mobile\Exception\MobileException
  • Aws\MQ\Exception\MQException
  • Aws\MTurk\Exception\MTurkException
  • Aws\Neptune\Exception\NeptuneException
  • Aws\OpsWorks\Exception\OpsWorksException
  • Aws\OpsWorksCM\Exception\OpsWorksCMException
  • Aws\Organizations\Exception\OrganizationsException
  • Aws\Personalize\Exception\PersonalizeException
  • Aws\PersonalizeEvents\Exception\PersonalizeEventsException
  • Aws\PersonalizeRuntime\Exception\PersonalizeRuntimeException
  • Aws\PI\Exception\PIException
  • Aws\Pinpoint\Exception\PinpointException
  • Aws\PinpointEmail\Exception\PinpointEmailException
  • Aws\PinpointSMSVoice\Exception\PinpointSMSVoiceException
  • Aws\Polly\Exception\PollyException
  • Aws\Pricing\Exception\PricingException
  • Aws\QuickSight\Exception\QuickSightException
  • Aws\RAM\Exception\RAMException
  • Aws\Rds\Exception\RdsException
  • Aws\RDSDataService\Exception\RDSDataServiceException
  • Aws\Redshift\Exception\RedshiftException
  • Aws\Rekognition\Exception\RekognitionException
  • Aws\ResourceGroups\Exception\ResourceGroupsException
  • Aws\ResourceGroupsTaggingAPI\Exception\ResourceGroupsTaggingAPIException
  • Aws\RoboMaker\Exception\RoboMakerException
  • Aws\Route53\Exception\Route53Exception
  • Aws\Route53Domains\Exception\Route53DomainsException
  • Aws\Route53Resolver\Exception\Route53ResolverException
  • Aws\S3\Exception\DeleteMultipleObjectsException
  • Aws\S3\Exception\PermanentRedirectException
  • Aws\S3\Exception\S3Exception
  • Aws\S3\Exception\S3MultipartUploadException
  • Aws\S3Control\Exception\S3ControlException
  • Aws\SageMaker\Exception\SageMakerException
  • Aws\SageMakerRuntime\Exception\SageMakerRuntimeException
  • Aws\SecretsManager\Exception\SecretsManagerException
  • Aws\SecurityHub\Exception\SecurityHubException
  • Aws\ServerlessApplicationRepository\Exception\ServerlessApplicationRepositoryException
  • Aws\ServiceCatalog\Exception\ServiceCatalogException
  • Aws\ServiceDiscovery\Exception\ServiceDiscoveryException
  • Aws\ServiceQuotas\Exception\ServiceQuotasException
  • Aws\Ses\Exception\SesException
  • Aws\Sfn\Exception\SfnException
  • Aws\Shield\Exception\ShieldException
  • Aws\signer\Exception\signerException
  • Aws\Sms\Exception\SmsException
  • Aws\SnowBall\Exception\SnowBallException
  • Aws\Sns\Exception\InvalidSnsMessageException
  • Aws\Sns\Exception\SnsException
  • Aws\Sqs\Exception\SqsException
  • Aws\Ssm\Exception\SsmException
  • Aws\StorageGateway\Exception\StorageGatewayException
  • Aws\Sts\Exception\StsException
  • Aws\Sts\RegionalEndpoints\Exception\ConfigurationException
  • Aws\Support\Exception\SupportException
  • Aws\Swf\Exception\SwfException
  • Aws\Textract\Exception\TextractException
  • Aws\TranscribeService\Exception\TranscribeServiceException
  • Aws\Transfer\Exception\TransferException
  • Aws\Translate\Exception\TranslateException
  • Aws\Waf\Exception\WafException
  • Aws\WafRegional\Exception\WafRegionalException
  • Aws\WorkDocs\Exception\WorkDocsException
  • Aws\WorkLink\Exception\WorkLinkException
  • Aws\WorkMail\Exception\WorkMailException
  • Aws\WorkSpaces\Exception\WorkSpacesException
  • Aws\XRay\Exception\XRayException

Functions

  • Aws\clear_compiled_json
  • Aws\constantly
  • Aws\default_http_handler
  • Aws\default_user_agent
  • Aws\describe_type
  • Aws\dir_iterator
  • Aws\filter
  • Aws\flatmap
  • Aws\is_valid_hostname
  • Aws\load_compiled_json
  • Aws\manifest
  • Aws\map
  • Aws\or_chain
  • Aws\parse_ini_file
  • Aws\partition
  • Aws\recursive_dir_iterator
  • Aws\serialize

AWS SecurityHub 2018-10-26

Client: Aws\SecurityHub\SecurityHubClient
Service ID: securityhub
Version: 2018-10-26

This page describes the parameters and results for the operations of the AWS SecurityHub (2018-10-26), and shows how to use the Aws\SecurityHub\SecurityHubClient object to call the described operations. This documentation is specific to the 2018-10-26 API version of the service.

Operation Summary

Each of the following operations can be created from a client using $client->getCommand('CommandName'), where "CommandName" is the name of one of the following operations. Note: a command is a value that encapsulates an operation and the parameters used to create an HTTP request.

You can also create and send a command immediately using the magic methods available on a client object: $client->commandName(/* parameters */). You can send the command asynchronously (returning a promise) by appending the word "Async" to the operation name: $client->commandNameAsync(/* parameters */).

  • AcceptInvitation ( array $params = [] )

    Accepts the invitation to be a member account and be monitored by the Security Hub master account that the invitation was sent from.

  • BatchDisableStandards ( array $params = [] )

    Disables the standards specified by the provided StandardsSubscriptionArns.

  • BatchEnableStandards ( array $params = [] )

    Enables the standards specified by the provided standardsArn.

  • BatchImportFindings ( array $params = [] )

    Imports security findings generated from an integrated third-party product into Security Hub.

  • CreateActionTarget ( array $params = [] )

    Creates a custom action target in Security Hub.

  • CreateInsight ( array $params = [] )

    Creates a custom insight in Security Hub.

  • CreateMembers ( array $params = [] )

    Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the master account.

  • DeclineInvitations ( array $params = [] )

    Declines invitations to become a member account.

  • DeleteActionTarget ( array $params = [] )

    Deletes a custom action target from Security Hub.

  • DeleteInsight ( array $params = [] )

    Deletes the insight specified by the InsightArn.

  • DeleteInvitations ( array $params = [] )

    Deletes invitations received by the AWS account to become a member account.

  • DeleteMembers ( array $params = [] )

    Deletes the specified member accounts from Security Hub.

  • DescribeActionTargets ( array $params = [] )

    Returns a list of the custom action targets in Security Hub in your account.

  • DescribeHub ( array $params = [] )

    Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub.

  • DescribeProducts ( array $params = [] )

    Returns information about the products available that you can subscribe to and integrate with Security Hub to consolidate findings.

  • DisableImportFindingsForProduct ( array $params = [] )

    Disables the integration of the specified product with Security Hub.

  • DisableSecurityHub ( array $params = [] )

    Disables Security Hub in your account only in the current Region.

  • DisassociateFromMasterAccount ( array $params = [] )

    Disassociates the current Security Hub member account from the associated master account.

  • DisassociateMembers ( array $params = [] )

    Disassociates the specified member accounts from the associated master account.

  • EnableImportFindingsForProduct ( array $params = [] )

    Enables the integration of a partner product with Security Hub.

  • EnableSecurityHub ( array $params = [] )

    Enables Security Hub for your account in the current Region or the Region you specify in the request.

  • GetEnabledStandards ( array $params = [] )

    Returns a list of the standards that are currently enabled.

  • GetFindings ( array $params = [] )

    Returns a list of findings that match the specified criteria.

  • GetInsightResults ( array $params = [] )

    Lists the results of the Security Hub insight that the insight ARN specifies.

  • GetInsights ( array $params = [] )

    Lists and describes insights that insight ARNs specify.

  • GetInvitationsCount ( array $params = [] )

    Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation.

  • GetMasterAccount ( array $params = [] )

    Provides the details for the Security Hub master account to the current member account.

  • GetMembers ( array $params = [] )

    Returns the details on the Security Hub member accounts that the account IDs specify.

  • InviteMembers ( array $params = [] )

    Invites other AWS accounts to become member accounts for the Security Hub master account that the invitation is sent from.

  • ListEnabledProductsForImport ( array $params = [] )

    Lists all findings-generating solutions (products) whose findings you have subscribed to receive in Security Hub.

  • ListInvitations ( array $params = [] )

    Lists all Security Hub membership invitations that were sent to the current AWS account.

  • ListMembers ( array $params = [] )

    Lists details about all member accounts for the current Security Hub master account.

  • ListTagsForResource ( array $params = [] )

    Returns a list of tags associated with a resource.

  • TagResource ( array $params = [] )

    Adds one or more tags to a resource.

  • UntagResource ( array $params = [] )

    Removes one or more tags from a resource.

  • UpdateActionTarget ( array $params = [] )

    Updates the name and description of a custom action target in Security Hub.

  • UpdateFindings ( array $params = [] )

    Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify.

  • UpdateInsight ( array $params = [] )

    Updates the Security Hub insight that the insight ARN specifies.

Paginators

Paginators handle automatically iterating over paginated API results. Paginators are associated with specific API operations, and they accept the parameters that the corresponding API operation accepts. You can get a paginator from a client class using getPaginator($paginatorName, $operationParameters). This client supports the following paginators:

  • DescribeActionTargets
  • DescribeProducts
  • GetFindings
  • GetInsights
  • ListEnabledProductsForImport

Operations

AcceptInvitation 

$result = $client->acceptInvitation([/* ... */]);
$promise = $client->acceptInvitationAsync([/* ... */]);

Accepts the invitation to be a member account and be monitored by the Security Hub master account that the invitation was sent from. When the member account accepts the invitation, permission is granted to the master account to view findings generated in the member account.

