2020/08/18 - AWS SecurityHub - 6 updated api methods
Changes Update securityhub client to latest version
{'Findings': {'Resources': {'Details': {'AwsDynamoDbTable': {'AttributeDefinitions': [{'AttributeName': 'string',
'AttributeType': 'string'}],
'BillingModeSummary': {'BillingMode': 'string',
'LastUpdateToPayPerRequestDateTime': 'string'},
'CreationDateTime': 'string',
'GlobalSecondaryIndexes': [{'Backfilling': 'boolean',
'IndexArn': 'string',
'IndexName': 'string',
'IndexSizeBytes': 'long',
'IndexStatus': 'string',
'ItemCount': 'integer',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'Projection': {'NonKeyAttributes': ['string'],
'ProjectionType': 'string'},
'ProvisionedThroughput': {'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 'integer',
'ReadCapacityUnits': 'integer',
'WriteCapacityUnits': 'integer'}}],
'GlobalTableVersion': 'string',
'ItemCount': 'integer',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'LatestStreamArn': 'string',
'LatestStreamLabel': 'string',
'LocalSecondaryIndexes': [{'IndexArn': 'string',
'IndexName': 'string',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'Projection': {'NonKeyAttributes': ['string'],
'ProjectionType': 'string'}}],
'ProvisionedThroughput': {'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 'integer',
'ReadCapacityUnits': 'integer',
'WriteCapacityUnits': 'integer'},
'Replicas': [{'GlobalSecondaryIndexes': [{'IndexName': 'string',
'ProvisionedThroughputOverride': {'ReadCapacityUnits': 'integer'}}],
'KmsMasterKeyId': 'string',
'ProvisionedThroughputOverride': {'ReadCapacityUnits': 'integer'},
'RegionName': 'string',
'ReplicaStatus': 'string',
'ReplicaStatusDescription': 'string'}],
'RestoreSummary': {'RestoreDateTime': 'string',
'RestoreInProgress': 'boolean',
'SourceBackupArn': 'string',
'SourceTableArn': 'string'},
'SseDescription': {'InaccessibleEncryptionDateTime': 'string',
'KmsMasterKeyArn': 'string',
'SseType': 'string',
'Status': 'string'},
'StreamSpecification': {'StreamEnabled': 'boolean',
'StreamViewType': 'string'},
'TableId': 'string',
'TableName': 'string',
'TableSizeBytes': 'long',
'TableStatus': 'string'},
'AwsEc2Eip': {'AllocationId': 'string',
'AssociationId': 'string',
'Domain': 'string',
'InstanceId': 'string',
'NetworkBorderGroup': 'string',
'NetworkInterfaceId': 'string',
'NetworkInterfaceOwnerId': 'string',
'PrivateIpAddress': 'string',
'PublicIp': 'string',
'PublicIpv4Pool': 'string'},
'AwsIamPolicy': {'AttachmentCount': 'integer',
'CreateDate': 'string',
'DefaultVersionId': 'string',
'Description': 'string',
'IsAttachable': 'boolean',
'Path': 'string',
'PermissionsBoundaryUsageCount': 'integer',
'PolicyId': 'string',
'PolicyName': 'string',
'PolicyVersionList': [{'CreateDate': 'string',
'IsDefaultVersion': 'boolean',
'VersionId': 'string'}],
'UpdateDate': 'string'},
'AwsIamUser': {'AttachedManagedPolicies': [{'PolicyArn': 'string',
'PolicyName': 'string'}],
'CreateDate': 'string',
'GroupList': ['string'],
'Path': 'string',
'PermissionsBoundary': {'PermissionsBoundaryArn': 'string',
'PermissionsBoundaryType': 'string'},
'UserId': 'string',
'UserName': 'string',
'UserPolicyList': [{'PolicyName': 'string'}]},
'AwsKmsKey': {'Description': 'string'},
'AwsRdsDbCluster': {'ActivityStreamStatus': 'string',
'AllocatedStorage': 'integer',
'AssociatedRoles': [{'RoleArn': 'string',
'Status': 'string'}],
'AvailabilityZones': ['string'],
'BackupRetentionPeriod': 'integer',
'ClusterCreateTime': 'string',
'CopyTagsToSnapshot': 'boolean',
'CrossAccountClone': 'boolean',
'CustomEndpoints': ['string'],
'DatabaseName': 'string',
'DbClusterIdentifier': 'string',
'DbClusterMembers': [{'DbClusterParameterGroupStatus': 'string',
'DbInstanceIdentifier': 'string',
'IsClusterWriter': 'boolean',
'PromotionTier': 'integer'}],
'DbClusterOptionGroupMemberships': [{'DbClusterOptionGroupName': 'string',
'Status': 'string'}],
'DbClusterParameterGroup': 'string',
'DbClusterResourceId': 'string',
'DbSubnetGroup': 'string',
'DeletionProtection': 'boolean',
'DomainMemberships': [{'Domain': 'string',
'Fqdn': 'string',
'IamRoleName': 'string',
'Status': 'string'}],
'EnabledCloudWatchLogsExports': ['string'],
'Endpoint': 'string',
'Engine': 'string',
'EngineMode': 'string',
'EngineVersion': 'string',
'HostedZoneId': 'string',
'HttpEndpointEnabled': 'boolean',
'IamDatabaseAuthenticationEnabled': 'boolean',
'KmsKeyId': 'string',
'MasterUsername': 'string',
'MultiAz': 'boolean',
'Port': 'integer',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ReadReplicaIdentifiers': ['string'],
'ReaderEndpoint': 'string',
'Status': 'string',
'StorageEncrypted': 'boolean',
'VpcSecurityGroups': [{'Status': 'string',
'VpcSecurityGroupId': 'string'}]},
'AwsRdsDbClusterSnapshot': {'AllocatedStorage': 'integer',
'AvailabilityZones': ['string'],
'ClusterCreateTime': 'string',
'DbClusterIdentifier': 'string',
'DbClusterSnapshotIdentifier': 'string',
'Engine': 'string',
'EngineVersion': 'string',
'IamDatabaseAuthenticationEnabled': 'boolean',
'KmsKeyId': 'string',
'LicenseModel': 'string',
'MasterUsername': 'string',
'PercentProgress': 'integer',
'Port': 'integer',
'SnapshotCreateTime': 'string',
'SnapshotType': 'string',
'Status': 'string',
'StorageEncrypted': 'boolean',
'VpcId': 'string'},
'AwsRdsDbInstance': {'AllocatedStorage': 'integer',
'AutoMinorVersionUpgrade': 'boolean',
'AvailabilityZone': 'string',
'BackupRetentionPeriod': 'integer',
'CharacterSetName': 'string',
'CopyTagsToSnapshot': 'boolean',
'DbInstanceStatus': 'string',
'DbParameterGroups': [{'DbParameterGroupName': 'string',
'ParameterApplyStatus': 'string'}],
'DbSecurityGroups': ['string'],
'DbSubnetGroup': {'DbSubnetGroupArn': 'string',
'DbSubnetGroupDescription': 'string',
'DbSubnetGroupName': 'string',
'SubnetGroupStatus': 'string',
'Subnets': [{'SubnetAvailabilityZone': {'Name': 'string'},
'SubnetIdentifier': 'string',
'SubnetStatus': 'string'}],
'VpcId': 'string'},
'DomainMemberships': [{'Domain': 'string',
'Fqdn': 'string',
'IamRoleName': 'string',
'Status': 'string'}],
'EnabledCloudWatchLogsExports': ['string'],
'EnhancedMonitoringResourceArn': 'string',
'Iops': 'integer',
'LatestRestorableTime': 'string',
'LicenseModel': 'string',
'ListenerEndpoint': {'Address': 'string',
'HostedZoneId': 'string',
'Port': 'integer'},
'MasterUsername': 'string',
'MaxAllocatedStorage': 'integer',
'MonitoringInterval': 'integer',
'MonitoringRoleArn': 'string',
'MultiAz': 'boolean',
'OptionGroupMemberships': [{'OptionGroupName': 'string',
'Status': 'string'}],
'PendingModifiedValues': {'AllocatedStorage': 'integer',
'BackupRetentionPeriod': 'integer',
'CaCertificateIdentifier': 'string',
'DbInstanceClass': 'string',
'DbInstanceIdentifier': 'string',
'DbSubnetGroupName': 'string',
'EngineVersion': 'string',
'Iops': 'integer',
'LicenseModel': 'string',
'MasterUserPassword': 'string',
'MultiAZ': 'boolean',
'PendingCloudWatchLogsExports': {'LogTypesToDisable': ['string'],
'LogTypesToEnable': ['string']},
'Port': 'integer',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'StorageType': 'string'},
'PerformanceInsightsEnabled': 'boolean',
'PerformanceInsightsKmsKeyId': 'string',
'PerformanceInsightsRetentionPeriod': 'integer',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'PromotionTier': 'integer',
'ReadReplicaDBClusterIdentifiers': ['string'],
'ReadReplicaDBInstanceIdentifiers': ['string'],
'ReadReplicaSourceDBInstanceIdentifier': 'string',
'SecondaryAvailabilityZone': 'string',
'StatusInfos': [{'Message': 'string',
'Normal': 'boolean',
'Status': 'string',
'StatusType': 'string'}],
'StorageType': 'string',
'Timezone': 'string'},
'AwsRdsDbSnapshot': {'AllocatedStorage': 'integer',
'AvailabilityZone': 'string',
'DbInstanceIdentifier': 'string',
'DbSnapshotIdentifier': 'string',
'DbiResourceId': 'string',
'Encrypted': 'boolean',
'Engine': 'string',
'EngineVersion': 'string',
'IamDatabaseAuthenticationEnabled': 'boolean',
'InstanceCreateTime': 'string',
'Iops': 'integer',
'KmsKeyId': 'string',
'LicenseModel': 'string',
'MasterUsername': 'string',
'OptionGroupName': 'string',
'PercentProgress': 'integer',
'Port': 'integer',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'SnapshotCreateTime': 'string',
'SnapshotType': 'string',
'SourceDbSnapshotIdentifier': 'string',
'SourceRegion': 'string',
'Status': 'string',
'StorageType': 'string',
'TdeCredentialArn': 'string',
'Timezone': 'string',
'VpcId': 'string'},
'AwsSecretsManagerSecret': {'Deleted': 'boolean',
'Description': 'string',
'KmsKeyId': 'string',
'Name': 'string',
'RotationEnabled': 'boolean',
'RotationLambdaArn': 'string',
'RotationOccurredWithinFrequency': 'boolean',
'RotationRules': {'AutomaticallyAfterDays': 'integer'}}}}}}
Imports security findings generated from an integrated third-party product into Security Hub. This action is requested by the integrated product to import its findings into Security Hub.
