Data retrieval APIs for AWS Security Hub
AWS Security Hub provides the following APIs for data retrieval.
| Actions | Description | Access level |
|---|---|---|
| BatchGetAutomationRules | Retrieve a list of details for automation rules from Security Hub based on rule Amazon Resource Names (ARNs) | Read |
| BatchGetConfigurationPolicyAssociations | Retrieve information about configuration policies associated with a specific list of member accounts and organizational units of the calling account's organization | Read |
| BatchGetControlEvaluations | Get the enablement and compliance status of controls, the findings count for controls, and the overall security score for controls on the Security Hub console | Read |
| BatchGetSecurityControls | Get details about specific security controls identified by ID or ARN | Read |
| BatchGetStandardsControlAssociations | Get the enablement status of a batch of security controls in standards | Read |
| DescribeActionTargets | Retrieve a list of custom actions using the API | Read |
| DescribeHub | Retrieve information about the hub resource in your account | Read |
| DescribeOrganizationConfiguration | Describe the organization configuration for Security Hub | Read |
| DescribeProducts | Retrieve information about the available Security Hub product integrations | Read |
| DescribeProductsV2 | Retrieve information about the available Security Hub V2 product integrations | Read |
| DescribeSecurityHubV2 | Retrieve information about the hub V2 resource in your account | Read |
| DescribeStandards | Retrieve information about Security Hub standards | Read |
| DescribeStandardsControls | Retrieve information about Security Hub standards controls | Read |
| GetAdhocInsightResults | Retrieve aggregated statistical data about the findings | Read |
| GetAdministratorAccount | Retrieve details about the Security Hub administrator account | Read |
| GetAggregatorV2 | Retrieve details for an aggregatorV2, which configures data aggregation across Regions | Read |
| GetAutomationRuleV2 | Retrieve details for an automation rule V2 from Security Hub based on rule Amazon Resource Name (ARN) | Read |
| GetConfigurationPolicy | Get a complete overview of one configuration policy created by the calling account | Read |
| GetConfigurationPolicyAssociation | Retrieve information about a configuration policy associated with a member account or organizational unit of the calling account's organization | Read |
| GetConnectorV2 | Retrieve details for a connector V2 from Security Hub based on connector id | Read |
| GetControlFindingSummary | Retrieve a security score and counts of finding and control statuses for a security standard | Read |
| GetEnabledStandards | Retrieve a list of the standards that are enabled in Security Hub | List |
| GetFindingAggregator | Retrieve details for a finding aggregator, which configures finding aggregation across Regions | Read |
| GetFindingHistory | Retrieve a list of finding history from Security Hub | Read |
| GetFindings | Retrieve a list of findings from Security Hub | Read |
| GetFreeTrialEndDate | Retrieve the end date for an account's free trial of Security Hub | Read |
| GetFreeTrialUsage | Retrieve information about Security Hub usage during the free trial period | Read |
| GetInsightFindingTrend | Retrieve an insight finding trend from Security Hub in order to generate a graph | Read |
| GetInsightResults | Retrieve insight results from Security Hub | Read |
| GetInsights | Retrieve Security Hub insights | List |
| GetInvitationsCount | Retrieve the count of Security Hub membership invitations sent to the account | Read |
| GetMasterAccount | Retrieve details about the Security Hub master account | Read |
| GetMembers | Retrieve the details of Security Hub member accounts | Read |
| GetResourcesStatisticsV2 | Retrieve aggregate statistics about resources | Read |
| GetResourcesV2 | Retrieve a list of resources | Read |
| GetSecurityControlDefinition | Get the definition details of a specific security control identified by ID | Read |
| GetUsage | Retrieve information about Security Hub usage by accounts | Read |
| ListAggregatorsV2 | Retrieve a list of aggregatorsV2, which configures data aggregation across Regions | List |
| ListAutomationRules | Retrieve a list of automation rules and their metadata for the calling account from Security Hub | List |
| ListAutomationRulesV2 | Retrieve a list of automation rules V2 and their metadata for the calling account from Security Hub | List |
| ListConfigurationPolicies | List the summaries of all configuration policies created by the calling account | List |
| ListConfigurationPolicyAssociations | Retrieve information about all configuration policies associationed with all member accounts and organizational units of the calling account's organization | List |
| ListConnectorsV2 | Retrieve a list of connectors V2 and their metadata for the calling account from Security Hub | List |
| ListControlEvaluationSummaries | Retrieve a list of controls for a standard, including the control IDs, statuses and finding counts | Read |
| ListEnabledProductsForImport | Retrieve the Security Hub integrated products that are currently enabled | List |
| ListFindingAggregators | Retrieve a list of finding aggregators, which contain the cross-Region finding aggregation configuration | List |
| ListInvitations | Retrieve the Security Hub invitations sent to the account | List |
| ListMembers | Retrieve details about Security Hub member accounts associated with the administrator account | List |
| ListOrganizationAdminAccounts | List the Security Hub administrator accounts for your organization | List |
| ListSecurityControlDefinitions | Retrieve a list of security control definitions, which contain details for security controls in the current region | List |
| ListStandardsControlAssociations | List the enablement status of a security control in standards | List |
| ListTagsForResource | List of tags associated with a resource | Read |
| SendFindingEvents | Use a custom action to send Security Hub findings to Amazon EventBridge | Read |
| SendInsightEvents | Use a custom action to send Security Hub insights to Amazon EventBridge | Read |
