Findings Publication Configuration - Amazon Macie

Findings Publication Configuration

The Findings Publication Configuration resource provides settings for publishing findings to AWS Security Hub. With these settings, you can configure Macie to automatically publish all policy findings, all sensitive data findings, or both policy and sensitive data findings to Security Hub. This doesn't include findings that were suppressed (automatically archived) by a findings filter. You can also use these settings to stop publishing any findings to Security Hub. To learn more about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.

Security Hub is a service that provides you with a comprehensive view of your security state across your AWS environment and helps you check your environment against security industry standards and best practices. It does this partly by consuming, aggregating, organizing, and prioritizing findings from multiple AWS services and supported AWS Partner Network (APN) Partner security solutions. It helps you analyze your security trends and identify the highest priority security issues. To learn more about Security Hub, see the AWS Security Hub User Guide.

You can use the Findings Publication Configuration resource to retrieve information about or update your configuration settings for publishing findings to Security Hub automatically. If you configure Macie to publish policy findings to Security Hub, Macie publishes updates to those findings on a recurring basis, using a publication frequency that you specify. To specify this frequency, use the Account Administration resource.

URI

/findings-publication-configuration

HTTP methods

GET

Operation ID: GetFindingsPublicationConfiguration

Retrieves the configuration settings for publishing findings to AWS Security Hub.

Responses
Status code Response model Description
200 GetFindingsPublicationConfigurationResponse

The request succeeded.

400 ValidationException

The request failed because it contains a syntax error.

402 ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403 AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404 ResourceNotFoundException

The request failed because the specified resource wasn't found.

409 ConflictException

The request failed because it conflicts with the current state of the specified resource.

429 ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500 InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

PUT

Operation ID: PutFindingsPublicationConfiguration

Updates the configuration settings for publishing findings to AWS Security Hub.

Responses
Status code Response model Description
200 None

The request succeeded and there isn't any content to include in the body of the response (No Content).

400 ValidationException

The request failed because it contains a syntax error.

402 ServiceQuotaExceededException

The request failed because fulfilling the request would exceed one or more service quotas for your account.

403 AccessDeniedException

The request was denied because you don't have sufficient access to the specified resource.

404 ResourceNotFoundException

The request failed because the specified resource wasn't found.

409 ConflictException

The request failed because it conflicts with the current state of the specified resource.

429 ThrottlingException

The request failed because you sent too many requests during a certain amount of time.

500 InternalServerException

The request failed due to an unknown internal server error, exception, or failure.

Schemas

Request bodies

Response bodies

{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }
{ "message": "string" }

Properties

AccessDeniedException

Provides information about an error that occurred due to insufficient access to a specified resource.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ConflictException

Provides information about an error that occurred due to a versioning conflict for a specified resource.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

GetFindingsPublicationConfigurationResponse

Provides information about the current configuration settings for publishing findings to AWS Security Hub automatically.

Property Type Required Description
securityHubConfiguration

SecurityHubConfiguration

False

The configuration settings that determine which findings are published to AWS Security Hub.

InternalServerException

Provides information about an error that occurred due to an unknown internal server error, exception, or failure.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

PutFindingsPublicationConfigurationRequest

Specifies configuration settings for publishing findings to AWS Security Hub automatically.

Property Type Required Description
securityHubConfiguration

SecurityHubConfiguration

False

The configuration settings that determine which findings to publish to AWS Security Hub.

clientToken

string

False

A unique, case-sensitive token that you provide to ensure the idempotency of the request.

ResourceNotFoundException

Provides information about an error that occurred because a specified resource wasn't found.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

SecurityHubConfiguration

Specifies configuration settings that determine which findings are published to AWS Security Hub automatically. For information about how Macie publishes findings to Security Hub, see Amazon Macie integration with Security Hub in the Amazon Macie User Guide.

Property Type Required Description
publishPolicyFindings

boolean

True

Specifies whether to publish policy findings to AWS Security Hub. If you set this value to true, Amazon Macie automatically publishes all new and updated policy findings that weren't suppressed by a findings filter. The default value is true.

publishClassificationFindings

boolean

True

Specifies whether to publish sensitive data findings to AWS Security Hub. If you set this value to true, Amazon Macie automatically publishes all sensitive data findings that weren't suppressed by a findings filter. The default value is false.

ServiceQuotaExceededException

Provides information about an error that occurred due to one or more service quotas for an account.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ThrottlingException

Provides information about an error that occurred because too many requests were sent during a certain amount of time.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

ValidationException

Provides information about an error that occurred due to a syntax error in a request.

Property Type Required Description
message

string

False

The explanation of the error that occurred.

See also

For more information about using this API in one of the language-specific AWS SDKs and references, see the following:

GetFindingsPublicationConfiguration

PutFindingsPublicationConfiguration