Parameter Syntax

$result = $client->acceptInvitation([
    'InvitationId' => '<string>',
    'MasterId' => '<string>',
]);

Parameter Details

Members
InvitationId
  • Type: string

The ID of the invitation sent from the Security Hub master account.

MasterId
  • Type: string

The account ID of the Security Hub master account that sent the invitation.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

BatchDisableStandards 

$result = $client->batchDisableStandards([/* ... */]);
$promise = $client->batchDisableStandardsAsync([/* ... */]);

Disables the standards specified by the provided StandardsSubscriptionArns. For more information, see Standards Supported in AWS Security Hub.

Parameter Syntax

$result = $client->batchDisableStandards([
    'StandardsSubscriptionArns' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
StandardsSubscriptionArns
  • Required: Yes
  • Type: Array of strings

The ARNs of the standards subscriptions to disable.

Result Syntax

[
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

The details of the standards subscriptions that were disabled.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

BatchEnableStandards 

$result = $client->batchEnableStandards([/* ... */]);
$promise = $client->batchEnableStandardsAsync([/* ... */]);

Enables the standards specified by the provided standardsArn. In this release, only CIS AWS Foundations standards are supported. For more information, see Standards Supported in AWS Security Hub.

Parameter Syntax

$result = $client->batchEnableStandards([
    'StandardsSubscriptionRequests' => [ // REQUIRED
        [
            'StandardsArn' => '<string>', // REQUIRED
            'StandardsInput' => ['<string>', ...],
        ],
        // ...
    ],
]);

Parameter Details

Members
StandardsSubscriptionRequests
  • Required: Yes
  • Type: Array of StandardsSubscriptionRequest structures

The list of standards compliance checks to enable.

In this release, Security Hub supports only the CIS AWS Foundations standard.

The ARN for the standard is arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

Result Syntax

[
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

The details of the standards subscriptions that were enabled.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

BatchImportFindings 

$result = $client->batchImportFindings([/* ... */]);
$promise = $client->batchImportFindingsAsync([/* ... */]);

Imports security findings generated from an integrated third-party product into Security Hub. This action is requested by the integrated product to import its findings into Security Hub. The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.

Parameter Syntax

$result = $client->batchImportFindings([
    'Findings' => [ // REQUIRED
        [
            'AwsAccountId' => '<string>', // REQUIRED
            'Compliance' => [
                'Status' => 'PASSED|WARNING|FAILED|NOT_AVAILABLE',
            ],
            'Confidence' => <integer>,
            'CreatedAt' => '<string>', // REQUIRED
            'Criticality' => <integer>,
            'Description' => '<string>', // REQUIRED
            'FirstObservedAt' => '<string>',
            'GeneratorId' => '<string>', // REQUIRED
            'Id' => '<string>', // REQUIRED
            'LastObservedAt' => '<string>',
            'Malware' => [
                [
                    'Name' => '<string>', // REQUIRED
                    'Path' => '<string>',
                    'State' => 'OBSERVED|REMOVAL_FAILED|REMOVED',
                    'Type' => 'ADWARE|BLENDED_THREAT|BOTNET_AGENT|COIN_MINER|EXPLOIT_KIT|KEYLOGGER|MACRO|POTENTIALLY_UNWANTED|SPYWARE|RANSOMWARE|REMOTE_ACCESS|ROOTKIT|TROJAN|VIRUS|WORM',
                ],
                // ...
            ],
            'Network' => [
                'DestinationDomain' => '<string>',
                'DestinationIpV4' => '<string>',
                'DestinationIpV6' => '<string>',
                'DestinationPort' => <integer>,
                'Direction' => 'IN|OUT',
                'Protocol' => '<string>',
                'SourceDomain' => '<string>',
                'SourceIpV4' => '<string>',
                'SourceIpV6' => '<string>',
                'SourceMac' => '<string>',
                'SourcePort' => <integer>,
            ],
            'Note' => [
                'Text' => '<string>', // REQUIRED
                'UpdatedAt' => '<string>', // REQUIRED
                'UpdatedBy' => '<string>', // REQUIRED
            ],
            'Process' => [
                'LaunchedAt' => '<string>',
                'Name' => '<string>',
                'ParentPid' => <integer>,
                'Path' => '<string>',
                'Pid' => <integer>,
                'TerminatedAt' => '<string>',
            ],
            'ProductArn' => '<string>', // REQUIRED
            'ProductFields' => ['<string>', ...],
            'RecordState' => 'ACTIVE|ARCHIVED',
            'RelatedFindings' => [
                [
                    'Id' => '<string>', // REQUIRED
                    'ProductArn' => '<string>', // REQUIRED
                ],
                // ...
            ],
            'Remediation' => [
                'Recommendation' => [
                    'Text' => '<string>',
                    'Url' => '<string>',
                ],
            ],
            'Resources' => [ // REQUIRED
                [
                    'Details' => [
                        'AwsEc2Instance' => [
                            'IamInstanceProfileArn' => '<string>',
                            'ImageId' => '<string>',
                            'IpV4Addresses' => ['<string>', ...],
                            'IpV6Addresses' => ['<string>', ...],
                            'KeyName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'SubnetId' => '<string>',
                            'Type' => '<string>',
                            'VpcId' => '<string>',
                        ],
                        'AwsIamAccessKey' => [
                            'CreatedAt' => '<string>',
                            'Status' => 'Active|Inactive',
                            'UserName' => '<string>',
                        ],
                        'AwsS3Bucket' => [
                            'OwnerId' => '<string>',
                            'OwnerName' => '<string>',
                        ],
                        'Container' => [
                            'ImageId' => '<string>',
                            'ImageName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'Name' => '<string>',
                        ],
                        'Other' => ['<string>', ...],
                    ],
                    'Id' => '<string>', // REQUIRED
                    'Partition' => 'aws|aws-cn|aws-us-gov',
                    'Region' => '<string>',
                    'Tags' => ['<string>', ...],
                    'Type' => '<string>', // REQUIRED
                ],
                // ...
            ],
            'SchemaVersion' => '<string>', // REQUIRED
            'Severity' => [ // REQUIRED
                'Normalized' => <integer>, // REQUIRED
                'Product' => <float>,
            ],
            'SourceUrl' => '<string>',
            'ThreatIntelIndicators' => [
                [
                    'Category' => 'BACKDOOR|CARD_STEALER|COMMAND_AND_CONTROL|DROP_SITE|EXPLOIT_SITE|KEYLOGGER',
                    'LastObservedAt' => '<string>',
                    'Source' => '<string>',
                    'SourceUrl' => '<string>',
                    'Type' => 'DOMAIN|EMAIL_ADDRESS|HASH_MD5|HASH_SHA1|HASH_SHA256|HASH_SHA512|IPV4_ADDRESS|IPV6_ADDRESS|MUTEX|PROCESS|URL',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'Title' => '<string>', // REQUIRED
            'Types' => ['<string>', ...], // REQUIRED
            'UpdatedAt' => '<string>', // REQUIRED
            'UserDefinedFields' => ['<string>', ...],
            'VerificationState' => 'UNKNOWN|TRUE_POSITIVE|FALSE_POSITIVE|BENIGN_POSITIVE',
            'WorkflowState' => 'NEW|ASSIGNED|IN_PROGRESS|DEFERRED|RESOLVED',
        ],
        // ...
    ],
]);

Parameter Details

Members
Findings
  • Required: Yes
  • Type: Array of AwsSecurityFinding structures

A list of findings to import. To successfully import a finding, it must follow the AWS Security Finding Format.

Result Syntax

[
    'FailedCount' => <integer>,
    'FailedFindings' => [
        [
            'ErrorCode' => '<string>',
            'ErrorMessage' => '<string>',
            'Id' => '<string>',
        ],
        // ...
    ],
    'SuccessCount' => <integer>,
]

Result Details

Members
FailedCount
  • Required: Yes
  • Type: int

The number of findings that failed to import.

FailedFindings
  • Type: Array of ImportFindingsError structures

The list of the findings that failed to import.

SuccessCount
  • Required: Yes
  • Type: int

The number of findings that were successfully imported.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

CreateActionTarget 

$result = $client->createActionTarget([/* ... */]);
$promise = $client->createActionTargetAsync([/* ... */]);

Creates a custom action target in Security Hub. You can use custom actions on findings and insights in Security Hub to trigger target actions in Amazon CloudWatch Events.

Parameter Syntax

$result = $client->createActionTarget([
    'Description' => '<string>', // REQUIRED
    'Id' => '<string>', // REQUIRED
    'Name' => '<string>', // REQUIRED
]);

Parameter Details

Members
Description
  • Required: Yes
  • Type: string

The description for the custom action target.

Id
  • Required: Yes
  • Type: string

The ID for the custom action target.

Name
  • Required: Yes
  • Type: string

The name of the custom action target.

Result Syntax

[
    'ActionTargetArn' => '<string>',
]

Result Details

Members
ActionTargetArn
  • Required: Yes
  • Type: string

The ARN for the custom action target.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

CreateInsight 

$result = $client->createInsight([/* ... */]);
$promise = $client->createInsightAsync([/* ... */]);

Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation. Use the GroupByAttribute to group the related findings in the insight.