The maximum allowed size for a finding is 240 Kb. An error is returned for any finding larger than 240 Kb.
After a finding is created, BatchImportFindings cannot be used to update the following finding fields and objects, which Security Hub customers use to manage their investigation workflow.
Confidence
Criticality
Note
RelatedFindings
Severity
Types
UserDefinedFields
VerificationState
Workflow
See also: AWS API Documentation
Request Syntax
client.batch_import_findings(
Findings=[
{
'SchemaVersion': 'string',
'Id': 'string',
'ProductArn': 'string',
'GeneratorId': 'string',
'AwsAccountId': 'string',
'Types': [
'string',
],
'FirstObservedAt': 'string',
'LastObservedAt': 'string',
'CreatedAt': 'string',
'UpdatedAt': 'string',
'Severity': {
'Product': 123.0,
'Label': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
'Normalized': 123,
'Original': 'string'
},
'Confidence': 123,
'Criticality': 123,
'Title': 'string',
'Description': 'string',
'Remediation': {
'Recommendation': {
'Text': 'string',
'Url': 'string'
}
},
'SourceUrl': 'string',
'ProductFields': {
'string': 'string'
},
'UserDefinedFields': {
'string': 'string'
},
'Malware': [
{
'Name': 'string',
'Type': 'ADWARE'|'BLENDED_THREAT'|'BOTNET_AGENT'|'COIN_MINER'|'EXPLOIT_KIT'|'KEYLOGGER'|'MACRO'|'POTENTIALLY_UNWANTED'|'SPYWARE'|'RANSOMWARE'|'REMOTE_ACCESS'|'ROOTKIT'|'TROJAN'|'VIRUS'|'WORM',
'Path': 'string',
'State': 'OBSERVED'|'REMOVAL_FAILED'|'REMOVED'
},
],
'Network': {
'Direction': 'IN'|'OUT',
'Protocol': 'string',
'OpenPortRange': {
'Begin': 123,
'End': 123
},
'SourceIpV4': 'string',
'SourceIpV6': 'string',
'SourcePort': 123,
'SourceDomain': 'string',
'SourceMac': 'string',
'DestinationIpV4': 'string',
'DestinationIpV6': 'string',
'DestinationPort': 123,
'DestinationDomain': 'string'
},
'NetworkPath': [
{
'ComponentId': 'string',
'ComponentType': 'string',
'Egress': {
'Protocol': 'string',
'Destination': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
},
'Source': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
}
},
'Ingress': {
'Protocol': 'string',
'Destination': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
},
'Source': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
}
}
},
],
'Process': {
'Name': 'string',
'Path': 'string',
'Pid': 123,
'ParentPid': 123,
'LaunchedAt': 'string',
'TerminatedAt': 'string'
},
'ThreatIntelIndicators': [
{
'Type': 'DOMAIN'|'EMAIL_ADDRESS'|'HASH_MD5'|'HASH_SHA1'|'HASH_SHA256'|'HASH_SHA512'|'IPV4_ADDRESS'|'IPV6_ADDRESS'|'MUTEX'|'PROCESS'|'URL',
'Value': 'string',
'Category': 'BACKDOOR'|'CARD_STEALER'|'COMMAND_AND_CONTROL'|'DROP_SITE'|'EXPLOIT_SITE'|'KEYLOGGER',
'LastObservedAt': 'string',
'Source': 'string',
'SourceUrl': 'string'
},
],
'Resources': [
{
'Type': 'string',
'Id': 'string',
'Partition': 'aws'|'aws-cn'|'aws-us-gov',
'Region': 'string',
'Tags': {
'string': 'string'
},
'Details': {
'AwsAutoScalingAutoScalingGroup': {
'LaunchConfigurationName': 'string',
'LoadBalancerNames': [
'string',
],
'HealthCheckType': 'string',
'HealthCheckGracePeriod': 123,
'CreatedTime': 'string'
},
'AwsCodeBuildProject': {
'EncryptionKey': 'string',
'Environment': {
'Certificate': 'string',
'ImagePullCredentialsType': 'string',
'RegistryCredential': {
'Credential': 'string',
'CredentialProvider': 'string'
},
'Type': 'string'
},
'Name': 'string',
'Source': {
'Type': 'string',
'Location': 'string',
'GitCloneDepth': 123,
'InsecureSsl': True|False
},
'ServiceRole': 'string',
'VpcConfig': {
'VpcId': 'string',
'Subnets': [
'string',
],
'SecurityGroupIds': [
'string',
]
}
},
'AwsCloudFrontDistribution': {
'DomainName': 'string',
'ETag': 'string',
'LastModifiedTime': 'string',
'Logging': {
'Bucket': 'string',
'Enabled': True|False,
'IncludeCookies': True|False,
'Prefix': 'string'
},
'Origins': {
'Items': [
{
'DomainName': 'string',
'Id': 'string',
'OriginPath': 'string'
},
]
},
'Status': 'string',
'WebAclId': 'string'
},
'AwsEc2Instance': {
'Type': 'string',
'ImageId': 'string',
'IpV4Addresses': [
'string',
],
'IpV6Addresses': [
'string',
],
'KeyName': 'string',
'IamInstanceProfileArn': 'string',
'VpcId': 'string',
'SubnetId': 'string',
'LaunchedAt': 'string'
},
'AwsEc2NetworkInterface': {
'Attachment': {
'AttachTime': 'string',
'AttachmentId': 'string',
'DeleteOnTermination': True|False,
'DeviceIndex': 123,
'InstanceId': 'string',
'InstanceOwnerId': 'string',
'Status': 'string'
},
'NetworkInterfaceId': 'string',
'SecurityGroups': [
{
'GroupName': 'string',
'GroupId': 'string'
},
],
'SourceDestCheck': True|False
},
'AwsEc2SecurityGroup': {
'GroupName': 'string',
'GroupId': 'string',
'OwnerId': 'string',
'VpcId': 'string',
'IpPermissions': [
{
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'UserIdGroupPairs': [
{
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
],
'IpRanges': [
{
'CidrIp': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string'
},
],
'PrefixListIds': [
{
'PrefixListId': 'string'
},
]
},
],
'IpPermissionsEgress': [
{
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'UserIdGroupPairs': [
{
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
],
'IpRanges': [
{
'CidrIp': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string'
},
],
'PrefixListIds': [
{
'PrefixListId': 'string'
},
]
},
]
},
'AwsEc2Volume': {
'CreateTime': 'string',
'Encrypted': True|False,
'Size': 123,
'SnapshotId': 'string',
'Status': 'string',
'KmsKeyId': 'string',
'Attachments': [
{
'AttachTime': 'string',
'DeleteOnTermination': True|False,
'InstanceId': 'string',
'Status': 'string'
},
]
},
'AwsEc2Vpc': {
'CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'CidrBlock': 'string',
'CidrBlockState': 'string'
},
],
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'CidrBlockState': 'string'
},
],
'DhcpOptionsId': 'string',
'State': 'string'
},
'AwsEc2Eip': {
'InstanceId': 'string',
'PublicIp': 'string',
'AllocationId': 'string',
'AssociationId': 'string',
'Domain': 'string',
'PublicIpv4Pool': 'string',
'NetworkBorderGroup': 'string',
'NetworkInterfaceId': 'string',
'NetworkInterfaceOwnerId': 'string',
'PrivateIpAddress': 'string'
},
'AwsElbv2LoadBalancer': {
'AvailabilityZones': [
{
'ZoneName': 'string',
'SubnetId': 'string'
},
],
'CanonicalHostedZoneId': 'string',
'CreatedTime': 'string',
'DNSName': 'string',
'IpAddressType': 'string',
'Scheme': 'string',
'SecurityGroups': [
'string',
],
'State': {
'Code': 'string',
'Reason': 'string'
},
'Type': 'string',
'VpcId': 'string'
},
'AwsElasticsearchDomain': {
'AccessPolicies': 'string',
'DomainEndpointOptions': {
'EnforceHTTPS': True|False,
'TLSSecurityPolicy': 'string'
},
'DomainId': 'string',
'DomainName': 'string',
'Endpoint': 'string',
'Endpoints': {
'string': 'string'
},
'ElasticsearchVersion': 'string',
'EncryptionAtRestOptions': {
'Enabled': True|False,
'KmsKeyId': 'string'
},
'NodeToNodeEncryptionOptions': {
'Enabled': True|False
},
'VPCOptions': {
'AvailabilityZones': [
'string',
],
'SecurityGroupIds': [
'string',
],
'SubnetIds': [
'string',
],
'VPCId': 'string'
}
},
'AwsS3Bucket': {
'OwnerId': 'string',
'OwnerName': 'string',
'CreatedAt': 'string',
'ServerSideEncryptionConfiguration': {
'Rules': [
{
'ApplyServerSideEncryptionByDefault': {
'SSEAlgorithm': 'string',
'KMSMasterKeyID': 'string'
}
},
]
}
},
'AwsS3Object': {
'LastModified': 'string',
'ETag': 'string',
'VersionId': 'string',
'ContentType': 'string',
'ServerSideEncryption': 'string',
'SSEKMSKeyId': 'string'
},
'AwsSecretsManagerSecret': {
'RotationRules': {
'AutomaticallyAfterDays': 123
},
'RotationOccurredWithinFrequency': True|False,
'KmsKeyId': 'string',
'RotationEnabled': True|False,
'RotationLambdaArn': 'string',
'Deleted': True|False,
'Name': 'string',
'Description': 'string'
},
'AwsIamAccessKey': {
'UserName': 'string',
'Status': 'Active'|'Inactive',
'CreatedAt': 'string',
'PrincipalId': 'string',
'PrincipalType': 'string',
'PrincipalName': 'string'
},
'AwsIamUser': {
'AttachedManagedPolicies': [
{
'PolicyName': 'string',
'PolicyArn': 'string'
},
],
'CreateDate': 'string',
'GroupList': [
'string',
],
'Path': 'string',
'PermissionsBoundary': {
'PermissionsBoundaryArn': 'string',
'PermissionsBoundaryType': 'string'
},
'UserId': 'string',
'UserName': 'string',
'UserPolicyList': [
{
'PolicyName': 'string'
},
]
},
'AwsIamPolicy': {
'AttachmentCount': 123,
'CreateDate': 'string',
'DefaultVersionId': 'string',
'Description': 'string',
'IsAttachable': True|False,
'Path': 'string',
'PermissionsBoundaryUsageCount': 123,
'PolicyId': 'string',
'PolicyName': 'string',
'PolicyVersionList': [
{
'VersionId': 'string',
'IsDefaultVersion': True|False,
'CreateDate': 'string'
},
],
'UpdateDate': 'string'
},
'AwsDynamoDbTable': {
'AttributeDefinitions': [
{
'AttributeName': 'string',
'AttributeType': 'string'
