2021/06/24 - AWS SecurityHub - 2 updated api methods
Changes Added new resource details for ECS clusters and ECS task definitions. Added additional information for S3 buckets, Elasticsearch domains, and API Gateway V2 stages.
{'Findings': {'Resources': {'Details': {'AwsApiGatewayV2Stage': {'ClientCertificateId': 'string'},
'AwsEc2Instance': {'NetworkInterfaces': [{'NetworkInterfaceId': 'string'}]},
'AwsEcsCluster': {'CapacityProviders': ['string'],
'ClusterSettings': [{'Name': 'string',
'Value': 'string'}],
'Configuration': {'ExecuteCommandConfiguration': {'KmsKeyId': 'string',
'LogConfiguration': {'CloudWatchEncryptionEnabled': 'boolean',
'CloudWatchLogGroupName': 'string',
'S3BucketName': 'string',
'S3EncryptionEnabled': 'boolean',
'S3KeyPrefix': 'string'},
'Logging': 'string'}},
'DefaultCapacityProviderStrategy': [{'Base': 'integer',
'CapacityProvider': 'string',
'Weight': 'integer'}]},
'AwsEcsTaskDefinition': {'ContainerDefinitions': [{'Command': ['string'],
'Cpu': 'integer',
'DependsOn': [{'Condition': 'string',
'ContainerName': 'string'}],
'DisableNetworking': 'boolean',
'DnsSearchDomains': ['string'],
'DnsServers': ['string'],
'DockerLabels': {'string': 'string'},
'DockerSecurityOptions': ['string'],
'EntryPoint': ['string'],
'Environment': [{'Name': 'string',
'Value': 'string'}],
'EnvironmentFiles': [{'Type': 'string',
'Value': 'string'}],
'Essential': 'boolean',
'ExtraHosts': [{'Hostname': 'string',
'IpAddress': 'string'}],
'FirelensConfiguration': {'Options': {'string': 'string'},
'Type': 'string'},
'HealthCheck': {'Command': ['string'],
'Interval': 'integer',
'Retries': 'integer',
'StartPeriod': 'integer',
'Timeout': 'integer'},
'Hostname': 'string',
'Image': 'string',
'Interactive': 'boolean',
'Links': ['string'],
'LinuxParameters': {'Capabilities': {'Add': ['string'],
'Drop': ['string']},
'Devices': [{'ContainerPath': 'string',
'HostPath': 'string',
'Permissions': ['string']}],
'InitProcessEnabled': 'boolean',
'MaxSwap': 'integer',
'SharedMemorySize': 'integer',
'Swappiness': 'integer',
'Tmpfs': [{'ContainerPath': 'string',
'MountOptions': ['string'],
'Size': 'integer'}]},
'LogConfiguration': {'LogDriver': 'string',
'Options': {'string': 'string'},
'SecretOptions': [{'Name': 'string',
'ValueFrom': 'string'}]},
'Memory': 'integer',
'MemoryReservation': 'integer',
'MountPoints': [{'ContainerPath': 'string',
'ReadOnly': 'boolean',
'SourceVolume': 'string'}],
'Name': 'string',
'PortMappings': [{'ContainerPort': 'integer',
'HostPort': 'integer',
'Protocol': 'string'}],
'Privileged': 'boolean',
'PseudoTerminal': 'boolean',
'ReadonlyRootFilesystem': 'boolean',
'RepositoryCredentials': {'CredentialsParameter': 'string'},
'ResourceRequirements': [{'Type': 'string',
'Value': 'string'}],
'Secrets': [{'Name': 'string',
'ValueFrom': 'string'}],
'StartTimeout': 'integer',
'StopTimeout': 'integer',
'SystemControls': [{'Namespace': 'string',
'Value': 'string'}],
'Ulimits': [{'HardLimit': 'integer',
'Name': 'string',
'SoftLimit': 'integer'}],
'User': 'string',
'VolumesFrom': [{'ReadOnly': 'boolean',
'SourceContainer': 'string'}],
'WorkingDirectory': 'string'}],
'Cpu': 'string',
'ExecutionRoleArn': 'string',
'Family': 'string',
'InferenceAccelerators': [{'DeviceName': 'string',