Parameter Syntax

$result = $client->createInsight([
    'Filters' => [ // REQUIRED
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'GroupByAttribute' => '<string>', // REQUIRED
    'Name' => '<string>', // REQUIRED
]);

Parameter Details

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

One or more attributes used to filter the findings included in the insight. Only findings that match the criteria defined in the filters are included in the insight.

GroupByAttribute
  • Required: Yes
  • Type: string

The attribute used as the aggregator to group related findings for the insight.

Name
  • Required: Yes
  • Type: string

The name of the custom insight to create.

Result Syntax

[
    'InsightArn' => '<string>',
]

Result Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight created.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

CreateMembers 

$result = $client->createMembers([/* ... */]);
$promise = $client->createMembersAsync([/* ... */]);

Creates a member association in Security Hub between the specified accounts and the account used to make the request, which is the master account. To successfully create a member, you must use this action from an account that already has Security Hub enabled. You can use the EnableSecurityHub to enable Security Hub.

After you use CreateMembers to create member account associations in Security Hub, you need to use the InviteMembers action, which invites the accounts to enable Security Hub and become member accounts in Security Hub. If the invitation is accepted by the account owner, the account becomes a member account in Security Hub, and a permission policy is added that permits the master account to view the findings generated in the member account. When Security Hub is enabled in the invited account, findings start being sent to both the member and master accounts.

You can remove the association between the master and member accounts by using the DisassociateFromMasterAccount or DisassociateMembers operation.

Parameter Syntax

$result = $client->createMembers([
    'AccountDetails' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
        ],
        // ...
    ],
]);

Parameter Details

Members
AccountDetails
  • Type: Array of AccountDetails structures

A list of account ID and email address pairs of the accounts to associate with the Security Hub master account.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that weren't processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

DeclineInvitations 

$result = $client->declineInvitations([/* ... */]);
$promise = $client->declineInvitationsAsync([/* ... */]);

Declines invitations to become a member account.

Parameter Syntax

$result = $client->declineInvitations([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of account IDs that specify the accounts that invitations to Security Hub are declined from.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that weren't processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DeleteActionTarget 

$result = $client->deleteActionTarget([/* ... */]);
$promise = $client->deleteActionTargetAsync([/* ... */]);

Deletes a custom action target from Security Hub. Deleting a custom action target doesn't affect any findings or insights that were already sent to Amazon CloudWatch Events using the custom action.

Parameter Syntax

$result = $client->deleteActionTarget([
    'ActionTargetArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ActionTargetArn
  • Required: Yes
  • Type: string

The ARN of the custom action target to delete.

Result Syntax

[
    'ActionTargetArn' => '<string>',
]

Result Details

Members
ActionTargetArn
  • Required: Yes
  • Type: string

The ARN of the custom action target that was deleted.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DeleteInsight 

$result = $client->deleteInsight([/* ... */]);
$promise = $client->deleteInsightAsync([/* ... */]);

Deletes the insight specified by the InsightArn.

Parameter Syntax

$result = $client->deleteInsight([
    'InsightArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight to delete.

Result Syntax

[
    'InsightArn' => '<string>',
]

Result Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight that was deleted.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DeleteInvitations 

$result = $client->deleteInvitations([/* ... */]);
$promise = $client->deleteInvitationsAsync([/* ... */]);

Deletes invitations received by the AWS account to become a member account.

Parameter Syntax

$result = $client->deleteInvitations([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of the account IDs that sent the invitations to delete.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that invitations weren't deleted for.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

DeleteMembers 

$result = $client->deleteMembers([/* ... */]);
$promise = $client->deleteMembersAsync([/* ... */]);

Deletes the specified member accounts from Security Hub.

Parameter Syntax

$result = $client->deleteMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of account IDs of the member accounts to delete.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that weren't deleted.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DescribeActionTargets 

$result = $client->describeActionTargets([/* ... */]);
$promise = $client->describeActionTargetsAsync([/* ... */]);

Returns a list of the custom action targets in Security Hub in your account.

Parameter Syntax

$result = $client->describeActionTargets([
    'ActionTargetArns' => ['<string>', ...],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
ActionTargetArns
  • Type: Array of strings

A list of custom action target ARNs for the custom action targets to retrieve.

MaxResults
  • Type: int

The maximum number of results to return.

NextToken
  • Type: string

The token that is required for pagination.

Result Syntax

[
    'ActionTargets' => [
        [
            'ActionTargetArn' => '<string>',
            'Description' => '<string>',
            'Name' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
ActionTargets
  • Required: Yes
  • Type: Array of ActionTarget structures

A list of ActionTarget objects. Each object includes the ActionTargetArn, Description, and Name of a custom action target available in Security Hub.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DescribeHub 

$result = $client->describeHub([/* ... */]);
$promise = $client->describeHubAsync([/* ... */]);

Returns details about the Hub resource in your account, including the HubArn and the time when you enabled Security Hub.

Parameter Syntax

$result = $client->describeHub([
    'HubArn' => '<string>',
]);

Parameter Details

Members
HubArn
  • Type: string

The ARN of the Hub resource to retrieve.

Result Syntax

[
    'HubArn' => '<string>',
    'SubscribedAt' => '<string>',
]

Result Details

Members
HubArn
  • Type: string

The ARN of the Hub resource retrieved.

SubscribedAt
  • Type: string

The date and time when Security Hub was enabled in the account.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DescribeProducts 

$result = $client->describeProducts([/* ... */]);
$promise = $client->describeProductsAsync([/* ... */]);

Returns information about the products available that you can subscribe to and integrate with Security Hub to consolidate findings.

Parameter Syntax

$result = $client->describeProducts([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of results to return.

NextToken
  • Type: string

The token that is required for pagination.

Result Syntax

[
    'NextToken' => '<string>',
    'Products' => [
        [
            'ActivationUrl' => '<string>',
            'Categories' => ['<string>', ...],
            'CompanyName' => '<string>',
            'Description' => '<string>',
            'MarketplaceUrl' => '<string>',
            'ProductArn' => '<string>',
            'ProductName' => '<string>',
            'ProductSubscriptionResourcePolicy' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

Products
  • Required: Yes
  • Type: Array of Product structures

A list of products, including details for each product.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

DisableImportFindingsForProduct 

$result = $client->disableImportFindingsForProduct([/* ... */]);
$promise = $client->disableImportFindingsForProductAsync([/* ... */]);

Disables the integration of the specified product with Security Hub. Findings from that product are no longer sent to Security Hub after the integration is disabled.

Parameter Syntax

$result = $client->disableImportFindingsForProduct([
    'ProductSubscriptionArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ProductSubscriptionArn
  • Required: Yes
  • Type: string

The ARN of the integrated product to disable the integration for.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

DisableSecurityHub 

$result = $client->disableSecurityHub([/* ... */]);
$promise = $client->disableSecurityHubAsync([/* ... */]);

Disables Security Hub in your account only in the current Region. To disable Security Hub in all Regions, you must submit one request per Region where you have enabled Security Hub. When you disable Security Hub for a master account, it doesn't disable Security Hub for any associated member accounts.

When you disable Security Hub, your existing findings and insights and any Security Hub configuration settings are deleted after 90 days and can't be recovered. Any standards that were enabled are disabled, and your master and member account associations are removed. If you want to save your existing findings, you must export them before you disable Security Hub.

Parameter Syntax

$result = $client->disableSecurityHub([
]);

Parameter Details

Members

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DisassociateFromMasterAccount 

$result = $client->disassociateFromMasterAccount([/* ... */]);
$promise = $client->disassociateFromMasterAccountAsync([/* ... */]);

Disassociates the current Security Hub member account from the associated master account.

Parameter Syntax

$result = $client->disassociateFromMasterAccount([
]);

Parameter Details

Members

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

DisassociateMembers 

$result = $client->disassociateMembers([/* ... */]);
$promise = $client->disassociateMembersAsync([/* ... */]);

Disassociates the specified member accounts from the associated master account.

Parameter Syntax

$result = $client->disassociateMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

The account IDs of the member accounts to disassociate from the master account.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

EnableImportFindingsForProduct 

$result = $client->enableImportFindingsForProduct([/* ... */]);
$promise = $client->enableImportFindingsForProductAsync([/* ... */]);

Enables the integration of a partner product with Security Hub. Integrated products send findings to Security Hub. When you enable a product integration, a permission policy that grants permission for the product to send findings to Security Hub is applied.

Parameter Syntax

$result = $client->enableImportFindingsForProduct([
    'ProductArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ProductArn
  • Required: Yes
  • Type: string

The ARN of the product to enable the integration for.

Result Syntax

[
    'ProductSubscriptionArn' => '<string>',
]

Result Details

Members
ProductSubscriptionArn
  • Type: string

The ARN of your subscription to the product to enable integrations for.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

EnableSecurityHub 

$result = $client->enableSecurityHub([/* ... */]);
$promise = $client->enableSecurityHubAsync([/* ... */]);

Enables Security Hub for your account in the current Region or the Region you specify in the request. When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from AWS Config, Amazon GuardDuty, Amazon Inspector, and Amazon Macie. To learn more, see Setting Up AWS Security Hub.

Parameter Syntax

$result = $client->enableSecurityHub([
    'Tags' => ['<string>', ...],
]);

Parameter Details

Members
Tags
  • Type: Associative array of custom strings keys (TagKey) to strings

The tags to add to the Hub resource when you enable Security Hub.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceConflictException:

    The resource specified in the request conflicts with an existing resource.

  • AccessDeniedException:

    You don't have permission to perform the action specified in the request.