},
],
'BillingModeSummary': {
'BillingMode': 'string',
'LastUpdateToPayPerRequestDateTime': 'string'
},
'CreationDateTime': 'string',
'GlobalSecondaryIndexes': [
{
'Backfilling': True|False,
'IndexArn': 'string',
'IndexName': 'string',
'IndexSizeBytes': 123,
'IndexStatus': 'string',
'ItemCount': 123,
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'Projection': {
'NonKeyAttributes': [
'string',
],
'ProjectionType': 'string'
},
'ProvisionedThroughput': {
'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 123,
'ReadCapacityUnits': 123,
'WriteCapacityUnits': 123
}
},
],
'GlobalTableVersion': 'string',
'ItemCount': 123,
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'LatestStreamArn': 'string',
'LatestStreamLabel': 'string',
'LocalSecondaryIndexes': [
{
'IndexArn': 'string',
'IndexName': 'string',
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'Projection': {
'NonKeyAttributes': [
'string',
],
'ProjectionType': 'string'
}
},
],
'ProvisionedThroughput': {
'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 123,
'ReadCapacityUnits': 123,
'WriteCapacityUnits': 123
},
'Replicas': [
{
'GlobalSecondaryIndexes': [
{
'IndexName': 'string',
'ProvisionedThroughputOverride': {
'ReadCapacityUnits': 123
}
},
],
'KmsMasterKeyId': 'string',
'ProvisionedThroughputOverride': {
'ReadCapacityUnits': 123
},
'RegionName': 'string',
'ReplicaStatus': 'string',
'ReplicaStatusDescription': 'string'
},
],
'RestoreSummary': {
'SourceBackupArn': 'string',
'SourceTableArn': 'string',
'RestoreDateTime': 'string',
'RestoreInProgress': True|False
},
'SseDescription': {
'InaccessibleEncryptionDateTime': 'string',
'Status': 'string',
'SseType': 'string',
'KmsMasterKeyArn': 'string'
},
'StreamSpecification': {
'StreamEnabled': True|False,
'StreamViewType': 'string'
},
'TableId': 'string',
'TableName': 'string',
'TableSizeBytes': 123,
'TableStatus': 'string'
},
'AwsIamRole': {
'AssumeRolePolicyDocument': 'string',
'CreateDate': 'string',
'RoleId': 'string',
'RoleName': 'string',
'MaxSessionDuration': 123,
'Path': 'string'
},
'AwsKmsKey': {
'AWSAccountId': 'string',
'CreationDate': 123.0,
'KeyId': 'string',
'KeyManager': 'string',
'KeyState': 'string',
'Origin': 'string',
'Description': 'string'
},
'AwsLambdaFunction': {
'Code': {
'S3Bucket': 'string',
'S3Key': 'string',
'S3ObjectVersion': 'string',
'ZipFile': 'string'
},
'CodeSha256': 'string',
'DeadLetterConfig': {
'TargetArn': 'string'
},
'Environment': {
'Variables': {
'string': 'string'
},
'Error': {
'ErrorCode': 'string',
'Message': 'string'
}
},
'FunctionName': 'string',
'Handler': 'string',
'KmsKeyArn': 'string',
'LastModified': 'string',
'Layers': [
{
'Arn': 'string',
'CodeSize': 123
},
],
'MasterArn': 'string',
'MemorySize': 123,
'RevisionId': 'string',
'Role': 'string',
'Runtime': 'string',
'Timeout': 123,
'TracingConfig': {
'Mode': 'string'
},
'VpcConfig': {
'SecurityGroupIds': [
'string',
],
'SubnetIds': [
'string',
],
'VpcId': 'string'
},
'Version': 'string'
},
'AwsLambdaLayerVersion': {
'Version': 123,
'CompatibleRuntimes': [
'string',
],
'CreatedDate': 'string'
},
'AwsRdsDbInstance': {
'AssociatedRoles': [
{
'RoleArn': 'string',
'FeatureName': 'string',
'Status': 'string'
},
],
'CACertificateIdentifier': 'string',
'DBClusterIdentifier': 'string',
'DBInstanceIdentifier': 'string',
'DBInstanceClass': 'string',
'DbInstancePort': 123,
'DbiResourceId': 'string',
'DBName': 'string',
'DeletionProtection': True|False,
'Endpoint': {
'Address': 'string',
'Port': 123,
'HostedZoneId': 'string'
},
'Engine': 'string',
'EngineVersion': 'string',
'IAMDatabaseAuthenticationEnabled': True|False,
'InstanceCreateTime': 'string',
'KmsKeyId': 'string',
'PubliclyAccessible': True|False,
'StorageEncrypted': True|False,
'TdeCredentialArn': 'string',
'VpcSecurityGroups': [
{
'VpcSecurityGroupId': 'string',
'Status': 'string'
},
],
'MultiAz': True|False,
'EnhancedMonitoringResourceArn': 'string',
'DbInstanceStatus': 'string',
'MasterUsername': 'string',
'AllocatedStorage': 123,
'PreferredBackupWindow': 'string',
'BackupRetentionPeriod': 123,
'DbSecurityGroups': [
'string',
],
'DbParameterGroups': [
{
'DbParameterGroupName': 'string',
'ParameterApplyStatus': 'string'
},
],
'AvailabilityZone': 'string',
'DbSubnetGroup': {
'DbSubnetGroupName': 'string',
'DbSubnetGroupDescription': 'string',
'VpcId': 'string',
'SubnetGroupStatus': 'string',
'Subnets': [
{
'SubnetIdentifier': 'string',
'SubnetAvailabilityZone': {
'Name': 'string'
},
'SubnetStatus': 'string'
},
],
'DbSubnetGroupArn': 'string'
},
'PreferredMaintenanceWindow': 'string',
'PendingModifiedValues': {
'DbInstanceClass': 'string',
'AllocatedStorage': 123,
'MasterUserPassword': 'string',
'Port': 123,
'BackupRetentionPeriod': 123,
'MultiAZ': True|False,
'EngineVersion': 'string',
'LicenseModel': 'string',
'Iops': 123,
'DbInstanceIdentifier': 'string',
'StorageType': 'string',
'CaCertificateIdentifier': 'string',
'DbSubnetGroupName': 'string',
'PendingCloudWatchLogsExports': {
'LogTypesToEnable': [
'string',
],
'LogTypesToDisable': [
'string',
]
},
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
]
},
'LatestRestorableTime': 'string',
'AutoMinorVersionUpgrade': True|False,
'ReadReplicaSourceDBInstanceIdentifier': 'string',
'ReadReplicaDBInstanceIdentifiers': [
'string',
],
'ReadReplicaDBClusterIdentifiers': [
'string',
],
'LicenseModel': 'string',
'Iops': 123,
'OptionGroupMemberships': [
{
'OptionGroupName': 'string',
'Status': 'string'
},
],
'CharacterSetName': 'string',
'SecondaryAvailabilityZone': 'string',
'StatusInfos': [
{
'StatusType': 'string',
'Normal': True|False,
'Status': 'string',
'Message': 'string'
},
],
'StorageType': 'string',
'DomainMemberships': [
{
'Domain': 'string',
'Status': 'string',
'Fqdn': 'string',
'IamRoleName': 'string'
},
],
'CopyTagsToSnapshot': True|False,
'MonitoringInterval': 123,
'MonitoringRoleArn': 'string',
'PromotionTier': 123,
'Timezone': 'string',
'PerformanceInsightsEnabled': True|False,
'PerformanceInsightsKmsKeyId': 'string',
'PerformanceInsightsRetentionPeriod': 123,
'EnabledCloudWatchLogsExports': [
'string',
],
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
],
'ListenerEndpoint': {
'Address': 'string',
'Port': 123,
'HostedZoneId': 'string'
},
'MaxAllocatedStorage': 123
},
'AwsSnsTopic': {
'KmsMasterKeyId': 'string',
'Subscription': [
{
'Endpoint': 'string',
'Protocol': 'string'
},
],
'TopicName': 'string',
'Owner': 'string'
},
'AwsSqsQueue': {
'KmsDataKeyReusePeriodSeconds': 123,
'KmsMasterKeyId': 'string',
'QueueName': 'string',
'DeadLetterTargetArn': 'string'
},
'AwsWafWebAcl': {
'Name': 'string',
'DefaultAction': 'string',
'Rules': [
{
'Action': {
'Type': 'string'
},
'ExcludedRules': [
{
'RuleId': 'string'
},
],
'OverrideAction': {
'Type': 'string'
},
'Priority': 123,
'RuleId': 'string',
'Type': 'string'
},
],
'WebAclId': 'string'
},
'AwsRdsDbSnapshot': {
'DbSnapshotIdentifier': 'string',
'DbInstanceIdentifier': 'string',
'SnapshotCreateTime': 'string',
'Engine': 'string',
'AllocatedStorage': 123,
'Status': 'string',
'Port': 123,
'AvailabilityZone': 'string',
'VpcId': 'string',
'InstanceCreateTime': 'string',
'MasterUsername': 'string',
'EngineVersion': 'string',
'LicenseModel': 'string',
'SnapshotType': 'string',
'Iops': 123,
'OptionGroupName': 'string',
'PercentProgress': 123,
'SourceRegion': 'string',
'SourceDbSnapshotIdentifier': 'string',
'StorageType': 'string',
'TdeCredentialArn': 'string',
'Encrypted': True|False,
'KmsKeyId': 'string',
'Timezone': 'string',
'IamDatabaseAuthenticationEnabled': True|False,
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
],
'DbiResourceId': 'string'
},
'AwsRdsDbClusterSnapshot': {
'AvailabilityZones': [
'string',
],
'SnapshotCreateTime': 'string',
'Engine': 'string',
'AllocatedStorage': 123,
'Status': 'string',
'Port': 123,
'VpcId': 'string',
'ClusterCreateTime': 'string',
'MasterUsername': 'string',
'EngineVersion': 'string',
'LicenseModel': 'string',
'SnapshotType': 'string',
'PercentProgress': 123,
'StorageEncrypted': True|False,
'KmsKeyId': 'string',
'DbClusterIdentifier': 'string',
'DbClusterSnapshotIdentifier': 'string',
'IamDatabaseAuthenticationEnabled': True|False
},
'AwsRdsDbCluster': {
'AllocatedStorage': 123,
'AvailabilityZones': [
'string',
],
'BackupRetentionPeriod': 123,
'DatabaseName': 'string',
'Status': 'string',
'Endpoint': 'string',
'ReaderEndpoint': 'string',
'CustomEndpoints': [
'string',
],
'MultiAz': True|False,
'Engine': 'string',
'EngineVersion': 'string',
'Port': 123,
'MasterUsername': 'string',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ReadReplicaIdentifiers': [
'string',
],
'VpcSecurityGroups': [
{
'VpcSecurityGroupId': 'string',
'Status': 'string'
},
],
'HostedZoneId': 'string',
