AWS SecurityHub

2020/02/14 - AWS SecurityHub - 1 new1 updated api methods

Changes  Update securityhub client to latest version

DescribeStandards (new) Link ¶

Returns a list of the available standards in Security Hub.

For each standard, the results include the standard ARN, the name, and a description.

See also: AWS API Documentation

Request Syntax

client.describe_standards(
    NextToken='string',
    MaxResults=123
)
type NextToken:

string

param NextToken:

The token that is required for pagination. On your first call to the DescribeStandards operation, set the value of this parameter to NULL.

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

type MaxResults:

integer

param MaxResults:

The maximum number of standards to return.

rtype:

dict

returns:

Response Syntax

{
    'Standards': [
        {
            'StandardsArn': 'string',
            'Name': 'string',
            'Description': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Standards (list) --

      A list of available standards.

      • (dict) --

        Provides information about a specific standard.

        • StandardsArn (string) --

          The ARN of a standard.

        • Name (string) --

          The name of the standard.

        • Description (string) --

          A description of the standard.

    • NextToken (string) --

      The pagination token to use to request the next page of results.

DescribeStandardsControls (updated) Link ¶
Changes (response)
{'Controls': {'RelatedRequirements': ['string']}}

Returns a list of compliance standards controls.

For each control, the results include information about whether it is currently enabled, the severity, and a link to remediation information.

See also: AWS API Documentation

Request Syntax

client.describe_standards_controls(
    StandardsSubscriptionArn='string',
    NextToken='string',
    MaxResults=123
)
type StandardsSubscriptionArn:

string

param StandardsSubscriptionArn:

[REQUIRED]

The ARN of a resource that represents your subscription to a supported standard.

type NextToken:

string

param NextToken:

The token that is required for pagination. On your first call to the DescribeStandardsControls operation, set the value of this parameter to NULL.

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

type MaxResults:

integer

param MaxResults:

The maximum number of compliance standard controls to return.

rtype:

dict

returns:

Response Syntax

{
    'Controls': [
        {
            'StandardsControlArn': 'string',
            'ControlStatus': 'ENABLED'|'DISABLED',
            'DisabledReason': 'string',
            'ControlStatusUpdatedAt': datetime(2015, 1, 1),
            'ControlId': 'string',
            'Title': 'string',
            'Description': 'string',
            'RemediationUrl': 'string',
            'SeverityRating': 'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
            'RelatedRequirements': [
                'string',
            ]
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Controls (list) --

      A list of compliance standards controls.

      • (dict) --

        Details for an individual compliance standard control.

        • StandardsControlArn (string) --

          The ARN of the compliance standard control.

        • ControlStatus (string) --

          The current status of the compliance standard control. Indicates whether the control is enabled or disabled. Security Hub does not check against disabled controls.

        • DisabledReason (string) --

          The reason provided for the most recent change in status for the control.

        • ControlStatusUpdatedAt (datetime) --

          The date and time that the status of the compliance standard control was most recently updated.

        • ControlId (string) --

          The identifier of the compliance standard control.

        • Title (string) --

          The title of the compliance standard control.

        • Description (string) --

          The longer description of the compliance standard control. Provides information about what the control is checking for.

        • RemediationUrl (string) --

          A link to remediation information for the control in the Security Hub user documentation.

        • SeverityRating (string) --

          The severity of findings generated from this compliance standard control.

          The finding severity is based on an assessment of how easy it would be to compromise AWS resources if the compliance issue is detected.

        • RelatedRequirements (list) --

          The list of requirements that are related to this control.

          • (string) --

    • NextToken (string) --

      The pagination token to use to request the next page of results.