GetEnabledStandards 

$result = $client->getEnabledStandards([/* ... */]);
$promise = $client->getEnabledStandardsAsync([/* ... */]);

Returns a list of the standards that are currently enabled.

Parameter Syntax

$result = $client->getEnabledStandards([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'StandardsSubscriptionArns' => ['<string>', ...],
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of results to return in the response.

NextToken
  • Type: string

Paginates results. On your first call to the GetEnabledStandards operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

StandardsSubscriptionArns
  • Type: Array of strings

A list of the standards subscription ARNs for the standards to retrieve.

Result Syntax

[
    'NextToken' => '<string>',
    'StandardsSubscriptions' => [
        [
            'StandardsArn' => '<string>',
            'StandardsInput' => ['<string>', ...],
            'StandardsStatus' => 'PENDING|READY|FAILED|DELETING|INCOMPLETE',
            'StandardsSubscriptionArn' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

StandardsSubscriptions
  • Type: Array of StandardsSubscription structures

A list of StandardsSubscriptions objects that include information about the enabled standards.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetFindings 

$result = $client->getFindings([/* ... */]);
$promise = $client->getFindingsAsync([/* ... */]);

Returns a list of findings that match the specified criteria.

Parameter Syntax

$result = $client->getFindings([
    'Filters' => [
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'SortCriteria' => [
        [
            'Field' => '<string>',
            'SortOrder' => 'asc|desc',
        ],
        // ...
    ],
]);

Parameter Details

Members
Filters
  • Type: AwsSecurityFindingFilters structure

The findings attributes used to define a condition to filter the findings returned.

MaxResults
  • Type: int

The maximum number of findings to return.

NextToken
  • Type: string

Paginates results. On your first call to the GetFindings operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

SortCriteria
  • Type: Array of SortCriterion structures

Findings attributes used to sort the list of findings returned.

Result Syntax

[
    'Findings' => [
        [
            'AwsAccountId' => '<string>',
            'Compliance' => [
                'Status' => 'PASSED|WARNING|FAILED|NOT_AVAILABLE',
            ],
            'Confidence' => <integer>,
            'CreatedAt' => '<string>',
            'Criticality' => <integer>,
            'Description' => '<string>',
            'FirstObservedAt' => '<string>',
            'GeneratorId' => '<string>',
            'Id' => '<string>',
            'LastObservedAt' => '<string>',
            'Malware' => [
                [
                    'Name' => '<string>',
                    'Path' => '<string>',
                    'State' => 'OBSERVED|REMOVAL_FAILED|REMOVED',
                    'Type' => 'ADWARE|BLENDED_THREAT|BOTNET_AGENT|COIN_MINER|EXPLOIT_KIT|KEYLOGGER|MACRO|POTENTIALLY_UNWANTED|SPYWARE|RANSOMWARE|REMOTE_ACCESS|ROOTKIT|TROJAN|VIRUS|WORM',
                ],
                // ...
            ],
            'Network' => [
                'DestinationDomain' => '<string>',
                'DestinationIpV4' => '<string>',
                'DestinationIpV6' => '<string>',
                'DestinationPort' => <integer>,
                'Direction' => 'IN|OUT',
                'Protocol' => '<string>',
                'SourceDomain' => '<string>',
                'SourceIpV4' => '<string>',
                'SourceIpV6' => '<string>',
                'SourceMac' => '<string>',
                'SourcePort' => <integer>,
            ],
            'Note' => [
                'Text' => '<string>',
                'UpdatedAt' => '<string>',
                'UpdatedBy' => '<string>',
            ],
            'Process' => [
                'LaunchedAt' => '<string>',
                'Name' => '<string>',
                'ParentPid' => <integer>,
                'Path' => '<string>',
                'Pid' => <integer>,
                'TerminatedAt' => '<string>',
            ],
            'ProductArn' => '<string>',
            'ProductFields' => ['<string>', ...],
            'RecordState' => 'ACTIVE|ARCHIVED',
            'RelatedFindings' => [
                [
                    'Id' => '<string>',
                    'ProductArn' => '<string>',
                ],
                // ...
            ],
            'Remediation' => [
                'Recommendation' => [
                    'Text' => '<string>',
                    'Url' => '<string>',
                ],
            ],
            'Resources' => [
                [
                    'Details' => [
                        'AwsEc2Instance' => [
                            'IamInstanceProfileArn' => '<string>',
                            'ImageId' => '<string>',
                            'IpV4Addresses' => ['<string>', ...],
                            'IpV6Addresses' => ['<string>', ...],
                            'KeyName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'SubnetId' => '<string>',
                            'Type' => '<string>',
                            'VpcId' => '<string>',
                        ],
                        'AwsIamAccessKey' => [
                            'CreatedAt' => '<string>',
                            'Status' => 'Active|Inactive',
                            'UserName' => '<string>',
                        ],
                        'AwsS3Bucket' => [
                            'OwnerId' => '<string>',
                            'OwnerName' => '<string>',
                        ],
                        'Container' => [
                            'ImageId' => '<string>',
                            'ImageName' => '<string>',
                            'LaunchedAt' => '<string>',
                            'Name' => '<string>',
                        ],
                        'Other' => ['<string>', ...],
                    ],
                    'Id' => '<string>',
                    'Partition' => 'aws|aws-cn|aws-us-gov',
                    'Region' => '<string>',
                    'Tags' => ['<string>', ...],
                    'Type' => '<string>',
                ],
                // ...
            ],
            'SchemaVersion' => '<string>',
            'Severity' => [
                'Normalized' => <integer>,
                'Product' => <float>,
            ],
            'SourceUrl' => '<string>',
            'ThreatIntelIndicators' => [
                [
                    'Category' => 'BACKDOOR|CARD_STEALER|COMMAND_AND_CONTROL|DROP_SITE|EXPLOIT_SITE|KEYLOGGER',
                    'LastObservedAt' => '<string>',
                    'Source' => '<string>',
                    'SourceUrl' => '<string>',
                    'Type' => 'DOMAIN|EMAIL_ADDRESS|HASH_MD5|HASH_SHA1|HASH_SHA256|HASH_SHA512|IPV4_ADDRESS|IPV6_ADDRESS|MUTEX|PROCESS|URL',
                    'Value' => '<string>',
                ],
                // ...
            ],
            'Title' => '<string>',
            'Types' => ['<string>', ...],
            'UpdatedAt' => '<string>',
            'UserDefinedFields' => ['<string>', ...],
            'VerificationState' => 'UNKNOWN|TRUE_POSITIVE|FALSE_POSITIVE|BENIGN_POSITIVE',
            'WorkflowState' => 'NEW|ASSIGNED|IN_PROGRESS|DEFERRED|RESOLVED',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Findings
  • Required: Yes
  • Type: Array of AwsSecurityFinding structures

The findings that matched the filters specified in the request.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetInsightResults 

$result = $client->getInsightResults([/* ... */]);
$promise = $client->getInsightResultsAsync([/* ... */]);

Lists the results of the Security Hub insight that the insight ARN specifies.

Parameter Syntax

$result = $client->getInsightResults([
    'InsightArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight whose results you want to see.

Result Syntax

[
    'InsightResults' => [
        'GroupByAttribute' => '<string>',
        'InsightArn' => '<string>',
        'ResultValues' => [
            [
                'Count' => <integer>,
                'GroupByAttributeValue' => '<string>',
            ],
            // ...
        ],
    ],
]

Result Details

Members
InsightResults
  • Required: Yes
  • Type: InsightResults structure

The insight results returned by the operation.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetInsights 

$result = $client->getInsights([/* ... */]);
$promise = $client->getInsightsAsync([/* ... */]);

Lists and describes insights that insight ARNs specify.

Parameter Syntax

$result = $client->getInsights([
    'InsightArns' => ['<string>', ...],
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
InsightArns
  • Type: Array of strings

The ARNs of the insights that you want to describe.

MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the GetInsights operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

Result Syntax

[
    'Insights' => [
        [
            'Filters' => [
                'AwsAccountId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'CompanyName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ComplianceStatus' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Confidence' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'CreatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'Criticality' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'Description' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'FirstObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'GeneratorId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Id' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Keyword' => [
                    [
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'LastObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'MalwareName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwarePath' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwareState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'MalwareType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationDomain' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationIpV4' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationIpV6' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkDestinationPort' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'NetworkDirection' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkProtocol' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceDomain' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceIpV4' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceIpV6' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourceMac' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NetworkSourcePort' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'NoteText' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'NoteUpdatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'NoteUpdatedBy' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ProcessName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessParentPid' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'ProcessPath' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProcessPid' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'ProcessTerminatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ProductArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProductFields' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ProductName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RecommendationText' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RecordState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RelatedFindingsId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'RelatedFindingsProductArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceImageId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIpV4Addresses' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceIpV6Addresses' => [
                    [
                        'Cidr' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceKeyName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceSubnetId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsEc2InstanceVpcId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyCreatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyStatus' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsIamAccessKeyUserName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsS3BucketOwnerId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceAwsS3BucketOwnerName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerImageId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerImageName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerLaunchedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ResourceContainerName' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceDetailsOther' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceId' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourcePartition' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceRegion' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceTags' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ResourceType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'SeverityLabel' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'SeverityNormalized' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'SeverityProduct' => [
                    [
                        'Eq' => <float>,
                        'Gte' => <float>,
                        'Lte' => <float>,
                    ],
                    // ...
                ],
                'SourceUrl' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorCategory' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorLastObservedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorSource' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorSourceUrl' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorType' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'ThreatIntelIndicatorValue' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Title' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'Type' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'UpdatedAt' => [
                    [
                        'DateRange' => [
                            'Unit' => 'DAYS',
                            'Value' => <integer>,
                        ],
                        'End' => '<string>',
                        'Start' => '<string>',
                    ],
                    // ...
                ],
                'UserDefinedFields' => [
                    [
                        'Comparison' => 'EQUALS',
                        'Key' => '<string>',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'VerificationState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
                'WorkflowState' => [
                    [
                        'Comparison' => 'EQUALS|PREFIX',
                        'Value' => '<string>',
                    ],
                    // ...
                ],
            ],
            'GroupByAttribute' => '<string>',
            'InsightArn' => '<string>',
            'Name' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Insights
  • Required: Yes
  • Type: Array of Insight structures

The insights returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetInvitationsCount 

$result = $client->getInvitationsCount([/* ... */]);
$promise = $client->getInvitationsCountAsync([/* ... */]);

Returns the count of all Security Hub membership invitations that were sent to the current member account, not including the currently accepted invitation.