'StorageEncrypted': True|False,
'KmsKeyId': 'string',
'DbClusterResourceId': 'string',
'AssociatedRoles': [
{
'RoleArn': 'string',
'Status': 'string'
},
],
'ClusterCreateTime': 'string',
'EnabledCloudWatchLogsExports': [
'string',
],
'EngineMode': 'string',
'DeletionProtection': True|False,
'HttpEndpointEnabled': True|False,
'ActivityStreamStatus': 'string',
'CopyTagsToSnapshot': True|False,
'CrossAccountClone': True|False,
'DomainMemberships': [
{
'Domain': 'string',
'Status': 'string',
'Fqdn': 'string',
'IamRoleName': 'string'
},
],
'DbClusterParameterGroup': 'string',
'DbSubnetGroup': 'string',
'DbClusterOptionGroupMemberships': [
{
'DbClusterOptionGroupName': 'string',
'Status': 'string'
},
],
'DbClusterIdentifier': 'string',
'DbClusterMembers': [
{
'IsClusterWriter': True|False,
'PromotionTier': 123,
'DbInstanceIdentifier': 'string',
'DbClusterParameterGroupStatus': 'string'
},
],
'IamDatabaseAuthenticationEnabled': True|False
},
'Container': {
'Name': 'string',
'ImageId': 'string',
'ImageName': 'string',
'LaunchedAt': 'string'
},
'Other': {
'string': 'string'
}
}
},
],
'Compliance': {
'Status': 'PASSED'|'WARNING'|'FAILED'|'NOT_AVAILABLE',
'RelatedRequirements': [
'string',
],
'StatusReasons': [
{
'ReasonCode': 'string',
'Description': 'string'
},
]
},
'VerificationState': 'UNKNOWN'|'TRUE_POSITIVE'|'FALSE_POSITIVE'|'BENIGN_POSITIVE',
'WorkflowState': 'NEW'|'ASSIGNED'|'IN_PROGRESS'|'DEFERRED'|'RESOLVED',
'Workflow': {
'Status': 'NEW'|'NOTIFIED'|'RESOLVED'|'SUPPRESSED'
},
'RecordState': 'ACTIVE'|'ARCHIVED',
'RelatedFindings': [
{
'ProductArn': 'string',
'Id': 'string'
},
],
'Note': {
'Text': 'string',
'UpdatedBy': 'string',
'UpdatedAt': 'string'
},
'Vulnerabilities': [
{
'Id': 'string',
'VulnerablePackages': [
{
'Name': 'string',
'Version': 'string',
'Epoch': 'string',
'Release': 'string',
'Architecture': 'string'
},
],
'Cvss': [
{
'Version': 'string',
'BaseScore': 123.0,
'BaseVector': 'string'
},
],
'RelatedVulnerabilities': [
'string',
],
'Vendor': {
'Name': 'string',
'Url': 'string',
'VendorSeverity': 'string',
'VendorCreatedAt': 'string',
'VendorUpdatedAt': 'string'
},
'ReferenceUrls': [
'string',
]
},
]
},
]
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/BatchImportFindings>`_
dict
Response Syntax
{
'FailedCount': 123,
'SuccessCount': 123,
'FailedFindings': [
{
'Id': 'string',
'ErrorCode': 'string',
'ErrorMessage': 'string'
},
]
}
Response Structure
(dict) --
FailedCount (integer) --
The number of findings that failed to import.
SuccessCount (integer) --
The number of findings that were successfully imported.
FailedFindings (list) --
The list of findings that failed to import.
(dict) --
The list of the findings that cannot be imported. For each finding, the list provides the error.
Id (string) --
The identifier of the finding that could not be updated.
ErrorCode (string) --
The code of the error returned by the BatchImportFindings operation.
ErrorMessage (string) --
The message of the error returned by the BatchImportFindings operation.
{'Filters': {'AwsAccountId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'CompanyName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ComplianceStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Description': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'GeneratorId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Id': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwarePath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareType': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NetworkDestinationDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDirection': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkProtocol': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceMac': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteText': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NoteUpdatedBy': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProcessPath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductArn': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductFields': {'Comparison': {'NOT_EQUALS'}},
'ProductName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RecommendationText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecordState': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RelatedFindingsId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceIamInstanceProfileArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceKeyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceSubnetId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceVpcId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyUserName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceDetailsOther': {'Comparison': {'NOT_EQUALS'}},
'ResourceId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ResourcePartition': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceRegion': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceTags': {'Comparison': {'NOT_EQUALS'}},
'ResourceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SeverityLabel': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SourceUrl': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorCategory': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSource': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorValue': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Title': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Type': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'UserDefinedFields': {'Comparison': {'NOT_EQUALS'}},
'VerificationState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}}}}
Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
To group the related findings in the insight, use the GroupByAttribute.
See also: AWS API Documentation
Request Syntax
client.create_insight(
Name='string',
Filters={
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
]
},
GroupByAttribute='string'
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/CreateInsight>`_
dict
Response Syntax
{
'InsightArn': 'string'
}
Response Structure
(dict) --
InsightArn (string) --
The ARN of the insight created.
{'Filters': {'AwsAccountId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'CompanyName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ComplianceStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Description': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'GeneratorId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Id': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwarePath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareType': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NetworkDestinationDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDirection': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkProtocol': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceMac': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteText': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NoteUpdatedBy': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProcessPath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductArn': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductFields': {'Comparison': {'NOT_EQUALS'}},
'ProductName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RecommendationText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecordState': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RelatedFindingsId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceIamInstanceProfileArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceKeyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceSubnetId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceVpcId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyUserName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceDetailsOther': {'Comparison': {'NOT_EQUALS'}},
'ResourceId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ResourcePartition': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceRegion': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceTags': {'Comparison': {'NOT_EQUALS'}},
'ResourceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SeverityLabel': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SourceUrl': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorCategory': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSource': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorValue': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Title': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Type': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'UserDefinedFields': {'Comparison': {'NOT_EQUALS'}},
'VerificationState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}}}}
