AWS SecurityHub

Disables a Security Hub administrator account. Can only be called by the organization management account.

See also: AWS API Documentation

Request Syntax

client.disable_organization_admin_account(
    AdminAccountId='string'
)

type AdminAccountId:

string

param AdminAccountId:

[REQUIRED]

The AWS account identifier of the Security Hub administrator account.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

Used to update the configuration related to Organizations. Can only be called from a Security Hub administrator account.

See also: AWS API Documentation

Request Syntax

client.update_organization_configuration(
    AutoEnable=True|False
)

type AutoEnable:

boolean

param AutoEnable:

[REQUIRED]

Whether to automatically enable Security Hub for new accounts in the organization.

By default, this is false, and new accounts are not added automatically.

To automatically enable Security Hub for new accounts, set this to true.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --

Returns information about the Organizations configuration for Security Hub. Can only be called from a Security Hub administrator account.

See also: AWS API Documentation

Request Syntax

client.describe_organization_configuration()

rtype:

dict

returns:

Response Syntax

{
    'AutoEnable': True|False,
    'MemberAccountLimitReached': True|False
}

Response Structure

• (dict) --

  • AutoEnable (boolean) --

    Whether to automatically enable Security Hub for new accounts in the organization.

    If set to true, then Security Hub is enabled for new accounts. If set to false, then new accounts are not added automatically.

  • MemberAccountLimitReached (boolean) --

    Whether the maximum number of allowed member accounts are already associated with the Security Hub administrator account.

Lists the Security Hub administrator accounts. Can only be called by the organization management account.

See also: AWS API Documentation

Request Syntax

client.list_organization_admin_accounts(
    MaxResults=123,
    NextToken='string'
)

type MaxResults:

integer

param MaxResults:

The maximum number of items to return in the response.

type NextToken:

string

param NextToken:

The token that is required for pagination. On your first call to the ListOrganizationAdminAccounts operation, set the value of this parameter to NULL. For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

rtype:

dict

returns:

Response Syntax

{
    'AdminAccounts': [
        {
            'AccountId': 'string',
            'Status': 'ENABLED'|'DISABLE_IN_PROGRESS'
        },
    ],
    'NextToken': 'string'
}

Response Structure

• (dict) --

  • AdminAccounts (list) --

    The list of Security Hub administrator accounts.

    • (dict) --

      Represents a Security Hub administrator account designated by an organization management account.

      • AccountId (string) --

        The AWS account identifier of the Security Hub administrator account.

      • Status (string) --

        The current status of the Security Hub administrator account. Indicates whether the account is currently enabled as a Security Hub administrator.

  • NextToken (string) --

    The pagination token to use to request the next page of results.

Designates the Security Hub administrator account for an organization. Can only be called by the organization management account.

See also: AWS API Documentation

Request Syntax

client.enable_organization_admin_account(
    AdminAccountId='string'
)

type AdminAccountId:

string

param AdminAccountId:

[REQUIRED]

The AWS account identifier of the account to designate as the Security Hub administrator account.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

• (dict) --