Parameter Syntax

$result = $client->getInvitationsCount([
]);

Parameter Details

Members

Result Syntax

[
    'InvitationsCount' => <integer>,
]

Result Details

Members
InvitationsCount
  • Type: int

The number of all membership invitations sent to this Security Hub member account, not including the currently accepted invitation.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

GetMasterAccount 

$result = $client->getMasterAccount([/* ... */]);
$promise = $client->getMasterAccountAsync([/* ... */]);

Provides the details for the Security Hub master account to the current member account.

Parameter Syntax

$result = $client->getMasterAccount([
]);

Parameter Details

Members

Result Syntax

[
    'Master' => [
        'AccountId' => '<string>',
        'InvitationId' => '<string>',
        'InvitedAt' => <DateTime>,
        'MemberStatus' => '<string>',
    ],
]

Result Details

Members
Master
  • Type: Invitation structure

A list of details about the Security Hub master account for the current member account.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

GetMembers 

$result = $client->getMembers([/* ... */]);
$promise = $client->getMembersAsync([/* ... */]);

Returns the details on the Security Hub member accounts that the account IDs specify.

Parameter Syntax

$result = $client->getMembers([
    'AccountIds' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
AccountIds
  • Required: Yes
  • Type: Array of strings

A list of account IDs for the Security Hub member accounts that you want to return the details for.

Result Syntax

[
    'Members' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
            'InvitedAt' => <DateTime>,
            'MasterId' => '<string>',
            'MemberStatus' => '<string>',
            'UpdatedAt' => <DateTime>,
        ],
        // ...
    ],
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
Members
  • Type: Array of Member structures

A list of details about the Security Hub member accounts.

UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

InviteMembers 

$result = $client->inviteMembers([/* ... */]);
$promise = $client->inviteMembersAsync([/* ... */]);

Invites other AWS accounts to become member accounts for the Security Hub master account that the invitation is sent from. Before you can use this action to invite a member, you must first create the member account in Security Hub by using the CreateMembers action. When the account owner accepts the invitation to become a member account and enables Security Hub, the master account can view the findings generated from member account.

Parameter Syntax

$result = $client->inviteMembers([
    'AccountIds' => ['<string>', ...],
]);

Parameter Details

Members
AccountIds
  • Type: Array of strings

A list of IDs of the AWS accounts that you want to invite to Security Hub as members.

Result Syntax

[
    'UnprocessedAccounts' => [
        [
            'AccountId' => '<string>',
            'ProcessingResult' => '<string>',
        ],
        // ...
    ],
]

Result Details

Members
UnprocessedAccounts
  • Type: Array of Result structures

A list of account ID and email address pairs of the AWS accounts that couldn't be processed.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

ListEnabledProductsForImport 

$result = $client->listEnabledProductsForImport([/* ... */]);
$promise = $client->listEnabledProductsForImportAsync([/* ... */]);

Lists all findings-generating solutions (products) whose findings you have subscribed to receive in Security Hub.

Parameter Syntax

$result = $client->listEnabledProductsForImport([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the ListEnabledProductsForImport operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

Result Syntax

[
    'NextToken' => '<string>',
    'ProductSubscriptions' => ['<string>', ...],
]

Result Details

Members
NextToken
  • Type: string

The token that is required for pagination.

ProductSubscriptions
  • Type: Array of strings

A list of ARNs for the resources that represent your subscriptions to products.

Errors

  • InternalException:

    Internal server error.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

ListInvitations 

$result = $client->listInvitations([/* ... */]);
$promise = $client->listInvitationsAsync([/* ... */]);

Lists all Security Hub membership invitations that were sent to the current AWS account.

Parameter Syntax

$result = $client->listInvitations([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. On your first call to the ListInvitations operation, set the value of this parameter to NULL. For subsequent calls to the operation, fill nextToken in the request with the value of NextToken from the previous response to continue listing data.

Result Syntax

[
    'Invitations' => [
        [
            'AccountId' => '<string>',
            'InvitationId' => '<string>',
            'InvitedAt' => <DateTime>,
            'MemberStatus' => '<string>',
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Invitations
  • Type: Array of Invitation structures

The details of the invitations returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

ListMembers 

$result = $client->listMembers([/* ... */]);
$promise = $client->listMembersAsync([/* ... */]);

Lists details about all member accounts for the current Security Hub master account.

Parameter Syntax

$result = $client->listMembers([
    'MaxResults' => <integer>,
    'NextToken' => '<string>',
    'OnlyAssociated' => true || false,
]);

Parameter Details

Members
MaxResults
  • Type: int

The maximum number of items that you want in the response.

NextToken
  • Type: string

Paginates results. Set the value of this parameter to NULL on your first call to the ListMembers operation. For subsequent calls to the operation, fill nextToken in the request with the value of nextToken from the previous response to continue listing data.

OnlyAssociated
  • Type: boolean

Specifies which member accounts the response includes based on their relationship status with the master account. The default value is TRUE. If onlyAssociated is set to TRUE, the response includes member accounts whose relationship status with the master is set to ENABLED or DISABLED. If onlyAssociated is set to FALSE, the response includes all existing member accounts.

Result Syntax

[
    'Members' => [
        [
            'AccountId' => '<string>',
            'Email' => '<string>',
            'InvitedAt' => <DateTime>,
            'MasterId' => '<string>',
            'MemberStatus' => '<string>',
            'UpdatedAt' => <DateTime>,
        ],
        // ...
    ],
    'NextToken' => '<string>',
]

Result Details

Members
Members
  • Type: Array of Member structures

Member details returned by the operation.

NextToken
  • Type: string

The token that is required for pagination.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

ListTagsForResource 

$result = $client->listTagsForResource([/* ... */]);
$promise = $client->listTagsForResourceAsync([/* ... */]);

Returns a list of tags associated with a resource.

Parameter Syntax

$result = $client->listTagsForResource([
    'ResourceArn' => '<string>', // REQUIRED
]);

Parameter Details

Members
ResourceArn
  • Required: Yes
  • Type: string

The ARN of the resource to retrieve tags for.

Result Syntax

[
    'Tags' => ['<string>', ...],
]

Result Details

Members
Tags
  • Type: Associative array of custom strings keys (TagKey) to strings

The tags associated with a resource.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

TagResource 

$result = $client->tagResource([/* ... */]);
$promise = $client->tagResourceAsync([/* ... */]);

Adds one or more tags to a resource.

Parameter Syntax

$result = $client->tagResource([
    'ResourceArn' => '<string>', // REQUIRED
    'Tags' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
ResourceArn
  • Required: Yes
  • Type: string

The ARN of the resource to apply the tags to.

Tags
  • Required: Yes
  • Type: Associative array of custom strings keys (TagKey) to strings

The tags to add to the resource.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

UntagResource 

$result = $client->untagResource([/* ... */]);
$promise = $client->untagResourceAsync([/* ... */]);

Removes one or more tags from a resource.

Parameter Syntax

$result = $client->untagResource([
    'ResourceArn' => '<string>', // REQUIRED
    'TagKeys' => ['<string>', ...], // REQUIRED
]);

Parameter Details

Members
ResourceArn
  • Required: Yes
  • Type: string

The ARN of the resource to remove the tags from.

TagKeys
  • Required: Yes
  • Type: Array of strings

The tag keys associated with the tags to remove from the resource.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

UpdateActionTarget 

$result = $client->updateActionTarget([/* ... */]);
$promise = $client->updateActionTargetAsync([/* ... */]);

Updates the name and description of a custom action target in Security Hub.

Parameter Syntax

$result = $client->updateActionTarget([
    'ActionTargetArn' => '<string>', // REQUIRED
    'Description' => '<string>',
    'Name' => '<string>',
]);

Parameter Details

Members
ActionTargetArn
  • Required: Yes
  • Type: string

The ARN of the custom action target to update.

Description
  • Type: string

The updated description for the custom action target.

Name
  • Type: string

The updated name of the custom action target.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

UpdateFindings 

$result = $client->updateFindings([/* ... */]);
$promise = $client->updateFindingsAsync([/* ... */]);

Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify. Any member account that can view the finding also sees the update to the finding.

Parameter Syntax

$result = $client->updateFindings([
    'Filters' => [ // REQUIRED
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'Note' => [
        'Text' => '<string>', // REQUIRED
        'UpdatedBy' => '<string>', // REQUIRED
    ],
    'RecordState' => 'ACTIVE|ARCHIVED',
]);

Parameter Details

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

A collection of attributes that specify which findings you want to update.

Note
  • Type: NoteUpdate structure

The updated note for the finding.