'DeviceType': 'string'}],
'IpcMode': 'string',
'Memory': 'string',
'NetworkMode': 'string',
'PidMode': 'string',
'PlacementConstraints': [{'Expression': 'string',
'Type': 'string'}],
'ProxyConfiguration': {'ContainerName': 'string',
'ProxyConfigurationProperties': [{'Name': 'string',
'Value': 'string'}],
'Type': 'string'},
'RequiresCompatibilities': ['string'],
'TaskRoleArn': 'string',
'Volumes': [{'DockerVolumeConfiguration': {'Autoprovision': 'boolean',
'Driver': 'string',
'DriverOpts': {'string': 'string'},
'Labels': {'string': 'string'},
'Scope': 'string'},
'EfsVolumeConfiguration': {'AuthorizationConfig': {'AccessPointId': 'string',
'Iam': 'string'},
'FilesystemId': 'string',
'RootDirectory': 'string',
'TransitEncryption': 'string',
'TransitEncryptionPort': 'integer'},
'Host': {'SourcePath': 'string'},
'Name': 'string'}]},
'AwsElasticsearchDomain': {'LogPublishingOptions': {'IndexSlowLogs': {'CloudWatchLogsLogGroupArn': 'string',
'Enabled': 'boolean'},
'SearchSlowLogs': {'CloudWatchLogsLogGroupArn': 'string',
'Enabled': 'boolean'}},
'ServiceSoftwareOptions': {'AutomatedUpdateDate': 'string',
'Cancellable': 'boolean',
'CurrentVersion': 'string',
'Description': 'string',
'NewVersion': 'string',
'UpdateAvailable': 'boolean',
'UpdateStatus': 'string'}},
'AwsS3Bucket': {'BucketLifecycleConfiguration': {'Rules': [{'AbortIncompleteMultipartUpload': {'DaysAfterInitiation': 'integer'},
'ExpirationDate': 'string',
'ExpirationInDays': 'integer',
'ExpiredObjectDeleteMarker': 'boolean',
'Filter': {'Predicate': {'Operands': [{'Prefix': 'string',
'Tag': {'Key': 'string',
'Value': 'string'},
'Type': 'string'}],
'Prefix': 'string',
'Tag': {'Key': 'string',
'Value': 'string'},
'Type': 'string'}},
'ID': 'string',
'NoncurrentVersionExpirationInDays': 'integer',
'NoncurrentVersionTransitions': [{'Days': 'integer',
'StorageClass': 'string'}],
'Prefix': 'string',
'Status': 'string',
'Transitions': [{'Date': 'string',
'Days': 'integer',
'StorageClass': 'string'}]}]}}}}}}
Imports security findings generated from an integrated product into Security Hub. This action is requested by the integrated product to import its findings into Security Hub.
The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
After a finding is created, BatchImportFindings cannot be used to update the following finding fields and objects, which Security Hub customers use to manage their investigation workflow.
Note
UserDefinedFields
VerificationState
Workflow
Finding providers also should not use BatchImportFindings to update the following attributes.
Confidence
Criticality
RelatedFindings
Severity
Types
Instead, finding providers use FindingProviderFields to provide values for these attributes.
See also: AWS API Documentation
Request Syntax
# This section is too large to render. # Please see the AWS API Documentation linked below.Parameters
# This section is too large to render. # Please see the AWS API Documentation linked below.
dict
Response Syntax
{
'FailedCount': 123,
'SuccessCount': 123,
'FailedFindings': [
{
'Id': 'string',
'ErrorCode': 'string',
'ErrorMessage': 'string'
},
]
}
Response Structure
(dict) --
FailedCount (integer) --
The number of findings that failed to import.