Response {'Findings': {'Resources': {'Details': {'AwsDynamoDbTable': {'AttributeDefinitions': [{'AttributeName': 'string',
'AttributeType': 'string'}],
'BillingModeSummary': {'BillingMode': 'string',
'LastUpdateToPayPerRequestDateTime': 'string'},
'CreationDateTime': 'string',
'GlobalSecondaryIndexes': [{'Backfilling': 'boolean',
'IndexArn': 'string',
'IndexName': 'string',
'IndexSizeBytes': 'long',
'IndexStatus': 'string',
'ItemCount': 'integer',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'Projection': {'NonKeyAttributes': ['string'],
'ProjectionType': 'string'},
'ProvisionedThroughput': {'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 'integer',
'ReadCapacityUnits': 'integer',
'WriteCapacityUnits': 'integer'}}],
'GlobalTableVersion': 'string',
'ItemCount': 'integer',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'LatestStreamArn': 'string',
'LatestStreamLabel': 'string',
'LocalSecondaryIndexes': [{'IndexArn': 'string',
'IndexName': 'string',
'KeySchema': [{'AttributeName': 'string',
'KeyType': 'string'}],
'Projection': {'NonKeyAttributes': ['string'],
'ProjectionType': 'string'}}],
'ProvisionedThroughput': {'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 'integer',
'ReadCapacityUnits': 'integer',
'WriteCapacityUnits': 'integer'},
'Replicas': [{'GlobalSecondaryIndexes': [{'IndexName': 'string',
'ProvisionedThroughputOverride': {'ReadCapacityUnits': 'integer'}}],
'KmsMasterKeyId': 'string',
'ProvisionedThroughputOverride': {'ReadCapacityUnits': 'integer'},
'RegionName': 'string',
'ReplicaStatus': 'string',
'ReplicaStatusDescription': 'string'}],
'RestoreSummary': {'RestoreDateTime': 'string',
'RestoreInProgress': 'boolean',
'SourceBackupArn': 'string',
'SourceTableArn': 'string'},
'SseDescription': {'InaccessibleEncryptionDateTime': 'string',
'KmsMasterKeyArn': 'string',
'SseType': 'string',
'Status': 'string'},
'StreamSpecification': {'StreamEnabled': 'boolean',
'StreamViewType': 'string'},
'TableId': 'string',
'TableName': 'string',
'TableSizeBytes': 'long',
'TableStatus': 'string'},
'AwsEc2Eip': {'AllocationId': 'string',
'AssociationId': 'string',
'Domain': 'string',
'InstanceId': 'string',
'NetworkBorderGroup': 'string',
'NetworkInterfaceId': 'string',
'NetworkInterfaceOwnerId': 'string',
'PrivateIpAddress': 'string',
'PublicIp': 'string',
'PublicIpv4Pool': 'string'},
'AwsIamPolicy': {'AttachmentCount': 'integer',
'CreateDate': 'string',
'DefaultVersionId': 'string',
'Description': 'string',
'IsAttachable': 'boolean',
'Path': 'string',
'PermissionsBoundaryUsageCount': 'integer',
'PolicyId': 'string',
'PolicyName': 'string',
'PolicyVersionList': [{'CreateDate': 'string',
'IsDefaultVersion': 'boolean',
'VersionId': 'string'}],
'UpdateDate': 'string'},
'AwsIamUser': {'AttachedManagedPolicies': [{'PolicyArn': 'string',
'PolicyName': 'string'}],
'CreateDate': 'string',
'GroupList': ['string'],
'Path': 'string',
'PermissionsBoundary': {'PermissionsBoundaryArn': 'string',
'PermissionsBoundaryType': 'string'},
'UserId': 'string',
'UserName': 'string',
'UserPolicyList': [{'PolicyName': 'string'}]},
'AwsKmsKey': {'Description': 'string'},
'AwsRdsDbCluster': {'ActivityStreamStatus': 'string',
'AllocatedStorage': 'integer',
'AssociatedRoles': [{'RoleArn': 'string',
'Status': 'string'}],
'AvailabilityZones': ['string'],
'BackupRetentionPeriod': 'integer',
'ClusterCreateTime': 'string',
'CopyTagsToSnapshot': 'boolean',
'CrossAccountClone': 'boolean',
'CustomEndpoints': ['string'],
'DatabaseName': 'string',
'DbClusterIdentifier': 'string',
'DbClusterMembers': [{'DbClusterParameterGroupStatus': 'string',
'DbInstanceIdentifier': 'string',
'IsClusterWriter': 'boolean',
'PromotionTier': 'integer'}],
'DbClusterOptionGroupMemberships': [{'DbClusterOptionGroupName': 'string',
'Status': 'string'}],
'DbClusterParameterGroup': 'string',
'DbClusterResourceId': 'string',
'DbSubnetGroup': 'string',
'DeletionProtection': 'boolean',
'DomainMemberships': [{'Domain': 'string',
'Fqdn': 'string',
'IamRoleName': 'string',
'Status': 'string'}],
'EnabledCloudWatchLogsExports': ['string'],
'Endpoint': 'string',
'Engine': 'string',
'EngineMode': 'string',
'EngineVersion': 'string',
'HostedZoneId': 'string',
'HttpEndpointEnabled': 'boolean',
'IamDatabaseAuthenticationEnabled': 'boolean',
'KmsKeyId': 'string',
'MasterUsername': 'string',
'MultiAz': 'boolean',
'Port': 'integer',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ReadReplicaIdentifiers': ['string'],
'ReaderEndpoint': 'string',
'Status': 'string',
'StorageEncrypted': 'boolean',
'VpcSecurityGroups': [{'Status': 'string',
'VpcSecurityGroupId': 'string'}]},
'AwsRdsDbClusterSnapshot': {'AllocatedStorage': 'integer',
'AvailabilityZones': ['string'],
'ClusterCreateTime': 'string',
'DbClusterIdentifier': 'string',
'DbClusterSnapshotIdentifier': 'string',
'Engine': 'string',
'EngineVersion': 'string',
'IamDatabaseAuthenticationEnabled': 'boolean',
'KmsKeyId': 'string',
'LicenseModel': 'string',
'MasterUsername': 'string',
'PercentProgress': 'integer',
'Port': 'integer',
'SnapshotCreateTime': 'string',
'SnapshotType': 'string',
'Status': 'string',
'StorageEncrypted': 'boolean',
'VpcId': 'string'},
'AwsRdsDbInstance': {'AllocatedStorage': 'integer',
'AutoMinorVersionUpgrade': 'boolean',
'AvailabilityZone': 'string',
'BackupRetentionPeriod': 'integer',
'CharacterSetName': 'string',
'CopyTagsToSnapshot': 'boolean',
'DbInstanceStatus': 'string',
'DbParameterGroups': [{'DbParameterGroupName': 'string',
'ParameterApplyStatus': 'string'}],
'DbSecurityGroups': ['string'],
'DbSubnetGroup': {'DbSubnetGroupArn': 'string',
'DbSubnetGroupDescription': 'string',
'DbSubnetGroupName': 'string',
'SubnetGroupStatus': 'string',
'Subnets': [{'SubnetAvailabilityZone': {'Name': 'string'},
'SubnetIdentifier': 'string',
'SubnetStatus': 'string'}],
'VpcId': 'string'},
'DomainMemberships': [{'Domain': 'string',
'Fqdn': 'string',
'IamRoleName': 'string',
'Status': 'string'}],
'EnabledCloudWatchLogsExports': ['string'],
'EnhancedMonitoringResourceArn': 'string',
'Iops': 'integer',
'LatestRestorableTime': 'string',
'LicenseModel': 'string',
'ListenerEndpoint': {'Address': 'string',
'HostedZoneId': 'string',
'Port': 'integer'},
'MasterUsername': 'string',
'MaxAllocatedStorage': 'integer',
'MonitoringInterval': 'integer',
'MonitoringRoleArn': 'string',
'MultiAz': 'boolean',
'OptionGroupMemberships': [{'OptionGroupName': 'string',
'Status': 'string'}],
'PendingModifiedValues': {'AllocatedStorage': 'integer',
'BackupRetentionPeriod': 'integer',
'CaCertificateIdentifier': 'string',
'DbInstanceClass': 'string',
'DbInstanceIdentifier': 'string',
'DbSubnetGroupName': 'string',
'EngineVersion': 'string',
'Iops': 'integer',
'LicenseModel': 'string',
'MasterUserPassword': 'string',
'MultiAZ': 'boolean',
'PendingCloudWatchLogsExports': {'LogTypesToDisable': ['string'],
'LogTypesToEnable': ['string']},
'Port': 'integer',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'StorageType': 'string'},
'PerformanceInsightsEnabled': 'boolean',
'PerformanceInsightsKmsKeyId': 'string',
'PerformanceInsightsRetentionPeriod': 'integer',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'PromotionTier': 'integer',
'ReadReplicaDBClusterIdentifiers': ['string'],
'ReadReplicaDBInstanceIdentifiers': ['string'],
'ReadReplicaSourceDBInstanceIdentifier': 'string',
'SecondaryAvailabilityZone': 'string',
'StatusInfos': [{'Message': 'string',
'Normal': 'boolean',
'Status': 'string',
'StatusType': 'string'}],
'StorageType': 'string',
'Timezone': 'string'},
'AwsRdsDbSnapshot': {'AllocatedStorage': 'integer',
'AvailabilityZone': 'string',
'DbInstanceIdentifier': 'string',
'DbSnapshotIdentifier': 'string',
'DbiResourceId': 'string',
'Encrypted': 'boolean',
'Engine': 'string',
'EngineVersion': 'string',
'IamDatabaseAuthenticationEnabled': 'boolean',
'InstanceCreateTime': 'string',
'Iops': 'integer',
'KmsKeyId': 'string',
'LicenseModel': 'string',
'MasterUsername': 'string',
'OptionGroupName': 'string',
'PercentProgress': 'integer',
'Port': 'integer',
'ProcessorFeatures': [{'Name': 'string',
'Value': 'string'}],
'SnapshotCreateTime': 'string',
'SnapshotType': 'string',
'SourceDbSnapshotIdentifier': 'string',
'SourceRegion': 'string',
'Status': 'string',
'StorageType': 'string',
'TdeCredentialArn': 'string',
'Timezone': 'string',
'VpcId': 'string'},
'AwsSecretsManagerSecret': {'Deleted': 'boolean',
'Description': 'string',
'KmsKeyId': 'string',
'Name': 'string',
'RotationEnabled': 'boolean',
'RotationLambdaArn': 'string',
'RotationOccurredWithinFrequency': 'boolean',
'RotationRules': {'AutomaticallyAfterDays': 'integer'}}}}}}
Returns a list of findings that match the specified criteria.