RecordState
  • Type: string

The updated record state for the finding.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

UpdateInsight 

$result = $client->updateInsight([/* ... */]);
$promise = $client->updateInsightAsync([/* ... */]);

Updates the Security Hub insight that the insight ARN specifies.

Parameter Syntax

$result = $client->updateInsight([
    'Filters' => [
        'AwsAccountId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'CompanyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ComplianceStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Confidence' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'CreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'Criticality' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'Description' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'FirstObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'GeneratorId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Id' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Keyword' => [
            [
                'Value' => '<string>',
            ],
            // ...
        ],
        'LastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'MalwareName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwarePath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'MalwareType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkDestinationPort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NetworkDirection' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkProtocol' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceDomain' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV4' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceIpV6' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'NetworkSourceMac' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NetworkSourcePort' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'NoteText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'NoteUpdatedBy' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProcessName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessParentPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessPath' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProcessPid' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'ProcessTerminatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ProductName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecommendationText' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RecordState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'RelatedFindingsProductArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIamInstanceProfileArn' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV4Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceIpV6Addresses' => [
            [
                'Cidr' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceKeyName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceSubnetId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsEc2InstanceVpcId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyCreatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyStatus' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsIamAccessKeyUserName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceAwsS3BucketOwnerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerImageName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerLaunchedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ResourceContainerName' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceDetailsOther' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceId' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourcePartition' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceRegion' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceTags' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ResourceType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityLabel' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'SeverityNormalized' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SeverityProduct' => [
            [
                'Eq' => <float>,
                'Gte' => <float>,
                'Lte' => <float>,
            ],
            // ...
        ],
        'SourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorCategory' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorLastObservedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSource' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorSourceUrl' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorType' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'ThreatIntelIndicatorValue' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Title' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'Type' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'UpdatedAt' => [
            [
                'DateRange' => [
                    'Unit' => 'DAYS',
                    'Value' => <integer>,
                ],
                'End' => '<string>',
                'Start' => '<string>',
            ],
            // ...
        ],
        'UserDefinedFields' => [
            [
                'Comparison' => 'EQUALS',
                'Key' => '<string>',
                'Value' => '<string>',
            ],
            // ...
        ],
        'VerificationState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
        'WorkflowState' => [
            [
                'Comparison' => 'EQUALS|PREFIX',
                'Value' => '<string>',
            ],
            // ...
        ],
    ],
    'GroupByAttribute' => '<string>',
    'InsightArn' => '<string>', // REQUIRED
    'Name' => '<string>',
]);

Parameter Details

Members
Filters
  • Type: AwsSecurityFindingFilters structure

The updated filters that define this insight.

GroupByAttribute
  • Type: string

The updated GroupBy attribute that defines this insight.

InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight that you want to update.

Name
  • Type: string

The updated name for the insight.

Result Syntax

[]

Result Details

The results for this operation are always empty.

Errors

  • InternalException:

    Internal server error.

  • InvalidInputException:

    The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

  • InvalidAccessException:

    AWS Security Hub isn't enabled for the account used to make this request.

  • LimitExceededException:

    The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

  • ResourceNotFoundException:

    The request was rejected because we can't find the specified resource.

Shapes

AccessDeniedException

Description

You don't have permission to perform the action specified in the request.

Members
Code
  • Type: string
Message
  • Type: string

AccountDetails

Description

The details of an AWS account.

Members
AccountId
  • Type: string

The ID of an AWS account.

Email
  • Type: string

The email of an AWS account.

ActionTarget

Description

An ActionTarget object.

Members
ActionTargetArn
  • Required: Yes
  • Type: string

The ARN for the target action.

Description
  • Required: Yes
  • Type: string

The description of the target action.

Name
  • Required: Yes
  • Type: string

The name of the action target.

AwsEc2InstanceDetails

Description

The details of an Amazon EC2 instance.

Members
IamInstanceProfileArn
  • Type: string

The IAM profile ARN of the instance.

ImageId
  • Type: string

The Amazon Machine Image (AMI) ID of the instance.

IpV4Addresses
  • Type: Array of strings

The IPv4 addresses associated with the instance.

IpV6Addresses
  • Type: Array of strings

The IPv6 addresses associated with the instance.

KeyName
  • Type: string

The key name associated with the instance.

LaunchedAt
  • Type: string

The date/time the instance was launched.

SubnetId
  • Type: string

The identifier of the subnet that the instance was launched in.

Type
  • Type: string

The instance type of the instance.

VpcId
  • Type: string

The identifier of the VPC that the instance was launched in.

AwsIamAccessKeyDetails

Description

IAM access key details related to a finding.

Members
CreatedAt
  • Type: string

The creation date/time of the IAM access key related to a finding.

Status
  • Type: string

The status of the IAM access key related to a finding.

UserName
  • Type: string

The user associated with the IAM access key related to a finding.

AwsS3BucketDetails

Description

The details of an Amazon S3 bucket.

Members
OwnerId
  • Type: string

The canonical user ID of the owner of the S3 bucket.

OwnerName
  • Type: string

The display name of the owner of the S3 bucket.

AwsSecurityFinding

Description

Provides consistent format for the contents of the Security Hub-aggregated findings. AwsSecurityFinding format enables you to share findings between AWS security services and third-party solutions, and compliance checks.

A finding is a potential security issue generated either by AWS services (Amazon GuardDuty, Amazon Inspector, and Amazon Macie) or by the integrated third-party solutions and compliance checks.

Members
AwsAccountId
  • Required: Yes
  • Type: string

The AWS account ID that a finding is generated in.

Compliance
  • Type: Compliance structure

This data type is exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Confidence
  • Type: int

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

CreatedAt
  • Required: Yes
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider created the potential security issue that a finding captured.

Criticality
  • Type: int

The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Description
  • Required: Yes
  • Type: string

A finding's description.

In this release, Description is a required property.

FirstObservedAt
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

GeneratorId
  • Required: Yes
  • Type: string

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plug-in, etc.

Id
  • Required: Yes
  • Type: string

The security findings provider-specific identifier for a finding.

LastObservedAt
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

Malware
  • Type: Array of Malware structures

A list of malware related to a finding.

Network
  • Type: Network structure

The details of network-related information about a finding.

Note
  • Type: Note structure

A user-defined note added to a finding.

Process
  • Type: ProcessDetails structure

The details of process-related information about a finding.

ProductArn
  • Required: Yes
  • Type: string

The ARN generated by Security Hub that uniquely identifies a third-party company (security-findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

ProductFields
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

RecordState
  • Type: string

The record state of a finding.

RelatedFindings
  • Type: Array of RelatedFinding structures

A list of related findings.

Remediation
  • Type: Remediation structure

A data type that describes the remediation options for a finding.

Resources
  • Required: Yes
  • Type: Array of Resource structures

A set of resource data types that describe the resources that the finding refers to.

SchemaVersion
  • Required: Yes
  • Type: string

The schema version that a finding is formatted for.

Severity
  • Required: Yes
  • Type: Severity structure

A finding's severity.

SourceUrl
  • Type: string

A URL that links to a page about the current finding in the security-findings provider's solution.

ThreatIntelIndicators
  • Type: Array of ThreatIntelIndicator structures

Threat intel details related to a finding.

Title
  • Required: Yes
  • Type: string

A finding's title.

In this release, Title is a required property.

Types
  • Required: Yes
  • Type: Array of strings

One or more finding types in the format of namespace/category/classifier that classify a finding.

Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications

UpdatedAt
  • Required: Yes
  • Type: string

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

UserDefinedFields
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

VerificationState
  • Type: string

Indicates the veracity of a finding.

WorkflowState
  • Type: string

The workflow state of a finding.

AwsSecurityFindingFilters

Description

A collection of attributes that are applied to all active Security Hub-aggregated findings and that result in a subset of findings that are included in this insight.

Members
AwsAccountId
  • Type: Array of StringFilter structures

The AWS account ID that a finding is generated in.

CompanyName
  • Type: Array of StringFilter structures

The name of the findings provider (company) that owns the solution (product) that generates findings.

ComplianceStatus
  • Type: Array of StringFilter structures

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Confidence
  • Type: Array of NumberFilter structures

A finding's confidence. Confidence is defined as the likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. Confidence is scored on a 0-100 basis using a ratio scale, where 0 means zero percent confidence and 100 means 100 percent confidence.

CreatedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider captured the potential security issue that a finding captured.

Criticality
  • Type: Array of NumberFilter structures

The level of importance assigned to the resources associated with the finding. A score of 0 means that the underlying resources have no criticality, and a score of 100 is reserved for the most critical resources.

Description
  • Type: Array of StringFilter structures

A finding's description.

FirstObservedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider first observed the potential security issue that a finding captured.

GeneratorId
  • Type: Array of StringFilter structures

The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security-findings providers' solutions, this generator can be called a rule, a check, a detector, a plug-in, etc.

Id
  • Type: Array of StringFilter structures

The security findings provider-specific identifier for a finding.

Keyword
  • Type: Array of KeywordFilter structures

A keyword for a finding.

LastObservedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider most recently observed the potential security issue that a finding captured.

MalwareName
  • Type: Array of StringFilter structures

The name of the malware that was observed.

MalwarePath
  • Type: Array of StringFilter structures

The filesystem path of the malware that was observed.

MalwareState
  • Type: Array of StringFilter structures

The state of the malware that was observed.

MalwareType
  • Type: Array of StringFilter structures

The type of the malware that was observed.

NetworkDestinationDomain
  • Type: Array of StringFilter structures

The destination domain of network-related information about a finding.