SuccessCount (integer) --
The number of findings that were successfully imported.
FailedFindings (list) --
The list of findings that failed to import.
(dict) --
The list of the findings that cannot be imported. For each finding, the list provides the error.
Id (string) --
The identifier of the finding that could not be updated.
ErrorCode (string) --
The code of the error returned by the BatchImportFindings operation.
ErrorMessage (string) --
The message of the error returned by the BatchImportFindings operation.
{'Findings': {'Resources': {'Details': {'AwsApiGatewayV2Stage': {'ClientCertificateId': 'string'},
'AwsEc2Instance': {'NetworkInterfaces': [{'NetworkInterfaceId': 'string'}]},
'AwsEcsCluster': {'CapacityProviders': ['string'],
'ClusterSettings': [{'Name': 'string',
'Value': 'string'}],
'Configuration': {'ExecuteCommandConfiguration': {'KmsKeyId': 'string',
'LogConfiguration': {'CloudWatchEncryptionEnabled': 'boolean',
'CloudWatchLogGroupName': 'string',
'S3BucketName': 'string',
'S3EncryptionEnabled': 'boolean',
'S3KeyPrefix': 'string'},
'Logging': 'string'}},
'DefaultCapacityProviderStrategy': [{'Base': 'integer',
'CapacityProvider': 'string',
'Weight': 'integer'}]},
'AwsEcsTaskDefinition': {'ContainerDefinitions': [{'Command': ['string'],
'Cpu': 'integer',
'DependsOn': [{'Condition': 'string',
'ContainerName': 'string'}],
'DisableNetworking': 'boolean',
'DnsSearchDomains': ['string'],
'DnsServers': ['string'],
'DockerLabels': {'string': 'string'},
'DockerSecurityOptions': ['string'],
'EntryPoint': ['string'],
'Environment': [{'Name': 'string',
'Value': 'string'}],
'EnvironmentFiles': [{'Type': 'string',
'Value': 'string'}],
'Essential': 'boolean',
'ExtraHosts': [{'Hostname': 'string',
'IpAddress': 'string'}],
'FirelensConfiguration': {'Options': {'string': 'string'},
'Type': 'string'},
'HealthCheck': {'Command': ['string'],
'Interval': 'integer',
'Retries': 'integer',
'StartPeriod': 'integer',
'Timeout': 'integer'},
'Hostname': 'string',
'Image': 'string',
'Interactive': 'boolean',
'Links': ['string'],
'LinuxParameters': {'Capabilities': {'Add': ['string'],
'Drop': ['string']},
'Devices': [{'ContainerPath': 'string',
'HostPath': 'string',
'Permissions': ['string']}],
'InitProcessEnabled': 'boolean',
'MaxSwap': 'integer',
'SharedMemorySize': 'integer',
'Swappiness': 'integer',
'Tmpfs': [{'ContainerPath': 'string',
'MountOptions': ['string'],
'Size': 'integer'}]},
'LogConfiguration': {'LogDriver': 'string',
'Options': {'string': 'string'},
'SecretOptions': [{'Name': 'string',
'ValueFrom': 'string'}]},
'Memory': 'integer',
'MemoryReservation': 'integer',
'MountPoints': [{'ContainerPath': 'string',
'ReadOnly': 'boolean',
'SourceVolume': 'string'}],
'Name': 'string',
'PortMappings': [{'ContainerPort': 'integer',
'HostPort': 'integer',
'Protocol': 'string'}],
'Privileged': 'boolean',
'PseudoTerminal': 'boolean',
'ReadonlyRootFilesystem': 'boolean',
'RepositoryCredentials': {'CredentialsParameter': 'string'},
'ResourceRequirements': [{'Type': 'string',
'Value': 'string'}],
'Secrets': [{'Name': 'string',
'ValueFrom': 'string'}],
'StartTimeout': 'integer',
'StopTimeout': 'integer',
'SystemControls': [{'Namespace': 'string',
'Value': 'string'}],
'Ulimits': [{'HardLimit': 'integer',
'Name': 'string',
'SoftLimit': 'integer'}],
'User': 'string',
'VolumesFrom': [{'ReadOnly': 'boolean',