See also: AWS API Documentation
Request Syntax
client.get_findings(
Filters={
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
]
},
SortCriteria=[
{
'Field': 'string',
'SortOrder': 'asc'|'desc'
},
],
NextToken='string',
MaxResults=123
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings>`_
dict
Response Syntax
{
'Findings': [
{
'SchemaVersion': 'string',
'Id': 'string',
'ProductArn': 'string',
'GeneratorId': 'string',
'AwsAccountId': 'string',
'Types': [
'string',
],
'FirstObservedAt': 'string',
'LastObservedAt': 'string',
'CreatedAt': 'string',
'UpdatedAt': 'string',
'Severity': {
'Product': 123.0,
'Label': 'INFORMATIONAL'|'LOW'|'MEDIUM'|'HIGH'|'CRITICAL',
'Normalized': 123,
'Original': 'string'
},
'Confidence': 123,
'Criticality': 123,
'Title': 'string',
'Description': 'string',
'Remediation': {
'Recommendation': {
'Text': 'string',
'Url': 'string'
}
},
'SourceUrl': 'string',
'ProductFields': {
'string': 'string'
},
'UserDefinedFields': {
'string': 'string'
},
'Malware': [
{
'Name': 'string',
'Type': 'ADWARE'|'BLENDED_THREAT'|'BOTNET_AGENT'|'COIN_MINER'|'EXPLOIT_KIT'|'KEYLOGGER'|'MACRO'|'POTENTIALLY_UNWANTED'|'SPYWARE'|'RANSOMWARE'|'REMOTE_ACCESS'|'ROOTKIT'|'TROJAN'|'VIRUS'|'WORM',
'Path': 'string',
'State': 'OBSERVED'|'REMOVAL_FAILED'|'REMOVED'
},
],
'Network': {
'Direction': 'IN'|'OUT',
'Protocol': 'string',
'OpenPortRange': {
'Begin': 123,
'End': 123
},
'SourceIpV4': 'string',
'SourceIpV6': 'string',
'SourcePort': 123,
'SourceDomain': 'string',
'SourceMac': 'string',
'DestinationIpV4': 'string',
'DestinationIpV6': 'string',
'DestinationPort': 123,
'DestinationDomain': 'string'
},
'NetworkPath': [
{
'ComponentId': 'string',
'ComponentType': 'string',
'Egress': {
'Protocol': 'string',
'Destination': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
},
'Source': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
}
},
'Ingress': {
'Protocol': 'string',
'Destination': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
},
'Source': {
'Address': [
'string',
],
'PortRanges': [
{
'Begin': 123,
'End': 123
},
]
}
}
},
],
'Process': {
'Name': 'string',
'Path': 'string',
'Pid': 123,
'ParentPid': 123,
'LaunchedAt': 'string',
'TerminatedAt': 'string'
},
'ThreatIntelIndicators': [
{
'Type': 'DOMAIN'|'EMAIL_ADDRESS'|'HASH_MD5'|'HASH_SHA1'|'HASH_SHA256'|'HASH_SHA512'|'IPV4_ADDRESS'|'IPV6_ADDRESS'|'MUTEX'|'PROCESS'|'URL',
'Value': 'string',
'Category': 'BACKDOOR'|'CARD_STEALER'|'COMMAND_AND_CONTROL'|'DROP_SITE'|'EXPLOIT_SITE'|'KEYLOGGER',
'LastObservedAt': 'string',
'Source': 'string',
'SourceUrl': 'string'
},
],
'Resources': [
{
'Type': 'string',
'Id': 'string',
'Partition': 'aws'|'aws-cn'|'aws-us-gov',
'Region': 'string',
'Tags': {
'string': 'string'
},
'Details': {
'AwsAutoScalingAutoScalingGroup': {
'LaunchConfigurationName': 'string',
'LoadBalancerNames': [
'string',
],
'HealthCheckType': 'string',
'HealthCheckGracePeriod': 123,
'CreatedTime': 'string'
},
'AwsCodeBuildProject': {
'EncryptionKey': 'string',
'Environment': {
'Certificate': 'string',
'ImagePullCredentialsType': 'string',
'RegistryCredential': {
'Credential': 'string',
'CredentialProvider': 'string'
},
'Type': 'string'
},
'Name': 'string',
'Source': {
'Type': 'string',
'Location': 'string',
'GitCloneDepth': 123,
'InsecureSsl': True|False
},
'ServiceRole': 'string',
'VpcConfig': {
'VpcId': 'string',
'Subnets': [
'string',
],
'SecurityGroupIds': [
'string',
]
}
},
'AwsCloudFrontDistribution': {
'DomainName': 'string',
'ETag': 'string',
'LastModifiedTime': 'string',
'Logging': {
'Bucket': 'string',
'Enabled': True|False,
'IncludeCookies': True|False,
'Prefix': 'string'
},
'Origins': {
'Items': [
{
'DomainName': 'string',
'Id': 'string',
'OriginPath': 'string'
},
]
},
'Status': 'string',
'WebAclId': 'string'
},
'AwsEc2Instance': {
'Type': 'string',
'ImageId': 'string',
'IpV4Addresses': [
'string',
],
'IpV6Addresses': [
'string',
],
'KeyName': 'string',
'IamInstanceProfileArn': 'string',
'VpcId': 'string',
'SubnetId': 'string',
'LaunchedAt': 'string'
},
'AwsEc2NetworkInterface': {
'Attachment': {
'AttachTime': 'string',
'AttachmentId': 'string',
'DeleteOnTermination': True|False,
'DeviceIndex': 123,
'InstanceId': 'string',
'InstanceOwnerId': 'string',
'Status': 'string'
},
'NetworkInterfaceId': 'string',
'SecurityGroups': [
{
'GroupName': 'string',
'GroupId': 'string'
},
],
'SourceDestCheck': True|False
},
'AwsEc2SecurityGroup': {
'GroupName': 'string',
'GroupId': 'string',
'OwnerId': 'string',
'VpcId': 'string',
'IpPermissions': [
{
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'UserIdGroupPairs': [
{
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
],
'IpRanges': [
{
'CidrIp': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string'
},
],
'PrefixListIds': [
{
'PrefixListId': 'string'
},
]
},
],
'IpPermissionsEgress': [
{
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'UserIdGroupPairs': [
{
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
],
'IpRanges': [
{
'CidrIp': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string'
},
],
'PrefixListIds': [
{
'PrefixListId': 'string'
},
]
},
]
},
'AwsEc2Volume': {
'CreateTime': 'string',
'Encrypted': True|False,
'Size': 123,
'SnapshotId': 'string',
'Status': 'string',
'KmsKeyId': 'string',
'Attachments': [
{
'AttachTime': 'string',
'DeleteOnTermination': True|False,
'InstanceId': 'string',
'Status': 'string'
},
]
},
'AwsEc2Vpc': {
'CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'CidrBlock': 'string',
'CidrBlockState': 'string'
},
],
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'CidrBlockState': 'string'
},
],
'DhcpOptionsId': 'string',
'State': 'string'
},
'AwsEc2Eip': {
'InstanceId': 'string',
'PublicIp': 'string',
'AllocationId': 'string',
'AssociationId': 'string',
'Domain': 'string',
'PublicIpv4Pool': 'string',
'NetworkBorderGroup': 'string',
'NetworkInterfaceId': 'string',
'NetworkInterfaceOwnerId': 'string',
'PrivateIpAddress': 'string'
},
'AwsElbv2LoadBalancer': {
'AvailabilityZones': [
{
'ZoneName': 'string',
'SubnetId': 'string'
},
],
'CanonicalHostedZoneId': 'string',
'CreatedTime': 'string',
'DNSName': 'string',
'IpAddressType': 'string',
'Scheme': 'string',
'SecurityGroups': [
'string',
],
'State': {
'Code': 'string',
'Reason': 'string'
},
'Type': 'string',
'VpcId': 'string'
},
'AwsElasticsearchDomain': {
'AccessPolicies': 'string',
'DomainEndpointOptions': {
'EnforceHTTPS': True|False,
'TLSSecurityPolicy': 'string'
},
'DomainId': 'string',
'DomainName': 'string',
'Endpoint': 'string',
'Endpoints': {
'string': 'string'
},
'ElasticsearchVersion': 'string',
'EncryptionAtRestOptions': {
'Enabled': True|False,
'KmsKeyId': 'string'
},
'NodeToNodeEncryptionOptions': {
'Enabled': True|False
},
'VPCOptions': {
'AvailabilityZones': [
'string',
],
'SecurityGroupIds': [
'string',
],
'SubnetIds': [
'string',
],
'VPCId': 'string'
}
},
'AwsS3Bucket': {
'OwnerId': 'string',
'OwnerName': 'string',
'CreatedAt': 'string',
'ServerSideEncryptionConfiguration': {
'Rules': [
{
'ApplyServerSideEncryptionByDefault': {
'SSEAlgorithm': 'string',
'KMSMasterKeyID': 'string'
}
},
]
}
},
'AwsS3Object': {
'LastModified': 'string',
'ETag': 'string',
'VersionId': 'string',
'ContentType': 'string',
'ServerSideEncryption': 'string',
'SSEKMSKeyId': 'string'
},
'AwsSecretsManagerSecret': {
'RotationRules': {
'AutomaticallyAfterDays': 123
},
'RotationOccurredWithinFrequency': True|False,
'KmsKeyId': 'string',
'RotationEnabled': True|False,
'RotationLambdaArn': 'string',
'Deleted': True|False,
'Name': 'string',
'Description': 'string'
},
'AwsIamAccessKey': {
'UserName': 'string',
'Status': 'Active'|'Inactive',
'CreatedAt': 'string',
'PrincipalId': 'string',
'PrincipalType': 'string',
'PrincipalName': 'string'
},
'AwsIamUser': {
'AttachedManagedPolicies': [
{
'PolicyName': 'string',
'PolicyArn': 'string'
},
],
'CreateDate': 'string',
'GroupList': [
'string',
],
'Path': 'string',
'PermissionsBoundary': {
'PermissionsBoundaryArn': 'string',
'PermissionsBoundaryType': 'string'
},
'UserId': 'string',
'UserName': 'string',
'UserPolicyList': [
{
'PolicyName': 'string'
},
]
},
'AwsIamPolicy': {
'AttachmentCount': 123,
'CreateDate': 'string',
'DefaultVersionId': 'string',
'Description': 'string',
'IsAttachable': True|False,
'Path': 'string',
'PermissionsBoundaryUsageCount': 123,
'PolicyId': 'string',
'PolicyName': 'string',
'PolicyVersionList': [
{
'VersionId': 'string',
'IsDefaultVersion': True|False,
'CreateDate': 'string'
},
],
'UpdateDate': 'string'
},
'AwsDynamoDbTable': {
'AttributeDefinitions': [
{
'AttributeName': 'string',
'AttributeType': 'string'
},
],
'BillingModeSummary': {
'BillingMode': 'string',
'LastUpdateToPayPerRequestDateTime': 'string'
},
'CreationDateTime': 'string',
'GlobalSecondaryIndexes': [
{
'Backfilling': True|False,
'IndexArn': 'string',
'IndexName': 'string',
'IndexSizeBytes': 123,
'IndexStatus': 'string',
'ItemCount': 123,
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'Projection': {
'NonKeyAttributes': [
'string',
],
'ProjectionType': 'string'
},
'ProvisionedThroughput': {
'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 123,
'ReadCapacityUnits': 123,
'WriteCapacityUnits': 123
}
},
],
'GlobalTableVersion': 'string',
'ItemCount': 123,
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'LatestStreamArn': 'string',
'LatestStreamLabel': 'string',
'LocalSecondaryIndexes': [
{
'IndexArn': 'string',
'IndexName': 'string',
'KeySchema': [
{
'AttributeName': 'string',
'KeyType': 'string'
},
],
'Projection': {
'NonKeyAttributes': [
'string',
],
'ProjectionType': 'string'
}
},
],
'ProvisionedThroughput': {
'LastDecreaseDateTime': 'string',
'LastIncreaseDateTime': 'string',
'NumberOfDecreasesToday': 123,
'ReadCapacityUnits': 123,
'WriteCapacityUnits': 123
},
'Replicas': [
{
'GlobalSecondaryIndexes': [
{
'IndexName': 'string',
'ProvisionedThroughputOverride': {
'ReadCapacityUnits': 123
}
},
],
'KmsMasterKeyId': 'string',
'ProvisionedThroughputOverride': {
'ReadCapacityUnits': 123
},
'RegionName': 'string',
'ReplicaStatus': 'string',
'ReplicaStatusDescription': 'string'
},
],
'RestoreSummary': {
'SourceBackupArn': 'string',
'SourceTableArn': 'string',
'RestoreDateTime': 'string',
'RestoreInProgress': True|False
},
'SseDescription': {
'InaccessibleEncryptionDateTime': 'string',
'Status': 'string',
'SseType': 'string',
'KmsMasterKeyArn': 'string'
},
'StreamSpecification': {
'StreamEnabled': True|False,
'StreamViewType': 'string'
},
'TableId': 'string',
'TableName': 'string',
'TableSizeBytes': 123,
'TableStatus': 'string'
},
'AwsIamRole': {
'AssumeRolePolicyDocument': 'string',
'CreateDate': 'string',
'RoleId': 'string',
'RoleName': 'string',
'MaxSessionDuration': 123,
'Path': 'string'
},
'AwsKmsKey': {
'AWSAccountId': 'string',
'CreationDate': 123.0,
'KeyId': 'string',
'KeyManager': 'string',
'KeyState': 'string',
'Origin': 'string',
'Description': 'string'
},
'AwsLambdaFunction': {
'Code': {
'S3Bucket': 'string',
'S3Key': 'string',
'S3ObjectVersion': 'string',
'ZipFile': 'string'
},
'CodeSha256': 'string',
'DeadLetterConfig': {
'TargetArn': 'string'
},
'Environment': {
'Variables': {
'string': 'string'
},
'Error': {
'ErrorCode': 'string',
'Message': 'string'
}
},
'FunctionName': 'string',
'Handler': 'string',
'KmsKeyArn': 'string',
'LastModified': 'string',
'Layers': [
{
'Arn': 'string',
'CodeSize': 123
},
],
'MasterArn': 'string',
'MemorySize': 123,
'RevisionId': 'string',
'Role': 'string',
'Runtime': 'string',
'Timeout': 123,
'TracingConfig': {
'Mode': 'string'
},
'VpcConfig': {
'SecurityGroupIds': [
'string',
],
'SubnetIds': [
'string',
],
'VpcId': 'string'
},
'Version': 'string'
},
'AwsLambdaLayerVersion': {
'Version': 123,
'CompatibleRuntimes': [
'string',
],
'CreatedDate': 'string'