NetworkDestinationIpV4
  • Type: Array of IpFilter structures

The destination IPv4 address of network-related information about a finding.

NetworkDestinationIpV6
  • Type: Array of IpFilter structures

The destination IPv6 address of network-related information about a finding.

NetworkDestinationPort
  • Type: Array of NumberFilter structures

The destination port of network-related information about a finding.

NetworkDirection
  • Type: Array of StringFilter structures

Indicates the direction of network traffic associated with a finding.

NetworkProtocol
  • Type: Array of StringFilter structures

The protocol of network-related information about a finding.

NetworkSourceDomain
  • Type: Array of StringFilter structures

The source domain of network-related information about a finding.

NetworkSourceIpV4
  • Type: Array of IpFilter structures

The source IPv4 address of network-related information about a finding.

NetworkSourceIpV6
  • Type: Array of IpFilter structures

The source IPv6 address of network-related information about a finding.

NetworkSourceMac
  • Type: Array of StringFilter structures

The source media access control (MAC) address of network-related information about a finding.

NetworkSourcePort
  • Type: Array of NumberFilter structures

The source port of network-related information about a finding.

NoteText
  • Type: Array of StringFilter structures

The text of a note.

NoteUpdatedAt
  • Type: Array of DateFilter structures

The timestamp of when the note was updated.

NoteUpdatedBy
  • Type: Array of StringFilter structures

The principal that created a note.

ProcessLaunchedAt
  • Type: Array of DateFilter structures

The date/time that the process was launched.

ProcessName
  • Type: Array of StringFilter structures

The name of the process.

ProcessParentPid
  • Type: Array of NumberFilter structures

The parent process ID.

ProcessPath
  • Type: Array of StringFilter structures

The path to the process executable.

ProcessPid
  • Type: Array of NumberFilter structures

The process ID.

ProcessTerminatedAt
  • Type: Array of DateFilter structures

The date/time that the process was terminated.

ProductArn
  • Type: Array of StringFilter structures

The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub.

ProductFields
  • Type: Array of MapFilter structures

A data type where security-findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.

ProductName
  • Type: Array of StringFilter structures

The name of the solution (product) that generates findings.

RecommendationText
  • Type: Array of StringFilter structures

The recommendation of what to do about the issue described in a finding.

RecordState
  • Type: Array of StringFilter structures

The updated record state for the finding.

RelatedFindingsId
  • Type: Array of StringFilter structures

The solution-generated identifier for a related finding.

RelatedFindingsProductArn
  • Type: Array of StringFilter structures

The ARN of the solution that generated a related finding.

ResourceAwsEc2InstanceIamInstanceProfileArn
  • Type: Array of StringFilter structures

The IAM profile ARN of the instance.

ResourceAwsEc2InstanceImageId
  • Type: Array of StringFilter structures

The Amazon Machine Image (AMI) ID of the instance.

ResourceAwsEc2InstanceIpV4Addresses
  • Type: Array of IpFilter structures

The IPv4 addresses associated with the instance.

ResourceAwsEc2InstanceIpV6Addresses
  • Type: Array of IpFilter structures

The IPv6 addresses associated with the instance.

ResourceAwsEc2InstanceKeyName
  • Type: Array of StringFilter structures

The key name associated with the instance.

ResourceAwsEc2InstanceLaunchedAt
  • Type: Array of DateFilter structures

The date/time the instance was launched.

ResourceAwsEc2InstanceSubnetId
  • Type: Array of StringFilter structures

The identifier of the subnet that the instance was launched in.

ResourceAwsEc2InstanceType
  • Type: Array of StringFilter structures

The instance type of the instance.

ResourceAwsEc2InstanceVpcId
  • Type: Array of StringFilter structures

The identifier of the VPC that the instance was launched in.

ResourceAwsIamAccessKeyCreatedAt
  • Type: Array of DateFilter structures

The creation date/time of the IAM access key related to a finding.

ResourceAwsIamAccessKeyStatus
  • Type: Array of StringFilter structures

The status of the IAM access key related to a finding.

ResourceAwsIamAccessKeyUserName
  • Type: Array of StringFilter structures

The user associated with the IAM access key related to a finding.

ResourceAwsS3BucketOwnerId
  • Type: Array of StringFilter structures

The canonical user ID of the owner of the S3 bucket.

ResourceAwsS3BucketOwnerName
  • Type: Array of StringFilter structures

The display name of the owner of the S3 bucket.

ResourceContainerImageId
  • Type: Array of StringFilter structures

The identifier of the image related to a finding.

ResourceContainerImageName
  • Type: Array of StringFilter structures

The name of the image related to a finding.

ResourceContainerLaunchedAt
  • Type: Array of DateFilter structures

The date/time that the container was started.

ResourceContainerName
  • Type: Array of StringFilter structures

The name of the container related to a finding.

ResourceDetailsOther
  • Type: Array of MapFilter structures

The details of a resource that doesn't have a specific subfield for the resource type defined.

ResourceId
  • Type: Array of StringFilter structures

The canonical identifier for the given resource type.

ResourcePartition
  • Type: Array of StringFilter structures

The canonical AWS partition name that the Region is assigned to.

ResourceRegion
  • Type: Array of StringFilter structures

The canonical AWS external Region name where this resource is located.

ResourceTags
  • Type: Array of MapFilter structures

A list of AWS tags associated with a resource at the time the finding was processed.

ResourceType
  • Type: Array of StringFilter structures

Specifies the type of the resource that details are provided for.

SeverityLabel
  • Type: Array of StringFilter structures

The label of a finding's severity.

SeverityNormalized
  • Type: Array of NumberFilter structures

The normalized severity of a finding.

SeverityProduct
  • Type: Array of NumberFilter structures

The native severity as defined by the security-findings provider's solution that generated the finding.

SourceUrl
  • Type: Array of StringFilter structures

A URL that links to a page about the current finding in the security-findings provider's solution.

ThreatIntelIndicatorCategory
  • Type: Array of StringFilter structures

The category of a threat intel indicator.

ThreatIntelIndicatorLastObservedAt
  • Type: Array of DateFilter structures

The date/time of the last observation of a threat intel indicator.

ThreatIntelIndicatorSource
  • Type: Array of StringFilter structures

The source of the threat intel.

ThreatIntelIndicatorSourceUrl
  • Type: Array of StringFilter structures

The URL for more details from the source of the threat intel.

ThreatIntelIndicatorType
  • Type: Array of StringFilter structures

The type of a threat intel indicator.

ThreatIntelIndicatorValue
  • Type: Array of StringFilter structures

The value of a threat intel indicator.

Title
  • Type: Array of StringFilter structures

A finding's title.

Type
  • Type: Array of StringFilter structures

A finding type in the format of namespace/category/classifier that classifies a finding.

UpdatedAt
  • Type: Array of DateFilter structures

An ISO8601-formatted timestamp that indicates when the security-findings provider last updated the finding record.

UserDefinedFields
  • Type: Array of MapFilter structures

A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.

VerificationState
  • Type: Array of StringFilter structures

The veracity of a finding.

WorkflowState
  • Type: Array of StringFilter structures

The workflow state of a finding.

Compliance

Description

Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard (for example, CIS AWS Foundations). Contains compliance-related finding details.

Members
Status
  • Type: string

The result of a compliance check.

ContainerDetails

Description

Container details related to a finding.

Members
ImageId
  • Type: string

The identifier of the image related to a finding.

ImageName
  • Type: string

The name of the image related to a finding.

LaunchedAt
  • Type: string

The date and time when the container started.

Name
  • Type: string

The name of the container related to a finding.

DateFilter

Description

A date filter for querying findings.

Members
DateRange
  • Type: DateRange structure

A date range for the date filter.

End
  • Type: string

An end date for the date filter.

Start
  • Type: string

A start date for the date filter.

DateRange

Description

A date range for the date filter.

Members
Unit
  • Type: string

A date range unit for the date filter.

Value
  • Type: int

A date range value for the date filter.

ImportFindingsError

Description

Includes details of the list of the findings that can't be imported.

Members
ErrorCode
  • Required: Yes
  • Type: string

The code of the error made during the BatchImportFindings operation.

ErrorMessage
  • Required: Yes
  • Type: string

The message of the error made during the BatchImportFindings operation.

Id
  • Required: Yes
  • Type: string

The ID of the error made during the BatchImportFindings operation.

Insight

Description

Contains information about a Security Hub insight.

Members
Filters
  • Required: Yes
  • Type: AwsSecurityFindingFilters structure

One or more attributes used to filter the findings included in the insight. Only findings that match the criteria defined in the filters are included in the insight.

GroupByAttribute
  • Required: Yes
  • Type: string

The attribute that the insight's findings are grouped by. This attribute is used as a findings aggregator for the purposes of viewing and managing multiple related findings under a single operand.

InsightArn
  • Required: Yes
  • Type: string

The ARN of a Security Hub insight.

Name
  • Required: Yes
  • Type: string

The name of a Security Hub insight.

InsightResultValue

Description

The insight result values returned by the GetInsightResults operation.

Members
Count
  • Required: Yes
  • Type: int

The number of findings returned for each GroupByAttributeValue.

GroupByAttributeValue
  • Required: Yes
  • Type: string

The value of the attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.

InsightResults

Description

The insight results returned by the GetInsightResults operation.

Members
GroupByAttribute
  • Required: Yes
  • Type: string

The attribute that the findings are grouped by for the insight whose results are returned by the GetInsightResults operation.