'SourceContainer': 'string'}],
'WorkingDirectory': 'string'}],
'Cpu': 'string',
'ExecutionRoleArn': 'string',
'Family': 'string',
'InferenceAccelerators': [{'DeviceName': 'string',
'DeviceType': 'string'}],
'IpcMode': 'string',
'Memory': 'string',
'NetworkMode': 'string',
'PidMode': 'string',
'PlacementConstraints': [{'Expression': 'string',
'Type': 'string'}],
'ProxyConfiguration': {'ContainerName': 'string',
'ProxyConfigurationProperties': [{'Name': 'string',
'Value': 'string'}],
'Type': 'string'},
'RequiresCompatibilities': ['string'],
'TaskRoleArn': 'string',
'Volumes': [{'DockerVolumeConfiguration': {'Autoprovision': 'boolean',
'Driver': 'string',
'DriverOpts': {'string': 'string'},
'Labels': {'string': 'string'},
'Scope': 'string'},
'EfsVolumeConfiguration': {'AuthorizationConfig': {'AccessPointId': 'string',
'Iam': 'string'},
'FilesystemId': 'string',
'RootDirectory': 'string',
'TransitEncryption': 'string',
'TransitEncryptionPort': 'integer'},
'Host': {'SourcePath': 'string'},
'Name': 'string'}]},
'AwsElasticsearchDomain': {'LogPublishingOptions': {'IndexSlowLogs': {'CloudWatchLogsLogGroupArn': 'string',
'Enabled': 'boolean'},
'SearchSlowLogs': {'CloudWatchLogsLogGroupArn': 'string',
'Enabled': 'boolean'}},
'ServiceSoftwareOptions': {'AutomatedUpdateDate': 'string',
'Cancellable': 'boolean',
'CurrentVersion': 'string',
'Description': 'string',
'NewVersion': 'string',
'UpdateAvailable': 'boolean',
'UpdateStatus': 'string'}},
'AwsS3Bucket': {'BucketLifecycleConfiguration': {'Rules': [{'AbortIncompleteMultipartUpload': {'DaysAfterInitiation': 'integer'},
'ExpirationDate': 'string',
'ExpirationInDays': 'integer',
'ExpiredObjectDeleteMarker': 'boolean',
'Filter': {'Predicate': {'Operands': [{'Prefix': 'string',
'Tag': {'Key': 'string',
'Value': 'string'},
'Type': 'string'}],
'Prefix': 'string',
'Tag': {'Key': 'string',
'Value': 'string'},
'Type': 'string'}},
'ID': 'string',
'NoncurrentVersionExpirationInDays': 'integer',
'NoncurrentVersionTransitions': [{'Days': 'integer',
'StorageClass': 'string'}],
'Prefix': 'string',
'Status': 'string',
'Transitions': [{'Date': 'string',
'Days': 'integer',
'StorageClass': 'string'}]}]}}}}}}
Returns a list of findings that match the specified criteria.
See also: AWS API Documentation
Request Syntax
client.get_findings(
Filters={
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
],
'FindingProviderFieldsConfidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'FindingProviderFieldsCriticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'FindingProviderFieldsRelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FindingProviderFieldsRelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FindingProviderFieldsSeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FindingProviderFieldsSeverityOriginal': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FindingProviderFieldsTypes': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
]
},
SortCriteria=[
{
'Field': 'string',
'SortOrder': 'asc'|'desc'
},
],
NextToken='string',
MaxResults=123
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings>`_
dict
Response Syntax
# This section is too large to render. # Please see the AWS API Documentation linked below.
Response Structure
# This section is too large to render. # Please see the AWS API Documentation linked below.