AWS SecurityHub

2020/03/26 - AWS SecurityHub - 2 updated api methods

Changes  Update securityhub client to latest version

DescribeStandards (updated) Link ¶
Changes (response) 
{'Standards': {'EnabledByDefault': 'boolean'}}

Returns a list of the available standards in Security Hub.

For each standard, the results include the standard ARN, the name, and a description.

See also: AWS API Documentation

Request Syntax

client.describe_standards(
    NextToken='string',
    MaxResults=123
)
type NextToken:

string

param NextToken:

The token that is required for pagination. On your first call to the DescribeStandards operation, set the value of this parameter to NULL.

For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.

type MaxResults:

integer

param MaxResults:

The maximum number of standards to return.

rtype:

dict

returns:

Response Syntax

{
    'Standards': [
        {
            'StandardsArn': 'string',
            'Name': 'string',
            'Description': 'string',
            'EnabledByDefault': True|False
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Standards (list) --

      A list of available standards.

      • (dict) --

        Provides information about a specific standard.

        • StandardsArn (string) --

          The ARN of a standard.

        • Name (string) --

          The name of the standard.

        • Description (string) --

          A description of the standard.

        • EnabledByDefault (boolean) --

          Whether the standard is enabled by default. When Security Hub is enabled from the console, if a standard is enabled by default, the check box for that standard is selected by default.

          When Security Hub is enabled using the EnableSecurityHub API operation, the standard is enabled by default unless EnableDefaultStandards is set to false.

    • NextToken (string) --

      The pagination token to use to request the next page of results.

EnableSecurityHub (updated) Link ¶
Changes (request) 
{'EnableDefaultStandards': 'boolean'}

Enables Security Hub for your account in the current Region or the Region you specify in the request.

When you enable Security Hub, you grant to Security Hub the permissions necessary to gather findings from other services that are integrated with Security Hub.

When you use the EnableSecurityHub operation to enable Security Hub, you also automatically enable the CIS AWS Foundations standard. You do not enable the Payment Card Industry Data Security Standard (PCI DSS) standard. To not enable the CIS AWS Foundations standard, set EnableDefaultStandards to false.

After you enable Security Hub, to enable a standard, use the BatchEnableStandards operation. To disable a standard, use the BatchDisableStandards operation.

To learn more, see Setting Up AWS Security Hub in the AWS Security Hub User Guide.

See also: AWS API Documentation

Request Syntax

client.enable_security_hub(
    Tags={
        'string': 'string'
    },
    EnableDefaultStandards=True|False
)
type Tags:

dict

param Tags:

The tags to add to the Hub resource when you enable Security Hub.

  • (string) --

    • (string) --

type EnableDefaultStandards:

boolean

param EnableDefaultStandards:

Whether to enable the security standards that Security Hub has designated as automatically enabled. If you do not provide a value for EnableDefaultStandards, it is set to true. To not enable the automatically enabled standards, set EnableDefaultStandards to false.

rtype:

dict

returns:

Response Syntax

{}

Response Structure

  • (dict) --