InsightArn
  • Required: Yes
  • Type: string

The ARN of the insight whose results are returned by the GetInsightResults operation.

ResultValues
  • Required: Yes
  • Type: Array of InsightResultValue structures

The list of insight result values returned by the GetInsightResults operation.

InternalException

Description

Internal server error.

Members
Code
  • Type: string
Message
  • Type: string

InvalidAccessException

Description

AWS Security Hub isn't enabled for the account used to make this request.

Members
Code
  • Type: string
Message
  • Type: string

InvalidInputException

Description

The request was rejected because you supplied an invalid or out-of-range value for an input parameter.

Members
Code
  • Type: string
Message
  • Type: string

Invitation

Description

Details about an invitation.

Members
AccountId
  • Type: string

The account ID of the Security Hub master account that the invitation was sent from.

InvitationId
  • Type: string

The ID of the invitation sent to the member account.

InvitedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp of when the invitation was sent.

MemberStatus
  • Type: string

The current status of the association between member and master accounts.

IpFilter

Description

The IP filter for querying findings.

Members
Cidr
  • Type: string

A finding's CIDR value.

KeywordFilter

Description

A keyword filter for querying findings.

Members
Value
  • Type: string

A value for the keyword.

LimitExceededException

Description

The request was rejected because it attempted to create resources beyond the current AWS account limits. The error code describes the limit exceeded.

Members
Code
  • Type: string
Message
  • Type: string

Malware

Description

A list of malware related to a finding.

Members
Name
  • Required: Yes
  • Type: string

The name of the malware that was observed.

Path
  • Type: string

The file system path of the malware that was observed.

State
  • Type: string

The state of the malware that was observed.

Type
  • Type: string

The type of the malware that was observed.

MapFilter

Description

The map filter for querying findings.

Members
Comparison
  • Type: string

The condition to apply to a key value when querying for findings with a map filter.

Key
  • Type: string

The key of the map filter.

Value
  • Type: string

The value for the key in the map filter.

Member

Description

The details about a member account.

Members
AccountId
  • Type: string

The AWS account ID of the member account.

Email
  • Type: string

The email address of the member account.

InvitedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

A timestamp for the date and time when the invitation was sent to the member account.

MasterId
  • Type: string

The AWS account ID of the Security Hub master account associated with this member account.

MemberStatus
  • Type: string

The status of the relationship between the member account and its master account.

UpdatedAt
  • Type: timestamp (string|DateTime or anything parsable by strtotime)

The timestamp for the date and time when the member account was updated.

Network

Description

The details of network-related information about a finding.

Members
DestinationDomain
  • Type: string

The destination domain of network-related information about a finding.

DestinationIpV4
  • Type: string

The destination IPv4 address of network-related information about a finding.

DestinationIpV6
  • Type: string

The destination IPv6 address of network-related information about a finding.

DestinationPort
  • Type: int

The destination port of network-related information about a finding.

Direction
  • Type: string

The direction of network traffic associated with a finding.

Protocol
  • Type: string

The protocol of network-related information about a finding.

SourceDomain
  • Type: string

The source domain of network-related information about a finding.

SourceIpV4
  • Type: string

The source IPv4 address of network-related information about a finding.

SourceIpV6
  • Type: string

The source IPv6 address of network-related information about a finding.

SourceMac
  • Type: string

The source media access control (MAC) address of network-related information about a finding.

SourcePort
  • Type: int

The source port of network-related information about a finding.

Note

Description

A user-defined note added to a finding.

Members
Text
  • Required: Yes
  • Type: string

The text of a note.

UpdatedAt
  • Required: Yes
  • Type: string

The timestamp of when the note was updated.

UpdatedBy
  • Required: Yes
  • Type: string

The principal that created a note.

NoteUpdate

Description

The updated note.

Members
Text
  • Required: Yes
  • Type: string

The updated note text.

UpdatedBy
  • Required: Yes
  • Type: string

The principal that updated the note.

NumberFilter

Description

A number filter for querying findings.

Members
Eq
  • Type: double

The equal-to condition to be applied to a single field when querying for findings.

Gte
  • Type: double

The greater-than-equal condition to be applied to a single field when querying for findings.

Lte
  • Type: double

The less-than-equal condition to be applied to a single field when querying for findings.

ProcessDetails

Description

The details of process-related information about a finding.

Members
LaunchedAt
  • Type: string

The date/time that the process was launched.

Name
  • Type: string

The name of the process.

ParentPid
  • Type: int

The parent process ID.

Path
  • Type: string

The path to the process executable.

Pid
  • Type: int

The process ID.

TerminatedAt
  • Type: string

The date and time when the process was terminated.

Product

Description

Contains details about a product.

Members
ActivationUrl
  • Type: string

The URL used to activate the product.

Categories
  • Type: Array of strings

The categories assigned to the product.

CompanyName
  • Type: string

The name of the company that provides the product.

Description
  • Type: string

A description of the product.

MarketplaceUrl
  • Type: string

The URL for the page that contains more information about the product.

ProductArn
  • Required: Yes
  • Type: string

The ARN assigned to the product.

ProductName
  • Type: string

The name of the product.

ProductSubscriptionResourcePolicy
  • Type: string

The resource policy associated with the product.

Recommendation

Description

A recommendation on how to remediate the issue identified in a finding.

Members
Text
  • Type: string

Describes the recommended steps to take to remediate an issue identified in a finding.

Url
  • Type: string

A URL to a page or site that contains information about how to remediate a finding.

RelatedFinding

Description

Details about a related finding.

Members
Id
  • Required: Yes
  • Type: string

The product-generated identifier for a related finding.

ProductArn
  • Required: Yes
  • Type: string

The ARN of the product that generated a related finding.

Remediation

Description

Details about the remediation steps for a finding.

Members
Recommendation
  • Type: Recommendation structure

A recommendation on the steps to take to remediate the issue identified by a finding.

Resource

Description

A resource related to a finding.

Members
Details
  • Type: ResourceDetails structure

Additional details about the resource related to a finding.

Id
  • Required: Yes
  • Type: string

The canonical identifier for the given resource type.

Partition
  • Type: string

The canonical AWS partition name that the Region is assigned to.

Region
  • Type: string

The canonical AWS external Region name where this resource is located.

Tags
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A list of AWS tags associated with a resource at the time the finding was processed.

Type
  • Required: Yes
  • Type: string

The type of the resource that details are provided for.

ResourceConflictException

Description

The resource specified in the request conflicts with an existing resource.

Members
Code
  • Type: string
Message
  • Type: string

ResourceDetails

Description

Additional details about a resource related to a finding.

Members
AwsEc2Instance
  • Type: AwsEc2InstanceDetails structure

Details about an Amazon EC2 instance related to a finding.

AwsIamAccessKey
  • Type: AwsIamAccessKeyDetails structure

Details about an IAM access key related to a finding.

AwsS3Bucket
  • Type: AwsS3BucketDetails structure

Details about an Amazon S3 Bucket related to a finding.

Container
  • Type: ContainerDetails structure

Details about a container resource related to a finding.

Other
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

Details about a resource that doesn't have a specific type defined.

ResourceNotFoundException

Description

The request was rejected because we can't find the specified resource.

Members
Code
  • Type: string
Message
  • Type: string

Result

Description

Details about the account that wasn't processed.

Members
AccountId
  • Type: string

An AWS account ID of the account that wasn't be processed.

ProcessingResult
  • Type: string

The reason that the account wasn't be processed.

Severity

Description

The severity of the finding.

Members
Normalized
  • Required: Yes
  • Type: int

The normalized severity of a finding.

Product
  • Type: double

The native severity as defined by the AWS service or integrated partner product that generated the finding.

SortCriterion

Description

A collection of finding attributes used to sort findings.

Members
Field
  • Type: string

The finding attribute used to sort findings.

SortOrder
  • Type: string

The order used to sort findings.

StandardsSubscription

Description

A resource that represents your subscription to a supported standard.

Members
StandardsArn
  • Required: Yes
  • Type: string

The ARN of a standard.

In this release, Security Hub supports only the CIS AWS Foundations standard, which uses the following ARN: arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

StandardsInput
  • Required: Yes
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A key-value pair of input for the standard.

StandardsStatus
  • Required: Yes
  • Type: string

The status of the standards subscription.

StandardsSubscriptionArn
  • Required: Yes
  • Type: string

The ARN of a resource that represents your subscription to a supported standard.

StandardsSubscriptionRequest

Description

The standard that you want to enable.

Members
StandardsArn
  • Required: Yes
  • Type: string

The ARN of the standard that you want to enable.

In this release, Security Hub only supports the CIS AWS Foundations standard.

Its ARN is arn:aws:securityhub:::ruleset/cis-aws-foundations-benchmark/v/1.2.0.

StandardsInput
  • Type: Associative array of custom strings keys (NonEmptyString) to strings

A key-value pair of input for the standard.

StringFilter

Description

A string filter for querying findings.

Members
Comparison
  • Type: string

The condition to be applied to a string value when querying for findings.

Value
  • Type: string

The string filter value.

ThreatIntelIndicator

Description

Details about the threat intel related to a finding.

Members
Category
  • Type: string

The category of a threat intel indicator.

LastObservedAt
  • Type: string

The date and time when the most recent instance of a threat intel indicator was observed.

Source
  • Type: string

The source of the threat intel indicator.

SourceUrl
  • Type: string

The URL to the page or site where you can get more information about the threat intel indicator.

Type
  • Type: string

The type of a threat intel indicator.

Value
  • Type: string

The value of a threat intel indicator.

AWS SDK for PHP 3.x API documentation generated by ApiGen