SecurityHub / Client / get_recommended_policy_v2

get_recommended_policy_v2

SecurityHub.Client.get_recommended_policy_v2(**kwargs)

Retrieves the recommended policy to remediate a Security Hub finding. GetRecommendedPolicyV2 only supports findings for unused permissions.

See also: AWS API Documentation

Request Syntax

response = client.get_recommended_policy_v2(
    MetadataUid='string',
    NextToken='string',
    MaxResults=123
)

Parameters:

• MetadataUid (string) –

  [REQUIRED]

  The unique identifier (ID) of Security Hub OCSF findings found under the metadata.uid field of the finding.

• NextToken (string) – The token used to paginate the RecommendationSteps list returned. On your first call to GetRecommendedPolicyV2, omit this parameter or set it to NULL. For subsequent calls, use the NextToken value returned in the previous response to retrieve the next page of results.

• MaxResults (integer) – The maximum number of recommendation steps to return.

Return type:

dict

Returns:

Response Syntax

{
    'NextToken': 'string',
    'RecommendationType': 'UNUSED_PERMISSION_RECOMMENDATION',
    'RecommendationSteps': [
        {
            'UnusedPermissions': {
                'RecommendedAction': 'string',
                'ExistingPolicy': 'string',
                'ExistingPolicyId': 'string',
                'PolicyUpdatedAt': datetime(2015, 1, 1),
                'RecommendedPolicy': 'string'
            }
        },
    ],
    'Error': {
        'Code': 'string',
        'Message': 'string'
    },
    'Status': 'IN_PROGRESS'|'SUCCEEDED'|'FAILED',
    'ResourceArn': 'string'
}

Response Structure

• (dict) –

  • NextToken (string) –

    The pagination token to use to request the next page of results.

  • RecommendationType (string) –

    The type of recommendation for the finding.

  • RecommendationSteps (list) –

    The recommended steps to take to resolve the finding.

    • (dict) –

      Contains information about a recommended step to remediate a Security Hub finding.

      Note

      This is a Tagged Union structure. Only one of the following top level keys will be set: UnusedPermissions. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:

      'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
      

      • UnusedPermissions (dict) –

        A recommended step to remediate an unused permissions finding.

        • RecommendedAction (string) –

          A recommendation of whether to create or detach a policy for an unused permissions finding.

        • ExistingPolicy (string) –

          The contents of the existing policy identified by ExistingPolicyId which needs to be replaced, when the RecommendedAction is CREATE_POLICY.

        • ExistingPolicyId (string) –

          The ID of an existing policy to be replaced or detached.

        • PolicyUpdatedAt (datetime) –

          The time at which the existing policy for the unused permissions finding was last updated.

        • RecommendedPolicy (string) –

          The contents of the least-privileged recommended replacement for ExistingPolicyId, when the RecommendedAction is CREATE_POLICY.

  • Error (dict) –

    Detailed information for a FAILED retrieval status.

    • Code (string) –

      The error code for a failed retrieval of a recommended policy for a finding.

    • Message (string) –

      The error message for a failed retrieval of a recommended policy for a finding.

  • Status (string) –

    The current status of the recommended policy retrieval.

  • ResourceArn (string) –

    The ARN of the resource of the finding.

Exceptions

• SecurityHub.Client.exceptions.InvalidInputException

• SecurityHub.Client.exceptions.InternalServerException

• SecurityHub.Client.exceptions.AccessDeniedException

• SecurityHub.Client.exceptions.ResourceNotFoundException

• SecurityHub.Client.exceptions.ThrottlingException

• SecurityHub.Client.exceptions.ValidationException