},
'AwsRdsDbInstance': {
'AssociatedRoles': [
{
'RoleArn': 'string',
'FeatureName': 'string',
'Status': 'string'
},
],
'CACertificateIdentifier': 'string',
'DBClusterIdentifier': 'string',
'DBInstanceIdentifier': 'string',
'DBInstanceClass': 'string',
'DbInstancePort': 123,
'DbiResourceId': 'string',
'DBName': 'string',
'DeletionProtection': True|False,
'Endpoint': {
'Address': 'string',
'Port': 123,
'HostedZoneId': 'string'
},
'Engine': 'string',
'EngineVersion': 'string',
'IAMDatabaseAuthenticationEnabled': True|False,
'InstanceCreateTime': 'string',
'KmsKeyId': 'string',
'PubliclyAccessible': True|False,
'StorageEncrypted': True|False,
'TdeCredentialArn': 'string',
'VpcSecurityGroups': [
{
'VpcSecurityGroupId': 'string',
'Status': 'string'
},
],
'MultiAz': True|False,
'EnhancedMonitoringResourceArn': 'string',
'DbInstanceStatus': 'string',
'MasterUsername': 'string',
'AllocatedStorage': 123,
'PreferredBackupWindow': 'string',
'BackupRetentionPeriod': 123,
'DbSecurityGroups': [
'string',
],
'DbParameterGroups': [
{
'DbParameterGroupName': 'string',
'ParameterApplyStatus': 'string'
},
],
'AvailabilityZone': 'string',
'DbSubnetGroup': {
'DbSubnetGroupName': 'string',
'DbSubnetGroupDescription': 'string',
'VpcId': 'string',
'SubnetGroupStatus': 'string',
'Subnets': [
{
'SubnetIdentifier': 'string',
'SubnetAvailabilityZone': {
'Name': 'string'
},
'SubnetStatus': 'string'
},
],
'DbSubnetGroupArn': 'string'
},
'PreferredMaintenanceWindow': 'string',
'PendingModifiedValues': {
'DbInstanceClass': 'string',
'AllocatedStorage': 123,
'MasterUserPassword': 'string',
'Port': 123,
'BackupRetentionPeriod': 123,
'MultiAZ': True|False,
'EngineVersion': 'string',
'LicenseModel': 'string',
'Iops': 123,
'DbInstanceIdentifier': 'string',
'StorageType': 'string',
'CaCertificateIdentifier': 'string',
'DbSubnetGroupName': 'string',
'PendingCloudWatchLogsExports': {
'LogTypesToEnable': [
'string',
],
'LogTypesToDisable': [
'string',
]
},
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
]
},
'LatestRestorableTime': 'string',
'AutoMinorVersionUpgrade': True|False,
'ReadReplicaSourceDBInstanceIdentifier': 'string',
'ReadReplicaDBInstanceIdentifiers': [
'string',
],
'ReadReplicaDBClusterIdentifiers': [
'string',
],
'LicenseModel': 'string',
'Iops': 123,
'OptionGroupMemberships': [
{
'OptionGroupName': 'string',
'Status': 'string'
},
],
'CharacterSetName': 'string',
'SecondaryAvailabilityZone': 'string',
'StatusInfos': [
{
'StatusType': 'string',
'Normal': True|False,
'Status': 'string',
'Message': 'string'
},
],
'StorageType': 'string',
'DomainMemberships': [
{
'Domain': 'string',
'Status': 'string',
'Fqdn': 'string',
'IamRoleName': 'string'
},
],
'CopyTagsToSnapshot': True|False,
'MonitoringInterval': 123,
'MonitoringRoleArn': 'string',
'PromotionTier': 123,
'Timezone': 'string',
'PerformanceInsightsEnabled': True|False,
'PerformanceInsightsKmsKeyId': 'string',
'PerformanceInsightsRetentionPeriod': 123,
'EnabledCloudWatchLogsExports': [
'string',
],
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
],
'ListenerEndpoint': {
'Address': 'string',
'Port': 123,
'HostedZoneId': 'string'
},
'MaxAllocatedStorage': 123
},
'AwsSnsTopic': {
'KmsMasterKeyId': 'string',
'Subscription': [
{
'Endpoint': 'string',
'Protocol': 'string'
},
],
'TopicName': 'string',
'Owner': 'string'
},
'AwsSqsQueue': {
'KmsDataKeyReusePeriodSeconds': 123,
'KmsMasterKeyId': 'string',
'QueueName': 'string',
'DeadLetterTargetArn': 'string'
},
'AwsWafWebAcl': {
'Name': 'string',
'DefaultAction': 'string',
'Rules': [
{
'Action': {
'Type': 'string'
},
'ExcludedRules': [
{
'RuleId': 'string'
},
],
'OverrideAction': {
'Type': 'string'
},
'Priority': 123,
'RuleId': 'string',
'Type': 'string'
},
],
'WebAclId': 'string'
},
'AwsRdsDbSnapshot': {
'DbSnapshotIdentifier': 'string',
'DbInstanceIdentifier': 'string',
'SnapshotCreateTime': 'string',
'Engine': 'string',
'AllocatedStorage': 123,
'Status': 'string',
'Port': 123,
'AvailabilityZone': 'string',
'VpcId': 'string',
'InstanceCreateTime': 'string',
'MasterUsername': 'string',
'EngineVersion': 'string',
'LicenseModel': 'string',
'SnapshotType': 'string',
'Iops': 123,
'OptionGroupName': 'string',
'PercentProgress': 123,
'SourceRegion': 'string',
'SourceDbSnapshotIdentifier': 'string',
'StorageType': 'string',
'TdeCredentialArn': 'string',
'Encrypted': True|False,
'KmsKeyId': 'string',
'Timezone': 'string',
'IamDatabaseAuthenticationEnabled': True|False,
'ProcessorFeatures': [
{
'Name': 'string',
'Value': 'string'
},
],
'DbiResourceId': 'string'
},
'AwsRdsDbClusterSnapshot': {
'AvailabilityZones': [
'string',
],
'SnapshotCreateTime': 'string',
'Engine': 'string',
'AllocatedStorage': 123,
'Status': 'string',
'Port': 123,
'VpcId': 'string',
'ClusterCreateTime': 'string',
'MasterUsername': 'string',
'EngineVersion': 'string',
'LicenseModel': 'string',
'SnapshotType': 'string',
'PercentProgress': 123,
'StorageEncrypted': True|False,
'KmsKeyId': 'string',
'DbClusterIdentifier': 'string',
'DbClusterSnapshotIdentifier': 'string',
'IamDatabaseAuthenticationEnabled': True|False
},
'AwsRdsDbCluster': {
'AllocatedStorage': 123,
'AvailabilityZones': [
'string',
],
'BackupRetentionPeriod': 123,
'DatabaseName': 'string',
'Status': 'string',
'Endpoint': 'string',
'ReaderEndpoint': 'string',
'CustomEndpoints': [
'string',
],
'MultiAz': True|False,
'Engine': 'string',
'EngineVersion': 'string',
'Port': 123,
'MasterUsername': 'string',
'PreferredBackupWindow': 'string',
'PreferredMaintenanceWindow': 'string',
'ReadReplicaIdentifiers': [
'string',
],
'VpcSecurityGroups': [
{
'VpcSecurityGroupId': 'string',
'Status': 'string'
},
],
'HostedZoneId': 'string',
'StorageEncrypted': True|False,
'KmsKeyId': 'string',
'DbClusterResourceId': 'string',
'AssociatedRoles': [
{
'RoleArn': 'string',
'Status': 'string'
},
],
'ClusterCreateTime': 'string',
'EnabledCloudWatchLogsExports': [
'string',
],
'EngineMode': 'string',
'DeletionProtection': True|False,
'HttpEndpointEnabled': True|False,
'ActivityStreamStatus': 'string',
'CopyTagsToSnapshot': True|False,
'CrossAccountClone': True|False,
'DomainMemberships': [
{
'Domain': 'string',
'Status': 'string',
'Fqdn': 'string',
'IamRoleName': 'string'
},
],
'DbClusterParameterGroup': 'string',
'DbSubnetGroup': 'string',
'DbClusterOptionGroupMemberships': [
{
'DbClusterOptionGroupName': 'string',
'Status': 'string'
},
],
'DbClusterIdentifier': 'string',
'DbClusterMembers': [
{
'IsClusterWriter': True|False,
'PromotionTier': 123,
'DbInstanceIdentifier': 'string',
'DbClusterParameterGroupStatus': 'string'
},
],
'IamDatabaseAuthenticationEnabled': True|False
},
'Container': {
'Name': 'string',
'ImageId': 'string',
'ImageName': 'string',
'LaunchedAt': 'string'
},
'Other': {
'string': 'string'
}
}
},
],
'Compliance': {
'Status': 'PASSED'|'WARNING'|'FAILED'|'NOT_AVAILABLE',
'RelatedRequirements': [
'string',
],
'StatusReasons': [
{
'ReasonCode': 'string',
'Description': 'string'
},
]
},
'VerificationState': 'UNKNOWN'|'TRUE_POSITIVE'|'FALSE_POSITIVE'|'BENIGN_POSITIVE',
'WorkflowState': 'NEW'|'ASSIGNED'|'IN_PROGRESS'|'DEFERRED'|'RESOLVED',
'Workflow': {
'Status': 'NEW'|'NOTIFIED'|'RESOLVED'|'SUPPRESSED'
},
'RecordState': 'ACTIVE'|'ARCHIVED',
'RelatedFindings': [
{
'ProductArn': 'string',
'Id': 'string'
},
],
'Note': {
'Text': 'string',
'UpdatedBy': 'string',
'UpdatedAt': 'string'
},
'Vulnerabilities': [
{
'Id': 'string',
'VulnerablePackages': [
{
'Name': 'string',
'Version': 'string',
'Epoch': 'string',
'Release': 'string',
'Architecture': 'string'
},
],
'Cvss': [
{
'Version': 'string',
'BaseScore': 123.0,
'BaseVector': 'string'
},
],
'RelatedVulnerabilities': [
'string',
],
'Vendor': {
'Name': 'string',
'Url': 'string',
'VendorSeverity': 'string',
'VendorCreatedAt': 'string',
'VendorUpdatedAt': 'string'
},
'ReferenceUrls': [
'string',
]
},
]
},
],
'NextToken': 'string'
}
**Response Structure**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetFindings>`_
{'Insights': {'Filters': {'AwsAccountId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'CompanyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ComplianceStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Description': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'GeneratorId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Id': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwarePath': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDestinationDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDirection': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkProtocol': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceMac': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteUpdatedBy': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessPath': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProductFields': {'Comparison': {'NOT_EQUALS'}},
'ProductName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecommendationText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecordState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceIamInstanceProfileArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceKeyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceSubnetId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceVpcId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyUserName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceDetailsOther': {'Comparison': {'NOT_EQUALS'}},
'ResourceId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourcePartition': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceRegion': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceTags': {'Comparison': {'NOT_EQUALS'}},
'ResourceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SeverityLabel': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorCategory': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSource': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorValue': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Title': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Type': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'UserDefinedFields': {'Comparison': {'NOT_EQUALS'}},
'VerificationState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}}}}}
Lists and describes insights for the specified insight ARNs.
See also: AWS API Documentation
Request Syntax
client.get_insights(
InsightArns=[
'string',
],
NextToken='string',
MaxResults=123
)
list
The ARNs of the insights to describe. If you do not provide any insight ARNs, then GetInsights returns all of your custom insights. It does not return any managed insights.
(string) --
string
The token that is required for pagination. On your first call to the GetInsights operation, set the value of this parameter to NULL.
For subsequent calls to the operation, to continue listing data, set the value of this parameter to the value returned from the previous response.
integer
The maximum number of items to return in the response.
dict
Response Syntax
{
'Insights': [
{
'InsightArn': 'string',
'Name': 'string',
'Filters': {
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
]
},
'GroupByAttribute': 'string'
},
],
'NextToken': 'string'
}
