Findings - Publication Configuration - Amazon Macie

Findings - Publication Configuration

The Publication Configuration resource for findings provides settings for publishing findings to AWS Security Hub. With these settings, you can configure Amazon Macie to automatically publish all policy findings, all sensitive data findings, or both policy and sensitive data findings to Security Hub. This doesn't include findings that were suppressed (automatically archived) by a findings filter. You can also use these settings to stop publishing any findings to Security Hub. To learn more about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.

Security Hub is a service that provides you with a comprehensive view of your security state across your AWS environment. It also helps you check your environment against security industry standards and best practices. It does this partly by consuming, aggregating, organizing, and prioritizing findings from multiple AWS services and supported AWS Partner Network (APN) security solutions. It helps you analyze your security trends and identify the highest priority security issues. To learn more about Security Hub, see the AWS Security Hub User Guide.

You can use the Publication Configuration resource for findings to retrieve information about or update your configuration settings for publishing findings to Security Hub automatically. If you configure Macie to publish policy findings to Security Hub, Macie publishes updates to those findings on a recurring basis. To specify the publication frequency for these updates, use the Account Administration resource.

URI

/findings-publication-configuration

HTTP methods

GET

Operation ID: GetFindingsPublicationConfiguration

Retrieves the configuration settings for publishing findings to AWS Security Hub.

Responses
Status codeResponse modelDescription
200GetFindingsPublicationConfigurationResponse

The request succeeded.

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

PUT

Operation ID: PutFindingsPublicationConfiguration

Updates the configuration settings for publishing findings to AWS Security Hub.

Responses
Status codeResponse modelDescription
200None

The request succeeded and there isn't any content to include in the body of the response (No Content).

400ValidationException

The request failed because the input doesn't satisfy the constraints specified by the service.

402ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404ResourceNotFoundException

The request failed because the specified resource wasn't found.

409ConflictException

The request failed because it conflicts with the current state of the specified resource.

429ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request bodies

Response bodies

{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

GetFindingsPublicationConfigurationResponse

Provides information about the current configuration settings for publishing findings to AWS Security Hub automatically.

PropertyTypeRequiredDescription
securityHubConfiguration

SecurityHubConfiguration

False

The configuration settings that determine which findings are published to AWS Security Hub.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

PutFindingsPublicationConfigurationRequest

Specifies configuration settings for publishing findings to AWS Security Hub automatically.

PropertyTypeRequiredDescription
clientToken

string

False

A unique, case-sensitive token that you provide to ensure the idempotency of the request.

securityHubConfiguration

SecurityHubConfiguration

False

The configuration settings that determine which findings to publish to AWS Security Hub.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

SecurityHubConfiguration

Specifies configuration settings that determine which findings are published to AWS Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.

PropertyTypeRequiredDescription
publishClassificationFindings

boolean

True

Specifies whether to publish sensitive data findings to AWS Security Hub. If you set this value to true, Amazon Macie automatically publishes all sensitive data findings that weren't suppressed by a findings filter. The default value is false.

publishPolicyFindings

boolean

True

Specifies whether to publish policy findings to AWS Security Hub. If you set this value to true, Amazon Macie automatically publishes all new and updated policy findings that weren't suppressed by a findings filter. The default value is true.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

PropertyTypeRequiredDescription
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetFindingsPublicationConfiguration

PutFindingsPublicationConfiguration