Data Types
The AWS Security Hub API contains several data types that the various actions use. This section describes each data type in detail.
Note
The order of each element in a data type structure is not guaranteed. Applications should not assume a particular order.
Security Hub supports the following primary data types:
Security Hub supports the following objects as part of the ResourceDetails data type.
These objects apply to Security Hub findings in the AWS Security Finding Format (ASFF).
Amazon MQ objects
Amazon API Gateway objects
AWS AppSync objects
Amazon Athena objects
AWS Backup objects
AWS Certificate Manager objects
AWS CloudFormation objects
Amazon CloudFront objects
AWS CloudTrail objects
Amazon CloudWatch objects
AWS CodeBuild objects
AWS Database Migration Service objects (AWS DMS)
Amazon DynamoDB objects
Amazon Elastic Compute Cloud (EC2) objects
-
AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails
-
AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails
-
AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails
-
AwsEc2LaunchTemplateDataCapacityReservationSpecificationCapacityReservationTargetDetails
-
AwsEc2LaunchTemplateDataCapacityReservationSpecificationDetails
-
AwsEc2LaunchTemplateDataElasticInferenceAcceleratorSetDetails
-
AwsEc2LaunchTemplateDataInstanceMarketOptionsSpotOptionsDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorCountDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsAcceleratorTotalMemoryMiBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsBaselineEbsBandwidthMbpsDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsMemoryGiBPerVCpuDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsMemoryMiBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsNetworkInterfaceCountDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsTotalLocalStorageGBDetails
-
AwsEc2LaunchTemplateDataInstanceRequirementsVCpuCountDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv4PrefixesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6AddressesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetIpv6PrefixesDetails
-
AwsEc2LaunchTemplateDataNetworkInterfaceSetPrivateIpAddressesDetails
Amazon EC2 Auto Scaling objects
-
AwsAutoScalingAutoScalingGroupLaunchTemplateLaunchTemplateSpecification
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyInstancesDistributionDetails
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateDetails
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateLaunchTemplateSpecification
-
AwsAutoScalingAutoScalingGroupMixedInstancesPolicyLaunchTemplateOverridesListDetails
-
AwsAutoScalingLaunchConfigurationBlockDeviceMappingsEbsDetails
Amazon Elastic Container Registry (ECR) objects
Amazon Elastic Container Service (ECS) objects
-
AwsEcsClusterConfigurationExecuteCommandConfigurationDetails
-
AwsEcsClusterConfigurationExecuteCommandConfigurationLogConfigurationDetails
-
AwsEcsServiceDeploymentConfigurationDeploymentCircuitBreakerDetails
-
AwsEcsTaskDefinitionContainerDefinitionsEnvironmentFilesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsFirelensConfigurationDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersCapabilitiesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersDevicesDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLinuxParametersTmpfsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationDetails
-
AwsEcsTaskDefinitionContainerDefinitionsLogConfigurationSecretOptionsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsRepositoryCredentialsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsResourceRequirementsDetails
-
AwsEcsTaskDefinitionContainerDefinitionsSystemControlsDetails
-
AwsEcsTaskDefinitionProxyConfigurationProxyConfigurationPropertiesDetails
-
AwsEcsTaskDefinitionVolumesEfsVolumeConfigurationAuthorizationConfigDetails
Amazon Elastic File System (EFS) objects
Amazon Elastic Kubernetes Service (EKS) objects
AWS Elastic Beanstalk objects
Elasticsearch objects
Elastic Load Balancing objects
Amazon EventBridge objects
Amazon GuardDuty objects
AWS Identity and Access Management (IAM) objects
Amazon Kinesis objects
AWS Key Management Service (AWS KMS) objects
AWS Lambda objects
Amazon Managed Streaming for Apache Kafka (Amazon MSK) objects
AWS Network Firewall objects
Amazon OpenSearch Service objects
Amazon Relational Database Service (RDS) objects
Amazon Redshift objects
Amazon Route 53 objects
Amazon Simple Storage Service (S3) objects
-
AwsS3BucketBucketLifecycleConfigurationRulesAbortIncompleteMultipartUploadDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateOperandsTagDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesFilterPredicateTagDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesNoncurrentVersionTransitionsDetails
-
AwsS3BucketBucketLifecycleConfigurationRulesTransitionsDetails
-
AwsS3BucketObjectLockConfigurationRuleDefaultRetentionDetails
Amazon SageMaker AI objects
AWS Secrets Manager objects
Amazon Simple Notification Service (SNS) objects
Amazon Simple Queue Service (SQS) objects
AWS Systems Manager objects
AWS Step Functions objects
AWS WAF objects
AWS X-Ray objects
Container objects