**Response Structure**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/GetInsights>`_
{'Filters': {'AwsAccountId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'CompanyName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ComplianceStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Description': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'GeneratorId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Id': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwarePath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareType': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NetworkDestinationDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDirection': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkProtocol': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceMac': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteText': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NoteUpdatedBy': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProcessPath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductArn': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductFields': {'Comparison': {'NOT_EQUALS'}},
'ProductName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RecommendationText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecordState': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RelatedFindingsId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceIamInstanceProfileArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceKeyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceSubnetId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceVpcId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyUserName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceDetailsOther': {'Comparison': {'NOT_EQUALS'}},
'ResourceId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ResourcePartition': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceRegion': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceTags': {'Comparison': {'NOT_EQUALS'}},
'ResourceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SeverityLabel': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SourceUrl': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorCategory': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSource': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorValue': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Title': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Type': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'UserDefinedFields': {'Comparison': {'NOT_EQUALS'}},
'VerificationState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}}}}
UpdateFindings is deprecated. Instead of UpdateFindings, use BatchUpdateFindings.
Updates the Note and RecordState of the Security Hub-aggregated findings that the filter attributes specify. Any member account that can view the finding also sees the update to the finding.
See also: AWS API Documentation
Request Syntax
client.update_findings(
Filters={
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
]
},
Note={
'Text': 'string',
'UpdatedBy': 'string'
},
RecordState='ACTIVE'|'ARCHIVED'
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateFindings>`_
dict
Response Syntax
{}
Response Structure
(dict) --
{'Filters': {'AwsAccountId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'CompanyName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ComplianceStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Description': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'GeneratorId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Id': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwarePath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'MalwareState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'MalwareType': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NetworkDestinationDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkDirection': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkProtocol': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceDomain': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NetworkSourceMac': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'NoteText': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'NoteUpdatedBy': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ProcessName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProcessPath': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductArn': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ProductFields': {'Comparison': {'NOT_EQUALS'}},
'ProductName': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RecommendationText': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RecordState': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'RelatedFindingsId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'RelatedFindingsProductArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceIamInstanceProfileArn': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceKeyName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceSubnetId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsEc2InstanceVpcId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsIamAccessKeyUserName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceAwsS3BucketOwnerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageId': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerImageName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceContainerName': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceDetailsOther': {'Comparison': {'NOT_EQUALS'}},
'ResourceId': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ResourcePartition': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceRegion': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ResourceTags': {'Comparison': {'NOT_EQUALS'}},
'ResourceType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SeverityLabel': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'SourceUrl': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorCategory': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSource': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorSourceUrl': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorType': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'ThreatIntelIndicatorValue': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'Title': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'Type': {'Comparison': {'NOT_EQUALS', 'PREFIX_NOT_EQUALS'}},
'UserDefinedFields': {'Comparison': {'NOT_EQUALS'}},
'VerificationState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowState': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}},
'WorkflowStatus': {'Comparison': {'NOT_EQUALS',
'PREFIX_NOT_EQUALS'}}}}
Updates the Security Hub insight identified by the specified insight ARN.
See also: AWS API Documentation
Request Syntax
client.update_insight(
InsightArn='string',
Name='string',
Filters={
'ProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'AwsAccountId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Id': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'GeneratorId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Type': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'FirstObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'LastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'CreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'UpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'SeverityProduct': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityNormalized': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'SeverityLabel': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Confidence': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Criticality': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'Title': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Description': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecommendationText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'SourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProductFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ProductName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'CompanyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'UserDefinedFields': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'MalwareName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwarePath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'MalwareState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDirection': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkProtocol': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceIpV4': [
{
'Cidr': 'string'
},
],
'NetworkSourceIpV6': [
{
'Cidr': 'string'
},
],
'NetworkSourcePort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkSourceDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkSourceMac': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NetworkDestinationIpV4': [
{
'Cidr': 'string'
},
],
'NetworkDestinationIpV6': [
{
'Cidr': 'string'
},
],
'NetworkDestinationPort': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'NetworkDestinationDomain': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPath': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ProcessPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessParentPid': [
{
'Gte': 123.0,
'Lte': 123.0,
'Eq': 123.0
},
],
'ProcessLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ProcessTerminatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorValue': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorCategory': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorLastObservedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ThreatIntelIndicatorSource': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ThreatIntelIndicatorSourceUrl': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourcePartition': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceRegion': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceTags': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceType': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIpV4Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceIpV6Addresses': [
{
'Cidr': 'string'
},
],
'ResourceAwsEc2InstanceKeyName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceIamInstanceProfileArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceVpcId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceSubnetId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsEc2InstanceLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceAwsS3BucketOwnerId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsS3BucketOwnerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyUserName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceAwsIamAccessKeyCreatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceContainerName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerImageName': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'ResourceContainerLaunchedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'ResourceDetailsOther': [
{
'Key': 'string',
'Value': 'string',
'Comparison': 'EQUALS'|'NOT_EQUALS'
},
],
'ComplianceStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'VerificationState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'WorkflowStatus': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RecordState': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsProductArn': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'RelatedFindingsId': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteText': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'NoteUpdatedAt': [
{
'Start': 'string',
'End': 'string',
'DateRange': {
'Value': 123,
'Unit': 'DAYS'
}
},
],
'NoteUpdatedBy': [
{
'Value': 'string',
'Comparison': 'EQUALS'|'PREFIX'|'NOT_EQUALS'|'PREFIX_NOT_EQUALS'
},
],
'Keyword': [
{
'Value': 'string'
},
]
},
GroupByAttribute='string'
)
**Parameters**
::
# This section is too large to render.
# Please see the AWS API Documentation linked below.
`AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/securityhub-2018-10-26/UpdateInsight>`_
dict
Response Syntax
{}
Response Structure
(dict) --